Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitebf5313

Browse files
Added cloudwatch datasource to grafana
1 parent2b6d478 commitebf5313

File tree

5 files changed

+185
-2
lines changed

5 files changed

+185
-2
lines changed

‎.gitignore‎

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -28,9 +28,10 @@ pids
2828
*.seed
2929
*.pid.lock
3030

31-
# Generated config files (these are created by the sources-generator)
31+
# Generated config files (these are created by the sources-generator and datasource-generator)
3232
config/pgwatch-postgres/sources.yml
3333
config/pgwatch-prometheus/sources.yml
34+
config/grafana/provisioning/datasources/datasources.processed.yml
3435

3536
# Volume data (if accidentally committed)
3637
data/

‎README.md‎

Lines changed: 31 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -184,6 +184,11 @@ Get a complete monitoring setup with demo data in under 2 minutes.
184184

185185
# Health check
186186
./postgres_ai health
187+
188+
# AWS CloudWatch integration (optional)
189+
./postgres_ai add-aws-credentials<access_key><secret_key> [region]
190+
./postgres_ai show-aws-credentials
191+
./postgres_ai remove-aws-credentials
187192
```
188193

189194
##🌐 Access points
@@ -206,6 +211,32 @@ Technical URLs (for advanced users):
206211
##🔑 PostgresAI access token
207212
Get your access token at[PostgresAI](https://postgres.ai) for automated report uploads and advanced analysis.
208213

214+
##☁️ AWS CloudWatch integration (optional)
215+
216+
If you're monitoring AWS RDS Postgres instances, you can enable CloudWatch datasource to correlate RDS metrics with postgres_ai monitoring data.
217+
218+
**Enable CloudWatch datasource:**
219+
220+
```bash
221+
./postgres_ai add-aws-credentials<YOUR_AWS_ACCESS_KEY><YOUR_AWS_SECRET_KEY> us-east-1
222+
./postgres_ai restart
223+
```
224+
225+
The CloudWatch datasource is disabled by default and will only be activated when AWS credentials are configured. Your credentials are stored securely in`.pgwatch-config` (which is git-ignored).
226+
227+
**Manage AWS credentials:**
228+
229+
```bash
230+
# View current configuration (credentials are masked)
231+
./postgres_ai show-aws-credentials
232+
233+
# Remove AWS credentials (disables CloudWatch datasource)
234+
./postgres_ai remove-aws-credentials
235+
./postgres_ai restart
236+
```
237+
238+
**Note:** AWS credentials are optional and only needed if you want to view AWS RDS CloudWatch metrics alongside postgres_ai monitoring data in Grafana.
239+
209240
##🛣️ Roadmap
210241

211242
- Host stats for on-premise and managed Postgres setups

‎config/grafana/provisioning/datasources/datasources.yml‎

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,9 @@ datasources:
2626
queryTimeout:'5s'
2727
timeInterval:'5s'
2828
httpMethod:'POST'
29+
30+
# CloudWatch datasource will be added here if AWS credentials are configured
31+
~CLOUDWATCH_DATASOURCE~
2932

3033
-name:Infinity
3134
type:yesoreyeram-infinity-datasource

‎docker-compose.yml‎

Lines changed: 42 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,45 @@ services:
1818
echo 'Generated sources.yml files for both postgres and prometheus'
1919
"
2020
21+
# Datasource Generator - Generates datasources.yml with optional CloudWatch configuration
22+
datasource-generator:
23+
image:alpine:3.22.0
24+
container_name:datasource-generator
25+
working_dir:/app
26+
volumes:
27+
-./.pgwatch-config:/app/.pgwatch-config:ro
28+
-./config/grafana/provisioning/datasources/datasources.yml:/app/datasources.template:ro
29+
-./config/grafana/provisioning/datasources:/app/output
30+
command:>
31+
sh -c "
32+
echo 'Processing Grafana datasources configuration...' &&
33+
if [ -f /app/.pgwatch-config ] && grep -q '^aws_access_key=' /app/.pgwatch-config && grep -q '^aws_secret_key=' /app/.pgwatch-config; then
34+
AWS_ACCESS_KEY=$$(grep '^aws_access_key=' /app/.pgwatch-config | cut -d'=' -f2-) &&
35+
