From 0b5092f34d4079f212a25853663473050c508e8e Mon Sep 17 00:00:00 2001 From: Johanna Dorothea Reichmann Date: Fri, 14 Jul 2023 11:29:04 +0200 Subject: [PATCH] feat(alertmanager): add ansible role for running alertmanager --- README.md | 4 +++ roles/alertmanager/README.md | 10 ++++++ roles/alertmanager/defaults/main.yml | 40 ++++++++++++++++++++++ roles/alertmanager/handlers/main.yml | 8 +++++ roles/alertmanager/tasks/main.yml | 51 ++++++++++++++++++++++++++++ 5 files changed, 113 insertions(+) create mode 100644 roles/alertmanager/README.md create mode 100644 roles/alertmanager/defaults/main.yml create mode 100644 roles/alertmanager/handlers/main.yml create mode 100644 roles/alertmanager/tasks/main.yml diff --git a/README.md b/README.md index e6262a5..c41ff9e 100644 --- a/README.md +++ b/README.md @@ -7,6 +7,10 @@ metrics or alerting. ## Roles +- [`alertmanager`](roles/alertmanager/README.md): Runs prometheus' + alertmanager for receiving alerts from prometheus and routing them + to the correct configured receivers. + - [`matrix-alertmanager`](roles/matrix-alertmanager/README.md): An alert- manager receiver which posts alerts to a configured matrix channel using alertmanagers' webhooks. diff --git a/roles/alertmanager/README.md b/roles/alertmanager/README.md new file mode 100644 index 0000000..ee79df5 --- /dev/null +++ b/roles/alertmanager/README.md @@ -0,0 +1,10 @@ +# `finallycoffee.observability.alertmanager` ansible role + +## Description + +This role configures and runs prometheus alertmanager in a docker container. + +The config file is templated on the host and persisted in `alertmanager_config_file`. + +The alertmanager config can be passed by setting `alertmanager_config`, which expects the same yaml +format as the "normal" alertmanager config file (with top-level keys `global`, `route` and `receivers`). diff --git a/roles/alertmanager/defaults/main.yml b/roles/alertmanager/defaults/main.yml new file mode 100644 index 0000000..30d1b69 --- /dev/null +++ b/roles/alertmanager/defaults/main.yml @@ -0,0 +1,40 @@ +--- + +alertmanager_user: alertmanager +alertmanager_version: 0.25.0 +alertmanager_base_path: /opt/alertmanager +alertmanager_config_path: "{{ alertmanager_base_path }}/config" +alertmanager_config_file: "{{ alertmanager_config_path }}/alertmanager.yml" +alertmanager_data_path: "{{ alertmanager_base_path }}/data" + +alertmanager_container_name: alertmanager +alertmanager_container_image_name: alertmanager +alertmanager_container_image_namespace: prometheus/ +alertmanager_container_image_registry: quay.io + +alertmanager_container_image_repository: >- + {{ + (container_registries[alertmanager_container_image_registry] | default(alertmanager_container_image_registry)) + + '/' + (alertmanager_container_image_namespace | default('')) + + alertmanager_container_image_name + }} +alertmanager_container_image_reference: >- + {{ + alertmanager_container_image_repository + ':' + + (alertmanager_container_image_tag | default('v' + alertmanager_version)) + }} + +alertmanager_container_image_force_pull: "{{ alertmanager_container_image_tag is defined }}" + +alertmanager_container_default_volumes: + - "{{ alertmanager_config_file }}:/etc/alertmanager/alertmanager.yml:ro" + - "{{ alertmanager_data_path }}:/alertmanager:rw" +alertmanager_container_volumes: >- + {{ alertmanager_container_default_volumes + + alertmanager_container_extra_volumes | default([]) }} +alertmanager_container_restart_policy: "unless-stopped" + +alertmanager_config: + global: {} + route: {} + receivers: [] diff --git a/roles/alertmanager/handlers/main.yml b/roles/alertmanager/handlers/main.yml new file mode 100644 index 0000000..9b75620 --- /dev/null +++ b/roles/alertmanager/handlers/main.yml @@ -0,0 +1,8 @@ +--- + +- name: Ensure alertmanager is restarted + community.docker.docker_container: + name: "{{ alertmanager_container_name }}" + state: started + restart: true + listen: restart-alertmanager diff --git a/roles/alertmanager/tasks/main.yml b/roles/alertmanager/tasks/main.yml new file mode 100644 index 0000000..ca30c37 --- /dev/null +++ b/roles/alertmanager/tasks/main.yml @@ -0,0 +1,51 @@ +--- + +- name: Ensure alertmanager user '{{ alertmanager_user }}' exists + ansible.builtin.user: + name: "{{ alertmanager_user }}" + state: present + system: true + register: alertmanager_user_info + +- name: Ensure mounts are created + ansible.builtin.file: + dest: "{{ item.path }}" + state: directory + owner: "{{ item.owner | default(alertmanager_user_info.uid | default(alertmanager_user)) }}" + group: "{{ item.owner | default(alertmanager_user_info.group | default(alertmanager_user)) }}" + mode: "{{ item.mode | default('0755') }}" + loop: + - path: "{{ alertmanager_base_path }}" + - path: "{{ alertmanager_data_path }}" + - path: "{{ alertmanager_config_path }}" + +- name: Ensure config file is templated + ansible.builtin.copy: + dest: "{{ alertmanager_config_file }}" + content: "{{ alertmanager_config | to_nice_yaml }}" + owner: "{{ alertmanager_user_info.uid | default(alertmanager_user) }}" + owner: "{{ alertmanager_user_info.uid | default(alertmanager_user) }}" + mode: "0640" + notify: + - restart-alertmanager + +- name: Ensure container image is present on host + community.docker.docker_image: + name: "{{ alertmanager_container_image_reference }}" + state: present + source: pull + force_source: "{{ alertmanager_container_image_force_pull | bool }}" + +- name: Ensure container '{{ alertmanager_container_name }}' is running + community.docker.docker_container: + name: "{{ alertmanager_container_name }}" + image: "{{ alertmanager_container_image_reference }}" + env: "{{ alertmanager_container_env | default(omit) }}" + user: "{{ alertmanager_user_info.uid | default(alertmanager_user) }}" + ports: "{{ alertmanager_container_ports | default(omit) }}" + volumes: "{{ alertmanager_container_volumes | default(omit) }}" + networks: "{{ alertmanager_container_networks | default(omit) }}" + purge_networks: "{{ alertmanager_container_purge_networks | default(omit) }}" + etc_hosts: "{{ alertmanager_container_etc_hosts | default(omit) }}" + restart_policy: "{{ alertmanager_container_restart_policy }}" + state: started