ansible-role-duckprom
Duckprom
Duckprom is solution for observation of servers with dockerized apps.
Almost the same as dockprom, but there are a number of key differences:
- install and update with ansible;
- separation of server types: main and edge;
- https for grafana with letsencrypt
- logs with lokki
- basic auth;
- alertmanager removed;
- traefik instead of caddy .
Requirements
Docker log format
Log options for docker daemon: "{{.ImageName}}|{{.Name}}|{{.ImageFullID}}|{{.FullID}}"
Example of /etc/docker/daemon.json
{ "debug": false, "log-opts": { "tag": "{{.ImageName}}|{{.Name}}|{{.ImageFullID}}|{{.FullID}}", "max-size": "100m" }}
Nginx log format (optional)
Duckprom can scrape metrics from nginx logs with https://github.com/martin-helmich/prometheus-nginxlog-exporter.
Fix log format in nginx
# /etc/nginx/nginx.conf
log_format upstream_time '$remote_addr - $remote_user [$time_local] ' '"$request" $status $body_bytes_sent ' '"$http_referer" "$http_user_agent" ' 'rt=$request_time uct="$upstream_connect_time" uht="$upstream_header_time" urt="$upstream_response_time"';access_log /var/log/nginx/access.log upstream_time;
Import NGINX Log Metrics into duckprom grafana.
Role Variables
duckprom_node_type: edgeduckprom_dir: /opt/duckpromduckprom_edge_group: edge
duckprom_basic_auth_enabled: trueduckprom_basic_auth_username: userduckprom_basic_auth_password: secret
duckprom_traefik_image: traefik:v2.11duckprom_traefik_https_enabled: falseduckprom_traefik_https_letsencrypt_email: me@example.comduckprom_traefik_dashboard_enabled: falseduckprom_traefik_dashboard_port: 8080
duckprom_grafana_host: grafana.example.comduckprom_grafana_image: grafana/grafana:10.2.4duckprom_grafana_security_admin_user: adminduckprom_grafana_security_admin_password: adminduckprom_grafana_users_allow_sign_up: false
duckprom_prometheus_image: prom/prometheus:v2.49.1duckprom_prometheus_port: 9090duckprom_prometheus_retention: 168hduckprom_prometheus_scrape_interval: 15sduckprom_prometheus_evaluation_interval: 15s
duckprom_loki_image: grafana/loki:2.9.4duckprom_loki_port: 3100duckprom_loki_retention: 168h
duckprom_pushgateway_enabled: trueduckprom_pushgateway_image: prom/pushgateway:v1.6.0duckprom_pushgateway_port: 9091
duckprom_promtail_image: grafana/promtail:2.9.4
duckprom_nodeexporter_enabled: trueduckprom_nodeexporter_image: prom/node-exporter:v1.7.0duckprom_nodeexporter_port: 9100
duckprom_cadvisor_enabled: trueduckprom_cadvisor_image: gcr.io/cadvisor/cadvisor:v0.47.2duckprom_cadvisor_port: 9180
duckprom_nginxexporter_enabled: falseduckprom_nginxexporter_group: edgeduckprom_nginxexporter_image: quay.io/martinhelmich/prometheus-nginxlog-exporter:v1.10.0duckprom_nginxexporter_port: 4040
duckprom_portainer_enabled: falseduckprom_portainer_image: portainer/portainer-ce:2.19.4duckprom_portainer_host: portainer.example.com
Example Playbook
Inventory
host1 ansible_host=10.0.0.1
host2 ansible_host=10.0.0.2
host3 ansible_host=10.0.0.3
[main]
host1
[edge]
host2
host3
Install duckprom on main server
---- name: Install duckprom on main server hosts: main
tasks: - name: Install main duckprom node ansible.builtin.import_role: name: nmix.duckprom vars: duckprom_dir: /opt/duckprom duckprom_node_type: main duckprom_traefik_https_enabled: true duckprom_traefik_https_letsencrypt_email: foo@example.com duckprom_grafana_host: grafana.example.com duckprom_edge_group: edge # link to edge group for prometheus.yaml config
Install duckprom on edge servers
- name: Install duckprom on edge server hosts: edge
tasks: - name: Install edge duckprom node ansible.builtin.import_role: name: nmix.duckprom vars: duckprom_dir: /opt/duckprom duckprom_grafana_host: grafana.example.com # for push logs
Custom targets
Your Prometheus configuration may describe various targets that are not
part of the duckprom supplied by the role.
Create a prometheus/custom.yaml file in the installation directory
(/opt/duckprom by default) and describe your scrape_config
there.
License
BSD
Описание
Ansible роль для быстрой настройки мониторинга виртуальных серверов
Языки
Jinja
- Shell