Prometheus DNS TXT conversion: Added the script, its systemd service and timer into the role

ff065711 · Nicolas Baudoin · edc8648c · ff065711 · ff065711 · ff065711
Commit ff065711 authored 1 month ago by Nicolas Baudoin
--- a/files/update_blackbox_targets.py
+++ b/files/update_blackbox_targets.py
+#!/usr/bin/env python3
+
+import dns.resolver
+import yaml
+import os
+import sys
+
+# The single DNS name that has all records of the form: "group" "URL"
+DNS_FQDN = "_https._tcp.blackbox.http2xx.long.eox.at"
+
+# Where Prometheus expects the final file_sd YAML
+OUTPUT_FILE = "/etc/prometheus/targets/blackbox_http2xx_long.yml"
+
+def fetch_txt_records(fqdn):
+    """Return a list of lists. Each element is a list of decoded strings in that TXT record."""
+    results = []
+    try:
+        answers = dns.resolver.resolve(fqdn, 'TXT')
+        for rdata in answers:
+            # rdata.strings is typically a tuple of byte-strings
+            # For example: (b'maps', b'https://tiles.maps.eox.at/...') 
+            # We'll convert each to a Python str.
+            decoded = [
+                part.decode('utf-8') if isinstance(part, bytes) else part
+                for part in rdata.strings
+            ]
+            # e.g. decoded = ["maps", "https://tiles.maps.eox.at/..."]
+            results.append(decoded)
+    except dns.resolver.NoAnswer:
+        pass
+    except dns.resolver.NXDOMAIN:
+        pass
+    except Exception as e:
+        print(f"Error fetching TXT for {fqdn}: {e}", file=sys.stderr)
+    return results
+
+def load_existing_targets(filepath):
+    """Load existing YAML (if present) and return as a Python list of dict."""
+    if not os.path.isfile(filepath):
+        return []
+    with open(filepath, 'r', encoding='utf-8') as f:
+        return yaml.safe_load(f) or []
+
+def main():
+    old_data = load_existing_targets(OUTPUT_FILE)
+
+    # 1. Query the single DNS name, get all records.
+    # Each record is something like ["maps", "https://some.url"]
+    records = fetch_txt_records(DNS_FQDN)
+
+    # 2. Build a dictionary of groupName -> list of URLs
+    groups_dict = {}
+    for rec in records:
+        if len(rec) < 2:
+            # We expect at least two strings: [groupName, URL]
+            print(f"Skipping TXT record (not enough fields): {rec}", file=sys.stderr)
+            continue
+
+        group_name = rec[0]
+        url = rec[1]
+
+        if group_name not in groups_dict:
+            groups_dict[group_name] = []
+        groups_dict[group_name].append(url)
+
+    # 3. Build the final structure for file_sd
+    # e.g.  [ {"labels": {"group": "maps"}, "targets": ["url1", "url2"]},
+    #         {"labels": {"group": "api_hub"}, "targets": ["url1"]}, ... ]
+
+    new_data = []
+    for group_name, urls in groups_dict.items():
+        new_data.append({
+            "labels": {"group": group_name},
+            "targets": urls
+        })
+
+    # 4. Sort them by group name for stable output
+    # We'll store the sort key in 'labels' => 'group'
+    new_data_sorted = sorted(new_data, key=lambda x: x["labels"]["group"])
+
+    # 5. Compare with old_data to avoid rewriting if no changes
+    if new_data_sorted == old_data:
+        print("No changes in DNS-based blackbox targets; not rewriting file.")
+        sys.exit(0)
+
+    # 6. Write updated YAML
+    with open(OUTPUT_FILE, 'w', encoding='utf-8') as f:
+        yaml.safe_dump(new_data_sorted, f, sort_keys=False, default_flow_style=False)
+    print(f"Updated {OUTPUT_FILE} with new DNS-based targets.")
+
+if __name__ == "__main__":
+    main()
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -4,7 +4,18 @@
  service:
    name: prometheus
    state: restarted
+
 - name: reload nginx
  service:
    name: nginx
    state: reloaded
+
+- name: Reload systemd
+  systemd:
+    daemon_reload: yes
+
+- name: Enable and start update_blackbox_targets.timer
+  systemd:
+    name: update_blackbox_targets.timer
+    enabled: yes
+    state: started
\ No newline at end of file
--- a/tasks/non_federator.yml
+++ b/tasks/non_federator.yml
@@ -27,6 +27,44 @@
  when: prometheus_config_method == "file"
  tags: target_yml

+### For the Python script that converts DNS TXT entries into a target file
+- name: Ensure required packages are installed
+  package:
+    name:
+      - python3
+      - python3-dnspython
+      - python3-yaml
+    state: present
+    update_cache: yes
+  when: prometheus_config_method == "dns"
+  tags: prometheus_script
+- name: Copy DNS blackbox update script
+  copy:
+    src: update_blackbox_targets.py
+    dest: /usr/local/bin/update_blackbox_targets.py
+    mode: '0755'
+    owner: root
+    group: root
+  when: prometheus_config_method == "dns"
+  tags: prometheus_script
+- name: Deploy systemd service unit
+  template:
+    src: update_blackbox_targets.service.j2
+    dest: /etc/systemd/system/update_blackbox_targets.service
+  notify: Reload systemd
+  when: prometheus_config_method == "dns"
+  tags: prometheus_script
+- name: Deploy systemd timer unit
+  template:
+    src: update_blackbox_targets.timer.j2
+    dest: /etc/systemd/system/update_blackbox_targets.timer
+  notify: 
+    - Reload systemd
+    - Enable and start update_blackbox_targets.timer
+  when: prometheus_config_method == "dns"
+  tags: prometheus_script
+###
+
 - name: core alerts
  copy:
    src: core_alerts.yml

--- a/templates/update_blackbox_targets.service.j2
+++ b/templates/update_blackbox_targets.service.j2
+[Unit]
+Description=Update Blackbox HTTP2xx Long Targets from DNS
+After=network.target
+
+[Service]
+Type=oneshot
+ExecStart=/usr/local/bin/update_blackbox_targets.py
+
+[Install]
+WantedBy=multi-user.target
\ No newline at end of file
--- a/templates/update_blackbox_targets.timer.j2
+++ b/templates/update_blackbox_targets.timer.j2
+[Unit]
+Description=Run update_blackbox_targets service every 5 minutes
+
+[Timer]
+# This runs the service every 2 minutes
+OnCalendar=*:0/2
+Persistent=true
+
+[Install]
+WantedBy=timers.target
\ No newline at end of file