Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/toolisticon/oc-routes-prometheus-exporter

Monitor OpenShift Routes in Prometheus
https://github.com/toolisticon/oc-routes-prometheus-exporter

grafana openshift prometheus prometheus-exporter

Last synced: 23 days ago
JSON representation

Monitor OpenShift Routes in Prometheus

Awesome Lists containing this project

README 

        
# Monitor OpenShift Routes in Prometheus



[![License](https://img.shields.io/github/license/mashape/apistatus.svg)](LICENSE)

[![CI](https://github.com/toolisticon/oc-routes-prometheus-exporter/actions/workflows/build.yml/badge.svg)](https://github.com/toolisticon/oc-routes-prometheus-exporter/actions/workflows/build.yml)

[![Docker Build Status](https://img.shields.io/docker/automated/toolisticon/oc-routes-prometheus-exporter.svg)](https://hub.docker.com/r/toolisticon/oc-routes-prometheus-exporter/)

[![npm version](https://badge.fury.io/js/%40toolisticon%2Foc-routes-prometheus-exporter.svg)](https://badge.fury.io/js/%40toolisticon%2Foc-routes-prometheus-exporter)

[![npm downloads](https://img.shields.io/npm/dm/%40toolisticon%2Foc-routes-prometheus-exporter.svg)](https://www.npmjs.com/package/%40toolisticon%2Foc-routes-prometheus-exporter)

[![npm downloads](https://img.shields.io/npm/dt/%40toolisticon%2Foc-routes-prometheus-exporter.svg)](https://www.npmjs.com/package/%40toolisticon%2Foc-routes-prometheus-exporter)

[![Docker Stars](https://img.shields.io/docker/stars/toolisticon/oc-routes-prometheus-exporter.svg)](https://hub.docker.com/r/toolisticon/oc-routes-prometheus-exporter/)

[![Known Vulnerabilities](https://snyk.io/test/github/toolisticon/oc-routes-prometheus-exporter/badge.svg)](https://snyk.io/test/github/toolisticon/oc-routes-prometheus-exporter)



## Usage



This nodejs application assumes that the container in which the application is running has already a valid OpenShift session. The entrypoint will try to autologin via a service account.

So all you need is to create a image with the desired openschift installed:



```

FROM toolisticon/oc-routes-prometheus-exporter:latest



ENV SUMMARY="openshift-ssl-verify runtime image"

ENV DESCRIPTION="openshift-ssl-verify runtime"

ENV TZ="Europe/Berlin"

ENV OPENSHIFT_VERSION=3.10.0

ENV NVM_DIR="$HOME/.nvm"

ENV CONSOLE_LOG="true"

ENV LOG_LEVEL="INFO"



LABEL summary="$SUMMARY" \

      description="$DESCRIPTION" \

      io.k8s.description="$DESCRIPTION" \

      io.k8s.display-name="sslverify" \

      io.openshift.tags="security,sslverify,platform" \

      com.redhat.component="sslverify-container"



USER 0



# Update

RUN yum -y update && yum clean all && rm -rf /var/cache/yum



# Install oc and jq

RUN yum -y install centos-release-openshift-origin && \

    yum -y install origin-clients-${OPENSHIFT_VERSION} && \

    yum -y install epel-release && yum -y install jq



USER 1000

```



The pod should start with this output:

```

Now using node v8.15.0 (npm v6.4.1)

[2019-01-18T14:59:04.929Z] prometheus-exporter listening at 9000

[2019-01-18T15:00:00.005Z] Triggering check

[2019-01-18T15:00:00.006Z] Start reading route information.

[2019-01-18T15:00:05.133Z] Start triggering scan.

```



## Sample Values



The metrics are available via via localhost:9000 on the pod:



```

security_ssl_mozilla_observatory{algorithm_version="2",end_time="1548079211000",grade="D",hidden="false",likelihood_indicator="MEDIUM",scan_id="9806703",score="35",start_time="1548079207000",state="FINISHED",status_code="404",tests_failed="3",tests_passed="9",tests_quantity="12",url="sample-config.sample.com",name="sample-config",namespace="project2",labels_app="myapp",labels_environment="dev",} 35.0

security_ssl_details{valid="true",valid_from="1545553135000",valid_to="1553329135000",days_remaining="60",url="api-test.sample.com",status="200",name="api-test",namespace="project1",labels_app="myapp",labels_environment="test",} 200.0

security_ssl_expire_days_remaining{url="api-test.sample.com",name="api-test",namespace="project1",labels_app="myapp",labels_environment="test",} 60.0

```



If you want to complete use



## Configuration



You can override the config via environment variables:

```

   OPENSHIFT_MASTER_URL

   SERVER_PORT: // set desired port for prometheus endpoint, defaults to 9000

   CRON: // set cron pattern, default is '0 0 * * * *',

   LOG_LEVEL: // set log level, default is 'ERROR' ('INFO' outputs details info),

   CONSOLE_LOG: // set to true to omit logging to file, otherwise logs will be written to `logs` dir

```



You'll find a Grafana Dashboard [here](https://grafana.com/dashboards/9693):



![](https://github.com/toolisticon/oc-routes-prometheus-exporter/raw/develop/docs/images/sample_dashboard.png)



## Troubleshooting



### Access denied



If the service account does not have access to projects, you will see this message

```

Logged into "https://...:8443" as "system:serviceaccount:security:sslverify" using the token provided.



You don't have any projects. Contact your system administrator to request a project.

Welcome! See 'oc help' to get started.

```



### SSL error



If you see this kind of error:

```

error: The server uses a certificate signed by unknown authority. You may need to use the --certificate-authority flag to provide the path to a certificate file for the certificate authority, or --insecure-skip-tls-verify to bypass the certificate check and use insecure connections.

```



you are using the internal kubernetes host which might be secured by self-signed certificates. Either use the public endpoint with proper ssl certificates or install the certificate to the keystore.



## Development



### Debug



To debug run the following command:

```

node --inspect-brk index.js

```



To debug unit tests:



```

npm run test:debug

```