diff --git a/docs/conf.py b/docs/conf.py index 4853c12b1..4ee9e6978 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -71,7 +71,11 @@ "developer-guide/actions/findings-api.html": "/master/playbook-reference/actions/develop-actions/findings-api.html", "tutorials/my-first-custom-action.html": "/master/playbook-reference/actions/develop-actions/index.html", "user-guide/self-hosting.html": "/master/how-it-works/oss-vs-saas.html", - "getting-started/installation.html": "/master/setup-robusta/installation/all-in-one-installation.html", + "getting-started/installation.html": "/master/setup-robusta/installation/index.html", + "setup-robusta/installation/all-in-one-installation.html": "/master/setup-robusta/installation/index.html", + "setup-robusta/installation/standalone-installation.html": "/master/setup-robusta/installation/index.html", + "setup-robusta/installation/dev-setup.html": "/master/help.html", + "setup-robusta/supported-clusters.html": "/master/setup-robusta/installation/index.html", "tutorials/java-troubleshooting.html": "/master/tutorials/application-troubleshooting-java.html", "catalog/sinks/index.html": "/master/configuration/sinks/index.html", "tutorials/prometheus-enrichment.html": "/master/tutorials/alert-custom-enrichment.html", @@ -97,7 +101,8 @@ "configuration/defining-playbooks/playbook-basics.html": "/master/playbook-reference/index.html", "configuration/defining-playbooks/trigger-action-binding.html": "/master/playbook-reference/index.html#matching-actions-to-triggers", "playbook-reference/defining-playbooks/trigger-action-binding.html": "/master/playbook-reference/index.html#matching-actions-to-triggers", - "configuration/additional-settings.html": "/master/setup-robusta/additional-settings.html", + "configuration/additional-settings.html": "/master/setup-robusta/installation/index.html", + "setup-robusta/additional-settings.html": "/master/setup-robusta/installation/index.html", "developer-guide/writing-playbooks.html": "/master/playbook-reference/defining-playbooks/index.html", "user-guide/slack.html": "/master/configuration/sinks/slack.html", "user-guide/elasticsearch.html": "/master/playbook-reference/triggers/elasticsearch.html", @@ -130,8 +135,11 @@ "tutorials/alert-custom-prometheus.html": "/master/configuration/alertmanager-integration/alert-custom-prometheus.html", "catalog/triggers/prometheus.html": "/master/configuration/alertmanager-integration/index.html", "playbook-reference/prometheus-examples/alert-remediation.html": "/master/playbook-reference/automatic-remediation-examples/index.html", - "configuration/ai-analysis.html": "/master/configuration/holmesgpt/main-features.html", - "configuration/holmesgpt/index.html": "/master/configuration/holmesgpt/main-features.html", + "configuration/ai-analysis.html": "https://robusta.dev/", + "configuration/holmesgpt/index.html": "https://robusta.dev/", + "configuration/holmesgpt/main-features.html": "https://robusta.dev/", + "configuration/holmesgpt/getting-started.html": "https://robusta.dev/", + "configuration/holmesgpt/holmesgpt-docs.html": "https://robusta.dev/", # AI Analysis pages redirects to holmesgpt.dev (docs have moved there) "configuration/holmesgpt/builtin_toolsets.html": "https://holmesgpt.dev/data-sources/builtin-toolsets/?tab=robusta-helm-chart", "configuration/holmesgpt/permissions.html": "https://holmesgpt.dev/data-sources/permissions/?tab=robusta-helm-chart", @@ -164,12 +172,12 @@ "tutorials/more-tutorials.html": "/master/help.html", "common-errors.html": "/master/help.html#common-errors", "user-guide/defining-playbooks.html": "/master/playbook-reference/defining-playbooks/index.html", - "user-guide/global-config.html": "/master/setup-robusta/additional-settings.html#global-config", + "user-guide/global-config.html": "/master/setup-robusta/installation/index.html", "user-guide/configuration-secrets.html": "master/setup-robusta/configuration-secrets.html", "user-guide/additional-playbooks.html": "/master/playbook-reference/defining-playbooks/external-playbook-repositories.html", "user-guide/embedded-prometheus.html": "/master/configuration/alertmanager-integration/embedded-prometheus.html#enabling-the-embedded-prometheus", "user-guide/node-selector.html": "/master/setup-robusta/node-selector.html", - "user-guide/interactivity.html": "/master/setup-robusta/additional-settings.html#two-way-interactivity", + "user-guide/interactivity.html": "/master/setup-robusta/installation/index.html", "user-guide/flow-control.html": "/master/playbook-reference/index.html#using-filters-to-restrict-triggers", "catalog/triggers/index.html": "/master/playbook-reference/triggers/index.html", "catalog/triggers/kubernetes.html": "/master/playbook-reference/triggers/kubernetes.html", @@ -216,7 +224,7 @@ "playbook-reference/overview.html": "/master/playbook-reference/index.html", "playbook-reference/defining-playbooks/playbook-basics.html": "/master/playbook-reference/index.html", "how-it-works/alert-builtin-enrichment.html": "/master/playbook-reference/builtin-alert-enrichment.html", - "setup-robusta/installation/extend-prometheus-installation.html": "/master/setup-robusta/installation/standalone-installation.html", + "setup-robusta/installation/extend-prometheus-installation.html": "/master/setup-robusta/installation/index.html", "playbook-reference/defining-playbooks/index.html": "/master/playbook-reference/index.html", "configuration/alertmanager-integration/alert-custom-prometheus.html": "/master/configuration/alertmanager-integration/embedded-prometheus.html#creating-custom-prometheus-alerts", "configuration/alertmanager-integration/index.html": "/master/configuration/index.html", diff --git a/docs/configuration/alertmanager-integration/_testing_integration.rst b/docs/configuration/alertmanager-integration/_testing_integration.rst index 20b1f831f..b9e5c80ac 100644 --- a/docs/configuration/alertmanager-integration/_testing_integration.rst +++ b/docs/configuration/alertmanager-integration/_testing_integration.rst @@ -56,4 +56,4 @@ If everything is setup properly, this alert will reach Robusta. It will show up Robusta enriches alerts with Kubernetes and log data using Prometheus labels for mapping. Standard label names are used by default. If your setup differs, you can - `customize this mapping `_ to fit your environment. + `customize this mapping `_ to fit your environment. diff --git a/docs/configuration/exporting/robusta-pro-features.rst b/docs/configuration/exporting/robusta-pro-features.rst index 5998c66e1..5aa584a57 100644 --- a/docs/configuration/exporting/robusta-pro-features.rst +++ b/docs/configuration/exporting/robusta-pro-features.rst @@ -19,9 +19,7 @@ Data Export and Reporting * :doc:`Alert Reporting API `: Get aggregated statistics and counts for different alert types * :doc:`Send Alerts API `: Send alerts programmatically from external systems * :doc:`Configuration Changes API `: Track configuration changes in your environment -* :doc:`Namespace Resources API `: Query namespace-level resource information * :doc:`RBAC Configuration API `: Programmatically manage role-based access control configurations -* :doc:`Prometheus Query API `: Run PromQL queries against Prometheus in your connected clusters Getting Started --------------- diff --git a/docs/configuration/exporting/send-alerts-api.rst b/docs/configuration/exporting/send-alerts-api.rst index 77c6bb65e..f4461fc58 100644 --- a/docs/configuration/exporting/send-alerts-api.rst +++ b/docs/configuration/exporting/send-alerts-api.rst @@ -261,7 +261,7 @@ Troubleshooting **Alerts arriving but missing Kubernetes context?** - Check :doc:`Alert Label Mapping ` to customize how Prometheus labels map to Kubernetes resources. + Check :doc:`Customize Labels and Priorities ` to customize how Prometheus labels map to Kubernetes resources. Testing Your Integration ------------------------ diff --git a/docs/configuration/holmesgpt/getting-started.rst b/docs/configuration/holmesgpt/getting-started.rst deleted file mode 100644 index 40332545c..000000000 --- a/docs/configuration/holmesgpt/getting-started.rst +++ /dev/null @@ -1,70 +0,0 @@ -Getting Started -=============== - -Set up AI-powered alert analysis in 5 minutes. - -Prerequisites -------------- - -.. raw:: html - -
- ✓ Robusta SaaS account (free or paid)
- ✓ Robusta version 0.22.0 or higher -
