Puppet Class: profile::kafka::broker::monitoring

Defined in:
modules/profile/manifests/kafka/broker/monitoring.pp

Overview

Parameters:

  • kafka_cluster_name (String) (defaults to: lookup('profile::kafka::broker::kafka_cluster_name'))
  • is_critical (Boolean) (defaults to: lookup('profile::kafka::broker::monitoring::is_critical', {'default_value' => false}))
  • should_monitor_tls (Boolean) (defaults to: lookup('profile::kafka::broker::ssl_enabled', {'default_value' => false })) 


14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
 
# File 'modules/profile/manifests/kafka/broker/monitoring.pp', line 14

class profile::kafka::broker::monitoring (
    String $kafka_cluster_name            = lookup('profile::kafka::broker::kafka_cluster_name'),
    Boolean $is_critical                  = lookup('profile::kafka::broker::monitoring::is_critical', {'default_value' => false}),
    Boolean $should_monitor_tls           = lookup('profile::kafka::broker::ssl_enabled', {'default_value' => false }),
) {
    # Get fully qualified Kafka cluster name
    $config        = kafka_config($kafka_cluster_name)
    $kafka_cluster = $config['name']

    $prometheus_jmx_exporter_port = 7800
    $config_dir                   = '/etc/prometheus'
    $jmx_exporter_config_file     = "${config_dir}/kafka_broker_prometheus_jmx_exporter.yaml"

    # Use this in your JAVA_OPTS you pass to the Kafka  broker process
    $java_opts = "-javaagent:/usr/share/java/prometheus/jmx_prometheus_javaagent.jar=${::ipaddress}:${prometheus_jmx_exporter_port}:${jmx_exporter_config_file}"

    # Declare a prometheus jmx_exporter instance.
    # This will render the config file, declare the jmx_exporter_instance,
    # and configure ferm.
    profile::prometheus::jmx_exporter { "kafka_broker_${::hostname}":
        hostname                 => $::hostname,
        port                     => $prometheus_jmx_exporter_port,
        # Allow each kafka broker node access to other broker's prometheus JMX exporter port.
        # This will help us use kafka-tools to calculate partition reassignements
        # based on broker metrics like partition sizes, etc.
        # https://github.com/linkedin/kafka-tools/tree/master/kafka/tools/assigner
        extra_ferm_allowed_nodes => $config['brokers']['array'],
        labels                   => {'kafka_cluster' => $kafka_cluster},
        config_file              => $jmx_exporter_config_file,
        config_dir               => $config_dir,
        source                   => 'puppet:///modules/profile/kafka/broker_prometheus_jmx_exporter.yaml',
    }

    ### Icinga alerts
    # Generate icinga alert if Kafka Broker Server is not running.
    nrpe::monitor_service { 'kafka':
        description  => 'Kafka Broker Server',
        nrpe_command => '/usr/lib/nagios/plugins/check_procs -c 1:1 -C java -a "Kafka /etc/kafka/server.properties"',
        critical     => $is_critical,
        notes_url    => 'https://wikitech.wikimedia.org/wiki/Kafka/Administration',
    }

    if $should_monitor_tls {
        $kafka_ssl_port = $config['brokers']['hash'][$::fqdn]['ssl_port']
        monitoring::service { 'kafka-broker-tls':
            description   => 'Kafka broker TLS certificate validity',
            check_command => "check_ssl_kafka!${::fqdn}!${::fqdn}!${kafka_ssl_port}",
            notes_url     => 'https://wikitech.wikimedia.org/wiki/Kafka/Administration#Renew_TLS_certificate',
        }
    }
}