profile
viewpoint
Matthias Loibl metalmatze Red Hat Berlin http://matthiasloibl.com Software Engineer working on monitoring with Prometheus and Kubernetes at Red Hat CoreOS. Interested in web development, distributed systems and metal.

coreos/prometheus-operator 4296

Prometheus Operator creates/configures/manages Prometheus clusters atop Kubernetes

gopasspw/gopass 3391

The slightly more awesome standard unix password manager for teams

metalmatze/alertmanager-bot 328

Bot for Prometheus' Alertmanager

conprof/conprof 273

Continuous profiling in for pprof compatible profiles.

brancz/kube-rbac-proxy 186

Kubernetes RBAC authorizing HTTP proxy for a single upstream.

brancz/kubernetes-grafana 148

The future of Grafana on Kubernetes with Prometheus.

justwatchcom/github-releases-notifier 96

Receive Slack notifications for new releases of your favorite software on GitHub.

drone/drone-kubernetes-runtime 51

Goto drone/drone-runtime

go-pluto/pluto 50

A distributed IMAP server based on Conflict-free Replicated Data Types.

metalmatze/awesome-jsonnet 19

A curated list of awesome Jsonnet projects and mixins

PR opened cncf/mentoring

Update Thanos metrics retention project to actual mentors

We shuffled the mentors after getting the project sponsored by GSoC.

/cc @bwplotka @Harshitha1234

+1 -1

0 comment

1 changed file

pr created time in 4 hours

push eventmetalmatze/mentoring

Matthias Loibl

commit sha f53e7de0a0f2ded07270fdf7caea987259be0b07

Update Thanos metrics retention project to actual mentors

view details

push time in 4 hours

fork metalmatze/mentoring

👩🏿‍🎓👨🏽‍🎓👩🏻‍🎓CNCF Mentoring + CommunityBridge + Summer of Code

https://mentoring.cncf.io

fork in 4 hours

PublicEvent

push eventmetalmatze/kube-cockroachdb

Matthias Loibl

commit sha aeb623c601ed78f1e48421b77c68f73c51180d0c

Disable CGO for controller-gen building

view details

push time in 16 hours

push eventmetalmatze/kube-cockroachdb

Matthias Loibl

commit sha c96fd9a09e0f1f5d26da55ad16089195f98d0da7

Call controller-gen with relative path

view details

push time in 17 hours

push eventmetalmatze/kube-cockroachdb

Matthias Loibl

commit sha 06dbeda815c5bb65681e69ba91b0aa4c1423c964

Build controller-gen before binary

view details

push time in 17 hours

push eventmetalmatze/kube-cockroachdb

Matthias Loibl

commit sha e04f18eb239982690c654c130c2e322cfd0c53a8

Use Locutus fork with specific replicas code

view details

push time in 17 hours

create barnchmetalmatze/locutus

branch : replicas

created branch time in 17 hours

push eventmetalmatze/kube-cockroachdb

Matthias Loibl

commit sha 69308e560c3cb27a67ab758d614efbc60e518597

Improve examples

view details

Matthias Loibl

commit sha 8e3c6d10370cd04f7dc715c844783bca4bcaa7bc

Create Drone CI pipeline

view details

push time in 17 hours

pull request commentmetalmatze/slo-libsonnet

Remove regex character

Is that enough to make regexes work across the board? :)

krasi-georgiev

comment created time in a day

issue commentthanos-io/kube-thanos

Add kustomization.yaml

Yep, that should work pretty like with kube-prometheus, I'm happy to accept a PR doing the same :blush:

scottdhowell3

comment created time in a day

issue commentkubernetes-monitoring/kubernetes-mixin

`code_verb:apiserver_request_total:increase30d` loads (too) many samples

Hey, I'm still thinking about this problem and sometimes don't know whether or not to simply remove the rules for now. On the other hand, I think having the availability calculated is very helpful, and only with the availability are we able to talk about our remaining error budget. I'll try to update the rules and check if I can add @beorn7 original idea about splitting the query into two with 1h and 30d :)

beorn7

comment created time in a day

issue closedcoreos/prometheus-operator

API server SLO recording rules produce too many metrics

<!--

Feel free to ask questions in #prometheus-operator on Kubernetes Slack!

-->

What happened? When applying status_class:apiserver_request_total:rate3d rule, I'm getting the following error from Prometheus:

query processing would load too many samples into memory in query execution

Did you expect to see some different? Yes, didn't expect an error

How to reproduce it (as minimally and precisely as possible): Run kube-prometheus and try to apply the default rules.

As a work-around, I removed the rule:

$_config+: {
      prometheus+:: {
        rules+: {
          groups:
            std.map(
              function(group)
                if group.name == 'kube-apiserver-error' then
                  group {
                    rules: std.filter(function(rule)
                        std.objectHas(rule, 'record') && (rule.record != "status_class:apiserver_request_total:rate3d" || rule.record != "status_class_5xx:apiserver_request_total:ratio_rate3d"),
                        group.rules
                      )
                  }
                else
                  group,
              super.groups
            ),
        },
      },
    },
}

But I think it will be better to set the requested range on the SLO lib which generate this rule.

closed time in a day

omerlh

issue commentcoreos/prometheus-operator

API server SLO recording rules produce too many metrics

This issue actually has become obsolete, because the underlying recording rules changed. A similar problem still exists though it's with slightly different recording rules.

As this problem was never about the Prometheus Operator itself, I'm going to close this here. Please check in the future: https://github.com/kubernetes-monitoring/kubernetes-mixin/issues/411

omerlh

comment created time in a day

pull request commentgopasspw/gopass

Cleanup repository root

Nevermind. Found it: https://github.com/gopasspw/gopass/issues/849

dominikschulz

comment created time in a day

pull request commentgopasspw/gopass

Cleanup repository root

Cool! Was there some issue / discussion around moving to the internal/ folder structure somewhere? I might just have missed that.

dominikschulz

comment created time in a day

issue openedobservatorium/configuration

Rename repository to observatorium/deployments

With more and more things being added to this repository, it's not only about the initial jsonnet configuration anymore. Therefore we propose to rename this repository to observatorium/deployments. Hopefully, it'll be a bit more obvious that this repository contains a few different ways of deploying Observatorium going forward.

