diff --git a/roles/promtail/tasks/main.yml b/roles/promtail/tasks/main.yml index 34f93c2..eb38ce7 100644 --- a/roles/promtail/tasks/main.yml +++ b/roles/promtail/tasks/main.yml @@ -9,6 +9,23 @@ - "{{ promtail_data_dir }}" become: yes +- name: Set proper permissions for Promtail data directory + file: + path: "{{ promtail_data_dir }}" + state: directory + owner: promtail + group: promtail + mode: '0755' + recurse: yes + become: yes + +- name: Add promtail user to adm group for system log access + user: + name: promtail + groups: adm + append: yes + become: yes + - name: Download Promtail binary get_url: url: "https://github.com/grafana/loki/releases/download/v{{ loki_version }}/promtail-linux-amd64.zip" @@ -17,7 +34,7 @@ timeout: 60 become: yes -- name: Unzip Promtail binary +- name: Install Promtail binary unarchive: src: /tmp/promtail-linux-amd64.zip dest: /usr/local/bin/ @@ -43,9 +60,28 @@ notify: restart promtail become: yes -- name: Deploy Promtail systemd service - template: - src: promtail-service.yml.j2 +- name: Deploy Promtail systemd service (as root) + copy: + content: | + [Unit] + Description=Promtail log collector + Documentation=https://grafana.com/docs/loki/latest/clients/promtail/ + Wants=network-online.target + After=network-online.target + + [Service] + Type=simple + User=root + Group=root + ExecStart=/usr/local/bin/promtail-linux-amd64 \ + -config.file={{ promtail_config_dir }}/promtail-config.yml + ExecReload=/bin/kill -HUP $MAINPID + KillMode=process + Restart=on-failure + RestartSec=5s + + [Install] + WantedBy=multi-user.target dest: /etc/systemd/system/promtail.service mode: '0644' notify: restart promtail diff --git a/roles/promtail/templates/promtail-config.yml.j2 b/roles/promtail/templates/promtail-config.yml.j2 index cc335cc..0435ee3 100644 --- a/roles/promtail/templates/promtail-config.yml.j2 +++ b/roles/promtail/templates/promtail-config.yml.j2 @@ -1,9 +1,9 @@ server: - http_listen_port: 9080 + http_listen_port: {{ monitoring_ports.promtail }} grpc_listen_port: 0 positions: - filename: /var/lib/promtail/positions.yaml + filename: {{ promtail_data_dir }}/positions.yaml clients: - url: http://{{ loki_server_host }}:{{ loki_server_port }}/loki/api/v1/push @@ -16,34 +16,7 @@ scrape_configs: labels: job: system-logs host: "{{ inventory_hostname }}" - __path__: /var/log/*log - - - job_name: auth - static_configs: - - targets: - - localhost - labels: - job: auth - host: "{{ inventory_hostname }}" - __path__: /var/log/auth.log - - - job_name: syslog - static_configs: - - targets: - - localhost - labels: - job: syslog - host: "{{ inventory_hostname }}" - __path__: /var/log/syslog - - - job_name: kernel - static_configs: - - targets: - - localhost - labels: - job: kernel - host: "{{ inventory_hostname }}" - __path__: /var/log/kern.log + __path__: /var/log/*.log - job_name: docker static_configs: @@ -52,18 +25,18 @@ scrape_configs: labels: job: container-logs host: "{{ inventory_hostname }}" - __path__: /var/lib/docker/containers/*/*log + __path__: /var/lib/docker/containers/*/*.log relabel_configs: - source_labels: ['__path__'] target_label: container_name regex: '/var/lib/docker/containers/([^/]*)/.*log' replacement: '$1' - - job_name: applications + - job_name: syslog static_configs: - targets: - localhost labels: - job: applications + job: syslog host: "{{ inventory_hostname }}" - __path__: /var/log/*.log \ No newline at end of file + __path__: /var/log/syslog \ No newline at end of file