From a4038a1cf4b07c5d3f4226bca7b4b37e59b6b34b Mon Sep 17 00:00:00 2001 From: "Nicolas (CAncun) Coudene" Date: Wed, 9 Apr 2025 23:49:25 +0200 Subject: [PATCH 1/5] add cgroup exporter Signed-off-by: Nicolas (CAncun) Coudene --- REFERENCE.md | 316 ++++++++++++++++++++++++ manifests/cgroup_exporter.pp | 101 ++++++++ spec/acceptance/cgroup_exporter_spec.rb | 20 ++ spec/classes/cgroup_exporter_spec.rb | 40 +++ 4 files changed, 477 insertions(+) create mode 100644 manifests/cgroup_exporter.pp create mode 100644 spec/acceptance/cgroup_exporter_spec.rb create mode 100644 spec/classes/cgroup_exporter_spec.rb diff --git a/REFERENCE.md b/REFERENCE.md index 5134db88..60c4da46 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -15,6 +15,7 @@ * [`prometheus::bind_exporter`](#prometheus--bind_exporter): Class: prometheus::bind_exporter This module manages prometheus bind_exporter * [`prometheus::bird_exporter`](#prometheus--bird_exporter): This module manages prometheus bird exporter * [`prometheus::blackbox_exporter`](#prometheus--blackbox_exporter): This module manages prometheus blackbox_exporter +* [`prometheus::cgroup_exporter`](#prometheus--cgroup_exporter): This module manages prometheus cgroup_exporter (https://github.com/treydock/cgroup_exporter) * [`prometheus::collectd_exporter`](#prometheus--collectd_exporter): This module manages prometheus node collectd_exporter * [`prometheus::config`](#prometheus--config): Configuration class for prometheus monitoring system * [`prometheus::consul_exporter`](#prometheus--consul_exporter): This module manages prometheus node consul_exporter @@ -2927,6 +2928,321 @@ Unless empty the content of the web-config yaml which will handed over as option Default value: `{}` +### `prometheus::cgroup_exporter` + +This module manages prometheus cgroup_exporter (https://github.com/treydock/cgroup_exporter) + +#### Parameters + +The following parameters are available in the `prometheus::cgroup_exporter` class: + +* [`package_name`](#-prometheus--cgroup_exporter--package_name) +* [`download_extension`](#-prometheus--cgroup_exporter--download_extension) +* [`version`](#-prometheus--cgroup_exporter--version) +* [`package_ensure`](#-prometheus--cgroup_exporter--package_ensure) +* [`user`](#-prometheus--cgroup_exporter--user) +* [`group`](#-prometheus--cgroup_exporter--group) +* [`download_url_base`](#-prometheus--cgroup_exporter--download_url_base) +* [`extra_groups`](#-prometheus--cgroup_exporter--extra_groups) +* [`init_style`](#-prometheus--cgroup_exporter--init_style) +* [`purge_config_dir`](#-prometheus--cgroup_exporter--purge_config_dir) +* [`config_mode`](#-prometheus--cgroup_exporter--config_mode) +* [`arch`](#-prometheus--cgroup_exporter--arch) +* [`bin_dir`](#-prometheus--cgroup_exporter--bin_dir) +* [`restart_on_change`](#-prometheus--cgroup_exporter--restart_on_change) +* [`service_enable`](#-prometheus--cgroup_exporter--service_enable) +* [`service_ensure`](#-prometheus--cgroup_exporter--service_ensure) +* [`service_name`](#-prometheus--cgroup_exporter--service_name) +* [`install_method`](#-prometheus--cgroup_exporter--install_method) +* [`manage_group`](#-prometheus--cgroup_exporter--manage_group) +* [`manage_service`](#-prometheus--cgroup_exporter--manage_service) +* [`manage_user`](#-prometheus--cgroup_exporter--manage_user) +* [`os`](#-prometheus--cgroup_exporter--os) +* [`extra_options`](#-prometheus--cgroup_exporter--extra_options) +* [`download_url`](#-prometheus--cgroup_exporter--download_url) +* [`scrape_host`](#-prometheus--cgroup_exporter--scrape_host) +* [`export_scrape_job`](#-prometheus--cgroup_exporter--export_scrape_job) +* [`scrape_port`](#-prometheus--cgroup_exporter--scrape_port) +* [`scrape_job_name`](#-prometheus--cgroup_exporter--scrape_job_name) +* [`scrape_job_labels`](#-prometheus--cgroup_exporter--scrape_job_labels) +* [`bin_name`](#-prometheus--cgroup_exporter--bin_name) +* [`modules`](#-prometheus--cgroup_exporter--modules) +* [`proxy_server`](#-prometheus--cgroup_exporter--proxy_server) +* [`proxy_type`](#-prometheus--cgroup_exporter--proxy_type) +* [`cgroup_paths`](#-prometheus--cgroup_exporter--cgroup_paths) + +##### `package_name` + +Data type: `String[1]` + + + +Default value: `'cgroup_exporter'` + +##### `download_extension` + +Data type: `String` + + + +Default value: `'tar.gz'` + +##### `version` + +Data type: `String[1]` + + + +Default