From 8ee8ec0832307898d534b8026f2b5bb8c5dfe732 Mon Sep 17 00:00:00 2001 From: Kevin Carter Date: Mon, 18 Feb 2019 21:07:06 -0600 Subject: [PATCH] Update grafana, use vendored role, and add es lb The grafana role will now deploy and setup the grafana datasources using the API as expected. API users will also be created for admin, viewer, editor. The es config for grafana has been udpated to correct issues where the system expected a publically accessible lb to handle grafana traffic back to an es cluster. When the grafana role deploys the traefik lb will now be used within the grafana deployment to ensure grafana is able to deploy against an es cluster. Change-Id: Iae3a5c2ab1b98390110d37f33b074156d32bb684 Signed-off-by: Kevin Carter --- elk_metrics_6x/vars/variables.yml | 7 +- grafana/installGrafana.yml | 75 +++++++++++++++++++ grafana/roles/grafana | 1 + grafana/roles/make_traefik | 1 + grafana/roles/traefik_common | 1 + .../traefik_common/templates/traefik.toml.j2 | 2 + 6 files changed, 81 insertions(+), 6 deletions(-) create mode 160000 grafana/roles/grafana create mode 120000 grafana/roles/make_traefik create mode 120000 grafana/roles/traefik_common diff --git a/elk_metrics_6x/vars/variables.yml b/elk_metrics_6x/vars/variables.yml index 9f6fc36d..543e74bb 100644 --- a/elk_metrics_6x/vars/variables.yml +++ b/elk_metrics_6x/vars/variables.yml @@ -24,12 +24,7 @@ kibana_nginx_port: 81 # This is the URL external services can use to communicate with the # elasticsearch cluster. -elastic_vip_url: >- - {% if internal_lb_vip_address is defined %} - http://{{ internal_lb_vip_address ~ ':' ~ elastic_hap_port }} - {% else %} - http://{{ hostvars[groups['kibana'][0]]['ansible_host'] ~ ':' ~ elastic_port }} - {% endif %} +elastic_vip_url: "http://127.0.0.1:19200" # Elasticsearch can query the itself and loadbalance requests across the cluster. # This function is automatically enabled on non-data nodes however this setting diff --git a/grafana/installGrafana.yml b/grafana/installGrafana.yml index 94a7849d..9e7c4171 100644 --- a/grafana/installGrafana.yml +++ b/grafana/installGrafana.yml @@ -13,6 +13,62 @@ # See the License for the specific language governing permissions and # limitations under the License. +- name: Deploy traefik binaries + hosts: grafana_all + become: yes + vars: + traefik_binary_version: "v1.7.7" + traefik_binary_url: "https://github.com/containous/traefik/releases/download/{{ traefik_binary_version }}/traefik" + traefik_staging_node: "localhost" + pre_tasks: + - name: Create traefik temp path + file: + path: "/tmp/traefik/{{ ansible_architecture }}" + state: directory + delegate_to: "{{ traefik_staging_node }}" + become: false + tasks: + - name: Built traefik installation + block: + - name: Find traefik binaries + find: + paths: "/tmp/traefik/{{ ansible_architecture }}/" + recurse: no + patterns: "*traefik*" + register: files_to_copy + delegate_to: "{{ traefik_staging_node }}" + run_once: true + become: false + - name: Install built traefik + copy: + src: "{{ item.path }}" + dest: "/usr/local/bin/{{ item.path | basename }}" + mode: "0755" + with_items: "{{ files_to_copy.files }}" + when: + - ((groups['traefik_build_nodes'] | default([])) | length) > 0 + + - name: Upstream traefik installation + block: + - name: Get traefik binary + get_url: + url: "{{ traefik_binary_url }}" + dest: "/tmp/traefik/{{ ansible_architecture }}/{{ traefik_binary_url | basename }}" + mode: '0755' + delegate_to: "{{ traefik_staging_node }}" + run_once: true + become: false + - name: Install binary traefik + copy: + src: "/tmp/traefik/{{ ansible_architecture }}/{{ traefik_binary_url | basename }}" + dest: "/usr/local/bin/traefik" + mode: "0755" + when: + - ((groups['traefik_build_nodes'] | default([])) | length) < 1 + tags: + - traefik-install + + - name: Deploy Grafana hosts: grafana_all become: true @@ -81,4 +137,23 @@ state: "latest" roles: + - role: traefik_common + traffic_dashboard_bind: "{{ hostvars[inventory_hostname]['ansible_' ~ (ansible_default_ipv4['interface'] | replace('-', '_') | string)]['ipv4']['address'] }}" + traefik_dashboard_enabled: true + traefik_destinations: + elasticsearch: + proto: "http" + port: "19200" + bind: "127.0.0.1" + servers: |- + {% set nodes = [] %} + {% for target in groups['kibana'] %} + {% set node = {} %} + {% set _ = node.__setitem__('name', 'elasticsearch' ~ loop.index) %} + {% set _ = node.__setitem__('address', hostvars[target]['ansible_host']) %} + {% set _ = node.__setitem__('weight', (100 - loop.index)) %} + {% set _ = node.__setitem__('port', "9200") %} + {% set _ = nodes.append(node) %} + {% endfor %} + {{ nodes }} - role: grafana diff --git a/grafana/roles/grafana b/grafana/roles/grafana new file mode 160000 index 00000000..4f23cfe4 --- /dev/null +++ b/grafana/roles/grafana @@ -0,0 +1 @@ +Subproject commit 4f23cfe48054792f0c84255b64dbe09a82744e20 diff --git a/grafana/roles/make_traefik b/grafana/roles/make_traefik new file mode 120000 index 00000000..77c176dc --- /dev/null +++ b/grafana/roles/make_traefik @@ -0,0 +1 @@ +../../skydive/roles/make_traefik \ No newline at end of file diff --git a/grafana/roles/traefik_common b/grafana/roles/traefik_common new file mode 120000 index 00000000..4c2cd19e --- /dev/null +++ b/grafana/roles/traefik_common @@ -0,0 +1 @@ +../../skydive/roles/traefik_common \ No newline at end of file diff --git a/skydive/roles/traefik_common/templates/traefik.toml.j2 b/skydive/roles/traefik_common/templates/traefik.toml.j2 index 2f8a243f..b6d37688 100644 --- a/skydive/roles/traefik_common/templates/traefik.toml.j2 +++ b/skydive/roles/traefik_common/templates/traefik.toml.j2 @@ -36,10 +36,12 @@ logLevel = "INFO" [entryPoints.traefik] address = "{{ traffic_dashboard_bind }}:{{ traefik_dashboard_port }}" {% if traefik_dashboard_enabled | bool %} +{% if traefik_basic_auth_users %} [entryPoints.traefik.auth] [entryPoints.traefik.auth.basic] removeHeader = true usersFile = "{{ traefik_basic_auth_file }}" +{% endif %} {% endif %} {% for key, value in traefik_destinations.items() %}