AWS_SECRET_KEY=$$(grep '^aws_secret_key=' /app/.pgwatch-config | cut -d'=' -f2-) &&
36+
AWS_REGION=$$(grep '^aws_region=' /app/.pgwatch-config | cut -d'=' -f2-) &&
37+
AWS_REGION=$${AWS_REGION:-us-east-1} &&
38+
echo 'AWS credentials found, enabling CloudWatch datasource' &&
39+
grep -B 9999 '~CLOUDWATCH_DATASOURCE~' /app/datasources.template | grep -v '~CLOUDWATCH_DATASOURCE~' > /app/output/datasources.processed.yml &&
40+
echo ' - name: CloudWatch-RDS' >> /app/output/datasources.processed.yml &&
41+
echo ' type: cloudwatch' >> /app/output/datasources.processed.yml &&
42+
echo ' access: proxy' >> /app/output/datasources.processed.yml &&
43+
echo ' jsonData:' >> /app/output/datasources.processed.yml &&
44+
echo ' authType: keys' >> /app/output/datasources.processed.yml &&
45+
echo \" defaultRegion: $$AWS_REGION\" >> /app/output/datasources.processed.yml &&
46+
echo ' customMetricsNamespaces: AWS/RDS' >> /app/output/datasources.processed.yml &&
47+
echo ' secureJsonData:' >> /app/output/datasources.processed.yml &&
48+
echo \" accessKey: $$AWS_ACCESS_KEY\" >> /app/output/datasources.processed.yml &&
49+
echo \" secretKey: $$AWS_SECRET_KEY\" >> /app/output/datasources.processed.yml &&
50+
echo ' isDefault: false' >> /app/output/datasources.processed.yml &&
51+
echo ' editable: true' >> /app/output/datasources.processed.yml &&
52+
grep -A 9999 '~CLOUDWATCH_DATASOURCE~' /app/datasources.template | grep -v '~CLOUDWATCH_DATASOURCE~' >> /app/output/datasources.processed.yml
53+
else
54+
echo 'AWS credentials not configured, CloudWatch datasource disabled' &&
55+
grep -v '~CLOUDWATCH_DATASOURCE~' /app/datasources.template > /app/output/datasources.processed.yml
56+
fi &&
57+
echo 'Datasources configuration generated successfully'
58+
"
59+
2160
# Target Database - The PostgreSQL database being monitored
2261
target-db:
2362
image:postgres:15
@@ -105,10 +144,12 @@ services:
105144
-"3000:3000"
106145
volumes:
107146
-grafana_data:/var/lib/grafana
108-
-./config/grafana/provisioning:/etc/grafana/provisioning
147+
-./config/grafana/provisioning/dashboards:/etc/grafana/provisioning/dashboards
148+
-./config/grafana/provisioning/datasources/datasources.processed.yml:/etc/grafana/provisioning/datasources/datasources.yml:ro
109149
-./config/grafana/dashboards:/var/lib/grafana/dashboards
110150
-./config/grafana/provisioning/grafana.ini:/etc/grafana/grafana.ini
111151
depends_on:
152+
-datasource-generator
112153
-sink-postgres
113154
-sink-prometheus
114155
flask-backend:

‎postgres_ai‎

Lines changed: 107 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -78,6 +78,11 @@ show_help() {
7878
echo" show-key Show current API key (masked)"
7979
echo" remove-key Remove stored API key"
8080
echo""
81+
echo"AWS CLOUDWATCH MANAGEMENT:"
82+
echo" add-aws-credentials <access_key> <secret_key> [region] Add AWS credentials for CloudWatch datasource"
83+
echo" show-aws-credentials Show current AWS credentials (masked)"
84+
echo" remove-aws-credentials Remove stored AWS credentials"
85+
echo""
8186
echo"GRAFANA PASSWORD MANAGEMENT:"
8287
echo" generate-grafana-password Generate secure password for Grafana"
8388
echo" show-grafana-credentials Show current Grafana credentials"
@@ -119,6 +124,11 @@ show_help() {
119124
echo"$0 test-instance prod-db # Test connection to 'prod-db' instance"
120125
echo"$0 remove-instance old-db # Remove 'old-db' instance"
121126
echo""
127+
echo"AWS CLOUDWATCH EXAMPLES:"
128+
echo"$0 add-aws-credentials AKIAIOSFODNN7EXAMPLE wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY us-east-1"
129+
echo"$0 show-aws-credentials # Display masked AWS credentials"
130+
echo"$0 remove-aws-credentials # Disable CloudWatch datasource"
131+
echo""
122132
echo"WORKFLOW:"
123133
echo" QUICKSTART (RECOMMENDED):"
124134
echo" • Run '$0 quickstart' for complete production setup (install + configure + start)"
@@ -681,6 +691,94 @@ get_api_key() {
681691
fi
682692
}
683693

694+
# Add AWS credentials to configuration
695+
add_aws_credentials() {
696+
local access_key="$1"
697+
local secret_key="$2"
698+
local region="${3:-us-east-1}"
699+
700+
if [-z"$access_key" ]|| [-z"$secret_key" ];then
701+
log_error"Please provide both AWS access key and secret key"
702+
echo"Usage:$0 add-aws-credentials <access_key> <secret_key> [region]"
703+
echo" region defaults to us-east-1 if not specified"
704+
exit 1
705+
fi
706+
707+
# Create config file if it doesn't exist
708+
touch"$SCRIPT_DIR/.pgwatch-config"
709+
710+
# Remove existing AWS credentials if present
711+
if [-f"$SCRIPT_DIR/.pgwatch-config" ];then
712+
grep -v"^aws_access_key=""$SCRIPT_DIR/.pgwatch-config"| grep -v"^aws_secret_key="| grep -v"^aws_region=">"$SCRIPT_DIR/.pgwatch-config.tmp"||true
713+
mv"$SCRIPT_DIR/.pgwatch-config.tmp""$SCRIPT_DIR/.pgwatch-config"
714+
fi
715+
716+
# Add the new AWS credentials
717+
echo"aws_access_key=$access_key">>"$SCRIPT_DIR/.pgwatch-config"
718+
echo"aws_secret_key=$secret_key">>"$SCRIPT_DIR/.pgwatch-config"
719+
echo"aws_region=$region">>"$SCRIPT_DIR/.pgwatch-config"
720+
721+
log_success"AWS credentials added successfully"
722+
log_info"CloudWatch datasource will be enabled on next restart"
723+
log_info"Region:$region"
724+
}
725+
726+
# Show AWS credentials (masked for security)
727+
show_aws_credentials() {
728+
if [-f"$SCRIPT_DIR/.pgwatch-config" ];then
729+
local access_key=$(grep"^aws_access_key=""$SCRIPT_DIR/.pgwatch-config"2>/dev/null| cut -d'=' -f2)
730+
local region=$(grep"^aws_region=""$SCRIPT_DIR/.pgwatch-config"2>/dev/null| cut -d'=' -f2)
731+
732+
if [-n"$access_key" ];then
733+
local masked_key="${access_key:0:4}$(printf'%*s'$((${#access_key}-8))''| tr'''*')${access_key: -4}"
734+
log_info"CloudWatch Configuration:"
735+
echo" AWS Access Key:$masked_key"
736+
echo" AWS Region:${region:-us-east-1}"
737+
log_success"CloudWatch datasource is configured"
738+
else
739+
log_warning"No AWS credentials configured"
740+
log_info"CloudWatch datasource is disabled"
741+
fi
742+
else
743+
log_warning"No AWS credentials configured"
744+
log_info"CloudWatch datasource is disabled"
745+
fi
746+
}
747+
748+
# Remove AWS credentials from configuration
749+
remove_aws_credentials() {
750+
if [-f"$SCRIPT_DIR/.pgwatch-config" ];then
751+
grep -v"^aws_access_key=""$SCRIPT_DIR/.pgwatch-config"| grep -v"^aws_secret_key="| grep -v"^aws_region=">"$SCRIPT_DIR/.pgwatch-config.tmp"||true
752+
mv"$SCRIPT_DIR/.pgwatch-config.tmp""$SCRIPT_DIR/.pgwatch-config"
753+
log_success"AWS credentials removed successfully"
754+
log_info"CloudWatch datasource will be disabled on next restart"
755+
else
756+
log_warning"No AWS credentials configured"
757+
fi
758+
}
759+
760+
# Get AWS credentials from configuration
761+
get_aws_access_key() {
762+
if [-f"$SCRIPT_DIR/.pgwatch-config" ];then
763+
grep"^aws_access_key=""$SCRIPT_DIR/.pgwatch-config"2>/dev/null| cut -d'=' -f2
764+
fi
765+
}
766+
767+
get_aws_secret_key() {
768+
if [-f"$SCRIPT_DIR/.pgwatch-config" ];then
769+
grep"^aws_secret_key=""$SCRIPT_DIR/.pgwatch-config"2>/dev/null| cut -d'=' -f2
770+
fi
771+
}
772+
773+
get_aws_region() {
774+
if [-f"$SCRIPT_DIR/.pgwatch-config" ];then
775+
local region=$(grep"^aws_region=""$SCRIPT_DIR/.pgwatch-config"2>/dev/null| cut -d'=' -f2)
776+
echo"${region:-us-east-1}"
777+
else
778+
echo"us-east-1"
779+
fi
780+
}
781+
684782
# Detect project directory
685783
detect_project_dir() {
686784
# Check if we're already in the project directory
@@ -2075,6 +2173,15 @@ main() {
20752173
"remove-key")
20762174
remove_api_key
20772175
;;
2176+
"add-aws-credentials")
2177+
add_aws_credentials"$2""$3""$4"
2178+
;;
2179+
"show-aws-credentials")
2180+
show_aws_credentials
2181+
;;
2182+
"remove-aws-credentials")
2183+
remove_aws_credentials
2184+
;;
20782185
"generate-grafana-password")
20792186
generate_grafana_password
20802187
;;

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp