diff --git a/keycloak-observability/docs/README-Prometheus.md b/keycloak-observability/docs/README-Prometheus.md index 2a2a416..badefbc 100644 --- a/keycloak-observability/docs/README-Prometheus.md +++ b/keycloak-observability/docs/README-Prometheus.md @@ -1,12 +1,12 @@ # Prometheus configuration -RabbitMQ alerting rules depend on [kube-state-metrics](https://github.com/kubernetes/kube-state-metrics). Refer to the kube-state-metrics documentation to deploy and scrape kube-state-metrics. +Keycloak alerting rules depend on [kube-state-metrics](https://github.com/kubernetes/kube-state-metrics). Refer to the kube-state-metrics documentation to deploy and scrape kube-state-metrics. ## With Prometheus Operator If Prometheus and Alertmanager are installed by [Prometheus Operator](https://github.com/prometheus-operator/prometheus-operator), apply the YAML files in [alertmanager](./alertmanager), [monitors](./monitors), and [rules](./rules) directories. They contain K8s objects watched by Prometheus Operator configuring Prometheus. ## Without Prometheus Operator -If Prometheus and Alertmanager are not installed by Prometheus Operator, use [config-file.yml](./config-file.yml) and [rule-file.yml](./rule-file.yml) as a starting point for RabbitMQ monitoring and alerting. +If Prometheus and Alertmanager are not installed by Prometheus Operator, use [config-file.yml](./config-file.yml) and [rule-file.yml](./rule-file.yml) as a starting point for Keycloak monitoring and alerting. `rule-file.yml` is an auto-generated file containing the same rules as the [rules](./rules/) directory. For the [Alertmanager configuration file](https://prometheus.io/docs/alerting/latest/configuration/#configuration-file), use the same `alertmanager.yaml` as provided in [alertmanager/slack.yml](alertmanager/slack.yml). diff --git a/keycloak-observability/docs/README-alertmanager.md b/keycloak-observability/docs/README-alertmanager.md deleted file mode 100644 index 46bba41..0000000 --- a/keycloak-observability/docs/README-alertmanager.md +++ /dev/null @@ -1,12 +0,0 @@ -# Alertmanager - -The file [slack.yml](./slack.yml) contains [Alertmanager](https://prometheus.io/docs/alerting/latest/alertmanager/) configuration that sends Slack notifications for RabbitMQ and RabbitMQ Cluster Operator alerts. -It groups alerts by namespace and RabbitMQ cluster. - -Replace -* `((ALERTMANAGER_NAME))` with the name of the Alertmanager CRD object -* `((SLACK_CHANNEL))` with the Slack channel name (e.g. `#my-channel`) -* `((SLACK_API_URL))` with the Slack Webhook URL (see [here](https://api.slack.com/messaging/webhooks) how to create one, e.g. `https://hooks.slack.com/services/paste/your/token`) - -If the Secret already exists, either edit the existing secret or, if you want to define multiple Alertmanager configurations, use the custom resource [AlertmanagerConfig](https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/user-guides/alerting.md#alertmanagerconfig-resource). -Deploy the Secret into the same namespace where Alertmanager is running. diff --git a/keycloak-observability/docs/README-monitors.md b/keycloak-observability/docs/README-monitors.md index c9db566..3c2930b 100644 --- a/keycloak-observability/docs/README-monitors.md +++ b/keycloak-observability/docs/README-monitors.md @@ -25,26 +25,25 @@ metadata: Given the `matchLabels` fields from the Prometheus spec above, you would need to add the label `release: my-prometheus` to the `PodMonitor` and `ServiceMonitor` objects. -File [rabbitmq-servicemonitor.yml](./rabbitmq-servicemonitor.yml) contains scrape targets for RabbitMQ. TLS verify will be skipped by default. To enable TLS verification for scraping, set `spec.endpoints[port=prometheus-tls].tlsConfig.insecureSkipVerify` to false and provide a Kubernetes Secret containing CA cert used for Prometheus. -Metrics listed in [RabbitMQ metrics](https://github.com/rabbitmq/rabbitmq-server/blob/master/deps/rabbitmq_prometheus/metrics.md) will be scraped from all RabbitMQ nodes. -Note that the ServiceMonitor object works only for RabbitMQ clusters deployed by [cluster-operator](https://github.com/rabbitmq/cluster-operator) `>v1.6.0`. If you run cluster-operator `<=v1.6.0` use a PodMonitor instead: +File [keycloak-servicemonitor.yml](./keycloak-servicemonitor.yml) contains scrape targets for keycloak. TLS verify will be skipped by default. To enable TLS verification for scraping, set `spec.endpoints[port=prometheus-tls].tlsConfig.insecureSkipVerify` to false and provide a Kubernetes Secret containing CA cert used for Prometheus. +Metrics listed in [Keycloak metrics](https://github.com/aerogear/keycloak-metrics-spi) will be scraped from all Keycloak nodes. ```yaml --- apiVersion: monitoring.coreos.com/v1 kind: PodMonitor metadata: - name: rabbitmq + name: keycloak spec: podMetricsEndpoints: - port: prometheus interval: 15s selector: matchLabels: - app.kubernetes.io/component: rabbitmq + app.kubernetes.io/component: keycloak namespaceSelector: any: true ``` -File [rabbitmq-cluster-operator-podmonitor.yml](./rabbitmq-cluster-operator-podmonitor.yml) contains a scrape target for the RabbitMQ Cluster Operator. -[The metrics](https://book.kubebuilder.io/reference/metrics.html) emitted by the RabbitMQ Cluster Operator are created by Kubernetes controller-runtime and are therefore completely different from the RabbitMQ metrics. +File [keycloak-cluster-operator-podmonitor.yml](./keycloak-cluster-operator-podmonitor.yml) contains a scrape target for the keycloak Cluster Operator. +[The metrics](https://book.kubebuilder.io/reference/metrics.html) emitted by the keycloak Cluster Operator are created by Kubernetes controller-runtime and are therefore completely different from the keycloak metrics. diff --git a/keycloak-observability/docs/README-rules.md b/keycloak-observability/docs/README-rules.md deleted file mode 100644 index cbd74d6..0000000 --- a/keycloak-observability/docs/README-rules.md +++ /dev/null @@ -1,23 +0,0 @@ -# Prometheus Rules - -This directory contains Prometheus rules. -All rules are [alerting rules](https://prometheus.io/docs/prometheus/latest/configuration/alerting_rules/) except for [rabbitmq/recording-rules.yml](rabbitmq/recording-rules.yml) which contains [recording rules](https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/). - -Check the `spec` of your installed Prometheus custom resource. -In this example, let's assume your Prometheus spec contains the following fields: -```yaml -apiVersion: monitoring.coreos.com/v1 -kind: Prometheus -metadata: - ... -spec: - ... - ruleNamespaceSelector: {} # auto discover PrometheusRules accross all namespaces - ruleSelector: - matchLabels: - release: my-prometheus - ... - version: v2.26.0 -``` - -Given the `matchLabels` field from the Prometheus spec above, you would need to add the label `release: my-prometheus` to the `PrometheusRule` objects.