For the EIDA Technical Committee and EIDA Management Board that need to improve there services quality, Oculus is a central monitoring and alerting system that tests all the services at EIDA nodes. Unlike the previous situation where the monitoring was very scattered and uneven, OCULUS will provide a global view of the services status and indicators for keeping track of service quality evolution.
- Oculus Monitoring
- How to monitor a new thing
- Deploying Oculus Zabbix and Grafana on Kubernetes using Helm
- Zabbix configuration
- Deploying Oculus Grafana
So you woud like to monitor something related to EIDA federation ?
Please create a new issue using the template "New Monitoring".
In order to edit Nodes values is in this procedures
- Kubernetes cluster (version 1.20 or later) configured and running
kubectlinstalled and configuredgitinstalled and configured- Helm CLI (version 3 or later) installed https://helm.sh/docs/intro/install
- Plugin Helm secret https://github.com/jkroepke/helm-secrets
- Sops core https://github.com/getsops/sops
- Sufficient resources in the cluster to run Zabbix components
git clone https://github.com/EIDA/oculus-monitoring-backendcd zabbix_server/helm_valueshelm repo add zabbix-community https://zabbix-community.github.io/helm-zabbix
helm repo updatekubectl create namespace eida-monitoringCREATE USER oculus WITH PASSWORD '{password}';
CREATE DATABASE oculus_zabbix OWNER oculus;We recommend to use pgcli
Usage :
pgcli postgres://{user}@{netloc}/{dbname}
Example:
pgcli postgres://[email protected]/oculus_zabbix
cd oculus-monitoring-backend/zabbix_server/helm_values
sops -d -i values.yaml/!\ TODO
Apply Helm Chart
helm secrets upgrade --install oculus-zabbix zabbix-community/zabbix \
--dependency-update \
-f values.yaml -n eida-monitoring --debug-
Port forward
kubectl port-forward service/oculus-zabbix-zabbix-web 8888:80 -n eida-monitoring
-
Default credentials:
- Username: Admin
- Password: zabbix
For deploying playbook with Ansible, you need to install Ansible
The Zabbix Ansible script will deploy this playbooks:
- Import templates
- Config autoregistration
- Deploying agents
- Activate media type
- Create EIDA users
- Configuration triggers actions
Go to "Users > Users"
- Click "Create user"
- Username: ansible
- Groups: "No access to the frontend" and "Zabbix administrator"
- Password: {ansible_password}
- Click to "Permissions"
- Role: "Super admin role"
- Click "Add"
Go to "User > API tokens"
- Click "Create API token"
- Name: ansible
- User: ansible
- uncheck "Set expiration date and time"
- check "Enabled"
- Click "Add"
- Copy to clipboard "Auth token" value and paste in file "config_prod" or "config_staging" in path
ansible/config/
cd ansible/playbooksansible-playbook zbx_deployment.yaml- Kubernetes cluster (version 1.20 or later) configured and running
kubectlinstalled and configuredgitinstalled and configured- Helm CLI (version 3 or later) installed https://helm.sh/docs/intro/install
- Plugin Helm secret https://github.com/jkroepke/helm-secrets
- Sops core https://github.com/getsops/sops
- Sufficient resources in the cluster to run Grafana components
git clone https://github.com/EIDA/oculus-monitoring-backendcd grafana_server/helm_valueshelm repo add grafana https://grafana.github.io/helm-charts
helm repo updatecd oculus-monitoring-backend/grafana_server/helm_values
sops decrypt values.yamlhelm upgrade --install oculus-grafana grafana/grafana \
-f values.yaml -n eida-monitoring- Port forward Grafana
kubectl port-forward service/oculus-grafana 3000:3000 -n eida-monitoring
- localhost:3000
- Default credentials:
- Username: admin
- Password: {admin_passwd}
- Port forwrd Zabbix
kubectl port-forward service/oculus-zabbix-zabbix-web 8888:8888 -n eida-monitoring
- localhost:8888
In Zabbix application, go to "Users > API token"
- Click "Create API token"
- Name: grafana
- User: grafana
- Set expiration date and time: uncheck
- Enabled: check
- Click "Add"
- Copy the {auth_token}
For deploying playbook with Ansible, you need to install Ansible
The Grafana Ansible script will deploy this playbooks:
- Add datasources
- Import dashboards
In Grafana application, go to "Administration > User and access > Users"
- Click "New user"
- Name: ansible
- Username: ansible
- Password: {ansible_password}
- Click "Create user"
- In section "Permissions" click to "Change" and "Yes" and reclick to "Change"
- In section "Organization" click to "Change role", select "Admin" and click to "Save" Go to "Administration > User and access > Service accounts"
- Click "Add service account"
- Name: ansible
- Role: Admin
- Click "Add service account token"
- Click "No expiration"
- Click "Generate token"
- Copy to clipboard and paste in file "config_prod" or "config_staging" in path
ansible/config/ - Click "Close"
- Copy to clipboard and paste in file "config_prod" or "config_staging" in path
- Click in red cross on section "User"
- Click "Add permission"
- Select "User"
- Select "ansible"
- Select "Admin"
- Click "Save"
cd ansible/configsops -d -i config_prod.yaml
OR
sops -d -i config_staging.yamlcd ansible/playbooksansible-playbook grafana_deployment.yaml