Astra Mirroring Setup Using Ansible Playbooks

This document provides step-by-step instructions for setting up and managing Astra Mirroring using the provided Ansible playbooks.

You can find all the required files in the GitHub repository: Astra Mirroring Playbooks.

Prerequisites

Docker and Docker Compose
- Ensure Docker is installed on the target machine.
- Ensure Docker Compose is installed.
- Refer official Docker docs
Ansible
- Install Ansible on your control machine
- Refer official Ansible docs

Access Configuration
- Ensure you can SSH into the target machine as the desired remote user.
- Add the target machine to your Ansible inventory (e.g., /etc/ansible/hosts).

Editables and File description

.env (environment variables)
This file contains configuration for the OTEL exporter and retry settings.
Edit the following variables as per your requirements:
- ROUTINES: Number of routines to run.
- LOG_LEVEL: Logging level (e.g., DEBUG, INFO, WARN, ERROR).
- OTEL_*: Adjust OTEL exporter and retry settings as required.

mirror-settings.json
This JSON file defines the mirroring settings.
Edit the following variables:
- network-interface: Specify the network interfaces to monitor.
- sensor-id: Provide a unique identifier for the sensor.
- otel-collector-endpoint: Specify the endpoint of the OTEL collector.
- accept-hosts and deny-content-type: Configure accepted hosts and denied content types.

setup.yaml and upgrade.yaml
These both are playbooks for provisioning the Astra Packet process and also to upgrade it to a latest version
Populate the below keys in both playbooks.
- remote_user: Ansible user that has been granted permission (eg: docker commands, root path)
- hosts: You need to set this field based on the inventory you are using to run the playbook, ensuring that the tasks are executed on the correct target machines.
- mirror_settings_path: Path to your local mirror-settings.json
- env_file_path: Path to your local .env

Steps to Set Up Astra Mirroring using Ansible

Access playbooks and config files
- Visit https://github.com/getastra/obs-deployments/ansible-playbooks/mirroring-playbooks to access the playbook files and astra packet processor's config files

Edit Configuration Files
- Modify .env and mirror-settings.json with appropriate values.
- Ensure paths to these files are specified in the setup.yaml and upgrade.yaml playbooks.

Add Target Hosts to Ansible Inventory
Add the target hosts in your Ansible inventory file, e.g., hosts:
Visit the Ansible docs for instructions and strategies to build your inventory file

[instances]
<target-host-ip-1> ansible_user=<remote_user>
<target-host-ip-2> ansible_user=<remote_user>
<target-host-ip-3> ansible_user=<remote_user>

Run the Setup Playbook
Run the playbook to set up Astra Mirroring:

ansible-playbook -i /path/to/hosts setup.yaml

Upgrade Astra Mirroring
Run the playbook to upgrade the Astra Mirroring container:

ansible-playbook -i /path/to/hosts upgrade.yaml

Remove dangling images of getastra/mirroring

Be cautious while using this playbook as it removes docker images of getastra/mirroring using the docker cli and not the Ansible's docker module

ansible-playbook -i /path/to/hosts remove.yaml

Setup manually using docker compose

Access the docker-compose.yaml
- Click here to get the docker-compose.yaml
Run and Stop the docker-compose.yaml
- Run: docker-compose up -d
- Stop: docker-compose down

Notes

- Ensure the remote_user in the playbooks matches the user configured in the inventory file.
- The playbooks assume that the docker and docker-compose commands are available to the remote_user.
- The path of mirror-settings.json and .env files are to be set correct

Updated on: 20/01/2025