From 3788ec10bfa43fdaafa7a49fd4363a2f5201571d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20M=C3=A1gr?= Date: Fri, 31 Jan 2025 15:52:07 +0100 Subject: [PATCH] Enable podman exporter This PR enables podman_exporter back and add support for TLS certificates. --- roles/edpm_telemetry/defaults/main.yml | 1 + roles/edpm_telemetry/tasks/configure.yml | 13 ++++++++----- roles/edpm_telemetry/tasks/exporter_tls.yml | 7 +++++++ .../templates/podman_exporter.json.j2 | 9 +++++++++ .../templates/podman_exporter.yaml.j2 | 3 +++ 5 files changed, 28 insertions(+), 5 deletions(-) create mode 100644 roles/edpm_telemetry/tasks/exporter_tls.yml create mode 100644 roles/edpm_telemetry/templates/podman_exporter.yaml.j2 diff --git a/roles/edpm_telemetry/defaults/main.yml b/roles/edpm_telemetry/defaults/main.yml index 73615230f..003830a42 100644 --- a/roles/edpm_telemetry/defaults/main.yml +++ b/roles/edpm_telemetry/defaults/main.yml @@ -53,3 +53,4 @@ edpm_telemetry_healthcheck: true edpm_telemetry_enabled_exporters: - ceilometer_agent_compute - node_exporter + - podman_exporter diff --git a/roles/edpm_telemetry/tasks/configure.yml b/roles/edpm_telemetry/tasks/configure.yml index aa74f52b7..1ba353101 100644 --- a/roles/edpm_telemetry/tasks/configure.yml +++ b/roles/edpm_telemetry/tasks/configure.yml @@ -112,11 +112,14 @@ when: - tls_crt_stat.stat.exists and tls_key_stat.stat.exists block: - - name: Create config file for node_exporter - ansible.builtin.template: - dest: "{{ edpm_telemetry_config_dest }}/node_exporter.yaml" - mode: "0644" - src: node_exporter.yaml.j2 + - name: Create config file for exporters + ansible.builtin.include_tasks: + file: exporter_tls.yml + loop: + - node_exporter + - podman_exporter + loop_control: + loop_var: exporter - name: Change the owner of the crt become: true diff --git a/roles/edpm_telemetry/tasks/exporter_tls.yml b/roles/edpm_telemetry/tasks/exporter_tls.yml new file mode 100644 index 000000000..3d944fb94 --- /dev/null +++ b/roles/edpm_telemetry/tasks/exporter_tls.yml @@ -0,0 +1,7 @@ +--- + +- name: Create config file for exporter + ansible.builtin.template: + dest: "{{ edpm_telemetry_config_dest }}/{{ exporter }}.yaml" + mode: "0644" + src: "{{ exporter }}.yaml.j2" diff --git a/roles/edpm_telemetry/templates/podman_exporter.json.j2 b/roles/edpm_telemetry/templates/podman_exporter.json.j2 index ed6aa352b..63226d17a 100644 --- a/roles/edpm_telemetry/templates/podman_exporter.json.j2 +++ b/roles/edpm_telemetry/templates/podman_exporter.json.j2 @@ -6,6 +6,11 @@ "privileged": true, "ports": ["9882:9882"], "net": "host", +{% if tls_cert_exists|bool %} + "command": [ + "--web.config.file=/etc/podman_exporter/podman_exporter.yaml" + ], +{% endif %} "environment": { "OS_ENDPOINT_TYPE": "internal", "CONTAINER_HOST": "unix:///run/podman/podman.sock" @@ -17,6 +22,10 @@ }, {% endif %} "volumes": [ +{% if tls_cert_exists|bool %} + "{{ edpm_telemetry_config_dest }}/podman_exporter.yaml:/etc/podman_exporter/podman_exporter.yaml:z", + "{{ edpm_telemetry_certs }}:/etc/podman_exporter/tls:z", +{% endif %} "/run/podman/podman.sock:/run/podman/podman.sock:rw,z" ] } diff --git a/roles/edpm_telemetry/templates/podman_exporter.yaml.j2 b/roles/edpm_telemetry/templates/podman_exporter.yaml.j2 new file mode 100644 index 000000000..18013cc96 --- /dev/null +++ b/roles/edpm_telemetry/templates/podman_exporter.yaml.j2 @@ -0,0 +1,3 @@ +tls_server_config: + cert_file: /etc/podman_exporter/tls/tls.crt + key_file: /etc/podman_exporter/tls/tls.key