Mercurial > code > home > repos > victoriametrics

annotate alert_rules.py @ 39:84a00d1b87b3

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
maildir-count target
author drewp@bigasterisk.com
date Tue, 09 Jan 2024 19:56:22 -0800
parents 6e27d280b598
children 24daba56722c
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
23
drewp@bigasterisk.com
parents:
diff changeset
1 """
drewp@bigasterisk.com
parents:
diff changeset
2 pdm run invoke push-config
drewp@bigasterisk.com
parents:
diff changeset
3
drewp@bigasterisk.com
parents:
diff changeset
4 docs: https://prometheus.io/docs/prometheus/latest/configuration/alerting_rules/
drewp@bigasterisk.com
parents:
diff changeset
5 "Whenever the alert expression results in one or more vector
drewp@bigasterisk.com
parents:
diff changeset
6 elements at a given point in time, the alert counts as active for
drewp@bigasterisk.com
parents:
diff changeset
7 these elements' label sets."
drewp@bigasterisk.com
parents:
diff changeset
8 also https://www.metricfire.com/blog/top-5-prometheus-alertmanager-gotchas/#Missing-metrics
drewp@bigasterisk.com
parents:
diff changeset
9
drewp@bigasterisk.com
parents:
diff changeset
10 """
drewp@bigasterisk.com
parents:
diff changeset
11
drewp@bigasterisk.com
parents:
diff changeset
12 import json
drewp@bigasterisk.com
parents:
diff changeset
13
drewp@bigasterisk.com
parents:
diff changeset
14
drewp@bigasterisk.com
parents:
diff changeset
15 def k8sRules():
drewp@bigasterisk.com
parents:
diff changeset
16 # from https://awesome-prometheus-alerts.grep.to/rules.html
drewp@bigasterisk.com
parents:
diff changeset
17 return [
drewp@bigasterisk.com
parents:
diff changeset
18 {
34
3b91d52b007d rules tuning
drewp@bigasterisk.com
parents: 32
diff changeset
19 "alert": "metricsTargetMissing",
3b91d52b007d rules tuning
drewp@bigasterisk.com
parents: 32
diff changeset
20 "expr": 'up{job!~"cm-acme-.*"} == 0',
36
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
21 'for': '10m',
31
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
22 "labels": {
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
23 "severity": "critical"
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
24 },
23
drewp@bigasterisk.com
parents:
diff changeset
25 "annotations": {
34
3b91d52b007d rules tuning
drewp@bigasterisk.com
parents: 32
diff changeset
26 "summary": "metrics target missing (instance {{ $labels.instance }})",
3b91d52b007d rules tuning
drewp@bigasterisk.com
parents: 32
diff changeset
27 "description": "A metrics target has disappeared. An exporter might be crashed.\n VALUE = {{ $value }}",
23
drewp@bigasterisk.com
parents:
diff changeset
28 },
drewp@bigasterisk.com
parents:
diff changeset
29 },
drewp@bigasterisk.com
parents:
diff changeset
30 {
drewp@bigasterisk.com
parents:
diff changeset
31 "alert": "KubernetesMemoryPressure",
drewp@bigasterisk.com
parents:
diff changeset
32 "expr": 'kube_node_status_condition{condition="MemoryPressure",status="true"} == 1',
drewp@bigasterisk.com
parents:
diff changeset
33 "for": "2m",
31
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
34 "labels": {
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
35 "severity": "critical"
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
36 },
23
drewp@bigasterisk.com
parents:
diff changeset
37 "annotations": {
drewp@bigasterisk.com
parents:
diff changeset
38 "summary": "Kubernetes memory pressure (instance {{ $labels.instance }})",
drewp@bigasterisk.com
parents:
diff changeset
39 "description": "{{ $labels.node }} has MemoryPressure condition\n VALUE = {{ $value }}",
drewp@bigasterisk.com
parents:
diff changeset
40 },
drewp@bigasterisk.com
parents:
diff changeset
41 },
drewp@bigasterisk.com
parents:
diff changeset
42 {
drewp@bigasterisk.com
parents:
diff changeset
43 "alert": "KubernetesDiskPressure",
drewp@bigasterisk.com
parents:
diff changeset
44 "expr": 'kube_node_status_condition{condition="DiskPressure",status="true"} == 1',
drewp@bigasterisk.com
parents:
diff changeset
45 "for": "2m",
31
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
46 "labels": {
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
47 "severity": "critical"
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
48 },
23
drewp@bigasterisk.com
parents:
diff changeset
49 "annotations": {
drewp@bigasterisk.com
parents:
diff changeset
50 "summary": "Kubernetes disk pressure (instance {{ $labels.instance }})",
drewp@bigasterisk.com
parents:
diff changeset