/cc @observatorium/maintainers @rollandf @nmagnezi

created time in a day

pull request commentobservatorium/observatorium

jsonnet,examples: add RBAC + tenants to manifests

It's a tradeoff for sure right now and we're still experimenting. The problem with all the withFoo functions is that it scatters the configuration across multiple different functions / objects in the file. It's super hard to grasp at a certain point. We've seen that happening in our downstream / internal repository that uses https://github.com/observatorium/configuration/. For the API I'm actually fine with the approach in this PR right now.

squat

comment created time in a day

push eventobservatorium/observatorium

Lucas Servén Marín

commit sha 3d56eacc6cc2fb9858d6cf3911bbc4de3cd6f909

main.go: clean up flags This commit simply cleans up the grammar for the flag descriptions. Signed-off-by: Lucas Servén Marín <lserven@gmail.com>

view details

Matthias Loibl

commit sha 2fec53d006205b94d8ce7a9fef7a89ea1d775471

Merge pull request #50 from squat/cleanup_flags main.go: clean up flags

view details

push time in a day

PR merged observatorium/observatorium

main.go: clean up flags

This commit simply cleans up the grammar for the flag descriptions.

Signed-off-by: Lucas Servén Marín lserven@gmail.com

cc @metalmatze

+21 -21

0 comment

2 changed files

squat

pr closed time in a day

issue commentkubernetes-monitoring/kubernetes-mixin

kubeApiserverReadSelector default either needs improvement, or rules need a change

Given that we have or vector(0) in a few places already, I'd say let's just go ahead and add those.

beorn7

comment created time in a day

Pull request review commentobservatorium/observatorium

Add loki query and push proxy support

+package http++import (+	"fmt"+	"net"+	"net/http"+	"net/http/httputil"+	"net/url"+	"time"++	"github.com/go-chi/chi"+	"github.com/go-kit/kit/log"+	"github.com/observatorium/observatorium/internal/proxy"+	"github.com/prometheus/client_golang/prometheus"+)++const (+	ReadTimeout        = 15 * time.Minute+	WriteTimeout       = time.Minute+	lokiUpstreamPrefix = "/loki"+)++type handlerConfiguration struct {+	logger     log.Logger+	registry   *prometheus.Registry+	instrument handlerInstrumenter+}++// HandlerOption modifies the handler's configuration+type HandlerOption func(h *handlerConfiguration)++// Logger add a custom logger for the handler to use.+func Logger(logger log.Logger) HandlerOption {+	return func(h *handlerConfiguration) {+		h.logger = logger+	}+}++// Registry adds a custom Prometheus registry for the handler to use.+func Registry(r *prometheus.Registry) HandlerOption {+	return func(h *handlerConfiguration) {+		h.registry = r+	}+}++// HandlerInstrumenter adds a custom HTTP handler instrument middleware for the handler to use.+func HandlerInstrumenter(instrumenter handlerInstrumenter) HandlerOption {+	return func(h *handlerConfiguration) {+		h.instrument = instrumenter+	}+}++type handlerInstrumenter interface {+	NewHandler(labels prometheus.Labels, handler http.Handler) http.HandlerFunc+}++type nopInstrumentHandler struct{}++func (n nopInstrumentHandler) NewHandler(labels prometheus.Labels, handler http.Handler) http.HandlerFunc {+	return handler.ServeHTTP+}++func NewHandler(read, write *url.URL, opts ...HandlerOption) http.Handler {+	c := &handlerConfiguration{+		logger:     log.NewNopLogger(),+		registry:   prometheus.NewRegistry(),+		instrument: nopInstrumentHandler{},+	}+	for _, o := range opts {+		o(c)+	}++	r := chi.NewRouter()++	if read != nil {+		var proxyRead http.Handler+		{+			read.Path = fmt.Sprintf("%s%s", read.Path, lokiUpstreamPrefix)+			middlewares := proxy.Middlewares(+				proxy.MiddlewareSetUpstream(read),+				proxy.MiddlewareLogger(c.logger),+				proxy.MiddlewareMetrics(c.registry, prometheus.Labels{"proxy": "logsv1-read"}),+			)++			proxyRead = &httputil.ReverseProxy{+				Director: middlewares,+				ErrorLog: proxy.Logger(c.logger),+				Transport: &http.Transport{+					DialContext: (&net.Dialer{+						Timeout: ReadTimeout,+					}).DialContext,+				},+			}+		}+		r.Handle("/api/v1/query", c.instrument.NewHandler(+			prometheus.Labels{"group": "logsv1", "handler": "query"},+			proxyRead,+		))+		r.Handle("/api/v1/query_range", c.instrument.NewHandler(+			prometheus.Labels{"group": "logsv1", "handler": "query_range"},+			proxyRead,+		))++		var readyProxy http.Handler+		{+			middlewares := proxy.Middlewares(+				proxy.MiddlewareSetUpstream(read),+				proxy.MiddlewareLogger(c.logger),+				proxy.MiddlewareMetrics(c.registry, prometheus.Labels{"proxy": "logsv1-ready"}),+			)++			readyProxy = &httputil.ReverseProxy{+				Director: middlewares,+			}+		}+		r.Mount("/ready", c.instrument.NewHandler(+			prometheus.Labels{"group": "logsv1", "handler": "ready"},+			readyProxy,+		))

Can you explain why we would need to expose the ready endpoint to a user of Observatorium? Isn't this an internal implementation detail? Like, we might want to use that /ready endpoint to check with Kubernetes if the endpoint of a Pod is to be added to a Service, but not expose it to the user direct, am I missing something about Loki here? :)

periklis

comment created time in 2 days

Pull request review commentobservatorium/observatorium

Add loki query and push proxy support

 $(PROMETHEUS): | $(BIN_DIR) 	@echo "Downloading Prometheus" 	curl -L "https://github.com/prometheus/prometheus/releases/download/v$(PROMETHEUS_VERSION)/prometheus-$(PROMETHEUS_VERSION).$$(go env GOOS)-$$(go env GOARCH).tar.gz" | tar --strip-components=1 -xzf - -C $(BIN_DIR) +$(LOKI): | $(BIN_DIR)+	@echo "Downloading Loki"+	(cd $(BIN_DIR) && curl -O -L "https://github.com/grafana/loki/releases/download/v$(LOKI_VERSION)/loki-linux-$$(go env GOARCH).zip" && \+	unzip loki-linux-$$(go env GOARCH).zip && \+	mv loki-linux-$$(go env GOARCH) loki && \+	rm loki-linux-$$(go env GOARCH).zip)

While we set GOARCH we don't set GOOS, this is going to break for people who would like to build on a Mac, I think.

periklis

comment created time in 2 days

Pull request review commentobservatorium/observatorium

internal/authorization: create authz middleware

 func main() { 							metricsv1.Logger(logger), 							metricsv1.Registry(reg), 							metricsv1.HandlerInstrumenter(ins),+							metricsv1.ReadMiddleware(authorization.WithAuthorizer(authorizer, rbac.Read, "metrics")),+							metricsv1.WriteMiddleware(authorization.WithAuthorizer(authorizer, rbac.Write, "metrics")),

I think it's fine for now. We might need to come back to the version you just said, but that might be ahead of time right now.

squat

comment created time in 2 days

Pull request review commentobservatorium/observatorium

internal/authorization: create authz middleware

 func main() { 							metricsv1.Logger(logger), 							metricsv1.Registry(reg), 							metricsv1.HandlerInstrumenter(ins),+							metricsv1.ReadMiddleware(authorization.WithAuthorizer(authorizer, rbac.Read, "metrics")),+							metricsv1.WriteMiddleware(authorization.WithAuthorizer(authorizer, rbac.Write, "metrics")),

While this feels a bit weird, and I would prefer to be explicit, it allows us to inject different middlewares from the outside to the package, without the need to change anything in the package, when changing middlewares. I guess that's the reasoning?

squat

comment created time in 2 days

startedtobspr/shapez.io

started time in 3 days

issue commentthanos-io/thanos

Is prometheus 2.x supported, the thannos embed the promtheus 1.18 ?

Thanos is mostly up to date with the latest Prometheus. 😎

Jamlee

comment created time in 5 days

issue closedthanos-io/thanos

Is prometheus 2.0 supported?

promtheus is too old for in result to some dashbaord in grafan in error.

image

closed time in 5 days

Jamlee

issue commentthanos-io/thanos

Is prometheus 2.0 supported?

If at all, this is a Prometheus or Grafana question. 🙃 Prometheus 2.0 indeed is really old and there shouldn't be big blockers to upgrade to 2.17+.

Jamlee

comment created time in 5 days

issue commentprometheus/talks

Gophercon Europe, Berlin, 2020-07-??→??

All gibber events are forbidden until end of August. So virtual at most.

beorn7

comment created time in 6 days

create barnchrhobs/example-app

branch : master

created branch time in 7 days

created repositoryrhobs/example-app

Example Application showing Observability best practices

created time in 7 days

pull request commentthanos-io/thanos

Moved CI to dockerhub.

If you feel like it. Go ahead. Don't want to block. Just stated that it feels a bit rushed to me (although that might be my personal opinion). 😉

bwplotka

comment created time in 8 days

pull request commentthanos-io/thanos

Moved CI to dockerhub.

Rather than changing everything over to another registry, I would say we should give some more time and the problem will resolve itself on its own (at least from our point of view). We don't migrate off of GitHub just because it has issue (I know it's not really a good metaphor, but I hope it gets my point across).

bwplotka

comment created time in 8 days

delete branch metalmatze/observatorium

delete branch : authn

delete time in 8 days

Pull request review commentthanos-io/thanos

Proposed rule to avoid wrapping nil error.

 in future. There was even Go 2 proposal for [disabling this in the language itse  Similar to this problem is the package name shadowing. While it is less dangerous, it can cause similar issues, so avoid package shadowing if you can. +#### Avoid Wrapping nil With Error Message; Avoid Passing nil to MultiError++It's very tempting to use "magic" functionality of e.g errors.Wrap that returns nil if wrapped error equals nil as it created more compacted code.+Avoid that. Consider following case:++<table>+<tbody>+<tr><th>Avoid 🔥</th></tr>+<tr><td>++```go+  	if !replicas[endpoint].replicated && h.options.ReplicationFactor > 1 {

Yes. I have a hard time figuring out what's happening too. Still haven't found it.

A nice idea for such examples would also be to use diffs.

Essentially like this, to give an example. Obviously we lose Go syntax highlighting. Not sure what's better.

func example() error {
-	return foo()
+	if err := foo(); err != nil {
+		return err
+	}
+	return nil
bwplotka

comment created time in 8 days

pull request commentbrancz/locutus

Refactoring object graph initialization in main.go

well then, at your discretion. I'd rather send more but smaller PRs going forward :blush:

metalmatze

comment created time in 9 days

Pull request review commentobservatorium/observatorium

Introduce multi tenancy authentication

+package authentication++import (+	"context"+	"fmt"+	"net/http"+	"strings"+	"time"++	"github.com/coreos/go-oidc"+	"github.com/go-chi/chi"+	"golang.org/x/oauth2"+)++// contextKey to use when setting context values in the HTTP package.+type contextKey string++// String implements the Stringer interface and makes it+// nice to print contexts.+func (c contextKey) String() string {+	return "HTTP context key " + string(c)+}++const (+	state = "I love Observatorium"+	// tenantKey is the key that holds the tenant in a request context.+	tenantKey contextKey = "tenant"+)++// WithTenant finds the tenant from the URL parameters and adds it to the request context.+func WithTenant(next http.Handler) http.Handler {+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {+		tenant := chi.URLParam(r, "tenant")+		next.ServeHTTP(w, r.WithContext(+			context.WithValue(r.Context(), tenantKey, tenant),+		))+	})+}++// NewTenantHeaderMiddleware returns a middleware that adds the ID of the tenant to the specified header.+func NewTenantHeaderMiddleware(header string, tenantIDs map[string]string) Middleware {

If we inline this with r.Use() then I would prefer r.Use(WithTenantHeader(headerFlag, IDs)). Maybe we can rename to that style. See WithTenant above.

metalmatze

comment created time in 9 days

Pull request review commentobservatorium/observatorium

Introduce multi tenancy authentication

 func main() { 		r.Use(middleware.RealIP) 		r.Use(middleware.Recoverer) 		r.Use(middleware.StripSlashes)-		r.Use(middleware.Timeout(2 * time.Minute)) // best set per handler+		r.Use(middleware.Timeout(middlewareTimeout)) // best set per handler 		r.Use(server.Logger(logger))  		ins := server.NewInstrumentationMiddleware(reg) -		r.Mount("/",-			metricslegacy.NewHandler(-				cfg.metrics.readEndpoint,-				metricslegacy.Logger(logger),-				metricslegacy.Registry(reg),-				metricslegacy.HandlerInstrumenter(ins),-			))--		r.Mount("/api/metrics/v1",-			http.StripPrefix("/api/metrics/v1",-				metricsv1.NewHandler(-					cfg.metrics.readEndpoint,-					cfg.metrics.writeEndpoint,-					metricsv1.Logger(logger),-					metricsv1.Registry(reg),-					metricsv1.HandlerInstrumenter(ins),-				),-			),-		)+		r.Group(func(r chi.Router) {+			r.Use(authentication.WithTenant)++			tenantIDs := make(map[string]string)+			var oidcs []authentication.OIDCConfig+			for _, t := range tenantsCfg.Tenants {+				level.Info(logger).Log("msg", "adding a tenant", "tenant", t.Name)+				tenantIDs[t.Name] = t.ID+				oidcs = append(oidcs, authentication.OIDCConfig{+					Tenant:       t.Name,+					ClientID:     t.OIDC.ClientID,+					ClientSecret: t.OIDC.ClientSecret,+					IssuerURL:    t.OIDC.IssuerURL,+					RedirectURL:  t.OIDC.RedirectURL,+				})+			} -		r.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {-			r.URL.Path = "/api/metrics/v1/graph"-			http.Redirect(w, r, r.URL.String(), http.StatusMovedPermanently)+			tenantHeader := authentication.NewTenantHeaderMiddleware(cfg.metrics.tenantHeader, tenantIDs)

I thinking inlining this a few lines further down would be nicer for scoping. oidcMiddleware is an exception because it also creates the handler.

metalmatze

comment created time in 9 days

Pull request review commentobservatorium/observatorium

Introduce multi tenancy authentication

+package authentication++import (+	"context"+	"fmt"+	"net/http"+	"strings"+	"time"++	"github.com/coreos/go-oidc"+	"github.com/go-chi/chi"+	"golang.org/x/oauth2"+)++// contextKey to use when setting context values in the HTTP package.+type contextKey string++// String implements the Stringer interface and makes it+// nice to print contexts.+func (c contextKey) String() string {+	return "HTTP context key " + string(c)+}++const (+	state = "I love Observatorium"

:heart:

metalmatze

comment created time in 9 days

Pull request review commentobservatorium/observatorium

Introduce multi tenancy authentication

+# The base path of dex and the external name of the OpenID Connect service.+# This is the canonical URL that all clients MUST use to refer to dex. If a+# path is provided, dex's HTTP service will listen at a non-root URL.+issuer: http://127.0.0.1:5556/dex++# The storage configuration determines where dex stores its state. Supported+# options include SQL flavors and Kubernetes third party resources.+#+# See the storage document at Documentation/storage.md for further information.+storage:+  type: sqlite3+  config:+    file: /tmp/dex.db++# Configuration for the HTTP endpoints.+web:+  http: 0.0.0.0:5556+  # Uncomment for HTTPS options.+  # https: 127.0.0.1:5554+  # tlsCert: /etc/dex/tls.crt+  # tlsKey: /etc/dex/tls.key++# Configuration for telemetry+telemetry:+  http: 0.0.0.0:5558++# Uncomment this block to enable the gRPC API. This values MUST be different+# from the HTTP endpoints.+# grpc:+#   addr: 127.0.0.1:5557+#  tlsCert: examples/grpc-client/server.crt+#  tlsKey: examples/grpc-client/server.key+#  tlsClientCA: /etc/dex/client.crt++# Uncomment this block to enable configuration for the expiration time durations.+# expiry:+#   signingKeys: "6h"+#   idTokens: "24h"++# Options for controlling the logger.+logger:+  level: "debug"+#   format: "text" # can also be "json"++# Default values shown below+# oauth2:+    # use ["code", "token", "id_token"] to enable implicit flow for web-only clients+#   responseTypes: [ "code" ] # also allowed are "token" and "id_token"+    # By default, Dex will ask for approval to share data with application+    # (approval for sharing data from connected IdP to Dex is separate process on IdP)+#   skipApprovalScreen: false+    # If only one authentication method is enabled, the default behavior is to+    # go directly to it. For connected IdPs, this redirects the browser away+    # from application to upstream provider such as the Google login page+#   alwaysShowLoginScreen: false+    # Uncommend the passwordConnector to use a specific connector for password grants+#   passwordConnector: local++# Instead of reading from an external storage, use this list of clients.+#+# If this option isn't chosen clients may be added through the gRPC API.+staticClients:+- id: example-app+  redirectURIs:+  - 'http://127.0.0.1:5555/callback'+  name: 'Example'+  secret: ZXhhbXBsZS1hcHAtc2VjcmV0+- id: telemeter

Agreed, hard to think of other examples though. :smile:

metalmatze

comment created time in 9 days

Pull request review commentobservatorium/observatorium

Introduce multi tenancy authentication

 container-release: container 	docker push $(DOCKER_REPO):latest  .PHONY: integration-test-dependencies-integration-test-dependencies: $(THANOS) $(UP)+integration-test-dependencies: $(THANOS) $(UP) $(DEX)

We might actually want to rename this to

test-integration-dependencies: $(THANOS) $(UP) $(DEX)

as the actual test is run with test-integration. Just an inconsistency I noticed.

metalmatze

comment created time in 9 days

delete branch metalmatze/observatorium

delete branch : redirects-ui

delete time in 9 days

push eventmetalmatze/observatorium

Matthias Loibl

commit sha 4f8fd1c7d534f143f21c2dc8d8a75fc8d6f433f3

Add /graph to metricslegacy package and mount it at the root

view details

push time in 9 days

Pull request review commentobservatorium/observatorium

Redirect to UI including query params

 func main() { 		)  		r.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {-			http.Redirect(w, r, "/api/metrics/v1/graph", http.StatusMovedPermanently)+			r.URL.Path = "/api/metrics/v1/graph"+			http.Redirect(w, r, r.URL.String(), http.StatusMovedPermanently)+		})+		r.HandleFunc("/graph", func(w http.ResponseWriter, r *http.Request) {

While I generally agree, the legacy package is actually mounted on /api/v1/. So adding it there won't work unless we mount that router to /. I'd say it's fine, there's basically nothing that handler is doing. :man_shrugging:

metalmatze

comment created time in 9 days

PR opened observatorium/observatorium

Redirect to UI including query params

This is mostly so that in case people have bookmarked queries or there are links to graphs saved elsewhere still work and they get forwarded accordingly.

If someone has a bookmark / link to graph?g0.range_input=1h&g0.max_source_resolution=0s&g0.expr=up&g0.tab=1 then going forward that will be redirected including the query parameters, so that those links don't break.

/cc @squat

+6 -1

0 comment

1 changed file

pr created time in 9 days

create barnchmetalmatze/observatorium

branch : redirects-ui

created branch time in 9 days

PR opened brancz/locutus

Refactoring object graph initialization in main.go

Here are a few refactorings. Mostly around the Provider pattern, which I found to rather get in my way, then helping. It's basically gone and the main.go initializes the proviers in a simple switch-case.

+197 -335

0 comment

13 changed files

pr created time in 10 days

push eventmetalmatze/locutus

Matthias Loibl

commit sha fe46d1f6370abc718e0651bcc374b52763f2147f

Refactoring object graph initialization in main.go Here are a few refactorings. Mostly around the Provider pattern, which I found to rather get in my way, then helping. It's basically gone and the main.go initializes the proviers in a simple switch-case.

view details

push time in 10 days

pull request commentopenshift/router

Report all backend metrics

Nice! Thank you for taking care of this!!! While average is better than nothing is there any chance of getting something similar to a histogram or things like the p90 or p99?

smarterclayton

comment created time in 12 days

issue closedthanos-io/kube-thanos

[thanos-rule] No quotation marks on alert.label-drop

In thanos-rule manifest, there is a mistake in args :

- --alert.label-drop="rule_replica"

should be

- --alert.label-drop=rule_replica

PR opened #116

closed time in 12 days

zenman94

push eventthanos-io/kube-thanos

Gaëtan Ars

commit sha a32bc7bde474ced53706b2c91edbe571f440b4b0

No quotation marks on alert.label-drop Signed-off-by: Gaëtan Ars <gaetan.ars@orange.com>

view details

Gaëtan Ars

commit sha c85ac95fcd0b8f4e20d3edba8bf7b0fa5dda623a

alert.label-drop without quotations mark Signed-off-by: Gaëtan Ars <gaetan.ars@orange.com>

view details

Matthias Loibl

commit sha 96ae2415082b9891d54227a4d670801503de8f10

Merge pull request #116 from zenman94/master No quotation marks on alert.label-drop

view details

push time in 12 days

PR merged thanos-io/kube-thanos

Reviewers
No quotation marks on alert.label-drop

<!-- Keep PR title verbose enough and add prefix telling about what components it touches e.g "query:" or ".*:" -->

<!-- Don't forget about CHANGELOG!

Changelog entry format:
- [#<PR-id>](<PR-URL>) Thanos <Component> ...

<PR-id> Id of your pull request.
<PR-URL> URL of your PR such as https://github.com/thanos-io/kube-thanos/pull/<PR-id>
<Component> Component affected by your changes such as Query, Store, Receive.

-->

  • [ ] I added CHANGELOG entry for this change.
  • [ ] Change is not relevant to the end user.

