Skip to content

Commit

Permalink
teleport-operator specifics
Browse files Browse the repository at this point in the history
  • Loading branch information
@ssyno
ssyno committed Jan 11, 2024
1 parent 031ca14 commit 20d15aa
Show file tree
Hide file tree
Showing 3 changed files with 43 additions and 3 deletions.
2 changes: 1 addition & 1 deletion helm/prometheus-rules/templates/alerting-rules/deployment.management-cluster.rules.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -215,7 +215,7 @@ spec:
annotations:
description: '{{`Deployment {{ $labels.namespace}}/{{ $labels.deployment }} is not satisfied.`}}'
opsrecipe: deployment-not-satisfied/
expr: kube_deployment_status_replicas_unavailable{cluster_type="management_cluster", deployment=~"cert-manager-*|teleport-*|dex*|athena*|rbac-operator"} > 0
expr: kube_deployment_status_replicas_unavailable{cluster_type="management_cluster", deployment=~"cert-manager-*|teleport-*|dex*|athena*|rbac-operator|credentiald"} > 0
for: 30m
labels:
area: kaas
Expand Down
4 changes: 2 additions & 2 deletions helm/prometheus-rules/templates/alerting-rules/deployment.workload-cluster.rules.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,10 +73,10 @@ spec:
- alert: WorkloadClusterDeploymentNotSatisfiedBigMac
annotations:
description: '{{`Deployment {{ $labels.namespace}}/{{ $labels.deployment }} has been scaled down to zero for prolonged period of time.`}}'
expr: kube_deployment_status_replicas_unavailable{cluster_type="workload_cluster", deployment=~"cert-manager-*|teleport-*|dex*|athena*|rbac-operator"} > 0
expr: kube_deployment_status_replicas_unavailable{cluster_type="workload_cluster", deployment=~"cert-manager-*|teleport-*|dex*|athena*|rbac-operator|credentiald"} > 0
for: 30m
labels:
area: kass
area: kaas
cancel_if_cluster_status_creating: "true"
cancel_if_cluster_status_deleting: "true"
cancel_if_cluster_status_updating: "true"
Expand Down
40 changes: 40 additions & 0 deletions helm/prometheus-rules/templates/alerting-rules/teleport.rules.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
apiVersion: monitoring.coreos.com/v1
kind: PrometheusRule
metadata:
creationTimestamp: null
labels:
{{- include "labels.common" . | nindent 4 }}
name: prometheus.rules
namespace: {{ .Values.namespace }}
spec:
groups:
- name: teleport
rules:
- alert: TeleportJoinTokenSecretMismatch
annotations:
description: '{{`Mismatch in number of teleport-join-token secrets and clusters`}}'
expr: count(kube_secret_created{secret=~".*-teleport-join-token"}) != count(capi_cluster_info{control_plane_reference_kind="KubeadmControlPlane"})
for: 30m
labels:
area: kaas
cancel_if_cluster_status_creating: "true"
cancel_if_cluster_status_updating: "true"
cancel_if_cluster_status_deleting: "true"
cancel_if_outside_working_hours: "true"
severity: page
team: bigmac
topic: teleport
- alert: TeleportKubeAgentConfigMapMismatch
annotations:
description: '{{`Teleport join token is missing`}}'
expr: count(kube_configmap_info{configmap=~".*-teleport-kube-agent-config"})!= count(capi_cluster_info{control_plane_reference_kind="KubeadmControlPlane"})
for: 30m
labels:
area: kaas
cancel_if_cluster_status_creating: "true"
cancel_if_cluster_status_updating: "true"
cancel_if_cluster_status_deleting: "true"
cancel_if_outside_working_hours: "true"
severity: page
team: bigmac
topic: teleport

0 comments on commit 20d15aa

Please sign in to comment.