Unverified Commit effa70f4 authored by Tharyrok's avatar Tharyrok
Browse files

First migration prometheus to victoriametrics

parent ac93da5e
Pipeline #826 passed with stage
in 3 minutes and 1 second
......@@ -12,9 +12,14 @@
name: matrix-goneb
state: restarted
- name: reload prometheus
- name: reload victoriametrics
service:
name: prometheus
name: victoriametrics
state: reloaded
- name: reload victoriametrics-alert
service:
name: victoriametrics-alert
state: reloaded
- name: reload alertmanager
......
......@@ -20,4 +20,4 @@
roles:
- telegraf
- prometheus
- victoriametrics
......@@ -81,11 +81,11 @@
state: started
enabled: true
- name: Ajout du job alertmanager dans Prometheus
- name: Ajout du job alertmanager dans VictoriaMetrics
copy:
src: prometheus/alertmanager.yml
dest: /etc/prometheus/conf.d/alertmanager.yml
owner: prometheus
group: prometheus
src: victoriametrics/alertmanager.yml
dest: /etc/victoriametrics/conf.d/alertmanager.yml
owner: victoriametrics
group: victoriametrics
mode: "u=rw,go=r"
notify: reload prometheus
notify: reload victoriametrics
- name: Création du dossier des alertes
file:
path: /etc/prometheus/rules.d
owner: prometheus
group: prometheus
mode: "u=rwx,g=rx,o="
state: directory
- name: Copie des alertes de base
template:
src: rules/base.rules.j2
dest: /etc/prometheus/rules.d/base.rules
src: rules/base.yml.j2
dest: /etc/victoriametrics/rules.d/base.yml
owner: root
group: root
mode: "u=rw,go=r"
validate: promtool check rules %s
notify: reload prometheus
notify: reload victoriametrics-alert
victoriametrics_version: 1.78.0
victoriametrics_telegraf_hosts: "{{ groups.all }}"
victoriametrics_username: victoriametrics
victoriametrics_password: neutrinet
victoriametrics_memory_limit: 512MB
victoriametrics_alter_enable: true
victoriametrics_alter_memory_limit: 512MB
victoriametrics_alter_datasource: "http://localhost:8428"
victoriametrics_alter_notifier: "http://localhost:9093"
victoriametrics_remote_write_url: ""
victoriametrics_remote_read_url: ""
victoriametrics_storage_retention: 1w
victoriametrics_storage_path: /var/lib/victoriametrics
- name: restart victoriametrics
systemd:
name: victoriametrics
daemon_reload: true
state: restarted
- name: reload victoriametrics
service:
name: victoriametrics
state: reloaded
- name: restart victoriametrics-alert
systemd:
name: victoriametrics-alert
daemon_reload: true
state: restarted
- name: reload victoriametrics-alert
service:
name: victoriametrics-alert
state: reloaded
*********************************
Vagrant driver installation guide
*********************************
Requirements
============
* Vagrant
* Virtualbox, Parallels, VMware Fusion, VMware Workstation or VMware Desktop
Install
=======
Please refer to the `Virtual environment`_ documentation for installation best
practices. If not using a virtual environment, please consider passing the
widely recommended `'--user' flag`_ when invoking ``pip``.
.. _Virtual environment: https://virtualenv.pypa.io/en/latest/
.. _'--user' flag: https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site
.. code-block:: bash
$ pip install 'molecule_vagrant'
---
- name: Converge
hosts: all
become: true
roles:
- victoriametrics
- haproxy
telegraf_username: telegraf
telegraf_password: neutrinet
telegraf_prometheus_client_listen_address: localhost
letsencrypt_domains_gandi: []
haproxy_redirect: []
haproxy_postgresql: []
haproxy:
- hostname: "{{ ansible_fqdn }}"
target:
- 127.0.0.1
target_port: 8428
healthcheck: true
healthcheck_url: GET /-/healthy
username: "{{ victoriametrics_username }}"
password: "{{ victoriametrics_password }}"
dependency:
name: galaxy
driver:
name: vagrant
provider:
name: virtualbox
platforms:
- name: bullseye-victoriametrics-molecule
box: debian/bullseye64
cpu: 2
memory: 2048
interfaces:
- network_name: private_network
type: dhcp
auto_config: true
provisioner:
name: ansible
config_options:
defaults:
interpreter_python: /usr/bin/python3
vault_password_file: "${MOLECULE_PROJECT_DIRECTORY}/../../vault.key"
ssh_connection:
pipelining: true
verifier:
name: ansible
---
- name: Prepare
hosts: all
become: true
pre_tasks:
- name: Mise à jour du cache APT
apt:
update_cache: true
roles:
- telegraf
- name: Récupération de la liste des dossiers d'installation
find:
path: /opt/victoriametrics
file_type: directory
use_regex: true
recurse: false
pattern: '^[0-9]+\.[0-9]+\.[0-9]+$'
register: _victoriametrics_installed_dirs
- name: Récupération de la liste des archives
find:
path: /usr/local/src/victoriametrics
file_type: file
use_regex: true
recurse: false
pattern: '^[0-9]+\.[0-9]+\.[0-9]+\.tar\.gz$'
register: _victoriametrics_archives
- name: Récupération de la plus ancienne version et de la version courante
set_fact:
victoriametrics_oldest_archive: "{{ victoriametrics_sorted_archives | first }}"
victoriametrics_oldest_install_dir: "{{ victoriametrics_sorted_install_dirs | first }}"
victoriametrics_oldest_version: "{{ victoriametrics_sorted_install_dirs | first | basename }}"
vars:
victoriametrics_sorted_archives: |-
{{ _victoriametrics_archives.files
| map(attribute='path')
| community.general.version_sort }}
victoriametrics_sorted_install_dirs: |-
{{ _victoriametrics_installed_dirs.files
| map(attribute='path')
| community.general.version_sort }}
- name: Suppression de la plus ancienne version (v{{ victoriametrics_oldest_version }})
file:
state: absent
path: "{{ victoriametrics_oldest_install_dir }}"
when: _victoriametrics_installed_dirs.files | length > 5
- name: Suppression de la plus ancienne archive
file:
state: absent
path: "{{ victoriametrics_oldest_archive }}"
when: _victoriametrics_archives.files | length > 5
- name: Création de l'utilisateur
import_tasks: user.yml
tags: ['user']
- name: Installation de VictoriaMetrics
import_tasks: victoriametrics.yml
tags: ['victoriametrics']
#- name: Nettoyage des anciennes versions
# import_tasks: cleanup.yml
# tags: ['cleanup']
- name: Création de l'utilisateur VictoriaMetrics
user:
name: victoriametrics
home: /opt/victoriametrics
shell: /sbin/nologin
system: true
state: present
- name: Création des dossiers de VictoriaMetrics
file:
path: "{{ victoriametrics_dir }}"
owner: victoriametrics
group: victoriametrics
mode: "u=rwx,g=rx,o="
state: directory
loop:
- /opt/victoriametrics
- /opt/victoriametrics/{{ victoriametrics_version }}
- /etc/victoriametrics
- /var/lib/victoriametrics
loop_control:
loop_var: victoriametrics_dir
- name: Création du dossier des archives VictoriaMetrics
file:
path: /usr/local/src/victoriametrics
owner: root
group: root
mode: "u=rwx,g=rx,o="
state: directory
- name: Téléchargement de l'archive VictoriaMetrics v{{ victoriametrics_version }}
get_url:
url: https://github.com/VictoriaMetrics/VictoriaMetrics/releases/download/v{{ victoriametrics_version }}/victoria-metrics-amd64-v{{ victoriametrics_version }}.tar.gz
