Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Icinga Kubernetes Role and Icinga Kubernetes Web install #348

Open
wants to merge 7 commits into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from 5 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions changelogs/fragments/feature_kubernetes.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
---
major_changes:
- Add a role for the installation and configuration of `Icinga for Kubernetes <https://icinga.com/docs/icinga-for-kubernetes/latest/>`_.
- Add tasks to role :code:`icingaweb2` to install and configure `Icinga for Kubernetes Web <https://icinga.com/docs/icinga-kubernetes-web/latest/doc/02-Installation/>`_.
24 changes: 24 additions & 0 deletions doc/role-icingaweb2/module-kubernetes.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
## Module Kubernetes

### Variables and Configuration

The general module parameter like `enabled` and `source` can be applied here.

| Variable | Value |
|----------|------------|
| enabled | true/false |
| source | package |

#### Section configuration

The backend database for the module needs to be available and configured at the `icingaweb2_resources` variable.

```yaml
icingaweb2_modules:
kubernetes:
enabled: true
source: package
config:
database:
resource: kubernetes_db
```
75 changes: 75 additions & 0 deletions doc/role-kubernetes/role-kubernetes.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,75 @@
# Role icinga.icinga.kubernetes

This role installs and configures the Icinga Kubernetes Daemon. In addition it can also import the schema into the database.
More information about this package can be found [in the official documentation](https://icinga.com/docs/icinga-for-kubernetes/latest/doc/01-About/).

## Database

Icinga Kubernetes relies on a relational database to persist received data. This database **won't** be created by this role - you need to deploy and configure one in advance. For more information, see the [Databases](../getting-started.md#databases) section in the getting started guide.

## Variables

The following variables define the configuration for Icinga Kubernetes. Some variables got predefined [defaults](../../roles/kubernetes/defaults/main.yml), others are purely opt-in.

For more information on the respective settings please see [the official documentation](https://icinga.com/docs/icinga-for-kubernetes/latest/doc/03-Configuration/).

### Database Configuration

| Variable | Type | Description | Default |
|----------|------|-------------|---------|
| `kubernetes_database_host` | `String` | Defines database address to connect to. | `127.0.0.1` |
| `kubernetes_database_import_schema` | `bool` | Defines whether to import the schema into the database or not. **Needs `kubernetes_database_type` to be set**. | `false` |
| `kubernetes_database_name` | `String` | Defines the database to connect to. | `kubernetes` |
| `kubernetes_database_password` | `String` | Defines the database password to connect with. | `kubernetes` |
| `kubernetes_database_port` | `int` | Defines the database port to connect to. | **n/a** |
| `kubernetes_database_type` | `mysql` | Defines database type set in `config.yml`. | `mysql` |
| `kubernetes_database_user` | `String` | Defines database user set in `config.yml`. | `kubernetes` |

### Icinga Kubernetes Configuration

The following variables are used for the Icinga Kubernetes setup. Normally, you can rely on the defaults to work and should **not** change them unless you know what you are doing.

| Variable | Type | Description | Default |
|----------|------|-------------|---------|
| `kubernetes_config_dir` | `String` | Defines the directory where the Icinga Kubernetes configuration is stored. | `/etc/icinga-kubernetes` |
| `kubernetes_database_schema` | `String` | Defines the path to the schema file. | `"/usr/share/icinga-kubernetes/schema/{{ kubernetes_database_type }}/schema.sql"` |
| `kubernetes_group` | `String` | Defines the group membership for the Icinga Kubernetes user. | `icinga-kubernetes` |
| `kubernetes_packages` | `List` | Defines the packages to install for Icinga Kubernetes. | `[icinga-kubernetes]` |
| `kubernetes_service_name` | `String` | Defines the name of the Icinga Kubernetes service. | `icinga-kubernetes` |
| `kubernetes_user` | `String` | Defines the user for the Icinga Kubernetes service. | `icinga-kubernetes` |
| `kubernetes_kubeconfig_path` | `String` | Defines the path for the kubeconfig file, if not in standard path. | `{{ kubernetes_config_dir }}/.kube/config` |

