Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Node-exporter as DaemonSet for "K8S as cloud service" #1713

Merged
merged 1 commit into from
Oct 2, 2020
Merged

Node-exporter as DaemonSet for "K8S as cloud service" #1713

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions CHANGELOG-0.8.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@
- [#1225](https://github.com/epiphany-platform/epiphany/issues/1225) - Add OS_PATCHING.md with information about patching RHEL OS
- [#1656](https://github.com/epiphany-platform/epiphany/issues/1656) - Run Helm tasks from Epiphany container
- [#1640](https://github.com/epiphany-platform/epiphany/issues/1640) - Added separate machine for repository and changed helm to use localhost address
- [#1640](https://github.com/epiphany-platform/epiphany/issues/1673) - Added Node Exporter as DaemonSet for Kubernetes as Cloud Service

### Updated

Expand Down
1 change: 1 addition & 0 deletions core/src/epicli/cli/engine/ansible/AnsibleVarsGenerator.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -121,6 +121,7 @@ def write_role_manifest_vars(self, ansible_dir, role, kind):
def populate_group_vars(self, ansible_dir):
main_vars = ObjDict()
main_vars['admin_user'] = self.cluster_model.specification.admin_user
main_vars['k8s_as_cloud_service'] = self.cluster_model.specification.cloud.k8s_as_cloud_service
main_vars['validate_certs'] = Config().validate_certs
main_vars['offline_requirements'] = Config().offline_requirements
main_vars['wait_for_pods'] = Config().wait_for_pods
Expand Down
1 change: 1 addition & 0 deletions core/src/epicli/data/aws/defaults/configuration/minimal-cluster-config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ specification:
name: operations # YOUR-ADMIN-USERNAME
key_path: /user/.ssh/epiphany-operations/id_rsa # YOUR-SSH-KEY-PATH
cloud:
k8s_as_cloud_service: False
use_public_ips: False # When not using public IPs you have to provide connectivity via private IPs (VPN)
credentials:
key: XXXX-XXXX-XXXX
Expand Down
1 change: 1 addition & 0 deletions core/src/epicli/data/azure/defaults/configuration/minimal-cluster-config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ specification:
name: operations # YOUR-ADMIN-USERNAME
key_path: /user/.ssh/epiphany-operations/id_rsa # YOUR-SSH-KEY-PATH
cloud:
k8s_as_cloud_service: False
use_public_ips: False # When not using public IPs you have to provide connectivity via private IPs (VPN)
components:
repository:
Expand Down
2 changes: 2 additions & 0 deletions core/src/epicli/data/common/ansible/playbooks/node_exporter.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,3 +8,5 @@
become_method: sudo
roles:
- node_exporter
environment:
KUBECONFIG: "{{ kubeconfig.local }}"
51 changes: 51 additions & 0 deletions ...common/ansible/playbooks/roles/node_exporter/tasks/install-node-exporter-as-daemonset.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
---

- name: Prepare configuration and upgrade/install Node-Exporter's Helm chart
vars:
# Handling "undefined", "null", "empty" and "boolean" values all at once.
disable_helm_chart_bool: "{{ specification.disable_helm_chart | default(false, true) | bool }}"

# Handling "undefined", "null" and "empty" values all at once.
helm_chart_values_bool: "{{ specification.helm_chart_values | default(false) | ternary(true, false) }}"

delegate_to: localhost
become: false
run_once: true
when: not disable_helm_chart_bool
block:
- name: Set Node-Exporter's Chart file name to install
set_fact:
exporter_chart_file_name: "{{ specification.files.node_exporter_helm_chart_file_name }}"

- name: Download Node-Exporter's Chart File
include_role:
name: download
tasks_from: download_file
vars:
file_name: "{{ exporter_chart_file_name }}"
repository_url: http://localhost/epirepo

- when: helm_chart_values_bool
# IF `helm_chart_values`
block:
- name: Copy Node-Exporter's Helm chart's custom configuration to file
copy:
content: "{{ specification.helm_chart_values }}"
dest: "{{ download_directory }}/{{ specification.helm_chart_name }}_values.yaml"

- name: Install Node-Exporter's Helm chart (with custom values.yaml)
delegate_to: localhost
shell: |
helm upgrade --install \
-f {{ download_directory }}/{{ specification.helm_chart_name }}_values.yaml \
{{ specification.helm_chart_name }} \
{{ download_directory }}/{{ exporter_chart_file_name }}

- when: not helm_chart_values_bool
# ELSE
block:
- name: Install Node-Exporter's Helm chart (with default values.yaml)
shell: |
helm upgrade --install \
{{ specification.helm_chart_name }} \
{{ download_directory }}/{{ exporter_chart_file_name }}
83 changes: 83 additions & 0 deletions ...n/ansible/playbooks/roles/node_exporter/tasks/install-node-exporter-as-system-service.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,83 @@
---

- name: Create node_exporter system group
group:
name: node_exporter
system: true
state: present

- name: Create node_exporter system user
user:
name: node_exporter
system: true
shell: "/usr/sbin/nologin"
rpudlowski93 marked this conversation as resolved.
Show resolved Hide resolved
group: node_exporter
createhome: false

- name: Set Node Exporter file name to install
set_fact:
exporter_file_name: "node_exporter-{{ exporter.version }}.linux-amd64.tar.gz"

- name: Download Node Exporter binaries
include_role:
name: download
tasks_from: download_file
vars:
file_name: "{{ exporter_file_name }}"

- name: Create /opt/node_exporter directories
file:
path: "{{ item }}"
recurse: true
owner: root
group: "node_exporter"
mode: u=rwx,g=rx,o=
state: directory
with_items:
- /opt/node_exporter

- name: Unpack node_exporter binary
unarchive:
remote_src: true
src: "{{ download_directory }}/{{ exporter_file_name }}"
dest: "/opt/node_exporter"
creates: "/opt/node_exporter/node_exporter"
extra_opts: [--strip-components=1]
mode: u=rwx,g=rx,o=rx
owner: root
group: node_exporter
check_mode: false
notify:
- restart prometheus node exporter service

- name: Install node_exporter service to systemd
template:
src: prometheus-node-exporter.service.j2
dest: "/etc/systemd/system/{{ exporter.service.name }}.service"
owner: root
group: root
mode: u=rw,g=r,o=r

- name: Configure systemd to use node_exporter service
systemd:
daemon_reload: true
enabled: true
name: "{{ exporter.service.name }}.service"

- name: Start exporter
service:
name: "{{ exporter.service.name }}"
state: started

- name: Copy file_sd_config to prometheus hosts
template:
dest: "{{ specification.config_for_prometheus.prometheus_config_dir }}/file_sd/node-{{ inventory_hostname }}.yml"
src: file_sd_config.yml.j2
owner: root
group: root
mode: u=rw,g=r,o=r
delegate_to: "{{ item }}"
with_inventory_hostnames:
- prometheus
notify:
- restart prometheus on remote servers
85 changes: 5 additions & 80 deletions core/src/epicli/data/common/ansible/playbooks/roles/node_exporter/tasks/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,83 +1,8 @@
---
- name: Create node_exporter system group
group:
name: node_exporter
system: true
state: present

- name: Create node_exporter system user
user:
name: node_exporter
system: true
shell: "/usr/sbin/nologin"
group: node_exporter
createhome: false
- name: Include installation tasks for Node Exporter as System Service
include_tasks: install-node-exporter-as-system-service.yml

- name: Set Node Exporter file name to install
set_fact:
exporter_file_name: "node_exporter-{{ exporter.version }}.linux-amd64.tar.gz"

- name: Download Node Exporter binaries
include_role:
name: download
tasks_from: download_file
vars:
file_name: "{{ exporter_file_name }}"

- name: Create /opt/node_exporter directories
become: true
file:
path: "{{ item }}"
recurse: true
owner: root
group: "node_exporter"
mode: 0750
state: directory
with_items:
- /opt/node_exporter

- name: Unpack node_exporter binary
become: true
unarchive:
remote_src: true
src: "{{ download_directory }}/{{ exporter_file_name }}"
dest: "/opt/node_exporter"
creates: "/opt/node_exporter/node_exporter"
extra_opts: [--strip-components=1]
mode: 0755
owner: root
group: node_exporter
check_mode: false
notify:
- restart prometheus node exporter service

- name: Install node_exporter service to systemd
template:
src: prometheus-node-exporter.service.j2
dest: "/etc/systemd/system/{{ exporter.service.name }}.service"
owner: root
group: root
mode: 0644

- name: Configure systemd to use node_exporter service
systemd:
daemon_reload: true
enabled: true
name: "{{ exporter.service.name }}.service"

- name: Start exporter
service:
name: "{{ exporter.service.name }}"
state: started

- name: Copy file_sd_config to prometheus hosts
template:
dest: "{{ specification.config_for_prometheus.prometheus_config_dir }}/file_sd/node-{{ inventory_hostname }}.yml"
src: file_sd_config.yml.j2
owner: root
group: root
mode: 0644
delegate_to: "{{ item }}"
with_inventory_hostnames:
- prometheus
notify: restart prometheus on remote servers
- name: Include installation tasks for Node Exporter as DaemonSet for "k8s as cloud service"
when: k8s_as_cloud_service is defined and k8s_as_cloud_service
include_tasks: install-node-exporter-as-daemonset.yml
29 changes: 23 additions & 6 deletions ...li/data/common/ansible/playbooks/roles/prometheus/tasks/configure-k8s-apps-monitoring.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,11 +1,28 @@
---
- name: Set master hostname variable
set_fact:
master_hostname: "{{ groups['kubernetes_master'] | first }}"
- name: Set facts for "classic epiphany k8s"
when: k8s_as_cloud_service is defined and not k8s_as_cloud_service
block:
- name: Set master hostname variable
set_fact:
master_hostname: "{{ groups['kubernetes_master'] | first }}"

- name: Set api server address variable
set_fact:
api_server_address: "https://{{ master_hostname }}:6443"
- name: Set api server address variable
set_fact:
api_server_address: "https://{{ master_hostname }}:6443"

- name: Set facts for "k8s as cloud service"
when: k8s_as_cloud_service is defined and k8s_as_cloud_service
block:
- name: Get api server address from "k8s as cloud service"
become: false
command: "kubectl config view -o jsonpath='{.clusters[0].cluster.server}'"
register: cluster_api_server_address
run_once: true
delegate_to: localhost

- name: Set api server address variable
set_fact:
api_server_address: "{{ cluster_api_server_address.stdout }}"

- name: Apply rolebinding to K8s for Prometheus
become: false
Expand Down
23 changes: 23 additions & 0 deletions core/src/epicli/data/common/ansible/playbooks/roles/prometheus/templates/prometheus.yml.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,29 @@ scrape_configs:
- __meta_kubernetes_namespace
- __meta_kubernetes_service_name
- __meta_kubernetes_endpoint_port_name

# Scrape config for node exporters in "k8s as cloud service"

{% if k8s_as_cloud_service is defined and k8s_as_cloud_service %}
- job_name: 'kubernetes-node-exporters'
kubernetes_sd_configs:
- role: endpoints
api_server: "{{ api_server_address }}"
tls_config:
insecure_skip_verify: true
bearer_token: "{{ bearer_token }}"
tls_config:
insecure_skip_verify: true
bearer_token: "{{ bearer_token }}"
relabel_configs:
- source_labels:
- __meta_kubernetes_endpoints_name
regex: 'node-exporter'
action: keep
- source_labels:
- __meta_kubernetes_endpoint_node_name
target_label: instance
{% endif %}

# Scrape config for nodes (kubelet).

Expand Down
1 change: 1 addition & 0 deletions .../ansible/playbooks/roles/repository/files/download-requirements/centos-7/requirements.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -160,6 +160,7 @@ https://releases.hashicorp.com/vault/1.4.0/vault_1.4.0_linux_amd64.zip
https://get.helm.sh/helm-v3.2.0-linux-amd64.tar.gz
https://github.com/hashicorp/vault-helm/archive/v0.4.0.tar.gz
https://github.com/wrouesnel/postgres_exporter/releases/download/v0.8.0/postgres_exporter_v0.8.0_linux-amd64.tar.gz
https://charts.bitnami.com/bitnami/node-exporter-1.1.2.tgz

[images]
haproxy:2.2.2-alpine
Expand Down
1 change: 1 addition & 0 deletions .../ansible/playbooks/roles/repository/files/download-requirements/redhat-7/requirements.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -157,6 +157,7 @@ https://releases.hashicorp.com/vault/1.4.0/vault_1.4.0_linux_amd64.zip
https://get.helm.sh/helm-v3.2.0-linux-amd64.tar.gz
https://github.com/hashicorp/vault-helm/archive/v0.4.0.tar.gz
https://github.com/wrouesnel/postgres_exporter/releases/download/v0.8.0/postgres_exporter_v0.8.0_linux-amd64.tar.gz
https://charts.bitnami.com/bitnami/node-exporter-1.1.2.tgz

[images]
haproxy:2.2.2-alpine
Expand Down
1 change: 1 addition & 0 deletions ...ible/playbooks/roles/repository/files/download-requirements/ubuntu-18.04/requirements.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -186,6 +186,7 @@ https://releases.hashicorp.com/vault/1.4.0/vault_1.4.0_linux_amd64.zip
https://get.helm.sh/helm-v3.2.0-linux-amd64.tar.gz
https://github.com/hashicorp/vault-helm/archive/v0.4.0.tar.gz
https://github.com/wrouesnel/postgres_exporter/releases/download/v0.8.0/postgres_exporter_v0.8.0_linux-amd64.tar.gz
https://charts.bitnami.com/bitnami/node-exporter-1.1.2.tgz

[images]
haproxy:2.2.2-alpine
Expand Down
8 changes: 8 additions & 0 deletions core/src/epicli/data/common/defaults/configuration/node-exporter.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,14 @@ kind: configuration/node-exporter
title: "Node exporter"
name: default
specification:
helm_chart_name: node-exporter
disable_helm_chart: false
helm_chart_values:
service:
port: 9100
targetPort: 9100
files:
node_exporter_helm_chart_file_name: node-exporter-1.1.2.tgz
enabled_collectors:
- conntrack
- diskstats
Expand Down
1 change: 1 addition & 0 deletions core/src/epicli/data/common/defaults/epiphany-cluster.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ specification:
name: operations # YOUR-ADMIN-USERNAME
key_path: /root/.ssh/epiphany-operations/id_rsa # YOUR-SSH-KEY-PATH
cloud:
k8s_as_cloud_service: False
subscription_name: YOUR-SUB-NAME
vnet_address_pool: 10.1.0.0/20
use_public_ips: False # When not using public IPs you have to provide connectivity via private IPs (VPN)
Expand Down
1 change: 1 addition & 0 deletions docs/home/COMPONENTS.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@ Note that versions are default versions and can be changed in certain cases thro
| Apache2 | 2.4.29 | https://httpd.apache.org/ | [Apache License 2.0](https://www.apache.org/licenses/LICENSE-2.0) |
| Hasicorp Vault | 1.4.0 | https://httpd.apache.org/ | [Mozilla Public License 2.0](https://github.com/hashicorp/vault/blob/master/LICENSE) |
| Hasicorp Vault Helm Chart | 0.4.0 | https://httpd.apache.org/ | [Mozilla Public License 2.0](https://github.com/hashicorp/vault-helm/blob/master/LICENSE.md) |
| Bitnami Node-Exporter Helm Chart | 1.1.2 | https://github.com/bitnami/charts | [Apache License 2.0](https://www.apache.org/licenses/LICENSE-2.0) |

## Epicli binary dependencies

Expand Down