From 51346d08b72c581c44425608468a2151f8742769 Mon Sep 17 00:00:00 2001 From: nd Date: Wed, 29 Jun 2022 21:09:34 +0200 Subject: [PATCH] add snmp exporter from fabbs --- defaults/main.yml | 14 ++++++++ handlers/main.yml | 5 +++ tasks/main.yml | 55 ++++++++++++++++++++++++++++++++ templates/node-scraper.j2 | 35 ++++++++++++++++++++ templates/stunnel-client.conf.j2 | 13 ++++++++ 5 files changed, 122 insertions(+) diff --git a/defaults/main.yml b/defaults/main.yml index c3aba96..7131519 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -42,6 +42,20 @@ prometheus_agent: jobs: {} promtail: enable: False + snmp: + enable: False + mib_path: /usr/share/snmp/mibs + args: + "web.listen-address": "[::1]:9116" + "config.file": "/etc/prometheus/snmp.yml" + # A list of objects containing a single key, either `url` or `file`, e.g.: + # - url: https://example.com/path/to/mib + # - file: /path/to/mib + mibs: [] + # Generator configuration, see https://github.com/prometheus/snmp_exporter/blob/main/generator/generator.yml + config: + modules: {} + jobs: {} scrape_timeout: ~ scrape_interval: ~ metrics_path: ~ diff --git a/handlers/main.yml b/handlers/main.yml index 9ee04b2..c89ae71 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -17,3 +17,8 @@ service: name: grafana-promtail state: restarted + +- name: restart snmp exporter + service: + name: prometheus-snmp-exporter + state: restarted diff --git a/tasks/main.yml b/tasks/main.yml index 9ff3b00..e98c7c8 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -38,6 +38,61 @@ dest: /etc/prometheus/blackbox.yml content: "{{ prometheus_agent.agents.blackbox.config|to_nice_yaml(indent=2) }}" +- name: handle snmp exporter + when: prometheus_agent.agents.snmp.enable + block: + - name: install prometheus-snmp-exporter + apt: + name: prometheus-snmp-exporter + - name: install snmp downloader + apt: + name: snmp-mibs-downloader + register: mibs_downloader_installed + - name: create folder for MIBs + file: + dest: '{{prometheus_agent.agents.snmp.mib_path }}' + state: directory + - name: download MIBs + loop: '{{ prometheus_agent.agents.snmp.mibs }}' + when: "'url' in item" + get_url: + dest: '{{prometheus_agent.agents.snmp.mib_path }}' + url: '{{ item.url }}' + #async: 600 + #poll: 0.1 + register: mibs_downloaded + - name: copy MIBs + loop: '{{ prometheus_agent.agents.snmp.mibs }}' + when: "'file' in item" + copy: + dest: '{{prometheus_agent.agents.snmp.mib_path }}' + src: '{{ item.file }}' + #async: 600 + #poll: 0.1 + register: mibs_copied + - name: create snmp directory + file: + dest: /etc/prometheus/snmp + state: directory + mode: 0755 + - name: generate generator configuration + copy: + dest: /etc/prometheus/snmp/generator.yml + content: '{{ prometheus_agent.agents.snmp.config|to_nice_yaml }}' + mode: 0644 + register: snmp_exporter_generator + - name: generate SNMP exporter configuration + when: snmp_exporter_generator.changed or mibs_downloader_installed.changed or mibs_downloaded.changed or mibs_copied.changed + shell: prometheus-snmp-generator generate -o /etc/prometheus/snmp.yml + args: + chdir: /etc/prometheus/snmp + notify: restart snmp exporter + - name: enable and start snmp exporter + service: + name: prometheus-snmp-exporter + state: started + enabled: yes + - name: manage tls when: prometheus_agent.tls.manage block: diff --git a/templates/node-scraper.j2 b/templates/node-scraper.j2 index 23fb3de..3a2afad 100644 --- a/templates/node-scraper.j2 +++ b/templates/node-scraper.j2 @@ -55,6 +55,41 @@ {% endfor %} {% endif %} +{% if prometheus_agent.scrapers[item].snmp|d(False) and prometheus_agent.agents.snmp.enable %} +{% for j in prometheus_agent.agents.snmp.jobs %} +{% set job=prometheus_agent.agents.snmp.jobs[j] %} +- job_name: "prometheus-agent - snmp - {{ j }} : {{ inventory_hostname }}" + scheme: https + metrics_path: /snmp + static_configs: + - targets: +{% for target in job.targets %} + - {{ target }} +{% endfor %} + labels: {{ merged_prometheus_labels|combine(job.labels|d({}))|to_json }} +{% for i in ['scrape_timeout', 'scrape_interval'] if (prometheus_agent|combine(prometheus_agent.agents.snmp)|combine(job))[i] %} + {{ i }}: {{ (prometheus_agent|combine(job))[i] }} +{% endfor %} + tls_config: + ca_file: /etc/prometheus/targetcerts/{{ inventory_hostname }}.crt + cert_file: /etc/ssl/prometheus_scraper.crt + key_file: /etc/ssl/private/prometheus_scraper.key + params: + module: [{{ job.module }}] + relabel_configs: + - source_labels: [__address__] + target_label: __param_target + - source_labels: [__param_target] + target_label: instance + - replacement: 'snmp' + target_label: job + - replacement: '{{ job.module }}' + target_label: module + - target_label: __address__ + replacement: {{ inventory_hostname }}:{{ prometheus_agent.scrapers[item].snmp }} +{% endfor %} +{% endif %} + {% for j in prometheus_agent.scrapers[item].proxy|d({}) %} - job_name: "prometheus-agent - proxy - {{ j }} : {{ inventory_hostname }}" scheme: https diff --git a/templates/stunnel-client.conf.j2 b/templates/stunnel-client.conf.j2 index c5f5f6e..2099242 100644 --- a/templates/stunnel-client.conf.j2 +++ b/templates/stunnel-client.conf.j2 @@ -39,6 +39,19 @@ verifyPeer = yes CAfile = /etc/ssl/scraper_{{ i }}.crt {% endfor %} +{% for i in prometheus_agent.scrapers if "snmp" in prometheus_agent.scrapers[i] and prometheus_agent.agents.snmp.enable %} +; snmp +[scraper {{ i }} snmp] +client = no +requireCert = yes +accept = :::{{ prometheus_agent.scrapers[i].snmp }} +connect = {{ prometheus_agent.agents.snmp.args['web.listen-address']|replace('[', '')|replace(']', '') }} +cert = /etc/ssl/prometheus_agent.crt +key = /etc/ssl/private/prometheus_agent.key +verifyPeer = yes +CAfile = /etc/ssl/scraper_{{ i }}.crt +{% endfor %} + ; proxy {% for i in prometheus_agent.scrapers if "proxy" in prometheus_agent.scrapers[i] %} {% for j in prometheus_agent.scrapers[i].proxy|d({}) %}