This topic describes the Healthwatch™ for VMware Tanzu® (Healthwatch) component configuration file properties that you configure through the Healthwatch tile.
Overview of Configuration Files in Healthwatch
The Prometheus, Alertmanager, and Grafana instances rely on configuration files. These configuration files contain lists of properties that define their configuration settings. When you configure certain options in the Healthwatch tile, those options configure their corresponding properties in the configuration files for those Healthwatch components.
Through the Healthwatch tile, you configure properties in the configuration files through the following panes:
-
Prometheus. For more information, see Configuring the the Prometheus Configuration File below.
-
Alertmanager. For more information, see Configuring the Alertmanager Configuration File below.
-
Grafana. For more information, see Configuring the Grafana Configuration File below.
Configuring the Prometheus Configuration File
You configure sections of the Prometheus configuration file through the following panes in the Healthwatch tile:
-
Prometheus. For more information, see Prometheus below.
-
Remote Write. For more information, see Remote Write below.
Prometheus
The following table lists which configuration options in the Prometheus pane in the Healthwatch tile configure properties in the Prometheus configuration file:
| Healthwatch configuration option | Configuration file property | Configuration file section |
|---|---|---|
| Scrape interval | scrape_interval |
scrape_config |
| Scrape job configuration parameters | See Configure Prometheus in Configuring Healthwatch and the Prometheus documentation. | scrape_config |
| Certificate and private key for TLS | cert_file, key_file |
scrape_config - tls_config |
| CA certificate for TLS | ca_file |
scrape_config - tls_config |
| Target server name | server_name |
scrape_config - tls_config |
| Skip TLS certificate verification | insecure_skip_verify |
scrape_config - tls_config |
For more information about configuring these properties, see Configure Prometheus in Configuring Healthwatch and the Prometheus documentation.
Remote Write
The following table lists which configuration options in the Remote Write pane in the Healthwatch tile configure properties in the Prometheus configuration file:
| Healthwatch configuration option | Configuration file property | Configuration file section |
|---|---|---|
| Remote storage URL | url |
remote_write |
| Remote timeout | remote_timeout |
remote_write |
| Remote storage username | username |
remote_write - basic_auth |
| Remote storage password | password |
remote_write - basic_auth |
| Certificate and private key for TLS | cert_file, key_file |
remote_write - tls_config |
| CA certificate for TLS | ca_file |
remote_write - tls_config |
| Remote storage server name | server_name |
remote_write - tls_config |
| Skip TLS certificate verification | insecure_skip_verify |
remote_write - tls_config |
| Proxy URL | proxy_url |
remote_write |
| Queue capacity | capacity |
remote_write - queue_config |
| Minimum shards per queue | min_shards |
remote_write - queue_config |
| Maximum shards per queue | max_shards |
remote_write - queue_config |
| Maximum samples per send | max_samples_per_send |
remote_write - queue_config |
| Maximum batch wait time | batch_send_deadline |
remote_write - queue_config |
| Minimum backoff time | min_backoff |
remote_write - queue_config |
| Maximum backoff time | max_backoff |
remote_write - queue_config |
For more information about configuring these properties, see Configure Remote Write in Configuring Healthwatch and the Prometheus documentation.
Configuring the Alertmanager Configuration File
The following table lists which configuration options in the Alertmanager pane in the Healthwatch tile configure properties in the Alertmanager configuration file:
| Healthwatch configuration option | Configuration file property | Configuration file section |
|---|---|---|
| Routing rules | See Configure Alerting in Configuring Alerting and the Prometheus documentation. | route |
| Inhibit rules | See Configure Alerting in Configuring Alerting and the Prometheus documentation. | inhibit_rules |
| Email alert receivers | ||
| Alert receiver name | name |
receivers |
| Alert receiver configuration parameters | See Configure an Email Alert Receiver in Configuring Alerting and the Prometheus documentation. | receivers - email_configs |
| SMTP server authentication password | auth_password |
receivers - email_configs |
| SMTP server authentication secret | auth_secret |
receivers - email_configs |
| Certificate and private key for TLS | cert_file, key_file |
receivers - email_configs - tls_config |
| CA certificate for TLS | ca_file |
receivers - email_configs - tls_config |
| SMTP server name | server_name |
receivers - email_configs - tls_config |
| Skip TLS certificate verification | insecure_skip_verify |
receivers - email_configs - tls_config |
| PagerDuty alert receivers | ||
| Alert receiver name | name |
receivers |
| Alert receiver configuration parameters | See Configure a PagerDuty Alert Receiver in Configuring Alerting and the Prometheus documentation. | receivers - pagerduty_configs |
| Routing key | routing_key |
receivers - pagerduty_configs |
| Service key | service_key |
receivers - pagerduty_configs |
| Basic authentication credentials | username, password |
receivers - pagerduty_configs - http_config - basic_auth |
| Bearer token | credentials |
receivers - pagerduty_configs - http_config - authorization |
| Certificate and private key for TLS | cert_file, key_file |
receivers - pagerduty_configs - http_config - tls_config |
| CA certificate for TLS | ca_file |
receivers - pagerduty_configs - http_config - tls_config |
| PagerDuty server name | server_name |
receivers - pagerduty_configs - http_config - tls_config |
| Skip TLS certificate verification | insecure_skip_verify |
receivers - pagerduty_configs - http_config - tls_config |
| Slack alert receivers | ||
| Alert receiver name | name |
receivers |
| Alert receiver configuration parameters | See Configure a Slack Alert Receiver in Configuring Alerting and the Prometheus documentation. | receivers - slack_configs |
| Slack API URL | api_url |
receivers - slack_configs |
| Basic authentication credentials | username, password |
receivers - slack_configs - http_config - basic_auth |
| Bearer token | credentials |
receivers - slack_configs - http_config - authorization |
| Certificate and private key for TLS | cert_file, key_file |
receivers - slack_configs - http_config - tls_config |
| CA certificate for TLS | ca_file |
receivers - slack_configs - http_config - tls_config |
| Slack server name | server_name |
receivers - slack_configs - http_config - tls_config |
| Skip TLS certificate verification | insecure_skip_verify |
receivers - slack_configs - http_config - tls_config |
| Webhook alert receivers | ||
| Alert receiver name | name |
receivers |
| Alert receiver configuration parameters | See Configure a Webhook Alert Receiver in Configuring Alerting and the Prometheus documentation. | receivers - webhook_configs |
| Basic authentication credentials | username, password |
receivers - webhook_configs - http_config - basic_auth |
| Bearer token | credentials |
receivers - webhook_configs - http_config - authorization |
| Certificate and private key for TLS | cert_file, key_file |
receivers - webhook_configs - http_config - tls_config |
| CA certificate for TLS | ca_file |
receivers - webhook_configs - http_config - tls_config |
| Webhook server name | server_name |
receivers - webhook_configs - http_config - tls_config |
| Skip TLS certificate verification | insecure_skip_verify |
receivers - webhook_configs - http_config - tls_config |
For more information about configuring these properties, see Configuring Alerting and the Prometheus documentation.
