Last active
January 4, 2018 23:02
-
-
Save JeanFred/f9357bb485fd9428d52895951e26875d to your computer and use it in GitHub Desktop.
Ansible role provisioning Graphite (sitting behind Nginx)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
- name: Carbon config files | |
template: | |
src: '{{ item }}' | |
dest: '{{graphite_venv_path}}/conf/{{ item }}' | |
validate: "python -c \"import ConfigParser; config = ConfigParser.RawConfigParser(); config.read('%s')\"" | |
with_items: | |
- carbon.conf | |
- storage-schemas.conf | |
- storage-aggregation.conf | |
notify: | |
- restart carbon | |
tags: | |
- carbon_config | |
- name: Give write access to log files | |
file: | |
path: '{{ carbon.log_directory }}' | |
owner: "{{ graphite.user }}" | |
group: "adm" | |
mode: 'a+w' | |
state: directory | |
sudo: yes | |
- name: Carbon init.d script | |
copy: | |
src: carbon-cache | |
dest: /etc/init.d/carbon-cache | |
mode: 0755 | |
owner: root | |
group: root |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import os | |
import sys | |
sys.path.append('{{ graphite_venv_path }}/webapp') | |
os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'graphite.settings') | |
from django.core.wsgi import get_wsgi_application | |
application = get_wsgi_application() | |
# READ THIS | |
# Initializing the search index can be very expensive, please include | |
# the WSGIImportScript directive pointing to this script in your vhost | |
# config to ensure the index is preloaded before any requests are handed | |
# to the process. | |
from graphite.logger import log | |
log.info("graphite.wsgi - pid %d - reloading search index" % os.getpid()) | |
import graphite.metrics.search |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
- name: Create graphite user | |
user: | |
name: "{{ graphite.user }}" | |
system: yes | |
createhome: no | |
comment: "Graphite user" | |
state: present | |
- name: Setup install directory | |
file: | |
path: '{{graphite_venv_path}}' | |
owner: '{{remote_user}}' | |
group: '{{remote_user}}' | |
state: 'directory' | |
sudo: yes | |
- name: Install Cairo system wide | |
apt: | |
pkg: '{{ item }}' | |
state: present | |
force: yes | |
with_items: | |
- python-cairo | |
- python-cairo-dev | |
sudo: yes | |
- name: Install PIP modules | |
pip: | |
name: '{{ item }}' | |
virtualenv: '{{graphite_venv_path}}' | |
virtualenv_site_packages: yes | |
sudo: no | |
with_items: | |
- django>=1.6,<1.7 | |
- django-tagging==0.3.6 | |
- pytz==2015.2 | |
- twisted==15.4.0 | |
- whisper==0.9.13 | |
- python-memcached==1.57 | |
- carbonate==0.2.2 | |
- name: Install PIP modules with overloaded config | |
pip: | |
name: '{{ item }}' | |
virtualenv: '{{graphite_venv_path}}' | |
virtualenv_site_packages: yes | |
extra_args: '--install-option="--prefix={{ graphite_venv_path }}" --install-option="--install-lib={{ graphite_venv_path }}/lib/python2.7/site-packages/"' | |
sudo: no | |
with_items: | |
- graphite-web==0.9.13 | |
- carbon==0.9.13 | |
- name: Symlink graphite installation | |
file: | |
path: '{{graphite_venv_path}}/webapp/graphite' | |
src: '{{ graphite_venv_path }}/lib/python2.7/site-packages/graphite/' | |
state: link | |
- name: Give write access to log files | |
file: | |
path: '{{ graphite.log_directory }}' | |
owner: "{{ graphite.user }}" | |
group: "adm" | |
mode: 'a+w' | |
state: directory | |
sudo: yes | |
- include: carbon.yml | |
- include: webapp.yml | |
- name: System - give write access to storage files | |
file: | |
path: '{{graphite_venv_path}}/storage/' | |
mode: 'a+w' | |
state: directory | |
owner: "{{ graphite.user }}" | |
recurse: yes | |
sudo: yes | |
- name: Start collection daemon | |
service: | |
name: carbon-cache | |
state: started |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
server { | |
listen 80; | |
server_name graphite.example.com; | |
port_in_redirect on; | |
return 301 https://$host$request_uri; | |
} | |
server { | |
listen 443 ssl; | |
ssl_certificate /usr/local/nginx/example.crt; | |
ssl_certificate_key /usr/local/nginx/example/key; | |
client_max_body_size 4M; | |
server_name graphite.example.com; | |
# Don't try http for 365 days | |
add_header Strict-Transport-Security max-age=31536000; | |
root /var/www/stats; | |
access_log /var/log/nginx/stats.access.log; | |
error_log /var/log/nginx/stats.error.log; | |
auth_basic "Restricted"; | |
auth_basic_user_file /etc/nginx/.htpasswd; | |
rewrite ^/$ /graphite/ permanent; | |
add_header Access-Control-Allow-Origin "*"; | |
add_header Access-Control-Allow-Methods "GET, OPTIONS"; | |
add_header Access-Control-Allow-Headers "Origin, Authorization, Accept"; | |
location /graphite/ { | |
gzip off; | |
include uwsgi_params; | |
uwsgi_pass 127.0.0.1:3031; | |
} | |
location /content { | |
alias /opt/graphite/webapp/graphite/content; | |
gzip off; | |
include uwsgi_params; | |
uwsgi_pass 127.0.0.1:3031; | |
} | |
location /metrics { | |
alias /opt/graphite/webapp/graphite/metrics; | |
gzip off; | |
include uwsgi_params; | |
uwsgi_pass 127.0.0.1:3031; | |
} | |
location /dashboard { | |
alias /opt/graphite/webapp/graphite/dashboard; | |
gzip off; | |
include uwsgi_params; | |
uwsgi_pass 127.0.0.1:3031; | |
} | |
location /render { | |
alias /opt/graphite/webapp/graphite/render; | |
gzip off; | |
include uwsgi_params; | |
uwsgi_pass 127.0.0.1:3031; | |
} | |
location /browser { | |
alias /opt/graphite/webapp/graphite/browser; | |
gzip off; | |
include uwsgi_params; | |
uwsgi_pass 127.0.0.1:3031; | |
} | |
location /composer { | |
alias /opt/graphite/webapp/graphite/composer; | |
gzip off; | |
include uwsgi_params; | |
uwsgi_pass 127.0.0.1:3031; | |
} | |
location /events { | |
alias /opt/graphite/webapp/graphite/events; | |
gzip off; | |
include uwsgi_params; | |
uwsgi_pass 127.0.0.1:3031; | |
} | |
location /admin { | |
gzip off; | |
include uwsgi_params; | |
uwsgi_pass 127.0.0.1:3031; | |
} | |
location ~ ^/media/ { | |
root /usr/local/lib/python2.6/dist-packages/django/contrib/admin/media/; | |
gzip_static on; # to serve pre-gzipped version | |
expires max; | |
add_header Cache-Control public; | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
uwsgi: | |
processes: 1 | |
gid: {{ graphite.user }} | |
uid: {{ graphite.user }} | |
chdir: {{graphite_venv_path}}/webapp | |
virtualenv: {{graphite_venv_path}} | |
wsgi-file: {{graphite_venv_path}}/conf/graphite.wsgi | |
socket: 127.0.0.1:3031 | |
master: true | |
vacuum: true | |
max-requests: 5000 | |
plugins: python |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
- name: Webapp - local_settings config | |
template: | |
src: local_settings.py | |
dest: '{{graphite_venv_path}}/webapp/graphite/local_settings.py' | |
owner: '{{ graphite.user }}' | |
group: '{{ graphite.user }}' | |
mode: 0644 | |
- name: Webapp - graphTemplates config | |
template: | |
src: graphTemplates.conf | |
dest: '{{graphite_venv_path}}/conf/graphTemplates.conf' | |
owner: '{{ graphite.user }}' | |
group: '{{ graphite.user }}' | |
mode: 0644 | |
- name: Webapp - wsgi template | |
template: | |
src: graphite.wsgi | |
dest: '{{graphite_venv_path}}/conf/graphite.wsgi' | |
- name: Check if database is present | |
stat: | |
path: '{{graphite_venv_path}}/storage/graphite.db' | |
register: graphite_db | |
- name: Webapp - set up database | |
django_manage: | |
command: syncdb --noinput | |
app_path: '{{graphite_venv_path}}/webapp/graphite' | |
virtualenv: '{{ graphite_venv_path }}' | |
when: graphite_db.stat.exists == False | |
- name: Update the uwsgi config | |
template: | |
src: uwsgi.conf | |
dest: '/etc/uwsgi/apps-enabled/graphite.yml' | |
mode: 0644 | |
notify: reload uwsgi | |
- name: Make sure uwsgi is started | |
service: | |
name: uwsgi | |
state: started | |
arguments: 'graphite' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment