Merge pull request #862 from paulfantom/alertmanager-global

Remove mutating global state in alertmanager objects
2025-10-28 14:41:02 +01:00 · 2021-01-07 11:13:25 +01:00 · 2021-01-07 11:13:25 +01:00 · 6248e73890
commit 6248e73890
parent a36c6042e5 d9b40073d4
7 changed files with 162 additions and 155 deletions
--- a/jsonnet/kube-prometheus/alertmanager/alertmanager.libsonnet
+++ b/jsonnet/kube-prometheus/alertmanager/alertmanager.libsonnet
@ -1,163 +1,163 @@
-{
-  _config+:: {
-    namespace: 'default',
-
-    versions+:: {
-      alertmanager: 'v0.21.0',
+local defaults = {
+  local defaults = self,
+  namespace: error 'must provide namespace',
+  image: error 'must provide image',
+  version: error 'must provide version',
+  resources: {},
+  commonLabels:: {
+    'app.kubernetes.io/name': 'alertmanager',
+    'app.kubernetes.io/version': defaults.version,
+    'app.kubernetes.io/component': 'alert-router',
+    'app.kubernetes.io/part-of': 'kube-prometheus',
+  },
+  selectorLabels:: {
+    [labelName]: defaults.commonLabels[labelName]
+    for labelName in std.objectFields(defaults.commonLabels)
+    if !std.setMember(labelName, ['app.kubernetes.io/version'])
+  },
+  name: error 'must provide name',
+  config: {
+    global: {
+      resolve_timeout: '5m',
    },
-
-    imageRepos+:: {
-      alertmanager: 'quay.io/prometheus/alertmanager',
+    inhibit_rules: [{
+      source_match: {
+        severity: 'critical',
+      },
+      target_match_re: {
+        severity: 'warning|info',
+      },
+      equal: ['namespace', 'alertname'],
+    }, {
+      source_match: {
+        severity: 'warning',
+      },
+      target_match_re: {
+        severity: 'info',
+      },
+      equal: ['namespace', 'alertname'],
+    }],
+    route: {
+      group_by: ['namespace'],
+      group_wait: '30s',
+      group_interval: '5m',
+      repeat_interval: '12h',
+      receiver: 'Default',
+      routes: [
+        { receiver: 'Watchdog', match: { alertname: 'Watchdog' } },
+        { receiver: 'Critical', match: { severity: 'critical' } },
+      ],
    },
+    receivers: [
+      { name: 'Default' },
+      { name: 'Watchdog' },
+      { name: 'Critical' },
+    ],
+  },
+  replicas: 3,
+};

-    alertmanager+:: {
-      name: 'main',
-      config: {
-        global: {
-          resolve_timeout: '5m',
-        },
-        inhibit_rules: [{
-          source_match: {
-            severity: 'critical',
-          },
-          target_match_re: {
-            severity: 'warning|info',
-          },
-          equal: ['namespace', 'alertname'],
-        }, {
-          source_match: {
-            severity: 'warning',
-          },
-          target_match_re: {
-            severity: 'info',
-          },
-          equal: ['namespace', 'alertname'],
-        }],
-        route: {
-          group_by: ['namespace'],
-          group_wait: '30s',
-          group_interval: '5m',
-          repeat_interval: '12h',
-          receiver: 'Default',
-          routes: [
-            { receiver: 'Watchdog', match: { alertname: 'Watchdog' } },
-            { receiver: 'Critical', match: { severity: 'critical' } },
-          ],
-        },
-        receivers: [
-          { name: 'Default' },
-          { name: 'Watchdog' },
-          { name: 'Critical' },
-        ],
-      },
-      replicas: 3,
-      labels: {
-        'app.kubernetes.io/name': 'alertmanager',
-        'app.kubernetes.io/version': $._config.versions.alertmanager,
-        'app.kubernetes.io/component': 'alert-router',
-        'app.kubernetes.io/part-of': 'kube-prometheus',
-      },
-      selectorLabels: {
-        [labelName]: $._config.alertmanager.labels[labelName]
-        for labelName in std.objectFields($._config.alertmanager.labels)
-        if !std.setMember(labelName, ['app.kubernetes.io/version'])
-      },
+
+
+
+function(params) {
+  local am = self,
+  config:: defaults + params,
+  // Safety check
+  assert std.isObject(am.config.resources),
+
+  secret: {
+    apiVersion: 'v1',
+    kind: 'Secret',
+    type: 'Opaque',
+    metadata: {
+      name: 'alertmanager-' + am.config.name,
+      namespace: am.config.namespace,
+      labels: { alertmanager: am.config.name } + am.config.commonLabels,
+    },
+    stringData: {
+      'alertmanager.yaml': if std.type(am.config.config) == 'object'
+      then
+        std.manifestYamlDoc(am.config.config)
+      else
+        am.config.config,
    },
  },

