From a4df8689304064e6ad21bb3c662ffdf3f17df213 Mon Sep 17 00:00:00 2001 From: Eliezer Croitoru Date: Fri, 1 Nov 2024 15:02:27 +0200 Subject: [PATCH] 1 --- Dockerfile | 6 +++ Makefile | 15 +++++++ alert.rules.yml | 31 +++++++++++++ build.sh | 2 + container-name | 1 + docker-compose.yml | 9 ++++ prometheus.yml | 108 +++++++++++++++++++++++++++++++++++++++++++++ publish.sh | 11 +++++ username | 1 + 9 files changed, 184 insertions(+) create mode 100644 Dockerfile create mode 100644 Makefile create mode 100644 alert.rules.yml create mode 100644 build.sh create mode 100644 container-name create mode 100644 docker-compose.yml create mode 100644 prometheus.yml create mode 100644 publish.sh create mode 100644 username diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..027580b --- /dev/null +++ b/Dockerfile @@ -0,0 +1,6 @@ +FROM prom/prometheus:latest + +COPY prometheus.yml /etc/prometheus/prometheus.yml +COPY alert.rules.yml /etc/prometheus/alert.rules.yml + +EXPOSE 9090/tcp diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..0bacb72 --- /dev/null +++ b/Makefile @@ -0,0 +1,15 @@ +all: init-buildx build publish + +build: + bash build.sh +publish: + bash publish.sh + +init-buildx: clean-buildx + docker buildx create --name mybuilder + docker buildx use mybuilder + docker buildx inspect --bootstrap + docker buildx ls +clean-buildx: + docker buildx rm mybuilder;true + diff --git a/alert.rules.yml b/alert.rules.yml new file mode 100644 index 0000000..5adf79b --- /dev/null +++ b/alert.rules.yml @@ -0,0 +1,31 @@ +groups: +- name: BlackboxAlerts + rules: + - alert: EndpointDown + expr: probe_success == 0 + for: 10s + labels: + severity: "critical" + annotations: + summary: "Endpoint {{ $labels.instance }} down" + +- name: ssl_expiry.rules + rules: + - alert: SSLCertExpiringSoon + expr: probe_ssl_earliest_cert_expiry{job="blackbox-tcp_connect_tls"} - time() < 86400 * 30 + for: 10m + labels: + severity: "critical" + annotations: + summary: "Certificate for {{ $labels.instance }} is expiring soon" + +- name: mysql_up + rules: + - alert: MysqldDown + expr: mysql_up == 0 + for: 10s + labels: + severity: "critical" + annotations: + summary: "Mysqld service {{ $labels.instance }} is down" + diff --git a/build.sh b/build.sh new file mode 100644 index 0000000..20d602b --- /dev/null +++ b/build.sh @@ -0,0 +1,2 @@ +#!/usr/bin/env bash + diff --git a/container-name b/container-name new file mode 100644 index 0000000..26b17a6 --- /dev/null +++ b/container-name @@ -0,0 +1 @@ +prometheus diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..d73e7a0 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,9 @@ +services: + prometheus: + container_name: prometheus + ports: + - 9090:9090 + image: elicro/prometheus:latest + environment: + - TZ=Asia/Jerusalem + restart: unless-stopped diff --git a/prometheus.yml b/prometheus.yml new file mode 100644 index 0000000..88e6a1f --- /dev/null +++ b/prometheus.yml @@ -0,0 +1,108 @@ +# my global config +global: + scrape_interval: 15s # Set the scrape interval to every 15 seconds. Default is every 1 minute. + evaluation_interval: 15s # Evaluate rules every 15 seconds. The default is every 1 minute. + # scrape_timeout is set to the global default (10s). + +# Alertmanager configuration +alerting: + alertmanagers: + - static_configs: + - targets: + - 172.20.90.93:9093 + +# Load rules once and periodically evaluate them according to the global 'evaluation_interval'. +rule_files: + - alert.rules.yml + +# A scrape configuration containing exactly one endpoint to scrape: +# Here it's Prometheus itself. +scrape_configs: + # The job name is added as a label `job=` to any timeseries scraped from this config. + - job_name: "prometheus" + + # metrics_path defaults to '/metrics' + # scheme defaults to 'http'. + + - job_name: 'node_exporter' + metrics_path: /metrics + scrape_interval: 30s + scrape_timeout: 20s + http_sd_configs: + - url: "http://172.20.90.80:8080/blackbox/node_exporter.json" + + - job_name: 'mysqld_exporter' + metrics_path: /metrics + scrape_interval: 30s + scrape_timeout: 20s + http_sd_configs: + - url: "http://172.20.90.80:8080/blackbox/mysqld_exporter.json" + + - job_name: 'blackbox-tcp' + metrics_path: /probe + params: + module: [tcp_connect] + scrape_interval: 30s + scrape_timeout: 20s + http_sd_configs: + - url: "http://172.20.90.80:8080/blackbox/blackbox-tcp.json" + relabel_configs: + - source_labels: [__address__] + target_label: __param_target + - source_labels: [__param_target] + target_label: instance + - target_label: __address__ + replacement: 172.20.90.15:9115 # Blackbox exporter. + + - job_name: 'blackbox-icmp' + metrics_path: /probe + params: + module: [icmp] + scrape_interval: 30s + scrape_timeout: 20s + http_sd_configs: + - url: "http://172.20.90.80:8080/blackbox/blackbox-icmp.json" + relabel_configs: + - source_labels: [__address__] + target_label: __param_target + + - source_labels: [__param_target] + target_label: instance + + - source_labels: [hostname] + target_label: __param_target + + - target_label: __address__ + replacement: 172.20.90.15:9115 # Blackbox exporter. + + - job_name: 'blackbox-http_2xx_3xx_403' + metrics_path: /probe + params: + module: [http_2xx_3xx_403] + scrape_interval: 30s + scrape_timeout: 20s + http_sd_configs: + - url: "http://172.20.90.80:8080/blackbox/blackbox-http_2xx_3xx_403.json" + relabel_configs: + - source_labels: [__address__] + target_label: __param_target + - source_labels: [__param_target] + target_label: instance + - target_label: __address__ + replacement: 172.20.90.15:9115 # Blackbox exporter. + + - job_name: 'blackbox-tcp_connect_tls' + metrics_path: /probe + params: + module: [tcp_connect_tls] + scrape_interval: 30s + scrape_timeout: 20s + http_sd_configs: + - url: "http://172.20.90.80:8080/blackbox/blackbox-tcp_connect_tls.json" + relabel_configs: + - source_labels: [__address__] + target_label: __param_target + - source_labels: [__param_target] + target_label: instance + - target_label: __address__ + replacement: 172.20.90.15:9115 # Blackbox exporter. diff --git a/publish.sh b/publish.sh new file mode 100644 index 0000000..757abd8 --- /dev/null +++ b/publish.sh @@ -0,0 +1,11 @@ +#!/usr/bin/env bash + +set -x + +name="$(head -1 container-name)" +docker_username="$(head -1 username)" + +docker login +docker buildx build -t "${docker_username}/${name}:latest" --platform linux/amd64,linux/arm64,linux/arm/v7 --push . + +set +x diff --git a/username b/username new file mode 100644 index 0000000..2737d98 --- /dev/null +++ b/username @@ -0,0 +1 @@ +elicro