51 "description": "{{ $labels.node }} has DiskPressure condition\n VALUE = {{ $value }}",
drewp@bigasterisk.com
parents:
diff changeset
52 },
drewp@bigasterisk.com
parents:
diff changeset
53 },
drewp@bigasterisk.com
parents:
diff changeset
54 {
drewp@bigasterisk.com
parents:
diff changeset
55 "alert": "KubernetesOutOfDisk",
drewp@bigasterisk.com
parents:
diff changeset
56 "expr": 'kube_node_status_condition{condition="OutOfDisk",status="true"} == 1',
drewp@bigasterisk.com
parents:
diff changeset
57 "for": "2m",
31
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
58 "labels": {
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
59 "severity": "critical"
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
60 },
23
drewp@bigasterisk.com
parents:
diff changeset
61 "annotations": {
drewp@bigasterisk.com
parents:
diff changeset
62 "summary": "Kubernetes out of disk (instance {{ $labels.instance }})",
drewp@bigasterisk.com
parents:
diff changeset
63 "description": "{{ $labels.node }} has OutOfDisk condition\n VALUE = {{ $value }}",
drewp@bigasterisk.com
parents:
diff changeset
64 },
drewp@bigasterisk.com
parents:
diff changeset
65 },
drewp@bigasterisk.com
parents:
diff changeset
66 {
drewp@bigasterisk.com
parents:
diff changeset
67 "alert": "KubernetesJobFailed",
drewp@bigasterisk.com
parents:
diff changeset
68 "expr": "kube_job_status_failed > 0",
31
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
69 "labels": {
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
70 "severity": "warning"
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
71 },
23
drewp@bigasterisk.com
parents:
diff changeset
72 "annotations": {
drewp@bigasterisk.com
parents:
diff changeset
73 "summary": "Kubernetes Job failed (instance {{ $labels.instance }})",
drewp@bigasterisk.com
parents:
diff changeset
74 "description": "Job {{$labels.namespace}}/{{$labels.exported_job}} failed to complete\n VALUE = {{ $value }}",
drewp@bigasterisk.com
parents:
diff changeset
75 },
drewp@bigasterisk.com
parents:
diff changeset
76 },
drewp@bigasterisk.com
parents:
diff changeset
77 {
drewp@bigasterisk.com
parents:
diff changeset
78 "alert": "KubernetesPodCrashLooping",
drewp@bigasterisk.com
parents:
diff changeset
79 "expr": "increase(kube_pod_container_status_restarts_total[1m]) > 3",
drewp@bigasterisk.com
parents:
diff changeset
80 "for": "2m",
31
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
81 "labels": {
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
82 "severity": "warning"
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
83 },
23
drewp@bigasterisk.com
parents:
diff changeset
84 "annotations": {
drewp@bigasterisk.com
parents:
diff changeset
85 "summary": "Kubernetes pod crash looping (instance {{ $labels.instance }})",
drewp@bigasterisk.com
parents:
diff changeset
86 "description": "Pod {{ $labels.pod }} is crash looping\n VALUE = {{ $value }}",
drewp@bigasterisk.com
parents:
diff changeset
87 },
drewp@bigasterisk.com
parents:
diff changeset
88 },
drewp@bigasterisk.com
parents:
diff changeset
89 {
31
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
90 "alert":
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
91 "KubernetesClientCertificateExpiresNextWeek",
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
92 "expr":
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
93 'apiserver_client_certificate_expiration_seconds_count{job="apiserver"} > 0 and histogram_quantile(0.01, sum by (job, le) (rate(apiserver_client_certificate_expiration_seconds_bucket{job="apiserver"}[5m]))) < 7*24*60*60',
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
94 "labels": {
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
95 "severity": "warning"
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
96 },
23
drewp@bigasterisk.com
parents:
diff changeset
97 "annotations": {
drewp@bigasterisk.com
parents:
diff changeset
98 "summary": "Kubernetes client certificate expires next week (instance {{ $labels.instance }})",
drewp@bigasterisk.com
parents:
diff changeset
99 "description": "A client certificate used to authenticate to the apiserver is expiring next week.\n VALUE = {{ $value }}",
drewp@bigasterisk.com
parents:
diff changeset
100 },
drewp@bigasterisk.com
parents:
diff changeset
101 },
drewp@bigasterisk.com
parents:
diff changeset
102 {
drewp@bigasterisk.com
parents:
diff changeset
103 "alert": "container_waiting",
34
3b91d52b007d rules tuning
drewp@bigasterisk.com
parents: 32
diff changeset
104 "expr": "sum by (namespace, pod, container)(kube_pod_container_status_waiting!=0)",
3b91d52b007d rules tuning
drewp@bigasterisk.com
parents: 32
diff changeset
105 "annotations": {
3b91d52b007d rules tuning
drewp@bigasterisk.com
parents: 32
diff changeset
106 "description": '',
3b91d52b007d rules tuning
drewp@bigasterisk.com
parents: 32
diff changeset
107 "dashboard": "https://bigasterisk.com/k/clusters/local/namespaces/{{ $labels.namespace }}/pods/{{ $labels.pod }}",
3b91d52b007d rules tuning
drewp@bigasterisk.com
parents: 32
diff changeset
108 },
23
drewp@bigasterisk.com
parents:
diff changeset
109 "for": "2m",
drewp@bigasterisk.com
parents:
diff changeset
110 },
drewp@bigasterisk.com
parents:
diff changeset
111 ]
drewp@bigasterisk.com
parents:
diff changeset
112
drewp@bigasterisk.com
parents:
diff changeset
113
32
eb1de82c93aa refactor the merging of all the groups
drewp@bigasterisk.com
parents: 31
diff changeset
114 def allRules(ctx):
23
drewp@bigasterisk.com
parents:
diff changeset
115 return {
drewp@bigasterisk.com
parents:
diff changeset
116 "groups": [
drewp@bigasterisk.com
parents:
diff changeset
117 {
drewp@bigasterisk.com
parents:
diff changeset
118 "name": "k8s",
28
e114edff93dc more explicit intervals. try to get a single day of notification out of a disk err increase
drewp@bigasterisk.com
parents: 27
diff changeset
119 "interval": "1m",
23
drewp@bigasterisk.com
parents:
diff changeset
120 "rules": k8sRules(),
drewp@bigasterisk.com
parents:
diff changeset
121 },
32
eb1de82c93aa refactor the merging of all the groups
drewp@bigasterisk.com
parents: 31
diff changeset
122 expectedK8sNodesGroup(ctx),
23
drewp@bigasterisk.com
parents:
diff changeset
123 #
drewp@bigasterisk.com
parents:
diff changeset
124 # any presence of starlette_request_duration_seconds_created{app_name="starlette",method="GET",path="/",status_code="200"} 1.6460176156784086e+09 means someone forgot to set app name
drewp@bigasterisk.com
parents:
diff changeset
125 {
31
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
126 "name":
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
127 "Outages",
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
128 "interval":
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
129 "1m",
23
drewp@bigasterisk.com
parents:
diff changeset
130 "rules": [
drewp@bigasterisk.com
parents:
diff changeset
131 {
drewp@bigasterisk.com
parents:
diff changeset
132 "alert": "powereagleStalled",
drewp@bigasterisk.com
parents:
diff changeset
133 "expr": "rate(house_power_w[100m]) == 0",
drewp@bigasterisk.com
parents:
diff changeset
134 "for": "0m",
31
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
135 "labels": {
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
136 "severity": "losingData"
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
137 },
23
drewp@bigasterisk.com
parents:
diff changeset
138 "annotations": {
drewp@bigasterisk.com
parents:
diff changeset
139 "summary": "power eagle data stalled",
drewp@bigasterisk.com
parents:
diff changeset
140 "description": "logs at https://bigasterisk.com/k/clusters/local/namespaces/default/deployments/power-eagle/logs",
drewp@bigasterisk.com
parents:
diff changeset
141 },
drewp@bigasterisk.com
parents:
diff changeset
142 },
drewp@bigasterisk.com
parents:
diff changeset
143 {
drewp@bigasterisk.com
parents:
diff changeset
144 "alert": "powereagleAbsent",
drewp@bigasterisk.com
parents:
diff changeset
145 "expr": "absent_over_time(house_power_w[5m])",
drewp@bigasterisk.com
parents:
diff changeset
146 "for": "2m",
31
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
147 "labels": {
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
148 "severity": "losingData"
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
149 },
23
drewp@bigasterisk.com
parents:
diff changeset
150 "annotations": {
drewp@bigasterisk.com
parents:
diff changeset
151 "summary": "power eagle data missing",
drewp@bigasterisk.com
parents:
diff changeset
152 "description": "logs at https://bigasterisk.com/k/clusters/local/namespaces/default/deployments/power-eagle/logs",
drewp@bigasterisk.com
parents:
diff changeset
153 },
drewp@bigasterisk.com
parents:
diff changeset
154 },
drewp@bigasterisk.com
parents:
diff changeset
155 {
drewp@bigasterisk.com
parents:
diff changeset
156 "alert": "absent_zigbee",
drewp@bigasterisk.com
parents:
diff changeset
157 "expr": 'absent(container_last_seen{container="zigbee2mqtt"})',
drewp@bigasterisk.com
parents:
diff changeset
158 },
drewp@bigasterisk.com
parents:
diff changeset
159 {
drewp@bigasterisk.com
parents:
diff changeset
160 "alert": "net_routes_sync",
drewp@bigasterisk.com
parents:
diff changeset
161 "expr": 'rate(starlette_request_duration_seconds_count{app_name="net_routes",path="/routes"}[5m]) < 1/70',
drewp@bigasterisk.com
parents:
diff changeset
162 "for": "10m",
31
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
163 "labels": {
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
164 "severity": "houseUsersAffected"
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
165 },
23
drewp@bigasterisk.com
parents:
diff changeset
166 "annotations": {
drewp@bigasterisk.com
parents:
diff changeset
167 "summary": "net_routes is not getting regular updates"
drewp@bigasterisk.com
parents:
diff changeset
168 },
drewp@bigasterisk.com
parents:
diff changeset
169 },
drewp@bigasterisk.com
parents:
diff changeset
170 ],
drewp@bigasterisk.com
parents:
diff changeset
171 },
drewp@bigasterisk.com
parents:
diff changeset
172 {
36
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
173 "name":
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
174 "disk_errs",
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
175 "interval":
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
176 "2d",
31
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
177 "rules": [{
36
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
178 "alert": "zpool_device_error_increase",
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
179 "labels": {
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
180 "severity": "warning"
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
181 },
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
182 "expr": 'increase(zpool_device_error_count[3d]) > 0',
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
183 }, {
31
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
184 "alert": "zpool_device_error_count",
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
185 "labels": {
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
186 "severity": "warning"
28
e114edff93dc more explicit intervals. try to get a single day of notification out of a disk err increase
drewp@bigasterisk.com
parents: 27
diff changeset
187 },
36
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
188 "expr": 'zpool_device_error_count > 0',
31
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
189 }],
28
e114edff93dc more explicit intervals. try to get a single day of notification out of a disk err increase
drewp@bigasterisk.com
parents: 27
diff changeset
190 },
e114edff93dc more explicit intervals. try to get a single day of notification out of a disk err increase
drewp@bigasterisk.com
parents: 27
diff changeset
191 {
31
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
192 "name":
34
3b91d52b007d rules tuning
drewp@bigasterisk.com
parents: 32
diff changeset
193 "front_door",
3b91d52b007d rules tuning
drewp@bigasterisk.com
parents: 32
diff changeset
194 "interval":
3b91d52b007d rules tuning
drewp@bigasterisk.com
parents: 32
diff changeset
195 "5m",
3b91d52b007d rules tuning
drewp@bigasterisk.com
parents: 32
diff changeset
196 "rules": [
3b91d52b007d rules tuning
drewp@bigasterisk.com
parents: 32
diff changeset
197 {
36
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
198 "alert": "front_door_reader_esp32_no_mqtt",
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
199 'expr': 'hw_connected{job="fingerprint"} < 1',
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
200 "annotations": {
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
201 "summary": "see https://bigasterisk.com/front-door-lock/"
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
202 },
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
203 },
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
204 {
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
205 "alert": "fronr_door_reader_svc_down",
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
206 'expr': 'up{job="fingerprint"} < 1',
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
207 "annotations": {
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
208 "summary": "see https://bigasterisk.com/front-door-lock/"
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
209 },
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
210 },
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
211 {
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
212 "alert": "fronr_door_reader_svc_reader_no_mqtt",
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
213 'expr': 'mqtt_connected{job="fingerprint"} < 1',
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
214 "annotations": {
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
215 "summary": "see https://bigasterisk.com/front-door-lock/"
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
216 },
34
3b91d52b007d rules tuning
drewp@bigasterisk.com
parents: 32
diff changeset
217 },
3b91d52b007d rules tuning
drewp@bigasterisk.com
parents: 32
diff changeset
218 {
36
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
219 "alert": "front_door_lock_svc_down",
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
220 'expr': 'up{job="front-door-lock"} < 1',
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
221 "annotations": {
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
222 "summary": "see https://bigasterisk.com/front-door-lock/"
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
223 },
34
3b91d52b007d rules tuning
drewp@bigasterisk.com
parents: 32
diff changeset
224 },
36
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
225 {
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
226 "alert": "front_door_lock_svc_no_mqtt",
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
227 'expr': 'mqtt_connected{job="front-door-lock"} < 1',
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
228 "annotations": {
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
229 "summary": "see https://bigasterisk.com/front-door-lock/"
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
230 },
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
231 },
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
232 {
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
233 "alert": "front_door_lock_esp32_no_mqtt",
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
234 'expr': 'hw_connected{job="front-door-lock"} < 1',
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
235 "annotations": {
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
236 "summary": "see https://bigasterisk.com/front-door-lock/"
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
237 },
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
238 },
2bc188c4117a rules updates, incl front door group
drewp@bigasterisk.com
parents: 34
diff changeset
239 ],
34
3b91d52b007d rules tuning
drewp@bigasterisk.com
parents: 32
diff changeset
240 },
3b91d52b007d rules tuning
drewp@bigasterisk.com
parents: 32
diff changeset
241 {
37
6e27d280b598 watch https cert ages (testing with 45d)
drewp@bigasterisk.com
parents: 36
diff changeset
242 "name": "https_certs",
6e27d280b598 watch https cert ages (testing with 45d)
drewp@bigasterisk.com
parents: 36
diff changeset
243 "interval": "1h",
6e27d280b598 watch https cert ages (testing with 45d)
drewp@bigasterisk.com
parents: 36
diff changeset
244 'rules': [{
6e27d280b598 watch https cert ages (testing with 45d)
drewp@bigasterisk.com
parents: 36
diff changeset
245 'alert': 'old_https_certs',
6e27d280b598 watch https cert ages (testing with 45d)
drewp@bigasterisk.com
parents: 36
diff changeset
246 'expr': 'min by (source) (x509_cert_enddate - now())/86400 < 45',
6e27d280b598 watch https cert ages (testing with 45d)
drewp@bigasterisk.com
parents: 36
diff changeset
247 }],
6e27d280b598 watch https cert ages (testing with 45d)
drewp@bigasterisk.com
parents: 36
diff changeset
248 },
6e27d280b598 watch https cert ages (testing with 45d)
drewp@bigasterisk.com
parents: 36
diff changeset
249 {
34
3b91d52b007d rules tuning
drewp@bigasterisk.com
parents: 32
diff changeset
250 "name":
31
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
251 "alerts",
23
drewp@bigasterisk.com
parents:
diff changeset
252 "rules": [
drewp@bigasterisk.com
parents:
diff changeset
253 {
drewp@bigasterisk.com
parents:
diff changeset
254 "alert": "kube_node_status_bad_condition",
drewp@bigasterisk.com
parents:
diff changeset
255 "for": "2h",
31
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
256 "labels": {
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
257 "severity": "warning"
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
258 },
23
drewp@bigasterisk.com
parents:
diff changeset
259 "expr": 'kube_node_status_condition{condition=~".*Pressure",status="true"} > 0',
drewp@bigasterisk.com
parents:
diff changeset
260 },
drewp@bigasterisk.com
parents:
diff changeset
261 {
drewp@bigasterisk.com
parents:
diff changeset
262 "alert": "housePower",
28