-  alertmanager+:: {
-    secret: {
-      apiVersion: 'v1',
-      kind: 'Secret',
-      type: 'Opaque',
-      metadata: {
-        name: 'alertmanager-' + $._config.alertmanager.name,
-        namespace: $._config.namespace,
-        labels: { alertmanager: $._config.alertmanager.name } + $._config.alertmanager.labels,
-      },
-      stringData: {
-        'alertmanager.yaml': if std.type($._config.alertmanager.config) == 'object'
-        then
-          std.manifestYamlDoc($._config.alertmanager.config)
-        else
-          $._config.alertmanager.config,
-      },
+  serviceAccount: {
+    apiVersion: 'v1',
+    kind: 'ServiceAccount',
+    metadata: {
+      name: 'alertmanager-' + am.config.name,
+      namespace: am.config.namespace,
+      labels: { alertmanager: am.config.name } + am.config.commonLabels,
    },
+  },

-    serviceAccount: {
-      apiVersion: 'v1',
-      kind: 'ServiceAccount',
-      metadata: {
-        name: 'alertmanager-' + $._config.alertmanager.name,
-        namespace: $._config.namespace,
-        labels: { alertmanager: $._config.alertmanager.name } + $._config.alertmanager.labels,
-      },
+  service: {
+    apiVersion: 'v1',
+    kind: 'Service',
+    metadata: {
+      name: 'alertmanager-' + am.config.name,
+      namespace: am.config.namespace,
+      labels: { alertmanager: am.config.name } + am.config.commonLabels,
    },
-
-    service: {
-      apiVersion: 'v1',
-      kind: 'Service',
-      metadata: {
-        name: 'alertmanager-' + $._config.alertmanager.name,
-        namespace: $._config.namespace,
-        labels: { alertmanager: $._config.alertmanager.name } + $._config.alertmanager.labels,
-      },
-      spec: {
-        ports: [
-          { name: 'web', targetPort: 'web', port: 9093 },
-        ],
-        selector: {
-          app: 'alertmanager',
-          alertmanager: $._config.alertmanager.name,
-        } + $._config.alertmanager.selectorLabels,
-        sessionAffinity: 'ClientIP',
-      },
+    spec: {
+      ports: [
+        { name: 'web', targetPort: 'web', port: 9093 },
+      ],
+      selector: {
+        app: 'alertmanager',
+        alertmanager: am.config.name,
+      } + am.config.selectorLabels,
+      sessionAffinity: 'ClientIP',
    },
+  },

-    serviceMonitor: {
-      apiVersion: 'monitoring.coreos.com/v1',
-      kind: 'ServiceMonitor',
-      metadata: {
-        name: 'alertmanager',
-        namespace: $._config.namespace,
-        labels: $._config.alertmanager.labels,
-      },
-      spec: {
-        selector: {
-          matchLabels: {
-            alertmanager: $._config.alertmanager.name,
-          } + $._config.alertmanager.selectorLabels,
-        },
-        endpoints: [
-          { port: 'web', interval: '30s' },
-        ],
-      },
+  serviceMonitor: {
+    apiVersion: 'monitoring.coreos.com/v1',
+    kind: 'ServiceMonitor',
+    metadata: {
+      name: 'alertmanager',
+      namespace: am.config.namespace,
+      labels: am.config.commonLabels,
    },
-
-    alertmanager: {
-      apiVersion: 'monitoring.coreos.com/v1',
-      kind: 'Alertmanager',
-      metadata: {
-        name: $._config.alertmanager.name,
-        namespace: $._config.namespace,
-        labels: {
-          alertmanager: $._config.alertmanager.name,
-        } + $._config.alertmanager.labels,
+    spec: {
+      selector: {
+        matchLabels: {
+          alertmanager: am.config.name,
+        } + am.config.selectorLabels,
      },
-      spec: {
-        replicas: $._config.alertmanager.replicas,
-        version: $._config.versions.alertmanager,
-        image: $._config.imageRepos.alertmanager + ':' + $._config.versions.alertmanager,
-        podMetadata: {
-          labels: $._config.alertmanager.labels,
-        },
-        nodeSelector: { 'kubernetes.io/os': 'linux' },
-        serviceAccountName: 'alertmanager-' + $._config.alertmanager.name,
-        securityContext: {
-          runAsUser: 1000,
-          runAsNonRoot: true,
-          fsGroup: 2000,
-        },
+      endpoints: [
+        { port: 'web', interval: '30s' },
+      ],
+    },
+  },
+
+  alertmanager: {
+    apiVersion: 'monitoring.coreos.com/v1',
+    kind: 'Alertmanager',
+    metadata: {
+      name: am.config.name,
+      namespace: am.config.namespace,
+      labels: {
+        alertmanager: am.config.name,
+      } + am.config.commonLabels,
+    },
+    spec: {
+      replicas: am.config.replicas,
+      version: am.config.version,
+      image: am.config.image,
+      podMetadata: {
+        labels: am.config.commonLabels,
+      },
+      resources: am.config.resources,
+      nodeSelector: { 'kubernetes.io/os': 'linux' },
+      serviceAccountName: 'alertmanager-' + am.config.name,
+      securityContext: {
+        runAsUser: 1000,
+        runAsNonRoot: true,
+        fsGroup: 2000,
      },
    },
  },
--- a/jsonnet/kube-prometheus/kube-prometheus.libsonnet
+++ b/jsonnet/kube-prometheus/kube-prometheus.libsonnet
@ -1,13 +1,13 @@
 local kubeRbacProxyContainer = import './kube-rbac-proxy/containerMixin.libsonnet';

 local nodeExporter = import './node-exporter/node-exporter.libsonnet';
+local alertmanager = import './alertmanager/alertmanager.libsonnet';

