From 27bd6628fb5514e0045b80d3606eb35025ccc637 Mon Sep 17 00:00:00 2001 From: s3lph Date: Wed, 3 Nov 2021 10:39:33 +0100 Subject: [PATCH] Refactor prometheus_node role, integrate prometheus_node_openbsd with prometheus_node --- playbooks/monitoring.yml | 17 ++------ roles/prometheus_node/handlers/main.yml | 6 +-- roles/prometheus_node/tasks/collectors.yml | 18 ++++++++- roles/prometheus_node/tasks/config.yml | 33 +++++++++++---- .../{debian11.yml => install/Debian.yml} | 0 .../{debian10.yml => install/Debian_10.yml} | 0 .../tasks/install/OpenBSD.yml} | 6 ++- .../tasks/{ucs.yml => install/Univention.yml} | 0 roles/prometheus_node/tasks/main.yml | 40 +++++++++---------- .../etc/cron.d/prometheus-node-exporter.j2 | 7 ++++ .../default/prometheus-node-exporter.j2} | 0 .../node-exporter/tls/config.yml.j2} | 0 .../system}/prometheus-collector.service.j2 | 0 .../system}/prometheus-collector.timer.j2 | 0 roles/prometheus_node/vars/Debian.yml | 10 +++++ roles/prometheus_node/vars/OpenBSD.yml | 10 +++++ roles/prometheus_node/vars/default.yml | 10 +++++ .../prometheus_node_openbsd/defaults/main.yml | 4 -- .../prometheus_node_openbsd/handlers/main.yml | 7 ---- .../prometheus_node_openbsd/tasks/config.yml | 30 -------------- roles/prometheus_node_openbsd/tasks/main.yml | 19 --------- .../tasks/syspatch.yml | 15 ------- .../prometheus-node-exporter-webconfig.yml.j2 | 8 ---- .../templates/syspatch.sh.j2 | 16 -------- 24 files changed, 110 insertions(+), 146 deletions(-) rename roles/prometheus_node/tasks/{debian11.yml => install/Debian.yml} (100%) rename roles/prometheus_node/tasks/{debian10.yml => install/Debian_10.yml} (100%) rename roles/{prometheus_node_openbsd/tasks/install.yml => prometheus_node/tasks/install/OpenBSD.yml} (72%) rename roles/prometheus_node/tasks/{ucs.yml => install/Univention.yml} (100%) create mode 100644 roles/prometheus_node/templates/etc/cron.d/prometheus-node-exporter.j2 rename roles/prometheus_node/templates/{prometheus-node-exporter.default.j2 => etc/default/prometheus-node-exporter.j2} (100%) rename roles/prometheus_node/templates/{prometheus-node-exporter-webconfig.yml.j2 => etc/prometheus/node-exporter/tls/config.yml.j2} (100%) rename roles/prometheus_node/templates/{ => etc/systemd/system}/prometheus-collector.service.j2 (100%) rename roles/prometheus_node/templates/{ => etc/systemd/system}/prometheus-collector.timer.j2 (100%) create mode 100644 roles/prometheus_node/vars/Debian.yml create mode 100644 roles/prometheus_node/vars/OpenBSD.yml create mode 100644 roles/prometheus_node/vars/default.yml delete mode 100644 roles/prometheus_node_openbsd/defaults/main.yml delete mode 100644 roles/prometheus_node_openbsd/handlers/main.yml delete mode 100644 roles/prometheus_node_openbsd/tasks/config.yml delete mode 100644 roles/prometheus_node_openbsd/tasks/main.yml delete mode 100644 roles/prometheus_node_openbsd/tasks/syspatch.yml delete mode 100644 roles/prometheus_node_openbsd/templates/prometheus-node-exporter-webconfig.yml.j2 delete mode 100644 roles/prometheus_node_openbsd/templates/syspatch.sh.j2 diff --git a/playbooks/monitoring.yml b/playbooks/monitoring.yml index ecbfb71..aa04824 100644 --- a/playbooks/monitoring.yml +++ b/playbooks/monitoring.yml @@ -8,20 +8,11 @@ strategy: free roles: - s3lph.pki.pki_entity - - s3lph.prometheus.prometheus_node -- hosts: openbsd_node - strategy: free - roles: - - s3lph.pki.pki_entity - - s3lph.prometheus.prometheus_node_openbsd - -- hosts: node_https_auth - strategy: free - roles: - - s3lph.prometheus.prometheus_node - -- hosts: node_http +- hosts: + - node + - node_https_auth + - node_http strategy: free roles: - s3lph.prometheus.prometheus_node diff --git a/roles/prometheus_node/handlers/main.yml b/roles/prometheus_node/handlers/main.yml index cab39ea..ae6df13 100644 --- a/roles/prometheus_node/handlers/main.yml +++ b/roles/prometheus_node/handlers/main.yml @@ -8,11 +8,11 @@ daemon_reload: yes - name: restart prometheus-zpool-collector - ansible.builtin.systemd: + ansible.builtin.service: name: prometheus-node-exporter-zpool.timer state: restarted - name: restart prometheus-node-exporter - ansible.builtin.systemd: - name: prometheus-node-exporter.service + ansible.builtin.service: + name: "{{ prometheus_node_service }}" state: restarted diff --git a/roles/prometheus_node/tasks/collectors.yml b/roles/prometheus_node/tasks/collectors.yml index d9d560d..96d6fec 100644 --- a/roles/prometheus_node/tasks/collectors.yml +++ b/roles/prometheus_node/tasks/collectors.yml @@ -23,7 +23,7 @@ - name: install collector service ansible.builtin.template: - src: "prometheus-collector.service.j2" + src: "etc/systemd/system/prometheus-collector.service.j2" dest: "/etc/systemd/system/prometheus-node-exporter-{{ item.key }}.service" owner: root group: root @@ -33,10 +33,11 @@ loop: "{{ prometheus_textfile_collectors | dict2items }}" notify: - systemctl daemon-reload + when: "ansible_service_mgr == 'systemd'" - name: install collector timer ansible.builtin.template: - src: "prometheus-collector.timer.j2" + src: "etc/systemd/system/prometheus-collector.timer.j2" dest: "/etc/systemd/system/prometheus-node-exporter-{{ item.key }}.timer" owner: root group: root @@ -44,6 +45,7 @@ loop: "{{ prometheus_textfile_collectors | dict2items }}" notify: - systemctl daemon-reload + when: "ansible_service_mgr == 'systemd'" - name: start and enable collector timer ansible.builtin.systemd: @@ -51,3 +53,15 @@ state: started enabled: yes loop: "{{ prometheus_textfile_collectors | dict2items }}" + when: "ansible_service_mgr == 'systemd'" + +- name: install collector cronjob + ansible.builtin.template: + src: "etc/cron.d/prometheus-node-exporter.j2" + dest: "{{ prometheus_node_crontab }}" + owner: root + group: root + mode: 0644 + vars: + collectors: "{{ prometheus_textfile_collector }}" + when: "ansible_service_mgr != 'systemd'" diff --git a/roles/prometheus_node/tasks/config.yml b/roles/prometheus_node/tasks/config.yml index 2a74572..4f04032 100644 --- a/roles/prometheus_node/tasks/config.yml +++ b/roles/prometheus_node/tasks/config.yml @@ -4,26 +4,45 @@ ansible.builtin.file: path: /etc/prometheus/node-exporter/tls state: directory - owner: prometheus - group: prometheus + owner: "{{ prometheus_node_user }}" + group: "{{ prometheus_node_group }}" mode: 0750 - name: render /etc/prometheus/node-exporter/tls/config.yml ansible.builtin.template: - src: prometheus-node-exporter-webconfig.yml.j2 + src: etc/prometheus/node-exporter/tls/config.yml.j2 dest: /etc/prometheus/node-exporter/tls/config.yml - owner: prometheus - group: prometheus + owner: "{{ prometheus_node_user }}" + group: "{{ prometheus_node_group }}" mode: 0640 notify: restart prometheus-node-exporter - name: render /etc/default/prometheus-node-exporter ansible.builtin.template: - src: prometheus-node-exporter.default.j2 + src: etc/default/prometheus-node-exporter.j2 dest: /etc/default/prometheus-node-exporter owner: root - group: prometheus + group: "{{ prometheus_node_group }}" mode: 0640 vars: args: "{{ prometheus_node_exporter_args }}" + when: "ansible_distribution == 'Debian'" notify: restart prometheus-node-exporter + +- name: start and enable node exporter + ansible.builtin.service: + name: "{{ prometheus_node_service }}" + state: started + enabled: yes + +- name: configure node exporter (openbsd) + ansible.builtin.lineinfile: + path: /etc/rc.conf.local + line: >- + node_exporter_flags=--collector.textfile.directory={{ prometheus_node_textfile_dir }} + {% for k, v in args.items() %}--{{ k }}="{{ v }}" {% endfor %} + --web.config=/etc/prometheus/node-exporter/tls/config.yml + regexp: ^node_exporter_flags=.