- -Quick Setup (Recommended) --------------------------- - -Use Robusta's hosted AI service with frontier models from Anthropic, OpenAI, and more: - -1. **Add to your Helm values:** - - .. code-block:: yaml - - enableHolmesGPT: true - holmes: - additionalEnvVars: - - name: ROBUSTA_AI - value: "true" - -2. **Apply the changes:** - - .. code-block:: bash - - helm upgrade robusta robusta/robusta -f generated_values.yaml - -3. **Enable Slack integration** (optional): - - - Go to `platform.robusta.dev `_ - - Navigate to **Settings** → **AI Assistant** - - Toggle "Enable Holmes" and connect your Slack workspace - -That's it! HolmesGPT will now analyze your alerts automatically. - -Using Your Own AI Provider ---------------------------- - -Instead of Robusta AI, you can bring your own LLM provider (OpenAI, Azure, AWS Bedrock, Anthropic, and more). See the `AI Providers documentation `_ for setup instructions. - -.. _Reading the Robusta UI Token from a secret in HolmesGPT: - -Using Existing Secrets ----------------------- - -If you store the Robusta UI token in a Kubernetes secret (instead of directly in Helm values), you need to pass it to HolmesGPT: - -.. code-block:: yaml - - holmes: - additionalEnvVars: - - name: ROBUSTA_UI_TOKEN - valueFrom: - secretKeyRef: - name: my-robusta-secrets # Your existing secret - key: ui-token # Your existing key - -Next Steps ----------- - -* `Configure Data Sources `_ - Add more context for better analysis \ No newline at end of file diff --git a/docs/configuration/holmesgpt/holmesgpt-docs.rst b/docs/configuration/holmesgpt/holmesgpt-docs.rst deleted file mode 100644 index d854d8ff1..000000000 --- a/docs/configuration/holmesgpt/holmesgpt-docs.rst +++ /dev/null @@ -1,6 +0,0 @@ -HolmesGPT Documentation -======================== - -For comprehensive HolmesGPT documentation, please visit the official HolmesGPT documentation site at `holmesgpt.dev `_. - -For Robusta-specific setup instructions, see :doc:`getting-started`. \ No newline at end of file diff --git a/docs/configuration/holmesgpt/main-features.rst b/docs/configuration/holmesgpt/main-features.rst deleted file mode 100644 index d25c42536..000000000 --- a/docs/configuration/holmesgpt/main-features.rst +++ /dev/null @@ -1,17 +0,0 @@ -Main Features -============= - -Robusta integrates `HolmesGPT `_ to provide AI-powered root cause analysis for Kubernetes alerts and issues. - -See HolmesGPT in Action ------------------------ - -See demos and up-to-date videos on the `Robusta homepage `_. - -Next Steps ----------- - -* `Sign up for Robusta `_ - Get started with the full platform -* :doc:`getting-started` - Set up HolmesGPT in 5 minutes -* `Available Data Sources `_ - See all supported integrations -* `Helm Configuration Reference `_ - Advanced HolmesGPT settings for Robusta deployments \ No newline at end of file diff --git a/docs/configuration/metric-providers-external.rst b/docs/configuration/metric-providers-external.rst index f7fc5fa9c..334224961 100644 --- a/docs/configuration/metric-providers-external.rst +++ b/docs/configuration/metric-providers-external.rst @@ -185,5 +185,5 @@ Next Steps ---------- - Configure :doc:`alert routing ` -- Set up :doc:`AI-powered insights ` +- `Set up AI-powered insights `_ - Learn about :doc:`common configuration options ` \ No newline at end of file diff --git a/docs/configuration/sinks/sinks-development.rst b/docs/configuration/sinks/sinks-development.rst index 52c9e3f3c..30849b880 100644 --- a/docs/configuration/sinks/sinks-development.rst +++ b/docs/configuration/sinks/sinks-development.rst @@ -27,7 +27,7 @@ Each sink consists of a sink class and a config class. Optionally, helpers are u To implement a new sink you must: -1. :ref:`Build Robusta from source ` +1. Clone the `Robusta repo `_ and follow the README to build from source 2. Add a new Python module inside `src/robusta/core/sinks `_ containing your sink’s source code 3. Implement a sink config class 4. Implement a sink class diff --git a/docs/configuration/sinks/slack.rst b/docs/configuration/sinks/slack.rst index 7f0c43574..6cbbc2567 100644 --- a/docs/configuration/sinks/slack.rst +++ b/docs/configuration/sinks/slack.rst @@ -20,14 +20,14 @@ Quick Start **Option 1: Automatic Setup (Recommended)** -When installing Robusta, run ``robusta gen-config`` and follow the prompts. This automatically configures Slack using our `official +Sign up for a `free Robusta account `_ and connect Slack during the signup wizard. This automatically configures Slack using our `official Slack app `_. Note: Robusta can only write messages and doesn't require read permissions. **Option 2: Manual Configuration** -Generate a Slack API key by running ``robusta integrations slack``, then add to your ``generated_values.yaml``: +Generate a Slack API key on your own (see :ref:`Creating Custom Slack Apps` below), then add it to your ``generated_values.yaml``: .. code-block:: yaml diff --git a/docs/help.rst b/docs/help.rst index d926cad02..ae03332ef 100644 --- a/docs/help.rst +++ b/docs/help.rst @@ -41,54 +41,12 @@ Issues are organized by installation phase to help you quickly find solutions.
Where are you stuck?
- • Phase 1: Configuration Generation - Issues with robusta gen-config
- • Phase 2: Helm Installation - Helm install/upgrade failures
- • Phase 3: Runtime Issues - Alerts not arriving, pods crashing
- • Phase 4: Integration Issues - Slack, Prometheus connection problems + • Phase 1: Helm Installation - Helm install/upgrade failures
+ • Phase 2: Runtime Issues - Alerts not arriving, pods crashing
+ • Phase 3: Integration Issues - Slack, Prometheus connection problems
-Phase 1: Configuration Generation -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - -Issues when running ``robusta gen-config`` or generating initial configuration. - -.. details:: command not found: robusta (CLI not in path) - - 1. Determine where the Robusta-cli binary file is located - - .. code-block:: bash - :name: cb-find-python-cli-loc - - find / -regex '.*/bin/robusta' 2>/dev/null - - 2. Add the path you found (e.g ``/opt/homebrew/bin/``) to your PATH. To do so, find your shell config file ( ~/.profile or ~/.bash_profile or ~/.zshrc etc...) and append the following: - - .. code-block:: bash - :name: add-path-var - - export PATH="$PATH:" - - 3. Reopen the terminal or run: - - .. code-block:: bash - :name: cb-refresh-terminal - - source - - .. admonition:: Alternative Solution - - Instead of modifying PATH, run Robusta commands via the python3 binary: ``python3 -m robusta.cli.main gen-config`` - -.. details:: SSL certificate errors on Mac OS - - This implies a python package with certificates is missing on your system. - - To fix it, run ``/Applications/Python 3.9/Install Certificates.command`` - - For more info see: - https://stackoverflow.com/questions/52805115/certificate-verify-failed-unable-to-get-local-issuer-certificate - -Phase 2: Helm Installation +Phase 1: Helm Installation ^^^^^^^^^^^^^^^^^^^^^^^^^^ Problems when running ``helm install`` command or installing via GitOps. @@ -128,7 +86,7 @@ Problems when running ``helm install`` command or installing via GitOps. Follow this guide for :ref:`upgrading CRDs from an older version `. -Phase 3: Runtime Issues +Phase 2: Runtime Issues ^^^^^^^^^^^^^^^^^^^^^^^ Issues after installation when pods are running but not working correctly. @@ -252,7 +210,7 @@ Holmes See :ref:`Using Existing Secrets ` to configure Holmes to read the ``token`` -Phase 4: Integration Issues +Phase 3: Integration Issues ^^^^^^^^^^^^^^^^^^^^^^^^^^^ Problems with external service integrations after Robusta is running. diff --git a/docs/how-it-works/architecture.rst b/docs/how-it-works/architecture.rst index 03e19da6a..696535dc9 100644 --- a/docs/how-it-works/architecture.rst +++ b/docs/how-it-works/architecture.rst @@ -1,7 +1,7 @@ Architecture ================== -Robusta uses `HolmesGPT `_, an open source AI agent, to automatically investigate and root-cause Kubernetes alerts. HolmesGPT runs as part of the **in-cluster Agent**, connects to your existing **data sources**, and reports findings through the **Robusta Platform** (SaaS or self-hosted). +Robusta uses `HolmesGPT `_ to automatically investigate and root-cause alerts. HolmesGPT runs as part of the **in-cluster Agent**, connects to your existing **data sources**, and reports findings through the **Robusta Platform** (SaaS or self-hosted). .. image:: ../images/architecture-overview.png :width: 800 @@ -15,7 +15,7 @@ Agent (In-Cluster) The Robusta Agent runs inside your Kubernetes cluster. It includes HolmesGPT and is responsible for: - Fetching data