promtail: Role/Playbook to deploy Promtail
Promtail is the log sending client for Grafana Loki. For traditional Linux systems, an RPM package is available from upstream, making installation fairly simple. Configuration is stored in a YAML file, so again, it's straightforward to configure via Ansible variables. Really, the only interesting step is adding the _promtail_ user, which is created by the RPM package, to the _systemd-journal_ group, so that Promtail can read the systemd journal files.
This commit is contained in:
64
roles/promtail/tasks/deploy.yml
Normal file
64
roles/promtail/tasks/deploy.yml
Normal file
@@ -0,0 +1,64 @@
|
||||
- name: ensure promtail user is a member of systemd-journal group
|
||||
user:
|
||||
name: promtail
|
||||
system: true
|
||||
groups: systemd-journal
|
||||
append: true
|
||||
shell: /bin/false
|
||||
state: present
|
||||
tags:
|
||||
- user
|
||||
|
||||
- name: ensure promtail is configured
|
||||
copy:
|
||||
content: |
|
||||
{{ promtail_config | to_nice_yaml(indent=2) }}
|
||||
dest: /etc/promtail/config.yml
|
||||
mode: u=rw,go=r
|
||||
owner: root
|
||||
group: root
|
||||
notify:
|
||||
- reload promtail
|
||||
tags:
|
||||
- config
|
||||
|
||||
- name: ensure promtail ca certificate is set
|
||||
copy:
|
||||
content: |-
|
||||
{{ promtail_ca }}
|
||||
dest: /etc/promtail/ca.crt
|
||||
owner: root
|
||||
group: root
|
||||
mode: u=rw,go=r
|
||||
notify:
|
||||
- reload promtail
|
||||
tags:
|
||||
- config
|
||||
- cert
|
||||
|
||||
- name: ensure promtail service starts at boot
|
||||
service:
|
||||
name: promtail
|
||||
enabled: true
|
||||
tags:
|
||||
- service
|
||||
|
||||
- name: ensure promtail is running
|
||||
service:
|
||||
name: promtail
|
||||
state: started
|
||||
tags:
|
||||
- service
|
||||
|
||||
- name: ensure promtail http port is open in the firewall
|
||||
firewalld:
|
||||
port: >-
|
||||
{{ promtail_config.server.http_listen_port }}/tcp
|
||||
permanent: true
|
||||
immediate: true
|
||||
state: enabled
|
||||
when: >-
|
||||
promtail_config.server.http_listen_port|d(0) > 0
|
||||
and host_uses_firewalld|d(true)
|
||||
tags:
|
||||
- firewall
|
||||
14
roles/promtail/tasks/install.yml
Normal file
14
roles/promtail/tasks/install.yml
Normal file
@@ -0,0 +1,14 @@
|
||||
- name: ensure grafana-promtail yum repository is configured
|
||||
copy:
|
||||
src: grafana-promtail.repo
|
||||
dest: /etc/yum.repos.d/grafana-promtail.repo
|
||||
owner: root
|
||||
group: root
|
||||
mode: u=rw,go=r
|
||||
tags:
|
||||
- repo
|
||||
|
||||
- name: ensure promtail is installed
|
||||
package:
|
||||
name: promtail
|
||||
state: present
|
||||
7
roles/promtail/tasks/main.yml
Normal file
7
roles/promtail/tasks/main.yml
Normal file
@@ -0,0 +1,7 @@
|
||||
- block:
|
||||
- import_tasks: install.yml
|
||||
tags:
|
||||
- install
|
||||
- import_tasks: deploy.yml
|
||||
tags:
|
||||
- promtail
|
||||
Reference in New Issue
Block a user