Stop Trusting Ping: Infrastructure Monitoring at Scale with Prometheus
There is a specific kind of hell reserved for sysadmins who still rely on email alerts from a 2010-era Nagios installation. You know the drill. It’s 3:17 AM. Your phone buzzes. CPU load on web-node-04 spiked to 98%. By the time you SSH in, the load is back to 0.4. You check the logs. Nothing. You go back to sleep, only to be woken up twenty minutes later. Rinse, repeat.
In 2019, infrastructure is no longer static. We aren't just racking servers and leaving them alone for five years. We are spinning up Docker containers, scaling groups, and microservices. If your monitoring strategy relies on a daemon polling a server every 5 minutes, you are effectively flying blind. You are missing the micro-spikes that kill user experience.
I’ve spent the last month migrating a high-traffic e-commerce platform hosted in Oslo from a legacy Zabbix setup to a full Prometheus and Grafana stack. The difference isn't just in the graphs; it's in the stability of the platform. Here is how we did it, why shared hosting metrics are a lie, and how to build a monitoring stack that actually works.
The "Steal Time" Trap and Why KVM Matters
Before we touch a single configuration file, we need to talk about the infrastructure underneath your monitoring.
In a recent project, we noticed sporadic latency on our database cluster. The application metrics looked fine. The slow query log was empty. Yet, the NIX (Norwegian Internet Exchange) looking glass showed intermittent timeouts. The culprit? CPU Steal Time.
On cheap, container-based VPS providers (OpenVZ/LXC), you are at the mercy of your neighbors. If another tenant decides to mine cryptocurrency or compile the Linux kernel, your "guaranteed" CPU cycles vanish. Your monitoring agent might not even run fast enough to catch it.
Pro Tip: Always check%st(steal time) intop. If it is consistently above 0.0% on a dedicated VPS, your provider is overselling resources. This is why we default to CoolVDS for production workloads—they use KVM virtualization with strict resource isolation. If I pay for 4 vCPUs, I want 4 vCPUs, not 2 vCPUs and an IOU from the hypervisor.
Step 1: The Shift to Time-Series Data (Prometheus)
We are moving away from "checks" (is it up?) to "metrics" (how is it behaving?). Prometheus v2.9 is currently the industry standard for this. It uses a pull model, meaning your monitoring server scrapes metrics from your targets. This is crucial for security—you don't need to open inbound ports on your monitoring server to the world, only outbound.
Deploying Node Exporter
First, we need to expose system metrics. We use the node_exporter binary. Don't use the apt package; it's often outdated. Download the latest binary (v0.18.0 as of writing) directly.
useradd --no-create-home --shell /bin/false node_exporter
wget https://github.com/prometheus/node_exporter/releases/download/v0.18.0/node_exporter-0.18.0.linux-amd64.tar.gz
tar xvf node_exporter-0.18.0.linux-amd64.tar.gz
cp node_exporter-0.18.0.linux-amd64/node_exporter /usr/local/bin/
chown node_exporter:node_exporter /usr/local/bin/node_exporterCreate a systemd service file at /etc/systemd/system/node_exporter.service. Notice the collector flags; we are explicitly enabling systemd and filesystem collectors which are vital for spotting disk I/O bottlenecks.
[Unit]
Description=Node Exporter
Wants=network-online.target
After=network-online.target
[Service]
User=node_exporter
Group=node_exporter
Type=simple
ExecStart=/usr/local/bin/node_exporter \
--collector.systemd \
--collector.filesystem \
--collector.cpu
[Install]
WantedBy=multi-user.targetStep 2: Configuring the Scrape
On your central monitoring server (this should be a robust instance, ideally a CoolVDS NVMe plan because Prometheus writes heavily to disk), configure prometheus.yml. We are going to set a scrape interval of 15 seconds. Anything higher and you miss the spikes.
global:
scrape_interval: 15s
evaluation_interval: 15s
scrape_configs:
- job_name: 'oslo-nodes'
static_configs:
- targets: ['10.0.0.5:9100', '10.0.0.6:9100']
# Use relabeling to make logs readable
relabel_configs:
- source_labels: [__address__]
regex: '10\.0\.0\.5:9100'
target_label: instance
replacement: 'frontend-nginx-01'Step 3: Visualizing with Grafana 6
Grafana 6.0 was released just a few months ago, and the new gauge panels are fantastic. But pretty charts don't save production. You need to visualize saturation.
The USE Method (Utilization, Saturation, and Errors) is your bible here. For storage, Saturation is often the silent killer. If you are hosting a database on standard SSDs or, god forbid, spinning rust, your IO wait times will skyrocket during backups.
Use this PromQL query to find disks under heavy pressure:
rate(node_disk_io_time_seconds_total[1m])If this value approaches 1.0 (100%), your disk is the bottleneck. This is where hardware choice becomes non-negotiable. We switched our primary database node to a CoolVDS instance with local NVMe storage. The IO wait dropped from an average of 15% to 0.2%. NVMe isn't just a buzzword; the queue depth handling is fundamentally superior for concurrent database writes.
Step 4: Smart Alerting (No More 3 AM Wakeups)
The goal is to alert on symptoms, not causes. "High CPU" is a cause. "Page load time > 2s" is a symptom. Nobody cares if the CPU is at 100% if the site is fast (though that rarely happens).
We use Alertmanager to group alerts. If the database goes down, you don't want 50 emails saying "Web Server 1 is failing", "Web Server 2 is failing", etc. You want one email: "Database is down, impacting 50 services."
Here is a snippet for alertmanager.yml to handle inhibition (stopping spam when a critical dependency fails):
inhibit_rules:
- source_match:
severity: 'critical'
target_match:
severity: 'warning'
equal: ['env', 'region']Norwegian Compliance and Data Sovereignty
Since we are operating in Norway, we have to talk about GDPR. We are one year into the regulation (May 2018 implementation), and the Datatilsynet is not playing around. Storing server logs and IP addresses constitutes processing personal data.
When you use US-based cloud giants, you navigate a legal minefield regarding the Privacy Shield frameworks. By hosting your monitoring stack and your infrastructure on CoolVDS, which operates data centers locally, you ensure data residency. Your logs stay in Norway. This simplifies your Article 30 Record of Processing Activities immensely.
The Verdict
Monitoring is not about staring at screens. It is about knowing something is wrong before your customer tweets about it. The combination of Prometheus for metrics and high-performance infrastructure is the only way to handle the scale of modern traffic.
You can spend hours tuning a Zabbix server to poll faster, or you can modernize your stack. And remember, software optimizations can only go so far if the hardware is choking on I/O. Don't let slow disks kill your SEO.
Ready to see what zero-latency feels like? Spin up a CoolVDS NVMe instance today and start monitoring with precision.