
426 lines
15 KiB

# Install/run collectd for Browbeat
- name: Remove Non-EPEL collectd install
name: "{{ item }}"
state: absent
become: true
- libcollectdclient
- collectd
- collectd-apache
- collectd-ceph
- collectd-mysql
- collectd-turbostat
when: collectd_from_epel
- name: Clean Non-EPEL collectd configuration
shell: "rm -rf /etc/collectd.d/*.conf"
become: true
when: collectd_from_epel
# (akrzos) yum module works at this point due to the fact the EPEL repo now exists. EPEL rpm is
# installed at this point in time.
- name: Install collectd rpms for centos
name: "{{ item }}"
state: present
disablerepo: "*"
enablerepo: "epel"
become: true
- collectd
- collectd-apache
- collectd-ceph
- collectd-mysql
- collectd-ping
- collectd-turbostat
when: collectd_from_epel
# Iostat plugin requires sysstat since shelling iostat for stats, Also it is
# handy to have sysstat.
# (akrzos) Ignore errors on install since we attempt to install without
# checking any vars if we really want/require sysstat
- name: (Iostat python plugin) Install sysstat
name: sysstat
state: present
become: true
ignore_errors: true
- name: Install libdbi mysql driver
name: "{{item}}"
state: present
become: true
when: "(('Controller' in group_names and (keystone_overcloud_collectd_plugin or osp_resources_collectd_plugin) and inventory_hostname == groups['Controller'][0]) or ('Undercloud' in group_names and keystone_undercloud_collectd_plugin))"
- libdbi-dbd-mysql
- collectd-dbi
# Get mysql's root password
# Works with: Newton, Ocata
- name: (Controller) Get mysql root password
command: hiera -c /etc/puppet/hiera.yaml mysql::server::root_password
become: true
register: mysql_root_password
when: "'Controller' in group_names"
- name: (Undercloud) Get mysql root password
become: true
shell: |
grep 'mysql::server::root_password' /etc/puppet/hieradata/service_configs.json | awk -F'"' '{print $4}'
register: undercloud_mysql_password
when: "'Undercloud' in group_names"
- name: (Undercloud) Get password
become: true
shell: "hiera admin_password | awk '{$0=\"Environment=OS_PASSWORD=\"$0;print }'"
register: undercloud_password
when: "('Undercloud' in group_names and gnocchi_status_undercloud_collectd_plugin)"
- name: (Undercloud) Get stackrc
remote_user: "{{local_remote_user}}"
shell: "cat /home/stack/stackrc | egrep '^OS_[AUT]|^OS_PRO' | awk '{$0=\"Environment=\"$0;print }'"
register: stackrc_file
when: "('Undercloud' in group_names and gnocchi_status_undercloud_collectd_plugin)"
- name: (Undercloud) Add environment variables to collectd.service systemd file
become: true
dest: /usr/lib/systemd/system/collectd.service
insertafter: '\[Service\]'
line: "{{item}}"
with_items: "{{stackrc_file.stdout_lines | default(omit)}}"
when: "('Undercloud' in group_names and gnocchi_status_undercloud_collectd_plugin)"
- name: (Undercloud) Add environment variables to collectd.service systemd file
become: true
dest: /usr/lib/systemd/system/collectd.service
insertafter: '\[Service\]'
line: "{{item}}"
with_items: "{{undercloud_password.stdout_lines | default(omit)}}"
when: "('Undercloud' in group_names and gnocchi_status_undercloud_collectd_plugin)"
- name: (Controller, delegated to UC) Get overcloudrc
remote_user: "{{local_remote_user}}"
shell: "cat /home/stack/overcloudrc | grep 'export OS' | awk '{gsub(/export /,\"Environment=\");print }'"
delegate_to: "{{groups['Undercloud'][0]}}"
register: overcloudrc_file
when: "'Controller' in group_names and gnocchi_status_controller_collectd_plugin and inventory_hostname == groups['Controller'][0]"
- name: (Controller) Add environment variables to collectd.service systemd file
become: true
dest: /usr/lib/systemd/system/collectd.service
insertafter: '\[Service\]'
line: "{{item}}"
with_items: "{{overcloudrc_file.stdout_lines | default(omit)}}"
when: "'Controller' in group_names and gnocchi_status_controller_collectd_plugin and inventory_hostname == groups['Controller'][0]"
# Apache Request Response Timing
- name: (Newton, Ocata) Deploy Apache httpd.conf for request timings
become: true
src: httpd.conf
dest: /etc/httpd/conf/httpd.conf
owner: root
group: root
mode: 0644
backup: true
when: "('Controller' in group_names and apache_controller_collectd_request_time) and ('Newton' in osp_version['content'] | b64decode or 'Ocata' in osp_version['content'] | b64decode)"
- name: (Queens/Pike) Patch Apache httpd.conf for request timings
become: true
shell: sed -i 's/LogFormat "%[ah] %l %u %t \\"%r\\" %>s %b \\"%{Referer}i\\" \\"%{User-Agent}i\\"" combined/LogFormat "%h %l %u %t RT:%D \\"%r\\" %>s %b \\"%{Referer}i\\" \\"%{User-Agent}i\\"" combined/g' {{item}}
- /var/lib/config-data/puppet-generated/gnocchi/etc/httpd/conf/httpd.conf
- /var/lib/config-data/puppet-generated/keystone/etc/httpd/conf/httpd.conf
- /var/lib/config-data/puppet-generated/nova_placement/etc/httpd/conf/httpd.conf
- "'Controller' in group_names"
- apache_controller_collectd_request_time
- "('Queens' in osp_version['content'] | b64decode or 'Pike' in osp_version['content'] | b64decode)"
- name: (Newton, Ocata) Restart Apache
become: true
name: httpd
state: restarted
enabled: true
when: "('Controller' in group_names and apache_controller_collectd_request_time) and ('Newton' in osp_version['content'] | b64decode or 'Ocata' in osp_version['content'] | b64decode)"
- name: (Queens/Pike) Restart Gnocchi/Keystone/Nova Placement API Containers
become: true
command: docker restart {{item}}
- gnocchi_api
- keystone
- nova_placement
- "'Controller' in group_names"
- apache_controller_collectd_request_time
- "('Queens' in osp_version['content'] | b64decode or 'Pike' in osp_version['content'] | b64decode)"
# End Apache Request Response Timing
# Apache Monitoring
- name: Deploy Apache mod_status conf
src: 00-browbeat_mod_status.conf.j2
dest: /etc/httpd/conf.d/00-browbeat_mod_status.conf
owner: root
group: root
become: true
when: "(('Controller' in group_names and apache_controller_collectd_plugin) or ('Undercloud' in group_names and apache_undercloud_collectd_plugin))"
- name: (Undercloud) Allow httpd to listen to port ({{apache_undercloud_mod_status_port}})
command: "/usr/sbin/semanage port -m -t http_port_t -p tcp {{apache_undercloud_mod_status_port}}"
become: true
when: "('Undercloud' in group_names and apache_undercloud_collectd_plugin)"
- name: (Controller) Allow httpd to listen to port ({{apache_controller_mod_status_port}})
command: "/usr/sbin/semanage port -m -t http_port_t -p tcp {{apache_controller_mod_status_port}}"
become: true
when: "(ansible_selinux['status'] == 'enabled') and ('Controller' in group_names and apache_controller_collectd_plugin)"
- name: Restart Apache
name: httpd
state: restarted
enabled: true
become: true
when: "(('Controller' in group_names and apache_controller_collectd_plugin) or ('Undercloud' in group_names and apache_undercloud_collectd_plugin))"
# End Apache Monitoring
- name: Reload systemd units
command: systemctl daemon-reload
become: true
when: "('Controller' in group_names and gnocchi_status_controller_collectd_plugin and inventory_hostname == groups['Controller'][0]) or ('Undercloud' in group_names and gnocchi_status_undercloud_collectd_plugin)"
- name: (All Nodes) Copy python plugins
src: "{{item.src}}"
dest: "{{item.dest}}"
owner: root
group: root
mode: 0755
become: true
- src:
dest: /usr/local/bin/
- name: (Undercloud/Controller-0) Copy python plugins
src: "{{item.src}}"
dest: "{{item.dest}}"
owner: root
group: root
mode: 0755
become: true
- src:
dest: /usr/local/bin/
- src:
dest: /usr/local/bin/
- src:
dest: /usr/local/bin/
- src:
dest: /usr/local/bin/
- src:
dest: /usr/local/bin/
when: "('Controller' in group_names and inventory_hostname == groups['Controller'][0]) or ('Undercloud' in group_names)"
- name: Copy python plugins
src: "{{item.src}}"
dest: "{{item.dest}}"
owner: root
group: root
mode: 0755
become: true
- src:
dest: /usr/local/bin/
when: "('Controller' in group_names ) or ('Compute' in group_names) or ('Networker' in group_names)"
- name: Copy exec plugins
src: "{{item.src}}"
dest: "{{item.dest}}"
owner: root
group: root
mode: 0755
become: true
- src:
dest: /usr/local/bin/
- src:
dest: /usr/local/bin/
when: "('Controller' in group_names ) or ('Compute' in group_names)"
# Rabbitmq monitoring
- name: Install pyrabbit
name: pyrabbit
become: true
when: "(('Controller' in group_names and rabbitmq_controller_collectd_plugin and inventory_hostname == groups['Controller'][0]) or ('Undercloud' in group_names and rabbitmq_undercloud_collectd_plugin))"
- name: Enable Rabbitmq management plugin
command: /sbin/rabbitmq-plugins enable rabbitmq_management
become: true
when: "(('Controller' in group_names and rabbitmq_controller_collectd_plugin and inventory_hostname == groups['Controller'][0]) or ('Undercloud' in group_names and rabbitmq_undercloud_collectd_plugin))"
- name: (Undercloud) Get ctlplane ip address
shell: ip r | egrep 'br-ctlplane\s*proto kernel' | awk '{print $NF}'
register: undercloud_ctlplane_ip_address
become: true
when: "('Undercloud' in group_names and rabbitmq_undercloud_collectd_plugin)"
- name: (Undercloud) Get Rabbitmq username
shell: cat undercloud-passwords.conf | grep undercloud_rabbit_username | awk -F '=' '{print $2}'
register: undercloud_rabbitmq_username
when: "('Undercloud' in group_names and rabbitmq_undercloud_collectd_plugin)"
- name: (Undercloud) Get Rabbitmq password
shell: cat undercloud-passwords.conf | grep undercloud_rabbit_password | awk -F '=' '{print $2}'
register: undercloud_rabbitmq_password
when: "('Undercloud' in group_names and rabbitmq_undercloud_collectd_plugin)"
# Works with: Newton, Ocata
- name: (Controller) Get Rabbitmq username
command: hiera -c /etc/puppet/hiera.yaml rabbitmq::default_user
register: controller0_rabbitmq_username
become: true
when: "'Controller' in group_names and rabbitmq_controller_collectd_plugin and inventory_hostname == groups['Controller'][0]"
# Works with: Newton, Ocata
- name: (Controller) Get Rabbitmq password
command: hiera -c /etc/puppet/hiera.yaml rabbitmq::default_pass
register: controller0_rabbitmq_password
become: true
when: "'Controller' in group_names and rabbitmq_controller_collectd_plugin and inventory_hostname == groups['Controller'][0]"
# End Rabbitmq monitoring
# Gnocchi Swift Stat Service monitoring
- name: Get Gnocchi Swift AuthURL
command: hiera -c /etc/puppet/hiera.yaml gnocchi::storage::swift::swift_authurl
register: controller0_gnocchi_swift_authurl
become: true
when: "'Controller' in group_names and swift_stat_controller_collectd_plugin and inventory_hostname == groups['Controller'][0]"
- name: Get Gnocchi Swift Auth Version
command: hiera -c /etc/puppet/hiera.yaml gnocchi::storage::swift::swift_auth_version
register: controller0_gnocchi_swift_authversion
become: true
when: "'Controller' in group_names and swift_stat_controller_collectd_plugin and inventory_hostname == groups['Controller'][0]"
- name: Get Gnocchi Swift User
shell: hiera -c /etc/puppet/hiera.yaml gnocchi::storage::swift::swift_user | sed 's/service://'
register: controller0_gnocchi_swift_user
become: true
when: "'Controller' in group_names and swift_stat_controller_collectd_plugin and inventory_hostname == groups['Controller'][0]"
- name: Get Gnocchi Swift Key
command: hiera -c /etc/puppet/hiera.yaml gnocchi::storage::swift::swift_key
register: controller0_gnocchi_swift_auth_key
become: true
when: "'Controller' in group_names and swift_stat_controller_collectd_plugin and inventory_hostname == groups['Controller'][0]"
# End Swift Stat Service monitoring
# CephStorage OSD monitoring
# Only Monitors a single OSD on each CephStorage Node
- name: Get 1st OSD socket
shell: ls /var/run/ceph/ceph-osd.*.asok | head -n 1 | egrep -o '[0-9]+'
register: cephstorage_osd_socket
become: true
when: "('CephStorage' in group_names and ceph_storage_collectd_plugin)"
# End CephStorage OSD monitoring
- name: Configure collectd.conf
src: "{{config_type}}.collectd.conf.j2"
dest: /etc/collectd.conf
owner: root
group: root
mode: 0644
become: true
when: "config_type != 'compute'"
- name: Configure compute collectd.conf
src: "{{config_type}}.collectd.conf.j2"
dest: /etc/collectd.conf
owner: root
group: root
mode: 0644
become: true
when: "config_type == 'compute' and not ovn_compute_collectd_plugin"
- name: Configure compute collectd.conf
src: "ovn_compute.collectd.conf.j2"
dest: /etc/collectd.conf
owner: root
group: root
mode: 0644
become: true
when: "config_type == 'compute' and ovn_compute_collectd_plugin"
# Configure selinux bits
- name: Check for collectd permissive
shell: /sbin/semodule -l | grep -q permissive_collectd_t
become: true
register: collectd_permissive
ignore_errors: true
changed_when: false
when: "ansible_selinux['status'] == 'enabled'"
- name: Set permissive for collectd
command: /sbin/semanage permissive -a collectd_t
become: true
when: "ansible_selinux['status'] == 'enabled' and collectd_permissive.rc != 0"
# Additional policy bits may be needed for exec
- name: Collectd policy customization
src: custom-collectd.pp
dest: /root/custom-collectd.pp
owner: root
group: root
mode: 0644
become: true
when: "ansible_selinux['status'] == 'enabled'"
- name: Check for collectd custom
shell: /sbin/semodule -l | grep -q custom-collectd
become: true
register: collectd_custom
ignore_errors: true
changed_when: false
when: "ansible_selinux['status'] == 'enabled'"
- name: Set custom policy for collectd
command: /sbin/semodule -i /root/custom-collectd.pp
become: true
when: "ansible_selinux['status'] == 'enabled' and collectd_custom.rc != 0"
# Start collectd service
- name: Setup collectd service
name: collectd
state: restarted
enabled: true
become: true