Skip to content

feat(infra): add alerting pipeline (alertmanager + grafana alerting → discord)#3502

Draft
manamana32321 wants to merge 9 commits intomainfrom
t2644-alerting-pipeline
Draft

feat(infra): add alerting pipeline (alertmanager + grafana alerting → discord)#3502
manamana32321 wants to merge 9 commits intomainfrom
t2644-alerting-pipeline

Conversation

@manamana32321
Copy link
Member

@manamana32321 manamana32321 commented Mar 24, 2026
edited
Loading

Description

AlertManager와 Grafana Alerting 두 경로의 알림 파이프라인 뼈대를 구축합니다.

  • AlertManager (Prometheus → Discord): alertmanagerConfigSecret(SealedSecret)으로 Discord webhook receiver 설정 + HighNodeMemoryUsage PrometheusRule 추가
  • Grafana Alerting (CloudWatch → Discord): Discord contact point + notification policy + RDS FreeStorageSpace Low alert rule (production only)
  • Prometheus ApplicationSet에 Kustomize overlay source 추가 (SealedSecret 배포 경로)
  • SealedSecret: prod/stage 각 클러스터 공개키로 암호화된 Discord webhook URL
  • Production + Stage 양쪽 환경 적용
Prometheus metrics → PrometheusRule → AlertManager → Discord
CloudWatch metrics → Grafana Alerting → Discord

Additional context

Discord webhook은 SealedSecret으로 관리. prod/stage 각각 올바른 클러스터 컨텍스트에서 kubeseal로 생성 완료.

Before submitting the PR, please make sure you do the following

Closes TAS-2644

manamana32321 and others added 2 commits March 25, 2026 00:23
@manamana32321 @claude
feat(infra): add alerting pipeline for AlertManager and Grafana Alerting
85a3b72 
- AlertManager: add alertmanagerConfigSecret reference + HighNodeMemoryUsage PrometheusRule
- Grafana: add Discord contact point, notification policy, and RDS FreeStorageSpace alert rule
- Apply same structure to both production and stage environments
- SealedSecrets to be added separately (requires correct cluster context)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@manamana32321 @claude
feat(infra): add prometheus Kustomize overlays for AlertManager Seale…
ef1f0ec 
…dSecrets

- Create overlays/{production,stage} for environment-specific SealedSecrets
- Add Kustomize source to prometheus ApplicationSet
- SealedSecret files are placeholder (need re-seal with correct cluster context)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@manamana32321 manamana32321 changed the title feat(infra): add alerting pipeline (AlertManager + Grafana Alerting → Discord) feat(infra): add alerting pipeline (alertmanager + grafana alerting → discord) Mar 24, 2026
@manamana32321 manamana32321 marked this pull request as draft March 24, 2026 15:31
@manamana32321 manamana32321 self-assigned this Mar 24, 2026
chatgpt-codex-connector[bot]
chatgpt-codex-connector bot reviewed Mar 24, 2026
View reviewed changes
Copy link

@chatgpt-codex-connector chatgpt-codex-connector bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: ef1f0ec382

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

manamana32321 and others added 2 commits March 25, 2026 01:22
@manamana32321 @claude
style: fix prettier formatting for monitoring yaml files
c5ab75e 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@manamana32321 @claude
chore: add SealedSecrets for Discord webhook alerting
7ed00a8 
AlertManager(prometheus)와 Grafana Alerting 양쪽에
Discord webhook URL을 SealedSecret으로 추가한다.
prod/stage 각각 별도 클러스터 공개키로 암호화.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@manamana32321 manamana32321 marked this pull request as ready for review March 24, 2026 16:59
@manamana32321 manamana32321 marked this pull request as draft March 24, 2026 17:03
chatgpt-codex-connector[bot]
chatgpt-codex-connector bot reviewed Mar 24, 2026
View reviewed changes
Copy link

@chatgpt-codex-connector chatgpt-codex-connector bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 7ed00a8936

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

infra/k8s/monitoring/prometheus/values-production.yaml Outdated

alertmanager:
alertmanagerSpec:
alertmanagerConfigSecret: alertmanager-config
Copy link

@chatgpt-codex-connector chatgpt-codex-connector bot Mar 24, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Badge Use configSecret instead of alertmanagerConfigSecret

The value key under alertmanager.alertmanagerSpec is misspelled: kube-prometheus-stack reads configSecret, so alertmanagerConfigSecret is ignored and the Alertmanager CR keeps using the chart-generated default config instead of your sealed alertmanager-config secret. That means the Discord receiver/routing in the custom config will not be applied (the same typo is also present in infra/k8s/monitoring/prometheus/values-stage.yaml).

Useful? React with 👍 / 👎.

manamana32321 and others added 5 commits March 25, 2026 02:04
@manamana32321 @claude
refactor: use url_file for AlertManager Discord webhook
1b58038 
alertmanagerConfigSecret(config 전체 암호화) 대신
alertmanager.config를 values에 직접 작성하고,
webhook URL만 Secret 볼륨 마운트(url_file)로 주입한다.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@manamana32321 @claude
fix: rename Grafana webhook secret key to DISCORD_WEBHOOK_URL
50912d2 
envFromSecrets는 Secret key를 환경변수명으로 사용하므로
webhook-url(dash 포함) 대신 DISCORD_WEBHOOK_URL로 변경한다.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@manamana32321 @claude
feat: add RDS FreeableMemory and DatabaseConnections alerts
f2f642c 
- FreeableMemory < 300MB 5분 지속 시 경고
- DatabaseConnections > 150 5분 지속 시 경고

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@manamana32321 @claude
refactor: split AWS alert rules into separate values file
36b22d5 
- RDS alert rules를 values-aws-alerts.yaml로 분리
- stage는 RDS 미사용이므로 빈 파일로 처리
- FreeableMemory 룰 제거
- ApplicationSet valueFiles에 values-aws-alerts.yaml 추가

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@manamana32321 @claude
docs: add comment explaining empty stage aws alerts file
b861650 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

At least 1 approving review is required to merge this pull request.

Assignees

@manamana32321 manamana32321

Labels

⛳️ team-infra

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@manamana32321