elastic · Crazybus · Feb 23, 2018 · Feb 4, 2018 · Feb 21, 2018 · Feb 22, 2018
diff --git a/tasks/elasticsearch-Debian.yml b/tasks/elasticsearch-Debian.yml
@@ -1,8 +1,10 @@
 ---
 
-- set_fact: force_install=no
+- name: set fact force_install to no
+  set_fact: force_install=no
 
-- set_fact: force_install=yes
+- name: set fact force_install to yes
+  set_fact: force_install=yes
   when: es_allow_downgrades
 
 - name: Debian - Install apt-transport-https to support https APT downloads

diff --git a/tasks/elasticsearch-parameters.yml b/tasks/elasticsearch-parameters.yml
@@ -1,39 +1,52 @@
 # Check for mandatory parameters
 
-- fail: msg="es_instance_name must be specified and cannot be blank"
+- name: fail when es_instance is not defined
+  fail: msg="es_instance_name must be specified and cannot be blank"
   when: es_instance_name is not defined or es_instance_name == ''
 
-- fail: msg="es_proxy_port must be specified and cannot be blank when es_proxy_host is defined"
+- name: fail when es_proxy_port is not defined or is blank
+  fail: msg="es_proxy_port must be specified and cannot be blank when es_proxy_host is defined"
   when: (es_proxy_port is not defined or es_proxy_port == '') and (es_proxy_host is defined and es_proxy_host != '')
 
-- debug: msg="WARNING - It is recommended you specify the parameter 'http.port'"
+- name: debug message
+  debug: msg="WARNING - It is recommended you specify the parameter 'http.port'"
   when: es_config['http.port'] is not defined
 
-- debug: msg="WARNING - It is recommended you specify the parameter 'transport.tcp.port'"
+- name: debug message
+  debug: msg="WARNING - It is recommended you specify the parameter 'transport.tcp.port'"
   when: es_config['transport.tcp.port'] is not defined
 
-- debug: msg="WARNING - It is recommended you specify the parameter 'discovery.zen.ping.unicast.hosts'"
+- name: debug message
+  debug: msg="WARNING - It is recommended you specify the parameter 'discovery.zen.ping.unicast.hosts'"
   when: es_config['discovery.zen.ping.unicast.hosts'] is not defined
 
 #If the user attempts to lock memory they must specify a heap size
-- fail: msg="If locking memory with bootstrap.memory_lock a heap size must be specified"
+- name: fail when heap size is not specified when using memory lock
+  fail: msg="If locking memory with bootstrap.memory_lock a heap size must be specified"
   when: es_config['bootstrap.memory_lock'] is defined and es_config['bootstrap.memory_lock'] == True and es_heap_size is not defined
 
 #Check if working with security we have an es_api_basic_auth_username and es_api_basic_auth_username - otherwise any http calls wont work
-- fail: msg="Enabling security requires an es_api_basic_auth_username and es_api_basic_auth_password to be provided to allow cluster operations"
+- name: fail when api credentials are not declared when using security
+  fail: msg="Enabling security requires an es_api_basic_auth_username and es_api_basic_auth_password to be provided to allow cluster operations"
   when: es_enable_xpack and ("security" in es_xpack_features) and es_api_basic_auth_username is not defined and es_api_basic_auth_password is not defined
 
-- set_fact: file_reserved_users={{ es_users.file.keys() | intersect (reserved_xpack_users) }}
+- name: set fact file_reserved_users
+  set_fact: file_reserved_users={{ es_users.file.keys() | intersect (reserved_xpack_users) }}
   when: es_users is defined and es_users.file is defined and (es_users.file.keys() | length > 0) and (es_users.file.keys() | intersect (reserved_xpack_users) | length > 0)
 
-- fail:
+- name: fail when changing users through file realm
+  fail:
      msg: "ERROR: INVALID CONFIG - YOU CANNOT CHANGE RESERVED USERS THROUGH THE FILE REALM. THE FOLLOWING CANNOT BE CHANGED: {{file_reserved_users}}. USE THE NATIVE REALM."
   when: file_reserved_users | default([]) | length > 0
 
-- set_fact: instance_default_file={{default_file | dirname}}/{{es_instance_name}}_{{default_file | basename}}
-- set_fact: instance_init_script={{init_script | dirname }}/{{es_instance_name}}_{{init_script | basename}}
-- set_fact: conf_dir={{ es_conf_dir }}/{{es_instance_name}}
-- set_fact: m_lock_enabled={{ es_config['bootstrap.memory_lock'] is defined and es_config['bootstrap.memory_lock'] == True }}
+- name: set fact instance_default_file
+  set_fact: instance_default_file={{default_file | dirname}}/{{es_instance_name}}_{{default_file | basename}}
+- name: set fact instance_init_script
+  set_fact: instance_init_script={{init_script | dirname }}/{{es_instance_name}}_{{init_script | basename}}
+- name: set fact conf_dir
+  set_fact: conf_dir={{ es_conf_dir }}/{{es_instance_name}}
+- name: set fact m_lock_enabled
+  set_fact: m_lock_enabled={{ es_config['bootstrap.memory_lock'] is defined and es_config['bootstrap.memory_lock'] == True }}
 
 #TODO - if transport.host is not local maybe error on boostrap checks
 
@@ -44,13 +57,19 @@
 #Centos 7 and up
 #Relies on elasticsearch distribution installing a serviced script to determine whether one should be copied.
 
-- set_fact: use_system_d={{(ansible_distribution == 'Debian' and ansible_distribution_version | version_compare('8', '>=')) or (ansible_distribution in ['RedHat','CentOS'] and ansible_distribution_version | version_compare('7', '>=')) or (ansible_distribution == 'Ubuntu' and ansible_distribution_version | version_compare('15', '>=')) }}
+- name: set fact use_system_d
+  set_fact: use_system_d={{(ansible_distribution == 'Debian' and ansible_distribution_version | version_compare('8', '>=')) or (ansible_distribution in ['RedHat','CentOS'] and ansible_distribution_version | version_compare('7', '>=')) or (ansible_distribution == 'Ubuntu' and ansible_distribution_version | version_compare('15', '>=')) }}
 
-- set_fact: instance_sysd_script={{sysd_script | dirname }}/{{es_instance_name}}_{{sysd_script | basename}}
+- name: set fact instance_sysd_script
+  set_fact: instance_sysd_script={{sysd_script | dirname }}/{{es_instance_name}}_{{sysd_script | basename}}
   when: use_system_d
 #For directories we also use the {{inventory_hostname}}-{{ es_instance_name }} - this helps if we have a shared SAN.
 
-- set_fact: instance_suffix={{inventory_hostname}}-{{ es_instance_name }}
-- set_fact: pid_dir={{ es_pid_dir }}/{{instance_suffix}}
-- set_fact: log_dir={{ es_log_dir }}/{{instance_suffix}}
-- set_fact: data_dirs={{ es_data_dirs | append_to_list('/'+instance_suffix) }}
+- name: set fact instance_suffix
+  set_fact: instance_suffix={{inventory_hostname}}-{{ es_instance_name }}
+- name: set fact pid_dir
+  set_fact: pid_dir={{ es_pid_dir }}/{{instance_suffix}}
+- name: set fact log_dir
+  set_fact: log_dir={{ es_log_dir }}/{{instance_suffix}}
+- name: set fact log_dir
+  set_fact: data_dirs={{ es_data_dirs | append_to_list('/'+instance_suffix) }}
diff --git a/tasks/elasticsearch-plugins.yml b/tasks/elasticsearch-plugins.yml
@@ -2,12 +2,15 @@
 
 # es_plugins_reinstall will be set to true if elasticsearch_install_from_repo.changed or elasticsearch_install_from_package.changed
 # i.e. we have changed ES version(or we have clean installation of ES), or if no plugins listed. Otherwise it is false and requires explicitly setting.
-- set_fact: es_plugins_reinstall=true
+- name: set fact es_plugins_reinstall to true
+  set_fact: es_plugins_reinstall=true
   when: (((debian_elasticsearch_install_from_repo is defined and debian_elasticsearch_install_from_repo.changed) or (redhat_elasticsearch_install_from_repo is defined and redhat_elasticsearch_install_from_repo.changed)) or (elasticsearch_install_from_package is defined and elasticsearch_install_from_package.changed)) or es_plugins is not defined or es_plugins is none
 
-- set_fact: list_command=""
+- name: set fact list_command
+  set_fact: list_command=""
 #If we are reinstalling all plugins, e.g. to a version change, we need to remove all plugins (inc. x-pack) to install any plugins. Otherwise we don't consider x-pack so the role stays idempotent.
-- set_fact: list_command="| grep -vE 'x-pack'"
+- name: set fact list_command check for x-pack
+  set_fact: list_command="| grep -vE 'x-pack'"
   when: not es_plugins_reinstall
 
 #List currently installed plugins. We have to list the directories as the list commmand fails if the ES version is different than the plugin version.
@@ -23,19 +26,23 @@
     ES_INCLUDE: "{{ instance_default_file }}"
 
 #if es_plugins_reinstall is set to true we remove ALL plugins
-- set_fact: plugins_to_remove="{{ installed_plugins.stdout_lines | default([]) }}"
+- name: set fact plugins_to_remove to install_plugins.stdout_lines
+  set_fact: plugins_to_remove="{{ installed_plugins.stdout_lines | default([]) }}"
   when: es_plugins_reinstall
 
 #if the plugins listed are different than those requested, we remove those installed but not listed in the config
-- set_fact: plugins_to_remove="{{ installed_plugins.stdout_lines | difference(es_plugins | json_query('[*].plugin')) | default([]) }}"
+- name: set fact plugins_to_remove to delete plugins installed but not listed in es_plugins
+  set_fact: plugins_to_remove="{{ installed_plugins.stdout_lines | difference(es_plugins | json_query('[*].plugin')) | default([]) }}"
   when: not es_plugins_reinstall
 
 #if es_plugins_reinstall is set to true we (re)install ALL plugins
-- set_fact: plugins_to_install="{{ es_plugins | json_query('[*].plugin') | default([]) }}"
+- name: set fact plugins_to_install to es_plugins
+  set_fact: plugins_to_install="{{ es_plugins | json_query('[*].plugin') | default([]) }}"
   when: es_plugins_reinstall
 
 #if the plugins listed are different than those requested, we install those not installed but listed in the config
-- set_fact: plugins_to_install="{{ es_plugins | json_query('[*].plugin') | difference(installed_plugins.stdout_lines) | default([]) }}"
+- name: set fact to plugins_to_install to those in es_config but not installed
+  set_fact: plugins_to_install="{{ es_plugins | json_query('[*].plugin') | difference(installed_plugins.stdout_lines) | default([]) }}"
   when: not es_plugins_reinstall
 
 # This removes any currently installed plugins (to prevent errors when reinstalling)

diff --git a/tasks/elasticsearch-scripts.yml b/tasks/elasticsearch-scripts.yml
@@ -1,10 +1,12 @@
 ---
 
-- set_fact: es_script_dir={{ es_conf_dir }}/{{es_instance_name}}
+- name: set fact es_script_dir
+  set_fact: es_script_dir={{ es_conf_dir }}/{{es_instance_name}}
   tags:
       - always
 
-- set_fact: es_script_dir={{es_config['path.scripts']}}
+- name: set fact es_script_dir when path.scripts
+  set_fact: es_script_dir={{es_config['path.scripts']}}
   when: es_config['path.scripts'] is defined
   tags:
       - always

diff --git a/tasks/elasticsearch-template.yml b/tasks/elasticsearch-template.yml
@@ -1,6 +1,11 @@
 ---
 
-- file: path=/etc/elasticsearch/templates state=directory owner={{ es_user }} group={{ es_group }}
+- name: ensure templates dir is created
+  file:
+    path: /etc/elasticsearch/templates
+    state: directory
+    owner: "{{ es_user }}"
+    group: "{{ es_group }}"
 
 - name: Copy templates to elasticsearch
   copy: src={{ item }} dest=/etc/elasticsearch/templates owner={{ es_user }} group={{ es_group }}

diff --git a/tasks/java.yml b/tasks/java.yml
@@ -1,8 +1,10 @@
 ---
 
-- set_fact: java_state="present"
+- name: set fact java_state to present
+  set_fact: java_state="present"
 
-- set_fact: java_state="latest"
+- name: set fact java_state to latest
+  set_fact: java_state="latest"
   when: update_java == true
 
 - name: RedHat - Ensure Java is installed
@@ -35,7 +37,8 @@
   apt: name={{ java }} state={{java_state}}
   when: ansible_os_family == 'Debian'
 
-- shell: java -version 2>&1 | grep OpenJDK
+- name: register open_jdk version
+  shell: java -version 2>&1 | grep OpenJDK
   register: open_jdk
   ignore_errors: yes
   changed_when: false

diff --git a/tasks/main.yml b/tasks/main.yml
@@ -9,35 +9,42 @@
   tags:
       - always
 
-- include: java.yml
+- name: include java.yml
+  include: java.yml
   when: es_java_install
   tags:
       - java
 
-- include: elasticsearch.yml
+- name: include elasticsearch.yml
+  include: elasticsearch.yml
   tags:
       - install
 
-- include: elasticsearch-config.yml
+- name: include elasticsearch-config.yml
+  include: elasticsearch-config.yml
   tags:
       - config
 
-- include: elasticsearch-scripts.yml
+- name: include elasticsearch-scripts.yml
+  include: elasticsearch-scripts.yml
   when: es_scripts
   tags:
       - scripts
 
-- include: elasticsearch-plugins.yml
+- name: include elasticsearch-plugins.yml
+  include: elasticsearch-plugins.yml
   when: es_plugins is defined or es_plugins_reinstall
   tags:
       - plugins
 
   #We always execute xpack as we may need to remove features
-- include: xpack/elasticsearch-xpack.yml
+- name: include xpack/elasticsearch-xpack.yml
+  include: xpack/elasticsearch-xpack.yml
   tags:
       - xpack
 
-- meta: flush_handlers
+- name: flush handlers
+  meta: flush_handlers
 
 - name: Make sure elasticsearch is started
   service: name={{instance_init_script | basename}} state=started enabled=yes
@@ -47,9 +54,11 @@
   wait_for: host={{es_api_host}} port={{es_api_port}} delay=5 connect_timeout=1
   when: es_restarted is defined and es_restarted.changed and es_start_service
 
-- set_fact: manage_native_realm=false
+- name: set fact manage_native_realm to false
+  set_fact: manage_native_realm=false
 
-- set_fact: manage_native_realm=true
+- name: set fact manage_native_realm to true
+  set_fact: manage_native_realm=true
   when: es_start_service and (es_enable_xpack and "security" in es_xpack_features) and ((es_users is defined and es_users.native is defined) or (es_roles is defined and es_roles.native is defined))
 
 # If playbook runs too fast, Native commands could fail as the Native Realm is not yet up
@@ -62,12 +71,14 @@
   when: es_start_service and es_enable_xpack and es_xpack_license is defined and es_xpack_license != ''
 
 #perform security actions here now elasticsearch is started
-- include: ./xpack/security/elasticsearch-security-native.yml
+- name: include xpack/security/elasticsearch-security-native.yml
+  include: ./xpack/security/elasticsearch-security-native.yml
   when: manage_native_realm
 
 #Templates done after restart - handled by flushing the handlers. e.g. suppose user removes security on a running node and doesn't specify es_api_basic_auth_username and es_api_basic_auth_password.  The templates will subsequently not be removed if we don't wait for the node to restart.
 #We also do after the native realm to ensure any changes are applied here first and its denf up.
-- include: elasticsearch-template.yml
+- name: include elasticsearch-template.yml
+  include: elasticsearch-template.yml
   when: es_templates
   tags:
-      - templates
+      - templates
diff --git a/tasks/xpack/elasticsearch-xpack-install.yml b/tasks/xpack/elasticsearch-xpack-install.yml
@@ -1,7 +1,8 @@
 ---
 
 #Test if feature is installed
-- shell: "{{es_home}}/bin/elasticsearch-plugin list | grep x-pack"
+- name: Test if x-pack is installed
+  shell: "{{es_home}}/bin/elasticsearch-plugin list | grep x-pack"
   become: yes
   register: x_pack_installed
   changed_when: False

diff --git a/tasks/xpack/elasticsearch-xpack.yml b/tasks/xpack/elasticsearch-xpack.yml
@@ -1,11 +1,14 @@
 ---
 
-- set_fact: es_version_changed={{ ((elasticsearch_install_from_package is defined and (debian_elasticsearch_install_from_repo.changed or redhat_elasticsearch_install_from_repo.changed)) or (elasticsearch_install_from_package is defined and elasticsearch_install_from_package.changed)) }}
+- name: set fact es_version_changed
+  set_fact: es_version_changed={{ ((elasticsearch_install_from_package is defined and (debian_elasticsearch_install_from_repo.changed or redhat_elasticsearch_install_from_repo.changed)) or (elasticsearch_install_from_package is defined and elasticsearch_install_from_package.changed)) }}
 
-- include: elasticsearch-xpack-install.yml
+- name: include elasticsearch-xpack-install.yml
+  include: elasticsearch-xpack-install.yml
 
 #Security configuration
-- include: security/elasticsearch-security.yml
+- name: include security/elasticsearch-security.yml
+  include: security/elasticsearch-security.yml
 
 #Add any feature specific configuration here
 - name: Set Plugin Directory Permissions

diff --git a/tasks/xpack/security/elasticsearch-security-file.yml b/tasks/xpack/security/elasticsearch-security-file.yml
@@ -1,5 +1,6 @@
 ---
-- set_fact: manage_file_users=es_users is defined and es_users.file is defined and es_users.file.keys() | length > 0
+- name: set fact manage_file_users
+  set_fact: manage_file_users=es_users is defined and es_users.file is defined and es_users.file.keys() | length > 0
 
 #List current users
 - name: List Users
@@ -9,7 +10,8 @@
   when: manage_file_users
   changed_when: False
 
-- set_fact: users_to_remove={{ current_file_users.stdout_lines | difference (es_users.file.keys()) }}
+- name: set fact users_to_remove
+  set_fact: users_to_remove={{ current_file_users.stdout_lines | difference (es_users.file.keys()) }}
   when: manage_file_users
 
 #Remove users
@@ -24,7 +26,8 @@
     ES_PATH_CONF: "{{ conf_dir }}"
     ES_HOME: "{{es_home}}"
 
-- set_fact: users_to_add={{ es_users.file.keys() | difference (current_file_users.stdout_lines) }}
+- name: set fact users_to_add
+  set_fact: users_to_add={{ es_users.file.keys() | difference (current_file_users.stdout_lines) }}
   when: manage_file_users
 
 #Add users
@@ -55,7 +58,8 @@
     ES_PATH_CONF: "{{ conf_dir }}"
     ES_HOME: "{{es_home}}"
 
-- set_fact: users_roles={{es_users.file | extract_role_users () }}
+- name: set fact users_roles
+  set_fact: users_roles={{es_users.file | extract_role_users () }}
   when: manage_file_users
 
 #Copy Roles files