From 7ea20e333c58c7ccdcc25325664a01036f42108e Mon Sep 17 00:00:00 2001 From: Adam Kraitman Date: Mon, 24 Apr 2023 21:22:06 +0300 Subject: [PATCH] Ansible Role for deploying grafana-agent Signed-off-by: Adam Kraitman --- grafana_agent.yml | 6 ++ roles/grafana_agent/defaults/main.yml | 11 +++ roles/grafana_agent/handlers/main.yml | 6 ++ roles/grafana_agent/meta/main.yml | 3 + roles/grafana_agent/tasks/main.yml | 74 +++++++++++++++++++ .../templates/grafana-agent.yaml.j2 | 33 +++++++++ 6 files changed, 133 insertions(+) create mode 100644 grafana_agent.yml create mode 100644 roles/grafana_agent/defaults/main.yml create mode 100644 roles/grafana_agent/handlers/main.yml create mode 100644 roles/grafana_agent/meta/main.yml create mode 100644 roles/grafana_agent/tasks/main.yml create mode 100644 roles/grafana_agent/templates/grafana-agent.yaml.j2 diff --git a/grafana_agent.yml b/grafana_agent.yml new file mode 100644 index 00000000..0ccbaeed --- /dev/null +++ b/grafana_agent.yml @@ -0,0 +1,6 @@ +--- +- hosts: all + strategy: free + roles: + - grafana_agent + become: true diff --git a/roles/grafana_agent/defaults/main.yml b/roles/grafana_agent/defaults/main.yml new file mode 100644 index 00000000..bc4d43b5 --- /dev/null +++ b/roles/grafana_agent/defaults/main.yml @@ -0,0 +1,11 @@ +--- +# Mimir URL and creds +agent_mimir_url: "http://sepia-grafana.front.sepia.ceph.com:9009/api/v1/push" +agent_mimir_username: "admin" +grafana_apt_repo_url: "https://apt.grafana.com" +grafana_apt_repo_key_url: "https://apt.grafana.com/gpg.key" +grafana_rpm_repo_url: "https://rpm.grafana.com" +grafana_rpm_repo_key_url: "https://rpm.grafana.com/gpg.key" + +scrape_interval_global: "60s" +scrape_interval_node: "30s" diff --git a/roles/grafana_agent/handlers/main.yml b/roles/grafana_agent/handlers/main.yml new file mode 100644 index 00000000..169e45fd --- /dev/null +++ b/roles/grafana_agent/handlers/main.yml @@ -0,0 +1,6 @@ +--- +- name: "Restart grafana agent instance" + become: true + ansible.builtin.service: + name: "grafana-agent" + state: "restarted" diff --git a/roles/grafana_agent/meta/main.yml b/roles/grafana_agent/meta/main.yml new file mode 100644 index 00000000..313fd690 --- /dev/null +++ b/roles/grafana_agent/meta/main.yml @@ -0,0 +1,3 @@ +--- +dependencies: + - role: secrets diff --git a/roles/grafana_agent/tasks/main.yml b/roles/grafana_agent/tasks/main.yml new file mode 100644 index 00000000..11fa4002 --- /dev/null +++ b/roles/grafana_agent/tasks/main.yml @@ -0,0 +1,74 @@ +--- +- name: Include secrets + include_vars: "{{ secrets_path | mandatory }}/mimir_password.yml" + no_log: true + tags: + - always + +- name: Gather facts on listening ports + community.general.listen_ports_facts: + +- name: Check if prometheus is listening on port 9090 + ansible.builtin.debug: + msg: The {{ item.name }} service - pid {{ item.pid }} is running on same port as grafana-agent please set {{ item.name }} to listen on a diffrent port than {{ item.port }} + vars: + tcp_listen_violations: "{{ ansible_facts.tcp_listen | selectattr('name', 'in', tcp_whitelist) | list }}" + tcp_whitelist: + - prometheus + loop: "{{ tcp_listen_violations }}" + failed_when: true + +- name: "Import Grafana GPG key" + become: true + ansible.builtin.get_url: + url: "{{ grafana_apt_repo_key_url }}" + dest: /etc/apt/keyrings/grafana.gpg + mode: '0644' + force: true + when: ansible_pkg_mgr == "apt" + +- name: Ensure downloaded file for key is a binary keyring + shell: "cat /etc/apt/keyrings/grafana.gpg | gpg --dearmor | sudo tee /etc/apt/keyrings/grafana.gpg > /dev/null" + when: ansible_pkg_mgr == "apt" + +- name: "Add Grafana's repository to APT sources list" + become: true + ansible.builtin.apt_repository: + repo: "deb [signed-by=/etc/apt/keyrings/grafana.gpg] {{ grafana_apt_repo_url }} stable main" + state: present + when: ansible_pkg_mgr == "apt" + +- name: "Add Grafana's repository to yum/dnf systems" + become: true + ansible.builtin.yum_repository: + baseurl: "{{ grafana_rpm_repo_url }}" + name: "grafana" + description: "grafana" + gpgcheck: true + gpgkey: "{{ grafana_rpm_repo_key_url }}" + state: present + when: ansible_os_family == "RedHat" + +- name: "Install grafana-agent" + become: true + ansible.builtin.package: + name: "grafana-agent" + state: "present" + +- name: "Enable grafana-agent" + become: true + ansible.builtin.service: + name: "grafana-agent" + state: "started" + enabled: true + +# Deploy config file from template and restart the agent +- name: "Configure agent" + become: true + ansible.builtin.template: + src: "templates/grafana-agent.yaml.j2" + dest: "/etc/grafana-agent.yaml" + mode: "0440" + owner: "root" + group: "grafana-agent" + notify: "Restart grafana agent instance" diff --git a/roles/grafana_agent/templates/grafana-agent.yaml.j2 b/roles/grafana_agent/templates/grafana-agent.yaml.j2 new file mode 100644 index 00000000..f58250c5 --- /dev/null +++ b/roles/grafana_agent/templates/grafana-agent.yaml.j2 @@ -0,0 +1,33 @@ +server: + log_level: info + +metrics: + global: + remote_write: + - url: {{ agent_mimir_url }} + basic_auth: + username: {{ agent_mimir_username }} + password: {{ agent_mimir_password }} + queue_config: + max_backoff: 5m + external_labels: + nodetype: unknown_nodetype + ingest_instance: {{ inventory_hostname }} + scrape_interval: {{ scrape_interval_global }} + configs: + - name: {{ inventory_hostname }} + scrape_configs: + - job_name: 'grafana-agent-exporter' + relabel_configs: + - source_labels: [__address__] + target_label: instance + replacement: {{ inventory_hostname }} + +integrations: + node_exporter: + enabled: true + scrape_interval: {{ scrape_interval_node }} + instance: {{ inventory_hostname }} + rootfs_path: / + sysfs_path: /sys + procfs_path: /proc