透過 ansible 安裝 node exporter

Folder Structure

資料夾的結構

1
2
3
4
5
├── README.md
├── install-node-exporter.yaml
├── inventory.ini 
└── vars
    └── release-version.yaml

檔案

vars/release-version.yaml

可以靈活的設定要安裝node_exporter 的版本。

根據不同 CPU 架構進行選擇

1
node_exporter_release: node_exporter-1.6.0.linux-amd64

inventory.ini

根據要操作的機器,替換 ip 位置。

1
2
[server]
192.xxx.xxx.xxx ansible_connection=ssh ansible_user=root

install-node-exporter.yaml

  1. 刪除機器內已存在的 node_exporter 檔案與 service 檔
  2. 下載 node exporter 到 /opt 資料夾下
  3. 撰寫 service 檔
  4. 重新載入 systemd 配置
  5. 啟用並啟動 Node Exporter 服務
  6. 允許預設區域上的 9100/tcp 通訊
  7. 新增 9100/tcp 通訊端口並重新載入
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
---
- hosts: server
  become: yes
  
  vars:
    node_exporter_release: "release versoin from vars file release.yaml"
  vars_files:
    - "vars/release-version.yaml"

  tasks:
    - name: Delete Service and Node Exporter
      ansible.builtin.command:
        cmd: |
          rm -rf /etc/systemd/system/node_exporter.service
          rm -rf /opt/{{node_exporter_release}}/node_exporter

    - name: Download and extract Node Exporter
      unarchive:
        src: https://github.com/prometheus/node_exporter/releases/download/v1.6.0/{{node_exporter_release}}.tar.gz
        dest: /opt
        remote_src: yes

    - name: Create systemd service file for Node Exporter
      copy:
        dest: /etc/systemd/system/node_exporter.service
        content: |
          [Unit]
          Description=Node Exporter
          Wants=network-online.target
          After=network-online.target

          [Service]
          Type=simple
          ExecStart=/opt/{{node_exporter_release}}/node_exporter

          [Install]
          WantedBy=multi-user.target

    - name: Reload systemd configuration
      systemd:
        daemon_reload: yes

    - name: Enable and Start Node Exporter service
      systemd:
        name: node_exporter
        enabled: yes 
        state: started     

    - name: Do not permit traffic in default zone on port 9100/tcp
      ansible.posix.firewalld:
        port: 9100/tcp
        permanent: true
        state: enabled

    - name: Add port 9100/tcp to firewall and reload
      ansible.builtin.shell: |
        firewall-cmd --add-port=9100/tcp --permanent
        firewall-cmd --reload

...

執行 ansible 腳本

  1. 將 public key 複製到機器上
1
ssh-copy-id -i ~/.ssh/id_rsa root@192.xxx.xxx.xxx
  1. 執行腳本時帶上 key,就不需要每次都輸入密碼
    1
    ansible-playbook install-node-exporter.yaml -i inventory.ini --private-key=~/.ssh/id_rsa
sre
#Ansible
透過 ansible 安裝 node exporter
https://phoebeho.com/sre/20230717/976203910/
作者
Phoebe
發布於
2023年7月17日
許可協議