From 4a6557800e902ddbf043930261e68ae4dd49149a Mon Sep 17 00:00:00 2001
From: Sheogorath <sheogorath@shivering-isles.com>
Date: Mon, 30 Oct 2023 03:02:23 +0100
Subject: [PATCH] feat(keycloak): Add SLO to keycloak

---
 apps/k8s01/keycloak/kustomization.yaml |  1 +
 apps/k8s01/keycloak/slo.yaml           | 41 ++++++++++++++++++++++++++
 2 files changed, 42 insertions(+)
 create mode 100644 apps/k8s01/keycloak/slo.yaml

diff --git a/apps/k8s01/keycloak/kustomization.yaml b/apps/k8s01/keycloak/kustomization.yaml
index 9ffc71b2f..97852366e 100644
--- a/apps/k8s01/keycloak/kustomization.yaml
+++ b/apps/k8s01/keycloak/kustomization.yaml
@@ -6,5 +6,6 @@ resources:
   - keycloak-values.yaml
   - certificate.yaml
   - ../../../shared/resourcequotas/default.yaml
+  - slo.yaml
 patchesStrategicMerge:
 - database-override.yaml
diff --git a/apps/k8s01/keycloak/slo.yaml b/apps/k8s01/keycloak/slo.yaml
new file mode 100644
index 000000000..2dd2cfc2b
--- /dev/null
+++ b/apps/k8s01/keycloak/slo.yaml
@@ -0,0 +1,41 @@
+apiVersion: sloth.slok.dev/v1
+kind: PrometheusServiceLevel
+metadata:
+  name: requests-keycloak
+  namespace: keycloak
+spec:
+  service: "keycloak"
+  slos:
+    - name: "requests-availability"
+      objective: 98
+      description: "Keycloak: SLO based on availability for HTTP request responses."
+      sli:
+        events:
+          errorQuery: sum(rate(nginx_ingress_controller_requests{exported_namespace="keycloak",ingress="keycloak",status=~"(5..|429)"}[{{.window}}]))
+          totalQuery: sum(rate(nginx_ingress_controller_requests{exported_namespace="keycloak",ingress="keycloak"}[{{.window}}])) > 0 OR vector(1)
+      alerting:
+        name: KeycloakHighErrorRate
+        labels:
+          category: "availability"
+        annotations:
+          summary: "High error rate on 'keycloak' requests responses"
+    - name: "requests-latency"
+      objective: 95
+      description: "Keycloak: SLO based on latency for HTTP request responses. Warns if requests take longer than 250ms. When responses are slower than 200ms they become noticable slow."
+      labels:
+        category: latency
+      sli:
+        events:
+          errorQuery: |
+            (
+              sum(rate(nginx_ingress_controller_request_duration_seconds_count{exported_namespace="keycloak",ingress="keycloak",method!="WATCH"}[{{.window}}]))
+              -
+              sum(rate(nginx_ingress_controller_request_duration_seconds_bucket{exported_namespace="keycloak",ingress="keycloak",le="0.25",verb!="WATCH"}[{{.window}}]))
+            )
+          totalQuery: sum(rate(nginx_ingress_controller_request_duration_seconds_count{exported_namespace="keycloak",ingress="keycloak",method!="WATCH"}[{{.window}}])) > 0 OR vector(1)
+      alerting:
+        name: KeycloakLatencyAlert
+        labels:
+          category: "latency"
+        annotations:
+          summary: "Slow responses on 'keycloak' requests responses. More than 1% take more than 250ms."
\ No newline at end of file
-- 
GitLab