Complete mapping of Prometheus alerts

[aleksandra-galara]

It refers to #34 and complete mapping
alerts due to list created in issue

[bzurkowski]

@aleksandra-galara First off, thanks for your first contribution. 🎉🍰 You did really well! 👌I added only a few minor remarks. Some are purely cosmetic, others concern the mapping scope.

I noticed, a significant number of alerts is mapped to the root cluster node. In most cases it's correct because these alerts don't provide enough labels to correlate with less generic elements. If you see any options to narrow down the mapping scope, please share your ideas 😉

[bzurkowski]

Suggested change

	kind: cronjob
	kind: cron_job

Let's follow the convention of using underscores for kind names consisting of multiple parts. Note e.g. persistent_volume_claim or daemon_set .

[bzurkowski]

I'm wondering what the controller label means in the alert definition. Maybe together with the namespace label we could map it to something less generic than the namespace object?

[bzurkowski]

Please, move it up near to other deployment-related alerts.

[bzurkowski]

I'm not sure whether instance label is actually what we think it is. It might be the IP/hostname of etcd pod rather than the name of a node. Look at this issue and here for examples.

If that's the case, do you think we could map these alerts by pod IP? We already extract an IP for each pod.

[bzurkowski]

PVCs are namespaced. In order to prevent conflicts you must include namespace property as well.

[bzurkowski]

Is it possible to map this alert to service kind instead of namespace kind based on service + namespace labels?

[bzurkowski]

Please, move this mapping up near to other node-related alerts.

[bzurkowski]

For now, let's map aggregated API alerts to cluster kind.

[bzurkowski]

Shouldn't we map these alerts to the cluster kind instead of the namespace kind?

Although the kube_resourcequota metric is namespace-scoped, alert expressions for these two alerts sum values for all metric instances (namespaces):

- alert: KubeCPUQuotaOvercommit
    annotations:
    message: Cluster has overcommitted CPU resource requests for Namespaces.
    runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubecpuquotaovercommit
    expr: |
    sum(kube_resourcequota{job="kube-state-metrics", type="hard", resource="cpu"})
        /
    sum(kube_node_status_allocatable_cpu_cores)
        > 1.5

The alert name (for Namespaces) is misleading though..

[bzurkowski]

Let's map to cluster kind instead of namespace kind.

Namespace kind is not enabled in the graph - we should avoid it as much as possible. Since many other Prometheus alerts (e.g. PrometheusOperatorDown) have been already mapped to cluster kind, we should be consistent.

[bzurkowski]

Thanks for the fixes. I added two more minor remarks. Thanks!

[bzurkowski]

This one is duplicated and should be removed.

[bzurkowski]

I see. Then for now, let's keep the mapping as it is. Thanks for adding the issue for improvements.

[bzurkowski]

I just looked at this Github thread and it seems that the instance label does not contain name of a node, but rather IP address of a client:

Kubernetes API server client 'kubelet/10.0.2.15:10250' is experiencing 3% errors.
Kubernetes API server client 'apiserver/192.168.99.100:8443' is experiencing 24% errors.

I'm afraid we must map to the cluster node again.

[bzurkowski]

Change approved. Ready for merge!