基于 ansible-role 实现node-exporter的安装
Mr.Lee 2024-09-12 14:33:18 LinuxPython
基于 ansible-role 实现node-exporter的安装
# 1. 初始化机器环境
# 1.1 去掉目标机器的网关规则
[root@localhost ~]# firewall-cmd --list-port
9100/tcp
[root@localhost ~]# firewall-cmd --remove-port=9100/tcp
success
1
2
3
4
2
3
4
# 1.2 在控制面安装ansible
❯ tree ansible
ansible
├── amd64
│ ├── ansible-core_2.14.3-1_all.deb
│ ├── ca-certificates_20230311_all.deb
│ ├── ieee-data_20220827.1_all.deb
│ ├── libbsd0_0.11.7-2_amd64.deb
│ ├── libcbor0.8_0.8.0-2+b1_amd64.deb
│ ├── libcom-err2_1.47.0-2_amd64.deb
│ ├── libedit2_3.1-20221030-2_amd64.deb
│ ├── libexpat1_2.5.0-1_amd64.deb
│ ├── libfido2-1_1.12.0-2+b1_amd64.deb
│ ├── libgssapi-krb5-2_1.20.1-2+deb12u2_amd64.deb
│ ├── libk5crypto3_1.20.1-2+deb12u2_amd64.deb
│ ├── libkeyutils1_1.6.3-2_amd64.deb
│ ├── libkrb5-3_1.20.1-2+deb12u2_amd64.deb
│ ├── libkrb5support0_1.20.1-2+deb12u2_amd64.deb
│ ├── libncursesw6_6.4-4_amd64.deb
│ ├── libnsl2_1.3.0-2_amd64.deb
│ ├── libpsl5_0.21.2-1_amd64.deb
│ ├── libpython3-stdlib_3.11.2-1+b1_amd64.deb
│ ├── libpython3.11-minimal_3.11.2-6+deb12u2_amd64.deb
│ ├── libpython3.11-stdlib_3.11.2-6+deb12u2_amd64.deb
│ ├── libreadline8_8.2-1.3_amd64.deb
│ ├── libsqlite3-0_3.40.1-2_amd64.deb
│ ├── libssl3_3.0.13-1~deb12u1_amd64.deb
│ ├── libtirpc-common_1.3.3+ds-1_all.deb
│ ├── libtirpc3_1.3.3+ds-1_amd64.deb
│ ├── libyaml-0-2_0.2.5-1_amd64.deb
│ ├── media-types_10.0.0_all.deb
│ ├── netbase_6.4_all.deb
│ ├── openssh-client_1%3a9.2p1-2+deb12u3_amd64.deb
│ ├── openssl_3.0.13-1~deb12u1_amd64.deb
│ ├── python3-cffi-backend_1.15.1-5+b1_amd64.deb
│ ├── python3-cryptography_38.0.4-3_amd64.deb
│ ├── python3-distutils_3.11.2-3_all.deb
│ ├── python3-dnspython_2.3.0-1_all.deb
│ ├── python3-httplib2_0.20.4-3_all.deb
│ ├── python3-jinja2_3.1.2-1_all.deb
│ ├── python3-lib2to3_3.11.2-3_all.deb
│ ├── python3-markupsafe_2.1.2-1+b1_amd64.deb
│ ├── python3-minimal_3.11.2-1+b1_amd64.deb
│ ├── python3-netaddr_0.8.0-2_all.deb
│ ├── python3-packaging_23.0-1_all.deb
│ ├── python3-pycryptodome_3.11.0+dfsg1-4_amd64.deb
│ ├── python3-pyparsing_3.0.9-1_all.deb
│ ├── python3-resolvelib_0.9.0-2_all.deb
│ ├── python3-yaml_6.0-3+b2_amd64.deb
│ ├── python3.11-minimal_3.11.2-6+deb12u2_amd64.deb
│ ├── python3.11_3.11.2-6+deb12u2_amd64.deb
│ ├── python3_3.11.2-1+b1_amd64.deb
│ ├── readline-common_8.2-1.3_all.deb
│ ├── sshpass_1.09-1+b1_amd64.deb
│ └── wget_1.21.3-1+b2_amd64.deb
├── ansible.cfg
├── arm64
│ ├── ansible-core_2.14.3-1_all.deb
│ ├── ca-certificates_20230311_all.deb
│ ├── ieee-data_20220827.1_all.deb
│ ├── libbsd0_0.11.7-2_arm64.deb
│ ├── libcbor0.8_0.8.0-2+b1_arm64.deb
│ ├── libcom-err2_1.47.0-2_arm64.deb
│ ├── libedit2_3.1-20221030-2_arm64.deb
│ ├── libexpat1_2.5.0-1_arm64.deb
│ ├── libfido2-1_1.12.0-2+b1_arm64.deb
│ ├── libgssapi-krb5-2_1.20.1-2+deb12u2_arm64.deb
│ ├── libk5crypto3_1.20.1-2+deb12u2_arm64.deb
│ ├── libkeyutils1_1.6.3-2_arm64.deb
│ ├── libkrb5-3_1.20.1-2+deb12u2_arm64.deb
│ ├── libkrb5support0_1.20.1-2+deb12u2_arm64.deb
│ ├── libncursesw6_6.4-4_arm64.deb
│ ├── libnsl2_1.3.0-2_arm64.deb
│ ├── libpsl5_0.21.2-1_arm64.deb
│ ├── libpython3-stdlib_3.11.2-1+b1_arm64.deb
│ ├── libpython3.11-minimal_3.11.2-6+deb12u2_arm64.deb
│ ├── libpython3.11-stdlib_3.11.2-6+deb12u2_arm64.deb
│ ├── libreadline8_8.2-1.3_arm64.deb
│ ├── libsqlite3-0_3.40.1-2_arm64.deb
│ ├── libssl3_3.0.13-1~deb12u1_arm64.deb
