Skip to content

Commit

Permalink
Add Atlas app-configuration alerts (#1268)
Browse files Browse the repository at this point in the history
* Add Atlas app-configuration alerts

* Adjust rules

* Update atlas-app-configuration alerts

* Update atlas-app-configuration alerts
  • Loading branch information
marieroque authored Jul 2, 2024
1 parent 39bd73e commit 0c9a62e
Show file tree
Hide file tree
Showing 2 changed files with 41 additions and 0 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0

### Added

- Add Atlas app-configuration alerts to check unexpected configmaps and secrets.
- add new node inhibitions to avoid paging for daemonsets when nodes are not ready/unschedulable.

### Changed
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
apiVersion: monitoring.coreos.com/v1
kind: PrometheusRule
metadata:
labels:
{{- include "labels.common" . | nindent 4 }}
name: atlas-app-configuration.rules
namespace: {{ .Values.namespace }}
spec:
groups:
- name: atlas-app-configuration
rules:
# Coming from https://gigantic.slack.com/archives/C07A03AN9JM
# This alert ensures our app has no unexpected configmaps.
- alert: ConfigmapUnexpected
annotations:
description: '{{`{{ $labels.configmap }} configmap is not expected.`}}'
opsrecipe: atlas-app-configuration/
expr: |
kube_configmap_info{cluster_type="management_cluster", configmap=~".*(loki|mimir|prometheus-agent)-user-values"} > 0
for: 2d
labels:
area: platform
cancel_if_outside_working_hours: "true"
severity: notify
team: atlas
topic: observability
# This alert ensures our app has no unexpected secrets.
- alert: SecretUnexpected
annotations:
description: '{{`{{ $labels.secret }} secret is not expected.`}}'
opsrecipe: atlas-app-configuration/
expr: |
kube_secret_info{cluster_type="management_cluster", secret=~".*(loki|mimir|prometheus-agent)-user-values"} > 0
for: 2d
labels:
area: platform
cancel_if_outside_working_hours: "true"
severity: notify
team: atlas
topic: observability

0 comments on commit 0c9a62e

Please sign in to comment.