diff --git a/roles/blackbox-exporter/defaults/main.yml b/roles/blackbox-exporter/defaults/main.yml index 85824cb..d750715 100644 --- a/roles/blackbox-exporter/defaults/main.yml +++ b/roles/blackbox-exporter/defaults/main.yml @@ -1,3 +1,6 @@ blackbox_modules: {} blackbox_config: modules: '{{ blackbox_modules }}' +blackbox_container_image: '{{ blackbox_container_image_name }}:{{ blackbox_container_image_tag }}' +blackbox_container_image_name: quay.io/prometheus/blackbox-exporter +blackbox_container_image_tag: latest diff --git a/roles/blackbox-exporter/handlers/main.yml b/roles/blackbox-exporter/handlers/main.yml index f4b3b76..2857a34 100644 --- a/roles/blackbox-exporter/handlers/main.yml +++ b/roles/blackbox-exporter/handlers/main.yml @@ -2,12 +2,12 @@ systemd: daemon_reload: true -- name: restart blackbox_exporter +- name: restart blackbox-exporter service: - name: blackbox_exporter + name: blackbox-exporter state: restarted -- name: reload blackbox_exporter +- name: reload blackbox-exporter service: - name: blackbox_exporter + name: blackbox-exporter state: reloaded diff --git a/roles/blackbox-exporter/tasks/deploy.yml b/roles/blackbox-exporter/tasks/deploy.yml index c758ebb..529ab6c 100644 --- a/roles/blackbox-exporter/tasks/deploy.yml +++ b/roles/blackbox-exporter/tasks/deploy.yml @@ -1,3 +1,26 @@ +- name: ensure blackbox container is present + podman_image: + name: '{{ blackbox_container_image_name }}' + tag: '{{ blackbox_container_image_tag }}' + state: present + pull: '{{ blackbox_exporter_pull_image|d(false)|bool }}' + notify: + - reload systemd + - restart blackbox-exporter + tags: + - container + +- name: ensure blackbox-exporter system container is configured + template: + src: blackbox-exporter.container.j2 + dest: /etc/containers/systemd/blackbox-exporter.container + mode: u=rw,go=r + owner: root + group: root + notify: + - reload systemd + - restart blackbox-exporter + - name: ensure /etc/prometheus directory exists file: path: /etc/prometheus @@ -6,7 +29,7 @@ group: root state: directory -- name: ensure blackbox_exporter is configured +- name: ensure blackbox-exporter is configured copy: dest: /etc/prometheus/blackbox.yml content: | @@ -15,19 +38,22 @@ owner: root group: root notify: - - reload blackbox_exporter + - reload blackbox-exporter -- name: ensure blackbox_exporter starts at boot +- name: flush handlers + meta: flush_handlers + +- name: ensure blackbox-exporter starts at boot service: - name: blackbox_exporter + name: blackbox-exporter enabled: true tags: - service - name: flush_handlers meta: flush_handlers -- name: ensure blackbox_exporter is running +- name: ensure blackbox-exporter is running service: - name: blackbox_exporter + name: blackbox-exporter state: started tags: - service diff --git a/roles/blackbox-exporter/tasks/install.yml b/roles/blackbox-exporter/tasks/install.yml index a731f91..e1350c1 100644 --- a/roles/blackbox-exporter/tasks/install.yml +++ b/roles/blackbox-exporter/tasks/install.yml @@ -1,55 +1,4 @@ -- name: load installation variables - include_vars: install.yml - tags: - - always - -- name: load architecture variables - include_vars: '{{ item }}' - with_first_found: - - '{{ ansible_architecture }}.yml' - - arch-defaults.yml - tags: - - always - -- name: ensure blackbox_exporter release archive is available - delegate_to: localhost - become: false - get_url: - url: '{{ blackbox_xptr_tar_url }}' - checksum: 'sha256:{{ blackbox_xptr_cksm_url }}' - dest: '{{ playbook_dir }}/tmp/{{ blackbox_xptr_tar_name }}' - tags: - - download - -- name: ensure blackbox_exporter archive is unpacked locally - delegate_to: localhost - become: false - unarchive: - src: '{{ playbook_dir }}/tmp/{{ blackbox_xptr_tar_name }}' - dest: '{{ playbook_dir }}/tmp/' - remote_src: true - creates: '{{ blackbox_xptr_extract_dir }}/blackbox_exporter' - tags: - - unarchive - -- name: ensure blackbox_exporter is installed - copy: - src: '{{ blackbox_xptr_extract_dir }}/blackbox_exporter' - dest: /usr/local/sbin/blackbox_exporter - mode: u=rwx,go=rx - diff: false - notify: - - restart blackbox_exporter - -- name: ensure blackbox_exporter systemd unit is installed - file: - src: blackbox_exporter.service - dest: /etc/systemd/system/blackbox_exporter.services - mode: u=rw,go=r - notify: - - reload systemd - - restart blackbox_exporter - tags: - - service - - systemd - +- name: ensure podman is installed + package: + name: podman + state: present diff --git a/roles/blackbox-exporter/templates/blackbox-exporter.container.j2 b/roles/blackbox-exporter/templates/blackbox-exporter.container.j2 new file mode 100644 index 0000000..1b02db5 --- /dev/null +++ b/roles/blackbox-exporter/templates/blackbox-exporter.container.j2 @@ -0,0 +1,22 @@ +[Unit] +Description=Blackbox exporter +Documentation=https://github.com/prometheus/blackbox_exporter/blob/master/README.md +After=network-online.target +Wants=network-online.target + +[Container] +Image={{ blackbox_container_image }} +Pull=never +Exec=--config.file=/etc/prometheus/blackbox.yml +Mount=type=bind,source=/etc/prometheus,target=/etc/prometheus,readonly=true +ReadOnly=yes +ReadOnlyTmpfs=yes +NoNewPrivileges=yes +User=215 +Group=215 +PublishPort=9115:9115 + +[Service] +Restart=always +RestartSec=1s +ExecReload=/usr/bin/podman kill --cidfile=%t/%N.cid -s HUP diff --git a/roles/blackbox-exporter/vars/install.yml b/roles/blackbox-exporter/vars/install.yml deleted file mode 100644 index 757a853..0000000 --- a/roles/blackbox-exporter/vars/install.yml +++ /dev/null @@ -1,14 +0,0 @@ -blackbox_xptr_version: 0.22.0 - -blackbox_xptr_base_url: - https://github.com/prometheus/blackbox_exporter/releases/download -blackbox_xptr_archive: - blackbox_exporter-{{ blackbox_xptr_version }}.linux-{{ blackbox_xptr_arch }} -blackbox_xptr_tar_name: >- - {{ blackbox_xptr_archive }}.tar.gz -blackbox_xptr_tar_url: >- - {{ blackbox_xptr_base_url }}/v{{ blackbox_xptr_version }}/{{ blackbox_xptr_tar_name }} -blackbox_xptr_cksm_url: >- - {{ blackbox_xptr_base_url }}/v{{ blackbox_xptr_version }}/sha256sums.txt -blackbox_xptr_extract_dir: >- - {{ playbook_dir }}/tmp/{{ blackbox_xptr_archive }}