Mirrors/ansible-collection-prometheus
2
0
Fork 0
mirror of https://github.com/prometheus-community/ansible synced 2024-11-24 21:03:27 +00:00
Code Issues Projects Releases Packages Wiki Activity

refactor(node_exporter): delegate common tasks to _common role

Browse source 
Signed-off-by: gardar <gardar@users.noreply.github.com>
This commit is contained in:
gardar 2024-10-15 17:08:40 +00:00
parent c9df5e56b4
commit 3c5d710747
No known key found for this signature in database
GPG key ID: 75FAE37CBA8C13C2
12 changed files with 68 additions and 263 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
roles/node_exporter/defaults/main.yml
View file

@ -1,10 +1,8 @@
---
node_exporter_version: 1.8.2
node_exporter_binary_local_dir: ""
node_exporter_binary_url: "https://github.com/{{ _node_exporter_repo }}/releases/download/v{{ node_exporter_version }}/\
node_exporter-{{ node_exporter_version }}.linux-{{ go_arch }}.tar.gz"
node_exporter-{{ node_exporter_version }}.{{ ansible_system | lower }}-{{ _node_exporter_go_ansible_arch }}.tar.gz"
node_exporter_checksums_url: "https://github.com/{{ _node_exporter_repo }}/releases/download/v{{ node_exporter_version }}/sha256sums.txt"
node_exporter_skip_install: false
node_exporter_web_disable_exporter_metrics: false
node_exporter_web_listen_address: "0.0.0.0:9100"
@ -32,5 +30,6 @@ node_exporter_binary_install_dir: "/usr/local/bin"
node_exporter_system_group: "node-exp"
node_exporter_system_user: "{{ node_exporter_system_group }}"
node_exporter_config_dir: "/etc/node_exporter"
# Local path to stash the archive and its extraction
node_exporter_archive_path: /tmp
node_exporter_local_cache_path: "/tmp/node_exporter-{{ ansible_system | lower }}-{{ _node_exporter_go_ansible_arch }}/{{ node_exporter_version }}"

20
roles/node_exporter/meta/argument_specs.yml
View file

@ -11,18 +11,9 @@ argument_specs:
node_exporter_version:
description: "Node exporter package version. Also accepts latest as parameter."
default: "1.8.2"
node_exporter_skip_install:
description: "Node exporter installation tasks gets skipped when set to true."
type: bool
default: false
node_exporter_binary_local_dir:
description:
- "Enables the use of local packages instead of those distributed on github."
- "The parameter may be set to a directory where the C(node_exporter) binary is stored on the host where ansible is run."
- "This overrides the I(node_exporter_version) parameter"
node_exporter_binary_url:
description: "URL of the node exporter binaries .tar.gz file"
default: "https://github.com/{{ _node_exporter_repo }}/releases/download/v{{ node_exporter_version }}/node_exporter-{{ node_exporter_version }}.linux-{{ go_arch }}.tar.gz"
default: "https://github.com/{{ _node_exporter_repo }}/releases/download/v{{ node_exporter_version }}/node_exporter-{{ node_exporter_version }}.{{ ansible_system | lower }}-{{ _node_exporter_go_ansible_arch }}.tar.gz"
node_exporter_checksums_url:
description: "URL of the node exporter checksums file"
default: "https://github.com/{{ _node_exporter_repo }}/releases/download/v{{ node_exporter_version }}/sha256sums.txt"
@ -85,6 +76,9 @@ argument_specs:
- "I(Advanced)"
- "Node exporter user"
default: "node-exp"
node_exporter_archive_path:
description: 'Local path to stash the archive and its extraction'
default: "/tmp"
node_exporter_local_cache_path:
description: "Local path to stash the archive and its extraction"
default: "/tmp/node_exporter-{{ ansible_system | lower }}-{{ _node_exporter_go_ansible_arch }}/{{ node_exporter_version }}"
node_exporter_config_dir:
description: "Path to directory with node_exporter configuration"
default: "/etc/node_exporter"

6
roles/node_exporter/molecule/alternative/molecule.yml
View file

@ -5,7 +5,7 @@ provisioner:
inventory:
group_vars:
all:
node_exporter_binary_local_dir: "/tmp/node_exporter-linux-amd64"
node_exporter_local_cache_path: "/tmp/node_exporter-linux-amd64"
node_exporter_web_listen_address:
- '127.0.0.1:8080'
- '127.0.1.1:8080'
@ -21,8 +21,6 @@ provisioner:
http2: true
node_exporter_basic_auth_users:
randomuser: examplepassword
go_arch: amd64
node_exporter_version: 1.5.0
node_exporter_binary_url: "https://github.com/prometheus/node_exporter/releases/download/v{{\
\ node_exporter_version }}/node_exporter-{{ node_exporter_version }}.linux-{{\
\ go_arch }}.tar.gz"
\ node_exporter_version }}/node_exporter-{{ node_exporter_version }}.linux-amd64.tar.gz"

1
roles/node_exporter/molecule/default/tests/test_default.py
View file

@ -46,7 +46,6 @@ def test_user(host):
assert host.group("node-exp").exists
assert "node-exp" in host.user("node-exp").groups
assert host.user("node-exp").shell == "/usr/sbin/nologin"
assert host.user("node-exp").home == "/"
def test_service(host):

55
roles/node_exporter/tasks/configure.yml
View file

@ -1,29 +1,19 @@
---
- name: Copy the node_exporter systemd service file
ansible.builtin.template:
src: node_exporter.service.j2
dest: /etc/systemd/system/node_exporter.service
owner: root
group: root
mode: 0644
notify: restart node_exporter
- name: Create node_exporter config directory
ansible.builtin.file:
path: "/etc/node_exporter"
state: directory
owner: root
group: root
mode: u+rwX,g+rwX,o=rX
- name: Copy the node_exporter config file
ansible.builtin.template:
src: config.yaml.j2
dest: /etc/node_exporter/config.yaml
owner: root
group: root
mode: 0644
notify: restart node_exporter
- name: Configure
ansible.builtin.include_role:
name: prometheus.prometheus._common
tasks_from: configure.yml
vars:
_common_system_user: "{{ node_exporter_system_user }}"
_common_system_group: "{{ node_exporter_system_group }}"
_common_config_dir: "{{ node_exporter_config_dir }}"
_common_tls_server_config: "{{ node_exporter_tls_server_config }}"
_common_http_server_config: "{{ node_exporter_http_server_config }}"
_common_basic_auth_users: "{{ node_exporter_basic_auth_users }}"
tags:
- node_exporter
- configure
- node_exporter_configure
- name: Create textfile collector dir
ansible.builtin.file:
@ -32,14 +22,9 @@
owner: "{{ node_exporter_system_user }}"
group: "{{ node_exporter_system_group }}"
mode: u+rwX,g+rwX,o=rX
become: true
when: node_exporter_textfile_dir | length > 0
- name: Allow node_exporter port in SELinux on RedHat OS family
community.general.seport:
ports: "{{ node_exporter_web_listen_address.split(':')[-1] }}"
proto: tcp
setype: http_port_t
state: present
when:
- ansible_version.full is version_compare('2.4', '>=')
- ansible_selinux.status == "enabled"
tags:
- node_exporter
- configure
- node_exporter_configure

69
roles/node_exporter/tasks/install.yml
View file

@ -1,69 +0,0 @@
---
- name: Create the node_exporter group
ansible.builtin.group:
name: "{{ node_exporter_system_group }}"
state: present
system: true
when: node_exporter_system_group != "root"
- name: Create the node_exporter user
ansible.builtin.user:
name: "{{ node_exporter_system_user }}"
groups: "{{ node_exporter_system_group }}"
append: true
shell: /usr/sbin/nologin
system: true
create_home: false
home: /
when: node_exporter_system_user != "root"
- name: Get binary
when:
- node_exporter_binary_local_dir | length == 0
- not node_exporter_skip_install
block:
- name: Download node_exporter binary to local folder
become: false
ansible.builtin.get_url:
url: "{{ node_exporter_binary_url }}"
dest: "{{ node_exporter_archive_path }}/node_exporter-{{ node_exporter_version }}.linux-{{ go_arch }}.tar.gz"
checksum: "sha256:{{ __node_exporter_checksum }}"
mode: '0644'
register: _download_binary
until: _download_binary is succeeded
retries: 5
delay: 2
delegate_to: localhost
check_mode: false
- name: Unpack node_exporter binary
become: false
ansible.builtin.unarchive:
src: "{{ node_exporter_archive_path }}/node_exporter-{{ node_exporter_version }}.linux-{{ go_arch }}.tar.gz"
dest: "{{ node_exporter_archive_path }}"
creates: "{{ node_exporter_archive_path }}/node_exporter-{{ node_exporter_version }}.linux-{{ go_arch }}/node_exporter"
delegate_to: localhost
check_mode: false
- name: Propagate node_exporter binaries
ansible.builtin.copy:
src: "{{ node_exporter_archive_path }}/node_exporter-{{ node_exporter_version }}.linux-{{ go_arch }}/node_exporter"
dest: "{{ node_exporter_binary_install_dir }}/node_exporter"
mode: 0755
owner: root
group: root
notify: restart node_exporter
when: not ansible_check_mode
- name: Propagate locally distributed node_exporter binary
ansible.builtin.copy:
src: "{{ node_exporter_binary_local_dir }}/node_exporter"
dest: "{{ node_exporter_binary_install_dir }}/node_exporter"
mode: 0755
owner: root
group: root
when:
- node_exporter_binary_local_dir | length > 0
- not node_exporter_skip_install
notify: restart node_exporter

46
roles/node_exporter/tasks/main.yml
View file

@ -2,40 +2,34 @@
- name: Preflight
ansible.builtin.include_tasks:
file: preflight.yml
apply:
tags:
- node_exporter_install
- node_exporter_configure
- node_exporter_run
tags:
- node_exporter_install
- node_exporter_configure
- node_exporter_run
- name: Install
ansible.builtin.include_tasks:
file: install.yml
apply:
become: true
tags:
- node_exporter_install
when:
( not __node_exporter_is_installed.stat.exists ) or
( (__node_exporter_current_version_output.stderr_lines | length > 0)
and (__node_exporter_current_version_output.stderr_lines[0].split(" ")[2] != node_exporter_version) ) or
( (__node_exporter_current_version_output.stdout_lines | length > 0)
and (__node_exporter_current_version_output.stdout_lines[0].split(" ")[2] != node_exporter_version) ) or
( node_exporter_binary_local_dir | length > 0 )
ansible.builtin.include_role:
name: prometheus.prometheus._common
tasks_from: install.yml
vars:
_common_local_cache_path: "{{ node_exporter_local_cache_path }}"
_common_binaries: "{{ _node_exporter_binaries }}"
_common_binary_install_dir: "{{ node_exporter_binary_install_dir }}"
_common_binary_url: "{{ node_exporter_binary_url }}"
_common_checksums_url: "{{ node_exporter_checksums_url }}"
_common_system_group: "{{ node_exporter_system_group }}"
_common_system_user: "{{ node_exporter_system_user }}"
_common_config_dir: "{{ node_exporter_config_dir }}"
_common_binary_unarchive_opts: ['--strip-components=1']
tags:
- node_exporter_install
- name: SELinux
ansible.builtin.include_tasks:
file: selinux.yml
apply:
become: true
tags:
- node_exporter_configure
ansible.builtin.include_role:
name: prometheus.prometheus._common
tasks_from: selinux.yml
vars:
_common_selinux_port: "{{ node_exporter_web_listen_address | urlsplit('port') }}"
when: ansible_selinux.status == "enabled"
tags:
- node_exporter_configure
@ -43,10 +37,6 @@
- name: Configure
ansible.builtin.include_tasks:
file: configure.yml
apply:
become: true
tags:
- node_exporter_configure
tags:
- node_exporter_configure

68
roles/node_exporter/tasks/preflight.yml
View file

@ -1,24 +1,8 @@
---
- name: Assert usage of systemd as an init system
ansible.builtin.assert:
that: ansible_service_mgr == 'systemd'
msg: "This role only works with systemd"
- name: Install package fact dependencies
become: true
ansible.builtin.package:
name: "{{ _pkg_fact_req }}"
state: present
when: (_pkg_fact_req)
vars:
_pkg_fact_req: "{% if (ansible_pkg_mgr == 'apt') %}\
{{ ('python-apt' if ansible_python_version is version('3', '<') else 'python3-apt') }}
{% else %}\
{% endif %}"
- name: Gather package facts
ansible.builtin.package_facts:
when: "not 'packages' in ansible_facts"
- name: Common preflight
ansible.builtin.include_role:
name: prometheus.prometheus._common
tasks_from: preflight.yml
- name: Assert that used version supports listen address type
ansible.builtin.assert:
@ -72,23 +56,6 @@
- "__node_exporter_cert_file.stat.exists"
- "__node_exporter_key_file.stat.exists"
- name: Check if node_exporter is installed
ansible.builtin.stat:
path: "{{ node_exporter_binary_install_dir }}/node_exporter"
register: __node_exporter_is_installed
check_mode: false
tags:
- node_exporter_install
- name: Gather currently installed node_exporter version (if any)
ansible.builtin.command: "{{ node_exporter_binary_install_dir }}/node_exporter --version"
changed_when: false
register: __node_exporter_current_version_output
check_mode: false
when: __node_exporter_is_installed.stat.exists
tags:
- node_exporter_install
- name: Discover latest version
ansible.builtin.set_fact:
node_exporter_version: "{{ (lookup('url', 'https://api.github.com/repos/{{ _node_exporter_repo }}/releases/latest', headers=_github_api_headers,
@ -98,24 +65,9 @@
retries: 10
when:
- node_exporter_version == "latest"
- node_exporter_binary_local_dir | length == 0
- not node_exporter_skip_install
- name: Get node_exporter binary checksum
when:
- node_exporter_binary_local_dir | length == 0
- not node_exporter_skip_install
block:
- name: Get checksum list from github
ansible.builtin.set_fact:
__node_exporter_checksums: "{{ lookup('url', node_exporter_checksums_url, headers=_github_api_headers, wantlist=True) | list }}"
run_once: true
until: __node_exporter_checksums is search('linux-' + go_arch + '.tar.gz')
retries: 10
- name: "Get checksum for {{ go_arch }}"
ansible.builtin.set_fact:
__node_exporter_checksum: "{{ item.split(' ')[0] }}"
with_items: "{{ __node_exporter_checksums }}"
when:
- "('linux-' + go_arch + '.tar.gz') in item"
tags:
- node_exporter
- install
- node_exporter_install
- download
- node_exporter_download

