Uploaded image for project: 'OpenShift Logging'
  1. OpenShift Logging
  2. LOG-3950

Firing User Alerts are not directed to user-workload AM after UWM is enabled

XMLWordPrintable

    • False
    • None
    • False
    • NEW
    • OBSDA-115 - Create alerting rules based on logs
    • VERIFIED
    • Before this update, the LokiStack ruler did not restart caused when the administrator change the RulerConfig custom resource. With this update, the Loki Operator restarts the Ruler pods on RulerConfig changes resolves the issue.
    • Bug Fix
    • Log Storage - Sprint 236, Log Storage - Sprint 237, Log Storage - Sprint 238

      Description:
      Already firing user alerts with openshift-monitoring AM (AlertManager) are not redirected to user-workload-monitoring(UWM) AM URL once user-workload-monitoring is enabled. Need to manually restart the ruler for alerts to be routed to user-workload AM.

      MyApplication1LogVolumeIsHigh and MyApplication2LogVolumeIsHigh are the 2 user alerts created for tenant: application

      Logs:

      ALERT_MANAGER=$(oc get route alertmanager-main -n openshift-monitoring -o jsonpath='{@.spec.host}')
      
      $ curl -k -H "Authorization: Bearer $(oc whoami -t)"  https://$ALERT_MANAGER/api/v1/alerts | jq '.data[].labels.alertname'
        % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                       Dload  Upload   Total   Spent    Left  Speed
      100  6641    0  6641    0     0  21989      0 -::- -::- -::- 22063
      "InsightsRecommendationActive"
      "CannotRetrieveUpdates"
      "MyApplication1LogVolumeIsHigh"
      "MyApplication2LogVolumeIsHigh"
      "Watchdog"
      "AlertmanagerReceiversNotConfigured"
      $ oc -n openshift-monitoring exec -c prometheus prometheus-k8s-0 – curl -k -H "Authorization: Bearer $(oc whoami -t)" 'https://alertmanager-user-workload.openshift-user-workload-monitoring.svc:9095/api/v2/alerts' | jq
        % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                       Dload  Upload   Total   Spent    Left  Speed
      100     3  100     3    0     0    111      0 -::- -::- -::-   111
      []

      runtime-config/override: 

      —
      overrides:
        application:
          ruler_alertmanager_config:
            alertmanager_url: https://_web._tcp.alertmanager-operated.openshift-user-workload-monitoring.svc
            enable_alertmanager_v2: true
            enable_alertmanager_discovery: true
            alertmanager_refresh_interval: 1m
            alertmanager_client:
              tls_ca_path: /var/run/ca/alertmanager/service-ca.crt
              tls_server_name: alertmanager-user-workload.openshift-user-workload-monitoring.svc.cluster.local
              type: Bearer
              credentials_file: /var/run/secrets/kubernetes.io/serviceaccount/token

      Version: Logging 5.7.0 with OCP 4.13

      Steps to reproduce:
      1) Deploy CLO and LO
      2) Forward logs to Loki
      3) Create Alertingrules for app tenant
      4) Query active/firing alerts on openshift-monitoring AM
      5) Enable User-workload-monitoring
      6) Validate runtime-config for overrides.
      7) Wait for 5-10 minutes
      8) Query user-workload AM for alerts
      9) Query cluster-monitoring AM for alerts.

      How reproducible: Always

      Expected Result: User alerts can be queried through user-workload AM once UWM is enabled.

      Actual Result: Query with user-workload AM returns empty. Query with openshift-monitoring AM returns user alerts after UWM is enabled.

            btaani@redhat.com Bayan Taani (Inactive)
            rhn-support-kbharti Kabir Bharti
            Kabir Bharti Kabir Bharti
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: