-
Notifications
You must be signed in to change notification settings - Fork 15
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'main' of github.com:canonical/mysql-k8s-operator into f…
…eature/dpe-4613-router-metadata-gone
- Loading branch information
Showing
13 changed files
with
264 additions
and
103 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
# Audit Logs | ||
|
||
The Audit Log plugin allows all login/logout records to be stored in a log file. It is enabled in Charmed MySQL K8s by default. | ||
|
||
## Overview | ||
|
||
The following is a sample of the audit logs, with format json with login/logout records: | ||
|
||
```json | ||
{"audit_record":{"name":"Quit","record":"6_2024-09-03T01:53:14","timestamp":"2024-09-03T01:53:33Z","connection_id":"992","status":0,"user":"clusteradmin","priv_user":"clusteradmin","os_login":"","proxy_user":"","host":"localhost","ip":"","db":""}} | ||
{"audit_record":{"name":"Connect","record":"7_2024-09-03T01:53:14","timestamp":"2024-09-03T01:53:33Z","connection_id":"993","status":1156,"user":"","priv_user":"","os_login":"","proxy_user":"","host":"juju-da2225-8","ip":"10.207.85.214","db":""}} | ||
{"audit_record":{"name":"Connect","record":"8_2024-09-03T01:53:14","timestamp":"2024-09-03T01:53:33Z","connection_id":"994","status":0,"user":"serverconfig","priv_user":"serverconfig","os_login":"","proxy_user":"","host":"juju-da2225-8","ip":"10.207.85.214","db":""}} | ||
``` | ||
|
||
The logs are stored in the `/var/log/mysql` directory of the mysql container, and it's rotated | ||
every minute to the `/var/log/mysql/archive_audit` directory. | ||
It's recommended to integrate the charm with [COS](/t/9900), from where the logs can be easily persisted and queried using Loki/Grafana. | ||
|
||
## Configurations | ||
|
||
1. `plugin-audit-enabled` - The audit plugin is enabled by default in the charm, but it's possible to disable it by setting: | ||
|
||
```bash | ||
juju config mysql-k8s plugin-audit-enabled=false | ||
``` | ||
Valid value are `false` and `true`. By setting it to false, existing logs are still kept in the `archive_audit` directory. | ||
|
||
1. `plugin-audit-strategy` - By default the audit plugin writes logs in asynchronous mode for better performance. | ||
To ensure logs are written to disk on more timely fashion, this configuration can be set to semi-synchronous mode: | ||
|
||
```bash | ||
juju config mysql-k8s plugin-audit-strategy=semi-async | ||
``` | ||
Valid values are `async` and `semi-async`. |
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,77 @@ | ||
# How to enable COS Alert Rules | ||
|
||
This guide will show how to set up [Pushover](https://pushover.net/) to receive alert notifications from the COS Alert Manager with [Awesome Alert Rules](https://samber.github.io/awesome-prometheus-alerts/). | ||
|
||
Charmed MySQL K8s ships a pre-configured and pre-enabled [list of Awesome Alert Rules]. | ||
|
||
<details><summary>Screenshot of alert rules in the Grafana web interface</summary> | ||
|
||
![Screenshot from 2024-01-18 20-05-52|690x439](upload://j6WSPQ1BzoFzqIg2jm1mTq79SMo.png) | ||
</details> | ||
|
||
For information about accessing and managing COS Alert Rules, refer to the [COS documentation](https://charmhub.io/cos-lite). | ||
|
||
## Prerequisites | ||
* A deployed [Charmed MySQL K8s operator] | ||
* A deployed [`cos-lite` bundle in a Kubernetes environment](https://charmhub.io/topics/canonical-observability-stack/tutorials/install-microk8s) | ||
* Fully configured [COS Monitoring] | ||
|
||
## Enable COS alerts for Pushover | ||
The following section is an example of the [Pushover](https://pushover.net/) alerts aggregator. | ||
|
||
The first step is to create a new account on Pushover (or use an existing one). The goal is to have the 'user key' and 'token' to authorize alerts for the Pushover application. Follow this straightforward [Pushover guide](https://support.pushover.net/i175-how-to-get-a-pushover-api-or-pushover-application-token). | ||
|
||
Next, create a new [COS Alert Manager](https://charmhub.io/alertmanager-k8s) config (replace `user_key` and `token` with yours): | ||
```shell | ||
cat > myalert.yaml << EOF | ||
``` | ||
```yaml | ||
global: | ||
resolve_timeout: 5m | ||
http_config: | ||
follow_redirects: true | ||
enable_http2: true | ||
route: | ||
receiver: placeholder | ||
group_by: | ||
- juju_model_uuid | ||
- juju_application | ||
- juju_model | ||
continue: false | ||
group_wait: 30s | ||
group_interval: 5m | ||
repeat_interval: 1h | ||
receivers: | ||
- name: placeholder | ||
pushover_configs: | ||
- user_key: <relace_with_your_user_key> | ||
token: <relace_with_your_token> | ||
url: http://<relace_with_grafana_public_ip>/cos-grafana/alerting/list | ||
title: "{{ range .Alerts }}{{ .Labels.severity }} - {{ if .Labels.juju_unit }}{{ .Labels.juju_unit }}{{ else }}{{ .Labels.juju_application }}{{ end }} in model {{ .Labels.juju_model }}: {{ .Labels.alertname }} {{ end }}" | ||
message: "{{ range .Alerts }} Job: {{ .Labels.job }} Instance: {{ .Labels.instance }} {{ end }}" | ||
templates: [] | ||
EOF | ||
``` | ||
Upload and apply newly the created alert manager config: | ||
``` | ||
juju switch <k8s_cos_controller>:<cos_model_name> | ||
juju config alertmanager config_file=@myalert.yaml | ||
``` | ||
|
||
At this stage, the COS Alert Manager will start sending alert notifications to Pushover. Users can receive them on all supported [Pushover clients/apps](https://pushover.net/clients). | ||
|
||
The image below shows an example of the Pushover web client: | ||
|
||
![image|690x439](upload://vqUcKpZ5R4wQLmY2HYGV5fz5pNU.jpeg) | ||
|
||
## Alert receivers | ||
|
||
The similar way as above, COS alerts can be send to the long [list of supported receivers](https://prometheus.io/docs/alerting/latest/configuration/#receiver-integration-settings). | ||
|
||
Do you have questions? [Contact us]! | ||
|
||
<!-- Links --> | ||
[Contact us]: /t/11868 | ||
[Charmed MySQL K8s operator]: /t/11869 | ||
[COS Monitoring]: /t/9981 | ||
[list of Awesome Alert Rules]: https://github.com/canonical/mysql-k8s-operator/tree/main/src/prometheus_alert_rules |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
# Supported plugins/extensions | ||
|
||
The following list contains all plugins/extensions supported by Charmed MySQL in alphabetical order. The **revision** column indicates which charm revision introduced support for the extension. | ||
|
||
If you need support for other extensions, feel free to [reach out to us](/t/11868). | ||
|
||
| Plugin/extension name | Revision | | ||
|--------------------------------|------------------------------------------------------------------------------| | ||
| [plugin-audit-enabled](/t/15423) | [178+](https://github.com/canonical/mysql-k8s-operator/releases/tag/rev179) | |
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters