stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 1 Releases Wiki Activity
Files
main
git.stella-ops.org/deploy/telemetry
History
master 7b5bdcf4d3 feat(docs): Add comprehensive documentation for Vexer, Vulnerability Explorer, and Zastava modules 
- Introduced AGENTS.md, README.md, TASKS.md, and implementation_plan.md for Vexer, detailing mission, responsibilities, key components, and operational notes.
- Established similar documentation structure for Vulnerability Explorer and Zastava modules, including their respective workflows, integrations, and observability notes.
- Created risk scoring profiles documentation outlining the core workflow, factor model, governance, and deliverables.
- Ensured all modules adhere to the Aggregation-Only Contract and maintain determinism and provenance in outputs.
2025-10-30 00:09:39 +02:00
..
storage
feat(docs): Add comprehensive documentation for Vexer, Vulnerability Explorer, and Zastava modules
2025-10-30 00:09:39 +02:00
.gitignore
Restructure solution layout by module
2025-10-28 15:10:40 +02:00
otel-collector-config.yaml
Restructure solution layout by module
2025-10-28 15:10:40 +02:00
README.md
Restructure solution layout by module
2025-10-28 15:10:40 +02:00

README.md

Telemetry Collector Assets

These assets provision the default OpenTelemetry Collector instance required by DEVOPS-OBS-50-001. The collector acts as the secured ingest point for traces, metrics, and logs emitted by StellaOps services.

Contents

File Purpose
otel-collector-config.yaml Baseline collector configuration (mutual TLS, OTLP receivers, Prometheus exporter).
storage/prometheus.yaml Prometheus scrape configuration tuned for the collector and service tenants.
storage/tempo.yaml Tempo configuration with multitenancy, WAL, and compaction settings.
storage/loki.yaml Loki configuration enabling multitenant log ingestion with retention policies.
storage/tenants/*.yaml Per-tenant overrides for Tempo and Loki rate/retention controls.

Development workflow

  1. Generate development certificates (collector + client) using ops/devops/telemetry/generate_dev_tls.sh.
  2. Launch the collector via docker compose -f docker-compose.telemetry.yaml up.
  3. Launch the storage backends (Prometheus, Tempo, Loki) via docker compose -f docker-compose.telemetry-storage.yaml up.
  4. Run the smoke test: python ops/devops/telemetry/smoke_otel_collector.py.
  5. Explore the storage configuration (storage/README.md) to tune retention/limits.

The smoke test sends OTLP traffic over TLS and asserts the collector accepted traces, metrics, and logs by scraping the Prometheus metrics endpoint.

Kubernetes

The Helm chart consumes the same configuration (see values.yaml). Provide TLS material via a secret referenced by telemetry.collector.tls.secretName, containing ca.crt, tls.crt, and tls.key. Client certificates are required for ingestion and should be issued by the same CA.