depaula/workshop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
9b8cfe859bbf9163fece912142c144ef0d19d551
workshop/aula-12/setup.sh
ArgoCD Setup 9b8cfe859b fix(aula-12): permitir node-exporter com PodSecurity privileged 
O namespace monitoring precisa de enforce=privileged para o
prometheus-node-exporter que usa hostNetwork, hostPID e hostPath.
2026-03-14 06:01:12 -03:00

262 lines
9.0 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
# =============================================================================
# Aula 12 - Victoria Metrics (Observabilidade)
# =============================================================================
#
# Este script instala o stack de monitoramento via Helm:
# 1. Victoria Metrics (coleta + storage de métricas)
# 2. Grafana (dashboards)
# 3. Alertas pré-configurados
#
# Pré-requisitos:
# - Cluster Kubernetes (aula-08)
# - kubectl e helm instalados
#
# =============================================================================
set -e
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
CYAN='\033[0;36m'
NC='\033[0m'
log_info() { echo -e "${BLUE}[INFO]${NC} $1"; }
log_success() { echo -e "${GREEN}[OK]${NC} $1"; }
log_warn() { echo -e "${YELLOW}[WARN]${NC} $1"; }
log_error() { echo -e "${RED}[ERROR]${NC} $1"; }
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
ENV_FILE="${SCRIPT_DIR}/.env"
# =============================================================================
# VERIFICAR PRÉ-REQUISITOS
# =============================================================================
log_info "Verificando pré-requisitos..."
if ! command -v kubectl &> /dev/null; then
log_error "kubectl não encontrado"
exit 1
fi
if ! command -v helm &> /dev/null; then
log_error "helm não encontrado"
exit 1
fi
if ! kubectl cluster-info &> /dev/null; then
log_error "Não foi possível conectar ao cluster"
exit 1
fi
log_success "Pré-requisitos verificados"
# =============================================================================
# CARREGAR CONFIGURAÇÃO
# =============================================================================
if [[ -f "$ENV_FILE" ]]; then
source "$ENV_FILE"
fi
# Herdar domínio da aula-10 ou aula-11
for ENV_SRC in "${SCRIPT_DIR}/../aula-11/.env" "${SCRIPT_DIR}/../aula-10/.env"; do
if [[ -f "$ENV_SRC" && -z "$DOMAIN" ]]; then
source "$ENV_SRC"
fi
done
# =============================================================================
# COLETAR CONFIGURAÇÃO
# =============================================================================
echo ""
echo -e "${CYAN}═══════════════════════════════════════════════════${NC}"
echo -e "${CYAN} Victoria Metrics - Observabilidade${NC}"
echo -e "${CYAN}═══════════════════════════════════════════════════${NC}"
echo ""
if [[ -z "$DOMAIN" ]]; then
read -p "Domínio base (ex: kube.quest): " DOMAIN
fi
if [[ -z "$GRAFANA_HOST" ]]; then
DEFAULT_GRAFANA="grafana.${DOMAIN}"
read -p "Hostname do Grafana [${DEFAULT_GRAFANA}]: " GRAFANA_HOST
GRAFANA_HOST="${GRAFANA_HOST:-$DEFAULT_GRAFANA}"
fi
log_info "Grafana: https://${GRAFANA_HOST}"
# TLS
if [[ -z "$USE_CLOUDFLARE" && -z "$USE_LETSENCRYPT" ]]; then
echo ""
echo "Configuração de TLS:"
echo " 1) Let's Encrypt (recomendado)"
echo " 2) CloudFlare (proxy)"
echo " 3) HTTP apenas"
read -p "Escolha [1-3]: " TLS_CHOICE
case $TLS_CHOICE in
1) USE_CLOUDFLARE=false; USE_LETSENCRYPT=true ;;
2) USE_CLOUDFLARE=true; USE_LETSENCRYPT=false ;;
*) USE_CLOUDFLARE=false; USE_LETSENCRYPT=false ;;
esac
fi
# Salvar
cat > "$ENV_FILE" << EOF
# Configuração gerada pelo setup.sh - $(date)
DOMAIN=${DOMAIN}
GRAFANA_HOST=${GRAFANA_HOST}
USE_CLOUDFLARE=${USE_CLOUDFLARE}
USE_LETSENCRYPT=${USE_LETSENCRYPT}
EOF
log_success "Configuração salva"
# =============================================================================
# PREPARAR VALUES COM HOSTNAME DO GRAFANA
# =============================================================================
log_info "Preparando configuração..."
VALUES_FILE="${SCRIPT_DIR}/gitops/apps/victoria-metrics/values.yaml"
TEMP_VALUES=$(mktemp)
sed "s/grafana\.kube\.quest/${GRAFANA_HOST}/g" "$VALUES_FILE" > "$TEMP_VALUES"
# Ajustar TLS no values
if [[ "$USE_LETSENCRYPT" != "true" ]]; then
# Remover anotação cert-manager se não usa Let's Encrypt
sed -i.bak '/cert-manager.io\/cluster-issuer/d' "$TEMP_VALUES"
rm -f "$TEMP_VALUES.bak"
fi
if [[ "$USE_CLOUDFLARE" == "true" || "$USE_LETSENCRYPT" != "true" ]]; then
# Remover bloco TLS se não usa Let's Encrypt
sed -i.bak '/tls:/,/- grafana/d' "$TEMP_VALUES"
rm -f "$TEMP_VALUES.bak"
fi
# =============================================================================
# PAUSA PARA CONFIGURAÇÃO DE DNS
# =============================================================================
LB_IP=$(kubectl get svc -n ingress-nginx ingress-nginx-controller \
-o jsonpath='{.status.loadBalancer.ingress[0].ip}' 2>/dev/null || echo "<pendente>")
GRAFANA_NAME=$(echo "$GRAFANA_HOST" | cut -d. -f1)
echo ""
echo -e "${CYAN}═══════════════════════════════════════════════════${NC}"
echo -e "${CYAN} Configure o DNS${NC}"
echo -e "${CYAN}═══════════════════════════════════════════════════${NC}"
echo ""
echo "No seu provedor DNS:"
echo ""
echo -e " ${YELLOW}Tipo:${NC} A"
echo -e " ${YELLOW}Nome:${NC} ${GRAFANA_NAME}"
echo -e " ${YELLOW}Valor:${NC} ${GREEN}${LB_IP}${NC}"
echo ""
if [[ "$USE_LETSENCRYPT" == "true" ]]; then
echo -e "${YELLOW}⚠ O Let's Encrypt precisa do DNS configurado para emitir o certificado.${NC}"
else
echo -e "${YELLOW}⚠ Configure o DNS agora antes de continuar.${NC}"
fi
echo ""
echo -n "Pressione ENTER quando o DNS estiver configurado..."
read -r
echo ""
# =============================================================================
# INSTALAR VIA HELM
# =============================================================================
echo ""
log_info "=== Instalando Victoria Metrics Stack ==="
helm repo add vm https://victoriametrics.github.io/helm-charts/ 2>/dev/null || true
helm repo update vm
kubectl create namespace monitoring 2>/dev/null || true
kubectl label namespace monitoring pod-security.kubernetes.io/enforce=privileged --overwrite
if helm status monitoring -n monitoring &> /dev/null; then
log_warn "Já instalado. Atualizando..."
HELM_CMD="upgrade"
else
HELM_CMD="install"
fi
helm ${HELM_CMD} monitoring vm/victoria-metrics-k8s-stack \
--namespace monitoring \
-f "$TEMP_VALUES" \
--wait \
--timeout 10m
rm -f "$TEMP_VALUES"
log_success "Victoria Metrics Stack instalado!"
# =============================================================================
# APLICAR ALERTAS CUSTOMIZADOS
# =============================================================================
if [[ -f "${SCRIPT_DIR}/gitops/apps/victoria-metrics/templates/alerts.yaml" ]]; then
echo ""
log_info "Aplicando alertas customizados..."
kubectl apply -f "${SCRIPT_DIR}/gitops/apps/victoria-metrics/templates/alerts.yaml" -n monitoring 2>/dev/null || true
log_success "Alertas aplicados"
fi
# =============================================================================
# OBTER SENHA DO GRAFANA
# =============================================================================
echo ""
log_info "Obtendo credenciais do Grafana..."
GRAFANA_PASSWORD=""
for i in {1..30}; do
GRAFANA_PASSWORD=$(kubectl get secret -n monitoring -l app.kubernetes.io/name=grafana \
-o jsonpath='{.items[0].data.admin-password}' 2>/dev/null | base64 -d 2>/dev/null)
if [[ -n "$GRAFANA_PASSWORD" ]]; then break; fi
sleep 2
done
# =============================================================================
# RESUMO FINAL
# =============================================================================
PROTOCOL="https"
if [[ "$USE_CLOUDFLARE" == "false" && "$USE_LETSENCRYPT" == "false" ]]; then
PROTOCOL="http"
fi
echo ""
echo -e "${CYAN}═══════════════════════════════════════════════════${NC}"
echo -e "${GREEN} Victoria Metrics Instalado!${NC}"
echo -e "${CYAN}═══════════════════════════════════════════════════${NC}"
echo ""
echo "Grafana:"
echo " URL: ${PROTOCOL}://${GRAFANA_HOST}"
echo " Username: admin"
echo " Password: ${GRAFANA_PASSWORD:-'(kubectl get secret -n monitoring -l app.kubernetes.io/name=grafana -o jsonpath=\"{.items[0].data.admin-password}\" | base64 -d)'}"
echo ""
echo "Acesso alternativo (port-forward):"
echo " kubectl port-forward -n monitoring svc/monitoring-grafana 3000:80"
echo " open http://localhost:3000"
echo ""
echo "Verificar:"
echo " kubectl get pods -n monitoring"
echo ""
echo "Desinstalar:"
echo " ./cleanup.sh"
echo ""
echo -e "${CYAN}═══════════════════════════════════════════════════${NC}"
echo ""
log_info "Status dos pods:"
kubectl get pods -n monitoring
Reference in New Issue View Git Blame Copy Permalink