From babb9bcda6b01087c0cb80abac7cd6b37b4dfe3d Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Tue, 27 Jul 2021 18:06:50 +0200 Subject: ele-mon basic install --- chaos-at-home/ch-mon.yml | 2 +- chaos-at-home/host_vars/ch-mon.yml | 18 +++--- dan/ele-mon.yml | 30 +++++++++ dan/host_vars/ele-mon.yml | 10 +++ inventory/group_vars/elevate-festival/vars.yml | 2 + .../group_vars/promzone-elevate-festival/vars.yml | 13 ++++ inventory/host_vars/ch-mon.yml | 68 ++++++++++++++++++++ inventory/host_vars/ele-mon.yml | 74 ++++++++++++++++++++++ inventory/hosts.ini | 7 ++ .../prometheus/server/defaults/main/main.yml | 2 + .../prometheus/server/templates/prometheus.yml.j2 | 71 +-------------------- 11 files changed, 219 insertions(+), 78 deletions(-) create mode 100644 dan/ele-mon.yml create mode 100644 dan/host_vars/ele-mon.yml create mode 100644 inventory/group_vars/promzone-elevate-festival/vars.yml create mode 100644 inventory/host_vars/ele-mon.yml diff --git a/chaos-at-home/ch-mon.yml b/chaos-at-home/ch-mon.yml index bb20677f..90fa0a69 100644 --- a/chaos-at-home/ch-mon.yml +++ b/chaos-at-home/ch-mon.yml @@ -12,8 +12,8 @@ - role: apt-repo/spreadspace - role: monitoring/prometheus/ca - role: monitoring/prometheus/exporter - - role: monitoring/prometheus/alertmanager - role: monitoring/prometheus/server + - role: monitoring/prometheus/alertmanager - role: monitoring/grafana - role: nginx/vhost nginx_vhost: diff --git a/chaos-at-home/host_vars/ch-mon.yml b/chaos-at-home/host_vars/ch-mon.yml index 02b3883a..a4b2ea77 100644 --- a/chaos-at-home/host_vars/ch-mon.yml +++ b/chaos-at-home/host_vars/ch-mon.yml @@ -1,10 +1,10 @@ $ANSIBLE_VAULT;1.2;AES256;chaos-at-home -64303062373862353734336666336331613033343966353530323764303830386162633039656461 -3630326139303239353862336338306662646230663332660a646139363333376332653331376135 -35366465323236396234396133653364343130383631366232646362363930343938306438613161 -3965303365613234380a626232376239303165313536653439353136643861646631323031313837 -32373737326539646336373661376539336663346637616662313133663663313733353538636435 -31366638616632333836656561363464353635336638343436386339353065393530376531353039 -63343336383732336533333336303766323839646636643235313463306436353066653261393136 -64336263383336653765343335613038633263306638336639653230346633366539613431616434 -3733 +37346236393235663838306466333130363230643438623263666363623933653335636432643366 +6134333865633537323934393937613938333264636336630a653164313734613832653364666630 +38643965333832646563386338643666323735363034333338646432343634643265626337333632 +6564666239623835650a656231376135663132356464366139376230626331633466646339346263 +63633438616533356631303431343830613265323239336262333365633234303830373432623830 +62333033353262386266343737643533336562333938613963306666653238353065376134333462 +62336535663264616130363439356436613964663335333035313935653866613036313134303965 +35313031386633326235336462646131613232643961643832383931323163373364336365313139 +37613233343137366531386131333839383061323438633739343363383361666139 diff --git a/dan/ele-mon.yml b/dan/ele-mon.yml new file mode 100644 index 00000000..1411b525 --- /dev/null +++ b/dan/ele-mon.yml @@ -0,0 +1,30 @@ +--- +- name: Basic Setup + hosts: ele-mon + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + - role: core/ntp + - role: storage/lvm/groups + - role: nginx/base + - role: apt-repo/spreadspace + - role: monitoring/prometheus/ca + - role: monitoring/prometheus/exporter + - role: monitoring/prometheus/server + - role: monitoring/prometheus/alertmanager + - role: monitoring/grafana + - role: nginx/vhost + nginx_vhost: + name: monitoring + template: generic-proxy-no-buffering + hostnames: + - "_" + locations: + '/grafana/': + proxy_pass: "http://127.0.0.1:3000" + '/prometheus/': + proxy_pass: "http://127.0.0.1:9090" + '/alertmanager/': + proxy_pass: "http://127.0.0.1:9093" diff --git a/dan/host_vars/ele-mon.yml b/dan/host_vars/ele-mon.yml new file mode 100644 index 00000000..f7141ab4 --- /dev/null +++ b/dan/host_vars/ele-mon.yml @@ -0,0 +1,10 @@ +$ANSIBLE_VAULT;1.2;AES256;dan +33313632623964313131336133643531326633636230623363356532386530363262336164343966 +3831363534333135653438623236373336653833643737380a336165646234366331376462373736 +33313063616636356432633137663566313334393437623434663365353438363431323564386665 +3363363632363533360a633761383230663665333564333061303731663034363230316461636164 +34363532663835646361653531343531613161323539653434616362353932336231396565343537 +32366530326237316366323262383136663961613737666564616161326563376565366531326466 +65343931326362333238343636616164353433386534306165363633653964343135366463373061 +61363465343335323562643762323136376437363038343361303864343261343361366139323237 +38336139326333653730316666396466336138626331623736633964613865376561 diff --git a/inventory/group_vars/elevate-festival/vars.yml b/inventory/group_vars/elevate-festival/vars.yml index ee2b7da8..87801f33 100644 --- a/inventory/group_vars/elevate-festival/vars.yml +++ b/inventory/group_vars/elevate-festival/vars.yml @@ -15,6 +15,7 @@ network_zones: ele-telesto: 201 ele-thetys: 202 ele-calypso: 203 + ele-mon: 220 ele-orpheum: 240 tricaster: 245 datacop: 249 @@ -138,6 +139,7 @@ network_zones: ele-ups-nextlib3: 213 ### Other + ele-mon: 220 datacop: 249 equinox-t450s: 250 ele-router: 254 diff --git a/inventory/group_vars/promzone-elevate-festival/vars.yml b/inventory/group_vars/promzone-elevate-festival/vars.yml new file mode 100644 index 00000000..85ade2dc --- /dev/null +++ b/inventory/group_vars/promzone-elevate-festival/vars.yml @@ -0,0 +1,13 @@ +--- +prometheus_scrape_endpoint: "{{ network.primary.address | ipaddr('address') }}:9999" + +prometheus_exporters_extra: [] +prometheus_exporters_default: + - node + +prometheus_server: ele-mon +prometheus_server_jobs: + - node + +prometheus_zone_name: Elevate Festival +prometheus_zone_targets: "{{ groups['promzone-elevate-festival'] }}" diff --git a/inventory/host_vars/ch-mon.yml b/inventory/host_vars/ch-mon.yml index 4df29b23..ad364a79 100644 --- a/inventory/host_vars/ch-mon.yml +++ b/inventory/host_vars/ch-mon.yml @@ -85,3 +85,71 @@ prometheus_alertmanager_web_route_prefix: /alertmanager/ grafana_secret_key: "{{ vault_grafana_secret_key }}" + +prometheus_server_jobs_extra: | + - job_name: 'ping' + metrics_path: /proxy + params: + module: + - blackbox + - icmp + scheme: https + tls_config: + ca_file: /etc/ssl/prometheus/ca-crt.pem + cert_file: /etc/ssl/prometheus/server/scrape-crt.pem + key_file: /etc/ssl/prometheus/server/scrape-key.pem + static_configs: + - targets: + - 62.99.185.129 + - 9.9.9.9 + relabel_configs: + - source_labels: [__address__] + target_label: __param_target + - source_labels: [__param_target] + target_label: instance + - target_label: __address__ + replacement: 192.168.32.230:9999 + + - job_name: 'https' + metrics_path: /proxy + params: + module: + - blackbox + - http_tls_2xx + scheme: https + tls_config: + ca_file: /etc/ssl/prometheus/ca-crt.pem + cert_file: /etc/ssl/prometheus/server/scrape-crt.pem + key_file: /etc/ssl/prometheus/server/scrape-key.pem + static_configs: + - targets: + - web.chaos-at-home.org + relabel_configs: + - source_labels: [__address__] + target_label: __param_target + - source_labels: [__param_target] + target_label: instance + - target_label: __address__ + replacement: 192.168.32.230:9999 + + - job_name: 'ssh' + metrics_path: /proxy + params: + module: + - blackbox + - ssh_banner + scheme: https + tls_config: + ca_file: /etc/ssl/prometheus/ca-crt.pem + cert_file: /etc/ssl/prometheus/server/scrape-crt.pem + key_file: /etc/ssl/prometheus/server/scrape-key.pem + static_configs: + - targets: + - 192.168.32.230:222 + relabel_configs: + - source_labels: [__address__] + target_label: __param_target + - target_label: instance + replacement: 'ch-mon' + - target_label: __address__ + replacement: 192.168.32.230:9999 diff --git a/inventory/host_vars/ele-mon.yml b/inventory/host_vars/ele-mon.yml new file mode 100644 index 00000000..a8840ef2 --- /dev/null +++ b/inventory/host_vars/ele-mon.yml @@ -0,0 +1,74 @@ +--- +install: + vm: + memory: 6G + numcpus: 4 + autostart: yes + disks: + primary: /dev/sda + scsi: + sda: + type: zfs + name: root + size: 10g + sdb: + type: zfs + backend: storage + name: data + size: 50g + interfaces: + - bridge: br-lan + name: lan0 + - bridge: br-mgmt + name: mgmt0 + +network: + nameservers: "{{ network_zones.lan.dns }}" + domain: "{{ host_domain }}" + systemd_link: + interfaces: "{{ install.interfaces }}" + primary: &_network_primary_ + name: lan0 + address: "{{ network_zones.lan.prefix | ipaddr(network_zones.lan.offsets[inventory_hostname]) | ipaddr('address/prefix') }}" + gateway: "{{ network_zones.lan.gateway }}" + interfaces: + - *_network_primary_ + - name: mgmt0 + address: "{{ network_zones.mgmt.prefix | ipaddr(network_zones.mgmt.offsets[inventory_hostname]) | ipaddr('address/prefix') }}" + + +lvm_groups: + mondata: + pvs: + - /dev/sdb + + +spreadspace_apt_repo_components: + - prometheus + +prometheus_server_storage: + type: lvm + vg: mondata + lv: prometheus + size: 30G + fs: ext4 + +prometheus_server_alertmanager: + url: "127.0.0.1:9093" + path_prefix: "/alertmanager/" + +prometheus_server_web_external_url: /prometheus/ + + +prometheus_exporters_extra: + - blackbox + +prometheus_exporter_blackbox_modules_extra: + icmp: + prober: icmp + + +prometheus_alertmanager_web_route_prefix: /alertmanager/ + + +grafana_secret_key: "{{ vault_grafana_secret_key }}" diff --git a/inventory/hosts.ini b/inventory/hosts.ini index f19f064b..72c047d2 100644 --- a/inventory/hosts.ini +++ b/inventory/hosts.ini @@ -404,6 +404,13 @@ ch-testvm-prometheus [promzone-chaos-at-home:children] promzone-chaos-at-home-server +[promzone-elevate-festival-server] +ele-mon +[promzone-elevate-festival] +ele-mon +[promzone-elevate-festival:children] +promzone-elevate-festival-server + ## hoster [hroot] diff --git a/roles/monitoring/prometheus/server/defaults/main/main.yml b/roles/monitoring/prometheus/server/defaults/main/main.yml index c9291172..b109b3b1 100644 --- a/roles/monitoring/prometheus/server/defaults/main/main.yml +++ b/roles/monitoring/prometheus/server/defaults/main/main.yml @@ -7,6 +7,8 @@ prometheus_server_retention: "15d" prometheus_server_jobs: - node +#prometheus_server_jobs_extra: | +# - job_name: ... prometheus_server_rules: prometheus: "{{ prometheus_server_rules_prometheus + ((prometheus_server_alertmanager is defined) | ternary(prometheus_server_rules_prometheus_alertmanager, [])) + prometheus_server_rules_prometheus_extra }}" diff --git a/roles/monitoring/prometheus/server/templates/prometheus.yml.j2 b/roles/monitoring/prometheus/server/templates/prometheus.yml.j2 index 69d5bcdc..6845a2d2 100644 --- a/roles/monitoring/prometheus/server/templates/prometheus.yml.j2 +++ b/roles/monitoring/prometheus/server/templates/prometheus.yml.j2 @@ -51,71 +51,6 @@ scrape_configs: - files: - "/etc/prometheus/jobs/{{ job }}/*.yml" {% endfor %} - - ## TODO: temporary test - - job_name: 'ping' - metrics_path: /proxy - params: - module: - - blackbox - - icmp - scheme: https - tls_config: - ca_file: /etc/ssl/prometheus/ca-crt.pem - cert_file: /etc/ssl/prometheus/server/scrape-crt.pem - key_file: /etc/ssl/prometheus/server/scrape-key.pem - static_configs: - - targets: - - 62.99.185.129 - - 9.9.9.9 - relabel_configs: - - source_labels: [__address__] - target_label: __param_target - - source_labels: [__param_target] - target_label: instance - - target_label: __address__ - replacement: 192.168.32.230:9999 - - - job_name: 'https' - metrics_path: /proxy - params: - module: - - blackbox - - http_tls_2xx - scheme: https - tls_config: - ca_file: /etc/ssl/prometheus/ca-crt.pem - cert_file: /etc/ssl/prometheus/server/scrape-crt.pem - key_file: /etc/ssl/prometheus/server/scrape-key.pem - static_configs: - - targets: - - web.chaos-at-home.org - relabel_configs: - - source_labels: [__address__] - target_label: __param_target - - source_labels: [__param_target] - target_label: instance - - target_label: __address__ - replacement: 192.168.32.230:9999 - - - job_name: 'ssh' - metrics_path: /proxy - params: - module: - - blackbox - - ssh_banner - scheme: https - tls_config: - ca_file: /etc/ssl/prometheus/ca-crt.pem - cert_file: /etc/ssl/prometheus/server/scrape-crt.pem - key_file: /etc/ssl/prometheus/server/scrape-key.pem - static_configs: - - targets: - - 192.168.32.230:222 - relabel_configs: - - source_labels: [__address__] - target_label: __param_target - - target_label: instance - replacement: 'ch-mon' - - target_label: __address__ - replacement: 192.168.32.230:9999 +{% if prometheus_server_jobs_extra is defined %} + {{ prometheus_server_jobs_extra | indent(2) }} +{% endif %} -- cgit v1.2.3