Compare commits
No commits in common. "master" and "tommaso.piccioli-patch-2" have entirely different histories.
master
...
tommaso.pi
|
@ -49,9 +49,9 @@ mongodb_directoryperdb: 'false'
|
||||||
mongodb_conf_file: /etc/mongod.conf
|
mongodb_conf_file: /etc/mongod.conf
|
||||||
mongodb_daemon: /usr/bin/mongod
|
mongodb_daemon: /usr/bin/mongod
|
||||||
mongod_additional_options: ""
|
mongod_additional_options: ""
|
||||||
# mongodb_allowed_hosts:
|
mongodb_allowed_hosts:
|
||||||
# - 127.0.0.1/8
|
- 127.0.0.1/8
|
||||||
# - '{{ ansible_default_ipv4.address }}/32'
|
- '{{ ansible_default_ipv4.address }}/32'
|
||||||
|
|
||||||
mongodb_storage_engine: wiredTiger
|
mongodb_storage_engine: wiredTiger
|
||||||
|
|
||||||
|
@ -81,28 +81,6 @@ mongodb_cluster_enabled: False
|
||||||
mongodb_authorization_enabled: False
|
mongodb_authorization_enabled: False
|
||||||
mongodb_replicaset: storagedev
|
mongodb_replicaset: storagedev
|
||||||
mongodb_replica_keyfile: '{{ mongodb_dbpath }}/replica_keyfile'
|
mongodb_replica_keyfile: '{{ mongodb_dbpath }}/replica_keyfile'
|
||||||
mongodb_oplog_size: 2000
|
|
||||||
|
|
||||||
# Prometheus metrics
|
# User and password are stored in the variables mongo_monitoring_u and mongo_monitoring_pwd
|
||||||
mongodb_prometheus_exporter_enabled: false
|
|
||||||
mongodb_prometheus_exporter_version: '0.39.0'
|
|
||||||
mongodb_prometheus_exporter_dir: 'mongodb_exporter-{{ mongodb_prometheus_exporter_version }}.linux-amd64'
|
|
||||||
mongodb_prometheus_exporter_file: '{{ mongodb_prometheus_exporter_dir }}.tar.gz'
|
|
||||||
mongodb_prometheus_exporter_download_url: 'https://github.com/percona/mongodb_exporter/releases/download/v{{ mongodb_prometheus_exporter_version }}/{{ mongodb_prometheus_exporter_file }}'
|
|
||||||
mongodb_prometheus_exporter_port: 9216
|
|
||||||
mongodb_prometheus_exporter_loglevel: error
|
|
||||||
mongodb_prometheus_exporter_collstat_limit: '20'
|
|
||||||
mongodb_prometheus_exporter_opts: '--web.listen-address=":{{ mongodb_prometheus_exporter_port }}" --log.level={{ mongodb_prometheus_exporter_loglevel }}'
|
|
||||||
mongodb_prometheus_exporter_connection_opts: '--mongodb.uri="mongodb://{{ mongodb_prometheus_exporter_connection_user }}:{{ mongodb_prometheus_exporter_connection_password }}@{{ mongodb_prometheus_exporter_connection_host }}/{{ mongodb_prometheus_exporter_connection_params }}"'
|
|
||||||
mongodb_prometheus_exporter_collect_opts: '--mongodb.global-conn-pool --mongodb.direct-connect=true --collector.topmetrics --discovering-mode --collector.dbstats --collector.collstats-limit={{ mongodb_prometheus_exporter_collstat_limit }}'
|
|
||||||
mongodb_prometheus_exporter_enable_compatible_mode: False
|
|
||||||
# List the additional options here
|
|
||||||
mongodb_prometheus_exporter_additional_opts: ''
|
|
||||||
mongodb_prometheus_exporter_user: prometheus_mongodb
|
|
||||||
mongodb_prometheus_exporter_home: '/opt/{{ mongodb_prometheus_exporter_user }}'
|
|
||||||
mongodb_prometheus_exporter_dist_dir: '{{ mongodb_prometheus_exporter_home }}/dist'
|
|
||||||
mongodb_prometheus_exporter_cmd: '{{ mongodb_prometheus_exporter_dist_dir }}/{{ mongodb_prometheus_exporter_dir }}/mongodb_exporter'
|
|
||||||
mongodb_prometheus_exporter_connection_host: 'localhost:27017'
|
|
||||||
mongodb_prometheus_exporter_connection_user: monitor
|
|
||||||
#mongodb_prometheus_exporter_connection_password: 'use a vault'
|
|
||||||
mongodb_prometheus_exporter_connection_params: 'admin?ssl=true'
