Breaking changes: the binary is now named prometheus-alertmanager

New systemd service prometheus-alertmanager

Added man pages

Service now run under prometheus user

New config file in /etc/default

README.templates

@@ -0,0 +1,4 @@
+Place here custom template definitions for the Alert Manager.
+
+The default templates are defined in
+/usr/share/prometheus/alertmanager/default.tmpl

defaults-paths.patch

@@ -0,0 +1,88 @@
+Description: Change default paths to match Debian packaging
+Forwarded: not-needed
+Author: Martina Ferrari <tina@debian.org>
+Last-Update: 2019-10-29
+
+---
+ README.md                |    2 +-
+ cli/root.go              |    8 ++++----
+ cli/silence_add.go       |    5 ++++-
+ cmd/alertmanager/main.go |    4 ++--
+ 4 files changed, 11 insertions(+), 8 deletions(-)
+
+--- a/cmd/alertmanager/main.go
++++ b/cmd/alertmanager/main.go
+@@ -186,8 +186,8 @@ func run() int {
+ 	}
+ 
+ 	var (
+-		configFile      = kingpin.Flag("config.file", "Alertmanager configuration file name.").Default("alertmanager.yml").String()
+-		dataDir         = kingpin.Flag("storage.path", "Base path for data storage.").Default("data/").String()
++		configFile      = kingpin.Flag("config.file", "Alertmanager configuration file name.").Default("/etc/prometheus/alertmanager.yml").String()
++		dataDir         = kingpin.Flag("storage.path", "Base path for data storage.").Default("/var/lib/prometheus/alertmanager/").String()
+ 		retention       = kingpin.Flag("data.retention", "How long to keep data for.").Default("120h").Duration()
+ 		alertGCInterval = kingpin.Flag("alerts.gc-interval", "Interval between alert GC.").Default("30m").Duration()
+ 
+--- a/cli/root.go
++++ b/cli/root.go
+@@ -42,7 +42,7 @@ var (
+ 	tlsInsecureSkipVerify bool
+ 	versionCheck          bool
+ 
+-	configFiles = []string{os.ExpandEnv("$HOME/.config/amtool/config.yml"), "/etc/amtool/config.yml"}
++	configFiles = []string{os.ExpandEnv("$HOME/.config/prometheus/amtool.yml"), "/etc/prometheus/amtool.yml"}
+ 	legacyFlags = map[string]string{"comment_required": "require-comment"}
+ )
+ 
+@@ -124,7 +124,7 @@ func Execute() {
+ 	format.InitFormatFlags(app)
+ 
+ 	app.Flag("verbose", "Verbose running information").Short('v').BoolVar(&verbose)
+-	app.Flag("alertmanager.url", "Alertmanager to talk to").URLVar(&alertmanagerURL)
++	app.Flag("alertmanager.url", "Alertmanager to talk to").Default("http://localhost:9093/").URLVar(&alertmanagerURL)
