ma shack/prometheus: import alerting-rules from mayflower

see: https://github.com/mayflower/nixexprs/blob/master/modules/monitoring/alert-rules.nix

2 files changed, 108 insertions, 84 deletions

diff --git a/krebs/2configs/shack/prometheus/alert-rules.nix b/krebs/2configs/shack/prometheus/alert-rules.nix
new file mode 100644
index 00000000..096c551b
--- /dev/null
+++ b/krebs/2configs/shack/prometheus/alert-rules.nix
@@ -0,0 +1,102 @@
+{ lib }:
+with lib;
+
+let
+  deviceFilter = ''device!="ramfs",device!="rpc_pipefs",device!="lxcfs",device!="nsfs",device!="borgfs"'';
+in mapAttrsToList (name: opts: {
+  alert = name;
+  expr = opts.condition;
+  for = opts.time or "2m";
+  labels = if (opts.page or true) then { severity = "page"; } else {};
+  annotations = {
+    summary = opts.summary;
+    description = opts.description;
+  };
+}) {
+  node_down = {
+    condition = ''up{job="node"} == 0'';
+    summary = "{{$labels.alias}}: Node is down.";
+    description = "{{$labels.alias}} has been down for more than 2 minutes.";
+  };
+  node_systemd_service_failed = {
+    condition = ''node_systemd_unit_state{state="failed"} == 1'';
+    summary = "{{$labels.alias}}: Service {{$labels.name}} failed to start.";
+    description = "{{$labels.alias}} failed to (re)start service {{$labels.name}}.";
+  };
+  node_filesystem_full_80percent = {
+    condition = ''sort(node_filesystem_free_bytes{${deviceFilter}} < node_filesystem_size_bytes{${deviceFilter}} * 0.2) / 1024^3'';
+    time = "10m";
+    summary = "{{$labels.alias}}: Filesystem is running out of space soon.";
+    description = "{{$labels.alias}} device {{$labels.device}} on {{$labels.mountpoint}} got less than 20% space left on its filesystem.";
+  };
+  node_filesystem_full_in_7d = {
+    condition = ''predict_linear(node_filesystem_free_bytes{${deviceFilter}}[2d], 7*24*3600) <= 0'';
+    time = "1h";
+    summary = "{{$labels.alias}}: Filesystem is running out of space in 7 days.";
+    description = "{{$labels.alias}} device {{$labels.device}} on {{$labels.mountpoint}} is running out of space of in approx. 7 days";
+  };
+  node_filesystem_full_in_30d = {
+    condition = ''predict_linear(node_filesystem_free_bytes{${deviceFilter}}[30d], 30*24*3600) <= 0'';
+    time = "1h";
+    summary = "{{$labels.alias}}: Filesystem is running out of space in 30 days.";
+    description = "{{$labels.alias}} device {{$labels.device}} on {{$labels.mountpoint}} is running out of space of in approx. 30 days";
+  };
+  node_filedescriptors_full_in_3h = {
+    condition = ''predict_linear(node_filefd_allocated[3h], 3*3600) >= node_filefd_maximum'';
+    time = "20m";
+    summary = "{{$labels.alias}} is running out of available file descriptors in 3 hours.";
+    description = "{{$labels.alias}} is running out of available file descriptors in approx. 3 hours";
+  };
+  node_filedescriptors_full_in_7d = {
+    condition = ''predict_linear(node_filefd_allocated[7d], 7*24*3600) >= node_filefd_maximum'';
+    time = "1h";
+    summary = "{{$labels.alias}} is running out of available file descriptors in 7 days.";
+    description = "{{$labels.alias}} is running out of available file descriptors in approx. 7 days";
+  };
+  node_load15 = {
+    condition = ''node_load15 / on(alias) count(node_cpu_seconds_total{mode="system"}) by (alias) >= 1.0'';
+    time = "10m";
+    summary = "{{$labels.alias}}: Running on high load: {{$value}}";
+    description = "{{$labels.alias}} is running with load15 > 1 for at least 5 minutes: {{$value}}";
+  };
+  node_ram_using_90percent = {
+    condition =  "node_memory_MemFree_bytes + node_memory_Buffers_bytes + node_memory_Cached_bytes < node_memory_MemTotal_bytes * 0.1";
+    time = "1h";
+    summary = "{{$labels.alias}}: Using lots of RAM.";
+    description = "{{$labels.alias}} is using at least 90% of its RAM for at least 1 hour.";
+  };
+  node_swap_using_30percent = {
+    condition = "node_memory_SwapTotal_bytes - (node_memory_SwapFree_bytes + node_memory_SwapCached_bytes) > node_memory_SwapTotal_bytes * 0.3";
+    time = "30m";
+    summary = "{{$labels.alias}}: Using more than 30% of its swap.";
+    description = "{{$labels.alias}} is using 30% of its swap space for at least 30 minutes.";
+  };
+  node_visible_confluence_space = {
+    condition = "node_visible_confluence_space != 0";
+    summary = "crowd prometheus cann see the {{$labels.space_name}} confluence space!";
+    description = "crowd user `prometheus` can see the `{{$labels.space_name}}` confluence space.";
+  };
+  node_hwmon_temp = {
+    condition = "node_hwmon_temp_celsius > node_hwmon_temp_crit_celsius*0.9 OR node_hwmon_temp_celsius > node_hwmon_temp_max_celsius*0.95";
+    time = "5m";
+    summary = "{{$labels.alias}}: Sensor {{$labels.sensor}}/{{$labels.chip}} temp is high: {{$value}} ";
+    description = "{{$labels.alias}} reports hwmon sensor {{$labels.sensor}}/{{$labels.chip}} temperature value is nearly critical: {{$value}}";
+  };
+  node_conntrack_limit = {
+    condition  = "node_nf_conntrack_entries_limit - node_nf_conntrack_entries < 1000";
+    time = "5m";
+    summary = "{{$labels.alias}}: Number of tracked connections high";
+    description = "{{$labels.alias}} has only {{$value}} free slots for connection tracking available.";
+  };
+  node_reboot = {
+    condition = "time() - node_boot_time_seconds < 300";
+    summary = "{{$labels.alias}}: Reboot";
+    description = "{{$labels.alias}} just rebooted.";
+  };
+  node_uptime = {
+    condition = "time() - node_boot_time_seconds > 2592000";
+    page = false;
+    summary = "{{$labels.alias}}: Uptime monster";
+    description = "{{$labels.alias}} has been up for more than 30 days.";
+  };
+}
diff --git a/krebs/2configs/shack/prometheus/server.nix b/krebs/2configs/shack/prometheus/server.nix
index 7f6f3861..f5d2e764 100644
--- a/krebs/2configs/shack/prometheus/server.nix
+++ b/krebs/2configs/shack/prometheus/server.nix
@@ -28,90 +28,12 @@
         "-storage.local.index-cache-size.label-name-to-label-values 2097152"
         "-storage.local.index-cache-size.label-pair-to-fingerprints 41943040"
       ];
-      rules = [
-        ''
-          ALERT node_down
-          IF up == 0
-          FOR 5m
-          LABELS {
-            severity="page"
-          }
-          ANNOTATIONS {
-            summary = "{{$labels.alias}}: Node is down.",
-            description = "{{$labels.alias}} has been down for more than 5 minutes."
-          }
-          ALERT node_systemd_service_failed
-          IF node_systemd_unit_state{state="failed"} == 1
-          FOR 4m
-          LABELS {
-            severity="page"
-          }
-          ANNOTATIONS {
-            summary = "{{$labels.alias}}: Service {{$labels.name}} failed to start.",
-            description = "{{$labels.alias}} failed to (re)start service {{$labels.name}}."
-          }
-          ALERT node_filesystem_full_90percent
-          IF sort(node_filesystem_free{device!="ramfs"} < node_filesystem_size{device!="ramfs"} * 0.1) / 1024^3
-          FOR 5m
-          LABELS {
-            severity="page"
-          }
-          ANNOTATIONS {
-            summary = "{{$labels.alias}}: Filesystem is running out of space soon.",
-            description = "{{$labels.alias}} device {{$labels.device}} on {{$labels.mountpoint}} got less than 10% space left on its filesystem."
-          }
-          ALERT node_filesystem_full_in_4h
-          IF predict_linear(node_filesystem_free{device!="ramfs"}[1h], 4*3600) <= 0
-          FOR 5m
-          LABELS {
-            severity="page"
-          }
-          ANNOTATIONS {
-            summary = "{{$labels.alias}}: Filesystem is running out of space in 4 hours.",
-            description = "{{$labels.alias}} device {{$labels.device}} on {{$labels.mountpoint}} is running out of space of in approx. 4 hours"
-          }
-          ALERT node_filedescriptors_full_in_3h
-          IF predict_linear(node_filefd_allocated[1h], 3*3600) >= node_filefd_maximum
-          FOR 20m
-          LABELS {
-            severity="page"
-          }
-          ANNOTATIONS {
-            summary = "{{$labels.alias}} is running out of available file descriptors in 3 hours.",
-            description = "{{$labels.alias}} is running out of available file descriptors in approx. 3 hours"
-          }
-          ALERT node_load1_90percent
-          IF node_load1 / on(alias) count(node_cpu{mode="system"}) by (alias) >= 0.9
-          FOR 1h
-          LABELS {
-            severity="page"
-          }
-          ANNOTATIONS {
-            summary = "{{$labels.alias}}: Running on high load.",
-            description = "{{$labels.alias}} is running with > 90% total load for at least 1h."
-          }
-          ALERT node_cpu_util_90percent
-          IF 100 - (avg by (alias) (irate(node_cpu{mode="idle"}[5m])) * 100) >= 90
-          FOR 1h
-          LABELS {
-            severity="page"
-          }
-          ANNOTATIONS {
-            summary = "{{$labels.alias}}: High CPU utilization.",
-            description = "{{$labels.alias}} has total CPU utilization over 90% for at least 1h."
-          }
-          ALERT node_ram_using_90percent
-          IF node_memory_MemFree + node_memory_Buffers + node_memory_Cached < node_memory_MemTotal * 0.1
-          FOR 30m
-          LABELS {
-            severity="page"
-          }
-          ANNOTATIONS {
-            summary="{{$labels.alias}}: Using lots of RAM.",
-            description="{{$labels.alias}} is using at least 90% of its RAM for at least 30 minutes now.",
-          }
-        ''
-      ];
+      ruleFiles = lib.singleton (pkgs.writeText "prometheus-rules.yml" (builtins.toJSON {
+            groups = lib.singleton {
+              name = "mf-alerting-rules";
+              rules = import ./alert-rules.nix { inherit lib; };
+            };
+          }));
       scrapeConfigs = [
         {
           job_name = "node";