diff --git a/app/create_db.py b/app/create_db.py index cacdfd75..e8315f94 100644 --- a/app/create_db.py +++ b/app/create_db.py @@ -976,7 +976,7 @@ def update_db_v_6_3_4(): for i in sql: try: cursor.execute(i) - except Exception as e: + except Exception: pass else: print('Updating... DB has been updated to version 6.3.4.0') diff --git a/app/modules/service/backup.py b/app/modules/service/backup.py index 25c5c88e..33fe6f17 100644 --- a/app/modules/service/backup.py +++ b/app/modules/service/backup.py @@ -22,7 +22,7 @@ def backup(serv, rpath, time, backup_type, rserver, cred, deljob, update, descri deljob = '' if sql.check_exists_backup(serv): print(f'warning: Backup job for {serv} already exists') - sys.exit() + return None os.system(f"cp scripts/{script} .") diff --git a/app/modules/service/common.py b/app/modules/service/common.py index b6d5fc4e..2c299cd4 100644 --- a/app/modules/service/common.py +++ b/app/modules/service/common.py @@ -57,6 +57,8 @@ def get_exp_version(server_ip: str, service_name: str) -> str: commands = ["node_exporter --version 2>&1 |head -1|awk '{print $3}'"] elif service_name == 'apache_exporter': commands = ["/opt/prometheus/exporters/apache_exporter --version 2>&1 |head -1|awk '{print $3}'"] + elif service_name == 'keepalived_exporter': + commands = ["systemctl list-units --full -all |grep keepalived_exporter"] ver = server_mod.ssh_command(server_ip, commands) diff --git a/app/modules/service/exporter_installation.py b/app/modules/service/exporter_installation.py index 75a01d84..915e0ea7 100644 --- a/app/modules/service/exporter_installation.py +++ b/app/modules/service/exporter_installation.py @@ -78,11 +78,11 @@ def nginx_apache_exp_installation(): os.remove(script) -def node_exp_installation(): - serv = common.is_ip_or_dns(form.getvalue('node_exp_install')) +def node_keepalived_exp_installation(service: str) -> None: + serv = common.is_ip_or_dns(form.getvalue(f'{service}_exp_install')) ver = common.checkAjaxInput(form.getvalue('exporter_v')) ext_prom = common.checkAjaxInput(form.getvalue('ext_prom')) - script = "install_node_exporter.sh" + script = f"install_{service}_exporter.sh" proxy = sql.get_setting('proxy') proxy_serv = '' ssh_settings = return_ssh_keys_path(serv) @@ -93,7 +93,7 @@ def node_exp_installation(): proxy_serv = proxy commands = [ - f"chmod +x {script} && ./{script} PROXY={proxy_serv} SSH_PORT={ssh_settings['port']} VER={ver} EXP_PROM={ext_prom} " + f"chmod +x {script} && ./{script} PROXY={proxy_serv} SSH_PORT={ssh_settings['port']} VER={ver} EXP_PROM={ext_prom} " f"HOST={serv} USER={ssh_settings['user']} PASS='{ssh_settings['password']}' KEY={ssh_settings['key']}" ] diff --git a/app/options.py b/app/options.py index 2d5514a7..4cd4829c 100644 --- a/app/options.py +++ b/app/options.py @@ -419,7 +419,14 @@ if form.getvalue('nginx_exp_install') or form.getvalue('apache_exp_install'): if form.getvalue('node_exp_install'): import modules.service.exporter_installation as exp_installation - exp_installation.node_exp_installation() + service = 'node' + exp_installation.node_keepalived_exp_installation(service) + +if form.getvalue('keepalived_exp_install'): + import modules.service.exporter_installation as exp_installation + + service = 'keepalived' + exp_installation.node_keepalived_exp_installation(service) if form.getvalue('backup') or form.getvalue('deljob') or form.getvalue('backupupdate'): import modules.service.backup as backup_mod diff --git a/app/scripts/ansible/roles/keepalived_exporter.yml b/app/scripts/ansible/roles/keepalived_exporter.yml new file mode 100644 index 