+ 	app.Flag("output", "Output formatter (simple, extended, json)").Short('o').Default("simple").EnumVar(&output, "simple", "extended", "json")
+ 	app.Flag("timeout", "Timeout for the executed command").Default("30s").DurationVar(&timeout)
+ 	app.Flag("tls.insecure.skip.verify", "Skip TLS certificate verification").BoolVar(&tlsInsecureSkipVerify)
+@@ -162,8 +162,8 @@ const (
+ 
+ Config File:
+ The alertmanager tool will read a config file in YAML format from one of two
+-default config locations: $HOME/.config/amtool/config.yml or
+-/etc/amtool/config.yml
++default config locations: $HOME/.config/prometheus/amtool.yml or
++/etc/prometheus/amtool.yml
+ 
+ All flags can be given in the config file, but the following are the suited for
+ static configuration:
+--- a/README.md
++++ b/README.md
+@@ -307,7 +307,7 @@ amtool template render --template.glob='
+ 
+ ### Configuration
+ 
+-`amtool` allows a configuration file to specify some options for convenience. The default configuration file paths are `$HOME/.config/amtool/config.yml` or `/etc/amtool/config.yml`
++`amtool` allows a configuration file to specify some options for convenience. The default configuration file paths are `$HOME/.config/prometheus/amtool/config.yml` or `/etc/prometheus/amtool/config.yml`
+ 
+ An example configuration file might look like the following:
+ 
+--- a/cli/silence_add.go
++++ b/cli/silence_add.go
+@@ -75,7 +75,7 @@ func configureSilenceAddCmd(cc *kingpin.
+ 		c      = &silenceAddCmd{}
+ 		addCmd = cc.Command("add", silenceAddHelp)
+ 	)
+-	addCmd.Flag("author", "Username for CreatedBy field").Short('a').Default(username()).StringVar(&c.author)
++	addCmd.Flag("author", "Username for CreatedBy field").Short('a').StringVar(&c.author)
+ 	addCmd.Flag("require-comment", "Require comment to be set").Hidden().Default("true").BoolVar(&c.requireComment)
+ 	addCmd.Flag("duration", "Duration of silence").Short('d').Default("1h").StringVar(&c.duration)
+ 	addCmd.Flag("start", "Set when the silence should start. RFC3339 format 2006-01-02T15:04:05-07:00").StringVar(&c.start)
+@@ -108,6 +108,9 @@ func (c *silenceAddCmd) add(ctx context.
+ 		return fmt.Errorf("no matchers specified")
+ 	}
+ 
++	if c.author == "" {
++		c.author = username()
++	}
+ 	var endsAt time.Time
+ 	if c.end != "" {
+ 		endsAt, err = time.Parse(time.RFC3339, c.end)

golang-github-prometheus-alertmanager.spec

@@ -1,5 +1,6 @@
 # Generated by go2rpm 1.5.0
 %bcond_without check
+%global shortname prometheus-alertmanager
 
 # https://github.com/prometheus/alertmanager
 %global goipath         github.com/prometheus/alertmanager
@@ -24,9 +25,17 @@ Summary:        Prometheus Alertmanager
 License:        ASL 2.0
 URL:            %{gourl}
 Source0:        %{gosource}
+Source1:        %{shortname}.service
+Source2:        %{shortname}.sysusers
+Source3:        %{shortname}.conf
+Source4:        %{shortname}.yml
+Source5:        README.templates
+# Replace defaults paths for config files
+Patch0:         defaults-paths.patch
 
 ExcludeArch:    s390x
 
+BuildRequires:  systemd-rpm-macros
 BuildRequires:  golang(github.com/alecthomas/units)
 BuildRequires:  golang(github.com/cenkalti/backoff/v4)
 BuildRequires:  golang(github.com/cespare/xxhash)
@@ -85,8 +94,14 @@ BuildRequires:  golang(github.com/kylelemons/godebug/pretty)
 
 %prep
 %goprep
+%patch0 -p1
 
 %build
+LDFLAGS="-X github.com/prometheus/common/version.Version=%{version}  \
+         -X github.com/prometheus/common/version.Revision=%{release} \
+         -X github.com/prometheus/common/version.Branch=tarball      \
+         -X github.com/prometheus/common/version.BuildDate=$(date -u -d@$SOURCE_DATE_EPOCH +%%Y%%m%%d)"
+
 for cmd in cmd/* ; do
   %gobuild -o %{gobuilddir}/bin/$(basename $cmd) %{goipath}/$cmd
 done
@@ -95,6 +110,44 @@ done
 %gopkginstall
 install -m 0755 -vd                     %{buildroot}%{_bindir}
 install -m 0755 -vp %{gobuilddir}/bin/* %{buildroot}%{_bindir}/
+mv %{buildroot}%{_bindir}/alertmanager %{buildroot}%{_bindir}/%{shortname}
+pushd %{buildroot}%{_bindir}
+ln -s %{shortname} alertmanager
+popd
+
+install -Dpm0644 %{S:4} %{buildroot}%{_sysconfdir}/prometheus/alertmanager.yml
+install -Dpm0644 %{S:5} %{buildroot}%{_sysconfdir}/prometheus/alertmanager_templates/README.templates
+install -dm750 %{buildroot}%{_sharedstatedir}/prometheus/alertmanager
+
+install -Dm0644 %{S:1} %{buildroot}%{_unitdir}/%{shortname}.service
+install -Dm0644 %{S:2} %{buildroot}%{_sysusersdir}/%{shortname}.conf
+install -Dm0644 %{S:3} %{buildroot}%{_sysconfdir}/default/%{shortname}
+install -Dpm0644 template/default.tmpl %{buildroot}/%{_datadir}/prometheus/alertmanager/template/default.tmpl
+
+# Build man pages.
+mkdir -vp %{buildroot}/%{_mandir}/man1/
+%{buildroot}%{_bindir}/%{shortname} --help-man > \
+    %{buildroot}/%{_mandir}/man1/%{shortname}.1
+%{buildroot}%{_bindir}/amtool --help-man > \
+    %{buildroot}/%{_mandir}/man1/amtool.1
+sed -i '/^  /d; /^.SH "NAME"/,+1c.SH "NAME"\nprometheus-alertmanager \\- The Prometheus alert manager' \
+    %{buildroot}/%{_mandir}/man1/%{shortname}.1
+sed -i '/^  /d; /^.SH "NAME"/,+1c.SH "NAME"\namtool \\- Tooling for the Prometheus alert manager' \
+    %{buildroot}/%{_mandir}/man1/amtool.1
+# Fix executable path in amtool examples
+sed -i 's/\.\/amtool/amtool/' %{buildroot}/%{_mandir}/man1/amtool.1
+
+%pre
+%sysusers_create_compat %{SOURCE2}
+
+%post
+%systemd_post %{shortname}.service
+
+%preun
+%systemd_preun %{shortname}.service
+
+%postun
+%systemd_postun_with_restart %{shortname}.service
 
 %if %{with check}
 %check
@@ -105,6 +158,16 @@ install -m 0755 -vp %{gobuilddir}/bin/* %{buildroot}%{_bindir}/
 %license COPYRIGHT.txt LICENSE NOTICE
 %doc doc examples MAINTAINERS.md README.md CHANGELOG.md SECURITY.md
 %{_bindir}/*
+%{_datadir}/prometheus
+%{_mandir}/man1/%{shortname}.1*
+%{_mandir}/man1/amtool.1*
+%dir %{_sysconfdir}/prometheus
+%config(noreplace) %{_sysconfdir}/prometheus/alertmanager.yml
+%{_sysconfdir}/prometheus/alertmanager_templates
+%config(noreplace) %{_sysconfdir}/default/%{shortname}
+%attr(0750,prometheus,prometheus) %{_sharedstatedir}/prometheus
+%{_sysusersdir}/%{shortname}.conf
+%{_unitdir}/%{shortname}.service
 
 %gopkgfiles
 

prometheus-alertmanager.conf

@@ -0,0 +1,77 @@
+# Set the command-line arguments to pass to the server.
+# Due to shell scaping, to pass backslashes for regexes, you need to double
+# them (\\d for \d). If running under systemd, you need to double them again
+# (\\\\d to mean \d), and escape newlines too.
+ARGS=''
+
+# prometheus-alertmanager supports the following options:
+#
+#  --alerts.gc-interval=30m
+#    Interval between alert GC.
+#  --cluster.advertise-address=CLUSTER.ADVERTISE-ADDRESS
+#    Explicit address to advertise in cluster.
+#  --cluster.gossip-interval=200ms
+#    Interval between sending gossip messages. By lowering this value (more
+#    frequent) gossip messages are propagated across the cluster more quickly
+#    at the expense of increased bandwidth.
+#  --cluster.listen-address="0.0.0.0:9094"
+#    Listen address for cluster. Set to empty string to disable HA mode.
+#  --cluster.peer-timeout=15s
+#    Time to wait between peers to send notifications.
+#  --cluster.peer=CLUSTER.PEER...
+#    Initial peers (may be repeated).
+#  --cluster.probe-interval=1s
+#    Interval between random node probes. Setting this lower (more frequent)
+#    will cause the cluster to detect failed nodes more quickly at the expense
+#    of increased bandwidth usage.
+#  --cluster.probe-timeout=500ms
+#    Timeout to wait for an ack from a probed node before assuming it is
+#    unhealthy. This should be set to 99-percentile of RTT (round-trip time) on
+#    your network.
+#  --cluster.pushpull-interval=1m0s
+#    Interval for gossip state syncs. Setting this interval lower (more
+#    frequent) will increase convergence speeds across larger clusters at the
+#    expense of increased bandwidth usage.
+#  --cluster.reconnect-interval=10s
+#    Interval between attempting to reconnect to lost peers.
+#  --cluster.reconnect-timeout=6h0m0s
+#    Length of time to attempt to reconnect to a lost peer.
+#  --cluster.settle-timeout=1m0s
+#    Maximum time to wait for cluster connections to settle before evaluating
+#    notifications.
+#  --cluster.tcp-timeout=10s
+#    Timeout for establishing a stream connection with a remote node for a full
+#    state sync, and for stream read and write operations.
+#  --config.file="/etc/prometheus/alertmanager.yml"
+#    Alertmanager configuration file name.
+#  --data.retention=120h
+#    How long to keep data for.
+#  --log.format=logfmt
+#    Output format of log messages. One of: [logfmt, json].
+#  --log.level=info
+#    Only log messages with the given severity or above. One of: [debug, info,
+#    warn, error].
+#  --storage.path="/var/lib/prometheus/alertmanager/"
+#    Base path for data storage.
+#  --template.default="/usr/share/prometheus/alertmanager/default.tmpl"
+#    Path to default notification template.
+#  --web.config.file=""
+#    [EXPERIMENTAL] Path to configuration file that can enable TLS or
+#    authentication.
+#  --web.external-url=WEB.EXTERNAL-URL
+#    The URL under which Alertmanager is externally reachable (for example, if
+#    Alertmanager is served via a reverse proxy). Used for generating relative
+#    and absolute links back to Alertmanager itself. If the URL has a path
+#    portion, it will be used to prefix all HTTP endpoints served by
+#    Alertmanager. If omitted, relevant URL components will be derived
+#    automatically.
+#  --web.get-concurrency=0
+#    Maximum number of GET requests processed concurrently. If negative or
+#    zero, the limit is GOMAXPROC or 8, whichever is larger.
+#  --web.listen-address=":9093"
+#    Address to listen on for the web interface and API.
+#  --web.route-prefix=WEB.ROUTE-PREFIX
+#    Prefix for the internal routes of web endpoints. Defaults to path of
+#    --web.external-url.
+#  --web.timeout=0
+#    Timeout for HTTP requests. If negative or zero, no timeout is set.

prometheus-alertmanager.service

@@ -0,0 +1,17 @@
+[Unit]
+Description=Alertmanager for Prometheus
+Documentation=https://prometheus.io/docs/alerting/alertmanager/
+Requires=network-online.target
+After=network-online.target
+
+[Service]
+Restart=on-failure
+User=prometheus
+EnvironmentFile=/etc/default/prometheus-alertmanager
+ExecStart=/usr/bin/prometheus-alertmanager $ARGS
+ExecReload=/bin/kill -HUP $MAINPID
+TimeoutStopSec=20s
+SendSIGKILL=no
+
+[Install]
+WantedBy=multi-user.target

