Add Blackbox monitoring for backend endpoints

Alex-Welsh commented 4 weeks ago

Adding backend blackbox endpoint monitoring.

Some service do not support TLS at all (e.g. Blazar) Some services do support TLS, and they have a globally-scoped variable (e.g. Neutron, neutron_enable_tls_backend) Some services do support TLS, but have locally scoped variables, so must use the generic kolla_enable_tls_backend (e.g. Nova)

This is a precursor to proper support in Kolla-Ansible, which I'm planning on doing with file-based service discovery

Alex-Welsh commented 3 weeks ago

For context, this has been tested in a Multinode.

Confirmed working:

barbican
cinder
designate
glance
heat
heat_cfn
horizon
magnum
neutron
nova
octavia
placement

Untested (not deployed by multinode):

blazar
gnocchi
manila
ironic
ironic inspector
swift

Example templated content:

targets:
    - cinder_backend_rockyovnfqdncontroller01:os_endpoint:https://192.168.37.3:8776
    - cinder_backend_rockyovnfqdncontroller02:os_endpoint:https://192.168.37.4:8776
    - cinder_backend_rockyovnfqdncontroller03:os_endpoint:https://192.168.37.5:8776
    - designate_backend_rockyovnfqdncontroller01:os_endpoint:http://192.168.37.3:9001
    - designate_backend_rockyovnfqdncontroller02:os_endpoint:http://192.168.37.4:9001
    - designate_backend_rockyovnfqdncontroller03:os_endpoint:http://192.168.37.5:9001

Alex-Welsh commented 3 weeks ago

Updated to include a warning about having separate monitoring nodes

Alex-Welsh commented 6 days ago

@dougszumski I've fixed that typo, could you do a quick re-review?

stackhpc / stackhpc-kayobe-config

Add Blackbox monitoring for backend endpoints #1332