diff --git a/monitor_host.yml b/monitor_host.yml
index f57e2b683464c593015af463dad96e08628a4ea0..4cfd49ba9c6a80b682c18c5b7423c1fbfe199465 100644
--- a/monitor_host.yml
+++ b/monitor_host.yml
@@ -1,5 +1,5 @@
---
-- hosts: monitorhosts
+- hosts: localhost
become: true
become_user: root
remote_user: root
@@ -9,131 +9,48 @@
- cloudalchemy.node-exporter
- cloudalchemy.blackbox-exporter
- cloudalchemy.grafana
+ # - geerlingguy.certbot
+ tasks:
+ - name: Allow grafana to bind to ports below 1024
+ shell: setcap 'cap_net_bind_service=+ep' /usr/sbin/grafana-server
+ - name: Restart grafana
+ shell: systemctl restart grafana-server.service
vars:
prometheus_targets:
node:
- targets:
- - localhost:9100
- - motsugo.ucc.asn.au:9100
- - mussel.ucc.asn.au:9100
- - mooneye.ucc.asn.au:9100
- - molmol.ucc.asn.au:9100
- - cerberus.ucc.asn.au:9100
- - loveday.ucc.asn.au:9100
- - magikarp.ucc.asn.au:9100
- maltair.ucc.asn.au:9100
+ - loveday.ucc.asn.au:9100
- medico.ucc.asn.au:9100
+ - magikarp.ucc.asn.au:9100
- mudkip.ucc.asn.au:9100
labels:
- env: demo
- job: node
+ env: ucc
+ job: cluster
- targets:
- - localhost:9093
+ - uccmonitor.ucc.asn.au:9100
labels:
- env: demo
- job: alertmanager
+ env: ucc
+ job: VMs
- targets:
- - localhost:3000
- labels:
- env: demo
- job: grafana
- prometheus_web_external_url: 'http://{{ ansible_host }}:9090'
- prometheus_alertmanager_config:
- - scheme: http
- static_configs:
- - targets: ['127.0.0.1:9093']
- prometheus_scrape_jobs:
- - job_name: 'blackbox'
- metrics_path: /probe
- params:
- module: [http_2xx]
- static_configs:
- - targets:
- - http://localhost:9100
- - motsugo.ucc.asn.au:9100
- - mussel.ucc.asn.au:9100
- - mooneye.ucc.asn.au:9100
- - molmol.ucc.asn.au:9100
- - cerberus.ucc.asn.au:9100
- - loveday.ucc.asn.au:9100
- - magikarp.ucc.asn.au:9100
- - maltair.ucc.asn.au:9100
- - medico.ucc.asn.au:9100
- - mudkip.ucc.asn.au:9100
- relabel_configs:
- - source_labels: [__address__]
- target_label: __param_target
- - source_labels: [__param_target]
- target_label: instance
- - target_label: __address__
- replacement: 127.0.0.1:9115 # Blackbox exporter.
- alertmanager_external_url: 'http://{{ ansible_host }}:9093'
- alertmanager_receivers:
- - name: 'email-wheel'
- email_configs:
- - to: 'wheel@ucc.asn.au'
- from: 'monitoring@ucc.asn.au'
- smarthost: 'smtp.ucc.com:587'
- auth_username: 'monitoring@ucc.asn.au'
- auth_identity: 'monitoring@ucc.asn.au'
- auth_password: SomePasswordHere
- alertmanager_route:
- group_by: ['alertname', 'cluster', 'service']
- group_wait: 30s
- group_interval: 5m
- repeat_interval: 3h
- receiver: 'email-wheel'
- grafana_datasources:
- - name: Prometheus
- type: prometheus
- access: proxy
- url: 'http://localhost:9090'
- isDefault: true
- basicAuth: false
- grafana_security:
- admin_user: admin
- admin_password: 'changeme'
- # todo: make LDAP
- grafana_auth:
- anonymous:
- org_name: 'UCC'---
-- hosts: monitorhosts
- become: true
- become_user: root
- remote_user: root
- roles:
- - cloudalchemy.prometheus
- - cloudalchemy.alertmanager
- - cloudalchemy.node-exporter
- - cloudalchemy.blackbox-exporter
- - cloudalchemy.grafana
- vars:
- prometheus_targets:
- node:
- - targets:
- - localhost:9100
- motsugo.ucc.asn.au:9100
+ - titan.ucc.asn.au:9100
- mussel.ucc.asn.au:9100
- mooneye.ucc.asn.au:9100
- molmol.ucc.asn.au:9100
- cerberus.ucc.asn.au:9100
- - loveday.ucc.asn.au:9100
- - magikarp.ucc.asn.au:9100
- - maltair.ucc.asn.au:9100
- - medico.ucc.asn.au:9100
- - mudkip.ucc.asn.au:9100
labels:
- env: demo
- job: node
+ env: ucc
+ job: other
- targets:
- localhost:9093
labels:
- env: demo
+ env: ucc
job: alertmanager
- targets:
- localhost:3000
labels:
- env: demo
+ env: ucc
job: grafana
prometheus_web_external_url: 'http://{{ ansible_host }}:9090'
prometheus_alertmanager_config:
@@ -147,17 +64,18 @@
module: [http_2xx]
static_configs:
- targets:
- - http://localhost:9100
- - motsugo.ucc.asn.au:9100
- - mussel.ucc.asn.au:9100
- - mooneye.ucc.asn.au:9100
- - molmol.ucc.asn.au:9100
- - cerberus.ucc.asn.au:9100
- - loveday.ucc.asn.au:9100
- - magikarp.ucc.asn.au:9100
- - maltair.ucc.asn.au:9100
- - medico.ucc.asn.au:9100
- - mudkip.ucc.asn.au:9100
+ - http://uccmonitor.ucc.asn.au:9100
+ - http://motsugo.ucc.asn.au:9100
+ - http://titan.ucc.asn.au:9100
+ - http://mussel.ucc.asn.au:9100
+ - http://mooneye.ucc.asn.au:9100
+ - http://molmol.ucc.asn.au:9100
+ - http://cerberus.ucc.asn.au:9100
+ - http://loveday.ucc.asn.au:9100
+ - http://magikarp.ucc.asn.au:9100
+ - http://maltair.ucc.asn.au:9100
+ - http://medico.ucc.asn.au:9100
+ - http://mudkip.ucc.asn.au:9100
relabel_configs:
- source_labels: [__address__]
target_label: __param_target
@@ -181,6 +99,14 @@
group_interval: 5m
repeat_interval: 3h
receiver: 'email-wheel'
+ grafana_server:
+ # protocol: https
+ # http_port: 443
+ # domain: monitor.ucc.asn.au
+ # root_url: https://monitor.ucc.asn.au
+ # cert_file: /etc/letsencrypt/live/monitor.ucc.asn.au/fullchain.pem
+ # cert_key: /etc/letsencrypt/live/monitor.ucc.asn.au/privkey.pem
+ enable_gzip: true
grafana_datasources:
- name: Prometheus
type: prometheus
@@ -195,16 +121,7 @@
grafana_auth:
anonymous:
org_name: 'UCC'
- org_role: Admin
- grafana_dashboards:
- - dashboard_id: '1860' # Node Exporter Full
- revision_id: '15'
- datasource: 'Prometheus'
- - dashboard_id: '3662' # Prometheus 2.0 Overview
- revision_id: '2'
- datasource: 'Prometheus'
-
- org_role: Admin
+ org_role: Viewer
grafana_dashboards:
- dashboard_id: '1860' # Node Exporter Full
revision_id: '15'
@@ -212,3 +129,9 @@
- dashboard_id: '3662' # Prometheus 2.0 Overview
revision_id: '2'
datasource: 'Prometheus'
+ certbot_certs:
+ - domains:
+ - monitor.ucc.asn.au
+ certbot_auto_renew: true
+ certbot_create_if_missing: true
+ certbot_admin_email: wheel@ucc.asn.au.com