From f9d8b69a7c92f391aacd058cb7a205cecee41d3e Mon Sep 17 00:00:00 2001
From: David Hoese <david.hoese@ssec.wisc.edu>
Date: Fri, 2 Oct 2020 16:13:18 -0500
Subject: [PATCH] Add initial prometheus rules and alerts
---
admin/README.md | 178 +++++-
admin/example_prometheus_rule.yaml | 19 +
...kubekorner_geosphere_prometheus_rules.yaml | 529 ++++++++++++++++++
admin/prometheus_kubernetes_values.yaml | 38 ++
4 files changed, 752 insertions(+), 12 deletions(-)
create mode 100644 admin/example_prometheus_rule.yaml
create mode 100644 admin/kubekorner_geosphere_prometheus_rules.yaml
create mode 100644 admin/prometheus_kubernetes_values.yaml
diff --git a/admin/README.md b/admin/README.md
index 7279e1d..e00c232 100644
--- a/admin/README.md
+++ b/admin/README.md
@@ -61,9 +61,15 @@ https://github.com/kubernetes/ingress-nginx/tree/master/charts/ingress-nginx
```bash
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
-helm install -n kube-system ingress-nginx ingress-nginx/ingress-nginx --set controller.metrics.enabled=true
+helm install -n kube-system ingress-nginx ingress-nginx/ingress-nginx --set controller.metrics.enabled=true --set controller.metrics.serviceMonitor.enabled=true --set controller.metrics.serviceMonitor.namespace="monitoring" --set controller.metrics.serviceMonitor.additionalLabels.release="prometheus-operator"
```
+Note the above includes enabling metric gathering for a Prometheus server.
+We enable the metrics endpoint on the controller, then enable the
+ServiceMonitor which is Prometheus resource that tells Prometheus about the
+metrics. We also add an extra label for kubekorner's particular installation
+of Prometheus so our ServiceMonitor can be found automatically.
+
### Local Path Configuration
When running on a K3S-based (rancher) cluster like the one currently running
@@ -285,10 +291,10 @@ Prometheus Operator will install its own custom resources definitions (CRDs)
to allow other applications to create their own ways of interacting with
Prometheus.
-To install this on the Kubekorner K3s cluster we will use the stable
-prometheus-operator helm chart maintained by the helm community:
+To install this on the Kubekorner K3s cluster we will use the
+prometheus-community prometheus stack helm chart maintained by the helm community:
-https://github.com/helm/charts/tree/master/stable/prometheus-operator
+https://github.com/prometheus-community/helm-charts
First we will create a namespace specifically for prometheus:
@@ -296,25 +302,173 @@ First we will create a namespace specifically for prometheus:
kubectl create namespace monitoring
```
+If your helm installation doesn't already have the necessary chart
+repositories, they can be added by doing:
+
+```bash
+helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
+helm repo add stable https://kubernetes-charts.storage.googleapis.com/
+helm repo update
+```
Then we will install the helm chart in that namespace with the release name
"prometheus-operator".
```bash
-helm install -n monitoring prometheus-operator stable/prometheus-operator
+helm install -n monitoring prometheus-operator prometheus-community/kube-prometheus-stack
```
-Note, if your helm installation doesn't already have the stable chart
-repository added you may need to do:
+
+Also note at the time of writing this installation results in some warnings:
+
+```
+manifest_sorter.go:192: info: skipping unknown hook: "crd-install"
+```
+
+This is described in a GitHub issue here: https://github.com/helm/charts/issues/17511
+
+### Customizing Prometheus rules
+
+In order to get the most out of Prometheus, it is a good idea to set up rules
+for alerts to send to the AlertManager servers created by Prometheus. We can
+then configure AlertManager to notify our development team of different
+conditions if needed.
+
+First, we need to create a set of rules that we want to be notified about. To
+configure these we create one or more `PrometheusRule` objects. Here is an
+example:
+
+```yaml
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+ creationTimestamp: null
+ labels:
+ app: kube-prometheus-stack
+ release: prometheus-operator
+ name: prometheus-example-rules
+spec:
+ groups:
+ - name: ./example.rules
+ rules:
+ - alert: ExampleAlert
+ expr: vector(1)
+```
+
+This creates an alert called "ExampleAlert" that is fired when `expr` is true.
+In this case `vector(1)` is the equivalent of always true. The `expr` is
+a PromQL query that has access to any field recorded by Prometheus.
+
+Normally these rules should be automatically picked up by the Prometheus
+server(s) by matching `labels`. By default, the Prometheus Operator installed
+above will use the name of the helm chart for `app` and the name of the helm
+release for `release` to match against.
