Subscribing to AOM Metrics or Alarms

Constraints

• The data subscription function is not generally available. To use it, submit a service ticket.
• A maximum of 10 data subscription rules can be created.
• Webhook subscription is not yet generally available. If you need this function, submit a service ticket.
• Before using data subscription, you need to authorize AOM to access other cloud services. For details, see Authorizing AOM to Access Other Cloud Services.

Creating a Subscription Rule

1. Log in to the AOM 2.0 console.
2. In the navigation pane on the left, choose Settings > Global Settings.
3. In the navigation pane on the left, choose Data Subscription. Click Create Subscription Rule. On the displayed page, set Subscription Content to Distributed Message Service (DMS) or Webhook as required.
   • When Subscription Content is set to Distributed Message Service (DMS):
     1. Set parameters by referring to Table 1 and click OK.

        Table 1 Subscription rule parameters

        Parameter	Description
        Rule Name	Name of a subscription rule. Only letters, digits, hyphens (-), and underscores (_) are allowed. Enter up to 64 characters starting with a letter.
        Subscription Content	Select Distributed Message Service (DMS).
        Data Type	Options: Metric and Alarm.
        Instance	Select a DMS instance from the drop-down list. If the existing DMS instances do not meet your requirements, click Create DMS Instance to create one.

     2. On the Rule Details page, click Create a network connection channel. (If AOM needs to communicate with DMS instances across VPCs, you can create a network connection channel.)
     3. Verify the DMS instance connectivity.

        To subscribe data to DMS, ensure that you have created the apm_admin_trust agency on IAM. For details about how to create the apm_admin_trust agency, see Creating the apm_admin_trust Agency.

        • If Ciphertext Access is enabled, data subscription supports only the DMS instance with Security Protocol set to SASL_SSL and SASL/PLAIN enabled.
        • If the function of creating a network connection channel is supported, ensure that an inbound rule is added to allow traffic from source IP address 198.19.128.0/20 on port 9011. To set a security group rule, do as follows:
          1. Log in to the management console.
          2. Click in the upper left corner and choose Networking > Virtual Private Cloud.
          3. In the navigation pane, choose Access Control > Security Groups. Then, locate the security group corresponding to the DMS instance and click Manage Rule in the Operation column.
          4. On the Inbound Rules tab page, click Add Rule to allow the network traffic from source IP address 198.19.128.0/20 on port 9011.
             Figure 1 Adding an inbound rule
             
     4. Enter the DMS username and password. Only when the access mode of the DMS instance is set to ciphertext access will you need to enter the DMS username and password.
     5. Click Verify and Save DMS Configuration.
     6. Select a topic for transmitting data and click OK.
   • Set Subscription Content to Webhook.
     Set parameters by referring to Table 2 and click OK.

     Table 2 Subscription rule parameters

     Parameter	Description
     Rule Name	Name of a subscription rule. Only letters, digits, hyphens (-), and underscores (_) are allowed. Enter up to 64 characters starting with a letter.
     Subscription Content	Select Webhook.
     Self-built Prometheus Instance's Remote Write Address	Enter the remote write address of the Prometheus instance on the user side as the destination to which metrics are sent. Select a protocol used to send requests from the drop-down list box. HTTPS is recommended.
     Data Type	Default: Metric
     Prometheus Instance	Select the Prometheus instance whose metrics need to be forwarded. All common Prometheus instances under your account are displayed in the drop-down list.
     Authentication Mode	Authentication mode for accessing a self-built Prometheus instance. Basic: Enter the username and password of the Prometheus instance. Token: A token is required for authentication. None: No authentication is required.

     After the rule is created, you can view it in the rule list.

Data Subscription Format

• Metric data example (JSON)

  package metric
  
  type MetricDatas struct {
     Metrics   []Metrics `json:"metrics"`
     ProjectId string    `json:"project_id"`
  }
  
  type Metrics struct {
     Metric      Metric  `json:"metric"`
     Values      []Value `json:"values"`
     CollectTime int64   `json:"collect_time"`
  }
  
  type Metric struct {
     Namespace  string      `json:"namespace"`
     Dimensions []Dimension `json:"dimensions"`
  }
  
  type Value struct {
     Value           interface{} `json:"value"`
     Type            string      `json:"type"`
     Unit            string      `json:"unit"`
     StatisticValues string      `json:"statisticvalues"`
     MetricName      string      `json:"metric_name"`
  }
  
  type Dimension struct {
     Name  string `json:"name"`
     Value string `json:"value"`
  }
  

• Kafka message example

  key:,
  value:{"metrics":[{"metric":{"namespace":"PAAS.NODE","dimensions":[{"name":"nodeName","value":"test-aom-4-vss-cop-master-1"},{"name":"nodeIP","value":"1.1.1.1"},{"name":"hostID","value":"75d97111-4734-4c6c-ae9e-f6111111111"},{"name":"nameSpace","value":"default"},{"name":"clusterId","value":"46a7bc0d-1d8b-11ea-9b04-333333333333333"},{"name":"clusterName","value":"test-aom-4-vss-111"},{"name":"diskDevice","value":"vda"},{"name":"master","value":"true"}]},"values":[{"value":0,"type":"","unit":"Kilobytes/Second","statisticvalues":"","metric_name":"diskReadRate"},{"value":30.267,"type":"","unit":"Kilobytes/Second","statisticvalues":"","metric_name":"diskWriteRate"}],"collect_time":1597821030037}],"project_id":"111111111111111111111"}

• Alarm data format

  Example:

  {
      "events": [{
          "id": "4346299651651991683",
          "starts_at": 1597822250194,
          "ends_at": 0,
          "arrives_at": 1597822250194,
          "timeout": 300000,
          "resource_group_id": "312313123112222222222232131312131",
          "metadata": {
              "kind": "Pod",
              "event_severity": "Major",
              "resource_type": "service",
              "clusterId": "6add4ef5-1358-11ea-a5bf-111111111",
              "event_type": "alarm",
              "clusterName": "cce-ief-4516140c-96ca-4a5f-8d85-1111111",
              "namespace": "PAAS.NODE",
              "name": "test15769793809553052-f5557bd7f-qnfkm",
              "event_name": "FailedScheduling",
              "resource_id": "clusterName=cce-ief-4516140c-96ca-4a5f-8d85-111111;clusterID=6add4ef5-1358-11ea-a5bf-11111111111;kind=Pod;namespace=30d5758f166947c6b164af604a654b09;name=test15769793809553052-f5557bd7f-qnfkm;uid=589fc746-245d-11ea-a465-fa163e5fc15d",
              "nameSpace": "30d5758f166947c6b164af604a654b09",
              "resource_provider": "CCE",
              "nodeID": "589fc746-245d-11ea-a465-fa163e5fc15d"
          },
          "annotations": {
              "alarm_probableCause_zh_cn": "FailedScheduling",
              "alarm_probableCause_en_us": "FailedScheduling",
              "message": "0/110 nodes are available: 1 node(s) had taints that the pod didn't tolerate, 109 node(s) didn't match node selector."
          },
          "attach_rule": {
              
          }
      }],
      "project_id": "312313123112222222222232131312131"
  }

  Parameter description:

  Table 3 Alarm parameters

  Parameter	Type	Description
  events	Array of objects. For details, see Table 4.	Event or alarm details.
  project_id	String	Project ID obtained from IAM. Generally, a project ID contains 32 characters.

  Table 4 Event model

  Parameter	Type	Description
  id	String	Event or alarm ID, which is automatically generated by the system.
  starts_at	Long	Time when an event or alarm is generated. The value is a UTC timestamp precise down to the millisecond.
  ends_at	Long	Time when an event or alarm is cleared. The value is a UTC timestamp precise down to the millisecond. If the value is 0, the event or alarm has not been deleted.
  arrives_at	Long	Time when an event or alarm reaches AOM. The value is a UTC timestamp precise down to the millisecond.
  timeout	Long	Duration at which an alarm is automatically cleared. Unit: ms. For example, if the duration is 1 minute, set this parameter to 60000. The default duration is five days.
  resource_group_id	String	Reserved field for a resource group. The default value is the same as the value of projectid.
  metadata	Object	Details of an event or alarm. The value is a key-value pair. The following fields are mandatory: event_name: event or alarm name. It is a string. event_severity: event severity, which is an enumerated value. It is a string. Options: Critical, Major, Minor, and Info. event_type: event type, which is an enumerated value. It is a string. Options: event and alarm. resource_provider: name of a cloud service corresponding to an event. It is a string. resource_type: resource type corresponding to an event. It is a string. resource_id: ID of the resource corresponding to the event. It is a string.
  annotations	Object	Additional field for an event or alarm, which can be left blank.
  attach_rule	Object	Reserved field for an event or alarm, which can be left blank.

Creating the apm_admin_trust Agency

1. Log in to the IAM console.
2. In the navigation pane, choose Agencies.
3. On the page that is displayed, click Create Agency in the upper right corner. The Create Agency page is displayed.
4. Set parameters by referring to Table 5.

   Table 5 Parameters for creating an agency

   Parameter	Description	Example
   Agency Name	Set an agency name. The agency name must be apm_admin_trust.	-
   Agency Type	Select Cloud service.	Cloud service
   Cloud Service	Select Application Operations Management (AOM).	-
   Validity Period	Select Unlimited.	Unlimited
   Description	(Optional) Provide details about the agency.	-

5. Click OK. In the displayed dialog box, click Authorize Agency.
6. On the Select Policy/Role tab page, select DMS UserAccess and click Next.

   DMS UserAccess: Common user permissions for DMS, excluding permissions for creating, modifying, deleting, scaling up instances and dumping.

7. On the Select Scope tab page, set Scope to Region-specific Projects and select target projects under Project [Region].
8. Click OK.

Follow-up Operations

After the data subscription rule is created, AOM will send data to your DMS or webhook topic so that you can retrieve the subscribed metrics or alarms.