Sensu is the complete cloud monitoring solution for observability at scale, designed to give you rich insight and ensure that you know what’s going on everywhere in your system. With true multi-tenancy, an enterprise datastore that keeps pace as you scale, and streaming handlers to process all those events, you can rely on Sensu for cloud, container, and application performance monitoring that provides deep visibility into your entire infrastructure.
In this post, I’ll introduce you to some Sensu features that can help complex and evolving organizations achieve comprehensive enterprise-level monitoring and observability.
Sensu’s enterprise datastore
Sensu records observability events in its embedded etcd datastore by default. The embedded datastore can get you started, but as you add more entities and checks to your Sensu implementation, the rate of events being written to the datastore will rapidly expand.
Sensu’s enterprise datastore makes it possible to scale your monitoring to many thousands of events per second. In fact, our performance testing configuration can handle 40,000 Sensu agent connections, along with their keepalives, and process 36,000 events per second under ideal conditions.
The enterprise datastore requires a database server running PostgreSQL 9.5 or later, a PostgreSQL database, and a licensed Sensu Go backend. And once you’ve got your enterprise datastore up and running, you can configure streaming replication for PostgreSQL to replicate all Sensu events written to the primary server to the standby server. Read our configuration guide for step-by-step instructions.
Sensu’s true multi-tenancy features mean that even in complex environments, you can achieve your monitoring goals. Features like role-based access control (RBAC) allow large organizations to share a Sensu instance while ensuring that users only have access to their team’s resources.
In addition to controlling access to resources, Sensu’s RBAC also lets you specify which actions users can take for specific Sensu resources based on roles that are bound either to individual users or to groups that users are members of. You can also scope user permissions to resource types, for example to grant GET permission for some resource types and CREATE, UPDATE, and DELETE for other resource types.
Sensu’s web UI offers a multi-tenant dashboard that supports filtering by Kubernetes-style namespaces, as well as an all-namespaces view. You can use RBAC permissions to manage namespace visibility for different users.
Sensu’s RBAC also makes it possible to create limited service accounts that represent applications or services rather than human users. For example, you can create a limited service account to read the results of an aggregate check and route them to a service that displays a high-level view of your webserver statuses, without anyone ever needing to log in to the service. Limited service accounts are also useful for automating processes like automatically removing containers that have stopped running.
For managed service providers (MSPs), Sensu’s multi-tenancy features offer a solution for monitoring workloads and infrastructure for multiple customers. Namespace-based organization is a natural fit for IT environments that use containers and DevOps methodologies. RBAC allows you to specify different policies for different customers and route alerts directly to each customer’s preferred communications platform.
Enterprise-scale event handling
Traditional event handlers start a new process for every event they receive and require a new connection to send every event. As you scale up and process more events per second, the rate at which the traditional handler can transmit event data decreases, creating data bottlenecks.
Sensu’s streaming handlers offer a solution for data bottlenecks and provide a persistent connection for sending events and metrics to your remote data storage service. With our streaming handlers, you configure a pool of connections for the handler to use. As each connection finishes sending an event, the connection returns to the pool and becomes available for sending the next event in the queue. Streaming handlers reuse the available connections as long as they can rather than requiring a new connection for every event, which increases event throughput.
Sensu offers two types of streaming handlers: Sumo Logic metrics handlers and TCP stream handlers. Sumo Logic metrics handlers are a dedicated solution for sending observability metrics to a Sumo Logic HTTP Logs and Metrics source. Like traditional TCP handlers, TCP stream handlers send event data to TCP sockets for external services to consume. Sensu’s TCP stream handlers also allow you to use transport layer security (TLS) for secure data transmission.
Single sign-on authentication
In addition to basic authentication, Sensu supports single sign-on (SSO) authentication with Active Directory (AD), Lightweight Directory Access Protocol (LDAP), and OpenID Connect 1.0 protocol (OIDC). Sensu’s SSO provides enterprise-class security and gives your organization’s users a more manageable way to authenticate.
Federation (Sensu 6.9.x and earlier versions)
Sensu’s federation feature gives you centralized, coordinated visibility into systems that work independently or are geographically separated. Use Sensu’s federation API endpoints to register external clusters, gain single-pane-of-glass visibility into the health of your infrastructure and services across many different Sensu instances within the web UI, and mirror your changes in one cluster to follower clusters.
Federation also allows you to provide a single entry point for operators who need to manage infrastructure and application monitoring across multiple distinct data centers, cloud regions, or providers. Once you have federation configured, you can monitor events in many different clusters within a single web UI. You can also use the web UI, sensuctl, or the federation API to replicate any changes and additions you make in one cluster to other clusters in the federated architecture.
To try our enterprise features yourself, download Sensu and get started! All of Sensu’s commercial features are free for your first 100 entities. For a free trial of Sensu for more than 100 entities, sign up or contact our Sales team.
Our self-paced workshop lessons provide a deep dive into Sensu’s capabilities and features, and our documentation walks you through how to implement all of the features I described in this post so you can get the most out of Sensu.