Skip to content

Commit

Permalink
Merge pull request #1236 from mehrdad-khojastefar/feature_read_rules_…
Browse files Browse the repository at this point in the history 
…from_folder

Add functionality to read rules from a folder
  • Loading branch information
@jertel
jertel authored Aug 15, 2023
2 parents 6d01ecd + c5e3968 commit 5dbb0cb
Show file tree
Hide file tree
Showing 7 changed files with 71 additions and 20 deletions.
1 change: 1 addition & 0 deletions .gitignore
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,4 +18,5 @@ my_rules
*.swp
*~
/rules/
/chart/elastalert2/real_values.yaml
mod/
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@
- TBD

## Other changes
- [Helm] Add support for generating rule config from a directory of rules, during chart deployment - [#1236](https://github.com/jertel/elastalert2/pull/1236) - @mehrdad-khojastefar
- [AlertManager] Fix typo with new feature released in 2.13.0 - [#1237](https://github.com/jertel/elastalert2/pull/1237) - @eveningcafe

# 2.13.0
Expand Down
38 changes: 20 additions & 18 deletions chart/elastalert2/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ The command removes all the Kubernetes components associated with the chart and
| Parameter | Description | Default |
|----------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------|
| `image.repository` | docker image | jertel/elastalert2 |
| `image.tag` | docker image tag | 2.13.0 |
| `image.tag` | docker image tag | 2.13.0 |
| `image.pullPolicy` | image pull policy | IfNotPresent |
| `image.pullSecret` | image pull secret | "" |
| `podAnnotations` | Annotations to be added to pods | {} |
Expand All @@ -58,7 +58,7 @@ The command removes all the Kubernetes components associated with the chart and
| `command` | command override for container | `NULL` |
| `args` | args override for container | `NULL` |
| `replicaCount` | number of replicas to run | 1 |
| `rulesFolder` | Locaton of rules directory. Usefull when you have one docker image and different set on rules per environemnt. For example development can reside in `/opt/elastalert/develop` and production in `/opt/elastalert/production`. | /opt/elastalert/rules |
| `rulesFolder` | Locaton of rules directory. Useful when you have one Docker image and different set of rules per environemnt. | /opt/elastalert/rules |
| `elasticsearch.host` | elasticsearch endpoint to use | elasticsearch |
| `elasticsearch.port` | elasticsearch port to use | 9200 |
| `elasticsearch.useSsl` | whether or not to connect to es_host using SSL | False |
Expand All @@ -78,35 +78,37 @@ The command removes all the Kubernetes components associated with the chart and
| `secretRulesName` | name of the secret which holds the ElastAlert rules. **Note:** this will overwrite the generated rules | `NULL` |
| `secretRulesList` | a list of rules to enable from the secret | [] |
| `optEnv` | Additional pod environment variable definitions | [] |
| `extraContainers` | List of additional containers run in the same pod as elastalert | [] |
| `extraInitContainers` | List of additional initContainers run prior to the elastalert pod | [] |
| `extraContainers` | List of additional containers run in the same pod as elastalert | [] |
| `extraInitContainers` | List of additional initContainers run prior to the elastalert pod | [] |
| `extraVolumes` | Additional volume definitions | [] |
| `extraVolumeMounts` | Additional volumeMount definitions | [] |
| `serviceAccount.create` | Specifies whether a service account should be created. | `true` |
| `serviceAccount.name` | Service account to be used. If not set and `serviceAccount.create` is `true`, a name is generated using the fullname template | |
| `serviceAccount.annotations` | ServiceAccount annotations | |
| `podSecurityPolicy.create` | [DEPRECATED] Create pod security policy resources | `false` |
| `resources` | Container resource requests and limits | {} |
| `rulesVolumeName` | Specifies the rules volume to be mounted. Can be changed for mounting a custom rules folder via the extraVolumes parameter, instead of using the default rules configMap or secret rule mounting method. | "rules" |
| `rootRulesFolder` | Folder where rules will be read from during deployment time. By default, 'rules' must be in root of the chart. **Note:** this will override the rules and secretRulesName values. | `rules` |
| `enabledRules` | Name of the active rules without file extension | `[]` |
| `rulesVolumeName` | Specifies the rules volume to be mounted. Can be changed for mounting a custom rules folder via the extraVolumes parameter, instead of using the default rules configMap or secret rule mounting method. | "rules" |
| `rules` | Rule and alert configuration for ElastAlert 2 | {} example shown in values.yaml |
| `runIntervalMins` | Default interval between alert checks, in minutes | 1 |
| `realertIntervalMins` | Time between alarms for same rule, in minutes | `NULL` |
| `scanSubdirectories` | Enable/disable subdirectory scanning for rules | `true` |
| `scanSubdirectories` | Enable/disable subdirectory scanning for rules | `true` |
| `alertRetryLimitMins` | Time to retry failed alert deliveries, in minutes | 2880 (2 days) |
| `bufferTimeMins` | Default rule buffer time, in minutes | 15 |
| `writebackIndex` | Name or prefix of elastalert index(es) | elastalert |
| `nodeSelector` | Node selector for deployment | {} |
| `affinity` | Affinity specifications for the deployed pod(s) | {} |
| `tolerations` | Tolerations for deployment | [] |
| `smtp_auth.username` | Optional SMTP mail server username. If the value is not empty, the smtp_auth secret will be created automatically. | `NULL` |
| `smtp_auth.password` | Optional SMTP mail server passwpord. This must be specified if the above field, `smtp_auth.username` is also specified. | `NULL` |
| `metrics.enabled` | Enable elastalert prometheus endpoint, add prometheus.io annotations to pod and create a service pointing to the port for prometheus to scrape the metrics | `false` |
| `metrics.prometheusPort` | If "metrics" is set to true, prometheus metrics will be exposed by the pod on this port. | `8080` |
| `metrics.prometheusPortName` | Name of the port where metrics are exposed | `http-alt` |
| `metrics.prometheusScrapeAnnotations` | If metrics are enabled, annotations to add to the pod for prometheus configuration. prometheus.io/port is also added during the prometheusPort and prometheusPortName values | `{prometheus.io/scrape: "true" prometheus.io/path: "/"}` |
| `metrics.serviceMonitor.enabled` | If metrics are enabled, create a serviceMonitor custom resource for prometheus-operator to detect and configure the metrics endpoint on prometheus. | `false` |
| `metrics.serviceMonitor.labels` | Labels to add to the prometheusRule object for prometheus-operator to detect it, when deployed on a namespace different from the one where prometheus-operator is running. | `{}` |
| `metrics.serviceMonitor.metricRelabelings` | List of prometheus metric relabeling configs to apply to scrape. Example: drop python_gc metrics or alter pod name | `[]` |
| `metrics.prometheusRule.enabled` | If metrics are enabled, create a prometheusRule custom resource for prometheus-operator | `false` |
| `metrics.prometheusRule.additionalLabels` | Labels to add to the prometheusRule object for prometheus-operator to detect it, when deployed on a namespace different from the one where prometheus-operator is running. | `{}` |
| `metrics.prometheusRule.rules` | Group of alerting and/or recording rules to add to the prometheus configuration, example Alerting rules for pod down, or for file descriptors. Should be added as multiline Yaml string | `` |
| `smtp_auth.username` | Optional SMTP mail server username. If the value is not empty, the smtp_auth secret will be created automatically. | `NULL` |
| `smtp_auth.password` | Optional SMTP mail server passwpord. This must be specified if the above field, `smtp_auth.username` is also specified. | `NULL` |
