---
# roles/swarm_node_exporter/defaults/main.yml
# Low-priority variables for node-exporter deployment

# === CONCEPT: Exporter Configuration ===
# node-exporter runs as a lightweight sidecar on each node
# It exposes system metrics on port 9100 for Prometheus to scrape

node_exporter_version: "latest"
node_exporter_port: 9100
node_exporter_container_name: "node-exporter"

# === SECURITY: Read-Only Mounts ===
# We mount host filesystems as READ-ONLY to prevent
# the exporter from modifying system files
node_exporter_volumes:
  - "/proc:/host/proc:ro"
  - "/sys:/host/sys:ro"
  - "/:/rootfs:ro"

# === HIGH AVAILABILITY: Restart Policy ===
# "unless-stopped" ensures the exporter survives reboots
# but can be manually stopped if needed
node_exporter_restart_policy: "unless-stopped"

# === BEST PRACTICE: Resource Limits ===
# Prevent a single exporter from consuming excessive resources
node_exporter_memory_limit: "128M"
node_exporter_cpu_limit: "0.5"