prometheus-alertmanager.sysusers

@@ -0,0 +1,2 @@
+#Type Name         ID  GECOS                        Home directory        Shell
+u     prometheus   -   "Prometheus user account"    /var/lib/prometheus   /sbin/nologin

prometheus-alertmanager.yml

@@ -0,0 +1,116 @@
+# Sample configuration.
+# See https://prometheus.io/docs/alerting/configuration/ for documentation.
+
+global:
+  # The smarthost and SMTP sender used for mail notifications.
+  smtp_smarthost: 'localhost:25'
+  smtp_from: 'alertmanager@example.org'
+  smtp_auth_username: 'alertmanager'
+  smtp_auth_password: 'password'
+
+# The directory from which notification templates are read.
+templates: 
+- '/etc/prometheus/alertmanager_templates/*.tmpl'
+
+# The root route on which each incoming alert enters.
+route:
+  # The labels by which incoming alerts are grouped together. For example,
+  # multiple alerts coming in for cluster=A and alertname=LatencyHigh would
+  # be batched into a single group.
+  group_by: ['alertname', 'cluster', 'service']
+
+  # When a new group of alerts is created by an incoming alert, wait at
+  # least 'group_wait' to send the initial notification.
+  # This way ensures that you get multiple alerts for the same group that start
+  # firing shortly after another are batched together on the first 
+  # notification.
+  group_wait: 30s
+
+  # When the first notification was sent, wait 'group_interval' to send a batch
+  # of new alerts that started firing for that group.
+  group_interval: 5m
+
+  # If an alert has successfully been sent, wait 'repeat_interval' to
+  # resend them.
+  repeat_interval: 3h 
+
+  # A default receiver
+  receiver: team-X-mails
+
+  # All the above attributes are inherited by all child routes and can 
+  # overwritten on each.
+
+  # The child route trees.
+  routes:
+  # This routes performs a regular expression match on alert labels to
+  # catch alerts that are related to a list of services.
+  - match_re:
+      service: ^(foo1|foo2|baz)$
+    receiver: team-X-mails
+    # The service has a sub-route for critical alerts, any alerts
+    # that do not match, i.e. severity != critical, fall-back to the
+    # parent node and are sent to 'team-X-mails'
+    routes:
+    - match:
+        severity: critical
+      receiver: team-X-pager
+  - match:
+      service: files
+    receiver: team-Y-mails
+
+    routes:
+    - match:
+        severity: critical
+      receiver: team-Y-pager
+
+  # This route handles all alerts coming from a database service. If there's
+  # no team to handle it, it defaults to the DB team.
+  - match:
+      service: database
+    receiver: team-DB-pager
+    # Also group alerts by affected database.
+    group_by: [alertname, cluster, database]
+    routes:
+    - match:
+        owner: team-X
+      receiver: team-X-pager
+    - match:
+        owner: team-Y
+      receiver: team-Y-pager
+
+
+# Inhibition rules allow to mute a set of alerts given that another alert is
+# firing.
+# We use this to mute any warning-level notifications if the same alert is 
+# already critical.
+inhibit_rules:
+- source_match:
+    severity: 'critical'
+  target_match:
+    severity: 'warning'
+  # Apply inhibition if the alertname is the same.
+  equal: ['alertname', 'cluster', 'service']
+
+
+receivers:
+- name: 'team-X-mails'
+  email_configs:
+  - to: 'team-X+alerts@example.org'
+
+- name: 'team-X-pager'
+  email_configs:
+  - to: 'team-X+alerts-critical@example.org'
+  pagerduty_configs:
+  - service_key: <team-X-key>
+
+- name: 'team-Y-mails'
+  email_configs:
+  - to: 'team-Y+alerts@example.org'
+
+- name: 'team-Y-pager'
+  pagerduty_configs:
+  - service_key: <team-Y-key>
+
+- name: 'team-DB-pager'
+  pagerduty_configs:
+  - service_key: <team-DB-key>