Skip to content

Commit

Permalink
fix: add support for Valkey, sync tests with ansible-pcp
Browse files Browse the repository at this point in the history
  • Loading branch information
natoscott committed Oct 9, 2024
1 parent 08f01b3 commit 3c13ae2
Show file tree
Hide file tree
Showing 19 changed files with 104 additions and 47 deletions.
2 changes: 1 addition & 1 deletion .ansible-lint
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ mock_roles:
- performancecopilot.metrics.mssql
- performancecopilot.metrics.pcp
- performancecopilot.metrics.postfix
- performancecopilot.metrics.redis
- performancecopilot.metrics.keyserver
- performancecopilot.metrics.repository
- performancecopilot.metrics.spark
supported_ansible_also:
Expand Down
3 changes: 1 addition & 2 deletions .ostree/packages-runtime-CentOS-10.txt
Original file line number Diff line number Diff line change
Expand Up @@ -5,5 +5,4 @@ pcp-export-pcp2elasticsearch
pcp-pmda-bpftrace
pcp-pmda-mssql
pcp-system-tools
redis
redis-doc
valkey
3 changes: 1 addition & 2 deletions .ostree/packages-runtime-RedHat-10.txt
Original file line number Diff line number Diff line change
Expand Up @@ -5,5 +5,4 @@ pcp-export-pcp2elasticsearch
pcp-pmda-bpftrace
pcp-pmda-mssql
pcp-system-tools
redis
redis-doc
valkey
3 changes: 1 addition & 2 deletions .ostree/packages-testing-CentOS-10.txt
Original file line number Diff line number Diff line change
Expand Up @@ -12,5 +12,4 @@ pcp-zeroconf
postfix
postfix-perl-scripts
python3-pyodbc
redis
redis-doc
valkey
4 changes: 1 addition & 3 deletions .ostree/packages-testing-Fedora.txt
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,4 @@ pcp-zeroconf
postfix
postfix-perl-scripts
python3-pyodbc
redis
redis-doc
RediSearch
valkey
3 changes: 1 addition & 2 deletions .ostree/packages-testing-RedHat-10.txt
Original file line number Diff line number Diff line change
Expand Up @@ -12,5 +12,4 @@ pcp-zeroconf
postfix
postfix-perl-scripts
python3-pyodbc
redis
redis-doc
valkey
8 changes: 4 additions & 4 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -192,13 +192,13 @@ Changelog
- Use the firewall role and the selinux role from the metrics role

- Introduce metrics_manage_firewall to use the firewall role to
manage the pmcd port, the pmproxy ports, the grafana port and
the redis port depending upon the configuration parameters.
manage the pmcd, pmproxy, grafana and valkey or redis ports,
depending on the configuration parameters.
metrics_manage_firewall is set to false, by default.

- Introduce metrics_manage_selinux to use the selinux role to
manage the pmcd port, the pmproxy ports, the grafana port and
the redis port depending upon the configuration parameters.
manage the pmcd, pmproxy, grafana and valkey or redis ports,
depending on the configuration parameters.
metrics_manage_selinux is set to false, by default.

- Add the test check task check_firewall_selinux.yml for verify
Expand Down
30 changes: 17 additions & 13 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,8 @@ from the standard repositories on Fedora, CentOS 8, and RHEL 8. On RHEL
on the managed host.

The role can optionally use Grafana v6+ (`metrics_graph_service`) and
Redis v5+ (`metrics_query_service`) on Fedora, CentOS 8, RHEL 8 and later.
Valkey (`metrics_query_service`) on Fedora, CentOS 10, RHEL 10 and later,
or Redis v5+ (`metrics_query_service`) on CentOS 8 or 9, RHEL 8 or 9.

### Collection requirements

Expand Down Expand Up @@ -70,9 +71,11 @@ RHEL 8, or later versions of these platforms.
### metrics_query_service: false
Boolean flag allowing host to be setup with time series query services.
Enabling this starts PCP and Redis servers for querying recorded PCP metrics.
This option requires Redis v5+ which is available on Fedora, CentOS 8,
RHEL 8, or later versions of these platforms.
Enabling this starts PCP and Valkey or Redis servers for querying any
recorded PCP metrics.
This option requires either Valkey or Redis v5+ which is available on
Fedora, CentOS 8, RHEL 8, or later versions of these platforms (Valkey
is the prefered solution on Fedora, Centos 10, RHEL 10 and later).
### metrics_into_elasticsearch: false
Expand Down Expand Up @@ -115,14 +118,14 @@ The metrics collector to use to provide metrics.
Currently Performance Co-Pilot is the only supported metrics provider.
When using the PCP provider these TCP ports will be used - 44321 (pmcd,
live metric value sampling), 44322 (pmproxy, with metrics_query_service
or metrics_graph_service), 6379 (redis-server for metrics_query_service)
and 3000 (grafana-server for metrics_graph_service).
or metrics_graph_service), 6379 (either valkey-server or redis-server for
metrics_query_service) and 3000 (grafana-server for metrics_graph_service).

### metrics_manage_firewall: false

Boolean flag allowing to configure firewall using the firewall role.
Manage the pmcd port, the pmproxy port, the Grafana port and the Redis
port depending upon the configuration parameters.
Manage the pmcd port, the pmproxy port, the Grafana port and either the
Valkey or Redis port depending upon the configuration parameters.
If the variable is set to false, the `metrics role` does not manage the
firewall.

Expand All @@ -136,16 +139,17 @@ NOTE: the firewall management is not supported on RHEL 6.
### metrics_manage_selinux: false

Boolean flag allowing to configure selinux using the selinux role.
Assign the pmcd port, the pmproxy port, the Grafana port and the Redis
port depending upon the configuration parameters.
Assign the pmcd port, the pmproxy port, the Grafana port and either the
Valkey or Redis port depending upon the configuration parameters.
If the variable is set to false, the `metrics role` does not manage the
selinux.

Please note that the pmcd and pmproxy services are in the "ephemeral"
range requiring no special setup and the Grafana port is "unregistered".
The Redis port is gated by the redis_port_t SELinux type and may need to
be further configured, if you require direct access (not required if you
are accessing it from metrics role tools like Grafana and PCP).
The Valkey or Redis ports are gated by the valkey_port_t or redis_port_t
SELinux types respectively, and may need to be further configured if you
require direct access (not required if you are accessing it from metrics
role tools like Grafana and PCP).
Use the `selinux` system role to manage port access, for SELinux contexts.

NOTE: `metrics_manage_selinux` is limited to *adding* policy.
Expand Down
6 changes: 3 additions & 3 deletions defaults/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ metrics_retention_days: 7
# analysis) and automated rule inference (for alerting).
metrics_monitored_hosts: []

# Provide a scalable query language (using Redis) and the
# Provide a scalable query language (using Valkey) and the
# PMWEBAPI(3) REST API for metrics at localhost:44322
# OpenMetrics endpoint at localhost:44322/metrics
metrics_query_service: false
Expand Down Expand Up @@ -39,8 +39,8 @@ metrics_password: metrics
metrics_provider: pcp

# If true, manage the pmcd port, pmproxy ports, grafana service and
# redis service using the firewall role depending upon the configuration
# parameters.
# valkey or redis service using the firewall role depending upon the
# configuration parameters.
metrics_manage_firewall: false

# If true, manage the pmcd port, pmproxy ports using the selinux role
Expand Down
1 change: 1 addition & 0 deletions meta/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -35,5 +35,6 @@ galaxy_info:
- redis
- telemetry
- timeseries
- valkey
- visualization
dependencies: []
13 changes: 11 additions & 2 deletions tasks/firewall.yml
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@
__metrics_firewall: "{{ __metrics_firewall |
union([{'port': '44322/tcp', 'state': 'enabled'}]) }}"
when:
- metrics_graph_service|bool or metrics_query_service|bool
- metrics_graph_service | bool or metrics_query_service | bool

- name: Service for grafana
set_fact:
Expand All @@ -30,12 +30,21 @@
when:
- metrics_graph_service|bool

- name: Service for valkey
set_fact:
__metrics_firewall: "{{ __metrics_firewall |
union([{'service': 'valkey', 'state': 'enabled'}]) }}"
when:
- metrics_query_service | bool
- ansible_facts['distribution_version'] is version('10', '>=')

- name: Service for redis
set_fact:
__metrics_firewall: "{{ __metrics_firewall |
union([{'service': 'redis', 'state': 'enabled'}]) }}"
when:
- metrics_query_service|bool
- metrics_query_service | bool
- ansible_facts['distribution_version'] is version('10', '<')

