Talk by: Simone Nocentini and Vladimir Mozharov Being a manged service provider comes with its very own challenges, especially when it comes to monitoring. In this session we will dive in into Kiratech’s infrastructure to get an overview from the provider and the client perspective, and what it takes to monitor a variety of technologies with Icinga. The strategy contains an approach of deploying Icinga with Ansible for comprehensive visibility and linking it with FreshService for seamless integration. We will have an outlook to future projects including event-driven automations, Icinga-style observability and application monitoring.

1. THE CLOUD NATIVE
POWERHOUSE
TO EMPOWER
YOUR BUSINESS

2. KIRATECH >
WHO WE ARE
01

3. Kiratech > KiraTeam
KIRATECH >

4. KIRATECH >
Kiratech > Timeline
VIRTUALIZATION
2005
2009
2012
2015
2018
2019
2020
2021
2023
OPEN SOURCE &
BIG DATA
DEVOPS
THE SWISS
BRANCH OPENS
MANAGED SERVICE
PROVIDER (MSK)
KIRATECH SWISS SA
IS FOUNDED
CONTAINER &
MICROSERVICES
CLOUD NATIVE
ERA
AKIT + CND +
KRATEO
KRATEO SPINOFF
Kiratech was
founded and started
its business in
Virtualization field
Kiratech embraces
DevOps vision
Kiratech decides to
expand abroad with
the opening of the
Lugano office.
Kiratech Italy
becomes S.p.A.
Launch of MSK
Business Unit
(Managed Service
by Kiratech)
The swiss branch turns
its corporate name in
Kiratech Swiss SA and
consolidates its
presence in
Switzerland
Kiratech becomes
Red Hat partner
Starting of the Data
Analytics business
Start of strategic
partnership in Container
field.
Ex. 1° Docker Partner in
Italy
Kiratech becomes
Cloud Native
Computing Foundation
Silver Member
Launch of AKIT for the
security in an IT
environment, Krateo to
manage resource anywhere
and Cloud Native Dev
Krateo becomes a new
spinoff promoted and
financed by Kiratech

5. Kiratech > We bridge the Cloud adoption Gap
KIRATECH >
MAINFRAME
OPEN SYSTEMS &
VIRTUALIZATION
CLOUD NATIVE NEXT

6. KIRATECH >
WHAT WE DO
02

7. Data-driven Cloud Adoption
Hybrid Cloud, Data Mesh, Iot &
Edge
Kiratech > Mission
Kiratech drives companies in the process of infrastructure and application
modernization by facilitating the adoption of a cloud-native approach
through its services and selecting the best technologies in the following
areas:
Platform Engineering
Kubernetes, GitOps/DevOps,
Observability
KIRATECH >
Secure Software Supply Chain by AKIT
Kubernetes Hardening, API Sec,
DevSecOps

8. Kiratech > Offering
KIRATECH >
PROFESSIONAL
SERVICES
MANAGED
SERVICES
TRAININGS BEST TOOLS
We help companies along the Digital Transformation Journey through:

9. KIRATECH >
Our tech team manages a cloud-native toolchain that relies on a reference architecture based on
best-of-breed tools that can support the entire lifecycle of an asset.
Automated and managed by
Monitored 24/7 by
Delivered by
Kiratech > Reference Architecture
Secured by

10. Kiratech > Krateo PlatformOps
Krateo is an open-source product
with the aim to deliver a modular
and complete architecture to
create and describe services and
resources via standard
Kubernetes APIs.
KIRATECH >
PlatformOps for Platform Team
FinOps for C-level manager
Developer Portal for internal community

11. > Managed Service Provider by Kiratech
The platform management solution to support your applications.
You’ll get a dedicated management and maintenance of the platform by
addressing proactive and pervasive monitoring of the infrastructure,
management, and routine maintenance, bringing significant benefits in terms
of:
KIRATECH >
Powered by:
Trusted by:
Lower risk
Cost reduction
Increased service quality
Incident Management Change Management