+
+To check, run:
```bash
-helm repo add stable https://kubernetes-charts.storage.googleapis.com
-helm repo update
+$ kubectl -n monitoring get prometheus/prometheus-operator-kube-p-prometheus -o go-template="{{ .spec.ruleSelector }}"
+map[matchLabels:map[app:kube-prometheus-stack release:prometheus-operator]]
```
-Also note at the time of writing this installation results in some warnings:
+Although a little cryptic, this is showing:
+```yaml
+matchLabels:
+ app: kube-prometheus-stack
+ release: prometheus-operator
```
-manifest_sorter.go:192: info: skipping unknown hook: "crd-install"
+
+If the above yaml PrometheusRule configuration was stored in a `example_rule.yaml` we could
+deploy it by running:
+
+```bash
+kubectl create -n monitoring -f example_rule.yaml
+```
+
+To investigate if our rules are showing up in Prometheus we can forward the
+service to the cluster node and then forward that to our local machine
+with SSH. Note you'll need to use the name of your service in your
+installation.
+
+```bash
+kubectl -n monitoring port-forward service/prometheus-operated 9995:9090
```
-This is described in a GitHub issue here: https://github.com/helm/charts/issues/17511
\ No newline at end of file
+If we go to `http://localhost:9995/alerts` we will see the current alerts
+Prometheus is aware of. We can click on "Graph" at the top and query the
+Prometheus PromQL that we might want to use in our other rules.
+
+We can do a similar check for firing alerts in the alertmanager by forwarding
+another port:
+
+```bash
+kubectl -n monitoring port-forward service/prometheus-operator-kube-p-alertmanager 9993:9093
+```
+
+And going to `http://localhost:9993`.
+
+### Customizing Prometheus Alerts
+
+Now that the rules should have been picked up, we need to configure the
+alertmanager to do something when these alerts are fired. The below
+instructions are one approach to configuring the alertmanager. The available
+methods are changing over time as the prometheus community grows the helm
+chart used above. Other solutions may involve ConfigMap resources or mounting
+additional volumes for alertmanager. The below approach is the simplest but
+does require "upgrading" the Prometheus Operator installation whenever it
+changes.
+
+To configure how alerts are handled by alertmanager we need to modify the
+alertmanager configuration. Below we've embedded our alertmanager
+configuration in a YAML file that we will provide to our helm chart upgrade
+as the new "values" file.
+
+```yaml
+alertmanager:
+ ## Alertmanager configuration directives
+ ## ref: https://prometheus.io/docs/alerting/configuration/#configuration-file
+ ## https://prometheus.io/webtools/alerting/routing-tree-editor/
+ ##
+ config:
+ global:
+ resolve_timeout: 5m
+ slack_api_url: "https://hooks.slack.com/services/blah/blah/blah"
+
+ route:
+ group_by: ["instance", "severity"]
+ group_wait: 30s
+ group_interval: 5m
+ repeat_interval: 12h
+ receiver: "null"
+ routes:
+ - match:
+ alertname: ExampleAlert
+ receiver: "geosphere-dev-team"
+
+ receivers:
+ - name: "null"
+ - name: "geosphere-dev-team"
+ slack_configs:
+ - channel: "#geo2grid"
+ text: "summary: {{ .CommonAnnotations.summary }}\ndescription: {{ .CommonAnnotations.description }}"
+```
+
+To upgrade the prometheus operator installation and assuming the above is in a
+file called `custom_prom_values.yaml`:
+
+```bash
+helm upgrade --reuse-values -n monitoring -f custom_prom_values.yaml prometheus-operator prometheus-community/kube-prometheus-stack
+```
+
+You can verify that the upgrade updated the related secret with:
+
+```bash
+kubectl -n monitoring get secrets alertmanager-prometheus-operator-kube-p-alertmanager -o jsonpath="{.data.alertmanager\.yaml}" | base64 -d
+```
+
+You should also see the config-reloader for alertmanager eventually pickup on
+the new config:
+
+```bash
+kubectl -n monitoring logs pod/alertmanager-prometheus-operator-kube-p-alertmanager-0 -c config-reloader --tail 50 -f
+```
diff --git a/admin/example_prometheus_rule.yaml b/admin/example_prometheus_rule.yaml
new file mode 100644
index 0000000..31eae79
--- /dev/null
+++ b/admin/example_prometheus_rule.yaml
@@ -0,0 +1,19 @@
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+ creationTimestamp: null
+ labels:
+ app: kube-prometheus-stack
+ release: prometheus-operator
+ name: prometheus-example-rules
+spec:
+ groups:
+ - name: ./example.rules
+ rules:
+ - alert: ExampleAlert
+ expr: vector(1)
+ labels:
+ severity: warning
+ annotations:
+ summary: "Example Alert"
+ description: "A test prometheus rule that always fires"
\ No newline at end of file
diff --git a/admin/kubekorner_geosphere_prometheus_rules.yaml b/admin/kubekorner_geosphere_prometheus_rules.yaml
new file mode 100644
index 0000000..ce4c97b
--- /dev/null
+++ b/admin/kubekorner_geosphere_prometheus_rules.yaml
@@ -0,0 +1,529 @@
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+ creationTimestamp: null
+ labels:
+ app: kube-prometheus-stack
+ release: prometheus-operator
+ name: geosphere-prometheus-rules
+spec:
+ groups:
+# - name: ./example.rules
+# rules:
+# - alert: ExampleAlert
+# expr: vector(1)
+# labels:
+# severity: warning
+# annotations:
+# summary: "Example Alert"
+# description: "A test prometheus rule that always fires"
+
+ # Most of the below rules taken from
+ # https://awesome-prometheus-alerts.grep.to/rules.html
+ - name: geosphere-nginx-ingress.rules
+ rules:
+ - alert: NginxHighHttp4xxErrorRate
+ expr: sum(rate(nginx_http_requests_total{status=~"^4.."}[1m])) / sum(rate(nginx_http_requests_total[1m])) * 100 > 5
+ for: 5m
+ labels:
+ severity: critical
+ ruleGroup: geosphere-nginx-ingress-controller
+ annotations:
+ summary: "Nginx high HTTP 4xx error rate (instance {{ $labels.instance }})"
+ description: "Too many HTTP requests with status 4xx (> 5%)\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: NginxHighHttp5xxErrorRate
+ expr: sum(rate(nginx_http_requests_total{status=~"^5.."}[1m])) / sum(rate(nginx_http_requests_total[1m])) * 100 > 5
+ for: 5m
+ labels:
+ severity: critical
+ ruleGroup: geosphere-nginx-ingress-controller
+ annotations:
+ summary: "Nginx high HTTP 5xx error rate (instance {{ $labels.instance }})"
+ description: "Too many HTTP requests with status 5xx (> 5%)\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: NginxLatencyHigh
+ expr: histogram_quantile(0.99, sum(rate(nginx_http_request_duration_seconds_bucket[30m])) by (host, node)) > 10
+ for: 5m
+ labels:
+ severity: warning
+ ruleGroup: geosphere-nginx-ingress-controller
+ annotations:
+ summary: "Nginx latency high (instance {{ $labels.instance }})"
+ description: "Nginx p99 latency is higher than 10 seconds\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+
+
+ - name: geosphere-prometheus-checks.rules
+ rules:
+ - alert: PrometheusTooManyRestarts
+ expr: changes(process_start_time_seconds{job=~"prometheus|pushgateway|alertmanager"}[15m]) > 2
+ for: 5m
+ labels:
+ severity: warning
+ ruleGroup: geosphere-prometheus
+ annotations:
+ summary: "Prometheus too many restarts (instance {{ $labels.instance }})"
+ description: "Prometheus has restarted more than twice in the last 15 minutes. It might be crashlooping.\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: PrometheusAlertmanagerConfigurationReloadFailure
+ expr: alertmanager_config_last_reload_successful != 1
+ for: 5m
+ labels:
+ severity: warning
+ ruleGroup: geosphere-prometheus
+ annotations:
+ summary: "Prometheus AlertManager configuration reload failure (instance {{ $labels.instance }})"
+ description: "AlertManager configuration reload error\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: PrometheusAlertmanagerConfigNotSynced
+ expr: count(count_values("config_hash", alertmanager_config_hash)) > 1
+ for: 5m
+ labels:
+ severity: warning
+ ruleGroup: geosphere-prometheus
+ annotations:
+ summary: "Prometheus AlertManager config not synced (instance {{ $labels.instance }})"
+ description: "Configurations of AlertManager cluster instances are out of sync\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: PrometheusRuleEvaluationFailures
+ expr: increase(prometheus_rule_evaluation_failures_total[3m]) > 0
+ for: 5m
+ labels:
+ severity: critical
+ ruleGroup: geosphere-prometheus
+ annotations:
+ summary: "Prometheus rule evaluation failures (instance {{ $labels.instance }})"
+ description: "Prometheus encountered {{ $value }} rule evaluation failures, leading to potentially ignored alerts.\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: PrometheusTemplateTextExpansionFailures
+ expr: increase(prometheus_template_text_expansion_failures_total[3m]) > 0
