node-exporter-textfile-collector-scripts icon indicating copy to clipboard operation
node-exporter-textfile-collector-scripts copied to clipboard

Published 20 hours ago verified publisher icon prometheus-community

export more information from apt_info.py: package count, obsolete, broken packages

Open anarcat opened this issue 1 year ago • 4 comments

Hi,

We're migrating away from icinga here and we have an in-house check that provides us with quite useful metrics.

apt_info.py has this:

# /usr/share/prometheus-node-exporter-collectors/apt_info.py
# HELP apt_upgrades_pending Apt packages pending updates by origin.
# TYPE apt_upgrades_pending gauge
apt_upgrades_pending{origin="",arch=""} 0
# HELP apt_upgrades_held Apt packages pending updates but held back.
# TYPE apt_upgrades_held gauge
apt_upgrades_held{origin="",arch=""} 0
# HELP apt_autoremove_pending Apt packages pending autoremoval.
# TYPE apt_autoremove_pending gauge
apt_autoremove_pending 21
# HELP node_reboot_required Node reboot is required for software updates.
# TYPE node_reboot_required gauge
node_reboot_required 0

our dsa-check-packages has this:

# dsa-check-packages 
OK: 618 ok, 4 rc
618 packages current.
4 packages removed but not purged: linux-image-6.1.0-18-amd64, linux-image-6.1.0-17-amd64, linux-image-6.1.0-21-amd64, linux-image-6.1.0-20-amd64
|obs_loc=0;1;5;0 outdated=0;1;5;0 current=618;;;0 obs_ign=0;;;0 rm_unprg=4;;;0 hold=0;;;0 prg_conf=0;1;;0

that is:

  • [x] held packages (apt_upgrades_held)
  • [ ] obsolete packages, including a way to exclude packages (not covered!)
  • [x] outdated packages (apt_upgrades_pending)
  • [ ] current packages (not covered!)
  • [ ] removed packages with leftover configuration ("removed but not purged", not covered)
  • [ ] purged packages with leftover configuration (!?) (not covered)
  • [ ] pending upgrades but that apt upgrade won't upgrade (see for example Ubuntu phased upgrades or pinned packages?)
  • [ ] add an ignore list

the "obsolete packages" is the most important, as those are packages that might not be covered by security upgrade and a manual configuration...

i plan on adding those into apt_info.py through a merge request unless someone objects in a coming weeks. please let me know.

This issue is tracked in https://gitlab.torproject.org/tpo/tpa/team/-/issues/41712 on our side.

anarcat avatar Aug 21 '24 19:08 anarcat