## Examples

This play installs Icinga Kubernetes with on the same host as its connected MySQL database. It also imports the schema into the database.

```yaml
- name: Install Icinga Kubernetes
hosts: icingakubernetes
become: true
vars:
kubernetes_database_import_schema: true # Import the schema into the database
kubernetes_database_type: mysql # needed by the schema import

roles:
- role: icinga.icinga.kubernetes
```

This example installs Icinga Kubernetes and connects it to a **remote** MySQL database. It also imports the schema into the database and set a custom kubeconfig path.

```yaml
- name: Install Icinga Kubernetes
hosts: icingadb
become: true
vars:
kubernetes_database_type: mysql
kubernetes_database_host: mysql.example.com
kubernetes_database_port: 3306
kubernetes_database_user: kube_user
kubernetes_database_password: hellokube$123
kubernetes_database_import_schema: true
kubernetes_kubeconfig_path: /opt/kube/config

roles:
- role: icinga.icinga.kubernetes
```
18 changes: 18 additions & 0 deletions roles/icingaweb2/tasks/modules/kubernetes.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
- name: Module Icinga Kubernetes | Ensure config directory
ansible.builtin.file:
state: directory
dest: "{{ icingaweb2_modules_config_dir }}/{{ item.key }}"
owner: "{{ icingaweb2_httpd_user }}"
group: "{{ icingaweb2_group }}"
mode: "2770"

- name: Module Icinga Kubernetes | Manage config files
ansible.builtin.include_tasks: manage_module_config.yml
loop: "{{ _files }}"
loop_control:
loop_var: _file
when: vars['icingaweb2_modules'][_module][_file] is defined
vars:
_module: "{{ item.key }}"
_files:
- config
1 change: 1 addition & 0 deletions roles/icingaweb2/vars/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,3 +4,4 @@ icingaweb2_module_packages:
director: icinga-director
x509: icinga-x509
businessprocess: icinga-businessprocess
kubernetes: icinga-kubernetes-web
19 changes: 19 additions & 0 deletions roles/kubernetes/defaults/main.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
---
# Database Settings
kubernetes_database_import_schema: false
kubernetes_database_type: mysql
kubernetes_database_host: 127.0.0.1
kubernetes_database_name: kubernetes
kubernetes_database_user: kubernetes
kubernetes_database_password: kubernetes
# kubernetes_database_port:

# Variables for kubernetes role
kubernetes_config_dir: /etc/icinga-kubernetes
kubernetes_service_name: icinga-kubernetes
kubernetes_group: icinga-kubernetes
kubernetes_user: icinga-kubernetes
kubernetes_database_schema: "/usr/share/icinga-kubernetes/schema/{{ kubernetes_database_type }}/schema.sql"
kubernetes_packages:
- icinga-kubernetes
kubernetes_kubeconfig_path: "{{ kubernetes_config_dir }}/kube_config"
9 changes: 9 additions & 0 deletions roles/kubernetes/handlers/main.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
---
- name: Systemd reload
ansible.builtin.systemd:
daemon_reload: true

- name: Kubernetes-restart
ansible.builtin.service:
name: "{{ kubernetes_service_name }}"
state: restarted
27 changes: 27 additions & 0 deletions roles/kubernetes/meta/main.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
galaxy_info:
author: |
- Gianmarco Mameli <[email protected]>
description: Role to install, configure or manage Icinga Kubernetes.
license: Apache-2.0
min_ansible_version: '2.9'
platforms:
- name: opensuse
versions: ['15.5']
- name: SLES
versions: ['15']
- name: EL
versions: ['7']
- name: Debian
versions: ['buster','bullseye','bookworm']
- name: Ubuntu
versions: ['jammy']
galaxy_tags:
- icinga
- monitoring
- satellite
- agent
- server
- master
- icinga2
- kubernetes
dependencies: []
4 changes: 4 additions & 0 deletions roles/kubernetes/tasks/install_on_debian.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
- name: Debian - Install Kubernetes packages
ansible.builtin.apt:
name: "{{ kubernetes_packages }}"
state: present
4 changes: 4 additions & 0 deletions roles/kubernetes/tasks/install_on_redhat.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
- name: RedHat - Install Kubernetes packages
ansible.builtin.yum:
name: "{{ kubernetes_packages }}"
state: present
4 changes: 4 additions & 0 deletions roles/kubernetes/tasks/install_on_suse.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
- name: Suse - Install Kubernetes packages
community.general.zypper:
name: "{{ kubernetes_packages }}"
state: present
32 changes: 32 additions & 0 deletions roles/kubernetes/tasks/main.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
---
- name: Include OS specific vars
ansible.builtin.include_vars: "{{ lookup('first_found', params) }}"
vars:
params:
files:
- "{{ ansible_os_family }}-{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml"
- "{{ ansible_os_family }}-{{ ansible_distribution_major_version }}.yml"
- "{{ ansible_os_family }}-{{ ansible_distribution }}.yml"
- "{{ ansible_os_family }}.yml"
- default.yml
paths:
- "{{ role_path }}/vars"

- name: Check supported operatingsystems
block:
- name: Include OS specific installation
ansible.builtin.include_tasks: "install_on_{{ ansible_os_family | lower }}.yml"
rescue:
- name: "OS family not supported!"
ansible.builtin.fail:
msg: "The OS {{ ansible_os_family }} is not supported!"

- name: Include Tasks to configure Icinga Kubernetes
ansible.builtin.include_tasks: manage_config.yml

- name: Include Tasks to import DB Schema
ansible.builtin.include_tasks: "manage_schema_{{ kubernetes_database_type | lower }}.yml"
when: kubernetes_database_import_schema and kubernetes_database_type is defined

- name: Include Tasks to manage Kubernetes Service
ansible.builtin.include_tasks: manage_service.yml
9 changes: 9 additions & 0 deletions roles/kubernetes/tasks/manage_config.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
---
- name: Write configuration to {{ kubernetes_config_dir }}/config.yml
ansible.builtin.template:
src: kubernetes.ini.j2
dest: "{{ kubernetes_config_dir }}/config.yml"
owner: "{{ kubernetes_user }}"
group: "{{ kubernetes_group }}"
mode: 0640
notify: Kubernetes-restart
31 changes: 31 additions & 0 deletions roles/kubernetes/tasks/manage_schema_mysql.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
- name: MySQL import Kubernetes schema
when: kubernetes_database_import_schema | default(False)
block:
- name: Build mysql command
ansible.builtin.set_fact:
mysqlcmd: >-
mysql {% if kubernetes_database_host | default('localhost') != 'localhost' %} -h "{{ kubernetes_database_host }}" {%- endif %}
{% if kubernetes_database_port is defined %} -P {{ kubernetes_database_port }} {%- endif %}
{% if kubernetes_database_ca is defined %} --ssl-ca "{{ kubernetes_database_ca }}" {%- endif %}
{% if kubernetes_database_cert is defined %} --ssl-cert "{{ kubernetes_database_cert }}" {%- endif %}
{% if kubernetes_database_key is defined %} --ssl-key "{{ kubernetes_database_key }}" {%- endif %}
-u "{{ kubernetes_database_user | default('kubernetes') }}"
-p"{{ kubernetes_database_password }}"
"{{ kubernetes_database_name | default('kubernetes') }}"

- name: MySQL check for Kubernetes schema
ansible.builtin.shell: >
{{ mysqlcmd }}
-Ns -e "select version from kubernetes_schema"
failed_when: false
changed_when: false
check_mode: false
register: _db_schema

- name: MySQL import Kubernetes schema
ansible.builtin.shell: >
{{ mysqlcmd }}
< {{ kubernetes_database_schema }}
when: _db_schema.rc != 0
check_mode: false
run_once: true
36 changes: 36 additions & 0 deletions roles/kubernetes/tasks/manage_schema_pgsql.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
# temporarily disabled, pgsql at the moment is not available for icinga kubernetes

# - name: PgSQL import Kubernetes schema
# when: kubernetes_database_import_schema| default(False)
# block:
# - name: Build pgsql command
# ansible.builtin.set_fact:
# _tmp_pgsqlcmd: >-
# PGPASSWORD="{{ kubernetes_database_password }}"
# psql
# "{% if kubernetes_database_host %} host="{{ kubernetes_database_host }}" {%- endif %}
# {% if kubernetes_database_port is defined %} port={{ kubernetes_database_port }} {%- endif %}
# user={{ kubernetes_database_user | default('kubernetes') }}
# dbname={{ kubernetes_database_name | default('kubernetes') }}
# {% if kubernetes_database_sslmode is defined %} sslmode={{ kubernetes_database_sslmode }} {%- endif %}
# {% if kubernetes_database_ca is defined %} sslrootcert={{ kubernetes_database_ca }} {%- endif %}
# {% if kubernetes_database_cert is defined %} sslcert={{ kubernetes_database_cert }} {%- endif %}
# {% if kubernetes_database_key is defined %} sslkey={{ kubernetes_database_key }} {%- endif %}
# {% if kubernetes_database_ssl_extra_options is defined %} {{ kubernetes_database_ssl_extra_options }} {%- endif %}"

# - name: PgSQL check for Kubernetes schema
# ansible.builtin.shell: >
# {{ _tmp_pgsqlcmd }}
# -w -c "select version from kubernetes_schema"
# failed_when: false
# changed_when: false
# check_mode: false
# register: _db_schema

# - name: PgSQL import Kubernetes schema
# ansible.builtin.shell: >
# {{ _tmp_pgsqlcmd }}
# -w -f {{ kubernetes_database_schema }}
# when: _db_schema.rc != 0
# check_mode: false
# run_once: true
24 changes: 24 additions & 0 deletions roles/kubernetes/tasks/manage_service.yml
gianmarco-mameli marked this conversation as resolved.
Show resolved Hide resolved
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
---
- name: Create override directory
ansible.builtin.file:
path: /etc/systemd/system/{{ kubernetes_service_name }}.service.d
state: directory
mode: '0755'
notify:
- Systemd reload
- Kubernetes-restart

- name: Create override configuration file
ansible.builtin.template:
src: icinga-kubernetes-override.conf.j2
dest: "/etc/systemd/system/{{ kubernetes_service_name }}.service.d/override.conf"
mode: '0640'
notify:
- Systemd reload
- Kubernetes-restart

- name: Ensure Kubernetes Service is running
ansible.builtin.service:
state: started
enabled: yes
name: "{{ kubernetes_service_name }}"
20 changes: 20 additions & 0 deletions roles/kubernetes/templates/icinga-kubernetes-override.conf.j2
gianmarco-mameli marked this conversation as resolved.
Show resolved Hide resolved
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
### Editing /etc/systemd/system/icinga-kubernetes.service.d/override.conf
### Anything between here and the comment below will become the new contents of the file



### Lines below this comment will be discarded

### /lib/systemd/system/icinga-kubernetes.service
# [Unit]
# Description=Icinga for Kubernetes
# After=syslog.target network-online.target mariadb.service postgresql.service
#
[Service]
Environment="KUBECONFIG={{ kubernetes_kubeconfig_path }}"
# Type=simple
# ExecStart=/usr/sbin/icinga-kubernetes --config /etc/icinga-kubernetes/config.yml
# User=icinga-kubernetes
#
# [Install]
# WantedBy=multi-user.target
18 changes: 18 additions & 0 deletions roles/kubernetes/templates/kubernetes.ini.j2
gianmarco-mameli marked this conversation as resolved.
Show resolved Hide resolved
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
# {{ ansible_managed }}
gianmarco-mameli marked this conversation as resolved.
Show resolved Hide resolved

database:
{% if kubernetes_database_type is defined %}
type: {{ kubernetes_database_type }}
{% endif %}
host: {{ kubernetes_database_host | default('localhost') }}
{% if kubernetes_database_port is defined %}
port: {{ kubernetes_database_port }}
{% endif %}
database: {{ kubernetes_database_name | default('kubernetes') }}
user: {{ kubernetes_database_user | default('kubernetes') }}
password: {{ kubernetes_database_password | default('kubernetes') }}

prometheus:
{% if kubernetes_prometheus_url is defined %}
url: {{ kubernetes_prometheus_url }}
{% endif %}
1 change: 1 addition & 0 deletions roles/kubernetes/vars/default.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
---