Traefik implementation (vegasbrianc#128)

* Version bump and organize deploy sections Signed-off-by: Brian Christner <[email protected]> * Updated stack Grafana and labels for Traefik Signed-off-by: Brian Christner <[email protected]> * Fixing YAML issues :( Signed-off-by: Brian Christner <[email protected]> * port conflict Signed-off-by: Brian Christner <[email protected]> * updated networks Signed-off-by: Brian Christner <[email protected]> * Added Traefik section to README Signed-off-by: Brian Christner <[email protected]>
zqiushi · Aug 22, 2019 · f61a390 · f61a390
1 parent bf37977
commit f61a390
Show file tree

Hide file tree

Showing 4 changed files with 216 additions and 9 deletions.
diff --git a/README.md b/README.md
@@ -11,6 +11,7 @@
   	- [Alerting](#alerting)
   	- [Test Alerts](#test-alerts)
     - [Add additional Datasources](#add-additional-datasources)
+  - [Deploy Prometheus stack with Traefik](#deploy-prometheus-stack-with-traefik)
   - [Security Considerations](#security-considerations)
   	- [Production Security](#production-security)
   - [Troubleshooting](#troubleshooting)
@@ -113,14 +114,60 @@ This project is intended to be a quick-start to get up and running with Docker a
 
 Since this is a template to get started Prometheus and Alerting services are exposing their ports to allow for easy troubleshooting and understanding of how the stack works.
 
-## Production Security:
+## Deploy Prometheus stack with Traefik
+
+Same requirements as above. Swarm should be enabled and the Repo should be cloned to your Docker host.
+
+In the `docker-traefik-prometheus`directory run the following:
+
+    docker stack deploy -c docker-traefik-stack.yml traefik
+
+Verify all the services have been provisioned. The Replica count for each service should be 1/1 
+**Note this can take a couple minutes**
+
+    docker service ls
+
+## Prometheus & Grafana now have hostnames
+
+* Grafana - http://grafana.localhost
+* Prometheus - http://prometheus.localhost
+
+
+## Check the Metrics
+Once all the services are up we can open the Traefik Dashboard. The dashboard should show us our frontend and backends configured for both Grafana and Prometheus.
+
+    http://localhost:8080
+
+
+Take a look at the metrics which Traefik is now producing in Prometheus metrics format
+
+    http://localhost:8080/metrics
+
+
+## Login to Grafana and Visualize Metrics
+
+Grafana is an Open Source visualization tool for the metrics collected with Prometheus. Next, open Grafana to view the Traefik Dashboards.
+**Note: Firefox doesn't properly work with the below URLS please use Chrome**
+
+    http://grafana.localhost
+
+Username: admin
+Password: foobar
+
+Open the Traefik Dashboard and select the different backends available
+
+**Note: Upper right-hand corner of Grafana switch the default 1 hour time range down to 5 minutes. Refresh a couple times and you should see data start flowing**
+
+# Production Security:
+
 Here are just a couple security considerations for this stack to help you get started.
 * Remove the published ports from Prometheus and Alerting servicesi and only allow Grafana to be accessed
 * Enable SSL for Grafana with a Proxy such as [jwilder/nginx-proxy](https://hub.docker.com/r/jwilder/nginx-proxy/) or [Traefik](https://traefik.io/) with Let's Encrypt
 * Add user authentication via a Reverse Proxy [jwilder/nginx-proxy](https://hub.docker.com/r/jwilder/nginx-proxy/) or [Traefik](https://traefik.io/) for services cAdvisor, Prometheus, & Alerting as they don't support user authenticaiton
 * Terminate all services/containers via HTTPS/SSL/TLS
 
 # Troubleshooting
+
 It appears some people have reported no data appearing in Grafana. If this is happening to you be sure to check the time range being queried within Grafana to ensure it is using Today's date with current time.
 
 ## Mac Users

diff --git a/docker-compose.yml b/docker-compose.yml
@@ -1,4 +1,4 @@
-version: '3.1'
+version: '3.7'
 
 volumes:
     prometheus_data: {}

diff --git a/docker-stack.yml b/docker-stack.yml
@@ -1,4 +1,4 @@
-version: '3.1'
+version: '3.7'
 
 volumes:
     prometheus_data: {}
@@ -25,11 +25,12 @@ services:
       - cadvisor
     networks:
       - monitor-net
-    restart: always
     deploy:
       placement:
         constraints:
           - node.role==manager
+      restart_policy:
+        condition: on-failure
 
   node-exporter:
     image: prom/node-exporter
@@ -46,9 +47,10 @@ services:
       - 9100:9100
     networks:
       - monitor-net
-    restart: always
     deploy:
       mode: global
+    restart_policy:
+        condition: on-failure
 
   alertmanager:
     image: prom/alertmanager
@@ -58,14 +60,15 @@ services:
       - "./alertmanager/:/etc/alertmanager/"
     networks:
       - monitor-net
-    restart: always
     command:
       - '--config.file=/etc/alertmanager/config.yml'
       - '--storage.path=/alertmanager'
     deploy:
       placement:
         constraints:
            - node.role==manager
+      restart_policy:
+        condition: on-failure    
 
