Vidar
Silent Watcher, Swift Actor - SRE automation service for RavenmaskOS.
Overview
Vidar is the SRE automation platform that monitors infrastructure, detects issues, and takes automated remediation actions. Named after the Norse god who watches silently but acts decisively in times of crisis.
Access
| Service | URL |
|---|---|
| API | https://vidar-api.ravenhelm.dev |
| Admin Portal | https://vidar.ravenhelm.dev |
| GitLab Repo | https://gitlab.ravenhelm.dev/nwalker85/vidar |
Features
Alert Management
- Ingest alerts from Grafana and Prometheus Alertmanager
- Deduplicate alerts using fingerprinting
- Track alert lifecycle: firing → acknowledged → resolved
Incident Tracking
- Create incidents from alerts or manually
- Automatic GitLab issue creation
- Timeline tracking of agent actions
- Escalation for human intervention
CMDB (Configuration Management Database)
- Auto-discovery of infrastructure entities
- Entity types: containers, databases, network services, etc.
- Relationship mapping between entities
- Health status tracking
Discovery Sources
| Source | What it discovers |
|---|---|
| Docker | Containers, compose projects, health status |
| Prometheus | Scrape targets, job configurations |
| Traefik | Services, routers, hostnames |
Monitoring Recommendations
- Built-in templates for common entity types
- AI-powered alert rule generation using LLM
- Auto-apply recommendations to new entities
- Deploy rules directly to Prometheus
Runbooks
- Automated remediation workflows
- n8n workflow execution
- Manual and alert-triggered execution
- Execution tracking and history
Architecture
Vidar
├── vidar-api (FastAPI)
│ ├── /api/v1/alerts - Alert management
│ ├── /api/v1/incidents - Incident lifecycle
│ ├── /api/v1/cmdb - Entity management
│ ├── /api/v1/runbooks - Automation
│ └── /webhooks - Alert ingestion
└── vidar-admin (Next.js)
├── Alerts dashboard
├── Incidents view
├── CMDB browser
├── Discovery status
└── Runbooks manager
Configuration
Environment Variables
# Database
DATABASE_URL=postgresql://ravenhelm:ravenhelm@postgres:5432/ravenmaskos
# Discovery
DOCKER_HOST=http://dockerproxy:2375
PROMETHEUS_URL=http://prometheus:9090
TRAEFIK_API_URL=http://traefik:8080
DISCOVERY_ENABLED=true
DISCOVERY_INTERVAL=300
# GitLab Integration
GITLAB_URL=https://gitlab.ravenhelm.dev
GITLAB_TOKEN=glpat-xxx
GITLAB_PROJECT_ID=6
# LLM for AI Features
LLM_PROVIDER=anthropic
ANTHROPIC_API_KEY=xxx
Operations
Start Service
cd /Users/ravenhelm/ravenhelm/services/vidar
docker compose up -d
View Logs
docker logs vidar-api -f
docker logs vidar-admin -f
Trigger Discovery
curl -X POST https://vidar-api.ravenhelm.dev/api/v1/cmdb/discovery/trigger
Deploy Pending Monitors
curl -X POST https://vidar-api.ravenhelm.dev/api/v1/cmdb/monitors/deploy-all
Related Services
- Bifrost - Gateway service connecting Norns to external services
- Norns - AI agents for consultation and task execution
- Mimir - Knowledge base (planned)
Database Tables
Vidar uses the ravenmaskos database with these table groups:
Alert Engine
aiops_alert_sources- Webhook endpoints configaiops_alert_instances- Individual alert occurrencesaiops_alert_state_history- State transition audit
CMDB
entity_types- Container, host, database, etc.entities- Infrastructure itemsentity_relationships- Dependencies and connectionsdiscovery_sources- Docker, Prometheus, Traefikdiscovery_runs- Discovery execution historymonitoring_recommendations- Alert templatesentity_monitors- Applied recommendations
Incidents
aiops_incidents- Incident recordsaiops_gitlab_issues- GitLab issue linksaiops_incident_timeline- Event audit trail
Runbooks
vidar_runbooks- Runbook definitionsvidar_runbook_executions- Execution history