A Kubernetes operator that creates UptimeRobot monitors for your ingresses

Last update: Dec 14, 2022

Overview

uptimerobot-operator

This operator automatically creates uptime monitors at UptimeRobot for your Kubernetes Ingress resources. This allows you to easily integrate uptime monitoring of your services into your Kubernetes deployments.

⚠️ This project is still in an early phase. Use it on your own risk but make sure to create issues for issues you encounter.

❤️ to UptimeRobot for providing a pro account to be able to test the pro plan features!

Usage

After installing the uptimerobot-operator it'll watch for Ingress resources in your Kubernetes cluster. For example after creating the following Ingress

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: my-ingress
  annotations:
    uroperator.brennerm.github.io/monitor.type: HTTPS
    uroperator.brennerm.github.io/monitor.interval: "600"
spec:
  rules:
  - host: brennerm.github.io
    http:
      paths:
      - pathType: Prefix
        path: "/"
        backend:
          service:
            name: service1
            port:
              number: 80

a new monitor for the URL https://brennerm.github.io is automatically being created in your UptimeRobot account.

The same monitor can also be created using the UptimeRobotMonitor resource like so:

apiVersion: uroperator.brennerm.github.io/v1beta1
kind: UptimeRobotMonitor
metadata:
  name: my-custom-monitor
spec:
  url: "https://brennerm.github.io"
  type: HTTPS
  interval: 600

The operator also supports creating public status pages. See below for details.

Installation

Create an UptimeRobot API key

Create an or login to your UptimeRobot account (no credit card required and they provide up to 50 monitors for free)
Go to "My Settings"
Generate and save "Main API Key" (the other API keys do not provide sufficient permissions to create, update and delete monitors)

Deploying to Kubernetes using Helm

Add the uptimerobot-operator chart repo helm repo add uptimerobot-operator https://brennerm.github.io/uptimerobot-operator/helm
Deploy the Helm chart helm upgrade --install uptimerobot-operator uptimerobot-operator --set uptimeRobotApiKey=$MY_UPTIMEROBOT_API_KEY

Have a look at the values file if you want to customize the deployment.

Running local

ℹ️ The following commands will make the operator work with your currently selected Kubernetes cluster (kubectl config current-context).

Install all dependencies pipenv install
Set UptimeRobot API key export UPTIMEROBOT_API_KEY=$MY_UPTIMEROBOT_API_KEY
Start operator kopf run --standalone ur_operator/handlers.py

Running in self-built Docker

Build Docker image docker build -t uptimerobot-operator .
Start container docker run -e UPTIMEROBOT_API_KEY=$MY_UPTIMEROBOT_API_KEY -v ~/.kube:/home/ur_operator/.kube uptimerobot-operator

Running in pre-built Docker

Start container docker run -e UPTIMEROBOT_API_KEY=$MY_UPTIMEROBOT_API_KEY -v ~/.kube:/home/ur_operator/.kube ghcr.io/brennerm/uptimerobot-operator:latest

Documentation

UptimeRobotMonitor

The UptimeRobotMonitor resource supports all current parameters for monitors that UptimeRobot offers. Below you can find a list that contains all of them.

key	type	description
`url` (required)	`string`	URL that will be monitored
`type` (required)	`string`	Type of monitor, one of: HTTP,HTTPS,KEYWORD,PING,PORT,HEARTBEAT
`friendlyName`	`string`	Friendly name of monitor, defaults to name of UptimeRobotMonitor object
`subType`	`string`	Subtype of monitor, one of: HTTP,HTTPS,KEYWORD,PING,PORT,HEARTBEAT
`port`	`integer`	Port to monitor when using monitor sub type PORT
`keywordType`	`string`	Keyword type when using monitor type KEYWORD, one of: EXISTS,NOT_EXISTS
`keywordValue`	`string`	Keyword value when using monitor type KEYWORD
`interval`	`integer`	The interval for the monitoring check (300 seconds by default)
`httpUsername`	`string`	Used for password protected pages when using monitor type HTTP,HTTP or KEYWORD, deprecated: use httpAuthSecret
`httpPassword`	`string`	Used for password protected pages when using monitor type HTTP,HTTP or KEYWORD, deprecated: use httpAuthSecret
`httpAuthSecret`	`string`	reference to a Kubernetes secret in the same namespace containing user and password for password protected pages when using monitor type HTTP,HTTPS or KEYWORD
`httpAuthType`	`string`	Used for password protected pages when using monitor type HTTP,HTTPS or KEYWORD, one of: BASIC_AUTH,DIGEST
`httpMethod`	`string`	The HTTP method to be used, one of: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
`postType`	`string`	The format of data to be sent with POST, PUT, PATCH, DELETE, OPTIONS requests
`postContentType`	`string`	The Content-Type header to be sent with POST, PUT, PATCH, DELETE, OPTIONS requests, one of: TEXT_HTML,APPLICATION_JSON
`postValue`	`object`	The data to be sent with POST, PUT, PATCH, DELETE, OPTIONS requests
`customHttpHeaders`	`object`	Custom HTTP headers to be sent along monitor request, formatted as JSON
`customHttpStatuses`	`string`	Allows to define HTTP status codes that will be handled as up or down, e.g. 404:0_200:1 to accept 404 as down and 200 as up
`ignoreSslErrors`	`boolean`	Flag to ignore SSL certificate related issues
`alertContacts`	`string`	Alert contacts to be notified when monitor goes up or down. For syntax check https://uptimerobot.com/api/#newMonitorWrap
`mwindows`	`string`	Maintenance window IDs for this monitor

Ingress

For Ingress resources the same parameters are supported. You pass them through annotations attached to your Ingress with the prefix uroperator.brennerm.github.io/monitor.. See below for an example.

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: my-ingress
  annotations:
    uroperator.brennerm.github.io/monitor.type: HTTPS
    uroperator.brennerm.github.io/monitor.interval: "600"
spec:
  rules:
...

To disable ingress handling completely pass the environment variable URO_DISABLE_INGRESS_HANDLING=1 to the operator.

Public Status Pages

The PublicStatusPage resource supports all current parameters for status pages that UptimeRobot offers. Below you can find a list that contains all of them.

key	type	description
`monitors` (required)	`string`	the list of monitor IDs to be displayed in status page (the values are seperated with "-" or 0 for all monitors)
`friendlyName`	`string`	Friendly name of public status page, defaults to name of PublicStatusPage object
`customDomain`	`string`	the domain or subdomain that the status page will run on
`password`	`string`	the password for the status page, deprecated: use passwordSecret
`passwordSecret`	`string`	reference to a Kubernetes secret in the same namespace containing the password for the status page
`sort`	`string`	the sorting of the monitors on the status page, one of: FRIENDLY_NAME_A_Z,FRIENDLY_NAME_Z_A,STATUS_UP_DOWN_PAUSED,STATUS_DOWN_UP_PAUSED
`status`	`string`	the status of the status page, one of: PAUSED,ACTIVE
`hideUrlLinks`	`boolean`	Flag to remove the UptimeRobot link from the status page (pro plan feature)

apiVersion: uroperator.brennerm.github.io/v1beta1
kind: PublicStatusPage
metadata:
  name: my-public-status-page
spec:
  monitors: "0" # will include all monitors

Maintenance Windows

The MaintenanceWindow resource supports all current parameters for maintenance windows that UptimeRobot offers. Below you can find a list that contains all of them.

key	type	description
`type` (required)	`string`	the type of maintenance window, one of: ONCE,DAILY,WEEKLY,MONTHLY
`startTime` (required)	`string`	the start time of the maintenance window, in seconds since epoch for type MaintenanceWindowType.ONCE, in HH:mm format for the other types
`duration` (required)	`number`	the number of seconds the maintenance window will be active
`friendlyName`	`string`	friendly name of the maintenance window, defaults to name of the MaintenanceWindow object
`value`	`string`	allows to specify the maintenance window selection, e.g. 2-4-5 for Tuesday-Thursday-Friday or 10-17-26 for the days of the month, only valid and required for MaintenanceWindowType.WEEKLY and MaintenanceWindowType.MONTHLY

apiVersion: uroperator.brennerm.github.io/v1beta1
kind: MaintenanceWindow
metadata:
  name: my-maintenance-window
spec:
  type: DAILY
  startTime: "10:00"
  duration: 30

Alert Contacts

The AlertContact resource supports all current parameters for alert contacts that UptimeRobot offers. Below you can find a list that contains all of them.

key	type	description
`type` (required)	`string`	the type of alert contact, one of: SMS,EMAIL,TWITTER_DM,BOXCAR,WEB_HOOK,PUSHBULLET,ZAPIER,PUSHOVER,HIPCHAT,SLACK
`value` (required)	`string`	the alert contact's mail address / phone number / URL / connection string
`friendlyName`	`string`	friendly name of the alert contact, defaults to name of the AlertContact object

apiVersion: uroperator.brennerm.github.io/v1beta1
kind: AlertContact
metadata:
  name: my-alert-contact
spec:
  type: EMAIL
  value: [email protected]

Planned features

provide a Helm chart to ease deployment ✔️
support all configuration parameters for Monitors that UptimeRobot offers ✔️
add support for creating Uptime Robot ✔️
- alert contacts, ✔️
- maintenance windows ✔️
- public status pages using Kubernetes resources ✔️
implement automatic detection of HTTP path of Ingress resources
add an integration for external-dns to support creating monitors for Service resources

Comments

Docs: More examples / better explanation of fields in CRDs

For example in the UptimeRobotMonitor CRD the field alertContacts is a string... what should go here? I ran the curl request to get my monitors and it returns a JSON object, do I use id, friendlyName or the full object?

curl -X POST \
  -H "Cache-Control: no-cache" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d 'api_key=<redacted>&format=json' \
"https://api.uptimerobot.com/v2/getAlertContacts"

{
  "stat": "ok",
  "offset": 0,
  "limit": 50,
  "total": 3,
  "alert_contacts": [
    {
      "id": "<redacted>",
      "friendly_name": "<redacted>@gmail.com",
      "type": 2,
      "status": 1,
      "value": "<redacted>@gmail.com"
    },
    {
      "id": "<redacted>",
      "friendly_name": "Discord",
      "type": 11,
      "status": 2,
      "value": "https://discord.com/api/webhooks/<redacted>/slack"
    },
    {
      "id": "<redacted>",
      "friendly_name": "Phone",
      "type": 13,
      "status": 2
    }
  ]
}

This is pretty vague for the other fields too, not just alertContacts.

opened by onedr0p 6

sub_type is not supported

Thanks a lot for this useful tool!

I tried to add a monitor for a Port:

---
apiVersion: uroperator.brennerm.github.io/v1beta1
kind: UptimeRobotMonitor
metadata:
  name: MYNAME
  namespace: MYNAME
spec:
  friendlyName: "K8S MYNAME"
  url: "MYHOSTNAME"
  type: PORT
  sub_type: "Custom Port"
  port: 22
  interval: 300

This gives me the following error (I'm using Flux v2):

error validating data: ValidationError(UptimeRobotMonitor.spec): unknown field "sub_type" in io.github.brennerm.uroperator.v
1beta1.UptimeRobotMonitor.spec;

If I remove sub_type it passes validation but gets rejected by the UptimeRobot API:

[2021-06-03 09:42:24,986] kopf.objects         [ERROR   ] [MYNAME/MYNAME] Handler 'on_create' failed permanently: failed to create monitor: {'type': 'missing_parameter', 'parameter_name': 'sub_type', 'message': 'sub_type parameter │
│  is missing.'}

According to the API Documentation, sub_type is normally optional, but required for port monitoring.

I use version 0.3.0.

opened by tuxpeople 2

add flag to enable/disable watching Ingress resources

Some users may not want to have monitors created for their Ingress resources but only create monitors using UptimeRobotMonitor resources. That's why there should be a flag to disable the monitoring of ingresses.
enhancement

opened by brennerm 0

Unable to create monitor with Basic Auth

Hi there,

I've been trying to create a new Uptime monitor using the following YAML but I'm getting a validation error stating that the httpAuthSecret field is unknown.

My YAML:

apiVersion: uroperator.brennerm.github.io/v1beta1
kind: UptimeRobotMonitor
metadata:
  name: my-application-monitor
  namespace: public
spec:
  url: "https://exampledomain.com"
  type: HTTPS
  interval: 300
  friendlyName: "My Application Monitor"
  alertContacts: "1234_0_0"
  httpAuthType: BASIC_AUTH
  httpAuthSecret: auth-secret

My create command and error:

$ k create -f uptime-monitor-crd.yaml
error: error validating "uptime-monitor-crd.yaml": error validating data: ValidationError(UptimeRobotMonitor.spec): unknown field "httpAuthSecret" in io.github.brennerm.uroperator.v1beta1.UptimeRobotMonitor.spec; if you choose to ignore these errors, turn validation off with --validate=false

I've installed the operator using Helm by cloning the repository and doing it locally, as the steps listed in the installation steps were failing (I've added that snippet below but that's a different issue).

