configure blackbox exporter

This commit is contained in:
histausse 2021-10-09 15:28:11 +02:00
parent 5c4c90e501
commit 54ee9ac823
Signed by: histausse
GPG key ID: 67486F107F62E9E9
4 changed files with 44 additions and 6 deletions

View file

@ -12,3 +12,12 @@ modules:
prober: tcp prober: tcp
icmp: icmp:
prober: icmp prober: icmp
internal_tls_connect:
prober: tcp
timeout: 10s
tcp:
tls: true
tls_config:
ca_file: '/etc/prometheus/ca.crt'
cert_file: '/etc/prometheus/blackbox-{{ lan_address }}.crt'
key_file: '/etc/prometheus/blackbox-{{ lan_address }}.key'

View file

@ -119,7 +119,7 @@ groups:
severity: warning severity: warning
- alert: UncorrectableErrorDetected - alert: UncorrectableErrorDetected
expr: increase(node_edac_csrow_uncorrectable_errors_total[1m]) > 0 expr: increase(node_edac_uncorrectable_errors_total[1m]) > 0
for: 0m for: 0m
annotations: annotations:
title: 'Memory errors could not be corrected' title: 'Memory errors could not be corrected'

View file

@ -101,14 +101,14 @@
block: block:
- name: Add the node to the targets - name: Add the node to the targets
set_fact: set_fact:
new_server_target: "[{{ server_target[0] | combine({'targets': [lan_address + '/' + ansible_facts['nodename']]}, list_merge='append_rp') }}]" new_server_target: "[{{ server_target[0] | combine({'targets': [lan_address + '|' + ansible_facts['nodename']]}, list_merge='append_rp') }}]"
- name: Put the new target list - name: Put the new target list
copy: copy:
content: "{{ new_server_target | to_nice_json }}" content: "{{ new_server_target | to_nice_json }}"
dest: /etc/prometheus/node-targets.json dest: /etc/prometheus/node-targets.json
delegate_to: "{{ appointed_prometheus_server }}" delegate_to: "{{ appointed_prometheus_server }}"
when: (lan_address + '/' + ansible_facts['nodename']) not in server_target.0.targets when: (lan_address + '|' + ansible_facts['nodename']) not in server_target.0.targets
- name: Add alert rules for node on the prometheus server - name: Add alert rules for node on the prometheus server
copy: copy:

View file

@ -52,11 +52,11 @@ scrape_configs:
target_label: __param_target target_label: __param_target
- source_labels: [__param_target] - source_labels: [__param_target]
target_label: instance target_label: instance
regex: '.*/(.*)' regex: '.*\|(.*)'
replacement: '$1' replacement: '$1'
- source_labels: [__param_target] - source_labels: [__param_target]
target_label: __address__ target_label: __address__
regex: '(.*)/.*' regex: '(.*)\|.*'
replacement: '$1:9100' replacement: '$1:9100'
scheme: https scheme: https
tls_config: tls_config:
@ -64,7 +64,7 @@ scrape_configs:
cert_file: '/etc/prometheus/prometheus-{{ lan_address }}.crt' cert_file: '/etc/prometheus/prometheus-{{ lan_address }}.crt'
key_file: '/etc/prometheus/prometheus-{{ lan_address }}.key' key_file: '/etc/prometheus/prometheus-{{ lan_address }}.key'
{% for target_type in ('https-internal', 'http-external-up', 'http-external-down') %} {% for target_type in ('http-external-up', 'http-external-down') %}
- job_name: blackbox {{ target_type }} - job_name: blackbox {{ target_type }}
metrics_path: /probe metrics_path: /probe
params: params:
@ -86,3 +86,32 @@ scrape_configs:
key_file: '/etc/prometheus/prometheus-{{ lan_address }}.key' key_file: '/etc/prometheus/prometheus-{{ lan_address }}.key'
{% endfor %} {% endfor %}
- job_name: blackbox internal tls
metrics_path: /probe
params:
module: [internal_tls_connect]
file_sd_configs:
- files:
- '/etc/prometheus/targets/blackbox-tls-internal-targets.json'
relabel_configs:
- source_labels: [__address__]
target_label: __tmp_address
- source_labels: [__tmp_address]
target_label: __param_target
regex: '(.*)\|.*\|.*'
replacement: '$1'
- source_labels: [__tmp_address]
target_label: cname
regex: '.*\|(.*)\|.*'
replacement: '$1'
- source_labels: [__tmp_address]
target_label: instance
regex: '.*\|.*\|(.*)'
replacement: '$1'
- target_label: __address__
replacement: 172.20.1.1:9115
scheme: https
tls_config:
ca_file: '/etc/prometheus/ca.crt'
cert_file: '/etc/prometheus/prometheus-172.20.1.1.crt'
key_file: '/etc/prometheus/prometheus-172.20.1.1.key'