使用 Puppet 配置远程规则集 [英] Configure remote rulesets with Puppet

问题描述

我正在尝试自动化 Prometheus node_exporter 和我的 Prometheus 服务器.对于node_exporter，我编写了一个模块来安装所有需要的包，根据facter 和其他一些设置$::ipaddress..

I'm trying to automate the Prometheus node_exporter and my Prometheus Server. For the node_exporter I've written a module to install all the needed packages, set the $::ipaddress based on facter and some more..

现在我想确保从申请节点收集的信息($hostname、$job_name、[...])导出到相应的远程 Prometheus 配置文件，但我希望异步完成此步骤，例如，随后在 Prometheus 服务器上运行 puppet 代理.

Now I'd like to make sure that the collected informations ($hostname, $job_name, [...]) from the applying node are exported into the respective remote Prometheus configfile, but I want to have this step done asynchronously, so for example with a puppet agent run afterwards on the Prometheus Server.

我已尝试将类定位到 puppetlabs/logrotate 模块，该模块基本上执行以下操作:

I've tried to orientate the classes towards the puppetlabs/logrotate module, which is basically doing the following:

logrotate/init.pp

class logrotate (
  String $ensure              = present,
  Boolean $hieramerge         = false,
  Boolean $manage_cron_daily  = true,
  Boolean $create_base_rules  = true,
  Boolean $purge_configdir    = false,
  String $package             = 'logrotate',
  Hash $rules                 = {},
) {
  do some stuff
}    

logrotate/rules.pp

class logrotate::rules ($rules = $::logrotate::rules){
  #assert_private()
  create_resources('logrotate::rule', $rules)
}

logrotate/rule.pp

define logrotate::rule(
  Pattern[/^[a-zA-Z0-9\._-]+$/] $rulename           = $title,
  Enum['present','absent'] $ensure                  = 'present',
  Optional[Logrotate::Path] $path                   = undef,
  (...)
  ) {
    do some stuff
  } 

缩短了我的 ni_trending (node_exporter) &ni_prometheus 模块目前看起来与 logrotate 非常相似:

Shortened my ni_trending (node_exporter) & ni_prometheus modules currently look very similar to logrotate:

ni_trending/init.pp

class ni_trending (
  $hostname       = $::fqdn,
  $listen_address = $::ipaddress,
  $listen_port    = 51118,
) { 

) inherits ni_trending::params {

anchor { 'ni_trending::start': }
  ->class { 'ni_trending::package': }
  ->class { 'ni_trending::config':
    (...)
    listen_address => $listen_address,
    listen_port    => $listen_port,
    (...)
    }
  ->class { 'ni_trending::service': }
  ->class { ' ni_trending::prometheus':
    (...)
    hostname     => $hostname,
    listen_port  => $listen_port,
    (...)
    }
    ->anchor { 'ni_trending::end': }
}

ni_trending/prometheus.pp

class ni_trending::prometheus (
  Hash $options        = {},
) {

  ni_prometheus::nodeexporterrule { 'node_exporter' :
    ensure      => pick_default($options['ensure'], 'present'),
    hostname    => pick_default($options['hostname'], $ni_trending::hostname),
    listen_port => pick_default($options['hostname'], $ni_trending::listen_port),
    }
}

ni_prometheus/nodeexporterrules.pp

class ni_prometheus::nodeexporterrules ($rules = $::ni_prometheus::nodeexporterrules) {

  create_resources('ni_prometheus::nodeexporterrule', $nodeexporterrules)

}

ni_prometheus/nodeexporterrule.pp

define ni_prometheus::nodeexporterrule (
  $job_name                         = $title,
  Enum['present','absent'] $ensure  = 'present',
  $hostname                         = $hostname,
  $listen_port                      = $listen_port,
) {

  file_line { "prometheus-${job_name}" :
    path  => "/etc/prometheus/${job_name}.list",
    after => 'hosts:',
    line  => "${hostname}:${listen_port}",
  }
}

但是当我在 Prometheus Master 上本地应用 node_exporter 时，这才有效 - 而不是在外部机器包含 ni_trending::prometheus 类的情况下，这对我来说很有意义 - 因为它显然感觉缺少某些东西.:-) 我怎样才能让它工作?

But this will just work when I apply the node_exporter locally on the Prometheus Master - not in the case that an external machine has the ni_trending::prometheus class included, which makes sense to me - because it clearly feels that something is missing. :-) How can I get this working?

谢谢！

推荐答案

这听起来像是 导出的资源(这使得 一天两个！).这是一个用于构建一个节点的目录以生成可应用于其他节点(也可选择应用于导出节点本身)的资源的工具.我仍然没有跟踪您要在何处管理的详细信息，因此这里有一个更通用的示例:维护本地主机文件.

This sounds like a job for exported resources (that makes two in one day!). This is a facility for one node's catalog building to generate resources that can be applied to other nodes (and also, optionally, to the exporting node itself). I'm still not tracking the details of what you want to manage where, so here's a more generic example: maintaining a local hosts file.

假设我们要自动管理一个列出我们所有受管理节点的 hosts 文件.Puppet 有一个内置资源，Host，代表主机文件中的一个条目.我们通过让管理的每个节点导出适当的主机资源来利用它.这样的东西会进入包含在每个节点上的类中:

Suppose we want to automatically manage a hosts file listing all our nodes under management. Puppet has a built-in resource, Host, representing one entry in a hosts file. We make use of that by having every node under management export an appropriate host resource. Something like this would go inside a class included on every node:

@@host { "$hostname": ip => $ipaddress; }

@@ 前缀将资源标记为已导出.它不适用于当前目标节点，除非通过我稍后将描述的机制.$hostname 和 $ipaddress 只是目标节点提供的事实，它们在该上下文中解析.还要注意，资源标题是全局唯一的:每个目标节点都有不同的主机名，因此所有适用于不同目标节点的导出的Host 资源将具有不同的标题.

The @@ prefix marks the resource as exported. It is not applied to the current target node, unless by the mechanism I will describe in a moment. the $hostname and $ipaddress are just facts presented by the target node, and they are resolved in that context. Note, too, that the resource title is globally unique: each target node has a different hostname, therefore all the exported Host resources that apply to different target nodes will have distinct titles.

然后，每个想要应用所有这些 Host 条目的节点将使用 导出的资源收集器:

Then, separately, every node that wants all those Host entries applied to it will import them in its own catalog by using an exported resource collector:

<<|Host|>>

导出这些资源的节点也可以收集其中的部分或全部.此外，还有一些方法可以使收集的资源更具选择性；请参阅上面的链接.

The nodes that export those resources can also collect some or all of them. Additionally, there are ways to be more selective about which resources are collected; see the link above.

这篇关于使用 Puppet 配置远程规则集的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！