Changes

<!-- Enumerate changes you made -->

Verification

<!-- How you tested it? How do you know it works? -->

+2 -2

0 comment

2 changed files

zenman94

pr closed time in 12 days

pull request commentopenshift/cluster-monitoring-operator

[WIP] Add an API performance grafana dashboard

I don't really see how this improves the user experiences for a users of the APIServer. Sure, this looks like a helpful dashboard for low-level debugging of the APIServer. I don't think that this dashboard should be part of the dashboard shipped to customers by default though. What specifically are you missing in the current APIServer dashboard, that we maybe could improve on that one?!

tkashem

comment created time in 12 days

created tagjsonnet-bundler/jsonnet-bundler

tagv0.4.0

A jsonnet package manager.

created time in 12 days

delete branch metalmatze/jsonnet-bundler

delete branch : prepare-0.4

delete time in 12 days

PR opened jsonnet-bundler/jsonnet-bundler

Let's release v0.4.0

We've accumulated a few nice additions, so let's cut v0.4.0 :blush:

/cc @sh0rez @tomwilkie @bgagnon @brancz

+15 -2

0 comment

2 changed files

pr created time in 12 days

create barnchmetalmatze/jsonnet-bundler

branch : prepare-0.4

created branch time in 12 days

delete branch jsonnet-bundler/jsonnet-bundler

delete branch : single

delete time in 12 days

push eventmetalmatze/alertmanager-bot

Philipp Hellmich

commit sha 6420268a3fd588661da885c6aef0776cbd194275

Support description annotation which is used by newer alerts

view details

Philipp Hellmich

commit sha f966abff37d8b47c2d4e747bd078c137babaa10c

Update default.tmpl

view details

Matthias Loibl

commit sha 5efc0bbbf8023d4324e9da98562f064a714a7206

Merge pull request #113 from runningman84/patch-2 Support description annotation which is used by newer alerts

view details

push time in 12 days

PR merged metalmatze/alertmanager-bot

Support description annotation which is used by newer alerts

I am not 100% sure if this works please double check...

The current template lacks description support and the duration could also be hidden if there is no end date? In my tests it is "-" until the event is solved.

+8 -0

3 comments

1 changed file

runningman84

pr closed time in 12 days

issue closedmetalmatze/alertmanager-bot

admin id

The docs are a little "light". I've set up a bot - but how do I get the number representation of my user id?

In the end I figured out to use the userinfobot - but it would be great to add this to the docs.

closed time in 12 days

tcurdt

push eventmetalmatze/alertmanager-bot

greynix

commit sha c91f53333f288cd761e05fa98827d2897144535d

Update README

view details

Matthias Loibl

commit sha d7f48177aea28b37b7bf0eaefe4dbce0cbf80333

Merge pull request #114 from greynix/documentation Update README, added user id bot

view details

push time in 12 days

PR merged metalmatze/alertmanager-bot

Update README, added user id bot

Added user id bot. (https://github.com/metalmatze/alertmanager-bot/issues/104)

+1 -1

0 comment

1 changed file

greynix

pr closed time in 12 days

create barnchmetalmatze/slo-dashboard

branch : ui

created branch time in 13 days

create barnchmetalmatze/slo-dashboard

branch : golang-statuspage

created branch time in 13 days

pull request commentkubernetes-monitoring/kubernetes-mixin

Add 'factor' label to KubeAPIErrorBudgetBurn alerts

I didn't realize. Actually, I think long and short are a bit more meaningful. Should still make sense. Factor is mostly an implementation detail.

simonpasquier

comment created time in 13 days

delete branch metalmatze/configuration-1

delete branch : guestbook-YAML

delete time in 13 days

pull request commentconfiguration-fyi/configuration

Add guestbook YAML example

Actually, I wanted some feedback on the bare minimum requirements. So please still take a look!

metalmatze

comment created time in 13 days

delete branch metalmatze/configuration

delete branch : up-config-defaults

delete time in 13 days

push eventobservatorium/configuration

Matthias Loibl

commit sha 738d6f95ce8ce84e3f72360dac0163ae207aee5d

Remove withXXX helper functions from up component

view details

Matthias Loibl

commit sha c066d1587720a228074c8b8778b48c96b34534af

In up component check for non-empty queryConfig object

view details

Matthias Loibl

commit sha 3c4132ae294289884eb8a06ed92cd1ff933bc23f

Merge pull request #276 from metalmatze/up-config-defaults Remove withXXX helper functions from up component

view details

push time in 13 days

PR merged observatorium/configuration

Remove withXXX helper functions from up component

This should be easier to configure and the --endpoint-read and --endpoint-write are added as flags, simply by not having '' in the config.

/cc @kakkoyun @brancz

+69 -126

0 comment

3 changed files

metalmatze

pr closed time in 13 days

Pull request review commentobservatorium/configuration

Remove withXXX helper functions from up component

 local k = import 'ksonnet/ksonnet.beta.4/k.libsonnet';         name: up.config.name,         namespace: up.config.namespace,       },-    },-  },--  withServiceMonitor:: {

I agree, we simply didn't want to match things. The funny thing is, we figured out a way to elegantly solve this too though. Maybe we can still improve it further down the road.

Essentially, if serviceMonitor == true then we create the object and add it to the overall object, else this serviceMonitor object is simply null. Then if you look at the manifest generation, we check for object being null and then simply ignore them :)

WDYT?

metalmatze

comment created time in 13 days

push eventmetalmatze/configuration

Matthias Loibl

commit sha c066d1587720a228074c8b8778b48c96b34534af

In up component check for non-empty queryConfig object

view details

push time in 13 days

PR opened observatorium/configuration

Reviewers
Remove withXXX helper functions from up component

This should be easier to configure and the --endpoint-read and --endpoint-write are added as flags, simply by not having '' in the config.

/cc @kakkoyun @brancz

+69 -126

0 comment

3 changed files

pr created time in 13 days

create barnchmetalmatze/configuration

branch : up-config-defaults

created branch time in 13 days

PR opened configuration-fyi/configuration

Add guestbook YAML example

These files are actually copied from the official Kubernetes website.

I've written some bare minimum requirements for configuration implementations in the showcases/guestbook/README.md. WDYT?

