Browse Source

register correctly the endpoints to moniroring (when possible)

monitoring
histausse 12 months ago
parent
commit
5f69245b17
Signed by: histausse
GPG Key ID: 67486F107F62E9E9
  1. 6
      roles/grafana/tasks/main.yml
  2. 23
      roles/grafana/tasks/register-cert-to-monitoring.yml
  3. 15
      roles/prometheus-alert-manager/tasks/kassandra.yml
  4. 5
      roles/prometheus-alert-manager/tasks/main.yml
  5. 23
      roles/prometheus-alert-manager/tasks/register-cert-to-monitoring.yml
  6. 19
      roles/prometheus-blackbox-exporter/tasks/main.yml
  7. 23
      roles/prometheus-blackbox-exporter/tasks/register-cert-to-monitoring.yml
  8. 57
      roles/prometheus-node-exporter/tasks/main.yml
  9. 23
      roles/prometheus-node-exporter/tasks/register-cert-to-monitoring.yml
  10. 19
      roles/prometheus/tasks/main.yml
  11. 23
      roles/prometheus/tasks/register-cert-to-monitoring.yml

6
roles/grafana/tasks/main.yml

@ -57,6 +57,12 @@
subject_alt_name: "IP:{{ lan_address }}"
# Need an equivalent to notify here
## THIS CERT CANNOT BE MONITORED BECAUSE IT IS A CLIENT CERT :'(
#- name: Ensured the certificate is monitored
# import_tasks: register-cert-to-monitoring.yml
# vars:
# target: "{{ lan_address }}:<PORT>|grafana-{{ lan_address }}|{{ ansible_facts['nodename'] }}"
- name: Add Prometheus data source
template:
src: prometheus_datasource.yaml

23
roles/grafana/tasks/register-cert-to-monitoring.yml

@ -0,0 +1,23 @@
---
- name: Get the list of targets of the server
slurp:
src: /etc/prometheus/targets/blackbox-tls-internal-targets.json
register: server_tls_targets_file
delegate_to: "{{ appointed_prometheus_server }}"
- name: Set target variable from file
set_fact:
server_tls_targets: "{{ server_tls_targets_file['content'] | b64decode | from_json }}"
- name: Register the endpoint to the prometheus server
block:
- name: Add the target
set_fact:
new_server_tls_targets: "[{{ server_tls_targets[0] | combine({'targets': [target]}, list_merge='append_rp') }}]"
- name: Put the new target list
copy:
content: "{{ new_server_tls_targets | to_nice_json }}"
dest: /etc/prometheus/targets/blackbox-tls-internal-targets.json
delegate_to: "{{ appointed_prometheus_server }}"
when: target not in server_tls_targets.0.targets

15
roles/prometheus-alert-manager/tasks/kassandra.yml

@ -37,6 +37,12 @@
notify: Restart kassandra
no_log: true
- name: Copy the CA cert
copy:
content: "{{ ca_cert }}"
dest: /opt/kassandra/ca.crt
notify: Restart kassandra
- name: Generate certificate
include_role:
name: generate-cert
@ -49,11 +55,10 @@
subject_alt_name: "IP:{{ lan_address }}"
# Need an equivalent to notify here
- name: Copy the CA cert
copy:
content: "{{ ca_cert }}"
dest: /opt/kassandra/ca.crt
notify: Restart kassandra
- name: Ensured the certificate is monitored
import_tasks: register-cert-to-monitoring.yml
vars:
target: "{{ lan_address }}:8000|kassandra-{{ lan_address }}|{{ ansible_facts['nodename'] }}"
- name: Copy the daemon configuration
template:

5
roles/prometheus-alert-manager/tasks/main.yml

@ -42,6 +42,11 @@
subject_alt_name: "IP:{{ lan_address }}"
# Need an equivalent to notify here
- name: Ensured the certificate is monitored
import_tasks: register-cert-to-monitoring.yml
vars:
target: "{{ lan_address }}:9093|alertmanager-{{ lan_address }}|{{ ansible_facts['nodename'] }}"
- name: Setup the alertmanager config
template:
src: alertmanager.yml

23
roles/prometheus-alert-manager/tasks/register-cert-to-monitoring.yml

@ -0,0 +1,23 @@
---
- name: Get the list of targets of the server
slurp:
src: /etc/prometheus/targets/blackbox-tls-internal-targets.json
register: server_tls_targets_file
delegate_to: "{{ appointed_prometheus_server }}"
- name: Set target variable from file
set_fact:
server_tls_targets: "{{ server_tls_targets_file['content'] | b64decode | from_json }}"
- name: Register the endpoint to the prometheus server
block:
- name: Add the target
set_fact:
new_server_tls_targets: "[{{ server_tls_targets[0] | combine({'targets': [target]}, list_merge='append_rp') }}]"
- name: Put the new target list
copy:
content: "{{ new_server_tls_targets | to_nice_json }}"
dest: /etc/prometheus/targets/blackbox-tls-internal-targets.json
delegate_to: "{{ appointed_prometheus_server }}"
when: target not in server_tls_targets.0.targets

19
roles/prometheus-blackbox-exporter/tasks/main.yml

@ -9,6 +9,14 @@
retries: 3
until: apt_result is succeeded
- name: Copy the CA cert
copy:
content: "{{ ca_cert }}"
dest: /etc/prometheus/ca.crt
notify:
- Restart blackbox-exporter
- Reload nginx
- name: Generate certificate
include_role:
name: generate-cert
@ -21,13 +29,10 @@
subject_alt_name: "IP:{{ lan_address }}"
# Need an equivalent to notify here
- name: Copy the CA cert
copy:
content: "{{ ca_cert }}"
dest: /etc/prometheus/ca.crt
notify:
- Restart blackbox-exporter
- Reload nginx
- name: Ensured the certificate is monitored
import_tasks: register-cert-to-monitoring.yml
vars:
target: "{{ lan_address }}:9115|blackbox-{{ lan_address }}|{{ ansible_facts['nodename'] }}"
- name: Setup the blackbox config
template:

23
roles/prometheus-blackbox-exporter/tasks/register-cert-to-monitoring.yml

@ -0,0 +1,23 @@
---
- name: Get the list of targets of the server
slurp:
src: /etc/prometheus/targets/blackbox-tls-internal-targets.json
register: server_tls_targets_file
delegate_to: "{{ appointed_prometheus_server }}"
- name: Set target variable from file
set_fact:
server_tls_targets: "{{ server_tls_targets_file['content'] | b64decode | from_json }}"
- name: Register the endpoint to the prometheus server
block:
- name: Add the target
set_fact:
new_server_tls_targets: "[{{ server_tls_targets[0] | combine({'targets': [target]}, list_merge='append_rp') }}]"
- name: Put the new target list
copy:
content: "{{ new_server_tls_targets | to_nice_json }}"
dest: /etc/prometheus/targets/blackbox-tls-internal-targets.json
delegate_to: "{{ appointed_prometheus_server }}"
when: target not in server_tls_targets.0.targets

57
roles/prometheus-node-exporter/tasks/main.yml

@ -52,6 +52,12 @@
mode: u=rw,g=r,o=r
notify: Restart prometheus-node-exporter
- name: Copy the CA cert
copy:
content: "{{ ca_cert }}"
dest: /etc/node_exporter/ca.crt
notify: Restart prometheus-node-exporter
- name: Generate certificate
include_role:
name: generate-cert
@ -64,11 +70,10 @@
subject_alt_name: "IP:{{ lan_address }}"
# Need an equivalent to notify here
- name: Copy the CA cert
copy:
content: "{{ ca_cert }}"
dest: /etc/node_exporter/ca.crt
notify: Restart prometheus-node-exporter
- name: Ensured the certificate is monitored
import_tasks: register-cert-to-monitoring.yml
vars:
target: "{{ lan_address }}:9100|node-exp-{{ lan_address }}|{{ ansible_facts['nodename'] }}"
- name: Setup the arguments for node-exporter
template:
@ -85,30 +90,30 @@
- name: web.config
value: /etc/node_exporter/config.yaml
# Add the node to the server targets
- name: Get the list of targets of the server
slurp:
src: /etc/prometheus/targets/node-targets.json
register: server_target_file
delegate_to: "{{ appointed_prometheus_server }}"
- name: Set target variable
set_fact:
server_target: "{{ server_target_file['content'] | b64decode | from_json }}"
- name: Register the node to the prometheus server
- name: Add the node to the server targets
block:
- name: Add the node to the targets
- name: Get the list of targets of the server
slurp:
src: /etc/prometheus/targets/node-targets.json
register: server_node_target_file
delegate_to: "{{ appointed_prometheus_server }}"
- name: Set target variable
set_fact:
new_server_target: "[{{ server_target[0] | combine({'targets': [lan_address + '|' + ansible_facts['nodename']]}, list_merge='append_rp') }}]"
server_node_target: "{{ server_node_target_file['content'] | b64decode | from_json }}"
- name: Put the new target list
copy:
content: "{{ new_server_target | to_nice_json }}"
dest: /etc/prometheus/node-targets.json
delegate_to: "{{ appointed_prometheus_server }}"
when: (lan_address + '|' + ansible_facts['nodename']) not in server_target.0.targets
- name: Register the node to the prometheus server
block:
- name: Add the node to the targets
set_fact:
new_server_node_target: "[{{ server_node_target[0] | combine({'targets': [lan_address + '|' + ansible_facts['nodename']]}, list_merge='append_rp') }}]"
- name: Put the new target list
copy:
content: "{{ new_server_node_target | to_nice_json }}"
dest: /etc/prometheus/node-targets.json
delegate_to: "{{ appointed_prometheus_server }}"
when: (lan_address + '|' + ansible_facts['nodename']) not in server_node_target.0.targets
- name: Add alert rules for node on the prometheus server
copy:

23
roles/prometheus-node-exporter/tasks/register-cert-to-monitoring.yml

@ -0,0 +1,23 @@
---
- name: Get the list of targets of the server
slurp:
src: /etc/prometheus/targets/blackbox-tls-internal-targets.json
register: server_tls_targets_file
delegate_to: "{{ appointed_prometheus_server }}"
- name: Set target variable from file
set_fact:
server_tls_targets: "{{ server_tls_targets_file['content'] | b64decode | from_json }}"
- name: Register the endpoint to the prometheus server
block:
- name: Add the target
set_fact:
new_server_tls_targets: "[{{ server_tls_targets[0] | combine({'targets': [target]}, list_merge='append_rp') }}]"
- name: Put the new target list
copy:
content: "{{ new_server_tls_targets | to_nice_json }}"
dest: /etc/prometheus/targets/blackbox-tls-internal-targets.json
delegate_to: "{{ appointed_prometheus_server }}"
when: target not in server_tls_targets.0.targets

19
roles/prometheus/tasks/main.yml

@ -26,6 +26,14 @@
owner: prometheus
mode: u=rwx,g=rx,o=rx
- name: Copy the CA cert
copy:
content: "{{ ca_cert }}"
dest: /etc/prometheus/ca.crt
notify:
- Restart prometheus
- Reload nginx
- name: Generate certificate
include_role:
name: generate-cert
@ -38,13 +46,10 @@
subject_alt_name: "IP:{{ lan_address }}"
# Need an equivalent to notify here
- name: Copy the CA cert
copy:
content: "{{ ca_cert }}"
dest: /etc/prometheus/ca.crt
notify:
- Restart prometheus
- Reload nginx
- name: Ensured the certificate is monitored
import_tasks: register-cert-to-monitoring.yml
vars:
target: "{{ lan_address }}:9090|prometheus-{{ lan_address }}|{{ ansible_facts['nodename'] }}"
- name: Setup the prometheus config
template:

23
roles/prometheus/tasks/register-cert-to-monitoring.yml

@ -0,0 +1,23 @@
---
- name: Get the list of targets of the server
slurp:
src: /etc/prometheus/targets/blackbox-tls-internal-targets.json
register: server_tls_targets_file
delegate_to: "{{ appointed_prometheus_server }}"
- name: Set target variable from file
set_fact:
server_tls_targets: "{{ server_tls_targets_file['content'] | b64decode | from_json }}"
- name: Register the endpoint to the prometheus server
block:
- name: Add the target
set_fact:
new_server_tls_targets: "[{{ server_tls_targets[0] | combine({'targets': [target]}, list_merge='append_rp') }}]"
- name: Put the new target list
copy:
content: "{{ new_server_tls_targets | to_nice_json }}"
dest: /etc/prometheus/targets/blackbox-tls-internal-targets.json
delegate_to: "{{ appointed_prometheus_server }}"
when: target not in server_tls_targets.0.targets
Loading…
Cancel
Save