Compare commits
No commits in common. "ff9620ed2adc3553855f3c67af153370af7b8f1e" and "2d776d32469949113d085ea5b058f602555c1442" have entirely different histories.
ff9620ed2a
...
2d776d3246
7 changed files with 0 additions and 122 deletions
|
|
@ -42,10 +42,6 @@ table inet filter {
|
||||||
packet-too-big, parameter-problem, time-exceeded,
|
packet-too-big, parameter-problem, time-exceeded,
|
||||||
} accept comment "accept some ICMPv6"
|
} accept comment "accept some ICMPv6"
|
||||||
|
|
||||||
iif mgmt0 ip6 hoplimit 255 ip6 nexthdr icmpv6 icmpv6 type {
|
|
||||||
nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert
|
|
||||||
} accept comment "accept IPv6 neighbor discovery"
|
|
||||||
|
|
||||||
# BGP / BFD sessions
|
# BGP / BFD sessions
|
||||||
iif lan0 ip6 saddr fe80::/64 accept
|
iif lan0 ip6 saddr fe80::/64 accept
|
||||||
iif lan1 ip6 saddr fe80::/64 accept
|
iif lan1 ip6 saddr fe80::/64 accept
|
||||||
|
|
|
||||||
|
|
@ -1,10 +0,0 @@
|
||||||
- name: update package cache
|
|
||||||
package:
|
|
||||||
update_cache: yes
|
|
||||||
when: "'handler' not in ansible_skip_tags"
|
|
||||||
|
|
||||||
- name: restart telegraf
|
|
||||||
service:
|
|
||||||
name: telegraf
|
|
||||||
state: restarted
|
|
||||||
when: "'handler' not in ansible_skip_tags"
|
|
||||||
|
|
@ -1,31 +0,0 @@
|
||||||
- name: Add influxdb repository
|
|
||||||
deb822_repository:
|
|
||||||
name: influxdata
|
|
||||||
uris: https://repos.influxdata.com/debian
|
|
||||||
suites: stable
|
|
||||||
components: main
|
|
||||||
architectures: amd64
|
|
||||||
signed_by: https://repos.influxdata.com/influxdata-archive.key
|
|
||||||
notify: update package cache
|
|
||||||
|
|
||||||
- meta: flush_handlers
|
|
||||||
|
|
||||||
- name: Install telegraf
|
|
||||||
package:
|
|
||||||
name: telegraf
|
|
||||||
|
|
||||||
- name: Configure telegraf
|
|
||||||
when: not ansible_check_mode
|
|
||||||
template:
|
|
||||||
dest: /etc/telegraf/telegraf.d/output.conf
|
|
||||||
src: output.conf.j2
|
|
||||||
owner: telegraf
|
|
||||||
group: telegraf
|
|
||||||
mode: 0640
|
|
||||||
notify: restart telegraf
|
|
||||||
|
|
||||||
- name: Enable telegraf
|
|
||||||
service:
|
|
||||||
name: telegraf
|
|
||||||
enabled: true
|
|
||||||
state: started
|
|
||||||
|
|
@ -1,11 +0,0 @@
|
||||||
- name: Get influxdb info
|
|
||||||
set_fact:
|
|
||||||
influxdb_info: '{{ lookup("passwordstore", "vm/"~influxdb_host, returnall=true, missing="empty") | from_yaml }}'
|
|
||||||
|
|
||||||
- name: Create influxdb token for this host
|
|
||||||
include_tasks: token.yml
|
|
||||||
when: 'not ansible_check_mode and "influxdb_token" not in password'
|
|
||||||
|
|
||||||
- name: Install telegraf on Debian
|
|
||||||
include_tasks: debian.yml
|
|
||||||
when: ansible_os_family == "Debian"
|
|
||||||
|
|
@ -1,53 +0,0 @@
|
||||||
- name: Get influxdb organization ID
|
|
||||||
delegate_to: localhost
|
|
||||||
uri:
|
|
||||||
url: '{{ influxdb_info.influxdb_url }}/api/v2/orgs'
|
|
||||||
headers:
|
|
||||||
