From 22014524ab710947798fed63c81cafad02bcfb45 Mon Sep 17 00:00:00 2001 From: Tom Hughes Date: Tue, 15 Sep 2020 19:54:16 +0000 Subject: [PATCH] Install grafana as an interface to prometheus --- cookbooks/apt/recipes/default.rb | 8 +++++ cookbooks/prometheus/attributes/default.rb | 4 +++ cookbooks/prometheus/metadata.rb | 2 ++ cookbooks/prometheus/recipes/server.rb | 31 +++++++++++++++++++ .../prometheus/templates/default/apache.erb | 28 +++++++++++++++++ .../templates/default/grafana.ini.erb | 8 +++++ test/data_bags/prometheus/passwords.json | 4 +++ .../serverspec/apache_spec.rb | 21 +++++++++++++ .../serverspec/grafana_spec.rb | 17 ++++++++++ 9 files changed, 123 insertions(+) create mode 100644 cookbooks/prometheus/templates/default/apache.erb create mode 100644 cookbooks/prometheus/templates/default/grafana.ini.erb create mode 100644 test/data_bags/prometheus/passwords.json create mode 100644 test/integration/prometheus-server/serverspec/apache_spec.rb create mode 100644 test/integration/prometheus-server/serverspec/grafana_spec.rb diff --git a/cookbooks/apt/recipes/default.rb b/cookbooks/apt/recipes/default.rb index d0a26fae7..06b81b898 100644 --- a/cookbooks/apt/recipes/default.rb +++ b/cookbooks/apt/recipes/default.rb @@ -174,6 +174,14 @@ apt_repository "docker" do key "https://download.docker.com/linux/ubuntu/gpg" end +apt_repository "grafana" do + action repository_actions["grafana"] + uri "https://packages.grafana.com/enterprise/deb" + distribution "stable" + components ["main"] + key "https://packages.grafana.com/gpg.key" +end + package "unattended-upgrades" if Dir.exist?("/usr/share/unattended-upgrades") diff --git a/cookbooks/prometheus/attributes/default.rb b/cookbooks/prometheus/attributes/default.rb index bea00dfc6..56781b4dc 100644 --- a/cookbooks/prometheus/attributes/default.rb +++ b/cookbooks/prometheus/attributes/default.rb @@ -1 +1,5 @@ default[:prometheus][:exporters] = {} + +if node[:recipes].include?("prometheus::server") + default[:apt][:sources] |= ["grafana"] +end diff --git a/cookbooks/prometheus/metadata.rb b/cookbooks/prometheus/metadata.rb index ee2a797b7..d3167f888 100644 --- a/cookbooks/prometheus/metadata.rb +++ b/cookbooks/prometheus/metadata.rb @@ -6,4 +6,6 @@ description "Installs and configures prometheus" version "1.0.0" supports "ubuntu" +depends "apache" +depends "apt" depends "networking" diff --git a/cookbooks/prometheus/recipes/server.rb b/cookbooks/prometheus/recipes/server.rb index 297070b33..2fcaddf47 100644 --- a/cookbooks/prometheus/recipes/server.rb +++ b/cookbooks/prometheus/recipes/server.rb @@ -17,6 +17,11 @@ # limitations under the License. # +include_recipe "apache" +include_recipe "apt" + +passwords = data_bag_item("prometheus", "passwords") + package "prometheus" clients = search(:node, "recipes:prometheus\\:\\:default").sort_by(&:name) @@ -40,3 +45,29 @@ service "prometheus" do action [:enable, :start] subscribes :reload, "template[/etc/prometheus/prometheus.yml]" end + +package "grafana-enterprise" + +template "/etc/grafana/grafana.ini" do + source "grafana.ini.erb" + owner "root" + group "grafana" + mode "640" + variables :passwords => passwords +end + +service "grafana-server" do + action [:enable, :start] +end + +apache_module "alias" +apache_module "proxy_http" + +ssl_certificate "prometheus.openstreetmap.org" do + domains ["prometheus.openstreetmap.org", "prometheus.osm.org"] + notifies :reload, "service[apache2]" +end + +apache_site "prometheus.openstreetmap.org" do + template "apache.erb" +end diff --git a/cookbooks/prometheus/templates/default/apache.erb b/cookbooks/prometheus/templates/default/apache.erb new file mode 100644 index 000000000..b4c7c55ac --- /dev/null +++ b/cookbooks/prometheus/templates/default/apache.erb @@ -0,0 +1,28 @@ +# DO NOT EDIT - This file is being maintained by Prometheus + + + ServerName prometheus.openstreetmap.org + ServerAlias prometheus.osm.org + ServerAdmin webmaster@openstreetmap.org + + CustomLog /var/log/apache2/prometheus.openstreetmap.org-access.log combined + ErrorLog /var/log/apache2/prometheus.openstreetmap.org-error.log + + RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/ + Redirect permanent / https://prometheus.openstreetmap.org/ + + + + ServerName prometheus.openstreetmap.org + ServerAdmin webmaster@openstreetmap.org + + CustomLog /var/log/apache2/prometheus.openstreetmap.org-access.log combined + ErrorLog /var/log/apache2/prometheus.openstreetmap.org-error.log + + SSLEngine on + SSLCertificateFile /etc/ssl/certs/prometheus.openstreetmap.org.pem + SSLCertificateKeyFile /etc/ssl/private/prometheus.openstreetmap.org.key + + ProxyPass / http://localhost:3000/ + ProxyPreserveHost on + diff --git a/cookbooks/prometheus/templates/default/grafana.ini.erb b/cookbooks/prometheus/templates/default/grafana.ini.erb new file mode 100644 index 000000000..bdc143777 --- /dev/null +++ b/cookbooks/prometheus/templates/default/grafana.ini.erb @@ -0,0 +1,8 @@ +# DO NOT EDIT - This file is being maintained by Chef + +[server] +root_url = https://prometheus.openstreetmap.org/ + +[security] +admin_user = admin +admin_password = <%= @passwords[:grafana_admin] %> diff --git a/test/data_bags/prometheus/passwords.json b/test/data_bags/prometheus/passwords.json new file mode 100644 index 000000000..81a2ce671 --- /dev/null +++ b/test/data_bags/prometheus/passwords.json @@ -0,0 +1,4 @@ +{ + "id": "passwords", + "grafana_admin": "grafana_admin" +} diff --git a/test/integration/prometheus-server/serverspec/apache_spec.rb b/test/integration/prometheus-server/serverspec/apache_spec.rb new file mode 100644 index 000000000..446d3b915 --- /dev/null +++ b/test/integration/prometheus-server/serverspec/apache_spec.rb @@ -0,0 +1,21 @@ +require "serverspec" + +# Required by serverspec +set :backend, :exec + +describe package("apache2") do + it { should be_installed } +end + +describe service("apache2") do + it { should be_enabled } + it { should be_running } +end + +describe port(80) do + it { should be_listening.with("tcp") } +end + +describe port(443) do + it { should be_listening.with("tcp") } +end diff --git a/test/integration/prometheus-server/serverspec/grafana_spec.rb b/test/integration/prometheus-server/serverspec/grafana_spec.rb new file mode 100644 index 000000000..48f8945ba --- /dev/null +++ b/test/integration/prometheus-server/serverspec/grafana_spec.rb @@ -0,0 +1,17 @@ +require "serverspec" + +# Required by serverspec +set :backend, :exec + +describe package("grafana-enterprise") do + it { should be_installed } +end + +describe service("grafana-server") do + it { should be_enabled } + it { should be_running } +end + +describe port(3000) do + it { should be_listening.with("tcp6") } +end -- 2.39.5