Git Product home page Git Product logo

sensu-entity-manager's Introduction

Sensu Bonsai Asset goreleaser Go Test goreleaser

Sensu Entity Manager

Table of Contents

Overview

Event-based Sensu entity management for automated service-discovery (add/remove subscriptions) and other automation workflows. The Sensu Entity Manager works with any check plugin or event producer that generates one instruction per line of event.check.output in any of the following formats:

  • Subscriptions (one string per line):

    Example check output:

    system/linux
postgres

    Example event payload:

    {
  "metadata": {},
  "entity": {},
  "check": {
    "metadata": {
      "name": "example",
      "labels": {},
      "metadata": {}
    },
    "handlers": [
      "subscription-manager"
    ],
    "output": "system/linux\npostgres",
    "status": 0,
    "...": "..."
  },
  "metrics": {},
  "id": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
  "timestamp": 1234567890
}

    Example handler definition:

    ---
type: Handler
api_version: core/v2
metadata:
  name: subscription-manager
spec:
  command: sensu-entity-manager --add-subscriptions
  ...: ...

  • Labels and Annotations (one key=value pair per line):

    Example check output:

    region=us-west-2
application_id=1001

    Example event payload:

    {
  "metadata": {},
  "entity": {},
  "check": {
    "metadata": {
      "name": "example",
      "labels": {},
      "metadata": {}
    },
    "handlers": [
      "label-manager"
    ],
    "output": "region=us-west-2\napplication_id=1001",
    "status": 0,
    "...": "..."
  },
  "metrics": {},
  "id": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
  "timestamp": 1234567890
}

    Example handler definition:

    ---
type: Handler
api_version: core/v2
metadata:
  name: label-manager
spec:
  command: sensu-entity-manager --add-labels
  ...: ...

  • Commands (one space-separated command argument pair per line):

    Example check output:

    add-subscription system/linux
add-subscription postgres
add-label region=us-west-2
add-annotation application_id=1001

    Example event payload:

    {
  "metadata": {},
  "entity": {},
  "check": {
    "metadata": {
      "name": "example",
      "labels": {},
      "metadata": {}
    },
    "handlers": [
      "entity-manager"
    ],
    "output": "add-subscription system/linux\nadd-subscription postgres\nadd-label region=us-west-2\nadd-annotation application_id=1001",
    "status": 0,
    "...": "..."
  },
  "metrics": {},
  "id": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
  "timestamp": 1234567890
}

    Example handler definition:

    ---
type: Handler
api_version: core/v2
metadata:
  name: entity-manager
spec:
  command: sensu-entity-manager --add-all
  ...: ...

Usage examples

Help output

$ sensu-entity-manager --help
Event-based Sensu entity management for service-discovery (add/remove subscriptions) and other automation workflows.

Usage:
  sensu-entity-manager [flags]
  sensu-entity-manager [command]

Available Commands:
  help        Help about any command
  version     Print the version number of this plugin

Flags:
  -t, --access-token string      Sensu Access Token
      --add-all                  Checks event.Check.Output for a newline-separated list of entity management commands to execute
      --add-annotations          Checks event.Check.Output for a newline-separated list of annotation key=value pairs to add
      --add-labels               Checks event.Check.Output for a newline-separated list of label key=value pairs to add
      --add-subscriptions        Checks event.Check.Output for a newline-separated list of subscriptions to add
  -k, --api-key string           Sensu API Key
  -a, --api-url string           Sensu API URL (default "http://127.0.0.1:8080")
  -h, --help                     help for sensu-entity-manager
  -c, --trusted-ca-file string   Sensu Trusted Certificate Authority file

Use "sensu-entity-manager [command] --help" for more information about a command.

Environment variables

Argument Environment Variable
--api-url SENSU_API_URL
--api-key SENSU_API_KEY
--access-token SENSU_ACCESS_TOKEN
--trusted-ca-file SENSU_TRUSTED_CA_FILE

Security Note: Care should be taken to not expose the API key or access token for this handler by explicitly specifying either on the command line or by directly setting the environment variable(s) in the handler definition. It is suggested to make use of secrets management to provide the API key or access token as environment variables. The handler definition shown below references the API Key as a secret using the built-in env secrets provider.

Configuration

Asset registration

Sensu Assets are the best way to make use of this plugin. If you're not using an asset, please consider doing so! If you're using sensuctl 5.13 with Sensu Backend 5.13 or later, you can use the following command to add the asset:

sensuctl asset add sensu/sensu-entity-manager

If you're using an earlier version of sensuctl, you can find the asset on the Bonsai Asset Index.

Handler definition

---
type: Handler
api_version: core/v2
metadata:
  name: sensu-entity-manager
spec:
  type: pipe
  command: >-
    sensu-entity-manager
    --add-all
  timeout: 5
  runtime_assets:
  - sensu/sensu-entity-manager:0.1.1
  secrets:
  - name: SENSU_API_KEY
    secret: entity-manager-api-key
---
type: Secret
api_version: secrets/v1
metadata:
  name: entity-manager-api-key
spec:
  provider: env
  id: SENSU_ENTITY_MANAGER_API_KEY

Proxy Support

This handler supports the use of the environment variables HTTP_PROXY, HTTPS_PROXY, and NO_PROXY (or the lowercase versions thereof). HTTPS_PROXY takes precedence over HTTP_PROXY for https requests. The environment values may be either a complete URL or a "host[:port]", in which case the "http" scheme is assumed.

Supported Annotations

The following event-scoped annotations are supported.

  • sensu.io/plugins/sensu-entity-manager/config/patch/subscriptions

    Comma-separated list of subscriptions to add (e.g. nginx,http-service).

  • sensu.io/plugins/sensu-entity-manager/config/patch/labels

    Comma-separated list of key=value pairs to add (e.g. region=us-west-1,app=example).

  • sensu.io/plugins/sensu-entity-manager/config/patch/annotations

    Semicolon-separated list of key=value pairs to add (e.g. scrape_config="{\"ports\": [9091,9093]}";service_account=sensu).

NOTE: event-scoped annotations are set at the root-level of the event (i.e. event.Annotations). Entity-scoped (event.Entity.Annotations) and Check-scoped (event.Check.Annotations) annotations are currently not supported.

Examples

To change the example argument for a particular check, for that checks's metadata add the following:

type: CheckConfig
api_version: core/v2
metadata:
  annotations:
    sensu.io/plugins/sensu-entity-manager/config/example-argument: "Example change"
[...]

Installation from source

The preferred way of installing and deploying this plugin is to use it as an Asset. If you would like to compile and install the plugin from source or contribute to it, download the latest version or create an executable from this source.

From the local path of the sensu-entity-manager repository:

go build

Roadmap

  • Add support for adding/modifying entity subscriptions
  • Add support for adding/modifying entity labels
  • Add support for adding/modifying entity annotations
  • Add support for modifying other entity-patchable fields (e.g. created_by, entity_class, deregister, etc).

Contributing

For more information about contributing to this plugin, see Contributing.

sensu-entity-manager's People

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

nixwiz isabella232 afaque-anwar-azad francispereira

sensu-entity-manager's Issues

Q1'21 handler maintenance

Repository Updates

Module Updates

  • Update SDK, core, and all other modules with 'go get -u' (note: This may require some manual cleanup)
  • Cleanup with 'go mod tidy'

README Updates

  • Add note on templates and link to docs, when needed
  • Ensure help output is current
  • Caveat on using check annotations (ref https://github.com/sensu/sensu-pagerduty-handler/blob/master/README.md)
  • Make sure annotations are explained as overrides
  • Add table of environment variables available
  • Make sure layout matches current standard
  • Remove empty sections (e.g. Files, Additional Notes)

Golang version updates

  • Update go.mod to use 1.14
  • Update GitHub Actions (release and test) to use 1.14

GitHub Actions Updates

  • All have lint, test, and release actions
  • Add PR to lint and test actions on OSS handlers

Secrets update

  • For any password/token arguments, ensure 'Secret: true' is set

Code updates

  • Output supporting templates where it makes sense to (make sure to document in README)
  • Replace import of types with api/core/v2 and change *types.Event references to *corev2.Event
  • Run 'gofmt' on all source files

Output logging

  • Output logging information (e.g. any incident or job # created)

Release

  • Make sure Bonsai and GoReleaser configs are in sync and functioning Remove 32 bit macOS from Bonsai
  • Add any changes to CHANGELOG
  • Submit PR
  • After merge, cut a new release
  • In bonsai make sure the handler has the right tier (supported, enterprise)

Update curation(s)

  • Update (or add new) curations to use new version/assets (add in template args if available)

Auto mode?

The initial/prototype implementation here assumes that the handler will be used to manage a single entity property (e.g. --add-subscriptions, --add-labels, or --add-annotations). It occurs to me that a more advanced mode of operation could be supported which expected to manage multiple entity properties, one per line of output in event.check.output.

For example, the following output could be used to manage multiple entity properties:

add-subscription linux
add-subscription postgres
add-label foo=bar
add-label bar=baz
add-annotation sensu.io/plugins/slack/config/channel=team-a

The Sensu Entity Manager could parse each line of output and evaluate if strings.Split(line, " ")[0] matched one of the commands (i.e. --add-subscription, --add-label, --add-annotation, or some future command) and apply the corresponding modification to the Entity.

Is this crazy?

Unable to remove subscriptions

Hello,
I am using this in conjunction with the Sensu Path Discovery asset. The handler works great when adding new subscriptions but subsequent deleted paths (and therefore subscriptions passed to the handler) do not get removed from the entity. If this is desired behavior what is the expected workflow for dynamically removing subscriptions? Running latest agent/backend cluster as well. Please let me know if you would like more information. Cheers

Detect if agent_managed_entity is set, log a warning

The entity manager is incompatible with agent-managed entities (see sensu-agent start --agent-managed-entity). We should check for entity.metadata.labels["sensu.io/managed_by"] and log a warning if the value is sensu-agent.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.