dnsmichi/opstrace

The Open Source Observability Distribution

The Open Source Observability Distribution

Opstrace is secure, horizontally-scalable, open source observability installed in your cloud account. It combines open APIs to reduce toil.

Highlights:

• Horizontally scalable for ingestion and queries.
• Durable with inexpensive long-term retention.
• Rigoriously tested end-to-end.
• Large efforts towards confident upgrades.
• Secure by default with TLS and authenticated endpoints.
• Easy to configure with GUIs and APIs.

We walk on the shoulders of giants; Opstrace contains the open source projects you know and love in one place:

• Cortex
• Loki
• Grafana
• Prometheus
• Kubernetes
• and many more

Key Features

Installation and Upgrades

Both installation and upgrades are initiated by a single CLI command. In this example, you can see an abbreviated installation and upgrade cycle:

$ cat << EOF > config.yaml
 tenants:
  - staging
  - prod
EOF

$ ./opstrace create aws tracy -c config.yaml
...
info: cluster creation finished: tracy (aws)
info: Log in here: https://tracy.opstrace.io

# a week later...

$ curl -L https://go.opstrace.com/cli-latest-macos | tar xjf -
$ ./opstrace upgrade aws tracy -c config.yaml
...
info: Opstrace cluster upgrade done for tracy (aws)

Alert Management

Alertmanager can be difficult to configure, especially for Cortex where they correspond with tenants you have created. Our goal is to improve this with editors that provide realtime validation feedback:

Tenant Management

Tenants provide isolation for logically separate entities. For example, they enable authn/authz for groups of users (e.g., different teams) and provide rate limiting of your data on both the write and read paths. Managing tenants with a central UI can be helpful for visualizing and managing multiple tenants:

Quick Start

Install Opstrace in your own cloud account with our quick start. The Opstrace CLI uses your local credentials to setup the necessary cloud resources (e.g., a EKS or GKE cluster) and then deploys the Opstrace controller which orchestrates all of the app-level deployments. For example:

opstrace create aws <choose_a_name> <<EOF
tenants:
  - dev
  - staging
  - prod
env_label: try_opstrace
cert_issuer: letsencrypt-prod
EOF

In addition to AWS we also support GCP.

See our configuration reference for details: docs/references/cluster-configuration.md.

Don't forget to clean up if you're done kicking the tires:

opstrace destroy aws <choose_a_name>

Community

Authentic collaboration in a community setting is important to us. Please join us to learn more, get support, or contribute to the project.

• Join our Slack Community
• Ask a question in our GitHub Discussions
• Contribute a proposal or a bug report
• Or just send us an email at hello@opstrace.com

You can find out more on our community page, including shoutouts to some of the main open source projects that we're building with.

Documentation

You can find the Opstrace documentation in /docs. We invite you to improve these docs together with us, and have a corresponding guide for that.

Contributing

We ❤️ working on open source projects, and we hope you do too. Please join us and make some contributions, however big or small.

• Start by reading the Contributing guide to become familiar with the process.
• Then review our Development guide to learn how to set up your environment and build the code.
• If you'd like to find a place to start and get your feet wet, just reach out and ask in our community Slack. (It's also a good idea to try out our quick start.)

Take a look at our high-level roadmap to see where we're heading, and feel free to get in touch with us regarding questions and suggestions.

IMPORTANT NOTE: We welcome contributions from developers of all backgrounds. We encode that in a Contributor Code of Conduct. By participating in this project, you agree to abide by its terms.

Privacy

At Opstrace, we host a service that automatically provisions subdomains like <my_name>.opstrace.io. This makes it easy and clean to use the URLs for both humans and machines. To accomplish this safely, we require login via Auth0 subject to our privacy poicy.

Get in touch with us to discuss support for custom domains!

Security Reports

We take security seriously. If you believe you have found a security issue in our project or any related projects, please email us at security@opstrace.com to responsibly disclose the issue.