diff --git a/common/telegraf/handlers/main.yml b/common/telegraf/handlers/main.yml new file mode 100644 index 0000000000000000000000000000000000000000..de46abe05cfa47354938900ed619af78ef43b159 --- /dev/null +++ b/common/telegraf/handlers/main.yml @@ -0,0 +1,3 @@ + +- name: restart telegraf + service: name=telegraf state=restarted diff --git a/common/telegraf/tasks/main.yml b/common/telegraf/tasks/main.yml new file mode 100644 index 0000000000000000000000000000000000000000..6f8c0fc217022136ab6efaf30b2822a31bd5c590 --- /dev/null +++ b/common/telegraf/tasks/main.yml @@ -0,0 +1,38 @@ +--- +# Pakete installieren +- name: pakete installieren + apt: + pkg: "{{ item }}" + update_cache: yes + state: installed + with_items: + - telegraf + +- name: pakete installieren (host_type = physical) + apt: + pkg: "{{ item }}" + update_cache: yes + state: installed + with_items: + - hddtemp + - lm-sensors + - smartmontools + when: host_type == 'physical' + + +- name: create main config + template: src={{ item }} dest=/etc/telegraf/{{ item }} + with_items: + - telegraf.conf + notify: restart telegraf + + +- name: reload systemd and enable service + command: systemctl enable telegraf + notify: restart telegraf + + +- name: delete config file 1 + file: + path: "/etc/telegraf/telegraf.d/outputs-influxdb.conf" + state: absent diff --git a/common/telegraf/templates/telegraf.conf b/common/telegraf/templates/telegraf.conf new file mode 100644 index 0000000000000000000000000000000000000000..7bb562b51d24493b5c5db0172eaf4416cf0ab61e --- /dev/null +++ b/common/telegraf/templates/telegraf.conf @@ -0,0 +1,317 @@ + +# Global tags can be specified here in key="value" format. +[global_tags] + # dc = "us-east-1" # will tag all metrics with dc=us-east-1 + # rack = "1a" + ## Environment variables can be used as tags, and throughout the config file + # user = "$USER" + server = "true" + host_type = "{{host_type}}" + + +# Configuration for telegraf agent +[agent] + + ## Default data collection interval for all inputs + interval = "5s" + + ## Rounds collection interval to 'interval' + ## ie, if interval="10s" then always collect on :00, :10, :20, etc. + round_interval = true + + ## Telegraf will send metrics to outputs in batches of at most + ## metric_batch_size metrics. + ## This controls the size of writes that Telegraf sends to output plugins. + metric_batch_size = 1000 + + ## For failed writes, telegraf will cache metric_buffer_limit metrics for each + ## output, and will flush this buffer on a successful write. Oldest metrics + ## are dropped first when this buffer fills. + ## This buffer only fills when writes fail to output plugin(s). + metric_buffer_limit = 10000 + + ## Collection jitter is used to jitter the collection by a random amount. + ## Each plugin will sleep for a random time within jitter before collecting. + ## This can be used to avoid many plugins querying things like sysfs at the + ## same time, which can have a measurable effect on the system. + collection_jitter = "0s" + + ## Default flushing interval for all outputs. You shouldn't set this below + ## interval. Maximum flush_interval will be flush_interval + flush_jitter + flush_interval = "10s" + + ## Jitter the flush interval by a random amount. This is primarily to avoid + ## large write spikes for users running a large number of telegraf instances. + ## ie, a jitter of 5s and interval 10s means flushes will happen every 10-15s + flush_jitter = "0s" + + ## By default or when set to "0s", precision will be set to the same + ## timestamp order as the collection interval, with the maximum being 1s. + ## ie, when interval = "10s", precision will be "1s" + ## when interval = "250ms", precision will be "1ms" + ## Precision will NOT be used for service inputs. It is up to each individual + ## service input to set the timestamp at the appropriate precision. + ## Valid time units are "ns", "us" (or "µs"), "ms", "s". + precision = "" + + ## Logging configuration: + ## Run telegraf with debug log messages. + debug = false + + ## Run telegraf in quiet mode (error log messages only). + quiet = false + + ## Specify the log file name. The empty string means to log to stderr. + logfile = "" + + ## Override default