@toolisticon/oc-routes-prometheus-exporter

    1.2.7 • Public • Published

    Monitor OpenShift Routes in Prometheus

    License Build Status Docker Build Status npm version npm downloads Docker Stars

    Usage

    This nodejs application assumes that the container in which the application is running has already a valid OpenShift session. The entrypoint will try to autologin via a service account. So all you need is to create a image with the desired openschift installed:

    FROM toolisticon/oc-routes-prometheus-exporter:latest
    
    ENV SUMMARY="openshift-ssl-verify runtime image"
    ENV DESCRIPTION="openshift-ssl-verify runtime"
    ENV TZ="Europe/Berlin"
    ENV OPENSHIFT_VERSION=3.10.0
    ENV NVM_DIR="$HOME/.nvm"
    ENV CONSOLE_LOG="true"
    ENV LOG_LEVEL="INFO"
    
    LABEL summary="$SUMMARY" \
          description="$DESCRIPTION" \
          io.k8s.description="$DESCRIPTION" \
          io.k8s.display-name="sslverify" \
          io.openshift.tags="security,sslverify,platform" \
          com.redhat.component="sslverify-container"
    
    USER 0
    
    # Update
    RUN yum -y update && yum clean all && rm -rf /var/cache/yum
    
    # Install oc and jq
    RUN yum -y install centos-release-openshift-origin && \
        yum -y install origin-clients-${OPENSHIFT_VERSION} && \
        yum -y install epel-release && yum -y install jq
    
    USER 1000
    

    The pod should start with this output:

    Now using node v8.15.0 (npm v6.4.1)
    [2019-01-18T14:59:04.929Z] prometheus-exporter listening at 9000
    [2019-01-18T15:00:00.005Z] Triggering check
    [2019-01-18T15:00:00.006Z] Start reading route information.
    [2019-01-18T15:00:05.133Z] Start triggering scan.
    

    Sample Values

    The metrics are available via via localhost:9000 on the pod:

    security_ssl_mozilla_observatory{algorithm_version="2",end_time="1548079211000",grade="D",hidden="false",likelihood_indicator="MEDIUM",scan_id="9806703",score="35",start_time="1548079207000",state="FINISHED",status_code="404",tests_failed="3",tests_passed="9",tests_quantity="12",url="sample-config.sample.com",name="sample-config",namespace="project2",labels_app="myapp",labels_environment="dev",} 35.0
    security_ssl_details{valid="true",valid_from="1545553135000",valid_to="1553329135000",days_remaining="60",url="api-test.sample.com",status="200",name="api-test",namespace="project1",labels_app="myapp",labels_environment="test",} 200.0
    security_ssl_expire_days_remaining{url="api-test.sample.com",name="api-test",namespace="project1",labels_app="myapp",labels_environment="test",} 60.0
    

    If you want to complete use

    Configuration

    You can override the config via environment variables:

       OPENSHIFT_MASTER_URL
       SERVER_PORT: // set desired port for prometheus endpoint, defaults to 9000
       CRON: // set cron pattern, default is '0 0 * * * *',
       LOG_LEVEL: // set log level, default is 'ERROR' ('INFO' outputs details info),
       CONSOLE_LOG: // set to true to omit logging to file, otherwise logs will be written to `logs` dir
    

    You'll find a Grafana Dashboard here:

    Troubleshooting

    Access denied

    If the service account does not have access to projects, you will see this message

    Logged into "https://...:8443" as "system:serviceaccount:security:sslverify" using the token provided.
    
    You don't have any projects. Contact your system administrator to request a project.
    Welcome! See 'oc help' to get started.
    

    SSL error

    If you see this kind of error:

    error: The server uses a certificate signed by unknown authority. You may need to use the --certificate-authority flag to provide the path to a certificate file for the certificate authority, or --insecure-skip-tls-verify to bypass the certificate check and use insecure connections.
    

    you are using the internal kubernetes host which might be secured by self-signed certificates. Either use the public endpoint with proper ssl certificates or install the certificate to the keystore.

    Development

    Debug

    To debug run the following command:

    node --inspect-brk index.js
    

    To debug unit tests:

    npm run test:debug
    

    Install

    npm i @toolisticon/oc-routes-prometheus-exporter

    DownloadsWeekly Downloads

    249

    Version

    1.2.7

    License

    MIT

    Unpacked Size

    32.2 kB

    Total Files

    21

    Last publish

    Collaborators

    • avatar
    • avatar