value: `'1.0.1'` + +##### `package_ensure` + +Data type: `String[1]` + + + +Default value: `'latest'` + +##### `user` + +Data type: `String[1]` + + + +Default value: `'root'` + +##### `group` + +Data type: `String[1]` + + + +Default value: `'root'` + +##### `download_url_base` + +Data type: `Prometheus::Uri` + + + +Default value: `'https://github.com/treydock/cgroup_exporter/releases'` + +##### `extra_groups` + +Data type: `Array[String]` + + + +Default value: `[]` + +##### `init_style` + +Data type: `Prometheus::Initstyle` + + + +Default value: `$prometheus::init_style` + +##### `purge_config_dir` + +Data type: `Boolean` + + + +Default value: `true` + +##### `config_mode` + +Data type: `String[1]` + + + +Default value: `$prometheus::config_mode` + +##### `arch` + +Data type: `String[1]` + + + +Default value: `$prometheus::real_arch` + +##### `bin_dir` + +Data type: `Stdlib::Absolutepath` + + + +Default value: `$prometheus::bin_dir` + +##### `restart_on_change` + +Data type: `Boolean` + + + +Default value: `true` + +##### `service_enable` + +Data type: `Boolean` + + + +Default value: `true` + +##### `service_ensure` + +Data type: `Stdlib::Ensure::Service` + + + +Default value: `'running'` + +##### `service_name` + +Data type: `String[1]` + + + +Default value: `'cgroup_exporter'` + +##### `install_method` + +Data type: `Prometheus::Install` + + + +Default value: `$prometheus::install_method` + +##### `manage_group` + +Data type: `Boolean` + + + +Default value: `true` + +##### `manage_service` + +Data type: `Boolean` + + + +Default value: `true` + +##### `manage_user` + +Data type: `Boolean` + + + +Default value: `true` + +##### `os` + +Data type: `String[1]` + + + +Default value: `downcase(fact('kernel'))` + +##### `extra_options` + +Data type: `Optional[String[1]]` + + + +Default value: `undef` + +##### `download_url` + +Data type: `Optional[Prometheus::Uri]` + + + +Default value: `undef` + +##### `scrape_host` + +Data type: `Optional[Stdlib::Host]` + + + +Default value: `undef` + +##### `export_scrape_job` + +Data type: `Boolean` + + + +Default value: `false` + +##### `scrape_port` + +Data type: `Stdlib::Port` + + + +Default value: `9306` + +##### `scrape_job_name` + +Data type: `String[1]` + + + +Default value: `'cgroup'` + +##### `scrape_job_labels` + +Data type: `Optional[Hash]` + + + +Default value: `undef` + +##### `bin_name` + +Data type: `Optional[String[1]]` + + + +Default value: `undef` + +##### `modules` + +Data type: `Hash` + + + +Default value: `{}` + +##### `proxy_server` + +Data type: `Optional[String[1]]` + + + +Default value: `undef` + +##### `proxy_type` + +Data type: `Optional[Enum['none', 'http', 'https', 'ftp']]` + + + +Default value: `undef` + +##### `cgroup_paths` + +Data type: `Enum['slurm']` + + + +Default value: `'slurm'` + ### `prometheus::collectd_exporter` This module manages prometheus node collectd_exporter diff --git a/manifests/cgroup_exporter.pp b/manifests/cgroup_exporter.pp new file mode 100644 index 00000000..0ba7daba --- /dev/null +++ b/manifests/cgroup_exporter.pp @@ -0,0 +1,101 @@ +# @summary This module manages prometheus cgroup_exporter (https://github.com/treydock/cgroup_exporter) +class prometheus::cgroup_exporter ( + String[1] $package_name = 'cgroup_exporter', + String $download_extension = 'tar.gz', + # renovate: depName=treydock/cgroup_exporter + String[1] $version = '1.0.1', + String[1] $package_ensure = 'latest', + String[1] $user = 'cgroup-exporter', + String[1] $group = 'cgroup-exporter', + Prometheus::Uri $download_url_base = 'https://github.com/treydock/cgroup_exporter/releases', + Array[String] $extra_groups = [], + Prometheus::Initstyle $init_style = $prometheus::init_style, + Boolean $purge_config_dir = true, + String[1] $config_mode = $prometheus::config_mode, + String[1] $arch = $prometheus::real_arch, + Stdlib::Absolutepath $bin_dir = $prometheus::bin_dir, + Boolean $restart_on_change = true, + Boolean $service_enable = true, + Stdlib::Ensure::Service $service_ensure = 'running', + String[1] $service_name = 'cgroup_exporter', + Prometheus::Install $install_method = $prometheus::install_method, + Boolean $manage_group = true, + Boolean $manage_service = true, + Boolean $manage_user = true, + String[1] $os = downcase(fact('kernel')), + Stdlib::Absolutepath $archive_bin_path = "/opt/${package_name}-${version}.${os}-${arch}/${package_name}", + Optional[String[1]] $extra_options = undef, + Optional[Prometheus::Uri] $download_url = undef, + Optional[Stdlib::Host] $scrape_host = undef, + Boolean $export_scrape_job = false, + Stdlib::Port $scrape_port = 9306, + String[1] $scrape_job_name = 'cgroup', + Optional[Hash] $scrape_job_labels = undef, + Optional[String[1]] $bin_name = undef, + Hash $modules = {}, + Optional[String[1]] $proxy_server = undef, + Optional[Enum['none', 'http', 'https', 'ftp']] $proxy_type = undef, + Enum['slurm'] $cgroup_paths = 'slurm', +) inherits prometheus { + $real_download_url = pick( + $download_url, + "${download_url_base}/download/v${version}/${package_name}-${version}.${os}-${arch}.${download_extension}" + ) + + $notify_service = $restart_on_change ? { + true => Service[$service_name], + default => undef, + } + + $paths_option = "--config.paths=/${cgroup_paths}" + + if $scrape_port != 9306 { + $listen_address = "--web.listen-address=':${scrape_port}'" + } else { + $listen_address = undef + } + + $options = [ + $extra_options, + $listen_address, + $paths_option, + ].filter |$x| { !$x.empty }.join(' ') + + prometheus::daemon { $service_name: + install_method => $install_method, + version => $version, + download_extension => $download_extension, + os => $os, + arch => $arch, + real_download_url => $real_download_url, + bin_dir => $bin_dir, + notify_service => $notify_service, + package_name => $package_name, + package_ensure => $package_ensure, + manage_user => $manage_user, + user => $user, + extra_groups => $extra_groups, + group => $group, + manage_group => $manage_group, + purge => $purge_config_dir, + options => $options, + init_style => $init_style, + service_ensure => $service_ensure, + service_enable => $service_enable, + manage_service => $manage_service, + export_scrape_job => $export_scrape_job, + scrape_host => $scrape_host, + scrape_port => $scrape_port, + scrape_job_name => $scrape_job_name, + scrape_job_labels => $scrape_job_labels, + bin_name => $bin_name, + proxy_server => $proxy_server, + proxy_type => $proxy_type, + archive_bin_path => $archive_bin_path, + } + ->exec {'setcap cgroup_exporter': + command => "/usr/sbin/setcap cap_sys_ptrace=eip ${archive_bin_path}", + unless => "/usr/sbin/getcap ${archive_bin_path} | grep -q cap_sys_ptrace=eip", + } + +} diff --git a/spec/acceptance/cgroup_exporter_spec.rb b/spec/acceptance/cgroup_exporter_spec.rb new file mode 100644 index 00000000..63083c48 --- /dev/null +++ b/spec/acceptance/cgroup_exporter_spec.rb @@ -0,0 +1,20 @@ +# frozen_string_literal: true + +require 'spec_helper_acceptance' + +describe 'prometheus cgroup exporter' do + it 'cgroup_exporter works idempotently with no errors' do + pp = 'include prometheus::cgroup_exporter' + apply_manifest(pp, catch_failures: true) + apply_manifest(pp, catch_changes: true) + end + + describe service('cgroup_exporter') do + it { is_expected.to be_running } + it { is_expected.to be_enabled } + end + + describe port(9306) do + it { is_expected.to be_listening.with('tcp6') } + end +end diff --git a/spec/classes/cgroup_exporter_spec.rb b/spec/classes/cgroup_exporter_spec.rb new file mode 100644 index 00000000..95c7dc1f --- /dev/null +++ b/spec/classes/cgroup_exporter_spec.rb @@ -0,0 +1,40 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe 'prometheus::cgroup_exporter' do + on_supported_os.each do |os, facts| + context "on #{os}" do + let(:facts) do + facts.merge(os_specific_facts(facts)) + end + + context 'with version specified' do + let(:params) do + { + version: '1.0.1', + arch: 'amd64', + os: 'linux', + bin_dir: '/usr/local/bin', + install_method: 'url', + modules: { + 'default' => {} + } + } + end + + describe 'with all defaults' do + it { is_expected.to contain_class('prometheus') } + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_file('/usr/local/bin/cgroup_exporter').with('target' => '/opt/cgroup_exporter-1.0.1.linux-amd64/cgroup_exporter') } + it { is_expected.to contain_prometheus__daemon('cgroup_exporter') } + it { is_expected.to contain_user('cgroup-exporter') } + it { is_expected.to contain_group('cgroup-exporter') } + it { is_expected.to contain_service('cgroup_exporter') } + it { is_expected.to contain_archive('/tmp/cgroup_exporter-1.0.1.tar.gz') } + it { is_expected.to contain_file('/opt/cgroup_exporter-1.0.1.linux-amd64/cgroup_exporter') } + end + end + end + end +end From c746f23d4f973f0b33348e42b38a831dea848222 Mon Sep 17 00:00:00 2001 From: "Nicolas (CAncun) Coudene" Date: Thu, 10 Apr 2025 00:00:01 +0200 Subject: [PATCH 2/5] fix reference Signed-off-by: Nicolas (CAncun) Coudene --- REFERENCE.md | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index 60c4da46..88761707 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -2958,6 +2958,7 @@ The following parameters are available in the `prometheus::cgroup_exporter` clas * [`manage_service`](#-prometheus--cgroup_exporter--manage_service) * [`manage_user`](#-prometheus--cgroup_exporter--manage_user) * [`os`](#-prometheus--cgroup_exporter--os) +* [`archive_bin_path`](#-prometheus--cgroup_exporter--archive_bin_path) * [`extra_options`](#-prometheus--cgroup_exporter--extra_options) * [`download_url`](#-prometheus--cgroup_exporter--download_url) * [`scrape_host`](#-prometheus--cgroup_exporter--scrape_host) @@ -3009,7 +3010,7 @@ Data type: `String[1]` -Default value: `'root'` +Default value: `'cgroup-exporter'` ##### `group` @@ -3017,7 +3018,7 @@ Data type: `String[1]` -Default value: `'root'` +Default value: `'cgroup-exporter'` ##### `download_url_base` @@ -3147,6 +3148,14 @@ Data type: `String[1]` Default value: `downcase(fact('kernel'))` +##### `archive_bin_path` + +Data type: `Stdlib::Absolutepath` + + + +Default value: `"/opt/${package_name}-${version}.${os}-${arch}/${package_name}"` + ##### `extra_options` Data type: `Optional[String[1]]` From bd9471e7be73d3e173c0008035cc6bd32a624fe2 Mon Sep 17 00:00:00 2001 From: "Nicolas (CAncun) Coudene" Date: Thu, 10 Apr 2025 00:03:27 +0200 Subject: [PATCH 3/5] make linter happy Signed-off-by: Nicolas (CAncun) Coudene --- manifests/cgroup_exporter.pp | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/manifests/cgroup_exporter.pp b/manifests/cgroup_exporter.pp index 0ba7daba..750ea13f 100644 --- a/manifests/cgroup_exporter.pp +++ b/manifests/cgroup_exporter.pp @@ -93,9 +93,8 @@ proxy_type => $proxy_type, archive_bin_path => $archive_bin_path, } - ->exec {'setcap cgroup_exporter': + -> exec {'setcap cgroup_exporter': command => "/usr/sbin/setcap cap_sys_ptrace=eip ${archive_bin_path}", unless => "/usr/sbin/getcap ${archive_bin_path} | grep -q cap_sys_ptrace=eip", } - } From 5a5b0a34a4cd01498031b41cd472fa4b2d2ab75e Mon Sep 17 00:00:00 2001 From: "Nicolas (CAncun) Coudene" Date: Thu, 10 Apr 2025 00:04:51 +0200 Subject: [PATCH 4/5] make linter happy Signed-off-by: Nicolas (CAncun) Coudene --- manifests/cgroup_exporter.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/cgroup_exporter.pp b/manifests/cgroup_exporter.pp index 750ea13f..1c32eaea 100644 --- a/manifests/cgroup_exporter.pp +++ b/manifests/cgroup_exporter.pp @@ -93,7 +93,7 @@ proxy_type => $proxy_type, archive_bin_path => $archive_bin_path, } - -> exec {'setcap cgroup_exporter': + -> exec { 'setcap cgroup_exporter': command => "/usr/sbin/setcap cap_sys_ptrace=eip ${archive_bin_path}", unless => "/usr/sbin/getcap ${archive_bin_path} | grep -q cap_sys_ptrace=eip", } From eb0773e70a3488be8bf58fdcdae69aed0c4c99e5 Mon Sep 17 00:00:00 2001 From: "Nicolas (CAncun) Coudene" Date: Thu, 10 Apr 2025 13:18:44 +0200 Subject: [PATCH 5/5] manage debian 11 lack of setcap by default Signed-off-by: Nicolas (CAncun) Coudene --- README.md | 2 +- REFERENCE.md | 225 ++++++++++++------------ manifests/cgroup_exporter.pp | 137 +++++++++++++-- spec/acceptance/cgroup_exporter_spec.rb | 1 + spec/classes/cgroup_exporter_spec.rb | 2 +- 5 files changed, 243 insertions(+), 124 deletions(-) diff --git a/README.md b/README.md index bc99e152..06ee45d0 100644 --- a/README.md +++ b/README.md @@ -32,7 +32,7 @@ This module supports below Prometheus architectures: - i386 - armv71 (Tested on raspberry pi 3) -The `prometheus::ipmi_exporter` class has a dependency on [saz/sudo](https://forge.puppet.com/modules/saz/sudo) Puppet module. +The `prometheus::ipmi_exporter` and `prometheus::cgroup_exporter` classes have a dependency on [saz/sudo](https://forge.puppet.com/modules/saz/sudo) Puppet module. ## Background diff --git a/REFERENCE.md b/REFERENCE.md index 88761707..46e87f32 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -2936,151 +2936,184 @@ This module manages prometheus cgroup_exporter (https://github.com/treydock/cgro The following parameters are available in the `prometheus::cgroup_exporter` class: -* [`package_name`](#-prometheus--cgroup_exporter--package_name) +* [`arch`](#-prometheus--cgroup_exporter--arch) +* [`bin_dir`](#-prometheus--cgroup_exporter--bin_dir) * [`download_extension`](#-prometheus--cgroup_exporter--download_extension) -* [`version`](#-prometheus--cgroup_exporter--version) -* [`package_ensure`](#-prometheus--cgroup_exporter--package_ensure) -* [`user`](#-prometheus--cgroup_exporter--user) -* [`group`](#-prometheus--cgroup_exporter--group) +* [`download_url`](#-prometheus--cgroup_exporter--download_url) * [`download_url_base`](#-prometheus--cgroup_exporter--download_url_base) * [`extra_groups`](#-prometheus--cgroup_exporter--extra_groups) +* [`extra_options`](#-prometheus--cgroup_exporter--extra_options) +* [`group`](#-prometheus--cgroup_exporter--group) * [`init_style`](#-prometheus--cgroup_exporter--init_style) -* [`purge_config_dir`](#-prometheus--cgroup_exporter--purge_config_dir) -* [`config_mode`](#-prometheus--cgroup_exporter--config_mode) -* [`arch`](#-prometheus--cgroup_exporter--arch) -* [`bin_dir`](#-prometheus--cgroup_exporter--bin_dir) -* [`restart_on_change`](#-prometheus--cgroup_exporter--restart_on_change) -* [`service_enable`](#-prometheus--cgroup_exporter--service_enable) -* [`service_ensure`](#-prometheus--cgroup_exporter--service_ensure) -* [`service_name`](#-prometheus--cgroup_exporter--service_name) * [`install_method`](#-prometheus--cgroup_exporter--install_method) * [`manage_group`](#-prometheus--cgroup_exporter--manage_group) * [`manage_service`](#-prometheus--cgroup_exporter--manage_service) * [`manage_user`](#-prometheus--cgroup_exporter--manage_user) * [`os`](#-prometheus--cgroup_exporter--os) +* [`package_ensure`](#-prometheus--cgroup_exporter--package_ensure) +* [`package_name`](#-prometheus--cgroup_exporter--package_name) +* [`purge_config_dir`](#-prometheus--cgroup_exporter--purge_config_dir) +* [`restart_on_change`](#-prometheus--cgroup_exporter--restart_on_change) +* [`service_enable`](#-prometheus--cgroup_exporter--service_enable) +* [`service_ensure`](#-prometheus--cgroup_exporter--service_ensure) +* [`service_name`](#-prometheus--cgroup_exporter--service_name) +* [`user`](#-prometheus--cgroup_exporter--user) +* [`version`](#-prometheus--cgroup_exporter--version) +* [`proxy_server`](#-prometheus--cgroup_exporter--proxy_server) +* [`proxy_type`](#-prometheus--cgroup_exporter--proxy_type) +* [`proxy_type`](#-prometheus--cgroup_exporter--proxy_type) +* [`unprivileged`](#-prometheus--cgroup_exporter--unprivileged) * [`archive_bin_path`](#-prometheus--cgroup_exporter--archive_bin_path) -* [`extra_options`](#-prometheus--cgroup_exporter--extra_options) -* [`download_url`](#-prometheus--cgroup_exporter--download_url) * [`scrape_host`](#-prometheus--cgroup_exporter--scrape_host) +* [`env_file_path`](#-prometheus--cgroup_exporter--env_file_path) * [`export_scrape_job`](#-prometheus--cgroup_exporter--export_scrape_job) * [`scrape_port`](#-prometheus--cgroup_exporter--scrape_port) * [`scrape_job_name`](#-prometheus--cgroup_exporter--scrape_job_name) * [`scrape_job_labels`](#-prometheus--cgroup_exporter--scrape_job_labels) -* [`bin_name`](#-prometheus--cgroup_exporter--bin_name) * [`modules`](#-prometheus--cgroup_exporter--modules) -* [`proxy_server`](#-prometheus--cgroup_exporter--proxy_server) -* [`proxy_type`](#-prometheus--cgroup_exporter--proxy_type) * [`cgroup_paths`](#-prometheus--cgroup_exporter--cgroup_paths) -##### `package_name` +##### `arch` Data type: `String[1]` +Architecture (x86_64) +Default value: `$prometheus::real_arch` -Default value: `'cgroup_exporter'` +##### `bin_dir` + +Data type: `Stdlib::Absolutepath` + +Directory where binaries are located + +Default value: `$prometheus::bin_dir` ##### `download_extension` Data type: `String` - +Extension for the release binary archive Default value: `'tar.gz'` -##### `version` +##### `download_url` -Data type: `String[1]` +Data type: `Optional[Prometheus::Uri]` +Complete URL corresponding to the where the release binary archive can be downloaded +Default value: `undef` -Default value: `'1.0.1'` +##### `download_url_base` -##### `package_ensure` +Data type: `Prometheus::Uri` -Data type: `String[1]` +Base URL for the binary archive +Default value: `'https://github.com/treydock/cgroup_exporter/releases'` +##### `extra_groups` -Default value: `'latest'` +Data type: `Array[String]` -##### `user` +Extra groups to add the binary user to -Data type: `String[1]` +Default value: `[]` +##### `extra_options` +Data type: `Optional[String[1]]` -Default value: `'cgroup-exporter'` +Extra options added to the startup command + +Default value: `undef` ##### `group` Data type: `String[1]` - +Group under which the binary is running Default value: `'cgroup-exporter'` -##### `download_url_base` +##### `init_style` -Data type: `Prometheus::Uri` +Data type: `Prometheus::Initstyle` +Service startup scripts style (e.g. rc, upstart or systemd) +Default value: `$prometheus::init_style` -Default value: `'https://github.com/treydock/cgroup_exporter/releases'` +##### `install_method` -##### `extra_groups` +Data type: `Prometheus::Install` -Data type: `Array[String]` +Installation method: url or package (only url is supported currently) +Default value: `$prometheus::install_method` +##### `manage_group` -Default value: `[]` +Data type: `Boolean` -##### `init_style` +Whether to create a group for or rely on external code for that -Data type: `Prometheus::Initstyle` +Default value: `true` +##### `manage_service` +Data type: `Boolean` -Default value: `$prometheus::init_style` +Should puppet manage the service? (default true) -##### `purge_config_dir` +Default value: `true` -Data type: `Boolean` +##### `manage_user` +Data type: `Boolean` +Whether to create user or rely on external code for that Default value: `true` -##### `config_mode` +##### `os` Data type: `String[1]` +Operating system (linux is the only one supported) +Default value: `downcase(fact('kernel'))` -Default value: `$prometheus::config_mode` - -##### `arch` +##### `package_ensure` Data type: `String[1]` +If package, then use this for package ensure default 'latest' +Default value: `'latest'` -Default value: `$prometheus::real_arch` +##### `package_name` -##### `bin_dir` +Data type: `String[1]` -Data type: `Stdlib::Absolutepath` +The binary package name - not available yet +Default value: `'cgroup_exporter'` +##### `purge_config_dir` -Default value: `$prometheus::bin_dir` +Data type: `Boolean` + +Purge config files no longer generated by Puppet + +Default value: `true` ##### `restart_on_change` Data type: `Boolean` - +Should puppet restart the service on configuration change? (default true) Default value: `true` @@ -3088,7 +3121,7 @@ Default value: `true` Data type: `Boolean` - +Whether to enable the service from puppet (default true) Default value: `true` @@ -3096,7 +3129,7 @@ Default value: `true` Data type: `Stdlib::Ensure::Service` - +State ensured for the service (default 'running') Default value: `'running'` @@ -3104,49 +3137,55 @@ Default value: `'running'` Data type: `String[1]` - +Name of the node exporter service (default 'cgroup_exporter') Default value: `'cgroup_exporter'` -##### `install_method` - -Data type: `Prometheus::Install` - +##### `user` +Data type: `String[1]` -Default value: `$prometheus::install_method` +User which runs the service -##### `manage_group` +Default value: `'cgroup-exporter'` -Data type: `Boolean` +##### `version` +Data type: `String[1]` +The binary release version -Default value: `true` +Default value: `'1.0.1'` -##### `manage_service` +##### `proxy_server` -Data type: `Boolean` +Data type: `Optional[String[1]]` +Optional proxy server, with port number if needed. ie: https://example.com:8080 +Default value: `undef` -Default value: `true` +##### `proxy_type` -##### `manage_user` +Data type: `Optional[Enum['none', 'http', 'https', 'ftp']]` -Data type: `Boolean` +Optional proxy server type (none|http|https|ftp) +Default value: `undef` +##### `proxy_type` -Default value: `true` +cgroup paths (slurm|user.slice) -##### `os` +Default value: `undef` -Data type: `String[1]` +##### `unprivileged` +Data type: `Boolean` +If true, run the exporter as an unprivileged user and add sudoers entrie to manage the binary exporter -Default value: `downcase(fact('kernel'))` +Default value: `false` ##### `archive_bin_path` @@ -3156,29 +3195,21 @@ Data type: `Stdlib::Absolutepath` Default value: `"/opt/${package_name}-${version}.${os}-${arch}/${package_name}"` -##### `extra_options` - -Data type: `Optional[String[1]]` - - - -Default value: `undef` - -##### `download_url` +##### `scrape_host` -Data type: `Optional[Prometheus::Uri]` +Data type: `Optional[Stdlib::Host]` Default value: `undef` -##### `scrape_host` +##### `env_file_path` -Data type: `Optional[Stdlib::Host]` +Data type: `Stdlib::Absolutepath` -Default value: `undef` +Default value: `$prometheus::env_file_path` ##### `export_scrape_job` @@ -3210,14 +3241,6 @@ Data type: `Optional[Hash]` -Default value: `undef` - -##### `bin_name` - -Data type: `Optional[String[1]]` - - - Default value: `undef` ##### `modules` @@ -3228,25 +3251,9 @@ Data type: `Hash` Default value: `{}` -##### `proxy_server` - -Data type: `Optional[String[1]]` - - - -Default value: `undef` - -##### `proxy_type` - -Data type: `Optional[Enum['none', 'http', 'https', 'ftp']]` - - - -Default value: `undef` - ##### `cgroup_paths` -Data type: `Enum['slurm']` +Data type: `Enum['slurm', 'user.slice']` diff --git a/manifests/cgroup_exporter.pp b/manifests/cgroup_exporter.pp index 1c32eaea..69ba023b 100644 --- a/manifests/cgroup_exporter.pp +++ b/manifests/cgroup_exporter.pp @@ -1,4 +1,58 @@ # @summary This module manages prometheus cgroup_exporter (https://github.com/treydock/cgroup_exporter) +# @param arch +# Architecture (x86_64) +# @param bin_dir +# Directory where binaries are located +# @param download_extension +# Extension for the release binary archive +# @param download_url +# Complete URL corresponding to the where the release binary archive can be downloaded +# @param download_url_base +# Base URL for the binary archive +# @param extra_groups +# Extra groups to add the binary user to +# @param extra_options +# Extra options added to the startup command +# @param group +# Group under which the binary is running +# @param init_style +# Service startup scripts style (e.g. rc, upstart or systemd) +# @param install_method +# Installation method: url or package (only url is supported currently) +# @param manage_group +# Whether to create a group for or rely on external code for that +# @param manage_service +# Should puppet manage the service? (default true) +# @param manage_user +# Whether to create user or rely on external code for that +# @param os +# Operating system (linux is the only one supported) +# @param package_ensure +# If package, then use this for package ensure default 'latest' +# @param package_name +# The binary package name - not available yet +# @param purge_config_dir +# Purge config files no longer generated by Puppet +# @param restart_on_change +# Should puppet restart the service on configuration change? (default true) +# @param service_enable +# Whether to enable the service from puppet (default true) +# @param service_ensure +# State ensured for the service (default 'running') +# @param service_name +# Name of the node exporter service (default 'cgroup_exporter') +# @param user +# User which runs the service +# @param version +# The binary release version +# @param proxy_server +# Optional proxy server, with port number if needed. ie: https://example.com:8080 +# @param proxy_type +# Optional proxy server type (none|http|https|ftp) +# @param proxy_type +# cgroup paths (slurm|user.slice) +# @param unprivileged +# If true, run the exporter as an unprivileged user and add sudoers entrie to manage the binary exporter class prometheus::cgroup_exporter ( String[1] $package_name = 'cgroup_exporter', String $download_extension = 'tar.gz', @@ -11,7 +65,6 @@ Array[String] $extra_groups = [], Prometheus::Initstyle $init_style = $prometheus::init_style, Boolean $purge_config_dir = true, - String[1] $config_mode = $prometheus::config_mode, String[1] $arch = $prometheus::real_arch, Stdlib::Absolutepath $bin_dir = $prometheus::bin_dir, Boolean $restart_on_change = true, @@ -23,19 +76,20 @@ Boolean $manage_service = true, Boolean $manage_user = true, String[1] $os = downcase(fact('kernel')), - Stdlib::Absolutepath $archive_bin_path = "/opt/${package_name}-${version}.${os}-${arch}/${package_name}", + Stdlib::Absolutepath $archive_bin_path = "/opt/${package_name}-${version}.${os}-${arch}/${package_name}", Optional[String[1]] $extra_options = undef, Optional[Prometheus::Uri] $download_url = undef, Optional[Stdlib::Host] $scrape_host = undef, + Stdlib::Absolutepath $env_file_path = $prometheus::env_file_path, Boolean $export_scrape_job = false, Stdlib::Port $scrape_port = 9306, String[1] $scrape_job_name = 'cgroup', Optional[Hash] $scrape_job_labels = undef, - Optional[String[1]] $bin_name = undef, Hash $modules = {}, Optional[String[1]] $proxy_server = undef, + Boolean $unprivileged = false, Optional[Enum['none', 'http', 'https', 'ftp']] $proxy_type = undef, - Enum['slurm'] $cgroup_paths = 'slurm', + Enum['slurm', 'user.slice'] $cgroup_paths = 'slurm', ) inherits prometheus { $real_download_url = pick( $download_url, @@ -49,18 +103,78 @@ $paths_option = "--config.paths=/${cgroup_paths}" - if $scrape_port != 9306 { - $listen_address = "--web.listen-address=':${scrape_port}'" - } else { - $listen_address = undef + $listen_address = $scrape_port ? { + 9306 => undef, + default => "--web.listen-address=':${scrape_port}'", + } + + case fact('os.name') { + 'Debian': { $unprivileged_os = versioncmp ("${fact('os.release.full')}", '12') == -1 } + 'Ubuntu': { $unprivileged_os = versioncmp ("${fact('os.release.full')}", '22.04') == -1 } + default: { $unprivileged_os = false } } + $bin_name = $package_name + $options = [ $extra_options, $listen_address, $paths_option, ].filter |$x| { !$x.empty }.join(' ') + if $unprivileged or $unprivileged_os { + # workaround from the ipmi_exporter class + sudo::conf { $service_name: + ensure => 'present', + content => join([ + "${user} ALL = NOPASSWD: ${archive_bin_path}", + ], "\n"), + sudo_file_name => $service_name, + } + + file { "${bin_dir}/${bin_name}": + owner => $user, + group => $group, + mode => '0750', + content => join([ + '#!/bin/bash', + "sudo ${archive_bin_path} \"$@\"", + ], "\n"), + } + + # necessary to ensure that all processes are killed properly with Killmode=mixed + # if not we encounter those error "cgroup_exporter.service: Unit process XXXXX (sudo) remains running after unit stopped." + include 'systemd' + systemd::manage_unit { "${service_name}.service": + unit_entry => { + 'Description' => "Prometheus ${package_name}", + 'Wants' => 'network-online.target', + 'After' => 'network-online.target', + }, + service_entry => { + 'User' => $user, + 'Group' => $group, + 'EnvironmentFile' => "-${env_file_path}/${package_name}", + 'ExecStart' => sprintf('%s/%s %s', $bin_dir, $bin_name, $options), + 'ExecReload' => '/bin/kill -HUP $MAINPID', + 'KillMode' => 'mixed', + 'Restart' => 'always', + }, + install_entry => { + 'WantedBy' => 'multi-user.target', + }, + notify => $notify_service, + } + $init_style_real = 'none' + } else { + exec { 'setcap cgroup_exporter': + command => "/usr/sbin/setcap cap_sys_ptrace=eip ${archive_bin_path}", + unless => "/usr/sbin/getcap ${archive_bin_path} | grep -q cap_sys_ptrace=eip", + require => Prometheus::Daemon[$service_name], + } + $init_style_real = $init_style + } + prometheus::daemon { $service_name: install_method => $install_method, version => $version, @@ -79,7 +193,7 @@ manage_group => $manage_group, purge => $purge_config_dir, options => $options, - init_style => $init_style, + init_style => $init_style_real, service_ensure => $service_ensure, service_enable => $service_enable, manage_service => $manage_service, @@ -92,9 +206,6 @@ proxy_server => $proxy_server, proxy_type => $proxy_type, archive_bin_path => $archive_bin_path, - } - -> exec { 'setcap cgroup_exporter': - command => "/usr/sbin/setcap cap_sys_ptrace=eip ${archive_bin_path}", - unless => "/usr/sbin/getcap ${archive_bin_path} | grep -q cap_sys_ptrace=eip", + manage_bin_link => !($unprivileged or $unprivileged_os), } } diff --git a/spec/acceptance/cgroup_exporter_spec.rb b/spec/acceptance/cgroup_exporter_spec.rb index 63083c48..8c2e65c6 100644 --- a/spec/acceptance/cgroup_exporter_spec.rb +++ b/spec/acceptance/cgroup_exporter_spec.rb @@ -4,6 +4,7 @@ describe 'prometheus cgroup exporter' do it 'cgroup_exporter works idempotently with no errors' do + shell('puppet module install saz-sudo') pp = 'include prometheus::cgroup_exporter' apply_manifest(pp, catch_failures: true) apply_manifest(pp, catch_changes: true) diff --git a/spec/classes/cgroup_exporter_spec.rb b/spec/classes/cgroup_exporter_spec.rb index 95c7dc1f..22329d02 100644 --- a/spec/classes/cgroup_exporter_spec.rb +++ b/spec/classes/cgroup_exporter_spec.rb @@ -26,7 +26,7 @@ describe 'with all defaults' do it { is_expected.to contain_class('prometheus') } it { is_expected.to compile.with_all_deps } - it { is_expected.to contain_file('/usr/local/bin/cgroup_exporter').with('target' => '/opt/cgroup_exporter-1.0.1.linux-amd64/cgroup_exporter') } + it { is_expected.to contain_file('/usr/local/bin/cgroup_exporter') } it { is_expected.to contain_prometheus__daemon('cgroup_exporter') } it { is_expected.to contain_user('cgroup-exporter') } it { is_expected.to contain_group('cgroup-exporter') }