feat(archives): user managementX

This commit is contained in:
N 2019-06-19 00:23:45 +01:00
parent 3ec910e7f7
commit d43033a0fd
No known key found for this signature in database
GPG Key ID: 55A292EAB4E54067
12 changed files with 144 additions and 75 deletions

View File

@ -6,14 +6,13 @@
{%- from tplroot ~ "/map.jinja" import prometheus as p with context %} {%- from tplroot ~ "/map.jinja" import prometheus as p with context %}
{%- set sls_archive_clean = tplroot ~ '.archive.clean' %} {%- set sls_archive_clean = tplroot ~ '.archive.clean' %}
{%- if grains.kernel|lower == 'linux' and p.linux.altpriority|int > 0 %} {%- if grains.kernel|lower == 'linux' and p.linux.altpriority|int > 0 %}
include: include:
- {{ sls_archive_clean }} - {{ sls_archive_clean }}
{%- for k in p.archive.wanted %}
{%- for k in p.archive.wanted %} {%- set dir = p.archive.dir.opt + '/' + k + '-%s.%s-%s'|format(p.archive.versions[k], p.kernel, p.arch) %}
{%- set dir = p.archive.dir + '/' + k + '-%s.%s-%s'|format(p.archive.version["k"], p.kernel, p.arch) %}
prometheus-archive-remove-{{ k }}-home-alternatives-remove: prometheus-archive-remove-{{ k }}-home-alternatives-remove:
alternatives.remove: alternatives.remove:
@ -23,9 +22,7 @@ prometheus-archive-remove-{{ k }}-home-alternatives-remove:
- require: - require:
- sls: {{ sls_archive_clean }} - sls: {{ sls_archive_clean }}
{% for i in p.archive.binaries[k] %}
{% for i in p.archive.binaries['k'] %}
prometheus-archive-remove-{{ k }}-alternatives-remove-{{ i }}: prometheus-archive-remove-{{ k }}-alternatives-remove-{{ i }}:
alternatives.remove: alternatives.remove:
- name: prometheus-{{ k }}-{{ i }} - name: prometheus-{{ k }}-{{ i }}
@ -33,7 +30,7 @@ prometheus-archive-remove-{{ k }}-alternatives-remove-{{ i }}:
- onlyif: update-alternatives --get-selections |grep ^prometheus-{{ k }}-{{ i }} - onlyif: update-alternatives --get-selections |grep ^prometheus-{{ k }}-{{ i }}
- require: - require:
- sls: {{ sls_archive_clean }} - sls: {{ sls_archive_clean }}
{% endfor %}
{% endfor %} {% endfor %}
{% endfor %} {%- endif %}
{%- endif %}

View File

@ -1,14 +1,5 @@
# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
# vim: ft=sls # vim: ft=sls
{#- Get the `tplroot` from `tpldir` #}
{%- set tplroot = tpldir.split('/')[0] %}
{%- from tplroot ~ "/map.jinja" import prometheus with context %}
{%- from tplroot ~ "/jinja/macros.jinja" import format_kwargs with context %}
{%- if grains.kernel|lower == 'linux' and prometheus.pkg.use_upstream_archive %}
include: include:
- .install - .install
{%- endif %}

