General Updates
Diff
main.tf | 2 ++
variables.tf | 9 +++++----
cloudflare/main.tf | 18 ++++++++++++++++++
cloudflare/variables.tf | 2 ++
digitalocean/droplets.tf | 8 +++++++-
monitoring/cadvisor.tf | 87 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++--------------------
monitoring/data.tf | 16 ----------------
monitoring/grafana.tf | 33 +++++++++++++++++++++++----------
monitoring/images.tf | 20 --------------------
monitoring/main.tf | 1 -
monitoring/nodeexporter.tf | 52 +++++++++++++++++++++++++++++++---------------------
monitoring/speedtest.tf | 26 ++++++++++++++++++--------
monitoring/config/prometheus.yml | 32 +++++++++++++++++---------------
13 files changed, 162 insertions(+), 144 deletions(-)
@@ -1,7 +1,9 @@
module "cloudflare" {
source = "cloudflare"
domain = "bb8.fun"
ips = "${var.ips}"
droplet_ip = "${module.digitalocean.droplet_ipv4}"
}
module "docker" {
@@ -1,11 +1,12 @@
variable "ips" {
type = "map"
default = {
eth0 = "192.168.1.111"
tun0 = "10.8.0.14"
dovpn = "10.8.0.1"
static = "139.59.48.222"
eth0 = "192.168.1.111"
tun0 = "10.8.0.14"
dovpn = "10.8.0.1"
static = "139.59.48.222"
droplet = "139.59.22.234"
}
}
@@ -25,7 +25,7 @@
resource "cloudflare_record" "internet" {
domain = "${var.domain}"
name = "@"
value = "${var.ips["static"]}"
value = "${var.droplet_ip}"
type = "A"
}
@@ -35,8 +35,24 @@
value = "${cloudflare_record.internet.hostname}"
type = "CNAME"
ttl = 3600
}
resource "cloudflare_record" "dns" {
domain = "${var.domain}"
name = "dns"
value = "${var.ips["static"]}"
type = "A"
}
resource "cloudflare_record" "doh" {
domain = "${var.domain}"
name = "doh"
value = "${var.ips["static"]}"
type = "A"
}
resource "cloudflare_record" "acme-no-cname-1" {
domain = "${var.domain}"
name = "_acme-challenge.${var.domain}"
@@ -5,3 +5,5 @@
variable "ips" {
type = "map"
}
variable "droplet_ip" {}
@@ -1,16 +1,22 @@
resource "digitalocean_droplet" "sydney" {
image = ""
name = "sydney.captnemo.in"
region = "blr1"
size = "1gb"
size = "s-1vcpu-2gb"
ipv6 = true
private_networking = true
resize_disk = true
volume_ids = ["eae03502-9279-11e8-ab31-0242ac11470b"]
tags = [
"bangalore",
"proxy",
"sydney",
"vpn",
]
}
output "droplet_ipv4" {
value = "${digitalocean_droplet.sydney.ipv4_address}"
}
@@ -1,47 +1,56 @@
resource "docker_container" "cadvisor" {
module "cadvisor" {
source = "../modules/container"
name = "cadvisor"
image = "${docker_image.cadvisor.latest}"
memory = 512
image = "google/cadvisor:latest"
resource {
memory = 512
memory_swap = 512
}
restart = "unless-stopped"
destroy_grace_seconds = 10
must_run = true
volumes {
host_path = "/sys"
container_path = "/sys"
read_only = true
}
volumes {
host_path = "/"
container_path = "/rootfs"
read_only = true
}
volumes {
host_path = "/var/lib/docker"
container_path = "/var/lib/docker"
read_only = true
volumes = [
{
host_path = "/sys"
container_path = "/sys"
read_only = true
},
{
host_path = "/"
container_path = "/rootfs"
read_only = true
},
{
host_path = "/var/lib/docker"
container_path = "/var/lib/docker"
read_only = true
},
{
host_path = "/dev/disk"
container_path = "/dev/disk"
read_only = true
},
{
host_path = "/var/run"
container_path = "/var/run"
},
]
networks_advanced = [
{
name = "traefik"
},
{
name = "monitoring"
},
]
web {
expose = true
port = 8080
auth = true
}
volumes {
host_path = "/dev/disk"
container_path = "/dev/disk"
read_only = true
}
volumes {
host_path = "/var/run"
container_path = "/var/run"
}
networks = ["${var.traefik-network-id}", "${docker_network.monitoring.id}"]
labels = "${merge(
var.traefik-labels, map(
"traefik.port", 8080,
"traefik.frontend.rule","Host:cadvisor.${var.domain}",
"traefik.frontend.auth.basic", "${var.basic_auth}"
))}"
}
@@ -1,19 +1,3 @@
data "docker_registry_image" "grafana" {
name = "grafana/grafana:latest"
}
data "docker_registry_image" "prometheus" {
name = "prom/prometheus:latest"
}
data "docker_registry_image" "nodeexporter" {
name = "prom/node-exporter:latest"
}
data "docker_registry_image" "cadvisor" {
name = "google/cadvisor:latest"
}
data "docker_registry_image" "speedtest" {
name = "captn3m0/speedtest-exporter:alpine"
}
@@ -1,22 +1,31 @@
resource "docker_container" "grafana" {
name = "grafana"
image = "${docker_image.grafana.latest}"
module "grafana" {
name = "grafana"
source = "../modules/container"
image = "grafana/grafana:latest"
user = "984:982"
labels = "${merge(
var.traefik-labels, map(
"traefik.port", 3000,
"traefik.frontend.rule","Host:grafana.${var.domain}"
))}"
web {
port = 3000
host = "grafana.${var.domain}"
expose = true
}
volumes {
volumes = [{
host_path = "/mnt/xwing/data/grafana"
container_path = "/var/lib/grafana"
}
networks = ["${var.traefik-network-id}", "${docker_network.monitoring.id}"]
}]
networks_advanced = [
{
name = "traefik"
},
{
name = "monitoring"
},
]
env = [
"GF_SERVER_ROOT_URL=https://grafana.${var.domain}",
@@ -1,26 +1,6 @@
resource "docker_image" "grafana" {
name = "${data.docker_registry_image.grafana.name}"
pull_triggers = ["${data.docker_registry_image.grafana.sha256_digest}"]
}
resource "docker_image" "prometheus" {
name = "${data.docker_registry_image.prometheus.name}"
pull_triggers = ["${data.docker_registry_image.prometheus.sha256_digest}"]
}
resource "docker_image" "nodeexporter" {
name = "${data.docker_registry_image.nodeexporter.name}"
pull_triggers = ["${data.docker_registry_image.nodeexporter.sha256_digest}"]
}
resource "docker_image" "cadvisor" {
name = "${data.docker_registry_image.cadvisor.name}"
pull_triggers = ["${data.docker_registry_image.cadvisor.sha256_digest}"]
}
resource "docker_image" "speedtest" {
name = "${data.docker_registry_image.speedtest.name}"
pull_triggers = ["${data.docker_registry_image.speedtest.sha256_digest}"]
}
resource "docker_image" "act-exporter" {
@@ -1,1 +1,0 @@
@@ -1,28 +1,28 @@
resource "docker_container" "nodeexporter" {
name = "nodeexporter"
image = "${docker_image.nodeexporter.latest}"
module "nodeexporter" {
name = "nodeexporter"
source = "../modules/container"
image = "prom/node-exporter:latest"
volumes {
host_path = "/proc"
container_path = "/host/proc"
}
volumes {
host_path = "/sys"
container_path = "/host/sys"
}
volumes {
host_path = "/"
container_path = "/rootfs"
read_only = true
}
volumes {
host_path = "/mnt/xwing"
container_path = "/host/mnt"
read_only = true
}
volumes = [
{
host_path = "/proc"
container_path = "/host/proc"
},
{
host_path = "/sys"
container_path = "/host/sys"
},
{
host_path = "/"
container_path = "/rootfs"
read_only = true
},
{
host_path = "/mnt/xwing"
container_path = "/host/mnt"
read_only = true
},
]
command = [
"--path.procfs=/host/proc",
@@ -30,7 +30,9 @@
"--collector.filesystem.ignored-mount-points=\"^/(sys|proc|dev|host|etc)($$|/)\"",
]
networks = ["${docker_network.monitoring.id}"]
networks = [
"${docker_network.monitoring.id}",
]
restart = "unless-stopped"
destroy_grace_seconds = 10
@@ -1,17 +1,25 @@
resource "docker_container" "speedtest" {
name = "speedtest"
image = "${docker_image.speedtest.latest}"
networks_advanced {
name = "monitoring"
aliases = ["speedtest", "speedtest.docker"]
}
module "speedtest" {
name = "speedtest"
image = "captn3m0/speedtest-exporter:alpine"
source = "../modules/container"
networks_advanced {
name = "bridge"
networks_advanced = [
{
name = "monitoring"
aliases = ["speedtest", "speedtest.docker"]
},
{
name = "bridge"
},
]
resource {
memory = 256
memory_swap = 256
}
restart = "unless-stopped"
@@ -1,44 +1,44 @@
global:
scrape_interval: 15s
external_labels:
monitor: 'docker-monitor'
monitor: "docker-monitor"
scrape_configs:
- job_name: 'prometheus'
- job_name: "prometheus"
static_configs:
- targets: ['localhost:9090']
- targets: ["localhost:9090"]
- job_name: 'node'
- job_name: "node"
scrape_interval: 5s
static_configs:
- targets: ['nodeexporter:9100']
- targets: ["nodeexporter:9100"]
- job_name: 'cadvisor'
- job_name: "cadvisor"
scrape_interval: 5s
static_configs:
- targets: ['cadvisor:8080']
- targets: ["cadvisor:8080"]
- job_name: 'speedtest'
- job_name: "speedtest"
scrape_interval: 15m
scrape_timeout: 2m
static_configs:
- targets: ['speedtest.docker:9696']
- targets: ["speedtest:9696"]
- job_name: 'docker'
- job_name: "docker"
scrape_interval: 5s
static_configs:
- targets: ['192.168.1.111:1337']
- targets: ["192.168.1.111:1337"]
- job_name: 'traefik'
- job_name: "traefik"
scrape_interval: 5s
static_configs:
- targets: ['192.168.1.111:1111']
- targets: ["192.168.1.111:1111"]
- job_name: 'act'
- job_name: "act"
scrape_interval: 15m
scrape_timeout: 1m
static_configs:
- targets: ['act-exporter.docker:3000']
- targets: ["act-exporter.docker:3000"]
rule_files:
- 'alert.rules'
- "alert.rules"