00000000..02c44802 --- /dev/null +++ b/app/scripts/ansible/roles/keepalived_exporter.yml @@ -0,0 +1,21 @@ +- hosts: "{{ variable_host }}" + become: yes + become_method: sudo + tasks: + - name: Set SSH port + set_fact: + ansible_port: "{{SSH_PORT}}" + + - name: Open stat port for iptables + iptables: + chain: INPUT + destination_port: "9650" + jump: ACCEPT + protocol: tcp + ignore_errors: yes + + roles: + - role: keepalived_exporter + environment: + http_proxy: "{{PROXY}}" + https_proxy: "{{PROXY}}" diff --git a/app/scripts/ansible/roles/keepalived_exporter/defaults/main.yml b/app/scripts/ansible/roles/keepalived_exporter/defaults/main.yml new file mode 100644 index 00000000..e5f23ec1 --- /dev/null +++ b/app/scripts/ansible/roles/keepalived_exporter/defaults/main.yml @@ -0,0 +1,12 @@ +--- +keepalived_exporter_version: 0.3.0 +keepalived_exporter_binary_local_dir: "" +keepalived_exporter_web_listen_address: "0.0.0.0:9650" + +keepalived_exporter_enabled_collectors: [] +keepalived_exporter_disabled_collectors: [] + +keepalived_exporter_binary_install_dir: "/usr/local/bin" +keepalived_exporter_system_group: "keepalived-exp" +keepalived_exporter_system_user: "{{ keepalived_exporter_system_group }}" +keepalived_exporter_create_usergroup: true diff --git a/app/scripts/ansible/roles/keepalived_exporter/handlers/main.yml b/app/scripts/ansible/roles/keepalived_exporter/handlers/main.yml new file mode 100644 index 00000000..1e9f49c5 --- /dev/null +++ b/app/scripts/ansible/roles/keepalived_exporter/handlers/main.yml @@ -0,0 +1,7 @@ +--- +- name: restart keepalived_exporter + become: true + systemd: + daemon_reload: true + name: keepalived_exporter + state: restarted diff --git a/app/scripts/ansible/roles/keepalived_exporter/tasks/configure.yml b/app/scripts/ansible/roles/keepalived_exporter/tasks/configure.yml new file mode 100644 index 00000000..e2455cff --- /dev/null +++ b/app/scripts/ansible/roles/keepalived_exporter/tasks/configure.yml @@ -0,0 +1,19 @@ +--- +- name: Copy the Keepalived Exporter systemd service file + template: + src: keepalived_exporter.service.j2 + dest: /etc/systemd/system/keepalived_exporter.service + owner: root + group: root + mode: 0644 + notify: restart keepalived_exporter + +- name: Allow Keepalived Exporter port in SELinux on RedHat OS family + seport: + ports: "{{ keepalived_exporter_web_listen_address.split(':')[-1] }}" + proto: tcp + setype: http_port_t + state: present + when: + - ansible_version.full is version_compare('2.4', '>=') + - ansible_selinux.status == "enabled" diff --git a/app/scripts/ansible/roles/keepalived_exporter/tasks/install.yml b/app/scripts/ansible/roles/keepalived_exporter/tasks/install.yml new file mode 100644 index 00000000..e668c0c4 --- /dev/null +++ b/app/scripts/ansible/roles/keepalived_exporter/tasks/install.yml @@ -0,0 +1,69 @@ +--- +- name: Create the keepalived_exporter group + group: + name: "{{ keepalived_exporter_system_group }}" + state: present + system: true + when: + - keepalived_exporter_system_group != "root" + - keepalived_exporter_create_usergroup + +- name: Create the keepalived_exporter user + user: + name: "{{ keepalived_exporter_system_user }}" + groups: "{{ keepalived_exporter_system_group }}" + append: true + shell: /usr/sbin/nologin + system: true + create_home: false + home: / + when: + - keepalived_exporter_system_user != "root" + - keepalived_exporter_create_usergroup + +- name: Download keepalived_exporter from localhost + block: + - name: Download keepalived_exporter binary to local folder + become: false + get_url: + url: "https://github.com/gen2brain/keepalived_exporter/releases/download/{{ keepalived_exporter_version }}/keepalived_exporter-{{ keepalived_exporter_version }}-{{ go_arch }}.tar.gz" + dest: "/tmp/keepalived_exporter-{{ keepalived_exporter_version }}-{{ go_arch }}.tar.gz" + #checksum: "sha256:{{ keepalived_exporter_checksum }}" + register: _download_binary + until: _download_binary is succeeded + retries: 5 + delay: 2 + delegate_to: localhost + check_mode: false + + - name: Unpack keepalived_exporter binary + become: false + unarchive: + src: "/tmp/keepalived_exporter-{{ keepalived_exporter_version }}-{{ go_arch }}.tar.gz" + dest: "/tmp" + creates: "/tmp/keepalived_exporter-{{ keepalived_exporter_version }}-{{ go_arch }}/keepalived_exporter" + remote_src: true + delegate_to: localhost + check_mode: false + + - name: Propagate keepalived_exporter binaries + copy: + src: "/tmp/keepalived_exporter-{{ keepalived_exporter_version }}-{{ go_arch }}/keepalived_exporter" + dest: "{{ keepalived_exporter_binary_install_dir }}/keepalived_exporter" + mode: 0755 + owner: root + group: root + remote_src: true + notify: restart keepalived_exporter + when: not ansible_check_mode + when: keepalived_exporter_binary_local_dir | length == 0 + +- name: propagate locally distributed keepalived_exporter binary + copy: + src: "{{ keepalived_exporter_binary_local_dir }}/keepalived_exporter" + dest: "{{ keepalived_exporter_binary_install_dir }}/keepalived_exporter" + mode: 0755 + owner: root + group: root + when: keepalived_exporter_binary_local_dir | length > 0 + notify: restart keepalived_exporter diff --git a/app/scripts/ansible/roles/keepalived_exporter/tasks/main.yml b/app/scripts/ansible/roles/keepalived_exporter/tasks/main.yml new file mode 100644 index 00000000..df464ac9 --- /dev/null +++ b/app/scripts/ansible/roles/keepalived_exporter/tasks/main.yml @@ -0,0 +1,33 @@ +--- +- import_tasks: preflight.yml + tags: + - keepalived_exporter_install + - keepalived_exporter_configure + - keepalived_exporter_run + +- import_tasks: install.yml + become: true + when: (not __keepalived_exporter_is_installed.stat.exists) or (__keepalived_exporter_current_version_output.stderr_lines[0].split(" ")[2] != keepalived_exporter_version) + tags: + - keepalived_exporter_install + +- import_tasks: selinux.yml + become: true + when: ansible_selinux.status == "enabled" + tags: + - keepalived_exporter_configure + +- import_tasks: configure.yml + become: true + tags: + - keepalived_exporter_configure + +- name: Ensure Keepalived Exporter is enabled on boot + become: true + systemd: + daemon_reload: true + name: keepalived_exporter + enabled: true + state: started + tags: + - keepalived_exporter_run diff --git a/app/scripts/ansible/roles/keepalived_exporter/tasks/preflight.yml b/app/scripts/ansible/roles/keepalived_exporter/tasks/preflight.yml new file mode 100644 index 00000000..78e9440b --- /dev/null +++ b/app/scripts/ansible/roles/keepalived_exporter/tasks/preflight.yml @@ -0,0 +1,88 @@ +--- +- name: Assert usage of systemd as an init system + assert: + that: ansible_service_mgr == 'systemd' + msg: "This role only works with systemd" + +- name: Get systemd version + command: systemctl --version + changed_when: false + check_mode: false + register: __systemd_version + tags: + - skip_ansible_lint + +- name: Set systemd version fact + set_fact: + keepalived_exporter_systemd_version: "{{ __systemd_version.stdout_lines[0] | regex_replace('^systemd\\s(\\d+).