Skip to content

Commit

Permalink
Publish AST v0.3.0
Browse files Browse the repository at this point in the history
  • Loading branch information
Applciation Study Tool Builder committed Aug 26, 2024
1 parent 7b6bef1 commit f3e4fd4
Show file tree
Hide file tree
Showing 6 changed files with 919 additions and 895 deletions.
5 changes: 5 additions & 0 deletions .github/ISSUE_TEMPLATE/bug_report.md
Original file line number Diff line number Diff line change
Expand Up @@ -37,3 +37,8 @@ If the issue is in regards to missing data in dashboards, please also run the fo
```
curl 'localhost:9090/federate?match[]=%7B__name__%3D~"f5.%2A"%7D'
```

Logs for the collector can be gathered with:
```
docker logs application-study-tool-otel-collector-1 --tail 1000
```
51 changes: 46 additions & 5 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -25,11 +25,20 @@ docker (or compatible) - [Installation Instructions](https://docs.docker.com/eng
Clone the repo or download source tarball from the [release](https://github.com/f5devcentral/application-study-tool/releases) section.

```shell
# Clone the repo
git clone https://github.com/f5devcentral/application-study-tool.git
cd application-study-tool
# Edit the following file with Grafana variables as required
cp .env-example .env
# Edit the following file with device secrets as required (see "Configure Device Secrets" below)
cp .env.device-secrets-example .env.device-secrets
# Edit the config file with device / connection info (see "Configure Devices To Scrape" below)
vi ./config/big-ips.json
# Start the tool
docker-compose up
```

#### Configure Devices To Scrape
### Configure Devices To Scrape
Application Study Tool includes an init container which builds an OpenTelemetry
Collector Configuration file based on a provided list of BIG-IPs in JSON format.

Expand Down Expand Up @@ -58,7 +67,7 @@ Edit config/big-ips.json to reflect your list of BIG-IPs and their access creden
]
```

#### Configure Device Secrets
### Configure Device Secrets
The application study tool default configuration relies on environment variables
which contain device access credentials. There are a number of ways to manage and
inject secrets into a container environment (modifications to the docker-compose file
Expand All @@ -75,7 +84,37 @@ BIGIP_PASSWORD_2=bar-foo123!
The variable name (the part on the left of the equal sign) must match the configured
value for the devices that use this password in config/big-ips.json.

#### Configure CA File
#### Account Permissions
The vast majority of telemetry data can be collected with read-only access to the BigIP. Some
granular stats are only available as output to a iControl Rest 'bash' shell command, and these require
read-write access. If a read-only account is used, the following metrics are unavailable:

```
f5_virtual_server_profile_client_ssl_connection_count{}
f5_virtual_server_profile_client_ssl_bytes_out_total{}
f5_virtual_server_profile_http_responses_total{}
f5_virtual_server_profile_http_requests_total{}
f5_virtual_server_profile_client_ssl_records_out_total{}
f5_plane_cpu_count{}
f5_virtual_server_profile_client_ssl_insecure_handshake_rejects_total{}
f5_virtual_server_profile_client_ssl_premature_disconnects_total{}
f5_virtual_server_profile_client_ssl_renegotiations_total{}
f5_virtual_server_profile_client_ssl_connection_max{}
f5_virtual_server_profile_client_ssl_insecure_handshake_accepts_total{}
f5_virtual_server_profile_client_ssl_bytes_in_total{}
f5_virtual_server_profile_client_ssl_handshake_count{}
f5_virtual_server_profile_client_ssl_records_in_total{}
f5_virtual_server_profile_client_ssl_connection_total{}
f5_policy_ip_intelligence_feed_list_count{}
f5_policy_ip_intelligence_info{}
f5_virtual_server_profile_client_ssl_secure_handshakes_total{}
f5_policy_ip_intelligence_generation{}
f5_plane_cpu_utilization_5s{}
```

This will impact data output in several dashboards/panels (denoted with description fields indicating as such).

### Configure CA File
AST expects a valid TLS cert bundle unless `tls_insecure_skip_verify` is
set to true for each device. In order to mount and use your CA file, you must
configure the docker-compose.yaml file in this directory, and set the `ca_file` parameter to the resulting path. Example:
Expand Down Expand Up @@ -110,7 +149,7 @@ The configuration paramteter `tls_insecure_skip_verify` defaults to false. Insta
that the connection between the OTEL collector and the BIG-IP does not have secure
TLS termination.

#### Configure Grafana
### Configure Grafana
The Grafana instance can be configured via environment variable using their standard
[options](https://grafana.com/docs/grafana/latest/setup-grafana/configure-grafana/#override-configuration-with-environment-variables).

Expand All @@ -122,7 +161,9 @@ cp .env-example .env
<edit .env with desired admin password and any other variables>
```

#### Run Application Study Tool
### Run Application Study Tool
Once the above configurations have been made, the tool can be started with:

```
docker compose up
```
Expand Down
2 changes: 1 addition & 1 deletion VERSION
Original file line number Diff line number Diff line change
@@ -1 +1 @@
v0.2.0
v0.3.0
2 changes: 1 addition & 1 deletion docker-compose.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ services:
command: ["/bin/sh", "/app/init_entrypoint.sh"]

otel-collector:
image: ghcr.io/f5devcentral/application-study-tool/otel_custom_collector:v0.2.0
image: ghcr.io/f5devcentral/application-study-tool/otel_custom_collector:v0.3.0
restart: unless-stopped
volumes:
- otel_collector:/etc/otel-collector-config
Expand Down
41 changes: 9 additions & 32 deletions services/grafana/provisioning/dashboards/bigip/device/top-n.json
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@
"editable": true,
"fiscalYearStartMonth": 0,
"graphTooltip": 0,
"id": 16,
"id": 9,
"links": [],
"panels": [
{
Expand Down Expand Up @@ -252,6 +252,7 @@
"type": "prometheus",
"uid": "PBFA97CFB590B2093"
},
"description": "This panel requires data retrieved from a bash command. If the BigIP account used to scrape the device lacks this permission, it is expected to be blank.",
"fieldConfig": {
"defaults": {
"color": {
Expand Down Expand Up @@ -355,6 +356,7 @@
"type": "prometheus",
"uid": "PBFA97CFB590B2093"
},
"description": "This panel requires data retrieved from a bash command. If the BigIP account used to scrape the device lacks this permission, it is expected to be blank.",
"fieldConfig": {
"defaults": {
"color": {
Expand Down Expand Up @@ -623,32 +625,7 @@
]
}
},
"overrides": [
{
"__systemRef": "hideSeriesFrom",
"matcher": {
"id": "byNames",
"options": {
"mode": "exclude",
"names": [
"Pool: /Common/pool-1 Member: /Common/172.29.67.197:80"
],
"prefix": "All except:",
"readOnly": true
}
},
"properties": [
{
"id": "custom.hideFrom",
"value": {
"legend": false,
"tooltip": false,
"viz": true
}
}
]
}
]
"overrides": []
},
"gridPos": {
"h": 8,
Expand Down Expand Up @@ -1322,6 +1299,7 @@
"type": "prometheus",
"uid": "PBFA97CFB590B2093"
},
"description": "This panel requires data retrieved from a bash command. If the BigIP account used to scrape the device lacks this permission, it is expected to be blank.",
"fieldConfig": {
"defaults": {
"color": {
Expand Down Expand Up @@ -2065,9 +2043,9 @@
"list": [
{
"current": {
"selected": false,
"text": "bigip/Edge1.f5kc.local",
"value": "bigip/Edge1.f5kc.local"
"selected": true,
"text": "bigip/Edge2.f5kc.local",
"value": "bigip/Edge2.f5kc.local"
},
"datasource": {
"type": "prometheus",
Expand Down Expand Up @@ -2118,11 +2096,10 @@
"from": "now-1h",
"to": "now"
},
"timeRangeUpdatedDuringEditOrView": false,
"timepicker": {},
"timezone": "browser",
"title": "Top N",
"uid": "edrjqc81ub85cc",
"version": 5,
"version": 3,
"weekStart": ""
}
Loading

0 comments on commit f3e4fd4

Please sign in to comment.