a9s Prometheus
This documentation describes the a9s Prometheus service. a9s Prometheus enables on-demand provisioning of VM-based, dedicated Prometheus system, which contains prometheus, grafana, alertmanager and graphite exporter by default. The graphite exporter contains a huge set of metric mapping to be fully compatible with the metrics sent out by the a9s Data Services. Additionally a huge set of default alerts is also available from the beginning and should fit to a bunch of use cases.
Developers can create instances of a Prometheus system using Apps Manager or the Cloud Foundry Command Line
interface (cf CLI). The information about the deployed components appear if the developer creates a service key or
if the service is bound to an app.
You can access the web interfaces of the system by creating a cf ssh tunnel and using the information within the service key.
Overview
When you run the cf CLI cf create-service a9s-prometheus command, BOSH creates dedicated
VMs for this service instance. This allows the best possible bad neighborhood protection.
Prometheus service instance provisioning, including VM orchestration, is entirely automated. This enables service instances to be highly isolated and shielded by infrastructure virtualization mechanisms.
Due to the on-demand provisioning on VMs, only existing service instances allocate infrastructure resources. These resources are released when service instances are destroyed. Using on-demand provisioning the number of service instances is not limited by design.
Current Features
The current version of a9s Prometheus includes the following key features:
| Feature | Benefit |
|---|---|
| On-Demand Service Instance Provisioning | a9s Prometheus deploys Prometheus instances automatically. Developers can provision a Prometheus system using a single command. |
| Service Instance Isolation | Each Prometheus system runs on dedicated VMs to ensure bad neighborhood protection in order to be aligned with enterprise security requirements. a9s Prometheus uses Cloud Foundry security groups to prevent network connections being established by unauthorized apps. |
| Smoke Tests | a test to ensure the metric streaming to a Prometheus platform instance is available in each service deployment. |
| Service Instance Capacity Upgrade | Cloud Foundry Service Plan updates allow upgrades to the RAM, CPU, and storage capacity for your Prometheus instances. |
| Deployment Updater | This errand automatically updates the stemcell and all provisioned a9s Prometheus service instances to their lastest version. |
| CF Service Guard | The CF Service Guard creates Cloud Foundry App Security Groups for your service instance VMs. When the IP address of a service instance changes, the CF Service Guard updates the ASG. |
| a9s Data Service compatibility | The a9s Prometheus service is fully compatible with the a9s Data Service instances, graphite metric mappings for all metrics are already included and a huge set of default alerts too. |
Limitations
a9s Prometheus is still in beta, please note the following restrictions:
- Encryption in transit is not available for client-side nor internal communication
- The configuration of Prometheus, Graphite and Grafana are not backed up in any way
- Only non-clustered instances are available
- a9s Prometheus doesn't come with a dashboard, as there is no backup functionality, this
also means:
- Basic system metrics are not available as there is no dashboard to display them
- Grafana or Prometheus dashboards must be opened via a special URL
- Metrics and Logs are not available for a9s Prometheus' instance components
- The service instances are not protected with a9s Parachute, which means that neither the ephemeral nor the persistent disk are protected from overflow/overuse