Add external monitoring network

This commit is contained in:
Tobias Manske 2023-08-10 16:29:52 +02:00
parent d53787dd96
commit c173962d19
Signed by: tobias
GPG Key ID: 9164B527694A0709
8 changed files with 33 additions and 5 deletions

View File

@ -0,0 +1,3 @@
docker:
internal_networks:
- metrics

View File

@ -81,6 +81,14 @@
dest: /home/core/.docker/config.json dest: /home/core/.docker/config.json
mode: '0600' mode: '0600'
owner: core owner: core
- name: Setup internal networks
hosts: all
tasks:
- name: Setup network
community.docker.docker_network:
name: "{{ item }}"
internal: true
loop: "{{ docker.internal_networks | default([]) }}"
- name: Setup Push Monitoring - name: Setup Push Monitoring
hosts: all hosts: all
tags: tags:

View File

@ -66,6 +66,7 @@ services:
condition: service_healthy condition: service_healthy
networks: networks:
- backend - backend
- metrics
volumes: volumes:
database: database:
@ -73,4 +74,6 @@ volumes:
networks: networks:
backend: backend:
internal: true internal: true
metrics:
external: true
... ...

View File

@ -31,6 +31,7 @@ services:
networks: networks:
- default - default
- backend - backend
- metrics
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.http.routers.http-synapse.rule=Host(`synapse.{{ matrix.baseurl }}`)" - "traefik.http.routers.http-synapse.rule=Host(`synapse.{{ matrix.baseurl }}`)"
@ -211,6 +212,8 @@ services:
networks: networks:
backend: backend:
internal: true internal: true
metrics:
external: true
volumes: volumes:
synapse_data: synapse_data:

View File

@ -35,6 +35,7 @@ services:
- backend - backend
- pantalaimon - pantalaimon
- default - default
- metrics
db: db:
image: postgres:13 image: postgres:13
@ -42,8 +43,6 @@ services:
environment: environment:
- POSTGRES_USER={{ miniflux.db.user }} - POSTGRES_USER={{ miniflux.db.user }}
- POSTGRES_PASSWORD={{ miniflux.db.password }} - POSTGRES_PASSWORD={{ miniflux.db.password }}
labels:
- "com.centurylinklabs.watchtower.scope=update"
volumes: volumes:
- database:/var/lib/postgresql/data - database:/var/lib/postgresql/data
healthcheck: healthcheck:
@ -61,4 +60,6 @@ networks:
internal: true internal: true
pantalaimon: pantalaimon:
external: true external: true
metrics:
external: true
... ...

View File

@ -24,6 +24,7 @@ services:
networks: networks:
- backend - backend
- alertmanager - alertmanager
- metrics
prometheus-docker-sd: prometheus-docker-sd:
image: registry.tobiasmanske.de/prometheus-docker-sd:latest image: registry.tobiasmanske.de/prometheus-docker-sd:latest
@ -136,7 +137,7 @@ services:
- "^/(sys|proc|dev|host|etc|rootfs/var/lib/docker/containers|rootfs/var/lib/docker/overlay2|rootfs/run/docker/netns|rootfs/var/lib/docker/aufs)($$|/)" - "^/(sys|proc|dev|host|etc|rootfs/var/lib/docker/containers|rootfs/var/lib/docker/overlay2|rootfs/run/docker/netns|rootfs/var/lib/docker/aufs)($$|/)"
- '--collector.systemd' - '--collector.systemd'
networks: networks:
- backend - metrics
restart: unless-stopped restart: unless-stopped
cadvisor: cadvisor:
@ -154,7 +155,7 @@ services:
- /sys:/sys:ro - /sys:/sys:ro
- /var/lib/docker/:/var/lib/docker:ro - /var/lib/docker/:/var/lib/docker:ro
networks: networks:
- backend - metrics
restart: unless-stopped restart: unless-stopped
loki: loki:
@ -186,6 +187,7 @@ services:
- "prometheus-scrape.port=8080" - "prometheus-scrape.port=8080"
networks: networks:
- backend - backend
- metrics
mimir: mimir:
image: grafana/mimir:latest image: grafana/mimir:latest
@ -202,6 +204,7 @@ services:
- "prometheus-scrape.port=8080" - "prometheus-scrape.port=8080"
networks: networks:
- backend - backend
- metrics
volumes: volumes:
prom_data: prom_data:
@ -216,3 +219,5 @@ networks:
backend: backend:
internal: true internal: true
alertmanager: alertmanager:
metrics:
external: true

View File

@ -20,11 +20,14 @@ services:
labels: labels:
- "prometheus-scrape.enabled=true" - "prometheus-scrape.enabled=true"
- "prometheus-scrape.port=9091" - "prometheus-scrape.port=9091"
- "prometheus-scrape.hostname=tobiasmanske.de"
{% if deploy_traefik_fa %} {% if deploy_traefik_fa %}
traefik-fa: traefik-fa:
image: quay.io/oauth2-proxy/oauth2-proxy:latest image: quay.io/oauth2-proxy/oauth2-proxy:latest
restart: unless-stopped restart: unless-stopped
networks:
- metrics
depends_on: depends_on:
- traefik - traefik
labels: labels:
@ -71,4 +74,6 @@ volumes:
networks: networks:
default: default:
driver: bridge driver: bridge
metrics:
external: true
... ...

View File

@ -6,7 +6,7 @@ http:
- "127.0.0.1/32" - "127.0.0.1/32"
- "192.168.0.0/16" - "192.168.0.0/16"
- "172.16.0.0/16" - "172.16.0.0/16"
- "10.254.1.0/24" - "10.254.1.0/16"
auth-headers: auth-headers:
headers: headers:
sslRedirect: true sslRedirect: true