*$ + when: "ansible_distribution == 'OpenBSD'" + notify: + - restart prometheus-node-exporter diff --git a/roles/prometheus_node/tasks/debian11.yml b/roles/prometheus_node/tasks/install/Debian.yml similarity index 100% rename from roles/prometheus_node/tasks/debian11.yml rename to roles/prometheus_node/tasks/install/Debian.yml diff --git a/roles/prometheus_node/tasks/debian10.yml b/roles/prometheus_node/tasks/install/Debian_10.yml similarity index 100% rename from roles/prometheus_node/tasks/debian10.yml rename to roles/prometheus_node/tasks/install/Debian_10.yml diff --git a/roles/prometheus_node_openbsd/tasks/install.yml b/roles/prometheus_node/tasks/install/OpenBSD.yml similarity index 72% rename from roles/prometheus_node_openbsd/tasks/install.yml rename to roles/prometheus_node/tasks/install/OpenBSD.yml index f99cde6..3df603f 100644 --- a/roles/prometheus_node_openbsd/tasks/install.yml +++ b/roles/prometheus_node/tasks/install/OpenBSD.yml @@ -2,12 +2,14 @@ - name: install prometheus node exporter community.general.openbsd_pkg: - name: node_exporter + name: + - node_exporter + - moreutils - name: create textfile collector directory ansible.builtin.file: path: "{{ node_exporter_textfile_dir }}" state: directory owner: root - group: _nodeexporter + group: "{{ prometheus_node_group }}" mode: 0750 diff --git a/roles/prometheus_node/tasks/ucs.yml b/roles/prometheus_node/tasks/install/Univention.yml similarity index 100% rename from roles/prometheus_node/tasks/ucs.yml rename to roles/prometheus_node/tasks/install/Univention.yml diff --git a/roles/prometheus_node/tasks/main.yml b/roles/prometheus_node/tasks/main.yml index 41e8e13..b9be950 100644 --- a/roles/prometheus_node/tasks/main.yml +++ b/roles/prometheus_node/tasks/main.yml @@ -1,30 +1,30 @@ --- -- name: install node exporter on debian buster - import_tasks: debian10.yml - when: - - "ansible_lsb.id == 'Debian' or ansible_lsb.id == 'Raspbian'" - - "ansible_lsb.major_release | int == 10" +- name: include os specific vars + include_vars: "{{ item }}.yml" + with_first_found: + - "{% if 'id' in ansible_lsb %}{{ ansible_lsb.id }}{% else %}{% ansible_distribution %}_{% if 'major_release' in ansible_lsb %}{{ ansible_lsb.major_release }}{% else %}{{ ansible_distribution_version}} {% endif %}" + - "{% if 'id' in ansible_lsb %}{{ ansible_lsb.id }}{% else %}{{ ansible_distribution }}{% endif %}" + - "{{ ansible_distribution }}_{{ ansible_distribution_version }}" + - "{{ ansible_distribution }}" + - "default" tags: - "role::prometheus_node" - - "role::prometheus_node:debian" + - "role::prometheus_node:install" + - "role::prometheus_node:collectors" + - "role::prometheus_node:config" -- name: install node exporter on debian bullseye and later - import_tasks: debian11.yml - when: - - "ansible_lsb.id == 'Debian' or ansible_lsb.id == 'Raspbian'" - - "ansible_lsb.major_release | int >= 11" +- name: install node exporter + import_tasks: "install/{{ item }}.yml" + with_first_found: + - "{% if 'id' in ansible_lsb %}{{ ansible_lsb.id }}{% else %}{% ansible_distribution %}_{% if 'major_release' in ansible_lsb %}{{ ansible_lsb.major_release }}{% else %}{{ ansible_distribution_version}} {% endif %}" + - "{% if 'id' in ansible_lsb %}{{ ansible_lsb.id }}{% else %}{{ ansible_distribution }}{% endif %}" + - "{{ ansible_distribution }}_{{ ansible_distribution_version }}" + - "{{ ansible_distribution }}" tags: - "role::prometheus_node" - - "role::prometheus_node:debian" - -- name: install node exporter on univention corporate server - import_tasks: ucs.yml - when: - - "ansible_lsb.id == 'Univention'" - tags: - - "role::prometheus_node" - - "role::prometheus_node:univention" + - "role::prometheus_node:install" + - name: install custom textfile collectors import_tasks: collectors.yml diff --git a/roles/prometheus_node/templates/etc/cron.d/prometheus-node-exporter.j2 b/roles/prometheus_node/templates/etc/cron.d/prometheus-node-exporter.j2 new file mode 100644 index 0000000..55e537f --- /dev/null +++ b/roles/prometheus_node/templates/etc/cron.d/prometheus-node-exporter.j2 @@ -0,0 +1,7 @@ +{{ ansible_managed | comment }} + +{% for name, job in collectors.items() %} +# {{ name }} +{{ job.cronexpr }} {{ prometheus_node_crontab_system_user | default('') }} /bin/sh -c "/usr/local/bin/{{ job.template_base_name | default('prometheus-node-exporter-' + name + '.sh') }}" | sponge /var/lib/prometheus/node-exporter/{{ name }}.prom + +{% endfor %} \ No newline at end of file diff --git a/roles/prometheus_node/templates/prometheus-node-exporter.default.j2 b/roles/prometheus_node/templates/etc/default/prometheus-node-exporter.j2 similarity index 100% rename from roles/prometheus_node/templates/prometheus-node-exporter.default.j2 rename to roles/prometheus_node/templates/etc/default/prometheus-node-exporter.j2 diff --git a/roles/prometheus_node/templates/prometheus-node-exporter-webconfig.yml.j2 b/roles/prometheus_node/templates/etc/prometheus/node-exporter/tls/config.yml.j2 similarity index 100% rename from roles/prometheus_node/templates/prometheus-node-exporter-webconfig.yml.j2 rename to roles/prometheus_node/templates/etc/prometheus/node-exporter/tls/config.yml.j2 diff --git a/roles/prometheus_node/templates/prometheus-collector.service.j2 b/roles/prometheus_node/templates/etc/systemd/system/prometheus-collector.service.j2 similarity index 100% rename from roles/prometheus_node/templates/prometheus-collector.service.j2 rename to roles/prometheus_node/templates/etc/systemd/system/prometheus-collector.service.j2 diff --git a/roles/prometheus_node/templates/prometheus-collector.timer.j2 b/roles/prometheus_node/templates/etc/systemd/system/prometheus-collector.timer.j2 similarity index 100% rename from roles/prometheus_node/templates/prometheus-collector.timer.j2 rename to roles/prometheus_node/templates/etc/systemd/system/prometheus-collector.timer.j2 diff --git a/roles/prometheus_node/vars/Debian.yml b/roles/prometheus_node/vars/Debian.yml new file mode 100644 index 0000000..d959a8a --- /dev/null +++ b/roles/prometheus_node/vars/Debian.yml @@ -0,0 +1,10 @@ +--- + +prometheus_node_user: prometheus +prometheus_node_group: prometheus +prometheus_node_service: prometheus-node-exporter + +prometheus_node_crontab: /etc/cron.d/prometheus-node-exporter +prometheus_node_crontab_system_user: root + +prometheus_node_textfile_dir: /var/lib/prometheus/node-exporter diff --git a/roles/prometheus_node/vars/OpenBSD.yml b/roles/prometheus_node/vars/OpenBSD.yml new file mode 100644 index 0000000..0a3aa7f --- /dev/null +++ b/roles/prometheus_node/vars/OpenBSD.yml @@ -0,0 +1,10 @@ +--- + +prometheus_node_user: _nodeexporter +prometheus_node_group: _nodeexporter +prometheus_node_service: nodeexporter + +prometheus_node_crontab: /etc/crontab +prometheus_node_crontab_system_user: root + +prometheus_node_textfile_dir: /var/node_exporter diff --git a/roles/prometheus_node/vars/default.yml b/roles/prometheus_node/vars/default.yml new file mode 100644 index 0000000..d959a8a --- /dev/null +++ b/roles/prometheus_node/vars/default.yml @@ -0,0 +1,10 @@ +--- + +prometheus_node_user: prometheus +prometheus_node_group: prometheus +prometheus_node_service: prometheus-node-exporter + +prometheus_node_crontab: /etc/cron.d/prometheus-node-exporter +prometheus_node_crontab_system_user: root + +prometheus_node_textfile_dir: /var/lib/prometheus/node-exporter diff --git a/roles/prometheus_node_openbsd/defaults/main.yml b/roles/prometheus_node_openbsd/defaults/main.yml deleted file mode 100644 index 40ef9df..0000000 --- a/roles/prometheus_node_openbsd/defaults/main.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- - -node_exporter_textfile_dir: /var/node_exporter -node_exporter_flags: "" diff --git a/roles/prometheus_node_openbsd/handlers/main.yml b/roles/prometheus_node_openbsd/handlers/main.yml deleted file mode 100644 index c3ff585..0000000 --- a/roles/prometheus_node_openbsd/handlers/main.