$ oc -n openshift-user-workload-monitoring edit configmap user-workload-monitoring-config
In Red Hat OpenShift Service on AWS, a dedicated-admin
can enable alert routing for user-defined projects.
This process consists of two general steps:
Enable alert routing for user-defined projects to use a separate Alertmanager instance.
Grant users permission to configure alert routing for user-defined projects.
After you complete these steps, developers and other users can configure custom alerts and alert routing for their user-defined projects.
As a dedicated-admin
, you can enable alert routing for user-defined projects.
With this feature, you can allow users with the alert-routing-edit role to configure alert notification routing and receivers for user-defined projects.
These notifications are routed by an Alertmanager instance dedicated to user-defined monitoring.
Users can then create and configure user-defined alert routing by creating or editing the AlertmanagerConfig
objects for their user-defined projects without the help of an administrator.
After a user has defined alert routing for a user-defined project, user-defined alert notifications are routed to the alertmanager-user-workload
pods in the openshift-user-workload-monitoring
namespace.
The following are limitations of alert routing for user-defined projects:
|
In Red Hat OpenShift Service on AWS, you may want to deploy a dedicated Alertmanager instance for user-defined projects, which provides user-defined alerts separate from default platform alerts. In these cases, you can optionally enable a separate instance of Alertmanager to send alerts for user-defined projects only.
You have access to the cluster as a user with the dedicated-admin
role.
The user-workload-monitoring-config
configmap
object exists. This object is created by default when the cluster is created.
You have installed the OpenShift CLI (oc
).
Edit the user-workload-monitoring-config
configmap
object:
$ oc -n openshift-user-workload-monitoring edit configmap user-workload-monitoring-config
Add enabled: true
and enableAlertmanagerConfig: true
in the alertmanager
section under data/config.yaml
:
apiVersion: v1
kind: configmap
metadata:
name: user-workload-monitoring-config
namespace: openshift-user-workload-monitoring
data:
config.yaml: |
alertmanager:
enabled: true (1)
enableAlertmanagerConfig: true (2)
1 | Set the enabled value to true to enable a dedicated instance of the Alertmanager for user-defined projects in a cluster. Set the value to false or omit the key entirely to disable the Alertmanager for user-defined projects.
If you set this value to false or if the key is omitted, user-defined alerts are routed to the default platform Alertmanager instance. |
2 | Set the enableAlertmanagerConfig value to true to enable users to define their own alert routing configurations with AlertmanagerConfig objects. |
Save the file to apply the changes. The dedicated instance of Alertmanager for user-defined projects starts automatically.
Verify that the alert-manager-user-workload
pods are running:
# oc -n openshift-user-workload-monitoring get pods
NAME READY STATUS RESTARTS AGE
alertmanager-user-workload-0 6/6 Running 0 38s
alertmanager-user-workload-1 6/6 Running 0 38s
...
You can grant users permission to configure alert routing for user-defined projects.
You have access to the cluster as a user with the dedicated-admin
role.
The user-workload-monitoring-config
configmap
object exists. This object is created by default when the cluster is created.
The user account that you are assigning the role to already exists.
You have installed the OpenShift CLI (oc
).
Assign the alert-routing-edit
cluster role to a user in the user-defined project:
$ oc -n <namespace> adm policy add-role-to-user alert-routing-edit <user> (1)
1 | For <namespace> , substitute the namespace for the user-defined project, such as ns1 . For <user> , substitute the username for the account to which you want to assign the role. |