mirror of
https://gitlab.com/s3lph/ansible-collection-prometheus
synced 2024-10-23 03:46:59 +02:00
Compare commits
15 commits
439f5a1c48
...
a43ad48b3a
Author | SHA1 | Date | |
---|---|---|---|
|
a43ad48b3a | ||
|
b7029130d4 | ||
|
7af08256b5 | ||
|
600fbc8d1f | ||
|
8e4614c623 | ||
|
28ba191c8d | ||
|
b171046f4c | ||
|
cc4692b37d | ||
|
5086fe389f | ||
|
c7d0bece62 | ||
|
ee169d0b73 | ||
|
ad6a46af11 | ||
|
55405d5261 | ||
|
1340787ce3 | ||
|
8310af201b |
14 changed files with 154 additions and 23 deletions
|
@ -39,7 +39,8 @@ tags:
|
||||||
# collection label 'namespace.name'. The value is a version range
|
# collection label 'namespace.name'. The value is a version range
|
||||||
# L(specifiers,https://python-semanticversion.readthedocs.io/en/latest/#requirement-specification). Multiple version
|
# L(specifiers,https://python-semanticversion.readthedocs.io/en/latest/#requirement-specification). Multiple version
|
||||||
# range specifiers can be set and are separated by ','
|
# range specifiers can be set and are separated by ','
|
||||||
dependencies: {}
|
dependencies:
|
||||||
|
git@gitlab.com:s3lph/ansible-collection-pki: master
|
||||||
|
|
||||||
# The URL of the originating SCM repository
|
# The URL of the originating SCM repository
|
||||||
repository: https://gitlab.com/s3lph/ansible-collection-prometheus
|
repository: https://gitlab.com/s3lph/ansible-collection-prometheus
|
||||||
|
|
31
playbooks/monitoring.yml
Normal file
31
playbooks/monitoring.yml
Normal file
|
@ -0,0 +1,31 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- hosts: cas
|
||||||
|
roles:
|
||||||
|
- s3lph.pki.pki_ca
|
||||||
|
|
||||||
|
- hosts: new_nodes
|
||||||
|
strategy: free
|
||||||
|
roles:
|
||||||
|
- s3lph.pki.pki_entity
|
||||||
|
- s3lph.prometheus.prometheus_node
|
||||||
|
|
||||||
|
- hosts: all_nodes
|
||||||
|
strategy: free
|
||||||
|
roles:
|
||||||
|
- s3lph.prometheus.prometheus_node
|
||||||
|
|
||||||
|
- hosts: openbsd_node
|
||||||
|
strategy: free
|
||||||
|
roles:
|
||||||
|
- s3lph.prometheus.prometheus_node_openbsd
|
||||||
|
|
||||||
|
- hosts: alertmanagers
|
||||||
|
strategy: free
|
||||||
|
roles:
|
||||||
|
- s3lph.prometheus.alertmanager
|
||||||
|
|
||||||
|
- hosts: prometheus
|
||||||
|
roles:
|
||||||
|
- s3lph.pki.pki_entity
|
||||||
|
- s3lph.prometheus.prometheus
|
|
@ -31,6 +31,14 @@
|
||||||
password: {{ job.basic_auth_password }}
|
password: {{ job.basic_auth_password }}
|
||||||
{% endif -%}
|
{% endif -%}
|
||||||
|
|
||||||
|
{% if 'tls_config' in job -%}
|
||||||
|
tls_config:
|
||||||
|
ca_file: {{ job.tls_config.ca_file }}
|
||||||
|
cert_file: {{ job.tls_config.cert_file }}
|
||||||
|
key_file: {{ job.tls_config.key_file }}
|
||||||
|
insecure_skip_verify: {{ job.tls_config.insecure_skip_verify | default(false) }}
|
||||||
|
{% endif -%}
|
||||||
|
|
||||||
static_configs:
|
static_configs:
|
||||||
- targets:
|
- targets:
|
||||||
{% for host in groups['all'] -%}
|
{% for host in groups['all'] -%}
|
||||||
|
|
|
@ -8,3 +8,8 @@ smartmon_exporter_force_off: no
|
||||||
prometheus_hpsa_collector: no
|
prometheus_hpsa_collector: no
|
||||||
|
|
||||||
prometheus_textfile_collectors: {}
|
prometheus_textfile_collectors: {}
|
||||||
|
|
||||||
|
prometheus_node_tls_cert: null
|
||||||
|
prometheus_node_tls_key: null
|
||||||
|
prometheus_node_tls_require_cert: no
|
||||||
|
prometheus_node_tls_ca: null
|
||||||
|
|
|
@ -1,5 +1,20 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
|
- name: create /etc/prometheus/node-exporter/tls
|
||||||
|
file:
|
||||||
|
path: /etc/prometheus/node-exporter/tls
|
||||||
|
state: directory
|
||||||
|
owner: prometheus
|
||||||
|
group: prometheus
|
||||||
|
|
||||||
|
- name: render /etc/prometheus/node-exporter/tls/config.yml
|
||||||
|
template:
|
||||||
|
src: prometheus-node-exporter-webconfig.yml.j2
|
||||||
|
dest: /etc/prometheus/node-exporter/tls/config.yml
|
||||||
|
owner: prometheus
|
||||||
|
group: prometheus
|
||||||
|
notify: restart prometheus-node-exporter
|
||||||
|
|
||||||
- name: render /etc/default/prometheus-node-exporter
|
- name: render /etc/default/prometheus-node-exporter
|
||||||
template:
|
template:
|
||||||
src: prometheus-node-exporter.default.j2
|
src: prometheus-node-exporter.default.j2
|
||||||
|
|
|
@ -1,10 +1,34 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: install prometheus-node-exporter
|
|
||||||
|
- name: check if package files already exist
|
||||||
|
stat:
|
||||||
|
path: "/root/{{ item.name }}_{{ item.version }}_{{ item.arch }}.deb"
|
||||||
|
loop:
|
||||||
|
- name: prometheus-node-exporter
|
||||||
|
version: 1.0.1+ds-1
|
||||||
|
arch: amd64
|
||||||
|
- name: prometheus-node-exporter-collectors
|
||||||
|
version: 0+git20201003.8db38d1-1
|
||||||
|
arch: all
|
||||||
|
register: prometheus_node_register_ucs_deb_stat
|
||||||
|
|
||||||
|
- name: download packages
|
||||||
|
get_url:
|
||||||
|
url: "https://{{ debian_mirror }}/debian/pool/main/{{ pfirst | urlencode() }}/{{ package | urlencode() }}/{{ package | urlencode() }}_{{ version | urlencode() }}_{{ arch | urlencode() }}.deb" # noqa 204
|
||||||
|
dest: "/root/{{ package }}_{{ version }}_{{ arch }}.deb"
|
||||||
|
vars:
|
||||||
|
pfirst: "{{ item.item.name[:1] }}"
|
||||||
|
package: "{{ item.item.name }}"
|
||||||
|
version: "{{ item.item.version }}"
|
||||||
|
arch: "{{ item.item.arch }}"
|
||||||
|
when: not item.stat.exists
|
||||||
|
loop: "{{ prometheus_node_register_ucs_deb_stat.results }}"
|
||||||
|
|
||||||
|
- name: install packages
|
||||||
apt:
|
apt:
|
||||||
name: prometheus-node-exporter
|
deb: "/root/{{ item.item.name }}_{{ item.item.version }}_{{ item.item.arch }}.deb"
|
||||||
state: present
|
loop: "{{ prometheus_node_register_ucs_deb_stat.results }}"
|
||||||
update_cache: yes
|
|
||||||
|
|
||||||
- name: start prometheus-node-exporter.service
|
- name: start prometheus-node-exporter.service
|
||||||
systemd:
|
systemd:
|
||||||
|
|
|
@ -13,7 +13,7 @@
|
||||||
import_tasks: debian11.yml
|
import_tasks: debian11.yml
|
||||||
when:
|
when:
|
||||||
- "ansible_lsb.id == 'Debian' or ansible_lsb.id == 'Raspbian'"
|
- "ansible_lsb.id == 'Debian' or ansible_lsb.id == 'Raspbian'"
|
||||||
- "ansible_lsb.major_release | int == 11"
|
- "ansible_lsb.major_release | int >= 11"
|
||||||
tags:
|
tags:
|
||||||
- "role::prometheus_node"
|
- "role::prometheus_node"
|
||||||
- "role::prometheus_node:debian"
|
- "role::prometheus_node:debian"
|
||||||
|
|
|
@ -2,28 +2,34 @@
|
||||||
|
|
||||||
- name: check if package files already exist
|
- name: check if package files already exist
|
||||||
stat:
|
stat:
|
||||||
path: "/root/{{ item.name }}_{{ item.version }}_amd64.deb"
|
path: "/root/{{ item.name }}_{{ item.version }}_{{ item.arch }}.deb"
|
||||||
loop:
|
loop:
|
||||||
- name: prometheus-node-exporter
|
- name: prometheus-node-exporter
|
||||||
version: 0.17.0+ds-3+b11
|
version: 1.0.1+ds-1
|
||||||
|
arch: amd64
|
||||||
|
- name: prometheus-node-exporter-collectors
|
||||||
|
version: 0+git20201003.8db38d1-1
|
||||||
|
arch: all
|
||||||
- name: moreutils
|
- name: moreutils
|
||||||
version: 0.62-1
|
version: 0.64-1
|
||||||
|
arch: amd64
|
||||||
register: prometheus_node_register_ucs_deb_stat
|
register: prometheus_node_register_ucs_deb_stat
|
||||||
|
|
||||||
- name: download packages
|
- name: download packages
|
||||||
get_url:
|
get_url:
|
||||||
url: "https://{{ debian_mirror }}/debian/pool/main/{{ pfirst | urlencode() }}/{{ package | urlencode() }}/{{ package | urlencode() }}_{{ version | urlencode() }}_amd64.deb" # noqa 204
|
url: "https://{{ debian_mirror }}/debian/pool/main/{{ pfirst | urlencode() }}/{{ package | urlencode() }}/{{ package | urlencode() }}_{{ version | urlencode() }}_{{ arch | urlencode() }}.deb" # noqa 204
|
||||||
dest: "/root/{{ package }}_{{ version }}_amd64.deb"
|
dest: "/root/{{ package }}_{{ version }}_{{ arch }}.deb"
|
||||||
vars:
|
vars:
|
||||||
pfirst: "{{ item.item.name[:1] }}"
|
pfirst: "{{ item.item.name[:1] }}"
|
||||||
package: "{{ item.item.name }}"
|
package: "{{ item.item.name }}"
|
||||||
version: "{{ item.item.version }}"
|
version: "{{ item.item.version }}"
|
||||||
|
arch: "{{ item.item.arch }}"
|
||||||
when: not item.stat.exists
|
when: not item.stat.exists
|
||||||
loop: "{{ prometheus_node_register_ucs_deb_stat.results }}"
|
loop: "{{ prometheus_node_register_ucs_deb_stat.results }}"
|
||||||
|
|
||||||
- name: install packages
|
- name: install packages
|
||||||
apt:
|
apt:
|
||||||
deb: "/root/{{ item.item.name }}_{{ item.item.version }}_amd64.deb"
|
deb: "/root/{{ item.item.name }}_{{ item.item.version }}_{{ item.item.arch }}.deb"
|
||||||
loop: "{{ prometheus_node_register_ucs_deb_stat.results }}"
|
loop: "{{ prometheus_node_register_ucs_deb_stat.results }}"
|
||||||
|
|
||||||
- name: start prometheus-node-exporter.service
|
- name: start prometheus-node-exporter.service
|
||||||
|
|
|
@ -0,0 +1,8 @@
|
||||||
|
---
|
||||||
|
{{ ansible_managed | comment }}
|
||||||
|
|
||||||
|
tls_server_config:
|
||||||
|
cert_file: "{{ prometheus_node_tls_cert }}"
|
||||||
|
key_file: "{{ prometheus_node_tls_key }}"
|
||||||
|
client_auth_type: "{{ prometheus_node_tls_require_cert | ternary('RequireAndVerifyClientCert', 'NoClientCert') }}"
|
||||||
|
client_ca_file: "{{ prometheus_node_tls_ca }}"
|
|
@ -1,3 +1,3 @@
|
||||||
{{ ansible_managed | comment }}
|
{{ ansible_managed | comment }}
|
||||||
|
|
||||||
