Ansible Role for deploying grafana-agent

Signed-off-by: Adam Kraitman <[email protected]>
ceph · Dec 11, 2024 · 7ea20e3 · 7ea20e3
1 parent 30e68a8
commit 7ea20e3
Show file tree

Hide file tree

Showing 6 changed files with 133 additions and 0 deletions.
diff --git a/grafana_agent.yml b/grafana_agent.yml
@@ -0,0 +1,6 @@
+---
+- hosts: all
+  strategy: free
+  roles:
+    - grafana_agent
+  become: true
diff --git a/roles/grafana_agent/defaults/main.yml b/roles/grafana_agent/defaults/main.yml
@@ -0,0 +1,11 @@
+---
+# Mimir URL and creds
+agent_mimir_url: "http://sepia-grafana.front.sepia.ceph.com:9009/api/v1/push"
+agent_mimir_username: "admin"
+grafana_apt_repo_url: "https://apt.grafana.com"
+grafana_apt_repo_key_url: "https://apt.grafana.com/gpg.key"
+grafana_rpm_repo_url: "https://rpm.grafana.com"
+grafana_rpm_repo_key_url: "https://rpm.grafana.com/gpg.key"
+
+scrape_interval_global: "60s"
+scrape_interval_node: "30s"
diff --git a/roles/grafana_agent/handlers/main.yml b/roles/grafana_agent/handlers/main.yml
@@ -0,0 +1,6 @@
+---
+- name: "Restart grafana agent instance"
+  become: true
+  ansible.builtin.service:
+    name: "grafana-agent"
+    state: "restarted"
diff --git a/roles/grafana_agent/meta/main.yml b/roles/grafana_agent/meta/main.yml
@@ -0,0 +1,3 @@
+---
+dependencies:
+  - role: secrets
diff --git a/roles/grafana_agent/tasks/main.yml b/roles/grafana_agent/tasks/main.yml
@@ -0,0 +1,74 @@
+---
+- name: Include secrets
+  include_vars: "{{ secrets_path | mandatory }}/mimir_password.yml"
+  no_log: true
+  tags:
+    - always
+
+- name: Gather facts on listening ports
+  community.general.listen_ports_facts:
+
+- name: Check if prometheus is listening on port 9090
+  ansible.builtin.debug:
+    msg: The {{ item.name }} service - pid {{ item.pid }} is running on same port as grafana-agent please set {{ item.name }} to listen on a diffrent port than {{ item.port }}
+  vars:
+    tcp_listen_violations: "{{ ansible_facts.tcp_listen | selectattr('name', 'in', tcp_whitelist) | list }}"
+    tcp_whitelist:
+      - prometheus
+  loop: "{{ tcp_listen_violations }}"
+  failed_when: true
+
+- name: "Import Grafana GPG key"
+  become: true
+  ansible.builtin.get_url:
+    url: "{{ grafana_apt_repo_key_url }}"
+    dest: /etc/apt/keyrings/grafana.gpg
+    mode: '0644'
+    force: true
+  when: ansible_pkg_mgr == "apt"
+
+- name: Ensure downloaded file for key is a binary keyring
+  shell: "cat /etc/apt/keyrings/grafana.gpg | gpg --dearmor | sudo tee /etc/apt/keyrings/grafana.gpg > /dev/null"
+  when: ansible_pkg_mgr == "apt"
+
+- name: "Add Grafana's repository to APT sources list"
+  become: true
+  ansible.builtin.apt_repository:
+    repo: "deb [signed-by=/etc/apt/keyrings/grafana.gpg] {{ grafana_apt_repo_url }} stable main"
+    state: present
+  when: ansible_pkg_mgr == "apt"
+
+- name: "Add Grafana's repository to yum/dnf systems"
+  become: true
+  ansible.builtin.yum_repository:
+    baseurl: "{{ grafana_rpm_repo_url }}"
+    name: "grafana"
+    description: "grafana"
+    gpgcheck: true
+    gpgkey: "{{ grafana_rpm_repo_key_url }}"
+    state: present
+  when: ansible_os_family == "RedHat"
+
+- name: "Install grafana-agent"
+  become: true
+  ansible.builtin.package:
+    name: "grafana-agent"
+    state: "present"
+
+- name: "Enable grafana-agent"
+  become: true
+  ansible.builtin.service:
+    name: "grafana-agent"
+    state: "started"
+    enabled: true
+
+# Deploy config file from template and restart the agent
+- name: "Configure agent"
+  become: true
+  ansible.builtin.template:
+    src: "templates/grafana-agent.yaml.j2"
+    dest: "/etc/grafana-agent.yaml"
+    mode: "0440"
+    owner: "root"
+    group: "grafana-agent"
+  notify: "Restart grafana agent instance"
diff --git a/roles/grafana_agent/templates/grafana-agent.yaml.j2 b/roles/grafana_agent/templates/grafana-agent.yaml.j2
@@ -0,0 +1,33 @@
+server:
+  log_level: info
+
+metrics:
+  global:
+    remote_write:
+      - url: {{ agent_mimir_url }}
+        basic_auth:
+          username: {{ agent_mimir_username }}
+          password: {{ agent_mimir_password }}
+        queue_config:
+          max_backoff: 5m
+    external_labels:
+      nodetype: unknown_nodetype
+      ingest_instance: {{ inventory_hostname }}
+    scrape_interval: {{ scrape_interval_global }}
+  configs:
+    - name: {{ inventory_hostname }}
+      scrape_configs:
+        - job_name: 'grafana-agent-exporter'
+          relabel_configs:
+            - source_labels: [__address__]
+              target_label: instance
+              replacement: {{ inventory_hostname }}
+
+integrations:
+  node_exporter:
+    enabled: true
+    scrape_interval: {{ scrape_interval_node }}
+    instance: {{ inventory_hostname }}
+    rootfs_path: /
+    sysfs_path: /sys
+    procfs_path: /proc