12. Kiratech > Managed Service Provider – How we do it
Icinga is the core of our Monitoring System with whom we are partner since 2012
MSK to our Customers but also for New Customer
Automation and Efficiency of the service are our Mantra
Reduce the number of notifications of a new environment
KIRATECH >
Powered by:

13. KIRATECH >
UNDER THE HOOD
03

14. Kiratech > Managed Service Provider – Architecture
KIRATECH >
Clienti: 10
Satellites: 20
Hosts: 150
Services: 872
Powered by:

15. Kiratech > Managed Service Provider – Tecnologies
KIRATECH >
Powered by:

16. Kiratech > Managed Service Provider – Custom Script
KIRATECH >
Powered by:
With custom script we make complex queries to Elasticsearch or Prometheus to make observability:
Error rate, warn rate, latency, restart rate, key words presence, trends (for disk space)
OpenShift (with prometheus):
1. Pod restart speed
2. PV (PVC) status
3. K8s API (latency, traffic, error rate, saturation)
4. Kubelet (number of nodes, number of pods, number of containers, number of operations, error rate, storage
operations, PLEG)
5. ETCD (has_leader, node availability, server_proposals, fsync_duration, network_peer_round_trip, etc.)
6. Kube-controller (workqueue_queue_duration, rest_client_request_duration, etc.)
7. CoreDNS (latency, traffic, errors)
8. Various application metrics

17. Kiratech > Managed Service Provider – Custom Script
KIRATECH >
Powered by:
Elasticsearch:
1. controll_available_nodes
2. controll_cluster_health
3. controll_correct_template
4. check_data_freshness
5. check_free_cpu
6. check_free_disk_space
7. check_free_heap
8. check_indexing_latency
9. check_indices_total
10. check_latency
11. check_license
12. check_most_recent_snapshot
13. check_query_latency
14. check_replicas_for_index
15. check_shards_for_index
16. check_shards_per_node
17. check_unhealthy_shards
18. check_valid_credentials
Logstash:
1. check_file_descriptors
2. check_free_heap
3. check_load_average
4. check_pipeline_duration
5. controll_pipeline_exists
6. controll_pipeline_inbound
7. controll_pipeline_outbound

18. Kiratech > Managed Service Provider – Icinga management with
Ansible
KIRATECH >
Powered by:
Deploy on client side – playbook Ansible Custom
Icinga Director – migrating on Icinga Director
Collection for Ansible

19. Kiratech > Managed Service Provider – FreshService Integration
KIRATECH >
Powered by:
We are creating a ticket for each notification with custom script that watch event stream in API of Icinga

20. Kiratech > Managed Service Provider – Workflow
KIRATECH >
Powered by:
Our goal is to have 0 notifications on the Icinga Dashboard:
1. Notifications that we don’t understand or don’t know what to do with - should not exist
(e.g., avg_load, latency). They represent only a possible anomaly but do not lead to a
solution to the problem.
2. Every notification requires action:
1. CRITICAL and UNKNOWN notifications – these are incidents and will be managed as
soon as possible.
2. WARNING notifications should be addressed to resolve the issue.
3. If we cannot do anything with notification (or it is out of scope), we inform the client.
If a notification cannot be processed, it will be disabled.

21. Kiratech > Managed Service Provider – Evolution
KIRATECH >
Powered by:
1. Call scripts that tries to resolve the incident (using notifications)
2. Using Icinga for collecting error and warn log and elaborate each one
3. Integration with our client's ticketing systems (ServiceNow, etc.)
4. Utilize Icinga to track security vulnerabilities (CVE)

22. KIRATECH S.P.A.
VIA FERMI, 11
37135 VERONA – ITALIA
INFO@KIRATECH.IT
CERT@PEC.KIRATECH.IT
TEL +39 045 8347852
FAX +39 045 501504
VAT IT 03530570237
KIRATECH SWISS SA
VIALE CARLO CATTANEO 1
6900 LUGANO – SVIZZERA
INFO.SWISS@KIRATECH.CH
TEL LUGANO +41 (0)91 225 09 99
VAT CHE-144.749.894
KIRATECH.IT
KIRATECH
@KIRATECH
KIRATECH