feat: added elasticsearch exporter setup
Sven Ketelsen
5 years ago
parent
53352252da
commit
31450aac16
@ -1,7 +1,15 @@
|
||||
---
|
||||
|
||||
hetzner_server_labels: "stage={{ stage }} service=connect"
|
||||
|
||||
connect_auth_module: oidc
|
||||
connect_oidc_client_id: connect-01
|
||||
connect_oidc_client_secret: 9e234965-1041-4653-8a0e-db964c04bc26
|
||||
connect_oidc_registration_id: connect-01
|
||||
connect_oidc_issuer_uri: https://dev-keycloak-01.smardigo.digital/auth/realms/smardigo-01
|
||||
connect_oidc_issuer_uri: https://{{ keycloak_hostname }}/auth/realms/smardigo-01
|
||||
|
||||
connect_password_change_url: https://{{ keycloak_hostname }}/auth/realms/smardigo-01/account/password
|
||||
connect_iam_user_management_url: https://{{ keycloak_hostname }}/auth/admin/smardigo-01/console
|
||||
|
||||
spring_profiles_include_suffix: ",hetzner"
|
||||
ribbon_display_on_active_profiles: "hetzner"
|
||||
|
||||
@ -1,7 +1,15 @@
|
||||
---
|
||||
|
||||
hetzner_server_labels: "stage={{ stage }} service=connect"
|
||||
|
||||
connect_auth_module: oidc
|
||||
connect_oidc_client_id: connect-02
|
||||
connect_oidc_client_secret: 9e234965-1041-4653-8a0e-db964c04bc26
|
||||
connect_oidc_registration_id: connect-02
|
||||
connect_oidc_issuer_uri: https://dev-keycloak-01.smardigo.digital/auth/realms/smardigo-01
|
||||
connect_oidc_issuer_uri: https://{{ keycloak_hostname }}/auth/realms/smardigo-01
|
||||
|
||||
connect_password_change_url: https://{{ keycloak_hostname }}/auth/realms/smardigo-01/account/password
|
||||
connect_iam_user_management_url: https://{{ keycloak_hostname }}/auth/admin/smardigo-01/console
|
||||
|
||||
spring_profiles_include_suffix: ",hetzner"
|
||||
ribbon_display_on_active_profiles: "hetzner"
|
||||
|
||||
@ -1,7 +1,15 @@
|
||||
---
|
||||
|
||||
hetzner_server_labels: "stage={{ stage }} service=connect"
|
||||
|
||||
connect_auth_module: oidc
|
||||
connect_oidc_client_id: connect-03
|
||||
connect_oidc_client_secret: 9e234965-1041-4653-8a0e-db964c04bc26
|
||||
connect_oidc_registration_id: connect-03
|
||||
connect_oidc_issuer_uri: https://dev-keycloak-01.smardigo.digital/auth/realms/smardigo-01
|
||||
connect_oidc_issuer_uri: https://{{ keycloak_hostname }}/auth/realms/smardigo-01
|
||||
|
||||
connect_password_change_url: https://{{ keycloak_hostname }}/auth/realms/smardigo-01/account/password
|
||||
connect_iam_user_management_url: https://{{ keycloak_hostname }}/auth/admin/smardigo-01/console
|
||||
|
||||
spring_profiles_include_suffix: ",hetzner"
|
||||
ribbon_display_on_active_profiles: "hetzner"
|
||||
|
||||
@ -1,7 +1,15 @@
|
||||
---
|
||||
|
||||
hetzner_server_labels: "stage={{ stage }} service=connect"
|
||||
|
||||
connect_auth_module: oidc
|
||||
connect_oidc_client_id: connect-04
|
||||
connect_oidc_client_secret: 9e234965-1041-4653-8a0e-db964c04bc26
|
||||
connect_oidc_registration_id: connect-04
