COS Configuration Repository Operator for Kubernetes

This charmed operator for Kubernetes enables you to provide configurations to various components of the Canonical Observability Stack (COS) bundle.

Supported configurations

The charm facilitates forwarding freestanding files from a git repository to the following operators:

• Prometheus K8s charmed operator: Alert rules and recording rules
• Loki K8s charmed operator: Alert rules
• Grafana K8s charmed operator: dashboards

Internally, the charm is using git-sync to sync a remote repo with the local copy. The repo syncs on update-status or when the user manually runs the sync-now action.

It's possible to sync a private repository by setting the git_ssh_key in the Juju configuration for the charm; please note that the key will be saved in the model, thus you should use a key with a very limited scope.

Getting started

Deployment

juju deploy cos-configuration-k8s \
  --config git_repo=https://path.to/repo \
  --config git_branch=main \
  --config git_depth=1 \
  --config prometheus_alert_rules_path=rules/prod/prometheus/
# ... and additionally, for a private repo
  --config git_ssh_key=@path/to/ssh/private.key

juju relate cos-configuration-k8s prometheus-k8s

Paths to rules files etc. can also be set after deployment:

juju config cos-configuration-k8s loki_alert_rules_path=rules/prod/loki/
juju relate cos-configuration-k8s loki-k8s

juju config cos-configuration-k8s grafana_dashboards_path=dashboards/prod/grafana/
juju relate cos-configuration-k8s grafana-k8s

Verification

After setting the git_repo (and optionally git_branch), the contents should be present in the workload container,

$ juju ssh --container git-sync cos-configuration-k8s/0 ls -l /git
total 4
drwxr-xr-x 6 root root 4096 Oct 24 08:59 7f0b1eac9317850aee320b4f47a7f1527aaff625
lrwxrwxrwx 1 root root   40 Oct 24 08:59 repo -> 7f0b1eac9317850aee320b4f47a7f1527aaff625

and accessible from the charm container

$ juju ssh cos-configuration-k8s/0 ls -l /var/lib/juju/storage/content-from-git/0
total 4
drwxr-xr-x 6 root root 4096 Oct 24 08:59 7f0b1eac9317850aee320b4f47a7f1527aaff625
lrwxrwxrwx 1 root root   40 Oct 24 08:59 repo -> 7f0b1eac9317850aee320b4f47a7f1527aaff625

After relating to e.g. prometheus, rules from the synced repo should appear in app data,

juju show-unit promethus-k8s/0 --format json | jq '."prometheus-k8s/0"."relation-info"' 

as well as in prometheus itself

juju ssh prometheus-k8s/0 curl localhost:9090/api/v1/rules

Scale Out Usage

N/A

Relations

Currently, supported relations are:

• prometheus-config, for interfacing with prometheus.
• loki-config, for interfacing with loki.
• grafana-dashboards, for interfacing with grafana.

About Juju Topology

This charm forwards alert rules, recording rules and dashboards but does not add its own metadata to the topology.

The Juju topology describes a node in the model, not the data flow. That's why this charm does not inject Juju topology.

While a cos-configuration charm provides alerting rules, recording rules, and dashboards for charms, and topology labels could be used to give a sense of origin (as in data flow), the cos-configuration deployment itself is neither enriched with nor aware of suitable values for metadata to identify workloads.

In addition, the ability of cos-configuration to provide rules and dashboards which are not intrinsically tied to topology metadata offers administrators the flexibility to use COS to monitor non-charmed applications, use rules or dashboards directly from other sources, implement aggregate dashboards or rules which may collate metrics from more than one application, and more.

Addition of Juju topology metadata to the data structures provided by cos-configuration would be semantically inconsistent with charms, where topology labels indicate a node (application or unit) in Juju, and cos-configuration itself would not be consistent with the design model of Juju topology if it were to suggest label selectors for applications whose status cannot be known by cos-configuration itself.

Finally, addition of Juju topology labels may unpredictably interfere with group_by directive if an incorrect selector were injected.

On the other hand, the juju administrator may add annotations (or labels) to alert rules, recording rules and dashboards using different nomenclature that describes how it got into the model (like: origin, giturl, branch, synctime).

OCI Images

This charm can be used with the following image:

• k8s.gcr.io/git-sync/git-sync:v3.5.0

Resource revisions

Workload images are archived on charmhub by revision number.