diff --git a/Readme.md b/Readme.md index 789e209..245a408 100644 --- a/Readme.md +++ b/Readme.md @@ -5,10 +5,17 @@ An ansible role that installs docker host on ubuntu ### Role Variables ```yaml -dockerhost_group : "docker" -docker_compose_version : "1.25.3" -docker_compose_dir : "/opt/docker_compose" -docker_compose_install : True +dockerhost_group : "docker" +docker_compose_version : "1.29.1" +docker_compose_dir : "/opt/docker_compose" +docker_compose_install : True +dockerhost_daemon_config : {} +dockerhost_install_cadvisor : True +dockerhost_cadvisor_version : "v0.37.5" +dockerhost_cadvisor_config_flags : {} +dockerhost_cadvisor_config_docker_endpoint : unix:///run/docker.sock +dockerhost_cadvisor_config_listen_port : 8100 +dockerhost_cadvisor_config_listen_interface : 0.0.0.0 ``` ## License diff --git a/defaults/main.yml b/defaults/main.yml index 7c384c6..cca2006 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,9 +1,29 @@ --- -dockerhost_group : "docker" -docker_compose_version : "1.25.3" -docker_compose_dir : "/opt/docker_compose" -docker_compose_install : True -docker_install_py_module : False +dockerhost_group : "docker" +docker_compose_version : "1.29.1" +docker_compose_dir : "/opt/docker_compose" +docker_compose_install : True +docker_install_py_module : False -docker_gpg_url : https://download.docker.com/linux/ubuntu/gpg +docker_gpg_url : https://download.docker.com/linux/ubuntu/gpg + +dockerhost_daemon_config : {} + +dockerhost_install_cadvisor : True +dockerhost_prometheus_exporters_common_user : prometheus +dockerhost_prometheus_exporters_common_group : prometheus + +dockerhost_prometheus_exporters_common_root_dir : /opt/prometheus/exporters +dockerhost_prometheus_exporters_common_dist_dir : "{{ dockerhost_prometheus_exporters_common_root_dir }}/dist" +dockerhost_prometheus_exporters_common_conf_dir : "/etc/prometheus/exporters" + +dockerhost_cadvisor_version : v0.37.5 +dockerhost_cadvisor_release_name : "cadvisor-{{ dockerhost_cadvisor_version }}.linux-amd64" +dockerhost_cadvisor_config_flags : {} +dockerhost_cadvisor_config_docker_endpoint : unix:///run/docker.sock +dockerhost_cadvisor_config_listen_port : 8100 +dockerhost_cadvisor_config_listen_interface : 0.0.0.0 + +# Since cAdvisor can potentially replace node exporter, add an option to disable node exporter +dockerhost_disable_prometheus_node_exporter : False diff --git a/handlers/main.yml b/handlers/main.yml index 0b2d6e4..2bb30ae 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,11 +1,22 @@ --- - name: restart docker - service: + service: name: docker state: restarted - name: restart docker systemd - systemd: + systemd: name: docker state: restarted daemon_reload: True + +- name: reenable cadvisor service + command: systemctl reenable cadvisor.service + +- name: reinit cadvisor + command: initctl reload-configuration + +- name: restart cadvisor + service: + name: cadvisor + state: restarted diff --git a/meta/main.yml b/meta/main.yml index 1290db3..7874ce3 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -8,8 +8,10 @@ galaxy_info: platforms: - name: Ubuntu versions: + - 20.04 - 18.04 - 16.04 categories: - - web -dependencies: [] + - web +dependencies: +- UnderGreen.prometheus-exporters-common diff --git a/tasks/apt.yml b/tasks/apt.yml index 0393b1a..1a79138 100644 --- a/tasks/apt.yml +++ b/tasks/apt.yml @@ -2,21 +2,20 @@ - name: Ensure apt works with HTTPS and certificates are installed and kernel extrax apt: - pkg="{{ item }}" - state="installed" - update_cache="yes" - cache_valid_time=3600 - with_items: + pkg: - apt-transport-https - ca-certificates + state: present + update_cache: yes + cache_valid_time: 3600 -- name: Add apt repo GPG +- name: Add apt repo GPG apt_key: id="{{ dockerhost_id }}" url="{{ docker_gpg_url }}" - name: Add docker apt repo - apt_repository: + apt_repository: repo="deb https://download.docker.com/linux/ubuntu {{ ansible_lsb.codename }} stable" update_cache="yes" diff --git a/tasks/cadvisor.yml b/tasks/cadvisor.yml new file mode 100644 index 0000000..a57a8cc --- /dev/null +++ b/tasks/cadvisor.yml @@ -0,0 +1,75 @@ +--- + +- name: Create binary directory + file: + path: "{{ dockerhost_prometheus_exporters_common_dist_dir }}/{{ dockerhost_cadvisor_release_name }}" + state: directory + owner: "{{ dockerhost_prometheus_exporters_common_user }}" + group: "{{ dockerhost_prometheus_exporters_common_group }}" + +- name: download cadvisor binary + get_url: + url: "{{ dockerhost_cadvisor_download_url }}" + dest: "{{ dockerhost_prometheus_exporters_common_dist_dir }}/{{ dockerhost_cadvisor_release_name }}/cadvisor" + mode: "0755" + +- name: create symlink to the current release + file: + src: "{{ dockerhost_prometheus_exporters_common_dist_dir }}/{{ dockerhost_cadvisor_release_name }}" + path: "{{ dockerhost_prometheus_exporters_common_root_dir }}/cadvisor_current" + state: link + +- name: create systemd service unit + template: + src: cadvisor/systemd-unit.j2 + dest: /etc/systemd/system/cadvisor.service + owner: root + group: root + mode: 0644 + when: ansible_service_mgr == 'systemd' + notify: + - reenable cadvisor service + - restart cadvisor + +- name: get upstart version + command: initctl version + when: ansible_service_mgr == 'upstart' + register: upstart_version + +- name: create init service unit + template: + src: cadvisor/upstart.j2 + dest: /etc/init/cadvisor.conf + owner: root + group: root + mode: 0644 + when: ansible_service_mgr == 'upstart' + notify: + - reinit cadvisor + - restart cadvisor + +- name: create sysvinit service unit + template: + src: cadvisor/init.j2 + dest: /etc/init.d/cadvisor + owner: root + group: root + mode: 0755 + when: ansible_service_mgr == 'sysvinit' + notify: + - restart cadvisor + +- name: disable node exporter service + when: dockerhost_disable_prometheus_node_exporter|bool + service: + name: prometheus-node-exporter + state: stopped + enabled: no + +- meta: flush_handlers + +- name: ensure cadvisor is running + service: + name: cadvisor + enabled: yes + state: started diff --git a/tasks/main.yml b/tasks/main.yml index cfe9f15..e946b0a 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -3,7 +3,7 @@ #https://docs.docker.com/engine/installation/linux/ubuntulinux/ - name: Add docker group - group: + group: name: "{{ dockerhost_group }}" system: True state: present @@ -24,25 +24,36 @@ when: docker_compose_install - name: Create docker conf - template: + template: src: docker_conf.j2 dest: /etc/default/docker when: ansible_service_mgr != 'systemd' - notify: + notify: - restart docker - name: Create docker systemd unit file - template: + template: src: docker_systemd_service.j2 dest: /etc/systemd/system/docker.service when: ansible_service_mgr == 'systemd' - notify: + notify: + - restart docker systemd + +- name: Create docker daemon config file + template: + src: daemon.json.j2 + dest: /etc/docker/daemon.json + notify: - restart docker systemd - meta: flush_handlers - name: Ensure docker is running and starts by default - service: + service: name: docker state: started enabled: True + +- name: Include cadvisor + include: cadvisor.yml + when: dockerhost_install_cadvisor diff --git a/templates/cadvisor/init.j2 b/templates/cadvisor/init.j2 new file mode 100644 index 0000000..88cf9d0 --- /dev/null +++ b/templates/cadvisor/init.j2 @@ -0,0 +1,107 @@ +#!/bin/sh +# +# +# +# chkconfig: 345 99 01 +# description: Manage service cadvisor + + +### BEGIN INIT INFO +# Provides: cadvisor +# Required-Start: +# Required-Stop: +# Should-Start: +# Should-Stop: +# Default-Start: +# Default-Stop: +# Short-Description: +# Description: Manage service cadvisor +### END INIT INFO + +# Source function library. +. /etc/rc.d/init.d/functions + +exec="/opt/prometheus/exporters/cadvisor_current/cadvisor" +prog="cadvisor" +# cadvisor is not able to manage configuration file +#config="" + +[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog + +lockfile=/var/lock/subsys/$prog + +start() { + [ -x $exec ] || exit 5 + #[ -f $config ] || exit 6 + echo -n $"Starting $prog: " + # if not running, start it up here, usually something like "daemon $exec" + daemon {{ dockerhost_prometheus_exporters_common_root_dir }}/cadvisor_current/cadvisor --docker="{{ dockerhost_cadvisor_config_docker_endpoint }}" --listen_ip="{{ dockerhost_cadvisor_config_listen_interface }}" --port="{{ dockerhost_cadvisor_config_listen_port }}" {% for flag, flag_value in dockerhost_cadvisor_config_flags.items() %}--{{ flag }}={{ flag_value }} {% endfor %} + echo + [ $retval -eq 0 ] && touch $lockfile + return $retval +} + +stop() { + echo -n $"Stopping $prog: " + # stop it here, often "killproc $prog" + killproc /opt/prometheus/exporters/cadvisor_current/cadvisor + retval=$? + echo + [ $retval -eq 0 ] && rm -f $lockfile + return $retval +} + +restart() { + stop + start +} + +reload() { + restart +} + +force_reload() { + restart +} + +rh_status() { + # run checks to determine if the service is running or use generic status + status $prog +} + +rh_status_q() { + rh_status >/dev/null 2>&1 +} + + +case "$1" in + start) + rh_status_q && exit 0 + $1 + ;; + stop) + rh_status_q || exit 0 + $1 + ;; + restart) + $1 + ;; + reload) + rh_status_q || exit 7 + $1 + ;; + force-reload) + force_reload + ;; + status) + rh_status + ;; + condrestart|try-restart) + rh_status_q || exit 0 + restart + ;; + *) + echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}" + exit 2 +esac +exit $? diff --git a/templates/cadvisor/systemd-unit.j2 b/templates/cadvisor/systemd-unit.j2 new file mode 100644 index 0000000..d3de55e --- /dev/null +++ b/templates/cadvisor/systemd-unit.j2 @@ -0,0 +1,15 @@ +[Unit] +Description=cadvisor +After=network.target + +[Service] +Type=simple +User=root +Group=root +ExecStart={{ dockerhost_prometheus_exporters_common_root_dir }}/cadvisor_current/cadvisor --docker="{{ dockerhost_cadvisor_config_docker_endpoint }}" --listen_ip="{{ dockerhost_cadvisor_config_listen_interface }}" --port="{{ dockerhost_cadvisor_config_listen_port }}" {% for flag, flag_value in dockerhost_cadvisor_config_flags.items() %}--{{ flag }}={{ flag_value }} {% endfor %} + +SyslogIdentifier=cadvisor +Restart=always + +[Install] +WantedBy=multi-user.target diff --git a/templates/cadvisor/upstart.j2 b/templates/cadvisor/upstart.j2 new file mode 100644 index 0000000..1df1b1c --- /dev/null +++ b/templates/cadvisor/upstart.j2 @@ -0,0 +1,16 @@ +description "cadvisor" +start on (local-filesystems and net-device-up IFACE!=lo) +stop on runlevel [016] + +respawn +{% if upstart_version.stdout | replace("init (upstart ", "") |replace(")","") | version_compare('1.4', '>=') %} +setuid root +setgid root +{% endif %} + +script + exec >> "{{ dockerhost_prometheus_exporters_common_log_dir }}/cadvisor.log" + exec 2>&1 + exec {{ dockerhost_prometheus_exporters_common_root_dir }}/cadvisor_current/cadvisor --docker="{{ dockerhost_cadvisor_config_docker_endpoint }}" --listen_ip="{{ dockerhost_cadvisor_config_listen_interface }}" --port="{{ dockerhost_cadvisor_config_listen_port }}" {% for flag, flag_value in dockerhost_cadvisor_config_flags.items() %}--{{ flag }}={{ flag_value }} {% endfor %} + +end script diff --git a/templates/daemon.json.j2 b/templates/daemon.json.j2 new file mode 100644 index 0000000..63ba48d --- /dev/null +++ b/templates/daemon.json.j2 @@ -0,0 +1 @@ +{{ dockerhost_daemon_config | to_nice_json }} diff --git a/vars/main.yml b/vars/main.yml index e5665b6..4193219 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -5,3 +5,5 @@ dockerhost_id : "7EA0A9C3F273FCD8" docker_compose_file : "docker-compose-Linux-{{ ansible_userspace_architecture }}-{{ docker_compose_version }}" docker_compose_url : "https://github.com/docker/compose/releases/download/{{ docker_compose_version }}/docker-compose-Linux-{{ ansible_userspace_architecture }}" + +dockerhost_cadvisor_download_url : "https://github.com/google/cadvisor/releases/download/{{ dockerhost_cadvisor_version }}/cadvisor"