the-nine-worlds/ansible-roles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add netdata role

Browse Source
This commit is contained in:
Wojciech Kozlowski 2023-10-08 00:15:34 +02:00
parent 9b57350d92
commit 0f805168b6
4 changed files with 275 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
system/extra/netdata/meta/argument_specs.yml Normal file
View File

@ -0,0 +1,19 @@
---
argument_specs:
main:
options:
system_extra_netdata_inet_address:
type: "str"
required: true
system_extra_netdata_inet6_address:
type: "str"
required: true
system_extra_netdata_registry_enabled:
type: "bool"
required: true
system_extra_netdata_registry_url:
type: "str"
required: true
system_extra_netdata_stream_api_key:
type: "str"
required: true

52
system/extra/netdata/tasks/main.yml Normal file
View File

@ -0,0 +1,52 @@
---
- name: "install netdata"
ansible.builtin.apt:
name:
- "netdata"
- "uuid-runtime"
register: system_extra_netdata_install
- name: "enable netdata"
ansible.builtin.systemd:
name: "netdata"
enabled: true
- name: "resolve netdata registry via hosts file (inet)"
ansible.builtin.lineinfile:
path: "/etc/hosts"
line: "{{ system_extra_netdata_registry_inet_address }} {{ system_extra_netdata_registry_url }}"
insertafter: "EOF"
- name: "resolve netdata registry via hosts file (inet6)"
ansible.builtin.lineinfile:
path: "/etc/hosts"
line: "{{ system_extra_netdata_registry_inet6_address }} {{ system_extra_netdata_registry_url }}"
insertafter: "EOF"
- name: "configure netdata"
ansible.builtin.template:
src: "./netdata.conf"
dest: "/etc/netdata/netdata.conf"
register: system_extra_netdata_netdata_conf
- name: "configure netdata stream"
ansible.builtin.template:
src: "./stream.conf"
dest: "/etc/netdata/stream.conf"
register: system_extra_netdata_stream_conf
- name: "start netdata"
ansible.builtin.systemd:
name: "netdata"
state: "started"
register: system_extra_netdata_start
- name: "restart netdata"
ansible.builtin.systemd:
name: "netdata"
state: "restarted"
when:
(system_extra_netdata_install.changed or
system_extra_netdata_netdata_conf.changed or
system_extra_netdata_stream_conf.changed) and
not system_extra_netdata_start.changed

23
system/extra/netdata/templates/netdata.conf Normal file
View File

@ -0,0 +1,23 @@
# NetData Configuration
# The current full configuration can be retrieved from the running
# server at the URL
#
# http://localhost:19999/netdata.conf
#
# for example:
#
# wget -O /etc/netdata/netdata.conf http://localhost:19999/netdata.conf
#
[global]
run as user = netdata
web files owner = root
web files group = root
# Netdata is not designed to be exposed to potentially hostile
# networks. See https://github.com/netdata/netdata/issues/164
bind socket to IP = {{ system_extra_netdata_inet_address }} {{ system_extra_netdata_inet6_address }}
[registry]
enabled = {{ 'yes' if system_extra_netdata_registry_enabled else 'no' }}
registry to announce = {{ system_extra_netdata_registry_url }}:19999

181
system/extra/netdata/templates/stream.conf Normal file
View File

@ -0,0 +1,181 @@
# netdata configuration for aggregating data from remote hosts
#
# API keys authorize a pair of sending-receiving netdata servers.
# Once their communication is authorized, they can exchange metrics for any
# number of hosts.
#
# You can generate API keys, with the linux command: uuidgen
{% if not system_extra_netdata_registry_enabled %}
# -----------------------------------------------------------------------------
# 1. ON CHILD NETDATA - THE ONE THAT WILL BE SENDING METRICS
[stream]
# Enable this on child nodes, to have them send metrics.
enabled = yes
# Where is the receiving netdata?
# A space separated list of:
#
# [PROTOCOL:]HOST[%INTERFACE][:PORT][:SSL]
#
# If many are given, the first available will get the metrics.
#
# PROTOCOL = tcp, udp, or unix (only tcp and unix are supported by parent nodes)
# HOST = an IPv4, IPv6 IP, or a hostname, or a unix domain socket path.
# IPv6 IPs should be given with brackets [ip:address]
# INTERFACE = the network interface to use (only for IPv6)
# PORT = the port number or service name (/etc/services)
# SSL = when this word appear at the end of the destination string
# the Netdata will encrypt the connection with the parent.
#
# This communication is not HTTP (it cannot be proxied by web proxies).
destination = tcp:{{ system_extra_netdata_registry_url }}:19999
# Skip Certificate verification?
# The netdata child is configurated to avoid invalid SSL/TLS certificate,
# so certificates that are self-signed or expired will stop the streaming.
# Case the server certificate is not valid, you can enable the use of
# 'bad' certificates setting the next option as 'yes'.
#ssl skip certificate verification = yes
# Certificate Authority Path
# OpenSSL has a default directory where the known certificates are stored.
# In case it is necessary, it is possible to change this rule using the variable
# "CApath", e.g. CApath = /etc/ssl/certs/
#
#CApath =
# Certificate Authority file
# When the Netdata parent has a certificate that is not recognized as valid,
# we can add it to the list of known certificates in "CApath" and give it to
# Netdata as an argument, e.g. CAfile = /etc/ssl/certs/cert.pem
#
#CAfile =
# The API_KEY to use (as the sender)
api key = {{ system_extra_netdata_stream_api_key }}
# Stream Compression
# The default is enabled
# You can control stream compression in this agent with options: yes | no
#enable compression = yes
# The timeout to connect and send metrics
timeout seconds = 60
# If the destination line above does not specify a port, use this
default port = 19999
# filter the charts to be streamed
# netdata SIMPLE PATTERN:
# - space separated list of patterns (use \ to include spaces in patterns)
# - use * as wildcard, any number of times within each pattern
# - prefix a pattern with ! for a negative match (ie not stream the charts it matches)
# - the order of patterns is important (left to right)
# To send all except a few, use: !this !that * (ie append a wildcard pattern)
send charts matching = *
# The buffer to use for sending metrics.
# 10MB is good for 60 seconds of data, so increase this if you expect latencies.
# The buffer is flushed on reconnects (this will not prevent gaps at the charts).
buffer size bytes = 10485760
# If the connection fails, or it disconnects,
# retry after that many seconds.
reconnect delay seconds = 5
# Sync the clock of the charts for that many iterations, when starting.
# It is ignored when replication is enabled
initial clock resync iterations = 60
{% endif %}
{% if system_extra_netdata_registry_enabled %}
# -----------------------------------------------------------------------------
# 2. ON PARENT NETDATA - THE ONE THAT WILL BE RECEIVING METRICS
# You can have one API key per child,
# or the same API key for all child nodes.
#
# netdata searches for options in this order:
#
# a) parent netdata settings (netdata.conf)
# b) [stream] section (above)
# c) [API_KEY] section (below, settings for the API key)
# d) [MACHINE_GUID] section (below, settings for each machine)
#
# You can combine the above (the more specific setting will be used).
# API key authentication
# If the key is not listed here, it will not be able to push metrics.
# [API_KEY] is [YOUR-API-KEY], i.e [11111111-2222-3333-4444-555555555555]
[{{ system_extra_netdata_stream_api_key }}]
# Default settings for this API key
# This GUID is to be used as an API key from remote agents connecting
# to this machine. Failure to match such a key, denies access.
# YOU MUST SET THIS FIELD ON ALL API KEYS.
type = api
# You can disable the API key, by setting this to: no
# The default (for unknown API keys) is: no
enabled = yes
# A list of simple patterns matching the IPs of the servers that
# will be pushing metrics using this API key.
# The metrics are received via the API port, so the same IPs
# should also be matched at netdata.conf [web].allow connections from
allow from = *
# The default history in entries, for all hosts using this API key.
# You can also set it per host below.
# For the default db mode (dbengine), this is ignored.
#default history = 3600
# The default memory mode to be used for all hosts using this API key.
# You can also set it per host below.
# If you don't set it here, the memory mode of netdata.conf will be used.
# Valid modes:
# save save on exit, load on start
# map like swap (continuously syncing to disks - you need SSD)
# ram keep it in RAM, don't touch the disk
# none no database at all (use this on headless proxies)
# dbengine like a traditional database
#default memory mode = dbengine
# Shall we enable health monitoring for the hosts using this API key?
# 3 possible values:
# yes enable alarms
# no do not enable alarms
# auto enable alarms, only when the sending netdata is connected. For ephemeral child nodes or child system restarts,
# ensure that the netdata process on the child is gracefully stopped, to prevent invalid last_collected alarms
# You can also set it per host, below.
# The default is taken from [health].enabled of netdata.conf
#health enabled by default = auto
# postpone alarms for a short period after the sender is connected
default postpone alarms on connect seconds = 60
# need to route metrics differently? set these.
# the defaults are the ones at the [stream] section (above)
#default proxy enabled = yes | no
#default proxy destination = IP:PORT IP:PORT ...
#default proxy api key = API_KEY
#default proxy send charts matching = *
# Stream Compression
# By default it is enabled.
# You can control stream compression in this parent agent stream with options: yes | no
#enable compression = yes
# Replication
# Enable replication for all hosts using this api key. Default: enabled
#enable replication = yes
# How many seconds to replicate from each child. Default: a day
#seconds to replicate = 86400
# The duration we want to replicate per each step.
#replication_step = 600
{% endif %}