monitoring: OpenVPN per-client (openvpn_exporter на ru1 + дашборд)
This commit is contained in:
Ruslan Gilfanov
@@ -1,8 +1,5 @@
|
|||||||
# Каноничный агент мониторинга для удалённой ноды: node-exporter + cadvisor в host-network
|
# Агент мониторинга ru1: node-exporter + cadvisor (host-net) + openvpn-exporter.
|
||||||
# (node-exporter видит реальные интерфейсы хоста — ens3/eth0/wg*/tun*).
|
# Порты 9100/8080/9176 закрыты iptables INPUT (только fr1 161.97.93.252). Скрейп — по публичному IP.
|
||||||
# Порты 9100/8080 ОБЯЗАТЕЛЬНО закрыть на ноде только для IP fr1
|
|
||||||
# (ufw allow from <fr1> / iptables INPUT DROP ! -s <fr1>). Скрейп — по публичному IP ноды.
|
|
||||||
# Используется на ru1. de1 пока на старом bridge-варианте (сетевые метрики = docker-бридж).
|
|
||||||
name: monitoring-agent
|
name: monitoring-agent
|
||||||
|
|
||||||
services:
|
services:
|
||||||
@@ -34,3 +31,13 @@ services:
|
|||||||
- /sys:/sys:ro
|
- /sys:/sys:ro
|
||||||
- /var/lib/docker/:/var/lib/docker:ro
|
- /var/lib/docker/:/var/lib/docker:ro
|
||||||
- /dev/disk/:/dev/disk:ro
|
- /dev/disk/:/dev/disk:ro
|
||||||
|
|
||||||
|
openvpn-exporter:
|
||||||
|
image: kumina/openvpn-exporter:latest
|
||||||
|
network_mode: host
|
||||||
|
restart: unless-stopped
|
||||||
|
command:
|
||||||
|
- -openvpn.status_paths=/run/openvpn-server/status-openvpn.log,/var/log/openvpn-ru-status.log
|
||||||
|
volumes:
|
||||||
|
- /run/openvpn-server:/run/openvpn-server:ro
|
||||||
|
- /var/log:/var/log:ro
|
||||||
|
|||||||
@@ -0,0 +1,76 @@
|
|||||||
|
{
|
||||||
|
"uid": "openvpn-clients",
|
||||||
|
"title": "OpenVPN — клиенты",
|
||||||
|
"tags": ["openvpn", "vpn", "infra"],
|
||||||
|
"timezone": "browser",
|
||||||
|
"schemaVersion": 39,
|
||||||
|
"version": 1,
|
||||||
|
"refresh": "30s",
|
||||||
|
"time": { "from": "now-24h", "to": "now" },
|
||||||
|
"templating": {
|
||||||
|
"list": [
|
||||||
|
{
|
||||||
|
"name": "instance", "type": "query",
|
||||||
|
"datasource": { "type": "prometheus", "uid": "prometheus" },
|
||||||
|
"query": { "query": "label_values(openvpn_up, instance)", "refId": "v" },
|
||||||
|
"refresh": 2, "includeAll": true, "multi": true, "current": { "text": "All", "value": "$__all" }
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"panels": [
|
||||||
|
{
|
||||||
|
"type": "stat", "title": "Клиентов онлайн", "gridPos": { "h": 4, "w": 8, "x": 0, "y": 0 },
|
||||||
|
"datasource": { "type": "prometheus", "uid": "prometheus" },
|
||||||
|
"fieldConfig": { "defaults": { "unit": "short", "color": { "mode": "fixed", "fixedColor": "green" } } },
|
||||||
|
"targets": [ { "expr": "sum(openvpn_openvpn_server_connected_clients{instance=~\"$instance\"})", "refId": "A" } ]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"type": "stat", "title": "Скачано клиентами (за период)", "gridPos": { "h": 4, "w": 8, "x": 8, "y": 0 },
|
||||||
|
"datasource": { "type": "prometheus", "uid": "prometheus" },
|
||||||
|
"fieldConfig": { "defaults": { "unit": "bytes", "color": { "mode": "fixed", "fixedColor": "blue" } } },
|
||||||
|
"options": { "graphMode": "area" },
|
||||||
|
"targets": [ { "expr": "sum(increase(openvpn_server_client_sent_bytes_total{instance=~\"$instance\"}[$__range]))", "refId": "A" } ]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"type": "stat", "title": "Загружено клиентами (за период)", "gridPos": { "h": 4, "w": 8, "x": 16, "y": 0 },
|
||||||
|
"datasource": { "type": "prometheus", "uid": "prometheus" },
|
||||||
|
"fieldConfig": { "defaults": { "unit": "bytes", "color": { "mode": "fixed", "fixedColor": "purple" } } },
|
||||||
|
"options": { "graphMode": "area" },
|
||||||
|
"targets": [ { "expr": "sum(increase(openvpn_server_client_received_bytes_total{instance=~\"$instance\"}[$__range]))", "refId": "A" } ]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"type": "table", "title": "Активные клиенты (кто / откуда / VPN-IP / когда подключился)", "gridPos": { "h": 8, "w": 24, "x": 0, "y": 4 },
|
||||||
|
"datasource": { "type": "prometheus", "uid": "prometheus" },
|
||||||
|
"targets": [ { "expr": "openvpn_server_client_received_bytes_total{instance=~\"$instance\"}", "refId": "A", "instant": true, "format": "table" } ],
|
||||||
|
"transformations": [
|
||||||
|
{ "id": "organize", "options": {
|
||||||
|
"excludeByName": { "Time": true, "__name__": true, "job": true, "username": true, "Value": true },
|
||||||
|
"renameByName": {
|
||||||
|
"common_name": "Клиент", "instance": "Сервер (нода)", "real_address": "Откуда (real IP)",
|
||||||
|
"virtual_address": "VPN IP", "status_path": "Профиль", "connection_time": "Подключён (unix)"
|
||||||
|
}
|
||||||
|
} }
|
||||||
|
],
|
||||||
|
"fieldConfig": { "defaults": {}, "overrides": [] }
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"type": "timeseries", "title": "Download по клиентам (сервер → клиент), бит/с", "gridPos": { "h": 8, "w": 12, "x": 0, "y": 12 },
|
||||||
|
"datasource": { "type": "prometheus", "uid": "prometheus" },
|
||||||
|
"fieldConfig": { "defaults": { "unit": "bps", "custom": { "drawStyle": "line", "lineWidth": 2, "fillOpacity": 10 } } },
|
||||||
|
"targets": [ { "expr": "rate(openvpn_server_client_sent_bytes_total{instance=~\"$instance\"}[$__rate_interval])*8", "legendFormat": "{{common_name}}", "refId": "A" } ]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"type": "timeseries", "title": "Upload по клиентам (клиент → сервер), бит/с", "gridPos": { "h": 8, "w": 12, "x": 12, "y": 12 },
|
||||||
|
"datasource": { "type": "prometheus", "uid": "prometheus" },
|
||||||
|
"fieldConfig": { "defaults": { "unit": "bps", "custom": { "drawStyle": "line", "lineWidth": 2, "fillOpacity": 10 } } },
|
||||||
|
"targets": [ { "expr": "rate(openvpn_server_client_received_bytes_total{instance=~\"$instance\"}[$__rate_interval])*8", "legendFormat": "{{common_name}}", "refId": "A" } ]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"type": "bargauge", "title": "Трафик по клиентам за период (download + upload)", "gridPos": { "h": 7, "w": 24, "x": 0, "y": 20 },
|
||||||
|
"datasource": { "type": "prometheus", "uid": "prometheus" },
|
||||||
|
"fieldConfig": { "defaults": { "unit": "bytes" } },
|
||||||
|
"options": { "displayMode": "gradient", "orientation": "horizontal" },
|
||||||
|
"targets": [ { "expr": "sum by (common_name) (increase(openvpn_server_client_sent_bytes_total{instance=~\"$instance\"}[$__range]) + increase(openvpn_server_client_received_bytes_total{instance=~\"$instance\"}[$__range]))", "legendFormat": "{{common_name}}", "refId": "A", "instant": true } ]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
@@ -31,3 +31,7 @@ scrape_configs:
|
|||||||
- targets: ["gitea:3000"]
|
- targets: ["gitea:3000"]
|
||||||
labels:
|
labels:
|
||||||
instance: fr1
|
instance: fr1
|
||||||
|
|
||||||
|
- job_name: openvpn
|
||||||
|
file_sd_configs:
|
||||||
|
- files: ["/etc/prometheus/targets/openvpn/*.yml"]
|
||||||
|
|||||||
3
stacks/monitoring/prometheus/targets/openvpn/ru1.yml
Normal file
3
stacks/monitoring/prometheus/targets/openvpn/ru1.yml
Normal file
@@ -0,0 +1,3 @@
|
|||||||
|
- targets: ["85.198.109.86:9176"]
|
||||||
|
labels:
|
||||||
|
instance: ru1
|
||||||
Reference in New Issue
Block a user