stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions Releases Wiki Activity
Files
691028fe6982aa129aebb8ad201da450b8df0a10
git.stella-ops.org/deploy/telemetry/storage/README.md
Vladimir Moushkov 691028fe69
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
feat: Document completed tasks across multiple components 
- Added completed tasks documentation for Scheduler WebService, ImpactIndex, Models, Queue, Storage.Mongo, Worker, Signals, Signer, UI, Zastava.Observer, Zastava.Webhook, Zastava.Core, Cryptography.Kms, Cryptography, and Plugin.
- Each task includes ID, status, owners, dependencies, descriptions, and exit criteria to ensure clarity and traceability.
- Enhanced integration and unit testing coverage across various components to validate functionality and compliance with specifications.
2025-10-30 18:20:31 +02:00

1.8 KiB
Raw Blame History

Telemetry Storage Stack

Configuration snippets for the default StellaOps observability backends used in staging and production environments. The stack comprises:

  • Prometheus for metrics (scraping the collector's Prometheus exporter)
  • Tempo for traces (OTLP ingest via mTLS)
  • Loki for logs (HTTP ingest with tenant isolation)

Files

Path Description
prometheus.yaml Scrape configuration for the collector (mTLS + bearer token placeholder).
tempo.yaml Tempo configuration with multitenancy enabled and local storage paths.
loki.yaml Loki configuration enabling per-tenant overrides and boltdb-shipper storage.
tenants/tempo-overrides.yaml Example tenant overrides for Tempo (retention, limits).
tenants/loki-overrides.yaml Example tenant overrides for Loki (rate limits, retention).
auth/ Placeholder directory for Prometheus bearer token files (e.g., token).

These configurations are referenced by the Docker Compose overlay (deploy/compose/docker-compose.telemetry-storage.yaml) and the staging rollout documented in docs/modules/telemetry/operations/storage.md. Adjust paths, credentials, and overrides before running in connected environments. Place the Prometheus bearer token in auth/token when using the Compose overlay (the directory contains a .gitkeep placeholder and is gitignored by default).

Run python ops/devops/telemetry/validate_storage_stack.py after editing any of these files to ensure TLS, multitenancy, and override references remain intact.

Security

  • Both Tempo and Loki require mutual TLS.
  • Prometheus uses mTLS plus a bearer token that should be minted by Authority.
  • Update the overrides files to enforce per-tenant retention/ingestion limits.

For comprehensive deployment steps see docs/modules/telemetry/operations/storage.md.