-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathprometheus.yml
112 lines (96 loc) · 4.08 KB
/
prometheus.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
---
- hosts: homelab
vars:
application: prometheus
docker_network: "{{ networks.user }}"
handlers:
- name: Restart
community.docker.docker_container:
name: "{{ application }}"
restart: true
comparisons:
'*': ignore
tasks:
- name: Create config folder
ansible.builtin.file:
path: "{{ config_directory }}"
state: directory
owner: "65534" # nobody user
group: "{{ common_group }}"
mode: "0771"
register: _config_dir
- name: Create config, rules and data directories
ansible.builtin.file:
path: "{{ _config_dir.path }}/{{ item }}"
state: directory
owner: "65534" # nobody user
group: "{{ common_group }}"
mode: "0771"
loop:
- config
- rules
- data
register: _dir
- name: Copy rules
ansible.builtin.copy:
src: "{{ files_directory }}/rules/"
dest: "{{ _dir.results | selectattr('item', 'match', 'rules') | flatten | map(attribute='path') | first }}/"
owner: "65534" # nobody user
group: "{{ common_group }}"
mode: "0444"
validate: "docker run --rm --name {{ application }}_config_check -v %s:/tmp/rule.yml --entrypoint /bin/promtool prom/prometheus:latest check rules /tmp/rule.yml"
notify: Restart
- name: Template configs
ansible.builtin.template:
src: "{{ files_directory }}/prometheus.yml.j2"
dest: "{{ _dir.results | selectattr('item', 'match', 'config') | flatten | map(attribute='path') | first }}/prometheus.yml"
owner: "65534" # nobody user
group: "{{ common_group }}"
mode: "0444"
validate: "docker run --rm --name {{ application }}_config_check -v %s:/tmp/config.yml --entrypoint /bin/promtool prom/prometheus:latest check config /tmp/config.yml"
notify: Restart
- name: Create container
ansible.builtin.include_role:
name: docker_container
vars:
image: quay.io/prometheus/prometheus:v3.1.0
command:
- --config.file=/etc/prometheus/prometheus.yml
# https://prometheus.io/docs/operating/security/
- --web.enable-admin-api # enables administrative HTTP API
- --web.enable-lifecycle # enables HTTP reloads and shutdowns of Prometheus
# https://prometheus.io/docs/prometheus/latest/storage/#operational-aspects
- --storage.tsdb.path=/prometheus # where Prometheus writes its database
- --storage.tsdb.retention.time=6h # when to remove old data
# https://prometheus.io/docs/prometheus/latest/configuration/template_reference/#template-type-differences
# so they are stored here when we create them
- --web.console.libraries=/etc/prometheus/console_libraries
- --web.console.templates=/etc/prometheus/consoles
# https://prometheus.io/docs/prometheus/latest/configuration/https/
- "--web.external-url=https://{{ application }}.{{ common_tld }}"
# https://thanos.io/tip/components/sidecar.md/
- --storage.tsdb.min-block-duration=2h
- --storage.tsdb.max-block-duration=2h
volumes:
- "{{ _dir.results | selectattr('item', 'match', 'config') | flatten | map(attribute='path') | first }}:/etc/prometheus"
- "{{ _dir.results | selectattr('item', 'match', 'rules') | flatten | map(attribute='path') | first }}:/rules"
- "{{ _dir.results | selectattr('item', 'match', 'data') | flatten | map(attribute='path') | first }}:/prometheus"
- "{{ prometheus_scrape_directory }}:/scrape_config_files"
- /var/run/docker.sock:/var/run/docker.sock:ro
user: root:root
traefik:
- port: 9090
auth: page
homepage:
group: Monitoring
weight: 401
description: "Monitoring system"
widget:
type: prometheus
fields: '["targets_up", "targets_down"]'
metrics:
- port: 9090
comparisons:
labels: allow_more_present
blackbox:
path: /-/healthy