rpi.carlosedp.cluster-monit.../base_operator_stack.jsonnet

199 lines
6.7 KiB
Plaintext
Raw Normal View History

2019-02-27 13:28:00 +01:00
local k = import 'ksonnet/ksonnet.beta.3/k.libsonnet';
{
2019-03-13 22:44:01 +01:00
_config+:: {
namespace: 'monitoring',
2019-02-27 13:28:00 +01:00
urls+:: {
prom_ingress: 'prometheus.internal.carlosedp.com',
alert_ingress: 'alertmanager.internal.carlosedp.com',
grafana_ingress: 'grafana.internal.carlosedp.com',
grafana_ingress_external: 'grafana.cloud.carlosedp.com',
},
prometheus+:: {
names: 'k8s',
replicas: 1,
namespaces: ['default', 'kube-system', 'monitoring'],
2019-02-27 13:28:00 +01:00
},
alertmanager+:: {
replicas: 1,
},
kubeStateMetrics+:: {
collectors: '', // empty string gets a default set
scrapeInterval: '30s',
scrapeTimeout: '30s',
baseCPU: '100m',
baseMemory: '150Mi',
cpuPerNode: '2m',
memoryPerNode: '30Mi',
},
2019-03-13 22:44:01 +01:00
// Add custom Grafana dashboards
grafanaDashboards+:: {
'kubernetes-cluster-dashboard.json': (import 'grafana-dashboards/kubernetes-cluster-dashboard.json'),
'prometheus-dashboard.json': (import 'grafana-dashboards/prometheus-dashboard.json'),
'coredns-dashboard.json': (import 'grafana-dashboards/coredns-dashboard.json'),
},
2019-02-27 13:28:00 +01:00
2019-03-13 22:44:01 +01:00
grafana+:: {
config: {
sections: {
2019-02-27 13:28:00 +01:00
// database: { path: '/data/grafana.db' },
// paths: {
// data: '/var/lib/grafana',
// logs: '/var/lib/grafana/log',
// plugins: '/var/lib/grafana/plugins',
// provisioning: '/etc/grafana/provisioning',
// },
2019-03-13 22:44:01 +01:00
session: { provider: 'memory' },
'auth.basic': { enabled: false },
'auth.anonymous': { enabled: false },
smtp: {
enabled: true,
host: 'smtp-server.monitoring.svc:25',
user: '',
password: '',
from_address: 'carlosedp@gmail.com',
from_name: 'Grafana Alert',
skip_verify: true,
2019-02-27 13:28:00 +01:00
},
},
},
},
2019-03-13 22:44:01 +01:00
},
//---------------------------------------
// End of _config
//---------------------------------------
2019-02-27 13:28:00 +01:00
2019-03-13 22:44:01 +01:00
prometheus+:: {
local pvc = k.core.v1.persistentVolumeClaim,
prometheus+: {
spec+: {
retention: '15d',
externalUrl: 'http://' + $._config.urls.prom_ingress,
storage: {
2019-02-27 13:28:00 +01:00
volumeClaimTemplate:
pvc.new() +
pvc.mixin.spec.withAccessModes('ReadWriteOnce') +
2019-03-13 22:44:01 +01:00
pvc.mixin.spec.resources.withRequests({ storage: '20Gi' }),
// Uncomment below to define a StorageClass name
//+ pvc.mixin.spec.withStorageClassName('nfs-master-ssd'),
2019-02-27 13:28:00 +01:00
},
},
},
2019-03-13 22:44:01 +01:00
},
2019-02-27 13:28:00 +01:00
2019-03-13 22:44:01 +01:00
// Override deployment for Grafana data persistence
grafana+:: {
deployment+: {
spec+: {
template+: {
spec+: {
2019-02-27 13:28:00 +01:00
volumes:
std.map(
function(v)
if v.name == 'grafana-storage' then
2019-03-13 22:44:01 +01:00
{
name: 'grafana-storage',
persistentVolumeClaim: {
claimName: 'grafana-storage',
},
2019-02-27 13:28:00 +01:00
}
else v,
super.volumes
),
},
},
},
},
2019-03-13 22:44:01 +01:00
storage:
local pvc = k.core.v1.persistentVolumeClaim;
pvc.new() +
pvc.mixin.metadata.withNamespace($._config.namespace) +
pvc.mixin.metadata.withName('grafana-storage') +
pvc.mixin.spec.withAccessModes('ReadWriteMany') +
pvc.mixin.spec.resources.withRequests({ storage: '2Gi' }),
},
2019-02-27 13:28:00 +01:00
2019-03-13 22:44:01 +01:00
grafanaDashboards+:: $._config.grafanaDashboards,
2019-02-27 13:28:00 +01:00
// Create ingress objects per application
2019-03-13 22:44:01 +01:00
ingress+: {
local secret = k.core.v1.secret,
local ingress = k.extensions.v1beta1.ingress,
local ingressTls = ingress.mixin.spec.tlsType,
local ingressRule = ingress.mixin.spec.rulesType,
local httpIngressPath = ingressRule.mixin.http.pathsType,
2019-02-27 13:28:00 +01:00
2019-03-13 22:44:01 +01:00
'alertmanager-main':
ingress.new() +
ingress.mixin.metadata.withName('alertmanager-main') +
ingress.mixin.metadata.withNamespace($._config.namespace) +
ingress.mixin.spec.withRules(
ingressRule.new() +
ingressRule.withHost($._config.urls.alert_ingress) +
ingressRule.mixin.http.withPaths(
httpIngressPath.new() +
httpIngressPath.withPath('/') +
httpIngressPath.mixin.backend.withServiceName('alertmanager-main') +
httpIngressPath.mixin.backend.withServicePort('web')
2019-02-27 13:28:00 +01:00
),
2019-03-13 22:44:01 +01:00
),
grafana:
ingress.new() +
ingress.mixin.metadata.withName('grafana') +
ingress.mixin.metadata.withNamespace($._config.namespace) +
ingress.mixin.spec.withRules(
ingressRule.new() +
ingressRule.withHost($._config.urls.grafana_ingress) +
ingressRule.mixin.http.withPaths(
httpIngressPath.new() +
httpIngressPath.withPath('/') +
httpIngressPath.mixin.backend.withServiceName('grafana') +
httpIngressPath.mixin.backend.withServicePort('http')
2019-02-27 13:28:00 +01:00
),
2019-03-13 22:44:01 +01:00
),
'prometheus-k8s':
ingress.new() +
ingress.mixin.metadata.withName('prometheus-k8s') +
ingress.mixin.metadata.withNamespace($._config.namespace) +
ingress.mixin.spec.withRules(
ingressRule.new() +
ingressRule.withHost($._config.urls.prom_ingress) +
ingressRule.mixin.http.withPaths(
httpIngressPath.new() +
httpIngressPath.withPath('/') +
httpIngressPath.mixin.backend.withServiceName('prometheus-k8s') +
httpIngressPath.mixin.backend.withServicePort('web')
),
),
// // Example external ingress with authentication
// 'grafana-external':
// ingress.new() +
// ingress.mixin.metadata.withName('grafana-external') +
// ingress.mixin.metadata.withNamespace($._config.namespace) +
// ingress.mixin.metadata.withLabels({'traffic-type': 'external'}) +
// ingress.mixin.metadata.withAnnotations({
// 'ingress.kubernetes.io/auth-type': 'basic',
// 'ingress.kubernetes.io/auth-secret': 'basic-auth',
// }) +
// ingress.mixin.spec.withRules(
// ingressRule.new() +
// ingressRule.withHost($._config.urls.grafana_ingress_external) +
// ingressRule.mixin.http.withPaths(
// httpIngressPath.new() +
// httpIngressPath.withPath('/') +
// httpIngressPath.mixin.backend.withServiceName('grafana') +
// httpIngressPath.mixin.backend.withServicePort('http')
// ),
// ),
// 'basic-auth-secret':
// // First generate the auth secret with gen_auth.sh script
// secret.new('basic-auth', { auth: std.base64(importstr 'auth') }) +
// secret.mixin.metadata.withNamespace($._config.namespace),
},
}