This project is aimed to demonstrate how to launch fully automated setup of Grafana and Prometheus in Docker using Vagrant on a virtual machine in Selectel cloud.
-
Create a working directory for this demonstration:
mkdir tf-demo ; cd tf-demo
-
Create/Obtain credentials and tokens from Web Console as described in https://kb.selectel.com/docs/cloud/servers/tools/how_to_use_openstack_api_through_console_clients/
-
Download and review contents of the small shell script
rc.sh
generated with your credentials. It has all information required to authenticate to the cloud. -
Install Terraform. The demonstration was tested on Terraform version 1.1.x+. See the official instructions from HashiCorp: https://learn.hashicorp.com/tutorials/terraform/install-cli.
-
Set shell auto-completion feature for Terraform to simplify further command line tasks. Run:
terraform -install-autocomplete
. It will append a line to file.bashrc
in your home directory. In order to activate this auto-completion functionality you should either re-open your shell or run the added line in the existing shell. -
(Optionally) Install command line tool
openstack
. This tool will be helpful for checking cloud objects, review their parameters, etc. Consult the documentation at https://docs.openstack.org/newton/user-guide/common/cli-install-openstack-command-line-clients.html. -
(Optionally) For running tool
openstack
from the previous step, import contents of shell scriptrc.sh
downloaded above. Open UNIX shell and runsource rc.sh
. -
Clone this git repository to the current directory created above:
git clone https://github.com/SiberianComrade3/terraform-vagrant-docker-demo.git .
-
Define the following sensitive variables either in file
terraform.tfvars
(not included in Git repository) or through related environment variables (TF_VAR_sel_account
,TF_VAR_sel_token
, etc.). The example below shows setting variables in fileterraform.tfvars
:user_name = "" # account name created on the Web Console, also mentioned in rc.sh. user_password = "" sel_account = # account number, several digits without quotes project_id = "" # long alphanumeric ID found on the Web Console and in the script rc.sh. sel_token = "" # Access token created and available through Web Console. Copy full string. proctor_ip = "" # Additional IP address or a subnet that has access to SSH and Grafana Web
-
Run
terraform init
to initialize Providers used in Terraform configuration. Expect to see the following successful message in green:Terraform has been successfully initialized!
⚠️ Be prepared that not all Providers can be downloaded from HashiCorp; they intentionally block access with HTTP code 405. If this is your case you should either use available mirrors or mirror the needed providers as described in README Extra. -
Run
terraform validate
to ensure all files still have correct syntax.Success! The configuration is valid.
-
Run
terraform apply
. It should report successful creation of defined objects.Apply complete! Resources: 43 added, 0 changed, 0 destroyed.
-
Note output section of the previous command. It contains IP addresses and Grafana URL needed to establish connections to demo infrastructure. This output can be viewed again any time by running
terraform output
from root of working directory.
ℹ️ In case of problems occurred during Terraform execution, start it in debug mode like the following command:
TF_LOG=DEBUG OS_DEBUG=1 terraform apply
Open a web browser. Enter address https://
<host_public_ip>:3000
. For your convenience copy pre-generated URL found in output of the command terraform output grafana_url
.
ℹ️ Access to Grafana Web interface is limited to IP addresses defined as proctor_ip
and to public IP address of the host from which you ran Terraform (check curl ifconfig.ru
).
⛔ Access to Grafana Web interface from other hosts won't be possible by design.
Watch the "Warning: Potential Security Risk" notice and click "Advanced..." to "Accept the Risk".
Pay attention that IP address used to access the server is registered in "Subject Alt Names" of SSL/TLS certificate provided by the Grafana server.
Login with SSH to Linux host machine as advised in output ssh_to_host (terraform output ssh_to_host
), copy-paste full command that looks like below
ssh -q -o StrictHostKeyChecking=no -i ./id_rsa root@xx.xx.xx.xx
You should be able to get there as 'root' superuser without additional questions and see standard Shell command prompt.
🛑 Please allow several minutes to fully initialize the environment (Vagrant + Docker) in the cloud. You can control how it is being started in real-time by running on the Linux host machine:
tail -f /var/log/cloud-init-output.log
Wait for a final line like this:
Cloud-init v. 20.4 finished
Once Vagrant has started a virtual machine, run vagrant ssh
to get inside it.
Check running Docker containers: sudo docker ps
inside the virtual machine.
Optionally you might want to add some mild load to the host to watch how Grafana represents this.
In the virtual machine launched by Vagrant install a tool called 'stress': sudo apt install stress
.
Run this tool with a few basic parameters: stress -c 1
.
When tunning Ansible playbooks are needed, they can be made on the Linux host. YAML file guest_setup.yaml is put by default into /root/guest_setup.yaml
. After changes to this file have been made, manually run the same command as Vagrant runs when starts a virtual machine:
PYTHONUNBUFFERED=1 ANSIBLE_NOCOLOR=true ANSIBLE_HOST_KEY_CHECKING=false ANSIBLE_SSH_ARGS='-o UserKnownHostsFile=/dev/null -o IdentitiesOnly=yes -o ControlMaster=auto -o ControlPersist=60s' ansible-playbook --connection=ssh --timeout=30 --limit="default" --inventory-file=/root/.vagrant/provisioners/ansible/inventory --become --become-user=root -v guest_setup.yaml
Run terraform destroy
to save cloud resources and your budget.