Prometheus-Alertmanager

Prometheus-Alertmanager¶

There are various customizations you can do to tailor the deployment of OpenStack Prometheus-Alertmanager. You can find those below.

General Parameters¶

conf.alert_templates

Type: string

Description:

nil
conf.alertmanager
Type: string

Description:
global:
  # The smarthost and SMTP sender used for mail notifications.
  smtp_smarthost: 'localhost:25'
  smtp_from: 'alertmanager@example.org'
  smtp_auth_username: 'alertmanager'
  smtp_auth_password: 'password'
  # The auth token for Hipchat.
  hipchat_auth_token: '1234556789'
  # Alternative host for Hipchat.
  hipchat_api_url: 'https://hipchat.foobar.org/'
# The directory from which notification templates are read.
templates:
  - '/etc/alertmanager/template/*.tmpl'
# The root route on which each incoming alert enters.
route:
  # The labels by which incoming alerts are grouped together. For example,
  # multiple alerts coming in for cluster=A and alertname=LatencyHigh would
  # be batched into a single group.
  group_by:
    - alertname
    - cluster
    - service
  # When a new group of alerts is created by an incoming alert, wait at
  # least 'group_wait' to send the initial notification.
  # This way ensures that you get multiple alerts for the same group that start
  # firing shortly after another are batched together on the first
  # notification.
  group_wait: 30s
  # When the first notification was sent, wait 'group_interval' to send a batch
  # of new alerts that started firing for that group.
  group_interval: 5m
  # If an alert has successfully been sent, wait 'repeat_interval' to
  # resend them.
  repeat_interval: 3h
  # A default receiver
  # receiver: team-X-mails
  receiver: 'team-X-mails'
  # All the above attributes are inherited by all child routes and can
  # overwritten on each.
  # The child route trees.
  routes:
    # This routes performs a regular expression match on alert
    # labels to catch alerts that are related to a list of
    # services.
    - receiver: 'team-X-mails'
      continue: true
    - match_re:
        service: ^(foo1|foo2|baz)$
      receiver: team-X-mails
      # The service has a sub-route for critical alerts, any alerts
      # that do not match, i.e. severity != critical, fall-back to the
      # parent node and are sent to 'team-X-mails'
      routes:
        - match:
            severity: critical
          receiver: team-X-pager
    - match:
        service: files
      receiver: team-Y-mails
      routes:
        - match:
            severity: critical
          receiver: team-Y-pager
    # This route handles all alerts coming from a database service. If there's
    # no team to handle it, it defaults to the DB team.
    - match:
        service: database
      receiver: team-DB-pager
      # Also group alerts by affected database.
      group_by:
        - alertname
        - cluster
        - database
      routes:
        - match:
            owner: team-X
          receiver: team-X-pager
        - match:
            owner: team-Y
          receiver: team-Y-pager
# Inhibition rules allow to mute a set of alerts given that another alert is
# firing.
# We use this to mute any warning-level notifications if the same alert is
# already critical.
inhibit_rules:
  - source_match:
      severity: 'critical'
    target_match:
      severity: 'warning'
    # Apply inhibition if the alertname is the same.
    equal:
      - alertname
      - cluster
      - service
receivers:
  - name: 'team-X-mails'
    email_configs:
      - to: 'team-X+alerts@example.org'
  - name: 'team-X-pager'
    email_configs:
      - to: 'team-X+alerts-critical@example.org'
    pagerduty_configs:
      - service_key: <team-X-key>
  - name: 'team-Y-mails'
    email_configs:
      - to: 'team-Y+alerts@example.org'
  - name: 'team-Y-pager'
    pagerduty_configs:
      - service_key: <team-Y-key>
  - name: 'team-DB-pager'
    pagerduty_configs:
      - service_key: <team-DB-key>
  - name: 'team-X-hipchat'
    hipchat_configs:
      - auth_token: <auth_token>
        room_id: 85
        message_format: html
        notify: false
conf.command_flags.alertmanager.”cluster.listen_address”

Type: string

Description:

“0.0.0.0:9094”

conf.command_flags.alertmanager.”storage.path”

Type: string

Description:

“/var/lib/alertmanager/data”
conf.httpd
Type: string

Description:
ServerRoot \"/usr/local/apache2\"

Listen 80

LoadModule mpm_event_module modules/mod_mpm_event.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule ldap_module modules/mod_ldap.so
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
LoadModule reqtimeout_module modules/mod_reqtimeout.so
LoadModule filter_module modules/mod_filter.so
LoadModule proxy_html_module modules/mod_proxy_html.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule env_module modules/mod_env.so
LoadModule headers_module modules/mod_headers.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule version_module modules/mod_version.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule remoteip_module modules/mod_remoteip.so
LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
LoadModule slotmem_plain_module modules/mod_slotmem_plain.so
LoadModule unixd_module modules/mod_unixd.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so

<IfModule unixd_module>
User daemon
Group daemon
</IfModule>

<Directory />
    AllowOverride none
    Require all denied
</Directory>

<Files \".ht*\">
    Require all denied
</Files>

ErrorLog /dev/stderr

LogLevel warn

<IfModule log_config_module>
    LogFormat \"%a %l %u %t \\\"%r\\\" %>s %b \\\"%{Referer}i\\\" \\\"%{User-Agent}i\\\"\" combined
    LogFormat \"%{X-Forwarded-For}i %l %u %t \\\"%r\\\" %>s %b \\\"%{Referer}i\\\" \\\"%{User-Agent}i\\\"\" proxy
    LogFormat \"%h %l %u %t \\\"%r\\\" %>s %b\" common

    <IfModule logio_module>
      LogFormat \"%a %l %u %t \\\"%r\\\" %>s %b \\\"%{Referer}i\\\" \\\"%{User-Agent}i\\\" %I %O\" combinedio
    </IfModule>

    SetEnvIf X-Forwarded-For \"^.*\\..*\\..*\\..*\" forwarded
    CustomLog /dev/stdout common
    CustomLog /dev/stdout combined
    CustomLog /dev/stdout proxy env=forwarded
</IfModule>

<Directory \"/usr/local/apache2/cgi-bin\">
    AllowOverride None
    Options None
    Require all granted
</Directory>

<IfModule headers_module>
    RequestHeader unset Proxy early
</IfModule>

<IfModule proxy_html_module>
Include conf/extra/proxy-html.conf
</IfModule>

<VirtualHost *:80>
  RemoteIPHeader X-Original-Forwarded-For
  <Location />
      ProxyPass http://localhost:{{ tuple \"alertmanager\" \"internal\" \"api\" . | include \"helm-toolkit.endpoints.endpoint_port_lookup\" }}/
      ProxyPassReverse http://localhost:{{ tuple \"alertmanager\" \"internal\" \"api\" . | include \"helm-toolkit.endpoints.endpoint_port_lookup\" }}/
  </Location>
  <Proxy *>
      AuthName \"Alertmanager\"
      AuthType Basic
      AuthBasicProvider file ldap
      AuthUserFile /usr/local/apache2/conf/.htpasswd
      AuthLDAPBindDN {{ .Values.endpoints.ldap.auth.admin.bind }}
      AuthLDAPBindPassword {{ .Values.endpoints.ldap.auth.admin.password }}
      AuthLDAPURL {{ tuple \"ldap\" \"default\" \"ldap\" . | include \"helm-toolkit.endpoints.keystone_endpoint_uri_lookup\" | quote }}
      Require valid-user
  </Proxy>
</VirtualHost>
dependencies.dynamic.common.local_image_registry.jobs[0]

Type: string

Description:

“alertmanager-image-repo-sync”

dependencies.dynamic.common.local_image_registry.services[0].endpoint

Type: string

Description:

“node”

dependencies.dynamic.common.local_image_registry.services[0].service

Type: string

Description:

“local_image_registry”

dependencies.static.alertmanager.services

Type: string

Description:

nil

dependencies.static.image_repo_sync.services[0].endpoint

Type: string

Description:

“internal”

dependencies.static.image_repo_sync.services[0].service

Type: string

Description:

“local_image_registry”

endpoints.alertmanager.auth.admin.password

Type: string

Description:

“changeme”

endpoints.alertmanager.auth.admin.username

Type: string

Description:

“admin”

endpoints.alertmanager.host_fqdn_override.default

Type: string

Description:

nil

endpoints.alertmanager.hosts.default

Type: string

Description:

“alerts-engine”

endpoints.alertmanager.hosts.discovery

Type: string

Description:

“prometheus-alertmanager-discovery”

endpoints.alertmanager.hosts.public

Type: string

Description:

“prometheus-alertmanager”

endpoints.alertmanager.name

Type: string

Description:

“prometheus-alertmanager”

endpoints.alertmanager.namespace

Type: string

Description:

nil

endpoints.alertmanager.path.default

Type: string

Description:

nil

endpoints.alertmanager.port.api.default

Type: int

Description:

9093

endpoints.alertmanager.port.api.public

Type: int

Description:

80

endpoints.alertmanager.port.http.default

Type: int

Description:

80

endpoints.alertmanager.port.mesh.default

Type: int

Description:

9094

endpoints.alertmanager.scheme.default

Type: string

Description:

“http”

endpoints.cluster_domain_suffix

Type: string

Description:

“cluster.local”

endpoints.ldap.auth.admin.bind

Type: string

Description:

“cn=admin,dc=cluster,dc=local”

endpoints.ldap.auth.admin.password

Type: string

Description:

“password”

endpoints.ldap.host_fqdn_override.default

Type: string

Description:

nil

endpoints.ldap.hosts.default

Type: string

Description:

“ldap”

endpoints.ldap.path.default

Type: string

Description:

“/ou=People,dc=cluster,dc=local”

endpoints.ldap.port.ldap.default

Type: int

Description:

389

endpoints.ldap.scheme.default

Type: string

Description:

“ldap”

endpoints.local_image_registry.host_fqdn_override.default

Type: string

Description:

nil

endpoints.local_image_registry.hosts.default

Type: string

Description:

“localhost”

endpoints.local_image_registry.hosts.internal

Type: string

Description:

“docker-registry”

endpoints.local_image_registry.hosts.node

Type: string

Description:

“localhost”

endpoints.local_image_registry.name

Type: string

Description:

“docker-registry”

endpoints.local_image_registry.namespace

Type: string

Description:

“docker-registry”

endpoints.local_image_registry.port.registry.node

Type: int

Description:

5000

endpoints.oci_image_registry.auth.enabled

Type: bool

Description:

false

endpoints.oci_image_registry.auth.prometheus-alertmanager.password

Type: string

Description:

“password”

endpoints.oci_image_registry.auth.prometheus-alertmanager.username

Type: string

Description:

“prometheus-alertmanager”

endpoints.oci_image_registry.host_fqdn_override.default

Type: string

Description:

nil

endpoints.oci_image_registry.hosts.default

Type: string

Description:

“localhost”

endpoints.oci_image_registry.name

Type: string

Description:

“oci-image-registry”

endpoints.oci_image_registry.namespace

Type: string

Description:

“oci-image-registry”

endpoints.oci_image_registry.port.registry.default

Type: string

Description:

nil

images.local_registry.active

Type: bool

Description:

false

images.local_registry.exclude[0]

Type: string

Description:

“dep_check”

images.local_registry.exclude[1]

Type: string

Description:

“image_repo_sync”

images.pull_policy

Type: string

Description:

“IfNotPresent”

images.tags.apache_proxy

Type: string

Description:

“docker.io/library/httpd:2.4”

images.tags.dep_check

Type: string

Description:

“quay.io/airshipit/kubernetes-entrypoint:latest-ubuntu_focal”

images.tags.image_repo_sync

Type: string

Description:

“docker.io/library/docker:17.07.0”

images.tags.prometheus-alertmanager

Type: string

Description:

“docker.io/prom/alertmanager:v0.20.0”

labels.alertmanager.node_selector_key

Type: string

Description:

“openstack-control-plane”

labels.alertmanager.node_selector_value

Type: string

Description:

“enabled”

labels.job.node_selector_key

Type: string

Description:

“openstack-control-plane”

labels.job.node_selector_value

Type: string

Description:

“enabled”

manifests.clusterrolebinding

Type: bool

Description:

true

manifests.configmap_bin

Type: bool

Description:

true

manifests.configmap_etc

Type: bool

Description:

true

manifests.ingress

Type: bool

Description:

true

manifests.job_image_repo_sync

Type: bool

Description:

true

manifests.network_policy

Type: bool

Description:

false

manifests.secret_admin_user

Type: bool

Description:

true

manifests.secret_ingress_tls

Type: bool

Description:

true

manifests.secret_registry

Type: bool

Description:

true

manifests.service

Type: bool

Description:

true

manifests.service_discovery

Type: bool

Description:

true

manifests.service_ingress

Type: bool

Description:

true

manifests.statefulset

Type: bool

Description:

true

monitoring.prometheus.enabled

Type: bool

Description:

true

monitoring.prometheus.prometheus.scrape

Type: bool

Description:

true

network.alertmanager.ingress.annotations.”nginx.ingress.kubernetes.io/rewrite-target”

