Re: FORT monitoring/visibility

[Lukas Tribus <lukas () ltri eu>]

On Wed, 27 Oct 2021 at 08:47, Mark Tinka <mark@tinka.africa> wrote:
> On 10/27/21 01:58, Randy Bush wrote:
> > my old DRL RP instances produce MRTG graphs etc of the CA
> > fetching side, though nothing on the rpki-rtr side.
>
> Randy, I actually have an ongoing discussion with the Fort developers
> about this after a BGPSec bug left me with stale VRP's for several days,
> with no clear indication that Fort had "kind of" crashed and "not fully"
> crashed (fair point, I need to work on better internal monitoring of
> Fort, as well).

That's the reason I preached about stale RTR servers before:

https://labs.ripe.net/author/lukas_tribus/rpki-rov-about-stale-rtr-servers-and-how-to-monitor-them/
https://github.com/lukastribus/rtrcheck
https://gist.github.com/lukastribus/695c9e780d118755271519d4d3cb54f3
(the latter is a check against IOS XR devices via NETCONF which makes
some sanity checks, absolute and relative)

However judging by the absolute zero feedback and support requests
from anyone (other than likes/thumbs up), I'm pretty sure no one
actually does this - other than where I set it up directly.


Fort is also working on a prometheus endpoint, which probably would
allow easier monitoring/integration:

https://github.com/NICMx/FORT-validator/issues/50


Lukas