diff --git a/.gitignore b/.gitignore index 8ef91bc3..aa21b653 100644 --- a/.gitignore +++ b/.gitignore @@ -18,4 +18,5 @@ my_rules *.swp *~ /rules/ +/chart/elastalert2/real_values.yaml mod/ diff --git a/CHANGELOG.md b/CHANGELOG.md index 431d5651..d19932bd 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,7 @@ - TBD ## Other changes +- [Helm] Add support for generating rule config from a directory of rules, during chart deployment - [#1236](https://github.com/jertel/elastalert2/pull/1236) - @mehrdad-khojastefar - [AlertManager] Fix typo with new feature released in 2.13.0 - [#1237](https://github.com/jertel/elastalert2/pull/1237) - @eveningcafe # 2.13.0 diff --git a/chart/elastalert2/README.md b/chart/elastalert2/README.md index cb1c882c..904daa86 100644 --- a/chart/elastalert2/README.md +++ b/chart/elastalert2/README.md @@ -49,7 +49,7 @@ The command removes all the Kubernetes components associated with the chart and | Parameter | Description | Default | |----------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------| | `image.repository` | docker image | jertel/elastalert2 | -| `image.tag` | docker image tag | 2.13.0 | +| `image.tag` | docker image tag | 2.13.0 | | `image.pullPolicy` | image pull policy | IfNotPresent | | `image.pullSecret` | image pull secret | "" | | `podAnnotations` | Annotations to be added to pods | {} | @@ -58,7 +58,7 @@ The command removes all the Kubernetes components associated with the chart and | `command` | command override for container | `NULL` | | `args` | args override for container | `NULL` | | `replicaCount` | number of replicas to run | 1 | -| `rulesFolder` | Locaton of rules directory. Usefull when you have one docker image and different set on rules per environemnt. For example development can reside in `/opt/elastalert/develop` and production in `/opt/elastalert/production`. | /opt/elastalert/rules | +| `rulesFolder` | Locaton of rules directory. Useful when you have one Docker image and different set of rules per environemnt. | /opt/elastalert/rules | | `elasticsearch.host` | elasticsearch endpoint to use | elasticsearch | | `elasticsearch.port` | elasticsearch port to use | 9200 | | `elasticsearch.useSsl` | whether or not to connect to es_host using SSL | False | @@ -78,8 +78,8 @@ The command removes all the Kubernetes components associated with the chart and | `secretRulesName` | name of the secret which holds the ElastAlert rules. **Note:** this will overwrite the generated rules | `NULL` | | `secretRulesList` | a list of rules to enable from the secret | [] | | `optEnv` | Additional pod environment variable definitions | [] | -| `extraContainers` | List of additional containers run in the same pod as elastalert | [] | -| `extraInitContainers` | List of additional initContainers run prior to the elastalert pod | [] | +| `extraContainers` | List of additional containers run in the same pod as elastalert | [] | +| `extraInitContainers` | List of additional initContainers run prior to the elastalert pod | [] | | `extraVolumes` | Additional volume definitions | [] | | `extraVolumeMounts` | Additional volumeMount definitions | [] | | `serviceAccount.create` | Specifies whether a service account should be created. | `true` | @@ -87,26 +87,28 @@ The command removes all the Kubernetes components associated with the chart and | `serviceAccount.annotations` | ServiceAccount annotations | | | `podSecurityPolicy.create` | [DEPRECATED] Create pod security policy resources | `false` | | `resources` | Container resource requests and limits | {} | -| `rulesVolumeName` | Specifies the rules volume to be mounted. Can be changed for mounting a custom rules folder via the extraVolumes parameter, instead of using the default rules configMap or secret rule mounting method. | "rules" | +| `rootRulesFolder` | Folder where rules will be read from during deployment time. By default, 'rules' must be in root of the chart. **Note:** this will override the rules and secretRulesName values. | `rules` | +| `enabledRules` | Name of the active rules without file extension | `[]` | +| `rulesVolumeName` | Specifies the rules volume to be mounted. Can be changed for mounting a custom rules folder via the extraVolumes parameter, instead of using the default rules configMap or secret rule mounting method. | "rules" | | `rules` | Rule and alert configuration for ElastAlert 2 | {} example shown in values.yaml | | `runIntervalMins` | Default interval between alert checks, in minutes | 1 | | `realertIntervalMins` | Time between alarms for same rule, in minutes | `NULL` | -| `scanSubdirectories` | Enable/disable subdirectory scanning for rules | `true` | +| `scanSubdirectories` | Enable/disable subdirectory scanning for rules | `true` | | `alertRetryLimitMins` | Time to retry failed alert deliveries, in minutes | 2880 (2 days) | | `bufferTimeMins` | Default rule buffer time, in minutes | 15 | | `writebackIndex` | Name or prefix of elastalert index(es) | elastalert | | `nodeSelector` | Node selector for deployment | {} | | `affinity` | Affinity specifications for the deployed pod(s) | {} | | `tolerations` | Tolerations for deployment | [] | -| `smtp_auth.username` | Optional SMTP mail server username. If the value is not empty, the smtp_auth secret will be created automatically. | `NULL` | -| `smtp_auth.password` | Optional SMTP mail server passwpord. This must be specified if the above field, `smtp_auth.username` is also specified. | `NULL` | -| `metrics.enabled` | Enable elastalert prometheus endpoint, add prometheus.io annotations to pod and create a service pointing to the port for prometheus to scrape the metrics | `false` | -| `metrics.prometheusPort` | If "metrics" is set to true, prometheus metrics will be exposed by the pod on this port. | `8080` | -| `metrics.prometheusPortName` | Name of the port where metrics are exposed | `http-alt` | -| `metrics.prometheusScrapeAnnotations` | If metrics are enabled, annotations to add to the pod for prometheus configuration. prometheus.io/port is also added during the prometheusPort and prometheusPortName values | `{prometheus.io/scrape: "true" prometheus.io/path: "/"}` | -| `metrics.serviceMonitor.enabled` | If metrics are enabled, create a serviceMonitor custom resource for prometheus-operator to detect and configure the metrics endpoint on prometheus. | `false` | -| `metrics.serviceMonitor.labels` | Labels to add to the prometheusRule object for prometheus-operator to detect it, when deployed on a namespace different from the one where prometheus-operator is running. | `{}` | -| `metrics.serviceMonitor.metricRelabelings` | List of prometheus metric relabeling configs to apply to scrape. Example: drop python_gc metrics or alter pod name | `[]` | -| `metrics.prometheusRule.enabled` | If metrics are enabled, create a prometheusRule custom resource for prometheus-operator | `false` | -| `metrics.prometheusRule.additionalLabels` | Labels to add to the prometheusRule object for prometheus-operator to detect it, when deployed on a namespace different from the one where prometheus-operator is running. | `{}` | -| `metrics.prometheusRule.rules` | Group of alerting and/or recording rules to add to the prometheus configuration, example Alerting rules for pod down, or for file descriptors. Should be added as multiline Yaml string | `` | +| `smtp_auth.username` | Optional SMTP mail server username. If the value is not empty, the smtp_auth secret will be created automatically. | `NULL` | +| `smtp_auth.password` | Optional SMTP mail server passwpord. This must be specified if the above field, `smtp_auth.username` is also specified. | `NULL` | +| `metrics.enabled` | Enable elastalert prometheus endpoint, add prometheus.io annotations to pod and create a service pointing to the port for prometheus to scrape the metrics | `false` | +| `metrics.prometheusPort` | If "metrics" is set to true, prometheus metrics will be exposed by the pod on this port. | `8080` | +| `metrics.prometheusPortName` | Name of the port where metrics are exposed | `http-alt` | +| `metrics.prometheusScrapeAnnotations` | If metrics are