search

cloudalchemy / ansible-node-exporter

Provision basic metrics exporter for prometheus monitoring tool
MIT License
501 stars 270 forks source link

Ambient Capabilities #272

Closed mattiasb closed 1 year ago

mattiasb commented 1 year ago

Make it possible to add capabilities to the node_exporter process.

One particularly useful capability¹ to set is CAP_DAC_READ_SEARCH which makes node_exporter able to read the whole filesystem even though it might not otherwise have permission to do so.

1: Being able to read /var/lib/docker/volumes/ without running as root was the driver behind this PR.

mattiasb commented 1 year ago

Force-pushed away …

  1. … a reference to our internal issue tracking system at work.
  2. … my work email (since it's not connected to a GitHub account).
mattiasb commented 1 year ago

Force-pushed …

  1. … a comment to the node_exporter_ambient_capabilities in defaults/main.yml (I see now that you document the variables in README.md instead so maybe I should remove that again?)
  2. … removal of a comment implying that other init/service managers than systemd are supported.
SuperQ commented 1 year ago

This role has been deprecated in favor of a the prometheus-community/ansible collection.