forked from Deuxfleurs/nixcfg
223 lines
4.9 KiB
HCL
223 lines
4.9 KiB
HCL
job "telemetry" {
|
|
datacenters = ["neptune", "bespin"]
|
|
type = "service"
|
|
|
|
group "prometheus" {
|
|
count = 2
|
|
|
|
network {
|
|
port "prometheus" {
|
|
static = 9090
|
|
}
|
|
}
|
|
|
|
constraint {
|
|
attribute = "${attr.unique.hostname}"
|
|
operator = "set_contains_any"
|
|
value = "concombre,df-ymk"
|
|
}
|
|
|
|
task "prometheus" {
|
|
driver = "docker"
|
|
config {
|
|
image = "prom/prometheus:v2.39.0"
|
|
network_mode = "host"
|
|
ports = [ "prometheus" ]
|
|
args = [
|
|
"--config.file=/etc/prometheus/prometheus.yml",
|
|
"--storage.tsdb.path=/data",
|
|
"--storage.tsdb.retention.size=20GB",
|
|
]
|
|
volumes = [
|
|
"secrets:/etc/prometheus",
|
|
"/mnt/ssd/prometheus:/data"
|
|
]
|
|
}
|
|
|
|
template {
|
|
data = file("../config/prometheus.yml")
|
|
destination = "secrets/prometheus.yml"
|
|
}
|
|
|
|
template {
|
|
data = "{{ key \"secrets/consul/consul.crt\" }}"
|
|
destination = "secrets/consul.crt"
|
|
}
|
|
|
|
template {
|
|
data = "{{ key \"secrets/consul/consul-client.crt\" }}"
|
|
destination = "secrets/consul-client.crt"
|
|
}
|
|
|
|
template {
|
|
data = "{{ key \"secrets/consul/consul-client.key\" }}"
|
|
destination = "secrets/consul-client.key"
|
|
}
|
|
|
|
template {
|
|
data = "{{ key \"secrets/nomad/nomad.crt\" }}"
|
|
destination = "secrets/nomad.crt"
|
|
}
|
|
|
|
template {
|
|
data = "{{ key \"secrets/nomad/nomad-client.crt\" }}"
|
|
destination = "secrets/nomad-client.crt"
|
|
}
|
|
|
|
template {
|
|
data = "{{ key \"secrets/nomad/nomad-client.key\" }}"
|
|
destination = "secrets/nomad-client.key"
|
|
}
|
|
|
|
resources {
|
|
memory = 501
|
|
cpu = 500
|
|
}
|
|
|
|
service {
|
|
port = 9090
|
|
address_mode = "driver"
|
|
name = "prometheus"
|
|
check {
|
|
type = "http"
|
|
path = "/"
|
|
port = 9090
|
|
address_mode = "driver"
|
|
interval = "60s"
|
|
timeout = "5s"
|
|
check_restart {
|
|
limit = 3
|
|
grace = "90s"
|
|
ignore_warnings = false
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
group "grafana" {
|
|
count = 1
|
|
|
|
network {
|
|
port "grafana" {
|
|
static = 3719
|
|
}
|
|
}
|
|
|
|
task "restore-db" {
|
|
lifecycle {
|
|
hook = "prestart"
|
|
sidecar = false
|
|
}
|
|
|
|
driver = "docker"
|
|
config {
|
|
image = "litestream/litestream:0.3.7"
|
|
args = [
|
|
"restore", "-config", "/etc/litestream.yml", "/ephemeral/grafana.db"
|
|
]
|
|
volumes = [
|
|
"../alloc/data:/ephemeral",
|
|
"secrets/litestream.yml:/etc/litestream.yml"
|
|
]
|
|
}
|
|
user = "472"
|
|
|
|
template {
|
|
data = file("../config/grafana-litestream.yml")
|
|
destination = "secrets/litestream.yml"
|
|
}
|
|
|
|
resources {
|
|
memory = 200
|
|
cpu = 1000
|
|
}
|
|
}
|
|
|
|
task "grafana" {
|
|
driver = "docker"
|
|
config {
|
|
image = "grafana/grafana:9.2.0"
|
|
network_mode = "host"
|
|
ports = [ "grafana" ]
|
|
volumes = [
|
|
"../alloc/data:/var/lib/grafana",
|
|
"secrets/prometheus.yaml:/etc/grafana/provisioning/datasources/prometheus.yaml",
|
|
"secrets/ldap.toml:/etc/grafana/ldap.toml"
|
|
]
|
|
}
|
|
|
|
template {
|
|
data = file("../config/grafana-datasource-prometheus.yaml")
|
|
destination = "secrets/prometheus.yaml"
|
|
}
|
|
|
|
template {
|
|
data = file("../config/grafana-ldap.toml")
|
|
destination = "secrets/ldap.toml"
|
|
}
|
|
|
|
template {
|
|
data = <<EOH
|
|
GF_INSTALL_PLUGINS=grafana-clock-panel,grafana-simple-json-datasource,grafana-piechart-panel,grafana-worldmap-panel,grafana-polystat-panel
|
|
GF_SERVER_HTTP_PORT=3719
|
|
GF_AUTH_LDAP_ENABLED=true
|
|
EOH
|
|
destination = "secrets/env"
|
|
env = true
|
|
}
|
|
|
|
resources {
|
|
memory = 501
|
|
cpu = 100
|
|
}
|
|
|
|
service {
|
|
tags = [
|
|
"grafana",
|
|
"tricot grafana.deuxfleurs.fr",
|
|
]
|
|
port = 3719
|
|
address_mode = "driver"
|
|
name = "grafana"
|
|
check {
|
|
type = "tcp"
|
|
port = 3719
|
|
address_mode = "driver"
|
|
interval = "60s"
|
|
timeout = "5s"
|
|
check_restart {
|
|
limit = 3
|
|
grace = "90s"
|
|
ignore_warnings = false
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
task "replicate-db" {
|
|
driver = "docker"
|
|
config {
|
|
image = "litestream/litestream:0.3.7"
|
|
args = [
|
|
"replicate", "-config", "/etc/litestream.yml"
|
|
]
|
|
volumes = [
|
|
"../alloc/data:/ephemeral",
|
|
"secrets/litestream.yml:/etc/litestream.yml"
|
|
]
|
|
}
|
|
user = "472"
|
|
|
|
template {
|
|
data = file("../config/grafana-litestream.yml")
|
|
destination = "secrets/litestream.yml"
|
|
}
|
|
|
|
resources {
|
|
memory = 200
|
|
cpu = 100
|
|
}
|
|
}
|
|
}
|
|
}
|