feat(docker): Added cadvisor on all hosts, added docker metric exporter, added docker compose restart as handler, moved repetetive directory/permission creation into loops, moved repetetive values into variables, cleanup compose template for better empty lines

Signed-off-by: Tuan-Dat Tran <tuan-dat.tran@tudattr.dev>
2025-01-17 21:50:36 +01:00
parent 1017fed848
commit ae929ca09d
18 changed files with 97 additions and 100 deletions
--- a/playbook/common-k3s.yml
+++ b/playbook/common-k3s.yml
--- a/playbook/db.yml
+++ b/playbook/db.yml
--- a/playbook/docker-host.yml
+++ b/playbook/docker-host.yml
--- a/playbook/docker-lb.yml
+++ b/playbook/docker-lb.yml
--- a/group_vars/all/vars.yml
+++ b/group_vars/all/vars.yml
@@ -2,6 +2,7 @@
 # Essential
 #

+root: root
 user: tudattr
 timezone: Europe/Berlin
 puid: "1000"
--- a/group_vars/docker/vars.yml
+++ b/group_vars/docker/vars.yml
@@ -1,7 +1,9 @@
 docker:
  url: "https://download.docker.com/linux"
  apt_release_channel: "stable"
-  dirs: "/opt/docker"
+  directories:
+    opt: "/opt/docker/"
+    compose: "/opt/docker/compose"

 caddy:
  admin_email: me+acme@tudattr.dev
@@ -443,6 +445,47 @@ services:
      - TZ=Europe/Berlin
      - QBT_EULA="accept"
      - QBT_WEBUI_PORT="8082"
+  - name: cadvisor
+    vm:
+      - docker-host00
+      - docker-host01
+      - docker-host02
+    container_name: cadvisor
+    image: gcr.io/cadvisor/cadvisor:latest
+    restart: unless-stopped
+    ports:
+      - name: ""
+        internal: 8080
+        external: 8081
+    volumes:
+      - name: "Root"
+        internal: /rootfs:ro
+        external: /
+      - name: "Run"
+        internal: /var/run:rw
+        external: /var/run
+      - name: "System"
+        internal: /sys:ro
+        external: /sys
+      - name: "Docker"
+        internal: /var/lib/docker:ro
+        external: /var/lib/docker
+  # - name: template
+  #   vm:
+  #     -
+  #   container_name:
+  #   image:
+  #   restart:
+  #   volumes:
+  #     - name:
+  #       internal:
+  #       external:
+  #   ports:
+  #     - name:
+  #       internal:
+  #       external:
+  #   environment:
+  #     -
  # - name: calibre
  #   vm:
  #     - docker-host00
--- a/playbook/k3s-agents.yml
+++ b/playbook/k3s-agents.yml
--- a/playbook/k3s-servers.yml
+++ b/playbook/k3s-servers.yml
--- a/playbook/k3s-storage.yml
+++ b/playbook/k3s-storage.yml
--- a/playbook/loadbalancer.yml
+++ b/playbook/loadbalancer.yml
--- a/roles/docker_host/files/daemon.json
+++ b/roles/docker_host/files/daemon.json
@@ -0,0 +1,3 @@
+{
+  "metrics-addr": "0.0.0.0:9323"
+}
--- a/roles/docker_host/handlers/main.yml
+++ b/roles/docker_host/handlers/main.yml
@@ -4,4 +4,8 @@
    name: docker
    state: restarted
  become: true
-# TODO also do docker compose restart
+
+- name: Restart compose
+  community.docker.docker_compose_v2:
+    project_src: "{{ docker.directories.compose }}"
+    state: restarted
--- a/roles/docker_host/tasks/deploy_compose.yml
+++ b/roles/docker_host/tasks/deploy_compose.yml
@@ -2,11 +2,12 @@
 - name: Copy docker compose file to target
  ansible.builtin.template:
    src: "templates/compose.yaml.j2"
-    dest: "/opt/docker/compose/compose.yaml"
+    dest: "{{ docker.directories.compose }}/compose.yaml"
    owner: "{{ user }}"
    group: "{{ user }}"
    mode: "644"
    backup: true
  notify:
    - Restart docker
+    - Restart compose
  become: true
--- a/roles/docker_host/tasks/directory_setup.yml
+++ b/roles/docker_host/tasks/directory_setup.yml
@@ -1,106 +1,40 @@
 ---
- name: Create /media/docker directory
+- name: Create directories
  ansible.builtin.file:
-    path: /media/docker
+    path: "{{ item }}"
    state: directory
    mode: "0755"
+  loop:
+    - /media/docker
+    - /media/series
+    - /media/movies
+    - /media/songs
+    - "{{ docker.directories.opt }}"
+    - "{{ docker.directories.compose }}"
+    - /opt/local
  become: true

- name: Create /media/series directory
+- name: Set ownership to {{ user }}
  ansible.builtin.file:
-    path: /media/series
-    state: directory
-    mode: "0755"
+    path: "{{ item }}"
+    owner: "{{ user }}"
+    group: "{{ user }}"
+  loop:
+    - "{{ docker.directories.opt }}"
+    - /opt/local
+    - /media
  become: true

- name: Create /media/movies directory
-  ansible.builtin.file:
-    path: /media/movies
-    state: directory
-    mode: "0755"
-  become: true
-
- name: Create /media/songs directory
-  ansible.builtin.file:
-    path: /media/songs
-    state: directory
-    mode: "0755"
-  become: true
-
- name: Create /opt/docker directory
-  ansible.builtin.file:
-    path: /opt/docker
-    state: directory
-    mode: "0755"
-  become: true
-
- name: Create /opt/docker/compose directory
-  ansible.builtin.file:
-    path: /opt/docker/compose
-    state: directory
-    mode: "0755"
-  become: true
-
- name: Create /opt/local directory
-  ansible.builtin.file:
-    path: /opt/local
-    state: directory
-    mode: "0755"
-  become: true
-
- name: Set ownership of /opt/local to tudattr
-  ansible.builtin.file:
-    path: /opt/local
-    owner: tudattr
-    group: tudattr
-  become: true
-
- name: Set ownership of /opt/docker to tudattr
-  ansible.builtin.file:
-    path: /opt/docker
-    owner: tudattr
-    group: tudattr
-  become: true
-
- name: Set ownership of /media directories to tudattr
-  ansible.builtin.file:
-    path: /media/
-    owner: tudattr
-    group: tudattr
-  become: true
-
- name: Ensure /media/docker is mounted via NFS
+- name: Ensure NFS mounts
  ansible.posix.mount:
-    path: /media/docker
-    src: 192.168.20.12:/media/docker
-    fstype: nfs
-    opts: defaults,nolock
-    state: mounted
-  become: true
-
- name: Ensure /media/series is mounted via NFS
-  ansible.posix.mount:
-    path: /media/series
-    src: 192.168.20.12:/media/series
-    fstype: nfs
-    opts: defaults,nolock
-    state: mounted
-  become: true
-
- name: Ensure /media/movies is mounted via NFS
-  ansible.posix.mount:
-    path: /media/movies
-    src: 192.168.20.12:/media/movies
-    fstype: nfs
-    opts: defaults,nolock
-    state: mounted
-  become: true
-
- name: Ensure /media/songs is mounted via NFS
-  ansible.posix.mount:
-    path: /media/songs
-    src: 192.168.20.12:/media/songs
+    path: "{{ item }}"
+    src: "192.168.20.12:{{ item }}"
    fstype: nfs
    opts: defaults,nolock
    state: mounted
+  loop:
+    - /media/docker
+    - /media/series
+    - /media/movies
+    - /media/songs
  become: true
--- a/roles/docker_host/tasks/export.yml
+++ b/roles/docker_host/tasks/export.yml
@@ -0,0 +1,11 @@
+---
+- name: Copy exporter config to host
+  ansible.builtin.copy:
+    src: files/daemon.json
+    dest: /etc/docker/daemon.json
+    owner: "{{ root }}"
+    group: "{{ root }}"
+    mode: "0644"
+  notify:
+    - Restart docker
+  become: true
--- a/roles/docker_host/tasks/main.yml
+++ b/roles/docker_host/tasks/main.yml
@@ -13,3 +13,6 @@

 - name: Deploy docker compose
  ansible.builtin.include_tasks: deploy_compose.yml
+
+- name: Publish metrics
+  ansible.builtin.include_tasks: export.yml
--- a/roles/docker_host/templates/compose.yaml.j2
+++ b/roles/docker_host/templates/compose.yaml.j2
@@ -56,8 +56,8 @@ services:
      - {{device.external}}:{{device.internal}}
 {% endfor %}
 {% endif %}
-
 {% if service.name == 'paperless' %}
+
  {{service.name}}-broker:
    container_name: paperless-broker
    image: docker.io/library/redis:7
@@ -79,13 +79,10 @@ services:
      POSTGRES_DB: paperless
      POSTGRES_USER: paperless
      POSTGRES_PASSWORD: 5fnhn%u2YWY3paNvMAjdoufYPQ2Hf3Yi
-  {% endif %}
-
-
 {% endif %}

+{% endif %}
 {% endfor %}
-
 networks:
  net:
    driver: bridge
--- a/playbook/test.yml
+++ b/playbook/test.yml