Bird
Raised Fist0
Kubernetesdevops~5 mins

Alerting with Prometheus Alertmanager in Kubernetes - Cheat Sheet & Quick Revision

Choose your learning style10 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Recall & Review
beginner
What is the main role of Prometheus Alertmanager?
Prometheus Alertmanager manages alerts sent by Prometheus servers. It groups, deduplicates, and routes alerts to notification channels like email, Slack, or PagerDuty.
Click to reveal answer
intermediate
How does Alertmanager group alerts?
Alertmanager groups alerts based on labels such as alertname, severity, or custom labels. Grouping helps send related alerts together to reduce noise.
Click to reveal answer
beginner
What is a receiver in Prometheus Alertmanager?
A receiver is a destination where Alertmanager sends notifications. Examples include email addresses, Slack channels, or webhook endpoints.
Click to reveal answer
advanced
What is the purpose of 'inhibit_rules' in Alertmanager configuration?
Inhibit rules silence certain alerts when related alerts are already firing. This prevents alert noise by suppressing less important alerts when a critical one is active.
Click to reveal answer
beginner
Which file typically contains Alertmanager configuration in Kubernetes setups?
Alertmanager configuration is usually stored in a ConfigMap mounted into the Alertmanager pod, often named 'alertmanager.yaml'.
Click to reveal answer
What does Prometheus Alertmanager do with duplicate alerts?
AIt deletes the alerts permanently
BIt ignores all alerts
CIt sends each alert separately without grouping
DIt deduplicates them to avoid repeated notifications
Which label is commonly used to group alerts in Alertmanager?
Aalertname
Bpod_name
Cnode_ip
Dcontainer_id
What is the function of 'receivers' in Alertmanager?
AStore alert data
BDefine where alerts are sent
CGenerate alerts
DMonitor Kubernetes nodes
How can Alertmanager reduce alert noise when a critical alert is firing?
ABy sending alerts multiple times
BBy ignoring all alerts
CUsing inhibit rules to silence related alerts
DBy restarting Prometheus
Where is Alertmanager configuration usually stored in Kubernetes?
AIn a ConfigMap mounted as alertmanager.yaml
BInside the Prometheus server binary
CIn a Kubernetes Secret named 'prometheus-config'
DIn the pod's environment variables
Explain how Prometheus Alertmanager groups and routes alerts to reduce notification noise.
Think about how related alerts are combined and sent to the right place.
You got /4 concepts.
    Describe the typical setup of Alertmanager configuration in a Kubernetes environment.
    Consider how Kubernetes manages configuration files for pods.
    You got /4 concepts.

      Practice

      (1/5)
      1. What is the main role of Prometheus Alertmanager in Kubernetes monitoring?
      easy
      A. To collect metrics from Kubernetes nodes
      B. To send notifications when Prometheus detects alerts
      C. To store logs from containers
      D. To deploy applications automatically

      Solution

      1. Step 1: Understand Prometheus and Alertmanager roles

        Prometheus collects metrics and detects alerts based on rules.

      2. Step 2: Identify Alertmanager's function

        Alertmanager receives alerts from Prometheus and sends notifications to users or systems.

      3. Final Answer:

        To send notifications when Prometheus detects alerts -> Option B

      4. Quick Check:

        Alertmanager = Notification sender [OK]
      Hint: Alertmanager handles alert notifications, not metric collection [OK]
      Common Mistakes:
      • Confusing Alertmanager with Prometheus server
      • Thinking Alertmanager collects metrics
      • Assuming Alertmanager deploys apps
      2. Which of the following is the correct YAML snippet to define an email receiver named 'team-email' in Alertmanager?
      easy
      A. receivers: - name: team-email email_configs: - to: 'team@example.com'
      B. receivers: - team-email: email: 'team@example.com'
      C. receiver: name: team-email email: 'team@example.com'
      D. receivers: - name: team-email slack_configs: - channel: '#alerts'

      Solution

      1. Step 1: Review Alertmanager receiver syntax

        Receivers are defined under 'receivers' list with 'name' and config type like 'email_configs'.

      2. Step 2: Match correct YAML structure

        receivers: - name: team-email email_configs: - to: 'team@example.com' correctly uses 'receivers', 'name', and 'email_configs' with 'to' field.

      3. Final Answer:

        Correct YAML with 'receivers', 'name', and 'email_configs' -> Option A

      4. Quick Check:

        Receiver YAML uses 'name' and 'email_configs' [OK]
      Hint: Receiver configs use 'name' and specific config like 'email_configs' [OK]
      Common Mistakes:
      • Using 'receiver' instead of 'receivers'
      • Incorrect nesting of email fields
      • Confusing slack_configs with email_configs
      3. Given this Alertmanager config snippet, what will happen when multiple alerts fire simultaneously? 
      route:
  group_by: ['alertname']
  receiver: 'team-email'
receivers:
  - name: 'team-email'
    email_configs:
      - to: 'team@example.com'
      medium
      A. Alerts with the same 'alertname' will be grouped into one notification
      B. Each alert will send a separate email regardless of grouping
      C. No alerts will be sent because 'group_wait' is missing
      D. Alerts will be sent only to Slack, not email

      Solution

      1. Step 1: Understand 'group_by' in Alertmanager route

        'group_by' groups alerts by specified labels; here, alerts with same 'alertname' are grouped.

      2. Step 2: Check receiver and notification method

        Receiver 'team-email' uses email_configs, so grouped alerts send one email per alertname.

      3. Final Answer:

        Alerts with the same 'alertname' will be grouped into one notification -> Option A

      4. Quick Check:

        'group_by' controls alert grouping [OK]
      Hint: 'group_by' label controls alert grouping in notifications [OK]
      Common Mistakes:
      • Assuming each alert sends separate email
      • Thinking 'group_wait' is required to send alerts
      • Confusing receiver type with Slack
      4. You configured Alertmanager but no notifications are sent. Which of these is a likely cause based on this snippet? 
      receivers:
  - name: 'team-email'
    email_configs:
      - to: 'team@example.com'
route:
  receiver: 'team-email'
  group_by: ['alertname']
  group_wait: 30s
  group_interval: 5m
  repeat_interval: 1h
      medium
      A. Alertmanager does not support email notifications
      B. Incorrect 'group_by' label causes no alerts
      C. Receiver name does not match route receiver
      D. Missing SMTP server configuration in Alertmanager

      Solution

      1. Step 1: Check email notification requirements

        Email notifications require SMTP server settings in Alertmanager config, not shown here.

      2. Step 2: Verify receiver and route match

        Receiver name 'team-email' matches route receiver, so routing is correct.

      3. Final Answer:

        Missing SMTP server configuration in Alertmanager -> Option D

      4. Quick Check:

        Email needs SMTP setup to send alerts [OK]
      Hint: Email alerts need SMTP server configured in Alertmanager [OK]
      Common Mistakes:
      • Assuming 'group_by' label stops alerts
      • Thinking receiver name mismatch causes no alerts here
      • Believing Alertmanager can't send emails
      5. You want to avoid alert spam by grouping alerts by both 'alertname' and 'severity', and send notifications to Slack channel '#alerts'. Which Alertmanager route and receiver config is correct?
      hard
      A. route: group_by: ['severity'] receiver: 'email-team' receivers: - name: 'email-team' slack_configs: - channel: '#alerts'
      B. route: group_by: ['alertname'] receiver: 'slack-notifications' receivers: - name: 'slack-notifications' email_configs: - to: '#alerts'
      C. route: group_by: ['alertname', 'severity'] receiver: 'slack-notifications' receivers: - name: 'slack-notifications' slack_configs: - channel: '#alerts' send_resolved: true
      D. route: group_by: ['alertname', 'severity'] receiver: 'email-team' receivers: - name: 'email-team' email_configs: - to: 'team@example.com'

      Solution

      1. Step 1: Set grouping labels in route

        To group alerts by 'alertname' and 'severity', list both in 'group_by'.

      2. Step 2: Configure Slack receiver correctly

        Receiver named 'slack-notifications' uses 'slack_configs' with channel '#alerts' and 'send_resolved' true.

      3. Final Answer:

        Route groups by alertname and severity; receiver sends Slack messages to #alerts -> Option C

      4. Quick Check:

        Group by multiple labels and use correct receiver config [OK]
      Hint: Group by multiple labels and match receiver type to notification [OK]
      Common Mistakes:
      • Using email_configs for Slack notifications
      • Grouping by only one label when two needed
      • Mismatch between route receiver and receiver name