44 lines
1.3 KiB
YAML
44 lines
1.3 KiB
YAML
---
|
|
- name: Install Prometheus Node Exporter
|
|
hosts: bab1.mgmt.toal.ca
|
|
become: true
|
|
|
|
tasks:
|
|
- name: Pull node-exporter image
|
|
community.docker.docker_image:
|
|
name: quay.io/prometheus/node-exporter
|
|
tag: "v{{ node_exporter_version }}"
|
|
source: pull
|
|
tags: image
|
|
|
|
- name: Run node-exporter container
|
|
community.docker.docker_container:
|
|
name: node-exporter
|
|
image: "quay.io/prometheus/node-exporter:v{{ node_exporter_version }}"
|
|
state: started
|
|
restart_policy: unless-stopped
|
|
# Host network gives accurate interface metrics without NAT
|
|
network_mode: host
|
|
# Required for per-process CPU/memory metrics
|
|
pid_mode: host
|
|
# Disable SELinux relabelling so we can bind-mount / read-only
|
|
# without risking a recursive chcon on the entire filesystem
|
|
security_opts:
|
|
- label=disable
|
|
capabilities:
|
|
- SYS_TIME
|
|
volumes:
|
|
- /:/host:ro,rslave
|
|
command:
|
|
- --path.rootfs=/host
|
|
- --web.listen-address=:{{ node_exporter_port }}
|
|
tags: configure
|
|
|
|
- name: Allow node-exporter port through firewalld
|
|
ansible.posix.firewalld:
|
|
port: "{{ node_exporter_port }}/tcp"
|
|
permanent: true
|
|
state: enabled
|
|
immediate: true
|
|
tags: configure
|