| `metrics.enabled` | Enable elastalert prometheus endpoint, add prometheus.io annotations to pod and create a service pointing to the port for prometheus to scrape the metrics | `false` |
| `metrics.prometheusPort` | If "metrics" is set to true, prometheus metrics will be exposed by the pod on this port. | `8080` |
| `metrics.prometheusPortName` | Name of the port where metrics are exposed | `http-alt` |
| `metrics.prometheusScrapeAnnotations` | If metrics are enabled, annotations to add to the pod for prometheus configuration. prometheus.io/port is also added during the prometheusPort and prometheusPortName values | `{prometheus.io/scrape: "true" prometheus.io/path: "/"}` |
| `metrics.serviceMonitor.enabled` | If metrics are enabled, create a serviceMonitor custom resource for prometheus-operator to detect and configure the metrics endpoint on prometheus. | `false` |
| `metrics.serviceMonitor.labels` | Labels to add to the prometheusRule object for prometheus-operator to detect it, when deployed on a namespace different from the one where prometheus-operator is running. | `{}` |
| `metrics.serviceMonitor.metricRelabelings` | List of prometheus metric relabeling configs to apply to scrape. Example: drop python_gc metrics or alter pod name. | `[]` |
| `metrics.prometheusRule.enabled` | If metrics are enabled, create a prometheusRule custom resource for prometheus-operator. | `false` |
| `metrics.prometheusRule.additionalLabels` | Labels to add to the prometheusRule object for prometheus-operator to detect it, when deployed on a namespace different from the one where prometheus-operator is running. | `{}` |
| `metrics.prometheusRule.rules` | Group of alerting and/or recording rules to add to the prometheus configuration, example Alerting rules for pod down, or for file descriptors. Should be added as multiline Yaml string. | `` |
14 changes: 14 additions & 0 deletions chart/elastalert2/rules/deadman/deadman_pagerduty.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
name: Deadman Switch PagerDuty
type: frequency
index: containers-*
num_events: 3
timeframe:
minutes: 3
filter:
- term:
message: "deadmanpd"
alert:
- "pagerduty"
pagerduty:
pagerduty_service_key: dummy
pagerduty_client_name: ElastAlert Deadman Switch
13 changes: 13 additions & 0 deletions chart/elastalert2/rules/deadman/deadman_slack.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
name: Deadman Switch Slack
type: frequency
index: containers-*
num_events: 3
timeframe:
minutes: 3
filter:
- term:
message: "deadmanslack"
alert:
- "slack"
slack:
slack_webhook_url: dummy
17 changes: 15 additions & 2 deletions chart/elastalert2/templates/rules.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,20 @@ metadata:
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
data:
{{- if .Values.rootRulesFolder }}
{{- $rulesDirectory := printf "%v/**.{yaml,yml}" .Values.rootRulesFolder -}}
{{- $enabledRules := .Values.enabledRules -}}
{{- range $rule, $_ := .Files.Glob $rulesDirectory -}}
{{- $ruleBase := base $rule -}}
{{- $ruleName := regexReplaceAll "\\.(yaml|yml)$" $ruleBase "" -}}
{{- if has $ruleName $enabledRules }}
{{ $ruleBase }}: |-
{{ $.Files.Get $rule | indent 4 }}
{{- end }}
{{- end }}
{{- else }}
{{- range $key, $value := .Values.rules }}
{{ $key | indent 2}}: |-
{{ $value | indent 4}}
{{ $key }}: |-
{{ $value | indent 2 }}
{{- end }}
{{- end }}
7 changes: 7 additions & 0 deletions chart/elastalert2/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,13 @@ commonLabels: {}
commonAnnotations: {}
appKubernetesIoComponent: elastalert2

# Folder where Helm can find local rules prior to deployment to the k8s cluster. By default,
# 'rules' folder must be located in the root of the chart directory. Note that this setting
# will override the rules and secretRulesName values. Again, these rules are only read
# during the time of the chart deployment (installation) into the cluster.
# rootRulesFolder: "rules"
# enabledRules: ["deadman_slack", "deadman_pagerduty"]

# number of replicas to run
replicaCount: 1

Expand Down

0 comments on commit 5dbb0cb

Please sign in to comment.