*$', '\\1') }}" + +- name: Naive assertion of proper listen address + assert: + that: + - "':' in keepalived_exporter_web_listen_address" + +- name: Assert collectors are not both disabled and enabled at the same time + assert: + that: + - "item not in keepalived_exporter_enabled_collectors" + with_items: "{{ keepalived_exporter_disabled_collectors }}" + +- name: Check if keepalived_exporter is installed + stat: + path: "{{ keepalived_exporter_binary_install_dir }}/keepalived_exporter" + register: __keepalived_exporter_is_installed + check_mode: false + tags: + - keepalived_exporter_install + +- name: Gather currently installed keepalived_exporter version (if any) + command: "{{ keepalived_exporter_binary_install_dir }}/keepalived_exporter --version" + args: + warn: false + changed_when: false + register: __keepalived_exporter_current_version_output + check_mode: false + when: __keepalived_exporter_is_installed.stat.exists + tags: + - keepalived_exporter_install + - skip_ansible_lint + +- name: Get latest release version + block: + - name: Get latest release + uri: + url: "https://api.github.com/repos/gen2brain/keepalived_exporter/releases/latest" + method: GET + return_content: true + status_code: 200 + body_format: json + validate_certs: false + user: "{{ lookup('env', 'GH_USER') | default(omit) }}" + password: "{{ lookup('env', 'GH_TOKEN') | default(omit) }}" + no_log: "{{ not lookup('env', 'MOLECULE_DEBUG') | bool }}" + register: _latest_release + until: _latest_release.status == 200 + retries: 5 + + - name: "Set keepalived_exporter version to {{ _latest_release.json.tag_name[1:] }}" + set_fact: + keepalived_exporter_version: "{{ _latest_release.json.tag_name[1:] }}" + when: + - keepalived_exporter_version == "latest" + - keepalived_exporter_binary_local_dir | length == 0 + delegate_to: localhost + run_once: true +#- name: Get checksum list from github according to version +# block: +# - name: Get checksum list from github +# set_fact: +# _checksums: "{{ lookup('url', 'https://github.com/gen2brain/keepalived_exporter/releases/download/v' + keepalived_exporter_version + '/keepalived_exporter_0.3.0_checksums.txt', wantlist=True) | list }}" +# run_once: true +# +# - name: "Get checksum for {{ go_arch }} architecture" +# set_fact: +# keepalived_exporter_checksum: "{{ item.split(' ')[0] }}" +# with_items: "{{ _checksums }}" +# when: +# - "('linux-' + go_arch + '.tar.gz') in item" +# when: keepalived_exporter_binary_local_dir | length == 0 diff --git a/app/scripts/ansible/roles/keepalived_exporter/tasks/selinux.yml b/app/scripts/ansible/roles/keepalived_exporter/tasks/selinux.yml new file mode 100644 index 00000000..4c8199bc --- /dev/null +++ b/app/scripts/ansible/roles/keepalived_exporter/tasks/selinux.yml @@ -0,0 +1,38 @@ +--- +- name: Install selinux python packages [RHEL] + package: + name: + - "{{ ( (ansible_facts.distribution_major_version | int) < 8) | ternary('libselinux-python','python3-libselinux') }}" + - "{{ ( (ansible_facts.distribution_major_version | int) < 8) | ternary('libselinux-python','python3-policycoreutils') }}" + state: present + register: _install_selinux_packages + until: _install_selinux_packages is success + retries: 5 + delay: 2 + when: + - (ansible_distribution | lower == "redhat") or + (ansible_distribution | lower == "centos") + +- name: Install selinux python packages [Fedora] + package: + name: + - "{{ ( (ansible_facts.distribution_major_version | int) < 29) | ternary('libselinux-python','python3-libselinux') }}" + - "{{ ( (ansible_facts.distribution_major_version | int) < 29) | ternary('libselinux-python','python3-policycoreutils') }}" + state: present + register: _install_selinux_packages + until: _install_selinux_packages is success + retries: 5 + delay: 2 + when: + - ansible_distribution | lower == "fedora" + +- name: Install selinux python packages [clearlinux] + package: + name: sysadmin-basic + state: present + register: _install_selinux_packages + until: _install_selinux_packages is success + retries: 5 + delay: 2 + when: + - ansible_distribution | lower == "clearlinux" diff --git a/app/scripts/ansible/roles/keepalived_exporter/templates/keepalived_exporter.service.j2 b/app/scripts/ansible/roles/keepalived_exporter/templates/keepalived_exporter.service.j2 new file mode 100644 index 00000000..cc1cede3 --- /dev/null +++ b/app/scripts/ansible/roles/keepalived_exporter/templates/keepalived_exporter.service.j2 @@ -0,0 +1,51 @@ +{{ ansible_managed | comment }} + +[Unit] +Description=Prometheus Keepalived Exporter +After=network-online.target +#StartLimitInterval=0 + +[Service] +Type=simple +#User={{ keepalived_exporter_system_user }} +#Group={{ keepalived_exporter_system_group }} +ExecStart={{ keepalived_exporter_binary_install_dir }}/keepalived_exporter \ +{% for collector in keepalived_exporter_enabled_collectors -%} +{% if not collector is mapping %} + --collector.{{ collector }} \ +{% else -%} +{% set name, options = (collector.items()|list)[0] -%} + --collector.{{ name }} \ +{% for k,v in options|dictsort %} + --collector.{{ name }}.{{ k }}={{ v }} \ +{% endfor -%} +{% endif -%} +{% endfor -%} +{% for collector in keepalived_exporter_disabled_collectors %} + --no-collector.{{ collector }} \ +{% endfor %} + --web.listen-address={{ keepalived_exporter_web_listen_address }} + +SyslogIdentifier=keepalived_exporter +Restart=always +RestartSec=1 + +#PrivateTmp=yes +{% for m in ansible_mounts if m.mount == '/home' %} +#ProtectHome=read-only +{% else %} +#ProtectHome=yes +{% endfor %} +#NoNewPrivileges=yes + +{% if keepalived_exporter_systemd_version | int >= 232 %} +ProtectSystem=strict +ProtectControlGroups=true +ProtectKernelModules=true +ProtectKernelTunables=yes +{% else %} +ProtectSystem=full +{% endif %} + +[Install] +WantedBy=multi-user.target diff --git a/app/scripts/ansible/roles/keepalived_exporter/vars/main.yml b/app/scripts/ansible/roles/keepalived_exporter/vars/main.yml new file mode 100644 index 00000000..fad05008 --- /dev/null +++ b/app/scripts/ansible/roles/keepalived_exporter/vars/main.yml @@ -0,0 +1,5 @@ +--- +go_arch_map: + x86_64: "amd64" + +go_arch: "{{ go_arch_map[ansible_architecture] | default(ansible_architecture) }}" diff --git a/app/scripts/install_keepalived_exporter.sh b/app/scripts/install_keepalived_exporter.sh new file mode 100644 index 00000000..7453c968 --- /dev/null +++ b/app/scripts/install_keepalived_exporter.sh @@ -0,0 +1,49 @@ +#!/bin/bash +for ARGUMENT in "$@" +do + KEY=$(echo $ARGUMENT | cut -f1 -d=) + VALUE=$(echo $ARGUMENT | cut -f2 -d=) + + case "$KEY" in + PROXY) PROXY=${VALUE} ;; + HOST) HOST=${VALUE} ;; + USER) USER=${VALUE} ;; + PASS) PASS=${VALUE} ;; + KEY) KEY=${VALUE} ;; + VER) VER=${VALUE} ;; + EXP_PROM) EXP_PROM=${VALUE} ;; + SSH_PORT) SSH_PORT=${VALUE} ;; + *) + esac +done + +export ANSIBLE_HOST_KEY_CHECKING=False +export ANSIBLE_DISPLAY_SKIPPED_HOSTS=False +export ACTION_WARNINGS=False +export LOCALHOST_WARNING=False +export COMMAND_WARNINGS=False + +PWD=`pwd` +PWD=$PWD/scripts/ansible/ +echo "$HOST ansible_port=$SSH_PORT" > $PWD/$HOST + +if [[ $KEY == "" ]]; then + ansible-playbook $PWD/roles/keepalived_exporter.yml -e "ansible_user=$USER ansible_ssh_pass='$PASS' variable_host=$HOST PROXY=$PROXY SSH_PORT=$SSH_PORT keepalived_exporter_version=$VER" -i $PWD/$HOST +else + ansible-playbook $PWD/roles/keepalived_exporter.yml --key-file $KEY -e "ansible_user=$USER variable_host=$HOST PROXY=$PROXY SSH_PORT=$SSH_PORT keepalived_exporter_version=$VER" -i $PWD/$HOST +fi + +if [ $? -gt 0 ] +then + echo "error: Can't install Keepalived exporter

" + exit 1 +fi +if [ "$EXP_PROM" == 0 ] +then + if ! sudo grep -Fxq " - $HOST:9650" /etc/prometheus/prometheus.yml; then + sudo echo " - $HOST:9650" | sudo tee -a /etc/prometheus/prometheus.yml > /dev/null + sudo systemctl reload prometheus 2>> /dev/null + fi +fi + +rm -f $PWD/$HOST diff --git a/app/templates/include/mon_installation.html b/app/templates/include/mon_installation.html index f1606de5..2abc123b 100644 --- a/app/templates/include/mon_installation.html +++ b/app/templates/include/mon_installation.html @@ -133,6 +133,37 @@ + + + + + + + + + + + + + + + + + +

Install Keepalived Exporter

Current installationAvailable VersionsServerExternal Prometheus
+ {% set values = dict() %} + {% set values = {'0.1.0':'0.1.0', '0.2.0':'0.2.0', '0.3.0':'0.3.0', '0.4.0':'0.4.0', '0.5.0':'0.5.0'} %} + {{ select('keepalivedexpver', values=values, selected='0.5.0') }} + + + {{ checkbox('keepalived_ext_prom', title="This exporter will be used by an external Prometheus. Also use this checkbox if you update the Exporter") }} + Install +
diff --git a/inc/users.js b/inc/users.js index 1b3c592f..5bd00f46 100644 --- a/inc/users.js +++ b/inc/users.js @@ -196,6 +196,43 @@ $( function() { } } ); }); + $('#keepalived_exp_install').click(function() { + $("#ajaxmon").html('') + $("#ajaxmon").html(wait_mess); + var ext_prom = 0; + if ($('#keepalived_ext_prom').is(':checked')) { + ext_prom = '1'; + } + $.ajax( { + url: "options.py", + data: { + keepalived_exp_install: $('#keepalived_exp_addserv').val(), + exporter_v: $('#keepalivedexpver').val(), + ext_prom: ext_prom, + token: $('#token').val() + }, + type: "POST", + success: function( data ) { + data = data.replace(/\s+/g,' '); + $("#ajaxmon").html(''); + if (data.indexOf('error:') != '-1' || data.indexOf('FAILED') != '-1' || data.indexOf('UNREACHABLE') != '-1') { + var p_err = show_pretty_ansible_error(data); + toastr.error(p_err); + } else if (data.indexOf('success') != '-1' ){ + toastr.clear(); + toastr.success(data); + $('#cur_keepalived_exp_ver').text('Keepalived exporter is installed'); + $("#keepalived_exp_addserv").trigger( "selectmenuchange" ); + } else if (data.indexOf('Info') != '-1' ){ + toastr.clear(); + toastr.info(data); + } else { + toastr.clear(); + toastr.info(data); + } + } + } ); + }); $('#node_exp_install').click(function() { $("#ajaxmon").html('') $("#ajaxmon").html(wait_mess); @@ -308,6 +345,30 @@ $( function() { } } ); }); + $( "#keepalived_exp_addserv" ).on('selectmenuchange',function() { + $.ajax( { + url: "options.py", + data: { + get_exporter_v: 'keepalived_exporter', + serv: $('#keepalived_exp_addserv option:selected').val(), + token: $('#token').val() + }, + type: "POST", + success: function( data ) { + data = data.replace(/^\s+|\s+$/g,''); + if (data.indexOf('error:') != '-1') { + toastr.clear(); + toastr.error(data); + } else if (data.indexOf('keepalived_exporter.service') != '-1') { + $('#cur_keepalived_exp_ver').text('Keepalived exporter has been installed'); + } else if(data == 'no' || data == '' || data.indexOf('No') != '-1') { + $('#cur_keepalived_exp_ver').text('Keepalived exporter has not been installed'); + } else { + $('#cur_keepalived_exp_ver').text(data); + } + } + } ); + }); $( "#node_exp_addserv" ).on('selectmenuchange',function() { $.ajax( { url: "options.py",

Install Node Exporter