View File

@ -7,16 +7,15 @@
{%- from tplroot ~ "/libtofs.jinja" import files_switch with context %} {%- from tplroot ~ "/libtofs.jinja" import files_switch with context %}
{%- set sls_archive_install = tplroot ~ '.archive.install' %} {%- set sls_archive_install = tplroot ~ '.archive.install' %}
{%- if grains.kernel|lower in ('linux',) and p.linux.altpriority|int > 0 %} {%- if grains.kernel|lower in ('linux',) and p.linux.altpriority|int > 0 %}
include: include:
- {{ sls_archive_install }} - {{ sls_archive_install }}
{%- for k in p.archive.wanted %}
{%- set dir = p.archive.dir.opt + '/' + k + '-%s.%s-%s'|format(p.archive.versions[k], p.kernel, p.arch) %}
{%- for k in p.archive.wanted %} prometheus-archive-alternatives-install-{{ k }}-home-cmd-run:
{%- set dir = p.archive.dir + '/' + k + '-%s.%s-%s'|format(p.archive.version["k"], p.kernel, p.arch) %}
prometheus-archive-alternatives-install-{{ k }}-home-alternatives-install:
cmd.run: cmd.run:
- onlyif: {{ grains.os_family in ('Suse',) }} - onlyif: {{ grains.os_family in ('Suse',) }}
- name: update-alternatives --install {{ dir }} prometheus-{{ k }}-home {{ dir }} {{p.linux.altpriority}} - name: update-alternatives --install {{ dir }} prometheus-{{ k }}-home {{ dir }} {{p.linux.altpriority}}
@ -24,9 +23,11 @@ prometheus-archive-alternatives-install-{{ k }}-home-alternatives-install:
- archive: prometheus-archive-install-{{ k }}-archive-extracted - archive: prometheus-archive-install-{{ k }}-archive-extracted
- require: - require:
- sls: {{ sls_archive_install }} - sls: {{ sls_archive_install }}
prometheus-archive-alternatives-install-{{ k }}-home-alternatives-install:
alternatives.install: alternatives.install:
- name: prometheus-{{ k }}-home - name: prometheus-{{ k }}-home
- link: {{ p.dir }} - link: {{ p.archive.dir.opt }}/{{ k }}
- path: {{ dir }} - path: {{ dir }}
- priority: {{ p.linux.altpriority }} - priority: {{ p.linux.altpriority }}
- order: 10 - order: 10
@ -41,17 +42,19 @@ prometheus-archive-alternatives-install-{{ k }}-home-alternatives-set:
- name: prometheus-{{ k }}-home - name: prometheus-{{ k }}-home
- path: {{ dir }} - path: {{ dir }}
- require: - require:
- cmd: prometheus-archive-alternatives-install-{{ k }}-home-cmd-run
- alternatives: prometheus-archive-alternatives-install-{{ k }}-home-alternatives-install - alternatives: prometheus-archive-alternatives-install-{{ k }}-home-alternatives-install
- onlyif: {{ grains.os_family not in ('Suse',) }} - onlyif: {{ grains.os_family not in ('Suse',) }}
{% for i in p.archive.binaries['k'] %}
{% for i in p.archive.binaries[k] %}
prometheus-archive-alternatives-install-{{ k }}-alternatives-install-{{ i }}: prometheus-archive-alternatives-install-{{ k }}-alternatives-install-{{ i }}:
cmd.run: cmd.run:
- onlyif: {{ grains.os_family in ('Suse',) }} - onlyif: {{ grains.os_family in ('Suse',) }}
- name: update-alternatives --install /usr/bin/{{i}} prometheus-{{ k }}-{{i}} {{ dir }}/{{i}} {{p.linux.altpriority}} - name: update-alternatives --install /usr/bin/{{i}} prometheus-{{ k }}-{{i}} {{ dir }}/{{i}} {{p.linux.altpriority}}
- require: - require:
- cmd: prometheus-archive-alternatives-install-{{ k }}-home-alternatives-install - cmd: prometheus-archive-alternatives-install-{{ k }}-home-cmd-run
alternatives.install: alternatives.install:
- name: prometheus-{{ k }}-{{ i }} - name: prometheus-{{ k }}-{{ i }}
- link: /usr/bin/{{ i }} - link: /usr/bin/{{ i }}
@ -69,7 +72,7 @@ prometheus-archive-alternatives-install-{{ k }}-alternatives-set-{{ i }}:
- require: - require:
- alternatives: prometheus-archive-alternatives-install-{{ k }}-alternatives-install-{{ i }} - alternatives: prometheus-archive-alternatives-install-{{ k }}-alternatives-install-{{ i }}
- onlyif: {{ grains.os_family not in ('Suse',) }} - onlyif: {{ grains.os_family not in ('Suse',) }}
{% endfor %} {% endfor %}
{% endfor %}
{%- endif %} {% endfor %}
{%- endif %}

View File

@ -3,21 +3,40 @@
{#- Get the `tplroot` from `tpldir` #} {#- Get the `tplroot` from `tpldir` #}
{%- set tplroot = tpldir.split('/')[0] %} {%- set tplroot = tpldir.split('/')[0] %}
{%- from tplroot ~ "/map.jinja" import prometheus with context %} {%- from tplroot ~ "/map.jinja" import prometheus as p with context %}
{%- set sls_alternatives_clean = tplroot ~ '.archive.alternatives.clean' %} {%- set sls_alternatives_clean = tplroot ~ '.archive.alternatives.clean' %}
{%- if prometheus.pkg.use_upstream_archive %} {%- if p.pkg.use_upstream_archive %}
include: include:
- {{ sls_alternatives_clean }} - {{ sls_alternatives_clean }}
{%- for k in p.archive.wanted %}
{%- set dir = p.archive.dir.opt + '/' + k + '-%s.%s-%s'|format(p.archive.versions[k], p.kernel, p.arch) %}
{%- for k in prometheus.archive.wanted %}
prometheus-archive-clean-{{ k }}-file-absent: prometheus-archive-clean-{{ k }}-file-absent:
file.absent: file.absent:
- name: {{ prometheus.archive.dir + '/' + k + '-%s.%s-%s'|format(prometheus.archive.versions[k], prometheus.kernel, prometheus.arch) }} - names:
- {{ dir }}
- {{ p.archive.systemd.dir }}/{{ k }}.service
#- require: #- require:
#- sls: {{ sls_alternatives_clean }} #- sls: {{ sls_alternatives_clean }}
prometheus-archive-clean-{{ k }}-user-absent:
user.absent:
- name: {{ k }}
group.absent:
- name: {{ k }}
- require:
- user: prometheus-archive-clean-{{ k }}-user-absent
{%- endfor %} {%- endfor %}
{%- endif %} prometheus-archive-clean-file-directory:
file.absent:
- names:
- {{ p.archive.dir.opt }}
- {{ p.archive.dir.etc }}
- {{ p.archive.dir.var }}
{%- endif %}

View File

@ -3,7 +3,14 @@
--- ---
prometheus: prometheus:
archive: archive:
dir: /opt/prometheus wanted:
- prometheus
- alertmanager
- node_exporter
systemd:
dir: /usr/lib/systemd/system
after: docker.service
wants: network-online.target docker.target
uri: https://github.com/prometheus uri: https://github.com/prometheus
suffix: tar.gz suffix: tar.gz
kwargs: kwargs:
@ -15,6 +22,10 @@ prometheus:
until: True until: True
interval: 60 interval: 60
splay: 10 splay: 10
dir:
opt: /opt/prometheus
etc: /etc/prometheus
var: /var/lib/prometheus
binaries: binaries:
prometheus: prometheus:
- prometheus - prometheus
@ -40,7 +51,6 @@ prometheus:
- pushgateway - pushgateway
statsd_exporter: statsd_exporter:
- statsd_exporter - statsd_exporter
versions: versions:
prometheus: '2.10.0' prometheus: '2.10.0'
alertmanager: '0.17.0' alertmanager: '0.17.0'
@ -65,3 +75,15 @@ prometheus:
node_exporter: b2503fd932f85f4e5baf161268854bf5d22001869b84f00fd2d1f57b51b72424 node_exporter: b2503fd932f85f4e5baf161268854bf5d22001869b84f00fd2d1f57b51b72424
pushgateway: 6949866ba9ad0cb88d3faffd4281f17df79281398b4dbd0ec3aab300071681ca pushgateway: 6949866ba9ad0cb88d3faffd4281f17df79281398b4dbd0ec3aab300071681ca
statsd_exporter: 4632ad0c5552e271e84c376da3ffe3af8c265ec5c3035334b70e35756aca1906 statsd_exporter: 4632ad0c5552e271e84c376da3ffe3af8c265ec5c3035334b70e35756aca1906
configs:
prometheus: {}
alertmanager: {}
blackbox_exporter: {}
consul_exporter: {}
graphite_exporter: {}
haproxy_exporter: {}
memcached_exporter: {}
mysqld_exporter: {}
node_exporter: {}
pushgateway: {}
statsd_exporter: {}

View File

@ -5,35 +5,74 @@
{%- set tplroot = tpldir.split('/')[0] %} {%- set tplroot = tpldir.split('/')[0] %}
{%- from tplroot ~ "/map.jinja" import prometheus as p with context %} {%- from tplroot ~ "/map.jinja" import prometheus as p with context %}
{%- from tplroot ~ "/jinja/macros.jinja" import format_kwargs with context %} {%- from tplroot ~ "/jinja/macros.jinja" import format_kwargs with context %}
{%- from tplroot ~ "/libtofs.jinja" import files_switch with context %}
{%- for k in p.archive.wanted %} {%- for k in p.archive.wanted %}
{%- set dir = p.archive.dir.opt + '/' + k + '-%s.%s-%s'|format(p.archive.versions[k], p.kernel, p.arch) %}
prometheus-archive-install-{{ k }}-file-directory: prometheus-archive-install-{{ k }}-user-present:
file.directory: group.present:
- name: {{ p.archive.dir }} - name: {{ k }}
- user: root - require_in:
- group: root - user: prometheus-archive-install-{{ k }}-user-present
- mode: 755 user.present:
- makedirs: True - name: {{ k }}
- shell: /bin/false
- createhome: false
- groups:
- {{ k }}
- require_in: - require_in:
- archive: prometheus-archive-install-{{ k }}-archive-extracted - archive: prometheus-archive-install-{{ k }}-archive-extracted
- recurse:
- user
- group
- mode
prometheus-archive-install-{{ k }}-archive-extracted: prometheus-archive-install-{{ k }}-archive-extracted:
archive.extracted: archive.extracted:
- name: {{ p.archive.dir }} - name: {{ p.archive.dir.opt }}
- source: {{ p.archive.uri + '/' + k + '/releases/download/v' + p.archive.versions[k] - source: {{ p.archive.uri + '/' + k + '/releases/download/v' + p.archive.versions[k]
+ '/' + k + '-%s.%s-%s'|format(p.archive.versions[k], p.kernel, p.arch) + '/' + k + '-%s.%s-%s'|format(p.archive.versions[k], p.kernel, p.arch)
+ '.' + p.archive.suffix }} + '.' + p.archive.suffix }}
- source_hash: {{ p.archive.hashes[k] }} - source_hash: {{ p.archive.hashes[k] }}
- user: root - user: {{ k }}
- group: root - group: {{ k }}
{{- format_kwargs(p.archive.kwargs) }} {{- format_kwargs(p.archive.kwargs) }}
- recurse: - recurse:
- user - user
- group - group
- require_in:
- file: prometheus-archive-install-{{ k }}-managed-systemd_file
- file: prometheus-archive-install-file-directory
prometheus-archive-install-{{ k }}-managed-systemd_file:
file.managed:
- name: {{ p.archive.systemd.dir }}/{{ k }}.service
- source: {{ files_switch(['systemd.ini.jinja'],
lookup='prometheus-archive-install-{{ k }}-managed-systemd_file'
)
}}
- mode: 644
- user: root
- group: {{ p.rootgroup }}
- makedirs: True
- template: jinja
- context:
desc: prometheus - {{ k }} serice
name: {{ k }}
user: {{ k }}
group: {{ k }}
start: {{ dir }}/{{ k }} --config.file {{ p.archive.dir.etc }}/{{ k }}/{{ k }}.yml
stop: killall {{ dir }}/{{ k }}
after: {{ p.archive.systemd.after }}
wants: {{ p.archive.systemd.wants }}
{%- endfor %} {%- endfor %}
prometheus-archive-install-file-directory:
file.directory:
- names:
- {{ p.archive.dir.opt }}
- {{ p.archive.dir.etc }}
- {{ p.archive.dir.var }}
- user: prometheus
- group: prometheus
- mode: 755
- makedirs: True
##do not recurse!!!

