Gitiles
Code Review Sign In
review.vexxhost.dev / atmosphere / 793601877d1014212809e548dea73127fcf854cf / . / roles / openstack_exporter / tasks / main.yml
blob: 0b38ef4d8b7de1db4f6d0f9860250685c6abfde6 [file] [log] [blame]
# Copyright (c) 2022 VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: Create keystone user
openstack.cloud.identity_user:
cloud: atmosphere
state: present
name: openstack-exporter-{{ openstack_helm_endpoints_region_name }}
password: "{{ openstack_helm_endpoints_openstack_exporter_keystone_password }}"
domain: service
default_project: service
- name: Assign admin role to service user
openstack.cloud.role_assignment:
cloud: atmosphere
user: openstack-exporter-{{ openstack_helm_endpoints_region_name }}
role: admin
project: service
domain: service
- name: Deploy service
kubernetes.core.k8s:
state: present
definition:
- apiVersion: v1
kind: Secret
metadata:
name: openstack-config
namespace: monitoring
type: Opaque
stringData:
clouds.yaml: |
clouds:
openstack:
auth:
auth_url: http://keystone-api.openstack.svc.cluster.local:5000
project_domain_name: service
project_name: service
user_domain_name: service
username: openstack-exporter-{{ openstack_helm_endpoints_region_name }}
password: {{ openstack_helm_endpoints_openstack_exporter_keystone_password }}
region_name: {{ openstack_helm_endpoints_region_name }}
interface: internal
identity_api_version: 3
identity_interface: internal
- apiVersion: apps/v1
kind: Deployment
metadata:
name: openstack-exporter
namespace: monitoring
labels:
application: openstack-exporter
spec:
replicas: 1
selector:
matchLabels:
application: openstack-exporter
template:
metadata:
labels:
application: openstack-exporter
spec:
nodeSelector:
openstack-control-plane: enabled
containers:
- name: openstack-exporter
image: "{{ openstack_exporter_image_repository }}/openstack-exporter:{{ openstack_exporter_image_tag }}"
args:
- --endpoint-type
- internal
- default
- --collect-metric-time
- --disable-service.identity
- --disable-service.image
- --disable-metric=cinder-limits_volume_max_gb
- --disable-metric=cinder-limits_volume_used_gb
- --disable-metric=cinder-volumes
- --disable-metric=cinder-volume_status
- --disable-metric=neutron-floating_ips
- --disable-metric=neutron-networks
- --disable-metric=neutron-security_groups
- --disable-metric=neutron-subnets
- --disable-metric=neutron-routers
- --disable-metric=nova-flavors
- --disable-metric=nova-availability_zones
- --disable-metric=nova-security_groups
- --disable-metric=nova-limits_vcpus_max
- --disable-metric=nova-limits_vcpus_used
- --disable-metric=nova-limits_memory_max
- --disable-metric=nova-limits_memory_used
port:
name: metrics
containerPort: 9180
volumeMounts:
- name: openstack-config
mountPath: "/etc/openstack"
volumes:
- name: openstack-config
secret:
secretName: openstack-config
- apiVersion: v1
kind: Service
metadata:
name: openstack-exporter
namespace: monitoring
labels:
application: openstack-exporter
spec:
clusterIP: None
ports:
- name: metrics
port: 9180
targetPort: metrics
selector:
application: openstack-exporter
# NOTE(mnaser): Since we haven't moved to the operator pattern yet, we need to
# keep retrying a few times as the CRDs might not be installed
# yet.
retries: 60
delay: 5
register: _result
until: _result is not failed