register correctly the endpoints to moniroring (when possible)
This commit is contained in:
parent
54ee9ac823
commit
5f69245b17
11 changed files with 192 additions and 46 deletions
|
@ -57,6 +57,12 @@
|
|||
subject_alt_name: "IP:{{ lan_address }}"
|
||||
# Need an equivalent to notify here
|
||||
|
||||
## THIS CERT CANNOT BE MONITORED BECAUSE IT IS A CLIENT CERT :'(
|
||||
#- name: Ensured the certificate is monitored
|
||||
# import_tasks: register-cert-to-monitoring.yml
|
||||
# vars:
|
||||
# target: "{{ lan_address }}:<PORT>|grafana-{{ lan_address }}|{{ ansible_facts['nodename'] }}"
|
||||
|
||||
- name: Add Prometheus data source
|
||||
template:
|
||||
src: prometheus_datasource.yaml
|
||||
|
|
23
roles/grafana/tasks/register-cert-to-monitoring.yml
Normal file
23
roles/grafana/tasks/register-cert-to-monitoring.yml
Normal file
|
@ -0,0 +1,23 @@
|
|||
---
|
||||
- name: Get the list of targets of the server
|
||||
slurp:
|
||||
src: /etc/prometheus/targets/blackbox-tls-internal-targets.json
|
||||
register: server_tls_targets_file
|
||||
delegate_to: "{{ appointed_prometheus_server }}"
|
||||
|
||||
- name: Set target variable from file
|
||||
set_fact:
|
||||
server_tls_targets: "{{ server_tls_targets_file['content'] | b64decode | from_json }}"
|
||||
|
||||
- name: Register the endpoint to the prometheus server
|
||||
block:
|
||||
- name: Add the target
|
||||
set_fact:
|
||||
new_server_tls_targets: "[{{ server_tls_targets[0] | combine({'targets': [target]}, list_merge='append_rp') }}]"
|
||||
|
||||
- name: Put the new target list
|
||||
copy:
|
||||
content: "{{ new_server_tls_targets | to_nice_json }}"
|
||||
dest: /etc/prometheus/targets/blackbox-tls-internal-targets.json
|
||||
delegate_to: "{{ appointed_prometheus_server }}"
|
||||
when: target not in server_tls_targets.0.targets
|
|
@ -37,6 +37,12 @@
|
|||
notify: Restart kassandra
|
||||
no_log: true
|
||||
|
||||
- name: Copy the CA cert
|
||||
copy:
|
||||
content: "{{ ca_cert }}"
|
||||
dest: /opt/kassandra/ca.crt
|
||||
notify: Restart kassandra
|
||||
|
||||
- name: Generate certificate
|
||||
include_role:
|
||||
name: generate-cert
|
||||
|
@ -49,11 +55,10 @@
|
|||
subject_alt_name: "IP:{{ lan_address }}"
|
||||
# Need an equivalent to notify here
|
||||
|
||||
- name: Copy the CA cert
|
||||
copy:
|
||||
content: "{{ ca_cert }}"
|
||||
dest: /opt/kassandra/ca.crt
|
||||
notify: Restart kassandra
|
||||
- name: Ensured the certificate is monitored
|
||||
import_tasks: register-cert-to-monitoring.yml
|
||||
vars:
|
||||
target: "{{ lan_address }}:8000|kassandra-{{ lan_address }}|{{ ansible_facts['nodename'] }}"
|
||||
|
||||
- name: Copy the daemon configuration
|
||||
template:
|
||||
|
|
|
@ -42,6 +42,11 @@
|
|||
subject_alt_name: "IP:{{ lan_address }}"
|
||||
# Need an equivalent to notify here
|
||||
|
||||
- name: Ensured the certificate is monitored
|
||||
import_tasks: register-cert-to-monitoring.yml
|
||||
vars:
|
||||
target: "{{ lan_address }}:9093|alertmanager-{{ lan_address }}|{{ ansible_facts['nodename'] }}"
|
||||
|
||||
- name: Setup the alertmanager config
|
||||
template:
|
||||
src: alertmanager.yml
|
||||
|
|
|
@ -0,0 +1,23 @@
|
|||
---
|
||||
- name: Get the list of targets of the server
|
||||
slurp:
|
||||
src: /etc/prometheus/targets/blackbox-tls-internal-targets.json
|
||||
register: server_tls_targets_file
|
||||
delegate_to: "{{ appointed_prometheus_server }}"
|
||||
|
||||
- name: Set target variable from file
|
||||
set_fact:
|
||||
server_tls_targets: "{{ server_tls_targets_file['content'] | b64decode | from_json }}"
|
||||
|
||||
- name: Register the endpoint to the prometheus server
|
||||
block:
|
||||
- name: Add the target
|
||||
set_fact:
|
||||
new_server_tls_targets: "[{{ server_tls_targets[0] | combine({'targets': [target]}, list_merge='append_rp') }}]"
|
||||
|
||||
- name: Put the new target list
|
||||
copy:
|
||||
content: "{{ new_server_tls_targets | to_nice_json }}"
|
||||
dest: /etc/prometheus/targets/blackbox-tls-internal-targets.json
|
||||
delegate_to: "{{ appointed_prometheus_server }}"
|
||||
when: target not in server_tls_targets.0.targets
|
|
@ -9,6 +9,14 @@
|
|||
retries: 3
|
||||
until: apt_result is succeeded
|
||||
|
||||
- name: Copy the CA cert
|
||||
copy:
|
||||
content: "{{ ca_cert }}"
|
||||
dest: /etc/prometheus/ca.crt
|
||||
notify:
|
||||
- Restart blackbox-exporter
|
||||
- Reload nginx
|
||||
|
||||
- name: Generate certificate
|
||||
include_role:
|
||||
name: generate-cert
|
||||
|
@ -21,13 +29,10 @@
|
|||
subject_alt_name: "IP:{{ lan_address }}"
|
||||
# Need an equivalent to notify here
|
||||
|
||||
- name: Copy the CA cert
|
||||
copy:
|
||||
content: "{{ ca_cert }}"
|
||||
dest: /etc/prometheus/ca.crt
|
||||
notify:
|
||||
- Restart blackbox-exporter
|
||||
- Reload nginx
|
||||
- name: Ensured the certificate is monitored
|
||||
import_tasks: register-cert-to-monitoring.yml
|
||||
vars:
|
||||
target: "{{ lan_address }}:9115|blackbox-{{ lan_address }}|{{ ansible_facts['nodename'] }}"
|
||||
|
||||
- name: Setup the blackbox config
|
||||
template:
|
||||
|
|
|
@ -0,0 +1,23 @@
|
|||
---
|
||||
- name: Get the list of targets of the server
|
||||
slurp:
|
||||
src: /etc/prometheus/targets/blackbox-tls-internal-targets.json
|
||||
register: server_tls_targets_file
|
||||
delegate_to: "{{ appointed_prometheus_server }}"
|
||||
|
||||
- name: Set target variable from file
|
||||
set_fact:
|
||||
server_tls_targets: "{{ server_tls_targets_file['content'] | b64decode | from_json }}"
|
||||
|
||||
- name: Register the endpoint to the prometheus server
|
||||
block:
|
||||
- name: Add the target
|
||||
set_fact:
|
||||
new_server_tls_targets: "[{{ server_tls_targets[0] | combine({'targets': [target]}, list_merge='append_rp') }}]"
|
||||
|
||||
- name: Put the new target list
|
||||
copy:
|
||||
content: "{{ new_server_tls_targets | to_nice_json }}"
|
||||
dest: /etc/prometheus/targets/blackbox-tls-internal-targets.json
|
||||
delegate_to: "{{ appointed_prometheus_server }}"
|
||||
when: target not in server_tls_targets.0.targets
|
|
@ -52,6 +52,12 @@
|
|||
mode: u=rw,g=r,o=r
|
||||
notify: Restart prometheus-node-exporter
|
||||
|
||||
- name: Copy the CA cert
|
||||
copy:
|
||||
content: "{{ ca_cert }}"
|
||||
dest: /etc/node_exporter/ca.crt
|
||||
notify: Restart prometheus-node-exporter
|
||||
|
||||
- name: Generate certificate
|
||||
include_role:
|
||||
name: generate-cert
|
||||
|
@ -64,11 +70,10 @@
|
|||
subject_alt_name: "IP:{{ lan_address }}"
|
||||
# Need an equivalent to notify here
|
||||
|
||||
- name: Copy the CA cert
|
||||
copy:
|
||||
content: "{{ ca_cert }}"
|
||||
dest: /etc/node_exporter/ca.crt
|
||||
notify: Restart prometheus-node-exporter
|
||||
- name: Ensured the certificate is monitored
|
||||
import_tasks: register-cert-to-monitoring.yml
|
||||
vars:
|
||||
target: "{{ lan_address }}:9100|node-exp-{{ lan_address }}|{{ ansible_facts['nodename'] }}"
|
||||
|
||||
- name: Setup the arguments for node-exporter
|
||||
template:
|
||||
|
@ -85,30 +90,30 @@
|
|||
- name: web.config
|
||||
value: /etc/node_exporter/config.yaml
|
||||
|
||||
# Add the node to the server targets
|
||||
|
||||
- name: Add the node to the server targets
|
||||
block:
|
||||
- name: Get the list of targets of the server
|
||||
slurp:
|
||||
src: /etc/prometheus/targets/node-targets.json
|
||||
register: server_target_file
|
||||
register: server_node_target_file
|
||||
delegate_to: "{{ appointed_prometheus_server }}"
|
||||
|
||||
- name: Set target variable
|
||||
set_fact:
|
||||
server_target: "{{ server_target_file['content'] | b64decode | from_json }}"
|
||||
server_node_target: "{{ server_node_target_file['content'] | b64decode | from_json }}"
|
||||
|
||||
- name: Register the node to the prometheus server
|
||||
block:
|
||||
- name: Add the node to the targets
|
||||
set_fact:
|
||||
new_server_target: "[{{ server_target[0] | combine({'targets': [lan_address + '|' + ansible_facts['nodename']]}, list_merge='append_rp') }}]"
|
||||
new_server_node_target: "[{{ server_node_target[0] | combine({'targets': [lan_address + '|' + ansible_facts['nodename']]}, list_merge='append_rp') }}]"
|
||||
|
||||
- name: Put the new target list
|
||||
copy:
|
||||
content: "{{ new_server_target | to_nice_json }}"
|
||||
content: "{{ new_server_node_target | to_nice_json }}"
|
||||
dest: /etc/prometheus/node-targets.json
|
||||
delegate_to: "{{ appointed_prometheus_server }}"
|
||||
when: (lan_address + '|' + ansible_facts['nodename']) not in server_target.0.targets
|
||||
when: (lan_address + '|' + ansible_facts['nodename']) not in server_node_target.0.targets
|
||||
|
||||
- name: Add alert rules for node on the prometheus server
|
||||
copy:
|
||||
|
|
|
@ -0,0 +1,23 @@
|
|||
---
|
||||
- name: Get the list of targets of the server
|
||||
slurp:
|
||||
src: /etc/prometheus/targets/blackbox-tls-internal-targets.json
|
||||
register: server_tls_targets_file
|
||||
delegate_to: "{{ appointed_prometheus_server }}"
|
||||
|
||||
- name: Set target variable from file
|
||||
set_fact:
|
||||
server_tls_targets: "{{ server_tls_targets_file['content'] | b64decode | from_json }}"
|
||||
|
||||
- name: Register the endpoint to the prometheus server
|
||||
block:
|
||||
- name: Add the target
|
||||
set_fact:
|
||||
new_server_tls_targets: "[{{ server_tls_targets[0] | combine({'targets': [target]}, list_merge='append_rp') }}]"
|
||||
|
||||
- name: Put the new target list
|
||||
copy:
|
||||
content: "{{ new_server_tls_targets | to_nice_json }}"
|
||||
dest: /etc/prometheus/targets/blackbox-tls-internal-targets.json
|
||||
delegate_to: "{{ appointed_prometheus_server }}"
|
||||
when: target not in server_tls_targets.0.targets
|
|
@ -26,6 +26,14 @@
|
|||
owner: prometheus
|
||||
mode: u=rwx,g=rx,o=rx
|
||||
|
||||
- name: Copy the CA cert
|
||||
copy:
|
||||
content: "{{ ca_cert }}"
|
||||
dest: /etc/prometheus/ca.crt
|
||||
notify:
|
||||
- Restart prometheus
|
||||
- Reload nginx
|
||||
|
||||
- name: Generate certificate
|
||||
include_role:
|
||||
name: generate-cert
|
||||
|
@ -38,13 +46,10 @@
|
|||
subject_alt_name: "IP:{{ lan_address }}"
|
||||
# Need an equivalent to notify here
|
||||
|
||||
- name: Copy the CA cert
|
||||
copy:
|
||||
content: "{{ ca_cert }}"
|
||||
dest: /etc/prometheus/ca.crt
|
||||
notify:
|
||||
- Restart prometheus
|
||||
- Reload nginx
|
||||
- name: Ensured the certificate is monitored
|
||||
import_tasks: register-cert-to-monitoring.yml
|
||||
vars:
|
||||
target: "{{ lan_address }}:9090|prometheus-{{ lan_address }}|{{ ansible_facts['nodename'] }}"
|
||||
|
||||
- name: Setup the prometheus config
|
||||
template:
|
||||
|
|
23
roles/prometheus/tasks/register-cert-to-monitoring.yml
Normal file
23
roles/prometheus/tasks/register-cert-to-monitoring.yml
Normal file
|
@ -0,0 +1,23 @@
|
|||
---
|
||||
- name: Get the list of targets of the server
|
||||
slurp:
|
||||
src: /etc/prometheus/targets/blackbox-tls-internal-targets.json
|
||||
register: server_tls_targets_file
|
||||
delegate_to: "{{ appointed_prometheus_server }}"
|
||||
|
||||
- name: Set target variable from file
|
||||
set_fact:
|
||||
server_tls_targets: "{{ server_tls_targets_file['content'] | b64decode | from_json }}"
|
||||
|
||||
- name: Register the endpoint to the prometheus server
|
||||
block:
|
||||
- name: Add the target
|
||||
set_fact:
|
||||
new_server_tls_targets: "[{{ server_tls_targets[0] | combine({'targets': [target]}, list_merge='append_rp') }}]"
|
||||
|
||||
- name: Put the new target list
|
||||
copy:
|
||||
content: "{{ new_server_tls_targets | to_nice_json }}"
|
||||
dest: /etc/prometheus/targets/blackbox-tls-internal-targets.json
|
||||
delegate_to: "{{ appointed_prometheus_server }}"
|
||||
when: target not in server_tls_targets.0.targets
|
Loading…
Reference in a new issue