hace 3 meses · 676f9beab4
--- a/ansible.cfg
+++ b/ansible.cfg
@@ -0,0 +1,9 @@
 
				+[defaults]
			
 
				+inventory      = /hosts
			
 
				+forks          = 5
			
 
				+become      = root
			
 
				+remote_port    = 22
			
 
				+host_key_checking = False
			
 
				+timeout = 10
			
 
				+log_path = /var/log/ansible.log
			
 
				+private_key_file = /root/.ssh/id_rsa
			
--- a/deploy.yml
+++ b/deploy.yml
@@ -0,0 +1,35 @@
 
				+---
			
 
				+- name: prom安装
			
 
				+  gather_facts: false
			
 
				+  become: yes
			
 
				+  hosts: 
			
 
				+    - monitor
			
 
				+  roles:
			
 
				+    - prometheus
			
 
				+  tags: prom
			
 
				+
			
 
				+- name: grafana安装
			
 
				+  gather_facts: false
			
 
				+  become: yes
			
 
				+  hosts:
			
 
				+    - monitor
			
 
				+  roles:
			
 
				+    - grafana
			
 
				+  tags: grafana
			
 
				+
			
 
				+
			
 
				+- name: 部署consul
			
 
				+  gather_facts: false
			
 
				+  become: yes
			
 
				+  hosts: monitor
			
 
				+  roles:
			
 
				+    - consul
			
 
				+  tags: consul
			
 
				+
			
 
				+- name: 部署node_exporter
			
 
				+  gather_facts: false
			
 
				+  become: yes
			
 
				+  hosts: exporter
			
 
				+  roles:
			
 
				+    - node_exporter
			
 
				+  tags: ne
			
--- a/group_vars/all.yml
+++ b/group_vars/all.yml
@@ -0,0 +1,9 @@
 
				+# 安装目录 
			
 
				+monitor_dir: '/opt/monitor'
			
 
				+promdata: '/var/promdata'
			
 
				+consuldata: '/var/consuldata'
			
 
				+
			
 
				+#域名
			
 
				+domain_name: 'jxfxtd.monitor'
			
 
				+consul_server: "172.26.56.28"
			
 
				+
			
--- a/hosts
+++ b/hosts
@@ -0,0 +1,14 @@
 
				+
			
 
				+[monitor]
			
 
				+172.26.56.28
			
 
				+
			
 
				+#sign prometheus,grafana,consul on monitor nodes
			
 
				+[exporter]
			
 
				+172.25.87.134
			
 
				+172.26.56.26
			
 
				+172.26.56.25
			
 
				+172.26.56.24
			
 
				+172.26.56.27
			
 
				+172.26.56.28
			
 
				+
			
 
				+#deploy exporter on exporter nodes
			
--- a/roles/consul/tasks/main.yml
+++ b/roles/consul/tasks/main.yml
@@ -0,0 +1,55 @@
 
				+---
			
 
				+- name: Download Consul binary
			
 
				+  get_url:
			
 
				+    url: https://releases.hashicorp.com/consul/1.16.0/consul_1.16.0_linux_amd64.zip
			
 
				+    dest: /tmp/consul.zip
			
 
				+    mode: '0644'
			
 
				+
			
 
				+- name: Extract Consul
			
 
				+  unarchive:
			
 
				+    remote_src: yes
			
 
				+    src: /tmp/consul.zip
			
 
				+    dest: /usr/local/bin/
			
 
				+
			
 
				+
			
 
				+- name: Create consul user
			
 
				+  user:
			
 
				+    name: consul
			
 
				+    system: yes
			
 
				+    shell: /bin/false
			
 
				+
			
 
				+- name: Create directories
			
 
				+  file:
			
 
				+    path: "{{ item }}"
			
 
				+    state: directory
			
 
				+    owner: consul
			
 
				+    group: consul
			
 
				+    mode: '0755'
			
 
				+  with_items:
			
 
				+    - /etc/consul
			
 
				+    - /var/lib/consul
			
 
				+    - /var/log/consul
			
 
				+
			
 
				+
			
 
				+
			
 
				+- name: Copy Consul config
			
 
				+  template:
			
 
				+    src: consul.conf.j2
			
 
				+    dest: /etc/consul/consul.json
			
 
				+    owner: consul
			
 
				+    group: consul
			
 
				+    mode: '0644'
			
 
				+
			
 
				+- name: Copy Consul service
			
 
				+  template:
			
 
				+    src: consul.service.j2
			
 
				+    dest: /etc/systemd/system/consul.service
			
 
				+    owner: root
			
 
				+    group: root
			
 
				+    mode: '0644'
			
 
				+
			
 
				+- name: Enable and start Consul
			
 
				+  systemd:
			
 
				+    name: consul
			
 
				+    enabled: yes
			
 
				+    state: started
			
--- a/roles/consul/templates/consul.conf.j2
+++ b/roles/consul/templates/consul.conf.j2
@@ -0,0 +1,24 @@
 
				+{

			
 
				+  "datacenter": "dc1",

			
 
				+  "node_name": "jx-28",

			
 
				+  "bind_addr": "{{ consul_server }}",

			
 
				+  "client_addr": "0.0.0.0",

			
 
				+  "server": true,

			
 
				+  "bootstrap_expect": 1,

			
 
				+  "data_dir": "/var/lib/consul",

			
 
				+  "log_level": "INFO",

			
 
				+  "ui": true,

			
 
				+  "retry_join": ["{{ consul_server }}"],

			
 
				+  "ports": {

			
 
				+    "dns": 8600,

			
 
				+    "http": 8500,

			
 
				+    "server": 8300,

			
 
				+    "serf_lan": 8301,

			
 
				+    "serf_wan": 8302

			
 
				+  },

			
 
				+  "enable_script_checks": false,

			
 
				+  "acl": {

			
 
				+    "enabled": false,

			
 
				+    "default_policy": "allow"

			
 
				+  }

			
 
				+}

			
--- a/roles/consul/templates/consul.service.j2
+++ b/roles/consul/templates/consul.service.j2
@@ -0,0 +1,20 @@
 
				+[Unit]
			
 
				+Description=Consul
			
 
				+After=network.target
			
 
				+
			
 
				+[Service]
			
 
				+Type=simple
			
 
				+User=consul
			
 
				+Group=consul
			
 
				+ExecStart=/usr/local/bin/consul agent \
			
 
				+  -config-file=/etc/consul/consul.json \
			
 
				+  -data-dir=/var/lib/consul \
			
 
				+  -bind={{ consul_server }} \
			
 
				+  -client=0.0.0.0 \
			
 
				+  -server \
			
 
				+  -bootstrap-expect=1
			
 
				+Restart=always
			
 
				+RestartSec=10
			
 
				+
			
 
				+[Install]
			
 
				+WantedBy=multi-user.target
			
--- a/roles/grafana/tasks/main.yml
+++ b/roles/grafana/tasks/main.yml
@@ -0,0 +1,22 @@
 
				+---

			
 
				+- name: Download Grafana 12.3.0 RPM

			
 
				+  get_url:

			
 
				+    url: https://dl.grafana.com/grafana/release/12.3.0/grafana_12.3.0_19497075765_linux_amd64.rpm

			
 
				+    dest: /tmp/grafana.rpm

			
 
				+    mode: '0644'

			
 
				+    timeout: 300

			
 
				+  tags: dl

			
 
				+

			
 
				+- name: Install Grafana via yum

			
 
				+  yum:

			
 
				+    name: /tmp/grafana.rpm

			
 
				+    state: present

			
 
				+  become: yes

			
 
				+  tags: ginstall

			
 
				+

			
 
				+

			
 
				+- name: Enable and start Grafana

			
 
				+  systemd:

			
 
				+    name: grafana-server

			
 
				+    enabled: yes

			
 
				+    state: started

			
--- a/roles/node_exporter/tasks/main.yml
+++ b/roles/node_exporter/tasks/main.yml
@@ -0,0 +1,66 @@
 
				+---
			
 
				+- name: Download Node Exporter binary
			
 
				+  get_url:
			
 
				+    url: https://github.com/prometheus/node_exporter/releases/download/v1.6.0/node_exporter-1.6.0.linux-amd64.tar.gz
			
 
				+    dest: /tmp/node_exporter.tar.gz
			
 
				+    mode: '0644'
			
 
				+
			
 
				+- name: Extract Node Exporter
			
 
				+  unarchive:
			
 
				+    src: /tmp/node_exporter.tar.gz
			
 
				+    dest: /opt
			
 
				+    remote_src: yes
			
 
				+    creates: /opt/node_exporter-1.6.0.linux-amd64
			
 
				+
			
 
				+- name: Link Node Exporter
			
 
				+  file:
			
 
				+    src: /opt/node_exporter-1.6.0.linux-amd64
			
 
				+    dest: /opt/node_exporter
			
 
				+    state: link
			
 
				+
			
 
				+- name: Create node_exporter user
			
 
				+  user:
			
 
				+    name: node_exporter
			
 
				+    system: yes
			
 
				+    shell: /bin/false
			
 
				+
			
 
				+- name: Create directories
			
 
				+  file:
			
 
				+    path: /var/lib/node_exporter
			
 
				+    state: directory
			
 
				+    owner: node_exporter
			
 
				+    group: node_exporter
			
 
				+    mode: '0755'
			
 
				+
			
 
				+- name: Copy Node Exporter service
			
 
				+  template:
			
 
				+    src: node_exporter.service.j2
			
 
				+    dest: /etc/systemd/system/node_exporter.service
			
 
				+    owner: root
			
 
				+    group: root
			
 
				+    mode: '0644'
			
 
				+
			
 
				+- name: Enable and start Node Exporter
			
 
				+  systemd:
			
 
				+    name: node_exporter
			
 
				+    daemon_reload: yes
			
 
				+    enabled: yes
			
 
				+    state: started
			
 
				+
			
 
				+- name: Register Node-exporter to Consul
			
 
				+  uri:
			
 
				+    url: "http://{{ consul_server }}:8500/v1/agent/service/register"
			
 
				+    method: PUT
			
 
				+    body_format: json
			
 
				+    body:
			
 
				+      name: "node-exporter-{{ inventory_hostname }}"
			
 
				+      id: "node-exporter-{{ inventory_hostname }}"
			
 
				+      address: "{{ inventory_hostname }}"
			
 
				+      port: 9100
			
 
				+      tags: ["node-exporter", "{{ inventory_hostname }}"]
			
 
				+      check:
			
 
				+        http: "http://{{ inventory_hostname }}:9100/metrics"
			
 
				+        interval: "10s"
			
 
				+    headers:
			
 
				+      Content-Type: application/json
			
 
				+  delegate_to: "{{ consul_server }}"
			
--- a/roles/node_exporter/templates/node_exporter.service.j2
+++ b/roles/node_exporter/templates/node_exporter.service.j2
@@ -0,0 +1,15 @@
 
				+[Unit]

			
 
				+Description=Node Exporter

			
 
				+After=network.target

			
 
				+

			
 
				+[Service]

			
 
				+Type=simple

			
 
				+User=node_exporter

			
 
				+Group=node_exporter

			
 
				+ExecStart=/opt/node_exporter/node_exporter \

			
 
				+  --web.listen-address=:9100 

			
 
				+Restart=always

			
 
				+RestartSec=10

			
 
				+

			
 
				+[Install]

			
 
				+WantedBy=multi-user.target

			
--- a/roles/prometheus/tasks/main.yml
+++ b/roles/prometheus/tasks/main.yml
@@ -0,0 +1,65 @@
 
				+---
			
 
				+
			
 
				+
			
 
				+
			
 
				+
			
 
				+- name: Copy Prometheus service
			
 
				+  template:
			
 
				+    src: prometheus.service.j2
			
 
				+    dest: /etc/systemd/system/prometheus.service
			
 
				+    owner: root
			
 
				+    group: root
			
 
				+    mode: '0644'
			
 
				+
			
 
				+
			
 
				+- name: 创建数据目录
			
 
				+  file:     
			
 
				+    path: "{{ promdata }}"
			
 
				+    state: directory
			
 
				+    owner: root
			
 
				+    group: root
			
 
				+    mode: '0755'
			
 
				+
			
 
				+- name: configfile
			
 
				+  file:
			
 
				+    path: "{{ monitor_dir }}/prometheus"
			
 
				+    state: directory
			
 
				+    owner: root
			
 
				+    group: root
			
 
				+    mode: '0755'
			
 
				+
			
 
				+
			
 
				+- name: 2. Download Prometheus release tarball
			
 
				+  unarchive:
			
 
				+    src: "https://github.com/prometheus/prometheus/releases/download/v3.9.1/prometheus-3.9.1.linux-amd64.tar.gz"
			
 
				+    dest: "{{ monitor_dir }}/"
			
 
				+    remote_src: yes
			
 
				+    extra_opts: [--strip-components=1]   # 去掉顶层目录
			
 
				+
			
 
				+- name: 3. Copy prometheus binary to /usr/local/bin
			
 
				+  copy:
			
 
				+    src: "{{ monitor_dir }}/prometheus"
			
 
				+    dest: /usr/local/bin/prometheus
			
 
				+    mode: '0755'
			
 
				+    remote_src: yes
			
 
				+
			
 
				+
			
 
				+
			
 
				+- name: 添加配置文件
			
 
				+  template: src=prometheus.yml.j2 dest={{monitor_dir}}/prometheus/prometheus.yml
			
 
				+
			
 
				+
			
 
				+- name: Enable and start Prometheus
			
 
				+  systemd:
			
 
				+    name: prometheus
			
 
				+    enabled: yes
			
 
				+    state: started
			
 
				+
			
 
				+- name: 重启prometheus服务    
			
 
				+  systemd:
			
 
				+    name: prometheus
			
 
				+    state: restarted
			
 
				+    daemon_reload: yes      
			
 
				+
			
 
				+
			
 
				+            
			
--- a/roles/prometheus/templates/prometheus.service.j2
+++ b/roles/prometheus/templates/prometheus.service.j2
@@ -0,0 +1,17 @@
 
				+[Unit]

			
 
				+Description=Prometheus

			
 
				+After=network.target

			
 
				+

			
 
				+[Service]

			
 
				+Type=simple

			
 
				+ExecStart=/usr/local/bin/prometheus \

			
 
				+  --config.file={{ monitor_dir }}/prometheus.yml \

			
 
				+  --storage.tsdb.path={{ promdata }} \

			
 
				+  --storage.tsdb.retention.time=30d \

			
 
				+  --web.enable-lifecycle \

			
 
				+  --web.listen-address=:9090

			
 
				+Restart=always

			
 
				+RestartSec=10

			
 
				+

			
 
				+[Install]

			
 
				+WantedBy=multi-user.target
			
--- a/roles/prometheus/templates/prometheus.yml.j2
+++ b/roles/prometheus/templates/prometheus.yml.j2
@@ -0,0 +1,40 @@
 
				+# my global config
			
 
				+global:
			
 
				+  scrape_interval: 15s # Set the scrape interval to every 15 seconds. Default is every 1 minute.
			
 
				+  evaluation_interval: 15s # Evaluate rules every 15 seconds. The default is every 1 minute.
			
 
				+  # scrape_timeout is set to the global default (10s).
			
 
				+
			
 
				+# Alertmanager configuration
			
 
				+alerting:
			
 
				+  alertmanagers:
			
 
				+    - static_configs:
			
 
				+        - targets:
			
 
				+          # - alertmanager:9093
			
 
				+
			
 
				+# Load rules once and periodically evaluate them according to the global 'evaluation_interval'.
			
 
				+rule_files:
			
 
				+  # - "first_rules.yml"
			
 
				+  # - "second_rules.yml"
			
 
				+
			
 
				+# A scrape configuration containing exactly one endpoint to scrape:
			
 
				+# Here it's Prometheus itself.
			
 
				+
			
 
				+
			
 
				+scrape_configs:
			
 
				+- job_name: 'consul-services'
			
 
				+  consul_sd_configs:
			
 
				+    - server: 'http://{{consul_server}}:8500'   # Consul 地址
			
 
				+      services: []                   # 空 = 抓取所有服务
			
 
				+      tags: []                       # 空 = 抓取所有标签
			
 
				+  relabel_configs:
			
 
				+  # ① 只抓取含「exporter」标签的服务
			
 
				+  - source_labels: [__meta_consul_tags]
			
 
				+    regex: '.*exporter.*'
			
 
				+    action: keep
			
 
				+  # ② 标签重命名（美观）
			
 
				+  - source_labels: [__meta_consul_service]
			
 
				+    target_label: job
			
 
				+  - source_labels: [__meta_consul_node]
			
 
				+    target_label: instance
			
 
				+  - source_labels: [__meta_consul_tags]
			
 
				+    target_label: tags