Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-formulas / prometheus / 453e29049599f29420547ece0ebe88aaad272cc4^! / .
commit453e29049599f29420547ece0ebe88aaad272cc4[log] [tgz]
authorBartosz Kupidura <bkupidura@mirantis.com>Thu Mar 30 15:43:41 2017 +0200
committerBartosz Kupidura <bkupidura@mirantis.com>Thu Mar 30 15:43:41 2017 +0200
tree2900bd2f23c9d5cd5f2f98c248e1b5021b88a79b
parent8642002cf8e0107c7f6ac138112cc14838c64619 [diff]
Add ssl options for etcd

Change-Id: I45afdf25d8d3ebc1ceab4a38d8cc61435fed1700

diff --git a/README.rst b/README.rst
index 02a3941..4b6c4bf 100644
--- a/README.rst
+++ b/README.rst

@@ -38,15 +38,20 @@
         kubernetes:
           api_ip: ${_param:kubernetes_control_address}
           ssl_dir: /opt/prometheus/config
-          cert_name: kubelet-client.crt
-          key_name: kubelet-client.key
+          cert_name: prometheus-server.crt
+          key_name: prometheus-server.key
         etcd:
-          - host: ${_param:cluster_node01_address}
-            port: ${_param:cluster_node01_port}
-          - host: ${_param:cluster_node02_address}
-            port: ${_param:cluster_node02_port}
-          - host: ${_param:cluster_node03_address}
-            port: ${_param:cluster_node03_port}
+          scheme: https
+          ssl_dir: /opt/prometheus/config
+          cert_name: prometheus-server.crt
+          key_name: prometheus-server.key
+          member:
+            - host: ${_param:cluster_node01_address}
+              port: ${_param:cluster_node01_port}
+            - host: ${_param:cluster_node02_address}
+              port: ${_param:cluster_node02_port}
+            - host: ${_param:cluster_node03_address}
+              port: ${_param:cluster_node03_port}
       recording:
         - name: 'instance:fd_utilization'
           query: >-

diff --git a/prometheus/files/prometheus.yml b/prometheus/files/prometheus.yml
index 5e33576..37b95e2 100644
--- a/prometheus/files/prometheus.yml
+++ b/prometheus/files/prometheus.yml

@@ -27,12 +27,18 @@
 
 {% if server.get('target', {}).get('etcd') %}
   {%- set etcd_nodes = [] %}
-  {%- for node in server.target.etcd %}
+  {%- set etcd_target = server.target.etcd %}
+  {%- for node in etcd_target.member %}
     {%- set etcd_address = "'%s:%d'" | format(node.host, node.port) %}
     {%- do etcd_nodes.append(etcd_address) %}
   {%- endfor %}
   {%- if etcd_nodes|length > 0 %}
   - job_name: 'etcd'
+    {% if etcd_target.scheme %}scheme: {{ etcd_target.scheme }}{%- endif %}
+    tls_config:
+      insecure_skip_verify: true
+      {% if etcd_target.cert_name is defined %}cert_file: {{ etcd_target.ssl_dir }}/{{ etcd_target.cert_name }}{%- endif %}
+      {% if etcd_target.key_name is defined %}key_file: {{ etcd_target.ssl_dir }}/{{ etcd_target.key_name }}{%- endif %}
     static_configs:
     - targets: [{{ etcd_nodes | join(',') }}]
   {%- endif %}