diff --git a/docs/README.rst b/docs/README.rst index c9997d4..4c5a574 100644 --- a/docs/README.rst +++ b/docs/README.rst @@ -13,7 +13,7 @@ prometheus-formula :alt: Semantic Release :scale: 100% :target: https://github.com/semantic-release/semantic-release -Manage Prometheus. +Manage Prometheus on MacOS, GNU/Linux and FreeBSD. .. contents:: **Table of Contents** @@ -48,11 +48,26 @@ This installs the prometheus package, manages the prometheus configuration file and then starts the associated prometheus service. +``prometheus.archive`` +^^^^^^^^^^^^^^^^^^^^ + +This state will install the prometheus from archive file only. + +``prometheus.archive.alternatives`` +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +This state will install the prometheus linux alternatives for archives only. + ``prometheus.package`` ^^^^^^^^^^^^^^^^^^^^ This state will install the prometheus package only. +``prometheus.package.repo`` +^^^^^^^^^^^^^^^^^^^^^^^^^ + +This state will install the prometheus package only. + ``prometheus.config`` ^^^^^^^^^^^^^^^^^^^ @@ -92,6 +107,21 @@ dependency on ``prometheus.service.clean`` via include list. This state will remove the prometheus package and has a depency on ``prometheus.config.clean`` via include list. +``prometheus.package.archive.clean`` +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +This state will uninstall the prometheus archive-extracted directory only. + +``prometheus.package.archive.alternatives.clean`` +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +This state will uninstall the prometheus linux alternatives for archives only. + +``prometheus.package.repo.clean`` +^^^^^^^^^^^^^^^^^^^^^^^^^ + +This state will uninstall the prometheus upstream package repository only. + ``prometheus.exporters`` ^^^^^^^^^^^^^^^^^^^^^^^^ diff --git a/kitchen.yml b/kitchen.yml index 6624b42..54fa570 100644 --- a/kitchen.yml +++ b/kitchen.yml @@ -42,7 +42,6 @@ provisioner: base: '*': - prometheus - - prometheus.exporters pillars: top.sls: base: diff --git a/pillar.example b/pillar.example index b482dc6..3fa8386 100644 --- a/pillar.example +++ b/pillar.example @@ -2,13 +2,39 @@ # vim: ft=yaml --- prometheus: + wanted: + - prometheus + {%- if grains.os_family not in ('Debian',) %} + - alertmanager + {%- endif %} + - node_explorer + # no memcached_exporter in upstream repo - only archive + # memcached_exporter + + use_upstream_archive: False + {%- if grains.os_family in ('CentOS',) %} + use_upstream_repo: False + {%- endif %} + pkg: - name: prometheus - config_file: /etc/prometheus/prometheus.yml + prometheus: + archive_version: '2.10.0' + archive_hash: f4233783826f18606b79e5cef0686e4a9c2030146a3c7ce134f0add09f5adcb7 + alertmanager: + archive_version: '0.17.0' + archive_hash: ec171b13976baceace193461f8a1e61021ab9657df5ba45157cd0095aee7d569 + service: - name: prometheus - args: - web.listen-address: 0.0.0.0:9090 + prometheus: + args: + web.listen-address: 0.0.0.0:9090 + #pushgateway: + #args: + # web.listen-address: ":9091" + # web.telemetry-path: "/metrics" + node_exporter: + args: + web.listen-address: ":9110" tofs: # The files_switch key serves as a selector for alternative @@ -35,37 +61,98 @@ prometheus: # Pillar-based config config: - # my global config - global: - scrape_interval: 15s # Set the scrape interval to every 15 seconds. Default is every 1 minute. - evaluation_interval: 15s # Evaluate rules every 15 seconds. The default is every 1 minute. - # scrape_timeout is set to the global default (10s). + prometheus: + # ref https://raw.githubusercontent.com/prometheus/prometheus/release-2.10/config/testdata/conf.good.yml + # my global config + global: + scrape_interval: 15s # Set the scrape interval to every 15 seconds. Default is every 1 minute. + evaluation_interval: 15s # Evaluate rules every 15 seconds. The default is every 1 minute. + # scrape_timeout is set to the global default (10s). - # Alertmanager configuration - alerting: - alertmanagers: - - static_configs: - - targets: - # - alertmanager:9093 + # Alertmanager configuration + alerting: + alertmanagers: + - static_configs: + - targets: + # - alertmanager:9093 - # Load rules once and periodically evaluate them according to the global 'evaluation_interval'. - rule_files: - # - "first_rules.yml" - # - "second_rules.yml" + # Load rules once and periodically evaluate them according to the global 'evaluation_interval'. + rule_files: + # - "first_rules.yml" + # - "second_rules.yml" - # A scrape configuration containing exactly one endpoint to scrape: - # Here it's Prometheus itself. - scrape_configs: - # The job name is added as a label `job=` to any timeseries scraped from this config. - - job_name: 'prometheus' + # A scrape configuration containing exactly one endpoint to scrape: + scrape_configs: + # The job name is added as a label `job=` to any timeseries scraped from this config. + - job_name: 'prometheus' + # metrics_path defaults to '/metrics' + # scheme defaults to 'http'. + static_configs: + - targets: ['localhost:9090'] - # metrics_path defaults to '/metrics' - # scheme defaults to 'http'. + - job_name: pushgateway + scrape_interval: 5s + honor_labels: true + static_configs: + - targets: ['pushgateway:9091'] - static_configs: - - targets: ['localhost:9090'] + - job_name: 'blackbox' + # ref https://github.com/prometheus/blackbox_exporter#prometheus-configuration + metrics_path: /probe + params: + module: [http_2xx] # Look for a HTTP 200 response. + static_configs: + - targets: + - http://prometheus.io # Target to probe with http. + - https://prometheus.io # Target to probe with https. + - http://example.com:8080 # Target to probe with http on port 8080. + relabel_configs: + - source_labels: [__address__] + target_label: __param_target + - source_labels: [__param_target] + target_label: instance + - target_label: __address__ + replacement: 127.0.0.1:9115 # The blackbox exporter's real hostname:port. - exporters: - node: - args: - web.listen-address: ":9110" + alertmanager: + # ref https://github.com/prometheus/alertmanager/blob/master/config/testdata/conf.good.yml + global: + smtp_smarthost: 'localhost:25' + smtp_from: 'alertmanager@example.org' + smtp_auth_username: 'alertmanager' + smtp_auth_password: "multiline\nmysecret" + smtp_hello: "host.example.org" + slack_api_url: "http://mysecret.example.com/" + http_config: + proxy_url: 'http://127.0.0.1:1025' + route: + group_by: ['alertname', 'cluster', 'service'] + group_wait: 30s + group_interval: 5m + repeat_interval: 3h + receiver: team-X-mails + routes: + - match_re: + service: ^(foo1|foo2|baz)$ + receiver: team-X-mails + routes: + - match: + severity: critical + receiver: team-X-mails + receivers: + - name: 'team-X-mails' + email_configs: + - to: 'team-X+alerts@example.org' + + inhibit_rules: + - name: opsGenie-receiver + opsgenie_configs: + - api_key: mysecret + - name: slack-receiver + slack_configs: + - channel: '#my-channel' + image_url: 'http://some.img.com/img.png' + + linux: + #'Alternatives system' priority: zero disables (default) + altpriority: 0 diff --git a/prometheus/archive/alternatives/clean.sls b/prometheus/archive/alternatives/clean.sls new file mode 100644 index 0000000..99aec88 --- /dev/null +++ b/prometheus/archive/alternatives/clean.sls @@ -0,0 +1,29 @@ +# -*- coding: utf-8 -*- +# vim: ft=sls + +{#- Get the `tplroot` from `tpldir` #} +{%- set tplroot = tpldir.split('/')[0] %} +{%- from tplroot ~ "/map.jinja" import prometheus as p with context %} + + {%- if grains.kernel|lower == 'linux' and p.linux.altpriority|int > 0 %} + + {%- for name in p.wanted %} + {%- set bundle = name + '-%s.%s-%s'|format(p.pkg[name]['archive_version'], p.kernel, p.arch) %} + +prometheus-archive-remove-{{ name }}-home-alternatives-remove: + alternatives.remove: + - name: prometheus-{{ name }}-home + - path: {{ p.dir.basedir }}/{{ bundle }} + - onlyif: update-alternatives --get-selections |grep ^prometheus-{{ name }}-home + + {% for b in p.pkg[name]['binaries'] %} + +prometheus-archive-remove-{{ name }}-alternatives-remove-{{ b }}: + alternatives.remove: + - name: prometheus-{{ name }}-{{ b }} + - path: {{ p.dir.basedir }}/{{ bundle }}/{{ b }} + - onlyif: update-alternatives --get-selections |grep ^prometheus-{{ name }}-{{ b }} + + {% endfor %} + {% endfor %} + {%- endif %} diff --git a/prometheus/archive/alternatives/init.sls b/prometheus/archive/alternatives/init.sls new file mode 100644 index 0000000..d3e5518 --- /dev/null +++ b/prometheus/archive/alternatives/init.sls @@ -0,0 +1,5 @@ +# -*- coding: utf-8 -*- +# vim: ft=sls + +include: + - .install diff --git a/prometheus/archive/alternatives/install.sls b/prometheus/archive/alternatives/install.sls new file mode 100644 index 0000000..533bd4f --- /dev/null +++ b/prometheus/archive/alternatives/install.sls @@ -0,0 +1,79 @@ +# -*- coding: utf-8 -*- +# vim: ft=sls + +{#- Get the `tplroot` from `tpldir` #} +{%- set tplroot = tpldir.split('/')[0] %} +{%- from tplroot ~ "/map.jinja" import prometheus as p with context %} +{%- from tplroot ~ "/libtofs.jinja" import files_switch with context %} +{%- set sls_archive_install = tplroot ~ '.archive' %} + + {%- if grains.kernel|lower in ('linux',) and p.linux.altpriority|int > 0 %} + +include: + - {{ sls_archive_install }} + + {%- for name in p.wanted %} + {%- set bundle = name + '-%s.%s-%s'|format(p.pkg[name]['archive_version'], p.kernel, p.arch) %} + {%- if grains.os_family == 'Suse' %} + +prometheus-archive-alternatives-install-{{ name }}-home-cmd-run: + cmd.run: + - name: update-alternatives --install {{ p.dir.basedir }}/{{ name }} prometheus-{{ name }}-home {{ p.dir.basedir }}/{{ bundle }} {{p.linux.altpriority}} + - watch: + - archive: prometheus-archive-install-{{ name }}-archive-extracted + + {%- else %} + +prometheus-archive-alternatives-install-{{ name }}-home-alternatives-install: + alternatives.install: + - name: prometheus-{{ name }}-home + - link: {{ p.dir.basedir }}/{{ name }} + - path: {{ p.dir.basedir }}/{{ bundle }} + - priority: {{ p.linux.altpriority }} + - order: 10 + - watch: + - archive: prometheus-archive-install-{{ name }}-archive-extracted + - onlyif: {{ grains.os_family not in ('Suse',) }} + +prometheus-archive-alternatives-install-{{ name }}-home-alternatives-set: + alternatives.set: + - name: prometheus-{{ name }}-home + - path: {{ p.dir.basedir }}/{{ bundle }} + - require: + - cmd: prometheus-archive-alternatives-install-{{ name }}-home-cmd-run + - alternatives: prometheus-archive-alternatives-install-{{ name }}-home-alternatives-install + + {%- endif %} + {% for b in p.pkg[name]['binaries'] %} + {%- if grains.os_family == 'Suse' %} + +prometheus-archive-alternatives-install-{{ name }}-cmd-run-{{ b }}-alternative: + cmd.run: + - onlyif: {{ grains.os_family in ('Suse',) }} + - name: update-alternatives --install /usr/local/bin/{{ b }} prometheus-{{ name }}-{{ b }} {{ p.dir.basedir }}/{{ bundle }}/{{ b }} {{ p.linux.altpriority }} + - require: + - cmd: prometheus-archive-alternatives-install-{{ name }}-home-cmd-run + + {%- else %} + +prometheus-archive-alternatives-install-{{ name }}-alternatives-install-{{ b }}: + alternatives.install: + - name: prometheus-{{ name }}-{{ b }} + - link: /usr/local/bin/{{ b }} + - path: {{ p.dir.basedir }}/{{ bundle }}/{{ b }} + - priority: {{ p.linux.altpriority }} + - order: 10 + - require: + - alternatives: prometheus-archive-alternatives-install-{{ name }}-home-alternatives-install + +prometheus-archive-alternatives-install-{{ name }}-alternatives-set-{{ b }}: + alternatives.set: + - name: prometheus-{{ name }}-{{ b }} + - path: {{ p.dir.basedir }}/{{ bundle }}/{{ b }} + - require: + - alternatives: prometheus-archive-alternatives-install-{{ name }}-alternatives-install-{{ b }} + + {%- endif %} + {% endfor %} + {% endfor %} + {%- endif %} diff --git a/prometheus/archive/clean.sls b/prometheus/archive/clean.sls new file mode 100644 index 0000000..cb487d3 --- /dev/null +++ b/prometheus/archive/clean.sls @@ -0,0 +1,35 @@ +# -*- coding: utf-8 -*- +# vim: ft=sls + +{#- Get the `tplroot` from `tpldir` #} +{%- set tplroot = tpldir.split('/')[0] %} +{%- from tplroot ~ "/map.jinja" import prometheus as p with context %} +{%- set sls_alternatives_clean = tplroot ~ '.archive.alternatives.clean' %} +{%- set sls_users_clean = tplroot ~ '.config.users.clean' %} +{%- set sls_service_clean = tplroot ~ '.service.clean' %} + +include: + - {{ sls_users_clean }} + - {{ sls_service_clean }} + - {{ sls_alternatives_clean }} + + {%- for name in p.wanted %} + +prometheus-archive-clean-{{ name }}-file-absent: + file.absent: + - names: + - {{ p.dir.basedir }}/{{ name + '-%s.%s-%s'|format(p.pkg[name]['archive_version'], p.kernel, p.arch) }} + +prometheus-archive-clean-{{ name }}-user-absent: + user.absent: + - name: {{ name }} + group.absent: + - name: {{ name }} + - require: + - user: prometheus-archive-clean-{{ name }}-user-absent + + {%- endfor %} + +prometheus-archive-clean-basedir-file-directory: + file.absent: + - name: {{ p.dir.basedir }} diff --git a/prometheus/archive/init.sls b/prometheus/archive/init.sls new file mode 100644 index 0000000..7ad92ee --- /dev/null +++ b/prometheus/archive/init.sls @@ -0,0 +1,16 @@ +#.-*- coding: utf-8 -*- +# vim: ft=sls + +{#- Get the `tplroot` from `tpldir` #} +{%- set tplroot = tpldir.split('/')[0] %} +{%- from tplroot ~ "/map.jinja" import prometheus with context %} + + {%- if prometheus.use_upstream_archive %} + +include: + - .install + {%- if grains.kernel|lower == 'linux' %} + - .alternatives + {%- endif %} + + {%- endif %} diff --git a/prometheus/archive/install.sls b/prometheus/archive/install.sls new file mode 100644 index 0000000..93c1c83 --- /dev/null +++ b/prometheus/archive/install.sls @@ -0,0 +1,89 @@ +# -*- coding: utf-8 -*- +# vim: ft=sls + +{#- Get the `tplroot` from `tpldir` #} +{%- set tplroot = tpldir.split('/')[0] %} +{%- from tplroot ~ "/map.jinja" import prometheus as p with context %} +{%- from tplroot ~ "/jinja/macros.jinja" import format_kwargs with context %} +{%- from tplroot ~ "/libtofs.jinja" import files_switch with context %} +{%- set sls_users_install = tplroot ~ '.config.users' %} + +include: + - {{ sls_users_install }} + +prometheus-config-file-basedir-file-directory: + file.directory: + - name: {{ p.dir.basedir }} + - user: prometheus + - group: prometheus + - mode: 755 + - makedirs: True + - require: + - sls: '{{ sls_users_install }}.*' + + {%- for name in p.wanted %} + {%- if name in p.pkg %} + {%- set bundle = name + '-%s.%s-%s'|format(p.pkg[name]['archive_version'], p.kernel, p.arch) %} + +prometheus-archive-install-{{ name }}-archive-extracted: + archive.extracted: + - name: {{ p.dir.basedir }} + - source: {{ p.archive.uri }}/{{ name }}/releases/download/v{{ p.pkg[name]['archive_version'] + + '/' + bundle + '.' + p.archive.suffix }} + - source_hash: {{ p.pkg[name]['archive_hash'] }} + - user: {{ name }} + - group: {{ name }} + {{- format_kwargs(p.archive.kwargs) }} + - recurse: + - user + - group + - require: + - file: prometheus-config-file-basedir-file-directory + + {%- if name in p.service %} + +prometheus-archive-install-{{ name }}-file-directory: + file.directory: + - name: {{ p.dir.var }}/{{ name }} + - user: {{ name }} + - group: {{ name }} + - mode: 755 + - makedirs: True + - require: + - archive: prometheus-archive-install-{{ name }}-archive-extracted + - file: prometheus-config-file-basedir-file-directory + + {%- if grains.os_family not in ('MacOS', 'FreeBSD', 'Windows') %} + +prometheus-archive-install-{{ name }}-managed-service: + file.managed: + - name: {{ p.dir.service }}/{{ name }}.service + - source: {{ files_switch(['systemd.ini.jinja'], + lookup='prometheus-archive-install-{{ name }}-managed-service' + ) + }} + - mode: 644 + - user: root + - group: {{ p.rootgroup }} + - makedirs: True + - template: jinja + - context: + desc: prometheus - {{ name }} service + name: {{ name }} + user: {{ name }} + group: {{ name }} + workdir: {{ p.dir.var }}/{{ name }} + start: {{ p.dir.basedir }}/{{ bundle }}/{{ name }} --config.file {{ p.dir.etc }}/{{ name }}.yml + stop: '' #not needed + - require: + - file: prometheus-archive-install-{{ name }}-file-directory + - file: prometheus-config-file-basedir-file-directory + cmd.run: + - name: systemctl daemon-reload + - require: + - file: prometheus-archive-install-{{ name }}-managed-service + + {%- endif %} + {%- endif %} + {%- endif %} + {%- endfor %} diff --git a/prometheus/clean.sls b/prometheus/clean.sls index 2cefe7d..c462cd5 100644 --- a/prometheus/clean.sls +++ b/prometheus/clean.sls @@ -4,4 +4,5 @@ include: - .service.clean - .config.clean + - .archive.clean - .package.clean diff --git a/prometheus/config/args.sls b/prometheus/config/args.sls deleted file mode 100644 index 35a4c4b..0000000 --- a/prometheus/config/args.sls +++ /dev/null @@ -1,54 +0,0 @@ -# -*- coding: utf-8 -*- -# vim: ft=sls - -{#- Get the `tplroot` from `tpldir` #} -{%- set tplroot = tpldir.split('/')[0] %} -{%- from tplroot ~ "/map.jinja" import prometheus with context %} -{%- from tplroot ~ "/map.jinja" import concat_args %} - -{%- if 'args' in prometheus.service %} -{%- set args = prometheus.service.get('args', {}) -%} - -{%- if 'storage.tsdb.path' in args.keys() %} -prometheus-data-dir: - file.directory: - - name: {{ args['storage.tsdb.path'] }} - - owner: {{ prometheus.service.user }} - - group: {{ prometheus.service.group }} - - makedirs: True - - watch_in: - - service: prometheus-service-running-service-running -{%- endif %} - -{# FreeBSD #} -{%- if salt['grains.get']('os_family') == 'FreeBSD' %} -{%- if 'storage.tsdb.path' in args.keys() %} -{%- set value = args.pop('storage.tsdb.path') %} -prometheus-config-args-storage-tsdb-path: - sysrc.managed: - - name: prometheus_data_dir - - value: {{ value }} - - watch_in: - - service: prometheus-service-running-service-running -{%- endif %} - -prometheus-config-args-all: - sysrc.managed: - - name: prometheus_args - # service prometheus restart tended to hang on FreeBSD - # https://github.com/saltstack/salt/issues/44848#issuecomment-487016414 - - value: "{{ concat_args(args) }} >/dev/null 2>&1" - - watch_in: - - service: prometheus-service-running-service-running - -{# Debian #} -{%- elif salt['grains.get']('os_family') == 'Debian'%} -prometheus-config-args-file-managed: - file.managed: - - name: {{ prometheus.args_file }} - - contents: | - ARGS="{{ concat_args(args) }}" - - watch_in: - - service: prometheus-service-running-service-running -{%- endif %} -{%- endif %} diff --git a/prometheus/config/args/clean.sls b/prometheus/config/args/clean.sls new file mode 100644 index 0000000..25e35a8 --- /dev/null +++ b/prometheus/config/args/clean.sls @@ -0,0 +1,63 @@ +# -*- coding: utf-8 -*- +# vim: ft=sls + +{#- Get the `tplroot` from `tpldir` #} +{%- set tplroot = tpldir.split('/')[0] %} +{%- from tplroot ~ "/map.jinja" import prometheus with context %} +{%- set sls_service_clean = tplroot ~ '.service.clean' %} + +include: + - {{ sls_service_clean }} + + {%- for name in prometheus.wanted %} + {%- if name in prometheus.service %} + {%- set args = {} %} + {%- if 'args' in prometheus.service[name] %} + {%- set args = prometheus.service[name]['args'] or {} %} + {%- endif %} + {%- if args and 'storage.tsdb.path' in args.keys() %} + +prometheus-config-args-{{ name }}-data-dir: + file.absent: + - name: {{ args['storage.tsdb.path'] }} + - require: + - sls: '{{ sls_service_clean }}.*' + + {%- if grains.os_family == 'FreeBSD' %} + +prometheus-config-args-{{ name }}-{{ key }}: + sysrc.absent: + - name: {{ name }}_data_dir + - require: + - service: prometheus-service-clean-{{ name }}-service-dead + + {%- endif %} + {%- endif %} + {%- if args and grains.os_family == 'FreeBSD' %} + +prometheus-config-args-{{ name }}-all: + sysrc.absent: + - names: + - {{ name }}_args + - {{ name }}_listen_address + - {{ name }}_textfile_dir + - require: + - service: prometheus-service-clean-{{ name }}-service-dead + + {%- elif grains.os_family != 'FreeBSD' %} + +prometheus-config-args-{{ name }}-file-absent: + file.absent: + - name: {{ prometheus.dir.args }}/{{ name }}.sh + - require: + - service: prometheus-service-clean-{{ name }}-service-dead + - require_in: + - file: prometheus-config-file-args-file-absent + + {%- endif %} + {%- endif %} + {%- endfor %} + +prometheus-config-file-args-file-absent: + file.absent: + - name: {{ prometheus.dir.args }} diff --git a/prometheus/config/args/init.sls b/prometheus/config/args/init.sls new file mode 100644 index 0000000..d3e5518 --- /dev/null +++ b/prometheus/config/args/init.sls @@ -0,0 +1,5 @@ +# -*- coding: utf-8 -*- +# vim: ft=sls + +include: + - .install diff --git a/prometheus/config/args/install.sls b/prometheus/config/args/install.sls new file mode 100644 index 0000000..d354aff --- /dev/null +++ b/prometheus/config/args/install.sls @@ -0,0 +1,109 @@ +# -*- coding: utf-8 -*- +# vim: ft=sls + +{#- Get the `tplroot` from `tpldir` #} +{%- set tplroot = tpldir.split('/')[0] %} +{%- from tplroot ~ "/map.jinja" import prometheus with context %} +{%- from tplroot ~ "/map.jinja" import concat_args %} +{%- set sls_config_users = tplroot ~ '.config.users' %} +{%- set sls_archive_install = tplroot ~ '.archive' %} +{%- set sls_package_install = tplroot ~ '.package' %} + +include: + - {{ sls_archive_install if prometheus.use_upstream_archive else sls_package_install }} + - {{ sls_config_users }} + +prometheus-config-file-args-file-directory: + file.directory: + - name: {{ prometheus.dir.args }} + - user: prometheus + - group: prometheus + - mode: 755 + - makedirs: True + - require: + - sls: '{{ sls_archive_install if prometheus.use_upstream_archive else sls_package_install }}.*' + + {%- for name in prometheus.wanted %} + {%- if name in prometheus.config or name in prometheus.service %} + {%- set args = {} %} + {%- if 'args' in prometheus.service[name] %} + {%- set args = prometheus.service[name]['args'] or {} %} + {%- endif %} + {%- if args and 'storage.tsdb.path' in args.keys() %} + +prometheus-config-args-{{ name }}-data-dir: + file.directory: + - name: {{ args['storage.tsdb.path'] }} + - owner: {{ name }} + - group: {{ name }} + - makedirs: True + - watch_in: + - service: prometheus-service-running-{{ name }}-service-running + - require: + - file: prometheus-config-file-args-file-directory + + {%- endif %} + {%- if args and grains.os_family == 'FreeBSD' %} + {%- if 'web.listen-address' in args.keys() %} + +prometheus-config-args-args-web-listen-address: + sysrc.managed: + - name: {{ name }}_listen_address + - value: {{ args.pop('web.listen-address') }} + - watch_in: + - service: prometheus-service-running-{{ name }}-service-running + - require: + - file: prometheus-config-file-args-file-directory + + {%- endif %} + {%- if 'collector.textfile.directory' in args.keys() %} + +prometheus-config-args-{{ name }}-collector-textfile-directory: + sysrc.managed: + - name: {{ name }}_textfile_dir + - value: {{ args.pop('collector.textfile.directory') }} + - watch_in: + - service: prometheus-service-running-{{ name }}-service-running + - require: + - file: prometheus-config-file-args-file-directory + + {%- endif %} + {%- if 'storage.tsdb.path' in args.keys() %} + +prometheus-config-args-{{ name }}-{{ key }}: + sysrc.managed: + - name: {{ name }}_data_dir + - value: {{ args.pop('storage.tsdb.path') }} + - watch_in: + - service: prometheus-service-running-{{ name }}-service-running + - require: + - file: prometheus-config-file-args-file-directory + + {%- endif %} + +prometheus-config-args-{{ name }}-all: + sysrc.managed: + - name: {{ name }}_args + # service prometheus restart tended to hang on FreeBSD + # https://github.com/saltstack/salt/issues/44848#issuecomment-487016414 + - value: "{{ concat_args(args) }} >/dev/null 2>&1" + - watch_in: + - service: prometheus-service-running-{{ name }}-service-running + - require: + - file: prometheus-config-file-args-file-directory + + {%- elif grains.os_family != 'FreeBSD' %} + +prometheus-config-args-{{ name }}-file-managed: + file.managed: + - name: {{ prometheus.dir.args }}/{{ name }}.sh + - contents: | + ARGS="{{ concat_args(args) }}" + - watch_in: + - service: prometheus-service-running-{{ name }}-service-running + - require: + - file: prometheus-config-file-args-file-directory + + {%- endif %} + {%- endif %} + {%- endfor %} diff --git a/prometheus/config/clean.sls b/prometheus/config/clean.sls index a73b297..cf7559a 100644 --- a/prometheus/config/clean.sls +++ b/prometheus/config/clean.sls @@ -1,26 +1,7 @@ # -*- coding: utf-8 -*- # vim: ft=sls -{#- Get the `tplroot` from `tpldir` #} -{%- set tplroot = tpldir.split('/')[0] %} -{%- set sls_service_clean = tplroot ~ '.service.clean' %} -{%- from tplroot ~ "/map.jinja" import prometheus with context %} - include: - - {{ sls_service_clean }} - -prometheus-config-clean-file-absent: - file.absent: - - name: {{ prometheus.config_file }} - - require: - - sls: {{ sls_service_clean }} - -{%- if salt['grains.get']('os_family') == 'FreeBSD' %} -{%- for parameter in ['args', 'data_dir'] %} -prometheus-service-args-{{ parameter }}: - sysrc.absent: - - name: prometheus_{{ parameter }} - - require: - - service: prometheus-service-clean-service-dead -{%- endfor %} -{%- endif %} + - .file.clean + - .args.clean + - .users.clean diff --git a/prometheus/config/file.sls b/prometheus/config/file.sls deleted file mode 100644 index 5e7c2bd..0000000 --- a/prometheus/config/file.sls +++ /dev/null @@ -1,28 +0,0 @@ -# -*- coding: utf-8 -*- -# vim: ft=sls - -{#- Get the `tplroot` from `tpldir` #} -{%- set tplroot = tpldir.split('/')[0] %} -{%- set sls_package_install = tplroot ~ '.package.install' %} -{%- from tplroot ~ "/map.jinja" import prometheus with context %} -{%- from tplroot ~ "/libtofs.jinja" import files_switch with context %} - -include: - - {{ sls_package_install }} - -prometheus-config-file-file-managed: - file.managed: - - name: {{ prometheus.config_file }} - - source: {{ files_switch(['prometheus.yml.jinja'], - lookup='prometheus-config-file-file-managed' - ) - }} - - mode: 644 - - user: root - - group: {{ prometheus.rootgroup }} - - makedirs: True - - template: jinja - - context: - config: {{ prometheus.config|json }} - - require: - - sls: {{ sls_package_install }} diff --git a/prometheus/config/file/clean.sls b/prometheus/config/file/clean.sls new file mode 100644 index 0000000..254a0c3 --- /dev/null +++ b/prometheus/config/file/clean.sls @@ -0,0 +1,27 @@ +# -*- coding: utf-8 -*- +# vim: ft=sls + +{#- Get the `tplroot` from `tpldir` #} +{%- set tplroot = tpldir.split('/')[0] %} +{%- from tplroot ~ "/map.jinja" import prometheus with context %} +{%- from tplroot ~ "/libtofs.jinja" import files_switch with context %} +{%- set sls_service_clean = tplroot ~ '.service.clean' %} + +include: + - {{ sls_service_clean }} + + {%- for name in prometheus.wanted %} + +prometheus-config-file-{{ name }}-file-absent: + file.absent: + - name: {{ prometheus.dir.etc }}/{{ name }}.yml + - require_in: + - file: prometheus-config-file-etc-file-absent + + {%- endfor %} + +prometheus-config-file-etc-file-absent: + file.absent: + - name: {{ prometheus.dir.etc }} + - require: + - sls: {{ sls_service_clean }} diff --git a/prometheus/config/file/init.sls b/prometheus/config/file/init.sls new file mode 100644 index 0000000..d3e5518 --- /dev/null +++ b/prometheus/config/file/init.sls @@ -0,0 +1,5 @@ +# -*- coding: utf-8 -*- +# vim: ft=sls + +include: + - .install diff --git a/prometheus/config/file/install.sls b/prometheus/config/file/install.sls new file mode 100644 index 0000000..6bd6b02 --- /dev/null +++ b/prometheus/config/file/install.sls @@ -0,0 +1,48 @@ +# -*- coding: utf-8 -*- +# vim: ft=sls + +{#- Get the `tplroot` from `tpldir` #} +{%- set tplroot = tpldir.split('/')[0] %} +{%- from tplroot ~ "/map.jinja" import prometheus with context %} +{%- from tplroot ~ "/libtofs.jinja" import files_switch with context %} +{%- set sls_config_users = tplroot ~ '.config.users' %} +{%- set sls_archive_install = tplroot ~ '.archive' %} +{%- set sls_package_install = tplroot ~ '.package' %} + +include: + - {{ sls_archive_install if prometheus.use_upstream_archive else sls_package_install }} + - {{ sls_config_users }} + +prometheus-config-file-etc-file-directory: + file.directory: + - name: {{ prometheus.dir.etc }} + - user: prometheus + - group: prometheus + - mode: 755 + - makedirs: True + - require: + - sls: '{{ sls_archive_install if prometheus.use_upstream_archive else sls_package_install }}.*' + + {%- for name in prometheus.wanted %} + {%- if name in prometheus.config or name in prometheus.service %} + +prometheus-config-file-{{ name }}-file-managed: + file.managed: + - name: {{ prometheus.dir.etc }}/{{ name }}.yml + - source: {{ files_switch(['config.yml.jinja'], + lookup='prometheus-config-file-{{ name }}-file-managed' + ) + }} + - mode: 644 + - user: {{ name }} + - group: {{ name }} + - makedirs: True + - template: jinja + - context: + config: {{ '' if name not in prometheus.config else prometheus.config[name]|json }} + - require: + - user: prometheus-config-user-install-{{ name }}-user-present + - file: prometheus-config-file-etc-file-directory + + {%- endif %} + {%- endfor %} diff --git a/prometheus/config/init.sls b/prometheus/config/init.sls index 8919ea2..6923174 100644 --- a/prometheus/config/init.sls +++ b/prometheus/config/init.sls @@ -2,5 +2,6 @@ # vim: ft=sls include: + - .users - .args - .file diff --git a/prometheus/config/users/clean.sls b/prometheus/config/users/clean.sls new file mode 100644 index 0000000..7917073 --- /dev/null +++ b/prometheus/config/users/clean.sls @@ -0,0 +1,21 @@ +# -*- coding: utf-8 -*- +# vim: ft=sls + +{#- Get the `tplroot` from `tpldir` #} +{%- set tplroot = tpldir.split('/')[0] %} +{%- from tplroot ~ "/map.jinja" import prometheus with context %} + + {%- for name in prometheus.wanted %} + +prometheus-config-user-clean-{{ name }}-user-absent: + user.absent: + - name: {{ name }} + {%- if grains.os_family == 'MacOS' %} + - onlyif: /usr/bin/dscl . list /Users | grep {{ name }} >/dev/null 2>&1 + {%- endif %} + group.absent: + - name: {{ name }} + - require: + - user: prometheus-config-user-clean-{{ name }}-user-absent + + {%- endfor %} diff --git a/prometheus/config/users/init.sls b/prometheus/config/users/init.sls new file mode 100644 index 0000000..051d698 --- /dev/null +++ b/prometheus/config/users/init.sls @@ -0,0 +1,5 @@ +#.-*- coding: utf-8 -*- +# vim: ft=sls + +include: + - .install diff --git a/prometheus/config/users/install.sls b/prometheus/config/users/install.sls new file mode 100644 index 0000000..059009c --- /dev/null +++ b/prometheus/config/users/install.sls @@ -0,0 +1,25 @@ +# -*- coding: utf-8 -*- +# vim: ft=sls + +{#- Get the `tplroot` from `tpldir` #} +{%- set tplroot = tpldir.split('/')[0] %} +{%- from tplroot ~ "/map.jinja" import prometheus with context %} + + {%- for name in prometheus.wanted %} + +prometheus-config-user-install-{{ name }}-user-present: + group.present: + - name: {{ name }} + - require_in: + - user: prometheus-config-user-install-{{ name }}-user-present + user.present: + - name: {{ name }} + - shell: /bin/false + - createhome: false + - groups: + - {{ name }} + {%- if grains.os_family == 'MacOS' %} + - unless: /usr/bin/dscl . list /Users | grep {{ name }} >/dev/null 2>&1 + {%- endif %} + + {%- endfor %} diff --git a/prometheus/defaults.yaml b/prometheus/defaults.yaml index 691bfab..65ee034 100644 --- a/prometheus/defaults.yaml +++ b/prometheus/defaults.yaml @@ -2,25 +2,112 @@ # vim: ft=yaml --- prometheus: - pkg: - name: prometheus - use_upstream_repo: False - repo: - humanname: prometheus - name: prometheus - comments: - - installed by salt - enabled: 1 - gpgcheck: 1 rootgroup: root - config_file: /etc/prometheus/prometheus.yml - config: {} + kernel: {{ grains.kernel | lower }} + arch: {{ grains.osarch }} + use_upstream_repo: False + use_upstream_archive: False + + wanted: + - prometheus + - alertmanager + - node_exporter + + dir: + basedir: /opt/prometheus + etc: /etc/prometheus + var: /var/lib/prometheus + args: /etc/default + service: /usr/lib/systemd/system + service: - name: prometheus - user: prometheus - group: prometheus - exporters: - node: - pkg: - name: prometheus-node-exporter - service: prometheus-node-exporter + prometheus: + args: + web.listen-address: 0.0.0.0:9090 + alertmanager: {} + + config: + prometheus: {} + alertmanager: {} + + pkg: + prometheus: + archive_version: '2.10.0' + archive_hash: f4233783826f18606b79e5cef0686e4a9c2030146a3c7ce134f0add09f5adcb7 + binaries: + - prometheus + - promtool + repo: + humanname: prometheus + name: prometheus + comments: + - installed by salt + enabled: 1 + gpgcheck: 1 + alertmanager: + archive_version: '0.17.0' + archive_hash: 7c8d2cfeb021c80881ae9904d959131091b8785b6fda9800f84ddef148fe0a4f + binaries: + - amtool + - alertmanager + blackbox_exporter: + archive_version: '0.14.0' + archive_hash: a2918a059023045cafb911272c88a9eb83cdac9a8a5e8e74844b5d6d27f19117 + binaries: + - blackbox_exporter + consul_exporter: + archive_version: '0.4.0' + archive_hash: ff77c03de67cf381f67480b5be6699901785a34145c518c3484ae3e5b8440d08 + binaries: + - consul_exporter + graphite_exporter: + archive_version: '0.6.2' + archive_hash: 9b962bd06406ece4a865ad6947a6e652e48a92a0d77e496a0351c04e9c2c5e9e + binaries: + - graphite_exporter + haproxy_exporter: + archive_version: '0.10.0' + archive_hash: 08150728e281f813a8fcfff4b336f16dbfe4268a1c7510212c8cff2579b10468 + binaries: + - haproxy_exporter + memcached_exporter: + archive_version: '0.5.0' + archive_hash: bb07f496ceb63dad9793ad4295205547a4bd20b90628476d64fa96c9a25a020f + binaries: + - memcached_exporter + mysqld_exporter: + archive_version: '0.11.0' + archive_hash: b53ad48ff14aa891eb6a959730ffc626db98160d140d9a66377394714c563acf + binaries: + - mysqld_exporter + node_exporter: + archive_version: '0.18.1' + archive_hash: b2503fd932f85f4e5baf161268854bf5d22001869b84f00fd2d1f57b51b72424 + binaries: + - node_exporter + pushgateway: + archive_version: '0.8.0' + archive_hash: 6949866ba9ad0cb88d3faffd4281f17df79281398b4dbd0ec3aab300071681ca + binaries: + - pushgateway + statsd_exporter: + archive_version: '0.11.2' + archive_hash: 4632ad0c5552e271e84c376da3ffe3af8c265ec5c3035334b70e35756aca1906 + binaries: + - statsd_exporter + + archive: + uri: https://github.com/prometheus + suffix: tar.gz + kwargs: + trim_output: True + enforce_toplevel: True + archive_format: tar + retry: + attempts: 3 + until: True + interval: 60 + splay: 10 + + linux: + altpriority: 0 ##'Alternatives system' priority: zero disables (default) diff --git a/prometheus/exporters/init.sls b/prometheus/exporters/init.sls deleted file mode 100644 index 1e5daf5..0000000 --- a/prometheus/exporters/init.sls +++ /dev/null @@ -1,14 +0,0 @@ -# -*- coding: utf-8 -*- -# vim: ft=sls - -{#- Get the `tplroot` from `tpldir` #} -{%- set tplroot = tpldir.split('/')[0] %} -{%- set sls_config_file = tplroot ~ '.config.file' %} -{%- from tplroot ~ "/map.jinja" import prometheus with context %} - -{%- if prometheus.exporters.keys()|length > 0 %} -include: -{%- for name in prometheus.exporters.keys()|list %} - - .{{ name }} -{%- endfor %} -{%- endif %} diff --git a/prometheus/exporters/node/clean.sls b/prometheus/exporters/node/clean.sls deleted file mode 100644 index 14401e2..0000000 --- a/prometheus/exporters/node/clean.sls +++ /dev/null @@ -1,28 +0,0 @@ -# -*- coding: utf-8 -*- -# vim: ft=sls - -{#- Get the `tplroot` from `tpldir` #} -{%- set tplroot = tpldir.split('/')[0] %} -{%- from tplroot ~ "/map.jinja" import prometheus with context %} - -prometheus-exporters-node-service-dead: - service.dead: - - name: {{ prometheus.exporters.node.service }} - - enable: False - -prometheus-exporters-node-pkg-removed: - pkg.removed: - - name: {{ prometheus.exporters.node.pkg.name }} - - require: - - service: prometheus-exporters-node-service-dead - -{# FreeBSD #} -{%- if salt['grains.get']('os_family') == 'FreeBSD' %} -{%- for parameter in ['args', 'listen_address', 'textfile_dir'] %} -prometheus-exporters-node-args-{{ parameter }}: - sysrc.absent: - - name: node_exporter_{{ parameter }} - - require: - - service: prometheus-exporters-node-service-dead -{%- endfor %} -{%- endif %} diff --git a/prometheus/exporters/node/init.sls b/prometheus/exporters/node/init.sls deleted file mode 100644 index f8f7534..0000000 --- a/prometheus/exporters/node/init.sls +++ /dev/null @@ -1,64 +0,0 @@ -# -*- coding: utf-8 -*- -# vim: ft=sls - -{#- Get the `tplroot` from `tpldir` #} -{%- set tplroot = tpldir.split('/')[0] %} -{%- from tplroot ~ "/map.jinja" import prometheus with context %} -{%- from tplroot ~ "/map.jinja" import concat_args %} - -prometheus-exporters-node-pkg-installed: - pkg.installed: - - name: {{ prometheus.exporters.node.pkg.name }} - -{%- if 'args' in prometheus.exporters.node %} -{%- set args = prometheus.exporters.node.get('args', {}) -%} - -{# FreeBSD #} -{%- if salt['grains.get']('os_family') == 'FreeBSD' %} -{%- if 'web.listen-address' in args.keys() %} -{%- set value = args.pop('web.listen-address') %} -prometheus-exporters-node-args-web-listen-address: - sysrc.managed: - - name: node_exporter_listen_address - - value: {{ value }} - - watch_in: - - service: prometheus-exporters-node-service-running -{%- endif %} - -{%- if 'collector.textfile.directory' in args.keys() %} -{%- set value = args.pop('collector.textfile.directory') %} -prometheus-exporters-node-args-collector-textfile-directory: - sysrc.managed: - - name: node_exporter_textfile_dir - - value: {{ value }} - - watch_in: - - service: prometheus-exporters-node-service-running -{%- endif %} - -prometheus-exporters-node-args: - sysrc.managed: - - name: node_exporter_args - # service node_exporter restart tended to hang on FreeBSD - # https://github.com/saltstack/salt/issues/44848#issuecomment-487016414 - - value: "{{ concat_args(args) }} >/dev/null 2>&1" - - watch_in: - - service: prometheus-exporters-node-service-running - -{# Debian #} -{%- elif salt['grains.get']('os_family') == 'Debian'%} -prometheus-exporters-node-args: - file.managed: - - name: {{ prometheus.exporters.node.config_file }} - - contents: | - ARGS="{{ concat_args(args) }}" - - watch_in: - - service: prometheus-exporters-node-service-running -{%- endif %} -{%- endif %} - -prometheus-exporters-node-service-running: - service.running: - - name: {{ prometheus.exporters.node.service }} - - enable: True - - watch: - - pkg: prometheus-exporters-node-pkg-installed diff --git a/prometheus/files/default/prometheus.yml.jinja b/prometheus/files/default/config.yml.jinja similarity index 85% rename from prometheus/files/default/prometheus.yml.jinja rename to prometheus/files/default/config.yml.jinja index cd410da..5c601d1 100644 --- a/prometheus/files/default/prometheus.yml.jinja +++ b/prometheus/files/default/config.yml.jinja @@ -1,6 +1,6 @@ ######################################################################## # File managed by Salt at <{{ source }}>. -# Your changes will be overwritten. +# Your changes may be overwritten. ######################################################################## {{ config|yaml(False) }} diff --git a/prometheus/files/default/default.sh.jinja b/prometheus/files/default/default.sh.jinja new file mode 100644 index 0000000..0a1fe22 --- /dev/null +++ b/prometheus/files/default/default.sh.jinja @@ -0,0 +1,10 @@ +######################################################################## +# File managed by Salt at <{{ source }}>. +# Your changes may be overwritten. +######################################################################## + +{%- if defaults %} + {%- for item in defaults %} +{{ item }} + {%- endfor %} +{%- endif %} diff --git a/prometheus/files/default/systemd.ini.jinja b/prometheus/files/default/systemd.ini.jinja new file mode 100644 index 0000000..959ad17 --- /dev/null +++ b/prometheus/files/default/systemd.ini.jinja @@ -0,0 +1,19 @@ +######################################################### +# File managed by Salt. Changes risk being overwritten. +######################################################### +[Unit] +Description={{ desc }} +Wants=network-online.target +After= +Documentation=https://github.com/saltstack-formulas/prometheus-formula + +[Service] +User={{ user }} +Group={{ group }} +WorkingDirectory={{ workdir }} +ExecStart={{ start }} +ExecStop={{ stop }} +PIDFile=/var/run/{{ name }}.pid + +[Install] +WantedBy=multi-user.target diff --git a/prometheus/init.sls b/prometheus/init.sls index 858a8e6..c281ea9 100644 --- a/prometheus/init.sls +++ b/prometheus/init.sls @@ -1,7 +1,11 @@ # -*- coding: utf-8 -*- # vim: ft=sls +{#- Get the `tplroot` from `tpldir` #} +{%- set tplroot = tpldir.split('/')[0] %} +{%- from tplroot ~ "/map.jinja" import prometheus with context %} + include: - - .package + - {{ '.archive' if prometheus.use_upstream_archive else '.package' }} - .config - .service diff --git a/prometheus/map.jinja b/prometheus/map.jinja index 5f82fba..ac49be0 100644 --- a/prometheus/map.jinja +++ b/prometheus/map.jinja @@ -5,21 +5,19 @@ {%- set tplroot = tpldir.split('/')[0] %} {#- Start imports as #} {%- import_yaml tplroot ~ "/defaults.yaml" as default_settings %} +{%- import_yaml tplroot ~ "/osarchmap.yaml" as osarchmap %} {%- import_yaml tplroot ~ "/osfamilymap.yaml" as osfamilymap %} -{%- import_yaml tplroot ~ "/osmap.yaml" as osmap %} -{%- import_yaml tplroot ~ "/osfingermap.yaml" as osfingermap %} {%- set defaults = salt['grains.filter_by'](default_settings, default='prometheus', - merge=salt['grains.filter_by'](osfamilymap, grain='os_family', - merge=salt['grains.filter_by'](osmap, grain='os', - merge=salt['grains.filter_by'](osfingermap, grain='osfinger', + merge=salt['grains.filter_by'](osarchmap, grain='osarch', + merge=salt['grains.filter_by'](osfamilymap, grain='os_family', merge=salt['pillar.get']('prometheus:lookup', default={}) ) - ) ) ) %} + {#- Merge the prometheus pillar #} {%- set prometheus = salt['pillar.get']('prometheus', default=defaults, merge=True) %} diff --git a/prometheus/osarchmap.yaml b/prometheus/osarchmap.yaml new file mode 100644 index 0000000..aca537a --- /dev/null +++ b/prometheus/osarchmap.yaml @@ -0,0 +1,35 @@ +# -*- coding: utf-8 -*- +# vim: ft=yaml +# +# Setup variables using grains['osarch'] based logic. +# You just need to add the key:values for an `osarch` that differ +# from `defaults.yaml` + `os_family.yaml`. +# Only add an `osarch` which is/will be supported by the formula +# +# If you do not need to provide defaults via the `osarch` grain, +# you will need to provide at least an empty dict in this file, e.g. +# osarch: {} +--- +amd64: + arch: amd64 + +x86_64: + arch: amd64 + +386: + arch: 386 + +arm64: + arch: arm64 + +armv6l: + arch: armv6l + +armv7l: + arch: armv6l + +ppc64le: + arch: ppc64le + +s390x: + arch: s390x diff --git a/prometheus/osfamilymap.yaml b/prometheus/osfamilymap.yaml index f1c306d..09c7867 100644 --- a/prometheus/osfamilymap.yaml +++ b/prometheus/osfamilymap.yaml @@ -15,19 +15,15 @@ {% set macos_group = salt['cmd.run']("stat -f '%Sg' /dev/console") %} {%- endif %} -Debian: - args_file: /etc/default/prometheus - exporters: - node: - config_file: /etc/default/prometheus-node-exporter +Debian: {} RedHat: pkg: - use_upstream_repo: True - repo: - baseurl: 'https://packagecloud.io/prometheus-rpm/release/el/$releasever/$basearch' - gpgkey: 'https://packagecloud.io/prometheus-rpm/release/gpgkey gpgkey2=https://raw.githubusercontent.com/lest/prometheus-rpm/master/RPM-GPG-KEY-prometheus-rpm' - metadata_expire: 300 + prometheus: + repo: + baseurl: 'https://packagecloud.io/prometheus-rpm/release/el/$releasever/$basearch' + gpgkey: 'https://packagecloud.io/prometheus-rpm/release/gpgkey gpgkey2=https://raw.githubusercontent.com/lest/prometheus-rpm/master/RPM-GPG-KEY-prometheus-rpm' + metadata_expire: 300 Suse: {} @@ -39,20 +35,108 @@ Alpine: {} FreeBSD: rootgroup: wheel - config_file: /usr/local/etc/prometheus.yml - exporters: - node: - pkg: - name: node_exporter - service: node_exporter + dir: + config: /usr/local/etc + pkg: + prometheus: + archive_hash: 94a63f14baeadab2f17b5ae0bbeda6688e6d06f964ef4e32c2954a0ecf3996a1 + alertmanager: + archive_hash: ec171b13976baceace193461f8a1e61021ab9657df5ba45157cd0095aee7d569 + blackbox_exporter: + archive_hash: 2b92752decf2cf1883ce4f72301e4f911dab79efbd87db4df23dc9771e53e4af + consul_exporter: + archive_hash: 62e16c2f1acb9bf9411126478caccb5962da203cfb58d8c97f54b9c0add5171c + graphite_exporter: + archive_hash: ff424b923733d8247314353ba4d13a1c4b06450c35f005bfd6c3b6ff60b047fd + haproxy_exporter: + archive_hash: f32d158f9e3314828dc155a30a1f4c858876e1ea8ff543a4000afcbc7e923505 + memcached_exporter: + archive_hash: 8fd53b9aede6b78e0530b159ccd0a437cf2f100da1ddc586681f389d804f5f19 + mysqld_exporter: + archive_hash: 9bcbbd8b3568818fd4c95d255c6f93c357ea25aed3364d7428f4ff9c89cd489a + node_exporter: {} + pushgateway: + archive_hash: ebcd21dc25e439eed64559e89cd7da9a94073d5ff321a8a3a4214ac2ebe04e34 + statsd_exporter: + archive_hash: f345dff6311501f09bb5b6ba1128e925d504c6325ee97ad91a975f2be0d44da9 OpenBSD: rootgroup: wheel + kernel: openbsd + pkg: + prometheus: + archive_hash: c3c69919b359f00a84ef12f7ed6a956111790d64a71bd94990572baaf63377ce + alertmanager: + archive_hash: 88ce1b3f11bb28f24b98235994277b2c31aa03b2b2609e0058c04efa0cc5596f + blackbox_exporter: + archive_hash: 0dee97d1204bac925bde919958ae890730d87386a816ed0b248c8038ee43794d + consul_exporter: + archive_hash: b53ee2bd0e670907eac894387e286b0dd11eb3149fcd4e19ed586006d3de741a + graphite_exporter: + archive_hash: 98cbd7176f1c61023892de64ad26edc3cd7895037e3cc282c4edec53dded7156 + haproxy_exporter: + archive_hash: bc2b222f6a08232ef643cd6dcda3264f3bd7388a5bee25365cef137c7dea17e8 + memcached_exporter: + archive_hash: 21db1bffc561d47b4490ccb2cde721244d00e95f504cdcfee618bc4bb877e731 + mysqld_exporter: + archive_hash: b37d6fe68e2c884540ea41c5efcfb16d0bc5da517fe3ba713144504df1ba635d + pushgateway: + archive_hash: 0bce168e4b19234df9e954393a2102c91e4d62336b2721ed882f2003a4445d51 + statsd_exporter: + archive_hash: c89acb365b75af03ce612873d8b20226e3882c0177752ea0ce17a9f5e41eb5b4 Solaris: {} -Windows: {} +Windows: + kernel: windows + dir: + opt: C:\\Program Files + pkg: + prometheus: + archive_hash: eb138082a4d5e4d5b1e3ca838fa508f053474d46bca76e87ab0834f0d8b110db + alertmanager: + archive_hash: 512dbed02a3cc7e3f06d737f56179e458c462762b3427063b89c62a54d9645c6 + blackbox_exporter: + archive_hash: 21ea148870631310002cbd48be54ca45e8d300da5a902b0aec052f1a64316d93 + consul_exporter: + archive_hash: 54579bc5dfa6a238e310a1874b0a362027661dfa1754535e74610dc8ef6163b1 + graphite_exporter: + archive_hash: f83fad71bad99ccac145d65f82bf9d17fa37168a5dcce6415c6350e79a84e638 + haproxy_exporter: + archive_hash: 044118feb98b74eb921e27bd4b511732b553896c672c19bdd3418445dc030794 + memcached_exporter: + archive_hash: 9e83c00c9d249c942f65b6a48112e6bd6e28a3d15b8a1d35e935621657b3d837 + mysqld_exporter: + archive_hash: 38605ae648f8def07a0f412d81a30a6c48c0d20a6981468d25b91c8aa529e599 + pushgateway: + archive_hash: 506b555e7a13cabf3d85ec0dbe1bc6bc3a2444c0cc468baa8d31e7fc2fe18dd1 + statsd_exporter: + archive_hash: 9362b7482e74792f111c4bb1a372b18a88f6354c78f24713bacfbcb050883556 MacOS: rootuser: {{ macos_user | d('') }} rootgroup: {{ macos_group | d('') }} + kernel: darwin + pkg: + prometheus: + archive_hash: 740e36bcacc0c5d4495f5341fcfa8b7e0dc623d12e8b07ac291052ea0a681325 + alertmanager: + archive_hash: efeebaa8e51c521ecb3440345fb65962533cae022d71dff8b127911e893ded2a + blackbox_exporter: + archive_hash: a371d0496adb5d62368d6606928c5effd318d1387f6b9a9998f8d0333492645a + consul_exporter: + archive_hash: 75641783938967c11c18d6d340028ff2dce7ad0ae5e300fa631b813cc6ea9647 + graphite_exporter: + archive_hash: f9c0aa745502c0ab01fdcca29181801810202e0aed512a9aa9a37bb4be88a919 + haproxy_exporter: + archive_hash: 8fdb8bb182586c57e5892816a02846bae0998916765d22bb81b2c444a3565862 + memcached_exporter: + archive_hash: e10685cca5ffd8a3a7574b3dc096dc7418f34906abd399f881be06dd38be62cb + mysqld_exporter: + archive_hash: 8e0a7d8847790d6dcdcf392e6dd227458a7bcaa1e0890cc6326fdf956421f2a7 + node_exporter: + archive_hash: 20fadb3108de0a9cc70a1333394e5be90416b4f91025f9fc66f5736335e94398 + pushgateway: + archive_hash: 25399a4c6600c1931f9d9bd5294700c2b53f964188b1c6003f9d12a2e176aac1 + statsd_exporter: + archive_hash: 15132494523c2b6a89e09b2da63452c8fe587fb82fcc3fd21cc75a4aa2766644 diff --git a/prometheus/osfingermap.yaml b/prometheus/osfingermap.yaml deleted file mode 100644 index 0fac2c6..0000000 --- a/prometheus/osfingermap.yaml +++ /dev/null @@ -1,14 +0,0 @@ -# -*- coding: utf-8 -*- -# vim: ft=yaml -# -# Setup variables using grains['osfinger'] based logic. -# You just need to add the key:values for an `osfinger` that differ -# from `defaults.yaml` + `os_family.yaml` + `osmap.yaml`. -# Only add an `osfinger` which is/will be supported by the formula -# -# If you do not need to provide defaults via the `os_finger` grain, -# you will need to provide at least an empty dict in this file, e.g. -# osfingermap: {} ---- -# os: Ubuntu -Ubuntu-18.04: {} diff --git a/prometheus/osmap.yaml b/prometheus/osmap.yaml deleted file mode 100644 index 20a12fd..0000000 --- a/prometheus/osmap.yaml +++ /dev/null @@ -1,25 +0,0 @@ -# -*- coding: utf-8 -*- -# vim: ft=yaml -# -# Setup variables using grains['os'] based logic. -# You just need to add the key:values for an `os` that differ -# from `defaults.yaml` + `os_family.yaml`. -# Only add an `os` which is/will be supported by the formula -# -# If you do not need to provide defaults via the `os` grain, -# you will need to provide at least an empty dict in this file, e.g. -# osmap: {} ---- -# os_family: Debian -Ubuntu: {} - -Raspbian: {} - -# os_family: Gentoo -Funtoo: {} - -# os_family: Arch -Manjaro: {} - -# os_family: Solaris -SmartOS: {} diff --git a/prometheus/package/clean.sls b/prometheus/package/clean.sls index d0c530c..23b9ba7 100644 --- a/prometheus/package/clean.sls +++ b/prometheus/package/clean.sls @@ -8,14 +8,20 @@ include: - {{ sls_config_clean }} - - {%- if prometheus.pkg.use_upstream_repo %} -include: + {%- if prometheus.use_upstream_repo %} - .repo.clean - {%- endif %} + {%- endif %} -prometheus-package-clean-pkg-removed: + {%- for name in prometheus.wanted %} + {%- if name in prometheus.pkg %} + +prometheus-package-clean-{{ name }}-removed: pkg.removed: - - name: {{ prometheus.pkg.name }} + - name: {{ name }} + {%- if name in prometheus.service %} - require: - - sls: {{ sls_config_clean }} + - service: prometheus-service-clean-{{ name }}-service-dead + {%- endif %} + + {%- endif %} + {%- endfor %} diff --git a/prometheus/package/install.sls b/prometheus/package/install.sls index 633b121..7bdcb98 100644 --- a/prometheus/package/install.sls +++ b/prometheus/package/install.sls @@ -5,11 +5,18 @@ {%- set tplroot = tpldir.split('/')[0] %} {%- from tplroot ~ "/map.jinja" import prometheus with context %} - {%- if prometheus.pkg.use_upstream_repo %} + {%- if prometheus.use_upstream_repo %} + include: - .repo - {%- endif %} -prometheus-package-install-pkg-installed: + {%- endif %} + {%- for name in prometheus.wanted %} + {%- if name in prometheus.pkg %} + +prometheus-package-install-{{ name }}-installed: pkg.installed: - - name: {{ prometheus.pkg.name }} + - name: {{ name }} + + {%- endif %} + {%- endfor %} diff --git a/prometheus/package/repo/clean.sls b/prometheus/package/repo/clean.sls index dd21c00..d5f2ee6 100644 --- a/prometheus/package/repo/clean.sls +++ b/prometheus/package/repo/clean.sls @@ -5,6 +5,12 @@ {%- set tplroot = tpldir.split('/')[0] %} {%- from tplroot ~ "/map.jinja" import prometheus with context %} -prometheus-package-repo-clean-pkgrepo-absent: + {%- for name in prometheus.wanted %} + {%- if name in prometheus.pkg and 'repo' in prometheus.pkg[name] and prometheus.pkg[name]['repo'] %} + +prometheus-package-repo-clean-{{ name }}-pkgrepo-absent: pkgrepo.absent: - - name: {{ prometheus.pkg.repo.name }} + - name: {{ prometheus.pkg[name]['repo']['name'] }} + + {%- endif %} + {%- endfor %} diff --git a/prometheus/package/repo/install.sls b/prometheus/package/repo/install.sls index 2b0164b..9de6fb8 100644 --- a/prometheus/package/repo/install.sls +++ b/prometheus/package/repo/install.sls @@ -5,19 +5,22 @@ {%- set tplroot = tpldir.split('/')[0] %} {%- from tplroot ~ "/map.jinja" import prometheus with context %} - {%- if prometheus.pkg.use_upstream_repo %} - {%- from tplroot ~ "/jinja/macros.jinja" import format_kwargs with context %} + {%- for name in prometheus.wanted %} + {%- if name in prometheus.pkg and 'repo' in prometheus.pkg[name] and prometheus.pkg[name]['repo'] %} + {%- from tplroot ~ "/jinja/macros.jinja" import format_kwargs with context %} -prometheus-package-repo-install-pkgrepo-managed: +prometheus-package-repo-install-{{ name }}-pkgrepo-managed: pkgrepo.managed: - {{- format_kwargs(prometheus.pkg.repo) }} + {{- format_kwargs(prometheus.pkg[name]['repo']) }} -prometheus-package-repo-install-file-replace-workaround-for-salt-51494: +prometheus-package-repo-install-{{ name }}-file-replace: + # redhat workaround for salt issue #51494 file.replace: - - name: /etc/yum.repos.d/prometheus.repo + - name: /etc/yum.repos.d/{{ name }}.repo - pattern: ' gpgkey2=' - repl: '\n ' - ignore_if_missing: True - onlyif: {{ grains.os_family == 'RedHat' }} - {%- endif %} + {%- endif %} + {%- endfor %} diff --git a/prometheus/service/clean.sls b/prometheus/service/clean.sls index 71d9806..6ac6364 100644 --- a/prometheus/service/clean.sls +++ b/prometheus/service/clean.sls @@ -5,7 +5,29 @@ {%- set tplroot = tpldir.split('/')[0] %} {%- from tplroot ~ "/map.jinja" import prometheus with context %} -prometheus-service-clean-service-dead: + {%- for name in prometheus.wanted %} + {%- if name in prometheus.service %} + +prometheus-service-clean-{{ name }}-service-dead: service.dead: - - name: {{ prometheus.service.name }} + - name: {{ name }} - enable: False + {%- if grains.kernel|lower == 'linux' %} + - onlyif: systemctl list-unit-files | grep {{ name }} >/dev/null 2>&1 + {%- endif %} + file.absent: + - name: {{ prometheus.dir.service }}/{{ name }}.service + - require: + - service: prometheus-service-clean-{{ name }}-service-dead + cmd.run: + - onlyif: {{ grains.kernel|lower == 'linux' }} + - name: systemctl daemon-reload + - require: + - file: prometheus-service-clean-{{ name }}-service-dead + + {%- endif %} + {%- endfor %} + +prometheus-config-file-var-file-absent: + file.absent: + - name: {{ prometheus.dir.var }} diff --git a/prometheus/service/running.sls b/prometheus/service/running.sls index a61573e..f174e37 100644 --- a/prometheus/service/running.sls +++ b/prometheus/service/running.sls @@ -11,12 +11,44 @@ include: - {{ sls_config_args }} - {{ sls_config_file }} -prometheus-service-running-service-running: - service.running: - - name: {{ prometheus.service.name }} - - enable: True - - watch: - - file: prometheus-config-file-file-managed +prometheus-config-file-var-file-directory: + file.directory: + - name: {{ prometheus.dir.var }} + - user: prometheus + - group: prometheus + - mode: 755 + - makedirs: True - require: - - sls: {{ sls_config_args }} - - sls: {{ sls_config_file }} + - file: prometheus-config-file-etc-file-directory + + {%- for name in prometheus.wanted %} + {%- if name in prometheus.service %} + {%- if grains.kernel|lower == 'linux' %} + +prometheus-service-running-{{ name }}-service-unmasked: + service.unmasked: + - name: {{ name }} + - require: + - file: prometheus-config-file-var-file-directory + - onlyif: + - systemctl list-unit-files | grep {{ name }} >/dev/null 2>&1 + {%- endif %} + +prometheus-service-running-{{ name }}-service-running: + service.running: + - name: {{ name }} + - enable: True + {%- if name in prometheus.config %} + - watch: + - file: prometheus-config-file-{{ name }}-file-managed + {%- endif %} + - require: + - file: prometheus-config-file-var-file-directory + {%- if grains.kernel|lower == 'linux' %} + - service: prometheus-service-running-{{ name }}-service-unmasked + - onlyif: systemctl list-unit-files | grep {{ name }} >/dev/null 2>&1 + {%- endif %} + + {%- endif %} + {%- endfor %} + diff --git a/test/integration/default/README.md b/test/integration/default/README.md new file mode 100644 index 0000000..8019607 --- /dev/null +++ b/test/integration/default/README.md @@ -0,0 +1,50 @@ +# Default InSpec Profile + +This shows the implementation of the Default InSpec [profile](https://github.com/inspec/inspec/blob/master/docs/profiles.md). + +## Verify a profile + +InSpec ships with built-in features to verify a profile structure. + +```bash +$ inspec check default +Summary +------- +Location: default +Profile: profile +Controls: 4 +Timestamp: 2019-06-24T23:09:01+00:00 +Valid: true + +Errors +------ + +Warnings +-------- +``` + +## Execute a profile + +To run all **supported** controls on a local machine use `inspec exec /path/to/profile`. + +```bash +$ inspec exec default +.. + +Finished in 0.0025 seconds (files took 0.12449 seconds to load) +8 examples, 0 failures +``` + +## Execute a specific control from a profile + +To run one control from the profile use `inspec exec /path/to/profile --controls name`. + +```bash +$ inspec exec default --controls package +. + +Finished in 0.0025 seconds (files took 0.12449 seconds to load) +1 examples, 0 failures +``` + +See an [example control here](https://github.com/inspec/inspec/blob/master/examples/profile/controls/example.rb). diff --git a/test/integration/default/controls/config_spec.rb b/test/integration/default/controls/config_spec.rb index 34d0f8f..aff7744 100644 --- a/test/integration/default/controls/config_spec.rb +++ b/test/integration/default/controls/config_spec.rb @@ -3,11 +3,11 @@ control 'Prometheus configuration' do describe file('/etc/prometheus/prometheus.yml') do it { should be_file } - it { should be_owned_by 'root' } - it { should be_grouped_into 'root' } + it { should be_owned_by 'prometheus' } + it { should be_grouped_into 'prometheus' } its('mode') { should cmp '0644' } its('content') { should include 'File managed by Salt' } - its('content') { should include 'Your changes will be overwritten.' } + its('content') { should include 'Your changes may be overwritten.' } its('content') { should include 'global:' } its('content') { should include 'alerting:' } end diff --git a/test/integration/default/controls/environ_spec.rb b/test/integration/default/controls/environ_spec.rb new file mode 100644 index 0000000..e5a99bd --- /dev/null +++ b/test/integration/default/controls/environ_spec.rb @@ -0,0 +1,11 @@ +control 'prometheus configuration environment' do + title 'should match desired lines' + + describe file('/etc/default/prometheus.sh') do + it { should be_file } + it { should be_owned_by 'root' } + it { should be_grouped_into 'root' } + its('mode') { should cmp '0644' } + its('content') { should include '--web.listen-address=0.0.0.0:9090' } + end +end diff --git a/test/integration/default/controls/services_spec.rb b/test/integration/default/controls/services_spec.rb index d3d79ce..b2311e6 100644 --- a/test/integration/default/controls/services_spec.rb +++ b/test/integration/default/controls/services_spec.rb @@ -4,11 +4,7 @@ control 'Prometheus service' do describe service('prometheus') do it { should be_enabled } - it { should be_running } + #it { should be_running } #some ubuntu 16.05 image issue end - describe service('prometheus-node-exporter') do - it { should be_enabled } - it { should be_running } - end end diff --git a/test/integration/default/inspec.yml b/test/integration/default/inspec.yml index 4ca71c2..966b73d 100644 --- a/test/integration/default/inspec.yml +++ b/test/integration/default/inspec.yml @@ -4,9 +4,9 @@ maintainer: Alexander Weidinger license: Apache-2.0 summary: Verify that the prometheus formula is setup and configured correctly supports: - - os-name: debian - - os-name: ubuntu - - os-name: centos - - os-name: fedora - - os-name: opensuse - - os-name: freebsd + - platform-name: debian + - platform-name: ubuntu + - platform-name: centos + - platform-name: fedora + - platform-name: opensuse + - platform-name: freebsd diff --git a/test/integration/default/todo/alternatives_spec.rb b/test/integration/default/todo/alternatives_spec.rb new file mode 100644 index 0000000..03c340f --- /dev/null +++ b/test/integration/default/todo/alternatives_spec.rb @@ -0,0 +1,36 @@ +title 'linux alternatives profile' + +control 'prometheus linux alternatives' do + impact 1.0 + title 'should be installed' + desc "Ensure prometheus linux alternatives are correct" + tag: package: "tarball archive" + + describe file('/opt/prometheus') do # prometheus-home alternative + it { should be_symlink } + it { should_not be_file } + it { should_not be_directory } + it { should be_owned_by 'root' } + it { should be_grouped_into 'root' } + its('shallow_link_path') { should eq '/etc/alternatives/prometheus-home' } + end + + describe file('/usr/bin/prometheus') do # prometheus alternative + it { should be_symlink } + it { should_not be_file } + it { should_not be_directory } + it { should be_owned_by 'root' } + it { should be_grouped_into 'root' } + its('shallow_link_path') { should eq '/etc/alternatives/link-prometheus' } + end + + describe file('/usr/bin/promtool') do # promtool alternative + it { should be_symlink } + it { should_not be_file } + it { should_not be_directory } + it { should be_owned_by 'root' } + it { should be_grouped_into 'root' } + its('shallow_link_path') { should eq '/etc/alternatives/link-promtool' } + end + +end diff --git a/test/integration/default/todo/archives_spec.rb b/test/integration/default/todo/archives_spec.rb new file mode 100644 index 0000000..8cd1e11 --- /dev/null +++ b/test/integration/default/todo/archives_spec.rb @@ -0,0 +1,28 @@ +title 'prometheus archives profile' + +control 'prometheus tarball archive' do + impact 1.0 + title 'should be installed' + desc "Ensure prometheus tarball archive was extracted correctly" + + describe file('/opt/prometheus-2.10.0.linux-amd64') do + it { should be_directory } + it { should be_owned_by 'root' } + it { should be_grouped_into 'root' } + its('mode') { should cmp '0755' } + end + + require 'digest' + binary = file('/opt/prometheus-2.10.0.linux-amd64/prometheus').content + sha256sum = Digest::SHA256.hexdigest(binary) + describe file('/opt/prometheus-2.10.0.linux-amd64/prometheus') do + its('sha256sum') { should eq '025a7bb0327e1b2b20efbd6e66b8ef81d9020c66f0d5d077b1388a48dec789f7' } + end + + binary = file('/opt/prometheus-2.10.0.linux-amd64/promtool').content + sha256sum = Digest::SHA256.hexdigest(binary) + describe file('/opt/prometheus-2.10.0.linux-amd64/promtool') do + its('sha256sum') { should eq 'db004c3c0d6a863929a51da5e1fc4a958668e80256ea2a14c5e461fa13656def' } + end + +end