For optimal reading, please switch to desktop mode.
Published: Thu 03 September 2020
Updated: Thu 03 September 2020
By Isaac Prior
In Deployment .
tags: openstack kayobe kolla monasca monitoring
Here at StackHPC we've used and experimented with Monasca in a variety of ways,
contributing upstream wherever possible .
For the benefit of those using or considering either Monasca or Kayobe we
thought we'd share some of our tips for deploying and configuring it.
This tutorial will follow on from the
Kayobe a-universe-from-nothing tutorial on Train
to demonstrate how to deploy and customise Monasca with Kolla-Ansible.
Assuming you've got a Kayobe environment (see our helpful
universe-from-nothing
blog post if you haven't already) you're only a few steps away from having a
deployed Monasca stack. Here's how.
Before we begin
From your designated Ansible control host, source the Kayobe virtualenv,
kayobe-env and admin credentials files.
Assuming the virtualenv and kayobe-config locations are the same as in the
a-universe-from-nothing tutorial :
$ source ~/kayobe-venv/bin/activate
$ cd ~/kayobe/config/src/kayobe-config/
$ source kayobe-env
$ source etc/kolla/admin-openrc.sh
Any reference to a filesystem path from this point in the guide will be
relative to the kayobe-config directory above.
Optional
Optionally, enable Kayobe shell completion:
$ source <( kayobe complete )
Containers
First you'll need Kolla containers, these can either be pulled from
Docker Hub
or built using Kayobe.
Kolla containers are either of the source or binary variety depending on how
they were built and this is reflected in their image name. Note that not every
component
supports both build types
and Monasca is only available from source. In practice,
this means we'll need to inform Kolla and Kolla-Ansible of the container image
to build (unless pulling from Dockerhub) and deploy respectively.
Pulling from Docker Hub
If you've followed a universe-from-nothing build the following
script can be used to pull the relevant containers from the Docker Hub
Kolla repositories and push them to the
seed:
# !/bin/bash
set -e
tag=${1:-train}
images="kolla/centos-binary-zookeeper
kolla/centos-binary-kafka
kolla/centos-binary-storm
kolla/centos-binary-logstash
kolla/centos-binary-kibana
kolla/centos-binary-elasticsearch
kolla/centos-binary-influxdb
kolla/centos-source-monasca-api
kolla/centos-source-monasca-notification
kolla/centos-source-monasca-persister
kolla/centos-source-monasca-agent
kolla/centos-source-monasca-thresh
kolla/centos-source-monasca-grafana"
registry=192.168.33.5:4000
for image in $images; do
ssh stack@192.168.33.5 sudo docker pull $image:$tag
ssh stack@192.168.33.5 sudo docker tag $image:$tag $registry/$image:$tag
ssh stack@192.168.33.5 sudo docker push $registry/$image:$tag
done
Building using Kayobe
Building your own containers is the recommended approach for production
OpenStack and is required if customising the Kolla Dockerfiles.
The following Kayobe commands can be used to build Monasca and related
containers:
$ kayobe overcloud container image build kafka influxdb kibana elasticsearch zookeeper storm logstash --push
$ kayobe overcloud container image build monasca -e kolla_install_type = source --push
The --push argument will push these containers to the Docker registry on
the seed node once built.
Configuring Kayobe
StackHPC usually recommends a cluster of 3 separate nodes for monitoring
infrastructure but with sufficient available resources it is possible to
configure the controllers as monitoring nodes.
For separate monitoring nodes see here
for an example of adding another node type.
If instead you are running monitoring services on controllers then add the
following to etc/kayobe/inventory/groups :
[monitoring:children]
# Add controllers to monitoring group
controllers
Configuring Kolla-Ansible
Add the following to the contents of etc/kayobe/kolla/globals.yml :
# Roles which grant read/write access to Monasca APIs
monasca_default_authorized_roles:
- admin
- monasca-user
# Roles which grant write access to Monasca APIs
monasca_agent_authorized_roles:
- monasca-agent
# Project name to send control plane logs and metrics to
monasca_control_plane_project: monasca_control_plane
This configures Kolla-Ansible
with some sane defaults for user and agent roles and finally
names the OpenStack project for metrics as monasca_control_plane .
Configuring Monasca
StackHPC makes regular use of the
Slack notification plugin
for alerts.
To demonstrate how this works we'll enable and customise this feature.
Customising Monasca requires creating configuration under directories that do not
yet exist, so first create both the
Kolla config Monasca directory
and a subdirectory for alarm notification templates:
$ mkdir -p etc/kayobe/kolla/config/monasca/notification_templates
Monasca-Notification configuration
Populate the monasca-notification container's configuration at
etc/kayobe/kolla/config/monasca/notification.conf to enable Slack webhooks
and set the notification template:
[notification_types]
enabled = slack,webhook
[slack_notifier]
message_template = "/etc/monasca/slack_template.j2"
timeout = 5
ca_certs = "/etc/ssl/certs/ca-bundle.crt"
insecure = False
[webhook_notifier]
timeout = 5
Slack webhook notification template
Custom Slack notification templates should be placed in
etc/kayobe/kolla/config/monasca/notification_templates/slack_template.j2 .
If you've followed a universe-from-nothing template then the following jinja
will work as is:
{% raw %}{% set base_url = "http://{% endraw %}{{ aio_vip_address }}{% raw %}:3001/plugins/monasca-app/page/alarms" -%}
Alarm: `{{ alarm_name }}`
{%- if metrics[0].dimensions.hostname is defined -%}
{% set hosts = metrics|map(attribute='dimensions.hostname')|unique|list %} on host(s): `{{ hosts|join(', ') }}` moved to <{{ base_url }}?dimensions=hostname:{{ hosts|join('|') }}|status>: `{{ state }}`
{%- else %} moved to <{{ base_url }}|status>: `{{ state }}`
{%- endif %}.{% endraw %}
If you've prepared your own deployment then {{ aio_vip_address }} will need
to be replaced with the address of an accessible VIP interface as defined in
etc/kayobe/networks.yml .
Astute Jinja practitioners may notice that the notification template is wrapped
inside {% raw %} tags except for the VIP address: this allows Kayobe to
insert a variable not visible at the time Kolla-Ansible templates the file.
Adding Dashboards & Datasources
Monasca-Grafana will need to be configured with the monasca-api address as a
metric source. Note elasticsearch can also be configured as a metric source
to visualise log metrics.
Optionally custom dashboards can also be defined in the same file
etc/kayobe/grafana.yml :
# Path to git repo containing Grafana dashboards. Eg.
# https://github.com/stackhpc/grafana-reference-dashboards.git
grafana_monitoring_node_dashboard_repo: "https://github.com/stackhpc/grafana-reference-dashboards.git"
# Dashboard repo version. Optional, defaults to 'HEAD' .
grafana_monitoring_node_dashboard_repo_version: "stable/train"
# The path, relative to the grafana_monitoring_node_dashboard_repo_checkout_path
# containing the dashboards. Eg. /prometheus/control_plane
grafana_monitoring_node_dashboard_repo_path: "/monasca/control_plane"
# A dict of datasources to configure. See the stackhpc.grafana-conf role
# for all supported datasources.
grafana_datasources:
monasca_api:
port: 8070
host: "{{ aio_vip_address }}"
elasticsearch:
port: 9200
host: "{{ aio_vip_address }}"
project_id: "{{ monasca_control_plane_project_id | default('') }}"
Pulling containers to the overcloud
Once the configuration is in place, it is recommended to prepare for the next step
by pulling the new containers from the seed registry to the relevant overcloud
nodes:
$ kayobe overcloud container image pull
This also serves to check all required containers are available.
Deploying Monasca
Deploying Monasca and friends using Kayobe can take a considerable length of
time due to the number of checks Kayobe and Kolla-Ansible both perform.
Being familiar with kolla-ansible we can skip some of these tasks with the
--kolla-tags
argument:
$ kayobe overcloud service deploy --kolla-tags monasca,elasticsearch,influxdb,mariadb,kafka,kibana,grafana,storm,kafka,zookeeper,haproxy,common
The above command will deploy only Monasca and related services.