Configuring the Grafana Configuration File
The following table lists which configuration options in the Grafana pane in the Healthwatch tile configure properties in the Grafana configuration file:
| Healthwatch configuration option | Configuration file property | Configuration file section |
|---|---|---|
| Grafana root URL | root_url |
[server] |
| Basic authentication | enabled |
[auth.basic] |
| Generic OAuth | ||
| Provider name | name |
[auth.generic_oauth] |
| Client ID | client_id |
[auth.generic_oauth] |
| Client secret | client_secret |
[auth.generic_oauth] |
| Scopes | scopes |
[auth.generic_oauth] |
| Authorization URL | auth_url |
[auth.generic_oauth] |
| Token URL | token_url |
[auth.generic_oauth] |
| API URL | api_url |
[auth.generic_oauth] |
| Email attribute | email_attribute_name |
[auth.generic_oauth] |
| Grafana domain | domain |
[server] |
| Allow new accounts with existing OAuth credentials | allow_sign_up |
[auth.generic_oauth] |
| Allowed domains | allowed_domains |
[auth.generic_oauth] |
| Allowed teams | teams_ids |
[auth.generic_oauth] |
| Allowed organizations | allowed_organization |
[auth.generic_oauth] |
| Allowed groups | allowed_group |
[auth.generic_oauth] |
| Certificate and private key for TLS | tls_client_cert, tls_client_key |
[auth.generic_oauth] |
| CA certificate for TLS | tls_client_ca |
[auth.generic_oauth] |
| Skip TLS certificate verification | tls_skip_verify_insecure |
[auth.generic_oauth] |
| UAA | ||
| Client ID | client_id |
[auth.generic_oauth] |
| Client secret | client_secret |
[auth.generic_oauth] |
| UAA server root URL | auth_url, token_url |
[auth.generic_oauth] |
| CA certificate for TLS | tls_client_ca |
[auth.generic_oauth] |
| Skip TLS certificate verification | tls_skip_verify_insecure |
[auth.generic_oauth] |
| LDAP | ||
| Host address | host |
[auth.ldap] |
| Port | port |
[auth.ldap] |
| Allow new accounts with existing LDAP credentials | allow_sign_up |
[auth.ldap] |
| Use SSL | use_ssl |
[auth.ldap] |
| Use STARTTLS | start_tls |
[auth.ldap] |
| Skip TLS certificate verification | tls_skip_verify_insecure |
[auth.ldap] |
| Bind DN | bind_dn |
[auth.ldap] |
| Bind password | bind_password |
[auth.ldap] |
| User search filter | search_filter |
[auth.ldap] |
| Search base DNs | search_base_dns |
[auth.ldap] |
| Group search filter | group_search_filter |
[auth.ldap] |
| Group search base DNs | group_search_base_dns |
[auth.ldap] |
| Group search filter user attribute | group_search_filter_user_attribute |
[auth.ldap] |
| Server attributes | [servers.attributes] |
[auth.ldap] |
| Server group mappings | [[servers.group_mappings]] |
[auth.ldap] |
| Certificate and private key for TLS | client_cert, client_key |
[auth.ldap] |
| CA certificate for TLS | root_ca_cert |
[auth.ldap] |
| Email alerts | ||
| Configure / Do not configure | enabled |
[smtp] |
| SMTP server host name | host |
[smtp] |
| SMTP server port | port |
[smtp] |
| SMTP server username | user |
[smtp] |
| SMTP server password | password |
[smtp] |
| Skip TLS certificate verification | skip_verify |
[smtp] |
| From address | from_address |
[smtp] |
| From name | from_name |
[smtp] |
| EHLO client ID | ehlo_identity |
[smtp] |
| Certificate and private key for TLS | cert_file, key_file |
[smtp] |
For more information about configuring these properties, see Configure Grafana in Configuring Healthwatch, Configuring Grafana Authentication, and the Grafana documentation.
