ansible-collection-prometheus/roles/prometheus/tasks/install.yml

138 lines
4 KiB
YAML
Raw Normal View History

---
- name: Create prometheus system group
ansible.builtin.group:
name: prometheus
system: true
state: present
- name: Create prometheus system user
ansible.builtin.user:
name: prometheus
system: true
shell: "/usr/sbin/nologin"
ansible.builtin.group: prometheus
createhome: false
home: "{{ prometheus_db_dir }}"
- name: Create prometheus data directory
ansible.builtin.file:
path: "{{ prometheus_db_dir }}"
state: directory
owner: prometheus
ansible.builtin.group: prometheus
mode: 0755
- name: Create prometheus configuration directories
ansible.builtin.file:
path: "{{ item }}"
state: directory
owner: root
ansible.builtin.group: prometheus
mode: 0770
with_items:
- "{{ prometheus_config_dir }}"
- "{{ prometheus_config_dir }}/rules"
- "{{ prometheus_config_dir }}/file_sd"
- block:
- name: download prometheus binary to local folder
become: false
ansible.builtin.get_url:
url: "https://github.com/prometheus/prometheus/releases/download/v{{ prometheus_version }}/prometheus-{{ prometheus_version }}.linux-{{ go_arch }}.tar.gz"
dest: "/tmp/prometheus-{{ prometheus_version }}.linux-{{ go_arch }}.tar.gz"
checksum: "sha256:{{ __prometheus_checksum }}"
register: _download_archive
until: _download_archive is succeeded
retries: 5
delay: 2
# run_once: true # <-- this cannot be set due to multi-arch support
delegate_to: localhost
check_mode: false
- name: unpack prometheus binaries
become: false
ansible.builtin.unarchive:
src: "/tmp/prometheus-{{ prometheus_version }}.linux-{{ go_arch }}.tar.gz"
dest: "/tmp"
creates: "/tmp/prometheus-{{ prometheus_version }}.linux-{{ go_arch }}/prometheus"
delegate_to: localhost
check_mode: false
- name: propagate official prometheus and promtool binaries
ansible.builtin.copy:
src: "/tmp/prometheus-{{ prometheus_version }}.linux-{{ go_arch }}/{{ item }}"
dest: "{{ _prometheus_binary_install_dir }}/{{ item }}"
mode: 0755
owner: root
ansible.builtin.group: root
with_items:
- prometheus
- promtool
notify:
- restart prometheus
- name: propagate official console templates
ansible.builtin.copy:
src: "/tmp/prometheus-{{ prometheus_version }}.linux-{{ go_arch }}/{{ item }}/"
dest: "{{ prometheus_config_dir }}/{{ item }}/"
mode: 0644
owner: root
ansible.builtin.group: root
with_items:
- console_libraries
- consoles
notify:
- restart prometheus
when:
- prometheus_binary_local_dir | length == 0
- not prometheus_skip_install
- name: propagate locally distributed prometheus and promtool binaries
ansible.builtin.copy:
src: "{{ prometheus_binary_local_dir }}/{{ item }}"
dest: "{{ _prometheus_binary_install_dir }}/{{ item }}"
mode: 0755
owner: root
ansible.builtin.group: root
with_items:
- prometheus
- promtool
when:
- prometheus_binary_local_dir | length > 0
- not prometheus_skip_install
notify:
- restart prometheus
- name: Create systemd service unit
ansible.builtin.template:
src: prometheus.service.j2
dest: /etc/systemd/system/prometheus.service
owner: root
ansible.builtin.group: root
mode: 0644
notify:
- restart prometheus
- name: Install SELinux dependencies
ansible.builtin.package:
name: "{{ item }}"
state: present
with_items: "{{ prometheus_selinux_packages }}"
register: _install_packages
until: _install_packages is succeeded
retries: 5
delay: 2
when:
- ansible_version.full is version('2.4', '>=')
- ansible_selinux.status == "enabled"
- name: Allow prometheus to bind to port in SELinux
ansible.builtin.seport:
ports: "{{ prometheus_web_listen_address.split(':')[1] }}"
proto: tcp
setype: http_port_t
state: present
when:
- ansible_version.full is version('2.4', '>=')
- ansible_selinux.status == "enabled"