Configure monitoring using the Observability Plugin
Before configuring monitoring, read and understand the following information about the security implications.
If any of your services, typically Gate (API), are exposed to the open internet, there is a risk that you can publicly expose information. Armory recommends that you filter these paths at your edge layer in some manner. Be aware of any endpoints you expose. Spring boot exposes the health endpoint by default though with some restrictions on what information is exposed. When auth is enabled, Gate restricts access to the endpoints other than
/health, preventing access to metric data.
For more information on Spring actuators, see the Monitoring and Management.
Armory recommends that you monitor your systems by using the Armory Observability Plugin. This is an open source solution for monitoring Armory Enterprise. The plugin supports the following:
- Adding Prometheus (OpenMetrics) endpoints to Armory Enterprise pods.
- Sending data to NewRelic (see the plugin’s README).
The Observability Plugin removes the service name from the metric. This is incompatible with the behavior of the open source Spinnaker monitoring daemon system, which was the default monitoring solution in versions earlier than 2.20 and is now deprecated.
Install the plugin
You have two options for installing the Observability plugin:
- Add the plugin configuration for all services in
spinnaker-local.yml(Halyard installs) or the
spinnakerprofile section (Operator installs).
- Add the plugin configuration to only the services you want to monitor.
The following example adds the Observability Plugin configuration for all services to the
spinnaker-local.yml file and enables Prometheus:
# These lines are spring-boot configuration to allow access to the metrics # endpoints. This plugin adds the "aop-prometheus" endpoint on the # "<service>:<port>/aop-prometheus" path. management: endpoints: web: # Read the security warning at the start of this section about what gets exposed!! exposure.include: health,info,aop-prometheus spinnaker: extensibility: plugins: Armory.ObservabilityPlugin: enabled: true version: <VERSION> # This is the basic configuration for prometheus to be enabled config.metrics: prometheus: enabled: true repositories: armory-observability-plugin-releases: url: https://raw.githubusercontent.com/armory-plugins/armory-observability-plugin-releases/master/repositories.json
You can find more options for management endpoints and the plugin in the plugin’s README.
Was this page helpful?
Thank you for letting us know!
Sorry to hear that. Please tell us how we can improve.
Last modified February 17, 2022: (814f0478)