From 0b0c66dbe35199d135be7cb1c4ccbdd7a8c78a60 Mon Sep 17 00:00:00 2001
From: S M Y <smy.altamash@gmail.com>
Date: Tue, 9 Jul 2019 13:32:12 +0530
Subject: [PATCH] install azure-plugin in es6

---
 ansible/es.yml                                   |  1 +
 ansible/roles/es-azure-restore/defaults/main.yml |  9 +++++++++
 ansible/roles/es-azure-restore/tasks/main.yml    |  7 +++++++
 ansible/roles/es6/tasks/azure-plugin.yml         |  3 +++
 ansible/roles/es6/tasks/main.yml                 | 13 +++++--------
 ansible/roles/es6/templates/elasticsearch.yml.j2 |  5 +++++
 6 files changed, 30 insertions(+), 8 deletions(-)
 create mode 100644 ansible/roles/es6/tasks/azure-plugin.yml

diff --git a/ansible/es.yml b/ansible/es.yml
index ab6aaf2ce..4184bac96 100644
--- a/ansible/es.yml
+++ b/ansible/es.yml
@@ -12,6 +12,7 @@
     - es_backup
 
 - hosts: es-backup
+  gather_facts: no
   become: yes
   vars_files:
     - ['{{inventory_dir}}/secrets.yml', 'secrets/{{env}}.yml']
diff --git a/ansible/roles/es-azure-restore/defaults/main.yml b/ansible/roles/es-azure-restore/defaults/main.yml
index 49962dba3..2225e72a8 100644
--- a/ansible/roles/es-azure-restore/defaults/main.yml
+++ b/ansible/roles/es-azure-restore/defaults/main.yml
@@ -1,2 +1,11 @@
 # Override these values
+snapshot_create_request_body: {
+    type: azure,
+    settings: {
+      container: "elasticsearch-snapshots",
+      base_path: "{{ snapshot_base_path }}"
+    }
+}
+
 es_restore_host: localhost
+snapshot_base_path: application
diff --git a/ansible/roles/es-azure-restore/tasks/main.yml b/ansible/roles/es-azure-restore/tasks/main.yml
index 1b1f6200c..ba858ec67 100644
--- a/ansible/roles/es-azure-restore/tasks/main.yml
+++ b/ansible/roles/es-azure-restore/tasks/main.yml
@@ -1,4 +1,11 @@
 ---
+- name: Set azure snapshot for the first time
+  uri:
+    url: "http://{{ es_snapshot_host }}:9200/_snapshot/azurebackup"
+    method: PUT
+    body: "{{ snapshot_create_request_body | to_json }}"
+    headers:
+      Content-Type: "application/json"
 
 - name: Restore ES from Azure backup
   uri:
diff --git a/ansible/roles/es6/tasks/azure-plugin.yml b/ansible/roles/es6/tasks/azure-plugin.yml
new file mode 100644
index 000000000..aed14050c
--- /dev/null
+++ b/ansible/roles/es6/tasks/azure-plugin.yml
@@ -0,0 +1,3 @@
+- name: Install azure plugin
+  shell: ES_PATH_CONF=/etc/elasticsearch/"{{ es_instance_name }}" /usr/share/elasticsearch/bin/elasticsearch-plugin install repository-azure
+  notify: restart elasticsearch
diff --git a/ansible/roles/es6/tasks/main.yml b/ansible/roles/es6/tasks/main.yml
index bc6a1ba86..8cf058130 100644
--- a/ansible/roles/es6/tasks/main.yml
+++ b/ansible/roles/es6/tasks/main.yml
@@ -9,12 +9,6 @@
   tags:
       - always
 
-# - name: include java.yml
-#   include: java.yml
-#   when: es_java_install
-#   tags:
-#       - java
-
 - name: include elasticsearch.yml
   include: elasticsearch.yml
   tags:
@@ -75,10 +69,13 @@
   include: ./xpack/security/elasticsearch-security-native.yml
   when: manage_native_realm
 
-#Templates done after restart - handled by flushing the handlers. e.g. suppose user removes security on a running node and doesn't specify es_api_basic_auth_username and es_api_basic_auth_password.  The templates will subsequently not be removed if we don't wait for the node to restart.
 #We also do after the native realm to ensure any changes are applied here first and its denf up.
 - name: include elasticsearch-template.yml
   include: elasticsearch-template.yml
   when: es_templates
   tags:
-      - templates
\ No newline at end of file
+      - templates
+
+# Install Elasticsearch plugin for backups
+- name: include elasticsearch plugin install
+  include: azure-plugin.yml
diff --git a/ansible/roles/es6/templates/elasticsearch.yml.j2 b/ansible/roles/es6/templates/elasticsearch.yml.j2
index dcf6f7aef..3cdbe5ab7 100644
--- a/ansible/roles/es6/templates/elasticsearch.yml.j2
+++ b/ansible/roles/es6/templates/elasticsearch.yml.j2
@@ -50,3 +50,8 @@ network.host: 0.0.0.0
 {% if es_remote_reindex is defined %}
 reindex.remote.whitelist: {{es_remote_host}}:9200
 {% endif %}
+
+{% if backup_azure_storage_account_name is defined and backup_azure_storage_access_key is defined %}
+cloud.azure.storage.default.account: {{ backup_azure_storage_account_name }}
+cloud.azure.storage.default.key: {{ backup_azure_storage_access_key }}
+{% endif %}
-- 
GitLab