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- - -- name: start node exporter - ansible.builtin.command: /usr/sbin/rcctl start node_exporter - -- name: restart node exporter - ansible.builtin.command: /usr/sbin/rcctl restart node_exporter diff --git a/roles/prometheus_node_openbsd/tasks/config.yml b/roles/prometheus_node_openbsd/tasks/config.yml deleted file mode 100644 index 4d95b15..0000000 --- a/roles/prometheus_node_openbsd/tasks/config.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- - -- name: create /etc/prometheus/node-exporter/tls - ansible.builtin.file: - path: /etc/prometheus/node-exporter/tls - state: directory - owner: _nodeexporter - group: _nodeexporter - mode: 0750 - -- name: render /etc/prometheus/node-exporter/tls/config.yml - ansible.builtin.template: - src: prometheus-node-exporter-webconfig.yml.j2 - dest: /etc/prometheus/node-exporter/tls/config.yml - owner: _nodeexporter - group: _nodeexporter - mode: 0640 - notify: restart node exporter - -- name: configure node exporter - ansible.builtin.lineinfile: - path: /etc/rc.conf.local - line: >- - node_exporter_flags=--collector.textfile.directory={{ node_exporter_textfile_dir }} - {{ node_exporter_flags }} - --web.config=/etc/prometheus/node-exporter/tls/config.yml - regexp: ^node_exporter_flags=.*$ - notify: - - start node exporter - - restart node exporter diff --git a/roles/prometheus_node_openbsd/tasks/main.yml b/roles/prometheus_node_openbsd/tasks/main.yml deleted file mode 100644 index 07e8ebd..0000000 --- a/roles/prometheus_node_openbsd/tasks/main.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- - -- name: install prometheus node exporter - import_tasks: install.yml - tags: - - 'role::prometheus_node_openbsd' - - 'role::prometheus_node_openbsd:install' - -- name: install syspatch check - import_tasks: syspatch.yml - tags: - - 'role::prometheus_node_openbsd' - - 'role::prometheus_node_openbsd:syspatch' - -- name: configure prometheus node exporter - import_tasks: config.yml - tags: - - "role::prometheus_node_openbsd" - - "role::prometheus_node_openbsd:config" diff --git a/roles/prometheus_node_openbsd/tasks/syspatch.yml b/roles/prometheus_node_openbsd/tasks/syspatch.yml deleted file mode 100644 index 000c7f5..0000000 --- a/roles/prometheus_node_openbsd/tasks/syspatch.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- - -- name: create syspatch check script - ansible.builtin.template: - src: syspatch.sh.j2 - dest: /usr/local/bin/prometheus-node-exporter-syspatch.sh - owner: root - group: bin - mode: 0755 - -- name: register syspatch check script in cron - ansible.builtin.lineinfile: - path: /etc/daily.local - regexp: '^/usr/local/bin/prometheus-node-exporter-syspatch.sh$' - line: '/usr/local/bin/prometheus-node-exporter-syspatch.sh' diff --git a/roles/prometheus_node_openbsd/templates/prometheus-node-exporter-webconfig.yml.j2 b/roles/prometheus_node_openbsd/templates/prometheus-node-exporter-webconfig.yml.j2 deleted file mode 100644 index 112eedd..0000000 --- a/roles/prometheus_node_openbsd/templates/prometheus-node-exporter-webconfig.yml.j2 +++ /dev/null @@ -1,8 +0,0 @@ ---- -{{ ansible_managed | comment }} - -tls_server_config: - cert_file: "{{ prometheus_node_tls_cert }}" - key_file: "{{ prometheus_node_tls_key }}" - client_auth_type: "{{ prometheus_node_tls_require_cert | ternary('RequireAndVerifyClientCert', 'NoClientCert') }}" - client_ca_file: "{{ prometheus_node_tls_ca }}" diff --git a/roles/prometheus_node_openbsd/templates/syspatch.sh.j2 b/roles/prometheus_node_openbsd/templates/syspatch.sh.j2 deleted file mode 100644 index 91420d8..0000000 --- a/roles/prometheus_node_openbsd/templates/syspatch.sh.j2 +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/sh -{{ ansible_managed | comment}} - -N_PATCHES="$(/usr/sbin/syspatch -c | wc -l)" -TMPFILE="$(/usr/bin/mktemp /tmp/prometheus-node-exporter-syspatch.XXXXXX)" - -/bin/cat > "${TMPFILE}" <