Skip to content

adjust monitoring for container host/server container #3750

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 6 commits into
base: master
Choose a base branch
from
Open

adjust monitoring for container host/server container #3750

wants to merge 6 commits into from

Conversation

keichwa
Copy link
Contributor

@keichwa keichwa commented Mar 4, 2025

srbarrios
srbarrios reviewed Apr 10, 2025
View reviewed changes
modules/administration/pages/monitoring.adoc Outdated
Comment on lines 618 to 619
Ensure that the [systemitem]``set-cname`` parameter is the fully qualified domain name (FQDN) of your Salt client.
You can use the the [systemitem]``set-cname`` parameter multiple times if you require multiple aliases:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actually, I'm not fully sure, but I think that's just optional.
Better ask @witekest

srbarrios
srbarrios reviewed Apr 10, 2025
View reviewed changes
modules/administration/pages/monitoring.adoc
scp /root/server.* minion.example.com:/etc/ssl/mlm-server-certs
ssh minion.example.com 'chmod go+r /etc/ssl/mlm-server-certs/server.*; ls -la /etc/ssl/mlm-server-certs'
----

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Before start with the configuration of formulas, I'm looking into what I wrote in my card, and I see this section:

From the minion:

suma-bv-50-min-sles15sp4:/etc/ssl # mkdir suma-server-certs
suma-bv-50-min-sles15sp4:/etc/ssl # cd suma-server-certs/
suma-bv-50-min-sles15sp4:/etc/ssl/suma-server-certs # cp /root/server.* .
suma-bv-50-min-sles15sp4:/etc/ssl/suma-server-certs # chmod go+r server.*
suma-bv-50-min-sles15sp4:/etc/ssl/suma-server-certs # ls -la
total 16
drwxr-xr-x 2 root root   42 jul  5 11:46 .
drwxr-xr-x 6 root root  183 jul  5 11:45 ..
-rw-r--r-- 1 root root 8335 jul  5 11:46 server.crt
-rw-r--r-- 1 root root 3268 jul  5 11:46 server.key

And we use that path on the minion when we pass the server certificate and key into the Prometheus Formula of the minion.

I would say that's missing right?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe there is something missing. I copied the files from inside the server container to the server container host:

mgrctl cp server:/root/ssl-build/minion/server.key server.key
mgrctl cp server:/root/ssl-build/minion/server.crt server.crt

Then with ssh to the monitoring minion (= the client with Prometheur/Grafana)

ssh minion.example.com 'mkdir /etc/ssl/mlm-server-certs'
scp /root/server.* minion.example.com:/etc/ssl/mlm-server-certs
ssh minion.example.com 'chmod go+r /etc/ssl/mlm-server-certs/server.*; ls -la /etc/ssl/mlm-server-certs'

What should come next is unclear to me. I think you'll now use the formula to prepare clients that should be monitored? I'm not sure what your hostnames stand for.

@keichwa keichwa marked this pull request as ready for review April 10, 2025 08:49
@keichwa keichwa requested a review from srbarrios April 10, 2025 10:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@srbarrios srbarrios Awaiting requested review from srbarrios

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@keichwa @srbarrios