commit 61b436b9cbcfbca3224ebfe934b42b1dfe0a1eef Author: Robert Kaussow Date: Thu Jun 3 18:55:27 2021 +0200 initial commit diff --git a/.drone.jsonnet b/.drone.jsonnet new file mode 100644 index 0000000..7eb7c0b --- /dev/null +++ b/.drone.jsonnet @@ -0,0 +1,137 @@ +local PipelineLinting = { + kind: 'pipeline', + name: 'linting', + platform: { + os: 'linux', + arch: 'amd64', + }, + steps: [ + { + name: 'ansible-later', + image: 'thegeeklab/ansible-later', + commands: [ + 'ansible-later', + ], + }, + ], + trigger: { + ref: ['refs/heads/master', 'refs/tags/**', 'refs/pull/**'], + }, +}; + +local PipelineDeployment(scenario='centos7') = { + kind: 'pipeline', + name: 'testing-' + scenario, + platform: { + os: 'linux', + arch: 'amd64', + }, + concurrency: { + limit: 1, + }, + workspace: { + base: '/drone/src', + path: '${DRONE_REPO_NAME}', + }, + steps: [ + { + name: 'ansible-molecule', + image: 'thegeeklab/molecule:3', + environment: { + HCLOUD_TOKEN: { from_secret: 'hcloud_token' }, + }, + commands: [ + 'molecule test -s ' + scenario, + ], + }, + ], + depends_on: [ + 'linting', + ], + trigger: { + ref: ['refs/heads/master', 'refs/tags/**'], + }, +}; + +local PipelineDocumentation = { + kind: 'pipeline', + name: 'documentation', + platform: { + os: 'linux', + arch: 'amd64', + }, + steps: [ + { + name: 'generate', + image: 'thegeeklab/ansible-doctor', + environment: { + ANSIBLE_DOCTOR_LOG_LEVEL: 'INFO', + ANSIBLE_DOCTOR_FORCE_OVERWRITE: true, + ANSIBLE_DOCTOR_EXCLUDE_FILES: 'molecule/', + ANSIBLE_DOCTOR_TEMPLATE: 'hugo-book', + ANSIBLE_DOCTOR_ROLE_NAME: '${DRONE_REPO_NAME#*.}', + ANSIBLE_DOCTOR_OUTPUT_DIR: '_docs/', + }, + }, + { + name: 'publish', + image: 'plugins/gh-pages', + settings: { + remote_url: 'https://gitea.rknet.org/ansible/${DRONE_REPO_NAME}', + netrc_machine: 'gitea.rknet.org', + username: { from_secret: 'gitea_username' }, + password: { from_secret: 'gitea_token' }, + pages_directory: '_docs/', + target_branch: 'docs', + }, + when: { + ref: ['refs/heads/master'], + }, + }, + ], + trigger: { + ref: ['refs/heads/master', 'refs/tags/**', 'refs/pull/**'], + }, + depends_on: [ + 'testing-centos7', + ], +}; + +local PipelineNotification = { + kind: 'pipeline', + name: 'notification', + platform: { + os: 'linux', + arch: 'amd64', + }, + clone: { + disable: true, + }, + steps: [ + { + name: 'matrix', + image: 'plugins/matrix', + settings: { + homeserver: { from_secret: 'matrix_homeserver' }, + roomid: { from_secret: 'matrix_roomid' }, + template: 'Status: **{{ build.status }}**
Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.link }}) ({{ build.branch }}) by {{ build.author }}
Message: {{ build.message }}', + username: { from_secret: 'matrix_username' }, + password: { from_secret: 'matrix_password' }, + }, + }, + ], + depends_on: [ + 'documentation', + ], + trigger: { + status: ['success', 'failure'], + ref: ['refs/heads/master', 'refs/tags/**'], + }, +}; + +[ + PipelineLinting, + PipelineDeployment(scenario='centos7'), + PipelineDocumentation, + PipelineNotification, +] diff --git a/.flake8 b/.flake8 new file mode 100644 index 0000000..b41e1fc --- /dev/null +++ b/.flake8 @@ -0,0 +1,5 @@ +[flake8] +ignore = D101, D102, D103, D105, D107, E402, W503 +max-line-length = 99 +inline-quotes = double +exclude = .git,.tox,__pycache__,build,dist,tests,*.pyc,*.egg-info,.cache,.eggs,env* diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..d97b7cd --- /dev/null +++ b/.gitignore @@ -0,0 +1,11 @@ +# ---> Ansible +*.retry +plugins +library + +# ---> Python +# Byte-compiled / optimized / DLL files +__pycache__/ +*.py[cod] +*$py.class + diff --git a/.later.yml b/.later.yml new file mode 100644 index 0000000..0efe5d5 --- /dev/null +++ b/.later.yml @@ -0,0 +1,19 @@ +--- +ansible: + custom_modules: + - iptables_raw + - openssl_pkcs12 + - proxmox_kvm + - ucr + - corenetworks_dns + - corenetworks_token + +rules: + exclude_files: + - molecule/ + - "LICENSE*" + - "**/*.md" + - "**/*.ini" + + exclude_filter: + - LINT0009 diff --git a/.prettierignore b/.prettierignore new file mode 100644 index 0000000..ef05acb --- /dev/null +++ b/.prettierignore @@ -0,0 +1 @@ +.drone* diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..8e54586 --- /dev/null +++ b/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2021 Robert Kaussow + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is furnished +to do so, subject to the following conditions: + +The above copyright notice and this permission notice (including the next +paragraph) shall be included in all copies or substantial portions of the +Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS +FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS +OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, +WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF +OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/README.md b/README.md new file mode 100644 index 0000000..15d9737 --- /dev/null +++ b/README.md @@ -0,0 +1,10 @@ +# xoxys.telegraf + +[![Build Status](https://img.shields.io/drone/build/ansible/xoxys.telegraf?logo=drone&server=https%3A%2F%2Fdrone.rknet.org)](https://drone.rknet.org/ansible/xoxys.telegraf) +[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg?label=license)](LICENSE) + +Setup [Telegraf](https://github.com/influxdata/telegraf) metrics agent. You can find the full documentation at [https://galaxy.geekdocs.de](https://galaxy.geekdocs.de/roles/cloud/telegraf/). + +## License + +This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details. diff --git a/defaults/main.yml b/defaults/main.yml new file mode 100644 index 0000000..04e2631 --- /dev/null +++ b/defaults/main.yml @@ -0,0 +1,141 @@ +--- +telegraf_packages_extra: [] + +# @var telegraf_requires_docker_group:description: Optionally disable docker group join. +telegraf_requires_docker_group: False +telegraf_docker_group_name: dockerroot + +# @var telegraf_interval:description: Default data collection interval for all inputs. +telegraf_interval: 10s + +# @var telegraf_round_interval:description: Rounds collection interval to interval. +telegraf_round_interval: True + +# @var telegraf_metric_batch_size:description: Telegraf will send metrics to outputs in batches of this amount. +telegraf_metric_batch_size: 1000 + +# @var telegraf_metric_buffer_limit:description: Maximum number of unwritten metrics per output. +telegraf_metric_buffer_limit: 10000 + +# @var telegraf_collection_jitter:description: Collection jitter is used to jitter the collection by a random amount. +telegraf_collection_jitter: 0s + +# @var telegraf_flush_interval:description: Default flushing interval for all outputs. +telegraf_flush_interval: 10s + +# @var telegraf_flush_jitter:description: Jitter the flush interval by a random amount. +telegraf_flush_jitter: 0s + +# @var telegraf_precision:description: Precision will be set to the same timestamp order as the collection interval. +# @var telegraf_precision:default: $ "_unset_" + +# @var telegraf_debug:description: Log at debug level. +telegraf_debug: False + +# @var telegraf_quiet:description: Log only error level messages. +telegraf_quiet: True + +# @var telegraf_logtarget:description: Log target controls the destination for logs. +telegraf_logtarget: stderr + +# @var telegraf_logfile:description: Name of the file to be logged to when using the file logtarget. +# @var telegraf_logfile:default: $ "_unset_" + +# @var telegraf_logfile_rotation_interval:description: The logfile will be rotated after the time interval specified. +# @var telegraf_logfile_rotation_interval:default: $ "_unset_" + +# @var telegraf_logfile_rotation_max_size:description: The logfile will be rotated when it becomes larger than the specified size. +# @var telegraf_logfile_rotation_max_size:default: $ "_unset_" + +# @var telegraf_logfile_rotation_max_archives:description: Maximum number of rotated archives to keep, any older logs are deleted. +# @var telegraf_logfile_rotation_max_archives:default: $ "_unset_" + +# @var telegraf_hostname:description: Override default hostname. +telegraf_hostname: "{{ inventory_hostname }}" + +# @var telegraf_omit_hostname:description: If set to True, do no set the host tag in the telegraf agent. +telegraf_omit_hostname: False + +# @var telegraf_template_files:description: Path to templates loaded into telegraf.d directory. +telegraf_template_files: + - telegraf/templates/*.conf.j2 + +# @var telegraf_prometheus_listen:description: Address to listen for Prometheus. +telegraf_prometheus_listen: 127.0.0.1:9273 + +# @var telegraf_prometheus_username:description: Username used by Prometheus. +telegraf_prometheus_username: prometheus + +# @var telegraf_prometheus_password:description: Password used by Prometheus. +telegraf_prometheus_password: secure + +telegraf_prometheus_tls_enabled: False +telegraf_prometheus_tls_cert_path: /etc/pki/tls/certs/mycert.pem +telegraf_prometheus_tls_key_path: /etc/pki/tls/private/mykey.pem +telegraf_prometheus_tls_cert_source: mycert.pem +telegraf_prometheus_tls_key_source: mykey.pem + +# @var telegraf_global_tags:description: List of global tags. +# @var telegraf_global_tags:example: > +# telegraf_global_tags: +# - key: rack +# value: r155 +# - key: switch +# value: sw5 +# @end +telegraf_global_tags: [] + +# @var telegraf_processors:description: List of default processors, combined with extra. +# @var telegraf_processors:example: > +# telegraf_processors: +# - plugin: foo +# config: +# - option1 = "value1" +# - option2 = "value2" +# @end +telegraf_processors: [] +telegraf_processors_extra: [] + +# @var telegraf_aggregators:description: List of default aggregators, combined with extra. +# @var telegraf_aggregators:example: > +# telegraf_aggregators: +# - plugin: foo +# config: +# - option1 = "value1" +# - option2 = "value2" +# @end +telegraf_aggregators: [] +telegraf_aggregators_extra: [] + +# @var telegraf_plugins:description: List of default plugins, combined with extra. +telegraf_plugins: + - plugin: net + config: + - ignore_protocol_stats = false + - interfaces = ["eth*"] + - plugin: cpu + config: + - percpu = true + - totalcpu = true + - collect_cpu_time = false + - report_active = false + - plugin: disk + config: + - ignore_fs = ["tmpfs", "devtmpfs", "devfs"] + - plugin: filestat + config: + - files = ["/var/log/**.log"] + - plugin: procstat + config: + - pattern = ".*" + - plugin: netstat + - plugin: diskio + - plugin: kernel + - plugin: mem + - plugin: processes + - plugin: swap + - plugin: system + - plugin: kernel_vmstat + - plugin: linux_sysctl_fs + +telegraf_plugins_extra: [] diff --git a/handlers/main.yml b/handlers/main.yml new file mode 100644 index 0000000..151f3f4 --- /dev/null +++ b/handlers/main.yml @@ -0,0 +1,10 @@ +--- +- name: Restart Telegraf + systemd: + name: telegraf + state: restarted + daemon_reload: yes + enabled: yes + listen: __telegraf_restart + become: True + become_user: root diff --git a/meta/main.yml b/meta/main.yml new file mode 100644 index 0000000..21ce258 --- /dev/null +++ b/meta/main.yml @@ -0,0 +1,23 @@ +# Standards: 0.2 +--- +galaxy_info: + # @meta author:value: [Robert Kaussow](https://gitea.rknet.org/xoxys) + author: "Robert Kaussow " + namespace: xoxys + role_name: telegraf + # @meta description: > + # [![Source Code](https://img.shields.io/badge/gitea-source%20code-blue?logo=gitea&logoColor=white)](https://gitea.rknet.org/ansible/xoxys.telegraf) + # [![Build Status](https://img.shields.io/drone/build/ansible/xoxys.telegraf?logo=drone&server=https%3A%2F%2Fdrone.rknet.org)](https://drone.rknet.org/ansible/xoxys.telegraf) + # [![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg?label=license)](https://gitea.rknet.org/ansible/xoxys.telegraf/src/branch/master/LICENSE) + # + # Setup [Telegraf](https://github.com/influxdata/telegraf) metrics agent. + # @end + description: Setup Telegraf metrics agent + license: MIT + min_ansible_version: 2.10 + platforms: + - name: EL + versions: + - 7 + galaxy_tags: [] +dependencies: [] diff --git a/molecule/centos7/converge.yml b/molecule/centos7/converge.yml new file mode 100644 index 0000000..e7d3f19 --- /dev/null +++ b/molecule/centos7/converge.yml @@ -0,0 +1,7 @@ +--- +- name: Converge + hosts: all + vars: + telegraf_quiet: False + roles: + - role: xoxys.telegraf diff --git a/molecule/centos7/create.yml b/molecule/centos7/create.yml new file mode 100644 index 0000000..719600d --- /dev/null +++ b/molecule/centos7/create.yml @@ -0,0 +1,120 @@ +--- +- name: Create + hosts: localhost + connection: local + gather_facts: false + no_log: "{{ molecule_no_log }}" + vars: + ssh_port: 22 + ssh_user: root + ssh_path: "{{ lookup('env', 'MOLECULE_EPHEMERAL_DIRECTORY') }}/ssh_key" + tasks: + - name: Create SSH key + user: + name: "{{ lookup('env', 'USER') }}" + generate_ssh_key: true + ssh_key_file: "{{ ssh_path }}" + force: true + register: generated_ssh_key + + - name: Register the SSH key name + set_fact: + ssh_key_name: "molecule-generated-{{ 12345 | random | to_uuid }}" + + - name: Register SSH key for test instance(s) + hcloud_ssh_key: + name: "{{ ssh_key_name }}" + public_key: "{{ generated_ssh_key.ssh_public_key }}" + state: present + + - name: Create molecule instance(s) + hcloud_server: + name: "{{ item.name }}" + server_type: "{{ item.server_type }}" + ssh_keys: + - "{{ ssh_key_name }}" + image: "{{ item.image }}" + location: "{{ item.location | default(omit) }}" + datacenter: "{{ item.datacenter | default(omit) }}" + user_data: "{{ item.user_data | default(omit) }}" + api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}" + state: present + register: server + loop: "{{ molecule_yml.platforms }}" + async: 7200 + poll: 0 + + - name: Wait for instance(s) creation to complete + async_status: + jid: "{{ item.ansible_job_id }}" + register: hetzner_jobs + until: hetzner_jobs.finished + retries: 300 + loop: "{{ server.results }}" + + - name: Create volume(s) + hcloud_volume: + name: "{{ item.name }}" + server: "{{ item.name }}" + location: "{{ item.location | default(omit) }}" + size: "{{ item.volume_size | default(10) }}" + api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}" + state: "present" + loop: "{{ molecule_yml.platforms }}" + when: item.volume | default(False) | bool + register: volumes + async: 7200 + poll: 0 + + - name: Wait for volume(s) creation to complete + async_status: + jid: "{{ item.ansible_job_id }}" + register: hetzner_volumes + until: hetzner_volumes.finished + retries: 300 + when: volumes.changed + loop: "{{ volumes.results }}" + + # Mandatory configuration for Molecule to function. + + - name: Populate instance config dict + set_fact: + instance_conf_dict: + { + "instance": "{{ item.hcloud_server.name }}", + "ssh_key_name": "{{ ssh_key_name }}", + "address": "{{ item.hcloud_server.ipv4_address }}", + "user": "{{ ssh_user }}", + "port": "{{ ssh_port }}", + "identity_file": "{{ ssh_path }}", + "volume": "{{ item.item.item.volume | default(False) | bool }}", + } + loop: "{{ hetzner_jobs.results }}" + register: instance_config_dict + when: server.changed | bool + + - name: Convert instance config dict to a list + set_fact: + instance_conf: "{{ instance_config_dict.results | map(attribute='ansible_facts.instance_conf_dict') | list }}" + when: server.changed | bool + + - name: Dump instance config + copy: + content: | + # Molecule managed + + {{ instance_conf | to_nice_yaml(indent=2) }} + dest: "{{ molecule_instance_config }}" + when: server.changed | bool + + - name: Wait for SSH + wait_for: + port: "{{ ssh_port }}" + host: "{{ item.address }}" + search_regex: SSH + delay: 10 + loop: "{{ lookup('file', molecule_instance_config) | from_yaml }}" + + - name: Wait for VM to settle down + pause: + seconds: 30 \ No newline at end of file diff --git a/molecule/centos7/destroy.yml b/molecule/centos7/destroy.yml new file mode 100644 index 0000000..ed0b2ed --- /dev/null +++ b/molecule/centos7/destroy.yml @@ -0,0 +1,78 @@ +--- +- name: Destroy + hosts: localhost + connection: local + gather_facts: false + no_log: "{{ molecule_no_log }}" + tasks: + - name: Check existing instance config file + stat: + path: "{{ molecule_instance_config }}" + register: cfg + + - name: Populate the instance config + set_fact: + instance_conf: "{{ (lookup('file', molecule_instance_config) | from_yaml) if cfg.stat.exists else [] }}" + + - name: Destroy molecule instance(s) + hcloud_server: + name: "{{ item.instance }}" + api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}" + state: absent + register: server + loop: "{{ instance_conf }}" + async: 7200 + poll: 0 + + - name: Wait for instance(s) deletion to complete + async_status: + jid: "{{ item.ansible_job_id }}" + register: hetzner_jobs + until: hetzner_jobs.finished + retries: 300 + loop: "{{ server.results }}" + + - pause: + seconds: 5 + + - name: Destroy volume(s) + hcloud_volume: + name: "{{ item.instance }}" + server: "{{ item.instance }}" + api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}" + state: "absent" + register: volumes + loop: "{{ instance_conf }}" + when: item.volume | default(False) | bool + async: 7200 + poll: 0 + + - name: Wait for volume(s) deletion to complete + async_status: + jid: "{{ item.ansible_job_id }}" + register: hetzner_volumes + until: hetzner_volumes.finished + retries: 300 + when: volumes.changed + loop: "{{ volumes.results }}" + + - name: Remove registered SSH key + hcloud_ssh_key: + name: "{{ instance_conf[0].ssh_key_name }}" + state: absent + when: (instance_conf | default([])) | length > 0 + + # Mandatory configuration for Molecule to function. + + - name: Populate instance config + set_fact: + instance_conf: {} + + - name: Dump instance config + copy: + content: | + # Molecule managed + + {{ instance_conf | to_nice_yaml(indent=2) }} + dest: "{{ molecule_instance_config }}" + when: server.changed | bool \ No newline at end of file diff --git a/molecule/centos7/molecule.yml b/molecule/centos7/molecule.yml new file mode 100644 index 0000000..5560484 --- /dev/null +++ b/molecule/centos7/molecule.yml @@ -0,0 +1,24 @@ +--- +dependency: + name: galaxy + options: + role-file: molecule/requirements.yml + requirements-file: molecule/requirements.yml + env: + ANSIBLE_GALAXY_DISPLAY_PROGRESS: "false" +driver: + name: delegated +platforms: + - name: centos7-telegraf + image: centos-7 + server_type: cx11 +lint: | + /usr/local/bin/flake8 +provisioner: + name: ansible + env: + ANSIBLE_FILTER_PLUGINS: ${ANSIBLE_FILTER_PLUGINS:-./plugins/filter} + ANSIBLE_LIBRARY: ${ANSIBLE_LIBRARY:-./library} + log: False +verifier: + name: testinfra diff --git a/molecule/centos7/prepare.yml b/molecule/centos7/prepare.yml new file mode 100644 index 0000000..183f4d3 --- /dev/null +++ b/molecule/centos7/prepare.yml @@ -0,0 +1,15 @@ +--- +- name: Prepare + hosts: all + gather_facts: false + tasks: + - name: Bootstrap python for Ansible + raw: | + command -v python3 python || ( + (test -e /usr/bin/dnf && sudo dnf install -y python3) || + (test -e /usr/bin/apt && (apt -y update && apt install -y python-minimal)) || + (test -e /usr/bin/yum && sudo yum -y -qq install python3) || + echo "Warning: Python not boostrapped due to unknown platform." + ) + become: true + changed_when: false diff --git a/molecule/centos7/telegraf/templates/.keep b/molecule/centos7/telegraf/templates/.keep new file mode 100644 index 0000000..e69de29 diff --git a/molecule/centos7/telegraf/templates/ping.conf.j2 b/molecule/centos7/telegraf/templates/ping.conf.j2 new file mode 100644 index 0000000..01f6b90 --- /dev/null +++ b/molecule/centos7/telegraf/templates/ping.conf.j2 @@ -0,0 +1,4 @@ +[[inputs.ping]] + ## Hosts to send ping packets to. + urls = ["1.1.1.1", "{{ ansible_default_ipv4.address }}"] + method = "exec" diff --git a/molecule/centos7/tests/test_default.py b/molecule/centos7/tests/test_default.py new file mode 100644 index 0000000..4ca3847 --- /dev/null +++ b/molecule/centos7/tests/test_default.py @@ -0,0 +1,25 @@ +import os +import warnings + +import testinfra.utils.ansible_runner + +warnings.filterwarnings("ignore", category=DeprecationWarning) + +testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( + os.environ["MOLECULE_INVENTORY_FILE"]).get_hosts("all") + + +def test_telegraf_installed(host): + pkg = host.package("telegraf") + assert pkg.is_installed + + +def test_telegraf_running_and_enabled(host): + telegraf = host.service("telegraf") + assert telegraf.is_running + assert telegraf.is_enabled + + +def test_telegraf_socket(host): + # Verify the socket is listening for telegraf traffic + assert host.socket("tcp://127.0.0.1:9273").is_listening diff --git a/molecule/default b/molecule/default new file mode 120000 index 0000000..2fdf3e8 --- /dev/null +++ b/molecule/default @@ -0,0 +1 @@ +centos7 \ No newline at end of file diff --git a/molecule/pytest.ini b/molecule/pytest.ini new file mode 100644 index 0000000..c24fe5b --- /dev/null +++ b/molecule/pytest.ini @@ -0,0 +1,3 @@ +[pytest] +filterwarnings = + ignore::DeprecationWarning diff --git a/molecule/requirements.yml b/molecule/requirements.yml new file mode 100644 index 0000000..46da115 --- /dev/null +++ b/molecule/requirements.yml @@ -0,0 +1,6 @@ +--- +collections: + - name: https://gitea.rknet.org/ansible/xoxys.general/releases/download/v2.1.1/xoxys-general-2.1.1.tar.gz + - name: community.general + +roles: [] diff --git a/tasks/main.yml b/tasks/main.yml new file mode 100644 index 0000000..1073919 --- /dev/null +++ b/tasks/main.yml @@ -0,0 +1,5 @@ +--- +- import_tasks: tls.yml + when: telegraf_prometheus_tls_enabled | bool + tags: tls_renewal +- include_tasks: setup.yml diff --git a/tasks/setup.yml b/tasks/setup.yml new file mode 100644 index 0000000..0dba037 --- /dev/null +++ b/tasks/setup.yml @@ -0,0 +1,61 @@ +--- +- block: + - name: Add Telegraf repository + yum_repository: + name: influxdb + file: InfluxDB + description: InfluxDB Repository + baseurl: "https://repos.influxdata.com/rhel/{{ ansible_distribution_major_version }}/$basearch/stable" + gpgkey: https://repos.influxdata.com/influxdb.key + gpgcheck: yes + + - name: Ensure dependencies are installed + package: + name: "{{ item }}" + state: present + loop: "{{ telegraf_packages_extra }}" + + - name: Ensure Telegraf is installed + package: + name: "{{ item }}" + state: present + loop: + - telegraf + + - name: Copy custom Telegraf template files + template: + src: "{{ item }}" + dest: /etc/telegraf/telegraf.d/{{ item | basename | splitext | first }} + owner: telegraf + group: root + mode: 0640 + with_fileglob: "{{ telegraf_template_files }}" + loop_control: + label: "{{ item | basename | splitext | first }}" + notify: __telegraf_restart + + - name: Add docker group + user: + name: telegraf + groups: "{{ telegraf_docker_group_name }}" + append: True + notify: __telegraf_restart + when: telegraf_requires_docker_group + + - name: Write config file + template: + src: etc/telegraf/telegraf/telegraf.conf.j2 + dest: /etc/telegraf/telegraf.conf + owner: telegraf + group: root + mode: 0600 + notify: __telegraf_restart + + - name: Ensure Telegraf is up and running + systemd: + name: telegraf + daemon_reload: yes + enabled: yes + state: started + become: True + become_user: root diff --git a/tasks/tls.yml b/tasks/tls.yml new file mode 100644 index 0000000..f7f9810 --- /dev/null +++ b/tasks/tls.yml @@ -0,0 +1,31 @@ +--- +- block: + - name: Create tls folder structure + file: + path: "{{ item }}" + state: directory + recurse: True + loop: + - "{{ telegraf_prometheus_tls_cert_path | dirname }}" + - "{{ telegraf_prometheus_tls_key_path | dirname }}" + + - name: Copy certs and private key + copy: + src: "{{ item.src }}" + dest: "{{ item.dest }}" + mode: "{{ item.mode }}" + loop: + - src: "{{ telegraf_prometheus_tls_key_source }}" + dest: "{{ telegraf_prometheus_tls_key_path }}" + owner: telegraf + group: root + mode: "0600" + - src: "{{ telegraf_prometheus_tls_cert_source }}" + dest: "{{ telegraf_prometheus_tls_cert_path }}" + owner: telegraf + group: root + mode: "0750" + loop_control: + label: "{{ item.dest }}" + become: True + become_user: root diff --git a/templates/etc/telegraf/telegraf/telegraf.conf.j2 b/templates/etc/telegraf/telegraf/telegraf.conf.j2 new file mode 100644 index 0000000..0ce1fe2 --- /dev/null +++ b/templates/etc/telegraf/telegraf/telegraf.conf.j2 @@ -0,0 +1,92 @@ +#jinja2: lstrip_blocks: True +{{ ansible_managed | comment }} + +[agent] + interval = "{{ telegraf_interval }}" + round_interval = {{ telegraf_round_interval | lower }} + metric_batch_size = {{ telegraf_metric_batch_size }} + metric_buffer_limit = {{ telegraf_metric_buffer_limit }} + collection_jitter = "{{ telegraf_collection_jitter }}" + flush_interval = "{{ telegraf_flush_interval }}" + flush_jitter = "{{ telegraf_flush_jitter }}" + precision = "{{ telegraf_precision | default('') }}" + debug = {{ telegraf_debug | lower }} + quiet = {{ telegraf_quiet | lower }} + logtarget = "{{ telegraf_logtarget }}" + {% if telegraf_logfile is defined %} + logfile = "{{ telegraf_logfile }}" + {% endif %} + {% if telegraf_logfile_rotation_interval | default(False) %} + logfile_rotation_interval = "{{ telegraf_logfile_rotation_interval }}" + {% endif %} + {% if telegraf_logfile_rotation_max_size | default(False) %} + logfile_rotation_max_size = "{{ telegraf_logfile_rotation_max_size }}" + {% endif %} + {% if telegraf_logfile_rotation_max_archives | default(False) %} + logfile_rotation_max_archives = {{ telegraf_logfile_rotation_max_archives }} + {% endif %} + hostname = "{{ telegraf_hostname }}" + omit_hostname = {{ telegraf_omit_hostname | lower }} + +{% if telegraf_global_tags | length > 0 %} +[global_tags] +{% for tag in telegraf_global_tags %} + {{ tag.key }} = "{{ tag.value }}" +{% endfor %} + +{% endif %} +[[outputs.prometheus_client]] + listen = "{{ telegraf_prometheus_listen }}" + basic_username = "{{ telegraf_prometheus_username }}" + basic_password = "{{ telegraf_prometheus_password }}" + ip_range = [] + {% if telegraf_prometheus_tls_enabled | bool %} + tls_cert = "{{ telegraf_prometheus_tls_cert_path }}" + tls_key = "{{ telegraf_prometheus_tls_key_path }}" + {% endif %} + export_timestamp = false +{% if (telegraf_processors + telegraf_processors_extra) | length > 0 %} +{% for item in (telegraf_processors + telegraf_processors_extra) %} + +[[processors.{{ item.plugin }}]] +{% if item.config is defined and item.config is iterable %} +{% for item in item.config %} + {{ item }} +{% endfor %} +{% else %} + # no configuration +{% endif %} +{% endfor %} +{% endif %} +{% if (telegraf_aggregators + telegraf_aggregators_extra) | length > 0 %} +{% for item in (telegraf_aggregators + telegraf_aggregators_extra) %} + +[[aggregators.{{ item.plugin }}]] +{% if item.period | default(False) %} + period = "{{ item.interval }}s" +{% endif %} +{% if item.config is defined and item.config is iterable %} +{% for item in item.config %} + {{ item }} +{% endfor %} +{% else %} + # no configuration +{% endif %} +{% endfor %} +{% endif %} +{% if (telegraf_plugins + telegraf_plugins_extra) | length > 0 %} +{% for item in (telegraf_plugins + telegraf_plugins_extra) %} + +[[inputs.{{ item.plugin }}]] +{% if item.interval | default(False) %} + interval = "{{ item.interval }}s" +{% endif %} +{% if item.config is defined and item.config is iterable %} +{% for item in item.config %} + {{ item }} +{% endfor %} +{% else %} + # no configuration +{% endif %} +{% endfor %} +{% endif %}