From 040aed810d666601487eafe81d3940bfd5474834 Mon Sep 17 00:00:00 2001 From: Gianmarco Mameli Date: Thu, 14 Nov 2024 09:08:00 +0100 Subject: [PATCH 1/7] working commit --- doc/role-icingaweb2/module-kubernetes.md | 24 ++++++ doc/role-kubernetes/role-kubernetes.md | 75 +++++++++++++++++++ roles/icingaweb2/tasks/modules/kubernetes.yml | 18 +++++ roles/kubernetes/defaults/main.yml | 19 +++++ roles/kubernetes/handlers/main.yml | 9 +++ roles/kubernetes/meta/main.yml | 27 +++++++ roles/kubernetes/tasks/install_on_debian.yml | 4 + roles/kubernetes/tasks/install_on_redhat.yml | 4 + roles/kubernetes/tasks/install_on_suse.yml | 4 + roles/kubernetes/tasks/main.yml | 32 ++++++++ roles/kubernetes/tasks/manage_config.yml | 9 +++ .../kubernetes/tasks/manage_schema_mysql.yml | 31 ++++++++ .../kubernetes/tasks/manage_schema_pgsql.yml | 36 +++++++++ roles/kubernetes/tasks/manage_service.yml | 24 ++++++ .../icinga-kubernetes-override.conf.j2 | 20 +++++ roles/kubernetes/templates/kubernetes.ini.j2 | 18 +++++ roles/kubernetes/vars/default.yml | 1 + 17 files changed, 355 insertions(+) create mode 100644 doc/role-icingaweb2/module-kubernetes.md create mode 100644 doc/role-kubernetes/role-kubernetes.md create mode 100644 roles/icingaweb2/tasks/modules/kubernetes.yml create mode 100644 roles/kubernetes/defaults/main.yml create mode 100644 roles/kubernetes/handlers/main.yml create mode 100644 roles/kubernetes/meta/main.yml create mode 100644 roles/kubernetes/tasks/install_on_debian.yml create mode 100644 roles/kubernetes/tasks/install_on_redhat.yml create mode 100644 roles/kubernetes/tasks/install_on_suse.yml create mode 100644 roles/kubernetes/tasks/main.yml create mode 100644 roles/kubernetes/tasks/manage_config.yml create mode 100644 roles/kubernetes/tasks/manage_schema_mysql.yml create mode 100644 roles/kubernetes/tasks/manage_schema_pgsql.yml create mode 100644 roles/kubernetes/tasks/manage_service.yml create mode 100644 roles/kubernetes/templates/icinga-kubernetes-override.conf.j2 create mode 100644 roles/kubernetes/templates/kubernetes.ini.j2 create mode 100644 roles/kubernetes/vars/default.yml diff --git a/doc/role-icingaweb2/module-kubernetes.md b/doc/role-icingaweb2/module-kubernetes.md new file mode 100644 index 00000000..3427b48e --- /dev/null +++ b/doc/role-icingaweb2/module-kubernetes.md @@ -0,0 +1,24 @@ +## Module Kubernetes + +### Variables and Configuration + +The general module parameter like `enabled` and `source` can be applied here. + +| Variable | Value | +|----------|------------| +| enabled | true/false | +| source | package | + +#### Section configuration + +The backend database for the module needs to be available and configured at the `icingaweb2_resources` variable. + +``` +icingaweb2_modules: + kubernetes: + enabled: true + source: package + config: + database: + resource: kubernetes_db +``` diff --git a/doc/role-kubernetes/role-kubernetes.md b/doc/role-kubernetes/role-kubernetes.md new file mode 100644 index 00000000..fbc3d525 --- /dev/null +++ b/doc/role-kubernetes/role-kubernetes.md @@ -0,0 +1,75 @@ +# Role icinga.icinga.kubernetes + +This role installs and configures the Icinga Kubernetes Daemon. In addition it can also import the schema into the database. +More information about this package can be found [in the official documentation](https://icinga.com/docs/icinga-for-kubernetes/latest/doc/01-About/). + +## Database + +Icinga Kubernetes relies on a relational database to persist received data. This database **won't** be created by this role - you need to deploy and configure one in advance. For more information, see the [Databases](../getting-started.md#databases) section in the getting started guide. + +## Variables + +The following variables define the configuration for Icinga Kubernetes. Some variables got predefined [defaults](../../roles/kubernetes/defaults/main.yml), others are purely opt-in. + +For more information on the respective settings please see [the official documentation](https://icinga.com/docs/icinga-for-kubernetes/latest/doc/03-Configuration/). + +### Database Configuration + +| Variable | Type | Description | Default | +|----------|------|-------------|---------| +| `kubernetes_database_host` | `String` | Defines database address to connect to. | `127.0.0.1` | +| `kubernetes_database_import_schema` | `bool` | Defines whether to import the schema into the database or not. **Needs `kubernetes_database_type` to be set**. | `false` | +| `kubernetes_database_name` | `String` | Defines the database to connect to. | `kubernetes` | +| `kubernetes_database_password` | `String` | Defines the database password to connect with. | `kubernetes` | +| `kubernetes_database_port` | `int` | Defines the database port to connect to. | **n/a** | +| `kubernetes_database_type` | `mysql` | Defines database type set in `config.yml`. | `mysql` | +| `kubernetes_database_user` | `String` | Defines database user set in `config.yml`. | `kubernetes` | + +### Icinga Kubernetes Configuration + +The following variables are used for the Icinga Kubernetes setup. Normally, you can rely on the defaults to work and should **not** change them unless you know what you are doing. + +| Variable | Type | Description | Default | +|----------|------|-------------|---------| +| `kubernetes_config_dir` | `String` | Defines the directory where the Icinga Kubernetes configuration is stored. | `/etc/icinga-kubernetes` | +| `kubernetes_database_schema` | `String` | Defines the path to the schema file. | `"/usr/share/icinga-kubernetes/schema/{{ kubernetes_database_type }}/schema.sql"` | +| `kubernetes_group` | `String` | Defines the group membership for the Icinga Kubernetes user. | `icinga-kubernetes` | +| `kubernetes_packages` | `List` | Defines the packages to install for Icinga Kubernetes. | `[icinga-kubernetes]` | +| `kubernetes_service_name` | `String` | Defines the name of the Icinga Kubernetes service. | `icinga-kubernetes` | +| `kubernetes_user` | `String` | Defines the user for the Icinga Kubernetes service. | `icinga-kubernetes` | +| `kubernetes_kubeconfig_path` | `String` | Defines the path for the kubeconfig file, if not in standard path. | `{{ ansible_env.HOME }}/.kube/config` | + +## Examples + +This play installs Icinga Kubernetes with on the same host as its connected MySQL database. It also imports the schema into the database. + +```yaml +- name: Install Icinga Kubernetes + hosts: icingakubernetes + become: true + vars: + kubernetes_database_import_schema: true # Import the schema into the database + kubernetes_database_type: mysql # needed by the schema import + + roles: + - role: icinga.icinga.kubernetes +``` + +This example installs Icinga Kubernetes and connects it to a **remote** MySQL database. It also imports the schema into the database and set a custom kubeconfig path. + +```yaml +- name: Install Icinga Kubernetes + hosts: icingadb + become: true + vars: + kubernetes_database_type: mysql + kubernetes_database_host: mysql.example.com + kubernetes_database_port: 3306 + kubernetes_database_user: kube_user + kubernetes_database_password: hellokube$123 + kubernetes_database_import_schema: true + kubernetes_kubeconfig_path: /opt/kube/config + + roles: + - role: icinga.icinga.kubernetes +``` diff --git a/roles/icingaweb2/tasks/modules/kubernetes.yml b/roles/icingaweb2/tasks/modules/kubernetes.yml new file mode 100644 index 00000000..1537d179 --- /dev/null +++ b/roles/icingaweb2/tasks/modules/kubernetes.yml @@ -0,0 +1,18 @@ +- name: Module Icinga Kubernetes | Ensure config directory + ansible.builtin.file: + state: directory + dest: "{{ icingaweb2_modules_config_dir }}/{{ item.key }}" + owner: "{{ icingaweb2_httpd_user }}" + group: "{{ icingaweb2_group }}" + mode: "2770" + +- name: Module Icinga Kubernetes | Manage config files + ansible.builtin.include_tasks: manage_module_config.yml + loop: "{{ _files }}" + loop_control: + loop_var: _file + when: vars['icingaweb2_modules'][_module][_file] is defined + vars: + _module: "{{ item.key }}" + _files: + - config diff --git a/roles/kubernetes/defaults/main.yml b/roles/kubernetes/defaults/main.yml new file mode 100644 index 00000000..39047fab --- /dev/null +++ b/roles/kubernetes/defaults/main.yml @@ -0,0 +1,19 @@ +--- +# Database Settings +kubernetes_database_import_schema: false +kubernetes_database_type: mysql +kubernetes_database_host: 127.0.0.1 +kubernetes_database_name: kubernetes +kubernetes_database_user: kubernetes +kubernetes_database_password: kubernetes +# kubernetes_database_port: + +# Variables for kubernetes role +kubernetes_config_dir: /etc/icinga-kubernetes +kubernetes_service_name: icinga-kubernetes +kubernetes_group: icinga-kubernetes +kubernetes_user: icinga-kubernetes +kubernetes_database_schema: "/usr/share/icinga-kubernetes/schema/{{ kubernetes_database_type }}/schema.sql" +kubernetes_packages: + - icinga-kubernetes +kubernetes_kubeconfig_path: "{{ ansible_env.HOME }}/.kube/config" diff --git a/roles/kubernetes/handlers/main.yml b/roles/kubernetes/handlers/main.yml new file mode 100644 index 00000000..3467773b --- /dev/null +++ b/roles/kubernetes/handlers/main.yml @@ -0,0 +1,9 @@ +--- +- name: Systemd reload + ansible.builtin.systemd: + daemon_reload: true + +- name: Kubernetes-restart + ansible.builtin.service: + name: "{{ kubernetes_service_name }}" + state: restarted diff --git a/roles/kubernetes/meta/main.yml b/roles/kubernetes/meta/main.yml new file mode 100644 index 00000000..1b6cbe3a --- /dev/null +++ b/roles/kubernetes/meta/main.yml @@ -0,0 +1,27 @@ +galaxy_info: + author: | + - Gianmarco Mameli + description: Role to install, configure or manage Icinga Kubernetes. + license: Apache-2.0 + min_ansible_version: '2.9' + platforms: + - name: opensuse + versions: ['15.5'] + - name: SLES + versions: ['15'] + - name: EL + versions: ['7'] + - name: Debian + versions: ['buster','bullseye','bookworm'] + - name: Ubuntu + versions: ['jammy'] + galaxy_tags: + - icinga + - monitoring + - satellite + - agent + - server + - master + - icinga2 + - kubernetes +dependencies: [] diff --git a/roles/kubernetes/tasks/install_on_debian.yml b/roles/kubernetes/tasks/install_on_debian.yml new file mode 100644 index 00000000..fb90849c --- /dev/null +++ b/roles/kubernetes/tasks/install_on_debian.yml @@ -0,0 +1,4 @@ +- name: Debian - Install Kubernetes packages + ansible.builtin.apt: + name: "{{ kubernetes_packages }}" + state: present diff --git a/roles/kubernetes/tasks/install_on_redhat.yml b/roles/kubernetes/tasks/install_on_redhat.yml new file mode 100644 index 00000000..6ade0000 --- /dev/null +++ b/roles/kubernetes/tasks/install_on_redhat.yml @@ -0,0 +1,4 @@ +- name: RedHat - Install Kubernetes packages + ansible.builtin.yum: + name: "{{ kubernetes_packages }}" + state: present diff --git a/roles/kubernetes/tasks/install_on_suse.yml b/roles/kubernetes/tasks/install_on_suse.yml new file mode 100644 index 00000000..98b83ed9 --- /dev/null +++ b/roles/kubernetes/tasks/install_on_suse.yml @@ -0,0 +1,4 @@ +- name: Suse - Install Kubernetes packages + community.general.zypper: + name: "{{ kubernetes_packages }}" + state: present diff --git a/roles/kubernetes/tasks/main.yml b/roles/kubernetes/tasks/main.yml new file mode 100644 index 00000000..df91b7f9 --- /dev/null +++ b/roles/kubernetes/tasks/main.yml @@ -0,0 +1,32 @@ +--- +- name: Include OS specific vars + ansible.builtin.include_vars: "{{ lookup('first_found', params) }}" + vars: + params: + files: + - "{{ ansible_os_family }}-{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml" + - "{{ ansible_os_family }}-{{ ansible_distribution_major_version }}.yml" + - "{{ ansible_os_family }}-{{ ansible_distribution }}.yml" + - "{{ ansible_os_family }}.yml" + - default.yml + paths: + - "{{ role_path }}/vars" + +- name: Check supported operatingsystems + block: + - name: Include OS specific installation + ansible.builtin.include_tasks: "install_on_{{ ansible_os_family | lower }}.yml" + rescue: + - name: "OS family not supported!" + ansible.builtin.fail: + msg: "The OS {{ ansible_os_family }} is not supported!" + +- name: Include Tasks to configure Icinga Kubernetes + ansible.builtin.include_tasks: manage_config.yml + +- name: Include Tasks to import DB Schema + ansible.builtin.include_tasks: "manage_schema_{{ kubernetes_database_type | lower }}.yml" + when: kubernetes_database_import_schema and kubernetes_database_type is defined + +- name: Include Tasks to manage Kubernetes Service + ansible.builtin.include_tasks: manage_service.yml diff --git a/roles/kubernetes/tasks/manage_config.yml b/roles/kubernetes/tasks/manage_config.yml new file mode 100644 index 00000000..46c0357b --- /dev/null +++ b/roles/kubernetes/tasks/manage_config.yml @@ -0,0 +1,9 @@ +--- +- name: Write configuration to {{ kubernetes_config_dir }}/config.yml + ansible.builtin.template: + src: kubernetes.ini.j2 + dest: "{{ kubernetes_config_dir }}/config.yml" + owner: "{{ kubernetes_user }}" + group: "{{ kubernetes_group }}" + mode: 0640 + notify: Kubernetes-restart diff --git a/roles/kubernetes/tasks/manage_schema_mysql.yml b/roles/kubernetes/tasks/manage_schema_mysql.yml new file mode 100644 index 00000000..3fbb81f2 --- /dev/null +++ b/roles/kubernetes/tasks/manage_schema_mysql.yml @@ -0,0 +1,31 @@ +- name: MySQL import Kubernetes schema + when: kubernetes_database_import_schema | default(False) + block: + - name: Build mysql command + ansible.builtin.set_fact: + mysqlcmd: >- + mysql {% if kubernetes_database_host | default('localhost') != 'localhost' %} -h "{{ kubernetes_database_host }}" {%- endif %} + {% if kubernetes_database_port is defined %} -P {{ kubernetes_database_port }} {%- endif %} + {% if kubernetes_database_ca is defined %} --ssl-ca "{{ kubernetes_database_ca }}" {%- endif %} + {% if kubernetes_database_cert is defined %} --ssl-cert "{{ kubernetes_database_cert }}" {%- endif %} + {% if kubernetes_database_key is defined %} --ssl-key "{{ kubernetes_database_key }}" {%- endif %} + -u "{{ kubernetes_database_user | default('kubernetes') }}" + -p"{{ kubernetes_database_password }}" + "{{ kubernetes_database_name | default('kubernetes') }}" + + - name: MySQL check for Kubernetes schema + ansible.builtin.shell: > + {{ mysqlcmd }} + -Ns -e "select version from kubernetes_schema" + failed_when: false + changed_when: false + check_mode: false + register: _db_schema + + - name: MySQL import Kubernetes schema + ansible.builtin.shell: > + {{ mysqlcmd }} + < {{ kubernetes_database_schema }} + when: _db_schema.rc != 0 + check_mode: false + run_once: true diff --git a/roles/kubernetes/tasks/manage_schema_pgsql.yml b/roles/kubernetes/tasks/manage_schema_pgsql.yml new file mode 100644 index 00000000..aa3dc53b --- /dev/null +++ b/roles/kubernetes/tasks/manage_schema_pgsql.yml @@ -0,0 +1,36 @@ +# temporarily disabled, pgsql at the moment is not available for icinga kubernetes + +# - name: PgSQL import Kubernetes schema +# when: kubernetes_database_import_schema| default(False) +# block: +# - name: Build pgsql command +# ansible.builtin.set_fact: +# _tmp_pgsqlcmd: >- +# PGPASSWORD="{{ kubernetes_database_password }}" +# psql +# "{% if kubernetes_database_host %} host="{{ kubernetes_database_host }}" {%- endif %} +# {% if kubernetes_database_port is defined %} port={{ kubernetes_database_port }} {%- endif %} +# user={{ kubernetes_database_user | default('kubernetes') }} +# dbname={{ kubernetes_database_name | default('kubernetes') }} +# {% if kubernetes_database_sslmode is defined %} sslmode={{ kubernetes_database_sslmode }} {%- endif %} +# {% if kubernetes_database_ca is defined %} sslrootcert={{ kubernetes_database_ca }} {%- endif %} +# {% if kubernetes_database_cert is defined %} sslcert={{ kubernetes_database_cert }} {%- endif %} +# {% if kubernetes_database_key is defined %} sslkey={{ kubernetes_database_key }} {%- endif %} +# {% if kubernetes_database_ssl_extra_options is defined %} {{ kubernetes_database_ssl_extra_options }} {%- endif %}" + +# - name: PgSQL check for Kubernetes schema +# ansible.builtin.shell: > +# {{ _tmp_pgsqlcmd }} +# -w -c "select version from kubernetes_schema" +# failed_when: false +# changed_when: false +# check_mode: false +# register: _db_schema + +# - name: PgSQL import Kubernetes schema +# ansible.builtin.shell: > +# {{ _tmp_pgsqlcmd }} +# -w -f {{ kubernetes_database_schema }} +# when: _db_schema.rc != 0 +# check_mode: false +# run_once: true diff --git a/roles/kubernetes/tasks/manage_service.yml b/roles/kubernetes/tasks/manage_service.yml new file mode 100644 index 00000000..a990217c --- /dev/null +++ b/roles/kubernetes/tasks/manage_service.yml @@ -0,0 +1,24 @@ +--- +- name: Create override directory + ansible.builtin.file: + path: /etc/systemd/system/{{ kubernetes_service_name }}.service.d + state: directory + mode: '0755' + notify: + - Systemd reload + - Kubernetes-restart + +- name: Create override configuration file + ansible.builtin.template: + src: icinga-kubernetes-override.conf.j2 + dest: "/etc/systemd/system/{{ kubernetes_service_name }}.service.d/override.conf" + mode: '0640' + notify: + - Systemd reload + - Kubernetes-restart + +- name: Ensure Kubernetes Service is running + ansible.builtin.service: + state: started + enabled: yes + name: "{{ kubernetes_service_name }}" diff --git a/roles/kubernetes/templates/icinga-kubernetes-override.conf.j2 b/roles/kubernetes/templates/icinga-kubernetes-override.conf.j2 new file mode 100644 index 00000000..a8cbb3d6 --- /dev/null +++ b/roles/kubernetes/templates/icinga-kubernetes-override.conf.j2 @@ -0,0 +1,20 @@ +### Editing /etc/systemd/system/icinga-kubernetes.service.d/override.conf +### Anything between here and the comment below will become the new contents of the file + + + +### Lines below this comment will be discarded + +### /lib/systemd/system/icinga-kubernetes.service +# [Unit] +# Description=Icinga for Kubernetes +# After=syslog.target network-online.target mariadb.service postgresql.service +# +[Service] +Environment="KUBECONFIG={{ kubernetes_kubeconfig_path }}" +# Type=simple +# ExecStart=/usr/sbin/icinga-kubernetes --config /etc/icinga-kubernetes/config.yml +# User=icinga-kubernetes +# +# [Install] +# WantedBy=multi-user.target \ No newline at end of file diff --git a/roles/kubernetes/templates/kubernetes.ini.j2 b/roles/kubernetes/templates/kubernetes.ini.j2 new file mode 100644 index 00000000..30ad4e67 --- /dev/null +++ b/roles/kubernetes/templates/kubernetes.ini.j2 @@ -0,0 +1,18 @@ +# {{ ansible_managed }} + +database: +{% if kubernetes_database_type is defined %} + type: {{ kubernetes_database_type }} +{% endif %} + host: {{ kubernetes_database_host | default('localhost') }} +{% if kubernetes_database_port is defined %} + port: {{ kubernetes_database_port }} +{% endif %} + database: {{ kubernetes_database_name | default('kubernetes') }} + user: {{ kubernetes_database_user | default('kubernetes') }} + password: {{ kubernetes_database_password | default('kubernetes') }} + +prometheus: +{% if kubernetes_prometheus_url is defined %} + url: {{ kubernetes_prometheus_url }} +{% endif %} diff --git a/roles/kubernetes/vars/default.yml b/roles/kubernetes/vars/default.yml new file mode 100644 index 00000000..ed97d539 --- /dev/null +++ b/roles/kubernetes/vars/default.yml @@ -0,0 +1 @@ +--- From 4b2828ea47a642fec5c12d3b1ec47bf19cc9d4ca Mon Sep 17 00:00:00 2001 From: Gianmarco Mameli <57061995+gianmarco-mameli@users.noreply.github.com> Date: Mon, 18 Nov 2024 15:32:44 +0100 Subject: [PATCH 2/7] Update doc/role-icingaweb2/module-kubernetes.md Co-authored-by: Donien <88634789+Donien@users.noreply.github.com> --- doc/role-icingaweb2/module-kubernetes.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/role-icingaweb2/module-kubernetes.md b/doc/role-icingaweb2/module-kubernetes.md index 3427b48e..77876512 100644 --- a/doc/role-icingaweb2/module-kubernetes.md +++ b/doc/role-icingaweb2/module-kubernetes.md @@ -13,7 +13,7 @@ The general module parameter like `enabled` and `source` can be applied here. The backend database for the module needs to be available and configured at the `icingaweb2_resources` variable. -``` +```yaml icingaweb2_modules: kubernetes: enabled: true From 881db6c11dc2b1131c8de244d9fab121cb39171d Mon Sep 17 00:00:00 2001 From: Gianmarco Mameli <57061995+gianmarco-mameli@users.noreply.github.com> Date: Mon, 18 Nov 2024 15:45:30 +0100 Subject: [PATCH 3/7] Update roles/kubernetes/defaults/main.yml Co-authored-by: Donien <88634789+Donien@users.noreply.github.com> --- roles/kubernetes/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/kubernetes/defaults/main.yml b/roles/kubernetes/defaults/main.yml index 39047fab..c039a31b 100644 --- a/roles/kubernetes/defaults/main.yml +++ b/roles/kubernetes/defaults/main.yml @@ -16,4 +16,4 @@ kubernetes_user: icinga-kubernetes kubernetes_database_schema: "/usr/share/icinga-kubernetes/schema/{{ kubernetes_database_type }}/schema.sql" kubernetes_packages: - icinga-kubernetes -kubernetes_kubeconfig_path: "{{ ansible_env.HOME }}/.kube/config" +kubernetes_kubeconfig_path: "{{ kubernetes_config_dir }}/kube_config" From efae94d83a85f012434174fa26f1659dfb2b9696 Mon Sep 17 00:00:00 2001 From: Gianmarco Mameli Date: Mon, 18 Nov 2024 15:47:27 +0100 Subject: [PATCH 4/7] fixes --- doc/role-kubernetes/role-kubernetes.md | 2 +- roles/icingaweb2/vars/main.yml | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/doc/role-kubernetes/role-kubernetes.md b/doc/role-kubernetes/role-kubernetes.md index fbc3d525..cb1ab4dd 100644 --- a/doc/role-kubernetes/role-kubernetes.md +++ b/doc/role-kubernetes/role-kubernetes.md @@ -37,7 +37,7 @@ The following variables are used for the Icinga Kubernetes setup. Normally, you | `kubernetes_packages` | `List` | Defines the packages to install for Icinga Kubernetes. | `[icinga-kubernetes]` | | `kubernetes_service_name` | `String` | Defines the name of the Icinga Kubernetes service. | `icinga-kubernetes` | | `kubernetes_user` | `String` | Defines the user for the Icinga Kubernetes service. | `icinga-kubernetes` | -| `kubernetes_kubeconfig_path` | `String` | Defines the path for the kubeconfig file, if not in standard path. | `{{ ansible_env.HOME }}/.kube/config` | +| `kubernetes_kubeconfig_path` | `String` | Defines the path for the kubeconfig file, if not in standard path. | `{{ kubernetes_config_dir }}/.kube/config` | ## Examples diff --git a/roles/icingaweb2/vars/main.yml b/roles/icingaweb2/vars/main.yml index 588f0d6d..18e3ec10 100644 --- a/roles/icingaweb2/vars/main.yml +++ b/roles/icingaweb2/vars/main.yml @@ -4,3 +4,4 @@ icingaweb2_module_packages: director: icinga-director x509: icinga-x509 businessprocess: icinga-businessprocess + kubernetes: icinga-kubernetes-web From 9f9b26d242e9e0307118df7f46335b4cdb27466b Mon Sep 17 00:00:00 2001 From: Gianmarco Mameli Date: Mon, 18 Nov 2024 16:24:40 +0100 Subject: [PATCH 5/7] changelog fragment --- changelogs/fragments/feature_kubernetes.yml | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 changelogs/fragments/feature_kubernetes.yml diff --git a/changelogs/fragments/feature_kubernetes.yml b/changelogs/fragments/feature_kubernetes.yml new file mode 100644 index 00000000..4e09589f --- /dev/null +++ b/changelogs/fragments/feature_kubernetes.yml @@ -0,0 +1,4 @@ +--- +major_changes: + - Add a role for the installation and configuration of `Icinga for Kubernetes `_. + - Add tasks to role :code:`icingaweb2` to install and configure `Icinga for Kubernetes Web `_. \ No newline at end of file From 4d895a0f43082690b7db11371d59b505d82b2a40 Mon Sep 17 00:00:00 2001 From: Gianmarco Mameli Date: Sat, 21 Dec 2024 10:59:31 +0100 Subject: [PATCH 6/7] config file fixes --- roles/kubernetes/tasks/manage_config.yml | 2 +- .../templates/{kubernetes.ini.j2 => kubernetes.yml.j2} | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) rename roles/kubernetes/templates/{kubernetes.ini.j2 => kubernetes.yml.j2} (94%) diff --git a/roles/kubernetes/tasks/manage_config.yml b/roles/kubernetes/tasks/manage_config.yml index 46c0357b..9f8b5ee6 100644 --- a/roles/kubernetes/tasks/manage_config.yml +++ b/roles/kubernetes/tasks/manage_config.yml @@ -1,7 +1,7 @@ --- - name: Write configuration to {{ kubernetes_config_dir }}/config.yml ansible.builtin.template: - src: kubernetes.ini.j2 + src: kubernetes.yml.j2 dest: "{{ kubernetes_config_dir }}/config.yml" owner: "{{ kubernetes_user }}" group: "{{ kubernetes_group }}" diff --git a/roles/kubernetes/templates/kubernetes.ini.j2 b/roles/kubernetes/templates/kubernetes.yml.j2 similarity index 94% rename from roles/kubernetes/templates/kubernetes.ini.j2 rename to roles/kubernetes/templates/kubernetes.yml.j2 index 30ad4e67..8c4f493b 100644 --- a/roles/kubernetes/templates/kubernetes.ini.j2 +++ b/roles/kubernetes/templates/kubernetes.yml.j2 @@ -1,4 +1,4 @@ -# {{ ansible_managed }} +# {{ ansible_managed | comment }} database: {% if kubernetes_database_type is defined %} From 4c6579a214fcbd7e1836fa46a310520cdba00628 Mon Sep 17 00:00:00 2001 From: Gianmarco Mameli Date: Sat, 21 Dec 2024 16:21:48 +0100 Subject: [PATCH 7/7] fixes requested on PR --- .../role-icinga_kubernetes.md | 75 +++++++++++++++++++ doc/role-kubernetes/role-kubernetes.md | 75 ------------------- roles/icinga_kubernetes/defaults/main.yml | 19 +++++ .../handlers/main.yml | 2 +- .../meta/main.yml | 0 .../tasks/install_on_debian.yml | 2 +- .../tasks/install_on_redhat.yml | 2 +- .../tasks/install_on_suse.yml | 2 +- .../tasks/main.yml | 4 +- .../icinga_kubernetes/tasks/manage_config.yml | 9 +++ .../tasks/manage_schema_mysql.yml | 31 ++++++++ .../tasks/manage_schema_pgsql.yml | 36 +++++++++ .../tasks/manage_service.yml | 27 +++++++ .../icinga-kubernetes-override.conf.j2 | 6 +- .../templates/kubernetes.yml.j2 | 18 +++++ .../vars/default.yml | 0 roles/kubernetes/defaults/main.yml | 19 ----- roles/kubernetes/tasks/manage_config.yml | 9 --- .../kubernetes/tasks/manage_schema_mysql.yml | 31 -------- .../kubernetes/tasks/manage_schema_pgsql.yml | 36 --------- roles/kubernetes/tasks/manage_service.yml | 24 ------ roles/kubernetes/templates/kubernetes.yml.j2 | 18 ----- 22 files changed, 224 insertions(+), 221 deletions(-) create mode 100644 doc/role-icinga_kubernetes/role-icinga_kubernetes.md delete mode 100644 doc/role-kubernetes/role-kubernetes.md create mode 100644 roles/icinga_kubernetes/defaults/main.yml rename roles/{kubernetes => icinga_kubernetes}/handlers/main.yml (75%) rename roles/{kubernetes => icinga_kubernetes}/meta/main.yml (100%) rename roles/{kubernetes => icinga_kubernetes}/tasks/install_on_debian.yml (65%) rename roles/{kubernetes => icinga_kubernetes}/tasks/install_on_redhat.yml (65%) rename roles/{kubernetes => icinga_kubernetes}/tasks/install_on_suse.yml (66%) rename roles/{kubernetes => icinga_kubernetes}/tasks/main.yml (84%) create mode 100644 roles/icinga_kubernetes/tasks/manage_config.yml create mode 100644 roles/icinga_kubernetes/tasks/manage_schema_mysql.yml create mode 100644 roles/icinga_kubernetes/tasks/manage_schema_pgsql.yml create mode 100644 roles/icinga_kubernetes/tasks/manage_service.yml rename roles/{kubernetes => icinga_kubernetes}/templates/icinga-kubernetes-override.conf.j2 (88%) create mode 100644 roles/icinga_kubernetes/templates/kubernetes.yml.j2 rename roles/{kubernetes => icinga_kubernetes}/vars/default.yml (100%) delete mode 100644 roles/kubernetes/defaults/main.yml delete mode 100644 roles/kubernetes/tasks/manage_config.yml delete mode 100644 roles/kubernetes/tasks/manage_schema_mysql.yml delete mode 100644 roles/kubernetes/tasks/manage_schema_pgsql.yml delete mode 100644 roles/kubernetes/tasks/manage_service.yml delete mode 100644 roles/kubernetes/templates/kubernetes.yml.j2 diff --git a/doc/role-icinga_kubernetes/role-icinga_kubernetes.md b/doc/role-icinga_kubernetes/role-icinga_kubernetes.md new file mode 100644 index 00000000..70c0a894 --- /dev/null +++ b/doc/role-icinga_kubernetes/role-icinga_kubernetes.md @@ -0,0 +1,75 @@ +# Role icinga.icinga.icinga_kubernetes + +This role installs and configures the Icinga Kubernetes Daemon. In addition it can also import the schema into the database. +More information about this package can be found [in the official documentation](https://icinga.com/docs/icinga-for-kubernetes/latest/doc/01-About/). + +## Database + +Icinga Kubernetes relies on a relational database to persist received data. This database **won't** be created by this role - you need to deploy and configure one in advance. For more information, see the [Databases](../getting-started.md#databases) section in the getting started guide. + +## Variables + +The following variables define the configuration for Icinga Kubernetes. Some variables got predefined [defaults](../../roles/kubernetes/defaults/main.yml), others are purely opt-in. + +For more information on the respective settings please see [the official documentation](https://icinga.com/docs/icinga-for-kubernetes/latest/doc/03-Configuration/). + +### Database Configuration + +| Variable | Type | Description | Default | +|----------|------|-------------|---------| +| `icinga_kubernetes_database_host` | `String` | Defines database address to connect to. | `127.0.0.1` | +| `icinga_kubernetes_database_import_schema` | `bool` | Defines whether to import the schema into the database or not. **Needs `icinga_kubernetes_database_type` to be set**. | `false` | +| `icinga_kubernetes_database_name` | `String` | Defines the database to connect to. | `kubernetes` | +| `icinga_kubernetes_database_password` | `String` | Defines the database password to connect with. | `kubernetes` | +| `icinga_kubernetes_database_port` | `int` | Defines the database port to connect to. | **n/a** | +| `icinga_kubernetes_database_type` | `mysql` | Defines database type set in `config.yml`. | `mysql` | +| `icinga_kubernetes_database_user` | `String` | Defines database user set in `config.yml`. | `kubernetes` | + +### Icinga Kubernetes Configuration + +The following variables are used for the Icinga Kubernetes setup. Normally, you can rely on the defaults to work and should **not** change them unless you know what you are doing. + +| Variable | Type | Description | Default | +|----------|------|-------------|---------| +| `icinga_kubernetes_config_dir` | `String` | Defines the directory where the Icinga Kubernetes configuration is stored. | `/etc/icinga-kubernetes` | +| `icinga_kubernetes_database_schema` | `String` | Defines the path to the schema file. | `"/usr/share/icinga-kubernetes/schema/{{ icinga_kubernetes_database_type }}/schema.sql"` | +| `icinga_kubernetes_group` | `String` | Defines the group membership for the Icinga Kubernetes user. | `icinga-kubernetes` | +| `icinga_kubernetes_packages` | `List` | Defines the packages to install for Icinga Kubernetes. | `[icinga-kubernetes]` | +| `icinga_kubernetes_service_name` | `String` | Defines the name of the Icinga Kubernetes service. | `icinga-kubernetes` | +| `icinga_kubernetes_user` | `String` | Defines the user for the Icinga Kubernetes service. | `icinga-kubernetes` | +| `icinga_kubernetes_kubeconfig_path` | `String` | Defines the path for the kubeconfig file, if not in standard path defined by KUBECONFIG env | | + +## Examples + +This play installs Icinga Kubernetes with on the same host as its connected MySQL database. It also imports the schema into the database. + +```yaml +- name: Install Icinga Kubernetes + hosts: icingakubernetes + become: true + vars: + icinga_kubernetes_database_import_schema: true # Import the schema into the database + icinga_kubernetes_database_type: mysql # needed by the schema import + + roles: + - role: icinga.icinga.icinga_kubernetes +``` + +This example installs Icinga Kubernetes and connects it to a **remote** MySQL database. It also imports the schema into the database and set a custom kubeconfig path. + +```yaml +- name: Install Icinga Kubernetes + hosts: icingadb + become: true + vars: + icinga_kubernetes_database_type: mysql + icinga_kubernetes_database_host: mysql.example.com + icinga_kubernetes_database_port: 3306 + icinga_kubernetes_database_user: kube_user + icinga_kubernetes_database_password: hellokube$123 + icinga_kubernetes_database_import_schema: true + icinga_kubernetes_kubeconfig_path: /opt/kube/config + + roles: + - role: icinga.icinga.icinga_kubernetes +``` diff --git a/doc/role-kubernetes/role-kubernetes.md b/doc/role-kubernetes/role-kubernetes.md deleted file mode 100644 index cb1ab4dd..00000000 --- a/doc/role-kubernetes/role-kubernetes.md +++ /dev/null @@ -1,75 +0,0 @@ -# Role icinga.icinga.kubernetes - -This role installs and configures the Icinga Kubernetes Daemon. In addition it can also import the schema into the database. -More information about this package can be found [in the official documentation](https://icinga.com/docs/icinga-for-kubernetes/latest/doc/01-About/). - -## Database - -Icinga Kubernetes relies on a relational database to persist received data. This database **won't** be created by this role - you need to deploy and configure one in advance. For more information, see the [Databases](../getting-started.md#databases) section in the getting started guide. - -## Variables - -The following variables define the configuration for Icinga Kubernetes. Some variables got predefined [defaults](../../roles/kubernetes/defaults/main.yml), others are purely opt-in. - -For more information on the respective settings please see [the official documentation](https://icinga.com/docs/icinga-for-kubernetes/latest/doc/03-Configuration/). - -### Database Configuration - -| Variable | Type | Description | Default | -|----------|------|-------------|---------| -| `kubernetes_database_host` | `String` | Defines database address to connect to. | `127.0.0.1` | -| `kubernetes_database_import_schema` | `bool` | Defines whether to import the schema into the database or not. **Needs `kubernetes_database_type` to be set**. | `false` | -| `kubernetes_database_name` | `String` | Defines the database to connect to. | `kubernetes` | -| `kubernetes_database_password` | `String` | Defines the database password to connect with. | `kubernetes` | -| `kubernetes_database_port` | `int` | Defines the database port to connect to. | **n/a** | -| `kubernetes_database_type` | `mysql` | Defines database type set in `config.yml`. | `mysql` | -| `kubernetes_database_user` | `String` | Defines database user set in `config.yml`. | `kubernetes` | - -### Icinga Kubernetes Configuration - -The following variables are used for the Icinga Kubernetes setup. Normally, you can rely on the defaults to work and should **not** change them unless you know what you are doing. - -| Variable | Type | Description | Default | -|----------|------|-------------|---------| -| `kubernetes_config_dir` | `String` | Defines the directory where the Icinga Kubernetes configuration is stored. | `/etc/icinga-kubernetes` | -| `kubernetes_database_schema` | `String` | Defines the path to the schema file. | `"/usr/share/icinga-kubernetes/schema/{{ kubernetes_database_type }}/schema.sql"` | -| `kubernetes_group` | `String` | Defines the group membership for the Icinga Kubernetes user. | `icinga-kubernetes` | -| `kubernetes_packages` | `List` | Defines the packages to install for Icinga Kubernetes. | `[icinga-kubernetes]` | -| `kubernetes_service_name` | `String` | Defines the name of the Icinga Kubernetes service. | `icinga-kubernetes` | -| `kubernetes_user` | `String` | Defines the user for the Icinga Kubernetes service. | `icinga-kubernetes` | -| `kubernetes_kubeconfig_path` | `String` | Defines the path for the kubeconfig file, if not in standard path. | `{{ kubernetes_config_dir }}/.kube/config` | - -## Examples - -This play installs Icinga Kubernetes with on the same host as its connected MySQL database. It also imports the schema into the database. - -```yaml -- name: Install Icinga Kubernetes - hosts: icingakubernetes - become: true - vars: - kubernetes_database_import_schema: true # Import the schema into the database - kubernetes_database_type: mysql # needed by the schema import - - roles: - - role: icinga.icinga.kubernetes -``` - -This example installs Icinga Kubernetes and connects it to a **remote** MySQL database. It also imports the schema into the database and set a custom kubeconfig path. - -```yaml -- name: Install Icinga Kubernetes - hosts: icingadb - become: true - vars: - kubernetes_database_type: mysql - kubernetes_database_host: mysql.example.com - kubernetes_database_port: 3306 - kubernetes_database_user: kube_user - kubernetes_database_password: hellokube$123 - kubernetes_database_import_schema: true - kubernetes_kubeconfig_path: /opt/kube/config - - roles: - - role: icinga.icinga.kubernetes -``` diff --git a/roles/icinga_kubernetes/defaults/main.yml b/roles/icinga_kubernetes/defaults/main.yml new file mode 100644 index 00000000..aec56976 --- /dev/null +++ b/roles/icinga_kubernetes/defaults/main.yml @@ -0,0 +1,19 @@ +--- +# Database Settings +icinga_kubernetes_database_import_schema: false +icinga_kubernetes_database_type: mysql +icinga_kubernetes_database_host: 127.0.0.1 +icinga_kubernetes_database_name: kubernetes +icinga_kubernetes_database_user: kubernetes +icinga_kubernetes_database_password: kubernetes +# icinga_kubernetes_database_port: + +# Variables for kubernetes role +icinga_kubernetes_config_dir: /etc/icinga-kubernetes +icinga_kubernetes_service_name: icinga-kubernetes +icinga_kubernetes_group: icinga-kubernetes +icinga_kubernetes_user: icinga-kubernetes +icinga_kubernetes_database_schema: "/usr/share/icinga-kubernetes/schema/{{ icinga_kubernetes_database_type }}/schema.sql" +icinga_kubernetes_packages: + - icinga-kubernetes +# icinga_kubernetes_kubeconfig_path: diff --git a/roles/kubernetes/handlers/main.yml b/roles/icinga_kubernetes/handlers/main.yml similarity index 75% rename from roles/kubernetes/handlers/main.yml rename to roles/icinga_kubernetes/handlers/main.yml index 3467773b..f7630776 100644 --- a/roles/kubernetes/handlers/main.yml +++ b/roles/icinga_kubernetes/handlers/main.yml @@ -5,5 +5,5 @@ - name: Kubernetes-restart ansible.builtin.service: - name: "{{ kubernetes_service_name }}" + name: "{{ icinga_kubernetes_service_name }}" state: restarted diff --git a/roles/kubernetes/meta/main.yml b/roles/icinga_kubernetes/meta/main.yml similarity index 100% rename from roles/kubernetes/meta/main.yml rename to roles/icinga_kubernetes/meta/main.yml diff --git a/roles/kubernetes/tasks/install_on_debian.yml b/roles/icinga_kubernetes/tasks/install_on_debian.yml similarity index 65% rename from roles/kubernetes/tasks/install_on_debian.yml rename to roles/icinga_kubernetes/tasks/install_on_debian.yml index fb90849c..a47970ea 100644 --- a/roles/kubernetes/tasks/install_on_debian.yml +++ b/roles/icinga_kubernetes/tasks/install_on_debian.yml @@ -1,4 +1,4 @@ - name: Debian - Install Kubernetes packages ansible.builtin.apt: - name: "{{ kubernetes_packages }}" + name: "{{ icinga_kubernetes_packages }}" state: present diff --git a/roles/kubernetes/tasks/install_on_redhat.yml b/roles/icinga_kubernetes/tasks/install_on_redhat.yml similarity index 65% rename from roles/kubernetes/tasks/install_on_redhat.yml rename to roles/icinga_kubernetes/tasks/install_on_redhat.yml index 6ade0000..ffa86a8c 100644 --- a/roles/kubernetes/tasks/install_on_redhat.yml +++ b/roles/icinga_kubernetes/tasks/install_on_redhat.yml @@ -1,4 +1,4 @@ - name: RedHat - Install Kubernetes packages ansible.builtin.yum: - name: "{{ kubernetes_packages }}" + name: "{{ icinga_kubernetes_packages }}" state: present diff --git a/roles/kubernetes/tasks/install_on_suse.yml b/roles/icinga_kubernetes/tasks/install_on_suse.yml similarity index 66% rename from roles/kubernetes/tasks/install_on_suse.yml rename to roles/icinga_kubernetes/tasks/install_on_suse.yml index 98b83ed9..405e52a2 100644 --- a/roles/kubernetes/tasks/install_on_suse.yml +++ b/roles/icinga_kubernetes/tasks/install_on_suse.yml @@ -1,4 +1,4 @@ - name: Suse - Install Kubernetes packages community.general.zypper: - name: "{{ kubernetes_packages }}" + name: "{{ icinga_kubernetes_packages }}" state: present diff --git a/roles/kubernetes/tasks/main.yml b/roles/icinga_kubernetes/tasks/main.yml similarity index 84% rename from roles/kubernetes/tasks/main.yml rename to roles/icinga_kubernetes/tasks/main.yml index df91b7f9..119f8c09 100644 --- a/roles/kubernetes/tasks/main.yml +++ b/roles/icinga_kubernetes/tasks/main.yml @@ -25,8 +25,8 @@ ansible.builtin.include_tasks: manage_config.yml - name: Include Tasks to import DB Schema - ansible.builtin.include_tasks: "manage_schema_{{ kubernetes_database_type | lower }}.yml" - when: kubernetes_database_import_schema and kubernetes_database_type is defined + ansible.builtin.include_tasks: "manage_schema_{{ icinga_kubernetes_database_type | lower }}.yml" + when: icinga_kubernetes_database_import_schema and icinga_kubernetes_database_type is defined - name: Include Tasks to manage Kubernetes Service ansible.builtin.include_tasks: manage_service.yml diff --git a/roles/icinga_kubernetes/tasks/manage_config.yml b/roles/icinga_kubernetes/tasks/manage_config.yml new file mode 100644 index 00000000..5da34111 --- /dev/null +++ b/roles/icinga_kubernetes/tasks/manage_config.yml @@ -0,0 +1,9 @@ +--- +- name: Write configuration to {{ icinga_kubernetes_config_dir }}/config.yml + ansible.builtin.template: + src: kubernetes.yml.j2 + dest: "{{ icinga_kubernetes_config_dir }}/config.yml" + owner: "{{ icinga_kubernetes_user }}" + group: "{{ icinga_kubernetes_group }}" + mode: 0640 + notify: Kubernetes-restart diff --git a/roles/icinga_kubernetes/tasks/manage_schema_mysql.yml b/roles/icinga_kubernetes/tasks/manage_schema_mysql.yml new file mode 100644 index 00000000..c05ce5e8 --- /dev/null +++ b/roles/icinga_kubernetes/tasks/manage_schema_mysql.yml @@ -0,0 +1,31 @@ +- name: MySQL import Kubernetes schema + when: icinga_kubernetes_database_import_schema | default(False) + block: + - name: Build mysql command + ansible.builtin.set_fact: + mysqlcmd: >- + mysql {% if icinga_kubernetes_database_host | default('localhost') != 'localhost' %} -h "{{ icinga_kubernetes_database_host }}" {%- endif %} + {% if icinga_kubernetes_database_port is defined %} -P {{ icinga_kubernetes_database_port }} {%- endif %} + {% if icinga_kubernetes_database_ca is defined %} --ssl-ca "{{ icinga_kubernetes_database_ca }}" {%- endif %} + {% if icinga_kubernetes_database_cert is defined %} --ssl-cert "{{ icinga_kubernetes_database_cert }}" {%- endif %} + {% if icinga_kubernetes_database_key is defined %} --ssl-key "{{ icinga_kubernetes_database_key }}" {%- endif %} + -u "{{ icinga_kubernetes_database_user | default('kubernetes') }}" + -p"{{ icinga_kubernetes_database_password }}" + "{{ icinga_kubernetes_database_name | default('kubernetes') }}" + + - name: MySQL check for Kubernetes schema + ansible.builtin.shell: > + {{ mysqlcmd }} + -Ns -e "select version from kubernetes_schema" + failed_when: false + changed_when: false + check_mode: false + register: _db_schema + + - name: MySQL import Kubernetes schema + ansible.builtin.shell: > + {{ mysqlcmd }} + < {{ icinga_kubernetes_database_schema }} + when: _db_schema.rc != 0 + check_mode: false + run_once: true diff --git a/roles/icinga_kubernetes/tasks/manage_schema_pgsql.yml b/roles/icinga_kubernetes/tasks/manage_schema_pgsql.yml new file mode 100644 index 00000000..07079629 --- /dev/null +++ b/roles/icinga_kubernetes/tasks/manage_schema_pgsql.yml @@ -0,0 +1,36 @@ +# temporarily disabled, pgsql at the moment is not available for icinga kubernetes + +# - name: PgSQL import Kubernetes schema +# when: icinga_kubernetes_database_import_schema| default(False) +# block: +# - name: Build pgsql command +# ansible.builtin.set_fact: +# _tmp_pgsqlcmd: >- +# PGPASSWORD="{{ icinga_kubernetes_database_password }}" +# psql +# "{% if icinga_kubernetes_database_host %} host="{{ icinga_kubernetes_database_host }}" {%- endif %} +# {% if icinga_kubernetes_database_port is defined %} port={{ icinga_kubernetes_database_port }} {%- endif %} +# user={{ icinga_kubernetes_database_user | default('kubernetes') }} +# dbname={{ icinga_kubernetes_database_name | default('kubernetes') }} +# {% if icinga_kubernetes_database_sslmode is defined %} sslmode={{ icinga_kubernetes_database_sslmode }} {%- endif %} +# {% if icinga_kubernetes_database_ca is defined %} sslrootcert={{ icinga_kubernetes_database_ca }} {%- endif %} +# {% if icinga_kubernetes_database_cert is defined %} sslcert={{ icinga_kubernetes_database_cert }} {%- endif %} +# {% if icinga_kubernetes_database_key is defined %} sslkey={{ icinga_kubernetes_database_key }} {%- endif %} +# {% if icinga_kubernetes_database_ssl_extra_options is defined %} {{ icinga_kubernetes_database_ssl_extra_options }} {%- endif %}" + +# - name: PgSQL check for Kubernetes schema +# ansible.builtin.shell: > +# {{ _tmp_pgsqlcmd }} +# -w -c "select version from kubernetes_schema" +# failed_when: false +# changed_when: false +# check_mode: false +# register: _db_schema + +# - name: PgSQL import Kubernetes schema +# ansible.builtin.shell: > +# {{ _tmp_pgsqlcmd }} +# -w -f {{ icinga_kubernetes_database_schema }} +# when: _db_schema.rc != 0 +# check_mode: false +# run_once: true diff --git a/roles/icinga_kubernetes/tasks/manage_service.yml b/roles/icinga_kubernetes/tasks/manage_service.yml new file mode 100644 index 00000000..93681f93 --- /dev/null +++ b/roles/icinga_kubernetes/tasks/manage_service.yml @@ -0,0 +1,27 @@ +--- +- name: Override KUBECONFIG path if defined + when: icinga_kubernetes_kubeconfig_path is defined + block: + - name: Create service override directory + ansible.builtin.file: + path: /etc/systemd/system/{{ icinga_kubernetes_service_name }}.service.d + state: directory + mode: '0755' + notify: + - Systemd reload + - Kubernetes-restart + + - name: Create service override configuration file + ansible.builtin.template: + src: icinga-kubernetes-override.conf.j2 + dest: "/etc/systemd/system/{{ icinga_kubernetes_service_name }}.service.d/override.conf" + mode: '0640' + notify: + - Systemd reload + - Kubernetes-restart + +- name: Ensure Kubernetes Service is running + ansible.builtin.service: + state: started + enabled: yes + name: "{{ icinga_kubernetes_service_name }}" diff --git a/roles/kubernetes/templates/icinga-kubernetes-override.conf.j2 b/roles/icinga_kubernetes/templates/icinga-kubernetes-override.conf.j2 similarity index 88% rename from roles/kubernetes/templates/icinga-kubernetes-override.conf.j2 rename to roles/icinga_kubernetes/templates/icinga-kubernetes-override.conf.j2 index a8cbb3d6..504ecec7 100644 --- a/roles/kubernetes/templates/icinga-kubernetes-override.conf.j2 +++ b/roles/icinga_kubernetes/templates/icinga-kubernetes-override.conf.j2 @@ -1,7 +1,8 @@ ### Editing /etc/systemd/system/icinga-kubernetes.service.d/override.conf ### Anything between here and the comment below will become the new contents of the file - +[Service] +Environment="KUBECONFIG={{ icinga_kubernetes_kubeconfig_path }}" ### Lines below this comment will be discarded @@ -10,8 +11,7 @@ # Description=Icinga for Kubernetes # After=syslog.target network-online.target mariadb.service postgresql.service # -[Service] -Environment="KUBECONFIG={{ kubernetes_kubeconfig_path }}" +# [Service] # Type=simple # ExecStart=/usr/sbin/icinga-kubernetes --config /etc/icinga-kubernetes/config.yml # User=icinga-kubernetes diff --git a/roles/icinga_kubernetes/templates/kubernetes.yml.j2 b/roles/icinga_kubernetes/templates/kubernetes.yml.j2 new file mode 100644 index 00000000..3080acb1 --- /dev/null +++ b/roles/icinga_kubernetes/templates/kubernetes.yml.j2 @@ -0,0 +1,18 @@ +# {{ ansible_managed | comment }} + +database: +{% if icinga_kubernetes_database_type is defined %} + type: {{ icinga_kubernetes_database_type }} +{% endif %} + host: {{ icinga_kubernetes_database_host | default('localhost') }} +{% if icinga_kubernetes_database_port is defined %} + port: {{ icinga_kubernetes_database_port }} +{% endif %} + database: {{ icinga_kubernetes_database_name | default('kubernetes') }} + user: {{ icinga_kubernetes_database_user | default('kubernetes') }} + password: {{ icinga_kubernetes_database_password | default('kubernetes') }} + +prometheus: +{% if icinga_kubernetes_prometheus_url is defined %} + url: {{ icinga_kubernetes_prometheus_url }} +{% endif %} diff --git a/roles/kubernetes/vars/default.yml b/roles/icinga_kubernetes/vars/default.yml similarity index 100% rename from roles/kubernetes/vars/default.yml rename to roles/icinga_kubernetes/vars/default.yml diff --git a/roles/kubernetes/defaults/main.yml b/roles/kubernetes/defaults/main.yml deleted file mode 100644 index c039a31b..00000000 --- a/roles/kubernetes/defaults/main.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -# Database Settings -kubernetes_database_import_schema: false -kubernetes_database_type: mysql -kubernetes_database_host: 127.0.0.1 -kubernetes_database_name: kubernetes -kubernetes_database_user: kubernetes -kubernetes_database_password: kubernetes -# kubernetes_database_port: - -# Variables for kubernetes role -kubernetes_config_dir: /etc/icinga-kubernetes -kubernetes_service_name: icinga-kubernetes -kubernetes_group: icinga-kubernetes -kubernetes_user: icinga-kubernetes -kubernetes_database_schema: "/usr/share/icinga-kubernetes/schema/{{ kubernetes_database_type }}/schema.sql" -kubernetes_packages: - - icinga-kubernetes -kubernetes_kubeconfig_path: "{{ kubernetes_config_dir }}/kube_config" diff --git a/roles/kubernetes/tasks/manage_config.yml b/roles/kubernetes/tasks/manage_config.yml deleted file mode 100644 index 9f8b5ee6..00000000 --- a/roles/kubernetes/tasks/manage_config.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -- name: Write configuration to {{ kubernetes_config_dir }}/config.yml - ansible.builtin.template: - src: kubernetes.yml.j2 - dest: "{{ kubernetes_config_dir }}/config.yml" - owner: "{{ kubernetes_user }}" - group: "{{ kubernetes_group }}" - mode: 0640 - notify: Kubernetes-restart diff --git a/roles/kubernetes/tasks/manage_schema_mysql.yml b/roles/kubernetes/tasks/manage_schema_mysql.yml deleted file mode 100644 index 3fbb81f2..00000000 --- a/roles/kubernetes/tasks/manage_schema_mysql.yml +++ /dev/null @@ -1,31 +0,0 @@ -- name: MySQL import Kubernetes schema - when: kubernetes_database_import_schema | default(False) - block: - - name: Build mysql command - ansible.builtin.set_fact: - mysqlcmd: >- - mysql {% if kubernetes_database_host | default('localhost') != 'localhost' %} -h "{{ kubernetes_database_host }}" {%- endif %} - {% if kubernetes_database_port is defined %} -P {{ kubernetes_database_port }} {%- endif %} - {% if kubernetes_database_ca is defined %} --ssl-ca "{{ kubernetes_database_ca }}" {%- endif %} - {% if kubernetes_database_cert is defined %} --ssl-cert "{{ kubernetes_database_cert }}" {%- endif %} - {% if kubernetes_database_key is defined %} --ssl-key "{{ kubernetes_database_key }}" {%- endif %} - -u "{{ kubernetes_database_user | default('kubernetes') }}" - -p"{{ kubernetes_database_password }}" - "{{ kubernetes_database_name | default('kubernetes') }}" - - - name: MySQL check for Kubernetes schema - ansible.builtin.shell: > - {{ mysqlcmd }} - -Ns -e "select version from kubernetes_schema" - failed_when: false - changed_when: false - check_mode: false - register: _db_schema - - - name: MySQL import Kubernetes schema - ansible.builtin.shell: > - {{ mysqlcmd }} - < {{ kubernetes_database_schema }} - when: _db_schema.rc != 0 - check_mode: false - run_once: true diff --git a/roles/kubernetes/tasks/manage_schema_pgsql.yml b/roles/kubernetes/tasks/manage_schema_pgsql.yml deleted file mode 100644 index aa3dc53b..00000000 --- a/roles/kubernetes/tasks/manage_schema_pgsql.yml +++ /dev/null @@ -1,36 +0,0 @@ -# temporarily disabled, pgsql at the moment is not available for icinga kubernetes - -# - name: PgSQL import Kubernetes schema -# when: kubernetes_database_import_schema| default(False) -# block: -# - name: Build pgsql command -# ansible.builtin.set_fact: -# _tmp_pgsqlcmd: >- -# PGPASSWORD="{{ kubernetes_database_password }}" -# psql -# "{% if kubernetes_database_host %} host="{{ kubernetes_database_host }}" {%- endif %} -# {% if kubernetes_database_port is defined %} port={{ kubernetes_database_port }} {%- endif %} -# user={{ kubernetes_database_user | default('kubernetes') }} -# dbname={{ kubernetes_database_name | default('kubernetes') }} -# {% if kubernetes_database_sslmode is defined %} sslmode={{ kubernetes_database_sslmode }} {%- endif %} -# {% if kubernetes_database_ca is defined %} sslrootcert={{ kubernetes_database_ca }} {%- endif %} -# {% if kubernetes_database_cert is defined %} sslcert={{ kubernetes_database_cert }} {%- endif %} -# {% if kubernetes_database_key is defined %} sslkey={{ kubernetes_database_key }} {%- endif %} -# {% if kubernetes_database_ssl_extra_options is defined %} {{ kubernetes_database_ssl_extra_options }} {%- endif %}" - -# - name: PgSQL check for Kubernetes schema -# ansible.builtin.shell: > -# {{ _tmp_pgsqlcmd }} -# -w -c "select version from kubernetes_schema" -# failed_when: false -# changed_when: false -# check_mode: false -# register: _db_schema - -# - name: PgSQL import Kubernetes schema -# ansible.builtin.shell: > -# {{ _tmp_pgsqlcmd }} -# -w -f {{ kubernetes_database_schema }} -# when: _db_schema.rc != 0 -# check_mode: false -# run_once: true diff --git a/roles/kubernetes/tasks/manage_service.yml b/roles/kubernetes/tasks/manage_service.yml deleted file mode 100644 index a990217c..00000000 --- a/roles/kubernetes/tasks/manage_service.yml +++ /dev/null @@ -1,24 +0,0 @@ ---- -- name: Create override directory - ansible.builtin.file: - path: /etc/systemd/system/{{ kubernetes_service_name }}.service.d - state: directory - mode: '0755' - notify: - - Systemd reload - - Kubernetes-restart - -- name: Create override configuration file - ansible.builtin.template: - src: icinga-kubernetes-override.conf.j2 - dest: "/etc/systemd/system/{{ kubernetes_service_name }}.service.d/override.conf" - mode: '0640' - notify: - - Systemd reload - - Kubernetes-restart - -- name: Ensure Kubernetes Service is running - ansible.builtin.service: - state: started - enabled: yes - name: "{{ kubernetes_service_name }}" diff --git a/roles/kubernetes/templates/kubernetes.yml.j2 b/roles/kubernetes/templates/kubernetes.yml.j2 deleted file mode 100644 index 8c4f493b..00000000 --- a/roles/kubernetes/templates/kubernetes.yml.j2 +++ /dev/null @@ -1,18 +0,0 @@ -# {{ ansible_managed | comment }} - -database: -{% if kubernetes_database_type is defined %} - type: {{ kubernetes_database_type }} -{% endif %} - host: {{ kubernetes_database_host | default('localhost') }} -{% if kubernetes_database_port is defined %} - port: {{ kubernetes_database_port }} -{% endif %} - database: {{ kubernetes_database_name | default('kubernetes') }} - user: {{ kubernetes_database_user | default('kubernetes') }} - password: {{ kubernetes_database_password | default('kubernetes') }} - -prometheus: -{% if kubernetes_prometheus_url is defined %} - url: {{ kubernetes_prometheus_url }} -{% endif %}