mirror of
https://github.com/carlosedp/cluster-monitoring.git
synced 2024-11-20 19:07:17 +01:00
Use utils functions
This commit is contained in:
Carlos de Paula
parent
47711c5ed6
commit
5fd83a4ef2
@ -15,15 +15,8 @@ local utils = import 'utils.libsonnet';
|
||||
},
|
||||
|
||||
armExporter+:: {
|
||||
clusterRoleBinding:
|
||||
local clusterRoleBinding = k.rbac.v1.clusterRoleBinding;
|
||||
|
||||
clusterRoleBinding.new() +
|
||||
clusterRoleBinding.mixin.metadata.withName('arm-exporter') +
|
||||
clusterRoleBinding.mixin.roleRef.withApiGroup('rbac.authorization.k8s.io') +
|
||||
clusterRoleBinding.mixin.roleRef.withName('arm-exporter') +
|
||||
clusterRoleBinding.mixin.roleRef.mixinInstance({ kind: 'ClusterRole' }) +
|
||||
clusterRoleBinding.withSubjects([{ kind: 'ServiceAccount', name: 'arm-exporter', namespace: $._config.namespace }]),
|
||||
serviceAccount:
|
||||
utils.newServiceAccount('arm-exporter', $._config.namespace, null),
|
||||
|
||||
clusterRole:
|
||||
utils.newClusterRole('arm-exporter', [
|
||||
@ -35,13 +28,10 @@ local utils = import 'utils.libsonnet';
|
||||
res: ['subjectaccessreviews'],
|
||||
verbs: ['create']
|
||||
}
|
||||
]),
|
||||
], null),
|
||||
|
||||
serviceAccount:
|
||||
local serviceAccount = k.core.v1.serviceAccount;
|
||||
|
||||
serviceAccount.new('arm-exporter') +
|
||||
serviceAccount.mixin.metadata.withNamespace($._config.namespace),
|
||||
clusterRoleBinding:
|
||||
utils.newClusterRoleBinding('arm-exporter', 'arm-exporter', $._config.namespace, 'arm-exporter', null),
|
||||
|
||||
daemonset:
|
||||
local daemonset = k.apps.v1.daemonSet;
|
||||
@ -84,16 +74,6 @@ local utils = import 'utils.libsonnet';
|
||||
daemonset.mixin.spec.template.spec.withServiceAccountName('arm-exporter') +
|
||||
daemonset.mixin.spec.template.spec.withContainers(c),
|
||||
|
||||
serviceMonitor:
|
||||
utils.newServiceMonitorHTTPS('arm-exporter',
|
||||
$._config.namespace,
|
||||
{'k8s-app': 'arm-exporter'},
|
||||
$._config.namespace,
|
||||
'https',
|
||||
'https',
|
||||
'/var/run/secrets/kubernetes.io/serviceaccount/token',
|
||||
),
|
||||
|
||||
service:
|
||||
local service = k.core.v1.service;
|
||||
local servicePort = k.core.v1.service.mixin.spec.portsType;
|
||||
@ -104,5 +84,15 @@ local utils = import 'utils.libsonnet';
|
||||
service.mixin.metadata.withNamespace($._config.namespace) +
|
||||
service.mixin.metadata.withLabels({ 'k8s-app': 'arm-exporter' }) +
|
||||
service.mixin.spec.withClusterIp('None'),
|
||||
|
||||
serviceMonitor:
|
||||
utils.newServiceMonitorHTTPS('arm-exporter',
|
||||
$._config.namespace,
|
||||
{'k8s-app': 'arm-exporter'},
|
||||
$._config.namespace,
|
||||
'https',
|
||||
'https',
|
||||
'/var/run/secrets/kubernetes.io/serviceaccount/token',
|
||||
),
|
||||
},
|
||||
}
|
||||
|
||||
@ -2,6 +2,15 @@ local k = import 'ksonnet/ksonnet.beta.4/k.libsonnet';
|
||||
local vars = import 'vars.jsonnet';
|
||||
|
||||
{
|
||||
// Generates the manifests for all objects in kp except those starting with "_"
|
||||
generate(kp):: (
|
||||
{
|
||||
[std.asciiLower(module) + '-' + name]: kp[module][name]
|
||||
for module in std.objectFieldsAll(kp) if !std.startsWith(module, '_')
|
||||
for name in std.objectFields(kp[module])
|
||||
}
|
||||
),
|
||||
|
||||
// Join multiple objects into one
|
||||
join_objects(objs)::
|
||||
local aux(arr, i, running) =
|
||||
@ -11,30 +20,53 @@ local vars = import 'vars.jsonnet';
|
||||
aux(arr, i + 1, running + arr[i]) tailstrict;
|
||||
aux(objs, 0, {}),
|
||||
|
||||
// Creates serviceaccount
|
||||
newServiceAccount(name, namespace, labels):: (
|
||||
local serviceAccount = k.core.v1.serviceAccount;
|
||||
|
||||
serviceAccount.new(name)
|
||||
+ (if labels != null then serviceAccount.mixin.metadata.withLabels(labels) else {})
|
||||
+ serviceAccount.mixin.metadata.withNamespace(namespace)
|
||||
),
|
||||
|
||||
// Creates ClusterRoles
|
||||
// roles format example: {apis: ['authentication.k8s.io'],
|
||||
// roles format example: [{apis: ['authentication.k8s.io'],
|
||||
// res: ['tokenreviews'],
|
||||
// verbs: ['create']
|
||||
// }
|
||||
newClusterRole(name, roles):: (
|
||||
// },[{...}]]
|
||||
newClusterRole(name, roles, labels):: (
|
||||
local clusterRole = k.rbac.v1.clusterRole;
|
||||
local policyRule = clusterRole.rulesType;
|
||||
|
||||
local p(apigroups, resources, verbs) = policyRule.new() +
|
||||
policyRule.withApiGroups([a for a in apigroups]) +
|
||||
policyRule.withResources([r for r in resources]) +
|
||||
policyRule.withVerbs([v for v in verbs]);
|
||||
local p(apigroups, resources, verbs) = policyRule.new()
|
||||
+ policyRule.withApiGroups([a for a in apigroups])
|
||||
+ policyRule.withResources([r for r in resources])
|
||||
+ policyRule.withVerbs([v for v in verbs]);
|
||||
|
||||
local r = [ p(pol.apis, pol.res, pol.verbs) for pol in roles ];
|
||||
|
||||
local rules = r;
|
||||
|
||||
local c = clusterRole.new() +
|
||||
clusterRole.mixin.metadata.withName(name) +
|
||||
clusterRole.withRules(rules);
|
||||
local c = clusterRole.new()
|
||||
+ (if labels != null then clusterRole.mixin.metadata.withLabels(labels) else {})
|
||||
+ clusterRole.mixin.metadata.withName(name) +
|
||||
+ clusterRole.withRules(rules);
|
||||
c
|
||||
),
|
||||
|
||||
// Creates a ClusterRoleBinding between a `clusterRole` and a `serviceAccount` on `serviceAccountNamespace`
|
||||
newClusterRoleBinding(name, serviceAccount, serviceAccountNamespace, clusterRole, labels):: (
|
||||
local clusterRoleBinding = k.rbac.v1.clusterRoleBinding;
|
||||
|
||||
clusterRoleBinding.new()
|
||||
+ clusterRoleBinding.mixin.metadata.withName(name) +
|
||||
+ (if labels != null then clusterRoleBinding.mixin.metadata.withLabels(labels) else {})
|
||||
+ clusterRoleBinding.mixin.roleRef.withApiGroup('rbac.authorization.k8s.io')
|
||||
+ clusterRoleBinding.mixin.roleRef.withName(clusterRole)
|
||||
+ clusterRoleBinding.mixin.roleRef.mixinInstance({ kind: 'ClusterRole' })
|
||||
+ clusterRoleBinding.withSubjects([{ kind: 'ServiceAccount', 'name': serviceAccount, 'namespace': serviceAccountNamespace }])
|
||||
),
|
||||
|
||||
// Creates endpoint objects
|
||||
newEndpoint(name, namespace, ips, portName, portNumber):: (
|
||||
local endpoints = k.core.v1.endpoints;
|
||||
@ -81,6 +113,39 @@ local vars = import 'vars.jsonnet';
|
||||
)
|
||||
),
|
||||
|
||||
// Creates new basic deployments
|
||||
newDeployment(name, namespace, image, cmd, port):: (
|
||||
local deployment = k.apps.v1.deployment;
|
||||
local container = k.apps.v1.deployment.mixin.spec.template.spec.containersType;
|
||||
local containerPort = container.portsType;
|
||||
|
||||
local con =
|
||||
container.new(name, image)
|
||||
+ (if cmd != null then container.withCommand(cmd) else {})
|
||||
+ container.withPorts(containerPort.newNamed(port, name+'-port'));
|
||||
|
||||
local c = [con];
|
||||
|
||||
local d = deployment.new(name, 1, c, {'app': name}) +
|
||||
deployment.mixin.metadata.withNamespace(namespace) +
|
||||
deployment.mixin.metadata.withLabels({'app': name}) +
|
||||
deployment.mixin.spec.selector.withMatchLabels({'app': name}) +
|
||||
deployment.mixin.spec.strategy.withType('RollingUpdate') +
|
||||
deployment.mixin.spec.template.spec.withRestartPolicy('Always');
|
||||
d
|
||||
),
|
||||
|
||||
newService(name, namespace, port):: (
|
||||
local service = k.core.v1.service;
|
||||
local servicePort = k.core.v1.service.mixin.spec.portsType;
|
||||
local p = servicePort.newNamed(name, port, port);
|
||||
|
||||
local s = service.new(name, {'app': name}, p) +
|
||||
service.mixin.metadata.withNamespace(namespace) +
|
||||
service.mixin.metadata.withLabels({'app': name});
|
||||
s
|
||||
),
|
||||
|
||||
// Creates http ServiceMonitor objects
|
||||
newServiceMonitor(name, namespace, matchLabel, matchNamespace, portName, portScheme, path='metrics'):: (
|
||||
{
|
||||
|
||||
Loading…
Reference in New Issue
Block a user