add Cadvisor #225
add Cadvisor #225
Conversation
|
Some feedback on the role:
|
|
The documentation page mentions For other roles, we do it like this, because the main hostname ( For this role, there's no web UI and you're telling people to use |
|
Thank you for your feedback, @spantaleev. I recognized that the role was far from ready for merging as it contained copy/paste artifacts from the initial role. I have since updated the documentation and made changes to the role accordingly. Regarding cAdvisor, I have removed the "metrics" labels since it exposes both metrics and webUI at the same address and port I believe the role should now be ready for testing |
There was a problem hiding this comment.
I was thinking of pushing this over the finish line, but it has tons of issues.
Besides the ones reported in inline comments in the review, there are also these:
- the
cadvisor_config_providers_docker_endpoint_is_unix_socketvariable invars/main.ymlhas some Traefik mentions in its comments. Not sure if it's relevant to cAdvisor or not - the systemd service file (
templates/cadvisor.service.j2) does--cap-drop=ALLonly when a non-unix-socket is used. Not sure if this is intentional or a mistake - the cAdvisor container seems stuck in an unhealthy state, which makes Traefik not want to send requests to it. The docs page seems to mention an additional environment variable (
CADVISOR_HEALTHCHECK_URL=http://localhost:8080/healthz), but.. adding this does not help either. If this is a good value, it should be default anyway - why ask users to specify it manually? Regardless of what i did, the container was unhealthy, which may be due to a misconfiguration. - the docs page says "You will have to mount specific folders depending on your need", but.. it's not clear what a good default is.. I tried mounting whatever you're recommending (except for
/dev/disk/) and cAdvisor still fails to start in a healthy state cadvisor_dashboard_urlspoints to some dashboard, but I don't see it being mentioned in the docs (with instructions how to hook it to Grafana). For some example instructions, seedocs/services/grafana.md
| cadvisor_container_labels_metrics_enabled: "{{ prometheus_enabled | default(false) or mash_playbook_metrics_exposure_enabled }}" | ||
| cadvisor_container_labels_metrics_hostname: "{{ mash_playbook_metrics_exposure_hostname }}" | ||
| cadvisor_container_labels_metrics_path_prefix: "{{ mash_playbook_metrics_exposure_path_prefix }}/{{ cadvisor_identifier }}" | ||
| cadvisor_container_labels_metrics_traefik_middleware_basic_auth_enabled: "{{ mash_playbook_metrics_exposure_http_basic_auth_enabled }}" | ||
| cadvisor_container_labels_metrics_traefik_middleware_basic_auth_users: "{{ mash_playbook_metrics_exposure_http_basic_auth_users }}" | ||
| cadvisor_container_labels_metrics_middleware_basic_auth_enabled: "{{ mash_playbook_metrics_exposure_http_basic_auth_enabled }}" | ||
| cadvisor_container_labels_metrics_middleware_basic_auth_users: "{{ mash_playbook_metrics_exposure_http_basic_auth_users }}" |
There was a problem hiding this comment.
These variables do not seem to be defined anymore, yet.. they're here.
That said, I think it's better if metrics had their own Traefik router (separate from the web UI) and for them to respect the mash_playbook_metrics_exposure_* variables automatically (auto-enabling metrics exposure for this service, possibly protected with the Basic Auth credentials specified in mash_playbook_metrics_exposure_http_basic_auth_*).
The web UI could remain optional and have its (optional) separate set of Basic Auth credentials
Co-authored-by: Slavi Pantaleev <[email protected]>
Co-authored-by: Slavi Pantaleev <[email protected]>
Co-authored-by: Slavi Pantaleev <[email protected]>
role is working but :
can't run rootless
path_prefix doesn't work (it's currently commented in the group_vars)
please also consider cloning ansible-role-cadvisor and updating url in requierements.yml to let mash own the role (and use your automation to keep it updated)