From 1e9d610bb87ce6f0cb1e5a8d44f09616f90273e2 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Fri, 18 Jun 2021 01:24:40 +0200
Subject: prometheus enable/disable targets for jobs

---
 .../group_vars/promzone-chaos-at-home/vars.yml     | 12 ++++++---
 roles/monitoring/prometheus/ca/tasks/main.yml      |  2 +-
 .../prometheus/exporter/base/tasks/tls.yml         |  4 +--
 .../prometheus/server/filter_plugins/prometheus.py | 29 ++++++++++++++++++++++
 roles/monitoring/prometheus/server/tasks/main.yml  | 11 ++++++--
 5 files changed, 49 insertions(+), 9 deletions(-)
 create mode 100644 roles/monitoring/prometheus/server/filter_plugins/prometheus.py

diff --git a/inventory/group_vars/promzone-chaos-at-home/vars.yml b/inventory/group_vars/promzone-chaos-at-home/vars.yml
index 2345292b..078576f1 100644
--- a/inventory/group_vars/promzone-chaos-at-home/vars.yml
+++ b/inventory/group_vars/promzone-chaos-at-home/vars.yml
@@ -1,9 +1,13 @@
 ---
-promethues_server: ch-mon
-promethues_zone_name: chaos@home
-
-prometheus_zone_targets: "{{ groups['promzone-chaos-at-home'] }}"
+prometheus_scrape_endpoint: "{{ network.primary.address | ipaddr('address') }}:9999"
 
 prometheus_exporters_extra: []
 prometheus_exporters_default:
   - node
+
+prometheus_server: ch-mon
+prometheus_server_jobs:
+  - node
+
+prometheus_zone_name: chaos@home
+prometheus_zone_targets: "{{ groups['promzone-chaos-at-home'] }}"
diff --git a/roles/monitoring/prometheus/ca/tasks/main.yml b/roles/monitoring/prometheus/ca/tasks/main.yml
index cde4a267..064cb6e8 100644
--- a/roles/monitoring/prometheus/ca/tasks/main.yml
+++ b/roles/monitoring/prometheus/ca/tasks/main.yml
@@ -30,7 +30,7 @@
   openssl_csr:
     path: /etc/ssl/prometheus/ca/csr.pem
     privatekey_path: /etc/ssl/prometheus/ca/key.pem
-    CN: "CA for promethues zone {{ promethues_zone_name }}"
+    CN: "CA for prometheus zone {{ prometheus_zone_name }}"
     useCommonNameForSAN: no
     key_usage:
     - cRLSign
diff --git a/roles/monitoring/prometheus/exporter/base/tasks/tls.yml b/roles/monitoring/prometheus/exporter/base/tasks/tls.yml
index 72186acb..2f880e6a 100644
--- a/roles/monitoring/prometheus/exporter/base/tasks/tls.yml
+++ b/roles/monitoring/prometheus/exporter/base/tasks/tls.yml
@@ -70,7 +70,7 @@
   register: prometheus_exporter_server_cert_current
 
 - name: generate exporter certificate
-  delegate_to: "{{ promethues_server }}"
+  delegate_to: "{{ prometheus_server }}"
   community.crypto.x509_certificate_pipe:
     content: "{{ prometheus_exporter_server_cert_current.content | default('') | b64decode }}"
     csr_content: "{{ prometheus_exporter_server_csr.content | b64decode }}"
@@ -89,7 +89,7 @@
   notify: restart prometheus-exporter-exporter
 
 - name: slurp CA certificate
-  delegate_to: "{{ promethues_server }}"
+  delegate_to: "{{ prometheus_server }}"
   slurp:
     src: /etc/ssl/prometheus/ca-crt.pem
   register: prometheus_exporter_ca_certificate
diff --git a/roles/monitoring/prometheus/server/filter_plugins/prometheus.py b/roles/monitoring/prometheus/server/filter_plugins/prometheus.py
new file mode 100644
index 00000000..81cfae70
--- /dev/null
+++ b/roles/monitoring/prometheus/server/filter_plugins/prometheus.py
@@ -0,0 +1,29 @@
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+from functools import partial
+
+from ansible import errors
+
+
+def prometheus_job_targets(hostvars, jobs, targets):
+    try:
+        result = []
+        for job in jobs:
+            for target in targets:
+                enabled = job in hostvars[target]['prometheus_exporters_default'] or job in hostvars[target]['prometheus_exporters_extra']
+                result.append({'job': job, 'target': target, 'enabled': enabled})
+        return result
+    except Exception as e:
+        raise errors.AnsibleFilterError("prometheus_job_targets(): %s" % str(e))
+
+
+class FilterModule(object):
+
+    ''' prometheus filters '''
+    filter_map = {
+        'prometheus_job_targets': prometheus_job_targets,
+    }
+
+    def filters(self):
+        return self.filter_map
diff --git a/roles/monitoring/prometheus/server/tasks/main.yml b/roles/monitoring/prometheus/server/tasks/main.yml
index 492e8dc2..44f0800e 100644
--- a/roles/monitoring/prometheus/server/tasks/main.yml
+++ b/roles/monitoring/prometheus/server/tasks/main.yml
@@ -54,12 +54,19 @@
   loop: "{{ prometheus_zone_targets }}"
   copy:
     content: |
-      - targets: [ "{{ hostvars[item].ansible_default_ipv4.address }}:9999" ]
+      - targets: [ "{{ hostvars[item].prometheus_scrape_endpoint }}" ]
         labels:
           instance: "{{ item }}"
     dest: "/etc/prometheus/targets/{{ item }}.yml"
 
-# TODO: enable targets for configured jobs using symlinks in /etc/prometheus/jobs/*/
+- name: enable targets for jobs
+  loop: "{{ hostvars | prometheus_job_targets(prometheus_server_jobs, prometheus_zone_targets) }}"
+  loop_control:
+    label: "{{ item.job }} -> {{ item.target }}"
+  file:
+    src: "{{ item.enabled | ternary('/etc/prometheus/targets/' + item.target + '.yml', omit) }}"
+    path: "/etc/prometheus/jobs/{{ item.job }}/{{ item.target }}.yml"
+    state: "{{ item.enabled | ternary('link', 'absent') }}"
 
 - name: generate configuration file
   template:
-- 
cgit v1.2.3