From be7398b10b3c6c5abb55e5f0752debacb9567b02 Mon Sep 17 00:00:00 2001 From: Sohamdg081992 <31517098+Sohamdg081992@users.noreply.github.com> Date: Wed, 27 Sep 2023 14:37:22 -0700 Subject: [PATCH] Add cluster scope to alert rule groups for linking them with UX (#600) * Removing duplicate alerts from ci recommended alerts * Remove test branch * Remove preview keyword from policy readme * Add cluster id scope to rule groups for alerts to be linked to UX * adding terraform update --- .../FullAzureMonitorMetricsProfile.json | 12 ++++++++---- .../WindowsRecordingRules.json | 8 +++++--- .../AzureMonitorAlertsProfile.bicep | 8 ++------ .../FullAzureMonitorMetricsProfile.bicep | 16 ++++------------ .../AddonPolicyMetricsProfile.rules.json | 16 ++++++++++++---- AddonTerraformTemplate/main.tf | 8 ++++---- .../Default/DefaultAlerts.json | 9 ++++++++- .../Default/DefaultRecordingRules.json | 11 ++++++++++- .../templates/ci_recommended_alerts.json | 9 ++++++++- 9 files changed, 61 insertions(+), 36 deletions(-) diff --git a/AddonArmTemplate/FullAzureMonitorMetricsProfile.json b/AddonArmTemplate/FullAzureMonitorMetricsProfile.json index 7fb9c5f89..f6432a023 100644 --- a/AddonArmTemplate/FullAzureMonitorMetricsProfile.json +++ b/AddonArmTemplate/FullAzureMonitorMetricsProfile.json @@ -221,7 +221,8 @@ "properties": { "description": "[concat(variables('nodeRecordingRuleGroupDescription'), variables('version'))]", "scopes": [ - "[parameters('azureMonitorWorkspaceResourceId')]" + "[parameters('azureMonitorWorkspaceResourceId')]", + "[parameters('clusterResourceId')]" ], "clusterName": "[variables('clusterName')]", "interval": "PT1M", @@ -281,7 +282,8 @@ "properties": { "description": "[concat(variables('kubernetesRecordingRuleGroupDescription'), variables('version'))]", "scopes": [ - "[parameters('azureMonitorWorkspaceResourceId')]" + "[parameters('azureMonitorWorkspaceResourceId')]", + "[parameters('clusterResourceId')]" ], "clusterName": "[variables('clusterName')]", "interval": "PT1M", @@ -385,7 +387,8 @@ "properties": { "description": "[concat(variables('RecordingRuleGroupDescriptionWin'), variables('version'))]", "scopes": [ - "[parameters('azureMonitorWorkspaceResourceId')]" + "[parameters('azureMonitorWorkspaceResourceId')]", + "[parameters('clusterResourceId')]" ], "enabled": "[parameters('enableWindowsRecordingRules')]", "clusterName": "[variables('clusterName')]", @@ -462,7 +465,8 @@ "properties": { "description": "[concat(variables('RecordingRuleGroupDescriptionWin'), variables('version'))]", "scopes": [ - "[parameters('azureMonitorWorkspaceResourceId')]" + "[parameters('azureMonitorWorkspaceResourceId')]", + "[parameters('clusterResourceId')]" ], "enabled": "[parameters('enableWindowsRecordingRules')]", "clusterName": "[variables('clusterName')]", diff --git a/AddonArmTemplate/WindowsRecordingRuleGroupTemplate/WindowsRecordingRules.json b/AddonArmTemplate/WindowsRecordingRuleGroupTemplate/WindowsRecordingRules.json index 68d58498a..69d9e6d49 100644 --- a/AddonArmTemplate/WindowsRecordingRuleGroupTemplate/WindowsRecordingRules.json +++ b/AddonArmTemplate/WindowsRecordingRuleGroupTemplate/WindowsRecordingRules.json @@ -56,7 +56,8 @@ "properties": { "description": "[concat(variables('RecordingRuleGroupDescriptionWin'), variables('version'))]", "scopes": [ - "[parameters('azureMonitorWorkspaceResourceId')]" + "[parameters('azureMonitorWorkspaceResourceId')]", + "[parameters('clusterResourceId')]" ], "enabled": true, "clusterName": "[variables('clusterName')]", @@ -133,7 +134,8 @@ "properties": { "description": "[concat(variables('RecordingRuleGroupDescriptionWin'), variables('version'))]", "scopes": [ - "[parameters('azureMonitorWorkspaceResourceId')]" + "[parameters('azureMonitorWorkspaceResourceId')]", + "[parameters('clusterResourceId')]" ], "enabled": true, "clusterName": "[variables('clusterName')]", @@ -211,4 +213,4 @@ } } ] -} \ No newline at end of file +} diff --git a/AddonBicepTemplate/AzureMonitorAlertsProfile.bicep b/AddonBicepTemplate/AzureMonitorAlertsProfile.bicep index 7949150c2..6ed9a1b83 100644 --- a/AddonBicepTemplate/AzureMonitorAlertsProfile.bicep +++ b/AddonBicepTemplate/AzureMonitorAlertsProfile.bicep @@ -16,9 +16,7 @@ resource recommendedAlerts 'Microsoft.AlertsManagement/prometheusRuleGroups@2023 location: location properties: { description: 'Kubernetes Alert RuleGroup-RecommendedCIAlerts - 0.1' - scopes: [ - monitorWorkspace.id - ] + scopes: [monitorWorkspace.id,aksResourceId] clusterName: split(aksResourceId, '/')[8] enabled: true interval: 'PT5M' @@ -241,9 +239,7 @@ resource communityALerts 'Microsoft.AlertsManagement/prometheusRuleGroups@2023-0 location: location properties: { description: 'Kubernetes Alert RuleGroup-communityCIAlerts - 0.1' - scopes: [ - monitorWorkspace.id - ] + scopes: [monitorWorkspace.id,aksResourceId] clusterName: split(aksResourceId, '/')[8] enabled: true interval: 'PT1M' diff --git a/AddonBicepTemplate/FullAzureMonitorMetricsProfile.bicep b/AddonBicepTemplate/FullAzureMonitorMetricsProfile.bicep index c906b2e87..58715bc12 100644 --- a/AddonBicepTemplate/FullAzureMonitorMetricsProfile.bicep +++ b/AddonBicepTemplate/FullAzureMonitorMetricsProfile.bicep @@ -141,9 +141,7 @@ resource nodeRecordingRuleGroup 'Microsoft.AlertsManagement/prometheusRuleGroups location: azureMonitorWorkspaceLocation properties: { description: '${nodeRecordingRuleGroupDescription}${version}' - scopes: [ - azureMonitorWorkspaceResourceId - ] + scopes: [azureMonitorWorkspaceResourceId,clusterResourceId] enabled: true clusterName: clusterName interval: 'PT1M' @@ -201,9 +199,7 @@ resource kubernetesRecordingRuleGroup 'Microsoft.AlertsManagement/prometheusRule location: azureMonitorWorkspaceLocation properties: { description: '${kubernetesRecordingRuleGroupDescription}${version}' - scopes: [ - azureMonitorWorkspaceResourceId - ] + scopes: [azureMonitorWorkspaceResourceId,clusterResourceId] enabled: true clusterName: clusterName interval: 'PT1M' @@ -305,9 +301,7 @@ resource nodeRecordingRuleGroupNameWin 'Microsoft.AlertsManagement/prometheusRul location: azureMonitorWorkspaceLocation properties: { description: '${RecordingRuleGroupDescriptionWin}${version}' - scopes: [ - azureMonitorWorkspaceResourceId - ] + scopes: [azureMonitorWorkspaceResourceId,clusterResourceId] enabled: enableWindowsRecordingRules clusterName: clusterName interval: 'PT1M' @@ -381,9 +375,7 @@ resource nodeAndKubernetesRecordingRuleGroupNameWin 'Microsoft.AlertsManagement/ location: azureMonitorWorkspaceLocation properties: { description: '${RecordingRuleGroupDescriptionWin}${version}' - scopes: [ - azureMonitorWorkspaceResourceId - ] + scopes: [azureMonitorWorkspaceResourceId,clusterResourceId] enabled: enableWindowsRecordingRules clusterName: clusterName interval: 'PT1M' diff --git a/AddonPolicyTemplate/AddonPolicyMetricsProfile.rules.json b/AddonPolicyTemplate/AddonPolicyMetricsProfile.rules.json index 8137837a0..297d10301 100644 --- a/AddonPolicyTemplate/AddonPolicyMetricsProfile.rules.json +++ b/AddonPolicyTemplate/AddonPolicyMetricsProfile.rules.json @@ -225,7 +225,10 @@ "location": "[parameters('azureMonitorWorkspaceLocation')]", "properties": { "description": "[concat(variables('nodeRecordingRuleGroupDescription'), variables('version'))]", - "scopes": ["[parameters('azureMonitorWorkspaceResourceId')]"], + "scopes": [ + "[parameters('azureMonitorWorkspaceResourceId')]", + "[parameters('clusterResourceId')]" + ], "clusterName": "[variables('clusterName')]", "interval": "PT1M", "rules": [ @@ -283,7 +286,10 @@ "location": "[parameters('azureMonitorWorkspaceLocation')]", "properties": { "description": "[concat(variables('kubernetesRecordingRuleGroupDescription'), variables('version'))]", - "scopes": ["[parameters('azureMonitorWorkspaceResourceId')]"], + "scopes": [ + "[parameters('azureMonitorWorkspaceResourceId')]", + "[parameters('clusterResourceId')]" + ], "clusterName": "[variables('clusterName')]", "interval": "PT1M", "rules": [ @@ -386,7 +392,8 @@ "properties": { "description": "[concat(variables('RecordingRuleGroupDescriptionWin'), variables('version'))]", "scopes": [ - "[parameters('azureMonitorWorkspaceResourceId')]" + "[parameters('azureMonitorWorkspaceResourceId')]", + "[parameters('clusterResourceId')]" ], "enabled": "[parameters('enableWindowsRecordingRules')]", "clusterName": "[variables('clusterName')]", @@ -463,7 +470,8 @@ "properties": { "description": "[concat(variables('RecordingRuleGroupDescriptionWin'), variables('version'))]", "scopes": [ - "[parameters('azureMonitorWorkspaceResourceId')]" + "[parameters('azureMonitorWorkspaceResourceId')]", + "[parameters('clusterResourceId')]" ], "enabled": "[parameters('enableWindowsRecordingRules')]", "clusterName": "[variables('clusterName')]", diff --git a/AddonTerraformTemplate/main.tf b/AddonTerraformTemplate/main.tf index 1d386e2d8..b3593d983 100644 --- a/AddonTerraformTemplate/main.tf +++ b/AddonTerraformTemplate/main.tf @@ -119,7 +119,7 @@ resource "azurerm_monitor_alert_prometheus_rule_group" "node_recording_rules_rul description = "Node Recording Rules Rule Group" rule_group_enabled = true interval = "PT1M" - scopes = [azurerm_monitor_workspace.amw.id] + scopes = [azurerm_monitor_workspace.amw.id,azurerm_kubernetes_cluster.k8s.id] rule { enabled = true @@ -209,7 +209,7 @@ resource "azurerm_monitor_alert_prometheus_rule_group" "kubernetes_recording_rul description = "Kubernetes Recording Rules Rule Group" rule_group_enabled = true interval = "PT1M" - scopes = [azurerm_monitor_workspace.amw.id] + scopes = [azurerm_monitor_workspace.amw.id,azurerm_kubernetes_cluster.k8s.id] rule { enabled = true @@ -366,7 +366,7 @@ resource "azurerm_monitor_alert_prometheus_rule_group" "node_and_kubernetes_reco description = "Node and Kubernetes Recording Rules Rule Group for Windows Nodes" rule_group_enabled = true interval = "PT1M" - scopes = [azurerm_monitor_workspace.amw.id] + scopes = [azurerm_monitor_workspace.amw.id,azurerm_kubernetes_cluster.k8s.id] rule { enabled = true @@ -497,7 +497,7 @@ resource "azurerm_monitor_alert_prometheus_rule_group" "node_recording_rules_rul description = "Node and Kubernetes Recording Rules Rule Group for Windows Nodes" rule_group_enabled = true interval = "PT1M" - scopes = [azurerm_monitor_workspace.amw.id] + scopes = [azurerm_monitor_workspace.amw.id,azurerm_kubernetes_cluster.k8s.id] rule { enabled = true diff --git a/GeneratedMonitoringArtifacts/Default/DefaultAlerts.json b/GeneratedMonitoringArtifacts/Default/DefaultAlerts.json index f28eaeb50..d931a73f0 100644 --- a/GeneratedMonitoringArtifacts/Default/DefaultAlerts.json +++ b/GeneratedMonitoringArtifacts/Default/DefaultAlerts.json @@ -8,6 +8,12 @@ "description": "Cluster name" } }, + "clusterResourceId": { + "type": "string", + "metadata": { + "description": "Cluster Resource Id" + } + }, "actionGroupResourceId": { "type": "string", "metadata": { @@ -40,7 +46,8 @@ "properties": { "description": "[concat(variables('kubernetesAlertRuleGroupDescription'), variables('version'))]", "scopes": [ - "[parameters('azureMonitorWorkspaceResourceId')]" + "[parameters('azureMonitorWorkspaceResourceId')]", + "[parameters('clusterResourceId')]" ], "clusterName": "[parameters('clusterName')]", "interval": "PT1M", diff --git a/GeneratedMonitoringArtifacts/Default/DefaultRecordingRules.json b/GeneratedMonitoringArtifacts/Default/DefaultRecordingRules.json index 4eb17e815..75054d763 100644 --- a/GeneratedMonitoringArtifacts/Default/DefaultRecordingRules.json +++ b/GeneratedMonitoringArtifacts/Default/DefaultRecordingRules.json @@ -8,6 +8,12 @@ "description": "Cluster name" } }, + "clusterResourceId": { + "type": "string", + "metadata": { + "description": "Cluster Resource Id" + } + }, "azureMonitorWorkspaceResourceId": { "type": "string", "metadata": { @@ -41,7 +47,10 @@ "location": "[parameters('location')]", "properties": { "description": "[concat(variables('nodeRecordingRuleGroupDescription'), variables('version'))]", - "scopes": [ "[parameters('azureMonitorWorkspaceResourceId')]" ], + "scopes": [ + "[parameters('azureMonitorWorkspaceResourceId')]", + "[parameters('clusterResourceId')]" + ], "enabled": true, "clusterName": "[parameters('clusterName')]", "interval": "PT1M", diff --git a/mixins/kubernetes/rules/recording_and_alerting_rules/templates/ci_recommended_alerts.json b/mixins/kubernetes/rules/recording_and_alerting_rules/templates/ci_recommended_alerts.json index 13cdb3027..6143de054 100644 --- a/mixins/kubernetes/rules/recording_and_alerting_rules/templates/ci_recommended_alerts.json +++ b/mixins/kubernetes/rules/recording_and_alerting_rules/templates/ci_recommended_alerts.json @@ -8,6 +8,12 @@ "description": "Cluster name" } }, + "clusterResourceId": { + "type": "string", + "metadata": { + "description": "Cluster Resource Id" + } + }, "actionGroupResourceId": { "type": "string", "metadata": { @@ -40,7 +46,8 @@ "properties": { "description": "[concat(variables('kubernetesAlertRuleGroupDescription'), variables('version'))]", "scopes": [ - "[parameters('azureMonitorWorkspaceResourceId')]" + "[parameters('azureMonitorWorkspaceResourceId')]", + "[parameters('clusterResourceId')]" ], "clusterName": "[parameters('clusterName')]", "enabled": true,