enabled, annotations to add to the pod for prometheus configuration. prometheus.io/port is also added during the prometheusPort and prometheusPortName values | `{prometheus.io/scrape: "true" prometheus.io/path: "/"}` | +| `metrics.serviceMonitor.enabled` | If metrics are enabled, create a serviceMonitor custom resource for prometheus-operator to detect and configure the metrics endpoint on prometheus. | `false` | +| `metrics.serviceMonitor.labels` | Labels to add to the prometheusRule object for prometheus-operator to detect it, when deployed on a namespace different from the one where prometheus-operator is running. | `{}` | +| `metrics.serviceMonitor.metricRelabelings` | List of prometheus metric relabeling configs to apply to scrape. Example: drop python_gc metrics or alter pod name. | `[]` | +| `metrics.prometheusRule.enabled` | If metrics are enabled, create a prometheusRule custom resource for prometheus-operator. | `false` | +| `metrics.prometheusRule.additionalLabels` | Labels to add to the prometheusRule object for prometheus-operator to detect it, when deployed on a namespace different from the one where prometheus-operator is running. | `{}` | +| `metrics.prometheusRule.rules` | Group of alerting and/or recording rules to add to the prometheus configuration, example Alerting rules for pod down, or for file descriptors. Should be added as multiline Yaml string. | `` | diff --git a/chart/elastalert2/rules/deadman/deadman_pagerduty.yml b/chart/elastalert2/rules/deadman/deadman_pagerduty.yml new file mode 100644 index 00000000..ae24c41e --- /dev/null +++ b/chart/elastalert2/rules/deadman/deadman_pagerduty.yml @@ -0,0 +1,14 @@ +name: Deadman Switch PagerDuty +type: frequency +index: containers-* +num_events: 3 +timeframe: + minutes: 3 +filter: + - term: + message: "deadmanpd" +alert: + - "pagerduty" +pagerduty: +pagerduty_service_key: dummy +pagerduty_client_name: ElastAlert Deadman Switch diff --git a/chart/elastalert2/rules/deadman/deadman_slack.yaml b/chart/elastalert2/rules/deadman/deadman_slack.yaml new file mode 100644 index 00000000..8787bb18 --- /dev/null +++ b/chart/elastalert2/rules/deadman/deadman_slack.yaml @@ -0,0 +1,13 @@ +name: Deadman Switch Slack +type: frequency +index: containers-* +num_events: 3 +timeframe: + minutes: 3 +filter: + - term: + message: "deadmanslack" +alert: + - "slack" +slack: +slack_webhook_url: dummy diff --git a/chart/elastalert2/templates/rules.yaml b/chart/elastalert2/templates/rules.yaml index b00399fa..e2498d7c 100644 --- a/chart/elastalert2/templates/rules.yaml +++ b/chart/elastalert2/templates/rules.yaml @@ -7,7 +7,20 @@ metadata: {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} {{- end }} data: +{{- if .Values.rootRulesFolder }} +{{- $rulesDirectory := printf "%v/**.{yaml,yml}" .Values.rootRulesFolder -}} +{{- $enabledRules := .Values.enabledRules -}} +{{- range $rule, $_ := .Files.Glob $rulesDirectory -}} + {{- $ruleBase := base $rule -}} + {{- $ruleName := regexReplaceAll "\\.(yaml|yml)$" $ruleBase "" -}} + {{- if has $ruleName $enabledRules }} + {{ $ruleBase }}: |- +{{ $.Files.Get $rule | indent 4 }} + {{- end }} +{{- end }} +{{- else }} {{- range $key, $value := .Values.rules }} -{{ $key | indent 2}}: |- -{{ $value | indent 4}} + {{ $key }}: |- +{{ $value | indent 2 }} +{{- end }} {{- end }} diff --git a/chart/elastalert2/values.yaml b/chart/elastalert2/values.yaml index 048a3268..cdc0a8fd 100644 --- a/chart/elastalert2/values.yaml +++ b/chart/elastalert2/values.yaml @@ -6,6 +6,13 @@ commonLabels: {} commonAnnotations: {} appKubernetesIoComponent: elastalert2 +# Folder where Helm can find local rules prior to deployment to the k8s cluster. By default, +# 'rules' folder must be located in the root of the chart directory. Note that this setting +# will override the rules and secretRulesName values. Again, these rules are only read +# during the time of the chart deployment (installation) into the cluster. +# rootRulesFolder: "rules" +# enabledRules: ["deadman_slack", "deadman_pagerduty"] + # number of replicas to run replicaCount: 1