- 快召唤伙伴们来围观吧
- 微博 QQ QQ空间 贴吧
- 文档嵌入链接
- 复制
- 微信扫一扫分享
- 已成功复制到剪贴板
Automate PMM Deployment with Ansible
根据我们在数百种不同环境中部署PMM的经验,在本课程中,我将展示如何使用Ansible for Automation在生产环境中管理PMM。
一些自动化任务包括:
-PMM服务器部署
-用于多种服务器类型(mysql、proxysql,…)的PMM客户端
-为RDS管理PMM
-升级
-安全
-出口商监控
展开查看详情
1 . Automate PMM Deployment with Ansible Max Bubenick Platform Lead @ Percona
2 .Who am I? • Working @ Percona since 2013 • Sr Remote DBA • Manager • Platform Lead • Past Work Experience • Developer • SysAdmin • Data Architect / DBA
3 .Agenda • Pre-requisites • Inventory • Playbook • Roles • Docker • Pmm-server • Pmm-client • Pmm-managed
4 .Pre-requisites
5 .Pre-requisites • Ansible 2.7 • pmm-server RedHat Based (needs to work on Debian support) • PMM communication ports open
6 .Ansible Inventory
7 .Ansible Inventory Predefined groups that should not need changes [pmm:children] pmm-server pmm-client pmm-managed [pmm-server] server [pmm-client:children] mysql mongodb [pmm-managed:children] rds
8 .Ansible Inventory Predefined global vars [pmm:vars] global_pmm_version=1.17.1 pmm_ssl_enabled=True pmm_server_username=pmm pmm_server_password=VAULT_ME ALWAYS ENCRYPT PASSWORDS!!!!
9 .Ansible Inventory We need to define hosts and place them in the appropriate groups based on purpose [mysql] [proxysql] [mongodb] [rds]
10 .Ansible Playbook
11 .Ansible Playbook pmm-server group to run roles: docker & pmm - hosts: pmm-server become: true gather_facts: yes roles: - { role: docker, tags: docker } - { role: pmm, tags: pmm }
12 .Ansible Playbook pmm-managed group to run pmm_managed role for RDS Instances - hosts: pmm-managed become: true gather_facts: no serial: 1 roles: - { role: pmm_managed, tags: pmm-managed }
13 .Ansible Playbook pmm-client play to run pmm_client role against mysql, mongodb and proxysql servers. - hosts: pmm-client become: true gather_facts: yes roles: - { role: pmm_client, tags: pmm-client }
14 .Ansible Roles
15 .Ansible Roles: Docker Deploys Docker. It’s a pmm-server dependency. Role Defaults: # Options applied via systemd docker_options: “" # Storage driver for Docker docker_storage_options: --storage-driver=devicemapper
16 .Ansible Roles: pmm Deploys pmm-server. Depends on Docker. Role Defaults: ## GENERAL SETTINGS pmm_version: "{{ global_pmm_version | default('1.17.1') }}" pmm_install_version: "{{ pmm_version }}” # Port for unencrypted requests pmm_http_port: 8080 # Port for encrypted requests pmm_https_port: 8443 # Force a reset of the data container pmm_reset_container: no
17 .Ansible Roles: pmm Role Defaults: ## SECURITY SETTINGS !!! SET SECRETS IN VAULT FILES !!! # Must be stored stored in vault pmm_server_username: pmm pmm_server_password: VAULT_ME # https://www.percona.com/doc/percona-monitoring-and-management/amazon-rds.html#monitoring-amazon-rds-os-metrics # As documented, this can be an IAM user with CloudWatchReadOnlyAccess access pmm_aws_access_key_id: your_aws_access_key_id pmm_aws_secret_access_key: your_aws_secret_access_key pmm_rootless: no # Run the PMM container in rootless mode pmm_ssl_enabled: True # Enable SSL for PMM pmm_ssl_dir: pmm-ssl # Relative path in /etc/ for generated certs pmm_ssl_expire_days: 3650 # Expiry time for the cert (in days) pmm_ssl_cert_address: localhost
18 .Ansible Roles: pmm Role Defaults: ## PROMETHEUS SETTINGS # Data retention for Prometheus; N.B. set before the container is created/recreated pmm_metrics_retention: 720h # Resolution time in Prometheus; default of 5s to reduce load pmm_metrics_resolution: 5s # Specify memory available to Prometheus; ansible_memtotal_mb * 128 since pmm_metrics_memory is in KB pmm_metrics_memory: "{{ ansible_memtotal_mb * 128 }}” # Applies QUERIES_RETENTION to the Docker container to configure QAN purging pmm_queries_retention: 8
19 .Ansible Roles: pmm Role Defaults: ## DOCKER CONTAINER SETTINGS # Port mapping pmm_docker_ports: - '{{ pmm_http_port }}:{{ 8080 if pmm_rootless else 80 }}/tcp' - '{{ pmm_https_port }}:{{ 8443 if pmm_rootless else 443 }}/tcp’ # Restrict memory usage for Docker; divided by 2 since this value is required in MB pmm_docker_memory: "{{ (ansible_memtotal_mb / 2) | int }}MB" pmm_docker_env: SERVER_USER: "{{ pmm_server_username }}" SERVER_PASSWORD: "{{ pmm_server_password }}" METRICS_RETENTION: "{{ pmm_metrics_retention }}" METRICS_RESOLUTION: "{{ pmm_metrics_resolution }}" METRICS_MEMORY: "{{ pmm_metrics_memory }}" DISABLE_UPDATES: 1 QUERIES_RETENTION: "{{ pmm_queries_retention }}"
20 .Ansible Roles: pmm Role Defaults: ## EXTENDING PMM SETTINGS # Prometheus recording rules # Period for rules evalutation in Prometheus pmm_prometheus_rules_evaluation: 5m # A list of files specifying recording rules pmm_prometheus_rules_files: [] # Enable custom dashboards deployment pmm_custom_dashboards_enabled: yes # List of daashboards to be added pmm_custom_dashboards: []
21 .Ansible Roles: pmm-client Deploys pmm-client Role Defaults: ## GENERAL SETTINGS pmm_version: "{{ global_pmm_version | default('1.17.1') }}" pmm_install_version: "{{ pmm_version }}" pmm_client_enabled: yes # enable/disable pmm-client deployment pmm_client_bind_address: "{{ ansible_ssh_host }}" # Set the bind address (IPv4) pmm_client_check_for_vividcortex: false # Handle Vividcortex agent during tasks linux_metrics_port: 42000 mysql_queries_port: 42001 mysql_metrics_port: 42002 mongodb_metrics_port: 42003 proxysql_metrics_port: 42004
22 .Ansible Roles: pmm-client Role Defaults: ## Prom exporters settings # Extra args for pmm-admin to pass to mysqld_exporter, e.g. #“-collect.perf_schema.eventswaits=false” pmm_client_mysqld_exporter_extra_args: [] # Extra args for pmm-admin to pass to node_exporter pmm_client_node_exporter_extra_args: [] # Set limit (table count) for disabling tablestats pmm_client_disable_tablestats_limit: 1000
23 .Ansible Roles: pmm-client Role Defaults: ## USERS SETTINGS pmm_defaults_file: /usr/local/percona/.my.cnf # Used with pmm-admin for MySQL credentials #pmm_src_defaults_file: /path/to/.my.cnf # Source for pmm_defaults_file # These must be placed in vault pmm_client_username: pmm pmm_client_passwd: Vault_m3! pmm_mysql_username: "{{ pmm_client_username }}" pmm_mysql_passwd: "{{ pmm_client_passwd }}" pmm_mongodb_username: "{{ pmm_client_username }}" pmm_mongodb_passwd: "{{ pmm_client_passwd }}"
24 .Ansible Roles: pmm-managed Uses pmm-managed API to add RDS servers Role Defaults: pmm_managed_enabled: yes # Specify the name used by pmm-managed to add the host pmm_rds_host_name: '{{ ansible_host.split(".")[0] }}’ # Specify the region used by pmm-managed to add the host pmm_rds_host_region: '{{ ansible_host.split(".")[2] }}' For more details on PMM Managed API: http://petstore.swagger.io/?url=https://rawgit.com/percona/pmm-managed/master/api/swagger/swagger.json#/ RDS/AddMixin5
25 .Source Code
26 .Source Code Code is in public GitHub repo https://github.com/maxbube/ansible-pmm $ git clone git@github.com:maxbube/ansible-pmm.git
27 .Thank You to Our Sponsors
28 .Rate My Session 11
29 .Thank you! Q & A Contact me: @maxbube max.bubenick@percona.com