In-cluster PrometheusΒΆ

Here's how to integrate an existing Prometheus with Robusta in the same cluster:

  • Send alerts to Robusta by adding a receiver to AlertManager

  • Point Robusta at Prometheus so it can query metrics and silence alerts

    • Robusta will attempt auto-detection, so this is not always necessary!

If your Prometheus is in a different cluster, refer to Centralized Prometheus.

Send Alerts to RobustaΒΆ

AlertManager config for sending alerts to Robusta

Add the following to your AlertManager's config Secret

Do not apply in other ways, they all have limitations and won't forward all alerts.

receivers:
  - name: 'robusta'
    webhook_configs:
      - url: 'http://<helm-release-name>-runner.<namespace>.svc.cluster.local/api/alerts'
        send_resolved: true # (3)
  - name: 'default-receiver'

route: # (1)
  routes:
    - receiver: 'robusta'
      group_by: [ '...' ]
      group_wait: 1s
      group_interval: 1s
      matchers:
        - severity =~ ".*"
      repeat_interval: 4h
      continue: true # (2)
  receiver: 'default-receiver'

  1. Put Robusta's route as the first route, to guarantee it receives alerts. If you can't do so, you must guarantee all previous routes set continue: true set.

  2. Keep sending alerts to receivers defined after Robusta.

  3. Important, so Robusta knows when alerts are resolved.

Add the following to your AlertManager configuration, wherever it is defined.

receivers:
  - name: 'robusta'
    webhook_configs:
      - url: 'http://<helm-release-name>-runner.<namespace>.svc.cluster.local/api/alerts'
        send_resolved: true # (3)

route: # (1)
  routes:
    - receiver: 'robusta'
      group_by: [ '...' ]
      group_wait: 1s
      group_interval: 1s
      matchers:
        - severity =~ ".*"
      repeat_interval: 4h
      continue: true # (2)

  1. Put Robusta's route as the first route, to guarantee it receives alerts. If you can't do so, you must guarantee all previous routes set continue: true set.

  2. Keep sending alerts to receivers defined after Robusta.

  3. Important, so Robusta knows when alerts are resolved.

Verify it WorksΒΆ

Send a dummy alert to AlertManager:

robusta demo-alert

If everything is setup properly, this alert will reach Robusta. It will show up in the Robusta UI, Slack, and other configured sinks.

I configured AlertManager, but I'm not receiving alerts?

Try sending a demo-alert as described above. If nothing arrives, check:

  1. AlertManager UI status page - verify that your config was picked up

  2. kube-prometheus-operator logs (if relevant)

  3. AlertManager logs

Reach out on Slack for assistance.

Robusta isn't mapping alerts to Kubernetes resources

Robusta enriches alerts with Kubernetes and log data using Prometheus labels for mapping. Standard label names are used by default. If your setup differs, you can customize this mapping to fit your environment.

Configure Metric QueryingΒΆ

Metrics querying lets Robusta pull metrics and create silences.

If Robusta fails to auto-detect the Prometheus and Alertmanager urls - and you see related connection errors in the logs - configure the prometheus_url and alertmanager_url in your Helm values and update Robusta

globalConfig: # This line should already exist
    # Add the lines below
    alertmanager_url: "http://ALERT_MANAGER_SERVICE_NAME.NAMESPACE.svc.cluster.local:9093" # (1)
    prometheus_url: "http://PROMETHEUS_SERVICE_NAME.NAMESPACE.svc.cluster.local:9090" # (2)

    # If Prometheus has data for multiple clusters, tell Robusta how to query data for this cluster only
    # prometheus_additional_labels:
    #   cluster: 'CLUSTER_NAME_HERE'

    # If using Grafana alerts, add this too
    # grafana_api_key: <YOUR GRAFANA EDITOR API KEY> # (3)
    # alertmanager_flavor: grafana

    # If necessary, see docs below
    # prometheus_auth: ...
    # alertmanager_auth: ...

  1. Example: http://alertmanager-Helm_release_name-kube-prometheus-alertmanager.default.svc.cluster.local:9093.

  2. Example: http://Helm_Release_Name-kube-prometheus-prometheus.default.svc.cluster.local:9090

  3. This is necessary for Robusta to create silences when using Grafana Alerts, because of minor API differences in the AlertManager embedded in Grafana.

You can optionally setup authentication, SSL verification, and other parameters described below.

Verify it WorksΒΆ

Open any application in the Robusta UI. If CPU and memory graphs are shown, everything is working.

If you don't use the Robusta UI, trigger a demo OOMKill alert, and verify that Robusta sends a Slack/Teams message with a memory graph included. If so, everything is configured properly.

Optional SettingsΒΆ

Authentication HeadersΒΆ

If Prometheus and/or AlertManager require authentication, add the following to generated_values.yaml:

globalConfig:
  prometheus_auth: Bearer <YOUR TOKEN> # Replace <YOUR TOKEN> with your actual token or use any other auth header as needed
  alertmanager_auth: Basic <USER:PASSWORD base64-encoded> # Replace <USER:PASSWORD base64-encoded> with your actual credentials, base64-encoded, or use any other auth header as needed

These settings may be configured independently.

SSL VerificationΒΆ

By default, Robusta does not verify the SSL certificate of the Prometheus server.

To enable SSL verification, add the following to Robusta's generated_values.yaml:

runner:
  additional_env_vars:
  - name: PROMETHEUS_SSL_ENABLED
    value: "true"

If you have a custom Certificate Authority (CA) certificate, add one more setting:

runner:
  certificate: "<YOUR BASE-64 ENCODED DATA>" # base64-encoded certificate value