From 6645af20158b84888b97ac03484a98579ed17cfb Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Thu, 18 May 2023 17:36:05 +0200 Subject: prometheus: add modbus exporter --- roles/monitoring/prometheus/exporter/meta/main.yml | 2 + .../prometheus/exporter/modbus/defaults/main.yml | 28 +++++++++++ .../prometheus/exporter/modbus/handlers/main.yml | 15 ++++++ .../prometheus/exporter/modbus/tasks/main.yml | 58 ++++++++++++++++++++++ .../exporter/modbus/templates/config.yml.j2 | 4 ++ .../exporter/modbus/templates/service.j2 | 31 ++++++++++++ .../register/templates/modbus/probe.yml.j2 | 9 ++++ .../prometheus/server/defaults/main/main.yml | 2 + .../server/defaults/main/rules_modbus.yml | 3 ++ .../server/defaults/main/rules_modbus__probe.yml | 3 ++ .../prometheus/server/defaults/main/rules_node.yml | 2 +- 11 files changed, 156 insertions(+), 1 deletion(-) create mode 100644 roles/monitoring/prometheus/exporter/modbus/defaults/main.yml create mode 100644 roles/monitoring/prometheus/exporter/modbus/handlers/main.yml create mode 100644 roles/monitoring/prometheus/exporter/modbus/tasks/main.yml create mode 100644 roles/monitoring/prometheus/exporter/modbus/templates/config.yml.j2 create mode 100644 roles/monitoring/prometheus/exporter/modbus/templates/service.j2 create mode 100644 roles/monitoring/prometheus/exporter/register/templates/modbus/probe.yml.j2 create mode 100644 roles/monitoring/prometheus/server/defaults/main/rules_modbus.yml create mode 100644 roles/monitoring/prometheus/server/defaults/main/rules_modbus__probe.yml (limited to 'roles') diff --git a/roles/monitoring/prometheus/exporter/meta/main.yml b/roles/monitoring/prometheus/exporter/meta/main.yml index 167f4a96..4a427770 100644 --- a/roles/monitoring/prometheus/exporter/meta/main.yml +++ b/roles/monitoring/prometheus/exporter/meta/main.yml @@ -21,4 +21,6 @@ dependencies: when: "'snmp' in (prometheus_exporters_default | union(prometheus_exporters_extra))" - role: monitoring/prometheus/exporter/standalone-kubelet when: "'standalone-kubelet' in (prometheus_exporters_default | union(prometheus_exporters_extra))" + - role: monitoring/prometheus/exporter/modbus + when: "'modbus' in (prometheus_exporters_default | union(prometheus_exporters_extra))" - role: monitoring/prometheus/exporter/register diff --git a/roles/monitoring/prometheus/exporter/modbus/defaults/main.yml b/roles/monitoring/prometheus/exporter/modbus/defaults/main.yml new file mode 100644 index 00000000..0c72d08c --- /dev/null +++ b/roles/monitoring/prometheus/exporter/modbus/defaults/main.yml @@ -0,0 +1,28 @@ +--- +# prometheus_exporter_modbus_version: + +# prometheus_exporter_modbus_modules: +# - name: "fake" +# protocol: 'tcp/ip' +# metrics: +# - name: "power_consumption_total" +# help: "represents the overall power consumption by phase" +# labels: +# phase: "1" +# address: 300022 +# dataType: int16 +# endianness: big +# metricType: counter +# factor: 3.1415926535 +# - name: "some_gauge" +# help: "some help for some gauge" +# address: 30023 +# dataType: int16 +# metricType: gauge +# factor: 2 +# - name: "coil" +# help: "some help for some coil" +# address: 124 +# dataType: bool +# bitOffset: 0 +# metricType: gauge diff --git a/roles/monitoring/prometheus/exporter/modbus/handlers/main.yml b/roles/monitoring/prometheus/exporter/modbus/handlers/main.yml new file mode 100644 index 00000000..c47c8de8 --- /dev/null +++ b/roles/monitoring/prometheus/exporter/modbus/handlers/main.yml @@ -0,0 +1,15 @@ +--- +- name: restart prometheus-modbus-exporter + service: + name: prometheus-modbus-exporter + state: restarted + +- name: reload prometheus-modbus-exporter + service: + name: prometheus-modbus-exporter + state: reloaded + +- name: reload nginx + service: + name: nginx + state: reloaded diff --git a/roles/monitoring/prometheus/exporter/modbus/tasks/main.yml b/roles/monitoring/prometheus/exporter/modbus/tasks/main.yml new file mode 100644 index 00000000..1dbd8b27 --- /dev/null +++ b/roles/monitoring/prometheus/exporter/modbus/tasks/main.yml @@ -0,0 +1,58 @@ +--- +- name: generate apt pin file for exporter-modbus package + when: prometheus_exporter_modbus_version is defined + copy: + dest: "/etc/apt/preferences.d/prom-exporter-modbus.pref" + content: | + Package: prom-exporter-modbus + Pin: version {{ prometheus_exporter_modbus_version }}-1 + Pin-Priority: 1001 + +- name: remove apt pin file for exporter-modbus package + when: prometheus_exporter_modbus_version is not defined + file: + path: "/etc/apt/preferences.d/prom-exporter-modbus.pref" + state: absent + +- name: install apt packages + apt: + name: "prom-exporter-modbus{% if prometheus_exporter_modbus_version is defined %}={{ prometheus_exporter_modbus_version }}-1{% endif %}" + state: present + allow_downgrade: yes + notify: restart prometheus-modbus-exporter + +- name: create config directory + file: + path: /etc/prometheus/exporter/modbus + state: directory + +- name: generate configuration + template: + src: config.yml.j2 + dest: /etc/prometheus/exporter/modbus/config.yml + notify: reload prometheus-modbus-exporter + +- name: generate systemd service unit + template: + src: service.j2 + dest: /etc/systemd/system/prometheus-modbus-exporter.service + notify: restart prometheus-modbus-exporter + +- name: make sure prometheus-modbus-exporter is enabled and started + systemd: + name: prometheus-modbus-exporter.service + daemon_reload: yes + state: started + enabled: yes + +- name: register exporter + copy: + content: | + location = /modbus { + proxy_pass http://127.0.0.1:9602/metrics; + } + location = /modbus/probe { + proxy_pass http://127.0.0.1:9602/modbus; + } + dest: /etc/prometheus/exporter/modbus.locations + notify: reload nginx diff --git a/roles/monitoring/prometheus/exporter/modbus/templates/config.yml.j2 b/roles/monitoring/prometheus/exporter/modbus/templates/config.yml.j2 new file mode 100644 index 00000000..b4d3f5ce --- /dev/null +++ b/roles/monitoring/prometheus/exporter/modbus/templates/config.yml.j2 @@ -0,0 +1,4 @@ +# {{ ansible_managed }} + +modules: + {{ prometheus_exporter_modbus_modules | to_nice_yaml(indent=2) | indent(2) }} diff --git a/roles/monitoring/prometheus/exporter/modbus/templates/service.j2 b/roles/monitoring/prometheus/exporter/modbus/templates/service.j2 new file mode 100644 index 00000000..242502a4 --- /dev/null +++ b/roles/monitoring/prometheus/exporter/modbus/templates/service.j2 @@ -0,0 +1,31 @@ +[Unit] +Description=Prometheus modbus exporter + +[Service] +Restart=always +User=prometheus-exporter +ExecStart=/usr/bin/prometheus-modbus-exporter --web.listen-address="127.0.0.1:9602" --config.file=/etc/prometheus/exporter/modbus/config.yml +ExecReload=/bin/kill -HUP $MAINPID + +# systemd hardening-options +AmbientCapabilities= +CapabilityBoundingSet= +DeviceAllow=/dev/null rw +DevicePolicy=strict +LockPersonality=true +MemoryDenyWriteExecute=true +NoNewPrivileges=true +PrivateDevices=true +PrivateTmp=true +ProtectControlGroups=true +ProtectHome=true +ProtectKernelModules=true +ProtectKernelTunables=true +ProtectSystem=strict +RemoveIPC=true +RestrictNamespaces=true +RestrictRealtime=true +SystemCallArchitectures=native + +[Install] +WantedBy=multi-user.target diff --git a/roles/monitoring/prometheus/exporter/register/templates/modbus/probe.yml.j2 b/roles/monitoring/prometheus/exporter/register/templates/modbus/probe.yml.j2 new file mode 100644 index 00000000..5d51398a --- /dev/null +++ b/roles/monitoring/prometheus/exporter/register/templates/modbus/probe.yml.j2 @@ -0,0 +1,9 @@ +- targets: [ '{{ (target.exporter_hostname == prometheus_server) | ternary('127.0.0.1:9999', hostvars[target.exporter_hostname].prometheus_scrape_endpoint) }}' ] + labels: + instance: '{{ target.instance }}' + __param_target: '{{ target.config.target }}' + __param_sub_target: '{{ target.config.sub_target }}' + __param_module: '{{ target.config.module }}' +{% for name, value in prometheus_target_labels.items() %} + {{ name }}: '{{ value }}' +{% endfor %} diff --git a/roles/monitoring/prometheus/server/defaults/main/main.yml b/roles/monitoring/prometheus/server/defaults/main/main.yml index 1550384a..d778bad8 100644 --- a/roles/monitoring/prometheus/server/defaults/main/main.yml +++ b/roles/monitoring/prometheus/server/defaults/main/main.yml @@ -35,6 +35,8 @@ prometheus_server_rules: snmp: "{{ prometheus_server_rules_snmp + prometheus_server_rules_snmp_extra }}" snmp/probe: "{{ prometheus_server_rules_snmp__probe + prometheus_server_rules_snmp__probe_extra }}" standalone-kubelet: "{{ prometheus_server_rules_standalone_kubelet + prometheus_server_rules_standalone_kubelet_extra }}" + modbus: "{{ prometheus_server_rules_modbus + prometheus_server_rules_modbus_extra }}" + modbus/probe: "{{ prometheus_server_rules_modbus__probe + prometheus_server_rules_modbus__probe_extra }}" # prometheus_server_alertmanager: # url: "127.0.0.1:9093" diff --git a/roles/monitoring/prometheus/server/defaults/main/rules_modbus.yml b/roles/monitoring/prometheus/server/defaults/main/rules_modbus.yml new file mode 100644 index 00000000..a6c90e23 --- /dev/null +++ b/roles/monitoring/prometheus/server/defaults/main/rules_modbus.yml @@ -0,0 +1,3 @@ +--- +prometheus_server_rules_modbus_extra: [] +prometheus_server_rules_modbus: [] diff --git a/roles/monitoring/prometheus/server/defaults/main/rules_modbus__probe.yml b/roles/monitoring/prometheus/server/defaults/main/rules_modbus__probe.yml new file mode 100644 index 00000000..b0f29333 --- /dev/null +++ b/roles/monitoring/prometheus/server/defaults/main/rules_modbus__probe.yml @@ -0,0 +1,3 @@ +--- +prometheus_server_rules_modbus__probe_extra: [] +prometheus_server_rules_modbus__probe: [] diff --git a/roles/monitoring/prometheus/server/defaults/main/rules_node.yml b/roles/monitoring/prometheus/server/defaults/main/rules_node.yml index adac7334..2366221d 100644 --- a/roles/monitoring/prometheus/server/defaults/main/rules_node.yml +++ b/roles/monitoring/prometheus/server/defaults/main/rules_node.yml @@ -93,7 +93,7 @@ prometheus_server_rules_node: - alert: HostHighCpuLoad expr: 100 - (avg by(instance) (rate(node_cpu_seconds_total{mode="idle"}[2m])) * 100) > 80 - for: 10m + for: 15m labels: severity: warning annotations: -- cgit v1.2.3