Add mktxp

argocd/applications/monitoring-mktxp.yaml

@@ -0,0 +1,21 @@
+---
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: monitoring-mktxp
+  namespace: argocd
+spec:
+  project: k-space.ee
+  source:
+    # also depends on git@git.k-space.ee:secretspace/kube.git
+    repoURL: git@git.k-space.ee:k-space/kube.git
+    targetRevision: HEAD
+    path: monitoring-mktxp
+  destination:
+    server: 'https://kubernetes.default.svc'
+    namespace: monitoring-mktxp
+  syncPolicy:
+    automated:
+      prune: true
+    syncOptions:
+      - CreateNamespace=true

monitoring-mktxp/README.md

@@ -0,0 +1,10 @@
+# MikroTik exporter [`mktxp`](https://github.com/akpw/mktxp)
+
+## Deployment
+With ArgoCD. Render it locally:
+
+```sh
+kustomize build .
+```
+
+Uses same netpoller user as mikrotik-exporter.

monitoring-mktxp/_mktxp.conf

@@ -0,0 +1,33 @@
+# https://github.com/akpw/mktxp/blob/main/mktxp/cli/config/_mktxp.conf
+## Copyright (c) 2020 Arseniy Kuznetsov
+##
+## This program is free software; you can redistribute it and/or
+## modify it under the terms of the GNU General Public License
+## as published by the Free Software Foundation; either version 2
+## of the License, or (at your option) any later version.
+##
+## This program is distributed in the hope that it will be useful,
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+## GNU General Public License for more details.
+
+[MKTXP]
+    listen = '*:49090'         # Space separated list of socket addresses to listen to, both IPV4 and IPV6
+    socket_timeout = 5
+
+    initial_delay_on_failure = 120
+    max_delay_on_failure = 900
+    delay_inc_div = 5
+
+    bandwidth = False                # Turns metrics bandwidth metrics collection on / off
+    bandwidth_test_interval = 600    # Interval for collecting bandwidth metrics
+    minimal_collect_interval = 5     # Minimal metric collection interval
+
+    verbose_mode = False             # Set it on for troubleshooting
+
+    fetch_routers_in_parallel = True   # Fetch metrics from multiple routers in parallel / sequentially
+    max_worker_threads = 3              # Max number of worker threads that can fetch routers (parallel fetch only)
+    max_scrape_duration = 30            # Max duration of individual routers' metrics collection (parallel fetch only)
+    total_max_scrape_duration = 90      # Max overall duration of all metrics collection (parallel fetch only)
+
+    compact_default_conf_values = False  # Compact mktxp.conf, so only specific values are kept on the individual routers' level

monitoring-mktxp/deployment.yaml

@@ -0,0 +1,56 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: mktxp-exporter
+spec:
+  replicas: 1
+  selector:
+    matchLabels: &selectorLabels
+      app.kubernetes.io/name: mktxp-exporter
+  template:
+    metadata:
+      labels: *selectorLabels
+    spec:
+      containers:
+      - name: mktxp-exporter
+        image: ghcr.io/akpw/mktxp:latest
+        args:
+          - --cfg-dir
+          - /mktxp-config
+          - export
+        resources:
+          limits:
+            memory: "512Mi"
+            cpu: "500m"
+        volumeMounts:
+          - name: mktxp-config
+            mountPath: /mktxp-config
+          - name: mktxp-credentials
+            mountPath: /mktxp-credentials
+        ports:
+        - containerPort: 49090
+          name: metrics
+      volumes:
+        - name: mktxp-config
+          configMap:
+            name: mktxp-config
+        - name: mktxp-credentials
+          secret:
+            secretName: mktxp-credentials
+      nodeSelector:
+        node-role.kubernetes.io/control-plane: ''
+      tolerations:
+        - key: node-role.kubernetes.io/control-plane
+          operator: Equal
+          effect: NoSchedule
+---
+apiVersion: monitoring.coreos.com/v1
+kind: PodMonitor
+metadata:
+  name: mktxp-exporter
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: mktxp-exporter
+  podMetricsEndpoints:
+    - port: metrics

monitoring-mktxp/kustomization.yaml

@@ -0,0 +1,14 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+namespace: monitoring-mktxp
+
+configMapGenerator:
+  - name: mktxp-config
+    files:
+      - _mktxp.conf
+      - mktxp.conf
+
+resources:
+ - ./deployment.yaml #TODO: https://github.com/kubernetes-sigs/kustomize/issues/4517 make upstream PR for better/native kustomize support
+ - ssh://git@git.k-space.ee/secretspace/kube/monitoring-mktxp

