feat: add vmcluster module
Build / precommit (pull_request) Successful in 3m23s

- manage vmstorage package, service and environment file
- manage vmselect package, service and environment file
- manage vminsert package, service and environment file
- manage vmagent package, service and environment file
- manage options for vmstorage, vmselect, vminsert, vmagent role
This commit is contained in:
2025-07-19 22:34:57 +10:00
parent c5c40c3bfd
commit 6c2bad9806
18 changed files with 671 additions and 15 deletions
+96
View File
@@ -0,0 +1,96 @@
class vmcluster::vmagent (
Boolean $enable = false,
String $user = 'vmagent',
String $group = 'vmagent',
Boolean $manage_user = true,
Boolean $manage_service = true,
Array[String] $packages = ['vmagent', 'vmutils'],
Stdlib::Absolutepath $exec_path = '/usr/bin/vmagent',
Stdlib::Absolutepath $data_path = '/var/lib/vmagent',
Stdlib::Absolutepath $vars_file = '/etc/default/vmagent',
String $consul_node_token = $facts['consul_node_token'],
Hash[String, Variant[String, Array[String]]] $options = {},
) {
# if enabled, manage this service
if $enable {
# install required packages
if $packages {
ensure_packages($packages, {ensure => 'installed'})
}
# manage the user/group
if $manage_user {
group { $group:
ensure => present,
}
user { $user:
ensure => present,
shell => '/usr/sbin/nologin',
groups => $group,
managehome => true,
}
}
# manage directories
file { [ $data_path ]:
ensure => directory,
owner => $user,
group => $group,
}
# manage environment options file
file { $vars_file:
ensure => file,
owner => 'root',
group => 'root',
mode => '0644',
content => template('vmcluster/options.erb'),
}
file { '/etc/vmagent':
ensure => directory,
}
file { '/etc/vmagent/scrape.yaml':
ensure => file,
owner => 'root',
group => 'root',
mode => '0644',
content => template('vmcluster/vmagent.scrape.yaml.erb'),
}
# manage the systemd service
if $manage_service {
# manage the subscribed resources
if 'tls' in $options and $options['tls'] == 'true' {
if 'remoteWrite.tlsCertFile' in $options and 'remoteWrite.tlsKeyFile' in $options {
# tls option AND certs listed, subscribe to the options file and certs
$subscribe = [
File[$vars_file],
File[$options['remoteWrite.tlsCertFile']],
File[$options['remoteWrite.tlsKeyFile']],
File['/etc/vmagent/scrape.yaml']
]
}else{
# tls option but no certs listed, just subscribe to the options file
warning('TLS is enabled but remoteWrite.tlsCertFile or remoteWrite.tlsKeyFile is missing from vmagent options.')
$subscribe = [File[$vars_file], File['/etc/vmagent/scrape.yaml']]
}
}else{
# no tls option, just subscribe to the options file
$subscribe = [File[$vars_file], File['/etc/vmagent/scrape.yaml']]
}
# Use these in notifications or file resources
systemd::unit_file { 'vmagent.service':
content => template('vmcluster/vmagent.service.erb'),
enable => true,
active => true,
subscribe => $subscribe,
}
}
}
}
+71
View File
@@ -0,0 +1,71 @@
class vmcluster::vminsert (
Boolean $enable = false,
String $user = 'vminsert',
String $group = 'vminsert',
Boolean $manage_user = true,
Boolean $manage_service = true,
Array[String] $packages = ['vminsert', 'vmutils'],
Stdlib::Absolutepath $exec_path = '/usr/bin/vminsert',
Stdlib::Absolutepath $vars_file = '/etc/default/vminsert',
Hash[String, Variant[String, Array[String]]] $options = {},
) {
# if enabled, manage this service
if $enable {
# install required packages
if $packages {
ensure_packages($packages, {ensure => 'installed'})
}
# manage the user/group
if $manage_user {
group { $group:
ensure => present,
}
user { $user:
ensure => present,
shell => '/usr/sbin/nologin',
groups => $group,
managehome => true,
}
}
# manage environment options file
file { $vars_file:
ensure => file,
owner => 'root',
group => 'root',
mode => '0644',
content => template('vmcluster/options.erb'),
}
# manage the systemd service
if $manage_service {
# manage the subscribed resources
if 'tls' in $options and $options['tls'] == 'true' {
if 'tlsCertFile' in $options and 'tlsKeyFile' in $options {
# tls option AND certs listed, subscribe to the options file and certs
$subscribe = [File[$vars_file],File[$options['tlsCertFile']], File[$options['tlsKeyFile']]]
}else{
# tls option but no certs listed, just subscribe to the options file
warning('TLS is enabled but tlsCertFile or tlsKeyFile is missing from vminsert options.')
