alertmanager-irc-relay: Route alerts through reverse proxy
Second part necessary for [1].
The dns record alertmanager-irc-relay.admin.swh.network is referenced in gandi's side.
Octo happy [2]
[0] Target:
graph LR;
subgraph environment internet
irc
end
ingress[ingress <br /> alertmanager-irc-relay.internal.admin.swh.network] --> |routing rule| service;
subgraph environment admin
rp[alertmanager-irc-relay.admin.swh.network];
rp --> ingress
subgraph cluster admin
ingress;
alertmanager_adm;
alertmanager_adm --> service([alertmanager_irc_relay]);
service-->pod[Pod];
pod -.push alerts.-> irc([/join #swh-sysadm]);
end
end
subgraph environment rocq
subgraph cluster staging
alertmanager_stg;
alertmanager_stg --> ingress;
end
subgraph cluster production
alertmanager_prd;
alertmanager_prd --> ingress;
end
end
subgraph environment azure
subgraph cluster gitlab
alertmanager_glb;
alertmanager_glb --> rp;
end
subgraph cluster rancher
alertmanager_rch;
alertmanager_rch --> rp;
end
end
classDef plain fill:#ddd,stroke:#fff,stroke-width:4px,color:#000;
classDef k8s fill:#326ce5,stroke:#fff,stroke-width:4px,color:#fff;
classDef cluster fill:#fff,stroke:#bbb,stroke-width:2px,color:#326ce5;
class ingress,service,pod k8s;
class alertmanager_prd,alertmanager_stg,alertmanager_adm,alertmanager_glb,alertmanager_rch plain;
class cluster,environment cluster;[1] swh/infra/ci-cd/swh-charts!113 (merged)
[2]
$ $SWH_PUPPET_ENVIRONMENT_HOME/bin/octocatalog-diff --to staging-add-alertmanager-irc-relay rp1.internal.admin.swh.network
Found host rp1.internal.admin.swh.network
Cloning into '/tmp/swh-ocd.mZWuEMiV/swh-site'...
done.
branch 'staging-add-alertmanager-irc-relay' set up to track 'origin/staging-add-alertmanager-irc-relay'.
Switched to a new branch 'staging-add-alertmanager-irc-relay'
WARN -> Environment "staging-add-alertmanager-irc-relay" contained non-word characters, correcting name to staging_add_alertmanager_irc_relay
Cloning into '/tmp/swh-ocd.mZWuEMiV/environments/production/data/private'...
done.
Cloning into '/tmp/swh-ocd.mZWuEMiV/environments/staging_add_alertmanager_irc_relay/data/private'...
done.
*** Running octocatalog-diff on host rp1.internal.admin.swh.network
I, [2023-08-29T16:06:28.663916 #316644] INFO -- : Catalogs compiled for rp1.internal.admin.swh.network
I, [2023-08-29T16:06:29.046774 #316644] INFO -- : Diffs computed for rp1.internal.admin.swh.network
diff origin/production/rp1.internal.admin.swh.network current/rp1.internal.admin.swh.network
*******************************************
+ Concat::Fragment[/etc/varnish/includes.vcl:alertmanager_irc_relay] =>
parameters =>
"content": "include \"includes/01_alertmanager_irc_relay.vcl\";",
"order": "01",
"target": "/etc/varnish/includes.vcl"
*******************************************
+ Concat::Fragment[/etc/varnish/includes.vcl:vhost_alertmanager-irc-relay.admin.swh.network] =>
parameters =>
"content": "include \"includes/50_vhost_alertmanager-irc-relay.admin.swh.net...
"order": "50",
"target": "/etc/varnish/includes.vcl"
*******************************************
+ Concat::Fragment[alertmanager-irc-relay.admin.swh.network cacert] =>
parameters =>
"notify": "Class[Hitch::Service]",
"order": "03",
"source": "/etc/ssl/certs/letsencrypt/alertmanager-irc-relay.admin.swh.netwo...
"target": "/etc/hitch/alertmanager-irc-relay.admin.swh.network.pem"
*******************************************
+ Concat::Fragment[alertmanager-irc-relay.admin.swh.network cert] =>
parameters =>
"notify": "Class[Hitch::Service]",
"order": "02",
"source": "/etc/ssl/certs/letsencrypt/alertmanager-irc-relay.admin.swh.netwo...
"target": "/etc/hitch/alertmanager-irc-relay.admin.swh.network.pem"
*******************************************
+ Concat::Fragment[alertmanager-irc-relay.admin.swh.network dhparams] =>
parameters =>
"notify": "Class[Hitch::Service]",
"order": "04",
"source": "/etc/hitch/dhparams.pem",
"target": "/etc/hitch/alertmanager-irc-relay.admin.swh.network.pem"
*******************************************
+ Concat::Fragment[alertmanager-irc-relay.admin.swh.network key] =>
parameters =>
"notify": "Class[Hitch::Service]",
"order": "01",
"source": "/etc/ssl/certs/letsencrypt/alertmanager-irc-relay.admin.swh.netwo...