 (import 'github.com/brancz/kubernetes-grafana/grafana/grafana.libsonnet') +
 (import './kube-state-metrics/kube-state-metrics.libsonnet') +
 (import 'github.com/kubernetes/kube-state-metrics/jsonnet/kube-state-metrics-mixin/mixin.libsonnet') +
 (import 'github.com/prometheus/node_exporter/docs/node-mixin/mixin.libsonnet') +
 (import './blackbox-exporter/blackbox-exporter.libsonnet') +
-(import './alertmanager/alertmanager.libsonnet') +
 (import 'github.com/prometheus/alertmanager/doc/alertmanager-mixin/mixin.libsonnet') +
 (import 'github.com/prometheus-operator/prometheus-operator/jsonnet/prometheus-operator/prometheus-operator.libsonnet') +
 (import 'github.com/prometheus-operator/prometheus-operator/jsonnet/mixin/mixin.libsonnet') +
@ -23,6 +23,12 @@ local nodeExporter = import './node-exporter/node-exporter.libsonnet';
    version: '1.0.1',
    image: 'quay.io/prometheus/node-exporter:v1.0.1',
  }),
+  alertmanager: alertmanager({
+    name: 'main',
+    namespace: $._config.namespace,
+    version: '0.21.0',
+    image: 'quay.io/prometheus/alertmanager:v0.21.0',
+  }),
  kubePrometheus+:: {
    namespace: {
      apiVersion: 'v1',
--- a/manifests/alertmanager-alertmanager.yaml
+++ b/manifests/alertmanager-alertmanager.yaml
@ -6,7 +6,7 @@ metadata:
    app.kubernetes.io/component: alert-router
    app.kubernetes.io/name: alertmanager
    app.kubernetes.io/part-of: kube-prometheus
-    app.kubernetes.io/version: v0.21.0
+    app.kubernetes.io/version: 0.21.0
  name: main
  namespace: monitoring
 spec:
@ -18,11 +18,12 @@ spec:
      app.kubernetes.io/component: alert-router
      app.kubernetes.io/name: alertmanager
      app.kubernetes.io/part-of: kube-prometheus
-      app.kubernetes.io/version: v0.21.0
+      app.kubernetes.io/version: 0.21.0
  replicas: 3
+  resources: {}
  securityContext:
    fsGroup: 2000
    runAsNonRoot: true
    runAsUser: 1000
  serviceAccountName: alertmanager-main
-  version: v0.21.0
+  version: 0.21.0
--- a/manifests/alertmanager-secret.yaml
+++ b/manifests/alertmanager-secret.yaml
@ -6,7 +6,7 @@ metadata:
    app.kubernetes.io/component: alert-router
    app.kubernetes.io/name: alertmanager
    app.kubernetes.io/part-of: kube-prometheus
-    app.kubernetes.io/version: v0.21.0
+    app.kubernetes.io/version: 0.21.0
  name: alertmanager-main
  namespace: monitoring
 stringData:
--- a/manifests/alertmanager-service.yaml
+++ b/manifests/alertmanager-service.yaml
@ -6,7 +6,7 @@ metadata:
    app.kubernetes.io/component: alert-router
    app.kubernetes.io/name: alertmanager
    app.kubernetes.io/part-of: kube-prometheus
-    app.kubernetes.io/version: v0.21.0
+    app.kubernetes.io/version: 0.21.0
  name: alertmanager-main
  namespace: monitoring
 spec:
--- a/manifests/alertmanager-serviceAccount.yaml
+++ b/manifests/alertmanager-serviceAccount.yaml
@ -6,6 +6,6 @@ metadata:
    app.kubernetes.io/component: alert-router
    app.kubernetes.io/name: alertmanager
    app.kubernetes.io/part-of: kube-prometheus
-    app.kubernetes.io/version: v0.21.0
+    app.kubernetes.io/version: 0.21.0
  name: alertmanager-main
  namespace: monitoring
--- a/manifests/alertmanager-serviceMonitor.yaml
+++ b/manifests/alertmanager-serviceMonitor.yaml
@ -5,7 +5,7 @@ metadata:
    app.kubernetes.io/component: alert-router
    app.kubernetes.io/name: alertmanager
    app.kubernetes.io/part-of: kube-prometheus
-    app.kubernetes.io/version: v0.21.0
+    app.kubernetes.io/version: 0.21.0
  name: alertmanager
  namespace: monitoring
 spec: