{"id":20745262,"url":"https://github.com/savvydatainsights/monitoring","last_synced_at":"2025-04-24T06:08:14.310Z","repository":{"id":92513802,"uuid":"143394520","full_name":"savvydatainsights/monitoring","owner":"savvydatainsights","description":"Monitoring solution with NGINX, Grafana, Prometheus and several Prometheus exporters, like cAdvisor, node-exporter, postgres_exporter and jmx_exporter.","archived":false,"fork":false,"pushed_at":"2019-06-06T14:00:27.000Z","size":1020,"stargazers_count":23,"open_issues_count":0,"forks_count":7,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-04-24T06:08:05.613Z","etag":null,"topics":["acme-sh","ansible","azure","cadvisor","dashboard","docker","grafana","jmx-exporter","letsencrypt","metrics","monitoring","nginx","node-exporter","postgres-exporter","prometheus","prometheus-exporter"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/savvydatainsights.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-08-03T07:36:19.000Z","updated_at":"2024-10-31T04:59:14.000Z","dependencies_parsed_at":null,"dependency_job_id":"7fd2b209-3d19-4770-aea1-776be376bd68","html_url":"https://github.com/savvydatainsights/monitoring","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/savvydatainsights%2Fmonitoring","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/savvydatainsights%2Fmonitoring/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/savvydatainsights%2Fmonitoring/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/savvydatainsights%2Fmonitoring/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/savvydatainsights","download_url":"https://codeload.github.com/savvydatainsights/monitoring/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250573351,"owners_count":21452352,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["acme-sh","ansible","azure","cadvisor","dashboard","docker","grafana","jmx-exporter","letsencrypt","metrics","monitoring","nginx","node-exporter","postgres-exporter","prometheus","prometheus-exporter"],"created_at":"2024-11-17T07:19:24.649Z","updated_at":"2025-04-24T06:08:14.303Z","avatar_url":"https://github.com/savvydatainsights.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# SDI Monitoring\n\n[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)\n\nProject for developing the SDI monitoring solution, consisted basically with the following components:\n\n- [NGINX](https://www.nginx.com) - For [reverse proxying](https://docs.nginx.com/nginx/admin-guide/web-server/reverse-proxy) and [access restriction through HTTP basic authentication](https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication);\n- [Grafana](https://grafana.com) - The open platform for analytics and monitoring;\n- [Prometheus](https://prometheus.io) - Monitoring system and time series database;\n- [Prometheus exporters](https://prometheus.io/docs/instrumenting/exporters):\n  - [cAvisor](https://github.com/google/cadvisor) - Analyzes resource usage and performance characteristics of running containers;\n  - [node_exporter](https://github.com/prometheus/node_exporter) - Prometheus exporter for hardware and OS metrics exposed by *NIX kernels;\n  - [postgres_exporter](https://github.com/wrouesnel/postgres_exporter) - Prometheus exporter for PostgreSQL server metrics;\n  - [jmx_exporter](https://github.com/prometheus/jmx_exporter) - JMX to Prometheus exporter: a collector that can configurably scrape and expose mBeans of a JMX target.\n\nTable of Contents:\n\n- [SDI Monitoring](#sdi-monitoring)\n  - [Setup](#setup)\n  - [Putting Prometheus exporters behind NGINX](#putting-prometheus-exporters-behind-nginx)\n  - [Adding hosts](#adding-hosts)\n  - [The dashboards](#the-dashboards)\n  - [Deploying to Azure](#deploying-to-azure)\n\n## Setup\n\nIn order to set the monitoring environment up, follow the steps below:\n\n1. Create the file required for implementing basic authentication in NGINX, by executing the command: `htpasswd -c nginx/basic_auth/.htpasswd prometheus`;\n2. Put in the file *prometheus/basic_auth_password* the same password used previously. Prometheus will use this file to set the Authorization header during requests to exporters;\n3. Finally, turn everything on through running: `docker-compose up -d`\n\nAlternativelly to manually following the mentioned steps, you can just execute `ansible-playbook playbooks/setup.yml`. You will be prompted to type the password, and then all the steps will be performed automatically.\n\n## Putting Prometheus exporters behind NGINX\n\nIn our solution, all the Prometheus exporters have [NGINX](https://www.nginx.com) in front of them, as a [reverse proxy](https://en.wikipedia.org/wiki/Reverse_proxy) and requiring [basic authentication](https://en.wikipedia.org/wiki/Basic_access_authentication). It's a good idea if you already have NGINX in your server, as a proxy server to other services. You restrict all the requests to a single port (80), avoiding every exporter from exposing its default port to the world.\n\nThe configuration below is an example of how you can configure NGINX. Use the same *.htpasswd* file generated during the setup process, described earlier, for each Prometheus exporter. If you prefer, create specific files for different exporters, using [htpasswd](https://httpd.apache.org/docs/2.4/programs/htpasswd.html). Note: Bear in mind you will have to [configure Prometheus](prometheus/prometheus.yml) appropriately if you use either a different user than *prometheus* or different passwords for different exporters.\n\n```nginx\nserver {\n    listen 80 default_server;\n\n    location /docker-metrics {\n        auth_basic \"Restricted\";\n        auth_basic_user_file /etc/nginx/basic_auth/cadvisor.htpasswd;\n        proxy_pass http://localhost:8080/metrics;\n    }\n\n    location /node-metrics {\n        auth_basic \"Restricted\";\n        auth_basic_user_file /etc/nginx/basic_auth/node-exporter.htpasswd;\n        proxy_pass http://localhost:9100/metrics;\n    }\n\n    location /postgres-metrics {\n        auth_basic \"Restricted\";\n        auth_basic_user_file /etc/nginx/basic_auth/postgres_exporter.htpasswd;\n        http://localhost:9187/metrics\n    }\n\n    location /jvms-metrics {\n        auth_basic \"Restricted\";\n        auth_basic_user_file /etc/nginx/basic_auth/jmx_exporters.htpasswd;\n        http://localhost:9090/federate\n    }\n}\n```\n\nNotice in the configuration that Prometheus can be used to aggregate JVM metrics generated by jmx_exporter instances. The Prometheus server responsible for centralizing all the JVM metrics then is able to be scraped by the main Prometheus server, from a single endpoint. This is a feature of Prometheus called [federation](https://prometheus.io/docs/prometheus/latest/federation).\n\n## Adding hosts\n\nBy default, the localhost is automatically monitored. However, you can add exporters of other hosts, by adding more Prometheus targets. Inside the [project's playbooks folder](playbooks), you will find Ansible playbooks which turn the task of adding targets to Prometheus much easier. To add a cAdvisor target, for example, execute:\n\n`ansible-playbook playbooks/add-cadvisor.yml -e host=hostname -e target=ip:8080`\n\nReplace *hostname* and *ip* with the appropriate values. If cAdvisor exposes the metrics through other port than 8080, change it too. Following the example, the metrics should be available by accessing \u003chttp://ip:8080/metrics\u003e. Note: If cAdvisor is behind NGINX, the port is not important, once NGINX answers through the default HTTP port 80.\n\nIf your Prometheus server is in a remote host, you must set the *prometheus_host* parameter, and a [inventory file](https://docs.ansible.com/ansible/latest/user_guide/intro_inventory.html) where previously you must have have put the SSH credentials required for Ansible connection:\n\n`ansible-playbook playbooks/add-cadvisor.yml -i playbooks/inventory -e prometheus_host=production -e host=hostname -e target=ip:8080`\n\n![Monitoring diagram](images/sdi-monitoring.png)\n\nThe diagram above shows you can add as many hosts as you want, each host with one or more instances of exporters from where Prometheus scrapes metrics.\n\n## The dashboards\n\nGrafana is available on port 3000. During its setup, the connection with Prometheus is made, and [dashboards](grafana/dashboards) are provisioned. They are all based on [dashboards shared by the community](https://grafana.com/dashboards). The table below shows the dashboards our Grafana has by default:\n\n| Dashboard | Original id | Picture |\n| --- | --- | --- |\n| Docker monitoring | [193](https://grafana.com/dashboards/193) | ![Docker Monitoring dashboard](images/docker-dashboard.png) |\n| Host monitoring | [6014](https://grafana.com/dashboards/6014) | ![Host Monitoring dashboard](images/host-dashboard.png) |\n| Postgres monitoring | [455](https://grafana.com/dashboards/455) | ![Postgres Monitoring dashboard](images/postgres-dashboard.png) |\n| JVM monitoring | [3066](https://grafana.com/dashboards/3066) | ![JVM Monitoring dashboard](images/jvm-dashboard.png) |\n\nThe dashboards were slightly changed from its originals for enabling the alternation between hosts.\n\n## Deploying to Azure\n\nWith the Ansible playbook [deploy-to-azure.yml](playbooks/deploy-to-azure.yml) is possible to deploy the monitoring solution to a VM in [Azure](https://azure.microsoft.com). The playbook creates all the required resources and then runs the services in the new remote VM, created from a [baked Ubuntu image](https://github.com/savvydatainsights/ubuntu).\n\n`ansible-playbook playbooks/deploy-to-azure.yml`\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsavvydatainsights%2Fmonitoring","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsavvydatainsights%2Fmonitoring","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsavvydatainsights%2Fmonitoring/lists"}