From 57ed9c47a9024d685d5c9238f8cf30dd3eba220a Mon Sep 17 00:00:00 2001 From: Roman Khavronenko Date: Thu, 11 Aug 2022 13:30:32 +0200 Subject: [PATCH] vmalert: follow-up after 28441711e6784dc3e9a75caf4d096452f0d2ea9c (#2972) Signed-off-by: hagen1778 Signed-off-by: hagen1778 --- app/vmalert/README.md | 12 +++++++++--- app/vmalert/datasource/init.go | 4 ++-- app/vmalert/remoteread/init.go | 7 ++++--- app/vmalert/remotewrite/init.go | 2 +- docs/CHANGELOG.md | 1 + docs/vmalert.md | 12 +++++++++--- 6 files changed, 26 insertions(+), 12 deletions(-) diff --git a/app/vmalert/README.md b/app/vmalert/README.md index 9172d877e..327941784 100644 --- a/app/vmalert/README.md +++ b/app/vmalert/README.md @@ -642,6 +642,8 @@ The shortlist of configuration flags is the following: Whether to align "time" parameter with evaluation interval.Alignment supposed to produce deterministic results despite of number of vmalert replicas or time they were started. See more details here https://github.com/VictoriaMetrics/VictoriaMetrics/pull/1257 (default true) -datasource.roundDigits int Adds "round_digits" GET param to datasource requests. In VM "round_digits" limits the number of digits after the decimal point in response values. + -datasource.showURL + Whether to show -datasource.url in the exported metrics. It is hidden by default, since it can contain sensitive info such as auth key -datasource.tlsCAFile string Optional path to TLS CA file to use for verifying connections to -datasource.url. By default, system CA is used -datasource.tlsCertFile string @@ -653,7 +655,7 @@ The shortlist of configuration flags is the following: -datasource.tlsServerName string Optional TLS server name to use for connections to -datasource.url. By default, the server name from -datasource.url is used -datasource.url string - VictoriaMetrics or vmselect url. Required parameter. E.g. http://127.0.0.1:8428 . See also -remoteRead.disablePathAppend + Datasource compatible with Prometheus HTTP API. It can be single node VictoriaMetrics or vmselect URL. Required parameter. E.g. http://127.0.0.1:8428 . See also '-datasource.disablePathAppend', '-datasource.showURL'. -defaultTenant.graphite string Default tenant for Graphite alerting groups. See https://docs.victoriametrics.com/vmalert.html#multitenancy -defaultTenant.prometheus string @@ -813,6 +815,8 @@ The shortlist of configuration flags is the following: Optional OAuth2 scopes to use for -remoteRead.url. Scopes must be delimited by ';'. -remoteRead.oauth2.tokenUrl string Optional OAuth2 tokenURL to use for -remoteRead.url. + -remoteRead.showURL + Whether to show -remoteRead.url in the exported metrics. It is hidden by default, since it can contain sensitive info such as auth key -remoteRead.tlsCAFile string Optional path to TLS CA file to use for verifying connections to -remoteRead.url. By default system CA is used -remoteRead.tlsCertFile string @@ -824,7 +828,7 @@ The shortlist of configuration flags is the following: -remoteRead.tlsServerName string Optional TLS server name to use for connections to -remoteRead.url. By default the server name from -remoteRead.url is used -remoteRead.url vmalert - Optional URL to VictoriaMetrics or vmselect that will be used to restore alerts state. This configuration makes sense only if vmalert was configured with `remoteWrite.url` before and has been successfully persisted its state. E.g. http://127.0.0.1:8428. See also -remoteRead.disablePathAppend + Optional URL to datasource compatible with Prometheus HTTP API. It can be single node VictoriaMetrics or vmselect.Remote read is used to restore alerts state.This configuration makes sense only if vmalert was configured with `remoteWrite.url` before and has been successfully persisted its state. E.g. http://127.0.0.1:8428. See