Switch to exposing prometheus-node-exporter via native Traefik labels, not via matrix-prometheus-services-proxy-connect

This requires at least `v1.7.0-2` of the `prometheus-node-exporter` Ansible role.
2024-01-12 17:41:48 +02:00 · 2024-01-12 17:41:48 +02:00 · beb0f2387d
commit beb0f2387d
parent 170ebabe30
5 changed files with 7 additions and 43 deletions
--- a/group_vars/matrix_servers
+++ b/group_vars/matrix_servers
@ -4415,19 +4415,20 @@ prometheus_node_exporter_base_path: "{{ matrix_base_data_path }}/prometheus-node
 prometheus_node_exporter_uid: "{{ matrix_user_uid }}"
 prometheus_node_exporter_gid: "{{ matrix_user_gid }}"

-# _server_fqn is the old var, _hostname - the new one. Seamless migration
-prometheus_node_exporter_server_fqn: "{{ matrix_server_fqn_matrix }}"
-prometheus_node_exporter_hostname: "{{ prometheus_node_exporter_server_fqn }}"
+prometheus_node_exporter_hostname: "{{ matrix_server_fqn_matrix }}"

 prometheus_node_exporter_container_network: "{{ matrix_docker_network }}"

 prometheus_node_exporter_container_additional_networks: "{{ [matrix_playbook_reverse_proxyable_services_additional_network] if matrix_playbook_reverse_proxyable_services_additional_network else [] }}"

-prometheus_node_exporter_container_labels_traefik_enabled: false
+prometheus_node_exporter_container_labels_traefik_enabled: "{{ matrix_playbook_reverse_proxy_type in ['playbook-managed-traefik', 'other-traefik-container'] }}"
 prometheus_node_exporter_container_labels_traefik_docker_network: "{{ matrix_playbook_reverse_proxyable_services_additional_network }}"
 prometheus_node_exporter_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}"
 prometheus_node_exporter_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}"

+prometheus_node_exporter_container_labels_metrics_middleware_basic_auth_enabled: "{{ matrix_metrics_exposure_http_basic_auth_enabled }}"
+prometheus_node_exporter_container_labels_metrics_middleware_basic_auth_users: "{{ matrix_metrics_exposure_http_basic_auth_users }}"
+
 ######################################################################
 #
 # /etke/prometheus_node_exporter
--- a/roles/custom/matrix-prometheus-services-proxy-connect/defaults/main.yml
+++ b/roles/custom/matrix-prometheus-services-proxy-connect/defaults/main.yml
@ -2,17 +2,6 @@
 # matrix-prometheus-services-proxy-connect is a role which helps integrate
 # the various Prometheus roles, which may live outside this Matrix playbook, into it.

-
-# Controls whether node-exporter metrics should be proxied (exposed) on `matrix.DOMAIN/metrics/node-exporter`.
-matrix_prometheus_services_proxy_connect_prometheus_node_exporter_metrics_proxying_enabled: false
-
-# If you are supplying your own NGINX proxy but want to use the provided exporters you will have to supply an "<ip>:<port>" value for the containers to bind to on your host.
-# If prometheus_node_exporter_container_http_host_bind_port is set to just a port number, this will default to "127.0.0.1:<port>"
-# If prometheus_node_exporter_container_http_host_bind_port is set to an IP that is not  0.0.0.0 and a port, that "<ip>:<port>" value will be used
-# Otherwise this value will be empty and you will have to manually configure your NGINX config file. (If you are using the config files generated by this playbook, you will have to edit matrix-domain.conf)
-matrix_prometheus_services_proxy_connect_prometheus_node_exporter_matrix_nginx_proxy_not_enabled_proxy_pass_host: "{{ '127.0.0.1' + prometheus_node_exporter_container_http_host_bind_port_number_raw if not ':' in prometheus_node_exporter_container_http_host_bind_port else (prometheus_node_exporter_container_http_host_bind_port if prometheus_node_exporter_container_http_host_bind_port.split(':')[0] != '0.0.0.0' else '') }}"
-
-
 # Controls whether postgres-exporter metrics should be proxied (exposed) on `matrix.DOMAIN/metrics/postgres-exporter`.
 matrix_prometheus_services_proxy_connect_prometheus_postgres_exporter_metrics_proxying_enabled: false

--- a/roles/custom/matrix-prometheus-services-proxy-connect/tasks/main.yml
+++ b/roles/custom/matrix-prometheus-services-proxy-connect/tasks/main.yml
@ -9,15 +9,6 @@
      To fix this, please change the order of roles in your playbook,
      so that the matrix-nginx-proxy role would run after the matrix-prometheus-services-proxy-connect role.

- tags:
-    - setup-all
-    - setup-nginx-proxy
-    - install-all
-    - install-nginx-proxy
-  block:
-    - when: prometheus_node_exporter_enabled | bool and matrix_prometheus_services_proxy_connect_prometheus_node_exporter_metrics_proxying_enabled | bool
-      ansible.builtin.include_tasks: "{{ role_path }}/tasks/prometheus-node-exporter/inject_into_nginx_proxy.yml"
-
 - tags:
    - setup-all
    - setup-nginx-proxy
--- a/roles/custom/matrix-prometheus-services-proxy-connect/tasks/prometheus-node-exporter/inject_into_nginx_proxy.yml
+++ b/roles/custom/matrix-prometheus-services-proxy-connect/tasks/prometheus-node-exporter/inject_into_nginx_proxy.yml
@ -1,19 +0,0 @@
---
-
- name: Generate node-exporter metrics proxying configuration for matrix-nginx-proxy (matrix.DOMAIN/metrics/node-exporter)
-  ansible.builtin.set_fact:
-    matrix_prometheus_services_proxy_connect_node_exporter_nginx_metrics_configuration_block: |
-      location /metrics/node-exporter {
-        {% if matrix_nginx_proxy_enabled | default(False) %}
-          {# Use the embedded DNS resolver in Docker containers to discover the service #}
-          resolver 127.0.0.11 valid=5s;
-          set $backend "{{ prometheus_node_exporter_identifier }}:9100";
-          proxy_pass http://$backend/metrics;
-        {% elif matrix_prometheus_services_proxy_connect_prometheus_node_exporter_matrix_nginx_proxy_not_enabled_proxy_pass_host != '' %}
-          proxy_pass http://{{ matrix_prometheus_services_proxy_connect_prometheus_node_exporter_matrix_nginx_proxy_not_enabled_proxy_pass_host }}/metrics;
-        {% else %}
-          return 404 "matrix-nginx-proxy is disabled and no host port was bound to the container, so metrics are unavailable";
-        {% endif %}
-      }
-
-# Injection code was here
--- a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml
+++ b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml
@ -130,6 +130,8 @@
    - {'old': 'matrix_nginx_proxy_proxy_synapse_additional_server_configuration_blocks', 'new': '<removed>'}
    - {'old': 'etherpad_nginx_proxy_dimension_integration_enabled', 'new': '<removed>'}
    - {'old': 'etherpad_nginx_proxy_dimension_integration_path_prefix', 'new': '<removed>'}
+    - {'old': 'matrix_prometheus_services_proxy_connect_prometheus_node_exporter_metrics_proxying_enabled', 'new': '<removed>'}
+    - {'old': 'matrix_prometheus_services_proxy_connect_prometheus_node_exporter_matrix_nginx_proxy_not_enabled_proxy_pass_host', 'new': '<removed>'}

 - name: (Deprecation) Catch and report matrix_postgres variables
  ansible.builtin.fail: