LibertaCasa/salt
LibertaCasa/salt
9
1
Fork 0
Code Issues 5 Pull Requests Releases Activity

Compare commits

base: LibertaCasa:942a0eea4f8ee676abdae3c8e54227a26af670c3
Branches Tags
LibertaCasa:production
LibertaCasa:change_bridges
LibertaCasa:fix/matterb-trashtgirclinks
LibertaCasa:add/matterbridge-chillnet-tgchan
LibertaCasa:mta-optional
LibertaCasa:orpheus
LibertaCasa:privatebin
LibertaCasa:bookstack
LibertaCasa:nsd
LibertaCasa:import-denc-webcluster
LibertaCasa:fix/pillar_boolquotes
...
compare: LibertaCasa:6843f5310abfb738f3651ce5429e8f2bf9fcb7c2
Branches Tags
LibertaCasa:production
LibertaCasa:change_bridges
LibertaCasa:fix/matterb-trashtgirclinks
LibertaCasa:add/matterbridge-chillnet-tgchan
LibertaCasa:mta-optional
LibertaCasa:orpheus
LibertaCasa:privatebin
LibertaCasa:bookstack
LibertaCasa:nsd
LibertaCasa:import-denc-webcluster
LibertaCasa:fix/pillar_boolquotes

4 Commits
942a0eea4f ... 6843f5310a

Author SHA1 Message Date
Georg Pfuetzenreuter
6843f5310a
Moni: Read Blackbox targets as JSON
Some checks failed
ci/lysergic/push/pipeline Pipeline failed
Details 
Use uniform JSON target files instead of a JSON/YAML mix.

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
 2023-02-15 23:22:29 +01:00
Georg Pfuetzenreuter
c5608946f5
p.node_exporter->p.prometheus.node_exporter 
Since the last commit introduced a new Prometheus targets profile, it
makes sense to move node_exporter underneath the Prometheus tree as
well.

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
 2023-02-15 23:22:29 +01:00
Georg Pfuetzenreuter
3e4e73ed1e
Manage Prometheus targets 
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
 2023-02-15 23:22:28 +01:00
Georg Pfuetzenreuter
e089f739c6
Import Prometheus server configuration 
* add new roles:
  - monitoring.prometheus
  - monitoring.prometheus-alertmanager
  - monitoring.prometheus-exporter-blackbox
* add common Prometheus and Prometheus Alertmanager pillar data
* add moni.lysergic.dev specific Prometheus pillar data

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
 2023-02-15 23:22:28 +01:00
10 changed files with 199 additions and 1 deletions
Show Stats Expand all files Collapse all files

110
pillar/id/moni_lysergic_dev.sls Normal file
View File

@ -0,0 +1,110 @@
prometheus:
pkg:
component:
prometheus:
config:
alerting:
alertmanagers:
- static_configs:
- targets:
- localhost:9093
rule_files:
- /etc/prometheus/alerts/lysergic/*.yml
scrape_configs:
- job_name: 'prometheus'
static_configs:
- targets: ['localhost:9090']
- job_name: 'node_exporters_lysergic'
scrape_timeout: 1m
scrape_interval: 5m
file_sd_configs:
- files:
- '/etc/prometheus/targets/node-lysergic.json'
- job_name: 'blackbox-2xx'
metrics_path: /probe
params:
module: [http_2xx]
file_sd_configs:
- files: ['/etc/prometheus/targets/blackbox-2xx*.json']
relabel_configs:
- source_labels: [__address__]
target_label: __param_target
- source_labels: [__param_target]
target_label: instance
- target_label: __address__
replacement: 127.0.0.1:9115
- job_name: 'blackbox-3xx'
metrics_path: /probe
params:
module: [http_3xx]
file_sd_configs:
- files: ['/etc/prometheus/targets/blackbox-3xx*.json']
relabel_configs:
- source_labels: [__address__]
target_label: __param_target
- source_labels: [__param_target]
target_label: instance
- target_label: __address__
replacement: 127.0.0.1:9115
- job_name: 'certificate_exporter'
static_configs:
- targets: ['therapon.rigel.lysergic.dev:9793']
alertmanager:
config:
route:
group_by: ['alertname']
group_wait: 10s
group_interval: 10s
repeat_interval: 1h
receiver: 'smtp-local'
routes:
- receiver: 'lysergic'
# continue: false
match:
project: LYSERGIC
- receiver: 'chillnet'
match:
project: CHILLNET
receivers:
- name: 'smtp-local'
email_configs:
- to: 'system@lysergic.dev'
from: 'alertmanager@moni.lysergic.dev'
require_tls: false
# !!! TO-DO
smarthost: 'zz0.email:465'
send_resolved: yes
- name: 'irc-libertacasa'
webhook_configs:
- url: 'http://127.0.0.1:2410/universe'
send_resolved: yes
- name: 'lysergic'
webhook_configs:
- url: 'http://127.0.0.1:2410/universe'
send_resolved: yes
- url: http://127.0.0.2:8081/prometheus/webhook
send_resolved: yes
email_configs:
- to: 'system@lysergic.dev'
from: 'alertmanager@moni.lysergic.dev'
require_tls: false
smarthost: 'zz0.email:465'
send_resolved: yes
- name: 'chillnet'
email_configs:
- to: 'team@chillnet.org'
from: 'alertmanager@moni.lysergic.dev'
require_tls: false
smarthost: 'zz0.email:465'
send_resolved: yes

11
pillar/role/monitoring/prometheus-alertmanager.sls Normal file
View File

@ -0,0 +1,11 @@
prometheus:
wanted:
component:
- alertmanager
pkg:
component:
alertmanager:
config:
global:
resolve_timeout: 5m

41
pillar/role/monitoring/prometheus-exporter-blackbox.sls Normal file
View File

@ -0,0 +1,41 @@
prometheus:
wanted:
component:
- blackbox_exporter
pkg:
component:
blackbox_exporter:
config:
modules:
http_2xx:
prober: http
timeout: 15s
http_post_2xx:
prober: http
http:
method: POST
http_3xx:
prober: http
timeout: 5s
http:
method: HEAD
no_follow_redirects: true
valid_status_codes: [301, 302]
tcp_connect:
prober: tcp
ssh_banner:
prober: tcp
tcp:
query_response:
- expect: "^SSH-2.0-"
irc_banner:
prober: tcp
tcp:
query_response:
- send: "NICK prober"
- send: "USER prober prober prober :prober"
- expect: "PING :([^ ]+)"
send: "PONG ${1}"
- expect: "^:[^ ]+ 001"
icmp:
prober: icmp

11
pillar/role/monitoring/prometheus.sls Normal file
View File

@ -0,0 +1,11 @@
prometheus:
wanted:
component:
- prometheus
pkg:
component:
prometheus:
config:
global:
scrape_interval: 15s
evaluation_interval: 1m

2
salt/common/suse.sls
View File

@ -2,7 +2,7 @@ include:
- firewalld
- profile.seccheck
- profile.zypp
- profile.node_exporter
- profile.prometheus.node_exporter
- users
- .ssh
- postfix.config

0
salt/profile/node_exporter/init.sls → salt/profile/prometheus/node_exporter.sls
View File

18
salt/profile/prometheus/targets.sls Normal file
View File

@ -0,0 +1,18 @@
{%- set mypillar = salt['pillar.get']('profile:prometheus:targets') %}
{%- set targetsdir = '/etc/prometheus/targets' %}
{%- if mypillar | length %}
{{ targetsdir }}:
file.directory:
- group: prometheus
{%- for group, nodes in mypillar.items() %}
{{ targetsdir }}/{{ group }}.json:
file.serialize:
- dataset: {{ nodes }}
- serializer: json
{%- endfor %}
{%- else %}
{%- do salt.log.debug('profile.prometheus: no targets defined') %}
{%- endif %}

2
salt/role/monitoring/prometheus-alertmanager.sls Normal file
View File

@ -0,0 +1,2 @@
include:
- prometheus.config

2
salt/role/monitoring/prometheus-exporter-blackbox.sls Normal file
View File

@ -0,0 +1,2 @@
include:
- prometheus.config

3
salt/role/monitoring/prometheus.sls Normal file
View File

@ -0,0 +1,3 @@
include:
- prometheus.config
- profile.prometheus.targets