|
|
||||||
|
|
|
@ -7,11 +7,3 @@
|
||||||
service: name=mongodb state=restarted
|
service: name=mongodb state=restarted
|
||||||
when: "'{{ mongodb_start_server }}' == 'yes'"
|
when: "'{{ mongodb_start_server }}' == 'yes'"
|
||||||
|
|
||||||
- name: Restart mongodb exporter
|
|
||||||
ansible.builtin.service:
|
|
||||||
name: mongodb_exporter
|
|
||||||
state: restarted
|
|
||||||
|
|
||||||
- name: Reload the systemd data
|
|
||||||
systemd:
|
|
||||||
daemon_reload: yes
|
|
||||||
|
|
|
@ -2,4 +2,3 @@
|
||||||
- import_tasks: mongodb.yml
|
- import_tasks: mongodb.yml
|
||||||
- import_tasks: mongodb-letsencrypt-acmetool.yml
|
- import_tasks: mongodb-letsencrypt-acmetool.yml
|
||||||
when: mongodb_ssl_letsencrypt_managed
|
when: mongodb_ssl_letsencrypt_managed
|
||||||
- import_tasks: mongodb-prometheus-exporter.yml
|
|
||||||
|
|
|
@ -1,70 +0,0 @@
|
||||||
---
|
|
||||||
- name: Mongodb exporter
|
|
||||||
block:
|
|
||||||
- name: Create the user under the mongodb exporter will run
|
|
||||||
ansible.builtin.user:
|
|
||||||
name: '{{ mongodb_prometheus_exporter_user }}'
|
|
||||||
home: '{{ mongodb_prometheus_exporter_home }}'
|
|
||||||
createhome: no
|
|
||||||
shell: /usr/sbin/nologin
|
|
||||||
system: yes
|
|
||||||
|
|
||||||
- name: Create the prometheus mongodb exporter base directory
|
|
||||||
ansible.builtin.file:
|
|
||||||
dest: '{{ item }}'
|
|
||||||
state: directory
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
loop:
|
|
||||||
- '{{ mongodb_prometheus_exporter_home }}'
|
|
||||||
- '{{ mongodb_prometheus_exporter_dist_dir }}'
|
|
||||||
|
|
||||||
- name: Download the prometheus mongodb exporter
|
|
||||||
ansible.builtin.get_url:
|
|
||||||
url: '{{ mongodb_prometheus_exporter_download_url }}'
|
|
||||||
dest: /srv/
|
|
||||||
|
|
||||||
- name: Unarchive the prometheus distribution
|
|
||||||
ansible.builtin.unarchive:
|
|
||||||
src: '/srv/{{ mongodb_prometheus_exporter_file }}'
|
|
||||||
dest: '{{ mongodb_prometheus_exporter_dist_dir }}'
|
|
||||||
remote_src: yes
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
args:
|
|
||||||
creates: '{{ mongodb_prometheus_exporter_dist_dir }}/{{ mongodb_prometheus_exporter_dir }}/mongodb_exporter'
|
|
||||||
notify: Restart mongodb exporter
|
|
||||||
|
|
||||||
- name: Install the prometheus node exporter upstart script
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: mongodb_exporter.upstart.j2
|
|
||||||
dest: /etc/init/mongodb_exporter.conf
|
|
||||||
mode: 0644
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
when: ansible_service_mgr != 'systemd'
|
|
||||||
notify: Restart mongodb exporter
|
|
||||||
|
|
||||||
- name: Install the prometheus mongodb exporter systemd unit
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: mongodb_exporter.service.j2
|
|
||||||
dest: /etc/systemd/system/mongodb_exporter.service
|
|
||||||
mode: 0644
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
when: ansible_service_mgr == 'systemd'
|
|
||||||
notify:
|
|
||||||
- Reload the systemd data
|
|
||||||
- Restart mongodb exporter
|
|
||||||
|
|
||||||
- ansible.builtin.meta: flush_handlers
|
|
||||||
|
|
||||||
- name: Ensure that prometheus mongodb_exporter is started and enabled
|
|
||||||
ansible.builtin.service:
|
|
||||||
name: mongodb_exporter
|
|
||||||
state: started
|
|
||||||
enabled: yes
|
|
||||||
|
|
||||||
when: mongodb_prometheus_exporter_enabled
|
|
||||||
tags: [ 'mongodb', 'prometheus', 'mongodb_prometheus' ]
|
|
||||||
|
|
|
@ -36,7 +36,7 @@
|
||||||
- name: Install/Update the mongodb-org configuration
|
- name: Install/Update the mongodb-org configuration
|
||||||
template: src=mongod-{{ mongodb_version }}.conf.j2 dest=/etc/mongod.conf owner=root group=root mode=0444 backup=yes
|
template: src=mongod-{{ mongodb_version }}.conf.j2 dest=/etc/mongod.conf owner=root group=root mode=0444 backup=yes
|
||||||
when: mongodb_install_conf
|
when: mongodb_install_conf
|
||||||
notify: Restart mongod
|
notify: Restart mongodb
|
||||||
tags: [ 'mongodb', 'mongodb_update_conf', 'mongodb_keyfile' ]
|
tags: [ 'mongodb', 'mongodb_update_conf', 'mongodb_keyfile' ]
|
||||||
|
|
||||||
when:
|
when:
|
||||||
|
@ -55,7 +55,7 @@
|
||||||
- name: Install the mongodb-org defaults file
|
- name: Install the mongodb-org defaults file
|
||||||
template: src=mongod-default.j2 dest=/etc/default/mongod owner=root group=root mode=0444
|
template: src=mongod-default.j2 dest=/etc/default/mongod owner=root group=root mode=0444
|
||||||
when: mongodb_install_conf
|
when: mongodb_install_conf
|
||||||
notify: Restart mongod
|
notify: Restart mongodb
|
||||||
tags: [ 'mongodb', 'mongodb_update_conf' ]
|
tags: [ 'mongodb', 'mongodb_update_conf' ]
|
||||||
|
|
||||||
when:
|
when:
|
||||||
|
|
|
@ -43,7 +43,7 @@ net:
|
||||||
|
|
||||||
{%if mongodb_cluster_enabled %}
|
{%if mongodb_cluster_enabled %}
|
||||||
security:
|
security:
|
||||||
keyFile: {{ mongodb_replica_keyfile }}
|
keyFile: /data/mongo_home/dev-d4science-keyfile
|
||||||
|
|
||||||
replication:
|
replication:
|
||||||
oplogSizeMB: 2000
|
oplogSizeMB: 2000
|
||||||
|
|
|
@ -1 +0,0 @@
|
||||||
mongod-3.0.conf.j2
|
|
|
@ -0,0 +1,54 @@
|
||||||
|
# mongod.conf
|
||||||
|
|
||||||
|
# for documentation of all options, see:
|
||||||
|
# http://docs.mongodb.org/manual/reference/configuration-options/
|
||||||
|
|
||||||
|
# Where and how to store data.
|
||||||
|
storage:
|
||||||
|
dbPath: {{ mongodb_dbpath }}
|
||||||
|
journal:
|
||||||
|
enabled: true
|
||||||
|
directoryPerDB: {{ mongodb_directoryperdb }}
|
||||||
|
engine: {{ mongodb_storage_engine }}
|
||||||
|
# mmapv1:
|
||||||
|
# wiredTiger:
|
||||||
|
|
||||||
|
# where to write logging data.
|
||||||
|
systemLog:
|
||||||
|
destination: {{ mongodb_systemlog_destination }}
|
||||||
|
path: {{ mongodb_logpath }}
|
||||||
|
{% if not mongodb_systemlog_external_logrotate %}
|
||||||
|
logRotate: rename
|
||||||
|
logAppend: false
|
||||||
|
{% else %}
|
||||||
|
logRotate: reopen
|
||||||
|
logAppend: true
|
||||||
|
{% endif %}
|
||||||
|
# network interfaces
|
||||||
|
net:
|
||||||
|
port: {{ mongodb_tcp_port }}
|
||||||
|
bindIp: {{ mongo_bind_ip }}
|
||||||
|
http:
|
||||||
|
enabled: {{ mongodb_http_interface }}
|
||||||
|
JSONPEnabled: {{ mongodb_http_interface }}
|
||||||
|
RESTInterfaceEnabled: {{ mongodb_http_interface }}
|
||||||
|
{% if mongodb_ssl_enabled %}
|
||||||
|
ssl:
|
||||||
|
mode: {{ mongodb_ssl_mode }}
|
||||||
|
PEMKeyFile: '{{ mongodb_ssl_certkey_file }}'
|
||||||
|
CAFile: '{{ mongodb_ssl_CA_file }}'
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
#processManagement:
|
||||||
|
|
||||||
|
{%if mongodb_cluster_enabled %}
|
||||||
|
security:
|
||||||
|
keyFile: /data/mongo_home/dev-d4science-keyfile
|
||||||
|
|
||||||
|
replication:
|
||||||
|
oplogSizeMB: 2000
|
||||||
|
replSetName: {{ mongodb_replicaset }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
#sharding:
|
||||||
|
|
|
@ -1 +0,0 @@
|
||||||
mongod-3.6.conf.j2
|
|
|
@ -0,0 +1,52 @@
|
||||||
|
# mongod.conf
|
||||||
|
|
||||||
|
# for documentation of all options, see:
|
||||||
|
# http://docs.mongodb.org/manual/reference/configuration-options/
|
||||||
|
|
||||||
|
# Where and how to store data.
|
||||||
|
storage:
|
||||||
|
dbPath: {{ mongodb_dbpath }}
|
||||||
|
journal:
|
||||||
|
enabled: true
|
||||||
|
directoryPerDB: {{ mongodb_directoryperdb }}
|
||||||
|
engine: {{ mongodb_storage_engine }}
|
||||||
|
# mmapv1:
|
||||||
|
# wiredTiger:
|
||||||
|
|
||||||
|
# where to write logging data.
|
||||||
|
systemLog:
|
||||||
|
destination: {{ mongodb_systemlog_destination }}
|
||||||
|
path: {{ mongodb_logpath }}
|
||||||
|
{% if not mongodb_systemlog_external_logrotate %}
|
||||||
|
logRotate: rename
|
||||||
|
logAppend: false
|
||||||
|
{% else %}
|
||||||
|
logRotate: reopen
|
||||||
|
logAppend: true
|
||||||
|
{% endif %}
|
||||||
|
# network interfaces
|
||||||
|
net:
|
||||||
|
port: {{ mongodb_tcp_port }}
|
||||||
|
bindIp: {{ mongo_bind_ip }}
|
||||||
|
{% if mongodb_ssl_enabled %}
|
||||||
|
ssl:
|
||||||
|
mode: {{ mongodb_ssl_mode }}
|
||||||
|
PEMKeyFile: '{{ mongodb_ssl_certkey_file }}'
|
||||||
|
CAFile: '{{ mongodb_ssl_CA_file }}'
|
||||||
|
disabledProtocols: {{ mongodb_ssl_disabled_protocols }}
|
||||||
|
allowConnectionsWithoutCertificates: {{ mongodb_ssl_allowConnectionsWithoutCertificates }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
#processManagement:
|
||||||
|
|
||||||
|
{%if mongodb_cluster_enabled %}
|
||||||
|
security:
|
||||||
|
keyFile: /data/mongo_home/dev-d4science-keyfile
|
||||||
|
|
||||||
|
replication:
|
||||||
|
oplogSizeMB: 2000
|
||||||
|
replSetName: {{ mongodb_replicaset }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
#sharding:
|
||||||
|
|
|
@ -41,12 +41,11 @@ net:
|
||||||
|
|
||||||
{%if mongodb_cluster_enabled %}
|
{%if mongodb_cluster_enabled %}
|
||||||
security:
|
security:
|
||||||
keyFile: {{ mongodb_replica_keyfile }}
|
keyFile: /data/mongo_home/dev-d4science-keyfile
|
||||||
|
|
||||||
replication:
|
replication:
|
||||||
oplogSizeMB: {{ mongodb_oplog_size }}
|
oplogSizeMB: 2000
|
||||||
replSetName: {{ mongodb_replicaset }}
|
replSetName: {{ mongodb_replicaset }}
|
||||||
enableMajorityReadConcern: false
|
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
#sharding:
|
#sharding:
|
||||||
|
|
|
@ -12,31 +12,17 @@ echo "$DATE" > $LE_LOG_DIR/mongodb.log
|
||||||
|
|
||||||
[ ! -d $MONGODB_CERTDIR ] && mkdir $MONGODB_CERTDIR
|
[ ! -d $MONGODB_CERTDIR ] && mkdir $MONGODB_CERTDIR
|
||||||
|
|
||||||
cat ${LE_CERTS_DIR}/{cert,privkey} > ${MONGODB_CERTFILE}.new
|
|
||||||
cmp ${MONGODB_CERTFILE}.new ${MONGODB_CERTFILE} 2>/dev/null
|
|
||||||
if [ $? -eq 0 ] ; then
|
|
||||||
echo "The certificate is up to date" >> $LE_LOG_DIR/mongodb.log
|
|
||||||
rm -f ${MONGODB_CERTFILE}.new
|
|
||||||
exit 0
|
|
||||||
fi
|
|
||||||
|
|
||||||
echo "Building the new certificate file" >> $LE_LOG_DIR/mongodb.log
|
echo "Building the new certificate file" >> $LE_LOG_DIR/mongodb.log
|
||||||
/bin/mv -f ${MONGODB_CERTFILE}.new ${MONGODB_CERTFILE}
|
cat ${LE_CERTS_DIR}/{cert,privkey} > ${MONGODB_CERTFILE}
|
||||||
chmod 440 ${MONGODB_CERTFILE}
|
chmod 440 ${MONGODB_CERTFILE}
|
||||||
chgrp mongodb ${MONGODB_CERTFILE}
|
chgrp mongodb ${MONGODB_CERTFILE}
|
||||||
|
|
||||||
{% if mongodb_ssl_enabled %}
|
{% if mongodb_ssl_enabled %}
|
||||||
echo "Restart the mongod service, reload is not supported" >> "$LE_LOG_DIR/mongodb.log"
|
echo "Reload the mongod service" >> "$LE_LOG_DIR/mongodb.log"
|
||||||
{% if mongodb_install_from_external_repo %}
|
{% if mongodb_install_from_external_repo %}
|
||||||
if [ -x /sbin/stop ] && [ -f /etc/init/mongod.conf ] ; then
|
service mongod stop >> "$LE_LOG_DIR/mongodb.log" 2>&1
|
||||||
/sbin/stop mongod >> "$LE_LOG_DIR/mongodb.log" 2>&1
|
sleep 10
|
||||||
sleep 10
|
service mongod start >> "$LE_LOG_DIR/mongodb.log" 2>&1
|
||||||
/sbin/start mongod >> "$LE_LOG_DIR/mongodb.log" 2>&1
|
|
||||||
else
|
|
||||||
service mongod stop >> "$LE_LOG_DIR/mongodb.log" 2>&1
|
|
||||||
sleep 10
|
|
||||||
service mongod start >> "$LE_LOG_DIR/mongodb.log" 2>&1
|
|
||||||
fi
|
|
||||||
{% else %}
|
{% else %}
|
||||||
systemctl stop mongodb >> "$LE_LOG_DIR/mongodb.log" 2>&1
|
systemctl stop mongodb >> "$LE_LOG_DIR/mongodb.log" 2>&1
|
||||||
sleep 10
|
sleep 10
|
||||||
|
|
|
@ -1,15 +0,0 @@
|
||||||
[Unit]
|
|
||||||
Description=mongodb_exporter - Prometheus exporter for mongodb.
|
|
||||||
After=network.target
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
Type=simple
|
|
||||||
Restart=on-failure
|
|
||||||
|
|
||||||
User={{ mongodb_prometheus_exporter_user }}
|
|
||||||
Group={{ mongodb_prometheus_exporter_user }}
|
|
||||||
|
|
||||||
ExecStart={{ mongodb_prometheus_exporter_cmd }} {{ mongodb_prometheus_exporter_opts }} {{ mongodb_prometheus_exporter_additional_opts }} {{ mongodb_prometheus_exporter_collect_opts }} {{ mongodb_prometheus_exporter_connection_opts }}{% if mongodb_prometheus_exporter_enable_compatible_mode %} --compatible-mode{% endif %}
|
|
||||||
|
|
||||||
[Install]
|
|
||||||
WantedBy=multi-user.target
|
|
|
@ -1,13 +0,0 @@
|
||||||
description "Prometheus mongodb exporter"
|
|
||||||
start on (local-filesystems and net-device-up IFACE!=lo)
|
|
||||||
stop on runlevel [016]
|
|
||||||
|
|
||||||
respawn
|
|
||||||
respawn limit 10 5
|
|
||||||
setuid {{ mongodb_prometheus_exporter_user }}
|
|
||||||
setgid {{ mongodb_prometheus_exporter_user }}
|
|
||||||
|
|
||||||
script
|
|
||||||
exec {{ mongodb_prometheus_exporter_cmd }} {{ mongodb_prometheus_exporter_opts }} {{ mongodb_prometheus_exporter_connection_opts }} {{ mongodb_prometheus_exporter_collect_opts }} {{ mongodb_prometheus_exporter_additional_opts }}{% if mongodb_prometheus_exporter_enable_compatible_mode %} --compatible-mode{% endif %}
|
|
||||||
|
|
||||||
end script
|
|
Loading…
Reference in New Issue