mirror of
https://github.com/vxcontrol/soldr-obs-config.git
synced 2026-07-01 17:54:29 -04:00
add observability stack
This commit is contained in:
@@ -0,0 +1,57 @@
|
||||
name: 'Docker build'
|
||||
description: 'Build docker in workdir'
|
||||
inputs:
|
||||
docker_name:
|
||||
description: 'Name of creation docker image'
|
||||
required: true
|
||||
default: ''
|
||||
builddir:
|
||||
description: 'Name of creation docker image'
|
||||
required: false
|
||||
default: '.'
|
||||
docker_login:
|
||||
description: 'Login to docker hub'
|
||||
required: true
|
||||
default: ''
|
||||
docker_password:
|
||||
description: 'Password to docker hub'
|
||||
required: true
|
||||
default: ''
|
||||
file:
|
||||
description: 'Dockerfile name'
|
||||
required: true
|
||||
default: ''
|
||||
runs:
|
||||
using: "composite"
|
||||
steps:
|
||||
- name: Generate Docker tags
|
||||
id: meta
|
||||
uses: docker/metadata-action@v4
|
||||
with:
|
||||
images: |
|
||||
docker.io/vxcontrol/${{ inputs.docker_name }}
|
||||
tags: |
|
||||
type=ref,event=branch
|
||||
type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'master') }}
|
||||
type=semver,pattern={{version}}
|
||||
flavor: |
|
||||
latest=false
|
||||
- name: Setup Docker Buildx
|
||||
uses: docker/setup-buildx-action@v2
|
||||
|
||||
- name: Login to DockerHub
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ inputs.docker_login }}
|
||||
password: ${{ inputs.docker_password }}
|
||||
- name: Build and push
|
||||
uses: docker/build-push-action@v3
|
||||
env:
|
||||
DOCKER_BUILDKIT: 1
|
||||
with:
|
||||
push: true
|
||||
tags: ${{ steps.meta.outputs.tags }}
|
||||
labels: ${{ steps.meta.outputs.labels }}
|
||||
context: ${{ inputs.builddir }}
|
||||
file: ${{ inputs.file }}
|
||||
|
||||
@@ -0,0 +1,24 @@
|
||||
name: VXControl elastic config build and push
|
||||
|
||||
on: workflow_call
|
||||
|
||||
jobs:
|
||||
build_and_push_docker:
|
||||
name: Docker Build and Publish
|
||||
environment:
|
||||
name: production
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v3
|
||||
with:
|
||||
fetch-depth: 0
|
||||
- name: Docker build soldr-elastic-config
|
||||
uses: ./.github/actions/docker_build
|
||||
with:
|
||||
docker_name: "soldr-elastic-config"
|
||||
docker_login: ${{ secrets.DOCKER_LOGIN }}
|
||||
docker_password: ${{ secrets.DOCKER_PASSWORD }}
|
||||
file: "Dockerfile_soldr_elastic_config"
|
||||
|
||||
@@ -0,0 +1,24 @@
|
||||
name: VXControl observability stack build and push
|
||||
|
||||
on: workflow_call
|
||||
|
||||
jobs:
|
||||
build_and_push_docker:
|
||||
name: Docker Build and Publish
|
||||
environment:
|
||||
name: production
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v3
|
||||
with:
|
||||
fetch-depth: 0
|
||||
- name: Docker build soldr-observability-stack-config
|
||||
uses: ./.github/actions/docker_build
|
||||
with:
|
||||
docker_name: "soldr-observability-stack-config"
|
||||
docker_login: ${{ secrets.DOCKER_LOGIN }}
|
||||
docker_password: ${{ secrets.DOCKER_PASSWORD }}
|
||||
file: "Docker_soldr_obsevbility_stack_config"
|
||||
|
||||
@@ -0,0 +1,21 @@
|
||||
name: Docker build and push
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- master
|
||||
tags:
|
||||
- v[0-9]+.[0-9]+.[0-9]+
|
||||
workflow_dispatch:
|
||||
|
||||
jobs:
|
||||
# BUILD DOCKER
|
||||
build_docker_soldr_elastic_config_image:
|
||||
uses: vxcontrol/observability-config/.github/workflows/build-docker-soldr-elastic-config-image.yml@master
|
||||
if: github.ref_name == 'master' || startsWith(github.ref, 'refs/tags')
|
||||
secrets: inherit
|
||||
build_docker_soldr_observability_stack_config_image:
|
||||
uses: vxcontrol/observability-config/.github/workflows/build-docker-soldr-observability-stack-config-image.yml@master
|
||||
if: github.ref_name == 'master' || startsWith(github.ref, 'refs/tags')
|
||||
secrets: inherit
|
||||
|
||||
@@ -0,0 +1,16 @@
|
||||
FROM debian:buster-slim
|
||||
|
||||
RUN mkdir -p /opt/soldr_observability
|
||||
|
||||
COPY config /opt/soldr_observability/config
|
||||
COPY elastic_config_gen_password.sh /opt/soldr_observability
|
||||
|
||||
RUN chmod +x /opt/soldr_observability/elastic_config_gen_password.sh
|
||||
|
||||
RUN \
|
||||
apt update && \
|
||||
apt install -y ca-certificates && \
|
||||
apt install -y curl
|
||||
|
||||
ENTRYPOINT ["/opt/soldr_observability/elastic_config_gen_password.sh"]
|
||||
|
||||
@@ -0,0 +1,18 @@
|
||||
FROM debian:buster-slim
|
||||
|
||||
RUN mkdir -p /opt/soldr_observability
|
||||
|
||||
COPY config /opt/soldr_observability/config
|
||||
COPY start_soldr_observability_stack.sh /opt/soldr_observability
|
||||
|
||||
RUN chmod +x /opt/soldr_observability/start_soldr_observability_stack.sh
|
||||
|
||||
RUN \
|
||||
apt update && \
|
||||
apt install -y ca-certificates && \
|
||||
apt install -y curl && \
|
||||
apt install -y jq
|
||||
|
||||
WORKDIR /opt/soldr_observability
|
||||
|
||||
ENTRYPOINT ["/opt/soldr_observability/start_soldr_observability_stack.sh"]