hostname, if empty use os.Hostname() + hostname = "{{ inventory_hostname }}" + + ## If set to true, do no set the "host" tag in the telegraf agent. + omit_hostname = false + + +############################################################################### +# OUTPUT PLUGINS # +############################################################################### + + +# Configuration for sending metrics to InfluxDB +[[outputs.influxdb]] + ## The full HTTP or UDP URL for your InfluxDB instance. + ## + urls = ["{{influxdb_sysmon.url}}"] + + ## The target database for metrics; will be created as needed. + database = "{{influxdb_sysmon.db}}" + + ## If true, no CREATE DATABASE queries will be sent. Set to true when using + ## Telegraf with a user without permissions to create databases or when the + ## database already exists. + skip_database_creation = true + + ## Name of existing retention policy to write to. Empty string writes to + ## the default retention policy. + # retention_policy = "" + + ## Write consistency (clusters only), can be: "any", "one", "quorum", "all" + # write_consistency = "any" + + ## Timeout for HTTP messages. + # timeout = "5s" + + ## HTTP Basic Auth + username = "{{influxdb_sysmon.user}}" + password = "{{influxdb_sysmon.password}}" + + ## HTTP User-Agent + # user_agent = "telegraf" + + ## UDP payload size is the maximum packet size to send. + # udp_payload = 512 + + ## Optional SSL Config + # ssl_ca = "/etc/telegraf/ca.pem" + # ssl_cert = "/etc/telegraf/cert.pem" + # ssl_key = "/etc/telegraf/key.pem" + ## Use SSL but skip chain & host verification + # insecure_skip_verify = false + + ## HTTP Proxy override, if unset values the standard proxy environment + ## variables are consulted to determine which proxy, if any, should be used. + # http_proxy = "http://corporate.proxy:3128" + + ## Additional HTTP headers + # http_headers = {"X-Special-Header" = "Special-Value"} + + ## HTTP Content-Encoding for write request body, can be set to "gzip" to + ## compress body or "identity" to apply no encoding. + # content_encoding = "identity" + + ## When true, Telegraf will output unsigned integers as unsigned values, + ## i.e.: "42u". You will need a version of InfluxDB supporting unsigned + ## integer values. Enabling this option will result in field type errors if + ## existing data has been written. + # influx_uint_support = false + + + +############################################################################### +# INPUT PLUGINS # +############################################################################### + + +# Read metrics about system load & uptime +[[inputs.system]] + # no configuration + + +[[inputs.interrupts]] + # no configuration + + +[[inputs.linux_sysctl_fs]] + # no configuration + + +# Get kernel statistics from /proc/stat +[[inputs.kernel]] + # no configuration + + +# Read metrics about memory usage +[[inputs.mem]] + # no configuration + + +# Read metrics about swap memory usage +[[inputs.swap]] + # no configuration + + +# Get the number of processes and group them by status +[[inputs.processes]] + # no configuration + + +# Read metrics about cpu usage +[[inputs.cpu]] + ## Whether to report per-cpu stats or not + percpu = true + ## Whether to report total system cpu stats or not + totalcpu = true + ## If true, collect raw CPU time metrics. + collect_cpu_time = false + ## If true, compute and report the sum of all non-idle CPU states. + report_active = false + + +# Read metrics about disk usage by mount point +[[inputs.disk]] + ## By default stats will be gathered for all mount points. + ## Set mount_points will restrict the stats to only the specified mount points. + mount_points = ["/", "/srv"] + + ## Ignore mount points by filesystem type. + ignore_fs = ["tmpfs", "devtmpfs", "devfs", "sysfs", "overlay" ] + + +# Read metrics about disk IO by device +[[inputs.diskio]] + ## By default, telegraf will gather stats for all devices including + ## disk partitions. + ## Setting devices will restrict the stats to the specified devices. + # devices = ["sda", "sdb"] + ## Uncomment the following line if you need disk serial numbers. + # skip_serial_number = false + # + ## On systems which support it, device metadata can be added in the form of + ## tags. + ## Currently only Linux is supported via udev properties. You can view + ## available properties for a device by running: + ## 'udevadm info -q property -n /dev/sda' + # device_tags = ["ID_FS_TYPE", "ID_FS_USAGE"] + # + ## Using the same metadata source as device_tags, you can also customize the + ## name of the device via templates. + ## The 'name_templates' parameter is a list of templates to try and apply to + ## the device. The template may contain variables in the form of '$PROPERTY' or + ## '${PROPERTY}'. The first template which does not contain any variables not + ## present for the device is used as the device name tag. + ## The typical use case is for LVM volumes, to get the VG/LV name instead of + ## the near-meaningless DM-0 name. + # name_templates = ["$ID_FS_LABEL","$DM_VG_NAME/$DM_LV_NAME"] + + +# Read metrics about network interface usage +[[inputs.net]] + ## By default, telegraf gathers stats from any up interface (excluding loopback) + ## Setting interfaces will tell it to gather these explicit interfaces, + ## regardless of status. + ## + interfaces = ["eth*", "en*"] + ## + ## On linux systems telegraf also collects protocol stats. + ## Setting ignore_protocol_stats to true will skip reporting of protocol metrics. + ## + # ignore_protocol_stats = false + ## + +# Read metrics about network usage +[[inputs.netstat]] + # no configuration + + # Collects conntrack stats from the configured directories and files. + [[inputs.conntrack]] + ## The following defaults would work with multiple versions of conntrack. + ## Note the nf_ and ip_ filename prefixes are mutually exclusive across + ## kernel versions, as are the directory locations. + + ## Superset of filenames to look for within the conntrack dirs. + ## Missing files will be ignored. + files = ["ip_conntrack_count","ip_conntrack_max", + "nf_conntrack_count","nf_conntrack_max"] + + ## Directories to search within for the conntrack files above. + ## Missing directrories will be ignored. + dirs = ["/proc/sys/net/ipv4/netfilter","/proc/sys/net/netfilter"] + + +{% if host_type == 'physical' %} + +# Monitor disks' temperatures using hddtemp +[[inputs.hddtemp]] + ## By default, telegraf gathers temps data from all disks detected by the + ## hddtemp. + ## + ## Only collect temps from the selected disks. + ## + ## A * as the device name will return the temperature values of all disks. + ## + # address = "127.0.0.1:7634" + # devices = ["sda", "*"] + + +# Monitor sensors, requires lm-sensors package +[[inputs.sensors]] + ## Remove numbers from field names. + ## If true, a field name like 'temp1_input' will be changed to 'temp_input'. + # remove_numbers = true + + +# Read metrics from storage devices supporting S.M.A.R.T. +[[inputs.smart]] + ## Optionally specify the path to the smartctl executable + # path = "/usr/bin/smartctl" + # + ## On most platforms smartctl requires root access. + ## Setting 'use_sudo' to true will make use of sudo to run smartctl. + ## Sudo must be configured to to allow the telegraf user to run smartctl + ## with out password. + # use_sudo = false + # + ## Skip checking disks in this power mode. Defaults to + ## "standby" to not wake up disks that have stoped rotating. + ## See --nocheck in the man pages for smartctl. + ## smartctl version 5.41 and 5.42 have faulty detection of + ## power mode and might require changing this value to + ## "never" depending on your disks. + # nocheck = "standby" + # + ## Gather detailed metrics for each SMART Attribute. + ## Defaults to "false" + ## + # attributes = false + # + ## Optionally specify devices to exclude from reporting. + # excludes = [ "/dev/pass6" ] + # + ## Optionally specify devices and device type, if unset + ## a scan (smartctl --scan) for S.M.A.R.T. devices will + ## done and all found will be included except for the + ## excluded in excludes. + # devices = [ "/dev/ada0 -d atacam" ] + + +{% else %} +{% endif %} \ No newline at end of file diff --git a/group_vars/all b/group_vars/all index 49b92940552fb1a69238d7415fbb097043e0a85b..4e260e204764c8bc3f3afa6e4100551e7d26424d 100644 --- a/group_vars/all +++ b/group_vars/all @@ -11,7 +11,7 @@ ldap_readonly_bind_dn: cn=readonly,dc=warpzone,dc=ms # Zentrale InfluxDb für Systemmonitoring influxdb_sysmon: - url: "http:// 192.168.0.201:18086" + url: "http://192.168.0.201:18086" db: "influx" user: "influx" password: "influx" diff --git a/host_vars/vorstandspi b/host_vars/vorstandspi index ccc3116fa232344ff2b850650bdb0f8e8619b034..e998a6d9d1a362e0d5f4f795876787c7928ed170 100644 --- a/host_vars/vorstandspi +++ b/host_vars/vorstandspi @@ -10,6 +10,10 @@ debian_sources: debian_keys: +# Art des Hosts: physical, vm, docker +host_type: "physical" + + administratorenteam: - "ole" - "larsm" diff --git a/host_vars/warphab b/host_vars/warphab index b14fd6421548aaa992f6bbf4bc43d4396fc157b9..4368b1f6f6217c9b18014cd678a45d72c00fea34 100644 --- a/host_vars/warphab +++ b/host_vars/warphab @@ -14,6 +14,9 @@ debian_keys: - "https://homegear.eu/packages/Release.key" - "https://bintray.com/user/downloadSubjectPublicKey?username=openhab" +# Art des Hosts: physical, vm, docker +host_type: "physical" + administratorenteam: - "user51" - "void" diff --git a/host_vars/warpsrvext b/host_vars/warpsrvext index 3691f9540aa5cc88542dbc437e5c6c15332acdde..8cad5795da49183a3abbada8f2d60472c1cfef51 100644 --- a/host_vars/warpsrvext +++ b/host_vars/warpsrvext @@ -12,6 +12,9 @@ debian_sources: debian_keys: +# Art des Hosts: physical, vm, docker +host_type: "physical" + administratorenteam: - "void" - "sandhome" diff --git a/host_vars/warpsrvint b/host_vars/warpsrvint index 741dfea354ad4da9daf38e2670413c31a61170ac..2e8146eba7eb50522de961e540f36fd053d2cef8 100644 --- a/host_vars/warpsrvint +++ b/host_vars/warpsrvint @@ -11,10 +11,17 @@ debian_sources: - "deb http://debian.uni-duisburg-essen.de/debian/ jessie-updates main contrib non-free" - "deb http://ftp.debian.org/debian jessie-backports main" - "deb https://apt.dockerproject.org/repo debian-jessie main" - - "deb [arch=amd64] https://download.docker.com/linux/debian jessie stable" + - "deb https://download.docker.com/linux/debian jessie stable" + - "deb https://repos.influxdata.com/debian stretch stable" debian_keys: - "https://download.docker.com/linux/debian/gpg" + - "https://repos.influxdata.com/influxdb.key" + + +# Art des Hosts: physical, vm, docker +host_type: "physical" + webserver_domains: - "infra" diff --git a/host_vars/webserver b/host_vars/webserver index 7ba5b54c765aaf8199b8ce3fe8d8c4cba6c722d9..8259eadb9332f26d8e28c9ddda8c1aad1f2c9196 100644 --- a/host_vars/webserver +++ b/host_vars/webserver @@ -10,10 +10,16 @@ debian_sources: - "deb http://security.debian.org/ stretch/updates main contrib non-free" - "deb http://ftp.de.debian.org/debian/ stretch-updates main" - "deb http://ftp.halifax.rwth-aachen.de/debian/ stretch-updates main contrib non-free" - - "deb [arch=amd64] https://download.docker.com/linux/debian stretch stable" + - "deb https://download.docker.com/linux/debian stretch stable" + - "deb https://repos.influxdata.com/debian stretch stable" debian_keys: - "https://download.docker.com/linux/debian/gpg" + - "https://repos.influxdata.com/influxdb.key" + + +# Art des Hosts: physical, vm, docker +host_type: "vm" letsencrypt_tos_sha256: 6373439b9f29d67a5cd4d18cbc7f264809342dbf21cb2ba2fc7588df987a6221 diff --git a/warpsrvint/main.yml b/warpsrvint/main.yml index 33efe13a5e718f4135e6a19d23d1399c52b81d11..e8fc433e46e895a34e24fca8e088702f268c2823 100644 --- a/warpsrvint/main.yml +++ b/warpsrvint/main.yml @@ -5,8 +5,8 @@ roles: - { role: ../common/borgbackup, tags: borgbackup } - { role: ../common/borgserver, tags: borgserver } - - { role: ../common/prometheus-node, tags: prometheus-node } - { role: ../common/docker, tags: docker } + - { role: ../common/telegraf, tags: telegraf } - { role: nginx, tags: nginx } - { role: docker_grafana, tags: grafana } - { role: docker_influx, tags: influx } diff --git a/webserver/main.yml b/webserver/main.yml index 509f26c5cf4cad2b6793c3992d1f04d579699d2d..e13d1638e0465e1f537ab3bb39616b24703b454c 100644 --- a/webserver/main.yml +++ b/webserver/main.yml @@ -5,6 +5,7 @@ roles: - { role: ../common/borgbackup, tags: borgbackup } - { role: ../common/docker, tags: docker } + - { role: ../common/telegraf, tags: telegraf } - { role: nginx, tags: nginx } - { role: openvpn, tags: openvpn } - { role: docker_alerta, tags: alerta }