wip

- pin images
- update tfvars
- set ansible intepreter
- change to tenv for managing terraform

Author: pythoninthegrass

.gitignore

@@ -1,12 +1,9 @@
 # ETC
-.terraform.lock.hcl
-dashboard.yml
-grafana-config.ini
-hosts
-node-exporter.json
-playbooks/*
-prometheus.yml
-tfplan
+**/dashboard.yml
+**/grafana-config.ini
+**/hosts
+**/node-exporter.json
+**/prometheus.yml
 
 # General
 .DS_Store
@@ -47,10 +44,7 @@ Temporary Items
 crash.log
 crash.*.log
 
-# Exclude all .tfvars files, which are likely to contain sensitive data, such as
-# password, private keys, and other secrets. These should not be part of version
-# control as they are data points which are potentially sensitive and subject
-# to change depending on the environment.
+# Exclude all .tfvars files
 *.tfvars
 *.tfvars.json
 
@@ -61,11 +55,9 @@ override.tf.json
 *_override.tf
 *_override.tf.json
 
-# Include override files you do wish to add to version control using negated pattern
-# !example_override.tf
-
-# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
-# example: *tfplan*
+# Ignore terraform state
+.terraform.lock.hcl
+tfplan
 
 # Ignore CLI configuration files
 .terraformrc

.tool-versions

@@ -1,2 +1,2 @@
-terraform 1.9.8
 python 3.11.10
+tenv 3.2.9

.vscode/settings.json

@@ -0,0 +1,3 @@
+{
+  "ansible.python.interpreterPath": "${workspaceFolder}/.venv/bin/python"
+}

docker-compose.yml

@@ -0,0 +1,71 @@
+services:
+  nodejs:
+    image: node:23.1.0-bookworm
+    working_dir: /app
+    command: ["node"]
+    ports:
+      - "3000:3000"
+    volumes:
+      - ./app:/app
+    depends_on:
+      - mongodb
+      - elasticsearch
+      - redis
+    deploy:
+      resources:
+        limits:
+          cpus: '1'
+          memory: 1G
+        reservations:
+          memory: 512M
+
+  mongodb:
+    image: mongo:8.0.3-noble
+    ports:
+      - "27017:27017"
+    volumes:
+      - mongodb_data:/data/db
+    deploy:
+      resources:
+        limits:
+          cpus: '2'
+          memory: 2G
+        reservations:
+          memory: 1G
+
+  elasticsearch:
+    image: elasticsearch:8.15.3
+    environment:
+      - discovery.type=single-node
+      - xpack.security.enabled=false
+      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
+    ports:
+      - "9200:9200"
+    volumes:
+      - elasticsearch_data:/usr/share/elasticsearch/data
+    deploy:
+      resources:
+        limits:
+          cpus: '2'
+          memory: 2G
+        reservations:
+          memory: 1G
+
+  redis:
+    image: redis:7.4.1-bookworm
+    ports:
+      - "6379:6379"
+    volumes:
+      - redis_data:/data
+    deploy:
+      resources:
+        limits:
+          cpus: '0.5'
+          memory: 512M
+        reservations:
+          memory: 256M
+
+volumes:
+  mongodb_data:
+  elasticsearch_data:
+  redis_data:

exporter.yml

@@ -0,0 +1,46 @@
+---
+- name: Deploy exporters as containers
+  hosts: all
+  gather_facts: false
+  vars:
+    exporter_defaults:
+      node:
+        image: "prom/node-exporter:latest"
+        port: 9100
+      mongodb:
+        image: "bitnami/mongodb-exporter:latest"
+        port: 9216
+      redis:
+        image: "oliver006/redis_exporter:latest"
+        port: 9121
+
+  tasks:
+    - name: Set exporter type based on inventory group
+      ansible.builtin.set_fact:
+        exporter_type: >-
+          {%- if inventory_hostname in groups.get('node_exporters', []) -%}
+            node
+          {%- elif inventory_hostname in groups.get('mongodb_hosts', []) -%}
+            mongodb
+          {%- elif inventory_hostname in groups.get('redis_hosts', []) -%}
+            redis
+          {%- endif -%}
+
+    - name: Start exporter container
+      community.docker.docker_container:
+        name: "{{ exporter_type }}-exporter"
+        image: "{{ exporter_defaults[exporter_type].image }}"
+        state: started
+        restart_policy: unless-stopped
+        published_ports:
+          - "{{ exporter_defaults[exporter_type].port }}:{{ exporter_defaults[exporter_type].port }}"
+        container_default_behavior: no_defaults
+        command: "{{ container_command | default(omit) }}"
+      vars:
+        container_command: >-
+          {%- if exporter_type == 'mongodb' -%}
+            --mongodb.uri=mongodb://localhost:{{ service_port }}/
+          {%- elif exporter_type == 'redis' -%}
+            --redis.addr=redis://localhost:{{ service_port }}/
+          {%- endif -%}
+      when: exporter_type is defined and exporter_type != ''

terraform.tfvars.example

@@ -11,4 +11,30 @@ node_exporter_hosts = [
     ssh_port = 22
   }
 ]
+service_hosts = [
+  {
+    service  = "nodejs"
+    name     = "app1"
+    ip       = "192.168.86.250"
+    port     = 3000
+    ssh_user = "admin"
+    ssh_port = 22
+  },
+  {
+    service  = "mongodb"
+    name     = "mongo1"
+    ip       = "192.168.86.250"
+    port     = 27017
+    ssh_user = "admin"
+    ssh_port = 22
+  },
+  {
+    service  = "redis"
+    name     = "redis1"
+    ip       = "192.168.86.250"
+    port     = 6379
+    ssh_user = "admin"
+    ssh_port = 22
+  }
+]
 ssh_private_key_path = "~/.ssh/id_rsa"