|
||||
@@ -0,0 +1,15 @@
|
||||
## Default Elasticsearch configuration from Elasticsearch base image.
|
||||
## https://github.com/elastic/elasticsearch/blob/master/distribution/docker/src/docker/config/elasticsearch.yml
|
||||
#
|
||||
cluster.name: "soldr-observ-local"
|
||||
network.host: 0.0.0.0
|
||||
discovery.type: single-node
|
||||
|
||||
## X-Pack settings
|
||||
## see https://www.elastic.co/guide/en/elasticsearch/reference/current/setup-xpack.html
|
||||
#
|
||||
xpack.license.self_generated.type: basic
|
||||
xpack.security.enabled: true
|
||||
xpack.monitoring.collection.enabled: true
|
||||
|
||||
cluster.max_shards_per_node: 2000
|
||||
@@ -0,0 +1,82 @@
|
||||
################################################################
|
||||
##
|
||||
## JVM configuration
|
||||
##
|
||||
################################################################
|
||||
##
|
||||
## WARNING: DO NOT EDIT THIS FILE. If you want to override the
|
||||
## JVM options in this file, or set any additional options, you
|
||||
## should create one or more files in the jvm.options.d
|
||||
## directory containing your adjustments.
|
||||
##
|
||||
## See https://www.elastic.co/guide/en/elasticsearch/reference/@project.minor.version@/jvm-options.html
|
||||
## for more information.
|
||||
##
|
||||
################################################################
|
||||
|
||||
|
||||
|
||||
################################################################
|
||||
## IMPORTANT: JVM heap size
|
||||
################################################################
|
||||
##
|
||||
## The heap size is automatically configured by Elasticsearch
|
||||
## based on the available memory in your system and the roles
|
||||
## each node is configured to fulfill. If specifying heap is
|
||||
## required, it should be done through a file in jvm.options.d,
|
||||
## which should be named with .options suffix, and the min and
|
||||
## max should be set to the same value. For example, to set the
|
||||
## heap to 4 GB, create a new file in the jvm.options.d
|
||||
## directory containing these lines:
|
||||
##
|
||||
## -Xms4g
|
||||
## -Xmx4g
|
||||
##
|
||||
## See https://www.elastic.co/guide/en/elasticsearch/reference/@project.minor.version@/heap-size.html
|
||||
## for more information
|
||||
##
|
||||
################################################################
|
||||
|
||||
|
||||
################################################################
|
||||
## Expert settings
|
||||
################################################################
|
||||
##
|
||||
## All settings below here are considered expert settings. Do
|
||||
## not adjust them unless you understand what you are doing. Do
|
||||
## not edit them in this file; instead, create a new file in the
|
||||
## jvm.options.d directory containing your adjustments.
|
||||
##
|
||||
################################################################
|
||||
|
||||
## GC configuration
|
||||
8-13:-XX:+UseConcMarkSweepGC
|
||||
8-13:-XX:CMSInitiatingOccupancyFraction=75
|
||||
8-13:-XX:+UseCMSInitiatingOccupancyOnly
|
||||
|
||||
## G1GC Configuration
|
||||
# to use G1GC, uncomment the next two lines and update the version on the
|
||||
# following three lines to your version of the JDK
|
||||
# 8-13:-XX:-UseConcMarkSweepGC
|
||||
# 8-13:-XX:-UseCMSInitiatingOccupancyOnly
|
||||
14-:-XX:+UseG1GC
|
||||
|
||||
## JVM temporary directory
|
||||
-Djava.io.tmpdir=${ES_TMPDIR}
|
||||
|
||||
## heap dumps
|
||||
|
||||
# generate a heap dump when an allocation from the Java heap fails; heap dumps
|
||||
# are created in the working directory of the JVM unless an alternative path is
|
||||
# specified
|
||||
-XX:+HeapDumpOnOutOfMemoryError
|
||||
|
||||
# specify an alternative path for heap dumps; ensure the directory exists and
|
||||
# has sufficient space
|
||||
#@heap.dump.path@
|
||||
|
||||
# specify an alternative path for JVM fatal error logs
|
||||
#@error.file@
|
||||
|
||||
## GC logging
|
||||
-Xlog:gc*,gc+age=trace,safepoint:file=@loggc@:utctime,pid,tags:filecount=32,filesize=64m
|
||||
@@ -0,0 +1,131 @@
|
||||
status = error
|
||||
|
||||
appender.console.type = Console
|
||||
appender.console.name = console
|
||||
appender.console.layout.type = PatternLayout
|
||||
appender.console.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] [%node_name]%marker %m%n
|
||||
|
||||
######## Server JSON ############################
|
||||
appender.rolling.type = RollingFile
|
||||
appender.rolling.name = rolling
|
||||
appender.rolling.fileName = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_server.json
|
||||
appender.rolling.layout.type = ECSJsonLayout
|
||||
appender.rolling.layout.dataset = elasticsearch.server
|
||||
|
||||
appender.rolling.filePattern = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}-%d{yyyy-MM-dd}-%i.json.gz
|
||||
appender.rolling.policies.type = Policies
|
||||
appender.rolling.policies.time.type = TimeBasedTriggeringPolicy
|
||||
appender.rolling.policies.time.interval = 1
|
||||
appender.rolling.policies.time.modulate = true
|
||||
appender.rolling.policies.size.type = SizeBasedTriggeringPolicy
|
||||
appender.rolling.policies.size.size = 128MB
|
||||
appender.rolling.strategy.type = DefaultRolloverStrategy
|
||||
appender.rolling.strategy.fileIndex = nomax
|
||||
appender.rolling.strategy.action.type = Delete