A word of caution however, limiting tasks in this fashion can have unexpected
consequences for inexperienced users and honestly doesn't save much time.
If in doubt which tags are required run a full deploy with:
$ kayobe overcloud service deploy
Now would be a good point to grab a cup of tea.
Run in a production environment, this command shouldn't cause any disruption
to tenant services (on sufficient hardware) but HAProxy will restart,
potentially interrupting connections to the API for a brief period.
Adding Dashboards & Datasources
Assuming the deployment completed successfully, additional tasks are still
required to configure Grafana with the datasources and dashboards defined in
etc/kayobe/grafana.yml :
$ kayobe overcloud post configure --tags grafana
Testing
You should now be able to navigate to Grafana and Kibana, found by default on
ports 3001 & 5601.
To start using the Monasca CLI, install it from PyPI and configure the relevant
roles to authenticate in the Monasca project. Create and activate a fresh venv
for the purpose:
$ deactivate
$ python3 -m venv ~/monasca-venv
$ source ~/monasca-venv/bin/activate
$ pip install python-openstackclient
$ pip install python-monascaclient
$ source etc/kolla/admin-openrc.sh
Optionally enable shell completion:
$ source <( openstack complete )
$ source <( monasca complete )
Add the admin user to the monasca_control_plane project (and double check):
$ openstack role add --user admin --project monasca_control_plane admin
$ openstack role assignment list --names --project monasca_control_plane
Switch to the monasca_control_plane project and view available metric names:
$ export OS_PROJECT_NAME = monasca_control_plane
$ unset OS_TENANT_NAME
$ monasca metric-name-list
Alarms!
Don't forget to install the Slack
Incoming webhooks
integration in order to
make use of Monasca alerts. Once that is installed and configured in a channel,
you'll be provided with a webhook URL - since this is a private URL it should be
secured before being added to kayobe-config (for more information see the
Kayobe documentation on secrets ).
Deploying Alarms from a custom playbook
Alarms and notification definitions can be created using the monasca CLI ,
but in keeping with the configuration-as-code approach thus far we'd recommend
our ansible role
for the task - it contains a reasonably sane set of alarms for monitoring
both overcloud nodes and OpenStack services.
With some additional configuration, the role can be
installed and used by Kayobe .
First create the directory and provide symlinks to Kayobe Ansible as per
the documentation :
$ mkdir -p etc/kayobe/ansible
$ cd etc/kayobe/ansible
$ ln -s ../../../../kayobe/ansible/filter_plugins/ filter_plugins
$ ln -s ../../../../kayobe/ansible/group_vars/ group_vars
$ ln -s ../../../../kayobe/ansible/test_plugins/ test_plugins
$ cd -
And then etc/kayobe/ansible/requirements.yml to specify the role:
---
- src: stackhpc.monasca_default_alarms
version: 1.3.0
An example playbook to deploy only the system level alerts
(cpu, disk, memory usage) in etc/kayobe/ansible/monasca_alarms.yml .
This assumes you've created a variable for your slack webhook called
secrets_monasca_slack_webhook and that the monasca CLI virtualenv is in
~/monasca-venv :
- name: Create Monasca notification method and alarms
hosts: localhost
gather_facts: yes
vars:
keystone_url: "http://{{ aio_vip_address }}:5000/v3"
keystone_project: "monasca_control_plane"
monasca_endpoint_interface: ["internal"]
notification_address: "{{ secrets_monasca_slack_webhook }}"
notification_name: "Default Slack Notification"
notification_type: "SLACK"
monasca_client_virtualenv_dir: "~/monasca-venv"
virtualenv_become: "no"
skip_tasks: ["misc", "openstack", "monasca", "ceph"]
roles:
- {role: stackhpc.monasca_default_alarms, tags: [alarms]}
The Ansible galaxy role can be installed using Kayobe with:
$ kayobe control host bootstrap
And the playbook invoking it can be executed with:
$ kayobe playbook run ${ KAYOBE_CONFIG_PATH } /ansible/monasca_alarms.yml