Merge pull request #44 from pando85/master

Update deps, configurable logging and tagged images

.github/workflows/docker-images.yaml

@@ -0,0 +1,39 @@
+name: Multi-Arch Docker Build and Push to GHCR
+
+on:
+  push:
+    branches:
+      - master
+    tags:
+      - v*
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - name: Login to GHCR
+        run: echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u ${{ github.repository_owner }} --password-stdin
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx for multiarch images
+        uses: docker/setup-buildx-action@v3
+
+      - name: Build and push Docker image to GHCR
+        run: |
+          # Strip git ref prefix from version
+          VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
+
+          # Strip "v" prefix from tag name
+          [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
+
+          # Use Docker `latest` tag convention
+          [ "$VERSION" == "master" ] && VERSION=latest
+          docker buildx build --platform linux/amd64,linux/arm64,linux/arm/v7 \
+              --push \
+              -t ghcr.io/${{ github.repository }}:${VERSION} \
+              .

Dockerfile

@@ -1,4 +1,4 @@
-FROM python:3.9-slim
+FROM python:3.11-slim
 
 RUN mkdir -p /usr/src/app
 WORKDIR /usr/src/app
@@ -9,7 +9,6 @@ RUN pip install --no-cache-dir -r requirements.txt
 COPY radosgw_usage_exporter.py /usr/src/app
 
 EXPOSE 9242
-ENV RADOSGW_SERVER=http://radosgw:80 VIRTUAL_PORT=9242 DEBUG=0
 
 ENTRYPOINT [ "python", "-u", "./radosgw_usage_exporter.py" ]
 CMD []

README.md

@@ -1,25 +1,22 @@
 # Ceph RADOSGW Usage Exporter
 
-[Prometheus](https://prometheus.io/) exporter that scrapes
-[Ceph](http://ceph.com/) RADOSGW usage information (operations and buckets).
-This information is gathered from a RADOSGW using the
+[Prometheus](https://prometheus.io/) exporter that scrapes [Ceph](http://ceph.com/) RADOSGW usage
+information (operations and buckets). This information is gathered from a RADOSGW using the
 [Admin Operations API](http://docs.ceph.com/docs/master/radosgw/adminops/).
 
 This exporter was based off from both
-(https://www.robustperception.io/writing-a-jenkins-exporter-in-python/) and the
-more elaborate Jenkins exporter here
-(https://github.com/lovoo/jenkins_exporter).
+(https://www.robustperception.io/writing-a-jenkins-exporter-in-python/) and the more elaborate
+Jenkins exporter here (https://github.com/lovoo/jenkins_exporter).
 
 ## Requirements
 
-* Working Ceph Cluster with Object Gateways setup.
-* Ceph RADOSGWs must beconfigured to gather usage information as this is not
-on by default. The miniumum is to enable it via `ceph.conf` as below. There are
-however other options that are available and should be considered
-[here](http://docs.ceph.com/docs/master/radosgw/config-ref/). If you don't configure
-thresholds, intervals, and shards you may end up having too large objects in the usage
-namespace of the log pool. The values below are just examples. Check the documentation
-which ones would be the best ones for your setup.
+- Working Ceph Cluster with Object Gateways setup.
+- Ceph RADOSGWs must beconfigured to gather usage information as this is not on by default. The
+  miniumum is to enable it via `ceph.conf` as below. There are however other options that are
+  available and should be considered [here](http://docs.ceph.com/docs/master/radosgw/config-ref/).
+  If you don't configure thresholds, intervals, and shards you may end up having too large objects
+  in the usage namespace of the log pool. The values below are just examples. Check the
+  documentation which ones would be the best ones for your setup.
 
 ```
 rgw enable usage log = true
@@ -30,19 +27,21 @@ rgw usage max user shards = 8
 
 ```
 
-* Configure admin entry point (default is 'admin'):
+- Configure admin entry point (default is 'admin'):
+
 ```
 rgw admin entry = "admin"
 ```
 
-* Enable admin API (default is enabled):
+- Enable admin API (default is enabled):
+
 ```
 rgw enable apis = "s3, admin"
 ```
 
-* This exporter requires a user that has the following capability, see the Admin Guide
-[here](http://docs.ceph.com/docs/master/radosgw/admin/#add-remove-admin-capabilities)
-for more details.
+- This exporter requires a user that has the following capability, see the Admin Guide
+  [here](http://docs.ceph.com/docs/master/radosgw/admin/#add-remove-admin-capabilities) for more
+  details.
 
 ```
     "caps": [
@@ -64,58 +63,65 @@ for more details.
         }
 ```
 
-**Note:** If using a loadbalancer in front of your RADOSGWs, please make sure your timeouts are set appropriately as clusters with a large number of buckets, or large number of users+buckets could cause the usage query to exceed the loadbalancer timeout. 
+**Note:** If using a loadbalancer in front of your RADOSGWs, please make sure your timeouts are set
+appropriately as clusters with a large number of buckets, or large number of users+buckets could
+cause the usage query to exceed the loadbalancer timeout.
 
 For haproxy the timeout in question is `timeout server`
 
 ## Local Installation
-```
+
+```bash
 git clone [email protected]:blemmenes/radosgw_usage_exporter.git
 cd radosgw_usage_exporter
 pip install requirements.txt
 ```
 
-### Usage
-```
-usage: radosgw_usage_exporter.py [-h] [-H HOST] [-e ADMIN_ENTRY]
-                                 [-a ACCESS_KEY] [-s SECRET_KEY] [-p PORT]
-
-RADOSGW address and local binding port as well as S3 access_key and secret_key
-
-optional arguments:
-  -h, --help            show this help message and exit
-  -H HOST, --host HOST  Server URL for the RADOSGW api (example:
-                        http://objects.dreamhost.com/)
-  -e ADMIN_ENTRY, --admin_entry ADMIN_ENTRY
-                        The entry point for an admin request URL [default is
-                        'admin']
-  -a ACCESS_KEY, --access_key ACCESS_KEY
-                        S3 access key
-  -s SECRET_KEY, --secret_key SECRET_KEY
-                        S3 secrest key
-  -p PORT, --port PORT  Port to listen
-```
+## Config
+
+| _Arg_              | _Env_            | _Description_                                                           | _Default_           |
+| ------------------ | ---------------- | ----------------------------------------------------------------------- | ------------------- |
+| `-H --host`        | `RADOSGW_SERVER` | Server URL for the RADOSGW api (example: http://objects.dreamhost.com/) | `http://radosgw:80` |
+| `-e --admin-entry` | `ADMIN_ENTRY`    | The entry point for an admin request URL                                | `admin`             |
+| `-a --access-key`  | `ACCESS_KEY`     | S3 access key                                                           | `NA`                |
+| `-s --secret-key`  | `SECRET_KEY`     | S3 secret key                                                           | `NA`                |
+| `-k --insecure`    |                  | Allow insecure server connections when using SSL                        | `false`             |
+| `-p --port`        | VIRTUAL_PORT     | Port to listen                                                          | `9242`              |
+| `-S --store`       | STORE            | Store name added to metrics                                             | `us-east-1`         |
+| `-t --timeout`     | TIMEOUT          | Timeout when getting metrics                                            | `60`                |
+| `-l --log-level`   | LOG_LEVEL        | Provide logging level: DEBUG, INFO, WARNING, ERROR or CRITICAL          | `INFO`              |
 
 ### Example
-```
+
+```bash
 ./check_ceph_rgw_api -H https://objects.dreamhost.com/ -a JXUABTZZYHAFLCMF9VYV -s jjP8RDD0R156atS6ACSy2vNdJLdEPM0TJQ5jD1pw
 ```
 
-## Docker Usage
-Docker build (https://hub.docker.com/r/blemmenes/radosgw_usage_exporter/):
-```
-docker run -d -p 9242 blemmenes/radosgw_usage_exporter:latest \
+## Docker
+
+Docker build
+(https://github.com/pando85/radosgw_usage_exporter/pkgs/container/radosgw_usage_exporter):
+
+```bash
+docker run -d -p 9242 ghcr.io/pando85/radosgw_usage_exporter:latest \
 -H <RADOSGW HOST> -a <ACCESS_KEY> -s <SECRET_KEY> -p 9242
 ```
+
 Arguments can also be specified by environment variables as well.
-```
+
+```bash
 docker run -d -p 9242:9242 \
 -e "RADOSGW_SERVER=<host>" \
 -e "VIRTUAL_PORT=9242" \
 -e "ACCESS_KEY=<access_key>" \
 -e "SECRET_KEY=<secret_key>" \
-blemmenes/radosgw_usage_exporter:latest
+ghcr.io/pando85/radosgw_usage_exporter:latest
 ```
 
 Resulting metrics can be then retrieved via your Prometheus server via the
 `http://<exporter host>:9242/metrics` endpoint.
+
+## Kubernetes
+
+You can find an example of deployment using [Rook](https://rook.io/) operator in a K8s environment
+in `examples/k8s` directory.

examples/k8s/k8s/deployment.yaml

@@ -0,0 +1,72 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: prometheus-buckets-usage-exporter
+  labels:
+    app.kubernetes.io/name: prometheus-buckets-usage-exporter
+spec:
+  replicas: 1
+  revisionHistoryLimit: 3
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: prometheus-buckets-usage-exporter
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: prometheus-buckets-usage-exporter
+    spec:
+      containers:
+      - image: ghcr.io/pando85/radosgw_usage_exporter:latest
+        env:
+        - name: ACCESS_KEY
+          valueFrom:
+            secretKeyRef:
+              key: AccessKey
+              name: rook-ceph-object-user-us-east-1-buckets-usage-exporter
+        - name: SECRET_KEY
+          valueFrom:
+            secretKeyRef:
+              key: SecretKey
+              name: rook-ceph-object-user-us-east-1-buckets-usage-exporter
+        - name: RADOSGW_SERVER
+          valueFrom:
+            secretKeyRef:
+              key: Endpoint
+              name: rook-ceph-object-user-us-east-1-buckets-usage-exporter
+        - name: VIRTUAL_PORT
+          value: "9242"
+        - name: STORE
+          value: eu-central-1a
+        - name: LOG_LEVEL
+          value: INFO
+        - name: TIMEOUT
+          value: "60"
+        args:
+        - --insecure
+        name: exporter
+        ports:
+        - containerPort: 9242
+          name: http
+          protocol: TCP
+        resources:
+          limits:
+            cpu: 500m
+            memory: 512Mi
+          requests:
+            cpu: 10m
+            memory: 40Mi
+        livenessProbe:
+          tcpSocket:
+            port: http
+        readinessProbe:
+          tcpSocket:
+            port: http
+        securityContext:
+          allowPrivilegeEscalation: false
+          capabilities:
+            drop:
+            - ALL
+          readOnlyRootFilesystem: true
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000

examples/k8s/k8s/object-store-user.yaml

@@ -0,0 +1,12 @@
+apiVersion: ceph.rook.io/v1
+kind: CephObjectStoreUser
+metadata:
+  name: buckets-usage-exporter
+spec:
+  store: us-east-1
+  displayName: buckets-usage-exporter
+  capabilities:
+    bucket: read
+    metadata: read
+    usage: read
+    user: read

examples/k8s/k8s/service-monitor.yaml

@@ -0,0 +1,19 @@
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: prometheus-buckets-usage-exporter
+  labels:
+    app.kubernetes.io/name: prometheus-buckets-usage-exporter
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: prometheus-buckets-usage-exporter
+  endpoints:
+  - honorLabels: true
+    interval: 90s
+    path: /metrics
+    port: http
+    scheme: http
+    scrapeTimeout: 60s
+  jobLabel: prometheus-buckets-usage-exporter
+

examples/k8s/k8s/service.yaml

@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: prometheus-buckets-usage-exporter
+  labels:
+    app.kubernetes.io/name: prometheus-buckets-usage-exporter
+spec:
+  selector:
+    app.kubernetes.io/name: prometheus-buckets-usage-exporter
+  ports:
+  - name: http
+    port: 9242
+    protocol: TCP
+    targetPort: 9242
+
+