Start working on Grafana implementation

ops-compose-stack/.gitignore

@@ -1 +1,5 @@
 .env
+*.crt
+*.key
+/data/prometheus/data/
+/data/grafana/

ops-compose-stack/data/prometheus/config/prometheus.yml

@@ -0,0 +1,46 @@
+global:
+  scrape_interval:     120s # By default, scrape targets every 15 seconds.
+  evaluation_interval: 120s # By default, scrape targets every 15 seconds.
+  # scrape_timeout is set to the global default (10s).
+
+  # Attach these labels to any time series or alerts when communicating with
+  # external systems (federation, remote storage, Alertmanager).
+  external_labels:
+      monitor: 'YACS'
+
+# Load and evaluate rules in this file every 'evaluation_interval' seconds.
+rule_files:
+  # - "alert.rules"
+  # - "first.rules"
+  # - "second.rules"
+
+# A scrape configuration containing exactly one endpoint to scrape:
+# Here it's Prometheus itself.
+scrape_configs:
+  # The job name is added as a label `job=<job_name>` to any timeseries scraped from this config.
+  - job_name: 'prometheus'
+
+    # Override the global default and scrape targets from this job every 5 seconds.
+    scrape_interval: 5s
+
+    # metrics_path defaults to '/metrics'
+    # scheme defaults to 'http'.
+
+    static_configs:
+         - targets: ['monitoring_prometheus:9090']
+
+  - job_name: 'yacs_web'
+    scrape_interval: 5s
+    static_configs:
+         - targets: ['yacs_web:8080', 'yacs_web:8443']
+
+  - job_name: 'yacs_db'
+    scrape_interval: 5s
+    static_configs:
+         - targets: ['yacs_db:5432']
+
+alerting:
+  alertmanagers:
+    - static_configs:
+      - targets:
+        - alertmanager:9093

ops-compose-stack/docker-compose.yml

@@ -8,68 +8,19 @@ volumes:
   ackee-storage:
 
