9812360144
If ansible-vaulted password is passed to password_hash filter, it will throw and error: 'secret must be unicode or bytes, not ansible.parsing.yaml.objects.AnsibleVaultEncryptedUnicode' Handling the vaulted password with string filter first will avoid the problem. Signed-off-by: Ilari Iso-Junno <iisojunn@users.noreply.github.com> |
||
---|---|---|
.. | ||
defaults | ||
handlers | ||
meta | ||
molecule | ||
tasks | ||
templates | ||
vars | ||
README.md | ||
test-requirements.txt | ||
TROUBLESHOOTING.md |
Ansible Role: node exporter
Description
Deploy prometheus node exporter using ansible.
Requirements
- Ansible >= 2.7 (It might work on previous versions, but we cannot guarantee it)
- gnu-tar on Mac deployer host (
brew install gnu-tar
) - Passlib is required when using the basic authentication feature (
pip install passlib[bcrypt]
)
Role Variables
All variables which can be overridden are stored in defaults/main.yml file as well as in meta/argument_specs.yml. Please refer to the collection docs for description and default values of the variables.
Example
Playbook
Use it in a playbook as follows:
- hosts: all
roles:
- prometheus.prometheus.node_exporter
TLS config
Before running node_exporter role, the user needs to provision their own certificate and key.
- hosts: all
pre_tasks:
- name: Create node_exporter cert dir
file:
path: "/etc/node_exporter"
state: directory
owner: root
group: root
- name: Create cert and key
openssl_certificate:
path: /etc/node_exporter/tls.cert
csr_path: /etc/node_exporter/tls.csr
privatekey_path: /etc/node_exporter/tls.key
provider: selfsigned
roles:
- prometheus.prometheus.node_exporter
vars:
node_exporter_tls_server_config:
cert_file: /etc/node_exporter/tls.cert
key_file: /etc/node_exporter/tls.key
node_exporter_basic_auth_users:
randomuser: examplepassword
Demo site
We provide an example site that demonstrates a full monitoring solution based on prometheus and grafana. The repository with code and links to running instances is available on github and the site is hosted on DigitalOcean.
Local Testing
The preferred way of locally testing the role is to use Docker and molecule (v3.x). You will have to install Docker on your system. See "Get started" for a Docker package suitable for your system. Running your tests is as simple as executing molecule test
.
Continuous Integration
Combining molecule and circle CI allows us to test how new PRs will behave when used with multiple ansible versions and multiple operating systems. This also allows use to create test scenarios for different role configurations. As a result we have quite a large test matrix which can take more time than local testing, so please be patient.
Contributing
Troubleshooting
See troubleshooting.
License
This project is licensed under MIT License. See LICENSE for more details.