/cc @bwplotka @brancz @RiRa12621 @miekg @ant31

+153 -0

0 comment

7 changed files

pr created time in 13 days

create barnchmetalmatze/configuration-1

branch : guestbook-YAML

created branch time in 13 days

fork metalmatze/configuration-1

Community driven comparison of modern open source configuration management languages, patterns and solutions.

https://configuration.fyi/

fork in 13 days

push eventmetalmatze/alertmanager-bot

Matthias Loibl

commit sha 27e7d30516d9fe62495c522b658ce923c21cac02

Add defaults to deployments/kubernetes.libsonnet Only the storage is needed to be specified by the user explicitly

view details

Matthias Loibl

commit sha 8b0006a77761f05111afb86e5147a498b7880671

Fix PVC name

view details

push time in 14 days

PR opened thanos-io/thanos

Reviewers
Add Rule Group Evaluations to Ruler dashboard in mixin

In #2398 we added a ThanosNoRuleEvaluations alert which is really helpful and signaling a symptom of unavailability of the Thanos Ruler. Sadly we don't surface these underlying metrics on the Thanos Ruler dashboard.

Screenshot from 2020-05-13 19-51-10

  • [ ] I added CHANGELOG entry for this change.
  • [x] Change is not relevant to the end user.

Changes

Add some panel to the Thanos Ruler dashboard.

Verification

Deployed the new Thanos Ruler dashboard on Grafana and check against our datasource :)

+303 -29

0 comment

3 changed files

pr created time in 14 days

create barnchmetalmatze/thanos

branch : ruler-dashboard-evaluations

created branch time in 14 days

Pull request review commentconprof/conprof

jsonnet: Mount configmap if used

 local k = import 'ksonnet/ksonnet.beta.4/k.libsonnet';       configmap.mixin.metadata.withNamespace(conprof.config.namespace) +       configmap.mixin.metadata.withLabels(conprof.config.commonLabels), +    statefulset+: {+      spec+: {+        template+: {+          spec+: {+            volumes:+              std.map(+                function(v) if v.name == 'config' then v {+                  secret:: null,+                  configMap: {+                    name: conprof.configmap.metadata.name,+                  },+                } else v,+                super.volumes+              ),+          },+        },+      },+    },+     secret:: null,

Sure, no strong opinion.

brancz

comment created time in 14 days

Pull request review commentconprof/conprof

jsonnet: Mount configmap if used

 local k = import 'ksonnet/ksonnet.beta.4/k.libsonnet';       configmap.mixin.metadata.withNamespace(conprof.config.namespace) +       configmap.mixin.metadata.withLabels(conprof.config.commonLabels), +    statefulset+: {+      spec+: {+        template+: {+          spec+: {+            volumes:+              std.map(+                function(v) if v.name == 'config' then v {+                  secret:: null,+                  configMap: {+                    name: conprof.configmap.metadata.name,+                  },+                } else v,+                super.volumes+              ),+          },+        },+      },+    },+     secret:: null,

Do we still need this one?

brancz

comment created time in 14 days

pull request commentobservatorium/configuration

Added Makefile for better discoverability of commands, reuse and binaries versioning. Also added version `-in-container`.

I would say, let's take it in small steps from what we currently have.

bwplotka

comment created time in 14 days

push eventobservatorium/configuration

Matthias Loibl

commit sha d85a382277723bac0a1e366b3b2d7ab39e8e9674

Replace bash scripts with Makefile targets

view details

Matthias Loibl

commit sha 66f54604d5373d38291ed8f0e2411ec64f43641e

Update Observatorium API This update aims to simplify Observatorium APIs configuration surface. Breaking changes: * Observatorium API Thanos Querier serving only UI assets is obsolete * --metrics.ui.endpoint was removed * --metrics.read.endpoint takes the root path and appends /api/v1/{query/query_range} * --metrics.write.endpoint takes the root path and appends /api/v1/receive * Updates from Observatorium API configuration (Port for internal server, healthcheck improvements)

view details

Matthias Loibl

commit sha c7a30e6e0a553b9bef80e579ccbb6adcbd37cd87

Use makefile targets to build jsonnet-based manifests

view details

Matthias Loibl

commit sha 72c4781fb211e0abb8bf47a2e46f8433d990a014

Set Thanos Querier --web.external-prefix to serve assets on relative path

view details

Matthias Loibl

commit sha cf8f7c1e0ff04d270bcf49fb314be0926f2ec030

Fix endpoints in tests/manifests

view details

Matthias Loibl

commit sha 051e64ba1476b13f469da44f21f953ac9179be93

Update operator/jsonnet/vendor/ after updating dependencies

view details

Matthias Loibl

commit sha 2ad96d1af187d1158578af51fbb52efe26a489f7

Merge pull request #271 from metalmatze/api-update Upate Observatorium API to get latest improvements

view details

push time in 14 days

PR merged observatorium/configuration

Upate Observatorium API to get latest improvements

This update aims to simplify Observatorium APIs configuration surface.

Breaking changes:

  • Observatorium API Thanos Querier serving only UI assets is obsolete
  • --metrics.ui.endpoint was removed
  • --metrics.read.endpoint takes the root path and appends /api/v1/{query/query_range}
  • --metrics.write.endpoint takes the root path and appends /api/v1/receive
  • Updates from Observatorium API configuration (Port for internal server, healthcheck improvements)

As I was touching all manifests and its jsonnet I took some minutes to add some proper Makefile targets that will only rebuild, if dependent files change.

/cc @squat @brancz @kakkoyun @krasi-georgiev

As we cover the Operator in e2e tests and I actually tried it on a local kind cluster, I don't expect any breaking changes from this for the Operator itself. /cc @rollandf @nmagnezi

+130 -340

1 comment

22 changed files

metalmatze

pr closed time in 14 days

push eventmetalmatze/configuration

Matthias Loibl

commit sha 051e64ba1476b13f469da44f21f953ac9179be93

Update operator/jsonnet/vendor/ after updating dependencies

view details

push time in 15 days

PR opened observatorium/configuration

Upate Observatorium API to get latest improvements

This update aims to simplify Observatorium APIs configuration surface.

Breaking changes:

  • Observatorium API Thanos Querier serving only UI assets is obsolete
  • --metrics.ui.endpoint was removed
  • --metrics.read.endpoint takes the root path and appends /api/v1/{query/query_range}
  • --metrics.write.endpoint takes the root path and appends /api/v1/receive
  • Updates from Observatorium API configuration (Port for internal server, healthcheck improvements)

As I was touching all manifests and its jsonnet I took some minutes to add some proper Makefile targets that will only rebuild, if dependent files change.

/cc @squat @brancz @kakkoyun @krasi-georgiev

As we cover the Operator in e2e tests and I actually tried it on a local kind cluster, I don't expect any breaking changes from this for the Operator itself. /cc @rollandf @nmagnezi

+106 -327

0 comment

21 changed files

pr created time in 15 days

push eventmetalmatze/configuration

Fred Rolland

commit sha c3a35820ff0126320588464813a88e8b37c71fa2

Jsonnet vendoring

view details

Frederic Branczyk

commit sha 966dd6319c04ae990f68cad85c245b8c3872cf73

Merge pull request #257 from rollandf/jsonnet-vendor Jsonnet vendoring

view details

Matthias Loibl

commit sha d85a382277723bac0a1e366b3b2d7ab39e8e9674

Replace bash scripts with Makefile targets

view details

Matthias Loibl

commit sha 66f54604d5373d38291ed8f0e2411ec64f43641e

Update Observatorium API This update aims to simplify Observatorium APIs configuration surface. Breaking changes: * Observatorium API Thanos Querier serving only UI assets is obsolete * --metrics.ui.endpoint was removed * --metrics.read.endpoint takes the root path and appends /api/v1/{query/query_range} * --metrics.write.endpoint takes the root path and appends /api/v1/receive * Updates from Observatorium API configuration (Port for internal server, healthcheck improvements)

view details

Matthias Loibl

commit sha c7a30e6e0a553b9bef80e579ccbb6adcbd37cd87

Use makefile targets to build jsonnet-based manifests

view details

Matthias Loibl

commit sha 72c4781fb211e0abb8bf47a2e46f8433d990a014

Set Thanos Querier --web.external-prefix to serve assets on relative path

view details

Matthias Loibl

commit sha cf8f7c1e0ff04d270bcf49fb314be0926f2ec030

Fix endpoints in tests/manifests

view details

push time in 15 days

push eventmetalmatze/configuration

Matthias Loibl

commit sha 0d39e30b80fe2cef2d55a31bc462b7bc78517771

Fix endpoints in tests/manifests

view details

push time in 15 days

push eventmetalmatze/configuration

Matthias Loibl

commit sha 24212daec756ac7ad2d00bd7d58f76a03d298e71

Set Thanos Querier --web.external-prefix to serve assets on relative path

view details

push time in 15 days

create barnchmetalmatze/configuration

branch : api-update

created branch time in 15 days

delete branch metalmatze/observatorium

delete branch : metrics-package

delete time in 16 days

push eventobservatorium/observatorium

Matthias Loibl

commit sha 7d3544474c3c445f897c0091b35e280885c2028c

Create metrics v1 and legacy package using a modular proxy

view details

Matthias Loibl

commit sha ae18afd9e9d5ccd0107d999ca8ea4d71ca76d1ef

Move public HTTP server to assemble handlers in main.go

view details

Matthias Loibl

commit sha bb59ddc31a5b1cdf8bb4b1e6bae9aceaa08a6b31

Remove old Proxy struct, that's replaced by proxy middlewares

view details

Matthias Loibl

commit sha eba7314f12ca3ab229cb2937dbb2e5549215153d

Remove unused proxy flags

view details

Matthias Loibl

commit sha 4c4aacbf3c10056c03b96f7b2749faf624e113c7

Fix path in proxy upstream middleware

view details

Matthias Loibl

commit sha 01c2e0272e40abf0dd8f8dc9344554d2286d074d

Remove obsolete metrics.ui.endpoint flag

view details

Matthias Loibl

commit sha 6b12ac96c920be40145ffe1e651f55900691f99a

Remove left over metrics.ui.endpoint flag usage

view details

Matthias Loibl

commit sha 4754f23e687415b399329b420af5f55b334a6b08

Strip prefix /write from remote write endpoint

view details

Matthias Loibl

commit sha 2290c5fd0a0ce6e4ec297ad639816a2a58a678df

Update /write to /api/v1/receive

view details

Matthias Loibl

commit sha 8238deaa9d95435b03d98f59fcd25a2967c42f16

Update Thanos to v0.12.2

view details

Matthias Loibl

commit sha 3c24d9b889db8ca18a0fb3edc80cd394bbf99d82

Merge pull request #40 from metalmatze/metrics-package Split HTTP server into multiple metrics packages - make it composable

view details

push time in 16 days

PR merged observatorium/observatorium

Reviewers
Split HTTP server into multiple metrics packages - make it composable

Essentially, rather than having a big Server instance that's used across the project, I tend to think of creating smaller bits and pieces, in this case handlers per package, and then assemble them in the main.go again.

That means that internal/api/metrics/v1/ is responsible for /api/metrics/v1 on the HTTP endpoints and internal/api/metrics/legacy is actually mounted to /api/v1/query. The package itself however, is totally unaware of that path prefix and could be moved independently or even mounted somewhere else without modifying the package itself. The proxy also became more like a middleware collection where we use bits and pieces to create proxies per handler (and even multiple ones) as we can have more fine-grained control over timeouts and other values.

/cc @squat @kakkoyun @brancz

+417 -1063

3 comments

28 changed files

metalmatze

pr closed time in 16 days

more