From 979021f5c40c812d7a9edf22bf8945f691badeed Mon Sep 17 00:00:00 2001 From: Georg Pfuetzenreuter Date: Wed, 15 Feb 2023 20:23:49 +0100 Subject: Import Prometheus server configuration * add new roles: - monitoring.prometheus - monitoring.prometheus-alertmanager - monitoring.prometheus-exporter-blackbox * add common Prometheus and Prometheus Alertmanager pillar data * add moni.lysergic.dev specific Prometheus pillar data Signed-off-by: Georg Pfuetzenreuter --- pillar/role/monitoring/prometheus-alertmanager.sls | 11 ++++++ .../monitoring/prometheus-exporter-blackbox.sls | 41 ++++++++++++++++++++++ pillar/role/monitoring/prometheus.sls | 11 ++++++ 3 files changed, 63 insertions(+) create mode 100644 pillar/role/monitoring/prometheus-alertmanager.sls create mode 100644 pillar/role/monitoring/prometheus-exporter-blackbox.sls create mode 100644 pillar/role/monitoring/prometheus.sls (limited to 'pillar/role') diff --git a/pillar/role/monitoring/prometheus-alertmanager.sls b/pillar/role/monitoring/prometheus-alertmanager.sls new file mode 100644 index 0000000..33eb5a4 --- /dev/null +++ b/pillar/role/monitoring/prometheus-alertmanager.sls @@ -0,0 +1,11 @@ +prometheus: + wanted: + component: + - alertmanager + pkg: + component: + alertmanager: + config: + global: + resolve_timeout: 5m + diff --git a/pillar/role/monitoring/prometheus-exporter-blackbox.sls b/pillar/role/monitoring/prometheus-exporter-blackbox.sls new file mode 100644 index 0000000..59b9945 --- /dev/null +++ b/pillar/role/monitoring/prometheus-exporter-blackbox.sls @@ -0,0 +1,41 @@ +prometheus: + wanted: + component: + - blackbox_exporter + pkg: + component: + blackbox_exporter: + config: + modules: + http_2xx: + prober: http + timeout: 15s + http_post_2xx: + prober: http + http: + method: POST + http_3xx: + prober: http + timeout: 5s + http: + method: HEAD + no_follow_redirects: true + valid_status_codes: [301, 302] + tcp_connect: + prober: tcp + ssh_banner: + prober: tcp + tcp: + query_response: + - expect: "^SSH-2.0-" + irc_banner: + prober: tcp + tcp: + query_response: + - send: "NICK prober" + - send: "USER prober prober prober :prober" + - expect: "PING :([^ ]+)" + send: "PONG ${1}" + - expect: "^:[^ ]+ 001" + icmp: + prober: icmp diff --git a/pillar/role/monitoring/prometheus.sls b/pillar/role/monitoring/prometheus.sls new file mode 100644 index 0000000..6cd2235 --- /dev/null +++ b/pillar/role/monitoring/prometheus.sls @@ -0,0 +1,11 @@ +prometheus: + wanted: + component: + - prometheus + pkg: + component: + prometheus: + config: + global: + scrape_interval: 15s + evaluation_interval: 1m -- cgit v1.2.3 From 0730cbb4c20c5d3e32cc2217530d4e27574bc7c7 Mon Sep 17 00:00:00 2001 From: Georg Pfuetzenreuter Date: Thu, 16 Feb 2023 01:31:57 +0100 Subject: Manage Prometheus firewall rules Signed-off-by: Georg Pfuetzenreuter --- pillar/role/monitoring/prometheus-exporter-blackbox.sls | 9 +++++++++ pillar/role/monitoring/prometheus.sls | 6 ++++++ 2 files changed, 15 insertions(+) (limited to 'pillar/role') diff --git a/pillar/role/monitoring/prometheus-exporter-blackbox.sls b/pillar/role/monitoring/prometheus-exporter-blackbox.sls index 59b9945..3e9ab08 100644 --- a/pillar/role/monitoring/prometheus-exporter-blackbox.sls +++ b/pillar/role/monitoring/prometheus-exporter-blackbox.sls @@ -39,3 +39,12 @@ prometheus: - expect: "^:[^ ]+ 001" icmp: prober: icmp + +firewalld: + zones: + internal: + ports: + - comment: 'Prometheus Blackbox Exporter' + port: 9115 + protocol: tcp + diff --git a/pillar/role/monitoring/prometheus.sls b/pillar/role/monitoring/prometheus.sls index 6cd2235..c9c2b01 100644 --- a/pillar/role/monitoring/prometheus.sls +++ b/pillar/role/monitoring/prometheus.sls @@ -9,3 +9,9 @@ prometheus: global: scrape_interval: 15s evaluation_interval: 1m + +firewalld: + zones: + internal: + services: + - prometheus -- cgit v1.2.3