   cadvisor:
     image: google/cadvisor
@@ -78,12 +81,13 @@ services:
       - 8080:8080
     networks:
       - monitor-net
-    restart: always
     deploy:
       mode: global
+    restart_policy:
+        condition: on-failure
 
   grafana:
-    image: grafana/grafana:5.4.4
+    image: grafana/grafana
     depends_on:
       - prometheus
     ports:
@@ -95,9 +99,11 @@ services:
       - ./grafana/config.monitoring
     networks:
       - monitor-net
-    restart: always
+    user: "104"
     deploy:
       placement:
         constraints:
           - node.role==manager
+      restart_policy:
+        condition: on-failure
 
diff --git a/docker-traefik-stack.yml b/docker-traefik-stack.yml
@@ -0,0 +1,154 @@
+version: '3.7'
+
+volumes:
+    prometheus_data: {}
+    grafana_data: {}
+
+networks:
+  monitor-net:
+    driver: overlay
+    name: inbound
+  traefik:
+    driver: overlay
+    name: traefik
+
+services:
+  traefik:
+    image: traefik:v1.7.12-alpine
+    command:
+      - "--logLevel=DEBUG"
+      - "--api"
+      - "--metrics"
+      - "--metrics.prometheus.buckets=0.1,0.3,1.2,5.0"
+      - "--docker"
+      - "--docker.swarmMode"
+      - "--docker.domain=docker.localhost"
+      - "--docker.watch"
+    networks:
+      - traefik
+      - monitor-net
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    ports:
+      - target: 80
+        published: 80
+        mode: host
+      - target: 443
+        published: 443
+        mode: host
+      - target: 8080
+        published: 8080
+        protocol: tcp
+        mode: ingress
+    deploy:
+      mode: global
+      placement:
+        constraints:
+          - node.role == manager
+      update_config:
+        parallelism: 1
+        delay: 10s
+      restart_policy:
+        condition: on-failure
+
+  prometheus:
+    image: prom/prometheus
+    volumes:
+      - ./prometheus/:/etc/prometheus/
+      - prometheus_data:/prometheus
+    command:
+      - '--config.file=/etc/prometheus/prometheus.yml'
+      - '--storage.tsdb.path=/prometheus'
+      - '--web.console.libraries=/usr/share/prometheus/console_libraries'
+      - '--web.console.templates=/usr/share/prometheus/consoles'
+    networks:
+      - monitor-net     
+    deploy:
+      placement:
+        constraints:
+          - node.role==manager
+      labels:
+          - "traefik.frontend.rule=Host:prometheus.localhost"
+          - "traefik.backend=prometheus"
+          - "traefik.port=9090"
+          - "traefik.docker.network=traefik"
+      restart_policy:
+        condition: on-failure
+
+  node-exporter:
+    image: prom/node-exporter
+    volumes:
+      - /proc:/host/proc:ro
+      - /sys:/host/sys:ro
+      - /:/rootfs:ro
+    command: 
+      - '--path.procfs=/host/proc' 
+      - '--path.sysfs=/host/sys'
+      - --collector.filesystem.ignored-mount-points
+      - "^/(sys|proc|dev|host|etc|rootfs/var/lib/docker/containers|rootfs/var/lib/docker/overlay2|rootfs/run/docker/netns|rootfs/var/lib/docker/aufs)($$|/)"
+    ports:
+      - 9100:9100
+    networks:
+      - monitor-net
+    deploy:
+      mode: global
+      restart_policy:
+        condition: on-failure
+
+  alertmanager:
+    image: prom/alertmanager
+    ports:
+      - 9093:9093
+    volumes:
+      - "./alertmanager/:/etc/alertmanager/"
+    networks:
+      - monitor-net
+    command:
+      - '--config.file=/etc/alertmanager/config.yml'
+      - '--storage.path=/alertmanager'
+    deploy:
+      placement:
+        constraints:
+           - node.role==manager
+      restart_policy:
+        condition: on-failure    
+
+  cadvisor:
+    image: google/cadvisor
+    volumes:
+      - /:/rootfs:ro
+      - /var/run:/var/run:rw
+      - /sys:/sys:ro
+      - /var/lib/docker/:/var/lib/docker:ro
+    ports:
+      - 8088:8080
+    networks:
+      - monitor-net
+    deploy:
+      mode: global
+      restart_policy:
+        condition: on-failure
+
+  grafana:
+    image: grafana/grafana
+    depends_on:
+      - prometheus
+    volumes:
+      - grafana_data:/var/lib/grafana
+      - ./grafana/provisioning/:/etc/grafana/provisioning/
+    env_file:
+      - ./grafana/config.monitoring
+    networks:
+      - monitor-net
+    user: "104"
+    deploy:
+      placement:
+        constraints:
+          - node.role==manager
+      labels:
+        -  "traefik.frontend.rule=Host:grafana.localhost"
+        - "traefik.backend=grafana"
+        - "traefik.port=3000"
+        - "traefik.docker.network=traefik"
+      restart_policy:
+        condition: on-failure