from external `data sources `_ -- Optional: for customers troubleshooting issues on Kubernetes itself, track new deploys and changes to Kubernetes and query Kubernetes events +- Optional: tracking Kubernetes deploys, changes, and events for teams troubleshooting Kubernetes itself The Agent keeps your data secure — it fetches data from your data sources directly, so there is no direct connection from the Robusta Platform to your data sources. @@ -44,7 +44,6 @@ Security & Networking - The Agent runs entirely within your cluster with configurable RBAC permissions - Data sources are accessed only by the in-cluster Agent, never by the Platform - SaaS connectivity is outbound-only — no inbound access is required -- All data remains in your cluster unless explicitly sent to configured sinks or the Robusta Platform Next Steps ^^^^^^^^^^ diff --git a/docs/how-it-works/index.rst b/docs/how-it-works/index.rst index 5833d1ff9..3e2c069d2 100644 --- a/docs/how-it-works/index.rst +++ b/docs/how-it-works/index.rst @@ -13,16 +13,16 @@ Overview How Robusta's components work together — the Agent, HolmesGPT, data sources, and the Platform. - .. grid-item-card:: :octicon:`package;1em;` Open Source vs SaaS + .. grid-item-card:: :octicon:`package;1em;` Deployment Options :class-card: sd-bg-light sd-bg-text-light :link: oss-vs-saas :link-type: doc - Compare deployment options: open source HolmesGPT, SaaS, and self-hosted. + SaaS, self-hosted, or open source HolmesGPT. .. toctree:: :maxdepth: 1 :hidden: Architecture - Open Source vs SaaS + Deployment Options diff --git a/docs/how-it-works/oss-vs-saas.rst b/docs/how-it-works/oss-vs-saas.rst index 4b99e2e1e..a7161b4db 100644 --- a/docs/how-it-works/oss-vs-saas.rst +++ b/docs/how-it-works/oss-vs-saas.rst @@ -1,33 +1,45 @@ -Open Source vs SaaS +Deployment Options ################################ -HolmesGPT (Open Source) -^^^^^^^^^^^^^^^^^^^^^^^^ +Robusta is delivered through the **Robusta Platform** — a centralized place to control your SRE agents, triage alerts, and review investigation timelines. The Platform is available as **SaaS** (hosted by Robusta) or **Self-Hosted** (for organizations with dedicated infrastructure requirements). -At the core of Robusta is `HolmesGPT `_ — an open source, AI-powered agent that automatically investigates Kubernetes alerts and identifies root causes. +SaaS (Hosted) +^^^^^^^^^^^^^^ -HolmesGPT pulls data from your cluster logs, events, metrics, and external data sources like Prometheus, Grafana, New Relic, and more. It uses LLMs to correlate evidence across sources and produce actionable root cause analysis — turning noisy alerts into clear answers. +The hosted Platform runs in Robusta's infrastructure. You install the in-cluster Agent, sign up at `platform.robusta.dev `_, and your alerts and investigations stream into the hosted UI. -HolmesGPT is MIT-licensed and can be used standalone or as part of the Robusta platform. +The SaaS Platform is **SOC 2 compliant** and available in multiple regions, including the **US**, **EU**, and **Asia Pacific**. -Deployment Options -^^^^^^^^^^^^^^^^^^^ +Most teams use SaaS — it's the fastest path to the complete feature set. -- **Open Source Only**: Run HolmesGPT on its own. No web UI. CLI interface and HTTP API on OSS. -- **SaaS**: HolmesGPT + Robusta's hosted web UI with :doc:`additional features <../configuration/exporting/robusta-pro-features>` including centralized alert management, multi-cluster visibility, and historical timelines. -- **Self-Hosted**: HolmesGPT + on-premise web UI for organizations that require dedicated infrastructure (enterprise plans). +Self-Hosted +^^^^^^^^^^^^ -**Which should I choose?** +The same Platform, deployed inside your own infrastructure. Intended for organizations that require dedicated infrastructure (regulatory, data residency, or air-gapped requirements). -Most teams use the **SaaS** option for the complete feature set without infrastructure overhead. +Self-hosted deployments are available on enterprise plans — contact support@robusta.dev. Pricing ^^^^^^^^^^^^ -HolmesGPT is and always will be free. It is a CNCF sandbox project. -The Robusta Platform UI is `free to get started `_ on our SaaS. If you want to self-host the UI, you'll need an enterprise plan. +The SaaS Platform is `free to get started `_, with paid tiers for larger teams and advanced features. Self-hosted deployments require an enterprise plan. + +Open Source +^^^^^^^^^^^^ + +`HolmesGPT `_ — the SRE agent at the core of Robusta — is MIT-licensed and a CNCF sandbox project. -Contact support@robusta.dev for questions. +Standalone HolmesGPT: + +- CLI only — no web UI +- HTTP API for programmatic access + +The Robusta Platform (SaaS or Self-Hosted) adds on top: + +- A web interface +- HolmesGPT bots for Slack and Microsoft Teams +- Automatic alert triage and grouping +- Background agents that proactively investigate and surface issues Robusta Classic ^^^^^^^^^^^^^^^^ @@ -35,8 +47,3 @@ Robusta Classic Before HolmesGPT, Robusta's open source engine focused on rule-based automation — enriching alerts with extra context (logs, pod status, resource graphs) and routing them to Slack, Teams, and other sinks using configurable playbooks. This is sometimes referred to as **Robusta Classic**. If you are running Robusta Classic, upgrading to HolmesGPT is a configuration change — no migration required. - -Learn More -^^^^^^^^^^^^ -- `HolmesGPT on GitHub `_ - AI-powered root cause analysis for Kubernetes -- `Pricing Plans `_ - Compare pricing options and start a free trial diff --git a/docs/index.rst b/docs/index.rst index 07725d344..d6d3013cd 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -16,15 +16,6 @@ setup-robusta/index -.. toctree:: - :maxdepth: 4 - :caption: SRE Agent - :hidden: - - configuration/holmesgpt/main-features - configuration/holmesgpt/getting-started - HolmesGPT Docs - .. toctree:: :maxdepth: 4 :caption: HTTP APIs @@ -32,18 +23,15 @@ Overview Holmes Chat API - setup-robusta/alertsui configuration/exporting/send-alerts-api configuration/exporting/configuration-changes-api configuration/exporting/alert-export-api configuration/exporting/alert-statistics-api - configuration/exporting/namespace-resources-api configuration/exporting/rbac-api - configuration/exporting/prometheus-query-api .. toctree:: :maxdepth: 4 - :caption: Other Features + :caption: Robusta Classic :hidden: Send Alerts to Robusta @@ -53,6 +41,10 @@ Alert Routing CRDs Monitoring Playbooks + Self-Monitoring + Managed Prometheus Alerts + Namespace Resources API + Prometheus Query API .. toctree:: :maxdepth: 4 @@ -64,16 +56,16 @@ Welcome to Robusta ==================== -Robusta is an AI-powered SRE agent that automatically investigates alerts and finds root causes. It is built on `HolmesGPT `_, an open source AI agent that pulls evidence from your existing `data sources `_ and uses LLMs to pinpoint what went wrong. +Robusta is an AI-powered SRE agent that automatically investigates alerts and finds root causes. It is built on `HolmesGPT `_. **How it works:** * **Automatic investigation** — every alert is analyzed with AI-powered root cause analysis -* **Your data sources** — HolmesGPT connects to your existing monitoring, ITSM, and cloud tools to gather evidence +* **Your data sources** — HolmesGPT connects to your existing monitoring, ITSM, cloud tools, and MCP servers to gather evidence * **Chat with your agent** — tag HolmesGPT in Slack or Teams to investigate issues on demand * **Centralized control** — the `Robusta Platform `_ gives you a single place to manage your SRE agents, triage alerts, and review investigation timelines -Robusta is available as **open source**, **SaaS**, or **self-hosted**. See :doc:`how-it-works/oss-vs-saas` for details. +Robusta is available as **SaaS**, **self-hosted**, or **open source**. See :doc:`how-it-works/oss-vs-saas` for details. Ready to get started? --------------------- diff --git a/docs/playbook-reference/builtin-alert-enrichment.rst b/docs/playbook-reference/builtin-alert-enrichment.rst index 46c9729f7..4d29e36b1 100644 --- a/docs/playbook-reference/builtin-alert-enrichment.rst +++ b/docs/playbook-reference/builtin-alert-enrichment.rst @@ -7,7 +7,7 @@ Ever feel overwhelmed by alerts that lack context? Robusta enriches alerts autom .. note:: - **Looking for automatic AI enrichment?** Check out :doc:`HolmesGPT ` for zero-configuration AI-powered alert enrichment that automatically investigates alerts and provides root cause analysis. + **Looking for automatic AI enrichment?** Check out `Robusta `_ for zero-configuration AI-powered alert enrichment that automatically investigates alerts and provides root cause analysis. Builtin Alert Enrichment ********************************* @@ -58,3 +58,62 @@ Get started with these examples: prometheus-examples/bash-alert-enrichment prometheus-examples/link-alert-enrichment + +Censoring Sensitive Data +************************* + +Pod logs gathered by Robusta can be censored using `Python regular expressions `_. For example, a payment processing pod might have credit card numbers or other sensitive information in its logs. These can be automatically sanitized before they appear in notifications. + +How to Enable Log Censoring for All Logs +----------------------------------------- + +To censor sensitive information in all logs, add the following to your Helm values file: + +.. code-block:: yaml + + globalConfig: + regex_replacement_style: SAME_LENGTH_ASTERISKS # Alternative: NAMED + regex_replacer_patterns: + - name: CreditCard + regex: "[0-9]{4}[- ][0-9]{4}[- ][0-9]{4}[- ][0-9]{4}" + - name: Email + regex: "[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}" + - name: UUID + regex: "[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" + +After adding these values, perform a Helm upgrade: + +.. code-block:: bash + + helm upgrade robusta robusta/robusta -f values.yaml + +Example: Before and After Censoring +------------------------------------ + +Given the following pod log: + +.. code-block:: + + # Original pod log: + 2022-07-28 08:24:45.283 INFO user's uuid: '193836d9-9cce-4df9-a454-c2edcf2e80e5' + 2022-07-28 08:35:00.762 INFO Customer email: user@example.com + 2022-07-28 08:35:01.090 INFO Payment processed with card: 4111-1111-1111-1111 + +The censored output will appear as: + +.. code-block:: + + # Using SAME_LENGTH_ASTERISKS style: + 2022-07-28 08:24:45.283 INFO user's uuid: '************************************' + 2022-07-28 08:35:00.762 INFO Customer email: **************** + 2022-07-28 08:35:01.090 INFO Payment processed with card: ******************* + + # Using NAMED style: + 2022-07-28 08:24:45.283 INFO user's uuid: '[UUID]' + 2022-07-28 08:35:00.762 INFO Customer email: [Email] + 2022-07-28 08:35:01.090 INFO Payment processed with card: [CreditCard] + +**Note:** This censoring applies to logs displayed in Robusta's built-in notifications, including those shown by the following Robusta actions: + +- :code:`logs_enricher` - Shows container logs in various alerts +- :code:`report_crash_loop` - Shows container logs for crashing pods diff --git a/docs/playbook-reference/index.rst b/docs/playbook-reference/index.rst index 373dbbb90..c71db435d 100644 --- a/docs/playbook-reference/index.rst +++ b/docs/playbook-reference/index.rst @@ -18,7 +18,7 @@ Playbooks Basics Playbooks are deterministic rules for responding to alerts and unhealthy conditions in a Kubernetes cluster. -Playbooks are recommended for advanced use cases. Most users should start with :doc:`SRE Agent ` of alerts first, which requires far less configuration. +Playbooks are recommended for advanced use cases. Most users should start with the `Robusta SRE Agent `_, which requires far less configuration. How Playbooks Work ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ diff --git a/docs/setup-robusta/additional-settings.rst b/docs/setup-robusta/additional-settings.rst deleted file mode 100644 index 61a833371..000000000 --- a/docs/setup-robusta/additional-settings.rst +++ /dev/null @@ -1,28 +0,0 @@ -:hide-toc: - -Additional Settings -======================= - -Global Config --------------------------- - -The ``globalConfig`` Helm value defines global variables re-used across Robusta. - -Robusta also expects several parameters to always be defined in ``globalConfig``: - -cluster_name - Unique for each cluster in your organization. Cluster Name be human-readable and need not be secret - -account_id - Keep secret! The Account ID uniquely identifies your cluster with Robusta cloud (if enabled). Should never be the - same for different organizations. Together, ``cluster_name`` and ``account_id`` uniquely identify every cluster - running Robusta in the world - -signing_key - Keep secret! The Signing Key is used to authenticate requests to run playbooks from outside the cluster (if enabled). - -These values are generated automatically when setting up Robusta with the CLI. If you install Robusta on additional -clusters, make sure you change ``cluster_name`` accordingly. The other values should remain the same. - -If you need to generate the secret values yourself, use cryptographically secure strings with at least 128 bits of -randomness. diff --git a/docs/setup-robusta/configuration-secrets.rst b/docs/setup-robusta/configuration-secrets.rst index 755e14940..1985f89c8 100644 --- a/docs/setup-robusta/configuration-secrets.rst +++ b/docs/setup-robusta/configuration-secrets.rst @@ -63,3 +63,20 @@ You can now reference the environment variable elsewhere in your configuration u grafana_url: http://grafana.namespace.svc This setup keeps sensitive values out of your Helm files and version control, while still allowing them to be dynamically injected at runtime. + +.. _Reading the Robusta UI Token from a secret in HolmesGPT: + +Using an Existing Secret for the Robusta UI Token +-------------------------------------------------------- + +If you store the Robusta UI token in a Kubernetes secret (instead of directly in Helm values), you need to pass it to HolmesGPT: + +.. code-block:: yaml + + holmes: + additionalEnvVars: + - name: ROBUSTA_UI_TOKEN + valueFrom: + secretKeyRef: + name: my-robusta-secrets # Your existing secret + key: ui-token # Your existing key diff --git a/docs/setup-robusta/gitops/argocd.rst b/docs/setup-robusta/gitops/argocd.rst index 3b69bc273..5f25d8bf4 100644 --- a/docs/setup-robusta/gitops/argocd.rst +++ b/docs/setup-robusta/gitops/argocd.rst @@ -23,15 +23,10 @@ Example ``generated_values.yaml``: .. code-block:: yaml clusterName: my_cluster_name # <- This is the line to be added - isSmallCluster: false # <- Optional. Set this on test clusters to lower Robusta's resource usage. globalConfig: signing_key: xxxxxx account_id: xxxxxx sinksConfig: - - slack_sink: - name: main_slack_sink - slack_channel: robusta-staging-alerts - api_key: xxxxxx - robusta_sink: name: robusta_ui_sink token: xxxxxx @@ -157,46 +152,3 @@ Then create an Argo Application which references that values file: - repoURL: "git@github.com:my-user/example-repo.git" targetRevision: HEAD ref: values - - -Configuring Argo Links ------------------------------------------ - -For faster Kubernetes troubleshooting, add Robusta links to ArgoCD. - -.. image:: /images/argocd_external_urls.png - -Add an annotation to each Kubernetes resource with Robusta's URL: - -.. code-block:: - - apiVersion: apps/v1 - kind: Deployment - metadata: - name: my-deployment - annotations: - link.argocd.argoproj.io/external-link: "https://platform.robusta.dev/" - -Or link applications to their specific Robusta pages: - -.. code-block:: - - apiVersion: apps/v1 - kind: Deployment #workload type - metadata: - name: my-deployment #workload name - annotations: - link.argocd.argoproj.io/external-link: "https://platform.robusta.dev/?namespace=%22default%22&type=%22Deployment%22&name=%22some-deployment%22&cluster=%22robusta-cluster-name%22" - -.. details:: What is the right Robusta URL for each application? - - It's easiest to open the workload in RobustaUI and copy the URL from the browser. - - You can also build the URL by hand. Edit the above URL, replacing: - - * ``default`` with the workload's namespace - * ``Deployment`` with the workload type. Ex: ``StatefulSets`` - * ``some-deployment`` with the workload's name. Ex: ``my-deployment`` - * ``robusta-cluster-name`` with your cluster's name, as defined in the Robusta Helm value ``clusterName`` - -For more details, refer to the `Argo Documentation on External URLs. `_ diff --git a/docs/setup-robusta/gitops/flux.rst b/docs/setup-robusta/gitops/flux.rst index e42c3cb74..17b040272 100644 --- a/docs/setup-robusta/gitops/flux.rst +++ b/docs/setup-robusta/gitops/flux.rst @@ -24,15 +24,10 @@ Example ``generated_values.yaml``: .. code-block:: yaml clusterName: my_cluster_name # <- This is the line to be added - isSmallCluster: false # <- Optional. Set this on test clusters to lower Robusta's resource usage. globalConfig: signing_key: xxxxxx account_id: xxxxxx sinksConfig: - - slack_sink: - name: main_slack_sink - slack_channel: robusta-staging-alerts - api_key: xxxxxx - robusta_sink: name: robusta_ui_sink token: xxxxxx diff --git a/docs/setup-robusta/index.rst b/docs/setup-robusta/index.rst index f5be5f44d..777bf902e 100644 --- a/docs/setup-robusta/index.rst +++ b/docs/setup-robusta/index.rst @@ -17,13 +17,10 @@ upgrade tuning-performance configuration-secrets - robusta-runner-metrics - supported-clusters openshift node-selector proxies privacy-and-security - additional-settings installation-faq \ No newline at end of file diff --git a/docs/setup-robusta/installation-faq.rst b/docs/setup-robusta/installation-faq.rst index ef63a248d..18428cf3f 100644 --- a/docs/setup-robusta/installation-faq.rst +++ b/docs/setup-robusta/installation-faq.rst @@ -5,22 +5,6 @@ I have an error installing Robusta ================================================ Please refer to :ref:`Help ` for common errors and solutions. -Can I install Robusta without the cli? -======================================== -Yes, using the cli is optional. It auto-generates helm values, but you can also handwrite them: - -1. Fetch Robusta's default **Helm values**: - -.. code-block:: bash - :name: cb-helm-repo-add-show-values - - helm repo add robusta https://robusta-charts.storage.googleapis.com && helm repo update - helm show values robusta/robusta - -2. Modify those values to your heart's content. Refer to the :doc:`Send Alerts ` documentation for details. - -3. Do a ``helm install``. - The helm chart in GitHub doesn't work. Why? ======================================================== It has certain placeholders. For example, ``runner.image`` is set during our release workflow. @@ -45,12 +29,3 @@ Verify success by checking that Robusta pods are running: :name: cb-get-pods-robusta-logs-custom kubectl get pods -n robusta - -.. warning:: - - Make sure you add the ``--namespace`` flag to future ``robusta`` cli commands. - -Does Robusta support Thanos/Cortex/Mimir/VictoriaMetrics? -============================================================ -Any Prometheus-compatible solution is fine. Just follow instructions in the :doc:`Send Alerts ` documentation. - diff --git a/docs/setup-robusta/installation/_generate_config.jinja b/docs/setup-robusta/installation/_generate_config.jinja deleted file mode 100644 index 496ed8705..000000000 --- a/docs/setup-robusta/installation/_generate_config.jinja +++ /dev/null @@ -1,66 +0,0 @@ -Generate a Config ------------------------------------ - -Robusta needs settings to work. For example, if you use Slack then Robusta needs a Slack API key. These settings are configured as Helm values. - -Choose a configuration method below: - -.. tab-set:: - - .. tab-item:: Web Installation (recommended) - :name: web-installation-tab - - Create the configuration by signing up `for a free Robusta UI account ↗ `_ - - .. details:: Why configure an Open Source project from a SaaS platform? - - You can use Robusta OSS without any SaaS components, however you'll need integrations like Slack or MS Teams if you want to see Robusta doing anything. - - The configuration for Slack can be difficult to generate on your own, so we provide a free UI to assist. - - You can use the UI to generate Helm values and then disable the UI, or you can use the free tier forever! We also have a paid tier with our most powerful AI agent included. - - .. tab-item:: pipx - :name: pip-cli-tab - - First install `pipx `_. - - Then use pipx to install and run the robusta cli: - - .. code-block:: bash - :name: cb-pip-install - - pipx run robusta-cli gen-config {{ gen_config_flags }} - - .. details:: pipx vs pip - - The ``robusta`` cli can also be installed with pip, but due to Python limitations, this can lead to dependency issues, as pip doesn't install packages in isolated environments. - - But if you prefer pip instead of pipx - install with ``pip install -U robusta-cli --no-cache`` and run with ``robusta gen-config {{ gen_config_flags }}`` - - * Python 3.7 or higher is required. - * Use ``pip3`` on systems with both Python 2 and Python 3. - * A ``command not found: robusta`` error means :ref:`Python's script directory is not in your PATH `. - - .. tab-item:: docker - :name: docker-cli-tab - - Use the ``robusta`` cli tool to generate the Helm values. Run it via the pre-built docker container. - - .. details:: Requirements and Troubleshooting - - A Docker daemon and bash are required. - - On Windows, use bash inside `WSL `_. - - .. code-block:: bash - :name: cb-docker-cli-download - - curl -fsSL -o robusta https://docs.robusta.dev/master/_static/robusta - chmod +x robusta - ./robusta gen-config {{ gen_config_flags }} - -You should now have a ``generated_values.yaml`` file with a Robusta config. **Save this file!** -You'll need it to install Robusta on new clusters. - -This file contains sensitive values. Refer to :ref:`Managing Secrets` for tips on protecting them. diff --git a/docs/setup-robusta/installation/_helm_install_no_prometheus.inc.rst b/docs/setup-robusta/installation/_helm_install_no_prometheus.inc.rst deleted file mode 100644 index 9a7d20ab3..000000000 --- a/docs/setup-robusta/installation/_helm_install_no_prometheus.inc.rst +++ /dev/null @@ -1,97 +0,0 @@ -.. updated to .inc.rst because of "WARNING: duplicate label" - -Install with Helm ------------------------------- - -Copy the below commands, replacing the ```` placeholder. - -On some clusters this can take a while, so don't panic if it appears stuck: - -.. tab-set:: - - .. tab-item:: Normal Clusters - :name: install-standard - - .. code-block:: bash - :name: cb-helm-install-only-robusta - - helm repo add robusta https://robusta-charts.storage.googleapis.com && helm repo update - helm install robusta robusta/robusta -f ./generated_values.yaml --set clusterName= - - .. tab-item:: EKS - :name: install-eks - - To use all Robusta features, ensure storage is enabled on your cluster. If necessary, refer to the EKS documentation and install the `EBS CSI add-on `_ - - .. details:: How do I know if my cluster has storage enabled? - - Try installing Robusta. If storage is not configured, you'll receive an error: - - .. code-block:: - - PreBind plugin "VolumeBinding": binding volumes: timed out waiting for the condition - - Running ``kubectl get pvc -A`` will also show PersistentVolumeClaims in ``Pending`` state. - - In this case, follow the instructions above and enable storage for your cluster. - - .. code-block:: bash - :name: cb-helm-install-eks - - helm repo add robusta https://robusta-charts.storage.googleapis.com && helm repo update - helm install robusta robusta/robusta -f ./generated_values.yaml --set clusterName= - - .. tab-item:: GKE Autopilot - :name: install-gke-autopilot - - Due to Autopilot restrictions, some components are disabled. Don't worry, everything will still work. - - .. code-block:: bash - :name: cb-helm-install-gke-autopilot - - helm repo add robusta https://robusta-charts.storage.googleapis.com && helm repo update - helm install robusta robusta/robusta -f ./generated_values.yaml \ - --set clusterName= \ - --set kube-prometheus-stack.coreDns.enabled=false \ - --set kube-prometheus-stack.kubeControllerManager.enabled=false \ - --set kube-prometheus-stack.kubeDns.enabled=false \ - --set kube-prometheus-stack.kubeEtcd.enabled=false \ - --set kube-prometheus-stack.kubeProxy.enabled=false \ - --set kube-prometheus-stack.kubeScheduler.enabled=false \ - --set kube-prometheus-stack.nodeExporter.enabled=false \ - --set kube-prometheus-stack.prometheusOperator.kubeletService.enabled=false - - .. tab-item:: OpenShift - :name: install-openshift - - First :ref:`modify the Helm values to enable OpenShift support`. - - Then install Robusta as usual with Helm: - - .. code-block:: bash - :name: cb-helm-install-openshift - - helm repo add robusta https://robusta-charts.storage.googleapis.com && helm repo update - helm install robusta robusta/robusta -f ./generated_values.yaml --set clusterName= - - .. tab-item:: Local/Test Cluster - :name: install-test-clusters - - Test clusters tend to have fewer resources. To lower Robusta's resource requests, set ``isSmallCluster=true``. - - .. code-block:: bash - :name: cb-helm-install-test-clusters - - helm repo add robusta https://robusta-charts.storage.googleapis.com && helm repo update - helm install robusta robusta/robusta -f ./generated_values.yaml --set clusterName= --set isSmallCluster=true --set holmes.resources.requests.memory=512Mi - -Verifying Installation ------------------------------- - -Confirm that Robusta pods are running with no errors in the logs: - -.. code-block:: bash - :name: cb-get-pods-robusta-logs - - kubectl get pods -A | grep robusta - robusta logs diff --git a/docs/setup-robusta/installation/_helm_install_with_prometheus.inc.rst b/docs/setup-robusta/installation/_helm_install_with_prometheus.inc.rst deleted file mode 100644 index 243896776..000000000 --- a/docs/setup-robusta/installation/_helm_install_with_prometheus.inc.rst +++ /dev/null @@ -1,109 +0,0 @@ -.. updated to .inc.rst because of "WARNING: duplicate label" - -Install with Helm ------------------------------- - -Copy the below commands, replacing the ```` placeholder. - -On some clusters this can take a while, so don't panic if it appears stuck: - -.. tab-set:: - - .. tab-item:: Normal Clusters - :name: install-standard - - .. code-block:: bash - :name: cb-helm-install-only-robusta - - helm repo add robusta https://robusta-charts.storage.googleapis.com && helm repo update - helm install robusta robusta/robusta -f ./generated_values.yaml --set clusterName= - - .. tab-item:: EKS - :name: install-eks - - To use all Robusta features, ensure storage is enabled on your cluster. If necessary, refer to the EKS documentation and install the `EBS CSI add-on `_ - - .. details:: How do I know if my cluster has storage enabled? - - Try installing Robusta. If storage is not configured, you'll receive an error: - - .. code-block:: - - PreBind plugin "VolumeBinding": binding volumes: timed out waiting for the condition - - Running ``kubectl get pvc -A`` will also show PersistentVolumeClaims in ``Pending`` state. - - In this case, follow the instructions above and enable storage for your cluster. - - .. code-block:: bash - :name: cb-helm-install-eks - - helm repo add robusta https://robusta-charts.storage.googleapis.com && helm repo update - helm install robusta robusta/robusta -f ./generated_values.yaml --set clusterName= - - .. tab-item:: GKE Autopilot - :name: install-gke-autopilot - - Due to Autopilot restrictions, some components are disabled. Don't worry, everything will still work. - - .. code-block:: bash - :name: cb-helm-install-gke-autopilot - - helm repo add robusta https://robusta-charts.storage.googleapis.com && helm repo update - helm install robusta robusta/robusta -f ./generated_values.yaml \ - --set clusterName= \ - --set kube-prometheus-stack.coreDns.enabled=false \ - --set kube-prometheus-stack.kubeControllerManager.enabled=false \ - --set kube-prometheus-stack.kubeDns.enabled=false \ - --set kube-prometheus-stack.kubeEtcd.enabled=false \ - --set kube-prometheus-stack.kubeProxy.enabled=false \ - --set kube-prometheus-stack.kubeScheduler.enabled=false \ - --set kube-prometheus-stack.nodeExporter.enabled=false \ - --set kube-prometheus-stack.prometheusOperator.kubeletService.enabled=false - - .. tab-item:: OpenShift - :name: install-openshift - - First :ref:`modify the Helm values to enable OpenShift support`. - - Then install Robusta as usual with Helm: - - .. code-block:: bash - :name: cb-helm-install-openshift - - helm repo add robusta https://robusta-charts.storage.googleapis.com && helm repo update - helm install robusta robusta/robusta -f ./generated_values.yaml --set clusterName= - - .. tab-item:: Local/Test Cluster - :name: install-test-clusters - - Test clusters tend to have fewer resources. To lower Robusta's resource requests, set ``isSmallCluster=true``. - - .. code-block:: bash - :name: cb-helm-install-test-clusters - - helm repo add robusta https://robusta-charts.storage.googleapis.com && helm repo update - helm install robusta robusta/robusta -f ./generated_values.yaml --set clusterName= --set isSmallCluster=true \ - --set kube-prometheus-stack.prometheus.prometheusSpec.retentionSize=9GB \ - --set kube-prometheus-stack.prometheus.prometheusSpec.storageSpec.volumeClaimTemplate.spec.resources.requests.storage=10Gi \ - --set kube-prometheus-stack.prometheus.prometheusSpec.resources.requests.memory=512Mi - --set holmes.resources.requests.memory=512Mi - - .. note:: - If you are using docker desktop you will need to disable prometheus-node-exporter mounting host root, by adding the following to the above command: - - .. code-block:: bash - :name: disable host mount - - --set kube-prometheus-stack.prometheus-node-exporter.hostRootFsMount.enabled=false - -Verifying Installation ------------------------------- - -Confirm that Robusta pods are running with no errors in the logs: - -.. code-block:: bash - :name: cb-get-pods-robusta-logs - - kubectl get pods -A | grep robusta - robusta logs diff --git a/docs/setup-robusta/installation/all-in-one-installation.rst b/docs/setup-robusta/installation/all-in-one-installation.rst deleted file mode 100644 index 1a894b795..000000000 --- a/docs/setup-robusta/installation/all-in-one-installation.rst +++ /dev/null @@ -1,36 +0,0 @@ -:tocdepth: 2 - -.. _install-all-in-one: - -Install Robusta + Prometheus -#################################### -*Estimated time: 5 minutes* - -Setup Kubernetes monitoring from scratch. Install Robusta, Prometheus, and Grafana on Kubernetes using Helm. This is the recommended setup for users that are setting up Kubernetes monitoring from scratch. - -Prerequisites ---------------------- - -* A :ref:`supported Kubernetes cluster ` -* Helm - -.. jinja:: - :inline-ctx: { "gen_config_flags": "--enable-prometheus-stack" } - :header_update_levels: - :file: setup-robusta/installation/_generate_config.jinja - -Enable Prometheus Stack ------------------------------- - -Add the following to your ``generated_values.yaml`` file: - -.. code-block:: yaml - - enablePrometheusStack: true - -.. include:: ./_helm_install_with_prometheus.inc.rst - -Next Steps ---------------------------------- - -:doc:`Investigate your alerts with AI ` diff --git a/docs/setup-robusta/installation/dev-setup.rst b/docs/setup-robusta/installation/dev-setup.rst deleted file mode 100644 index cbc64879d..000000000 --- a/docs/setup-robusta/installation/dev-setup.rst +++ /dev/null @@ -1,110 +0,0 @@ -Build from Source -################################################### - -Install Robusta from source to develop new features for the Robusta Engine (robusta-runner). - -To install Robusta as a user, follow :ref:`install-all-in-one` instead. - -To develop new playbook actions, you don't need to install from source. Refer to :ref:`Developing New Actions`. - -Using Mirrord (Recommended) -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - -Use `mirrord `_ to build and test Robusta on your local machine: - -1. :ref:`Install Robusta normally with Helm ` - -2. Clone Robusta's source code: ``git clone https://github.com/robusta-dev/robusta.git && cd robusta`` - -3. Run Robusta via mirrord ``./run_runner_locally.sh`` and follow the instructions in your terminal. - -Developing Playbooks Locally ---------------------------------- - -1. Run Robusta with mirrord, as described above - -2. Add a local playbooks directory to ``deployment/playbooks/active_playbooks.yaml``: - -.. code-block:: - - # this example shows how to locally develop https://github.com/robusta-dev/kubernetes-chatgpt-bot - playbook_repos: - chatgpt_robusta_actions: - url: "file:///path/to/kubernetes-chatgpt-bot" - -3. To apply changes to your playbook without restarting Robusta, simply run: ``touch deployment/playbooks/active_playbooks.yaml``. - -.. details:: Common Errors - - .. tab-set:: - - .. tab-item:: objc fork() Crash - - This error occurs on macOS devices with Apple Silicon. It's related to security restrictions on multi-threading involving fork() in Python. - - **Solution:** - - To resolve this issue, set the following environment variable in your project's environment variables: - - ``OBJC_DISABLE_INITIALIZE_FORK_SAFETY=YES`` - - **Setting the Environment Variable in IDEs:** - - - **PyCharm:** - - In PyCharm, go to 'Run' -> 'Edit Configurations', then find your project's configuration. Under 'Environment variables', add: ``OBJC_DISABLE_INITIALIZE_FORK_SAFETY=YES``. - - - **VSCode:** - - In VSCode, modify your `.vscode/launch.json` file by adding the following line to your configuration settings: ``"env": {"OBJC_DISABLE_INITIALIZE_FORK_SAFETY": "YES"}``. - - .. tab-item:: Pillow/libjpeg Errors - - Occurs on Mac OS if dependencies are missing. Run ``brew install libjpeg``. - - .. tab-item:: NotADirectoryError: [Errno 20] - - Sometimes, when attaching a debugger to Robusta the following error occurs: ``NotADirectoryError: [Errno 20] Not a directory`` - - If this occurs, disable the ``Attach to subprocess`` option on your debugger. - -Using Skaffold (Alternative to Using mirrord) -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - -Instead of running Robusta locally with mirrord, you can test Robusta inside a Kubernetes cluster using Skaffold: - -1. ``git clone`` the source code. -2. Install `skaffold `_ and `helm `_ -3. Run ``helm repo add prometheus-community https://prometheus-community.github.io/helm-charts`` -4. Run ``robusta gen-config`` and copy the result to ``deployment/generated_values.yaml`` -5. Run ``skaffold run --tail``. On M1 Macs, add ``-p apple-m1-dev`` - -Alert Simulation -^^^^^^^^^^^^^^^^^^ - -To simulate a Prometheus alerts and cause relevant playbooks to run: - -.. code-block:: - - poetry run robusta demo-alert --alert=Test123 --labels=label1=123,label2=abc - -If running multiple times in a row, change a label value each time so that AlertManager doesn't supress retransmissions. - -CLI Development -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -To develop the ``robusta`` cli: - -1. ``git clone`` the source code -2. ``poetry install`` -3. ``poetry run robusta`` - -.. details:: Alternative method, using pip not poetry - - Install the ``robusta`` cli into your global python environment: - - 1. ``git clone`` the source code - 2. ``pip3 install .`` - -Running Tests -^^^^^^^^^^^^^^^^^^^^ -See ``tests/README.md`` diff --git a/docs/setup-robusta/installation/index.rst b/docs/setup-robusta/installation/index.rst index abb810893..10ef78996 100644 --- a/docs/setup-robusta/installation/index.rst +++ b/docs/setup-robusta/installation/index.rst @@ -1,33 +1,26 @@ -:hide-toc: - :hide-footer: +:tocdepth: 2 + .. _install: +.. _install-barebones: -Installation Guides -==================== +Install Robusta +================ -.. toctree:: - :maxdepth: 1 - :hidden: +Use Robusta's AI Agent alongside any observability stack — DataDog, NewRelic, Prometheus, SolarWinds, and more. - standalone-installation - all-in-one-installation - dev-setup +Prerequisites +--------------------- -.. grid:: 1 1 2 2 - :gutter: 2 +* A Kubernetes cluster +* Helm - .. grid-item-card:: Install Robusta - :class-card: sd-bg-text-light - :link: standalone-installation - :link-type: doc +Sign Up and Install +--------------------- - Use Robusta's AI Agent alongside any observability stack - DataDog, NewRelic, Prometheus, SolarWinds, and more. +Sign up `for a free Robusta account ↗ `_ and follow the install wizard. It generates a ``generated_values.yaml`` file and provides the Helm install commands tailored to your cluster. - .. grid-item-card:: Install Robusta + Prometheus - :class-card: sd-bg-text-light - :link: all-in-one-installation - :link-type: doc +.. note:: - For brand new environments without existing observability. Five minute setup. Great default alerts. + **Save your generated_values.yaml file** — you'll need it to install Robusta on new clusters or upgrade. It contains sensitive values; refer to :ref:`Managing Secrets` for tips on protecting them. diff --git a/docs/setup-robusta/installation/standalone-installation.rst b/docs/setup-robusta/installation/standalone-installation.rst deleted file mode 100644 index c2feb08ba..000000000 --- a/docs/setup-robusta/installation/standalone-installation.rst +++ /dev/null @@ -1,26 +0,0 @@ -:tocdepth: 2 - -.. _install-barebones: - -Install Robusta -############### - -Prerequisites ---------------------- - -* A :ref:`supported Kubernetes cluster ` -* Helm - -.. jinja:: - :inline-ctx: {"gen_config_flags": "--no-enable-prometheus-stack"} - :header_update_levels: - :file: setup-robusta/installation/_generate_config.jinja - -.. include:: ./_helm_install_no_prometheus.inc.rst - - -Next Steps ---------------------------------- - -1. :doc:`Send alerts to Robusta ` -2. :doc:`Investigate your alerts with AI ` \ No newline at end of file diff --git a/docs/setup-robusta/multi-cluster.rst b/docs/setup-robusta/multi-cluster.rst index 10d31c24c..6cbf20ec9 100644 --- a/docs/setup-robusta/multi-cluster.rst +++ b/docs/setup-robusta/multi-cluster.rst @@ -21,18 +21,11 @@ Installing Robusta on multiple clusters .. warning:: - Do **not** run ``robusta gen-config`` separately for each cluster. That will give each cluster a unique ``generated_values.yaml`` which you don't want! + Set a unique ``clusterName`` on each cluster (via ``--set clusterName=``). The rest of ``generated_values.yaml`` stays the same across all clusters — that's how the Robusta UI groups them under the same account. Frequently Asked Questions ---------------------------- -Why not run ``robusta gen-config`` separately for each cluster? -****************************************************************** - -Each time you run ``robusta gen-config``, it creates a new account ID. The Robusta UI groups all your clusters by that ID. - -If you run ``robusta gen-config`` once per cluster, you wont be able to view all your clusters together. - Where is my ``generated_values.yaml``? ******************************************************* diff --git a/docs/setup-robusta/openshift.rst b/docs/setup-robusta/openshift.rst index f479f3af9..d59abfb17 100644 --- a/docs/setup-robusta/openshift.rst +++ b/docs/setup-robusta/openshift.rst @@ -41,7 +41,11 @@ A test installation in OpenShift can use the existing SCC ``anyuid``. Optional: Giving Robusta extra debug permissions --------------------------------------------------------- -Some lesser used Robusta features require more permissions than the baseline SCC provides. +.. note:: + + This section only applies to Robusta Classic. The privileged SCC below is needed for a few Classic playbooks and is not relevant for HolmesGPT-based investigations. + +Some lesser used Robusta Classic features require more permissions than the baseline SCC provides. In order to support the ``python_debugger``, ``java_debugger`` and ``node_disk_analyzer`` playbooks, permission to run a far more privileged container needs to be granted to diff --git a/docs/setup-robusta/privacy-and-security.rst b/docs/setup-robusta/privacy-and-security.rst index ac1799774..710826995 100644 --- a/docs/setup-robusta/privacy-and-security.rst +++ b/docs/setup-robusta/privacy-and-security.rst @@ -8,27 +8,6 @@ Robusta was designed with security in mind. Our four guiding security principles 3. **Design for security:** Secure systems are designed to be secure from day one. Discuss security when planning new features. 4. **Experience matters:** Hire engineers who have built secure enterprise platforms before. Make security a core part of company culture. -Data Privacy -******************** -The Robusta Open Source doesn't store persistent information itself. -Information is sent to destinations (sinks) like Slack or MSTeams, and they are responsible for storing it. - -By default, the following data is sent to sinks. It can be customized if necessary. - -- Prometheus alerts -- Alert enrichments, or insights. (Example: an alert for high memory usage will include a memory graph.) -- Technical events from Kubernetes itself. (Example: notifications on crashing pods, K8s warning events.) -- Logs from unhealthy pods. (Note: Robusta does *not* gather logs continuously, rather only from crashing or misbehaving pods.) - -SaaS UI ----------- -When the Robusta SaaS platform is enabled (optional), it receives the above data, as well as metadata about nodes and workloads in your cluster. -This is used, for example, to show you when deployments were updated and what YAML fields changed. - -All data in the SaaS platform is encrypted at rest and stored in accordance with industry standards. - -If necessary, the SaaS UI can be run on-prem as part of our paid plans. Contact support@robusta.dev for details. - Running Robusta in Airgapped Environments ****************************************** Refer to :ref:`Deploying Behind Proxies`. @@ -39,71 +18,11 @@ Handling Secrets in Robusta's Helm Values ****************************************** Refer to :ref:`Managing Secrets`. -Censoring Sensitive Data -************************* - -Pod logs gathered by Robusta can be censored using `Python regular expressions `_. For example, a payment processing pod might have credit card numbers or other sensitive information in its logs. These can be automatically sanitized before they appear in notifications. - -How to Enable Log Censoring for All Logs ------------------------------------------ - -To censor sensitive information in all logs, add the following to your Helm values file: - -.. code-block:: yaml - - globalConfig: - regex_replacement_style: SAME_LENGTH_ASTERISKS # Alternative: NAMED - regex_replacer_patterns: - - name: CreditCard - regex: "[0-9]{4}[- ][0-9]{4}[- ][0-9]{4}[- ][0-9]{4}" - - name: Email - regex: "[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}" - - name: UUID - regex: "[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" - -After adding these values, perform a Helm upgrade: - -.. code-block:: bash - - helm upgrade robusta robusta/robusta -f values.yaml - -Example: Before and After Censoring ------------------------------------- - -Given the following pod log: - -.. code-block:: - - # Original pod log: - 2022-07-28 08:24:45.283 INFO user's uuid: '193836d9-9cce-4df9-a454-c2edcf2e80e5' - 2022-07-28 08:35:00.762 INFO Customer email: user@example.com - 2022-07-28 08:35:01.090 INFO Payment processed with card: 4111-1111-1111-1111 - -The censored output will appear as: - -.. code-block:: - - # Using SAME_LENGTH_ASTERISKS style: - 2022-07-28 08:24:45.283 INFO user's uuid: '************************************' - 2022-07-28 08:35:00.762 INFO Customer email: **************** - 2022-07-28 08:35:01.090 INFO Payment processed with card: ******************* - - # Using NAMED style: - 2022-07-28 08:24:45.283 INFO user's uuid: '[UUID]' - 2022-07-28 08:35:00.762 INFO Customer email: [Email] - 2022-07-28 08:35:01.090 INFO Payment processed with card: [CreditCard] - -**Note:** This censoring applies to logs displayed in Robusta's built-in notifications, including those shown by the following Robusta actions: - -- :code:`logs_enricher` - Shows container logs in various alerts -- :code:`report_crash_loop` - Shows container logs for crashing pods - Limiting Robusta's Access in Your Cluster ******************************************* To reduce the permissions that Robusta needs in your cluster: -1. Set ``monitorHelmReleases: false`` in Robusta's Helm values file. (Monitoring helm releases is an optional feature that requires granting Robusta access to K8s secrets containing helm metadata.) -2. On OpenShift you can deploy Robusta with a limited SCC - refer to :ref:`OpenShift` +- On OpenShift you can deploy Robusta with a limited SCC - refer to :ref:`OpenShift` To further limit Robusta's permissions, :ref:`speak to our team for guidance `. diff --git a/docs/setup-robusta/proxies.rst b/docs/setup-robusta/proxies.rst index fae25a68e..d88eafdcd 100644 --- a/docs/setup-robusta/proxies.rst +++ b/docs/setup-robusta/proxies.rst @@ -1,31 +1,30 @@ Deploying Behind Proxies ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -Robusta requires internet access in the following cases: - -* Robusta SaaS is enabled -* Robusta is configured to send notifications to services such as Slack (via :ref:`sinks `) - If your Kubernetes cluster is behind an HTTP proxy or firewall, follow the instructions below to ensure Robusta and HolmesGPT has the necessary access. -Configuring Proxy Settings for Robusta +Configuring Proxy Settings ---------------------------------------- -Outbound traffic from Robusta is handled by the `robusta-runner` deployment. - -To configure proxy settings for `robusta-runner`, set the `HTTP_PROXY` and `HTTPS_PROXY` environment variables. You can do so with one of the following Helm values: +Set the ``HTTP_PROXY`` and ``HTTPS_PROXY`` environment variables in your Helm values: -* ``runner.additional_env_vars`` - to set one environment variable at a time -* ``runner.additional_env_froms`` - to set many environment variables at once +.. code-block:: yaml -Configuring Proxy Settings for HolmesGPT ----------------------------------------- - -Set the `HTTP_PROXY` and `HTTPS_PROXY` environment variables. You can do so with the following Helm values: + runner: + additional_env_vars: + - name: HTTP_PROXY + value: "http://your-proxy:port" + - name: HTTPS_PROXY + value: "http://your-proxy:port" -* ``holmes.additionalEnvVars`` - to set one environment variable at a time + holmes: + additionalEnvVars: + - name: HTTP_PROXY + value: "http://your-proxy:port" + - name: HTTPS_PROXY + value: "http://your-proxy:port" -Either Helm value can be used, depending on your preference. See `this GitHub issue for details and an example configuration `_. +To set many variables at once, ``runner.additional_env_froms`` accepts a Kubernetes ``envFrom`` source. See `this GitHub issue `_ for details and examples. Domains Used by Robusta Saas UI --------------------------------- @@ -39,7 +38,4 @@ If you are using Robusta SaaS, ensure that your network allows access to the fol Running Robusta in Air-Gapped or Offline Environments ------------------------------------------------------------------------------ -You can run Robusta entirely offline if the following conditions are met: - -* No external sinks are configured (e.g., services on the public internet). -* The Robusta UI is either disabled or running on-premise. +Contact support@robusta.dev for self-hosted deployment options that work in air-gapped or offline environments. diff --git a/docs/setup-robusta/supported-clusters.rst b/docs/setup-robusta/supported-clusters.rst deleted file mode 100644 index a955824d8..000000000 --- a/docs/setup-robusta/supported-clusters.rst +++ /dev/null @@ -1,22 +0,0 @@ -Supported Clusters -################################ - -Robusta supports all Kubernetes distributions other than Minikube, including: - -* EKS -* GKE -* AKS -* Civo Cloud -* Digital Ocean -* KIND -* RKE -* :ref:`Openshift ` - -Minikube -========== -We don't recommend installing Robusta on Minikube, due to a Minikube bug. For more details, refer to `this GitHub issue `_. - -Instead, we recommend testing Robusta with KIND. - - -.. TODO add details here about silencing for specific providers diff --git a/docs/setup-robusta/tuning-performance.rst b/docs/setup-robusta/tuning-performance.rst index 67fe87175..93dec12b7 100644 --- a/docs/setup-robusta/tuning-performance.rst +++ b/docs/setup-robusta/tuning-performance.rst @@ -1,5 +1,5 @@ -Monitoring Large Clusters -========================= +Deploying on Large Clusters +=========================== Memory Allocation on Big Clusters ---------------------------------- diff --git a/docs/setup-robusta/upgrade.rst b/docs/setup-robusta/upgrade.rst index d9d6a40e3..992d16fdb 100644 --- a/docs/setup-robusta/upgrade.rst +++ b/docs/setup-robusta/upgrade.rst @@ -8,10 +8,7 @@ On rare occasions, in addition to a ``helm upgrade``, some manual steps are requ Does my upgrade require manual steps? ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -You will need to perform a :ref:`Manual Upgrade` when both: - -* Robusta's installation fails with a ``com.coreos.monitoring.v1.Prometheus.spec`` error. -* The embedded Prometheus is enabled (``enablePrometheusStack: true``) +A :ref:`Manual Upgrade` is only relevant for older Robusta Classic installs that bundled ``kube-prometheus-stack`` (``enablePrometheusStack: true``). You'll know you need it if ``helm upgrade`` fails with a ``com.coreos.monitoring.v1.Prometheus.spec`` error. In all other cases, you can do a :ref:`Simple Upgrade` and no more. @@ -45,19 +42,21 @@ Verify that Robusta is running and there are no errors in the logs: .. code-block:: bash - robusta logs + kubectl logs -n -l app=robusta-runner Manual Upgrade ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -In addition to running ``helm upgrade``, some version updates require additional steps. +.. note:: + + This section only applies to older Robusta Classic installs that bundled ``kube-prometheus-stack`` (``enablePrometheusStack: true``). New installs do not need this. Why are manual upgrades necessary? ------------------------------------ -Robusta bundles kube-prometheus-stack, which uses `CRDs `_. -Helm can't update CRDs, so we update them ourselves. See the `Helm Documentation on CRDs `_ for details. +Older Robusta Classic versions bundled kube-prometheus-stack, which uses `CRDs `_. +Helm can't update CRDs, so we updated them manually. See the `Helm Documentation on CRDs `_ for details. Manual upgrade instructions ---------------------------------- @@ -97,7 +96,7 @@ Manual upgrade instructions .. code-block:: bash - robusta logs + kubectl logs -n -l app=robusta-runner Installing pre-releases ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^