dest: /usr/local/src/victoriametrics/{{ victoriametrics_version }}.tar.gz
owner: root
group: root
mode: "u=rw,go=r"
- name: Téléchargement de l'archive des outils de VictoriaMetrics v{{ victoriametrics_version }}
get_url:
url: https://github.com/VictoriaMetrics/VictoriaMetrics/releases/download/v{{ victoriametrics_version }}/vmutils-amd64-v{{ victoriametrics_version }}.tar.gz
dest: /usr/local/src/victoriametrics/tools-{{ victoriametrics_version }}.tar.gz
owner: root
group: root
mode: "u=rw,go=r"
- name: Décompression de l'archive VictoriaMetrics
unarchive:
src: /usr/local/src/victoriametrics/{{ victoriametrics_version }}.tar.gz
dest: /opt/victoriametrics/{{ victoriametrics_version }}
creates: /opt/victoriametrics/{{ victoriametrics_version }}/victoria-metrics-prod
remote_src: true
owner: victoriametrics
group: victoriametrics
- name: Décompression de l'archive des outils de VictoriaMetrics
unarchive:
src: /usr/local/src/victoriametrics/tools-{{ victoriametrics_version }}.tar.gz
dest: /opt/victoriametrics/{{ victoriametrics_version }}
creates: /opt/victoriametrics/{{ victoriametrics_version }}/vmalert-prod
remote_src: true
owner: victoriametrics
group: victoriametrics
- name: Création du lien symbolique pour les binaires de VictoriaMetrics
file:
src: /opt/victoriametrics/{{ victoriametrics_version }}/{{ victoriametrics_bin }}
dest: /usr/local/bin/{{ victoriametrics_bin | replace('-prod', '') }}
state: link
loop:
- victoria-metrics-prod
- vmagent-prod
- vmalert-prod
- vmauth-prod
- vmbackup-prod
- vmctl-prod
- vmrestore-prod
loop_control:
loop_var: victoriametrics_bin
notify: restart victoriametrics
- name: Configuration de VictoriaMetrics
template:
src: victoriametrics/victoriametrics.yml.j2
dest: /etc/victoriametrics/victoriametrics.yml
owner: victoriametrics
group: victoriametrics
mode: "u=rw,g=r,o="
validate: victoria-metrics -dryRun -promscrape.config=%s
notify: reload victoriametrics
- name: Création du répertoire des jobs
file:
path: /etc/victoriametrics/conf.d
owner: victoriametrics
group: victoriametrics
mode: "u=rwx,go=rx"
state: directory
- name: Création du répertoire des rules alter
file:
path: /etc/victoriametrics/rules.d
owner: victoriametrics
group: victoriametrics
mode: "u=rwx,go=rx"
state: directory
- name: Configuration du service systemd
template:
src: systemd/victoriametrics.service.j2
dest: /etc/systemd/system/victoriametrics.service
owner: root
group: root
mode: "u=rw,go=r"
notify:
- restart victoriametrics
- name: Configuration du service systemd victoriametrics-alert
template:
src: systemd/victoriametrics-alert.service.j2
dest: /etc/systemd/system/victoriametrics-alert.service
owner: root
group: root
mode: "u=rw,go=r"
when: victoriametrics_alter_enable
notify:
- restart victoriametrics-alert
- name: Activation de victoriametrics au démarrage
service:
name: victoriametrics
state: started
enabled: true
- name: Activation de victoriametrics-alert au démarrage
service:
name: victoriametrics-alert
state: started
enabled: true
when: victoriametrics_alter_enable
{{ ansible_managed | comment }}
[Unit]
Description=VictoriaMetrics Alert
After=network.target
[Service]
Type=simple
StartLimitBurst=5
StartLimitInterval=0
Restart=on-failure
RestartSec=1
User=victoriametrics
Group=victoriametrics
ExecReload=/bin/kill -s SIGHUP $MAINPID
ExecStop=/bin/kill -s SIGTERM $MAINPID
ExecStart=/usr/local/bin/vmalert \
-enableTCP6 \
-memory.allowedBytes={{ victoriametrics_alter_memory_limit | human_to_bytes }} \
-rule="/etc/victoriametrics/rules.d/*.yml" \
-datasource.url={{ victoriametrics_alter_datasource }} \
-remoteWrite.url={{ victoriametrics_alter_datasource }} \
-remoteRead.url={{ victoriametrics_alter_datasource }} \
-notifier.url={{ victoriametrics_alter_notifier }}
# Systemd hardening
ReadWritePaths=
CapabilityBoundingSet=
LimitNOFILE=65536
LimitNPROC=32000
LockPersonality=true
NoNewPrivileges=true
MemoryDenyWriteExecute=true
PrivateDevices=true
PrivateTmp=true
ProtectHome=true
RemoveIPC=true
RestrictRealtime=true
RestrictNamespaces=true
RestrictSUIDSGID=true
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
PrivateUsers=true
ProtectControlGroups=true
ProtectKernelModules=true
ProtectKernelTunables=true
ProtectKernelLogs=true
ProtectClock=true
ProtectHostname=true
ProtectProc=noaccess
ProtectSystem=strict
SystemCallFilter=@system-service
[Install]
WantedBy=multi-user.target
{{ ansible_managed | comment }}
[Unit]
Description=VictoriaMetrics
After=network.target
[Service]
Type=simple
StartLimitBurst=5
StartLimitInterval=0
Restart=on-failure
RestartSec=1
User=victoriametrics
Group=victoriametrics
ExecReload=/bin/kill -s SIGHUP $MAINPID
ExecStop=/bin/kill -s SIGTERM $MAINPID
ExecStart=/usr/local/bin/victoria-metrics \
-enableTCP6 \
-memory.allowedBytes={{victoriametrics_memory_limit | human_to_bytes }} \
-promscrape.config=/etc/victoriametrics/victoriametrics.yml \
-storageDataPath={{ victoriametrics_storage_path }} \
{% if victoriametrics_alter_enable %}
-vmalert.proxyURL http://vmalert:8880 \
{% endif %}
-retentionPeriod={{ victoriametrics_storage_retention }}
# Systemd hardening
ReadWritePaths={{ victoriametrics_storage_path }}
CapabilityBoundingSet=
LimitNOFILE=65536
LimitNPROC=32000
LockPersonality=true
NoNewPrivileges=true
MemoryDenyWriteExecute=true
PrivateDevices=true
PrivateTmp=true
ProtectHome=true
RemoveIPC=true
RestrictRealtime=true
RestrictNamespaces=true
RestrictSUIDSGID=true
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
PrivateUsers=true
ProtectControlGroups=true
ProtectKernelModules=true
ProtectKernelTunables=true
ProtectKernelLogs=true
ProtectClock=true
ProtectHostname=true
ProtectProc=noaccess
ProtectSystem=strict
SystemCallFilter=@system-service
[Install]
WantedBy=multi-user.target
{{ ansible_managed | comment }}
# VictoriaMetrics config file.
# Check the documentation for more details: https://docs.victoriametrics.com/Single-server-VictoriaMetrics.html
global:
scrape_interval: 30s # How frequently to scrape targets
scrape_timeout: 20s # How long until a scrape request times out.
# The labels to add to any time series or alerts when communicating with
# external systems (federation, remote storage, Alertmanager).
external_labels:
monitor: {{ ansible_fqdn }}
{% if victoriametrics_remote_write_url %}
remote_write:
- url: "{{ victoriametrics_remote_write_url }}"
basic_auth:
username: "{{ victoriametrics_username }}"
password: {{ victoriametrics_password | string | to_json }}
remote_timeout: 30s
queue_config:
capacity: 10000
max_samples_per_send: 3000
batch_send_deadline: 10s
min_shards: 4
max_shards: 200
min_backoff: 100ms
max_backoff: 10s
{% endif %}
{% if victoriametrics_remote_read_url %}
remote_read:
- url: "{{ victoriametrics_remote_read_url }}"
read_recent: true
{% endif %}
# A list of scrape configurations.
scrape_configs:
- job_name: extra-config # This is a default value, it is mandatory.
file_sd_configs:
- files:
- conf.d/*.yml
# Grab metrics about victoriametrics itself
- job_name: victoriametrics
static_configs:
- targets:
- localhost:8428
{% for host in victoriametrics_telegraf_hosts %}
# Grab telegraf metrics from {{ host }}
- job_name: telegraf-{{ host | replace('.', '-') }}
{% if hostvars[host].telegraf_username is defined and hostvars[host].telegraf_password is defined %}
basic_auth:
username: {{ hostvars[host].telegraf_username | to_json }}
password: {{ hostvars[host].telegraf_password | string | to_json }}
{% endif %}
static_configs:
- targets:
- "{{ (host != inventory_hostname) | ternary(host, 'localhost') }}:9273"
{% endfor %}
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment