Cloud Alchemy demo monitoring site
This repository provides an integration testing suite for our ansible roles as well as a demo site for grafana, prometheus, alertmanager and node_exporter (possibly more in the future).
Site is provisioned with ansible running every day and on almost all commits to master branch. Everything is fully automated with travis ci pipeline. If you want to check
ansible-playbook output, go to last build or visit ARA Records Ansible page.
Have a look at the configuration file group_vars/all/vars.
All applications should be running on their default ports.
This repository consists of two playbooks:
- site.yml - which deploys basic prometheus/grafana stack without additional http proxies and with software listening on default ports
- extras.yml - adds influxdb as a long-term storage and deploys caddy http proxy. This will allow HTTPS connections to services like prometheus
Such setup causes that mose of services can be accessed in two ways. As an example, prometheus can be accessed via:
- http://demo.cloudalchemy.org:9090 - default way
- https://prometheus.demo.cloudalchemy.org - workaround which in backgroud communicates with prometheus via insecure, "default" channel mentioned above
This workaround was needed to solve issue #13 and still provide a playbook which could be used by everyone site.yml.
You can easily run such setup yourself without much knowledge how any part of this works. You just need to do two things:
Change ansible inventory
First of all you need to configure your inventory, ours is located in
hosts file. Here you set up your target hosts by changing value of
ansible_host variable. Also here you can exclude parts of this demo site, so if you don't need our website, you just remove this part:
Accordingly you can exclude grafana, prometheus, or influxdb.
For security measures we encrypted some of our passwords, but it is easy to use yours! You can do it by replacing a file located at
group_vars/all/vault with following content:
vault_grafana_password: <<INSERT_YOUR_GRAFANA_PASSWORD>> vault_influxdb_password: <<INSERT_YOUR_INFLUXDB_PASSWORD>>
You need to specify both even if you don't use grafana nor influxdb. You can look over
group_vars/all/vault to find why.
Run as usual Ansible playbook
# Download roles ansible-galaxy install -r roles/requirements.yml # Run playbook ansible-playbook site.yml # or when using vault encrypted variables ansible-playbook --vault-id @prompt site.yml