$subscribe = [File[$vars_file]]
}
}else{
# no tls option, just subscribe to the options file
$subscribe = [File[$vars_file]]
}
# Use these in notifications or file resources
systemd::unit_file { 'vminsert.service':
content => template('vmcluster/vminsert.service.erb'),
enable => true,
active => true,
subscribe => $subscribe,
}
}
}
}
+79
View File
@@ -0,0 +1,79 @@
class vmcluster::vmselect (
Boolean $enable = false,
String $user = 'vmselect',
String $group = 'vmselect',
Boolean $manage_user = true,
Boolean $manage_service = true,
Array[String] $packages = ['vmselect', 'vmutils'],
Stdlib::Absolutepath $exec_path = '/usr/bin/vmselect',
Stdlib::Absolutepath $data_path = '/var/lib/vmselect',
Stdlib::Absolutepath $vars_file = '/etc/default/vmselect',
Hash[String, Variant[String, Array[String]]] $options = {},
) {
# if enabled, manage this service
if $enable {
# install required packages
if $packages {
ensure_packages($packages, {ensure => 'installed'})
}
# manage the user/group
if $manage_user {
group { $group:
ensure => present,
}
user { $user:
ensure => present,
shell => '/usr/sbin/nologin',
groups => $group,
managehome => true,
}
}
# manage directories
file { [ $data_path ]:
ensure => directory,
owner => $user,
group => $group,
}
# manage environment options file
file { $vars_file:
ensure => file,
owner => 'root',
group => 'root',
mode => '0644',
content => template('vmcluster/options.erb'),
}
# manage the systemd service
if $manage_service {
# manage the subscribed resources
if 'tls' in $options and $options['tls'] == 'true' {
if 'tlsCertFile' in $options and 'tlsKeyFile' in $options {
# tls option AND certs listed, subscribe to the options file and certs
$subscribe = [File[$vars_file],File[$options['tlsCertFile']], File[$options['tlsKeyFile']]]
}else{
# tls option but no certs listed, just subscribe to the options file
warning('TLS is enabled but tlsCertFile or tlsKeyFile is missing from vmselect options.')
$subscribe = [File[$vars_file]]
}
}else{
# no tls option, just subscribe to the options file
$subscribe = [File[$vars_file]]
}
# Use these in notifications or file resources
systemd::unit_file { 'vmselect.service':
content => template('vmcluster/vmselect.service.erb'),
enable => true,
active => true,
subscribe => $subscribe,
}
}
}
}
+79
View File
@@ -0,0 +1,79 @@
class vmcluster::vmstorage (
Boolean $enable = false,
String $user = 'vmstorage',
String $group = 'vmstorage',
Boolean $manage_user = true,
Boolean $manage_service = true,
Array[String] $packages = ['vmstorage', 'vmutils'],
Stdlib::Absolutepath $exec_path = '/usr/bin/vmstorage',
Stdlib::Absolutepath $data_path = '/var/lib/vmstorage',
Stdlib::Absolutepath $vars_file = '/etc/default/vmstorage',
Hash[String, Variant[String, Array[String]]] $options = {},
) {
# if enabled, manage this service
if $enable {
# install required packages
if $packages {
ensure_packages($packages, {ensure => 'installed'})
}
# manage the user/group
if $manage_user {
group { $group:
ensure => present,
}
user { $user:
ensure => present,
shell => '/usr/sbin/nologin',
groups => $group,
managehome => true,
}
}
# manage directories
file { [ $data_path ]:
ensure => directory,
owner => $user,
group => $group,
}
# manage environment options file
file { $vars_file:
ensure => file,
owner => 'root',
group => 'root',
mode => '0644',
content => template('vmcluster/options.erb'),
}
# manage the systemd service
if $manage_service {
# manage the subscribed resources
if 'tls' in $options and $options['tls'] == 'true' {
if 'tlsCertFile' in $options and 'tlsKeyFile' in $options {
# tls option AND certs listed, subscribe to the options file and certs
$subscribe = [File[$vars_file],File[$options['tlsCertFile']], File[$options['tlsKeyFile']]]
}else{
# tls option but no certs listed, just subscribe to the options file
warning('TLS is enabled but tlsCertFile or tlsKeyFile is missing from vmstorage options.')