23
roles/node_exporter/tasks/selinux.yml
View file

@ -1,23 +0,0 @@
---
- name: Install selinux python packages [RedHat]
ansible.builtin.package:
name: "{{ ['libselinux-python', 'policycoreutils-python']
if ansible_python_version is version('3', '<') else
['python3-libselinux', 'python3-policycoreutils'] }}"
state: present
register: _install_selinux_packages
until: _install_selinux_packages is success
retries: 5
delay: 2
when: ansible_os_family | lower == "redhat"
- name: Install selinux python packages [clearlinux]
ansible.builtin.package:
name: sysadmin-basic
state: present
register: _install_selinux_packages
until: _install_selinux_packages is success
retries: 5
delay: 2
when:
- ansible_distribution | lower == "clearlinux"

18
roles/node_exporter/templates/config.yaml.j2
View file

@ -1,18 +0,0 @@
---
{{ ansible_managed | comment }}
{% if node_exporter_tls_server_config | length > 0 %}
tls_server_config:
{{ node_exporter_tls_server_config | to_nice_yaml | indent(2, true) }}
{% endif %}
{% if node_exporter_http_server_config | length > 0 %}
http_server_config:
{{ node_exporter_http_server_config | to_nice_yaml | indent(2, true) }}
{% endif %}
{% if node_exporter_basic_auth_users | length > 0 %}
basic_auth_users:
{% for k, v in node_exporter_basic_auth_users.items() %}
{{ k }}: {{ v | string | password_hash('bcrypt', ('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890' | shuffle(seed=inventory_hostname) | join)[:22], rounds=9) }}
{% endfor %}
{% endif %}

4
roles/node_exporter/templates/node_exporter.service.j2
View file

@ -25,9 +25,9 @@ ExecStart={{ node_exporter_binary_install_dir }}/node_exporter \
{% endfor %}
{% if node_exporter_tls_server_config | length > 0 or node_exporter_http_server_config | length > 0 or node_exporter_basic_auth_users | length > 0 %}
{% if node_exporter_version is version('1.5.0', '>=') %}
'--web.config.file=/etc/node_exporter/config.yaml' \
'--web.config.file={{ node_exporter_config_dir }}/web_config.yml' \
{% else %}
'--web.config=/etc/node_exporter/config.yaml' \
'--web.config={{ node_exporter_config_dir }}/web_config.yml' \
{% endif %}
{% endif %}
{% if node_exporter_web_disable_exporter_metrics %}

14
roles/node_exporter/vars/main.yml
View file

@ -1,11 +1,9 @@
---
go_arch_map:
i386: '386'
x86_64: 'amd64'
aarch64: 'arm64'
armv7l: 'armv7'
armv6l: 'armv6'
go_arch: "{{ go_arch_map[ansible_architecture] | default(ansible_architecture) }}"
_node_exporter_go_ansible_arch: "{{ {'i386': '386',
'x86_64': 'amd64',
'aarch64': 'arm64',
'armv7l': 'armv7',
'armv6l': 'armv6'}.get(ansible_architecture, ansible_architecture) }}"
_node_exporter_repo: "prometheus/node_exporter"
_github_api_headers: "{{ {'GITHUB_TOKEN': lookup('ansible.builtin.env', 'GITHUB_TOKEN')} if (lookup('ansible.builtin.env', 'GITHUB_TOKEN')) else {} }}"
_node_exporter_binaries: ['node_exporter']