- name: Ensure the service and the port status with the firewall role
include_role:
Expand Down
4 changes: 1 addition & 3 deletions tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -75,11 +75,9 @@
when: metrics_from_bpftrace | d(false) | bool

- name: Setup metric querying service.
vars:
redis_metrics_provider: "{{ metrics_provider }}"
include_role:
# noqa role-name[path]
name: "{{ role_path }}/roles/redis"
name: "{{ role_path }}/roles/keyserver"
when: metrics_query_service | bool

- name: Setup metric collection service.
Expand Down
22 changes: 22 additions & 0 deletions tests/check_default_datasources.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,4 +14,26 @@
- Redis
- Vector
- bpftrace
when:
- ansible_distribution in ['RedHat', 'CentOS']
- ansible_distribution_major_version | int > 6
- ansible_distribution_major_version | int < 10

- name: Check if grafana-pcp datasources are configured
uri:
url: "http://admin:admin@localhost:3000/api/datasources/name/PCP%20{{ item }}"
force_basic_auth: true
headers:
Content-Type: application/json
Accept: application/json
method: GET
status_code: 200
loop:
- Valkey
- Vector
- bpftrace
when: (ansible_distribution in ['RedHat', 'CentOS'] and
ansible_distribution_major_version | int >= 10) or
ansible_distribution not in ['RedHat', 'CentOS']

# yamllint enable rule:line-length
15 changes: 15 additions & 0 deletions tests/check_firewall_selinux.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,18 @@
when:
- metrics_graph_service|d(false)|bool

- name: "Check firewall service status for valkey;
metrics_manage_firewall is true"
command: firewall-cmd --list-services
register: _result
failed_when: "'valkey' not in _result.stdout"
changed_when: false
when:
- metrics_query_service | d(false) | bool
- ansible_distribution not in ['RedHat', 'CentOS'] or
(ansible_distribution in ['RedHat', 'CentOS'] and
ansible_distribution_major_version | int >= 10)

- name: "Check firewall service status for redis;
metrics_manage_firewall is true"
command: firewall-cmd --list-services
Expand All @@ -26,6 +38,9 @@
changed_when: false
when:
- metrics_query_service|d(false)|bool
- ansible_distribution in ['RedHat', 'CentOS']
- ansible_distribution_major_version | int > 6
- ansible_distribution_major_version | int < 10

- name: "Check firewall port status for pmproxy;
metrics_manage_firewall is true"
Expand Down
20 changes: 20 additions & 0 deletions tests/check_keyserver.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
# SPDX-License-Identifier: MIT
---
- name: Check if Valkey responds
shell: |
set -euo pipefail
valkey-cli PING | grep PONG
changed_when: false
when: (ansible_distribution in ['RedHat', 'CentOS'] and
ansible_distribution_major_version | int >= 10) or
ansible_distribution not in ['RedHat', 'CentOS']

- name: Check if Redis responds
shell: |
set -euo pipefail
redis-cli PING | grep PONG
changed_when: false
when:
- ansible_distribution in ['RedHat', 'CentOS']
- ansible_distribution_major_version | int > 6
- ansible_distribution_major_version | int < 10
7 changes: 0 additions & 7 deletions tests/check_redis.yml

This file was deleted.

1 change: 1 addition & 0 deletions tests/restore_services_state.yml
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@
- pmie
- pmproxy
- redis
- valkey
- grafana-server
# yamllint enable rule:line-length

Expand Down
4 changes: 2 additions & 2 deletions tests/tests_verify_fullstack.yml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# SPDX-License-Identifier: MIT
---
- name: Test the full PCP/Redis/Grafana stack
- name: Test the full PCP and Grafana stack
hosts: all
vars:
metrics_query_service: true
Expand Down Expand Up @@ -32,7 +32,7 @@
- check_pcp.yml
- check_pmlogger.yml
- check_pmie.yml
- check_redis.yml
- check_keyserver.yml
- check_pmproxy.yml
- check_grafana.yml
- check_grafanapcp.yml
Expand Down
2 changes: 1 addition & 1 deletion tests/tests_verify_query.yml
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@
- check_pcp.yml
- check_pmlogger.yml
- check_pmie.yml
- check_redis.yml
- check_keyserver.yml
- check_pmproxy.yml
- check_firewall_selinux.yml

Expand Down

0 comments on commit 3c13ae2

Please sign in to comment.