Tetrate Istio SubscriptionVersion: NextConfiguring Istio Monitoring
To set up Istio monitoring dashboards and alert rules, you have two options: configuring via Terraform or using a JSON tarball. For the Terraform method, refer to the section Configure with Terraform. If you prefer using a JSON tarball, refer to the section Configure with JSON tarball.
Prerequisites
Before proceeding, please ensure you have:
- Prometheus and Grafana installed and configured. For quick demo setup, you can use Demo Installation.
- Obtained a Grafana token following the official guide.
- CLI tools e.g. terraform if you are using Terraform or curl if you are using JSON tarball.
- Acquired credentials from Tetrate to access TIS add-ons repository.
Tetrate use same credentials for FIPS and Add-ons repositories. If you have already acquired credentials for FIPS repository, you can use the same credentials to access TIS add-ons repository.
Option 1: Configure with Terraform
Installing the Terraform Module
-
Adding credentials
Include the namespace, repository, and credentials in your
.terraformrcorterraform.rcfile. The token should encompass the name of the organization that owns the module, the repository housing the module, and the credentials required for API authentication, separated by slashes:credentials "terraform.cloudsmith.io" { token = "tetrate/tis-containers/<tis_password>" } -
Installing the Istio monitoring module
Once your credentials are configured, you can employ the Istio monitoring module as demonstrated below:
module "istio_monitoring_grafana" { source = "terraform.cloudsmith.io/tis-containers/istio-monitoring-grafana/tetrate" version = "v0.2.0" gf_url = "<grafana_endpoint>" gf_auth = "<grafana_token>" }After adding this, execute the following commands:
terraform init
terraform plan
terraform apply -auto-approve
Option 2: Configure with JSON tarball
Set the correct environment variables:
export GRAFANA_ENDPOINT=<grafana_endpoint>
export GRAFANA_TOKEN=<grafana_token>
export TIS_PASS=<tis_password>
Downloading Artifacts
Retrieve the JSON tarball artifact containing the dashboards and alert rules.
curl -O "https://dl.cloudsmith.io/$TIS_PASS/tetrate/tis-containers/raw/files/tetrate-istio-monitoring-grafana-v0.2.0.tar.gz"
Untar the tarball with:
tar -zxvf tetrate-istio-monitoring-grafana-v0.2.0.tar.gz
Importing Dashboards
Grafana facilitates the process of importing dashboards. For detailed steps, consult Grafana's official documentation on importing a dashboard.
JSON files can be located under dashboards:
> tree dashboards
dashboards
├── README.md
├── istio-extension-dashboard.json
├── istio-service-dashboard.json
├── istio-workload-dashboard.json
└── pilot-dashboard.json
Provisioning Alert Rules
To provision alert rules in Grafana using the HTTP API, follow these steps:
-
Generate alert rule configuration:
Alert rules should be associated with a data source. You can obtain the data source UID from the Grafana WebUI and then generate the JSON file from the template file using the following commands:
GRAFANA_DATASOURCE=<data_source_uid> envsubst < alerts/dataplane.json.tpl > dataplane.json
GRAFANA_DATASOURCE=<data_source_uid> envsubst < alerts/controlplane.json.tpl > controlplane.json -
(Optional) Create an
istiofolder if required:curl -X POST -H "Authorization: Bearer $GRAFANA_TOKEN" \
-H "Content-type: application/json" "$GRAFANA_ENDPOINT/api/folders" \
--data '{"title":"istio"}' -
Create alert rules:
curl -X POST -H "Authorization: Bearer $GRAFANA_TOKEN" \
-H "Content-type: application/json" "$GRAFANA_ENDPOINT/api/ruler/grafana/api/v1/rules/istio" \
--data "@dataplane.json"
curl -X POST -H "Authorization: Bearer $GRAFANA_TOKEN" \
-H "Content-type: application/json" "$GRAFANA_ENDPOINT/api/ruler/grafana/api/v1/rules/istio" \
--data "@controlplane.json"
These steps will help you provision alert rules in Grafana using the provided HTTP API.