forked from paregupt/ucs_traffic_monitor
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathutm.yml
370 lines (308 loc) · 10.9 KB
/
utm.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
---
# file: utm.yml (ref: https://www.since2k7.com/blog/2020/02/29/cisco-ucs-monitoring-using-grafana-influxdb-telegraf-utm-installation)
- hosts: utm
become: yes
become_user: root
collections:
- community.grafana
tasks:
- name: Install required package - UTM
yum:
name: "{{ packages }}"
state: latest
vars:
packages:
- "@Development tools"
- python3
- python3-setuptools
- name: Update pip itself (required by netmiko) using shell (ansible module is failing on CentOS7)
shell:
cmd: python3 -m pip install pip==21.3.1 -U # Required to use python 3.6
register: shell_pip_install
changed_when: '"Requirement already satisfied: pip==21.3.1" not in shell_pip_install.stdout'
when: ansible_distribution_major_version | int < 9
- name: Install pip
shell:
cmd: python3 -m ensurepip --default-pip
register: shell_pip_install
changed_when: '"Requirement already satisfied: pip" not in shell_pip_install.stdout'
when: ansible_distribution_major_version | int >= 9
- name: Install ucsmsdk via pip using shell (ansible module is failing on CentOS7)
shell:
cmd: python3 -m pip install ucsmsdk
register: shell_pip_install
changed_when: '"Requirement already satisfied: ucsmsdk" not in shell_pip_install.stdout'
- name: Install netmiko==4.0.0 via pip using shell (ansible module is failing on CentOS7)
shell:
cmd: python3 -m pip install netmiko==4.0.0 # Required to use python 3.6
register: shell_pip_install
changed_when: '"Requirement already satisfied: netmiko==4.0.0" not in shell_pip_install.stdout'
- name: Enable service chronyd
service:
name: chronyd
enabled: yes
state: started
- name: Add YUM repository grafana.repo
yum_repository:
name: grafana
description: https://grafana.com/docs/grafana/latest/installation/rpm/
baseurl: https://packages.grafana.com/enterprise/rpm
repo_gpgcheck: yes
gpgcheck: yes
gpgkey: https://packages.grafana.com/gpg.key
sslverify: yes
sslcacert: /etc/pki/tls/certs/ca-bundle.crt
- name: Add grafana.repo gpg key
rpm_key:
state: present
key: https://packages.grafana.com/gpg.key
- name: Install grafana (grafana-enterprise)
yum:
name: grafana-enterprise-10.1.10-1
# 9.5.20-1 : OK
# 10.0.13-1 : OK
# 10.1.10-1 : OK
# 10.2.0-1 : Service Profile "None"
# 10.2.8-1 : UCS Traffic Monitoring - error parsing query: found [, expected identifier, string, number, bool at line 1, char 291
# 10.3.7-1 : UCS Traffic Monitoring - error parsing query: found [, expected identifier, string, number, bool at line 1, char 291
# 10.4+ : Warning : agenty-flowcharting-panel (angular)
state: present
- name: Enable service grafana-server
service:
name: grafana-server
enabled: yes
state: started
- name: Add YUM repository influxdb.repo (will be use for influxdb and telegraf)
yum_repository:
name: influxdb
description: InfluxDB Repository - RHEL $releasever
baseurl: https://repos.influxdata.com/rhel/$releasever/$basearch/stable/
gpgcheck: yes
gpgkey: https://repos.influxdata.com/influxdata-archive_compat.key
- name: Install influxdb
yum:
name: influxdb
state: latest
- name: Enable service influxdb
service:
name: influxdb
enabled: yes
state: started
- name: Install telegraf
yum:
name: telegraf
state: latest
- name: Ensure that outputs influxdb is enable
replace:
path: /etc/telegraf/telegraf.conf
regexp: '^# (\[\[outputs.influxdb\]\])$'
replace: '\1'
- name: Ensure that outputs influxdb_v2 is disable
replace:
path: /etc/telegraf/telegraf.conf
regexp: '^(\[\[outputs.influxdb_v2\]\])$'
replace: '# \1'
- name: Enable service telegraf
service:
name: telegraf
enabled: yes
state: started
- name: Check if InfluxDB datasource exists in grafana
uri:
url_username: admin
url_password: admin
force_basic_auth: yes
url: http://localhost:3000/api/datasources/name/InfluxDB
body_format: json
status_code: 200, 404
register: grafana_ds
- name: Create influxdb datasource
grafana_datasource:
url_username: admin
url_password: admin
grafana_url: "http://localhost:3000"
name: "InfluxDB"
ds_type: "influxdb"
ds_url: "http://localhost:8086"
database: "telegraf"
when: grafana_ds.status == 404
- name: Create directory /usr/local/telegraf
file:
path: /usr/local/telegraf
state: directory
owner: telegraf
group: wheel
mode: '0770'
- name: Add or update ucs_traffic_monitor.py in /usr/local/telegraf
copy:
src: ../telegraf/ucs_traffic_monitor.py
dest: /usr/local/telegraf
owner: telegraf
group: wheel
mode: '0770'
- name: Add default .txt files to /usr/local/telegraf (if not exists)
copy:
src: "{{ item }}"
dest: /usr/local/telegraf
owner: telegraf
group: wheel
force: no
mode: '0660'
with_fileglob:
- ../telegraf/*.txt
- name: Adjust execution permission on /usr/local/telegraf/ucs_domains_group_1.txt and ucs_domains_group_2.txt
file:
path: /usr/local/telegraf/{{ item }}
mode: '0660'
with_items:
- ucs_domains_group_1.txt
- ucs_domains_group_2.txt
- name: Adjust execution permission on /usr/local/telegraf/ucs_traffic_monitor.py
file:
path: /usr/local/telegraf/ucs_traffic_monitor.py
mode: '0770'
- name: Update telegraf base configuration /etc/telegraf/telegraf.conf - logfile
lineinfile:
path: /etc/telegraf/telegraf.conf
regexp: '^ # logfile = ""'
line: ' logfile = "/var/log/telegraf/telegraf.log"'
- name: Update telegraf base configuration /etc/telegraf/telegraf.conf - logfile_rotation_max_size
lineinfile:
path: /etc/telegraf/telegraf.conf
regexp: '^ # logfile_rotation_max_size = "0MB"'
line: ' logfile_rotation_max_size = "10MB"'
- name: Update telegraf base configuration /etc/telegraf/telegraf.conf - logfile_rotation_max_archives
lineinfile:
path: /etc/telegraf/telegraf.conf
regexp: '^ # logfile_rotation_max_archives = 5'
line: ' logfile_rotation_max_archives = 5'
- name: Update telegraf base configuration /etc/telegraf/telegraf.conf - [[inputs.net]]
lineinfile:
path: /etc/telegraf/telegraf.conf
regexp: '^# \[\[inputs.net\]\]'
line: '[[inputs.net]]'
- name: Update telegraf base configuration /etc/telegraf/telegraf.conf - ignore_protocol_stats
lineinfile:
path: /etc/telegraf/telegraf.conf
regexp: '^# # ignore_protocol_stats = false'
line: ' ignore_protocol_stats = true'
- name: Add /etc/telegraf/telegraf.d/utm.conf
copy:
dest: /etc/telegraf/telegraf.d/utm.conf
content: |
[[inputs.exec]]
interval = "60s"
commands = [
"python3 /usr/local/telegraf/ucs_traffic_monitor.py /usr/local/telegraf/ucs_domains_group_1.txt influxdb-lp -vv",
]
timeout = "50s"
data_format = "influx"
[[inputs.exec]]
interval = "60s"
commands = [
"python3 /usr/local/telegraf/ucs_traffic_monitor.py /usr/local/telegraf/ucs_domains_group_2.txt influxdb-lp -vv",
]
timeout = "50s"
data_format = "influx"
mode: '0644'
register: telegraf_cfg
- name: Restart telegraf service (if /etc/telegraf/telegraf.d/utm.conf has changed)
service:
name: telegraf
state: restarted
when: telegraf_cfg.changed
- name: Create directory /usr/share/grafana/public/img/utm
file:
path: /usr/share/grafana/public/img/utm
state: directory
mode: '0775'
- name: Add images files to /usr/share/grafana/public/img/utm
copy:
src: "{{ item }}"
dest: /usr/share/grafana/public/img/utm
force: "{{ update_image }}"
mode: '0644'
with_fileglob:
- ../images/*
- name: Install/update Grafana piechart panel plugin
grafana_plugin:
name: "{{ item }}"
with_items:
- agenty-flowcharting-panel
- grafana-piechart-panel
register: grafana_plugin
- name: Restart grafana service (if plugins has been installed or configuration has changed)
service:
name: grafana-server
state: restarted
when: grafana_plugin.changed
- name: Create directory /tmp/utm
file:
path: /tmp/utm
state: directory
when: import_grafana_dashboard|bool
- name: Copy grafana dashboard file to /tmp/utm
copy:
src: "{{ item }}"
dest: /tmp/utm
mode: '0600'
with_fileglob:
- ../grafana/dashboards/*
when: import_grafana_dashboard|bool
- name: Get files list on remote from /tmp/utm
find:
paths: /tmp/utm
register: find_tmp_utm
when: import_grafana_dashboard|bool
- name: Import UTM Grafana dashboards from /tmp/utm
grafana_dashboard:
url_username: admin
url_password: admin
grafana_url: "http://localhost:3000"
path: "{{ item.path }}"
commit_message: Imported by ansible
overwrite: yes
with_items: "{{ find_tmp_utm.files }}"
when: import_grafana_dashboard|bool
- name: Remove directory /tmp/utm
file:
path: /tmp/utm
state: absent
when: import_grafana_dashboard|bool
# Configure LDAP/AD if required
- name: Add ldap configuration to grafana
template:
src: ldap.toml.ldap_ad
dest: /etc/grafana/ldap.toml
mode: '0640'
register: ldap_ad_grafana
when: ldap_ad_enable is defined and ldap_ad_enable|bool
- name: Update grafana base configuration /etc/grafana/grafana.ini - auth.ldap - enabled
ini_file:
path: /etc/grafana/grafana.ini
section: auth.ldap
option: enabled
value: "true"
register: ldap_ad_grafana_enabled
when: ldap_ad_enable is defined and ldap_ad_enable|bool
- name: Update grafana base configuration /etc/grafana/grafana.ini - auth.ldap - config_file
ini_file:
path: /etc/grafana/grafana.ini
section: auth.ldap
option: config_file
value: /etc/grafana/ldap.toml
register: ldap_ad_grafana_config_file
when: ldap_ad_enable is defined and ldap_ad_enable|bool
- name: Update grafana base configuration /etc/grafana/grafana.ini - auth.ldap - allow_sign_up
ini_file:
path: /etc/grafana/grafana.ini
section: auth.ldap
option: allow_sign_up
value: "true"
register: ldap_ad_grafana_allow_sign_up
when: ldap_ad_enable is defined and ldap_ad_enable|bool
- name: Restart grafana service (if ldap configuration has changed)
service:
name: grafana-server
state: restarted
when: ldap_ad_grafana.changed or ldap_ad_grafana_enabled.changed or ldap_ad_grafana_config_file.changed or ldap_ad_grafana_allow_sign_up.changed