View File

@ -8,9 +8,6 @@
include: include:
- {{ sls_archive_clean }} - {{ sls_archive_clean }}
{%- if prometheus.pkg.use_upstream_archive and kernel|lower == 'linux' %}
- .systemd
{%- endif %}
prometheus-config-clean-file-absent: prometheus-config-clean-file-absent:
file.absent: file.absent:

View File

@ -9,8 +9,3 @@ include:
- .args - .args
- .file - .file
- .environ - .environ
{%- if prometheus.pkg.use_upstream_archive and kernel|lower == 'linux' %}
- .systemd
{%- endif %}

View File

@ -16,19 +16,11 @@ prometheus:
name: prometheus name: prometheus
user: prometheus user: prometheus
group: prometheus group: prometheus
linux:
#'Alternatives system' priority: zero disables (default)
altpriority: 0
exporters: exporters:
node: node:
pkg: pkg:
name: prometheus-node-exporter name: prometheus-node-exporter
service: prometheus-node-exporter service: prometheus-node-exporter
linux:
#'Alternatives system' priority: zero disables (default)
altpriority: 0
archive:
# see ./archive/default.yaml
wanted:
- prometheus
- alertmanager
- node_exporter

View File

@ -0,0 +1,18 @@
#########################################################
# File managed by Salt. Changes risk being overwritten.
#########################################################
[Unit]
Description={{ desc }}
Wants={{ wants }}
After={{ after }}
Documentation=https://github.com/saltstack-formulas/prometheus-formula
[Service]
User={{ user }}
Group={{ group }}
ExecStart={{ start }}
ExecStop={{ stop }}
PIDFile=/var/run/{{ name }}.pid
[Install]
WantedBy=multi-user.target

View File

@ -9,13 +9,10 @@
{%- import_yaml tplroot ~ "/osmap.yaml" as osmap %} {%- import_yaml tplroot ~ "/osmap.yaml" as osmap %}
{%- import_yaml tplroot ~ "/osarchmap.yaml" as osarchmap %} {%- import_yaml tplroot ~ "/osarchmap.yaml" as osarchmap %}
{%- import_yaml tplroot ~ "/osfingermap.yaml" as osfingermap %} {%- import_yaml tplroot ~ "/osfingermap.yaml" as osfingermap %}
{#- focused defaults #}
{%- import_yaml tplroot ~ "/archive/defaults.yaml" as archive_defaults %} {%- import_yaml tplroot ~ "/archive/defaults.yaml" as archive_defaults %}
{%- import_yaml tplroot ~ "/archive/defaults.yaml" as config_defaults %}
{%- set defaults = salt['grains.filter_by'](default_settings, {%- set defaults = salt['grains.filter_by'](default_settings,
merge=salt['grains.filter_by'](archive_defaults, merge=salt['grains.filter_by'](archive_defaults,
merge=salt['grains.filter_by'](config_defaults,
merge=salt['grains.filter_by'](osfamilymap, grain='os_family', merge=salt['grains.filter_by'](osfamilymap, grain='os_family',
merge=salt['grains.filter_by'](osmap, grain='os', merge=salt['grains.filter_by'](osmap, grain='os',
merge=salt['grains.filter_by'](osfingermap, grain='osfinger', merge=salt['grains.filter_by'](osfingermap, grain='osfinger',
@ -25,7 +22,6 @@
base='prometheus'), base='prometheus'),
base='prometheus'), base='prometheus'),
base='prometheus'), base='prometheus'),
base='prometheus'),
base='prometheus'), base='prometheus'),
base='prometheus') base='prometheus')
%} %}

0
prometheus/systemd.sls Normal file
View File