|
||||
appender.rolling.strategy.action.basepath = ${sys:es.logs.base_path}
|
||||
appender.rolling.strategy.action.condition.type = IfFileName
|
||||
appender.rolling.strategy.action.condition.glob = ${sys:es.logs.cluster_name}-*
|
||||
appender.rolling.strategy.action.condition.nested_condition.type = IfAccumulatedFileSize
|
||||
appender.rolling.strategy.action.condition.nested_condition.exceeds = 2GB
|
||||
################################################
|
||||
######## Server - old style pattern ###########
|
||||
appender.rolling_old.type = RollingFile
|
||||
appender.rolling_old.name = rolling_old
|
||||
appender.rolling_old.fileName = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}.log
|
||||
appender.rolling_old.layout.type = PatternLayout
|
||||
appender.rolling_old.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] [%node_name]%marker %m%n
|
||||
|
||||
appender.rolling_old.filePattern = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}-%d{yyyy-MM-dd}-%i.log.gz
|
||||
appender.rolling_old.policies.type = Policies
|
||||
appender.rolling_old.policies.time.type = TimeBasedTriggeringPolicy
|
||||
appender.rolling_old.policies.time.interval = 1
|
||||
appender.rolling_old.policies.time.modulate = true
|
||||
appender.rolling_old.policies.size.type = SizeBasedTriggeringPolicy
|
||||
appender.rolling_old.policies.size.size = 128MB
|
||||
appender.rolling_old.strategy.type = DefaultRolloverStrategy
|
||||
appender.rolling_old.strategy.fileIndex = nomax
|
||||
appender.rolling_old.strategy.action.type = Delete
|
||||
appender.rolling_old.strategy.action.basepath = ${sys:es.logs.base_path}
|
||||
appender.rolling_old.strategy.action.condition.type = IfFileName
|
||||
appender.rolling_old.strategy.action.condition.glob = ${sys:es.logs.cluster_name}-*
|
||||
appender.rolling_old.strategy.action.condition.nested_condition.type = IfAccumulatedFileSize
|
||||
appender.rolling_old.strategy.action.condition.nested_condition.exceeds = 2GB
|
||||
################################################
|
||||
|
||||
rootLogger.level = info
|
||||
rootLogger.appenderRef.console.ref = console
|
||||
rootLogger.appenderRef.rolling.ref = rolling
|
||||
rootLogger.appenderRef.rolling_old.ref = rolling_old
|
||||
|
||||
######## Deprecation JSON #######################
|
||||
appender.deprecation_rolling.type = RollingFile
|
||||
appender.deprecation_rolling.name = deprecation_rolling
|
||||
appender.deprecation_rolling.fileName = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_deprecation.json
|
||||
appender.deprecation_rolling.layout.type = ECSJsonLayout
|
||||
# Intentionally follows a different pattern to above
|
||||
appender.deprecation_rolling.layout.dataset = deprecation.elasticsearch
|
||||
appender.deprecation_rolling.filter.rate_limit.type = RateLimitingFilter
|
||||
|
||||
appender.deprecation_rolling.filePattern = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_deprecation-%i.json.gz
|
||||
appender.deprecation_rolling.policies.type = Policies
|
||||
appender.deprecation_rolling.policies.size.type = SizeBasedTriggeringPolicy
|
||||
appender.deprecation_rolling.policies.size.size = 1GB
|
||||
appender.deprecation_rolling.strategy.type = DefaultRolloverStrategy
|
||||
appender.deprecation_rolling.strategy.max = 4
|
||||
|
||||
appender.header_warning.type = HeaderWarningAppender
|
||||
appender.header_warning.name = header_warning
|
||||
#################################################
|
||||
|
||||
logger.deprecation.name = org.elasticsearch.deprecation
|
||||
logger.deprecation.level = WARN
|
||||
logger.deprecation.appenderRef.deprecation_rolling.ref = deprecation_rolling
|
||||
logger.deprecation.appenderRef.header_warning.ref = header_warning
|
||||
logger.deprecation.additivity = false
|
||||
|
||||
######## Search slowlog JSON ####################
|
||||
appender.index_search_slowlog_rolling.type = RollingFile
|
||||
appender.index_search_slowlog_rolling.name = index_search_slowlog_rolling
|
||||
appender.index_search_slowlog_rolling.fileName = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs\
|
||||
.cluster_name}_index_search_slowlog.json
|
||||
appender.index_search_slowlog_rolling.layout.type = ECSJsonLayout
|
||||
appender.index_search_slowlog_rolling.layout.dataset = elasticsearch.index_search_slowlog
|
||||
|
||||
appender.index_search_slowlog_rolling.filePattern = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs\
|
||||
.cluster_name}_index_search_slowlog-%i.json.gz
|
||||
appender.index_search_slowlog_rolling.policies.type = Policies
|
||||
appender.index_search_slowlog_rolling.policies.size.type = SizeBasedTriggeringPolicy
|
||||
appender.index_search_slowlog_rolling.policies.size.size = 1GB
|
||||
appender.index_search_slowlog_rolling.strategy.type = DefaultRolloverStrategy
|
||||
appender.index_search_slowlog_rolling.strategy.max = 4
|
||||
#################################################
|
||||
|
||||
#################################################
|
||||
logger.index_search_slowlog_rolling.name = index.search.slowlog
|
||||
logger.index_search_slowlog_rolling.level = trace
|
||||
logger.index_search_slowlog_rolling.appenderRef.index_search_slowlog_rolling.ref = index_search_slowlog_rolling
|
||||
logger.index_search_slowlog_rolling.additivity = false
|
||||
|
||||
######## Indexing slowlog JSON ##################
|
||||
appender.index_indexing_slowlog_rolling.type = RollingFile
|
||||
appender.index_indexing_slowlog_rolling.name = index_indexing_slowlog_rolling
|
||||
appender.index_indexing_slowlog_rolling.fileName = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}\
|
||||
_index_indexing_slowlog.json
|
||||
appender.index_indexing_slowlog_rolling.layout.type = ECSJsonLayout
|
||||
appender.index_indexing_slowlog_rolling.layout.dataset = elasticsearch.index_indexing_slowlog
|
||||
|
||||
|
||||
appender.index_indexing_slowlog_rolling.filePattern = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}\
|
||||
_index_indexing_slowlog-%i.json.gz
|
||||
appender.index_indexing_slowlog_rolling.policies.type = Policies
|
||||
appender.index_indexing_slowlog_rolling.policies.size.type = SizeBasedTriggeringPolicy
|
||||
appender.index_indexing_slowlog_rolling.policies.size.size = 1GB
|
||||
appender.index_indexing_slowlog_rolling.strategy.type = DefaultRolloverStrategy
|
||||
appender.index_indexing_slowlog_rolling.strategy.max = 4
|
||||
#################################################
|
||||
|
||||
|
||||
logger.index_indexing_slowlog.name = index.indexing.slowlog.index
|
||||
logger.index_indexing_slowlog.level = trace
|
||||
logger.index_indexing_slowlog.appenderRef.index_indexing_slowlog_rolling.ref = index_indexing_slowlog_rolling
|
||||
logger.index_indexing_slowlog.additivity = false
|
||||
+7277
File diff suppressed because it is too large
Load Diff
+2766
File diff suppressed because it is too large
Load Diff
+4099
File diff suppressed because it is too large
Load Diff
@@ -0,0 +1,109 @@
|
||||
{
|
||||
"annotations": {
|
||||
"list": [
|
||||
{
|
||||
"builtIn": 1,
|
||||
"datasource": {
|
||||
"type": "grafana",
|
||||
"uid": "-- Grafana --"
|
||||
},
|
||||
"enable": true,
|
||||
"hide": true,
|
||||
"iconColor": "rgba(0, 211, 255, 1)",
|
||||
"name": "Annotations & Alerts",
|
||||
"target": {
|
||||
"limit": 100,
|
||||
"matchAny": false,
|
||||
"tags": [],
|
||||
"type": "dashboard"
|
||||
},
|
||||
"type": "dashboard"
|
||||
}
|
||||
]
|
||||
},
|
||||
"editable": true,
|
||||
"fiscalYearStartMonth": 0,
|
||||
"graphTooltip": 0,
|
||||
"links": [],
|
||||
"liveNow": false,
|
||||
"panels": [
|
||||
{
|
||||
"datasource": {
|
||||
"type": "datasource",
|
||||
"uid": "grafana"
|
||||
},
|
||||
"gridPos": {
|
||||
"h": 15,
|
||||
"w": 24,
|
||||
"x": 0,
|
||||
"y": 0
|
||||
},
|
||||
"id": 3,
|
||||
"links": [],
|
||||
"options": {
|
||||
"folderId": 0,
|
||||
"maxItems": 30,
|
||||
"query": "",
|
||||
"showHeadings": true,
|
||||
"showRecentlyViewed": true,
|
||||
"showSearch": false,
|
||||
"showStarred": true,
|
||||
"tags": []
|
||||
},
|
||||
"pluginVersion": "8.0.0",
|
||||
"tags": [],
|
||||
"targets": [
|
||||
{
|
||||
"datasource": {
|
||||
"type": "datasource",
|
||||
"uid": "grafana"
|
||||
},
|
||||
"refId": "A"
|
||||
}
|
||||
],
|
||||
"title": "SOLDR Dashboards",
|
||||
"type": "dashlist"
|
||||
}
|
||||
],
|
||||
"schemaVersion": 37,
|
||||
"style": "dark",
|
||||
"tags": [],
|
||||
"templating": {
|
||||
"list": []
|
||||
},
|
||||
"time": {
|
||||
"from": "now-6h",
|
||||
"to": "now"
|
||||
},
|
||||
"timepicker": {
|
||||
"hidden": true,
|
||||
"refresh_intervals": [
|
||||
"5s",
|
||||
"10s",
|
||||
"30s",
|
||||
"1m",
|
||||
"5m",
|
||||
"15m",
|
||||
"30m",
|
||||
"1h",
|
||||
"2h",
|
||||
"1d"
|
||||
],
|
||||
"time_options": [
|
||||
"5m",
|
||||
"15m",
|
||||
"1h",
|
||||
"6h",
|
||||
"12h",
|
||||
"24h",
|
||||
"2d",
|
||||
"7d",
|
||||
"30d"
|
||||
],
|
||||
"type": "timepicker"
|
||||
},
|
||||
"timezone": "browser",
|
||||
"title": "Home",
|
||||
"version": 0,
|
||||
"weekStart": ""
|
||||
}
|
||||
+13903
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
Executable
+10
@@ -0,0 +1,10 @@
|
||||
#################################### Server ###############################
|
||||
[server]
|
||||
protocol = https
|
||||
cert_file = /etc/grafana/ssl/grafana.crt
|
||||
cert_key = /etc/grafana/ssl/grafana.key
|
||||
[security]
|
||||
admin_user = admin
|
||||
[dashboards]
|
||||
# Path to the default home dashboard. If this value is empty, then Grafana uses StaticRootPath + "dashboards/home.json"
|
||||
default_home_dashboard_path = /var/lib/grafana/dashboards/home.json
|
||||
+17
@@ -0,0 +1,17 @@
|
||||
apiVersion: 1
|
||||
|
||||
providers:
|
||||
# <string> an unique provider name. Required
|
||||
- name: 'dashboards'
|
||||
type: file
|
||||
# <bool> disable dashboard deletion
|
||||
disableDeletion: false
|
||||
# <int> how often Grafana will scan for changed dashboards
|
||||
updateIntervalSeconds: 10
|
||||
# <bool> allow updating provisioned dashboards from the UI
|
||||
allowUiUpdates: false
|
||||
options:
|
||||
# <string, required> path to dashboard files on disk. Required when using the 'file' type
|
||||
path: /var/lib/grafana/dashboards
|
||||
# <bool> use folder names from filesystem to create folders in Grafana
|
||||
foldersFromFilesStructure: true
|
||||
+34
@@ -0,0 +1,34 @@
|
||||
# config file version
|
||||
apiVersion: 1
|
||||
|
||||
# list of datasources that should be deleted from the database
|
||||
deleteDatasources:
|
||||
- name: victoriametrics
|
||||
- name: Jaeger
|
||||
|
||||
# list of datasources to insert/update depending
|
||||
# what's available in the database
|
||||
datasources:
|
||||
# <string, required> name of the datasource. Required
|
||||
- name: VictoriaMetrics
|
||||
# <string, required> datasource type. Required
|
||||
type: prometheus
|
||||
# <string, required> access mode. proxy or direct (Server or Browser in the UI). Required
|
||||
access: Server
|
||||
# <string> url
|
||||
url: http://victoriametrics:8428
|
||||
# <string> Deprecated, use secureJsonData.password
|
||||
version: 1
|
||||
# <bool> allow users to edit datasources from the UI.
|
||||
editable: true
|
||||
- name: Jaeger
|
||||
# <string, required> datasource type. Required
|
||||
type: jaeger
|
||||
# <string, required> access mode. proxy or direct (Server or Browser in the UI). Required
|
||||
access: Server
|
||||
# <string> url
|
||||
url: http://jaeger:16686
|
||||
# <string> Deprecated, use secureJsonData.password
|
||||
version: 1
|
||||
# <bool> allow users to edit datasources from the UI.
|
||||
editable: true
|
||||
@@ -0,0 +1,145 @@
|
||||
admin:
|
||||
http:
|
||||
host-port: :14269
|
||||
collector:
|
||||
grpc:
|
||||
tls:
|
||||
cert: ""
|
||||
client-ca: ""
|
||||
enabled: false
|
||||
key: ""
|
||||
grpc-server:
|
||||
host-port: :14250
|
||||
max-message-size: 4194304
|
||||
http:
|
||||
tls:
|
||||
cert: ""
|
||||
client-ca: ""
|
||||
enabled: false
|
||||
key: ""
|
||||
http-server:
|
||||
host-port: :14268
|
||||
num-workers: 100
|
||||
queue-size: 5000
|
||||
queue-size-memory: "0"
|
||||
tags: ""
|
||||
zipkin:
|
||||
allowed-headers: content-type
|
||||
allowed-origins: '*'
|
||||
host-port: ""
|
||||
config-file: ""
|
||||
dir: ./
|
||||
downsampling:
|
||||
hashsalt: ""
|
||||
ratio: "1"
|
||||
es:
|
||||
bulk:
|
||||
actions: 1000
|
||||
flush-interval: 200ms
|
||||
size: 5000000
|
||||
workers: 1000
|
||||
create-index-templates: false
|
||||
index-date-separator: '-'
|
||||
index-prefix: ""
|
||||
index-rollover-frequency-services: day
|
||||
index-rollover-frequency-spans: day
|
||||
log-level: error
|
||||
max-doc-count: 10000
|
||||
max-span-age: 72h0m0s
|
||||
num-replicas: 1
|
||||
num-shards: 5
|
||||
password: PASSWORD-TEMPLATE
|
||||
remote-read-clusters: ""
|
||||
send-get-body-as: ""
|
||||
server-urls: http://elasticsearch:9200
|
||||
sniffer: false
|
||||
sniffer-tls-enabled: false
|
||||
tags-as-fields:
|
||||
all: true
|
||||
config-file: ""
|
||||
dot-replacement: '@'
|
||||
include: ""
|
||||
timeout: 0s
|
||||
tls:
|
||||
ca: ""
|
||||
cert: ""
|
||||
enabled: false
|
||||
key: ""
|
||||
server-name: ""
|
||||
skip-host-verify: false
|
||||
token-file: ""
|
||||
use-aliases: true
|
||||
use-ilm: true
|
||||
username: "elastic"
|
||||
version: "0"
|
||||
format: md
|
||||
http-server:
|
||||
host-port: :5778
|
||||
log-level: info
|
||||
metrics-backend: prometheus
|
||||
metrics-http-route: /metrics
|
||||
processor:
|
||||
jaeger-binary:
|
||||
server-host-port: :6832
|
||||
server-max-packet-size: 65000
|
||||
server-queue-size: 1000
|
||||
server-socket-buffer-size: 0
|
||||
workers: 10
|
||||
jaeger-compact:
|
||||
server-host-port: :6831
|
||||
server-max-packet-size: 65000
|
||||
server-queue-size: 1000
|
||||
server-socket-buffer-size: 0
|
||||
workers: 10
|
||||
zipkin-compact:
|
||||
server-host-port: :5775
|
||||
server-max-packet-size: 65000
|
||||
server-queue-size: 1000
|
||||
server-socket-buffer-size: 0
|
||||
workers: 10
|
||||
query:
|
||||
additional-headers: []
|
||||
base-path: /
|
||||
bearer-token-propagation: false
|
||||
grpc:
|
||||
tls:
|
||||
cert: ""
|
||||
client-ca: ""
|
||||
enabled: false
|
||||
key: ""
|
||||
grpc-server:
|
||||
host-port: :16685
|
||||
http:
|
||||
tls:
|
||||
cert: ""
|
||||
client-ca: ""
|
||||
enabled: false
|
||||
key: ""
|
||||
http-server:
|
||||
host-port: :16686
|
||||
max-clock-skew-adjustment: 0s
|
||||
static-files: ""
|
||||
ui-config: ""
|
||||
reporter:
|
||||
grpc:
|
||||
discovery:
|
||||
min-peers: 3
|
||||
host-port: ""
|
||||
retry:
|
||||
max: "3"
|
||||
tls:
|
||||
ca: ""
|
||||
cert: ""
|
||||
enabled: false
|
||||
key: ""
|
||||
server-name: ""
|
||||
skip-host-verify: false
|
||||
type: grpc
|
||||
sampling:
|
||||
strategies-file: ""
|
||||
strategies-reload-interval: 0s
|
||||
span-storage:
|
||||
type: elasticsearch
|
||||
status:
|
||||
http:
|
||||
host-port: :14269
|
||||
@@ -0,0 +1,6 @@
|
||||
{
|
||||
"default_strategy": {
|
||||
"type": "probabilistic",
|
||||
"param": 1
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,66 @@
|
||||
extensions:
|
||||
health_check:
|
||||
pprof:
|
||||
endpoint: 0.0.0.0:1777
|
||||
zpages:
|
||||
endpoint: 0.0.0.0:55679
|
||||
|
||||
receivers:
|
||||
otlp:
|
||||
protocols:
|
||||
grpc:
|
||||
endpoint: "0.0.0.0:8148"
|
||||
http:
|
||||
jaeger:
|
||||
protocols:
|
||||
thrift_compact:
|
||||
endpoint: 0.0.0.0:6831
|
||||
thrift_http:
|
||||
endpoint: 0.0.0.0:14268
|
||||
prometheus:
|
||||
config:
|
||||
scrape_configs:
|
||||
- job_name: 'otel-collector'
|
||||
scrape_interval: 10s
|
||||
static_configs:
|
||||
- targets: ['node-exporter:9100']
|
||||
- job_name: 'otel-elastic'
|
||||
scrape_interval: 10s
|
||||
static_configs:
|
||||
- targets: ['elasticsearch_exporter:9114']
|
||||
- job_name: 'jaeger-collector'
|
||||
scrape_interval: 10s
|
||||
static_configs:
|
||||
- targets: ['jaeger:14269']
|
||||
|
||||
processors:
|
||||
batch:
|
||||
timeout: 10s
|
||||
send_batch_size: 1000
|
||||
|
||||
exporters:
|
||||
logging:
|
||||
loglevel: error
|
||||
jaeger:
|
||||
endpoint: "jaeger:14250"
|
||||
tls:
|
||||
insecure: true
|
||||
prometheusremotewrite:
|
||||
endpoint: "http://victoriametrics:8428/api/v1/write"
|
||||
|
||||
service:
|
||||
pipelines:
|
||||
traces:
|
||||
receivers: [otlp]
|
||||
processors: [batch]
|
||||
exporters: [logging, jaeger]
|
||||
logs:
|
||||
receivers: [otlp]
|
||||
processors: [batch]
|
||||
exporters: [logging]
|
||||
metrics:
|
||||
receivers: [otlp, prometheus]
|
||||
processors: [batch]
|
||||
exporters: [logging, prometheusremotewrite]
|
||||
|
||||
extensions: [health_check, pprof, zpages]
|
||||
@@ -0,0 +1,55 @@
|
||||
#!/bin/bash
|
||||
|
||||
cp /opt/soldr_observability/config/elasticsearch/* /usr/share/elasticsearch/config/
|
||||
|
||||
chmod -R 0775 /usr/share/elasticsearch/config
|
||||
|
||||
while true; do
|
||||
RETURNCODE=$(curl -s -o return_code.txt -w "%{http_code}" "http://elasticsearch:9200/")
|
||||
if [ $RETURNCODE == "401" ]; then
|
||||
echo "Connect to Elasticsearch was successful"
|
||||
break
|
||||
fi
|
||||
echo "Failed to connect to Elasticsearch"
|
||||
sleep 1
|
||||
done
|
||||
|
||||
sleep 5
|
||||
|
||||
if [[ -f /usr/share/elasticsearch/config/passfile && $(cat /usr/share/elasticsearch/config/passfile) != "" ]]; then
|
||||
ELASTIC_PASS=$(cat /usr/share/elasticsearch/config/passfile)
|
||||
if [[ $MASTER_PASSWORD == $ELASTIC_PASS ]]; then
|
||||
echo "MASTER_PASSWORD env and password in /usr/share/elasticsearch/config/passfile is equel"
|
||||
RETURNCODE=$(curl -s -o return_code.txt -w "%{http_code}" -u "elastic:$ELASTIC_PASS" "http://elasticsearch:9200/_xpack/security/_authenticate")
|
||||
if [[ $RETURNCODE != "200" ]]; then
|
||||
echo "Password in /usr/share/elasticsearch/config/passfile is incorrect"
|
||||
else
|
||||
echo "Password in /usr/share/elasticsearch/config/passfile is correct"
|
||||
fi
|
||||
else
|
||||
echo "Change password to MASTER_PASSWORD env"
|
||||
RETURNCODE=$(curl -s -o return_code.txt -w "%{http_code}" -XPOST -u elastic:$ELASTIC_PASS 'http://elasticsearch:9200/_security/user/elastic/_password?pretty' -H 'Content-Type: application/json' -d '{"password": "'"$MASTER_PASSWORD"'"}')
|
||||
if [[ $RETURNCODE != "200" ]]; then
|
||||
echo "Change password failed"
|
||||
else
|
||||
echo "Successful password change"
|
||||
echo $MASTER_PASSWORD > /usr/share/elasticsearch/config/passfile
|
||||
fi
|
||||
fi
|
||||
else
|
||||
echo "Generate new password and change default password"
|
||||
if [[ $MASTER_PASSWORD != "" ]]; then
|
||||
echo $MASTER_PASSWORD > /usr/share/elasticsearch/config/passfile
|
||||
else
|
||||
date +%s | sha256sum | base64 | head -c 20 > /usr/share/elasticsearch/config/passfile
|
||||
fi
|
||||
ELASTIC_PASS=$(cat /usr/share/elasticsearch/config/passfile)
|
||||
RETURNCODE=$(curl -s -o return_code.txt -w "%{http_code}" -XPOST -u elastic:changeme 'http://elasticsearch:9200/_security/user/elastic/_password?pretty' -H 'Content-Type: application/json' -d '{"password": "'"$ELASTIC_PASS"'"}')
|
||||
if [[ $RETURNCODE != "200" ]]; then
|
||||
echo "Change password failed"
|
||||
else
|
||||
echo "Successful password change"
|
||||
fi
|
||||
fi
|
||||
|
||||
sleep infinity
|
||||
Executable
+130
@@ -0,0 +1,130 @@
|
||||
#!/bin/bash
|
||||
|
||||
PASSWORD_FILE=/usr/share/elasticsearch/config/passfile
|
||||
GRAFANA_KEY=/etc/grafana/ssl/grafana.key
|
||||
GRAFANA_CRT=/etc/grafana/ssl/grafana.crt
|
||||
|
||||
|
||||
if [[ -f "$GRAFANA_KEY" && -f "$GRAFANA_CRT" ]]; then
|
||||
echo "Grafana crt and key already exist."
|
||||
else
|
||||
echo "Gen Grafana key and crt."
|
||||
mkdir /etc/grafana/ssl/
|
||||
mkdir ssl
|
||||
|
||||
openssl genrsa -out ssl/server_ca.key 4096
|
||||
openssl req -new -x509 -days 391 -key ssl/server_ca.key \
|
||||
-subj "/C=RU/L=MO/O=VXControl/CN=VXControl SOLDR OBSERV CA" \
|
||||
-out ssl/server_ca.crt
|
||||
|
||||
openssl req -newkey rsa:4096 -sha256 -nodes -keyout $GRAFANA_KEY \
|
||||
-subj "/C=RU/L=MO/O=VXControl/CN=soldr-observ.local" \
|
||||
-out ssl/grafana.csr
|
||||
|
||||
openssl x509 -req -extfile <(printf "subjectAltName=DNS:soldr-observ.local, DNS:localhost\nkeyUsage=digitalSignature, nonRepudiation, keyEncipherment\nextendedKeyUsage=serverAuth") \
|
||||
-days 390 -in ssl/grafana.csr \
|
||||
-CA ssl/server_ca.crt \
|
||||
-CAkey ssl/server_ca.key -CAcreateserial \
|
||||
-out $GRAFANA_CRT
|
||||
|
||||
cat ssl/server_ca.crt >> $GRAFANA_CRT
|
||||
|
||||
chmod g+r $GRAFANA_KEY
|
||||
|
||||
rm -rf ssl
|
||||
fi
|
||||
|
||||
if [[ -f "$PASSWORD_FILE" ]]; then
|
||||
ELASTIC_PASS=$(cat /usr/share/elasticsearch/config/passfile)
|
||||
if [[ -z "$ELASTIC_PASS" ]]; then
|
||||
echo "Password not found in passfile"
|
||||
exit 1
|
||||
else
|
||||
if grep -RFq 'PASSWORD-TEMPLATE' config/jaeger/config.yml ; then
|
||||
echo "Firts deploy, replace PASSWORD-TEMPLATE to MASTER_PASSWORD"
|
||||
sed -i 's/PASSWORD-TEMPLATE/'"$ELASTIC_PASS"'/g' config/jaeger/config.yml
|
||||
else
|
||||
echo "Change Elasticsearch password in Jaeger config.yml to new MASTER_PASSWORD"
|
||||
OLD_PASSWORD=$(grep "admin_password" config/jaeger/config.yml | awk '{print $2}')
|
||||
if [[ $OLD_PASSWORD == $ELASTIC_PASS ]]; then
|
||||
echo "MASTER_PASSWORD the same"
|
||||
else
|
||||
echo "Update MASTER_PASSWORD in Jaeger config.yml"
|
||||
if [[ $OLD_PASSWORD == * ]]; then
|
||||
OLD_PASSWORD=$(echo $OLD_PASSWORD | sed 's|\*|\\\*|g')
|
||||
fi
|
||||
sed -i 's|'"$OLD_PASSWORD"'|'"$ELASTIC_PASS"'|g' config/jaeger/config.yml
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
echo "Copy config files to containers dst dirs"
|
||||
cp -R config/grafana/* /etc/grafana/
|
||||
cp -R config/grafana/dashboards/* /var/lib/grafana/dashboards/
|
||||
cp -R config/jaeger/* /etc/jaeger/
|
||||
cp -R config/otelcontribcol/* /etc/otel/
|
||||
|
||||
chown -R grafana /etc/grafana
|
||||
chown -R grafana /var/lib/grafana
|
||||
echo "Configs and secrets copied successful"
|
||||
sleep 10
|
||||
|
||||
echo "Check Elasticsearch"
|
||||
while true; do
|
||||
RETURN_CODE=$(curl -s -o return_code -w "%{http_code}" \
|
||||
-u elastic:$ELASTIC_PASS \
|
||||
-k 'http://elasticsearch:9200/_cluster/health?wait_for_status=yellow&timeout=50s&pretty')
|
||||
if [[ $RETURN_CODE != 200 ]]; then
|
||||
echo "Waiting for Elasticsearch ..."
|
||||
sleep 1
|
||||
else
|
||||
echo "Elasticsearch alive with correct config."
|
||||
break
|
||||
fi
|
||||
done
|
||||
|
||||
echo "Check ILM policy for Jaeger"
|
||||
ELASTIC_ILM_POLICY_RETURN_CODE=$(curl -u elastic:$ELASTIC_PASS -s 'http://elasticsearch:9200/_ilm/policy/jaeger-ilm-policy?pretty' | jq -r '.["jaeger-ilm-policy"].version')
|
||||
|
||||
if [[ $ELASTIC_ILM_POLICY_RETURN_CODE == null ]]; then
|
||||
echo "Create ILM policy for Jaeger"
|
||||
ELASTIC_CREATE_ILM_RETURN_CODE=$(curl -X PUT -u elastic:$ELASTIC_PASS -s 'http://elasticsearch:9200/_ilm/policy/jaeger-ilm-policy' \
|
||||
-H 'Content-Type: application/json; charset=utf-8' \
|
||||
-d '{"policy": {"phases": {"hot": {"min_age": "0ms","actions": {"rollover": {"max_age": "1d"},"set_priority": {"priority": 100}}},"delete": {"min_age": "14d","actions": {"delete": {}}}}}}' | jq -r '.acknowledged')
|
||||
if [[ $ELASTIC_CREATE_ILM_RETURN_CODE == "true" ]]; then
|
||||
echo "ILM policy for Jaeger created successfully"
|
||||
echo "Create Jaeger index temptlate jaeger-span, jaeger-service, jaeger-dependencies"
|
||||
JAEGER_SPAN_INDEX_TEMPLATE_RETURN_CODE=$(curl -X PUT -u elastic:$ELASTIC_PASS -s 'http://elasticsearch:9200/_template/jaeger-span' \
|
||||
-H 'Content-Type: application/json; charset=utf-8' \
|
||||
-d '{"index_patterns":["jaeger-span-*"],"settings":{"index":{"lifecycle":{"name":"jaeger-ilm-policy","rollover_alias":"jaeger-span-write"},"mapping":{"nested_fields":{"limit":"50"}},"requests":{"cache":{"enable":"true"}},"number_of_shards":"1","number_of_replicas":"0"}},"mappings":{"dynamic_templates":[{"span_tags_map":{"path_match":"tag.*","mapping":{"ignore_above":256,"type":"keyword"}}},{"process_tags_map":{"path_match":"process.tag.*","mapping":{"ignore_above":256,"type":"keyword"}}}],"properties":{"traceID":{"ignore_above":256,"type":"keyword"},"process":{"properties":{"tag":{"type":"object"},"serviceName":{"ignore_above":256,"type":"keyword"},"tags":{"dynamic":false,"type":"nested","properties":{"tagType":{"ignore_above":256,"type":"keyword"},"value":{"ignore_above":256,"type":"keyword"},"key":{"ignore_above":256,"type":"keyword"}}}}},"startTimeMillis":{"format":"epoch_millis","type":"date"},"references":{"dynamic":false,"type":"nested","properties":{"traceID":{"ignore_above":256,"type":"keyword"},"spanID":{"ignore_above":256,"type":"keyword"},"refType":{"ignore_above":256,"type":"keyword"}}},"flags":{"type":"integer"},"operationName":{"ignore_above":256,"type":"keyword"},"parentSpanID":{"ignore_above":256,"type":"keyword"},"tags":{"dynamic":false,"type":"nested","properties":{"tagType":{"ignore_above":256,"type":"keyword"},"value":{"ignore_above":256,"type":"keyword"},"key":{"ignore_above":256,"type":"keyword"}}},"spanID":{"ignore_above":256,"type":"keyword"},"duration":{"type":"long"},"startTime":{"type":"long"},"tag":{"type":"object"},"logs":{"dynamic":false,"type":"nested","properties":{"fields":{"dynamic":false,"type":"nested","properties":{"tagType":{"ignore_above":256,"type":"keyword"},"value":{"ignore_above":256,"type":"keyword"},"key":{"ignore_above":256,"type":"keyword"}}},"timestamp":{"type":"long"}}}}},"aliases":{"jaeger-span-read":{}}}' | jq -r '.acknowledged')
|
||||
JAEGER_SERVICE_INDEX_TEMPLATE_RETURN_CODE=$(curl -X PUT -u elastic:$ELASTIC_PASS -s 'http://elasticsearch:9200/_template/jaeger-service' \
|
||||
-H 'Content-Type: application/json; charset=utf-8' \
|
||||
-d '{"index_patterns":["jaeger-service-*"],"settings":{"index":{"lifecycle":{"name":"jaeger-ilm-policy","rollover_alias":"jaeger-service-write"},"mapping":{"nested_fields":{"limit":"50"}},"requests":{"cache":{"enable":"true"}},"number_of_shards":"1","number_of_replicas":"0"}},"mappings":{"dynamic_templates":[{"span_tags_map":{"path_match":"tag.*","mapping":{"ignore_above":256,"type":"keyword"}}},{"process_tags_map":{"path_match":"process.tag.*","mapping":{"ignore_above":256,"type":"keyword"}}}],"properties":{"operationName":{"ignore_above":256,"type":"keyword"},"serviceName":{"ignore_above":256,"type":"keyword"}}},"aliases":{"jaeger-service-read":{}}}' | jq -r '.acknowledged')
|
||||
if [[ $JAEGER_SPAN_INDEX_TEMPLATE_RETURN_CODE == "true" && $JAEGER_SERVICE_INDEX_TEMPLATE_RETURN_CODE == "true" ]]; then
|
||||
echo "Jaeger index template created successfully"
|
||||
echo "Create Jaeger indexes"
|
||||
JAEGER_SPAN_INDEX_RETURN_CODE=$(curl -X PUT -u elastic:$ELASTIC_PASS -s 'http://elasticsearch:9200/jaeger-span-000001' \
|
||||
-H 'Content-Type: application/json; charset=utf-8' \
|
||||
-d '{"aliases" : {"jaeger-span-write": {"is_write_index": "true"}},"settings" : {"number_of_shards" : 1,"number_of_replicas" : 0}}' | jq -r '.acknowledged')
|
||||
JAEGER_SERVICE_INDEX_RETURN_CODE=$(curl -X PUT -u elastic:$ELASTIC_PASS -s 'http://elasticsearch:9200/jaeger-service-000001' \
|
||||
-H 'Content-Type: application/json; charset=utf-8' \
|
||||
-d '{"aliases" : {"jaeger-service-write": {"is_write_index": "true"}},"settings" : {"number_of_shards" : 1,"number_of_replicas" : 0}}' | jq -r '.acknowledged')
|
||||
if [[ $JAEGER_SPAN_INDEX_RETURN_CODE == "true" && $JAEGER_SERVICE_INDEX_RETURN_CODE == "true" ]];then
|
||||
echo "Jaeger indexes created successfully"
|
||||
touch /opt/soldr_observability/healthcheck
|
||||
else
|
||||
echo "Failed to create Jaeger indexes"
|
||||
fi
|
||||
else
|
||||
echo "Failed to create Jaeger index templates"
|
||||
fi
|
||||
else
|
||||
echo "Failed to create ILM policy for Jaeger"
|
||||
fi
|
||||
else
|
||||
echo "ILM policy for Jaeger alrady exist"
|
||||
touch /opt/soldr_observability/healthcheck
|
||||
fi
|
||||
|
||||
sleep infinity
|
||||
Reference in New Issue
Block a user