+ for: 5m
+ labels:
+ severity: critical
+ ruleGroup: geosphere-prometheus
+ annotations:
+ summary: "Prometheus template text expansion failures (instance {{ $labels.instance }})"
+ description: "Prometheus encountered {{ $value }} template text expansion failures\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: PrometheusRuleEvaluationSlow
+ expr: prometheus_rule_group_last_duration_seconds > prometheus_rule_group_interval_seconds
+ for: 5m
+ labels:
+ severity: warning
+ ruleGroup: geosphere-prometheus
+ annotations:
+ summary: "Prometheus rule evaluation slow (instance {{ $labels.instance }})"
+ description: "Prometheus rule evaluation took more time than the scheduled interval. I indicates a slower storage backend access or too complex query.\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: PrometheusNotificationsBacklog
+ expr: min_over_time(prometheus_notifications_queue_length[10m]) > 0
+ for: 5m
+ labels:
+ severity: warning
+ ruleGroup: geosphere-prometheus
+ annotations:
+ summary: "Prometheus notifications backlog (instance {{ $labels.instance }})"
+ description: "The Prometheus notification queue has not been empty for 10 minutes\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: PrometheusAlertmanagerNotificationFailing
+ expr: rate(alertmanager_notifications_failed_total[1m]) > 0
+ for: 5m
+ labels:
+ severity: critical
+ ruleGroup: geosphere-prometheus
+ annotations:
+ summary: "Prometheus AlertManager notification failing (instance {{ $labels.instance }})"
+ description: "Alertmanager is failing sending notifications\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: PrometheusTargetEmpty
+ expr: prometheus_sd_discovered_targets == 0
+ for: 5m
+ labels:
+ severity: critical
+ ruleGroup: geosphere-prometheus
+ annotations:
+ summary: "Prometheus target empty (instance {{ $labels.instance }})"
+ description: "Prometheus has no target in service discovery\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: PrometheusTargetScrapingSlow
+ expr: prometheus_target_interval_length_seconds{quantile="0.9"} > 60
+ for: 5m
+ labels:
+ severity: warning
+ ruleGroup: geosphere-prometheus
+ annotations:
+ summary: "Prometheus target scraping slow (instance {{ $labels.instance }})"
+ description: "Prometheus is scraping exporters slowly\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: PrometheusLargeScrape
+ expr: increase(prometheus_target_scrapes_exceeded_sample_limit_total[10m]) > 10
+ for: 5m
+ labels:
+ severity: warning
+ ruleGroup: geosphere-prometheus
+ annotations:
+ summary: "Prometheus large scrape (instance {{ $labels.instance }})"
+ description: "Prometheus has many scrapes that exceed the sample limit\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: PrometheusTargetScrapeDuplicate
+ expr: increase(prometheus_target_scrapes_sample_duplicate_timestamp_total[5m]) > 0
+ for: 5m
+ labels:
+ severity: warning
+ ruleGroup: geosphere-prometheus
+ annotations:
+ summary: "Prometheus target scrape duplicate (instance {{ $labels.instance }})"
+ description: "Prometheus has many samples rejected due to duplicate timestamps but different values\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: PrometheusTsdbCheckpointCreationFailures
+ expr: increase(prometheus_tsdb_checkpoint_creations_failed_total[3m]) > 0
+ for: 5m
+ labels:
+ severity: critical
+ ruleGroup: geosphere-prometheus
+ annotations:
+ summary: "Prometheus TSDB checkpoint creation failures (instance {{ $labels.instance }})"
+ description: "Prometheus encountered {{ $value }} checkpoint creation failures\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+
+
+ - name: geosphere-node.rules
+ rules:
+ - alert: HostOutOfMemory
+ expr: node_memory_MemAvailable_bytes / node_memory_MemTotal_bytes * 100 < 10
+ for: 5m
+ labels:
+ severity: warning
+ ruleGroup: geosphere-node
+ annotations:
+ summary: "Host out of memory (instance {{ $labels.instance }})"
+ description: "Node memory is filling up (< 10% left)\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: HostMemoryUnderMemoryPressure
+ expr: rate(node_vmstat_pgmajfault[1m]) > 1000
+ for: 5m
+ labels:
+ severity: warning
+ ruleGroup: geosphere-node
+ annotations:
+ summary: "Host memory under memory pressure (instance {{ $labels.instance }})"
