kubectl get secret alertmanager-rancher-monitoring-alertmanager-generated \
  -n cattle-monitoring-system -o yaml > secret.yaml

# 安裝 yq 工具
wget https://github.com/mikefarah/yq/releases/download/v4.25.1/yq_linux_amd64 -O /usr/local/bin/yq
chmod +x /usr/local/bin/yq
# 解密 alertmanager 配置
echo "$(yq eval '.data."alertmanager.yaml.gz"' secret.yaml)" | base64 -d | gzip -d > alertmanager.yaml
# 解密模板文件
echo "$(yq eval '.data."rancher_defaults.tmpl"' secret.yaml)" | base64 -d > rancher_defaults.tmpl

global:
  resolve_timeout: 5m
  smtp_smarthost: 'smtp.qq.com:465'
  smtp_from: 'xxxx@qq.com'
  smtp_auth_username: 'xxxx@qq.com'
  smtp_auth_password: 'xxxxxxx'
  smtp_require_tls: false
route:
  receiver: "k8s-alarm"
  group_by: [alertname]
  routes:
  - receiver: "null"
    matchers:
    - alertname = "Watchdog"
  group_wait: 30s
  group_interval: 5m
  repeat_interval: 12h
receivers:
- name: "k8s-alarm"
  email_configs:
  - to: 'test@gmail.cn'
    send_resolved: true
- name: "null"
templates:
- /etc/alertmanager/config/*.tmpl

# 壓縮配置
gzip -c alertmanager.yaml > alertmanager.yaml.gz
# Base64 編碼
ALERTMANAGER_CONFIG=$(base64 -w0 alertmanager.yaml.gz)
TEMPLATE_CONFIG=$(base64 -w0 rancher_defaults.tmpl)
# 生成新 Secret
yq eval ".data.\"alertmanager.yaml.gz\" = \"$ALERTMANAGER_CONFIG\" | 
         .data.\"rancher_defaults.tmpl\" = \"$TEMPLATE_CONFIG\"" secret.yaml > updated-secret.yaml
# 修改 Secret 名稱
sed -i 's/name: alertmanager-.*/name: alertmanager-main/' updated-secret.yaml
# 應(yīng)用配置
kubectl apply -f updated-secret.yaml -n cattle-monitoring-system

# 修改 volumes 配置
volumes:
- name: config-volume
  secret:
    secretName: alertmanager-main  # 替換默認(rèn)值

# k8s-alarm.yaml
apiVersion: monitoring.coreos.com/v1alpha1
kind: AlertmanagerConfig
metadata:
  name: k8s-alarm
  namespace: test
spec:
  receivers:
    - name: tialert
      webhookConfigs:
        - url: https://your-webhook-url
          sendResolved: true


  route:
    groupBy: [alertname]
    groupInterval: 5m
    groupWait: 30s
    matchers:
      - name: severity
        value: "warning|critical"
        regex: true
    receiver: tialert
    repeatInterval: 4h

# null.yaml
apiVersion: monitoring.coreos.com/v1alpha1
kind: AlertmanagerConfig
metadata:
  name: silence-watchdog
  namespace: cattle-monitoring-system
spec:
  receivers:
    - name: null-receiver


  route:
    matchers:
      - name: alertname
        value: "Watchdog"
    receiver: null-receiver

# app-alert.yaml
apiVersion: monitoring.coreos.com/v1
kind: PrometheusRule
metadata:
  name: app-backend-alerts
  namespace: test
  labels:
    prometheus: rancher-monitoring
    role: alert-rules
spec:
  groups:
  - name: app-backend
    rules:
    - alert: HighRequestRate
      expr: |
        sum(rate(http_requests_total{job="app-backend"}[5m])) by (service) > 100
      for: 10m
      labels:
        severity: critical
      annotations:
        summary: "High request rate on {{ $labels.service }}"
        description: "Request rate is {{ $value }} per second"