# # Cookbook:: kosmos_prometheus # Recipe:: node_exporter # include_recipe "firewall" version = node["kosmos_prometheus"]["node_exporter"]["version"] checksum = node["kosmos_prometheus"]["node_exporter"]["checksum"] tarball = "#{Chef::Config[:file_cache_path]}/node_exporter-#{version}.linux-amd64.tar.gz" binary_url = "https://github.com/prometheus/node_exporter/releases/download/v#{version}/node_exporter-#{version}.linux-amd64.tar.gz" group "node_exporter" user "node_exporter" do gid "node_exporter" system true shell "/bin/false" home "/nonexistent" end directory "/var/lib/node_exporter/textfile" do owner "node_exporter" group "node_exporter" mode "0755" recursive true end package %w(tar bzip2) remote_file tarball do source binary_url checksum checksum action :create notifies :run, "execute[install_node_exporter]", :immediately end execute "install_node_exporter" do command "tar -xzf #{tarball} -C /usr/local/bin --strip-components=1 node_exporter-#{version}.linux-amd64/node_exporter" action :nothing notifies :restart, "service[node_exporter]", :delayed end file "/usr/local/bin/node_exporter" do owner "root" group "root" mode "0755" notifies :restart, "service[node_exporter]", :delayed end systemd_unit "node_exporter.service" do content({ Unit: { Description: "Prometheus node exporter", Documentation: ["https://github.com/prometheus/node_exporter"], }, Service: { Type: "simple", User: "node_exporter", Group: "node_exporter", ExecStart: "/usr/local/bin/node_exporter --web.listen-address=:9100 --collector.textfile.directory=/var/lib/node_exporter/textfile", Restart: "on-failure", RestartSec: "5", NoNewPrivileges: "yes", ProtectSystem: "full", ProtectHome: "yes", }, Install: { WantedBy: "multi-user.target", }, }) triggers_reload true action :create end service "node_exporter" do action [:enable, :start] end firewall_rule "node_exporter" do port 9100 source "10.1.1.0/24" protocol :tcp command :allow end