feat: add database generation to grafana
- ensure a database, user and credential is created for each grafana node - ensure all databases for a region are included in a mariadb cluster - refine params with stdlib types
This commit is contained in:
@@ -117,6 +117,9 @@ lookup_options:
|
||||
ssh::server::options:
|
||||
merge:
|
||||
strategy: deep
|
||||
mysql::db:
|
||||
merge:
|
||||
strategy: deep
|
||||
|
||||
facts_path: '/opt/puppetlabs/facter/facts.d'
|
||||
|
||||
|
||||
@@ -0,0 +1,2 @@
|
||||
---
|
||||
mysql::db::grafana::pass: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAozi1vFf9KfwsGSdxXvhOWRn9Vqbr9AZ+cVJuIOmmLVZMRP4AJkkNgCCly+o1pxtMiU8EISUQuBWCBHUi+u2Y1YAjIABzTa2K+PCU7qqkdrJaxvKqmmKS7C/CWFKp1stYvYIvIofyvl9Q854nMcpvxQKL0PBGh3rIaUHHV3L0PH1UDLqL5j6OPXaNvKL4UzwMDDIVAd7F5yMbtSx2PT23pBLbPYsbG1jRx7pUS/d1ZE9E8h3OA2jxW/CBf68Sb2Xlrh7IAB/6RiLLpIsUyRMv9zrbPrMuKg/q5lzO0i9fejh5z3Z3YkdnhH61doUT/RSjAjz3JrWDGxomOSK0y8TxjjBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCg1kVqFs/mf4r+6EI32b8qgCBm6cL3JhVzj3Btit9D8VYU8mQcrIaXJZ3qF31zJMzCkw==]
|
||||
@@ -2,3 +2,14 @@
|
||||
profiles::sql::galera_member::cluster_name: au-syd1
|
||||
profiles::sql::galera_member::galera_master: ausyd1nxvm1027.main.unkin.net
|
||||
profiles::sql::galera_member::innodb_buffer_pool_size: 256M
|
||||
|
||||
mysql::db:
|
||||
grafana:
|
||||
name: grafana
|
||||
user: grafana
|
||||
password: "%{alias('mysql::db::grafana::pass')}"
|
||||
grant:
|
||||
- SELECT
|
||||
- INSERT
|
||||
- UPDATE
|
||||
- DELETE
|
||||
|
||||
@@ -1,2 +1,49 @@
|
||||
---
|
||||
#profile::metrics::grafana
|
||||
hiera_include:
|
||||
- profiles::nginx::simpleproxy
|
||||
|
||||
profiles::metrics::grafana::mysql_host: "mariadb-%{facts.environment}.service.%{facts.country}-%{facts.region}.consul"
|
||||
profiles::metrics::grafana::mysql_port: 3306
|
||||
|
||||
# additional altnames
|
||||
profiles::pki::vault::alt_names:
|
||||
- grafana.main.unkin.net
|
||||
- grafana.service.consul
|
||||
- grafana.query.consul
|
||||
- "grafana.service.%{facts.country}-%{facts.region}.consul"
|
||||
|
||||
profiles::ssh::sign::principals:
|
||||
- grafana.main.unkin.net
|
||||
- grafana.service.consul
|
||||
- grafana.query.consul
|
||||
|
||||
consul::services:
|
||||
grafana:
|
||||
service_name: 'grafana'
|
||||
tags:
|
||||
- 'grafana'
|
||||
- 'metrics'
|
||||
address: "%{facts.networking.ip}"
|
||||
port: 443
|
||||
checks:
|
||||
- id: 'Grafana_https_check'
|
||||
name: 'Grafana HTTPS Check'
|
||||
http: "https://%{facts.networking.fqdn}:443"
|
||||
method: 'GET'
|
||||
tls_skip_verify: true
|
||||
interval: '10s'
|
||||
timeout: '1s'
|
||||
profiles::consul::client::node_rules:
|
||||
- resource: service
|
||||
segment: grafana
|
||||
disposition: write
|
||||
|
||||
# manage a simple nginx reverse proxy
|
||||
profiles::nginx::simpleproxy::nginx_vhost: 'grafana.query.consul'
|
||||
profiles::nginx::simpleproxy::nginx_aliases:
|
||||
- grafana.main.unkin.net
|
||||
- grafana.service.consul
|
||||
- grafana.query.consul
|
||||
- "grafana.service.%{facts.country}-%{facts.region}.consul"
|
||||
profiles::nginx::simpleproxy::proxy_port: 8080
|
||||
profiles::nginx::simpleproxy::proxy_path: '/'
|
||||
|
||||
@@ -83,3 +83,9 @@ profiles::consul::prepared_query::rules:
|
||||
service_failover_n: 3
|
||||
service_only_passing: true
|
||||
ttl: 10
|
||||
grafana:
|
||||
ensure: 'present'
|
||||
service_name: 'grafana'
|
||||
service_failover_n: 3
|
||||
service_only_passing: true
|
||||
ttl: 10
|
||||
|
||||
Reference in New Issue
Block a user