Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Setup PrometheusRules within Mimir ruler #3127

Closed
Tracked by #3039
marieroque opened this issue Jan 16, 2024 · 12 comments
Closed
Tracked by #3039

Setup PrometheusRules within Mimir ruler #3127

marieroque opened this issue Jan 16, 2024 · 12 comments
Assignees
@QuantumEnigmaa
Labels
component/mimir team/atlas Team Atlas topic/monitoring

Comments

@marieroque
Copy link

marieroque commented Jan 16, 2024
edited
Loading

First work: #2521 (comment)
@marieroque marieroque mentioned this issue Jan 16, 2024
Closed
@github-project-automation github-project-automation bot moved this to Inbox 📥 in Roadmap Jan 16, 2024
@marieroque marieroque self-assigned this Jan 16, 2024
@architectbot architectbot added the team/atlas Team Atlas label Jan 16, 2024
@QuentinBisson QuentinBisson mentioned this issue Jan 22, 2024
Closed
@QuantumEnigmaa
Copy link

I have a PR upstream waiting for approval that will add a specific sa for the ruler allowing to have a specific bucket for it. The PR : grafana/mimir#7132

@QuentinBisson QuentinBisson mentioned this issue Jan 31, 2024
Closed
2 tasks
@QuentinBisson
Copy link

QuentinBisson commented Feb 13, 2024
edited
Loading

Upstream fix released in mimir-app 0.4.2 we can move forward

@QuantumEnigmaa
Copy link

With the current config mimir-ruler is crashlooping fith the following message :

ts=2024-02-14T12:53:56.724145913Z caller=sanity_check.go:115 level=warn msg="Unable to successfully connect to configured object storage (will retry)" err="blocks storage: unable to successfully send a request to object storage: Access Denied"

Still, the mimir-ruler pod is using the mimir-ruler sa wich has the correct irsa annotation with the correct AWS role arn, which in turn has the correct policy to access the ruler bucket.

@QuentinBisson
Copy link

Does the ruler need access to the block_storage section or is it denied access when accessing the new bucket ?

@QuantumEnigmaa
Copy link

That's what I'm trying to understand :/

@QuentinBisson
Copy link

Well yes it is https://github.com/grafana/mimir/blob/e8e77847191e2bbcb9263a6c12ea5c207d93ca53/pkg/mimir/sanity_check.go#L130 :(

@QuentinBisson
Copy link

Maybe we can add some extraPermissions in here https://github.com/giantswarm/object-storage-operator/blob/f377196f346dc79e2bbb8d66d5bb81b4dc4a028c/api/v1alpha1/bucket_types.go#L45 to be able to allow the role access to the other bucket?

@QuantumEnigmaa
Copy link

Maybe we can add some extraPermissions [...] to be able to allow the role access to the other bucket?

I guess that would be the most straightforward way to do it 👍
Can you take care of it or should I do it ?

@QuentinBisson
Copy link

How do you prefer we proceed ? If you want to do it, have fun, otherwise I can :)

@QuantumEnigmaa
Copy link

I'll always want to do things myself but right now I'm busy with PMO so for the sake of efficiency, I think it's better if you take care of it (considering you have time for this obviously). 🙂

@QuentinBisson
Copy link

I'll try to work on it tomorrow then

@QuentinBisson QuentinBisson mentioned this issue Feb 14, 2024
Merged
1 task
@QuentinBisson
Copy link

Fixes object storage to support extra buckets giantswarm/object-storage-operator#89

@github-project-automation github-project-automation bot moved this from Inbox 📥 to Done ✅ in Roadmap Feb 15, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@QuantumEnigmaa QuantumEnigmaa

Labels
component/mimir team/atlas Team Atlas topic/monitoring
Projects
Roadmap
Archived in project
Milestone
No milestone
Development

No branches or pull requests
4 participants
@QuentinBisson @marieroque @architectbot @QuantumEnigmaa