ldraney/pal-e-platform
1
0
Fork 0
Code Issues 91 Pull requests 5 Projects Releases Packages Wiki Activity Actions

Fix CNPG postgres metrics exporter (PodMonitor deprecation) #154

New issue
Open
opened 2026-03-24 20:07:05 +00:00 by forgejo_admin · 0 comments
forgejo_admin commented 2026-03-24 20:07:05 +00:00
Contributor
Copy link

Type

Feature

Lineage

plan-pal-e-platform -> Phase 16 -> 16e investigation

Repo

forgejo_admin/pal-e-platform

User Story

As a platform operator
I want CNPG postgres metrics scraped by Prometheus
So that the TargetDown alert clears and postgres observability is restored

Context

CNPG Cluster pal-e-postgres has enablePodMonitor: true but the auto-generated PodMonitor is being dropped by Prometheus (807 dropped targets). Port 9187 IS listening and serving valid Prometheus metrics over HTTP. enablePodMonitor is deprecated in CNPG 1.28 and will be removed.

Instance image: ghcr.io/cloudnative-pg/postgresql:17.4-1. Operator version: 1.28.1. Impact: Permanent TargetDown alert for postgres/pal-e-postgres.

Fix: Replace with manual PodMonitor kubernetes_manifest resource with proper selector labels. The metrics endpoint serves HTTP (not HTTPS), so no TLS config needed in the PodMonitor.

File Targets

Files to modify:

  • terraform/main.tf -- add manual PodMonitor resource, remove enablePodMonitor: true from CNPG cluster config

Acceptance Criteria

  • Manual PodMonitor resource created with correct selector labels
  • enablePodMonitor: true removed from CNPG cluster config
  • Prometheus scrapes CNPG metrics successfully (no TargetDown alert)
  • Metrics visible in Grafana postgres dashboard

Test Expectations

  • tofu plan shows PodMonitor creation and enablePodMonitor removal
  • tofu validate passes
  • Run command: tofu plan -lock=false

Constraints

  • PodMonitor must use HTTP scheme (not HTTPS) for port 9187
  • Selector labels must match CNPG pod labels exactly
  • Follow existing terraform patterns for kubernetes_manifest resources

Checklist

  • PR opened
  • Tests pass
  • No unrelated changes

Related

  • pal-e-platform -- parent project
  • phase-platform-16-alert-tuning -- source investigation
### Type Feature ### Lineage `plan-pal-e-platform` -> Phase 16 -> 16e investigation ### Repo `forgejo_admin/pal-e-platform` ### User Story As a platform operator I want CNPG postgres metrics scraped by Prometheus So that the TargetDown alert clears and postgres observability is restored ### Context CNPG Cluster `pal-e-postgres` has `enablePodMonitor: true` but the auto-generated PodMonitor is being dropped by Prometheus (807 dropped targets). Port 9187 IS listening and serving valid Prometheus metrics over HTTP. `enablePodMonitor` is deprecated in CNPG 1.28 and will be removed. Instance image: `ghcr.io/cloudnative-pg/postgresql:17.4-1`. Operator version: 1.28.1. Impact: Permanent TargetDown alert for `postgres/pal-e-postgres`. Fix: Replace with manual `PodMonitor` kubernetes_manifest resource with proper selector labels. The metrics endpoint serves HTTP (not HTTPS), so no TLS config needed in the PodMonitor. ### File Targets Files to modify: - `terraform/main.tf` -- add manual PodMonitor resource, remove `enablePodMonitor: true` from CNPG cluster config ### Acceptance Criteria - [ ] Manual PodMonitor resource created with correct selector labels - [ ] `enablePodMonitor: true` removed from CNPG cluster config - [ ] Prometheus scrapes CNPG metrics successfully (no TargetDown alert) - [ ] Metrics visible in Grafana postgres dashboard ### Test Expectations - [ ] `tofu plan` shows PodMonitor creation and enablePodMonitor removal - [ ] `tofu validate` passes - Run command: `tofu plan -lock=false` ### Constraints - PodMonitor must use HTTP scheme (not HTTPS) for port 9187 - Selector labels must match CNPG pod labels exactly - Follow existing terraform patterns for kubernetes_manifest resources ### Checklist - [ ] PR opened - [ ] Tests pass - [ ] No unrelated changes ### Related - `pal-e-platform` -- parent project - `phase-platform-16-alert-tuning` -- source investigation
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
fix-gem-bin-path
netpol-westside-ror
fix-woodpecker-multi-pipeline
345-harbor-mobile-css
290-payment-pipeline-observability
spec-board-centric-renderer
284-fix-add-pal-e-docs-namespace-to-postgres
284-add-pal-e-docs-postgres-netpol
188-cross-repo-worktree-isolation-for-parall
111-fix-keycloak-probe
86-fix-rotate-woodpecker-api-token-in-salt
71-feat-deploy-pyrra-slo-manager-with-servi
64-hotfix-woodpecker-oauth-login-broken-for
18-fix-grafana-duplicate-default-datasource-v2
18-fix-grafana-duplicate-default-datasource
13-fix-cnpg-all-parameters
No results found.
Labels
Clear labels   
domain:backend

   
domain:devops

   
domain:frontend

   
status:approved

QA passed, awaiting merge approval

  
status:in-progress

Dev agent is actively working

  
status:needs-fix

QA found issues, back to dev

  
status:qa

PR submitted, awaiting QA review

  
type:bug

Bug fix

  
type:devops

Infrastructure/CI/config work

  
type:feature

New functionality

No labels
domain:backend
domain:devops
domain:frontend
status:approved
status:in-progress
status:needs-fix
status:qa
type:bug
type:devops
type:feature
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
ldraney/pal-e-platform#154
No description provided.