Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Response Ops][Alerting] Update alerts-as-data ILM policy name to be consistent between framework & rule registry #150334

Merged
merged 11 commits into from
Feb 13, 2023
Merged

[Response Ops][Alerting] Update alerts-as-data ILM policy name to be consistent between framework & rule registry #150334

merged 11 commits into from
Feb 13, 2023

Conversation

ymao1
Copy link
Contributor

@ymao1 ymao1 commented Feb 6, 2023
edited
Loading

Resolves #150331

Summary

In a previous PR we started installing an ILM policy for framework alerts as data when the xpack.alerting.enableFrameworkAlerts config flag is set to true. In that PR we used a different name than what is used by the rule registry even though the policy bodies were the same.

In this PR, we are consolidating the naming of the two ILM policies so that we are only ever installing 1 policy. The xpack.alerting.enableFrameworkAlerts config is used to determine which plugin is responsible for installing the policy. When set to true, the alerting plugin installs the policy. When set the false, the rule registry installs the policy. This is an incremental step toward the alerting framework absorbing all of the resource installation functionality of the rule registry

To Verify

A few things to verify:

  1. Verify that the alerting plugin installs the policy when xpack.alerting.enableFrameworkAlerts=true
  • Set xpack.alerting.enableFrameworkAlerts: true in your Kibana config
  • Start a fresh ES and Kibana instance
  • Verify that an ILM policy with name .alerts-ilm-policy is installed
  • Create a metric threshold rule that creates an alert
  • Verify that there is an index template called .alerts-observability.metrics.alerts-default-index-template that uses the .alerts-ilm-policy policy
  1. Verify that the rule registry installs the policy when xpack.alerting.enableFrameworkAlerts=false
  • Set xpack.alerting.enableFrameworkAlerts: false in your Kibana config
  • Start a fresh ES and Kibana instance
  • Verify that an ILM policy with name .alerts-ilm-policy is installed
  • Create a metric threshold rule that creates an alert
  • Verify that there is an index template called .alerts-observability.metrics.alerts-default-index-template that uses the .alerts-ilm-policy policy
  1. Verify that we can switch between configurations
  • Set xpack.alerting.enableFrameworkAlerts: false in your Kibana config
  • Start a fresh ES and Kibana instance
  • Verify that an ILM policy with name .alerts-ilm-policy is installed
  • Create a metric threshold rule that creates an alert
  • Verify that there is an index template called .alerts-observability.metrics.alerts-default-index-template that uses the .alerts-ilm-policy policy
  • Change xpack.alerting.enableFrameworkAlerts: true
  • Restart Kibana
  • Verify there are no errors, and the rule can still write alerts

@ymao1 ymao1 force-pushed the alerting/faad-resources-ilm branch from f26216a to 16020b2 Compare February 6, 2023 14:43
@ymao1 ymao1 changed the title Update ILM policy to be consistent between framework & rule registry [Response Ops][Alerting] Update alerts-as-data ILM policy name to be consistent between framework & rule registry Feb 6, 2023
@ymao1
Copy link
Contributor Author

ymao1 commented Feb 6, 2023

@elasticmachine merge upstream

@ymao1
Copy link
Contributor Author

ymao1 commented Feb 7, 2023

@elasticmachine merge upstream

@ymao1 ymao1 self-assigned this Feb 8, 2023
@ymao1 ymao1 marked this pull request as ready for review February 8, 2023 14:11
@ymao1 ymao1 requested review from a team as code owners February 8, 2023 14:11
@ymao1 ymao1 added release_note:skip Skip the PR/issue when compiling release notes Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) Feature:Alerting/Alerts-as-Data Issues related to Alerts-as-data and RuleRegistry v8.8.0 labels Feb 8, 2023
@elasticmachine
Copy link
Contributor

Pinging @elastic/response-ops (Team:ResponseOps)

@ymao1
Copy link
Contributor Author

ymao1 commented Feb 9, 2023

@elasticmachine merge upstream

@ymao1
Copy link
Contributor Author

ymao1 commented Feb 13, 2023

@elasticmachine merge upstream

doakalexi
doakalexi approved these changes Feb 13, 2023
View reviewed changes
Copy link
Contributor

@doakalexi doakalexi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested locally and works as expected, LGTM!

mikecote
mikecote approved these changes Feb 13, 2023
View reviewed changes
Copy link
Contributor

@mikecote mikecote left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changes LGTM! I tested locally in various scenarios and the policy was managed as expected.

@ymao1
Copy link
Contributor Author

ymao1 commented Feb 13, 2023

@elasticmachine merge upstream

@kibana-ci
Copy link
Collaborator

💚 Build Succeeded

Metrics [docs]

Public APIs missing comments

Total count of every public API that lacks a comment. Target amount is 0. Run node scripts/build_api_docs --plugin [yourplugin] --stats comments for more detailed information.

id before after diff
alerting 466 477 +11
Unknown metric groups

API count

id before after diff
alerting 476 488 +12

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @ymao1

@ymao1 ymao1 merged commit e8c18a1 into elastic:main Feb 13, 2023
@kibanamachine kibanamachine added the backport:skip This commit does not require backporting label Feb 13, 2023
@ymao1 ymao1 deleted the alerting/faad-resources-ilm branch February 13, 2023 23:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@doakalexi doakalexi doakalexi approved these changes

@mikecote mikecote mikecote approved these changes

Assignees

@ymao1 ymao1

Labels
backport:skip This commit does not require backporting Feature:Alerting/Alerts-as-Data Issues related to Alerts-as-data and RuleRegistry release_note:skip Skip the PR/issue when compiling release notes Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) v8.8.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Response Ops][Alerting] Align FAAD ILM installation with Rule Registry
6 participants
@ymao1 @elasticmachine @kibana-ci @mikecote @doakalexi @kibanamachine