Ansible Deployment Automation
Diskover provides a fully automated deployment experience using Ansible, an open-source IT automation tool. Instead of manually installing and configuring each component on every server, Ansible handles the entire process from a single command — installing packages, configuring services, setting up security, and wiring everything together.
Whether you're deploying Diskover on a single machine for evaluation or across a fleet of dedicated servers for production, the Ansible playbook adapts to your topology and gets you up and running with minimal manual intervention.
What's in This Section
This documentation suite covers everything you need to deploy and maintain Diskover using Ansible:
Guide | What It Covers |
|---|---|
Getting Started | Prerequisites, installing Ansible on your control machine, configuring your first deployment, and running the playbook end-to-end |
Inventory Guide | How to configure |
Variables Reference | Every configurable variable in |
Running Playbooks — Fresh Install | How to execute the playbook for a first-time deployment, target specific hosts with |
Running Playbooks — Upgrades | How to upgrade an existing deployment to a new version, roll back if needed, add or renew SSL certificates, and understand what gets backed up |
Offline / Air-Gapped Installation | Deploying Diskover in environments with no internet access using pre-built RPM tarballs |
Troubleshooting | How to read Ansible output, diagnose common errors, check logs, and submit effective support tickets |
How Ansible Fits Into the Diskover Platform
Diskover is made up of four component groups that work together. Each component group maps to an Ansible host group, which tells the playbook where to install what:
┌───────────────────────────────┐
│ ELASTICSEARCH │
│ │
│ Search backend & index │
│ storage (1 or more nodes) │
│ Port 9200 │
└──────▲────────────────▲───────┘
│ │
search queries index creation
(port 9200) (port 9200)
│ │
┌──────────────────────┐ │ ┌────────┴───────────────┐
│ WEB UI │ │ │ WORKER(S) │
│ │ │ │ │
│ Diskover Web UI ├───────┘ │ Diskoverd (scanner) │
│ Diskover Admin │ │ Celery (file actions) │
│ Nginx + PHP ├──────┐ │ Python3 │
│ Kibana * │ │ └───────┬────────────────┘
└──────────────────────┘ │ │
│ │
task requests task messaging
(port 5672) (port 5672)
│ │
┌─────▼────────────────▼────────┐
│ RABBITMQ │
│ │
│ Message broker (AMQP) │
│ Port 5672 │
└───────────────────────────────┘
Host Group | Components Installed | Purpose |
|---|---|---|
elasticsearch | Elasticsearch 8.x | Stores all indexed file metadata and serves search queries |
web | Diskover Web UI, Diskover Admin, Nginx, PHP 8.4, Kibana, Python3 | Provides the browser-based interface for searching, managing, and administering Diskover |
worker | Diskoverd, Celery, Python3 | Scans filesystems, creates search indices, and executes file actions, plugins, scanners |
rabbitmq | RabbitMQ | Routes task messages between the web interface and worker nodes |
All four groups can point to the same machine (single-host deployment) or to separate dedicated servers (multi-host deployment). The playbook automatically adapts based on your inventory configuration.
Deployment Topology Options
Topology | Description | Best For |
|---|---|---|
Single-host | All four component groups on one machine | Development, demos, evaluations, small deployments |
Multi-host | Components distributed across dedicated servers, with the option for multiple workers and Elasticsearch nodes | Production environments, large-scale data, high availability requirements |
Supported Platforms
Platform | Versions | Notes |
|---|---|---|
RHEL / Rocky Linux | 8, 9, 10 | Full support (online and offline installation) |
Ubuntu / Debian | 22, 24 | Full support (online installation) |
The Ansible control machine (where you run the playbook from) can be macOS, Linux, or Windows (via WSL).
What the Playbook Does
When you run the Diskover Ansible playbook, it executes the following steps in order:
Configures package repositories — Sets up JFrog Artifactory repos (online) or local repos from staged tarballs (offline)
Disables firewalld and SELinux — Ensures services can communicate without OS-level firewall or security policy interference
Installs Elasticsearch — Deploys and configures the search backend on the
elasticsearchhost groupInstalls the web stack — Deploys Nginx, PHP 8.4, Diskover Admin, Diskover Web UI, Python3 and Kibana on the
webhost groupInstalls the worker stack — Deploys Python3, Diskoverd (scanner daemon), and Celery (task queue) on the
workerhost groupInstalls RabbitMQ — Deploys the message broker on the
rabbitmqhost groupInstalls Diskover MCP server — Deploys the MCP connector on the
webhost group (whendeploy_mcp_serverenabled)Configures Diskover Admin API — Automatically wires Elasticsearch and RabbitMQ connection details into Diskover Admin (first initial install only)
Note: A backup role is included in the repository but is not enabled by default. During upgrades, individual roles handle backing up their own configuration files to
/root/diskover-backups-YYYYMMDD/on each target host.
Project Structure
The Ansible repository is organized as follows:
diskover-ansible/ ├── install_diskover.yml # Main playbook — this is what you run ├── inventory/ │ ├── hosts.yml # Your target host inventory (you edit this) │ └── group_vars/ │ └── all.yml # Global deployment variables (you edit this) ├── roles/ # Ansible roles — one per component │ ├── common/ │ │ ├── backup/ # Pre-deployment backup │ │ ├── firewalld/ # Firewall management │ │ ├── selinux/ # SELinux configuration │ │ └── python-pip/ # Python 3 installation │ ├── elasticsearch/ # Elasticsearch cluster setup │ ├── kibana/ # Kibana dashboard │ ├── rabbitmq/ # RabbitMQ message broker │ ├── nginx/ # Nginx web server │ ├── php/ # PHP 8.4 runtime │ ├── diskoverd/ # Diskoverd scanner daemon │ ├── celery/ # Celery task queue │ ├── diskover-web/ # Diskover Web UI │ ├── diskover-admin/ # Diskover Admin interface │ ├── diskover-api/ # Admin API auto-configuration │ ├── diskover-mcp/ # Diskover MCP server │ ├── ssl-certificates/ # SSL certificate deployment │ ├── jfrog/ # JFrog Artifactory repo config │ └── offline_install/ # Air-gapped deployment support ├── docs/ │ ├── all.yml.md # Variable reference │ ├── hosts.yml.md # Inventory reference │ ├── troubleshooting.md # Common errors and fixes │ └── example_docs/ # Ready-made example configurations ├── ansible.cfg # Ansible settings (logging, timeouts) └── README-offline-install.md # Offline installation guide
As a deployer, you only need to edit two files before running the playbook:
inventory/hosts.yml— Defines which machines to target and how to connect to theminventory/group_vars/all.yml— Sets your Diskover version, credentials, and configuration options
Everything else is handled by the Ansible roles automatically.
Next Steps
Ready to get started? Head to the Getting Started guide to install Ansible on your control machine and run your first deployment.
Comments
0 comments
Please sign in to leave a comment.