From e5fdcd13d4f236da3ab572ad0c2daf4072089783 Mon Sep 17 00:00:00 2001 From: Eliska Romanova Date: Mon, 15 Sep 2025 12:20:19 +0200 Subject: [PATCH] OBSDOCS-2225: Fix issues identified by the CQA in configuring metrics sections --- ...reating-cluster-id-labels-for-metrics.adoc | 2 +- ...vice-endpoint-authentication-settings.adoc | 2 +- ...-collection-for-user-defined-projects.adoc | 2 +- ...-remote-write-authentication-settings.adoc | 23 +++++++++++++------ ...itoring-table-of-remote-write-metrics.adoc | 2 +- 5 files changed, 20 insertions(+), 11 deletions(-) diff --git a/modules/monitoring-creating-cluster-id-labels-for-metrics.adoc b/modules/monitoring-creating-cluster-id-labels-for-metrics.adoc index 55feedc0aae6..361651ebb09b 100644 --- a/modules/monitoring-creating-cluster-id-labels-for-metrics.adoc +++ b/modules/monitoring-creating-cluster-id-labels-for-metrics.adoc @@ -18,7 +18,7 @@ :component: prometheus // end::UWM[] -You can create cluster ID labels for metrics by adding the `write_relabel` settings for remote write storage in the `{configmap-name}` config map in the `{namespace-name}` namespace. +You can create cluster ID labels for metrics by adding the `write_relabel` settings for remote write storage in the `{configmap-name}` config map in the `{namespace-name}` namespace. By adding a cluster ID label, you can uniquely identify metrics and track them consistently across clusters and workloads. ifndef::openshift-dedicated,openshift-rosa[] // tag::UWM[] diff --git a/modules/monitoring-example-service-endpoint-authentication-settings.adoc b/modules/monitoring-example-service-endpoint-authentication-settings.adoc index 969e611fa433..606bd7653e8e 100644 --- a/modules/monitoring-example-service-endpoint-authentication-settings.adoc +++ b/modules/monitoring-example-service-endpoint-authentication-settings.adoc @@ -6,7 +6,7 @@ [id="example-service-endpoint-authentication-settings_{context}"] = Example service endpoint authentication settings -You can configure authentication for service endpoints for user-defined project monitoring by using `ServiceMonitor` and `PodMonitor` custom resource definitions (CRDs). +You can configure authentication to safely scrape metrics from service endpoints in a user-defined project by using `ServiceMonitor` and `PodMonitor` custom resource definitions (CRDs). The following samples show different authentication settings for a `ServiceMonitor` resource. Each sample shows how to configure a corresponding `Secret` object that contains authentication credentials and other relevant settings. diff --git a/modules/monitoring-setting-up-metrics-collection-for-user-defined-projects.adoc b/modules/monitoring-setting-up-metrics-collection-for-user-defined-projects.adoc index 762683dba3e1..bae30e8ec0ea 100644 --- a/modules/monitoring-setting-up-metrics-collection-for-user-defined-projects.adoc +++ b/modules/monitoring-setting-up-metrics-collection-for-user-defined-projects.adoc @@ -8,4 +8,4 @@ You can create a `ServiceMonitor` resource to scrape metrics from a service endpoint in a user-defined project. This assumes that your application uses a Prometheus client library to expose metrics to the `/metrics` canonical name. -This section describes how to deploy a sample service in a user-defined project and then create a `ServiceMonitor` resource that defines how that service should be monitored. +You can deploy a sample service in a user-defined project and then create a `ServiceMonitor` resource that defines how that service should be monitored. diff --git a/modules/monitoring-supported-remote-write-authentication-settings.adoc b/modules/monitoring-supported-remote-write-authentication-settings.adoc index 55aff7883ba8..eebd033f94c8 100644 --- a/modules/monitoring-supported-remote-write-authentication-settings.adoc +++ b/modules/monitoring-supported-remote-write-authentication-settings.adoc @@ -6,7 +6,15 @@ [id="supported-remote-write-authentication-settings_{context}"] = Supported remote write authentication settings -You can use different methods to authenticate with a remote write endpoint. Currently supported authentication methods are AWS Signature Version 4, basic authentication, authorization, OAuth 2.0, and TLS client. The following table provides details about supported authentication methods for use with remote write. +You can use different methods to authenticate with a remote write endpoint. The following authentication methods are supported: + +* AWS Signature Version 4 +* Basic authentication +* Authorization +* OAuth 2.0 +* TLS client + +The following table provides details about supported authentication methods for remote write. [options="header"] |=== @@ -14,17 +22,18 @@ You can use different methods to authenticate with a remote write endpoint. Curr |Authentication method|Config map field|Description |AWS Signature Version 4|`sigv4`|This method uses AWS Signature Version 4 authentication to sign requests. -You cannot use this method simultaneously with authorization, OAuth 2.0, or Basic authentication. +You cannot use this method together with authorization, OAuth 2.0, or Basic authentication. -|Basic authentication|`basicAuth`|Basic authentication sets the authorization header on every remote write request with the configured username and password. +|Basic authentication|`basicAuth`|Basic authentication sets an authorization header with the configured username and password on each remote write request. -|authorization|`authorization`|Authorization sets the `Authorization` header on every remote write request using the configured token. +|authorization|`authorization`|Authorization sets the `Authorization` header on each remote write request by using the configured token. |OAuth 2.0|`oauth2`|An OAuth 2.0 configuration uses the client credentials grant type. Prometheus fetches an access token from `tokenUrl` with the specified client ID and client secret to access the remote write endpoint. -You cannot use this method simultaneously with authorization, AWS Signature Version 4, or Basic authentication. +You cannot use this method together with authorization, AWS Signature Version 4, or Basic authentication. + +|TLS client|`tlsConfig`|A TLS client configuration specifies the CA certificate, client certificate, and client key file used to authenticate with the remote write endpoint server using TLS. -|TLS client|`tlsConfig`|A TLS client configuration specifies the CA certificate, the client certificate, and the client key file information used to authenticate with the remote write endpoint server using TLS. -The sample configuration assumes that you have already created a CA certificate file, a client certificate file, and a client key file. +The sample configuration requires that you have already created a CA certificate file, a client certificate file, and a client key file. |=== diff --git a/modules/monitoring-table-of-remote-write-metrics.adoc b/modules/monitoring-table-of-remote-write-metrics.adoc index 113013e29573..67a730635e5d 100644 --- a/modules/monitoring-table-of-remote-write-metrics.adoc +++ b/modules/monitoring-table-of-remote-write-metrics.adoc @@ -6,7 +6,7 @@ [id="table-of-remote-write-metrics_{context}"] = Table of remote write metrics -The following table contains remote write and remote write-adjacent metrics with further description to help solve issues during remote write configuration. +The following table contains remote write and remote write-adjacent metrics with further descriptions. The metrics help solve issues during remote write configuration. [options="header"] |===