diff options
-rw-r--r-- | chaos-at-home/host_vars/ch-apps.yml | 13 | ||||
-rw-r--r-- | inventory/host_vars/ch-apps.yml | 14 | ||||
-rw-r--r-- | roles/monitoring/alerta/defaults/main.yml | 12 | ||||
-rw-r--r-- | roles/monitoring/alerta/tasks/main.yml | 15 | ||||
-rw-r--r-- | roles/monitoring/alerta/templates/pod-spec.yml.j2 | 16 | ||||
-rw-r--r-- | roles/monitoring/alerta/vars/main.yml | 5 | ||||
-rw-r--r-- | roles/monitoring/prometheus/alertmanager/defaults/main.yml | 5 | ||||
-rw-r--r-- | roles/monitoring/prometheus/alertmanager/tasks/main.yml | 13 |
8 files changed, 81 insertions, 12 deletions
diff --git a/chaos-at-home/host_vars/ch-apps.yml b/chaos-at-home/host_vars/ch-apps.yml new file mode 100644 index 00000000..2113cccb --- /dev/null +++ b/chaos-at-home/host_vars/ch-apps.yml @@ -0,0 +1,13 @@ +$ANSIBLE_VAULT;1.2;AES256;chaos-at-home +66616135616662353431383534356431653465623632333438366435613935343230396533383437 +3438633761653436623362666239653733363066653866620a363533363036633434626263343062 +39393733633261323964626438613864333836366637663662323961643465383463326265636337 +3835373439326466370a343739383966383364636432336538383736373631323632343064333938 +37613637393734353435323465633134626265663863323764343461373761363561343130333633 +32643364653930383030386636643564616534623332633839326330326164346464393138653736 +31323363633339393263356162396236623033313961326465306438323634333735636162663935 +35306435363137616633326337376236663536316163646562646435353939393833653932626339 +30373438376266323265623833333331653739663334353434303634646533636337373034636238 +34646263363864643937313132663336393735313363336637656363363236366431303039383639 +66303539633963333831323230646535346439646437343333353362626330386230653665646361 +32633630623162646238 diff --git a/inventory/host_vars/ch-apps.yml b/inventory/host_vars/ch-apps.yml index 5fe4acd5..afc95e12 100644 --- a/inventory/host_vars/ch-apps.yml +++ b/inventory/host_vars/ch-apps.yml @@ -124,3 +124,17 @@ kubernetes_standalone_cni_variant: with-portmap alerta_base_path: /srv/storage/alerta +alerta_storage: + type: zfs + pool: storage + name: alerta + properties: + quota: 1G + 'syncoid:sync': 'false' + +alerta_web_version: 8.7.0 +alerta_postgres_version: 14.2 +alerta_redis_version: 6.2.6 + +alerta_web_secret_key: "{{ vault_alerta_web_secret_key }}" +alerta_postgres_password: "{{ vault_alerta_postgres_password }}" diff --git a/roles/monitoring/alerta/defaults/main.yml b/roles/monitoring/alerta/defaults/main.yml index 034c8268..59dea307 100644 --- a/roles/monitoring/alerta/defaults/main.yml +++ b/roles/monitoring/alerta/defaults/main.yml @@ -1,2 +1,14 @@ --- # alerta_base_path: /srv/alerta +# alerta_storage: +# type: (zfs|lvm) +# ... + +# alerta_web_version: 8.7.0 +# alerta_postgres_version: 14.2 +# alerta_redis_version: 6.2.6 + +alerta_web_port: 8080 + +# alerta_web_secret_key: "randomstring" +# alerta_postgres_password: "secret" diff --git a/roles/monitoring/alerta/tasks/main.yml b/roles/monitoring/alerta/tasks/main.yml index 490f5e3d..ffedb143 100644 --- a/roles/monitoring/alerta/tasks/main.yml +++ b/roles/monitoring/alerta/tasks/main.yml @@ -1,4 +1,11 @@ --- +- name: prepare storage volume for alerta + when: alerta_storage is defined + vars: + storage_volume: "{{ alerta_storage | combine({'dest': alerta_base_path}) }}" + include_role: + name: "storage/{{ alerta_storage.type }}/volume" + - name: create alerta subdirectories loop: - config @@ -11,18 +18,18 @@ - name: generate Dockerfile for custom image copy: content: | - FROM alerta/alerta-web:8.7.0 + FROM alerta/alerta-web:{{ alerta_web_version }} RUN set -x \ && sed 's/USE_AM_EXTERNALURL_FOR_SILENCES/ALERTMANAGER_USE_EXTERNALURL_FOR_SILENCES/' -i /venv/lib/python3.8/site-packages/alerta_prometheus.py \ - && /venv/bin/pip install redis==4.1.4 \ - && /venv/bin/pip install git+https://github.com/alerta/alerta-contrib.git@69d271ef9fe6542727ec4aa39fc8e0f797f1e8b1#subdirectory=integrations/mailer + && /venv/bin/pip install redis=={{ _alerta_pip[alerta_web_version].redis_version }} \ + && /venv/bin/pip install git+https://github.com/alerta/alerta-contrib.git@{{ _alerta_pip[alerta_web_version].contrib_mailer_git_hash }}#subdirectory=integrations/mailer dest: "{{ alerta_base_path }}/build/Dockerfile" register: alerta_custom_image_docker - name: build custom image docker_image: - name: "alerta-web-with-mailer:8.7.0" + name: "alerta-web-with-mailer:{{ alerta_web_version }}" state: present force_source: "{{ alerta_custom_image_docker is changed }}" source: build diff --git a/roles/monitoring/alerta/templates/pod-spec.yml.j2 b/roles/monitoring/alerta/templates/pod-spec.yml.j2 index 6edabae5..c39ec080 100644 --- a/roles/monitoring/alerta/templates/pod-spec.yml.j2 +++ b/roles/monitoring/alerta/templates/pod-spec.yml.j2 @@ -1,13 +1,15 @@ containers: - name: alerta - image: "alerta-web-with-mailer:8.7.0" + image: "alerta-web-with-mailer:{{ alerta_web_version }}" env: - name: "DATABASE_URL" - value: "postgres://alerta:secret@127.0.0.1:5432/alerta" + value: "postgres://alerta:{{ alerta_postgres_password }}@127.0.0.1:5432/alerta" - name: "AUTH_REQUIRED" value: "True" - name: "ADMIN_USERS" value: "admin" + - name: "SECRET_KEY" + value: "{{ alerta_web_secret_key }}" - name: "DEBUG" value: "1" - name: "SUPERVISORD_LOG_LEVEL" @@ -19,10 +21,10 @@ containers: readOnly: true ports: - containerPort: 8080 - hostPort: 8080 + hostPort: {{ alerta_web_port }} - name: postgresql - image: "postgres:14.2" + image: "postgres:{{ alerta_postgres_version }}" args: - postgres - -c @@ -33,20 +35,20 @@ containers: - name: "POSTGRES_USER" value: "alerta" - name: "POSTGRES_PASSWORD" - value: "secret" + value: "{{ alerta_postgres_password }}" volumeMounts: - name: postgres mountPath: /var/lib/postgresql/data - name: redis - image: "redis:6.2.6" + image: "redis:{{ alerta_redis_version }}" args: - redis-server - --bind - 127.0.0.1 - name: mailer - image: "alerta-web-with-mailer:8.7.0" + image: "alerta-web-with-mailer:{{ alerta_web_version }}" command: - alerta-mailer env: diff --git a/roles/monitoring/alerta/vars/main.yml b/roles/monitoring/alerta/vars/main.yml new file mode 100644 index 00000000..928a720b --- /dev/null +++ b/roles/monitoring/alerta/vars/main.yml @@ -0,0 +1,5 @@ +--- +_alerta_pip: + 8.7.0: + redis_version: 4.1.4 + contrib_mailer_git_hash: 69d271ef9fe6542727ec4aa39fc8e0f797f1e8b1 diff --git a/roles/monitoring/prometheus/alertmanager/defaults/main.yml b/roles/monitoring/prometheus/alertmanager/defaults/main.yml index 86cd9aa5..ac4f7600 100644 --- a/roles/monitoring/prometheus/alertmanager/defaults/main.yml +++ b/roles/monitoring/prometheus/alertmanager/defaults/main.yml @@ -21,5 +21,8 @@ prometheus_alertmanager_route: prometheus_alertmanager_receivers: - name: empty -# prometheus_server_auth_users: +# prometheus_alertmanager_auth_users: # admin: geheim + +# prometheus_alertmanager_password_files: +# user: secret diff --git a/roles/monitoring/prometheus/alertmanager/tasks/main.yml b/roles/monitoring/prometheus/alertmanager/tasks/main.yml index 338b0cbe..173ea758 100644 --- a/roles/monitoring/prometheus/alertmanager/tasks/main.yml +++ b/roles/monitoring/prometheus/alertmanager/tasks/main.yml @@ -47,6 +47,19 @@ group: prometheus-alertmanager notify: reload prometheus-alertmanager +- name: generate password files + when: prometheus_alertmanager_password_files is defined + loop: "{{ prometheus_alertmanager_password_files | dict2items }}" + loop_control: + label: "{{ item.key }}" + copy: + content: "{{ item.value }}" + dest: "/etc/prometheus/alertmanager-{{ item.key }}.password" + mode: 0640 + owner: root + group: prometheus-alertmanager + notify: reload prometheus-alertmanager + - name: generate systemd service unit template: src: prometheus-alertmanager.service.j2 |