e114edff93dc more explicit intervals. try to get a single day of notification out of a disk err increase
drewp@bigasterisk.com
parents: 27
diff changeset
263 "for": "1h",
31
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
264 "labels": {
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
265 "severity": "waste"
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
266 },
23
drewp@bigasterisk.com
parents:
diff changeset
267 "expr": "house_power_w > 4000",
31
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
268 "annotations": {
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
269 "summary": "house power usage over 4KW"
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
270 },
23
drewp@bigasterisk.com
parents:
diff changeset
271 },
drewp@bigasterisk.com
parents:
diff changeset
272 {
drewp@bigasterisk.com
parents:
diff changeset
273 "alert": "host_root_fs_space_low",
drewp@bigasterisk.com
parents:
diff changeset
274 "for": "20m",
31
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
275 "labels": {
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
276 "severity": "warning"
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
277 },
34
3b91d52b007d rules tuning
drewp@bigasterisk.com
parents: 32
diff changeset
278 "expr": 'disk_free{host!="garage",path="/"} < 20G',
23
drewp@bigasterisk.com
parents:
diff changeset
279 },
drewp@bigasterisk.com
parents:
diff changeset
280 {
drewp@bigasterisk.com
parents:
diff changeset
281 "alert": "zpool_space_low",
drewp@bigasterisk.com
parents:
diff changeset
282 "for": "20m",
31
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
283 "labels": {
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
284 "severity": "warning"
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
285 },
23
drewp@bigasterisk.com
parents:
diff changeset
286 "expr": 'last_over_time(zfs_pool_free_bytes{pool="stor7"}[1h]) < 100G',
drewp@bigasterisk.com
parents:
diff changeset
287 },
drewp@bigasterisk.com
parents:
diff changeset
288 {
drewp@bigasterisk.com
parents:
diff changeset
289 "alert": "disk_week_incr",
drewp@bigasterisk.com
parents:
diff changeset
290 "for": "20m",
31
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
291 "labels": {
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
292 "severity": "warning"
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
293 },
23
drewp@bigasterisk.com
parents:
diff changeset
294 "expr": 'round(increase(disk_used{path=~"/my/.*"}[1d])/1M) > 5000',
31
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
295 "annotations": {
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
296 "summary": "high mb/week on zfs dir"
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
297 },
23
drewp@bigasterisk.com
parents:
diff changeset
298 },
drewp@bigasterisk.com
parents:
diff changeset
299 {
drewp@bigasterisk.com
parents:
diff changeset
300 "alert": "high_logging",
31
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
301 "for": "3h",
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
302 "labels": {
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
303 "severity": "waste"
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
304 },
23
drewp@bigasterisk.com
parents:
diff changeset
305 "expr": "sum by (container) (rate(kubelet_container_log_filesystem_used_bytes[3h])) > 4k",
31
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
306 "annotations": {
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
307 "summary": "high log output rate"
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
308 },
23
drewp@bigasterisk.com
parents:
diff changeset
309 },
drewp@bigasterisk.com
parents:
diff changeset
310 {
drewp@bigasterisk.com
parents:
diff changeset
311 "alert": "stale_process",
drewp@bigasterisk.com
parents:
diff changeset
312 "for": "1d",
31
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
313 "labels": {
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
314 "severity": "dataRisk"
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
315 },
23
drewp@bigasterisk.com
parents:
diff changeset
316 "expr": "round((time() - filestat_modification_time/1e9) / 86400) > 14",
31
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
317 "annotations": {
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
318 "summary": "process time is old"
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
319 },
23
drewp@bigasterisk.com
parents:
diff changeset
320 },
drewp@bigasterisk.com
parents:
diff changeset
321 {
drewp@bigasterisk.com
parents:
diff changeset
322 "alert": "starlette",
drewp@bigasterisk.com
parents:
diff changeset
323 "for": "1m",
31
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
324 "labels": {
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
325 "severity": "fix"
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
326 },
23
drewp@bigasterisk.com
parents:
diff changeset
327 "expr": 'starlette_request_duration_seconds_created{app_name="starlette"}',
31
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
328 "annotations": {
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
329 "summary": "set starlette app name"
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
330 },
23
drewp@bigasterisk.com
parents:
diff changeset
331 },
drewp@bigasterisk.com
parents:
diff changeset
332 {
drewp@bigasterisk.com
parents:
diff changeset
333 "alert": "ssl_certs_expiring_soon",
drewp@bigasterisk.com
parents:
diff changeset
334 "expr": "min((min_over_time(probe_ssl_earliest_cert_expiry[1d])-time())/86400) < 10",
31
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
335 "labels": {
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
336 "severity": "warning"
d39a8038227b reformat
drewp@bigasterisk.com
parents: 28
diff changeset
337 },
23
drewp@bigasterisk.com
parents:
diff changeset
338 "annotations": {
drewp@bigasterisk.com
parents:
diff changeset
339 "summary": "cert expiring soon. See https://bigasterisk.com/grafana/d/z1YtDa3Gz/certs?orgId=1\nVALUE = {{ $value }}"
drewp@bigasterisk.com
parents:
diff changeset
340 },
drewp@bigasterisk.com
parents:
diff changeset
341 },
drewp@bigasterisk.com
parents:
diff changeset
342 ],
drewp@bigasterisk.com
parents:
diff changeset
343 },
32
eb1de82c93aa refactor the merging of all the groups
drewp@bigasterisk.com
parents: 31
diff changeset
344 ] + hostsExpectedOnline(ctx)['groups']
23
drewp@bigasterisk.com
parents:
diff changeset
345 }
drewp@bigasterisk.com
parents:
diff changeset
346
drewp@bigasterisk.com
parents:
diff changeset
347
drewp@bigasterisk.com
parents:
diff changeset
348 def _runJson(ctx, cmd):
drewp@bigasterisk.com
parents:
diff changeset
349 return json.loads(ctx.run(cmd, hide="stdout").stdout)
drewp@bigasterisk.com
parents:
diff changeset
350
drewp@bigasterisk.com
parents:
diff changeset
351
drewp@bigasterisk.com
parents:
diff changeset
352 def hostsExpectedOnline(ctx):
drewp@bigasterisk.com
parents:
diff changeset
353 return _runJson(ctx, "cd /my/serv/lanscape; pdm run python hosts_expected_online.py")
drewp@bigasterisk.com
parents:
diff changeset
354
drewp@bigasterisk.com
parents:
diff changeset
355
32
eb1de82c93aa refactor the merging of all the groups
drewp@bigasterisk.com
parents: 31
diff changeset
356 def expectedK8sNodesGroup(ctx):
23
drewp@bigasterisk.com
parents:
diff changeset
357 getNode = _runJson(ctx, "kubectl get node -o json")
drewp@bigasterisk.com
parents:
diff changeset
358 hosts = [item["metadata"]["name"] for item in getNode["items"]]
drewp@bigasterisk.com
parents:
diff changeset
359 optionalHosts = {'slash'}
drewp@bigasterisk.com
parents:
diff changeset
360 return {
32
eb1de82c93aa refactor the merging of all the groups
drewp@bigasterisk.com
parents: 31
diff changeset
361 "name":
eb1de82c93aa refactor the merging of all the groups
drewp@bigasterisk.com
parents: 31
diff changeset
362 "k8s_expected_nodes",
eb1de82c93aa refactor the merging of all the groups
drewp@bigasterisk.com
parents: 31
diff changeset
363 "rules": [{
eb1de82c93aa refactor the merging of all the groups
drewp@bigasterisk.com
parents: 31
diff changeset
364 "alert": "kube_node_log_size_report_" + h,
eb1de82c93aa refactor the merging of all the groups
drewp@bigasterisk.com
parents: 31
diff changeset
365 "expr": 'absent(kubelet_container_log_filesystem_used_bytes{instance="%s"})' % h,
eb1de82c93aa refactor the merging of all the groups
drewp@bigasterisk.com
parents: 31
diff changeset
366 "for": "1h",
eb1de82c93aa refactor the merging of all the groups
drewp@bigasterisk.com
parents: 31
diff changeset
367 "annotations": {
eb1de82c93aa refactor the merging of all the groups
drewp@bigasterisk.com
parents: 31
diff changeset
368 "summary": f"no recent k8s log size report from host {h}"
eb1de82c93aa refactor the merging of all the groups
drewp@bigasterisk.com
parents: 31
diff changeset
369 },
eb1de82c93aa refactor the merging of all the groups
drewp@bigasterisk.com
parents: 31
diff changeset
370 } for h in hosts if h not in optionalHosts],
23
drewp@bigasterisk.com
parents:
diff changeset
371 }