Node Monitoring Device

Prerequisites

We recommend the following for running a node monitoring device:

  • 2 or more CPU cores

  • At least 40G of disk storage

  • At least 4G of memory

  • At least 10mbps network bandwidth

  • Have to be setup in a separate environment from validator nodes/sentry nodes

Before setting up a node monitoring device, you may take a look at the PundiX installation setup to setup the PundiX CLI.

Prometheus metrics

PundiX also supports the use of Prometheus metrics. This monitoring device allows you to keep up to date with you validator nodes especially the status and performance of your validator nodes.

More information on the list of available metrics and useful queries can be found here.

Deploy and Configure Monitoring Services

Before deploying monitoring program, install docker following the official docs.

Configure node services

User should git clone pundix from Github first!

The config.toml file is in the /.pundix directory and the prometheus.yml file is in /pundix directory.

To enable the Prometheus metrics, set prometheus=true in your config file $HOME/.pundix/config/config.toml. Through setting the prometheus_listen_addr in the config file, you may choose the port for you to monitor your node. It is defaulted to port 26660.

In the file ./pundix/develop/prometheus/prometheus.yml you can configure the target node(s) IP address, multiple nodes can be added in the following format.

For example:

static_configs:
      - targets: [ "<IP_ADDRESS_1>:26660"]
        labels:
          name: validator-01
          chain_id: PUNDIX
      - targets: [ "<IP_ADDRESS_2>:26660"]
        labels:
          name: sentry-01
          chain_id: PUNDIX
      - targets: [ "<IP_ADDRESS_3>:26660"]
        labels:
          name: sentry-02
          chain_id: PUNDIX

Telegram Administrator and Bot Configuration

In the file ./pundix/develop/docker-compose.yaml under alertmanager-bot - environment are the variables TELEGRAM_ADMIN and TELEGRAM_TOKEN:

  • For example:

    alertmanager-bot:
        container_name: alertmanager-bot
        image: metalmatze/alertmanager-bot:0.4.3
        command:
          - '--alertmanager.url=http://pundix@alertmanager:9093/'
          - '--store=bolt'
          - '--bolt.path=/data/bot.db'
          - '--template.paths=/templates/default.tmpl'
          - '--listen.addr=0.0.0.0:9091'
        environment:
          TELEGRAM_ADMIN: "XXXXXX\nAdmin1USERID\nAdmin2USERID"
          TELEGRAM_TOKEN: "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"

  • TELEGRAM_ADMIN: The Telegram user id for the admin (not the bot itself, you, the user). The bot will only reply to messages sent from an admin. All other messages are dropped and logged on the bot's console. Your can get your user id from @userinfobot.

  • TELEGRAM_TOKEN: Token you get from @botfather

  • For more information with regards to the telegram bot, see here and here:

Access the monitoring services

Should you not want to change the default username and password, you can start the monitoring service by using the following command:

docker-compose -f ./pundix/develop/docker-compose.yaml -p pundix-node-monitor up -d

  • Open port :9095 (for example http:// <your_IP_address>:9095) and you will see the prometheus page. Here you can see all the defined alarm rules. You can change these rules in the file ./pundix/develop/prometheus/rules/pundix-chain-alerts.yml. The default username and password are px and pundix respectively.

  • Open port :9093 (for example http:// <your_IP_address>:9093) and you will see the alertmanager page. You can manage alarm notifications here. The default username and password are px and pundix respectively.

  • Open port :3000 (for example http:// <your_IP_address>:3000) and you will see the grafana page.

  • The default username and password are both admin, once you have logged in you will be asked to set a new password.

  • After setting a new password, you can go into Dashboards > Manage and select 'PundiX Chain Dashboard'. Here you can see a dashboard of various indicators and information of a selected node.

  • You may find out the details of <your_IP_address>.

  • Authorise inbound traffic for the following ports ranges 9091, 9093, 3000 for <your_IP_address> in node monitoring device. you can also allow the port range 26660 for <node_monitoring_public_ip> in the validator instance.

Changing The Default Passwords for Prometheus and Alertmanager

DO NOT use $ in any of your passwords, as it will not work with the alertmanager.url

You can change the default username and password in the file ./pundix/develop/prometheus/web-config.yml with the following format:

basic_auth_users:
  <username>: <password_hashed_with_bcrypt>

# for example
basic_auth_users:
  px: $2y$10$xCpE/Q5UGHxO1qKR5av2DOJGqTkb6E5G/Dc9VT1AZQxNlQJwQpb0q

How to hash with bcrypt:

  1. install apache2

  2. input this command htpasswd -nBC 10 "" | tr -d ':\\n'

  3. type in password

  4. copy hash

For more info on prometheus web-configuration see this link.

If you changed the username and password in the web-config.yamlfile there are 3 other areas where you need to update as well.

Grafana

For grafana to be able to get data from prometheus you will need to update the username and password in the file ./pundix/develop/grafana/provisioning/datasources/datasource.yml

The password here is in text format and does not need to be hashed.

For example:

# <string> basic auth username, if used
basicAuthUser: px

# <string> basic auth password, if used
basicAuthPassword: pundix

Prometheus

For prometheus to be able to send alerts to alertmanager you will need to update the username and password in the file ./pundix/develop/prometheus/prometheus.yml

For example:

The password here is in text format and does not need to be hashed.

# Alertmanager configuration
alerting:
  alertmanagers:
    # Sets the `Authorization` header on every request with the
    # configured username and password.
    # password and password_file are mutually exclusive.
    - scheme: http
      basic_auth:
        username: px
        password: pundix
      static_configs:
        - targets:
            - alertmanager:9093

Alertmanager-bot

For the telegram bot to be able to obtain information from the alertmanager you will need to update the username and password within the --alertmanager.url in the ./pundix/develop/docker-compose.yaml file. Also you may update the alert-manager-bot.

For example:

The password here is in text format and does not need to be hashed

Under alertmanager-bot, command you will find --alertmanager.url:

command:
	-'--alertmanager.url=http://<username>:<password>@alertmanager:9093/'

EXAMPLE
alertmanager-bot:
    container_name: alertmanager-bot
    image: metalmatze/alertmanager-bot:0.4.3
    command:
      - '--alertmanager.url=http://px:pundix@alertmanager:9093/'

DO NOT use $ in any of your passwords, as it will not work with the alertmanager.url

Commands

Start monitoring service:

docker-compose -f ./pundix/develop/docker-compose.yaml -p pundix-node-monitor up -d

Restart monitoring service:

docker-compose -f ./pundix/develop/docker-compose.yaml -p pundix-node-monitor restart

Stop monitoring service:

docker-compose -f ./pundix/develop/docker-compose.yaml -p pundix-node-monitor stop

Updating Node Monitoring Services

Do a update by pulling the latest code with the below command, whenever you are making changes to the telegram configuration under ./pundix/develop/docker-compose.yaml

# pull the latest code base
docker-compose -f ./pundix/develop/docker-compose.yaml -p pundix-node-monitor pull

# start the monitoring device
docker-compose -f ./pundix/develop/docker-compose.yaml -p pundix-node-monitor up -d

Ensure you have changed your passwords and also that your data source is configured correctly

Prometheus Rules

PreviousSnapshot GuideNextNode Peers

Last updated