Type: string

Description:

“/”

network.alertmanager.ingress.classes.cluster

Type: string

Description:

“nginx-cluster”

network.alertmanager.ingress.classes.namespace

Type: string

Description:

“nginx”

network.alertmanager.ingress.public

Type: bool

Description:

true

network.alertmanager.node_port.enabled

Type: bool

Description:

false

network.alertmanager.node_port.port

Type: int

Description:

30903

network_policy.alertmanager.egress[0]

Type: object

Description:

{}

network_policy.alertmanager.ingress[0]

Type: object

Description:

{}

pod.affinity.anti.topologyKey.default

Type: string

Description:

“kubernetes.io/hostname”

pod.affinity.anti.type.default

Type: string

Description:

“preferredDuringSchedulingIgnoredDuringExecution”

pod.affinity.anti.weight.default

Type: int

Description:

10

pod.lifecycle.termination_grace_period.alertmanager.timeout

Type: int

Description:

30

pod.lifecycle.upgrades.deployment.pod_replacement_strategy

Type: string

Description:

“RollingUpdate”

pod.lifecycle.upgrades.statefulsets.pod_replacement_strategy

Type: string

Description:

“RollingUpdate”

pod.mounts.alertmanager.alertmanager

Type: string

Description:

nil

pod.mounts.alertmanager.init_container

Type: string

Description:

nil

pod.replicas.alertmanager

Type: int

Description:

1

pod.resources.alertmanager.limits.cpu

Type: string

Description:

“2000m”

pod.resources.alertmanager.limits.memory

Type: string

Description:

“1024Mi”

pod.resources.alertmanager.requests.cpu

Type: string

Description:

“500m”

pod.resources.alertmanager.requests.memory

Type: string

Description:

“128Mi”

pod.resources.apache_proxy.limits.cpu

Type: string

Description:

“2000m”

pod.resources.apache_proxy.limits.memory

Type: string

Description:

“1024Mi”

pod.resources.apache_proxy.requests.cpu

Type: string

Description:

“100m”

pod.resources.apache_proxy.requests.memory

Type: string

Description:

“128Mi”

pod.resources.enabled

Type: bool

Description:

false

pod.resources.jobs.image_repo_sync.limits.cpu

Type: string

Description:

“2000m”

pod.resources.jobs.image_repo_sync.limits.memory

Type: string

Description:

“1024Mi”

pod.resources.jobs.image_repo_sync.requests.cpu

Type: string

Description:

“100m”

pod.resources.jobs.image_repo_sync.requests.memory

Type: string

Description:

“128Mi”

pod.security_context.server.container.apache_proxy.readOnlyRootFilesystem

Type: bool

Description:

false

pod.security_context.server.container.apache_proxy.runAsUser

Type: int

Description:

0

pod.security_context.server.container.prometheus_alertmanager.allowPrivilegeEscalation

Type: bool

Description:

false

pod.security_context.server.container.prometheus_alertmanager.readOnlyRootFilesystem

Type: bool

Description:

true

pod.security_context.server.container.prometheus_alertmanager_perms.readOnlyRootFilesystem

Type: bool

Description:

true

pod.security_context.server.container.prometheus_alertmanager_perms.runAsUser

Type: int

Description:

0

pod.security_context.server.pod.runAsUser

Type: int

Description:

65534

secrets.oci_image_registry.prometheus-alertmanager

Type: string

Description:

“prometheus-alertmanager-oci-image-registry-key”

secrets.tls.alertmanager.alertmanager.public

Type: string

Description:

“alerts-tls-public”

storage.alertmanager.enabled

Type: bool

Description:

true

storage.alertmanager.pvc.access_mode[0]

Type: string

Description:

“ReadWriteOnce”

storage.alertmanager.requests.storage

Type: string

Description:

“5Gi”

storage.alertmanager.storage_class

Type: string

Description:

“general”

this page last updated: 2025-04-03 18:46:59

Creative Commons Attribution 3.0 License

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.