From 9deeacce22d1ccff9e693877541ba528214df538 Mon Sep 17 00:00:00 2001 From: Ben Vincent Date: Sun, 3 Aug 2025 15:38:13 +1000 Subject: [PATCH] feat: add frr_exporter class - add frr exporter to all nodes running frr --- hieradata/roles/infra/cobbler/server.yaml | 8 +++ hieradata/roles/infra/dhcp/server.yaml | 8 +++ hieradata/roles/infra/dns/master.yaml | 8 +++ hieradata/roles/infra/dns/resolver.yaml | 8 +++ hieradata/roles/infra/halb/haproxy2.yaml | 5 ++ hieradata/roles/infra/incus/node.yaml | 5 ++ hieradata/roles/infra/k8s/node.yaml | 8 +++ hieradata/roles/infra/storage/consul.yaml | 7 ++ modules/exporters/manifests/frr_exporter.pp | 68 +++++++++++++++++++ .../templates/frr_exporter.service.erb | 15 ++++ 10 files changed, 140 insertions(+) create mode 100644 modules/exporters/manifests/frr_exporter.pp create mode 100644 modules/exporters/templates/frr_exporter.service.erb diff --git a/hieradata/roles/infra/cobbler/server.yaml b/hieradata/roles/infra/cobbler/server.yaml index aa58290..d689b73 100644 --- a/hieradata/roles/infra/cobbler/server.yaml +++ b/hieradata/roles/infra/cobbler/server.yaml @@ -2,6 +2,7 @@ hiera_include: - profiles::selinux::setenforce - frrouting + - exporters::frr_exporter profiles::packages::include: cobbler: {} @@ -35,6 +36,7 @@ networking::interfaces: mtu: 1500 # frrouting +exporters::frr_exporter::enable: true frrouting::ospfd_router_id: "%{facts.networking.ip}" frrouting::ospfd_redistribute: - connected @@ -46,6 +48,12 @@ frrouting::ospfd_interfaces: frrouting::daemons: ospfd: true +# consul +profiles::consul::client::node_rules: + - resource: service + segment: frr_exporter + disposition: write + # additional repos profiles::yum::global::repos: frr-extras: diff --git a/hieradata/roles/infra/dhcp/server.yaml b/hieradata/roles/infra/dhcp/server.yaml index dc7dc97..cdf4256 100644 --- a/hieradata/roles/infra/dhcp/server.yaml +++ b/hieradata/roles/infra/dhcp/server.yaml @@ -2,6 +2,7 @@ hiera_include: - frrouting - profiles::dhcp::server + - exporters::frr_exporter # networking anycast_ip: 198.18.19.18 @@ -19,6 +20,7 @@ networking::interfaces: mtu: 1500 # frrouting +exporters::frr_exporter::enable: true frrouting::ospfd_router_id: "%{facts.networking.ip}" frrouting::ospfd_redistribute: - connected @@ -30,6 +32,12 @@ frrouting::ospfd_interfaces: frrouting::daemons: ospfd: true +# consul +profiles::consul::client::node_rules: + - resource: service + segment: frr_exporter + disposition: write + # additional repos profiles::yum::global::repos: frr-extras: diff --git a/hieradata/roles/infra/dns/master.yaml b/hieradata/roles/infra/dns/master.yaml index 19f0537..bcce5b0 100644 --- a/hieradata/roles/infra/dns/master.yaml +++ b/hieradata/roles/infra/dns/master.yaml @@ -1,6 +1,7 @@ --- hiera_include: - frrouting + - exporters::frr_exporter profiles::dns::master::ns_role: roles::infra::dns::master profiles::dns::master::use_ns: region @@ -178,6 +179,7 @@ networking::interfaces: mtu: 1500 # frrouting +exporters::frr_exporter::enable: true frrouting::ospfd_router_id: "%{facts.networking.ip}" frrouting::ospfd_redistribute: - connected @@ -189,6 +191,12 @@ frrouting::ospfd_interfaces: frrouting::daemons: ospfd: true +# consul +profiles::consul::client::node_rules: + - resource: service + segment: frr_exporter + disposition: write + # additional repos profiles::yum::global::repos: frr-extras: diff --git a/hieradata/roles/infra/dns/resolver.yaml b/hieradata/roles/infra/dns/resolver.yaml index 7ac0eb4..fc465ae 100644 --- a/hieradata/roles/infra/dns/resolver.yaml +++ b/hieradata/roles/infra/dns/resolver.yaml @@ -1,6 +1,7 @@ --- hiera_include: - frrouting + - exporters::frr_exporter profiles::dns::resolver::acls: acl-main.unkin.net: @@ -228,6 +229,7 @@ networking::interfaces: mtu: 1500 # frrouting +exporters::frr_exporter::enable: true frrouting::ospfd_router_id: "%{facts.networking.ip}" frrouting::ospfd_redistribute: - connected @@ -239,6 +241,12 @@ frrouting::ospfd_interfaces: frrouting::daemons: ospfd: true +# consul +profiles::consul::client::node_rules: + - resource: service + segment: frr_exporter + disposition: write + # additional repos profiles::yum::global::repos: frr-extras: diff --git a/hieradata/roles/infra/halb/haproxy2.yaml b/hieradata/roles/infra/halb/haproxy2.yaml index 98e74f9..297dd16 100644 --- a/hieradata/roles/infra/halb/haproxy2.yaml +++ b/hieradata/roles/infra/halb/haproxy2.yaml @@ -2,6 +2,7 @@ hiera_include: - frrouting - profiles::haproxy::server + - exporters::frr_exporter # networking anycast_ip: 198.18.19.17 @@ -19,6 +20,7 @@ networking::interfaces: mtu: 1500 # frrouting +exporters::frr_exporter::enable: true frrouting::ospfd_router_id: "%{facts.networking.ip}" frrouting::ospfd_redistribute: - connected @@ -69,6 +71,9 @@ profiles::consul::client::node_rules: - resource: service segment: haproxy-metrics disposition: write + - resource: service + segment: frr_exporter + disposition: write # haproxy profiles::haproxy::peers::enable: true diff --git a/hieradata/roles/infra/incus/node.yaml b/hieradata/roles/infra/incus/node.yaml index c6f1146..3c6c078 100644 --- a/hieradata/roles/infra/incus/node.yaml +++ b/hieradata/roles/infra/incus/node.yaml @@ -7,6 +7,7 @@ hiera_include: - profiles::ceph::node - profiles::ceph::client - profiles::storage::cephfsvols + - exporters::frr_exporter # FIXME: puppet-python wants to try manage python-dev, which is required by the ceph package python::manage_dev_package: false @@ -75,6 +76,9 @@ profiles::consul::client::node_rules: - resource: service segment: cephmgr disposition: write + - resource: service + segment: frr_exporter + disposition: write # additional repos profiles::yum::global::repos: @@ -147,6 +151,7 @@ networking::interfaces: mtu: 1500 # frrouting +exporters::frr_exporter::enable: true frrouting::ospfd_router_id: "%{hiera('networking_loopback0_ip')}" frrouting::ospfd_redistribute: - connected diff --git a/hieradata/roles/infra/k8s/node.yaml b/hieradata/roles/infra/k8s/node.yaml index c4cca0b..67e7c01 100644 --- a/hieradata/roles/infra/k8s/node.yaml +++ b/hieradata/roles/infra/k8s/node.yaml @@ -4,6 +4,7 @@ hiera_include: - frrouting - profiles::ceph::node - profiles::ceph::client + - exporters::frr_exporter # FIXME: puppet-python wants to try manage python-dev, which is required by the ceph package python::manage_dev_package: false @@ -90,7 +91,14 @@ networking::interfaces: netmask: 255.255.255.255 mtu: 1500 +# consul +profiles::consul::client::node_rules: + - resource: service + segment: frr_exporter + disposition: write + # frrouting +exporters::frr_exporter::enable: true frrouting::ospfd_router_id: "%{hiera('networking_loopback0_ip')}" frrouting::ospfd_redistribute: - connected diff --git a/hieradata/roles/infra/storage/consul.yaml b/hieradata/roles/infra/storage/consul.yaml index cccf369..5a5c169 100644 --- a/hieradata/roles/infra/storage/consul.yaml +++ b/hieradata/roles/infra/storage/consul.yaml @@ -1,6 +1,7 @@ --- hiera_include: - frrouting + - exporters::frr_exporter profiles::consul::server::members_lookup: true profiles::consul::server::data_dir: /data/consul @@ -38,6 +39,11 @@ profiles::nginx::simpleproxy::nginx_aliases: profiles::nginx::simpleproxy::proxy_port: 8500 profiles::nginx::simpleproxy::proxy_path: '/' +# consul +profiles::consul::client::node_rules: + - resource: service + segment: frr_exporter + disposition: write profiles::consul::prepared_query::rules: vault: ensure: 'present' @@ -116,6 +122,7 @@ networking::interfaces: mtu: 1500 # frrouting +exporters::frr_exporter::enable: true frrouting::ospfd_router_id: "%{facts.networking.ip}" frrouting::ospfd_redistribute: - connected diff --git a/modules/exporters/manifests/frr_exporter.pp b/modules/exporters/manifests/frr_exporter.pp new file mode 100644 index 0000000..2675692 --- /dev/null +++ b/modules/exporters/manifests/frr_exporter.pp @@ -0,0 +1,68 @@ +class exporters::frr_exporter ( + Boolean $enable = false, + String $user = 'frr_exporter', + String $group = 'frr_exporter', + Boolean $manage_user = true, + Boolean $manage_service = true, + Stdlib::Port $port = 9342, + Stdlib::Absolutepath $exec_path = '/usr/bin/frr_exporter', + Stdlib::Absolutepath $socket_dir = '/var/run/frr', +){ + + if $enable { + + # install required package + package {'frr_exporter': + ensure => installed, + } + + # manage the user/group + if $manage_user { + group { $group: + ensure => present, + } + + user { $user: + ensure => present, + shell => '/usr/sbin/nologin', + groups => [$group, 'frrvty'], + managehome => true, + } + } + + # manage the systemd service + if $manage_service { + + # Use these in notifications or file resources + systemd::unit_file { 'frr_exporter.service': + content => template('exporters/frr_exporter.service.erb'), + enable => true, + active => true, + subscribe => Package['frr_exporter'], + } + } + + # manage consul service + consul::service { 'frr_exporter': + service_name => 'frr_exporter', + address => $facts['networking']['ip'], + port => $port, + tags => [ + 'metrics', + 'metrics_scheme=http', + 'metrics_job=frr', + ], + checks => [ + { + id => 'frr_exporter_http_check', + name => 'frr_exporter HTTP Check', + http => "http://${facts['networking']['fqdn']}:${port}/metrics", + method => 'GET', + tls_skip_verify => true, + interval => '10s', + timeout => '1s', + }, + ], + } + } +} diff --git a/modules/exporters/templates/frr_exporter.service.erb b/modules/exporters/templates/frr_exporter.service.erb new file mode 100644 index 0000000..82c82ad --- /dev/null +++ b/modules/exporters/templates/frr_exporter.service.erb @@ -0,0 +1,15 @@ +[Unit] +Description=Prometheus frr_exporter +Wants=network-online.target +After=network-online.target + +[Service] +User=<%= @user %> +Group=<%= @group %> +ExecStart=<%= @exec_path %> --frr.socket.dir-path="<%= @socket_dir %>" +ExecReload=/bin/kill -HUP $MAINPID +KillMode=process +Restart=always + +[Install] +WantedBy=multi-user.target