-
Notifications
You must be signed in to change notification settings - Fork 32
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Co-authored-by: Benjamin DUPUIS <benjamin.dupuis@fr.clara.net>
- Loading branch information
Showing
16 changed files
with
558 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,118 @@ | ||
# DOCKER-STATE SignalFx detectors | ||
|
||
<!-- START doctoc generated TOC please keep comment here to allow auto update --> | ||
<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE --> | ||
:link: **Contents** | ||
|
||
- [How to use this module?](#how-to-use-this-module) | ||
- [What are the available detectors in this module?](#what-are-the-available-detectors-in-this-module) | ||
- [How to collect required metrics?](#how-to-collect-required-metrics) | ||
- [Metrics](#metrics) | ||
- [Related documentation](#related-documentation) | ||
|
||
<!-- END doctoc generated TOC please keep comment here to allow auto update --> | ||
|
||
## How to use this module? | ||
|
||
This directory defines a [Terraform](https://www.terraform.io/) | ||
[module](https://www.terraform.io/language/modules/syntax) you can use in your | ||
existing [stack](https://github.com/claranet/terraform-signalfx-detectors/wiki/Getting-started#stack) by adding a | ||
`module` configuration and setting its `source` parameter to URL of this folder: | ||
|
||
```hcl | ||
module "signalfx-detectors-prometheus-exporter-docker-state" { | ||
source = "github.com/claranet/terraform-signalfx-detectors.git//modules/prometheus-exporter_docker-state?ref={revision}" | ||
environment = var.environment | ||
notifications = local.notifications | ||
} | ||
``` | ||
|
||
Note the following parameters: | ||
|
||
* `source`: Use this parameter to specify the URL of the module. The double slash (`//`) is intentional and required. | ||
Terraform uses it to specify subfolders within a Git repo (see [module | ||
sources](https://www.terraform.io/language/modules/sources)). The `ref` parameter specifies a specific Git tag in | ||
this repository. It is recommended to use the latest "pinned" version in place of `{revision}`. Avoid using a branch | ||
like `master` except for testing purpose. Note that every modules in this repository are available on the Terraform | ||
[registry](https://registry.terraform.io/modules/claranet/detectors/signalfx) and we recommend using it as source | ||
instead of `git` which is more flexible but less future-proof. | ||
|
||
* `environment`: Use this parameter to specify the | ||
[environment](https://github.com/claranet/terraform-signalfx-detectors/wiki/Getting-started#environment) used by this | ||
instance of the module. | ||
Its value will be added to the `prefixes` list at the start of the [detector | ||
name](https://github.com/claranet/terraform-signalfx-detectors/wiki/Templating#example). | ||
In general, it will also be used in the `filtering` internal sub-module to [apply | ||
filters](https://github.com/claranet/terraform-signalfx-detectors/wiki/Guidance#filtering) based on our default | ||
[tagging convention](https://github.com/claranet/terraform-signalfx-detectors/wiki/Tagging-convention) by default. | ||
|
||
* `notifications`: Use this parameter to define where alerts should be sent depending on their severity. It consists | ||
of a Terraform [object](https://www.terraform.io/language/expressions/type-constraints#object) where each key represents an available | ||
[detector rule severity](https://docs.splunk.com/observability/alerts-detectors-notifications/create-detectors-for-alerts.html#severity) | ||
and its value is a list of recipients. Every recipients must respect the [detector notification | ||
format](https://registry.terraform.io/providers/splunk-terraform/signalfx/latest/docs/resources/detector#notification-format). | ||
Check the [notification binding](https://github.com/claranet/terraform-signalfx-detectors/wiki/Notifications-binding) | ||
documentation to understand the recommended role of each severity. | ||
|
||
These 3 parameters alongs with all variables defined in [common-variables.tf](common-variables.tf) are common to all | ||
[modules](../) in this repository. Other variables, specific to this module, are available in | ||
[variables-gen.tf](variables-gen.tf). | ||
In general, the default configuration "works" but all of these Terraform | ||
[variables](https://www.terraform.io/language/values/variables) make it possible to | ||
customize the detectors behavior to better fit your needs. | ||
|
||
Most of them represent usual tips and rules detailled in the | ||
[guidance](https://github.com/claranet/terraform-signalfx-detectors/wiki/Guidance) documentation and listed in the | ||
common [variables](https://github.com/claranet/terraform-signalfx-detectors/wiki/Variables) dedicated documentation. | ||
|
||
Feel free to explore the [wiki](https://github.com/claranet/terraform-signalfx-detectors/wiki) for more information about | ||
general usage of this repository. | ||
|
||
## What are the available detectors in this module? | ||
|
||
This module creates the following SignalFx detectors which could contain one or multiple alerting rules: | ||
|
||
|Detector|Critical|Major|Minor|Warning|Info| | ||
|---|---|---|---|---|---| | ||
|Docker-state heartbeat|X|-|-|-|-| | ||
|Docker-state state health status|X|-|-|-|-| | ||
|Docker-state state status|X|-|-|-|-| | ||
|Docker-state state oom killed|X|-|-|-|-| | ||
|
||
## How to collect required metrics? | ||
|
||
This module deploys detectors using metrics reported by the | ||
scraping of a server following the [OpenMetrics convention](https://openmetrics.io/) based on and compatible with [the Prometheus | ||
exposition format](https://github.com/prometheus/docs/blob/main/content/docs/instrumenting/exposition_formats.md#openmetrics-text-format). | ||
|
||
They are generally called `Prometheus Exporters` which can be fetched by both the [SignalFx Smart Agent](https://github.com/signalfx/signalfx-agent) | ||
thanks to its [prometheus exporter monitor](https://github.com/signalfx/signalfx-agent/blob/main/docs/monitors/prometheus-exporter.md) and the | ||
[OpenTelemetry Collector](https://github.com/signalfx/splunk-otel-collector) using its [prometheus | ||
receiver](https://github.com/open-telemetry/opentelemetry-collector-contrib/tree/main/receiver/prometheusreceiver) or its derivates. | ||
|
||
These exporters could be embedded directly in the tool you want to monitor (e.g. nginx ingress) or must be installed next to it as | ||
a separate program configured to connect, create metrics and expose them as server. | ||
|
||
|
||
Check the [Related documentation](#related-documentation) section for more detailed and specific information about this module dependencies. | ||
|
||
|
||
|
||
### Metrics | ||
|
||
|
||
Here is the list of required metrics for detectors in this module. | ||
|
||
* `container_state_health_status` | ||
* `container_state_oomkilled` | ||
* `container_state_status` | ||
|
||
|
||
|
||
|
||
## Related documentation | ||
|
||
* [Terraform SignalFx provider](https://registry.terraform.io/providers/splunk-terraform/signalfx/latest/docs) | ||
* [Terraform SignalFx detector](https://registry.terraform.io/providers/splunk-terraform/signalfx/latest/docs/resources/detector) | ||
* [Splunk Observability integrations](https://docs.splunk.com/Observability/gdi/get-data-in/integrations.html) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
../../common/module/filters-prometheus-exporter.tf |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
../../common/module/locals.tf |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
../../common/module/modules.tf |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
../../common/module/variables.tf |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
../../common/module/versions.tf |
13 changes: 13 additions & 0 deletions
13
modules/prometheus-exporter_docker-state/conf/00-heartbeat.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
## Example | ||
module: docker-state | ||
name: heartbeat | ||
|
||
transformation: false | ||
aggregation: true | ||
exclude_not_running_vm: true | ||
|
||
signals: | ||
signal: | ||
metric: "container_state_status" | ||
rules: | ||
critical: |
15 changes: 15 additions & 0 deletions
15
modules/prometheus-exporter_docker-state/conf/01-state-health-status.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
module: docker-state | ||
name: State Health Status | ||
|
||
transformation: ".min(over='5m')" | ||
aggregation: true | ||
|
||
filtering: "filter('service.name', 'docker-state-exporter') and filter('status', 'unhealthy')" | ||
|
||
signals: | ||
signal: | ||
metric: container_state_health_status | ||
rules: | ||
critical: | ||
threshold: 0 | ||
comparator: ">" |
15 changes: 15 additions & 0 deletions
15
modules/prometheus-exporter_docker-state/conf/02-state-status.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
module: docker-state | ||
name: State Status | ||
|
||
transformation: ".min(over='5m')" | ||
aggregation: true | ||
|
||
filtering: "filter('service.name', 'docker-state-exporter') and not filter('status', 'running')" | ||
|
||
signals: | ||
signal: | ||
metric: container_state_status | ||
rules: | ||
critical: | ||
threshold: 0 | ||
comparator: ">" |
15 changes: 15 additions & 0 deletions
15
modules/prometheus-exporter_docker-state/conf/03-state-oomkilled.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
module: docker-state | ||
name: State OOM Killed | ||
|
||
transformation: ".min(over='5m')" | ||
aggregation: true | ||
|
||
filtering: "filter('service.name', 'docker-state-exporter')" | ||
|
||
signals: | ||
signal: | ||
metric: container_state_oomkilled | ||
rules: | ||
critical: | ||
threshold: 0 | ||
comparator: ">" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
documentations: | ||
|
||
source_doc: |
112 changes: 112 additions & 0 deletions
112
modules/prometheus-exporter_docker-state/detectors-gen.tf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,112 @@ | ||
resource "signalfx_detector" "heartbeat" { | ||
name = format("%s %s", local.detector_name_prefix, "Docker-state heartbeat") | ||
|
||
authorized_writer_teams = var.authorized_writer_teams | ||
teams = try(coalescelist(var.teams, var.authorized_writer_teams), null) | ||
tags = compact(concat(local.common_tags, local.tags, var.extra_tags)) | ||
|
||
program_text = <<-EOF | ||
from signalfx.detectors.not_reporting import not_reporting | ||
signal = data('container_state_status', filter=${local.not_running_vm_filters} and ${module.filtering.signalflow})${var.heartbeat_aggregation_function}.publish('signal') | ||
not_reporting.detector(stream=signal, resource_identifier=None, duration='${var.heartbeat_timeframe}', auto_resolve_after='${local.heartbeat_auto_resolve_after}').publish('CRIT') | ||
EOF | ||
|
||
rule { | ||
description = "has not reported in ${var.heartbeat_timeframe}" | ||
severity = "Critical" | ||
detect_label = "CRIT" | ||
disabled = coalesce(var.heartbeat_disabled, var.detectors_disabled) | ||
notifications = try(coalescelist(lookup(var.heartbeat_notifications, "critical", []), var.notifications.critical), null) | ||
runbook_url = try(coalesce(var.heartbeat_runbook_url, var.runbook_url), "") | ||
tip = var.heartbeat_tip | ||
parameterized_subject = var.message_subject == "" ? local.rule_subject_novalue : var.message_subject | ||
parameterized_body = var.message_body == "" ? local.rule_body : var.message_body | ||
} | ||
|
||
max_delay = var.heartbeat_max_delay | ||
} | ||
|
||
resource "signalfx_detector" "state_health_status" { | ||
name = format("%s %s", local.detector_name_prefix, "Docker-state state health status") | ||
|
||
authorized_writer_teams = var.authorized_writer_teams | ||
teams = try(coalescelist(var.teams, var.authorized_writer_teams), null) | ||
tags = compact(concat(local.common_tags, local.tags, var.extra_tags)) | ||
|
||
program_text = <<-EOF | ||
base_filtering = filter('service.name', 'docker-state-exporter') and filter('status', 'unhealthy') | ||
signal = data('container_state_health_status', filter=base_filtering and ${module.filtering.signalflow})${var.state_health_status_aggregation_function}${var.state_health_status_transformation_function}.publish('signal') | ||
detect(when(signal > ${var.state_health_status_threshold_critical}, lasting=%{if var.state_health_status_lasting_duration_critical == null}None%{else}'${var.state_health_status_lasting_duration_critical}'%{endif}, at_least=${var.state_health_status_at_least_percentage_critical})).publish('CRIT') | ||
EOF | ||
|
||
rule { | ||
description = "is too high > ${var.state_health_status_threshold_critical}" | ||
severity = "Critical" | ||
detect_label = "CRIT" | ||
disabled = coalesce(var.state_health_status_disabled, var.detectors_disabled) | ||
notifications = try(coalescelist(lookup(var.state_health_status_notifications, "critical", []), var.notifications.critical), null) | ||
runbook_url = try(coalesce(var.state_health_status_runbook_url, var.runbook_url), "") | ||
tip = var.state_health_status_tip | ||
parameterized_subject = var.message_subject == "" ? local.rule_subject : var.message_subject | ||
parameterized_body = var.message_body == "" ? local.rule_body : var.message_body | ||
} | ||
|
||
max_delay = var.state_health_status_max_delay | ||
} | ||
|
||
resource "signalfx_detector" "state_status" { | ||
name = format("%s %s", local.detector_name_prefix, "Docker-state state status") | ||
|
||
authorized_writer_teams = var.authorized_writer_teams | ||
teams = try(coalescelist(var.teams, var.authorized_writer_teams), null) | ||
tags = compact(concat(local.common_tags, local.tags, var.extra_tags)) | ||
|
||
program_text = <<-EOF | ||
base_filtering = filter('service.name', 'docker-state-exporter') and not filter('status', 'running') | ||
signal = data('container_state_status', filter=base_filtering and ${module.filtering.signalflow})${var.state_status_aggregation_function}${var.state_status_transformation_function}.publish('signal') | ||
detect(when(signal > ${var.state_status_threshold_critical}, lasting=%{if var.state_status_lasting_duration_critical == null}None%{else}'${var.state_status_lasting_duration_critical}'%{endif}, at_least=${var.state_status_at_least_percentage_critical})).publish('CRIT') | ||
EOF | ||
|
||
rule { | ||
description = "is too high > ${var.state_status_threshold_critical}" | ||
severity = "Critical" | ||
detect_label = "CRIT" | ||
disabled = coalesce(var.state_status_disabled, var.detectors_disabled) | ||
notifications = try(coalescelist(lookup(var.state_status_notifications, "critical", []), var.notifications.critical), null) | ||
runbook_url = try(coalesce(var.state_status_runbook_url, var.runbook_url), "") | ||
tip = var.state_status_tip | ||
parameterized_subject = var.message_subject == "" ? local.rule_subject : var.message_subject | ||
parameterized_body = var.message_body == "" ? local.rule_body : var.message_body | ||
} | ||
|
||
max_delay = var.state_status_max_delay | ||
} | ||
|
||
resource "signalfx_detector" "state_oom_killed" { | ||
name = format("%s %s", local.detector_name_prefix, "Docker-state state oom killed") | ||
|
||
authorized_writer_teams = var.authorized_writer_teams | ||
teams = try(coalescelist(var.teams, var.authorized_writer_teams), null) | ||
tags = compact(concat(local.common_tags, local.tags, var.extra_tags)) | ||
|
||
program_text = <<-EOF | ||
base_filtering = filter('service.name', 'docker-state-exporter') | ||
signal = data('container_state_oomkilled', filter=base_filtering and ${module.filtering.signalflow})${var.state_oom_killed_aggregation_function}${var.state_oom_killed_transformation_function}.publish('signal') | ||
detect(when(signal > ${var.state_oom_killed_threshold_critical}, lasting=%{if var.state_oom_killed_lasting_duration_critical == null}None%{else}'${var.state_oom_killed_lasting_duration_critical}'%{endif}, at_least=${var.state_oom_killed_at_least_percentage_critical})).publish('CRIT') | ||
EOF | ||
|
||
rule { | ||
description = "is too high > ${var.state_oom_killed_threshold_critical}" | ||
severity = "Critical" | ||
detect_label = "CRIT" | ||
disabled = coalesce(var.state_oom_killed_disabled, var.detectors_disabled) | ||
notifications = try(coalescelist(lookup(var.state_oom_killed_notifications, "critical", []), var.notifications.critical), null) | ||
runbook_url = try(coalesce(var.state_oom_killed_runbook_url, var.runbook_url), "") | ||
tip = var.state_oom_killed_tip | ||
parameterized_subject = var.message_subject == "" ? local.rule_subject : var.message_subject | ||
parameterized_body = var.message_body == "" ? local.rule_body : var.message_body | ||
} | ||
|
||
max_delay = var.state_oom_killed_max_delay | ||
} | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
output "heartbeat" { | ||
description = "Detector resource for heartbeat" | ||
value = signalfx_detector.heartbeat | ||
} | ||
|
||
output "state_health_status" { | ||
description = "Detector resource for state_health_status" | ||
value = signalfx_detector.state_health_status | ||
} | ||
|
||
output "state_oom_killed" { | ||
description = "Detector resource for state_oom_killed" | ||
value = signalfx_detector.state_oom_killed | ||
} | ||
|
||
output "state_status" { | ||
description = "Detector resource for state_status" | ||
value = signalfx_detector.state_status | ||
} | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
locals { | ||
tags = ["prometheus-exporter", "docker-state"] | ||
} | ||
|
Oops, something went wrong.