 services:
-
     pgadmin:
         restart: unless-stopped
         image: dpage/pgadmin4
         environment:
-            - PGADMIN_DEFAULT_EMAIL=${YX_ADMIN_EMAIL}
-            - PGADMIN_DEFAULT_PASSWORD=${YX_PG_PASS}
+            - PGADMIN_DEFAULT_EMAIL=[email protected]
+            - PGADMIN_DEFAULT_PASSWORD=${GRAFANA_PASSWORD}
             - PGADMIN_ENABLE_TLS=True
         volumes:
             - ../ssl/cert.pem:/certs/server.cert
             - ../ssl/privkey.pem:/certs/server.key
         ports:
             - "${YX_PG_PORT:-7001}:443"
-
-    grafana:
-        restart: unless-stopped
-        image: grafana/grafana
-        volumes:
-            - grafana-storage:/var/lib/grafana
-            - ${YX_SSL_CERT_LOCATION}:/certs/server.cert
-            - ${YX_SSL_KEY_LOCATION}:/certs/server.key
-        environment:
-            - GF_SERVER_PROTOCOL=https
-            - GF_SERVER_ENABLE_GZIP=${YX_GF_GZIP:-true}
-            - GF_SERVER_CERT_FILE=/certs/server.cert
-            - GF_SERVER_CERT_KEY=/certs/server.key
-        ports:
-            - "${YX_GF_PORT:-7002}:3000"
-
-    bunker_dozzle:
-        image: bunkerity/bunkerized-nginx
-        restart: always
-        volumes:
-            - ${YX_SSL_CERT_LOCATION}:/certs/server.cert
-            - ${YX_SSL_KEY_LOCATION}:/certs/server.key
-        environment:
-            - USE_REVERSE_PROXY=yes
-            - REVERSE_PROXY_URL=/
-            - REVERSE_PROXY_HOST=http://dozzle:8080
-            - USE_CUSTOM_HTTPS=yes
-            - CUSTOM_HTTPS_CERT=/certs/server.cert
-            - CUSTOM_HTTPS_KEY=/certs/server.key
-            - USE_AUTH_BASIC=yes
-            - USE_DNSBL=no
-            - USE_FAILBAN=no
-            - LIMIT_REQ=no
-            - USE_CLAMAV_SCAN=no
-            - USE_CLAMAV_UPLOAD=no
-            - USE_MODSECURITY=no
-            - USE_MODSECURITY_CRS=no
-            - BLOCK_USER_AGENT=no
-            - AUTH_BASIC_USER=${YX_BNK_DL_USER:-bnk_user}
-            - AUTH_BASIC_PASSWORD=${YX_BNK_DL_PASS:-bnk_pass}
-        ports:
-            - "${YX_BNK_DL_PORT:-7003}:8443"
-
-    dozzle:
-        container_name: dozzle
-        image: amir20/dozzle:latest
-        volumes:
-            - /var/run/docker.sock:/var/run/docker.sock
-
+
     ackee:
         image: electerious/ackee
         container_name: ackee
@@ -81,34 +32,64 @@ services:
             - ACKEE_PASSWORD=${YX_ACKEE_PASS:-ackee_pass}
         depends_on:
           - ackee_mongo
-
-    bunker_ackee:
-        image: bunkerity/bunkerized-nginx
-        restart: always
-        volumes:
-            - ${YX_SSL_CERT_LOCATION}:/certs/server.cert
-            - ${YX_SSL_KEY_LOCATION}:/certs/server.key
-        environment:
-            - USE_REVERSE_PROXY=yes
-            - REVERSE_PROXY_URL=/
-            - REVERSE_PROXY_HOST=http://ackee:3000
-            - USE_CUSTOM_HTTPS=yes
-            - CUSTOM_HTTPS_CERT=/certs/server.cert
-            - CUSTOM_HTTPS_KEY=/certs/server.key
-            - USE_DNSBL=no
-            - USE_FAILBAN=no
-            - LIMIT_REQ=no
-            - USE_CLAMAV_SCAN=no
-            - USE_CLAMAV_UPLOAD=no
-            - USE_MODSECURITY=no
-            - USE_MODSECURITY_CRS=no
-            - BLOCK_USER_AGENT=no
-        ports:
-            - "${YX_BNK_ACKEE_PORT:-7004}:8443"
-
+
     ackee_mongo:
         image: mongo
         container_name: ackee_mongo
         restart: always
         volumes:
           - ackee-storage:/data/db
+
+    prometheus:
+        image: prom/prometheus:latest
+        user: root
+        container_name: monitoring_prometheus
+        restart: unless-stopped
+        volumes:
+          - ./data/prometheus/config/:/etc/prometheus/
+          - ./data/prometheus/data/:/prometheus
+        command:
+          - '--config.file=/etc/prometheus/prometheus.yml'
+          - '--storage.tsdb.path=/prometheus'
+        expose:
+          - 9090
+        ports:
+          - 9090:9090
+        links:
+          - cadvisor:cadvisor
+          - node-exporter:node-exporter
+
+    node-exporter:
+        image: prom/node-exporter:latest
+        container_name: monitoring_node_exporter
+        restart: unless-stopped
+        expose:
+          - 9100
+
+    cadvisor:
+        image: google/cadvisor:latest
+        container_name: monitoring_cadvisor
+        restart: unless-stopped
+        volumes:
+          - /:/rootfs:ro
+          - /var/run:/var/run:rw
+          - /sys:/sys:ro
+          - /var/lib/docker/:/var/lib/docker:ro
+        ports:
+          - 9999:8080
+
+    grafana:
+        image: grafana/grafana:latest
+        container_name: monitoring_grafana
+        restart: unless-stopped
+        links:
+          - prometheus:prometheus
+        environment:
+          - GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}
+          - GF_USERS_ALLOW_SIGN_UP=false
+          - GF_SERVER_DOMAIN=yacs.cs.rpi.edu
+          - GF_SMTP_ENABLED=false
+        expose:
+            - 4000
+        ports:
+          - 4000:4000