+ description: "The node is under heavy memory pressure. High rate of major page faults\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: HostUnusualNetworkThroughputIn
+ expr: sum by (instance) (irate(node_network_receive_bytes_total[2m])) / 1024 / 1024 > 100
+ for: 5m
+ labels:
+ severity: warning
+ ruleGroup: geosphere-node
+ annotations:
+ summary: "Host unusual network throughput in (instance {{ $labels.instance }})"
+ description: "Host network interfaces are probably receiving too much data (> 100 MB/s)\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: HostUnusualNetworkThroughputOut
+ expr: sum by (instance) (irate(node_network_transmit_bytes_total[2m])) / 1024 / 1024 > 100
+ for: 5m
+ labels:
+ severity: warning
+ ruleGroup: geosphere-node
+ annotations:
+ summary: "Host unusual network throughput out (instance {{ $labels.instance }})"
+ description: "Host network interfaces are probably sending too much data (> 100 MB/s)\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: HostUnusualDiskReadRate
+ expr: sum by (instance) (irate(node_disk_read_bytes_total[2m])) / 1024 / 1024 > 50
+ for: 5m
+ labels:
+ severity: warning
+ ruleGroup: geosphere-node
+ annotations:
+ summary: "Host unusual disk read rate (instance {{ $labels.instance }})"
+ description: "Disk is probably reading too much data (> 50 MB/s)\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: HostUnusualDiskWriteRate
+ expr: sum by (instance) (irate(node_disk_written_bytes_total[2m])) / 1024 / 1024 > 50
+ for: 5m
+ labels:
+ severity: warning
+ ruleGroup: geosphere-node
+ annotations:
+ summary: "Host unusual disk write rate (instance {{ $labels.instance }})"
+ description: "Disk is probably writing too much data (> 50 MB/s)\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: HostOutOfDiskSpace
+ expr: (node_filesystem_avail_bytes{mountpoint="/"} * 100) / node_filesystem_size_bytes{mountpoint="/"} < 10
+ for: 5m
+ labels:
+ severity: warning
+ ruleGroup: geosphere-node
+ annotations:
+ summary: "Host out of disk space (instance {{ $labels.instance }})"
+ description: "Disk is almost full (< 10% left)\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: HostDiskWillFillIn4Hours
+ expr: predict_linear(node_filesystem_free_bytes{fstype!~"tmpfs"}[1h], 4 * 3600) < 0
+ for: 5m
+ labels:
+ severity: warning
+ ruleGroup: geosphere-node
+ annotations:
+ summary: "Host disk will fill in 4 hours (instance {{ $labels.instance }})"
+ description: "Disk will fill in 4 hours at current write rate\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: HostOutOfInodes
+ expr: node_filesystem_files_free{mountpoint ="/"} / node_filesystem_files{mountpoint ="/"} * 100 < 10
+ for: 5m
+ labels:
+ severity: warning
+ ruleGroup: geosphere-node
+ annotations:
+ summary: "Host out of inodes (instance {{ $labels.instance }})"
+ description: "Disk is almost running out of available inodes (< 10% left)\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: HostUnusualDiskReadLatency
+ expr: rate(node_disk_read_time_seconds_total[1m]) / rate(node_disk_reads_completed_total[1m]) > 100
+ for: 5m
+ labels:
+ severity: warning
+ ruleGroup: geosphere-node
+ annotations:
+ summary: "Host unusual disk read latency (instance {{ $labels.instance }})"
+ description: "Disk latency is growing (read operations > 100ms)\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: HostUnusualDiskWriteLatency
+ expr: rate(node_disk_write_time_seconds_total[1m]) / rate(node_disk_writes_completed_total[1m]) > 100
+ for: 5m
+ labels:
+ severity: warning
+ ruleGroup: geosphere-node
+ annotations:
+ summary: "Host unusual disk write latency (instance {{ $labels.instance }})"
+ description: "Disk latency is growing (write operations > 100ms)\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: HostHighCpuLoad
+ expr: 100 - (avg by(instance) (irate(node_cpu_seconds_total{mode="idle"}[5m])) * 100) > 80
+ for: 5m
+ labels:
+ severity: warning
+ ruleGroup: geosphere-node
+ annotations:
+ summary: "Host high CPU load (instance {{ $labels.instance }})"
+ description: "CPU load is > 80%\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ # 1000 context switches is an arbitrary number.
+ # Changed to 6000 as kubekorner was sitting at ~3500
+ # Alert threshold depends on nature of application.
+ # Please read: https://github.com/samber/awesome-prometheus-alerts/issues/58
+ - alert: HostContextSwitching
+ expr: (rate(node_context_switches_total[5m])) / (count without(cpu, mode) (node_cpu_seconds_total{mode="idle"})) > 6000
+ for: 5m
+ labels:
+ severity: warning
+ ruleGroup: geosphere-node
+ annotations:
+ summary: "Host context switching (instance {{ $labels.instance }})"
+ description: "Context switching is growing on node (> 1000 / s)\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: HostSwapIsFillingUp
+ expr: (1 - (node_memory_SwapFree_bytes / node_memory_SwapTotal_bytes)) * 100 > 80
+ for: 5m
+ labels:
+ severity: warning
+ ruleGroup: geosphere-node
+ annotations:
+ summary: "Host swap is filling up (instance {{ $labels.instance }})"
+ description: "Swap is filling up (>80%)\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: HostOomKillDetected
+ expr: increase(node_vmstat_oom_kill[5m]) > 0
+ for: 5m
+ labels:
+ severity: warning
+ ruleGroup: geosphere-node
+ annotations:
+ summary: "Host OOM kill detected (instance {{ $labels.instance }})"
+ description: "OOM kill detected\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: HostNetworkReceiveErrors
+ expr: increase(node_network_receive_errs_total[5m]) > 0
+ for: 5m
+ labels:
+ severity: warning
+ ruleGroup: geosphere-node
+ annotations:
+ summary: "Host Network Receive Errors (instance {{ $labels.instance }})"
+ description: '{{ $labels.instance }} interface {{ $labels.device }} has encountered {{ printf "%.0f" $value }} receive errors in the last five minutes.\n VALUE = {{ $value }}\n LABELS: {{ $labels }}'
+ - alert: HostNetworkTransmitErrors
+ expr: increase(node_network_transmit_errs_total[5m]) > 0
+ for: 5m
+ labels:
+ severity: warning
+ ruleGroup: geosphere-node
+ annotations:
+ summary: "Host Network Transmit Errors (instance {{ $labels.instance }})"
+ description: '{{ $labels.instance }} interface {{ $labels.device }} has encountered {{ printf "%.0f" $value }} transmit errors in the last five minutes.\n VALUE = {{ $value }}\n LABELS: {{ $labels }}'
+
+ - name: geosphere-general-kubernetes.rules
+ rules:
+ - alert: KubernetesNodeReady
+ expr: kube_node_status_condition{condition="Ready",status="true"} == 0
+ for: 5m
+ labels:
+ severity: critical
+ ruleGroup: geosphere-kubernetes
+ annotations:
+ summary: "Kubernetes Node ready (instance {{ $labels.instance }})"
+ description: "Node {{ $labels.node }} has been unready for a long time\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: KubernetesMemoryPressure
+ expr: kube_node_status_condition{condition="MemoryPressure",status="true"} == 1
+ for: 5m
+ labels:
+ severity: critical
+ ruleGroup: geosphere-kubernetes
+ annotations:
+ summary: "Kubernetes memory pressure (instance {{ $labels.instance }})"
+ description: "{{ $labels.node }} has MemoryPressure condition\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: KubernetesDiskPressure
+ expr: kube_node_status_condition{condition="DiskPressure",status="true"} == 1
+ for: 5m
+ labels:
+ severity: critical
+ ruleGroup: geosphere-kubernetes
+ annotations:
+ summary: "Kubernetes disk pressure (instance {{ $labels.instance }})"
+ description: "{{ $labels.node }} has DiskPressure condition\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: KubernetesOutOfDisk
+ expr: kube_node_status_condition{condition="OutOfDisk",status="true"} == 1
+ for: 5m
+ labels:
+ severity: critical
+ ruleGroup: geosphere-kubernetes
+ annotations:
+ summary: "Kubernetes out of disk (instance {{ $labels.instance }})"
+ description: "{{ $labels.node }} has OutOfDisk condition\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: KubernetesJobFailed
+ expr: kube_job_status_failed > 0
+ for: 5m
+ labels:
+ severity: warning
+ ruleGroup: geosphere-kubernetes
+ annotations:
+ summary: "Kubernetes Job failed (instance {{ $labels.instance }})"
+ description: "Job {{$labels.namespace}}/{{$labels.exported_job}} failed to complete\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: KubernetesCronjobSuspended
+ expr: kube_cronjob_spec_suspend != 0
+ for: 5m
+ labels:
+ severity: warning
+ ruleGroup: geosphere-kubernetes
+ annotations:
+ summary: "Kubernetes CronJob suspended (instance {{ $labels.instance }})"
+ description: "CronJob {{ $labels.namespace }}/{{ $labels.cronjob }} is suspended\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: KubernetesPersistentvolumeclaimPending
+ expr: kube_persistentvolumeclaim_status_phase{phase="Pending"} == 1
+ for: 5m
+ labels:
+ severity: warning
+ ruleGroup: geosphere-kubernetes
+ annotations:
+ summary: "Kubernetes PersistentVolumeClaim pending (instance {{ $labels.instance }})"
+ description: "PersistentVolumeClaim {{ $labels.namespace }}/{{ $labels.persistentvolumeclaim }} is pending\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: KubernetesVolumeOutOfDiskSpace
+ expr: kubelet_volume_stats_available_bytes / kubelet_volume_stats_capacity_bytes * 100 < 10
+ for: 5m
+ labels:
+ severity: warning
+ ruleGroup: geosphere-kubernetes
+ annotations:
+ summary: "Kubernetes Volume out of disk space (instance {{ $labels.instance }})"
+ description: "Volume is almost full (< 10% left)\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: KubernetesVolumeFullInFourDays
+ expr: predict_linear(kubelet_volume_stats_available_bytes[6h], 4 * 24 * 3600) < 0
+ for: 5m
+ labels:
+ severity: critical
+ ruleGroup: geosphere-kubernetes
+ annotations:
+ summary: "Kubernetes Volume full in four days (instance {{ $labels.instance }})"
+ description: "{{ $labels.namespace }}/{{ $labels.persistentvolumeclaim }} is expected to fill up within four days. Currently {{ $value | humanize }}% is available.\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: KubernetesPersistentvolumeError
+ expr: kube_persistentvolume_status_phase{phase=~"Failed|Pending",job="kube-state-metrics"} > 0
+ for: 5m
+ labels:
+ severity: critical
+ ruleGroup: geosphere-kubernetes
+ annotations:
+ summary: "Kubernetes PersistentVolume error (instance {{ $labels.instance }})"
+ description: "Persistent volume is in bad state\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: KubernetesStatefulsetDown
+ expr: (kube_statefulset_status_replicas_ready / kube_statefulset_status_replicas_current) != 1
+ for: 5m
+ labels:
+ severity: critical
+ ruleGroup: geosphere-kubernetes
+ annotations:
+ summary: "Kubernetes StatefulSet down (instance {{ $labels.instance }})"
+ description: "A StatefulSet went down\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+
+ - alert: KubernetesPodNotHealthy
+ expr: min_over_time(sum by (namespace, pod) (kube_pod_status_phase{phase=~"Pending|Unknown|Failed"})[1h:]) > 0
+ for: 5m
+ labels:
+ severity: critical
+ ruleGroup: geosphere-kubernetes
+ annotations:
+ summary: "Kubernetes Pod not healthy (instance {{ $labels.instance }})"
+ description: "Pod has been in a non-ready state for longer than an hour.\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: KubernetesPodCrashLooping
+ expr: rate(kube_pod_container_status_restarts_total[15m]) * 60 * 5 > 5
+ for: 5m
+ labels:
+ severity: warning
+ ruleGroup: geosphere-kubernetes
+ annotations:
+ summary: "Kubernetes pod crash looping (instance {{ $labels.instance }})"
+ description: "Pod {{ $labels.pod }} is crash looping\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: KubernetesDeploymentGenerationMismatch
+ expr: kube_deployment_status_observed_generation != kube_deployment_metadata_generation
+ for: 5m
+ labels:
+ severity: critical
+ ruleGroup: geosphere-kubernetes
+ annotations:
+ summary: "Kubernetes Deployment generation mismatch (instance {{ $labels.instance }})"
+ description: "A Deployment has failed but has not been rolled back.\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: KubernetesCronjobTooLong
+ expr: time() - kube_cronjob_next_schedule_time > 3600
+ for: 5m
+ labels:
+ severity: warning
+ ruleGroup: geosphere-kubernetes
+ annotations:
+ summary: "Kubernetes CronJob too long (instance {{ $labels.instance }})"
+ description: "CronJob {{ $labels.namespace }}/{{ $labels.cronjob }} is taking more than 1h to complete.\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+
+ - alert: KubernetesJobCompletion
+ expr: kube_job_spec_completions - kube_job_status_succeeded > 0 or kube_job_status_failed > 0
+ for: 5m
+ labels:
+ severity: critical
+ ruleGroup: geosphere-kubernetes
+ annotations:
+ summary: "Kubernetes job completion (instance {{ $labels.instance }})"
+ description: "Kubernetes Job failed to complete\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+
+ - alert: KubernetesApiServerErrors
+ expr: sum(rate(apiserver_request_count{job="apiserver",code=~"^(?:5..)$"}[2m])) / sum(rate(apiserver_request_count{job="apiserver"}[2m])) * 100 > 3
+ for: 5m
+ labels:
+ severity: critical
+ ruleGroup: geosphere-kubernetes
+ annotations:
+ summary: "Kubernetes API server errors (instance {{ $labels.instance }})"
+ description: "Kubernetes API server is experiencing high error rate\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: KubernetesApiClientErrors
+ expr: (sum(rate(rest_client_requests_total{code=~"(4|5).."}[2m])) by (instance, job) / sum(rate(rest_client_requests_total[2m])) by (instance, job)) * 100 > 1
+ for: 5m
+ labels:
+ severity: critical
+ ruleGroup: geosphere-kubernetes
+ annotations:
+ summary: "Kubernetes API client errors (instance {{ $labels.instance }})"
+ description: "Kubernetes API client is experiencing high error rate\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: KubernetesClientCertificateExpiresNextWeek
+ expr: apiserver_client_certificate_expiration_seconds_count{job="apiserver"} > 0 and histogram_quantile(0.01, sum by (job, le) (rate(apiserver_client_certificate_expiration_seconds_bucket{job="apiserver"}[5m]))) < 7*24*60*60
+ for: 5m
+ labels:
+ severity: warning
+ ruleGroup: geosphere-kubernetes
+ annotations:
+ summary: "Kubernetes client certificate expires next week (instance {{ $labels.instance }})"
+ description: "A client certificate used to authenticate to the apiserver is expiring next week.\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: KubernetesClientCertificateExpiresSoon
+ expr: apiserver_client_certificate_expiration_seconds_count{job="apiserver"} > 0 and histogram_quantile(0.01, sum by (job, le) (rate(apiserver_client_certificate_expiration_seconds_bucket{job="apiserver"}[5m]))) < 24*60*60
+ for: 5m
+ labels:
+ severity: critical
+ ruleGroup: geosphere-kubernetes
+ annotations:
+ summary: "Kubernetes client certificate expires soon (instance {{ $labels.instance }})"
+ description: "A client certificate used to authenticate to the apiserver is expiring in less than 24.0 hours.\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+ - alert: KubernetesApiServerLatency
+ expr: histogram_quantile(0.99, sum(apiserver_request_latencies_bucket{verb!~"CONNECT|WATCHLIST|WATCH|PROXY"}) WITHOUT (instance, resource)) / 1e+06 > 1
+ for: 5m
+ labels:
+ severity: warning
+ ruleGroup: geosphere-kubernetes
+ annotations:
+ summary: "Kubernetes API server latency (instance {{ $labels.instance }})"
+ description: "Kubernetes API server has a 99th percentile latency of {{ $value }} seconds for {{ $labels.verb }} {{ $labels.resource }}.\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
+
diff --git a/admin/prometheus_kubernetes_values.yaml b/admin/prometheus_kubernetes_values.yaml
new file mode 100644
index 0000000..8cecada
--- /dev/null
+++ b/admin/prometheus_kubernetes_values.yaml
@@ -0,0 +1,38 @@
+alertmanager:
+ ## Alertmanager configuration directives
+ ## ref: https://prometheus.io/docs/alerting/configuration/#configuration-file
+ ## https://prometheus.io/webtools/alerting/routing-tree-editor/
+ ##
+ config:
+ global:
+ resolve_timeout: 5m
+ slack_api_url: "FIXME: <https://hooks.slack.com/services/...>"
+
+ route:
+ group_by: ["instance", "severity"]
+ group_wait: 30s
+ group_interval: 5m
+ repeat_interval: 12h
+ receiver: "null"
+ routes:
+ - match_re:
+ ruleGroup: "geosphere-.*"
+ receiver: "geosphere-dev-team"
+
+ receivers:
+ - name: "null"
+ - name: "geosphere-dev-team"
+ slack_configs:
+ - channel: "#geo2grid"
+ send_resolved: true
+ icon_emoji: '{{ if eq .Status "firing" }}:fearful:{{ else }}:excellent:{{ end }}'
+ color: '{{ if eq .Status "firing" }}danger{{ else }}good{{ end }}'
+ title: '[{{ .Status | toUpper }}{{ if eq .Status "firing" }}:{{ .Alerts.Firing | len }}{{ end }}] {{ .GroupLabels.SortedPairs.Values | join " " }} {{ if gt (len .CommonLabels) (len .GroupLabels) }}({{ with .CommonLabels.Remove .GroupLabels.Names }}{{ .Values | join " " }}{{ end }}){{ end }}{{ end }}'
+ text: |-
+ {{ range .Alerts }}
+ *Alert:* {{ .Annotations.summary }} - `{{ .Labels.severity }}`
+ *Description:* {{ .Annotations.description }}
+ *Details:*
+ {{ range .Labels.SortedPairs }} • *{{ .Name }}:* `{{ .Value }}`
+ {{ end }}
+ {{ end }}
\ No newline at end of file
--
GitLab