initial commit for alerta role

6 files changed, 103 insertions, 0 deletions

diff --git a/chaos-at-home/ch-apps.yml b/chaos-at-home/ch-apps.yml
index d264ffc2..f0347216 100644
--- a/chaos-at-home/ch-apps.yml
+++ b/chaos-at-home/ch-apps.yml
@@ -12,3 +12,4 @@
   - role: apt-repo/spreadspace
   - role: kubernetes/base
   - role: kubernetes/standalone/base
+  - role: monitoring/alerta
diff --git a/inventory/host_vars/ch-apps.yml b/inventory/host_vars/ch-apps.yml
index bdbac832..ed2aeb70 100644
--- a/inventory/host_vars/ch-apps.yml
+++ b/inventory/host_vars/ch-apps.yml
@@ -113,3 +113,6 @@ kubernetes_version: 1.23.2
 kubernetes_container_runtime: docker
 kubernetes_standalone_max_pods: 42
 kubernetes_standalone_cni_variant: with-portmap
+
+
+alerta_base_path: /srv/storage/alerta
diff --git a/inventory/host_vars/ch-mon.yml b/inventory/host_vars/ch-mon.yml
index c16398bc..bd952fc8 100644
--- a/inventory/host_vars/ch-mon.yml
+++ b/inventory/host_vars/ch-mon.yml
@@ -146,6 +146,23 @@ prometheus_alertmanager_auth_users:
   server: "{{ vault_prometheus_alertmanager_auth_user_passwords['server'] }}"
   admin: "{{ vault_prometheus_alertmanager_auth_user_passwords['admin'] }}"
 
+prometheus_alertmanager_route:
+  receiver: alerta
+  group_by: ['...']
+  group_wait: 0
+  group_interval: 10s
+  repeat_interval: 5m
+
+prometheus_alertmanager_receivers:
+  - name: alerta
+    webhook_configs:
+    - url: http://192.168.32.1:8080/api/webhooks/prometheus
+      send_resolved: true
+      http_config:
+        basic_auth:
+          username: admin
+          password: alerta
+
 
 grafana_secret_key: "{{ vault_grafana_secret_key }}"
 
diff --git a/roles/monitoring/alerta/defaults/main.yml b/roles/monitoring/alerta/defaults/main.yml
new file mode 100644
index 00000000..034c8268
--- /dev/null
+++ b/roles/monitoring/alerta/defaults/main.yml
@@ -0,0 +1,2 @@
+---
+# alerta_base_path: /srv/alerta
diff --git a/roles/monitoring/alerta/tasks/main.yml b/roles/monitoring/alerta/tasks/main.yml
new file mode 100644
index 00000000..af7530d8
--- /dev/null
+++ b/roles/monitoring/alerta/tasks/main.yml
@@ -0,0 +1,32 @@
+---
+- name: create alerta subdirectories
+  loop:
+  - config
+  - postgres
+  file:
+    path: "{{ alerta_base_path }}/{{ item }}"
+    state: directory
+
+- name: install alertad config template
+  copy:
+    content: |
+      DEBUG = {{ '{{' }} 'True' if env.DEBUG else 'False' {{ '}}' }}
+      SECRET = "{{ '{{' }} env.SECRET_KEY {{ '}}' }}"
+      PLUGINS = ['reject', 'blackout', 'heartbeat']
+      DEFAULT_ENVIRONMENT = 'unknown'
+      ALLOWED_ENVIRONMENTS = ['unknown', 'chaos-at-.*']
+      HEARTBEAT_EVENTS = ['PrometheusAlertmanagerE2eDeadManSwitch']
+    dest: "{{ alerta_base_path }}/config/alertad.conf.j2"
+
+- name: install pod manifest
+  vars:
+    kubernetes_standalone_pod:
+      name: "alerta"
+      spec: "{{ lookup('template', 'pod-spec.yml.j2') }}"
+      mode: "0600"
+      config_hash_items:
+      - path: "{{ alerta_base_path }}/config/alertad.conf.j2"
+        properties:
+        - checksum
+  include_role:
+    name: kubernetes/standalone/pod
diff --git a/roles/monitoring/alerta/templates/pod-spec.yml.j2 b/roles/monitoring/alerta/templates/pod-spec.yml.j2
new file mode 100644
index 00000000..e31686e3
--- /dev/null
+++ b/roles/monitoring/alerta/templates/pod-spec.yml.j2
@@ -0,0 +1,48 @@
+containers:
+- name: alerta
+  image: "alerta/alerta-web:8.7.0"
+  resources:
+    limits:
+      memory: "1Gi"
+  env:
+  - name: "DATABASE_URL"
+    value: "postgres://alerta:secret@127.0.0.1:5432/alerta"
+  - name: "AUTH_REQUIRED"
+    value: "True"
+  - name: "ADMIN_USERS"
+    value: "admin"
+  volumeMounts:
+  - name: config
+    mountPath: /app/alertad.conf.j2
+    subPath: alertad.conf.j2
+    readOnly: true
+  ports:
+  - containerPort: 8080
+    hostPort: 8080
+
+- name: postgresql
+  image: "postgres:14.2"
+  args:
+  - postgres
+  - -c
+  - listen_addresses=127.0.0.1
+  env:
+  - name: "POSTGRES_DB"
+    value: "alerta"
+  - name: "POSTGRES_USER"
+    value: "alerta"
+  - name: "POSTGRES_PASSWORD"
+    value: "secret"
+  volumeMounts:
+  - name: postgres
+    mountPath: /var/lib/postgresql/data
+
+volumes:
+- name: config
+  hostPath:
+    path: "{{ alerta_base_path }}/config"
+    type: Directory
+- name: postgres
+  hostPath:
+    path: "{{ alerta_base_path }}/postgres"
+    type: Directory