monitoring-mktxp/mktxp.conf

@@ -0,0 +1,104 @@
+# https://github.com/akpw/mktxp/blob/main/mktxp/cli/config/mktxp.conf
+## Copyright (c) 2020 Arseniy Kuznetsov
+##
+## This program is free software; you can redistribute it and/or
+## modify it under the terms of the GNU General Public License
+## as published by the Free Software Foundation; either version 2
+## of the License, or (at your option) any later version.
+##
+## This program is distributed in the hope that it will be useful,
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+## GNU General Public License for more details.
+
+[router]
+        hostname = 172.23.0.1
+[sw_mgmt]
+        hostname = 172.23.0.100
+[sw_core01]
+        hostname = 100.102.1.111
+[sw_core02]
+        hostname = 100.102.1.112
+[sw_server_poe]
+        hostname = 100.102.1.114
+[sw_server_ha]
+        hostname = 100.102.1.115
+[sw_chaos]
+        hostname = 100.102.1.121
+[sw_kitchen]
+        hostname = 100.102.1.131
+[sw_cyber]
+        hostname = 100.102.1.141
+[sw_asocial]
+        hostname = 100.102.1.151
+
+[default]
+    # this affects configuration of all routers, unless overloaded on their specific levels
+
+    enabled = True          # turns metrics collection for this RouterOS device on / off
+    hostname = localhost    # RouterOS IP address
+    port = 8728             # RouterOS IP Port
+
+    username = username     # RouterOS user, needs to have 'read' and 'api' permissions
+    password = password
+    credentials_file = "/mktxp-credentials/default.yaml"   # To use an external file in YAML format for both username and password, specify the path here
+
+    use_ssl = False                 # enables connection via API-SSL servis
+    no_ssl_certificate = False      # enables API_SSL connect without router SSL certificate
+    ssl_certificate_verify = False  # turns SSL certificate verification on / off
+    ssl_ca_file = ""                # path to the certificate authority file to validate against, leave empty to use system store
+    plaintext_login = True          # for legacy RouterOS versions below 6.43 use False
+
+    health = True                   # System Health metrics
+    installed_packages = True       # Installed packages
+    dhcp = True                     # DHCP general metrics
+    dhcp_lease = True               # DHCP lease metrics
+
+    connections = True              # IP connections metrics
+    connection_stats = False        # Open IP connections metrics
+
+    interface = True                # Interfaces traffic metrics
+
+    route = True                    # IPv4 Routes metrics
+    pool = True                     # IPv4 Pool metrics
+    firewall = False                 # IPv4 Firewall rules traffic metrics
+    neighbor = True                 # IPv4 Reachable Neighbors
+    dns = False                     # DNS stats
+
+    ipv6_route = True              # IPv6 Routes metrics
+    ipv6_pool = True               # IPv6 Pool metrics
+    ipv6_firewall = False           # IPv6 Firewall rules traffic metrics
+    ipv6_neighbor = True           # IPv6 Reachable Neighbors
+
+    poe = True                      # POE metrics
+    monitor = True                  # Interface monitor metrics
+    netwatch = True                 # Netwatch metrics
+    public_ip = True                # Public IP metrics
+    wireless = True                 # WLAN general metrics
+    wireless_clients = True         # WLAN clients metrics
+    capsman = True                  # CAPsMAN general metrics
+    capsman_clients = True          # CAPsMAN clients metrics
+
+    eoip = False                    # EoIP status metrics
+    gre = False                     # GRE status metrics
+    ipip = False                    # IPIP status metrics
+    lte = False                     # LTE signal and status metrics (requires additional 'test' permission policy on RouterOS v6)
+    ipsec = False                   # IPSec active peer metrics
+    switch_port = False             # Switch Port metrics
+
+    kid_control_assigned = False    # Allow Kid Control metrics for connected devices with assigned users
+    kid_control_dynamic = False     # Allow Kid Control metrics for all connected devices, including those without assigned user
+
+    user = True                     # Active Users metrics
+    queue = True                    # Queues metrics
+
+    bfd = False                     # BFD sessions metrics
+    bgp = True                     # BGP sessions metrics
+    routing_stats = True           # Routing process stats
+    certificate = False             # Certificates metrics
+
+    remote_dhcp_entry = None        # An MKTXP entry to provide for remote DHCP info / resolution
+    remote_capsman_entry = None     # An MKTXP entry to provide for remote capsman info
+
+    use_comments_over_names = True  # when available, forces using comments over the interfaces names
+    check_for_updates = False       # check for available ROS updates

monitoring/node-exporter.yaml

@@ -341,7 +341,6 @@ kind: PodMonitor
 metadata:
   name: node-exporter
 spec:
-
   selector:
     matchLabels:
       app: node-exporter