diff --git a/jsonnetfile.lock.json b/jsonnetfile.lock.json index f3fdde5..6ba7ed1 100644 --- a/jsonnetfile.lock.json +++ b/jsonnetfile.lock.json @@ -8,7 +8,7 @@ "subdir": "jsonnet/kube-prometheus" } }, - "version": "7bd745ef78dce3c14ef9e315506d0c1c32fdcc9e" + "version": "3a64636eb7ee2fe4ee5e5b8bc78822d405a41a1c" }, { "name": "ksonnet", @@ -28,7 +28,7 @@ "subdir": "" } }, - "version": "7360753d27aa428758c918434503c1c35afcd3bb" + "version": "99ceb3cfbd00c9d86e3f2c6bbbce604781dd0f82" }, { "name": "grafonnet", @@ -38,7 +38,7 @@ "subdir": "grafonnet" } }, - "version": "d270f529db9eb750425a173188c534ab92532f47" + "version": "a6896d19aedc46ecf80dd64967191b9fd6f75f45" }, { "name": "grafana-builder", @@ -48,7 +48,7 @@ "subdir": "grafana-builder" } }, - "version": "ecaeaed2e21c0db29098811e7826a9b923e706c5" + "version": "6c6f20cbef5018affdea9757db63fb574d3f3bf6" }, { "name": "grafana", @@ -58,7 +58,7 @@ "subdir": "grafana" } }, - "version": "de2ec3f0f9115da2d47dc6b86af9b402e2bf146d" + "version": "b6db6bdbdc8d7f2f8834a8044897ea6322a0f6ad" }, { "name": "prometheus-operator", @@ -78,7 +78,7 @@ "subdir": "Documentation/etcd-mixin" } }, - "version": "216808eab50f74e02410e96878bbf2175d2916cb" + "version": "4d6ebafa54ac72308f40e07dacc1fd803ceccab5" } ] } diff --git a/manifests/arm-exporter-clusterRole.yaml b/manifests/arm-exporter-clusterRole.yaml deleted file mode 100644 index ab8f48f..0000000 --- a/manifests/arm-exporter-clusterRole.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: arm-exporter -rules: -- apiGroups: - - authentication.k8s.io - resources: - - tokenreviews - verbs: - - create -- apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create diff --git a/manifests/arm-exporter-clusterRoleBinding.yaml b/manifests/arm-exporter-clusterRoleBinding.yaml deleted file mode 100644 index 0dfb6dc..0000000 --- a/manifests/arm-exporter-clusterRoleBinding.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: arm-exporter -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: arm-exporter -subjects: -- kind: ServiceAccount - name: arm-exporter - namespace: monitoring diff --git a/manifests/arm-exporter-daemonset.yaml b/manifests/arm-exporter-daemonset.yaml deleted file mode 100644 index 6b1147b..0000000 --- a/manifests/arm-exporter-daemonset.yaml +++ /dev/null @@ -1,54 +0,0 @@ -apiVersion: apps/v1beta2 -kind: DaemonSet -metadata: - labels: - k8s-app: arm-exporter - name: arm-exporter - namespace: monitoring -spec: - selector: - matchLabels: - k8s-app: arm-exporter - template: - metadata: - labels: - k8s-app: arm-exporter - spec: - containers: - - command: - - /bin/rpi_exporter - - --web.listen-address=127.0.0.1:9243 - image: carlosedp/arm_exporter:latest - name: arm-exporter - resources: - limits: - cpu: 100m - memory: 100Mi - requests: - cpu: 50m - memory: 50Mi - - args: - - --secure-listen-address=$(IP):9243 - - --upstream=http://127.0.0.1:9243/ - - --tls-cipher-suites=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - env: - - name: IP - valueFrom: - fieldRef: - fieldPath: status.podIP - image: carlosedp/kube-rbac-proxy:v0.4.1 - name: kube-rbac-proxy - ports: - - containerPort: 9243 - hostPort: 9243 - name: https - resources: - limits: - cpu: 20m - memory: 40Mi - requests: - cpu: 10m - memory: 20Mi - nodeSelector: - beta.kubernetes.io/arch: arm64 - serviceAccountName: arm-exporter diff --git a/manifests/arm-exporter-service.yaml b/manifests/arm-exporter-service.yaml deleted file mode 100644 index d83042f..0000000 --- a/manifests/arm-exporter-service.