ARGS="{% for k, v in args.items() %}--{{ k }}=\"{{ v }}\" {% endfor %}"
|
ARGS="{% for k, v in args.items() %}--{{ k }}=\"{{ v }}\" {% endfor %} --web.config=/etc/prometheus/node-exporter/tls/config.yml"
|
||||||
|
|
28
roles/prometheus_node_openbsd/tasks/config.yml
Normal file
28
roles/prometheus_node_openbsd/tasks/config.yml
Normal file
|
@ -0,0 +1,28 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: create /etc/prometheus/node-exporter/tls
|
||||||
|
file:
|
||||||
|
path: /etc/prometheus/node-exporter/tls
|
||||||
|
state: directory
|
||||||
|
owner: _nodeexporter
|
||||||
|
group: _nodeexporter
|
||||||
|
|
||||||
|
- name: render /etc/prometheus/node-exporter/tls/config.yml
|
||||||
|
template:
|
||||||
|
src: prometheus-node-exporter-webconfig.yml.j2
|
||||||
|
dest: /etc/prometheus/node-exporter/tls/config.yml
|
||||||
|
owner: _nodeexporter
|
||||||
|
group: _nodeexporter
|
||||||
|
notify: restart node exporter
|
||||||
|
|
||||||
|
- name: configure node exporter
|
||||||
|
lineinfile:
|
||||||
|
path: /etc/rc.conf.local
|
||||||
|
line: >-
|
||||||
|
node_exporter_flags=--collector.textfile.directory={{ node_exporter_textfile_dir }}
|
||||||
|
{{ node_exporter_flags }}
|
||||||
|
--web.config=/etc/prometheus/node-exporter/tls/config.yml
|
||||||
|
regexp: ^node_exporter_flags=.*$
|
||||||
|
notify:
|
||||||
|
- start node exporter
|
||||||
|
- restart node exporter
|
|
@ -2,7 +2,7 @@
|
||||||
|
|
||||||
- name: install prometheus node exporter
|
- name: install prometheus node exporter
|
||||||
openbsd_pkg:
|
openbsd_pkg:
|
||||||
name: node_exporter-0.18.0
|
name: node_exporter
|
||||||
|
|
||||||
- name: create textfile collector directory
|
- name: create textfile collector directory
|
||||||
file:
|
file:
|
||||||
|
@ -11,12 +11,3 @@
|
||||||
owner: root
|
owner: root
|
||||||
group: _nodeexporter
|
group: _nodeexporter
|
||||||
mode: 0750
|
mode: 0750
|
||||||
|
|
||||||
- name: enable node exporter
|
|
||||||
lineinfile:
|
|
||||||
path: /etc/rc.conf.local
|
|
||||||
line: "node_exporter_flags=--collector.textfile.directory={{ node_exporter_textfile_dir }} {{ node_exporter_flags }}"
|
|
||||||
regexp: ^node_exporter_flags=.*$
|
|
||||||
notify:
|
|
||||||
- start node exporter
|
|
||||||
- restart node exporter
|
|
||||||
|
|
|
@ -11,3 +11,9 @@
|
||||||
tags:
|
tags:
|
||||||
- 'role::prometheus_node_openbsd'
|
- 'role::prometheus_node_openbsd'
|
||||||
- 'role::prometheus_node_openbsd:syspatch'
|
- 'role::prometheus_node_openbsd:syspatch'
|
||||||
|
|
||||||
|
- name: configure prometheus node exporter
|
||||||
|
import_tasks: config.yml
|
||||||
|
tags:
|
||||||
|
- "role::prometheus_node_openbsd"
|
||||||
|
- "role::prometheus_node_openbsd:config"
|
||||||
|
|
|
@ -0,0 +1,8 @@
|
||||||
|
---
|
||||||
|
{{ ansible_managed | comment }}
|
||||||
|
|
||||||
|
tls_server_config:
|
||||||
|
cert_file: "{{ prometheus_node_tls_cert }}"
|
||||||
|
key_file: "{{ prometheus_node_tls_key }}"
|
||||||
|
client_auth_type: "{{ prometheus_node_tls_require_cert | ternary('RequireAndVerifyClientCert', 'NoClientCert') }}"
|
||||||
|
client_ca_file: "{{ prometheus_node_tls_ca }}"
|
Loading…
Reference in a new issue