Traefik implementation (#128)

* Version bump and organize deploy sections Signed-off-by: Brian Christner <brian.christner@gmail.com> * Updated stack Grafana and labels for Traefik Signed-off-by: Brian Christner <brian.christner@gmail.com> * Fixing YAML issues :( Signed-off-by: Brian Christner <brian.christner@gmail.com> * port conflict Signed-off-by: Brian Christner <brian.christner@gmail.com> * updated networks Signed-off-by: Brian Christner <brian.christner@gmail.com> * Added Traefik section to README Signed-off-by: Brian Christner <brian.christner@gmail.com>
2019-08-22 08:46:27 +02:00 · 2019-08-22 08:46:27 +02:00 · f61a390b52
parent bf37977d64
commit f61a390b52
4 changed files with 216 additions and 9 deletions
--- a/README.md
+++ b/README.md
@ -11,6 +11,7 @@
  	- [Alerting](#alerting)
  	- [Test Alerts](#test-alerts)
    - [Add additional Datasources](#add-additional-datasources)
+  - [Deploy Prometheus stack with Traefik](#deploy-prometheus-stack-with-traefik)
  - [Security Considerations](#security-considerations)
  	- [Production Security](#production-security)
  - [Troubleshooting](#troubleshooting)
@ -113,7 +114,52 @@ This project is intended to be a quick-start to get up and running with Docker a

 Since this is a template to get started Prometheus and Alerting services are exposing their ports to allow for easy troubleshooting and understanding of how the stack works.

-## Production Security:
+## Deploy Prometheus stack with Traefik
+
+Same requirements as above. Swarm should be enabled and the Repo should be cloned to your Docker host.
+
+In the `docker-traefik-prometheus`directory run the following:
+
+    docker stack deploy -c docker-traefik-stack.yml traefik
+
+Verify all the services have been provisioned. The Replica count for each service should be 1/1 
+**Note this can take a couple minutes**
+
+    docker service ls
+
+## Prometheus & Grafana now have hostnames
+
+* Grafana - http://grafana.localhost
+* Prometheus - http://prometheus.localhost
+
+
+## Check the Metrics
+Once all the services are up we can open the Traefik Dashboard. The dashboard should show us our frontend and backends configured for both Grafana and Prometheus.
+
+    http://localhost:8080
+
+
+Take a look at the metrics which Traefik is now producing in Prometheus metrics format
+
+    http://localhost:8080/metrics
+
+
+## Login to Grafana and Visualize Metrics
+
+Grafana is an Open Source visualization tool for the metrics collected with Prometheus. Next, open Grafana to view the Traefik Dashboards.
+**Note: Firefox doesn't properly work with the below URLS please use Chrome**
+
+    http://grafana.localhost
+
+Username: admin
+Password: foobar
+
+Open the Traefik Dashboard and select the different backends available
+
+**Note: Upper right-hand corner of Grafana switch the default 1 hour time range down to 5 minutes. Refresh a couple times and you should see data start flowing**
+
+# Production Security:
+
 Here are just a couple security considerations for this stack to help you get started.
 * Remove the published ports from Prometheus and Alerting servicesi and only allow Grafana to be accessed
 * Enable SSL for Grafana with a Proxy such as [jwilder/nginx-proxy](https://hub.docker.com/r/jwilder/nginx-proxy/) or [Traefik](https://traefik.io/) with Let's Encrypt
@ -121,6 +167,7 @@ Here are just a couple security considerations for this stack to help you get st
 * Terminate all services/containers via HTTPS/SSL/TLS

 # Troubleshooting
+
 It appears some people have reported no data appearing in Grafana. If this is happening to you be sure to check the time range being queried within Grafana to ensure it is using Today's date with current time.

 ## Mac Users
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -1,4 +1,4 @@
-version: '3.1'
+version: '3.7'

 volumes:
    prometheus_data: {}
--- a/docker-stack.yml
+++ b/docker-stack.yml
@ -1,4 +1,4 @@
-version: '3.1'
+version: '3.7'

 volumes:
    prometheus_data: {}
@ -25,11 +25,12 @@ services:
      - cadvisor
    networks:
      - monitor-net
-    restart: always
    deploy:
      placement:
        constraints:
          - node.role==manager
+      restart_policy:
+        condition: on-failure

  node-exporter:
    image: prom/node-exporter
@ -46,9 +47,10 @@ services:
      - 9100:9100
    networks:
      - monitor-net
-    restart: always
    deploy:
      mode: global
+    restart_policy:
+        condition: on-failure

  alertmanager:
    image: prom/alertmanager
@ -58,7 +60,6 @@ services:
      - "./alertmanager/:/etc/alertmanager/"
    networks:
      - monitor-net
-    restart: always
    command:
      - '--config.file=/etc/alertmanager/config.yml'
      - '--storage.path=/alertmanager'
@ -66,6 +67,8 @@ services:
      placement:
        constraints:
           - node.role==manager
+      restart_policy:
+        condition: on-failure    

  cadvisor:
    image: google/cadvisor
@ -78,12 +81,13 @@ services:
      - 8080:8080
    networks:
      - monitor-net
-    restart: always
    deploy:
      mode: global
+    restart_policy:
+        condition: on-failure

  grafana:
-    image: grafana/grafana:5.4.4
+    image: grafana/grafana
    depends_on:
      - prometheus
    ports:
@ -95,9 +99,11 @@ services:
      - ./grafana/config.monitoring
    networks:
      - monitor-net
-    restart: always
+    user: "104"
    deploy:
      placement:
        constraints:
          - node.role==manager
+      restart_policy:
+        condition: on-failure

--- a/docker-traefik-stack.yml
+++ b/docker-traefik-stack.yml
@ -0,0 +1,154 @@
+version: '3.7'
+
+volumes:
+    prometheus_data: {}
+    grafana_data: {}
+
+networks:
+  monitor-net:
+    driver: overlay
+    name: inbound
+  traefik:
+    driver: overlay
+    name: traefik
+
+services:
+  traefik:
+    image: traefik:v1.7.12-alpine
+    command:
+      - "--logLevel=DEBUG"
+      - "--api"
+      - "--metrics"
+      - "--metrics.prometheus.buckets=0.1,0.3,1.2,5.0"
+      - "--docker"
+      - "--docker.swarmMode"
+      - "--docker.domain=docker.localhost"
+      - "--docker.watch"
+    networks:
+      - traefik
+      - monitor-net
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    ports:
+      - target: 80
+        published: 80
+        mode: host
+      - target: 443
+        published: 443
+        mode: host
+      - target: 8080
+        published: 8080
+        protocol: tcp
+        mode: ingress
+    deploy:
+      mode: global
+      placement:
+        constraints:
+          - node.role == manager
+      update_config:
+        parallelism: 1
+        delay: 10s
+      restart_policy:
+        condition: on-failure
+
+  prometheus:
+    image: prom/prometheus
+    volumes:
+      - ./prometheus/:/etc/prometheus/
+      - prometheus_data:/prometheus
+    command:
+      - '--config.file=/etc/prometheus/prometheus.yml'
+      - '--storage.tsdb.path=/prometheus'
+      - '--web.console.libraries=/usr/share/prometheus/console_libraries'
+      - '--web.console.templates=/usr/share/prometheus/consoles'
+    networks:
+      - monitor-net     
+    deploy:
+      placement:
+        constraints:
+          - node.role==manager
+      labels:
+          - "traefik.frontend.rule=Host:prometheus.localhost"
+          - "traefik.backend=prometheus"
+          - "traefik.port=9090"
+          - "traefik.docker.network=traefik"
+      restart_policy:
+        condition: on-failure
+
+  node-exporter:
+    image: prom/node-exporter
+    volumes:
+      - /proc:/host/proc:ro
+      - /sys:/host/sys:ro
+      - /:/rootfs:ro
+    command: 
+      - '--path.procfs=/host/proc' 
+      - '--path.sysfs=/host/sys'
+      - --collector.filesystem.ignored-mount-points
+      - "^/(sys|proc|dev|host|etc|rootfs/var/lib/docker/containers|rootfs/var/lib/docker/overlay2|rootfs/run/docker/netns|rootfs/var/lib/docker/aufs)($$|/)"
+    ports:
+      - 9100:9100
+    networks:
+      - monitor-net
+    deploy:
+      mode: global
+      restart_policy:
+        condition: on-failure
+
+  alertmanager:
+    image: prom/alertmanager
+    ports:
+      - 9093:9093
+    volumes:
+      - "./alertmanager/:/etc/alertmanager/"
+    networks:
+      - monitor-net
+    command:
+      - '--config.file=/etc/alertmanager/config.yml'
+      - '--storage.path=/alertmanager'
+    deploy:
+      placement:
+        constraints:
+           - node.role==manager
+      restart_policy:
+        condition: on-failure    
+
+  cadvisor:
+    image: google/cadvisor
+    volumes:
+      - /:/rootfs:ro
+      - /var/run:/var/run:rw
+      - /sys:/sys:ro
+      - /var/lib/docker/:/var/lib/docker:ro
+    ports:
+      - 8088:8080
+    networks:
+      - monitor-net
+    deploy:
+      mode: global
+      restart_policy:
+        condition: on-failure
+
+  grafana:
+    image: grafana/grafana
+    depends_on:
+      - prometheus
+    volumes:
+      - grafana_data:/var/lib/grafana
+      - ./grafana/provisioning/:/etc/grafana/provisioning/
+    env_file:
+      - ./grafana/config.monitoring
+    networks:
+      - monitor-net
+    user: "104"
+    deploy:
+      placement:
+        constraints:
+          - node.role==manager
+      labels:
+        -  "traefik.frontend.rule=Host:grafana.localhost"
+        - "traefik.backend=grafana"
+        - "traefik.port=3000"
+        - "traefik.docker.network=traefik"
+      restart_policy:
+        condition: on-failure