Implementing a Cooperative Multi-Tenant Capable Prometheus Users: - - PowerPoint PPT Presentation

▶

Feb 26, 2023 225 likes •561 views

Jonas Groe Sundrup 10.08.2018 PromCon 2018 Implementing a Cooperative Multi-Tenant Capable Prometheus Users: run small-scale infrastructure arent monitoring experts 1 Target users Goal: Share monitoring infrastructure

SLIDE 1

Implementing a Cooperative Multi-Tenant Capable Prometheus

Jonas Große Sundrup 10.08.2018

PromCon 2018

SLIDE 2

Target users

Users:

run small-scale infrastructure
aren’t monitoring experts

Goal: Share monitoring infrastructure

SLIDE 3

Goal

Drop-dead-simple fjre-and-forget low-resource monitoring/alerting solution that just works

SLIDE 4

Roadmap

1. Prometheus
2. Alertmanager
3. System Architecture
4. Additional Services

SLIDE 5

Requirements

One Prometheus per machine
Multi-tenancy
Ansible-compatibility
patch-free operation

SLIDE 6

Getting data into Prometheus

SLIDE 7

Deploying scrape targets

~/scrptarg ├── node1.yml ├── node2.yml ├── db.yml └── mail.yml

SLIDE 8

Deploying scrape targets

~/scrptarg ├── node1.yml ├── node2.yml ├── db.yml └── mail.yml

job_name: alice

file_sd_configs:

files:
/home/alice/scrptarg/*.json
/home/alice/scrptarg/*.yml
/home/alice/scrptarg/*.yaml

refresh_interval: 5m scheme: https basic_auth: username: prometheus password: <secret>

SLIDE 9

Deploying rules

~/rules ├── normal.yml └── the-apocalypse.yml

SLIDE 10

Getting data out of Prometheus

SLIDE 11

up

SLIDE 12

up{job=“jonas”}

SLIDE 13

up{job=“jonas”}

SLIDE 14

Injecting a label

your_metric{job="hello",instance="mybox"}
your_metric{instance="mymachine"}
your_metric/my_metric{code="42"}
avg_over_time(your_metric[1h]) offset 1d

SLIDE 15

Injecting a label

your_metric{job="hello",instance="mybox"}
your_metric{instance="mymachine"}
your_metric/my_metric{code="42"}
avg_over_time(your_metric[1h]) offset 1d

SLIDE 16

Injecting a label

your_metric{job="hello",instance="mybox"}
your_metric{instance="mymachine"}
your_metric/my_metric{code="42"}
avg_over_time(your_metric[1h]) offset 1d

SLIDE 17

Injecting a label

your_metric{job="hello",instance="mybox"}
your_metric{instance="mymachine"}
your_metric/my_metric{code="42"}
avg_over_time(your_metric[1h]) offset 1d

SLIDE 18

A PromQL-parser

SLIDE 19

Retrieving Data in PromQL

sum(http_requests_total{code="200"})
avg_over_time(your_fancy_metric[1h])

SLIDE 20

Rules

rules:

alert: Endpoint down

expr: up == 0 for: 10m annotations: summary: "Must be short, slide isn't wide"

SLIDE 21

Rules

rules:

alert: jonas: Endpoint down

expr: up{job="jonas"} == 0 for: 10m labels: job: jonas annotations: summary: "Must be short, slide isn't wide"

SLIDE 22

Alertmanager

SLIDE 23

Alertmanager

SLIDE 24

Alertmanager

SLIDE 25

Silences

SLIDE 26

Architecture overview

PAP PAP

Alert- manager Blackbox- Exporter

19

SLIDE 27

Blackbox-Exporter

SLIDE 28

Blackbox-Targets

~/blackboxtargets/ ├── http_2xx_ipv4 │ └── websites.yml └── tcp_connect_ipv6 └── tcp.yml

SLIDE 29

Blackbox-Exporter: Confjguration

job_name: jonas-blackbox-http_2xx-ipv4

params: module:

http_2xx_ipv4

metrics_path: /probe file_sd_configs:

files:
/home/jonas/blackbox/http_2xx_ipv4/*.json
/home/jonas/blackbox/http_2xx_ipv4/*.yml
/home/jonas/blackbox/http_2xx_ipv4/*.yaml

refresh_interval: 5m relabel_configs: ...

SLIDE 30

Blackbox-Exporter: Relabelling

relabel_configs: ...

target_label: job

replacement: jonas action: replace ...

SLIDE 31

Blackbox-Exporter: Relabelling

relabel_configs: ...

target_label: blackbox_module

replacement: http_2xx action: replace

target_label: ip_version

replacement: ipv4 action: replace

SLIDE 32

Conclusion

Features:

User separation: yes
low memory profjle: yes
Ansible-compatibility: yes
Alerting: yes
Ease of use: yes

Limitations:

No resource isolation
Only one set of target

credentials

Preselected Featureset

SLIDE 33

Implementing a Cooperative Multi-Tenant Capable Prometheus

Jonas Große Sundrup 10.08.2018

Target users

Users:

Goal: Share monitoring infrastructure

Goal

Drop-dead-simple fjre-and-forget low-resource monitoring/alerting solution that just works

Roadmap

Requirements

Getting data into Prometheus

Deploying scrape targets

~/scrptarg ├── node1.yml ├── node2.yml ├── db.yml └── mail.yml

Deploying scrape targets

~/scrptarg ├── node1.yml ├── node2.yml ├── db.yml └── mail.yml

file_sd_configs:

refresh_interval: 5m scheme: https basic_auth: username: prometheus password: <secret>

Deploying rules

~/rules ├── normal.yml └── the-apocalypse.yml

Getting data out of Prometheus

up

up{job=“jonas”}

up{job=“jonas”}

Injecting a label

Injecting a label

Injecting a label

Injecting a label

A PromQL-parser

Retrieving Data in PromQL

Rules

rules:

expr: up == 0 for: 10m annotations: summary: "Must be short, slide isn't wide"

Rules

rules:

expr: up{job="jonas"} == 0 for: 10m labels: job: jonas annotations: summary: "Must be short, slide isn't wide"

Alertmanager

Alertmanager

Alertmanager

Silences

Architecture overview

PAP PAP

19

Blackbox-Exporter

Blackbox-Targets

~/blackboxtargets/ ├── http_2xx_ipv4 │ └── websites.yml └── tcp_connect_ipv6 └── tcp.yml

Blackbox-Exporter: Confjguration

params: module:

metrics_path: /probe file_sd_configs:

refresh_interval: 5m relabel_configs: ...

Blackbox-Exporter: Relabelling

relabel_configs: ...

replacement: jonas action: replace ...

Blackbox-Exporter: Relabelling

relabel_configs: ...

replacement: http_2xx action: replace

replacement: ipv4 action: replace

Conclusion

Features:

Limitations:

credentials

https://github.com/cherti/promauthproxy

jonas@grosse-sundrup.com