job "telemetry" { datacenters = ["neptune", "bespin"] type = "service" group "prometheus" { count = 2 network { port "prometheus" { static = 9090 } } constraint { attribute = "${attr.unique.hostname}" operator = "set_contains_any" value = "concombre,df-ymk" } task "prometheus" { driver = "docker" config { image = "prom/prometheus:v2.39.0" network_mode = "host" ports = [ "prometheus" ] args = [ "--config.file=/etc/prometheus/prometheus.yml", "--storage.tsdb.path=/data", "--storage.tsdb.retention.size=20GB", ] volumes = [ "secrets:/etc/prometheus", "/mnt/ssd/prometheus:/data" ] } template { data = file("../config/prometheus.yml") destination = "secrets/prometheus.yml" } template { data = "{{ key \"secrets/consul/consul.crt\" }}" destination = "secrets/consul.crt" } template { data = "{{ key \"secrets/consul/consul-client.crt\" }}" destination = "secrets/consul-client.crt" } template { data = "{{ key \"secrets/consul/consul-client.key\" }}" destination = "secrets/consul-client.key" } template { data = "{{ key \"secrets/nomad/nomad.crt\" }}" destination = "secrets/nomad.crt" } template { data = "{{ key \"secrets/nomad/nomad-client.crt\" }}" destination = "secrets/nomad-client.crt" } template { data = "{{ key \"secrets/nomad/nomad-client.key\" }}" destination = "secrets/nomad-client.key" } resources { memory = 501 cpu = 500 } service { port = 9090 address_mode = "driver" name = "prometheus" check { type = "http" path = "/" port = 9090 address_mode = "driver" interval = "60s" timeout = "5s" check_restart { limit = 3 grace = "90s" ignore_warnings = false } } } } } group "grafana" { count = 1 network { port "grafana" { static = 3719 } } task "restore-db" { lifecycle { hook = "prestart" sidecar = false } driver = "docker" config { image = "litestream/litestream:0.3.7" args = [ "restore", "-config", "/etc/litestream.yml", "/ephemeral/grafana.db" ] volumes = [ "../alloc/data:/ephemeral", "secrets/litestream.yml:/etc/litestream.yml" ] } user = "472" template { data = file("../config/grafana-litestream.yml") destination = "secrets/litestream.yml" } resources { memory = 200 cpu = 1000 } } task "grafana" { driver = "docker" config { image = "grafana/grafana:9.2.0" network_mode = "host" ports = [ "grafana" ] volumes = [ "../alloc/data:/var/lib/grafana", "secrets/prometheus.yaml:/etc/grafana/provisioning/datasources/prometheus.yaml", "secrets/ldap.toml:/etc/grafana/ldap.toml" ] } template { data = file("../config/grafana-datasource-prometheus.yaml") destination = "secrets/prometheus.yaml" } template { data = file("../config/grafana-ldap.toml") destination = "secrets/ldap.toml" } template { data = <<EOH GF_INSTALL_PLUGINS=grafana-clock-panel,grafana-simple-json-datasource,grafana-piechart-panel,grafana-worldmap-panel,grafana-polystat-panel GF_SERVER_HTTP_PORT=3719 GF_AUTH_LDAP_ENABLED=true EOH destination = "secrets/env" env = true } resources { memory = 501 cpu = 100 } service { tags = [ "grafana", "tricot grafana.deuxfleurs.fr", ] port = 3719 address_mode = "driver" name = "grafana" check { type = "tcp" port = 3719 address_mode = "driver" interval = "60s" timeout = "5s" check_restart { limit = 3 grace = "90s" ignore_warnings = false } } } } task "replicate-db" { driver = "docker" config { image = "litestream/litestream:0.3.7" args = [ "replicate", "-config", "/etc/litestream.yml" ] volumes = [ "../alloc/data:/ephemeral", "secrets/litestream.yml:/etc/litestream.yml" ] } user = "472" template { data = file("../config/grafana-litestream.yml") destination = "secrets/litestream.yml" } resources { memory = 200 cpu = 100 } } } }