"target": "/etc/hitch/alertmanager-irc-relay.admin.swh.network.pem"
*******************************************
+ Concat::Fragment[hitch::domain alertmanager-irc-relay.admin.swh.network] =>
parameters =>
"content": "pem-file = \"/etc/hitch/alertmanager-irc-relay.admin.swh.network...
"notify": "Class[Hitch::Service]",
"order": "10",
"target": "/etc/hitch/hitch.conf"
*******************************************
+ Concat[/etc/hitch/alertmanager-irc-relay.admin.swh.network.pem] =>
parameters =>
"backup": "puppet",
"ensure": "present",
"ensure_newline": false,
"force": false,
"format": "plain",
"group": "_hitch",
"mode": "0640",
"notify": "Class[Hitch::Service]",
"order": "alpha",
"owner": "root",
"path": "/etc/hitch/alertmanager-irc-relay.admin.swh.network.pem",
"replace": true,
"show_diff": true,
"warn": false
*******************************************
+ Concat_file[/etc/hitch/alertmanager-irc-relay.admin.swh.network.pem] =>
parameters =>
"backup": "puppet",
"ensure_newline": false,
"force": false,
"format": "plain",
"group": "_hitch",
"mode": "0640",
"order": "alpha",
"owner": "root",
"replace": true,
"show_diff": true,
"tag": "_etc_hitch_alertmanager-irc-relay.admin.swh.network.pem"
*******************************************
+ Concat_fragment[/etc/varnish/includes.vcl:alertmanager_irc_relay] =>
parameters =>
"content": "include \"includes/01_alertmanager_irc_relay.vcl\";",
"order": "01",
"tag": "_etc_varnish_includes.vcl",
"target": "/etc/varnish/includes.vcl"
*******************************************
+ Concat_fragment[/etc/varnish/includes.vcl:vhost_alertmanager-irc-relay.admin.swh.network] =>
parameters =>
"content": "include \"includes/50_vhost_alertmanager-irc-relay.admin.swh.net...
"order": "50",
"tag": "_etc_varnish_includes.vcl",
"target": "/etc/varnish/includes.vcl"
*******************************************
+ Concat_fragment[alertmanager-irc-relay.admin.swh.network cacert] =>
parameters =>
"order": "03",
"source": "/etc/ssl/certs/letsencrypt/alertmanager-irc-relay.admin.swh.netwo...
"tag": "_etc_hitch_alertmanager-irc-relay.admin.swh.network.pem",
"target": "/etc/hitch/alertmanager-irc-relay.admin.swh.network.pem"
*******************************************
+ Concat_fragment[alertmanager-irc-relay.admin.swh.network cert] =>
parameters =>
"order": "02",
"source": "/etc/ssl/certs/letsencrypt/alertmanager-irc-relay.admin.swh.netwo...
"tag": "_etc_hitch_alertmanager-irc-relay.admin.swh.network.pem",
"target": "/etc/hitch/alertmanager-irc-relay.admin.swh.network.pem"
*******************************************
+ Concat_fragment[alertmanager-irc-relay.admin.swh.network dhparams] =>
parameters =>
"order": "04",
"source": "/etc/hitch/dhparams.pem",
"tag": "_etc_hitch_alertmanager-irc-relay.admin.swh.network.pem",
"target": "/etc/hitch/alertmanager-irc-relay.admin.swh.network.pem"
*******************************************
+ Concat_fragment[alertmanager-irc-relay.admin.swh.network key] =>
parameters =>
"order": "01",
"source": "/etc/ssl/certs/letsencrypt/alertmanager-irc-relay.admin.swh.netwo...
"tag": "_etc_hitch_alertmanager-irc-relay.admin.swh.network.pem",
"target": "/etc/hitch/alertmanager-irc-relay.admin.swh.network.pem"
*******************************************
+ Concat_fragment[hitch::domain alertmanager-irc-relay.admin.swh.network] =>
parameters =>
"content": "pem-file = \"/etc/hitch/alertmanager-irc-relay.admin.swh.network...
"order": "10",
"tag": "_etc_hitch_hitch.conf",
"target": "/etc/hitch/hitch.conf"
*******************************************
+ File[/etc/ssl/certs/letsencrypt/alertmanager-irc-relay.admin.swh.network/cert.pem] =>
parameters =>
"ensure": "present",
"group": "root",
"mode": "0644",
"owner": "root",
"source": "puppet:///le_certs/alertmanager-irc-relay.admin.swh.network/cert....
*******************************************
+ File[/etc/ssl/certs/letsencrypt/alertmanager-irc-relay.admin.swh.network/chain.pem] =>
parameters =>
"ensure": "present",
"group": "root",
"mode": "0644",
"owner": "root",
"source": "puppet:///le_certs/alertmanager-irc-relay.admin.swh.network/chain...
*******************************************
+ File[/etc/ssl/certs/letsencrypt/alertmanager-irc-relay.admin.swh.network/fullchain.pem] =>
parameters =>
"ensure": "present",
"group": "root",
"mode": "0644",
"owner": "root",
"source": "puppet:///le_certs/alertmanager-irc-relay.admin.swh.network/fullc...
*******************************************
+ File[/etc/ssl/certs/letsencrypt/alertmanager-irc-relay.admin.swh.network/privkey.pem] =>
parameters =>
"ensure": "present",
"group": "root",
"mode": "0600",
"owner": "root",
"source": "puppet:///le_certs/alertmanager-irc-relay.admin.swh.network/privk...
*******************************************
+ File[/etc/ssl/certs/letsencrypt/alertmanager-irc-relay.admin.swh.network] =>
parameters =>
"ensure": "directory",
"group": "root",
"mode": "0755",
"owner": "root"
*******************************************
+ File[/etc/varnish/includes/01_alertmanager_irc_relay.vcl] =>
parameters =>
"content": "# backend_default.vcl\n#\n# Default backend definition.\n#\n# Fi...
"group": "root",
"mode": "0644",
"notify": "Exec[vcl_reload]",
"owner": "root"
*******************************************
+ File[/etc/varnish/includes/50_vhost_alertmanager-irc-relay.admin.swh.network.vcl] =>
parameters =>
"content": "# vhost_alertmanager-irc-relay.admin.swh.network.vcl\n#\n# Setti...
"group": "root",
"mode": "0644",
"notify": "Exec[vcl_reload]",
"owner": "root"
*******************************************
+ Hitch::Domain[alertmanager-irc-relay.admin.swh.network] =>
parameters =>
"cacert_source": "/etc/ssl/certs/letsencrypt/alertmanager-irc-relay.admin.sw...
"cert_source": "/etc/ssl/certs/letsencrypt/alertmanager-irc-relay.admin.swh....
"default": false,
"ensure": "present",
"key_source": "/etc/ssl/certs/letsencrypt/alertmanager-irc-relay.admin.swh.n...
*******************************************
+ Profile::Hitch::Ssl_cert[alertmanager-irc-relay.admin.swh.network] =>
parameters =>
"ssl_cert_name": "alertmanager-irc-relay.admin.swh.network"
*******************************************
+ Profile::Letsencrypt::Certificate[alertmanager-irc-relay.admin.swh.network] =>
parameters =>
"basename": "alertmanager-irc-relay.admin.swh.network",
"privkey_group": "root",
"privkey_mode": "0600",
"privkey_owner": "root",
"source_cert": "alertmanager-irc-relay.admin.swh.network"
*******************************************
+ Profile::Varnish::Vcl_include[alertmanager_irc_relay] =>
parameters =>
"basename": "alertmanager_irc_relay",
"content": "# backend_default.vcl\n#\n# Default backend definition.\n#\n# Fi...
"order": "01"
*******************************************
+ Profile::Varnish::Vcl_include[vhost_alertmanager-irc-relay.admin.swh.network] =>
parameters =>
"basename": "vhost_alertmanager-irc-relay.admin.swh.network",
"content": "# vhost_alertmanager-irc-relay.admin.swh.network.vcl\n#\n# Setti...
"order": "50"
*******************************************
+ Profile::Varnish::Vhost[alertmanager-irc-relay.admin.swh.network] =>
parameters =>
"aliases": [
],
"backend_http_host": "k8s-admin-rke2.internal.admin.swh.network",
"backend_http_port": "80",
"backend_name": "alertmanager_irc_relay",
"basic_auth": false,
"hsts_max_age": 15768000,
"order": "50",
"servername": "alertmanager-irc-relay.admin.swh.network",
"websocket_support": false
*******************************************
+ Varnish::Vcl[/etc/varnish/includes/01_alertmanager_irc_relay.vcl] =>
parameters =>
"content": "# backend_default.vcl\n#\n# Default backend definition.\n#\n# Fi...
"file": "/etc/varnish/includes/01_alertmanager_irc_relay.vcl"
*******************************************
+ Varnish::Vcl[/etc/varnish/includes/50_vhost_alertmanager-irc-relay.admin.swh.network.vcl] =>
parameters =>
"content": "# vhost_alertmanager-irc-relay.admin.swh.network.vcl\n#\n# Setti...
"file": "/etc/varnish/includes/50_vhost_alertmanager-irc-relay.admin.swh.net...
*******************************************
*** End octocatalog-diff on rp1.internal.admin.swh.networkEdited by Antoine R. Dumont