]> git.openstreetmap.org Git - chef.git/blobdiff - cookbooks/prometheus/recipes/default.rb
Tighten timeouts and log request timeouts
[chef.git] / cookbooks / prometheus / recipes / default.rb
index 6e88362a40ba80bb8dc009b7886c832d474afc1f..df3ec2ea5fe3499f4918f0324a232b950aa2b409 100644 (file)
@@ -43,14 +43,10 @@ end
 
 directory "/opt/prometheus" do
   action :delete
 
 directory "/opt/prometheus" do
   action :delete
-  owner "root"
-  group "root"
-  mode "755"
   recursive true
   recursive true
-  not_if { ::Dir.exist?("/opt/prometheus/.git") }
 end
 
 end
 
-git "/opt/prometheus" do
+git "/opt/prometheus-exporters" do
   action :sync
   repository "https://github.com/openstreetmap/prometheus-exporters.git"
   revision "main"
   action :sync
   repository "https://github.com/openstreetmap/prometheus-exporters.git"
   revision "main"
@@ -103,21 +99,69 @@ end
 
 prometheus_exporter "node" do
   port 9100
 
 prometheus_exporter "node" do
   port 9100
+  user "root"
+  proc_subset "all"
+  protect_clock false
+  restrict_address_families %w[AF_UNIX AF_NETLINK]
+  system_call_filter ["@system-service", "@clock"]
   options %w[
     --collector.textfile.directory=/var/lib/prometheus/node-exporter
     --collector.interrupts
   options %w[
     --collector.textfile.directory=/var/lib/prometheus/node-exporter
     --collector.interrupts
-    --collector.ntp
     --collector.processes
     --collector.processes
+    --collector.rapl.enable-zone-label
     --collector.systemd
     --collector.tcpstat
   ]
   metric_relabel metric_relabel
 end
 
     --collector.systemd
     --collector.tcpstat
   ]
   metric_relabel metric_relabel
 end
 
+unless node[:prometheus][:junos].empty?
+  targets = node[:prometheus][:junos].collect { |_, details| details[:address] }.sort.join(",")
+
+  prometheus_exporter "junos" do
+    port 9326
+    options %W[
+      --ssh.user=prometheus
+      --ssh.keyfile=/var/lib/prometheus/junos-exporter/id_rsa
+      --ssh.targets=#{targets}
+      --bgp.enabled=false
+      --lacp.enabled=true
+      --ldp.enabled=false
+      --ospf.enabled=false
+      --power.enabled=false
+    ]
+    ssh true
+    register_target false
+  end
+end
+
 unless node[:prometheus][:snmp].empty?
   prometheus_exporter "snmp" do
     port 9116
 unless node[:prometheus][:snmp].empty?
   prometheus_exporter "snmp" do
     port 9116
-    options "--config.file=/opt/prometheus/exporters/snmp/snmp.yml"
+    options "--config.file=/opt/prometheus-exporters/exporters/snmp/snmp.yml"
     register_target false
   end
 end
     register_target false
   end
 end
+
+if node[:prometheus][:files].empty?
+  prometheus_exporter "filestat" do
+    action :delete
+  end
+
+  file "/etc/prometheus/filestat.yml" do
+    action :delete
+  end
+else
+  template "/etc/prometheus/filestat.yml" do
+    source "filestat.yml.erb"
+    owner "root"
+    group "root"
+    mode "644"
+  end
+
+  prometheus_exporter "filestat" do
+    port 9943
+    options "--config.file=/etc/prometheus/filestat.yml"
+    subscribes :restart, "template[/etc/prometheus/filestat.yml]"
+  end
+end