14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
|
# File 'modules/profile/manifests/kafka/broker/monitoring.pp', line 14
class profile::kafka::broker::monitoring (
String $kafka_cluster_name = lookup('profile::kafka::broker::kafka_cluster_name'),
Boolean $is_critical = lookup('profile::kafka::broker::monitoring::is_critical', {'default_value' => false}),
Boolean $should_monitor_tls = lookup('profile::kafka::broker::ssl_enabled', {'default_value' => false }),
) {
# Get fully qualified Kafka cluster name
$config = kafka_config($kafka_cluster_name)
$kafka_cluster = $config['name']
$prometheus_jmx_exporter_port = 7800
$config_dir = '/etc/prometheus'
$jmx_exporter_config_file = "${config_dir}/kafka_broker_prometheus_jmx_exporter.yaml"
# Use this in your JAVA_OPTS you pass to the Kafka broker process
$java_opts = "-javaagent:/usr/share/java/prometheus/jmx_prometheus_javaagent.jar=${::ipaddress}:${prometheus_jmx_exporter_port}:${jmx_exporter_config_file}"
# Declare a prometheus jmx_exporter instance.
# This will render the config file, declare the jmx_exporter_instance,
# and configure ferm.
profile::prometheus::jmx_exporter { "kafka_broker_${::hostname}":
hostname => $::hostname,
port => $prometheus_jmx_exporter_port,
# Allow each kafka broker node access to other broker's prometheus JMX exporter port.
# This will help us use kafka-tools to calculate partition reassignements
# based on broker metrics like partition sizes, etc.
# https://github.com/linkedin/kafka-tools/tree/master/kafka/tools/assigner
extra_ferm_allowed_nodes => $config['brokers']['array'],
labels => {'kafka_cluster' => $kafka_cluster},
config_file => $jmx_exporter_config_file,
config_dir => $config_dir,
source => 'puppet:///modules/profile/kafka/broker_prometheus_jmx_exporter.yaml',
}
### Icinga alerts
# Generate icinga alert if Kafka Broker Server is not running.
nrpe::monitor_service { 'kafka':
description => 'Kafka Broker Server',
nrpe_command => '/usr/lib/nagios/plugins/check_procs -c 1:1 -C java -a "Kafka /etc/kafka/server.properties"',
critical => $is_critical,
notes_url => 'https://wikitech.wikimedia.org/wiki/Kafka/Administration',
}
if $should_monitor_tls {
$kafka_ssl_port = $config['brokers']['hash'][$::fqdn]['ssl_port']
monitoring::service { 'kafka-broker-tls':
description => 'Kafka broker TLS certificate validity',
check_command => "check_ssl_kafka!${::fqdn}!${::fqdn}!${kafka_ssl_port}",
notes_url => 'https://wikitech.wikimedia.org/wiki/Kafka/Administration#Renew_TLS_certificate',
}
}
}
|