also '-remoteRead.disablePathAppend', '-remoteRead.showURL'. -remoteWrite.basicAuth.password string Optional basic auth password for -remoteWrite.url -remoteWrite.basicAuth.passwordFile string @@ -855,6 +859,8 @@ The shortlist of configuration flags is the following: Optional OAuth2 scopes to use for -notifier.url. Scopes must be delimited by ';'. -remoteWrite.oauth2.tokenUrl string Optional OAuth2 tokenURL to use for -notifier.url. + -remoteWrite.showURL + Whether to show -remoteWrite.url in the exported metrics. It is hidden by default, since it can contain sensitive info such as auth key -remoteWrite.tlsCAFile string Optional path to TLS CA file to use for verifying connections to -remoteWrite.url. By default system CA is used -remoteWrite.tlsCertFile string @@ -866,7 +872,7 @@ The shortlist of configuration flags is the following: -remoteWrite.tlsServerName string Optional TLS server name to use for connections to -remoteWrite.url. By default the server name from -remoteWrite.url is used -remoteWrite.url string - Optional URL to VictoriaMetrics or vminsert where to persist alerts state and recording rules results in form of timeseries. For example, if -remoteWrite.url=http://127.0.0.1:8428 is specified, then the alerts state will be written to http://127.0.0.1:8428/api/v1/write . See also -remoteWrite.disablePathAppend + Optional URL to VictoriaMetrics or vminsert where to persist alerts state and recording rules results in form of timeseries. For example, if -remoteWrite.url=http://127.0.0.1:8428 is specified, then the alerts state will be written to http://127.0.0.1:8428/api/v1/write . See also -remoteWrite.disablePathAppend, '-remoteWrite.showURL'. -replay.disableProgressBar Whether to disable rendering progress bars during the replay. Progress bar rendering might be verbose or break the logs parsing, so it is recommended to be disabled when not used in interactive mode. -replay.maxDatapointsPerQuery int diff --git a/app/vmalert/datasource/init.go b/app/vmalert/datasource/init.go index b93fe012f..14423d766 100644 --- a/app/vmalert/datasource/init.go +++ b/app/vmalert/datasource/init.go @@ -12,8 +12,8 @@ import ( ) var ( - addr = flag.String("datasource.url", "", "VictoriaMetrics or vmselect url. Required parameter. "+ - "E.g. http://127.0.0.1:8428 . See also -remoteRead.disablePathAppend") + addr = flag.String("datasource.url", "", "Datasource compatible with Prometheus HTTP API. It can be single node VictoriaMetrics or vmselect URL. Required parameter. "+ + "E.g. http://127.0.0.1:8428 . See also '-datasource.disablePathAppend', '-datasource.showURL'.") appendTypePrefix = flag.Bool("datasource.appendTypePrefix", false, "Whether to add type prefix to -datasource.url based on the query type. Set to true if sending different query types to the vmselect URL.") showDatasourceURL = flag.Bool("datasource.showURL", false, "Whether to show -datasource.url in the exported metrics. "+ "It is hidden by default, since it can contain sensitive info such as auth key") diff --git a/app/vmalert/remoteread/init.go b/app/vmalert/remoteread/init.go index d8cd1fce6..1cf40413b 100644 --- a/app/vmalert/remoteread/init.go +++ b/app/vmalert/remoteread/init.go @@ -11,9 +11,10 @@ import ( ) var ( - addr = flag.String("remoteRead.url", "", "Optional URL to VictoriaMetrics or vmselect that will be used to restore alerts "+ - "state. This configuration makes sense only if `vmalert` was configured with `remoteWrite.url` before and has been successfully persisted its state. "+ - "E.g. http://127.0.0.1:8428. See also -remoteRead.disablePathAppend") + addr = flag.String("remoteRead.url", "", "Optional URL to datasource compatible with Prometheus HTTP API. It can be single node VictoriaMetrics or vmselect."+ + "Remote read is used to restore alerts state."+ + "This configuration makes sense only if `vmalert` was configured with `remoteWrite.url` before and has been successfully persisted its state. "+ + "E.g. http://127.0.0.1:8428. See also '-remoteRead.disablePathAppend', '-remoteRead.showURL'.") showRemoteReadURL = flag.Bool("remoteRead.showURL", false, "Whether to show -remoteRead.url in the exported metrics. "+ "It is hidden by default, since it can contain sensitive info such as auth key") diff --git a/app/vmalert/remotewrite/init.go b/app/vmalert/remotewrite/init.go index 6a7f7e3ce..28e65cad1 100644 --- a/app/vmalert/remotewrite/init.go +++ b/app/vmalert/remotewrite/init.go @@ -13,7 +13,7 @@ import ( var ( addr = flag.String("remoteWrite.url", "", "Optional URL to VictoriaMetrics or vminsert where to persist alerts state "+ "and recording rules results in form of timeseries. For example, if -remoteWrite.url=http://127.0.0.1:8428 is specified, "+ - "then the alerts state will be written to http://127.0.0.1:8428/api/v1/write . See also -remoteWrite.disablePathAppend") + "then the alerts state will be written to http://127.0.0.1:8428/api/v1/write . See also -remoteWrite.disablePathAppend, '-remoteWrite.showURL'.") showRemoteWriteURL = flag.Bool("remoteWrite.showURL", false, "Whether to show -remoteWrite.url in the exported metrics. "+ "It is hidden by default, since it can contain sensitive info such as auth key") diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md index 25b286193..256a3a1e9 100644 --- a/docs/CHANGELOG.md +++ b/docs/CHANGELOG.md @@ -15,6 +15,7 @@ The following tip changes can be tested by building VictoriaMetrics components f ## v1.79.x long-time support release (LTS) +* FEATURE: [vmalert](https://docs.victoriametrics.com/vmalert.html): do not show `-remoteWrite.url`, `-remoteRead.url`, `-datasource.url` if corresponding `-remoteWrite.showURL`, `-remoteRead.showURL`, `-datasource.showURL` are set. Thanks to @mble for [PR](https://github.com/VictoriaMetrics/VictoriaMetrics/pull/2965). * SECURITY: upgrade base docker image (alpine) from 3.16.1 to 3.16.2. See [alpine 3.16.2 release notes](https://alpinelinux.org/posts/Alpine-3.13.12-3.14.8-3.15.6-3.16.2-released.html). * BUGFIX: prevent from excess CPU usage when the storage enters [read-only mode](https://docs.victoriametrics.com/Cluster-VictoriaMetrics.html#readonly-mode). diff --git a/docs/vmalert.md b/docs/vmalert.md index 6e3ca4fc1..ae39ddee8 100644 --- a/docs/vmalert.md +++ b/docs/vmalert.md @@ -646,6 +646,8 @@ The shortlist of configuration flags is the following: Whether to align "time" parameter with evaluation interval.Alignment supposed to produce deterministic results despite of number of vmalert replicas or time they were started. See more details here https://github.com/VictoriaMetrics/VictoriaMetrics/pull/1257 (default true) -datasource.roundDigits int Adds "round_digits" GET param to datasource requests. In VM "round_digits" limits the number of digits after the decimal point in response values. + -datasource.showURL + Whether to show -datasource.url in the exported metrics. It is hidden by default, since it can contain sensitive info such as auth key -datasource.tlsCAFile string Optional path to TLS CA file to use for verifying connections to -datasource.url. By default, system CA is used -datasource.tlsCertFile string @@ -657,7 +659,7 @@ The shortlist of configuration flags is the following: -datasource.tlsServerName string Optional TLS server name to use for connections to -datasource.url. By default, the server name from -datasource.url is used -datasource.url string - VictoriaMetrics or vmselect url. Required parameter. E.g. http://127.0.0.1:8428 . See also -remoteRead.disablePathAppend + Datasource compatible with Prometheus HTTP API. It can be single node VictoriaMetrics or vmselect URL. Required parameter. E.g. http://127.0.0.1:8428 . See also '-datasource.disablePathAppend', '-datasource.showURL'. -defaultTenant.graphite string Default tenant for Graphite alerting groups. See https://docs.victoriametrics.com/vmalert.html#multitenancy -defaultTenant.prometheus string @@ -817,6 +819,8 @@ The shortlist of configuration flags is the following: Optional OAuth2 scopes to use for -remoteRead.url. Scopes must be delimited by ';'. -remoteRead.oauth2.tokenUrl string Optional OAuth2 tokenURL to use for -remoteRead.url. + -remoteRead.showURL + Whether to show -remoteRead.url in the exported metrics. It is hidden by default, since it can contain sensitive info such as auth key -remoteRead.tlsCAFile string Optional path to TLS CA file to use for verifying connections to -remoteRead.url. By default system CA is used -remoteRead.tlsCertFile string @@ -828,7 +832,7 @@ The shortlist of configuration flags is the following: -remoteRead.tlsServerName string Optional TLS server name to use for connections to -remoteRead.url. By default the server name from -remoteRead.url is used -remoteRead.url vmalert - Optional URL to VictoriaMetrics or vmselect that will be used to restore alerts state. This configuration makes sense only if vmalert was configured with `remoteWrite.url` before and has been successfully persisted its state. E.g. http://127.0.0.1:8428. See also -remoteRead.disablePathAppend + Optional URL to datasource compatible with Prometheus HTTP API. It can be single node VictoriaMetrics or vmselect.Remote read is used to restore alerts state.This configuration makes sense only if vmalert was configured with `remoteWrite.url` before and has been successfully persisted its state. E.g. http://127.0.0.1:8428. See also '-remoteRead.disablePathAppend', '-remoteRead.showURL'. -remoteWrite.basicAuth.password string Optional basic auth password for -remoteWrite.url -remoteWrite.basicAuth.passwordFile string @@ -859,6 +863,8 @@ The shortlist of configuration flags is the following: Optional OAuth2 scopes to use for -notifier.url. Scopes must be delimited by ';'. -remoteWrite.oauth2.tokenUrl string Optional OAuth2 tokenURL to use for -notifier.url. + -remoteWrite.showURL + Whether to show -remoteWrite.url in the exported metrics. It is hidden by default, since it can contain sensitive info such as auth key -remoteWrite.tlsCAFile string Optional path to TLS CA file to use for verifying connections to -remoteWrite.url. By default system CA is used -remoteWrite.tlsCertFile string @@ -870,7 +876,7 @@ The shortlist of configuration flags is the following: -remoteWrite.tlsServerName string Optional TLS server name to use for connections to -remoteWrite.url. By default the server name from -remoteWrite.url is used -remoteWrite.url string - Optional URL to VictoriaMetrics or vminsert where to persist alerts state and recording rules results in form of timeseries. For example, if -remoteWrite.url=http://127.0.0.1:8428 is specified, then the alerts state will be written to http://127.0.0.1:8428/api/v1/write . See also -remoteWrite.disablePathAppend + Optional URL to VictoriaMetrics or vminsert where to persist alerts state and recording rules results in form of timeseries. For example, if -remoteWrite.url=http://127.0.0.1:8428 is specified, then the alerts state will be written to http://127.0.0.1:8428/api/v1/write . See also -remoteWrite.disablePathAppend, '-remoteWrite.showURL'. -replay.disableProgressBar Whether to disable rendering progress bars during the replay. Progress bar rendering might be verbose or break the logs parsing, so it is recommended to be disabled when not used in interactive mode. -replay.maxDatapointsPerQuery int