forksand-it-manual/source/resources/apps/prometheus/README

apt update
# Stretch:
apt install -t stretch-backports prometheus
# Buster:
apt install prometheus

# On main prom1 server, running buster:
apt install prometheus-alertmanager prometheus prometheus-node-exporter

# Open up ports on firewall:
# Prometheus
-A INPUT -p tcp --dport 9090 -j ACCEPT
-A INPUT -p tcp --dport 9093 -j ACCEPT
-A INPUT -p tcp --dport 9094 -j ACCEPT
-A INPUT -p tcp --dport 9100 -j ACCEPT

# Install exporter on all nodes
# Stretch:
apt install -t stretch-backports prometheus-node-exporter
# Buster:
apt install prometheus-node-exporter

# To enable various collectors on a node, edit:
vim /etc/default/prometheus-node-exporter

# Ones of note:
-collector.netstat.fields=(.*) --collector.vmstat.fields=(.*)  --collector.interrupts

# Add to all: XXX not done
################
--collector.netstat.fields="^(.*_(InErrors|InErrs)|Ip_Forwarding|Ip(6|Ext)_(InOctets|OutOctets)|Icmp6?_(InMsgs|OutMsgs)|TcpExt_(Listen.*|Syncookies.*)|Tcp_(ActiveOpens|PassiveOpens|RetransSegs|CurrEstab)|Udp6?_(InDatagrams|OutDatagrams|NoPorts))$"
--collector.vmstat.fields="^(oom_kill|pgpg|pswp|pg.*fault).*"
--collector.interrupts
--collector.ntp
--collector.systemd
################

##############################################################################
# For MySQL servers, on all servers:
apt install prometheus-mysqld-exporter
# On sql1, log into database:
CREATE USER 'prometheus-mysqld-exporter'@'10.42.1.0/255.255.255.0' IDENTIFIED BY 'password' WITH MAX_USER_CONNECTIONS 3;
GRANT PROCESS, REPLICATION CLIENT, SELECT ON *.* TO 'prometheus-mysqld-exporter'@'10.42.1.0/255.255.255.0';
FLUSH PRIVILEGES;

# On sql1 sql2 sql3 sql4 servers:
# Edit
vim /etc/default/prometheus-mysqld-exporter

# Set this line (setting correct local IP):
export DATA_SOURCE_NAME="prometheus-mysqld-exporter:password@(10.42.1.171:3306)/"

# on prom1 /etc/prometheus/prometheus.yml
  - job_name: 'mysql-monitor'# Job name
    static_configs:
      - targets: ['10.42.1.171:9104']
        labels:
            alias: db1# alias name given to this instance

# Add firewall rule to sql1 sql2 sql3 sql4
#-A INPUT -s 10.22.22.0/24 -p tcp --dport 9104 -j ACCEPT
-A INPUT -s 10.42.1.0/24 -p tcp --dport 9104 -j ACCEPT

##############################################################################
# Borg exporter:
https://github.com/teemow/prometheus-borg-exporter
https://grafana.com/dashboards/1573
##############################################################################
# Email
# graylog:
##############################################################################
# Apache:
https://grafana.com/dashboards/4859
https://grafana.com/dashboards/4865
##############################################################################
# nginx
https://grafana.com/dashboards/6482
https://grafana.com/dashboards/4368
https://grafana.com/dashboards/6787
##############################################################################
# postgres
https://grafana.com/dashboards/3300
https://grafana.com/dashboards/455
https://grafana.com/dashboards/3742
https://grafana.com/dashboards/6742

# on pg1 pg2 pg3 pg4
apt install prometheus-postgres-exporter daemon
# See /usr/share/doc/prometheus-postgres-exporter/README.Debian
vim /etc/default/prometheus-postgres-exporter
DATA_SOURCE_NAME='user=prometheus host=/run/postgresql dbname=postgres'

# The run:
sudo -u postgres psql
# In database add:
------------------------------------------------------
  CREATE USER prometheus;
  ALTER USER prometheus SET SEARCH_PATH TO prometheus,pg_catalog;
  
  CREATE SCHEMA prometheus AUTHORIZATION prometheus;
  
  CREATE FUNCTION prometheus.f_select_pg_stat_activity()
  RETURNS setof pg_catalog.pg_stat_activity
  LANGUAGE sql
  SECURITY DEFINER
  AS $$
    SELECT * from pg_catalog.pg_stat_activity;
  $$;
  
  CREATE FUNCTION prometheus.f_select_pg_stat_replication()
  RETURNS setof pg_catalog.pg_stat_replication
  LANGUAGE sql
  SECURITY DEFINER
  AS $$
    SELECT * from pg_catalog.pg_stat_replication;
  $$;
  
  CREATE VIEW prometheus.pg_stat_replication
  AS
    SELECT * FROM prometheus.f_select_pg_stat_replication();
  
  CREATE VIEW prometheus.pg_stat_activity
  AS
    SELECT * FROM prometheus.f_select_pg_stat_activity();
  
  GRANT SELECT ON prometheus.pg_stat_replication TO prometheus;
  GRANT SELECT ON prometheus.pg_stat_activity TO prometheus;
------------------------------------------------------
------------------------------------------------------

# Restart

# Add firewall rule
-A INPUT -s 10.52.1.0/24 -p tcp --dport 9187 -j ACCEPT

# prometheus.yml
# Some dashboards work with this
  - job_name: 'postgres'
    honor_labels: true
    static_configs:
      - targets: ['10.52.1.91:9187', '10.52.1.92:9187', '10.52.1.93:9187', '10.52.1.94:9187']

# Other dashboards work with this
  - job_name: 'postgresql'
    honor_labels: true
    static_configs:
      - targets: ['10.52.1.91:9187', '10.52.1.92:9187', '10.52.1.93:9187', '10.52.1.94:9187']

##############################################################################
# Unbound DNS
https://grafana.com/dashboards/3930
##############################################################################
# libvirt_exporter
# FAIL
go get github.com/kumina/libvirt_exporter
go build github.com/kumina/libvirt_exporter
# Then copy this binary to targets sf-001 sf-002 sf-003 sf-004
~/go/bin/libvirt_exporter

apt install libvirt-daemon

##############################################################################
# Dovecot Exporter
# https://github.com/kumina/dovecot_exporter.git
#
# On a go build server: XXX
go get github.com/kumina/dovecot_exporter
go build github.com/kumina/dovecot_exporter
scp -p go/bin/dovecot_exporter mx1:


# On mail server mx1
# Set up user to run as. XXX
# Open up firewall port 9166
# Dovecot Prometheus
-A INPUT -s 10.22.22.0/24 -p tcp --dport 9166 -j ACCEPT

# Run thusly, XXX set up user, chown path
./dovecot_exporter --dovecot.socket-path="/var/run/dovecot/stats-reader"
# Or?
./dovecot_exporter --dovecot.socket-path="/var/run/dovecot/stats-reader"  --dovecot.scopes="jebba@forksand.com"

##############################################################################
Add prom1, Prometheus server 7 years ago			`apt update`
			`# Stretch:`
			`apt install -t stretch-backports prometheus`
			`# Buster:`
			`apt install prometheus`

			`# On main prom1 server, running buster:`
			`apt install prometheus-alertmanager prometheus prometheus-node-exporter`

			`# Open up ports on firewall:`
			`# Prometheus`
			`-A INPUT -p tcp --dport 9090 -j ACCEPT`
			`-A INPUT -p tcp --dport 9093 -j ACCEPT`
			`-A INPUT -p tcp --dport 9094 -j ACCEPT`
			`-A INPUT -p tcp --dport 9100 -j ACCEPT`

Prometheus notes 7 years ago			`# Install exporter on all nodes`
			`# Stretch:`
			`apt install -t stretch-backports prometheus-node-exporter`
			`# Buster:`
			`apt install prometheus-node-exporter`