$subscribe = [File[$vars_file]]
}
}else{
# no tls option, just subscribe to the options file
$subscribe = [File[$vars_file]]
}
# Use these in notifications or file resources
systemd::unit_file { 'vmstorage.service':
content => template('vmcluster/vmstorage.service.erb'),
enable => true,
active => true,
subscribe => $subscribe,
}
}
}
}
+18
View File
@@ -0,0 +1,18 @@
<%
opts = @options || {}
lines = []
opts.each do |key, val|
flag = "-#{key}"
if val.is_a?(Array)
val.each do |v|
lines << "#{flag}=#{v}"
end
else
lines << "#{flag}=#{val}"
end
end
%>
OPTIONS="<%= lines.map { |l| l.lstrip }.join(" \\\n ") %>"
@@ -0,0 +1,37 @@
global:
scrape_interval: 15s
scrape_timeout: 10s
scrape_configs:
- job_name: 'consul'
consul_sd_configs:
- server: 'consul.service.consul:8500'
token: <%= @consul_node_token %>
scheme: http
relabel_configs:
# Only keep services with the `metrics` tag
- source_labels: [__meta_consul_tagpresent_metrics]
regex: true
action: keep
# Use the service address and port
- source_labels: [__meta_consul_node, __meta_consul_service_port]
separator: ':'
target_label: __address__
replacement: '${1}:${2}'
action: replace
# Set scheme to metrics_scheme
- source_labels: [__meta_consul_tag_metrics_scheme]
target_label: __scheme__
action: replace
# Set path to /metrics
- target_label: __metrics_path__
replacement: /metrics
# Use metrics_job=<job> as job label
- source_labels: [__meta_consul_tag_metrics_job]
target_label: job
action: replace
@@ -0,0 +1,18 @@
[Unit]
Description=VictoriaMetrics vmagent service
After=network.target
[Service]
Type=simple
User=<%= @user %>
Group=<%= @group %>
Restart=always
EnvironmentFile=<%= @vars_file %>
ExecStart=<%= @exec_path %> -remoteWrite.tmpDataPath=<%= @data_path %> $OPTIONS
PrivateTmp=yes
NoNewPrivileges=yes
ProtectSystem=full
[Install]
WantedBy=multi-user.target
@@ -0,0 +1,18 @@
[Unit]
Description=VictoriaMetrics vminsert service
After=network.target
[Service]
Type=simple
User=<%= @user %>
Group=<%= @group %>
Restart=always
EnvironmentFile=<%= @vars_file %>
ExecStart=<%= @exec_path %> $OPTIONS
PrivateTmp=yes
NoNewPrivileges=yes
ProtectSystem=full
[Install]
WantedBy=multi-user.target
@@ -0,0 +1,18 @@
[Unit]
Description=VictoriaMetrics vmselect service
After=network.target
[Service]
Type=simple
User=<%= @user %>
Group=<%= @group %>
Restart=always
EnvironmentFile=<%= @vars_file %>
ExecStart=<%= @exec_path %> -cacheDataPath=<%= @data_path %> $OPTIONS
PrivateTmp=yes
NoNewPrivileges=yes
ProtectSystem=full
[Install]
WantedBy=multi-user.target
@@ -0,0 +1,18 @@
[Unit]
Description=VictoriaMetrics vmstorage service
After=network.target
[Service]
Type=simple
User=<%= @user %>
Group=<%= @group %>
Restart=always
EnvironmentFile=<%= @vars_file %>
ExecStart=<%= @exec_path %> -storageDataPath=<%= @data_path %> $OPTIONS
PrivateTmp=yes
NoNewPrivileges=yes
ProtectSystem=full
[Install]
WantedBy=multi-user.target