diff options
| author | Trygve Laugstøl <trygvis@inamo.no> | 2023-10-30 19:36:54 +0100 |
|---|---|---|
| committer | Trygve Laugstøl <trygvis@inamo.no> | 2023-10-31 12:15:56 +0100 |
| commit | c7d942c02b034ce339bdb554e61410d3faa7f5c8 (patch) | |
| tree | a2ba9cd1e075d36c48632c30f2525a16e3328621 /terraform/telegraf/conflatorio | |
| parent | 3a7734b21b69ae533fa069f0dfa8d7e98222d159 (diff) | |
| download | infra-c7d942c02b034ce339bdb554e61410d3faa7f5c8.tar.gz infra-c7d942c02b034ce339bdb554e61410d3faa7f5c8.tar.bz2 infra-c7d942c02b034ce339bdb554e61410d3faa7f5c8.tar.xz infra-c7d942c02b034ce339bdb554e61410d3faa7f5c8.zip | |
telegraf-os: Making module.
Diffstat (limited to 'terraform/telegraf/conflatorio')
| -rw-r--r-- | terraform/telegraf/conflatorio/ansible-config.yml | 12 | ||||
| -rw-r--r-- | terraform/telegraf/conflatorio/main.tf | 24 | ||||
| -rw-r--r-- | terraform/telegraf/conflatorio/telegraf.tf | 105 | ||||
| -rw-r--r-- | terraform/telegraf/conflatorio/templates/telegraf.conf | 20 |
4 files changed, 10 insertions, 151 deletions
diff --git a/terraform/telegraf/conflatorio/ansible-config.yml b/terraform/telegraf/conflatorio/ansible-config.yml deleted file mode 100644 index 3acab34..0000000 --- a/terraform/telegraf/conflatorio/ansible-config.yml +++ /dev/null @@ -1,12 +0,0 @@ -- hosts: - - conflatorio - tasks: - - become: yes - file: - state: directory - path: "/etc/trygvis" - - - become: yes - template: - dest: "/etc/trygvis/telegraf.conf" - src: "telegraf.conf" diff --git a/terraform/telegraf/conflatorio/main.tf b/terraform/telegraf/conflatorio/main.tf index 5d94503..1513610 100644 --- a/terraform/telegraf/conflatorio/main.tf +++ b/terraform/telegraf/conflatorio/main.tf @@ -17,21 +17,17 @@ terraform { } } -locals { - ansible_host = "conflatorio" - hostname = "conflatorio.vpn.trygvis.io" - - influx_url = "https://influxdb.vpn.trygvis.io" - influx_token = data.sops_file.vault.data["influx_token"] - influx_organization = "trygvis" - - influx_bucket = "telegraf-lhn2ix" +data "sops_file" "vault" { + source_file = "vault.yml" } -provider "docker" { - host = "ssh://${local.hostname}" -} +module "telegraf-os" { + source = "../telegraf-os" -data "sops_file" "vault" { - source_file = "vault.yml" + docker_gid = 997 + hostname = "conflatorio.vpn.trygvis.io" + ansible_host = "conflatorio" + + influx_token = data.sops_file.vault.data["influx_token"] + influx_bucket = "telegraf-lhn2ix" } diff --git a/terraform/telegraf/conflatorio/telegraf.tf b/terraform/telegraf/conflatorio/telegraf.tf deleted file mode 100644 index 669476a..0000000 --- a/terraform/telegraf/conflatorio/telegraf.tf +++ /dev/null @@ -1,105 +0,0 @@ -#data "docker_network" "public" { -# name = "public" -#} - -data "docker_registry_image" "telegraf" { - name = "telegraf:1.28.3-alpine" -} - -locals { - docker_gid = 997 - entrypoint = <<EOT -#!/bin/sh -set -x - -setcap cap_net_raw+ep /usr/bin/telegraf -setcap cap_net_bind_service+ep /usr/bin/telegraf -setcap cap_net_admin+ep /usr/bin/telegraf - -su-exec telegraf:${local.docker_gid} \ - /usr/bin/telegraf --config /telegraf.conf -EOT -} - -resource "docker_image" "telegraf" { - name = data.docker_registry_image.telegraf.name - pull_triggers = [data.docker_registry_image.telegraf.sha256_digest] -} - -resource "docker_container" "telegraf" { - image = docker_image.telegraf.image_id - name = "telegraf" - - provisioner "local-exec" { - command = "ansible-playbook -l ${local.ansible_host} ansible-config.yml" - } - - network_mode = "host" - - mounts { - type = "bind" - source = "/" - target = "/hostfs" - read_only = true - } - - mounts { - type = "bind" - source = "/etc/trygvis/telegraf.conf" - target = "/telegraf.conf" - read_only = true - } - - mounts { - type = "bind" - source = "/var/run/docker.sock" - target = "/var/run/docker.sock" - read_only = true - } - - entrypoint = [ - "sh", - "-c", - local.entrypoint, - ] -# command = [ -# "--config", -# "/telegraf.conf" -# ] - - # Needed to get group_add to apply, if not entrypoint.sh drops the extra - # group. -# user = "telegraf:telegraf" -# group_add = [ -# "997" # for docker input -# ] - - capabilities { - add = [ - "CAP_NET_RAW", - "CAP_NET_BIND_SERVICE", - "CAP_NET_ADMIN", - ] - } - - # cmd = [ - # "sudo", - # "setcap", - # "CAP_NET_ADMIN+epi", - # "/usr/bin/telegraf" - # ] - - env = [ - "INFLUX_URL=${local.influx_url}", - "INFLUX_TOKEN=${local.influx_token}", - "INFLUX_ORGANIZATION=${local.influx_organization}", - "INFLUX_BUCKET=${local.influx_bucket}", - - "HOST_MOUNT_PREFIX=/hostfs", - "HOST_ETC=/hostfs/etc", - "HOST_PROC=/hostfs/proc", - "HOST_RUN=/hostfs/run", - "HOST_SYS=/hostfs/sys", - "HOST_VAR=/hostfs/var", - ] -} diff --git a/terraform/telegraf/conflatorio/templates/telegraf.conf b/terraform/telegraf/conflatorio/templates/telegraf.conf deleted file mode 100644 index 369bd7b..0000000 --- a/terraform/telegraf/conflatorio/templates/telegraf.conf +++ /dev/null @@ -1,20 +0,0 @@ -[agent] - hostname = "{{ inventory_hostname }}" - omit_hostname = false - -[[outputs.influxdb_v2]] - urls = ["${INFLUX_URL}"] - token = "${INFLUX_TOKEN}" - organization = "${INFLUX_ORGANIZATION}" - bucket = "${INFLUX_BUCKET}" - -[[inputs.disk]] - ignore_fs = ["tmpfs", "devtmpfs", "devfs", "iso9660", "overlay", "aufs", "squashfs"] - mount_points = ["/"] - -[[inputs.mem]] -[[inputs.net]] -[[inputs.wireguard]] - -[[inputs.docker]] - endpoint = "unix:///var/run/docker.sock" |