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - labels: - k8s-app: arm-exporter - name: arm-exporter - namespace: monitoring -spec: - clusterIP: None - ports: - - name: https - port: 9243 - targetPort: https - selector: - k8s-app: arm-exporter diff --git a/manifests/arm-exporter-serviceAccount.yaml b/manifests/arm-exporter-serviceAccount.yaml deleted file mode 100644 index 42e52a0..0000000 --- a/manifests/arm-exporter-serviceAccount.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: arm-exporter - namespace: monitoring diff --git a/manifests/arm-exporter-serviceMonitor.yaml b/manifests/arm-exporter-serviceMonitor.yaml deleted file mode 100644 index a92a2a1..0000000 --- a/manifests/arm-exporter-serviceMonitor.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - labels: - k8s-app: arm-exporter - name: arm-exporter - namespace: monitoring -spec: - endpoints: - - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token - interval: 30s - port: https - scheme: https - tlsConfig: - insecureSkipVerify: true - jobLabel: k8s-app - selector: - matchLabels: - k8s-app: arm-exporter diff --git a/manifests/grafana-dashboardDatasources.yaml b/manifests/grafana-dashboardDatasources.yaml index 446c686..22d4748 100644 --- a/manifests/grafana-dashboardDatasources.yaml +++ b/manifests/grafana-dashboardDatasources.yaml @@ -1,6 +1,6 @@ apiVersion: v1 data: - prometheus.yaml: ewogICAgImFwaVZlcnNpb24iOiAxLAogICAgImRhdGFzb3VyY2VzIjogWwogICAgICAgIHsKICAgICAgICAgICAgImFjY2VzcyI6ICJwcm94eSIsCiAgICAgICAgICAgICJlZGl0YWJsZSI6IGZhbHNlLAogICAgICAgICAgICAibmFtZSI6ICJwcm9tZXRoZXVzIiwKICAgICAgICAgICAgIm9yZ0lkIjogMSwKICAgICAgICAgICAgInR5cGUiOiAicHJvbWV0aGV1cyIsCiAgICAgICAgICAgICJ1cmwiOiAiaHR0cDovL3Byb21ldGhldXMtazhzLm1vbml0b3Jpbmcuc3ZjOjkwOTAiLAogICAgICAgICAgICAidmVyc2lvbiI6IDEKICAgICAgICB9CiAgICBdCn0= + datasources.yaml: ewogICAgImFwaVZlcnNpb24iOiAxLAogICAgImRhdGFzb3VyY2VzIjogWwogICAgICAgIHsKICAgICAgICAgICAgImFjY2VzcyI6ICJwcm94eSIsCiAgICAgICAgICAgICJlZGl0YWJsZSI6IGZhbHNlLAogICAgICAgICAgICAibmFtZSI6ICJwcm9tZXRoZXVzIiwKICAgICAgICAgICAgIm9yZ0lkIjogMSwKICAgICAgICAgICAgInR5cGUiOiAicHJvbWV0aGV1cyIsCiAgICAgICAgICAgICJ1cmwiOiAiaHR0cDovL3Byb21ldGhldXMtazhzLm1vbml0b3Jpbmcuc3ZjOjkwOTAiLAogICAgICAgICAgICAidmVyc2lvbiI6IDEKICAgICAgICB9CiAgICBdCn0= kind: Secret metadata: name: grafana-datasources diff --git a/manifests/grafana-dashboardDefinitions.yaml b/manifests/grafana-dashboardDefinitions.yaml index 5f7fd5e..3729d9d 100644 --- a/manifests/grafana-dashboardDefinitions.yaml +++ b/manifests/grafana-dashboardDefinitions.yaml @@ -4526,24 +4526,6 @@ items: "type": "number", "unit": "short" }, - { - "alias": "CPU Usage", - "colorMode": null, - "colors": [ - - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "link": false, - "linkTooltip": "Drill down", - "linkUrl": "", - "pattern": "Value #C", - "thresholds": [ - - ], - "type": "number", - "unit": "short" - }, { "alias": "Memory Usage", "colorMode": null, @@ -4555,7 +4537,7 @@ items: "link": false, "linkTooltip": "Drill down", "linkUrl": "", - "pattern": "Value #D", + "pattern": "Value #C", "thresholds": [ ], @@ -4573,7 +4555,7 @@ items: "link": false, "linkTooltip": "Drill down", "linkUrl": "", - "pattern": "Value #E", + "pattern": "Value #D", "thresholds": [ ], @@ -4591,7 +4573,7 @@ items: "link": false, "linkTooltip": "Drill down", "linkUrl": "", - "pattern": "Value #F", + "pattern": "Value #E", "thresholds": [ ], @@ -4609,7 +4591,7 @@ items: "link": false, "linkTooltip": "Drill down", "linkUrl": "", - "pattern": "Value #G", + "pattern": "Value #F", "thresholds": [ ], @@ -4627,7 +4609,7 @@ items: "link": false, "linkTooltip": "Drill down", "linkUrl": "", - "pattern": "Value #H", + "pattern": "Value #G", "thresholds": [ ], @@ -11337,11 +11319,18 @@ items: "steppedLine": false, "targets": [ { - "expr": "node:node_filesystem_usage:{cluster=\"$cluster\"}", + "expr": "node:node_filesystem_usage:{cluster=\"$cluster\", instance=\"$instance\"}", "format": "time_series", "intervalFactor": 2, - "legendFormat": "{{device}}", + "legendFormat": "disk used", "refId": "A" + }, + { + "expr": "node:node_filesystem_usage:{cluster=\"$cluster\", instance=\"$instance\"}", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "disk free", + "refId": "B" } ], "thresholds": [ diff --git a/manifests/node-exporter-daemonset.yaml b/manifests/node-exporter-daemonset.yaml index d04f659..3d2a434 100644 --- a/manifests/node-exporter-daemonset.yaml +++ b/manifests/node-exporter-daemonset.yaml @@ -22,7 +22,6 @@ spec: - --path.rootfs=/host/root - --collector.filesystem.ignored-mount-points=^/(dev|proc|sys|var/lib/docker/.+)($|/) - --collector.filesystem.ignored-fs-types=^(autofs|binfmt_misc|cgroup|configfs|debugfs|devpts|devtmpfs|fusectl|hugetlbfs|mqueue|overlay|proc|procfs|pstore|rpc_pipefs|securityfs|sysfs|tracefs)$ - - --collector.ntp image: carlosedp/node_exporter:v0.17.0 name: node-exporter resources: diff --git a/manifests/prometheus-adapter-clusterRoleAggregatedMetricsReader.yaml b/manifests/prometheus-adapter-clusterRoleAggregatedMetricsReader.yaml new file mode 100644 index 0000000..d766a1f --- /dev/null +++ b/manifests/prometheus-adapter-clusterRoleAggregatedMetricsReader.yaml @@ -0,0 +1,17 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" + rbac.authorization.k8s.io/aggregate-to-view: "true" + name: system:aggregated-metrics-reader +rules: +- apiGroups: + - metrics.k8s.io + resources: + - pods + verbs: + - get + - list + - watch diff --git a/manifests/prometheus-rules.yaml b/manifests/prometheus-rules.yaml index 3db51cc..3335931 100644 --- a/manifests/prometheus-rules.yaml +++ b/manifests/prometheus-rules.yaml @@ -278,12 +278,12 @@ spec: ) record: node:node_disk_saturation:avg_irate - expr: | - max by (namespace, pod, device) ((node_filesystem_size_bytes{fstype=~"ext[234]|btrfs|xfs|zfs"} + max by (instance, namespace, pod, device) ((node_filesystem_size_bytes{fstype=~"ext[234]|btrfs|xfs|zfs"} - node_filesystem_avail_bytes{fstype=~"ext[234]|btrfs|xfs|zfs"}) / node_filesystem_size_bytes{fstype=~"ext[234]|btrfs|xfs|zfs"}) record: 'node:node_filesystem_usage:' - expr: | - max by (namespace, pod, device) (node_filesystem_avail_bytes{fstype=~"ext[234]|btrfs|xfs|zfs"} / node_filesystem_size_bytes{fstype=~"ext[234]|btrfs|xfs|zfs"}) + max by (instance, namespace, pod, device) (node_filesystem_avail_bytes{fstype=~"ext[234]|btrfs|xfs|zfs"} / node_filesystem_size_bytes{fstype=~"ext[234]|btrfs|xfs|zfs"}) record: 'node:node_filesystem_avail:' - expr: | sum(irate(node_network_receive_bytes_total{job="node-exporter",device!~"veth.+"}[1m])) + @@ -938,7 +938,7 @@ spec: message: Clock skew detected on node-exporter {{ $labels.namespace }}/{{ $labels.pod }}. Ensure NTP is configured correctly on this host. expr: | - node_ntp_offset_seconds{job="node-exporter"} < -0.03 or node_ntp_offset_seconds{job="node-exporter"} > 0.03 + abs(node_timex_offset_seconds{job="node-exporter"}) > 0.03 for: 2m labels: severity: warning diff --git a/vars.jsonnet b/vars.jsonnet index c9014a1..145b502 100644 --- a/vars.jsonnet +++ b/vars.jsonnet @@ -1,7 +1,7 @@ { // Enable or disable additional modules installModules: { - 'arm-exporter': true, + 'arm-exporter': false, metallb: false, traefik: false, 'ups-exporter': false,