Browse Source

configure blackbox exporter

monitoring
histausse 12 months ago
parent
commit
54ee9ac823
Signed by: histausse
GPG Key ID: 67486F107F62E9E9
  1. 9
      roles/prometheus-blackbox-exporter/templates/blackbox.yml
  2. 2
      roles/prometheus-node-exporter/files/alerts-node.yml
  3. 4
      roles/prometheus-node-exporter/tasks/main.yml
  4. 35
      roles/prometheus/templates/prometheus.yml

9
roles/prometheus-blackbox-exporter/templates/blackbox.yml

@ -12,3 +12,12 @@ modules:
prober: tcp
icmp:
prober: icmp
internal_tls_connect:
prober: tcp
timeout: 10s
tcp:
tls: true
tls_config:
ca_file: '/etc/prometheus/ca.crt'
cert_file: '/etc/prometheus/blackbox-{{ lan_address }}.crt'
key_file: '/etc/prometheus/blackbox-{{ lan_address }}.key'

2
roles/prometheus-node-exporter/files/alerts-node.yml

@ -119,7 +119,7 @@ groups:
severity: warning
- alert: UncorrectableErrorDetected
expr: increase(node_edac_csrow_uncorrectable_errors_total[1m]) > 0
expr: increase(node_edac_uncorrectable_errors_total[1m]) > 0
for: 0m
annotations:
title: 'Memory errors could not be corrected'

4
roles/prometheus-node-exporter/tasks/main.yml

@ -101,14 +101,14 @@
block:
- name: Add the node to the targets
set_fact:
new_server_target: "[{{ server_target[0] | combine({'targets': [lan_address + '/' + ansible_facts['nodename']]}, list_merge='append_rp') }}]"
new_server_target: "[{{ server_target[0] | combine({'targets': [lan_address + '|' + ansible_facts['nodename']]}, list_merge='append_rp') }}]"
- name: Put the new target list
copy:
content: "{{ new_server_target | to_nice_json }}"
dest: /etc/prometheus/node-targets.json
delegate_to: "{{ appointed_prometheus_server }}"
when: (lan_address + '/' + ansible_facts['nodename']) not in server_target.0.targets
when: (lan_address + '|' + ansible_facts['nodename']) not in server_target.0.targets
- name: Add alert rules for node on the prometheus server
copy:

35
roles/prometheus/templates/prometheus.yml

@ -52,11 +52,11 @@ scrape_configs:
target_label: __param_target
- source_labels: [__param_target]
target_label: instance
regex: '.*/(.*)'
regex: '.*\|(.*)'
replacement: '$1'
- source_labels: [__param_target]
target_label: __address__
regex: '(.*)/.*'
regex: '(.*)\|.*'
replacement: '$1:9100'
scheme: https
tls_config:
@ -64,7 +64,7 @@ scrape_configs:
cert_file: '/etc/prometheus/prometheus-{{ lan_address }}.crt'
key_file: '/etc/prometheus/prometheus-{{ lan_address }}.key'
{% for target_type in ('https-internal', 'http-external-up', 'http-external-down') %}
{% for target_type in ('http-external-up', 'http-external-down') %}
- job_name: blackbox {{ target_type }}
metrics_path: /probe
params:
@ -86,3 +86,32 @@ scrape_configs:
key_file: '/etc/prometheus/prometheus-{{ lan_address }}.key'
{% endfor %}
- job_name: blackbox internal tls
metrics_path: /probe
params:
module: [internal_tls_connect]
file_sd_configs:
- files:
- '/etc/prometheus/targets/blackbox-tls-internal-targets.json'
relabel_configs:
- source_labels: [__address__]
target_label: __tmp_address
- source_labels: [__tmp_address]
target_label: __param_target
regex: '(.*)\|.*\|.*'
replacement: '$1'
- source_labels: [__tmp_address]
target_label: cname
regex: '.*\|(.*)\|.*'
replacement: '$1'
- source_labels: [__tmp_address]
target_label: instance
regex: '.*\|.*\|(.*)'
replacement: '$1'
- target_label: __address__
replacement: 172.20.1.1:9115
scheme: https
tls_config:
ca_file: '/etc/prometheus/ca.crt'
cert_file: '/etc/prometheus/prometheus-172.20.1.1.crt'
key_file: '/etc/prometheus/prometheus-172.20.1.1.key'

Loading…
Cancel
Save