From a08e7b0120e45d22b211e7b722074452261abed4 Mon Sep 17 00:00:00 2001 From: Vassiliy Yegorov Date: Tue, 15 Nov 2022 10:30:03 +0700 Subject: [PATCH] add ansible --- promtail-ansible/ansible.cfg | 11 + promtail-ansible/install-promtail.sh | 3 + promtail-ansible/install-promtail.yml | 28 ++ promtail-ansible/inventory | 3 + promtail-ansible/loki-creds.yml | 8 + .../roles/patrickjahns.promtail/.ansible-lint | 3 + .../roles/patrickjahns.promtail/.gitignore | 7 + .../roles/patrickjahns.promtail/.later.yml | 25 ++ .../roles/patrickjahns.promtail/.yamllint | 31 ++ .../roles/patrickjahns.promtail/CHANGELOG.md | 328 ++++++++++++++++++ .../roles/patrickjahns.promtail/LICENSE | 21 ++ .../roles/patrickjahns.promtail/README.md | 125 +++++++ .../patrickjahns.promtail/defaults/main.yml | 57 +++ .../patrickjahns.promtail/handlers/main.yml | 10 + .../roles/patrickjahns.promtail/meta/main.yml | 40 +++ .../molecule/default/molecule.yml | 31 ++ .../molecule/default/playbook.yml | 5 + .../molecule/default/prepare.yml | 10 + .../molecule/default/tests/test_default.py | 64 ++++ .../molecule/latest/molecule.yml | 31 ++ .../molecule/latest/playbook.yml | 7 + .../molecule/latest/prepare.yml | 10 + .../molecule/latest/tests/test_latest.py | 55 +++ .../patrickjahns.promtail/tasks/install.yml | 104 ++++++ .../patrickjahns.promtail/tasks/main.yml | 22 ++ .../patrickjahns.promtail/tasks/preflight.yml | 43 +++ .../patrickjahns.promtail/templates/config.j2 | 26 ++ .../templates/service.j2 | 17 + .../test-requirements.txt | 6 + .../roles/patrickjahns.promtail/tox.ini | 33 ++ .../roles/patrickjahns.promtail/vars/main.yml | 8 + 31 files changed, 1172 insertions(+) create mode 100644 promtail-ansible/ansible.cfg create mode 100644 promtail-ansible/install-promtail.sh create mode 100644 promtail-ansible/install-promtail.yml create mode 100644 promtail-ansible/inventory create mode 100644 promtail-ansible/loki-creds.yml create mode 100644 promtail-ansible/roles/patrickjahns.promtail/.ansible-lint create mode 100644 promtail-ansible/roles/patrickjahns.promtail/.gitignore create mode 100644 promtail-ansible/roles/patrickjahns.promtail/.later.yml create mode 100644 promtail-ansible/roles/patrickjahns.promtail/.yamllint create mode 100644 promtail-ansible/roles/patrickjahns.promtail/CHANGELOG.md create mode 100644 promtail-ansible/roles/patrickjahns.promtail/LICENSE create mode 100644 promtail-ansible/roles/patrickjahns.promtail/README.md create mode 100644 promtail-ansible/roles/patrickjahns.promtail/defaults/main.yml create mode 100644 promtail-ansible/roles/patrickjahns.promtail/handlers/main.yml create mode 100644 promtail-ansible/roles/patrickjahns.promtail/meta/main.yml create mode 100644 promtail-ansible/roles/patrickjahns.promtail/molecule/default/molecule.yml create mode 100644 promtail-ansible/roles/patrickjahns.promtail/molecule/default/playbook.yml create mode 100644 promtail-ansible/roles/patrickjahns.promtail/molecule/default/prepare.yml create mode 100644 promtail-ansible/roles/patrickjahns.promtail/molecule/default/tests/test_default.py create mode 100644 promtail-ansible/roles/patrickjahns.promtail/molecule/latest/molecule.yml create mode 100644 promtail-ansible/roles/patrickjahns.promtail/molecule/latest/playbook.yml create mode 100644 promtail-ansible/roles/patrickjahns.promtail/molecule/latest/prepare.yml create mode 100644 promtail-ansible/roles/patrickjahns.promtail/molecule/latest/tests/test_latest.py create mode 100644 promtail-ansible/roles/patrickjahns.promtail/tasks/install.yml create mode 100644 promtail-ansible/roles/patrickjahns.promtail/tasks/main.yml create mode 100644 promtail-ansible/roles/patrickjahns.promtail/tasks/preflight.yml create mode 100644 promtail-ansible/roles/patrickjahns.promtail/templates/config.j2 create mode 100644 promtail-ansible/roles/patrickjahns.promtail/templates/service.j2 create mode 100644 promtail-ansible/roles/patrickjahns.promtail/test-requirements.txt create mode 100644 promtail-ansible/roles/patrickjahns.promtail/tox.ini create mode 100644 promtail-ansible/roles/patrickjahns.promtail/vars/main.yml diff --git a/promtail-ansible/ansible.cfg b/promtail-ansible/ansible.cfg new file mode 100644 index 0000000..fe04906 --- /dev/null +++ b/promtail-ansible/ansible.cfg @@ -0,0 +1,11 @@ +[defaults] +inventory = inventory + +remote_user: root +private_key_file: ~/.ssh/id_rsa +host_key_checking = False +retry_files_enabled = False +roles_path = ./roles + +stdout_callback = yaml +bin_ansible_callbacks = True diff --git a/promtail-ansible/install-promtail.sh b/promtail-ansible/install-promtail.sh new file mode 100644 index 0000000..dc2a944 --- /dev/null +++ b/promtail-ansible/install-promtail.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +ansible-playbook -i inventory install-protail.yml --vault-password-file ~/.ssh/.vault_pass.txt diff --git a/promtail-ansible/install-promtail.yml b/promtail-ansible/install-promtail.yml new file mode 100644 index 0000000..83a9607 --- /dev/null +++ b/promtail-ansible/install-promtail.yml @@ -0,0 +1,28 @@ +- hosts: my-nodes + vars_files: + - "loki-creds.yml" + roles: + - role: patrickjahns.promtail + vars: + promtail_config_server: + http_listen_port: 9080 + grpc_listen_port: 9081 + promtail_config_clients: + - url: "{{loki_domain}}/loki/api/v1/push" + external_labels: + host: "{{ ansible_hostname }}" + basic_auth: + username: {{loki_login }} + password: {{ loki_password }} + promtail_config_positions: + filename: "{{ promtail_positions_directory }}/positions.yaml" + sync_period: "60s" + + promtail_config_scrape_configs: + - job_name: system + static_configs: + - targets: + - localhost + labels: + job: varlogs + __path__: /var/log/*log diff --git a/promtail-ansible/inventory b/promtail-ansible/inventory new file mode 100644 index 0000000..d8eec93 --- /dev/null +++ b/promtail-ansible/inventory @@ -0,0 +1,3 @@ +[my-nodes] +65.108.215.33 +95.216.185.176 diff --git a/promtail-ansible/loki-creds.yml b/promtail-ansible/loki-creds.yml new file mode 100644 index 0000000..d09846f --- /dev/null +++ b/promtail-ansible/loki-creds.yml @@ -0,0 +1,8 @@ +$ANSIBLE_VAULT;1.1;AES256 +35323636366332323265643731373565383162393733623831333833326364383635356437626663 +3463633538393863396364666466653438333330653931330a643762336231306538316432333939 +34646232323234323965643536373463313539613731656133303737633630313963366136313336 +6463646664356437390a643138383231313034326231646564636334336330313966346139363064 +30663063383332623766393966336132643630363766396137303837643437646462366435373233 +32393330636362653330623031383761376361646236373663343962336131393064303934616463 +303664613531626438363264373333666433 diff --git a/promtail-ansible/roles/patrickjahns.promtail/.ansible-lint b/promtail-ansible/roles/patrickjahns.promtail/.ansible-lint new file mode 100644 index 0000000..dce3889 --- /dev/null +++ b/promtail-ansible/roles/patrickjahns.promtail/.ansible-lint @@ -0,0 +1,3 @@ +--- +skip_list: +- '204' \ No newline at end of file diff --git a/promtail-ansible/roles/patrickjahns.promtail/.gitignore b/promtail-ansible/roles/patrickjahns.promtail/.gitignore new file mode 100644 index 0000000..6f89eb0 --- /dev/null +++ b/promtail-ansible/roles/patrickjahns.promtail/.gitignore @@ -0,0 +1,7 @@ +*.retry +*.log +.molecule +.cache +__pycache__/ +.pytest_cache +.tox \ No newline at end of file diff --git a/promtail-ansible/roles/patrickjahns.promtail/.later.yml b/promtail-ansible/roles/patrickjahns.promtail/.later.yml new file mode 100644 index 0000000..d016794 --- /dev/null +++ b/promtail-ansible/roles/patrickjahns.promtail/.later.yml @@ -0,0 +1,25 @@ +--- +rules: + exclude_files: + - .github + - molecule + exclude_filter: + - LINT0009 + - ANSIBLE0015 + ignore_dotfiles: True + +# based on ansible-galaxy rules +yamllint: + braces: {max-spaces-inside: 1, level: error} + colons: {max-spaces-after: -1, level: error} + commas: {max-spaces-after: -1, level: error} + comments: disable + comments-indentation: disable + empty-lines: {max: 3, level: error} + hyphens: {level: error} + key-duplicates: enable + line-length: disable + new-line-at-end-of-file: disable + new-lines: {type: unix} + trailing-spaces: disable + truthy: disable \ No newline at end of file diff --git a/promtail-ansible/roles/patrickjahns.promtail/.yamllint b/promtail-ansible/roles/patrickjahns.promtail/.yamllint new file mode 100644 index 0000000..89bd628 --- /dev/null +++ b/promtail-ansible/roles/patrickjahns.promtail/.yamllint @@ -0,0 +1,31 @@ +extends: default +ignore: | + .travis/ + .travis.yml + .github/ + .tox + meta/ + +rules: + # based on ansible-galaxy rules + braces: {max-spaces-inside: 1, level: error} + colons: {max-spaces-after: -1, level: error} + commas: {max-spaces-after: -1, level: error} + comments: disable + comments-indentation: disable + document-start: disable + empty-lines: {max: 3, level: error} + hyphens: {level: error} + indentation: disable + key-duplicates: enable + line-length: disable + new-line-at-end-of-file: disable + new-lines: {type: unix} + trailing-spaces: disable + truthy: disable + + + # Max 1 space in empty brackets + brackets: + min-spaces-inside-empty: 0 + max-spaces-inside-empty: 1 diff --git a/promtail-ansible/roles/patrickjahns.promtail/CHANGELOG.md b/promtail-ansible/roles/patrickjahns.promtail/CHANGELOG.md new file mode 100644 index 0000000..c349f9e --- /dev/null +++ b/promtail-ansible/roles/patrickjahns.promtail/CHANGELOG.md @@ -0,0 +1,328 @@ +# Changelog + +## [1.18.0](https://github.com/patrickjahns/ansible-role-promtail/tree/1.18.0) (2022-07-19) + +[Full Changelog](https://github.com/patrickjahns/ansible-role-promtail/compare/1.17.0...1.18.0) + +**Implemented enhancements:** + +- Add variable promtail\_systemd\_service\_template\_file for systemd service template file [\#117](https://github.com/patrickjahns/ansible-role-promtail/pull/117) ([ni-mkougioumtzian](https://github.com/ni-mkougioumtzian)) + +**Merged pull requests:** + +- chore\(deps\): update dependency grafana/loki to v2.6.1 [\#120](https://github.com/patrickjahns/ansible-role-promtail/pull/120) ([renovate[bot]](https://github.com/apps/renovate)) +- chore\(deps\): update dependency molecule-docker to v2 [\#119](https://github.com/patrickjahns/ansible-role-promtail/pull/119) ([renovate[bot]](https://github.com/apps/renovate)) +- chore\(deps\): update dependency setuptools to v63.2.0 [\#118](https://github.com/patrickjahns/ansible-role-promtail/pull/118) ([renovate[bot]](https://github.com/apps/renovate)) + +## [1.17.0](https://github.com/patrickjahns/ansible-role-promtail/tree/1.17.0) (2022-07-08) + +[Full Changelog](https://github.com/patrickjahns/ansible-role-promtail/compare/1.16.0...1.17.0) + +**Closed issues:** + +- Support pipeline\_stages [\#105](https://github.com/patrickjahns/ansible-role-promtail/issues/105) + +**Merged pull requests:** + +- chore\(deps\): update dependency grafana/loki to v2.6.0 [\#115](https://github.com/patrickjahns/ansible-role-promtail/pull/115) ([renovate[bot]](https://github.com/apps/renovate)) +- chore\(deps\): update dependency setuptools to v63 [\#114](https://github.com/patrickjahns/ansible-role-promtail/pull/114) ([renovate[bot]](https://github.com/apps/renovate)) +- chore\(deps\): update dependency setuptools to v62.6.0 [\#111](https://github.com/patrickjahns/ansible-role-promtail/pull/111) ([renovate[bot]](https://github.com/apps/renovate)) +- chore\(deps\): update dependency molecule to v4 [\#110](https://github.com/patrickjahns/ansible-role-promtail/pull/110) ([renovate[bot]](https://github.com/apps/renovate)) +- chore\(deps\): update actions/setup-python action to v4 [\#109](https://github.com/patrickjahns/ansible-role-promtail/pull/109) ([renovate[bot]](https://github.com/apps/renovate)) +- chore\(deps\): update robertdebock/galaxy-action action to v1.2.1 [\#107](https://github.com/patrickjahns/ansible-role-promtail/pull/107) ([renovate[bot]](https://github.com/apps/renovate)) +- chore\(deps\): update dependency setuptools to v62.5.0 [\#106](https://github.com/patrickjahns/ansible-role-promtail/pull/106) ([renovate[bot]](https://github.com/apps/renovate)) + +## [1.16.0](https://github.com/patrickjahns/ansible-role-promtail/tree/1.16.0) (2022-04-11) + +[Full Changelog](https://github.com/patrickjahns/ansible-role-promtail/compare/1.15.0...1.16.0) + +**Implemented enhancements:** + +- Add upstream sync script [\#4](https://github.com/patrickjahns/ansible-role-promtail/issues/4) +- chore\(deps\): update dependency grafana/loki to v2.5.0 [\#103](https://github.com/patrickjahns/ansible-role-promtail/pull/103) ([renovate[bot]](https://github.com/apps/renovate)) + +**Merged pull requests:** + +- chore\(deps\): update dependency setuptools to v62 [\#102](https://github.com/patrickjahns/ansible-role-promtail/pull/102) ([renovate[bot]](https://github.com/apps/renovate)) +- chore\(deps\): update robertdebock/galaxy-action action to v1.2.0 [\#100](https://github.com/patrickjahns/ansible-role-promtail/pull/100) ([renovate[bot]](https://github.com/apps/renovate)) +- chore\(deps\): update dependency setuptools to v61 [\#99](https://github.com/patrickjahns/ansible-role-promtail/pull/99) ([renovate[bot]](https://github.com/apps/renovate)) +- chore\(deps\): update actions/checkout action to v3 [\#98](https://github.com/patrickjahns/ansible-role-promtail/pull/98) ([renovate[bot]](https://github.com/apps/renovate)) +- chore\(deps\): update actions/setup-python action to v3 [\#97](https://github.com/patrickjahns/ansible-role-promtail/pull/97) ([renovate[bot]](https://github.com/apps/renovate)) +- chore\(deps\): update dependency molecule to v3.6.1 [\#95](https://github.com/patrickjahns/ansible-role-promtail/pull/95) ([renovate[bot]](https://github.com/apps/renovate)) +- chore\(deps\): update dependency setuptools to v60.9.2 [\#94](https://github.com/patrickjahns/ansible-role-promtail/pull/94) ([renovate[bot]](https://github.com/apps/renovate)) +- chore\(deps\): update dependency molecule to v3.6.0 [\#93](https://github.com/patrickjahns/ansible-role-promtail/pull/93) ([renovate[bot]](https://github.com/apps/renovate)) +- chore\(deps\): update dependency setuptools to v60.8.1 [\#92](https://github.com/patrickjahns/ansible-role-promtail/pull/92) ([renovate[bot]](https://github.com/apps/renovate)) +- chore\(deps\): update dependency setuptools to v60.6.0 [\#91](https://github.com/patrickjahns/ansible-role-promtail/pull/91) ([renovate[bot]](https://github.com/apps/renovate)) +- chore\(deps\): update dependency setuptools to v60 [\#88](https://github.com/patrickjahns/ansible-role-promtail/pull/88) ([renovate[bot]](https://github.com/apps/renovate)) +- chore\(deps\): update dependency setuptools to v58.5.3 [\#87](https://github.com/patrickjahns/ansible-role-promtail/pull/87) ([renovate[bot]](https://github.com/apps/renovate)) +- chore\(deps\): update robertdebock/galaxy-action action to v1.1.1 [\#83](https://github.com/patrickjahns/ansible-role-promtail/pull/83) ([renovate[bot]](https://github.com/apps/renovate)) +- chore\(deps\): pin dependencies [\#82](https://github.com/patrickjahns/ansible-role-promtail/pull/82) ([renovate[bot]](https://github.com/apps/renovate)) +- chore: add renovate config [\#80](https://github.com/patrickjahns/ansible-role-promtail/pull/80) ([MindTooth](https://github.com/MindTooth)) + +## [1.15.0](https://github.com/patrickjahns/ansible-role-promtail/tree/1.15.0) (2022-01-13) + +[Full Changelog](https://github.com/patrickjahns/ansible-role-promtail/compare/1.14.0...1.15.0) + +**Implemented enhancements:** + +- Add promtail\_systemd\_service variable \(needed to configure multiple promtail instances\). [\#73](https://github.com/patrickjahns/ansible-role-promtail/pull/73) ([aberes](https://github.com/aberes)) + +**Merged pull requests:** + +- Remove deprecated `include` [\#78](https://github.com/patrickjahns/ansible-role-promtail/pull/78) ([Lithimlin](https://github.com/Lithimlin)) +- chore: update to promtail 2.4.2 [\#77](https://github.com/patrickjahns/ansible-role-promtail/pull/77) ([patrickjahns](https://github.com/patrickjahns)) + +## [1.14.0](https://github.com/patrickjahns/ansible-role-promtail/tree/1.14.0) (2021-12-28) + +[Full Changelog](https://github.com/patrickjahns/ansible-role-promtail/compare/1.13.1...1.14.0) + +**Implemented enhancements:** + +- Allow for custom checksum [\#72](https://github.com/patrickjahns/ansible-role-promtail/pull/72) ([Cyb3r-Jak3](https://github.com/Cyb3r-Jak3)) + +**Closed issues:** + +- Ability to disable checksum check [\#71](https://github.com/patrickjahns/ansible-role-promtail/issues/71) + + +## [1.13.1](https://github.com/patrickjahns/ansible-role-promtail/tree/1.13.1) (2021-11-28) + +[Full Changelog](https://github.com/patrickjahns/ansible-role-promtail/compare/1.13.0...1.13.1) + +**Closed issues:** + +- Cannot pull latest version [\#65](https://github.com/patrickjahns/ansible-role-promtail/issues/65) + +**Merged pull requests:** + +- \[RELEASE\] 1.13.1 [\#69](https://github.com/patrickjahns/ansible-role-promtail/pull/69) ([github-actions[bot]](https://github.com/apps/github-actions)) +- Update meta and CI to show Debian Bullseye support. [\#68](https://github.com/patrickjahns/ansible-role-promtail/pull/68) ([twoequaldots](https://github.com/twoequaldots)) + +## [1.13.1](https://github.com/patrickjahns/ansible-role-promtail/tree/1.13.1) (2021-11-28) + +[Full Changelog](https://github.com/patrickjahns/ansible-role-promtail/compare/1.13.0...1.13.1) + +**Closed issues:** + +- Cannot pull latest version [\#65](https://github.com/patrickjahns/ansible-role-promtail/issues/65) + +**Merged pull requests:** + +- Update meta and CI to show Debian Bullseye support. [\#68](https://github.com/patrickjahns/ansible-role-promtail/pull/68) ([twoequaldots](https://github.com/twoequaldots)) + +## [1.13.0](https://github.com/patrickjahns/ansible-role-promtail/tree/1.13.0) (2021-11-10) + +[Full Changelog](https://github.com/patrickjahns/ansible-role-promtail/compare/1.12.0...1.13.0) + +**Merged pull requests:** + +- chore: bump promtail to 2.4.1 [\#66](https://github.com/patrickjahns/ansible-role-promtail/pull/66) ([patrickjahns](https://github.com/patrickjahns)) + +## [1.12.0](https://github.com/patrickjahns/ansible-role-promtail/tree/1.12.0) (2021-09-10) + +[Full Changelog](https://github.com/patrickjahns/ansible-role-promtail/compare/1.11.0...1.12.0) + +**Closed issues:** + +- Remove update\_cache or make it optional [\#63](https://github.com/patrickjahns/ansible-role-promtail/issues/63) +- Remove `run\_once: True` in preflight [\#59](https://github.com/patrickjahns/ansible-role-promtail/issues/59) + +**Merged pull requests:** + +- Add possibility to opt out of APT cache updates [\#64](https://github.com/patrickjahns/ansible-role-promtail/pull/64) ([mweinelt](https://github.com/mweinelt)) +- chore: bump promtail to version 2.3.0 [\#60](https://github.com/patrickjahns/ansible-role-promtail/pull/60) ([patrickjahns](https://github.com/patrickjahns)) + +## [1.11.0](https://github.com/patrickjahns/ansible-role-promtail/tree/1.11.0) (2021-04-06) + +[Full Changelog](https://github.com/patrickjahns/ansible-role-promtail/compare/1.10.0...1.11.0) + +**Implemented enhancements:** + +- chore: bump promtail version to 2.2.1 [\#56](https://github.com/patrickjahns/ansible-role-promtail/pull/56) ([patrickjahns](https://github.com/patrickjahns)) + +**Closed issues:** + +- Version 1.10.0 not available on Galaxy [\#53](https://github.com/patrickjahns/ansible-role-promtail/issues/53) + +## [1.10.0](https://github.com/patrickjahns/ansible-role-promtail/tree/1.10.0) (2021-04-02) + +[Full Changelog](https://github.com/patrickjahns/ansible-role-promtail/compare/1.9.1...1.10.0) + +**Implemented enhancements:** + +- chore: bump promtail to 2.2.0 [\#51](https://github.com/patrickjahns/ansible-role-promtail/pull/51) ([patrickjahns](https://github.com/patrickjahns)) + +**Fixed bugs:** + +- ci: ensure the release version is properly parsed in the release pipeline [\#54](https://github.com/patrickjahns/ansible-role-promtail/pull/54) ([patrickjahns](https://github.com/patrickjahns)) + +**Merged pull requests:** + +- \[RELEASE\] 1.10.0 [\#52](https://github.com/patrickjahns/ansible-role-promtail/pull/52) ([github-actions[bot]](https://github.com/apps/github-actions)) + +## [1.10.0](https://github.com/patrickjahns/ansible-role-promtail/tree/1.10.0) (2021-03-11) + +[Full Changelog](https://github.com/patrickjahns/ansible-role-promtail/compare/1.9.1...1.10.0) + +**Implemented enhancements:** + +- chore: bump promtail to 2.2.0 [\#51](https://github.com/patrickjahns/ansible-role-promtail/pull/51) ([patrickjahns](https://github.com/patrickjahns)) + +## [1.9.1](https://github.com/patrickjahns/ansible-role-promtail/tree/1.9.1) (2020-12-30) + +[Full Changelog](https://github.com/patrickjahns/ansible-role-promtail/compare/1.9.0...1.9.1) + +**Closed issues:** + +- Entry\_parser setting is no longer needed in playbook examples [\#47](https://github.com/patrickjahns/ansible-role-promtail/issues/47) + +**Merged pull requests:** + +- doc: correct links to upstream configuration [\#50](https://github.com/patrickjahns/ansible-role-promtail/pull/50) ([patrickjahns](https://github.com/patrickjahns)) +- Remove entry parser setting from example config [\#48](https://github.com/patrickjahns/ansible-role-promtail/pull/48) ([tideline3d](https://github.com/tideline3d)) + +## [1.9.0](https://github.com/patrickjahns/ansible-role-promtail/tree/1.9.0) (2020-12-26) + +[Full Changelog](https://github.com/patrickjahns/ansible-role-promtail/compare/1.8.0...1.9.0) + +**Merged pull requests:** + +- chore: bump promtail version to 2.1.0 [\#45](https://github.com/patrickjahns/ansible-role-promtail/pull/45) ([patrickjahns](https://github.com/patrickjahns)) + +## [1.8.0](https://github.com/patrickjahns/ansible-role-promtail/tree/1.8.0) (2020-12-25) + +[Full Changelog](https://github.com/patrickjahns/ansible-role-promtail/compare/1.7.0...1.8.0) + +**Implemented enhancements:** + +- Make role compatible with RHEL linux distributions [\#8](https://github.com/patrickjahns/ansible-role-promtail/issues/8) +- Feature rhel compatability [\#43](https://github.com/patrickjahns/ansible-role-promtail/pull/43) ([patrickjahns](https://github.com/patrickjahns)) + +**Fixed bugs:** + +- Why is the promtail\_config\_positions empty by default? [\#37](https://github.com/patrickjahns/ansible-role-promtail/issues/37) + +**Closed issues:** + +- Move ansible tests to github actions [\#34](https://github.com/patrickjahns/ansible-role-promtail/issues/34) + +**Merged pull requests:** + +- CI: fix testing by pinning dependencies [\#44](https://github.com/patrickjahns/ansible-role-promtail/pull/44) ([patrickjahns](https://github.com/patrickjahns)) +- doc: improve readme [\#42](https://github.com/patrickjahns/ansible-role-promtail/pull/42) ([patrickjahns](https://github.com/patrickjahns)) +- CI: notify galay on a new release [\#41](https://github.com/patrickjahns/ansible-role-promtail/pull/41) ([patrickjahns](https://github.com/patrickjahns)) +- Fixes / extends configuration of the positions file [\#39](https://github.com/patrickjahns/ansible-role-promtail/pull/39) ([funkyfuture](https://github.com/funkyfuture)) +- ci: move to github actions [\#38](https://github.com/patrickjahns/ansible-role-promtail/pull/38) ([patrickjahns](https://github.com/patrickjahns)) + +## [1.7.0](https://github.com/patrickjahns/ansible-role-promtail/tree/1.7.0) (2020-10-28) + +[Full Changelog](https://github.com/patrickjahns/ansible-role-promtail/compare/1.6.1...1.7.0) + +**Implemented enhancements:** + +- Chore\(binary\) update promtail to 2.0.0 [\#32](https://github.com/patrickjahns/ansible-role-promtail/pull/32) ([abmurksi](https://github.com/abmurksi)) + +**Merged pull requests:** + +- ci: test with ansible 2.10 [\#36](https://github.com/patrickjahns/ansible-role-promtail/pull/36) ([patrickjahns](https://github.com/patrickjahns)) +- fix: fix tests by including new required molecule-docker dependency [\#33](https://github.com/patrickjahns/ansible-role-promtail/pull/33) ([patrickjahns](https://github.com/patrickjahns)) + +## [1.6.1](https://github.com/patrickjahns/ansible-role-promtail/tree/1.6.1) (2020-09-11) + +[Full Changelog](https://github.com/patrickjahns/ansible-role-promtail/compare/1.6.0...1.6.1) + +**Merged pull requests:** + +- chore\(binary\): update promtail to 1.6.1 [\#29](https://github.com/patrickjahns/ansible-role-promtail/pull/29) ([abmurksi](https://github.com/abmurksi)) + +## [1.6.0](https://github.com/patrickjahns/ansible-role-promtail/tree/1.6.0) (2020-09-03) + +[Full Changelog](https://github.com/patrickjahns/ansible-role-promtail/compare/1.5.0...1.6.0) + +**Fixed bugs:** + +- fix: specify provide permissions for file related tasks [\#27](https://github.com/patrickjahns/ansible-role-promtail/pull/27) ([patrickjahns](https://github.com/patrickjahns)) + +**Merged pull requests:** + +- chore\(binary\): update promtail to version 1.6.0 [\#26](https://github.com/patrickjahns/ansible-role-promtail/pull/26) ([secustor](https://github.com/secustor)) + +## [1.5.0](https://github.com/patrickjahns/ansible-role-promtail/tree/1.5.0) (2020-07-29) + +[Full Changelog](https://github.com/patrickjahns/ansible-role-promtail/compare/1.4.0...1.5.0) + +**Implemented enhancements:** + +- Make role compatible with arm architecture [\#20](https://github.com/patrickjahns/ansible-role-promtail/issues/20) + +**Fixed bugs:** + +- Replace the rest of the hardcoded references to amd64 with {{ go\_arch }} [\#23](https://github.com/patrickjahns/ansible-role-promtail/pull/23) ([mkeesey](https://github.com/mkeesey)) + +## [1.4.0](https://github.com/patrickjahns/ansible-role-promtail/tree/1.4.0) (2020-05-27) + +[Full Changelog](https://github.com/patrickjahns/ansible-role-promtail/compare/1.3.1...1.4.0) + +**Implemented enhancements:** + +- feat: add support for arm architecture [\#22](https://github.com/patrickjahns/ansible-role-promtail/pull/22) ([patrickjahns](https://github.com/patrickjahns)) +- Promtail 1.5.0 [\#17](https://github.com/patrickjahns/ansible-role-promtail/pull/17) ([patrickjahns](https://github.com/patrickjahns)) + +## [1.3.1](https://github.com/patrickjahns/ansible-role-promtail/tree/1.3.1) (2020-05-26) + +[Full Changelog](https://github.com/patrickjahns/ansible-role-promtail/compare/1.3.0...1.3.1) + +**Fixed bugs:** + +- fix: raise privileges of restart handler [\#15](https://github.com/patrickjahns/ansible-role-promtail/pull/15) ([terorie](https://github.com/terorie)) + +## [1.3.0](https://github.com/patrickjahns/ansible-role-promtail/tree/1.3.0) (2020-05-10) + +[Full Changelog](https://github.com/patrickjahns/ansible-role-promtail/compare/1.2.0...1.3.0) + +**Implemented enhancements:** + +- Include canary [\#1](https://github.com/patrickjahns/ansible-role-promtail/issues/1) +- add support for ubuntu disco [\#13](https://github.com/patrickjahns/ansible-role-promtail/pull/13) ([patrickjahns](https://github.com/patrickjahns)) +- Feat add file sd config [\#12](https://github.com/patrickjahns/ansible-role-promtail/pull/12) ([patrickjahns](https://github.com/patrickjahns)) + +## [1.2.0](https://github.com/patrickjahns/ansible-role-promtail/tree/1.2.0) (2020-04-11) + +[Full Changelog](https://github.com/patrickjahns/ansible-role-promtail/compare/1.1.0...1.2.0) + +**Fixed bugs:** + +- fix: renamed promtail\_config\_scrap\_configs to promtail\_config\_scrape\_configs [\#10](https://github.com/patrickjahns/ansible-role-promtail/pull/10) ([patrickjahns](https://github.com/patrickjahns)) + +**Merged pull requests:** + +- feat: install promtail 1.4.1 by default [\#9](https://github.com/patrickjahns/ansible-role-promtail/pull/9) ([patrickjahns](https://github.com/patrickjahns)) + +## [1.1.0](https://github.com/patrickjahns/ansible-role-promtail/tree/1.1.0) (2020-03-01) + +[Full Changelog](https://github.com/patrickjahns/ansible-role-promtail/compare/1.0.1...1.1.0) + +**Implemented enhancements:** + +- feat: specify the log level for promtail [\#7](https://github.com/patrickjahns/ansible-role-promtail/pull/7) ([patrickjahns](https://github.com/patrickjahns)) + +**Merged pull requests:** + +- Updated repository settings and added release automation [\#5](https://github.com/patrickjahns/ansible-role-promtail/pull/5) ([patrickjahns](https://github.com/patrickjahns)) +- added ansible-later for more indepth static code analysis [\#3](https://github.com/patrickjahns/ansible-role-promtail/pull/3) ([patrickjahns](https://github.com/patrickjahns)) + +## [1.0.1](https://github.com/patrickjahns/ansible-role-promtail/tree/1.0.1) (2020-02-09) + +[Full Changelog](https://github.com/patrickjahns/ansible-role-promtail/compare/1.0.0...1.0.1) + +**Fixed bugs:** + +- fix: failing installation on ubuntu1604 [\#2](https://github.com/patrickjahns/ansible-role-promtail/pull/2) ([patrickjahns](https://github.com/patrickjahns)) + +## [1.0.0](https://github.com/patrickjahns/ansible-role-promtail/tree/1.0.0) (2020-02-08) + +[Full Changelog](https://github.com/patrickjahns/ansible-role-promtail/compare/87a46bd92a106bffd43e000a4579c1a444bfbf2e...1.0.0) + + + +\* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/github-changelog-generator/github-changelog-generator)* diff --git a/promtail-ansible/roles/patrickjahns.promtail/LICENSE b/promtail-ansible/roles/patrickjahns.promtail/LICENSE new file mode 100644 index 0000000..39a2f6f --- /dev/null +++ b/promtail-ansible/roles/patrickjahns.promtail/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2020 Patrick Jahns + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/promtail-ansible/roles/patrickjahns.promtail/README.md b/promtail-ansible/roles/patrickjahns.promtail/README.md new file mode 100644 index 0000000..36bf4c6 --- /dev/null +++ b/promtail-ansible/roles/patrickjahns.promtail/README.md @@ -0,0 +1,125 @@ +# Ansible Role: promtail + +[![Test](https://github.com/patrickjahns/ansible-role-promtail/workflows/Test/badge.svg)](https://github.com/patrickjahns/ansible-role-promtail/actions?query=workflow%3ATest+branch%3Amaster) +[![License](https://img.shields.io/badge/license-MIT%20License-brightgreen.svg)](https://opensource.org/licenses/MIT) +[![Ansible Role](https://img.shields.io/badge/ansible%20role-patrickjahns.promtail-blue.svg)](https://galaxy.ansible.com/patrickjahns/promtail/) +[![GitHub tag](https://img.shields.io/github/tag/patrickjahns/ansible-role-promtail.svg)](https://github.com/patrickjahns/ansible-role-promtail/tags) + +## Description + +Deploy [promtail](https://github.com/grafana/loki) using ansible. Supports amd64 and arm architectures. +For recent changes, please check the [CHANGELOG](/CHANGELOG.md) or have a look at [github releases](https://github.com/patrickjahns/ansible-role-promtail/releases) + + +## Requirements + +- Ansible >= 2.7 + +## Role Variables + +All variables which can be overridden are stored in [defaults/main.yml](defaults/main.yml) file as well as in table below. + +| Name | Default Value | Description | +|--------------------------------------------------|------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------| +| `promtail_version` | "2.6.1" | promtail package version. Also accepts *latest* as parameter. | +| `promtail_custom_checksum` | "" | Custom checksum for custom build promtail binaries | +| `promtail_config_dir` | /etc/promtail | Directory for storing promtail configuration file | +| `promtail_config_file_sd_dir` | "{{ promtail_config_dir }}/file_sd" | Default directory for `file_sd` discovery | +| `promtail_config_file` | "{{ promtail_config_dir }}/promtail.yml" | Configuration file used by promtail | +| `promtail_system_user` | promtail | User the promtail process will run at | +| `promtail_system_group` | "{{ promtail_system_user }}" | Group of the *promtail* user | +| `promtail_user_additional_groups` | "adm" | Additional groups to be added to *promtail* user to give access to allow scraping of specific log files | +| `promtail_config_clients` | see [defaults/main.yml](defaults/main.yml) | promtail [clients](https://grafana.com/docs/loki/latest/clients/promtail/configuration/#clientsg) section | +| `promtail_loki_server_url` | http://127.0.0.1:3100 | Server url where promtail will push its result | +| `promtail_config_server` | see [defaults/main.yml](defaults/main.yml) | promtail [server](https://grafana.com/docs/loki/latest/clients/promtail/configuration/#server) section | +| `promtail_positions_directory` | `/var/lib/promtail` | Path to the directory where promtail tracks scraped log positons | +| `promtail_config_positions` | {"filename": "{{ promtail_positions_directory }}/positions.yml"} | promtail [positions](https://grafana.com/docs/loki/latest/clients/promtail/configuration/#positions) section | +| `promtail_config_scrape_configs` | [] | promtail [scrape_configs](https://grafana.com/docs/loki/latest/clients/promtail/configuration/#scrape_configs) section | +| `promtail_target_config` | {} | promtail [target_config](https://grafana.com/docs/loki/latest/clients/promtail/configuration/#target_config) section | +| `promtail_log_level` | "info" | Loglevel of promtail (one of: `debug`,`info`,`warn`,`error` ) | +| `promtail_config_include_default_file_sd_config` | "True" | When set to false, the default `file_sd` will not be provisioned | +| `promtail_apt_update_cache` | "True" | When set to false the role will not update the APT cache on its own | + +For each section (`promtail_config_clients`, `promtail_config_server`,`promtail_config_positions`,`promtail_config_scrape_configs`,`promtail_target_config`) the configuration can be passed accrodingly to the [official promtail configuration](https://github.com/grafana/loki/blob/master/docs/clients/promtail/configuration.md). +The role will converte the ansible vars into the respective yaml configuration for loki. + +## Example Playbook + +Basic playbook that will assume that loki will be listening at `http://127.0.0.1:3100` and a simple configuration to scrape `/var/log` logs: + +```yaml +--- +- hosts: all + roles: + - role: patrickjahns.promtail + vars: + promtail_config_scrape_configs: + - job_name: system + static_configs: + - targets: + - localhost + labels: + job: varlogs + __path__: /var/log/*log +``` + +A more complex example, that overrides server, client, positions configuration and provides a scrap configuration for `/var/log`: + +```yaml +--- +- hosts: all + roles: + - role: patrickjahns.promtail + vars: + promtail_config_server: + http_listen_port: 9080 + grpc_listen_port: 9081 + promtail_config_clients: + - url: "http://prometheus.domain.tld:3100/loki/api/v1/push" + external_labels: + host: "{{ ansible_hostname }}" + promtail_config_positions: + filename: "{{ promtail_positions_directory }}/positions.yaml" + sync_period: "60s" + + promtail_config_scrape_configs: + - job_name: system + static_configs: + - targets: + - localhost + labels: + job: varlogs + __path__: /var/log/*log +``` + +## Local Testing + +The preferred way of locally testing the role is to use Docker and [molecule](https://github.com/metacloud/molecule) (v3.x). You will have to install Docker on your system. See "Get started" for a Docker package suitable to for your system. +We are using tox to simplify process of testing on multiple ansible versions. To install tox execute: +```sh +pip3 install tox +``` +To run tests on all ansible versions (WARNING: this can take some time) +```sh +tox +``` +To run a custom molecule command on custom environment with only default test scenario: +```sh +tox -e ansible29 -- molecule test -s default +``` +For more information about molecule go to their [docs](http://molecule.readthedocs.io/en/latest/). + +If you would like to run tests on remote docker host just specify `DOCKER_HOST` variable before running tox tests. + +## CI + +Github actions is used to test and validate this ansible role via [ansible-later](https://github.com/thegeeklab/ansible-later) and [molecule](https://github.com/ansible-community/molecule). +Molecule tests will run with several operation systems as well as ansible version in order to ensure compatability. + +## License + +This project is licensed under MIT License. See [LICENSE](/LICENSE) for more details. + +## Maintainers and Contributors + +- [Patrick Jahns](https://github.com/patrickjahns) diff --git a/promtail-ansible/roles/patrickjahns.promtail/defaults/main.yml b/promtail-ansible/roles/patrickjahns.promtail/defaults/main.yml new file mode 100644 index 0000000..0dc04c6 --- /dev/null +++ b/promtail-ansible/roles/patrickjahns.promtail/defaults/main.yml @@ -0,0 +1,57 @@ +--- +promtail_apt_update_cache: True +promtail_version: "2.6.1" +promtail_dist_url: "https://github.com/grafana/loki/releases/download/v{{ promtail_version }}/promtail-linux-{{ go_arch }}.zip" +promtail_custom_checksum: "" +promtail_config_dir: /etc/promtail +promtail_config_file_sd_dir: "{{ promtail_config_dir }}/file_sd" +promtail_config_file: "{{ promtail_config_dir }}/promtail.yml" + +promtail_system_user: promtail +promtail_system_group: "{{ promtail_system_user }}" +promtail_user_additional_groups: "adm" +promtail_systemd_service_template_file: service.j2 +promtail_systemd_service: promtail + +promtail_install_dir: /opt/promtail +promtail_tmp_dir: /tmp + +promtail_log_level: info +# One of: debug, info, warn, error + +promtail_config_server: + http_listen_port: 9080 + +promtail_loki_server_url: http://127.0.0.1:3100 +promtail_config_clients: + - url: "{{ promtail_loki_server_url }}/loki/api/v1/push" + +promtail_positions_directory: /var/lib/promtail +promtail_config_positions: + filename: "{{ promtail_positions_directory }}/positions.yml" + +promtail_config_scrape_configs: [] +# promtail_config_scrape_configs: +# - job_name: system +# entry_parser: raw +# static_configs: +# - targets: +# - localhost +# labels: +# job: varlogs +# host: {{ ansible_hostname }} +# __path__: /var/log/*log + +promtail_config_include_default_file_sd_config: True + +promtail_config_default_file_sd_config: + - job_name: file_sd + file_sd_configs: + - files: + - "{{ promtail_config_file_sd_dir }}/*.yml" + - "{{ promtail_config_file_sd_dir }}/*.yaml" + - "{{ promtail_config_file_sd_dir }}/*.json" + +promtail_target_config: {} +# promtail_target_config: +# sync_period: "10s" diff --git a/promtail-ansible/roles/patrickjahns.promtail/handlers/main.yml b/promtail-ansible/roles/patrickjahns.promtail/handlers/main.yml new file mode 100644 index 0000000..8abd4a5 --- /dev/null +++ b/promtail-ansible/roles/patrickjahns.promtail/handlers/main.yml @@ -0,0 +1,10 @@ +--- +- name: Restart promtail + become: True + systemd: + name: "{{ promtail_systemd_service }}" + state: restarted + daemon_reload: True + tags: + - promtail_run + - promtail diff --git a/promtail-ansible/roles/patrickjahns.promtail/meta/main.yml b/promtail-ansible/roles/patrickjahns.promtail/meta/main.yml new file mode 100644 index 0000000..a33161b --- /dev/null +++ b/promtail-ansible/roles/patrickjahns.promtail/meta/main.yml @@ -0,0 +1,40 @@ +# Standards: 0.1 +--- +galaxy_info: + author: Patrick Jahns + description: Deploy (loki) promtail + role_name: promtail + namespace: patrickjahns + company: none + license: MIT + min_ansible_version: 2.7 + platforms: + - name: EL + versions: + - 7 + - 8 + - name: Fedora + versions: + - all + - name: Ubuntu + versions: + - disco + - bionic + - xenial + - name: Debian + versions: + - stretch + - buster + - bullseye + galaxy_tags: + - promtail + - loki + - logging + - collector + - monitoring + - metrics + - system + - grafana + - prometheus + +dependencies: [] diff --git a/promtail-ansible/roles/patrickjahns.promtail/molecule/default/molecule.yml b/promtail-ansible/roles/patrickjahns.promtail/molecule/default/molecule.yml new file mode 100644 index 0000000..849e70e --- /dev/null +++ b/promtail-ansible/roles/patrickjahns.promtail/molecule/default/molecule.yml @@ -0,0 +1,31 @@ +--- +dependency: + name: galaxy +driver: + name: docker +lint: | + set -e + yamllint . + flake8 + +platforms: + - name: instance + image: "geerlingguy/docker-${MOLECULE_DISTRO:-ubuntu1804}-ansible:latest" + command: ${MOLECULE_DOCKER_COMMAND:-""} + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:ro + privileged: true + pre_build_image: true + +provisioner: + name: ansible + playbooks: + converge: playbook.yml + inventory: + group_vars: + python3: + ansible_python_interpreter: /usr/bin/python3 +scenario: + name: default +verifier: + name: testinfra diff --git a/promtail-ansible/roles/patrickjahns.promtail/molecule/default/playbook.yml b/promtail-ansible/roles/patrickjahns.promtail/molecule/default/playbook.yml new file mode 100644 index 0000000..a60b085 --- /dev/null +++ b/promtail-ansible/roles/patrickjahns.promtail/molecule/default/playbook.yml @@ -0,0 +1,5 @@ +--- +- hosts: all + any_errors_fatal: true + roles: + - ansible-role-promtail diff --git a/promtail-ansible/roles/patrickjahns.promtail/molecule/default/prepare.yml b/promtail-ansible/roles/patrickjahns.promtail/molecule/default/prepare.yml new file mode 100644 index 0000000..f956c39 --- /dev/null +++ b/promtail-ansible/roles/patrickjahns.promtail/molecule/default/prepare.yml @@ -0,0 +1,10 @@ +--- +- name: Prepare + hosts: all + gather_facts: true + tasks: + - name: Ensure that net-tools is available + package: + name: net-tools + state: present + when: ansible_os_family == 'RedHat' \ No newline at end of file diff --git a/promtail-ansible/roles/patrickjahns.promtail/molecule/default/tests/test_default.py b/promtail-ansible/roles/patrickjahns.promtail/molecule/default/tests/test_default.py new file mode 100644 index 0000000..1452c1f --- /dev/null +++ b/promtail-ansible/roles/patrickjahns.promtail/molecule/default/tests/test_default.py @@ -0,0 +1,64 @@ +import os +import pytest +import yaml +import testinfra.utils.ansible_runner + + +testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( + os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all') + + +@pytest.fixture() +def AnsibleDefaults(): + with open("./defaults/main.yml", 'r') as stream: + return yaml.full_load(stream) + + +@pytest.mark.parametrize("dir", [ + "/opt/promtail", + "/etc/promtail", + "/etc/promtail/file_sd", + "/var/lib/promtail", +]) +def test_directories(host, dir): + d = host.file(dir) + assert d.is_directory + assert d.exists + + +@pytest.mark.parametrize("files", [ + "/etc/systemd/system/promtail.service", + "/usr/local/bin/promtail", + "/etc/promtail/promtail.yml" +]) +def test_files(host, files): + f = host.file(files) + assert f.exists + assert f.is_file + + +def test_user(host): + assert host.group("promtail").exists + assert host.user("promtail").exists + + +def test_service(host): + s = host.service("promtail") + assert s.is_running + + +def test_http_socket(host): + s = host.socket("tcp://0.0.0.0:9080") + assert s.is_listening + + +def test_grpc_socket(host): + s = host.socket("tcp://0.0.0.0:9095") + assert s.is_listening + + +def test_version(host, AnsibleDefaults): + version = os.getenv('PROMTAIL', AnsibleDefaults['promtail_version']) + out = host.run("/usr/local/bin/promtail --version").stdout + assert version in out + assert "promtail" in out diff --git a/promtail-ansible/roles/patrickjahns.promtail/molecule/latest/molecule.yml b/promtail-ansible/roles/patrickjahns.promtail/molecule/latest/molecule.yml new file mode 100644 index 0000000..a13bdd2 --- /dev/null +++ b/promtail-ansible/roles/patrickjahns.promtail/molecule/latest/molecule.yml @@ -0,0 +1,31 @@ +--- +dependency: + name: galaxy +driver: + name: docker +lint: | + set -e + yamllint . + flake8 + +platforms: + - name: instance + image: "geerlingguy/docker-${MOLECULE_DISTRO:-ubuntu1804}-ansible:latest" + command: ${MOLECULE_DOCKER_COMMAND:-""} + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:ro + privileged: true + pre_build_image: true + +provisioner: + name: ansible + playbooks: + converge: playbook.yml + inventory: + group_vars: + python3: + ansible_python_interpreter: /usr/bin/python3 +scenario: + name: latest +verifier: + name: testinfra diff --git a/promtail-ansible/roles/patrickjahns.promtail/molecule/latest/playbook.yml b/promtail-ansible/roles/patrickjahns.promtail/molecule/latest/playbook.yml new file mode 100644 index 0000000..af9258f --- /dev/null +++ b/promtail-ansible/roles/patrickjahns.promtail/molecule/latest/playbook.yml @@ -0,0 +1,7 @@ +--- +- hosts: all + any_errors_fatal: true + roles: + - role: ansible-role-promtail + vars: + promtail_version: "latest" diff --git a/promtail-ansible/roles/patrickjahns.promtail/molecule/latest/prepare.yml b/promtail-ansible/roles/patrickjahns.promtail/molecule/latest/prepare.yml new file mode 100644 index 0000000..20cc88f --- /dev/null +++ b/promtail-ansible/roles/patrickjahns.promtail/molecule/latest/prepare.yml @@ -0,0 +1,10 @@ +--- +- name: Prepare + hosts: all + gather_facts: true + tasks: + - name: Ensure that net-tools is available + package: + name: net-tools + state: present + when: ansible_os_family == 'RedHat' diff --git a/promtail-ansible/roles/patrickjahns.promtail/molecule/latest/tests/test_latest.py b/promtail-ansible/roles/patrickjahns.promtail/molecule/latest/tests/test_latest.py new file mode 100644 index 0000000..68053d2 --- /dev/null +++ b/promtail-ansible/roles/patrickjahns.promtail/molecule/latest/tests/test_latest.py @@ -0,0 +1,55 @@ +import os +import pytest +import testinfra.utils.ansible_runner + + +testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( + os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all') + + +@pytest.mark.parametrize("dir", [ + "/opt/promtail", + "/etc/promtail", + "/etc/promtail/file_sd", + "/var/lib/promtail", +]) +def test_directories(host, dir): + d = host.file(dir) + assert d.is_directory + assert d.exists + + +@pytest.mark.parametrize("files", [ + "/etc/systemd/system/promtail.service", + "/usr/local/bin/promtail", + "/etc/promtail/promtail.yml" +]) +def test_files(host, files): + f = host.file(files) + assert f.exists + assert f.is_file + + +def test_user(host): + assert host.group("promtail").exists + assert host.user("promtail").exists + + +def test_service(host): + s = host.service("promtail") + assert s.is_running + + +def test_http_socket(host): + s = host.socket("tcp://0.0.0.0:9080") + assert s.is_listening + + +def test_grpc_socket(host): + s = host.socket("tcp://0.0.0.0:9095") + assert s.is_listening + + +def test_version(host): + result = host.run("/usr/local/bin/promtail --version") + assert result.rc == 0 diff --git a/promtail-ansible/roles/patrickjahns.promtail/tasks/install.yml b/promtail-ansible/roles/patrickjahns.promtail/tasks/install.yml new file mode 100644 index 0000000..7b81840 --- /dev/null +++ b/promtail-ansible/roles/patrickjahns.promtail/tasks/install.yml @@ -0,0 +1,104 @@ +--- +- name: Ensure unzip package is available + package: + name: unzip + state: present + update_cache: "{{ promtail_apt_update_cache }}" + +- name: Create promtail group + group: + name: "{{ promtail_system_group }}" + state: present + system: True + when: promtail_system_group != "root" + +- name: Create the promtail user + user: + name: "{{ promtail_system_user }}" + group: "{{ promtail_system_group }}" + groups: "{{ promtail_user_additional_groups }}" + append: True + shell: /usr/sbin/nologin + system: True + createhome: False + home: / + when: promtail_system_user != "root" + +- name: Ensure /usr/local/bin exists + file: + path: /usr/local/bin + state: directory + mode: 0755 + +- name: Create config directories + file: + path: "{{ item }}" + state: directory + owner: root + group: "{{ promtail_system_group }}" + mode: 0770 + loop: + - "{{ promtail_config_dir }}" + - "{{ promtail_config_file_sd_dir }}" + - "{{ promtail_positions_directory }}" + +- name: Create application dirs + file: + path: "{{ item }}" + state: directory + owner: "{{ promtail_system_user }}" + group: "{{ promtail_system_group }}" + mode: 0755 + with_items: + - "{{ promtail_install_dir }}" + - "{{ promtail_install_dir }}/{{ promtail_version }}" + +- name: Check promtail binary + stat: + path: "{{ promtail_install_dir }}/{{ promtail_version }}/promtail-linux-{{ go_arch }}" + register: promtail_binary + +- name: Download promtail binaries + get_url: + url: "{{ promtail_dist_url }}" + dest: "{{ promtail_tmp_dir }}/{{ promtail_version }}_promtail-linux-{{ go_arch }}.zip" + force: True + checksum: "{{ promtail_custom_checksum if promtail_custom_checksum else 'sha256:' + __promtail_checksum }}" + when: not promtail_binary.stat.exists + +- name: Unpack promtail binaries + ignore_errors: "{{ ansible_check_mode }}" + unarchive: + src: "{{ promtail_tmp_dir }}/{{ promtail_version }}_promtail-linux-{{ go_arch }}.zip" + dest: "{{ promtail_install_dir }}/{{ promtail_version }}" + creates: "{{ promtail_install_dir }}/{{ promtail_version }}/promtail-linux-{{ go_arch }}" + mode: 0755 + remote_src: True + +- name: Create symlink to latest version + notify: + - Restart promtail + ignore_errors: "{{ ansible_check_mode }}" + file: + state: link + src: "{{ promtail_install_dir }}/{{ promtail_version }}/promtail-linux-{{ go_arch }}" + dest: /usr/local/bin/promtail + mode: 0755 + +- name: Write config + notify: + - Restart promtail + template: + src: config.j2 + dest: "{{ promtail_config_file }}" + owner: root + group: "{{ promtail_system_group }}" + mode: 0644 + +- name: Create systemd service unit + notify: + - Restart promtail + template: + src: "{{ promtail_systemd_service_template_file }}" + dest: "/etc/systemd/system/{{ promtail_systemd_service }}.service" + mode: 0644 diff --git a/promtail-ansible/roles/patrickjahns.promtail/tasks/main.yml b/promtail-ansible/roles/patrickjahns.promtail/tasks/main.yml new file mode 100644 index 0000000..5e4c45e --- /dev/null +++ b/promtail-ansible/roles/patrickjahns.promtail/tasks/main.yml @@ -0,0 +1,22 @@ +--- +- import_tasks: preflight.yml + tags: + - promtail_install + - promtail + +- import_tasks: install.yml + become: True + tags: + - promtail_install + - promtail + +- name: Ensure promtail service is started and enabled + become: True + systemd: + daemon_reload: True + name: "{{ promtail_systemd_service }}" + state: started + enabled: True + tags: + - promtail_run + - promtail diff --git a/promtail-ansible/roles/patrickjahns.promtail/tasks/preflight.yml b/promtail-ansible/roles/patrickjahns.promtail/tasks/preflight.yml new file mode 100644 index 0000000..d65cdd1 --- /dev/null +++ b/promtail-ansible/roles/patrickjahns.promtail/tasks/preflight.yml @@ -0,0 +1,43 @@ +--- +- name: Assert usage of systemd as an init system + assert: + that: ansible_service_mgr == 'systemd' + msg: "This module only works with systemd" + +- block: + - name: Get latest release + uri: + url: "https://api.github.com/repos/grafana/loki/releases/latest" + method: GET + return_content: True + status_code: 200 + body_format: json + validate_certs: False + user: "{{ lookup('env', 'GH_USER') | default(omit) }}" + password: "{{ lookup('env', 'GH_TOKEN') | default(omit) }}" + no_log: "{{ not lookup('env', 'ANSIBLE_DEBUG') | bool }}" + register: _latest_release + until: _latest_release.status == 200 + retries: 5 + + - name: "Set promtail version to {{ _latest_release.json.tag_name[1:] }}" + set_fact: + promtail_version: "{{ _latest_release.json.tag_name[1:] }}" + when: + - promtail_version == "latest" + delegate_to: localhost + run_once: True + + +- name: "Get checksum list" + set_fact: + __promtail_checksums: "{{ lookup('url', 'https://github.com/grafana/loki/releases/download/v' + promtail_version + '/SHA256SUMS', wantlist=True) | list }}" + run_once: True + delegate_to: localhost + +- name: "Get checksum for {{ go_arch }} architecture" + set_fact: + __promtail_checksum: "{{ item.split(' ')[0] }}" + with_items: "{{ __promtail_checksums }}" + when: + - "('promtail-linux-' + go_arch + '.zip') in item" diff --git a/promtail-ansible/roles/patrickjahns.promtail/templates/config.j2 b/promtail-ansible/roles/patrickjahns.promtail/templates/config.j2 new file mode 100644 index 0000000..bb82fe2 --- /dev/null +++ b/promtail-ansible/roles/patrickjahns.promtail/templates/config.j2 @@ -0,0 +1,26 @@ +#jinja2: trim_blocks: True, lstrip_blocks: True +{{ ansible_managed | comment }} +# https://github.com/grafana/loki/blob/master/docs/clients/promtail/configuration.md +server: + {{ promtail_config_server | to_nice_yaml(indent=2) | indent(2, False) }} + +{% if promtail_config_positions != {} %} +positions: + {{ promtail_config_positions | to_nice_yaml(indent=2) | indent(2, False) }} +{% endif %} + +clients: + {{ promtail_config_clients | to_nice_yaml(indent=2) | indent(2, False) }} + +scrape_configs: + {% if promtail_config_include_default_file_sd_config | bool %} + {{ promtail_config_default_file_sd_config | to_nice_yaml(indent=2) | indent(2, False) }} + {% endif %} + {% if promtail_config_scrape_configs|length %} + {{ promtail_config_scrape_configs | to_nice_yaml(indent=2) | indent(2, False) }} + {% endif %} + +{% if promtail_target_config != {} %} +target_config: + {{ promtail_target_config | to_nice_yaml(indent=2) | indent(2, False) }} +{% endif %} \ No newline at end of file diff --git a/promtail-ansible/roles/patrickjahns.promtail/templates/service.j2 b/promtail-ansible/roles/patrickjahns.promtail/templates/service.j2 new file mode 100644 index 0000000..6076202 --- /dev/null +++ b/promtail-ansible/roles/patrickjahns.promtail/templates/service.j2 @@ -0,0 +1,17 @@ +{{ ansible_managed | comment }} + + +[Unit] +Description=promtail +After=network-online.target + +[Service] +Restart=always +RestartSec=5 +TimeoutSec=5 +User={{ promtail_system_user }} +Group={{ promtail_system_group }} +ExecStart=/usr/local/bin/promtail -config.file={{ promtail_config_file }} -log.level={{ promtail_log_level }} + +[Install] +WantedBy=multi-user.target \ No newline at end of file diff --git a/promtail-ansible/roles/patrickjahns.promtail/test-requirements.txt b/promtail-ansible/roles/patrickjahns.promtail/test-requirements.txt new file mode 100644 index 0000000..d02e5a9 --- /dev/null +++ b/promtail-ansible/roles/patrickjahns.promtail/test-requirements.txt @@ -0,0 +1,6 @@ +docker +molecule==4.0.1 +molecule-docker==2.0.0 +pytest-testinfra +flake8 +setuptools==63.2.0 \ No newline at end of file diff --git a/promtail-ansible/roles/patrickjahns.promtail/tox.ini b/promtail-ansible/roles/patrickjahns.promtail/tox.ini new file mode 100644 index 0000000..92abae8 --- /dev/null +++ b/promtail-ansible/roles/patrickjahns.promtail/tox.ini @@ -0,0 +1,33 @@ +[tox] +minversion = 1.8 +envlist = ansible{27,28,29,210,34,43} +skipsdist = true + +[gh-actions] +python = + 3.6: ansible{28,29,210,34,43} + 3.7: ansible{28,29,210,34,43} + 3.8: ansible{28,29,210,34,43} + 3.9: ansible{28,29,210,34,43} + +[gh-actions:env] +ANSIBLE= + 2.7: ansible27 + 2.8: ansible28 + 2.9: ansible29 + 2.10: ansible210 + 3.4: ansible34 + 4.3: ansible43 + +[testenv] +passenv = GH_* DOCKER_HOST MOLECULE_* +deps = + -rtest-requirements.txt + ansible27: ansible<2.8 + ansible28: ansible<2.9 + ansible29: ansible<2.10 + ansible210: ansible<2.11 + ansible34: ansible<3.5 + ansible43: ansible<4.4 +commands = + {posargs:molecule test --all --destroy always} \ No newline at end of file diff --git a/promtail-ansible/roles/patrickjahns.promtail/vars/main.yml b/promtail-ansible/roles/patrickjahns.promtail/vars/main.yml new file mode 100644 index 0000000..8c38396 --- /dev/null +++ b/promtail-ansible/roles/patrickjahns.promtail/vars/main.yml @@ -0,0 +1,8 @@ +--- +go_arch_map: + x86_64: 'amd64' + aarch64: 'arm64' + armv7l: 'arm' + armv6l: 'arm' + +go_arch: "{{ go_arch_map[ansible_architecture] | default(ansible_architecture) }}"