feat: add vmcluster module
Build / precommit (pull_request) Successful in 3m23s

- manage vmstorage package, service and environment file
- manage vmselect package, service and environment file
- manage vminsert package, service and environment file
- manage vmagent package, service and environment file
- manage options for vmstorage, vmselect, vminsert, vmagent role
This commit is contained in:
2025-07-19 22:34:57 +10:00
parent c5c40c3bfd
commit 6c2bad9806
18 changed files with 671 additions and 15 deletions
+3 -1
View File
@@ -38,7 +38,9 @@ consul::services:
address: "%{facts.networking.ip}"
port: 3000
tags:
- metrics
- 'metrics'
- 'metrics_scheme=http'
- 'metrics_job=gitea'
checks:
- id: 'gitea_metrics_http_check'
name: 'Gitea Metrics HTTP Check'
+2 -1
View File
@@ -53,7 +53,8 @@ consul::services:
service_name: 'haproxy-metrics'
tags:
- 'metrics'
- 'haproxy'
- 'metrics_scheme=https'
- 'metrics_job=haproxy'
address: "%{facts.networking.ip}"
port: 8405
checks:
@@ -29,7 +29,6 @@ consul::services:
service_name: 'grafana'
tags:
- 'grafana'
- 'metrics'
address: "%{facts.networking.ip}"
port: 443
checks:
+56 -3
View File
@@ -1,4 +1,57 @@
---
profiles::packages::include:
vmagent: {}
vmutils: {}
hiera_include:
- vmcluster::vmagent
vmcluster::vmagent::enable: true
vmcluster::vmagent::options:
tls: 'true'
tlsCertFile: '/etc/pki/tls/vault/certificate.crt'
tlsKeyFile: '/etc/pki/tls/vault/private.key'
tlsMinVersion: 'TLS12'
remoteWrite.url:
- https://vminsert.service.consul:8480/insert/0/prometheus
remoteWrite.tlsCertFile: '/etc/pki/tls/vault/certificate.crt'
remoteWrite.tlsKeyFile: '/etc/pki/tls/vault/private.key'
remoteWrite.tlsCAFile: '/etc/pki/tls/certs/ca-bundle.crt'
promscrape.config: '/etc/vmagent/scrape.yaml'
memory.allowedBytes: '1GiB'
envflag.enable: 'true'
# additional altnames
profiles::pki::vault::alt_names:
- vmagent.main.unkin.net
- vmagent.service.consul
- vmagent.query.consul
- "vmagent.service.%{facts.country}-%{facts.region}.consul"
consul::services:
vmagent:
service_name: 'vmagent'
tags:
- 'metrics'
- 'metrics_scheme=https'
- 'metrics_job=vmagent'
address: "%{facts.networking.ip}"
port: 8429
checks:
- id: 'vmagent_http_check'
name: 'vmagent HTTP Check'
http: "https://%{facts.networking.fqdn}:8429/health"
method: 'GET'
tls_skip_verify: true
interval: '10s'
timeout: '1s'
profiles::consul::client::node_rules:
- resource: service
segment: vmagent
disposition: write
- resource: agent_prefix
segment: ''
disposition: read
- resource: node_prefix
segment: ''
disposition: read
- resource: service_prefix
segment: ''
disposition: read
+49 -3
View File
@@ -1,4 +1,50 @@
---
profiles::packages::include:
vminsert: {}
vmutils: {}
hiera_include:
- vmcluster::vminsert
vmcluster::vminsert::enable: true
vmcluster::vminsert::options:
replicationFactor: '2'
httpListenAddr: ':8480'
tls: 'true'
tlsCertFile: '/etc/pki/tls/vault/certificate.crt'
tlsKeyFile: '/etc/pki/tls/vault/private.key'
tlsMinVersion: 'TLS12'
memory.allowedBytes: '1GiB'
metrics.exposeMetadata: 'true'
envflag.enable: 'true'
storageNode:
- ausyd1nxvm2086.main.unkin.net:8400
- ausyd1nxvm2087.main.unkin.net:8400
- ausyd1nxvm2088.main.unkin.net:8400
- ausyd1nxvm2089.main.unkin.net:8400
- ausyd1nxvm2090.main.unkin.net:8400
# additional altnames
profiles::pki::vault::alt_names:
- vminsert.main.unkin.net
- vminsert.service.consul
- vminsert.query.consul
- "vminsert.service.%{facts.country}-%{facts.region}.consul"
consul::services:
vminsert:
service_name: 'vminsert'
tags:
- 'metrics'
- 'metrics_scheme=https'
- 'metrics_job=vminsert'
address: "%{facts.networking.ip}"
port: 8480
checks:
- id: 'vminsert_http_check'
name: 'vminsert HTTP Check'
http: "https://%{facts.networking.fqdn}:8480/health"
method: 'GET'
tls_skip_verify: true
interval: '10s'
timeout: '1s'
profiles::consul::client::node_rules:
- resource: service
segment: vminsert
disposition: write
+52 -3
View File
@@ -1,4 +1,53 @@
---
profiles::packages::include:
vmselect: {}
vmutils: {}
hiera_include:
- vmcluster::vmselect
vmcluster::vmselect::enable: true
vmcluster::vmselect::data_path: /data/vmselect-cache
vmcluster::vmselect::options:
search.skipSlowReplicas: 'true'
search.denyPartialResponse: 'false'
replicationFactor: '2'
globalReplicationFactor: '2'
tls: 'true'
tlsCertFile: '/etc/pki/tls/vault/certificate.crt'
tlsKeyFile: '/etc/pki/tls/vault/private.key'
tlsMinVersion: 'TLS12'
memory.allowedBytes: '1GiB'
metrics.exposeMetadata: 'true'
envflag.enable: 'true'
storageNode:
- ausyd1nxvm2086.main.unkin.net:8401
- ausyd1nxvm2087.main.unkin.net:8401
- ausyd1nxvm2088.main.unkin.net:8401
- ausyd1nxvm2089.main.unkin.net:8401
- ausyd1nxvm2090.main.unkin.net:8401
# additional altnames
profiles::pki::vault::alt_names:
- vmselect.main.unkin.net
- vmselect.service.consul
- vmselect.query.consul
- "vmselect.service.%{facts.country}-%{facts.region}.consul"
consul::services:
vmselect:
service_name: 'vmselect'
tags:
- 'metrics'
- 'metrics_scheme=https'
- 'metrics_job=vmselect'
address: "%{facts.networking.ip}"
port: 8481
checks:
- id: 'vmselect_http_check'
name: 'vmselect HTTP Check'
http: "https://%{facts.networking.fqdn}:8481/health"
method: 'GET'
tls_skip_verify: true
interval: '10s'
timeout: '1s'
profiles::consul::client::node_rules:
- resource: service
segment: vmselect
disposition: write
+43 -3
View File
@@ -1,4 +1,44 @@
---
profiles::packages::include:
vmstorage: {}
vmutils: {}
hiera_include:
- vmcluster::vmstorage
vmcluster::vmstorage::enable: true
vmcluster::vmstorage::data_path: /data/vmstorage
vmcluster::vmstorage::options:
retentionPeriod: 90d
tls: 'true'
tlsCertFile: '/etc/pki/tls/vault/certificate.crt'
tlsKeyFile: '/etc/pki/tls/vault/private.key'
tlsMinVersion: 'TLS12'
memory.allowedBytes: '1GiB'
metrics.exposeMetadata: 'true'
envflag.enable: 'true'
# additional altnames
profiles::pki::vault::alt_names:
- vmstorage.main.unkin.net
- vmstorage.service.consul
- vmstorage.query.consul
- "vmstorage.service.%{facts.country}-%{facts.region}.consul"
consul::services:
vmstorage:
service_name: 'vmstorage'
tags:
- 'metrics'
- 'metrics_scheme=https'
- 'metrics_job=vmstorage'
address: "%{facts.networking.ip}"
port: 8482
checks:
- id: 'vmstorage_http_check'
name: 'vmstorage HTTP Check'
http: "https://%{facts.networking.fqdn}:8482/health"
method: 'GET'
tls_skip_verify: true
interval: '10s'
timeout: '1s'
profiles::consul::client::node_rules:
- resource: service
segment: vmstorage
disposition: write