Authorization: Token {{ influxdb_info.influxdb_operator_token }}
|
|
||||||
register: response
|
|
||||||
|
|
||||||
- name: Parse influxdb orgID
|
|
||||||
set_fact:
|
|
||||||
influxdb_orgID: '{{ response.json.orgs | selectattr("name", "==", influxdb_info.influxdb_org) | map(attribute="id") | first }}'
|
|
||||||
|
|
||||||
- name: Get influxdb bucket ID
|
|
||||||
delegate_to: localhost
|
|
||||||
uri:
|
|
||||||
url: '{{ influxdb_info.influxdb_url }}/api/v2/buckets?orgID={{ influxdb_orgID }}'
|
|
||||||
headers:
|
|
||||||
Authorization: Token {{ influxdb_info.influxdb_operator_token }}
|
|
||||||
register: response
|
|
||||||
|
|
||||||
- name: Parse influxdb bucketID
|
|
||||||
set_fact:
|
|
||||||
influxdb_bucketID: '{{ response.json.buckets | selectattr("name", "==", "servers") | map(attribute="id") | first }}'
|
|
||||||
|
|
||||||
- name: Create influxdb token
|
|
||||||
delegate_to: localhost
|
|
||||||
uri:
|
|
||||||
url: '{{ influxdb_info.influxdb_url }}/api/v2/authorizations'
|
|
||||||
method: POST
|
|
||||||
body_format: json
|
|
||||||
status_code: 201
|
|
||||||
headers:
|
|
||||||
Authorization: Token {{ influxdb_info.influxdb_operator_token }}
|
|
||||||
Content-Type: application/json
|
|
||||||
body: |
|
|
||||||
{
|
|
||||||
"description": "{{ inventory_hostname }}",
|
|
||||||
"orgID": "{{ influxdb_orgID }}",
|
|
||||||
"permissions": [{ "action": "write", "resource": { "type": "buckets", "id": "{{ influxdb_bucketID }}" } }]
|
|
||||||
}
|
|
||||||
register: response
|
|
||||||
|
|
||||||
- name: Parse influxdb token
|
|
||||||
set_fact:
|
|
||||||
influxdb_token: '{{ response.json.token }}'
|
|
||||||
|
|
||||||
# Ansible’s passwordstore lookup plugin should be able to do that but is pretty broken,
|
|
||||||
# so we do it manually.
|
|
||||||
- name: Store influxdb token in password store
|
|
||||||
delegate_to: localhost
|
|
||||||
command:
|
|
||||||
cmd: 'pass insert --force --multiline {{ ("vm/" if is_virtual else "host/")~inventory_hostname }}'
|
|
||||||
stdin: '{{ password | to_nice_yaml(sort_keys=false) }}influxdb_token: {{ influxdb_token }}'
|
|
||||||
|
|
@ -1,5 +0,0 @@
|
||||||
[[outputs.influxdb_v2]]
|
|
||||||
urls = ["{{ influxdb_info.influxdb_url }}"]
|
|
||||||
organization = "{{ influxdb_info.influxdb_org }}"
|
|
||||||
bucket = "{{ influxdb_info.influxdb_bucket }}"
|
|
||||||
token = "{{ influxdb_token | default(password.influxdb_token) }}"
|
|
||||||
|
|
@ -3,13 +3,6 @@
|
||||||
roles:
|
roles:
|
||||||
- facts
|
- facts
|
||||||
|
|
||||||
- hosts: monitor
|
|
||||||
roles:
|
|
||||||
- alpine
|
|
||||||
- nginx
|
|
||||||
- influxdb
|
|
||||||
- grafana
|
|
||||||
|
|
||||||
- hosts: dhcp
|
- hosts: dhcp
|
||||||
roles:
|
roles:
|
||||||
- alpine
|
- alpine
|
||||||
|
|
@ -26,7 +19,6 @@
|
||||||
roles:
|
roles:
|
||||||
- debian
|
- debian
|
||||||
- frr
|
- frr
|
||||||
- telegraf
|
|
||||||
- ceph
|
- ceph
|
||||||
|
|
||||||
- hosts: pve-rc-*, pve-lab-*
|
- hosts: pve-rc-*, pve-lab-*
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue