Failover VMs

This commit is contained in:
Alexandre Iooss 2019-11-01 15:38:35 +01:00
parent 6dec3ed0d1
commit ccbd7d3770
No known key found for this signature in database
GPG key ID: 6C79278F3FCDCC02
8 changed files with 113 additions and 92 deletions

View file

@ -1,12 +1,12 @@
---
# Put a common configuration on all servers
- hosts: all
- hosts: all,!unifi
roles:
- baseconfig
- basesecurity
# Plug LDAP on all servers
- hosts: all
- hosts: all,!unifi
roles:
- ldap-client

24
hosts
View file

@ -32,12 +32,18 @@ marki.adm.auro.re
[fleming_vm]
ldap-replica-fleming.adm.auro.re
ldap-replica-fleming-fo.adm.auro.re
dhcp-fleming.adm.auro.re
dhcp-fleming-fo.adm.auro.re
dns-fleming.adm.auro.re
dns-fleming-fo.adm.auro.re
prometheus-fleming.adm.auro.re
prometheus-fleming-fo.adm.auro.re
radius-fleming.adm.auro.re
radius-fleming-fo.adm.auro.re
unifi-fleming.adm.auro.re
routeur-fleming.adm.auro.re
routeur-fleming-fo.adm.auro.re
[fleming_unifi]
fa-0-1.borne.auro.re
@ -145,12 +151,18 @@ titan.adm.auro.re
[pacaterie_vm]
ldap-replica-pacaterie.adm.auro.re
ldap-replica-pacaterie-fo.adm.auro.re
dhcp-pacaterie.adm.auro.re
dhcp-pacaterie-fo.adm.auro.re
dns-pacaterie.adm.auro.re
dns-pacaterie-fo.adm.auro.re
prometheus-pacaterie.adm.auro.re
prometheus-pacaterie-fo.adm.auro.re
radius-pacaterie.adm.auro.re
radius-pacaterie-fo.adm.auro.re
unifi-pacaterie.adm.auro.re
routeur-pacaterie.adm.auro.re
routeur-pacaterie-fo.adm.auro.re
[pacaterie_unifi]
pc-1-1.borne.auro.re
@ -189,12 +201,18 @@ chapalux.adm.auro.re
[edc_vm]
ldap-replica-edc.adm.auro.re
ldap-replica-edc-fo.adm.auro.re
dhcp-edc.adm.auro.re
dhcp-edc-fo.adm.auro.re
dns-edc.adm.auro.re
dns-edc-fo.adm.auro.re
prometheus-edc.adm.auro.re
prometheus-edc-fo.adm.auro.re
radius-edc.adm.auro.re
radius-edc-fo.adm.auro.re
unifi-edc.adm.auro.re
routeur-edc.adm.auro.re
routeur-edc-fo.adm.auro.re
[edc_unifi]
ep-0-1.borne.auro.re
@ -204,12 +222,18 @@ perceval.adm.auro.re
[georgesand_vm]
ldap-replica-georgesand.adm.auro.re
ldap-replica-georgesand-fo.adm.auro.re
dhcp-georgesand.adm.auro.re
dhcp-georgesand-fo.adm.auro.re
dns-georgesand.adm.auro.re
dns-georgesand-fo.adm.auro.re
prometheus-georgesand.adm.auro.re
prometheus-georgesand-fo.adm.auro.re
radius-georgesand.adm.auro.re
radius-georgesand-fo.adm.auro.re
unifi-georgesand.adm.auro.re
routeur-georgesand.adm.auro.re
routeur-georgesand-fo.adm.auro.re
[georgesand_unifi]
ga-0-1.borne.auro.re

View file

@ -1,6 +1,8 @@
---
- hosts: prometheus-fleming.adm.auro.re
- hosts: prometheus-fleming.adm.auro.re,prometheus-fleming-fo.adm.auro.re
vars:
prometheus_alertmanager: docker-ovh.adm.auro.re:9093
# Prometheus targets.json
prometheus_targets:
- targets: |
@ -9,10 +11,11 @@
- targets: "{{ groups['fleming_unifi'] | list | sort }}"
roles:
- prometheus
- prometheus-alertmanager
- hosts: prometheus-pacaterie.adm.auro.re
- hosts: prometheus-pacaterie.adm.auro.re,prometheus-pacaterie-fo.adm.auro.re
vars:
prometheus_alertmanager: docker-ovh.adm.auro.re:9093
# Prometheus targets.json
prometheus_targets:
- targets: |
@ -21,10 +24,11 @@
- targets: "{{ groups['pacaterie_unifi'] | list | sort }}"
roles:
- prometheus
- prometheus-alertmanager
- hosts: prometheus-edc.adm.auro.re
- hosts: prometheus-edc.adm.auro.re,prometheus-edc-fo.adm.auro.re
vars:
prometheus_alertmanager: docker-ovh.adm.auro.re:9093
# Prometheus targets.json
prometheus_targets:
- targets: |
@ -33,10 +37,11 @@
- targets: "{{ groups['edc_unifi'] | list | sort }}"
roles:
- prometheus
- prometheus-alertmanager
- hosts: prometheus-georgesand.adm.auro.re
- hosts: prometheus-georgesand.adm.auro.re,prometheus-georgesand-fo.adm.auro.re
vars:
prometheus_alertmanager: docker-ovh.adm.auro.re:9093
# Prometheus targets.json
prometheus_targets:
- targets: |
@ -45,7 +50,6 @@
- targets: "{{ groups['georgesand_unifi'] | list | sort }}"
roles:
- prometheus
- prometheus-alertmanager
# Monitor all hosts
- hosts: all,!unifi,!ovh

View file

@ -69,6 +69,43 @@
disksize: 16 # G
installiso: debian-10.0.0-amd64-netinst.iso
- name: ldap-replica-fleming-fo
virtu: marki
cores: 2 # 2 mimimum, 10 maximum
memory: 1024 # M
disksize: 16 # G
installiso: debian-10.0.0-amd64-netinst.iso
- name: dhcp-fleming-fo
virtu: marki
cores: 2 # 2 mimimum, 10 maximum
memory: 1024 # M
disksize: 16 # G
installiso: debian-10.0.0-amd64-netinst.iso
- name: dns-fleming-fo
virtu: marki
cores: 2 # 2 mimimum, 10 maximum
memory: 1024 # M
disksize: 16 # G
installiso: debian-10.0.0-amd64-netinst.iso
- name: prometheus-fleming-fo
virtu: marki
cores: 2 # 2 mimimum, 10 maximum
memory: 1024 # M
disksize: 16 # G
installiso: debian-10.0.0-amd64-netinst.iso
- name: radius-fleming-fo
virtu: marki
cores: 2 # 2 mimimum, 10 maximum
memory: 1024 # M
disksize: 16 # G
installiso: debian-10.0.0-amd64-netinst.iso
- name: routeur-fleming-fo
virtu: marki
cores: 2 # 2 mimimum, 10 maximum
memory: 1024 # M
disksize: 16 # G
installiso: debian-10.0.0-amd64-netinst.iso
# Réseau Pacaterie
- name: ldap-replica-pacaterie
virtu: mordred
@ -113,6 +150,43 @@
disksize: 16 # G
installiso: debian-10.0.0-amd64-netinst.iso
- name: ldap-replica-pacaterie-fo
virtu: titan
cores: 2 # 2 mimimum, 10 maximum
memory: 1024 # M
disksize: 16 # G
installiso: debian-10.0.0-amd64-netinst.iso
- name: dhcp-pacaterie-fo
virtu: titan
cores: 2 # 2 mimimum, 10 maximum
memory: 1024 # M
disksize: 16 # G
installiso: debian-10.0.0-amd64-netinst.iso
- name: dns-pacaterie-fo
virtu: titan
cores: 2 # 2 mimimum, 10 maximum
memory: 1024 # M
disksize: 16 # G
installiso: debian-10.0.0-amd64-netinst.iso
- name: prometheus-pacaterie-fo
virtu: titan
cores: 2 # 2 mimimum, 10 maximum
memory: 1024 # M
disksize: 16 # G
installiso: debian-10.0.0-amd64-netinst.iso
- name: radius-pacaterie-fo
virtu: titan
cores: 2 # 2 mimimum, 10 maximum
memory: 1024 # M
disksize: 16 # G
installiso: debian-10.0.0-amd64-netinst.iso
- name: routeur-pacaterie-fo
virtu: titan
cores: 2 # 2 mimimum, 10 maximum
memory: 1024 # M
disksize: 16 # G
installiso: debian-10.0.0-amd64-netinst.iso
# Réseau EDC
- name: ldap-replica-edc
virtu: chapalux

View file

@ -1,5 +0,0 @@
---
- name: Restart Prometheus Alertmanager
service:
name: prometheus-alertmanager
state: restarted

View file

@ -1,14 +0,0 @@
---
- name: Install Prometheus Alertmanager
apt:
update_cache: true
name: prometheus-alertmanager
register: apt_result
retries: 3
until: apt_result is succeeded
- name: Configure Prometheus Alertmanager
template:
src: prometheus/alertmanager.yml.j2
dest: /etc/prometheus/alertmanager.yml
notify: Restart Prometheus Alertmanager

View file

@ -1,62 +0,0 @@
# {{ ansible_managed }}
# See https://prometheus.io/docs/alerting/configuration/ for documentation.
global:
# The smarthost and SMTP sender used for mail notifications.
smtp_smarthost: 'localhost:25'
smtp_from: 'alertmanager@example.org'
#smtp_auth_username: 'alertmanager'
#smtp_auth_password: 'password'
# The auth token for Hipchat.
hipchat_auth_token: '1234556789'
# Alternative host for Hipchat.
hipchat_api_url: 'https://hipchat.foobar.org/'
# The directory from which notification templates are read.
templates:
- '/etc/prometheus/alertmanager_templates/*.tmpl'
# The root route on which each incoming alert enters.
route:
# The labels by which incoming alerts are grouped together. For example,
# multiple alerts coming in for cluster=A and alertname=LatencyHigh would
# be batched into a single group.
group_by: ['instance'] # group per instance
# When a new group of alerts is created by an incoming alert, wait at
# least 'group_wait' to send the initial notification.
# This way ensures that you get multiple alerts for the same group that start
# firing shortly after another are batched together on the first
# notification.
group_wait: 30s
# When the first notification was sent, wait 'group_interval' to send a batch
# of new alerts that started firing for that group.
group_interval: 5m
# If an alert has successfully been sent, wait 'repeat_interval' to
# resend them.
repeat_interval: 12h
# A default receiver
receiver: webhook
# Inhibition rules allow to mute a set of alerts given that another alert is
# firing.
# We use this to mute any warning-level notifications if the same alert is
# already critical.
inhibit_rules:
- source_match:
severity: 'critical'
target_match:
severity: 'warning'
# Apply inhibition if the alertname is the same.
equal: ['alertname', 'cluster', 'service']
receivers:
- name: 'webhook'
webhook_configs:
- url: 'http://URL A METTRE ICI VERS WEBHOOK DISCORD TODO/'
send_resolved: true

View file

@ -15,7 +15,7 @@ global:
alerting:
alertmanagers:
- static_configs:
- targets: ['localhost:9093']
- targets: ['{{ prometheus_alertmanager }}']
# Load rules once and periodically evaluate them according to the global 'evaluation_interval'.
rule_files: