Modifying the prometheus role for Beherito

20ee9d27 · Nicolas Baudoin · 1bf4174d · 20ee9d27
Commit 20ee9d27 authored 3 months ago by Nicolas Baudoin
--- a/templates/prometheus.yml.j2
+++ b/templates/prometheus.yml.j2
@@ -10,8 +10,6 @@ global:
  external_labels:
      monitor: '{{datacenter}}'

-
-
 # Alertmanager configuration
 alerting:
  alertmanagers:
@@ -33,95 +31,6 @@ alerting:
 rule_files:
  - 'alerts/*.yml'

-
-
-
-{% if prometheus_config_method == "file" %}
-### Old Hetzner configuration for Prometheus, file-based
-scrape_configs:
-  - job_name: lxc
-    scheme: https
-    tls_config:
-        ca_file: '/etc/ssl/prometheus_client/root.ca.crt'
-        cert_file: '/etc/ssl/prometheus_client/{{fqdn}}.crt'
-        key_file: '/etc/ssl/prometheus_client/{{fqdn}}.key'
-    file_sd_configs:
-      - files:
-        - 'lxc.yml'
-  - job_name: legacy
-    scheme: https
-    tls_config:
-        ca_file: '/etc/ssl/prometheus_client/root.ca.crt'
-        cert_file: '/etc/ssl/prometheus_client/{{fqdn}}.crt'
-        key_file: '/etc/ssl/prometheus_client/{{fqdn}}.key'
-    file_sd_configs:
-      - files:
-        - 'legacy.yml'
-  - job_name: bare_metal
-    scheme: https
-    tls_config:
-        ca_file: '/etc/ssl/prometheus_client/root.ca.crt'
-        cert_file: '/etc/ssl/prometheus_client/{{fqdn}}.crt'
-        key_file: '/etc/ssl/prometheus_client/{{fqdn}}.key'
-    file_sd_configs:
-      - files:
-        - 'bare_metal.yml'
-  - job_name: bare_metal_smartctl
-    metrics_path: /smart_metrics
-    scheme: https
-    tls_config:
-        ca_file: '/etc/ssl/prometheus_client/root.ca.crt'
-        cert_file: '/etc/ssl/prometheus_client/{{fqdn}}.crt'
-        key_file: '/etc/ssl/prometheus_client/{{fqdn}}.key'
-    file_sd_configs:
-      - files:
-        - 'bare_metal.yml'
-  - job_name: fail2ban
-    metrics_path: /f2b_metrics
-    scheme: https
-    tls_config:
-        ca_file: '/etc/ssl/prometheus_client/root.ca.crt'
-        cert_file: '/etc/ssl/prometheus_client/{{fqdn}}.crt'
-        key_file: '/etc/ssl/prometheus_client/{{fqdn}}.key'
-    file_sd_configs:
-      - files:
-        - 'fail2ban.yml'
-
-{% if groups['lxc_host'] is defined %}
-
-  - job_name: lxc_host_cadvisor
-    metrics_path: /cadvisor-metrics
-    scheme: https
-    tls_config:
-        ca_file: '/etc/ssl/prometheus_client/root.ca.crt'
-        cert_file: '/etc/ssl/prometheus_client/{{fqdn}}.crt'
-        key_file: '/etc/ssl/prometheus_client/{{fqdn}}.key'
-    static_configs:
-      - targets:
-{%   for host in groups['lxc_host'] %}
-          - '{{host}}:9100'
-{%   endfor %}
-
-  - job_name: lxc_host_lvm
-    metrics_path: /lvm-metrics
-    scheme: https
-    tls_config:
-        ca_file: '/etc/ssl/prometheus_client/root.ca.crt'
-        cert_file: '/etc/ssl/prometheus_client/{{fqdn}}.crt'
-        key_file: '/etc/ssl/prometheus_client/{{fqdn}}.key'
-    static_configs:
-      - targets:
-{%   for host in groups['lxc_host'] %}
-          - '{{host}}:9100'
-{%   endfor %}
-{% endif %}
-{% endif %}
-
-
-
-
-
-{% if prometheus_config_method == "dns" %}
 ### New Faster.cz configuration for Prometheus, DNS-based
 ### The LXC containers
 scrape_configs:
@@ -311,6 +220,7 @@ scrape_configs:
          - 'runner.{{datacenter_url}}'
        type: 'SRV'                       

+### prometheus servers special case, metascraping :)
 {%   if (prometheus_peers is defined) and (fqdn in prometheus_peers) %}
  - job_name: 'prometheus_servers'
    scheme: https
@@ -324,17 +234,10 @@ scrape_configs:
          - '{{server}}:9100'
 {%     endfor %}
 {%   endif %}
-{% endif %}
-
-
-

-{% if blackbox_monitoring is defined %}
-### blackbox exporter configuration ###
-{%   for exporter in blackbox_exporters %}

-{%     if blackbox_monitoring.icmp is defined %}
-  - job_name: {{exporter}}_icmp
+### New DNS SRV entries for the Blackbox exporter
+  - job_name: blackbox_icmp
    scheme: https
    tls_config:
        ca_file: '/etc/ssl/prometheus_client/root.ca.crt'
@@ -343,67 +246,55 @@ scrape_configs:
    metrics_path: /probe
    params:
      module: [icmp]
-    static_configs:
-      - targets:
-{%       for host in blackbox_monitoring.icmp %}
-        - {{host}}
-{%       endfor %}
-    relabel_configs:
-      - source_labels: [__address__]
-        target_label: __param_target
-      - source_labels: [__param_target]
-        target_label: instance
-      - target_label: __address__
-        replacement: {{exporter}}:9100
-{%     endif %}
+    dns_sd_configs:
+      - names:
+          - 'blackbox.icmp.{{ datacenter_url }}'
+        type: 'SRV'

-{%     if http_no_tls is defined %}
-  - job_name: {{exporter}}_http_no_tls
-    scheme: https
-    tls_config:
-        ca_file: '/etc/ssl/prometheus_client/root.ca.crt'
-        cert_file: '/etc/ssl/prometheus_client/{{fqdn}}.crt'
-        key_file: '/etc/ssl/prometheus_client/{{fqdn}}.key'
-    metrics_path: /probe
-    params:
-      module: [http_no_tls]
-    static_configs:
-      - targets:
-{%       for host in http_no_tls %}
-        - http://{{host}}
-{%       endfor %}
-    relabel_configs:
-      - source_labels: [__address__]
-        target_label: __param_target
-      - source_labels: [__param_target]
-        target_label: instance
-      - target_label: __address__
-        replacement: {{exporter}}:9100
-{%     endif %}
-{%     if blackbox_monitoring.http_2xx is defined %}
-  - job_name: {{exporter}}_http_2xx
-    scrape_interval:     1m
-    scheme: https
-    tls_config:
-        ca_file: '/etc/ssl/prometheus_client/root.ca.crt'
-        cert_file: '/etc/ssl/prometheus_client/{{fqdn}}.crt'
-        key_file: '/etc/ssl/prometheus_client/{{fqdn}}.key'
-    metrics_path: /probe
-    params:
-      module: [http_2xx]
-    static_configs:
-      - targets:
-{%       for host in blackbox_monitoring.http_2xx %}
-        - https://{{host}}
-{%       endfor %}
-    relabel_configs:
-      - source_labels: [__address__]
-        target_label: __param_target
-      - source_labels: [__param_target]
-        target_label: instance
-      - target_label: __address__
-        replacement: {{exporter}}:9100
-{%     endif %}
+- job_name: blackbox_http2xx
+  scheme: https
+  tls_config:
+      ca_file: '/etc/ssl/prometheus_client/root.ca.crt'
+      cert_file: '/etc/ssl/prometheus_client/{{ fqdn }}.crt'
+      key_file: '/etc/ssl/prometheus_client/{{ fqdn }}.key'
+  metrics_path: /probe
+  params:
+    module: [http_2xx]
+  dns_sd_configs:
+    - names:
+        - 'blackbox.http2xx.{{ datacenter_url }}'
+      type: 'SRV'
+
+- job_name: blackbox_tls
+  scheme: https
+  tls_config:
+      ca_file: '/etc/ssl/prometheus_client/root.ca.crt'
+      cert_file: '/etc/ssl/prometheus_client/{{ fqdn }}.crt'
+      key_file: '/etc/ssl/prometheus_client/{{ fqdn }}.key'
+  metrics_path: /ssl_probe
+  params:
+    module: [tcp]
+  dns_sd_configs:
+    - names:
+        - 'blackbox.tls.{{ datacenter_url }}'
+      type: 'SRV'
+
+- job_name: blackbox_http_no_tls
+  scheme: https
+  tls_config:
+      ca_file: '/etc/ssl/prometheus_client/root.ca.crt'
+      cert_file: '/etc/ssl/prometheus_client/{{ fqdn }}.crt'
+      key_file: '/etc/ssl/prometheus_client/{{ fqdn }}.key'
+  metrics_path: /probe
+  params:
+    module: [http_no_tls]
+  dns_sd_configs:
+    - names:
+        - 'blackbox.httpnotls.{{ datacenter_url }}'
+      type: 'SRV'
+
+
+# Still keeping these below as file-based
 {%     if blackbox_monitoring.http_custom is defined %}
 {%       for custom in blackbox_monitoring.http_custom %}
  - job_name: {{exporter}}_{{ custom.name }}_http_custom
@@ -429,30 +320,7 @@ scrape_configs:
        replacement: {{exporter}}:9100
 {%         endfor %}
 {%     endif %}
-{%     if blackbox_monitoring.tls is defined %}
-  - job_name: {{exporter}}_tls
-    scheme: https
-    tls_config:
-        ca_file: '/etc/ssl/prometheus_client/root.ca.crt'
-        cert_file: '/etc/ssl/prometheus_client/{{fqdn}}.crt'
-        key_file: '/etc/ssl/prometheus_client/{{fqdn}}.key'
-    metrics_path: /ssl_probe
-    params:
-      module: [tcp]
-    static_configs:
-      - targets:
-{%       for host in blackbox_monitoring.tls %}
-        - {{host}}{%if host is not search(':')%}:443{% endif %}

-{%       endfor %}
-    relabel_configs:
-      - source_labels: [__address__]
-        target_label: __param_target
-      - source_labels: [__param_target]
-        target_label: instance
-      - target_label: __address__
-        replacement: {{exporter}}:9100
-{%     endif %}
 {%     if internal_tls is defined %}
  - job_name: {{exporter}}_internal_tls
    scheme: https
@@ -476,6 +344,7 @@ scrape_configs:
      - target_label: __address__
        replacement: {{exporter}}:9100
 {%     endif %}
+
 {%     if blackbox_monitoring.dns is defined %}
 {%       for domain in blackbox_monitoring.dns %}
  - job_name: {{exporter}}_{{domain}}_dns
@@ -501,9 +370,4 @@ scrape_configs:
        replacement: {{exporter}}:9100

 {%       endfor %}
-{%     endif %}
-
-{%   endfor %}
-
-
-{% endif %}
+{%     endif %}
\ No newline at end of file