prometheus-operator: Alertmanager Config incompatible with Kustomize

Alertmanager is configured by specifying a secret with the name:

alertmanager-<name>

Kustomize and Kubernetes are moving towards creating temporary secrets of the form:

alertmanager-<hash>

and updating these secrets when the md5sum of the file they reference has changed.

It would be nice to be able to specify the alertmanager configuration file name in the alertmanager resource. Something like:

apiVersion: monitoring.coreos.com/v1
kind: Alertmanager
metadata:
  name: alertmanager
spec:
   alertmanagerConfig: <config-file-name>

This would allow kustomize and other tools to update both the Alertmanager resource and specify new versions of the alertmanager config.

About this issue

  • Original URL
  • State: open
  • Created 6 years ago
  • Reactions: 3
  • Comments: 16 (5 by maintainers)

Most upvoted comments

With #2827 merged, we have alertmanager configs being created by kustomize with the following config (note that we’re using kustomize bundled with kubectl 1.14; newer versions may differ slightly):

  1. In kustomization.yaml:
resources:
  - alertmanager.yaml
configurations:
  - kustomizeconfig/alertmanager.yaml
secretGenerator:
  - name: alertmanager-config
    files:
      - alertmanager.yaml=alertmanager-config.yaml
  1. In kustomizeconfig/alertmanager.yaml:
# This file is a minimal transformer config for kustomize to be able to
# transform the alertmanager.spec.configSecret elemenet:

nameReference:
  - kind: Secret
    fieldSpecs:
      - path: spec/configSecret
        kind: Alertmanager
  1. In alertmanager.yaml (our Alertmanager resource for prom-operator):
 
apiVersion: monitoring.coreos.com/v1
kind: Alertmanager
metadata:
  name: alertmanager
spec:
  replicas: 1
  configSecret: alertmanager-config
  1. in alertmanager-config.yaml (demo configuration from the user guide):
# Demo config that uses a non-existant web-hook.
# This file is intended to be changed to hook into other alerting systems
# but *something* is required to start the alertmanager server.
global:
  resolve_timeout: 5m
route:
  group_by: ['job']
  group_wait: 30s
  group_interval: 5m
  repeat_interval: 12h
  receiver: 'webhook'
receivers:
- name: 'webhook'
  webhook_configs:
  - url: 'http://alertmanager:30500/'
+2
AngusDavis on Oct 23, 2019

You can disable the behavior of appending a suffix to your configmaps/secrets by using generatorOptions. Something like this:

generatorOptions:
  disableNameSuffixHash: true

secretGenerator:
  - name: alertmanager-main
    files:
      - config/alertmanager.yaml
    type: Opaque

I hope it helps!

+1
c0da on Dec 18, 2020
Read more comments on GitHub
← prometheus-operator: Alert K8SApiServerLatency triggering
prometheus-operator: Alertmanager CrashLoopBackOff  →