From 46242b965ddfc060fdfd56a40245ff10fb92d374 Mon Sep 17 00:00:00 2001
From: Julian Labus <julian@labus-online.de>
Date: Tue, 25 Sep 2018 10:36:23 +0200
Subject: [PATCH] role service-prometheus: add blackbox_exporter

---
 inventory/group_vars/ffmwu-monitoring         |  1 +
 playbooks/prometheus/prometheus.yml.j2        | 26 ++++++++
 roles/service-prometheus/defaults/main.yml    |  2 +
 roles/service-prometheus/files/blackbox.yml   | 19 ++++++
 roles/service-prometheus/handlers/main.yml    |  5 ++
 .../tasks/blackbox-exporter.yml               | 64 +++++++++++++++++++
 roles/service-prometheus/tasks/main.yml       |  4 ++
 .../templates/blackbox_exporter.service.j2    | 19 ++++++
 8 files changed, 140 insertions(+)
 create mode 100644 roles/service-prometheus/files/blackbox.yml
 create mode 100644 roles/service-prometheus/tasks/blackbox-exporter.yml
 create mode 100644 roles/service-prometheus/templates/blackbox_exporter.service.j2

diff --git a/inventory/group_vars/ffmwu-monitoring b/inventory/group_vars/ffmwu-monitoring
index 80b0c1d..0177628 100644
--- a/inventory/group_vars/ffmwu-monitoring
+++ b/inventory/group_vars/ffmwu-monitoring
@@ -19,6 +19,7 @@ prometheus_components:
   - prometheus
   - alertmanager
   - node_exporter
+  - blackbox_exporter
 
 yanic_blacklist:
   - 98ded0c5e0c0
diff --git a/playbooks/prometheus/prometheus.yml.j2 b/playbooks/prometheus/prometheus.yml.j2
index 488041f..9608013 100644
--- a/playbooks/prometheus/prometheus.yml.j2
+++ b/playbooks/prometheus/prometheus.yml.j2
@@ -36,3 +36,29 @@ scrape_configs:
         labels:
           group: '{{ group }}'
 {% endfor %}
+
+  - job_name: "icmp6"
+    metrics_path: /probe
+    params:
+      module: ["icmp6"]
+    static_configs:
+      - targets:
+{%for group in prometheus_groups %}
+{% for host in groups[group] %}
+{% if host != inventory_hostname %}
+        - "{{ host.rsplit('.freifunk-mwu.de')[0] }}.ffwi.org"
+        - "{{ host.rsplit('.freifunk-mwu.de')[0] }}.ffmz.org"
+{% endif %}
+{% endfor %}
+{% endfor %}
+{% for host, _ in bgp_mwu_servers.items() %}
+        - "{{ host }}.ffwi.org"
+        - "{{ host }}.ffmz.org"
+{% endfor %}
+    relabel_configs:
+      - source_labels: [__address__]
+        target_label: __param_target
+      - source_labels: [__param_target]
+        target_label: instance
+      - target_label: __address__
+        replacement: 127.0.0.1:9115
diff --git a/roles/service-prometheus/defaults/main.yml b/roles/service-prometheus/defaults/main.yml
index 236256d..feaba90 100644
--- a/roles/service-prometheus/defaults/main.yml
+++ b/roles/service-prometheus/defaults/main.yml
@@ -11,6 +11,7 @@ prometheus_group: prometheus
 
 prometheus_version: 2.4.2
 node_exporter_version: 0.16.0
+blackbox_exporter_version: 0.12.0
 alertmanager_version: 0.15.2
 
 gosu_version: "1.10"
@@ -33,3 +34,4 @@ prometheus_gopath: "{{ prometheus_workdir }}/gopath"
 prometheus_default_opts: "--web.listen-address=localhost:9090 --config.file={{ prometheus_config_path }}/prometheus.yml --storage.tsdb.path={{ prometheus_db_path }}"
 alertmanager_default_opts: "--config.file={{ prometheus_config_path }}/alertmanager.yml --storage.path={{ alertmanager_db_path }}"
 node_exporter_default_opts: "--web.listen-address=localhost:9100"
+blackbox_default_opts: "--web.listen-address=localhost:9115 --config.file={{ prometheus_config_path }}/blackbox.yml"
diff --git a/roles/service-prometheus/files/blackbox.yml b/roles/service-prometheus/files/blackbox.yml
new file mode 100644
index 0000000..83912cd
--- /dev/null
+++ b/roles/service-prometheus/files/blackbox.yml
@@ -0,0 +1,19 @@
+modules:
+  http_2xx:
+    prober: http
+    http:
+  tcp_connect:
+    prober: tcp
+  ssh_banner:
+    prober: tcp
+    tcp:
+      query_response:
+      - expect: "^SSH-2.0-"
+  icmp:
+    prober: icmp
+    icmp:
+      preferred_ip_protocol: "ip4"
+  icmp6:
+    prober: icmp
+    icmp:
+      preferred_ip_protocol: "ip6"
diff --git a/roles/service-prometheus/handlers/main.yml b/roles/service-prometheus/handlers/main.yml
index 6262314..d9571b1 100644
--- a/roles/service-prometheus/handlers/main.yml
+++ b/roles/service-prometheus/handlers/main.yml
@@ -17,6 +17,11 @@
     name: node_exporter
     state: restarted
 
+- name: restart blackbox_exporter
+  service:
+    name: blackbox_exporter
+    state: restarted
+
 - name: restart nginx
   systemd:
     name: nginx
diff --git a/roles/service-prometheus/tasks/blackbox-exporter.yml b/roles/service-prometheus/tasks/blackbox-exporter.yml
new file mode 100644
index 0000000..3719729
--- /dev/null
+++ b/roles/service-prometheus/tasks/blackbox-exporter.yml
@@ -0,0 +1,64 @@
+# Install Prometheus node-exporter.
+#
+# @see http://prometheus.io/docs/introduction/getting_started/
+
+- name: set internal variables for convenience
+  set_fact:
+    blackbox_exporter_present: yes
+    blackbox_exporter_daemon_dir: "{{ prometheus_install_path }}/blackbox_exporter-{{ blackbox_exporter_version }}.linux-amd64"
+    blackbox_exporter_tarball_url: "https://github.com/prometheus/blackbox_exporter/releases/download/v{{ blackbox_exporter_version }}/blackbox_exporter-{{ blackbox_exporter_version }}.linux-amd64.tar.gz"
+
+- name: install libcap2-bin package
+  package:
+    name: libcap2-bin
+    state: present
+
+- name: download and untar blackbox_exporter tarball
+  unarchive:
+    src: "{{ blackbox_exporter_tarball_url }}"
+    dest: "{{ prometheus_install_path }}"
+    copy: no
+    creates: "{{ blackbox_exporter_daemon_dir }}"
+
+- name: set cap_net_raw+ep on blackbox_exporter
+  capabilities:
+    path: "{{ blackbox_exporter_daemon_dir }}/blackbox_exporter"
+    capability: cap_net_raw+ep
+    state: present
+  notify:
+    - restart blackbox_exporter
+
+- name: create blackbox_exporter /usr/local/bin link
+  file:
+    src: "{{ blackbox_exporter_daemon_dir }}/blackbox_exporter"
+    dest: "/usr/local/bin/blackbox_exporter"
+    state: link
+
+- name: mkdir for data
+  file:
+    path: "{{ prometheus_db_path }}"
+    state: directory
+    owner: "{{ prometheus_user }}"
+    group: "{{ prometheus_group }}"
+    mode: "u=rwx,g=rx,o="
+
+- name: install blackbox config file
+  copy:
+    src: "blackbox.yml"
+    dest: "{{ prometheus_config_path }}/blackbox.yml"
+  notify:
+    - restart blackbox_exporter
+
+- name: copy systemd config to server
+  template:
+    src: "../templates/blackbox_exporter.service.j2"
+    dest: "/lib/systemd/system/blackbox_exporter.service"
+  notify:
+    - reload systemd
+    - restart blackbox_exporter
+
+- name: enable blackbox_exporter service
+  service:
+    name: blackbox_exporter
+    enabled: yes
+    state: started
diff --git a/roles/service-prometheus/tasks/main.yml b/roles/service-prometheus/tasks/main.yml
index e47d69e..34b73bf 100644
--- a/roles/service-prometheus/tasks/main.yml
+++ b/roles/service-prometheus/tasks/main.yml
@@ -36,6 +36,10 @@
   include_tasks: node-exporter.yml
   when: '"node_exporter" in prometheus_components'
 
+- name: install and configure blackbox-exporter service
+  include_tasks: blackbox-exporter.yml
+  when: '"blackbox_exporter" in prometheus_components'
+
 - name: install and configure alertmanager service
   include_tasks: alertmanager.yml
   when: '"alertmanager" in prometheus_components'
diff --git a/roles/service-prometheus/templates/blackbox_exporter.service.j2 b/roles/service-prometheus/templates/blackbox_exporter.service.j2
new file mode 100644
index 0000000..f487841
--- /dev/null
+++ b/roles/service-prometheus/templates/blackbox_exporter.service.j2
@@ -0,0 +1,19 @@
+[Unit]
+Description=blackbox_exporter - Prometheus blackbox prober exporter.
+After=network.target
+
+[Service]
+Type=simple
+
+User={{ prometheus_user }}
+Group={{ prometheus_group }}
+
+{% if blackbox_exporter_opts is defined %}
+ExecStart={{ blackbox_exporter_daemon_dir }}/blackbox_exporter {{ blackbox_default_opts }} {{ blackbox_exporter_opts }}
+{% else %}
+ExecStart={{ blackbox_exporter_daemon_dir }}/blackbox_exporter {{ blackbox_default_opts }}
+{% endif %}
+ExecReload=/bin/kill -HUP $MAINPID
+
+[Install]
+WantedBy=multi-user.target