Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prometheus Ubuntu 22.04 #419

Merged
7 commits merged into from
Apr 6, 2023
Merged

Prometheus Ubuntu 22.04 #419

Show file tree
Hide file tree
Changes from 6 commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
6cabba5
feat: Use new ocp20 IPs
Apr 3, 2023
70787ad
docs: fix broken Linode link
Apr 3, 2023
76aff60
feat: update prometheus to ubuntu 22
Apr 3, 2023
417c722
fix: set required alertmanager flag
Apr 3, 2023
cdbd147
refactor: remove maintenance.sls
Apr 4, 2023
17dd0a4
feat: add prometheus maintenance config
Apr 4, 2023
e8ea729
docs: add prometheus migration steps
Apr 6, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions docs/develop/update/firewall.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -117,7 +117,7 @@ You can configure a Hetzner firewall as follows:
-
- Accept
* - Allow Prometheus
- 213.138.113.219/32
- 139.162.253.17/32
- 0.0.0.0/0
- 0-65535
- 7231
Expand Down Expand Up @@ -176,7 +176,7 @@ You can configure a Linode Cloud Firewall as follows:
* - Allow-Prometheus
- TCP
- 7231
- 213.138.113.219/32, 2001:41c8:51:7db::219/128
- 139.162.253.17/32, 2a01:7e00::f03c:93ff:fe13:a12c/128
- Accept

Most servers will also have:
Expand Down
2 changes: 1 addition & 1 deletion docs/develop/update/network.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ Linux networking
systemd-networkd
~~~~~~~~~~~~~~~~

`systemd-networkd <https://manpages.ubuntu.com/manpages/jammy/man5/systemd.network.5.html>`__ is a system daemon to configure networking, and is our preferred solution for Linode instances. Configurations are available for `Linode`_ and other hosts. The configuration is written to ``/etc/systemd/network/05-eth0.network``.
`systemd-networkd <https://manpages.ubuntu.com/manpages/jammy/man5/systemd.network.5.html>`__ is a system daemon to configure networking, and is our preferred solution for Linode instances. Configurations are available for Linode and other hosts. The configuration is written to ``/etc/systemd/network/05-eth0.network``.

Linode template
^^^^^^^^^^^^^^^
Expand Down
3 changes: 0 additions & 3 deletions pillar/maintenance.sls
View file
Open in desktop

This file was deleted.

4 changes: 2 additions & 2 deletions pillar/prometheus_client.sls
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
firewall:
prometheus_ipv4: 213.138.113.219
prometheus_ipv6: 2001:41c8:51:7db::219
prometheus_ipv4: 139.162.253.17
prometheus_ipv6: 2a01:7e00::f03c:93ff:fe13:a12c

prometheus:
node_exporter:
Expand Down
12 changes: 10 additions & 2 deletions pillar/prometheus_server.sls
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,9 +1,17 @@
network:
host_id: ocp20
ipv4: 139.162.253.17
#ipv6: 2a01:7e00::f03c:93ff:fe13:a12c
Copy link
Author

@ghost ghost Apr 3, 2023
edited by ghost
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Placeholder IP address until the IPv6 process is finalised. #409

networkd:
template: linode
gateway4: 139.162.253.1

prometheus:
prometheus:
service: prometheus-server
user: prometheus-server
basename: prometheus
version: 2.36.2
version: 2.37.6
local_storage_retention: 120d
config:
conf-prometheus.yml: salt://prometheus/files/conf-prometheus.yml
Expand All @@ -13,7 +21,7 @@ prometheus:
service: prometheus-alertmanager
user: prometheus-alertmanager
basename: alertmanager
version: 0.24.0
version: 0.25.0
config:
conf-alertmanager.yml: salt://prometheus/files/conf-alertmanager.yml

Expand Down
7 changes: 7 additions & 0 deletions pillar/prometheus_server_maintenance.sls
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
maintenance:
enabled: True
patching: manual
rkhunter_customisation: |
ALLOW_SSH_ROOT_USER=yes
RTKT_FILE_WHITELIST=/usr/lib/x86_64-linux-gnu/libkeyutils.so.1.9
USER_FILEPROP_FILES_DIRS=/usr/lib/x86_64-linux-gnu/libkeyutils.so.1.9
4 changes: 1 addition & 3 deletions pillar/top.sls
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,14 +10,12 @@ base:
- cove_oc4ids
- cove_oc4ids_maintenance
- private.cove_oc4ids
- maintenance

'cove-ocds':
- cove
- cove_ocds
- cove_ocds_maintenance
- private.cove_ocds
- maintenance

'docs':
- docs
Expand All @@ -43,7 +41,7 @@ base:
- prometheus_server
- private.smtp
- private.prometheus_server
- maintenance
- prometheus_server_maintenance

'redash':
- redash
Expand Down
2 changes: 1 addition & 1 deletion salt-config/roster
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ cove-ocds: ocp18.open-contracting.org
docs: ocp07.open-contracting.org
kingfisher-process: ocp04.open-contracting.org
kingfisher-replica: ocp05.open-contracting.org
prometheus: ocp03.open-contracting.org
prometheus: ocp20.open-contracting.org
redash: ocp14.open-contracting.org
redmine: ocp16.open-contracting.org
registry:
Expand Down
1 change: 1 addition & 0 deletions salt/core/systemd/files/prometheus-alertmanager.service
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ Group={{ user }}
ExecReload=/bin/kill -HUP $MAINPID
ExecStart=/home/{{ user }}/{{ entry.basename }}-{{ entry.version }}.{{ grains.kernel|lower }}-{{ grains.osarch }}/{{ entry.basename }} \
--web.listen-address 127.0.0.1:9095 \
--cluster.listen-address ""\
--config.file /home/{{ user }}/conf-alertmanager.yml \
{%- if salt['pillar.get']('apache:sites:prometheus-alertmanager:servername') %}
--web.external-url https://{{ pillar.apache.sites['prometheus-alertmanager'].servername }}/ \
Expand Down
2 changes: 1 addition & 1 deletion salt/prometheus/files/conf-prometheus.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ scrape_configs:
'ocds-kingfisher-replica': 'ocp05.open-contracting.org',
'ocds-kingfisher2': 'ocp04.open-contracting.org',
'ocds-live.docs': 'ocp07.open-contracting.org',
'prometheus-server-node': 'ocp03.open-contracting.org',
'prometheus-server-node': 'ocp20.open-contracting.org',
'data-registry': 'ocp13.open-contracting.org',
'redash': 'ocp14.open-contracting.org',
'redmine': 'ocp16.open-contracting.org',
Expand Down