			`# To enable various collectors on a node, edit:`
			`vim /etc/default/prometheus-node-exporter`

			`# Ones of note:`
			`-collector.netstat.fields=(.) --collector.vmstat.fields=(.) --collector.interrupts`

			`# Add to all: XXX not done`
			`################`
			`--collector.netstat.fields="^(._(InErrors\|InErrs)\|Ip_Forwarding\|Ip(6\|Ext)_(InOctets\|OutOctets)\|Icmp6?_(InMsgs\|OutMsgs)\|TcpExt_(Listen.\|Syncookies.*)\|Tcp_(ActiveOpens\|PassiveOpens\|RetransSegs\|CurrEstab)\|Udp6?_(InDatagrams\|OutDatagrams\|NoPorts))$"`
			`--collector.vmstat.fields="^(oom_kill\|pgpg\|pswp\|pg.fault)."`
			`--collector.interrupts`
			`--collector.ntp`
			`--collector.systemd`
			`################`

Add database servers to prometheus 7 years ago			`##############################################################################`
			`# For MySQL servers, on all servers:`
Prometheus notes 7 years ago			`apt install prometheus-mysqld-exporter`
Add database servers to prometheus 7 years ago			`# On sql1, log into database:`
			`CREATE USER 'prometheus-mysqld-exporter'@'10.42.1.0/255.255.255.0' IDENTIFIED BY 'password' WITH MAX_USER_CONNECTIONS 3;`
			`GRANT PROCESS, REPLICATION CLIENT, SELECT ON . TO 'prometheus-mysqld-exporter'@'10.42.1.0/255.255.255.0';`
			`FLUSH PRIVILEGES;`

			`# On sql1 sql2 sql3 sql4 servers:`
			`# Edit`
			`vim /etc/default/prometheus-mysqld-exporter`

			`# Set this line (setting correct local IP):`
			`export DATA_SOURCE_NAME="prometheus-mysqld-exporter:password@(10.42.1.171:3306)/"`

			`# on prom1 /etc/prometheus/prometheus.yml`
			`- job_name: 'mysql-monitor'# Job name`
			`static_configs:`
			`- targets: ['10.42.1.171:9104']`
			`labels:`
			`alias: db1# alias name given to this instance`

			`# Add firewall rule to sql1 sql2 sql3 sql4`
			`#-A INPUT -s 10.22.22.0/24 -p tcp --dport 9104 -j ACCEPT`
			`-A INPUT -s 10.42.1.0/24 -p tcp --dport 9104 -j ACCEPT`

			`##############################################################################`
Prometheus notes 7 years ago			`# Borg exporter:`
			`https://github.com/teemow/prometheus-borg-exporter`
			`https://grafana.com/dashboards/1573`
Add database servers to prometheus 7 years ago			`##############################################################################`
Prometheus notes 7 years ago			`# Email`
			`# graylog:`
Add database servers to prometheus 7 years ago			`##############################################################################`
Prometheus notes 7 years ago			`# Apache:`
			`https://grafana.com/dashboards/4859`
			`https://grafana.com/dashboards/4865`
Add database servers to prometheus 7 years ago			`##############################################################################`
Prometheus notes 7 years ago			`# nginx`
			`https://grafana.com/dashboards/6482`
			`https://grafana.com/dashboards/4368`
			`https://grafana.com/dashboards/6787`
Add database servers to prometheus 7 years ago			`##############################################################################`
Prometheus notes 7 years ago			`# postgres`
			`https://grafana.com/dashboards/3300`
			`https://grafana.com/dashboards/455`
			`https://grafana.com/dashboards/3742`
			`https://grafana.com/dashboards/6742`

Add database servers to prometheus 7 years ago			`# on pg1 pg2 pg3 pg4`
			`apt install prometheus-postgres-exporter daemon`
			`# See /usr/share/doc/prometheus-postgres-exporter/README.Debian`
			`vim /etc/default/prometheus-postgres-exporter`
			`DATA_SOURCE_NAME='user=prometheus host=/run/postgresql dbname=postgres'`

			`# The run:`
			`sudo -u postgres psql`
			`# In database add:`
			`------------------------------------------------------`
			`CREATE USER prometheus;`
			`ALTER USER prometheus SET SEARCH_PATH TO prometheus,pg_catalog;`

			`CREATE SCHEMA prometheus AUTHORIZATION prometheus;`

			`CREATE FUNCTION prometheus.f_select_pg_stat_activity()`
			`RETURNS setof pg_catalog.pg_stat_activity`
			`LANGUAGE sql`
			`SECURITY DEFINER`
			`AS $$`
			`SELECT * from pg_catalog.pg_stat_activity;`
			`$$;`

			`CREATE FUNCTION prometheus.f_select_pg_stat_replication()`
			`RETURNS setof pg_catalog.pg_stat_replication`
			`LANGUAGE sql`
			`SECURITY DEFINER`
			`AS $$`
			`SELECT * from pg_catalog.pg_stat_replication;`
			`$$;`

			`CREATE VIEW prometheus.pg_stat_replication`
			`AS`
			`SELECT * FROM prometheus.f_select_pg_stat_replication();`

			`CREATE VIEW prometheus.pg_stat_activity`
			`AS`
			`SELECT * FROM prometheus.f_select_pg_stat_activity();`

			`GRANT SELECT ON prometheus.pg_stat_replication TO prometheus;`
			`GRANT SELECT ON prometheus.pg_stat_activity TO prometheus;`
			`------------------------------------------------------`
			`------------------------------------------------------`

			`# Restart`

			`# Add firewall rule`
			`-A INPUT -s 10.52.1.0/24 -p tcp --dport 9187 -j ACCEPT`

			`# prometheus.yml`
			`# Some dashboards work with this`
			`- job_name: 'postgres'`
			`honor_labels: true`
			`static_configs:`
			`- targets: ['10.52.1.91:9187', '10.52.1.92:9187', '10.52.1.93:9187', '10.52.1.94:9187']`

			`# Other dashboards work with this`
			`- job_name: 'postgresql'`
			`honor_labels: true`
			`static_configs:`
			`- targets: ['10.52.1.91:9187', '10.52.1.92:9187', '10.52.1.93:9187', '10.52.1.94:9187']`

			`##############################################################################`
Prometheus notes 7 years ago			`# Unbound DNS`
			`https://grafana.com/dashboards/3930`
Add database servers to prometheus 7 years ago			`##############################################################################`
Add influx, snmp, more IPs to spreadsheet 7 years ago			`# libvirt_exporter`
Add database servers to prometheus 7 years ago			`# FAIL`
Add influx, snmp, more IPs to spreadsheet 7 years ago			`go get github.com/kumina/libvirt_exporter`
			`go build github.com/kumina/libvirt_exporter`
			`# Then copy this binary to targets sf-001 sf-002 sf-003 sf-004`
			`~/go/bin/libvirt_exporter`

			`apt install libvirt-daemon`

Add database servers to prometheus 7 years ago			`##############################################################################`
Add telegraf, influxdb, prometheus notes 7 years ago			`# Dovecot Exporter`
			`# https://github.com/kumina/dovecot_exporter.git`
			`#`
			`# On a go build server: XXX`
			`go get github.com/kumina/dovecot_exporter`
			`go build github.com/kumina/dovecot_exporter`
			`scp -p go/bin/dovecot_exporter mx1:`



			`# On mail server mx1`
			`# Set up user to run as. XXX`
			`# Open up firewall port 9166`
			`# Dovecot Prometheus`
			`-A INPUT -s 10.22.22.0/24 -p tcp --dport 9166 -j ACCEPT`

			`# Run thusly, XXX set up user, chown path`
			`./dovecot_exporter --dovecot.socket-path="/var/run/dovecot/stats-reader"`
			`# Or?`
			`./dovecot_exporter --dovecot.socket-path="/var/run/dovecot/stats-reader" --dovecot.scopes="jebba@forksand.com"`

			`##############################################################################`