-
|
Hello, Is there a way to configure prometheus.jsonnet in order to mount volumes for alertmanager pod ? I need to provide a integration-key to pager duty but I do not want to hardcode the integration-key inside alertmanager-config.yaml file. Since we use prometheus.jsonnet and everything is pushed to github I was expecting a way to mount a file using an existing secret deployed sealed secret externally. I check here: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/user-guides/alerting.md but I do not feel it useful. This one looks nice : https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#alertmanagerspec but I do not know how to integrated it with prometheus.jsonnet ? Any advice ? |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments 4 replies
-
|
Whenever you import and configure but maybe @paulfantom knows of a more idiomatic way. |
Beta Was this translation helpful? Give feedback.
-
|
thanks I was able to mount secrets as I found that alertmanager is able to manage them using data:
key: token (base64)Now I don't know how to fill |
Beta Was this translation helpful? Give feedback.
-
|
My bad, I was focusing so much on mounting a secret, forgetting that yo simply want to configure pagerduty. How about leveraging |
Beta Was this translation helpful? Give feedback.
-
|
As I am using plain The 2nd reason I am doing this with secret it's because we are using a gitops approch and no secret must be commited to our github repository, and thanks to kubeseal I only need a reference to it, but you can simply create a secret manually for this example. Create a file called apiVersion: v1
data:
pagerduty.integration.key.tmpl: IyBDcmFmdCB5....
kind: Secret
metadata:
creationTimestamp: null
name: pagerduty-secrets
namespace: monitoringThen add a reference to ...
alertmanager+:: {
alertmanager+: {
spec+: {
secrets: ['pagerduty-secrets']
}
}
}
...Finally inject the integration key directly to pager duty using
# declare
templates:
- /etc/alertmanager/secrets/pagerduty-secrets/pagerduty.integration.key
# inside pagerduty configs block
receivers:
- name: foo
pagerduty_configs:
- routing_key: '{{ template "pagerduty.integration.key" . }}'Hope this will help someone, but the solution provided by @s-urbaniak using prometheus-operator abstraction is the way to go but requires more knowledge for the maintainer. #889 (reply in thread) |
Beta Was this translation helpful? Give feedback.
-
|
Thanks for the elaborate answer for others! 💯 |
Beta Was this translation helpful? Give feedback.
-
|
Many thanks for the detailed answer |
Beta Was this translation helpful? Give feedback.
As I am using plain
alertmanager-config.yamlfile I was able to manage this in a different way. The reason I did differently is because I do not want, right now, people maintaining this file to learn vanilla alert manager and prometheus-operator abstraction. But definitely something I will have a look once people are familiar with AM.The 2nd reason I am doing this with secret it's because we are using a gitops approch and no secret must be commited to our github repository, and thanks to kubeseal I only need a reference to it, but you can simply create a secret manually for this example.
Create a file called
pagerduty.integration.key.tmplwith the following content{{ define "pagerduty.i…