rpi.carlosedp.cluster-monit.../utils.libsonnet

135 lines
4.2 KiB
Plaintext
Raw Normal View History

2019-09-27 00:02:33 +02:00
local k = import 'ksonnet/ksonnet.beta.4/k.libsonnet';
local vars = import 'vars.jsonnet';
{
// Join multiple objects into one
join_objects(objs)::
local aux(arr, i, running) =
if i >= std.length(arr) then
running
else
aux(arr, i + 1, running + arr[i]) tailstrict;
aux(objs, 0, {}),
2019-10-09 16:52:00 +02:00
// Creates ClusterRoles
// roles format example: {apis: ['authentication.k8s.io'],
// res: ['tokenreviews'],
// verbs: ['create']
// }
newClusterRole(name, roles):: (
local clusterRole = k.rbac.v1.clusterRole;
local policyRule = clusterRole.rulesType;
local p(apigroups, resources, verbs) = policyRule.new() +
policyRule.withApiGroups([a for a in apigroups]) +
policyRule.withResources([r for r in resources]) +
policyRule.withVerbs([v for v in verbs]);
local r = [ p(pol.apis, pol.res, pol.verbs) for pol in roles ];
local rules = r;
local c = clusterRole.new() +
clusterRole.mixin.metadata.withName(name) +
clusterRole.withRules(rules);
c
),
2019-09-27 00:02:33 +02:00
// Creates endpoint objects
newEndpoint(name, namespace, ips, portName, portNumber):: (
local endpoints = k.core.v1.endpoints;
local endpointSubset = endpoints.subsetsType;
local endpointPort = endpointSubset.portsType;
local Port = endpointPort.new() +
endpointPort.withName(portName) +
endpointPort.withPort(portNumber) +
endpointPort.withProtocol('TCP');
local subset = endpointSubset.new() +
endpointSubset.withAddresses([
{ ip: IP }
for IP in ips
]) +
endpointSubset.withPorts(Port);
endpoints.new() +
endpoints.mixin.metadata.withName(name) +
endpoints.mixin.metadata.withNamespace(namespace) +
endpoints.mixin.metadata.withLabels({ 'k8s-app': name }) +
endpoints.withSubsets(subset)
),
// Creates ingress objects
newIngress(name, namespace, host, path, serviceName, servicePort):: (
local secret = k.core.v1.secret;
local ingress = k.extensions.v1beta1.ingress;
local ingressTls = ingress.mixin.spec.tlsType;
local ingressRule = ingress.mixin.spec.rulesType;
local httpIngressPath = ingressRule.mixin.http.pathsType;
ingress.new() +
ingress.mixin.metadata.withName(name) +
ingress.mixin.metadata.withNamespace(namespace) +
ingress.mixin.spec.withRules(
ingressRule.new() +
ingressRule.withHost(host) +
ingressRule.mixin.http.withPaths(
httpIngressPath.new() +
httpIngressPath.withPath(path) +
httpIngressPath.mixin.backend.withServiceName(serviceName) +
httpIngressPath.mixin.backend.withServicePort(servicePort)
),
)
),
// Creates http ServiceMonitor objects
2019-10-09 16:26:42 +02:00
newServiceMonitor(name, namespace, matchLabel, matchNamespace, portName, portScheme, path='metrics'):: (
2019-09-27 00:02:33 +02:00
{
apiVersion: 'monitoring.coreos.com/v1',
kind: 'ServiceMonitor',
metadata: {
name: name,
namespace: namespace,
labels: {
'app': name,
},
},
spec: {
jobLabel: name+'-exporter',
selector: {
matchLabels: matchLabel,
},
endpoints: [
{
port: portName,
scheme: portScheme,
interval: '30s',
},
],
namespaceSelector: {
matchNames: [matchNamespace],
},
},
}
),
// Creates https ServiceMonitor objects
newServiceMonitorHTTPS(name, namespace, matchLabel, matchNamespace, portName, portScheme, token):: (
local s = $.newServiceMonitor(name, namespace, matchLabel, matchNamespace, portName, portScheme);
// Replace endpoint with https and token
local t = {
spec: {
endpoints: [{
port: portName,
scheme: portScheme,
interval: '30s',
bearerTokenFile: token,
tlsConfig: {
insecureSkipVerify: true,
}
}],
}
};
2019-10-09 16:26:42 +02:00
std.mergePatch(s, t)
// s + t
2019-09-27 00:02:33 +02:00
),
}