rpi.carlosedp.cluster-monit.../modules/arm_exporter.jsonnet

104 lines
3.9 KiB
Plaintext
Raw Permalink Normal View History

2020-05-26 01:23:56 +02:00
local utils = import '../utils.libsonnet';
2019-08-08 22:09:53 +02:00
local k = import 'ksonnet/ksonnet.beta.4/k.libsonnet';
2019-02-27 13:28:00 +01:00
{
_config+:: {
namespace: 'monitoring',
2019-03-22 19:23:23 +01:00
versions+:: {
armExporter: 'latest',
},
imageRepos+:: {
armExporter: 'carlosedp/arm_exporter',
},
},
armExporter+:: {
2019-10-09 22:11:17 +02:00
serviceAccount:
utils.newServiceAccount('arm-exporter', $._config.namespace, null),
clusterRole:
2019-10-09 16:52:00 +02:00
utils.newClusterRole('arm-exporter', [
2020-03-18 22:01:01 +01:00
{
apis: ['authentication.k8s.io'],
res: ['tokenreviews'],
verbs: ['create'],
},
{
apis: ['authorization.k8s.io'],
res: ['subjectaccessreviews'],
verbs: ['create'],
2019-10-09 16:52:00 +02:00
},
2019-10-09 22:11:17 +02:00
], null),
2019-10-09 22:11:17 +02:00
clusterRoleBinding:
utils.newClusterRoleBinding('arm-exporter', 'arm-exporter', $._config.namespace, 'arm-exporter', null),
daemonset:
2019-10-09 16:26:42 +02:00
local daemonset = k.apps.v1.daemonSet;
local container = daemonset.mixin.spec.template.spec.containersType;
local containerPort = container.portsType;
local containerEnv = container.envType;
local podLabels = { 'k8s-app': 'arm-exporter' };
local armExporter =
container.new('arm-exporter', $._config.imageRepos.armExporter + ':' + $._config.versions.armExporter) +
container.withCommand([
'/bin/rpi_exporter',
'--web.listen-address=127.0.0.1:9243',
]) +
container.mixin.securityContext.withPrivileged(true) +
2019-02-01 14:43:22 +01:00
container.mixin.resources.withRequests({ cpu: '50m', memory: '50Mi' }) +
container.mixin.resources.withLimits({ cpu: '100m', memory: '100Mi' });
local ip = containerEnv.fromFieldPath('IP', 'status.podIP');
local proxy =
container.new('kube-rbac-proxy', $._config.imageRepos.kubeRbacProxy + ':' + $._config.versions.kubeRbacProxy) +
container.withArgs([
'--secure-listen-address=$(IP):9243',
'--upstream=http://127.0.0.1:9243/',
'--tls-cipher-suites=' + std.join(',', $._config.tlsCipherSuites),
]) +
container.withPorts(containerPort.new(9243) + containerPort.withHostPort(9243) + containerPort.withName('https')) +
container.mixin.resources.withRequests({ cpu: '10m', memory: '20Mi' }) +
container.mixin.resources.withLimits({ cpu: '20m', memory: '40Mi' }) +
container.withEnv([ip]);
local c = [armExporter, proxy];
daemonset.new() +
daemonset.mixin.metadata.withName('arm-exporter') +
daemonset.mixin.metadata.withNamespace($._config.namespace) +
daemonset.mixin.metadata.withLabels(podLabels) +
daemonset.mixin.spec.selector.withMatchLabels(podLabels) +
daemonset.mixin.spec.template.metadata.withLabels(podLabels) +
daemonset.mixin.spec.template.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.withNodeSelectorTerms([{ matchExpressions: [{ key: 'kubernetes.io/arch', operator: 'In', values: ['arm', 'arm64'] }] }]) +
daemonset.mixin.spec.template.spec.withTolerations([{ operator: 'Exists' }]) +
daemonset.mixin.spec.template.spec.withServiceAccountName('arm-exporter') +
daemonset.mixin.spec.template.spec.withContainers(c),
2019-09-27 00:02:33 +02:00
service:
local service = k.core.v1.service;
local servicePort = k.core.v1.service.mixin.spec.portsType;
local armExporterPort = servicePort.newNamed('https', 9243, 'https');
service.new('arm-exporter', $.armExporter.daemonset.spec.selector.matchLabels, armExporterPort) +
service.mixin.metadata.withNamespace($._config.namespace) +
service.mixin.metadata.withLabels({ 'k8s-app': 'arm-exporter' }) +
service.mixin.spec.withClusterIp('None'),
2019-10-09 22:11:17 +02:00
serviceMonitor:
2020-03-18 22:01:01 +01:00
utils.newServiceMonitorHTTPS(
'arm-exporter',
2019-10-09 22:11:17 +02:00
$._config.namespace,
2020-03-18 22:01:01 +01:00
{ 'k8s-app': 'arm-exporter' },
2019-10-09 22:11:17 +02:00
$._config.namespace,
'https',
'https',
'/var/run/secrets/kubernetes.io/serviceaccount/token',
),
},
2019-03-13 22:44:01 +01:00
}