Puppet Class: puppet_operational_dashboards

Defined in:
manifests/init.pp

Summary

Installs Telegraf, InfluxDB, and Grafana to collect and display Puppet metrics

Overview

Examples:

Basic usage

include puppet_operational_dashboards

class {'puppet_operational_dashboards':
  manage_influxdb => false,
  influxdb_host   => '<influxdb_fqdn>',
}

Parameters:

  • manage_influxdb (Boolean) (defaults to: true)

    Whether to manage installation and configuration of InfluxDB. Defaults to true

  • influxdb_host (String) (defaults to: lookup(influxdb::host, undef, undef, $facts['networking']['fqdn']))

    FQDN of the InfluxDB host. Defaults to a the value of influxdb::host, or $facts if unset

  • influxdb_port (Integer) (defaults to: lookup(influxdb::port, undef, undef, 8086))

    Port used by the InfluxDB service. Defaults to the value of influxdb::port, or 8086 if unset

  • initial_org (String) (defaults to: lookup(influxdb::initial_org, undef, undef, 'puppetlabs'))

    Name of the InfluxDB organization to configure. Defaults to the value of influxdb::initial_org, or ‘puppetlabs’ if unset

  • initial_bucket (String) (defaults to: lookup(influxdb::initial_bucket, undef, undef, 'puppet_data'))

    Name of the InfluxDB bucket to configure and query. Defaults to the value of influxdb::initial_bucket, or ‘puppet_data’ if unset

  • influxdb_bucket_retention_rules (Array) (defaults to: [{ 'type' => 'expire', 'everySeconds' => 7776000, 'shardGroupDurationSeconds' => 604800 }])

    Value for the initial InfluxDB bucket retention rules, Values are the same as in the influx_bucket type of the InfluxDB module.

  • influxdb_token (Optional[Sensitive[String]]) (defaults to: lookup(influxdb::token, undef, undef, undef))

    InfluxDB admin token in Sensitive format. Defaults to the value of influxdb::token. See the puppetlabs/influxdb documentation for more information about this token.

  • telegraf_token_name (String) (defaults to: 'puppet telegraf token')

    Name of the token to retrieve from InfluxDB if not given $telegraf_token.

  • manage_telegraf (Boolean) (defaults to: true)

    Whether to manage installation and configuration of Telegraf. Defaults to true.

  • manage_telegraf_token (Boolean) (defaults to: true)

    Whether to create and manage a Telegraf token with permissions to query buckets in the default organization. Defaults to true.

  • use_ssl (Boolean) (defaults to: true)

    Whether to use SSL when querying InfluxDB. Defaults to true

  • influxdb_token_file (String) (defaults to: lookup(influxdb::token_file, undef, undef, $facts['identity']['user'] ? { 'root' => '/root/.influxdb_token', default => "/home/${facts['identity']['user']}/.influxdb_token" }))

    Location on disk of an InfluxDB admin token. This file is written to by the influxdb class during installation and read by the type and providers, as well Deferred functions in this module.

  • telegraf_token (Optional[Sensitive[String]]) (defaults to: undef)

    Telegraf token in Sensitive format.

  • include_pe_metrics (Boolean) (defaults to: $settings::module_groups =~ 'pe_only')

    Whether to include Filesync and Orchestrator dashboards

  • manage_system_board (Boolean) (defaults to: true)

    Whether the System Performance dashboard should be added to grafana



42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
 
# File 'manifests/init.pp', line 42

class puppet_operational_dashboards (
  Boolean $manage_influxdb = true,
  String $influxdb_host = lookup(influxdb::host, undef, undef, $facts['networking']['fqdn']),
  Integer $influxdb_port = lookup(influxdb::port, undef, undef, 8086),
  String $initial_org = lookup(influxdb::initial_org, undef, undef, 'puppetlabs'),
  String $initial_bucket = lookup(influxdb::initial_bucket, undef, undef, 'puppet_data'),
  Array $influxdb_bucket_retention_rules = [{ 'type' => 'expire', 'everySeconds' => 7776000, 'shardGroupDurationSeconds' => 604800 }],

  Optional[Sensitive[String]] $influxdb_token = lookup(influxdb::token, undef, undef, undef),
  Optional[Sensitive[String]] $telegraf_token = undef,
  String $telegraf_token_name = 'puppet telegraf token',
  String $influxdb_token_file = lookup(influxdb::token_file, undef, undef, $facts['identity']['user'] ? {
      'root'  => '/root/.influxdb_token',
      default => "/home/${facts['identity']['user']}/.influxdb_token"
  }),
  Boolean $manage_telegraf = true,
  Boolean $manage_telegraf_token = true,
  Boolean $use_ssl = true,
  # Check for PE by looking at the compiling server's module_groups setting
  Boolean $include_pe_metrics = $settings::module_groups =~ 'pe_only',
  Boolean $manage_system_board = true,
) {
  unless $facts['os']['family'] in ['RedHat', 'Debian', 'Suse'] {
    fail("Installation on ${facts['os']['family']} is not supported")
  }

  if $manage_influxdb {
    class { 'influxdb':
      host        => $influxdb_host,
      port        => $influxdb_port,
      use_ssl     => $use_ssl,
      initial_org => $initial_org,
      token_file  => $influxdb_token_file,
    }

    influxdb_org { $initial_org:
      ensure     => present,
      use_ssl    => $use_ssl,
      port       => $influxdb_port,
      token      => $influxdb_token,
      token_file => $influxdb_token_file,
      require    => Class['influxdb'],
    }
    influxdb_bucket { $initial_bucket:
      ensure          => present,
      use_ssl         => $use_ssl,
      port            => $influxdb_port,
      org             => $initial_org,
      token           => $influxdb_token,
      retention_rules => $influxdb_bucket_retention_rules,
      token_file      => $influxdb_token_file,
      require         => [Class['influxdb'], Influxdb_org[$initial_org]],
    }

    Influxdb_auth {
      require => Class['influxdb'],
    }
  }

  if $manage_telegraf_token {
    # Create a token with permissions to read and write timeseries data
    # The influxdb::retrieve_token() function cannot find a token during the catalog compilation which creates it
    #   i.e. it takes two agent runs to become available
    influxdb_auth { $telegraf_token_name:
      ensure      => present,
      use_ssl     => $use_ssl,
      port        => $influxdb_port,
      org         => $initial_org,
      token       => $influxdb_token,
      token_file  => $influxdb_token_file,
      permissions => [
        {
          'action'   => 'read',
          'resource' => {
            'type'   => 'telegrafs',
          }
        },
        {
          'action'   => 'write',
          'resource' => {
            'type'   => 'telegrafs',
          }
        },
        {
          'action'   => 'read',
          'resource' => {
            'type'   => 'buckets',
          }
        },
        {
          'action'   => 'write',
          'resource' => {
            'type'   => 'buckets',
          }
        },
      ],
    }
  }

  if $manage_telegraf {
    include 'puppet_operational_dashboards::telegraf::agent'
  }

  include 'puppet_operational_dashboards::profile::dashboards'
}