$ helm repo add uptimerobot-operator https://brennerm.github.io/uptimerobot-operator/helm
$ helm upgrade --install uptimerobot-operator uptimerobot-operator --set uptimeRobotApiKey=1234
Release "uptimerobot-operator" does not exist. Installing it now.
Error: failed to download "uptimerobot-operator" (hint: running `helm repo update` may help)

Am I doing something wrong perhaps? If there's additional information I can provide to you please let me know.

opened by hdp-sami 3

Multiple architecture Docker image
I was reviewing your Github workflow and I see you are not building multi-arch images. It's pretty easy to do using the following Github actions:

https://github.com/docker/setup-qemu-action

https://github.com/docker/setup-buildx-action

I can try to open a PR if you want :)
enhancement
opened by onedr0p 1
Post CRDs in YAML manifest to repository

👋🏼 It would be cool if you could post the CRDs as YAML to this repo. I am assuming that they are created by kopf when the operator is deployed.

This is kind of an issue when you want to bootstrap a cluster and the CRDs are not present before Flux gets to installed uptimerobot-operator and your manifests for monitoring. It's kind of a chicken and egg situation. Flux will try to install the custom uroperator manifests but not see any CRDs because uptimerobot-operator is not installed quite yet.

I would like to apply the CRDs in a way that forces them to exist before the uptimerobot-operator and my manifests are installed.

Thanks!

opened by onedr0p 4
report events for UpimeRobotMonitor objects

To be able retrieve the state of a single UpimeRobotMonitor resource we should send Kubernetes events that indicate whether the creation/update of a monitor at UptimeRobot was successful or failed.
enhancement

opened by brennerm 0

Owner

Max

Automate all the things!

GitHub

MagTape is a Policy-as-Code tool for Kubernetes that allows for evaluating Kubernetes resources against a set of defined policies to inform and enforce best practice configurations.

MagTape is a Policy-as-Code tool for Kubernetes that allows for evaluating Kubernetes resources against a set of defined policies to inform and enforce best practice configurations. MagTape includes variable policy enforcement, notifications, and targeted metrics.

143 Dec 27, 2022

Google Kubernetes Engine (GKE) with a Snyk Kubernetes controller installed/configured for Snyk App

Google Kubernetes Engine (GKE) with a Snyk Kubernetes controller installed/configured for Snyk App This example provisions a Google Kubernetes Engine

2 Feb 9, 2022

Django-Kubernetes - Learn how to deploy a docker-based Django application into a Kubernetes cluster into production on DigitalOcean

Django & Kubernetes Learn how to deploy a production-ready Django application in

100 Jan 1, 2023

Helperpod - A CLI tool to run a Kubernetes utility pod with pre-installed tools that can be used for debugging/testing purposes inside a Kubernetes cluster

Helperpod is a CLI tool to run a Kubernetes utility pod with pre-installed tools that can be used for debugging/testing purposes inside a Kubernetes cluster.

2 Feb 5, 2022

This repository contains code examples and documentation for learning how applications can be developed with Kubernetes

BigBitBus KAT Components Click on the diagram to enlarge, or follow this link for detailed documentation Introduction Welcome to the BigBitBus Kuberne

51 Oct 16, 2022

A Blazing fast Security Auditing tool for Kubernetes

A Blazing fast Security Auditing tool for kubernetes!! Basic Overview Kubestriker performs numerous in depth checks on kubernetes infra to identify th

934 Jan 4, 2023

Official Python client library for kubernetes

Kubernetes Python Client Python client for the kubernetes API. Installation From source: git clone --recursive https://github.com/kubernetes-client/py

5.4k Jan 2, 2023

A Simple script to hunt unused Kubernetes resources.

K8SPurger A Simple script to hunt unused Kubernetes resources. Release History Release 0.3 Added Ingress Added Services Account Adding RoleBindding Re

202 Nov 19, 2022

Run Oracle on Kubernetes with El Carro

El Carro is a new project that offers a way to run Oracle databases in Kubernetes as a portable, open source, community driven, no vendor lock-in container orchestration system. El Carro provides a powerful declarative API for comprehensive and consistent configuration and deployment as well as for real-time operations and monitoring.