Deploy prometheus node exporter using ansible.
- Ansible >= 2.9 (It might work on previous versions, but we cannot guarantee it)
- gnu-tar on Mac deployer host (
brew install gnu-tar) - Passlib is required when using the basic authentatication feature (
pip install passlib[bcrypt])
All variables which can be overridden are stored in defaults/main.yml and are listed in the table below.
| Name | Default Value | Description |
|---|---|---|
node_exporter_version |
1.1.0 | Node exporter package version. Also accepts latest as parameter. |
node_exporter_binary_local_dir |
"" | Allows to use local packages instead of ones distributed on github. As parameter it takes a directory where node_exporter binary is stored on host on which ansible is ran. This overrides node_exporter_version parameter |
node_exporter_web_listen_address |
"0.0.0.0:9100" | Address on which node exporter will listen |
node_exporter_web_telemetry_path |
"/metrics" | Path under which to expose metrics |
node_exporter_enabled_collectors |
["systemd",{textfile: {directory: "{{node_exporter_textfile_dir}}"}}] |
List of dicts defining additionally enabled collectors and their configuration. It adds collectors to those enabled by default. |
node_exporter_disabled_collectors |
[] | List of disabled collectors. By default node_exporter disables collectors listed here. |
node_exporter_textfile_dir |
"/var/lib/node_exporter" | Directory used by the Textfile Collector. To get permissions to write metrics in this directory, users must be in node-exp system group. Note: More information in TROUBLESHOOTING.md guide. |
node_exporter_tls_server_config |
{} | Configuration for TLS authentication. Keys and values are the same as in node_exporter docs. |
node_exporter_http_server_config |
{} | Config for HTTP/2 support. Keys and values are the same as in node_exporter docs. |
node_exporter_basic_auth_users |
{} | Dictionary of users and password for basic authentication. Passwords are automatically hashed with bcrypt. |
Use it in a playbook as follows:
- hosts: all
roles:
- cloudalchemy.node-exporterBefore running node_exporter role, user needs to provision their own certificate and key.
- hosts: all
pre_tasks:
- name: Create node_exporter cert dir
file:
path: "/etc/node_exporter"
state: directory
owner: root
group: root
- name: Create cert and key
openssl_certificate:
path: /etc/node_exporter/tls.cert
csr_path: /etc/node_exporter/tls.csr
privatekey_path: /etc/node_exporter/tls.key
provider: selfsigned
roles:
- cloudalchemy.node-exporter
vars:
node_exporter_tls_server_config:
cert_file: /etc/node_exporter/tls.cert
key_file: /etc/node_exporter/tls.key
node_exporter_basic_auth_users:
randomuser: examplepassword We provide demo site for full monitoring solution based on prometheus and grafana. Repository with code and links to running instances is available on github and site is hosted on DigitalOcean.
The preferred way of locally testing the role is to use Docker and molecule (v2.x). You will have to install Docker on your system. See "Get started" for a Docker package suitable to for your system. We are using tox to simplify process of testing on multiple ansible versions. To install tox execute:
pip3 install toxTo run tests on all ansible versions (WARNING: this can take some time)
toxTo run a custom molecule command on custom environment with only default test scenario:
tox -e py35-ansible28 -- molecule test -s defaultFor more information about molecule go to their docs.
If you would like to run tests on remote docker host just specify DOCKER_HOST variable before running tox tests.
Combining molecule and travis CI allows us to test how new PRs will behave when used with multiple ansible versions and multiple operating systems. This also allows use to create test scenarios for different role configurations. As a result we have a quite large test matrix which will take more time than local testing, so please be patient.
See troubleshooting.
This project is licensed under MIT License. See LICENSE for more details.