│ ├── libtirpc-common_1.3.3+ds-1_all.deb
│ ├── libtirpc3_1.3.3+ds-1_arm64.deb
│ ├── libyaml-0-2_0.2.5-1_arm64.deb
│ ├── media-types_10.0.0_all.deb
│ ├── netbase_6.4_all.deb
│ ├── openssh-client_1%3a9.2p1-2+deb12u3_arm64.deb
│ ├── openssl_3.0.13-1~deb12u1_arm64.deb
│ ├── python3-cffi-backend_1.15.1-5+b1_arm64.deb
│ ├── python3-cryptography_38.0.4-3_arm64.deb
│ ├── python3-distutils_3.11.2-3_all.deb
│ ├── python3-dnspython_2.3.0-1_all.deb
│ ├── python3-httplib2_0.20.4-3_all.deb
│ ├── python3-jinja2_3.1.2-1_all.deb
│ ├── python3-lib2to3_3.11.2-3_all.deb
│ ├── python3-markupsafe_2.1.2-1+b1_arm64.deb
│ ├── python3-minimal_3.11.2-1+b1_arm64.deb
│ ├── python3-netaddr_0.8.0-2_all.deb
│ ├── python3-packaging_23.0-1_all.deb
│ ├── python3-pycryptodome_3.11.0+dfsg1-4_arm64.deb
│ ├── python3-pyparsing_3.0.9-1_all.deb
│ ├── python3-resolvelib_0.9.0-2_all.deb
│ ├── python3-yaml_6.0-3+b2_arm64.deb
│ ├── python3.11-minimal_3.11.2-6+deb12u2_arm64.deb
│ ├── python3.11_3.11.2-6+deb12u2_arm64.deb
│ ├── python3_3.11.2-1+b1_arm64.deb
│ ├── readline-common_8.2-1.3_all.deb
│ ├── sshpass_1.09-1_arm64.deb
│ └── wget_1.21.3-1+b1_arm64.deb
└── collections
├── ansible-posix-1.5.4.tar.gz
├── community-general-9.1.0.tar.gz
├── kubernetes-core-2.4.2.tar.gz
# $TARGETARCH 当前服务器的CPU架构 amd64 or arm64
# 安装ansible的基础环境
❯ apt install ansible/$TARGETARCH/*.deb && apt clean && rm -rf /var/lib/apt/lists/*
# 安装ansible额外的扩展 module
❯ ansible-galaxy collection install /opt/ansible/collections/*.tar.gz
# 配置ansible
❯ cp ansible/ansible.cfg /etc/ansible/ansible.cfg
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
# 2. 内容解析
# 2.1 ansible.cfg
[defaults]
nocows = True
roles_path = /opt/ops/remote-deploy/roles
remote_tmp = $HOME/.ansible/tmp
local_tmp = $HOME/.ansible/tmp
pipelining = True
become = True
host_key_checking = False
deprecation_warnings = False
callback_whitelist = profile_tasks
[inventory]
enable_plugins = host_list, script, auto, yaml, ini, toml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
2
3
4
5
6
7
8
9
10
11
12
13
14
# 2.2 remote-deploy 目录结构
❯ tree remote-deploy/
remote-deploy/
├── deploys
│ ├── inventorys
│ │ └── example-inventory
│ └── playbooks
│ ├── install-node-exporter.yaml
│ └── ping.yaml
└── roles <-- 可执行的roles
└── node-exporter-role
├── README.md
├── defaults <-- 定义任务执行的默认值
│ └── main.yml
├── files <-- 存放任务执行所需的文件
│ ├── node_exporter-1.6.0.linux-amd64
│ │ ├── NOTICE
│ │ └── node_exporter
│ └── node_exporter-1.6.0.linux-arm64
│ ├── NOTICE
│ └── node_exporter
├── handlers
│ └── main.yml
├── meta
│ └── main.yml
├── molecule
│ └── default
│ ├── converge.yml
│ └── molecule.yml
├── tasks <-- 定义具体的执行任务
│ ├── config-version.yaml
│ ├── enable-port.yaml
│ └── main.yml
└── templates <-- 存放任务所需的模版文件
└── node_exporter.service.j2
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
# 2.3 解析role目录 (defaults/main.yml)
定义一些任务执行所需的变量
---
# Use the latest node_exporter release
node_exporter_version: '1.6.0'
# Alternatively, set a specific version
# See available releases: https://github.com/prometheus/node_exporter/releases/
# node_exporter_version: '0.18.1'
node_exporter_arch: 'arm64'
# node_exporter_download_url: https://github.com/prometheus/node_exporter/releases/download/v{{ node_exporter_version }}/node_exporter-{{ node_exporter_version }}.linux-{{ node_exporter_arch }}.tar.gz
node_exporter_bin_path: /usr/local/bin/node_exporter
# Set node_exporter_host to localhost if you wish to expose node_exporter on localhost only.
node_exporter_host: ''
node_exporter_port: 9100
node_exporter_options: ''
node_exporter_state: started
node_exporter_enabled: true
node_exporter_restart: on-failure
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
# 2.4 解析role目录 (tasks/main.yml)
---
- name: Check current node_exporter version.
command: "{{ node_exporter_bin_path }} --version"
failed_when: false
changed_when: false
register: node_exporter_version_check
# - name: Configure latest version
# include_tasks: config-version.yaml
# when: >
# node_exporter_version is match("latest")
# or node_exporter_version is not defined
# - name: Get target machine architecture
# ansible.builtin.command: uname -m
# register: machine_arch
# changed_when: false
- name: Set node_exporter_arch based on machine architecture
ansible.builtin.set_fact:
node_exporter_arch: >-
{%- if ansible_architecture == 'x86_64' -%}amd64
{%- elif ansible_architecture == 'aarch64' -%}arm64
{%- else -%}{{ ansible_architecture }}
{%- endif -%}
- name: Copy node_exporter binary from files folder
copy:
src: "node_exporter-{{ node_exporter_version }}.linux-{{ node_exporter_arch | trim }}/node_exporter"
dest: "{{ node_exporter_bin_path }}"
mode: 0755
when: >
node_exporter_version_check.stdout is not defined
or node_exporter_version not in node_exporter_version_check.stdout
notify: restart node_exporter
- name: Create node_exporter user.
user:
name: node_exporter
shell: /sbin/nologin
state: present
- name: Copy the node_exporter systemd unit file.
template:
src: node_exporter.service.j2
dest: /etc/systemd/system/node_exporter.service
mode: 0644
register: node_exporter_service
- name: Reload systemd daemon if unit file is changed.
systemd:
daemon_reload: true
# notify: restart node_exporter
notify: systemctl restart node_exporter.service
when: node_exporter_service is changed
- name: Ensure node_exporter is running and enabled at boot.
service:
name: node_exporter
state: "{{ node_exporter_state }}"
enabled: "{{ node_exporter_enabled }}"
- name: Verify node_exporter is responding to requests.
uri:
url: "http://{% if node_exporter_host !='' %}{{ node_exporter_host }}{% else %}localhost{% endif %}:{{ node_exporter_port }}/"
return_content: true
register: metrics_output
failed_when: "'Metrics' not in metrics_output.content"
- name: Gather service facts
ansible.builtin.service_facts:
- name: Enable node_exporter port
firewalld:
port: 9100/tcp
permanent: true
state: enabled
immediate: yes
when: ansible_facts.services['firewalld.service']['state'] == 'running'
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
# 2.5 解析role目录 (templates/node_exporter.service.j2)
[Unit]
Description=NodeExporter
[Service]
TimeoutStartSec=0
User=node_exporter
ExecStart={{ node_exporter_bin_path }} --web.listen-address={{ node_exporter_host }}:{{ node_exporter_port }} {{ node_exporter_options }}
Restart={{ node_exporter_restart }}
[Install]
WantedBy=multi-user.target
1
2
3
4
5
6
7
8
9
10
11
2
3
4
5
6
7
8
9
10
11
# 2.6 stall-node-exporter.yaml
---
- name: install-node-exporter
hosts: servers
roles:
- roles/node-exporter-role
1
2
3
4
5
2
3
4
5
# 2.7 example-inventory
[servers]
10.40.10.8 ansible_ssh_host=10.40.10.8 ansible_ssh_port=22 ansible_ssh_user=root ansible_ssh_password=root
1
2
2
# 3. 执行ansible-playbook
❯ cd remote-deploy
❯ ll
total 0
drwxr-xr-x 4 striveonger staff 128B 9 12 17:32 deploys
drwxr-xr-x 3 striveonger staff 96B 9 12 17:32 roles
❯ ansible-playbook deploys/playbooks/install-node-exporter.yaml --inventory-file deploys/inventorys/example-inventory
1
2
3
4
5
6
2
3
4
5
6