|
||||
connect_oidc_issuer_uri: https://dev-keycloak-01.smardigo.digital/auth/realms/smardigo-01
|
||||
connect_oidc_issuer_uri: https://{{ keycloak_hostname }}/auth/realms/smardigo-01
|
||||
|
||||
connect_password_change_url: https://{{ keycloak_hostname }}/auth/realms/smardigo-01/account/password
|
||||
connect_iam_user_management_url: https://{{ keycloak_hostname }}/auth/admin/smardigo-01/console
|
||||
|
||||
spring_profiles_include_suffix: ",hetzner"
|
||||
ribbon_display_on_active_profiles: "hetzner"
|
||||
|
||||
@ -0,0 +1,21 @@
|
||||
---
|
||||
|
||||
- name: 'apply setup to {{ host | default("all") }}'
|
||||
hosts: '{{ host | default("all") }}'
|
||||
serial: "{{ serial_number | default(1) }}"
|
||||
gather_facts: no
|
||||
become: no
|
||||
|
||||
pre_tasks:
|
||||
- name: "Check if ansible version is at least 2.10.x"
|
||||
assert:
|
||||
that:
|
||||
- ansible_version.major >= 2
|
||||
- ansible_version.minor >= 10
|
||||
msg: "The ansible version has to be at least ({{ ansible_version.full }})"
|
||||
|
||||
roles:
|
||||
- role: hetzner-network
|
||||
vars:
|
||||
hetzner_state: 'started'
|
||||
when: "'hcloud' in group_names"
|
||||
@ -0,0 +1,47 @@
|
||||
---
|
||||
|
||||
elasticsearch_exporter_id: "{{ service_name }}-elasticsearch-exporter"
|
||||
|
||||
elasticsearch_exporter_image_name: "justwatch/elasticsearch_exporter"
|
||||
elasticsearch_exporter_image_version: "latest"
|
||||
|
||||
elasticsearch_exporter_docker: {
|
||||
networks: [
|
||||
{
|
||||
name: back-tier,
|
||||
external: true,
|
||||
},
|
||||
{
|
||||
name: front-tier,
|
||||
external: true,
|
||||
},
|
||||
],
|
||||
services: [
|
||||
{
|
||||
name: "{{ elasticsearch_exporter_id }}",
|
||||
image_name: "{{ elasticsearch_exporter_image_name }}",
|
||||
image_version: "{{ elasticsearch_exporter_image_version }}",
|
||||
command: [
|
||||
'"--es.ca=/certificates/ca.crt"',
|
||||
'"--es.uri=https://logstash-ingest:tH1iSiSas3cREt.Passw0rt@es-dev-elastic-stack-01:9200"',
|
||||
],
|
||||
labels: [
|
||||
'"traefik.enable=true"',
|
||||
'"traefik.http.routers.{{ elasticsearch_exporter_id }}.service={{ elasticsearch_exporter_id }}"',
|
||||
'"traefik.http.routers.{{ elasticsearch_exporter_id }}.rule=Host(`{{ service_name }}.{{ domain }}`)"',
|
||||
'"traefik.http.routers.{{ elasticsearch_exporter_id }}.entrypoints=admin-docker"',
|
||||
'"traefik.http.routers.{{ elasticsearch_exporter_id }}.tls=true"',
|
||||
'"traefik.http.routers.{{ elasticsearch_exporter_id }}.tls.certresolver=letsencrypt"',
|
||||
'"traefik.http.services.{{ elasticsearch_exporter_id }}.loadbalancer.server.port=9114"',
|
||||
],
|
||||
volumes: [
|
||||
'"./certs:/certificates:ro"',
|
||||
],
|
||||
networks: [
|
||||
'"back-tier"',
|
||||
'"front-tier"',
|
||||
],
|
||||
extra_hosts: "{{ elasticsearch_extra_hosts | default([]) }}",
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -0,0 +1 @@
|
||||
---
|
||||
@ -0,0 +1 @@
|
||||
---
|
||||
@ -0,0 +1,63 @@
|
||||
---
|
||||
|
||||
- name: "Send mattermost messsge"
|
||||
uri:
|
||||
url: "{{ mattermost_hook_smardigo }}"
|
||||
method: POST
|
||||
body: "{{ lookup('template','mattermost-deploy-start.json.j2') }}"
|
||||
body_format: json
|
||||
headers:
|
||||
Content-Type: "application/json"
|
||||
delegate_to: 127.0.0.1
|
||||
become: false
|
||||
when:
|
||||
- send_status_messages
|
||||
|
||||
- name: "Check if {{ role_name }}/docker-compose.yml exists"
|
||||
stat:
|
||||
path: '{{ service_base_path }}/{{ role_name }}/docker-compose.yml'
|
||||
register: check_docker_compose_file
|
||||
|
||||
- name: "Stop {{ role_name }}"
|
||||
shell: docker-compose down
|
||||
args:
|
||||
chdir: '{{ service_base_path }}/{{ role_name }}'
|
||||
when: check_docker_compose_file.stat.exists
|
||||
ignore_errors: yes
|
||||
|
||||
- name: "Deploy service configuration for {{ role_name }}"
|
||||
include_role:
|
||||
name: _deploy
|
||||
tasks_from: configs
|
||||
vars:
|
||||
current_config: "elasticsearch-exporter"
|
||||
current_base_path: "{{ service_base_path }}"
|
||||
current_destination: "elasticsearch-exporter"
|
||||
current_owner: "{{ docker_owner }}"
|
||||
current_group: "{{ docker_group }}"
|
||||
current_docker: "{{ elasticsearch_exporter_docker }}"
|
||||
|
||||
- name: "Update {{ role_name }}"
|
||||
shell: docker-compose pull
|
||||
args:
|
||||
chdir: '{{ service_base_path }}/{{ role_name }}'
|
||||
tags:
|
||||
- update_deployment
|
||||
|
||||
- name: "Start {{ role_name }}"
|
||||
shell: docker-compose up -d
|
||||
args:
|
||||
chdir: '{{ service_base_path }}/{{ role_name }}'
|
||||
|
||||
- name: "Send mattermost messsge"
|
||||
uri:
|
||||
url: "{{ mattermost_hook_smardigo }}"
|
||||
method: POST
|
||||
body: "{{ lookup('template','mattermost-deploy-end.json.j2') }}"
|
||||
body_format: json
|
||||
headers:
|
||||
Content-Type: "application/json"
|
||||
delegate_to: 127.0.0.1
|
||||
become: false
|
||||
when:
|
||||
- send_status_messages
|
||||
@ -0,0 +1 @@
|
||||
---
|
||||
@ -0,0 +1 @@
|
||||
---
|
||||
@ -0,0 +1 @@
|
||||
---
|
||||
@ -0,0 +1 @@
|
||||
---
|
||||
@ -0,0 +1,61 @@
|
||||
---
|
||||
|
||||
### tags:
|
||||
|
||||
# TODO remove static ip configuration
|
||||
- name: Create a server network and specify the ip address
|
||||
hcloud_server_network:
|
||||
api_token: "{{ hetzner_authentication_token }}"
|
||||
network: dev-elastic-stack
|
||||
server: dev-elastic-stack-01
|
||||
ip: 10.0.0.2
|
||||
state: present
|
||||
delegate_to: 127.0.0.1
|
||||
|
||||
# TODO remove static ip configuration
|
||||
- name: Create a server network and specify the ip address
|
||||
hcloud_server_network:
|
||||
api_token: "{{ hetzner_authentication_token }}"
|
||||
network: dev-elastic-stack
|
||||
server: dev-elastic-stack-02
|
||||
ip: 10.0.0.3
|
||||
state: present
|
||||
delegate_to: 127.0.0.1
|
||||
|
||||
# TODO remove static ip configuration
|
||||
- name: Create a server network and specify the ip address
|
||||
hcloud_server_network:
|
||||
api_token: "{{ hetzner_authentication_token }}"
|
||||
network: dev-elastic-stack
|
||||
server: dev-elastic-stack-03
|
||||
ip: 10.0.0.4
|
||||
state: present
|
||||
delegate_to: 127.0.0.1
|
||||
|
||||
- name: Create a server network and specify the ip address
|
||||
hcloud_server_network:
|
||||
api_token: "{{ hetzner_authentication_token }}"
|
||||
network: dev-elastic-stack
|
||||
server: "{{ item }}"
|
||||
state: present
|
||||
with_items: "{{ groups['hcloud'] | difference(groups['elastic']) }}"
|
||||
delegate_to: 127.0.0.1
|
||||
|
||||
# TODO remove static ip configuration
|
||||
- name: Create a server network and specify the ip address
|
||||
hcloud_server_network:
|
||||
api_token: "{{ hetzner_authentication_token }}"
|
||||
network: dev-keycloak
|
||||
server: dev-keycloak-01
|
||||
ip: 10.1.0.2
|
||||
state: present
|
||||
delegate_to: 127.0.0.1
|
||||
|
||||
- name: Create a server network and specify the ip address
|
||||
hcloud_server_network:
|
||||
api_token: "{{ hetzner_authentication_token }}"
|
||||
network: dev-keycloak
|
||||
server: "{{ item }}"
|
||||
state: present
|
||||
with_items: "{{ groups['connect'] }}"
|
||||
delegate_to: 127.0.0.1
|
||||
@ -0,0 +1 @@
|
||||
---
|
||||
@ -0,0 +1,20 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIDSjCCAjKgAwIBAgIVAO1gvUalebylIyFuIAZC6bfhz04QMA0GCSqGSIb3DQEB
|
||||
CwUAMDQxMjAwBgNVBAMTKUVsYXN0aWMgQ2VydGlmaWNhdGUgVG9vbCBBdXRvZ2Vu
|
||||
ZXJhdGVkIENBMB4XDTIxMDQxODExMDkwOFoXDTIyMDQxODExMDkwOFowNDEyMDAG
|
||||
A1UEAxMpRWxhc3RpYyBDZXJ0aWZpY2F0ZSBUb29sIEF1dG9nZW5lcmF0ZWQgQ0Ew
|
||||
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCLcbwtcUwHBNBOlLoZA+lH
|
||||
xMoOrrySQNRRyLw/hV+KpW1YncCgVq3dGEOjOC3lS1B55+sZfjEn7EKfDtrZN6Pf
|
||||
0Ot22/GV3r+fJi72njBfay1Cep8OCJxNOx9i0N3XO2GN6IYPMEpkqFj8nySpAgh3
|
||||
70hILu3QMov2I2rWXMzE3yV6Pi7OQ151Fa8vZ1HTXkpjO7Rxyt36cXLB7slj6Uxo
|
||||
72cO0WphRV6e24Fx5iRLlAs7WdXDOSUXZfIFBiZGYvuZIgbAw9M9ZR5536eXBFuQ
|
||||
MuwLiP5g+D5GZbal5enRUShBknRP9Xvnxv7OOnPhMXVHMTsM9feqxVzmhRPp4XBz
|
||||
AgMBAAGjUzBRMB0GA1UdDgQWBBRJ5gyop7tp96EV6O/FHIY2P3T7pzAfBgNVHSME
|
||||
GDAWgBRJ5gyop7tp96EV6O/FHIY2P3T7pzAPBgNVHRMBAf8EBTADAQH/MA0GCSqG
|
||||
SIb3DQEBCwUAA4IBAQBEgehvsAW5r1/nogmIhhRVl5rZcy9mnbxsy/9udU1zBTEe
|
||||
ZhgCCqOx6xffXUWSvVXw3BUUizCvB5nSHCYBt3H2f8sdPXO54b5mcld/2n/D39yw
|
||||
HSODGmgkbEVjXK1Qx4xYDRHJnOuyExWQ1D7Y7HocgtIRySFdG/h7en5SM2ooJ7fa
|
||||
pPtCp8f1tHHuKCjKhgC/+wlvEZFHOWcu6Hyh1FtWHwD3uu9Tj3VRKMvW0u+KQ4mC
|
||||
aNEuHUEKzgwXRZvBG8Y5k35bFf9EVulTsD2fOTMWrD9CEdctQIfQnn1Oy3s43x39
|
||||
94DgEx78H/5fGkUDjqljXp1RBDeNJV7+tssRMISL
|
||||
-----END CERTIFICATE-----
|
||||
Loading…
Reference in New Issue