mirror of
https://github.com/carlosedp/cluster-monitoring.git
synced 2024-11-20 19:07:17 +01:00
New prometheus-operator structure using jsonnet build
This commit is contained in:
parent
5413555f77
commit
f59ff6aece
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
|||||||
|
vendor
|
43
Makefile
Normal file
43
Makefile
Normal file
@ -0,0 +1,43 @@
|
|||||||
|
JSONNET_FMT := jsonnet fmt -n 2 --max-blank-lines 2 --string-style s --comment-style s
|
||||||
|
|
||||||
|
JB_BINARY:=$(GOPATH)/bin/jb
|
||||||
|
|
||||||
|
.PHONY: generate vendor fmt manifests
|
||||||
|
|
||||||
|
all: generate
|
||||||
|
|
||||||
|
generate: manifests
|
||||||
|
|
||||||
|
manifests: $(JSONNET)
|
||||||
|
rm -rf manifests
|
||||||
|
./build.sh main.jsonnet
|
||||||
|
|
||||||
|
update:
|
||||||
|
jb update
|
||||||
|
|
||||||
|
vendor: $(JB_BINARY) jsonnetfile.json jsonnetfile.lock.json
|
||||||
|
rm -rf vendor
|
||||||
|
$(JB_BINARY) install
|
||||||
|
|
||||||
|
fmt:
|
||||||
|
find . -name 'vendor' -prune -o -name '*.libsonnet' -o -name '*.jsonnet' -print | xargs -n 1 -- $(JSONNET_FMT) -i
|
||||||
|
|
||||||
|
deploy:
|
||||||
|
kubectl apply -f ./manifests/
|
||||||
|
echo "Will wait 40 seconds to reapply manifests"
|
||||||
|
sleep 40
|
||||||
|
kubectl apply -f ./manifests/
|
||||||
|
|
||||||
|
teardown:
|
||||||
|
kubectl delete -f ./manifests/
|
||||||
|
|
||||||
|
tar: manifests
|
||||||
|
rm -rf manifests.tar
|
||||||
|
tar -cf manifests.tar manifests
|
||||||
|
|
||||||
|
$(JB_BINARY):
|
||||||
|
go get -u github.com/jsonnet-bundler/jsonnet-bundler/cmd/jb
|
||||||
|
|
||||||
|
$(JSONNET):
|
||||||
|
go get github.com/google/go-jsonnet/jsonnet
|
||||||
|
go get github.com/brancz/gojsontoyaml
|
95
arm_exporter.jsonnet
Normal file
95
arm_exporter.jsonnet
Normal file
@ -0,0 +1,95 @@
|
|||||||
|
local k = import 'ksonnet/ksonnet.beta.3/k.libsonnet';
|
||||||
|
|
||||||
|
local kp = (import 'kube-prometheus/kube-prometheus.libsonnet') + {
|
||||||
|
_config+:: {
|
||||||
|
namespace: 'monitoring',
|
||||||
|
|
||||||
|
versions+:: {
|
||||||
|
armExporter: 'latest',
|
||||||
|
kubeRbacProxy: 'v0.4.0',
|
||||||
|
},
|
||||||
|
|
||||||
|
imageRepos+:: {
|
||||||
|
armExporter: 'carlosedp/arm_exporter',
|
||||||
|
kubeRbacProxy: 'carlosedp/kube-rbac-proxy',
|
||||||
|
},
|
||||||
|
},
|
||||||
|
|
||||||
|
armExporter+:: {
|
||||||
|
daemonset:
|
||||||
|
local daemonset = k.apps.v1beta2.daemonSet;
|
||||||
|
local container = daemonset.mixin.spec.template.spec.containersType;
|
||||||
|
local containerPort = container.portsType;
|
||||||
|
|
||||||
|
local podLabels = { 'k8s-app': 'arm-exporter' };
|
||||||
|
|
||||||
|
local armExporter =
|
||||||
|
container.new('arm-exporter', $._config.imageRepos.armExporter + ':' + $._config.versions.armExporter) +
|
||||||
|
container.mixin.resources.withRequests({ cpu: '100m', memory: '180Mi' }) +
|
||||||
|
container.mixin.resources.withLimits({ cpu: '200m', memory: '180Mi' });
|
||||||
|
|
||||||
|
local proxy =
|
||||||
|
container.new('kube-rbac-proxy', $._config.imageRepos.kubeRbacProxy + ':' + $._config.versions.kubeRbacProxy) +
|
||||||
|
container.withArgs([
|
||||||
|
'--secure-listen-address=$(IP):9243',
|
||||||
|
'--upstream=http://127.0.0.1:9243/',
|
||||||
|
]) +
|
||||||
|
container.withPorts(containerPort.new(9243) + containerPort.withHostPort(9243) + containerPort.withName('https')) +
|
||||||
|
container.mixin.resources.withRequests({ cpu: '10m', memory: '20Mi' }) +
|
||||||
|
container.mixin.resources.withLimits({ cpu: '20m', memory: '40Mi' });
|
||||||
|
local c = [armExporter, proxy];
|
||||||
|
|
||||||
|
daemonset.new() +
|
||||||
|
daemonset.mixin.metadata.withName('arm-exporter') +
|
||||||
|
daemonset.mixin.metadata.withNamespace($._config.namespace) +
|
||||||
|
daemonset.mixin.metadata.withLabels(podLabels) +
|
||||||
|
daemonset.mixin.spec.selector.withMatchLabels(podLabels) +
|
||||||
|
daemonset.mixin.spec.template.metadata.withLabels(podLabels) +
|
||||||
|
daemonset.mixin.spec.template.spec.withNodeSelector({ 'beta.kubernetes.io/os': 'linux' }) +
|
||||||
|
daemonset.mixin.spec.template.spec.withContainers(c),
|
||||||
|
serviceMonitor:
|
||||||
|
{
|
||||||
|
apiVersion: 'monitoring.coreos.com/v1',
|
||||||
|
kind: 'ServiceMonitor',
|
||||||
|
metadata: {
|
||||||
|
name: 'arm-exporter',
|
||||||
|
namespace: $._config.namespace,
|
||||||
|
labels: {
|
||||||
|
'k8s-app': 'arm-exporter',
|
||||||
|
},
|
||||||
|
},
|
||||||
|
spec: {
|
||||||
|
jobLabel: 'k8s-app',
|
||||||
|
selector: {
|
||||||
|
matchLabels: {
|
||||||
|
'k8s-app': 'arm-exporter',
|
||||||
|
},
|
||||||
|
},
|
||||||
|
endpoints: [
|
||||||
|
{
|
||||||
|
port: 'https',
|
||||||
|
scheme: 'https',
|
||||||
|
interval: '30s',
|
||||||
|
bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token',
|
||||||
|
tlsConfig: {
|
||||||
|
insecureSkipVerify: true,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
],
|
||||||
|
},
|
||||||
|
},
|
||||||
|
|
||||||
|
service:
|
||||||
|
local service = k.core.v1.service;
|
||||||
|
local servicePort = k.core.v1.service.mixin.spec.portsType;
|
||||||
|
|
||||||
|
local armExporterPort = servicePort.newNamed('https', 9243, 'https');
|
||||||
|
|
||||||
|
service.new('arm-exporter', $.armExporter.daemonset.spec.selector.matchLabels, armExporterPort) +
|
||||||
|
service.mixin.metadata.withNamespace($._config.namespace) +
|
||||||
|
service.mixin.metadata.withLabels({ 'k8s-app': 'arm-exporter' }) +
|
||||||
|
service.mixin.spec.withClusterIp('None'),
|
||||||
|
},
|
||||||
|
};
|
||||||
|
|
||||||
|
{ ['arm-exporter-' + name]: kp.armExporter[name] for name in std.objectFields(kp.armExporter) }
|
16
build.sh
Executable file
16
build.sh
Executable file
@ -0,0 +1,16 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
# This script uses arg $1 (name of *.jsonnet file to use) to generate the manifests/*.yaml files.
|
||||||
|
|
||||||
|
set -e
|
||||||
|
set -x
|
||||||
|
# only exit with zero if all commands of the pipeline exit successfully
|
||||||
|
set -o pipefail
|
||||||
|
|
||||||
|
# Make sure to start with a clean 'manifests' dir
|
||||||
|
rm -rf manifests
|
||||||
|
mkdir manifests
|
||||||
|
|
||||||
|
# optional, but we would like to generate yaml, not json
|
||||||
|
jsonnet -J vendor -m manifests "${1-example.jsonnet}" | xargs -I{} sh -c 'cat {} | gojsontoyaml > {}.yaml; rm -f {}' -- {}
|
||||||
|
|
198
build_images.sh
198
build_images.sh
@ -3,43 +3,67 @@
|
|||||||
REPO=carlosedp
|
REPO=carlosedp
|
||||||
|
|
||||||
AOM_VERSION=2.1
|
AOM_VERSION=2.1
|
||||||
KSM_VERSION=v1.3.0
|
KSM_VERSION=v1.4.0
|
||||||
VERSION=v0.20.0
|
VERSION=v0.26.0
|
||||||
PROMCONFIGRELOADER_VERSION=v0.20.0
|
PROMCONFIGRELOADER_VERSION=v0.20.0
|
||||||
|
|
||||||
|
#-------------------------------------------------------------------------------
|
||||||
# Kubernetes addon-resizer
|
# Kubernetes addon-resizer
|
||||||
# Retag Addon-resizer google images to have unified manifest on DockerHub
|
# Retag Addon-resizer google images to have unified manifest on DockerHub
|
||||||
docker pull gcr.io/google-containers/addon-resizer-arm64:$AOM_VERSION
|
docker pull gcr.io/google-containers/addon-resizer-arm64:$AOM_VERSION
|
||||||
docker pull gcr.io/google-containers/addon-resizer-arm:$AOM_VERSION
|
docker pull gcr.io/google-containers/addon-resizer-arm:$AOM_VERSION
|
||||||
|
docker pull gcr.io/google-containers/addon-resizer-amd64:$AOM_VERSION
|
||||||
|
|
||||||
|
|
||||||
docker tag gcr.io/google-containers/addon-resizer-arm64:$AOM_VERSION $REPO/addon-resizer:$AOM_VERSION-arm64
|
docker tag gcr.io/google-containers/addon-resizer-arm64:$AOM_VERSION $REPO/addon-resizer:$AOM_VERSION-arm64
|
||||||
|
docker tag gcr.io/google-containers/addon-resizer-amd64:$AOM_VERSION $REPO/addon-resizer:$AOM_VERSION-arm64
|
||||||
docker tag gcr.io/google-containers/addon-resizer-arm:$AOM_VERSION $REPO/addon-resizer:$AOM_VERSION-arm
|
docker tag gcr.io/google-containers/addon-resizer-arm:$AOM_VERSION $REPO/addon-resizer:$AOM_VERSION-arm
|
||||||
|
|
||||||
docker push $REPO/addon-resizer:$AOM_VERSION-arm
|
docker push $REPO/addon-resizer:$AOM_VERSION-arm
|
||||||
docker push $REPO/addon-resizer:$AOM_VERSION-arm64
|
docker push $REPO/addon-resizer:$AOM_VERSION-arm64
|
||||||
|
docker push $REPO/addon-resizer:$AOM_VERSION-amd64
|
||||||
|
|
||||||
manifest-tool-linux-arm64 push from-args --platforms linux/arm,linux/arm64 --template $REPO/addon-resizer:$AOM_VERSION-ARCH --target $REPO/addon-resizer:$AOM_VERSION
|
manifest-tool-linux-arm64 push from-args --platforms linux/arm,linux/arm64 --template $REPO/addon-resizer:$AOM_VERSION-ARCH --target $REPO/addon-resizer:$AOM_VERSION
|
||||||
manifest-tool-linux-arm64 push from-args --platforms linux/arm,linux/arm64 --template $REPO/addon-resizer:$AOM_VERSION-ARCH --target $REPO/addon-resizer:latest
|
manifest-tool-linux-arm64 push from-args --platforms linux/arm,linux/arm64 --template $REPO/addon-resizer:$AOM_VERSION-ARCH --target $REPO/addon-resizer:latest
|
||||||
|
|
||||||
|
#-------------------------------------------------------------------------------
|
||||||
# Kube-state-metrics
|
# Kube-state-metrics
|
||||||
|
|
||||||
|
export DOCKER_CLI_EXPERIMENTAL=enabled
|
||||||
|
IMAGE=carlosedp/kube-state-metrics
|
||||||
|
ALL_ARCH='amd64 arm arm64'
|
||||||
|
|
||||||
go get github.com/kubernetes/kube-state-metrics
|
go get github.com/kubernetes/kube-state-metrics
|
||||||
mv $HOME/go/src/github.com/kubernetes/kube-state-metrics $HOME/go/src/k8s.io/kube-state-metrics
|
#mv $HOME/go/src/github.com/kubernetes/kube-state-metrics $HOME/go/src/k8s.io/kube-state-metrics
|
||||||
cd $HOME/go/src/k8s.io/kube-state-metrics
|
cd $HOME/go/src/k8s.io/kube-state-metrics
|
||||||
git checkout ${KSM_VERSION}
|
git checkout ${KSM_VERSION}
|
||||||
|
|
||||||
|
cat Dockerfile |sed -e 's/\.build\/linux-amd64\/operator/operator/' |sed -e 's/^FROM.*/FROM arm32v6\/alpine:3.7/' > Dockerfile.arm
|
||||||
|
|
||||||
|
cat Dockerfile |sed -e 's/\.build\/linux-amd64\/operator/operator/' |sed -e 's/^FROM.*/FROM arm64v8\/alpine:3.7/' > Dockerfile.arm64
|
||||||
|
|
||||||
GOOS=linux GOARCH=arm go build .
|
GOOS=linux GOARCH=arm go build .
|
||||||
docker build -t $REPO/kube-state-metrics:${KSM_VERSION}-arm .
|
docker build -t $REPO/kube-state-metrics:${KSM_VERSION}-arm -f Dockerfile.arm .
|
||||||
|
|
||||||
GOOS=linux GOARCH=arm64 go build .
|
GOOS=linux GOARCH=arm64 go build .
|
||||||
docker build -t $REPO/kube-state-metrics:${KSM_VERSION}-arm64 .
|
docker build -t $REPO/kube-state-metrics:${KSM_VERSION}-arm64 -f Dockerfile.arm64 .
|
||||||
|
|
||||||
|
GOOS=linux GOARCH=amd64 go build .
|
||||||
|
docker build -t $REPO/kube-state-metrics:${KSM_VERSION}-amd64 -f Dockerfile .
|
||||||
|
|
||||||
docker push $REPO/kube-state-metrics:$KSM_VERSION-arm
|
docker push $REPO/kube-state-metrics:$KSM_VERSION-arm
|
||||||
docker push $REPO/kube-state-metrics:$KSM_VERSION-arm64
|
docker push $REPO/kube-state-metrics:$KSM_VERSION-arm64
|
||||||
|
docker push $REPO/kube-state-metrics:$KSM_VERSION-amd64
|
||||||
|
|
||||||
manifest-tool-linux-arm64 push from-args --platforms linux/arm,linux/arm64 --template $REPO/kube-state-metrics:$KSM_VERSION-ARCH --target $REPO/kube-state-metrics:$KSM_VERSION
|
docker manifest create --amend $IMAGE:$KSM_VERSION `echo $ALL_ARCH | sed -e "s~[^ ]*~$IMAGE:$KSM_VERSION\-&~g"`
|
||||||
manifest-tool-linux-arm64 push from-args --platforms linux/arm,linux/arm64 --template $REPO/kube-state-metrics:$KSM_VERSION-ARCH --target $REPO/kube-state-metrics:latest
|
for arch in $ALL_ARCH; do docker manifest annotate --arch $arch $IMAGE:$KSM_VERSION $IMAGE:$KSM_VERSION-$arch; done
|
||||||
|
docker manifest push $IMAGE:$KSM_VERSION
|
||||||
|
|
||||||
|
#-------------------------------------------------------------------------------
|
||||||
# Prometheus-operator
|
# Prometheus-operator
|
||||||
|
export DOCKER_CLI_EXPERIMENTAL=enabled
|
||||||
|
IMAGE=carlosedp/prometheus-operator
|
||||||
|
ALL_ARCH='amd64 arm arm64'
|
||||||
|
|
||||||
go get github.com/coreos/prometheus-operator
|
go get github.com/coreos/prometheus-operator
|
||||||
cd $HOME/go/src/github.com/coreos/prometheus-operator
|
cd $HOME/go/src/github.com/coreos/prometheus-operator
|
||||||
@ -47,40 +71,168 @@ git checkout ${VERSION}
|
|||||||
|
|
||||||
go get -u github.com/prometheus/promu
|
go get -u github.com/prometheus/promu
|
||||||
|
|
||||||
cat Dockerfile |sed -e 's/\.build\/linux-amd64\/operator/operator/' |sed -e 's/^FROM.*/FROM busybox/' > Dockerfile.arm
|
cat Dockerfile |sed -e 's/\.build\/linux-amd64\/operator/operator/' |sed -e 's/^FROM.*/FROM arm32v6\/busybox/' > Dockerfile.arm
|
||||||
|
|
||||||
|
cat Dockerfile |sed -e 's/\.build\/linux-amd64\/operator/operator/' |sed -e 's/^FROM.*/FROM arm64v8\/busybox/' > Dockerfile.arm64
|
||||||
|
|
||||||
GOOS=linux GOARCH=arm $GOPATH/bin/promu build --prefix `pwd`
|
GOOS=linux GOARCH=arm $GOPATH/bin/promu build --prefix `pwd`
|
||||||
docker build -t $REPO/prometheus-operator:${VERSION}-arm -f Dockerfile.arm .
|
docker build -t $REPO/prometheus-operator:${VERSION}-arm -f Dockerfile.arm .
|
||||||
|
|
||||||
GOOS=linux GOARCH=arm64 $GOPATH/bin/promu build --prefix `pwd`
|
GOOS=linux GOARCH=arm64 $GOPATH/bin/promu build --prefix `pwd`
|
||||||
docker build -t $REPO/prometheus-operator:${VERSION}-arm64 -f Dockerfile.arm .
|
docker build -t $REPO/prometheus-operator:${VERSION}-arm64 -f Dockerfile.arm64 .
|
||||||
|
|
||||||
docker push $REPO/prometheus-operator:$VERSION-arm
|
docker push $REPO/prometheus-operator:$VERSION-arm
|
||||||
docker push $REPO/prometheus-operator:$VERSION-arm64
|
docker push $REPO/prometheus-operator:$VERSION-arm64
|
||||||
|
|
||||||
manifest-tool-linux-arm64 push from-args --platforms linux/arm,linux/arm64 --template $REPO/prometheus-operator:$VERSION-ARCH --target $REPO/prometheus-operator:$VERSION
|
docker manifest create --amend $IMAGE:$VERSION `echo $ALL_ARCH | sed -e "s~[^ ]*~$IMAGE:$VERSION\-&~g"`
|
||||||
manifest-tool-linux-arm64 push from-args --platforms linux/arm,linux/arm64 --template $REPO/prometheus-operator:$VERSION-ARCH --target $REPO/prometheus-operator:latest
|
for arch in $ALL_ARCH; do docker manifest annotate --arch $arch $IMAGE:$VERSION $IMAGE:$VERSION-$arch; done
|
||||||
|
docker manifest push $IMAGE:$VERSION
|
||||||
|
|
||||||
rm Dockerfile.arm
|
rm Dockerfile.arm
|
||||||
|
rm Dockerfile.arm64
|
||||||
|
|
||||||
|
#-------------------------------------------------------------------------------
|
||||||
|
# kube-rbac-proxy
|
||||||
|
export DOCKER_CLI_EXPERIMENTAL=enabled
|
||||||
|
IMAGE=carlosedp/kube-rbac-proxy
|
||||||
|
VERSION=v0.4.0
|
||||||
|
ALL_ARCH='amd64 arm arm64'
|
||||||
|
|
||||||
|
go get github.com/brancz/kube-rbac-proxy
|
||||||
|
cd $HOME/go/src/github.com/brancz/kube-rbac-proxy
|
||||||
|
git checkout ${VERSION}
|
||||||
|
|
||||||
|
cat > Dockerfile.arm <<EOF
|
||||||
|
FROM arm32v6/alpine:3.8
|
||||||
|
COPY qemu-arm-static /usr/bin/qemu-arm-static
|
||||||
|
RUN apk add -U --no-cache ca-certificates && rm -rf /var/cache/apk/*
|
||||||
|
COPY kube-rbac-proxy .
|
||||||
|
RUN rm /usr/bin/qemu-arm-static
|
||||||
|
ENTRYPOINT ["./kube-rbac-proxy"]
|
||||||
|
EXPOSE 8080
|
||||||
|
EOF
|
||||||
|
|
||||||
|
cat > Dockerfile.arm64 <<EOF
|
||||||
|
FROM arm64v8/alpine:3.8
|
||||||
|
COPY qemu-aarch64-static /usr/bin/qemu-aarch64-static
|
||||||
|
RUN apk add -U --no-cache ca-certificates && rm -rf /var/cache/apk/*
|
||||||
|
COPY kube-rbac-proxy .
|
||||||
|
ENTRYPOINT ["./kube-rbac-proxy"]
|
||||||
|
EXPOSE 8080
|
||||||
|
EOF
|
||||||
|
|
||||||
|
cat > Dockerfile.amd64 <<EOF
|
||||||
|
FROM alpine:3.8
|
||||||
|
RUN apk add -U --no-cache ca-certificates && rm -rf /var/cache/apk/*
|
||||||
|
COPY kube-rbac-proxy .
|
||||||
|
ENTRYPOINT ["./kube-rbac-proxy"]
|
||||||
|
EXPOSE 8080
|
||||||
|
EOF
|
||||||
|
|
||||||
|
docker run --rm --privileged multiarch/qemu-user-static:register --reset
|
||||||
|
|
||||||
|
wget https://github.com/multiarch/qemu-user-static/releases/download/v3.0.0/qemu-arm-static
|
||||||
|
chmod +x qemu-arm-static
|
||||||
|
GOOS=linux GOARCH=arm go build .
|
||||||
|
docker build -t $IMAGE:$VERSION-arm -f Dockerfile.arm .
|
||||||
|
|
||||||
|
wget https://github.com/multiarch/qemu-user-static/releases/download/v3.0.0/qemu-aarch64-static
|
||||||
|
chmod +x qemu-aarch64-static
|
||||||
|
GOOS=linux GOARCH=arm64 go build .
|
||||||
|
docker build -t $IMAGE:$VERSION-arm64 -f Dockerfile.arm64 .
|
||||||
|
|
||||||
|
GOOS=linux GOARCH=amd64 go build .
|
||||||
|
docker build -t $IMAGE:$VERSION-amd64 -f Dockerfile.amd64 .
|
||||||
|
|
||||||
|
docker push $IMAGE:$VERSION-arm
|
||||||
|
docker push $IMAGE:$VERSION-arm64
|
||||||
|
docker push $IMAGE:$VERSION-amd64
|
||||||
|
|
||||||
|
docker manifest create --amend $IMAGE:$VERSION `echo $ALL_ARCH | sed -e "s~[^ ]*~$IMAGE:$VERSION\-&~g"`
|
||||||
|
for arch in $ALL_ARCH; do docker manifest annotate --arch $arch $IMAGE:$VERSION $IMAGE:$VERSION-$arch; done
|
||||||
|
docker manifest push $IMAGE:$VERSION
|
||||||
|
|
||||||
|
#-------------------------------------------------------------------------------
|
||||||
# prometheus-config-reloader
|
# prometheus-config-reloader
|
||||||
go get github.com/coreos/prometheus-operator
|
export DOCKER_CLI_EXPERIMENTAL=enabled
|
||||||
cd $HOME/go/src/github.com/coreos/prometheus-operator/
|
IMAGE=carlosedp/prometheus-config-reloader
|
||||||
git checkout ${PROMCONFIGRELOADER_VERSION}
|
VERSION=v0.26.0
|
||||||
cd $HOME/go/src/github.com/coreos/prometheus-operator/contrib/prometheus-config-reloader
|
ALL_ARCH='amd64 arm arm64'
|
||||||
|
|
||||||
cat Dockerfile |sed -e 's/^FROM.*/FROM busybox/' > Dockerfile.arm
|
go get github.com/coreos/prometheus-operator
|
||||||
|
cd $HOME/go/src/github.com/coreos/prometheus-operator/cmd/prometheus-config-reloader
|
||||||
|
git checkout ${VERSION}
|
||||||
|
|
||||||
|
cat Dockerfile |sed -e 's/\.build\/linux-amd64\/operator/operator/' |sed -e 's/^FROM.*/FROM arm32v6\/busybox/' > Dockerfile.arm
|
||||||
|
|
||||||
|
cat Dockerfile |sed -e 's/\.build\/linux-amd64\/operator/operator/' |sed -e 's/^FROM.*/FROM arm64v8\/busybox/' > Dockerfile.arm64
|
||||||
|
|
||||||
GOOS=linux GOARCH=arm CGO_ENABLED=0 go build -o prometheus-config-reloader main.go
|
GOOS=linux GOARCH=arm CGO_ENABLED=0 go build -o prometheus-config-reloader main.go
|
||||||
docker build -t $REPO/prometheus-config-reloader:${PROMCONFIGRELOADER_VERSION}-arm -f Dockerfile.arm .
|
docker build -t $IMAGE:$VERSION-arm -f Dockerfile.arm .
|
||||||
|
|
||||||
GOOS=linux GOARCH=arm64 CGO_ENABLED=0 go build -o prometheus-config-reloader main.go
|
GOOS=linux GOARCH=arm64 CGO_ENABLED=0 go build -o prometheus-config-reloader main.go
|
||||||
docker build -t $REPO/prometheus-config-reloader:${PROMCONFIGRELOADER_VERSION}-arm64 -f Dockerfile.arm .
|
docker build -t $IMAGE:$VERSION-arm64 -f Dockerfile.arm64 .
|
||||||
|
|
||||||
docker push $REPO/prometheus-config-reloader:$PROMCONFIGRELOADER_VERSION-arm
|
GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -o prometheus-config-reloader main.go
|
||||||
docker push $REPO/prometheus-config-reloader:$PROMCONFIGRELOADER_VERSION-arm64
|
docker build -t $IMAGE:$VERSION-amd64 -f Dockerfile .
|
||||||
|
|
||||||
manifest-tool-linux-arm64 push from-args --platforms linux/arm,linux/arm64 --template $REPO/prometheus-config-reloader:$PROMCONFIGRELOADER_VERSION-ARCH --target $REPO/prometheus-config-reloader:$VERSION
|
docker push $IMAGE:$VERSION-arm
|
||||||
manifest-tool-linux-arm64 push from-args --platforms linux/arm,linux/arm64 --template $REPO/prometheus-config-reloader:$PROMCONFIGRELOADER_VERSION-ARCH --target $REPO/prometheus-config-reloader:latest
|
docker push $IMAGE:$VERSION-arm64
|
||||||
|
docker push $IMAGE:$VERSION-amd64
|
||||||
|
|
||||||
|
docker manifest create --amend $IMAGE:$VERSION `echo $ALL_ARCH | sed -e "s~[^ ]*~$IMAGE:$VERSION\-&~g"`
|
||||||
|
for arch in $ALL_ARCH; do docker manifest annotate --arch $arch $IMAGE:$VERSION $IMAGE:$VERSION-$arch; done
|
||||||
|
docker manifest push $IMAGE:$VERSION
|
||||||
|
|
||||||
rm Dockerfile.arm
|
rm Dockerfile.arm
|
||||||
|
rm Dockerfile.arm64
|
||||||
|
|
||||||
|
#-------------------------------------------------------------------------------
|
||||||
|
# configmap-reload
|
||||||
|
export DOCKER_CLI_EXPERIMENTAL=enabled
|
||||||
|
IMAGE=carlosedp/configmap-reload
|
||||||
|
VERSION=v0.2.2
|
||||||
|
ALL_ARCH='amd64 arm arm64'
|
||||||
|
|
||||||
|
go get github.com/openshift/configmap-reload
|
||||||
|
cd $HOME/go/src/github.com/openshift/configmap-reload
|
||||||
|
#git checkout ${VERSION}
|
||||||
|
|
||||||
|
cat > Dockerfile.arm <<EOF
|
||||||
|
FROM arm32v6/busybox
|
||||||
|
COPY configmap-reload /configmap-reload
|
||||||
|
ENTRYPOINT ["/configmap-reload"]
|
||||||
|
EOF
|
||||||
|
|
||||||
|
cat > Dockerfile.arm64 <<EOF
|
||||||
|
FROM arm64v8/busybox
|
||||||
|
COPY configmap-reload /configmap-reload
|
||||||
|
ENTRYPOINT ["/configmap-reload"]
|
||||||
|
EOF
|
||||||
|
|
||||||
|
cat > Dockerfile.amd64 <<EOF
|
||||||
|
FROM busybox
|
||||||
|
COPY configmap-reload /configmap-reload
|
||||||
|
ENTRYPOINT ["/configmap-reload"]
|
||||||
|
EOF
|
||||||
|
|
||||||
|
GOOS=linux GOARCH=arm CGO_ENABLED=0 go build .
|
||||||
|
docker build -t $IMAGE:$VERSION-arm -f Dockerfile.arm .
|
||||||
|
|
||||||
|
GOOS=linux GOARCH=arm64 CGO_ENABLED=0 go build .
|
||||||
|
docker build -t $IMAGE:$VERSION-arm64 -f Dockerfile.arm64 .
|
||||||
|
|
||||||
|
GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build .
|
||||||
|
docker build -t $IMAGE:$VERSION-amd64 -f Dockerfile.amd64 .
|
||||||
|
|
||||||
|
docker push $IMAGE:$VERSION-arm
|
||||||
|
docker push $IMAGE:$VERSION-arm64
|
||||||
|
docker push $IMAGE:$VERSION-amd64
|
||||||
|
|
||||||
|
docker manifest create --amend $IMAGE:$VERSION `echo $ALL_ARCH | sed -e "s~[^ ]*~$IMAGE:$VERSION\-&~g"`
|
||||||
|
for arch in $ALL_ARCH; do docker manifest annotate --arch $arch $IMAGE:$VERSION $IMAGE:$VERSION-$arch; done
|
||||||
|
docker manifest push $IMAGE:$VERSION
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
52
deploy
52
deploy
@ -1,52 +0,0 @@
|
|||||||
#!/usr/bin/env bash
|
|
||||||
|
|
||||||
if [ -z "${KUBECONFIG}" ]; then
|
|
||||||
export KUBECONFIG=~/.kube/config
|
|
||||||
fi
|
|
||||||
|
|
||||||
# CAUTION - setting NAMESPACE will deploy most components to the given namespace
|
|
||||||
# however some are hardcoded to 'monitoring'. Only use if you have reviewed all manifests.
|
|
||||||
|
|
||||||
if [ -z "${NAMESPACE}" ]; then
|
|
||||||
NAMESPACE=monitoring
|
|
||||||
fi
|
|
||||||
|
|
||||||
kubectl create namespace "$NAMESPACE"
|
|
||||||
|
|
||||||
kctl() {
|
|
||||||
kubectl --namespace "$NAMESPACE" "$@"
|
|
||||||
}
|
|
||||||
|
|
||||||
kubectl apply -f manifests/k8s
|
|
||||||
|
|
||||||
kctl apply -f manifests/prometheus-operator
|
|
||||||
|
|
||||||
# Wait for CRDs to be ready.
|
|
||||||
printf "Waiting for Operator to register custom resource definitions..."
|
|
||||||
until kctl get customresourcedefinitions servicemonitors.monitoring.coreos.com > /dev/null 2>&1; do sleep 1; printf "."; done
|
|
||||||
until kctl get customresourcedefinitions prometheuses.monitoring.coreos.com > /dev/null 2>&1; do sleep 1; printf "."; done
|
|
||||||
until kctl get customresourcedefinitions alertmanagers.monitoring.coreos.com > /dev/null 2>&1; do sleep 1; printf "."; done
|
|
||||||
until kctl get servicemonitors.monitoring.coreos.com > /dev/null 2>&1; do sleep 1; printf "."; done
|
|
||||||
until kctl get prometheuses.monitoring.coreos.com > /dev/null 2>&1; do sleep 1; printf "."; done
|
|
||||||
until kctl get alertmanagers.monitoring.coreos.com > /dev/null 2>&1; do sleep 1; printf "."; done
|
|
||||||
echo "done!"
|
|
||||||
|
|
||||||
kctl apply -f manifests/node-exporter
|
|
||||||
kctl apply -f manifests/armexporter/daemonset.yaml
|
|
||||||
kctl apply -f manifests/armexporter/service.yaml
|
|
||||||
|
|
||||||
kctl apply -f manifests/kube-state-metrics/kube-state-metrics-cluster-role.yaml
|
|
||||||
kctl apply -f manifests/kube-state-metrics/kube-state-metrics-cluster-role-binding.yaml
|
|
||||||
kctl apply -f manifests/kube-state-metrics/kube-state-metrics-role.yaml
|
|
||||||
kctl apply -f manifests/kube-state-metrics/kube-state-metrics-role-binding.yaml
|
|
||||||
kctl apply -f manifests/kube-state-metrics/kube-state-metrics-service-account.yaml
|
|
||||||
kctl apply -f manifests/kube-state-metrics/kube-state-metrics-service.yaml
|
|
||||||
kctl apply -f manifests/kube-state-metrics/kube-state-metrics-deployment.yaml
|
|
||||||
|
|
||||||
kctl apply -f manifests/grafana/grafana-credentials.yaml
|
|
||||||
kctl apply -f manifests/grafana
|
|
||||||
find manifests/prometheus -type f ! -name prometheus-k8s-roles.yaml ! -name prometheus-k8s-role-bindings.yaml -exec kubectl --namespace "$NAMESPACE" apply -f {} \;
|
|
||||||
kubectl apply -f manifests/prometheus/prometheus-k8s-roles.yaml
|
|
||||||
kubectl apply -f manifests/prometheus/prometheus-k8s-role-bindings.yaml
|
|
||||||
kctl apply -f manifests/alertmanager/
|
|
||||||
kctl apply -f manifests/smtp-server/smtp.yaml
|
|
14
example.jsonnet
Normal file
14
example.jsonnet
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
local kp = (import 'kube-prometheus/kube-prometheus.libsonnet') + {
|
||||||
|
_config+:: {
|
||||||
|
namespace: 'monitoring',
|
||||||
|
},
|
||||||
|
};
|
||||||
|
|
||||||
|
{ ['00namespace-' + name]: kp.kubePrometheus[name] for name in std.objectFields(kp.kubePrometheus) } +
|
||||||
|
{ ['0prometheus-operator-' + name]: kp.prometheusOperator[name] for name in std.objectFields(kp.prometheusOperator) } +
|
||||||
|
{ ['node-exporter-' + name]: kp.nodeExporter[name] for name in std.objectFields(kp.nodeExporter) } +
|
||||||
|
{ ['kube-state-metrics-' + name]: kp.kubeStateMetrics[name] for name in std.objectFields(kp.kubeStateMetrics) } +
|
||||||
|
{ ['alertmanager-' + name]: kp.alertmanager[name] for name in std.objectFields(kp.alertmanager) } +
|
||||||
|
{ ['prometheus-' + name]: kp.prometheus[name] for name in std.objectFields(kp.prometheus) } +
|
||||||
|
{ ['prometheus-adapter-' + name]: kp.prometheusAdapter[name] for name in std.objectFields(kp.prometheusAdapter) } +
|
||||||
|
{ ['grafana-' + name]: kp.grafana[name] for name in std.objectFields(kp.grafana) }
|
14
jsonnetfile.json
Normal file
14
jsonnetfile.json
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
{
|
||||||
|
"dependencies": [
|
||||||
|
{
|
||||||
|
"name": "kube-prometheus",
|
||||||
|
"source": {
|
||||||
|
"git": {
|
||||||
|
"remote": "https://github.com/coreos/prometheus-operator",
|
||||||
|
"subdir": "contrib/kube-prometheus/jsonnet/kube-prometheus"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"version": "master"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
84
jsonnetfile.lock.json
Normal file
84
jsonnetfile.lock.json
Normal file
@ -0,0 +1,84 @@
|
|||||||
|
{
|
||||||
|
"dependencies": [
|
||||||
|
{
|
||||||
|
"name": "kube-prometheus",
|
||||||
|
"source": {
|
||||||
|
"git": {
|
||||||
|
"remote": "https://github.com/coreos/prometheus-operator",
|
||||||
|
"subdir": "contrib/kube-prometheus/jsonnet/kube-prometheus"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"version": "9536d7787789b74b692cd8a5482a2801b1aba232"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "ksonnet",
|
||||||
|
"source": {
|
||||||
|
"git": {
|
||||||
|
"remote": "https://github.com/ksonnet/ksonnet-lib",
|
||||||
|
"subdir": ""
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"version": "d03da231d6c8bd74437b74a1e9e8b966f13dffa2"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "kubernetes-mixin",
|
||||||
|
"source": {
|
||||||
|
"git": {
|
||||||
|
"remote": "https://github.com/kubernetes-monitoring/kubernetes-mixin",
|
||||||
|
"subdir": ""
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"version": "4c23c06fff9ef50744f5ed306c9ab0c4bd78a144"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "grafonnet",
|
||||||
|
"source": {
|
||||||
|
"git": {
|
||||||
|
"remote": "https://github.com/grafana/grafonnet-lib",
|
||||||
|
"subdir": "grafonnet"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"version": "eea8b5ba6b8883cf2df5a17c39a42c4b57c0d63e"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "grafana-builder",
|
||||||
|
"source": {
|
||||||
|
"git": {
|
||||||
|
"remote": "https://github.com/kausalco/public",
|
||||||
|
"subdir": "grafana-builder"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"version": "c6932cf90bce4fef218b4308effc9f15c4219a01"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "grafana",
|
||||||
|
"source": {
|
||||||
|
"git": {
|
||||||
|
"remote": "https://github.com/brancz/kubernetes-grafana",
|
||||||
|
"subdir": "grafana"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"version": "da19aef6f5b378fb5281e6f61dbadbbf734d45ee"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "prometheus-operator",
|
||||||
|
"source": {
|
||||||
|
"git": {
|
||||||
|
"remote": "https://github.com/coreos/prometheus-operator",
|
||||||
|
"subdir": "jsonnet/prometheus-operator"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"version": "72ec4b9b16ef11700724dc71fec77112536eed40"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "etcd-mixin",
|
||||||
|
"source": {
|
||||||
|
"git": {
|
||||||
|
"remote": "https://github.com/coreos/etcd",
|
||||||
|
"subdir": "Documentation/etcd-mixin"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"version": "15b6a17be48dea91a11497980b9adab541add7f0"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
2
main.jsonnet
Normal file
2
main.jsonnet
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
(import 'operator_stack.jsonnet') +
|
||||||
|
(import 'arm_exporter.jsonnet')
|
4
manifests/00namespace-namespace.yaml
Normal file
4
manifests/00namespace-namespace.yaml
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: Namespace
|
||||||
|
metadata:
|
||||||
|
name: monitoring
|
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
@ -0,0 +1,342 @@
|
|||||||
|
apiVersion: apiextensions.k8s.io/v1beta1
|
||||||
|
kind: CustomResourceDefinition
|
||||||
|
metadata:
|
||||||
|
creationTimestamp: null
|
||||||
|
name: prometheusrules.monitoring.coreos.com
|
||||||
|
spec:
|
||||||
|
group: monitoring.coreos.com
|
||||||
|
names:
|
||||||
|
kind: PrometheusRule
|
||||||
|
plural: prometheusrules
|
||||||
|
scope: Namespaced
|
||||||
|
validation:
|
||||||
|
openAPIV3Schema:
|
||||||
|
properties:
|
||||||
|
apiVersion:
|
||||||
|
description: 'APIVersion defines the versioned schema of this representation
|
||||||
|
of an object. Servers should convert recognized schemas to the latest
|
||||||
|
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
|
||||||
|
type: string
|
||||||
|
kind:
|
||||||
|
description: 'Kind is a string value representing the REST resource this
|
||||||
|
object represents. Servers may infer this from the endpoint the client
|
||||||
|
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
|
||||||
|
type: string
|
||||||
|
metadata:
|
||||||
|
description: ObjectMeta is metadata that all persisted resources must have,
|
||||||
|
which includes all objects users must create.
|
||||||
|
properties:
|
||||||
|
annotations:
|
||||||
|
description: 'Annotations is an unstructured key value map stored with
|
||||||
|
a resource that may be set by external tools to store and retrieve
|
||||||
|
arbitrary metadata. They are not queryable and should be preserved
|
||||||
|
when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations'
|
||||||
|
type: object
|
||||||
|
clusterName:
|
||||||
|
description: The name of the cluster which the object belongs to. This
|
||||||
|
is used to distinguish resources with same name and namespace in different
|
||||||
|
clusters. This field is not set anywhere right now and apiserver is
|
||||||
|
going to ignore it if set in create or update request.
|
||||||
|
type: string
|
||||||
|
creationTimestamp:
|
||||||
|
description: Time is a wrapper around time.Time which supports correct
|
||||||
|
marshaling to YAML and JSON. Wrappers are provided for many of the
|
||||||
|
factory methods that the time package offers.
|
||||||
|
format: date-time
|
||||||
|
type: string
|
||||||
|
deletionGracePeriodSeconds:
|
||||||
|
description: Number of seconds allowed for this object to gracefully
|
||||||
|
terminate before it will be removed from the system. Only set when
|
||||||
|
deletionTimestamp is also set. May only be shortened. Read-only.
|
||||||
|
format: int64
|
||||||
|
type: integer
|
||||||
|
deletionTimestamp:
|
||||||
|
description: Time is a wrapper around time.Time which supports correct
|
||||||
|
marshaling to YAML and JSON. Wrappers are provided for many of the
|
||||||
|
factory methods that the time package offers.
|
||||||
|
format: date-time
|
||||||
|
type: string
|
||||||
|
finalizers:
|
||||||
|
description: Must be empty before the object is deleted from the registry.
|
||||||
|
Each entry is an identifier for the responsible component that will
|
||||||
|
remove the entry from the list. If the deletionTimestamp of the object
|
||||||
|
is non-nil, entries in this list can only be removed.
|
||||||
|
items:
|
||||||
|
type: string
|
||||||
|
type: array
|
||||||
|
generateName:
|
||||||
|
description: |-
|
||||||
|
GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.
|
||||||
|
|
||||||
|
If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).
|
||||||
|
|
||||||
|
Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
|
||||||
|
type: string
|
||||||
|
generation:
|
||||||
|
description: A sequence number representing a specific generation of
|
||||||
|
the desired state. Populated by the system. Read-only.
|
||||||
|
format: int64
|
||||||
|
type: integer
|
||||||
|
initializers:
|
||||||
|
description: Initializers tracks the progress of initialization.
|
||||||
|
properties:
|
||||||
|
pending:
|
||||||
|
description: Pending is a list of initializers that must execute
|
||||||
|
in order before this object is visible. When the last pending
|
||||||
|
initializer is removed, and no failing result is set, the initializers
|
||||||
|
struct will be set to nil and the object is considered as initialized
|
||||||
|
and visible to all clients.
|
||||||
|
items:
|
||||||
|
description: Initializer is information about an initializer that
|
||||||
|
has not yet completed.
|
||||||
|
properties:
|
||||||
|
name:
|
||||||
|
description: name of the process that is responsible for initializing
|
||||||
|
this object.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- name
|
||||||
|
type: array
|
||||||
|
result:
|
||||||
|
description: Status is a return value for calls that don't return
|
||||||
|
other objects.
|
||||||
|
properties:
|
||||||
|
apiVersion:
|
||||||
|
description: 'APIVersion defines the versioned schema of this
|
||||||
|
representation of an object. Servers should convert recognized
|
||||||
|
schemas to the latest internal value, and may reject unrecognized
|
||||||
|
values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
|
||||||
|
type: string
|
||||||
|
code:
|
||||||
|
description: Suggested HTTP return code for this status, 0 if
|
||||||
|
not set.
|
||||||
|
format: int32
|
||||||
|
type: integer
|
||||||
|
details:
|
||||||
|
description: StatusDetails is a set of additional properties
|
||||||
|
that MAY be set by the server to provide additional information
|
||||||
|
about a response. The Reason field of a Status object defines
|
||||||
|
what attributes will be set. Clients must ignore fields that
|
||||||
|
do not match the defined type of each attribute, and should
|
||||||
|
assume that any attribute may be empty, invalid, or under
|
||||||
|
defined.
|
||||||
|
properties:
|
||||||
|
causes:
|
||||||
|
description: The Causes array includes more details associated
|
||||||
|
with the StatusReason failure. Not all StatusReasons may
|
||||||
|
provide detailed causes.
|
||||||
|
items:
|
||||||
|
description: StatusCause provides more information about
|
||||||
|
an api.Status failure, including cases when multiple
|
||||||
|
errors are encountered.
|
||||||
|
properties:
|
||||||
|
field:
|
||||||
|
description: |-
|
||||||
|
The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional.
|
||||||
|
|
||||||
|
Examples:
|
||||||
|
"name" - the field "name" on the current resource
|
||||||
|
"items[0].name" - the field "name" on the first array entry in "items"
|
||||||
|
type: string
|
||||||
|
message:
|
||||||
|
description: A human-readable description of the cause
|
||||||
|
of the error. This field may be presented as-is
|
||||||
|
to a reader.
|
||||||
|
type: string
|
||||||
|
reason:
|
||||||
|
description: A machine-readable description of the
|
||||||
|
cause of the error. If this value is empty there
|
||||||
|
is no information available.
|
||||||
|
type: string
|
||||||
|
type: array
|
||||||
|
group:
|
||||||
|
description: The group attribute of the resource associated
|
||||||
|
with the status StatusReason.
|
||||||
|
type: string
|
||||||
|
kind:
|
||||||
|
description: 'The kind attribute of the resource associated
|
||||||
|
with the status StatusReason. On some operations may differ
|
||||||
|
from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
|
||||||
|
type: string
|
||||||
|
name:
|
||||||
|
description: The name attribute of the resource associated
|
||||||
|
with the status StatusReason (when there is a single name
|
||||||
|
which can be described).
|
||||||
|
type: string
|
||||||
|
retryAfterSeconds:
|
||||||
|
description: If specified, the time in seconds before the
|
||||||
|
operation should be retried. Some errors may indicate
|
||||||
|
the client must take an alternate action - for those errors
|
||||||
|
this field may indicate how long to wait before taking
|
||||||
|
the alternate action.
|
||||||
|
format: int32
|
||||||
|
type: integer
|
||||||
|
uid:
|
||||||
|
description: 'UID of the resource. (when there is a single
|
||||||
|
resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids'
|
||||||
|
type: string
|
||||||
|
kind:
|
||||||
|
description: 'Kind is a string value representing the REST resource
|
||||||
|
this object represents. Servers may infer this from the endpoint
|
||||||
|
the client submits requests to. Cannot be updated. In CamelCase.
|
||||||
|
More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
|
||||||
|
type: string
|
||||||
|
message:
|
||||||
|
description: A human-readable description of the status of this
|
||||||
|
operation.
|
||||||
|
type: string
|
||||||
|
metadata:
|
||||||
|
description: ListMeta describes metadata that synthetic resources
|
||||||
|
must have, including lists and various status objects. A resource
|
||||||
|
may have only one of {ObjectMeta, ListMeta}.
|
||||||
|
properties:
|
||||||
|
continue:
|
||||||
|
description: continue may be set if the user set a limit
|
||||||
|
on the number of items returned, and indicates that the
|
||||||
|
server has more data available. The value is opaque and
|
||||||
|
may be used to issue another request to the endpoint that
|
||||||
|
served this list to retrieve the next set of available
|
||||||
|
objects. Continuing a consistent list may not be possible
|
||||||
|
if the server configuration has changed or more than a
|
||||||
|
few minutes have passed. The resourceVersion field returned
|
||||||
|
when using this continue value will be identical to the
|
||||||
|
value in the first response, unless you have received
|
||||||
|
this token from an error message.
|
||||||
|
type: string
|
||||||
|
resourceVersion:
|
||||||
|
description: 'String that identifies the server''s internal
|
||||||
|
version of this object that can be used by clients to
|
||||||
|
determine when objects have changed. Value must be treated
|
||||||
|
as opaque by clients and passed unmodified back to the
|
||||||
|
server. Populated by the system. Read-only. More info:
|
||||||
|
https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency'
|
||||||
|
type: string
|
||||||
|
selfLink:
|
||||||
|
description: selfLink is a URL representing this object.
|
||||||
|
Populated by the system. Read-only.
|
||||||
|
type: string
|
||||||
|
reason:
|
||||||
|
description: A machine-readable description of why this operation
|
||||||
|
is in the "Failure" status. If this value is empty there is
|
||||||
|
no information available. A Reason clarifies an HTTP status
|
||||||
|
code but does not override it.
|
||||||
|
type: string
|
||||||
|
status:
|
||||||
|
description: 'Status of the operation. One of: "Success" or
|
||||||
|
"Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status'
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- pending
|
||||||
|
labels:
|
||||||
|
description: 'Map of string keys and values that can be used to organize
|
||||||
|
and categorize (scope and select) objects. May match selectors of
|
||||||
|
replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels'
|
||||||
|
type: object
|
||||||
|
name:
|
||||||
|
description: 'Name must be unique within a namespace. Is required when
|
||||||
|
creating resources, although some resources may allow a client to
|
||||||
|
request the generation of an appropriate name automatically. Name
|
||||||
|
is primarily intended for creation idempotence and configuration definition.
|
||||||
|
Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names'
|
||||||
|
type: string
|
||||||
|
namespace:
|
||||||
|
description: |-
|
||||||
|
Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.
|
||||||
|
|
||||||
|
Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces
|
||||||
|
type: string
|
||||||
|
ownerReferences:
|
||||||
|
description: List of objects depended by this object. If ALL objects
|
||||||
|
in the list have been deleted, this object will be garbage collected.
|
||||||
|
If this object is managed by a controller, then an entry in this list
|
||||||
|
will point to this controller, with the controller field set to true.
|
||||||
|
There cannot be more than one managing controller.
|
||||||
|
items:
|
||||||
|
description: OwnerReference contains enough information to let you
|
||||||
|
identify an owning object. Currently, an owning object must be in
|
||||||
|
the same namespace, so there is no namespace field.
|
||||||
|
properties:
|
||||||
|
apiVersion:
|
||||||
|
description: API version of the referent.
|
||||||
|
type: string
|
||||||
|
blockOwnerDeletion:
|
||||||
|
description: If true, AND if the owner has the "foregroundDeletion"
|
||||||
|
finalizer, then the owner cannot be deleted from the key-value
|
||||||
|
store until this reference is removed. Defaults to false. To
|
||||||
|
set this field, a user needs "delete" permission of the owner,
|
||||||
|
otherwise 422 (Unprocessable Entity) will be returned.
|
||||||
|
type: boolean
|
||||||
|
controller:
|
||||||
|
description: If true, this reference points to the managing controller.
|
||||||
|
type: boolean
|
||||||
|
kind:
|
||||||
|
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
|
||||||
|
type: string
|
||||||
|
name:
|
||||||
|
description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names'
|
||||||
|
type: string
|
||||||
|
uid:
|
||||||
|
description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids'
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- apiVersion
|
||||||
|
- kind
|
||||||
|
- name
|
||||||
|
- uid
|
||||||
|
type: array
|
||||||
|
resourceVersion:
|
||||||
|
description: |-
|
||||||
|
An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.
|
||||||
|
|
||||||
|
Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
|
||||||
|
type: string
|
||||||
|
selfLink:
|
||||||
|
description: SelfLink is a URL representing this object. Populated by
|
||||||
|
the system. Read-only.
|
||||||
|
type: string
|
||||||
|
uid:
|
||||||
|
description: |-
|
||||||
|
UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.
|
||||||
|
|
||||||
|
Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids
|
||||||
|
type: string
|
||||||
|
spec:
|
||||||
|
description: PrometheusRuleSpec contains specification parameters for a
|
||||||
|
Rule.
|
||||||
|
properties:
|
||||||
|
groups:
|
||||||
|
description: Content of Prometheus rule file
|
||||||
|
items:
|
||||||
|
description: RuleGroup is a list of sequentially evaluated recording
|
||||||
|
and alerting rules.
|
||||||
|
properties:
|
||||||
|
interval:
|
||||||
|
type: string
|
||||||
|
name:
|
||||||
|
type: string
|
||||||
|
rules:
|
||||||
|
items:
|
||||||
|
description: Rule describes an alerting or recording rule.
|
||||||
|
properties:
|
||||||
|
alert:
|
||||||
|
type: string
|
||||||
|
annotations:
|
||||||
|
type: object
|
||||||
|
expr:
|
||||||
|
anyOf:
|
||||||
|
- type: string
|
||||||
|
- type: integer
|
||||||
|
for:
|
||||||
|
type: string
|
||||||
|
labels:
|
||||||
|
type: object
|
||||||
|
record:
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- expr
|
||||||
|
type: array
|
||||||
|
required:
|
||||||
|
- name
|
||||||
|
- rules
|
||||||
|
type: array
|
||||||
|
version: v1
|
@ -0,0 +1,291 @@
|
|||||||
|
apiVersion: apiextensions.k8s.io/v1beta1
|
||||||
|
kind: CustomResourceDefinition
|
||||||
|
metadata:
|
||||||
|
creationTimestamp: null
|
||||||
|
name: servicemonitors.monitoring.coreos.com
|
||||||
|
spec:
|
||||||
|
group: monitoring.coreos.com
|
||||||
|
names:
|
||||||
|
kind: ServiceMonitor
|
||||||
|
plural: servicemonitors
|
||||||
|
scope: Namespaced
|
||||||
|
validation:
|
||||||
|
openAPIV3Schema:
|
||||||
|
properties:
|
||||||
|
apiVersion:
|
||||||
|
description: 'APIVersion defines the versioned schema of this representation
|
||||||
|
of an object. Servers should convert recognized schemas to the latest
|
||||||
|
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
|
||||||
|
type: string
|
||||||
|
kind:
|
||||||
|
description: 'Kind is a string value representing the REST resource this
|
||||||
|
object represents. Servers may infer this from the endpoint the client
|
||||||
|
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
|
||||||
|
type: string
|
||||||
|
spec:
|
||||||
|
description: ServiceMonitorSpec contains specification parameters for a
|
||||||
|
ServiceMonitor.
|
||||||
|
properties:
|
||||||
|
endpoints:
|
||||||
|
description: A list of endpoints allowed as part of this ServiceMonitor.
|
||||||
|
items:
|
||||||
|
description: Endpoint defines a scrapeable endpoint serving Prometheus
|
||||||
|
metrics.
|
||||||
|
properties:
|
||||||
|
basicAuth:
|
||||||
|
description: 'BasicAuth allow an endpoint to authenticate over
|
||||||
|
basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints'
|
||||||
|
properties:
|
||||||
|
password:
|
||||||
|
description: SecretKeySelector selects a key of a Secret.
|
||||||
|
properties:
|
||||||
|
key:
|
||||||
|
description: The key of the secret to select from. Must
|
||||||
|
be a valid secret key.
|
||||||
|
type: string
|
||||||
|
name:
|
||||||
|
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
|
||||||
|
type: string
|
||||||
|
optional:
|
||||||
|
description: Specify whether the Secret or it's key must
|
||||||
|
be defined
|
||||||
|
type: boolean
|
||||||
|
required:
|
||||||
|
- key
|
||||||
|
username:
|
||||||
|
description: SecretKeySelector selects a key of a Secret.
|
||||||
|
properties:
|
||||||
|
key:
|
||||||
|
description: The key of the secret to select from. Must
|
||||||
|
be a valid secret key.
|
||||||
|
type: string
|
||||||
|
name:
|
||||||
|
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
|
||||||
|
type: string
|
||||||
|
optional:
|
||||||
|
description: Specify whether the Secret or it's key must
|
||||||
|
be defined
|
||||||
|
type: boolean
|
||||||
|
required:
|
||||||
|
- key
|
||||||
|
bearerTokenFile:
|
||||||
|
description: File to read bearer token for scraping targets.
|
||||||
|
type: string
|
||||||
|
honorLabels:
|
||||||
|
description: HonorLabels chooses the metric's labels on collisions
|
||||||
|
with target labels.
|
||||||
|
type: boolean
|
||||||
|
interval:
|
||||||
|
description: Interval at which metrics should be scraped
|
||||||
|
type: string
|
||||||
|
metricRelabelings:
|
||||||
|
description: MetricRelabelConfigs to apply to samples before ingestion.
|
||||||
|
items:
|
||||||
|
description: 'RelabelConfig allows dynamic rewriting of the
|
||||||
|
label set, being applied to samples before ingestion. It defines
|
||||||
|
`<metric_relabel_configs>`-section of Prometheus configuration.
|
||||||
|
More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
|
||||||
|
properties:
|
||||||
|
action:
|
||||||
|
description: Action to perform based on regex matching.
|
||||||
|
Default is 'replace'
|
||||||
|
type: string
|
||||||
|
modulus:
|
||||||
|
description: Modulus to take of the hash of the source label
|
||||||
|
values.
|
||||||
|
format: int64
|
||||||
|
type: integer
|
||||||
|
regex:
|
||||||
|
description: Regular expression against which the extracted
|
||||||
|
value is matched. defailt is '(.*)'
|
||||||
|
type: string
|
||||||
|
replacement:
|
||||||
|
description: Replacement value against which a regex replace
|
||||||
|
is performed if the regular expression matches. Regex
|
||||||
|
capture groups are available. Default is '$1'
|
||||||
|
type: string
|
||||||
|
separator:
|
||||||
|
description: Separator placed between concatenated source
|
||||||
|
label values. default is ';'.
|
||||||
|
type: string
|
||||||
|
sourceLabels:
|
||||||
|
description: The source labels select values from existing
|
||||||
|
labels. Their content is concatenated using the configured
|
||||||
|
separator and matched against the configured regular expression
|
||||||
|
for the replace, keep, and drop actions.
|
||||||
|
items:
|
||||||
|
type: string
|
||||||
|
type: array
|
||||||
|
targetLabel:
|
||||||
|
description: Label to which the resulting value is written
|
||||||
|
in a replace action. It is mandatory for replace actions.
|
||||||
|
Regex capture groups are available.
|
||||||
|
type: string
|
||||||
|
type: array
|
||||||
|
params:
|
||||||
|
description: Optional HTTP URL parameters
|
||||||
|
type: object
|
||||||
|
path:
|
||||||
|
description: HTTP path to scrape for metrics.
|
||||||
|
type: string
|
||||||
|
port:
|
||||||
|
description: Name of the service port this endpoint refers to.
|
||||||
|
Mutually exclusive with targetPort.
|
||||||
|
type: string
|
||||||
|
proxyUrl:
|
||||||
|
description: ProxyURL eg http://proxyserver:2195 Directs scrapes
|
||||||
|
to proxy through this endpoint.
|
||||||
|
type: string
|
||||||
|
relabelings:
|
||||||
|
description: 'RelabelConfigs to apply to samples before ingestion.
|
||||||
|
More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#<relabel_config>'
|
||||||
|
items:
|
||||||
|
description: 'RelabelConfig allows dynamic rewriting of the
|
||||||
|
label set, being applied to samples before ingestion. It defines
|
||||||
|
`<metric_relabel_configs>`-section of Prometheus configuration.
|
||||||
|
More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
|
||||||
|
properties:
|
||||||
|
action:
|
||||||
|
description: Action to perform based on regex matching.
|
||||||
|
Default is 'replace'
|
||||||
|
type: string
|
||||||
|
modulus:
|
||||||
|
description: Modulus to take of the hash of the source label
|
||||||
|
values.
|
||||||
|
format: int64
|
||||||
|
type: integer
|
||||||
|
regex:
|
||||||
|
description: Regular expression against which the extracted
|
||||||
|
value is matched. defailt is '(.*)'
|
||||||
|
type: string
|
||||||
|
replacement:
|
||||||
|
description: Replacement value against which a regex replace
|
||||||
|
is performed if the regular expression matches. Regex
|
||||||
|
capture groups are available. Default is '$1'
|
||||||
|
type: string
|
||||||
|
separator:
|
||||||
|
description: Separator placed between concatenated source
|
||||||
|
label values. default is ';'.
|
||||||
|
type: string
|
||||||
|
sourceLabels:
|
||||||
|
description: The source labels select values from existing
|
||||||
|
labels. Their content is concatenated using the configured
|
||||||
|
separator and matched against the configured regular expression
|
||||||
|
for the replace, keep, and drop actions.
|
||||||
|
items:
|
||||||
|
type: string
|
||||||
|
type: array
|
||||||
|
targetLabel:
|
||||||
|
description: Label to which the resulting value is written
|
||||||
|
in a replace action. It is mandatory for replace actions.
|
||||||
|
Regex capture groups are available.
|
||||||
|
type: string
|
||||||
|
type: array
|
||||||
|
scheme:
|
||||||
|
description: HTTP scheme to use for scraping.
|
||||||
|
type: string
|
||||||
|
scrapeTimeout:
|
||||||
|
description: Timeout after which the scrape is ended
|
||||||
|
type: string
|
||||||
|
targetPort:
|
||||||
|
anyOf:
|
||||||
|
- type: string
|
||||||
|
- type: integer
|
||||||
|
tlsConfig:
|
||||||
|
description: TLSConfig specifies TLS configuration parameters.
|
||||||
|
properties:
|
||||||
|
caFile:
|
||||||
|
description: The CA cert to use for the targets.
|
||||||
|
type: string
|
||||||
|
certFile:
|
||||||
|
description: The client cert file for the targets.
|
||||||
|
type: string
|
||||||
|
insecureSkipVerify:
|
||||||
|
description: Disable target certificate validation.
|
||||||
|
type: boolean
|
||||||
|
keyFile:
|
||||||
|
description: The client key file for the targets.
|
||||||
|
type: string
|
||||||
|
serverName:
|
||||||
|
description: Used to verify the hostname for the targets.
|
||||||
|
type: string
|
||||||
|
type: array
|
||||||
|
jobLabel:
|
||||||
|
description: The label to use to retrieve the job name from.
|
||||||
|
type: string
|
||||||
|
namespaceSelector:
|
||||||
|
description: NamespaceSelector is a selector for selecting either all
|
||||||
|
namespaces or a list of namespaces.
|
||||||
|
properties:
|
||||||
|
any:
|
||||||
|
description: Boolean describing whether all namespaces are selected
|
||||||
|
in contrast to a list restricting them.
|
||||||
|
type: boolean
|
||||||
|
matchNames:
|
||||||
|
description: List of namespace names.
|
||||||
|
items:
|
||||||
|
type: string
|
||||||
|
type: array
|
||||||
|
podTargetLabels:
|
||||||
|
description: PodTargetLabels transfers labels on the Kubernetes Pod
|
||||||
|
onto the target.
|
||||||
|
items:
|
||||||
|
type: string
|
||||||
|
type: array
|
||||||
|
sampleLimit:
|
||||||
|
description: SampleLimit defines per-scrape limit on number of scraped
|
||||||
|
samples that will be accepted.
|
||||||
|
format: int64
|
||||||
|
type: integer
|
||||||
|
selector:
|
||||||
|
description: A label selector is a label query over a set of resources.
|
||||||
|
The result of matchLabels and matchExpressions are ANDed. An empty
|
||||||
|
label selector matches all objects. A null label selector matches
|
||||||
|
no objects.
|
||||||
|
properties:
|
||||||
|
matchExpressions:
|
||||||
|
description: matchExpressions is a list of label selector requirements.
|
||||||
|
The requirements are ANDed.
|
||||||
|
items:
|
||||||
|
description: A label selector requirement is a selector that contains
|
||||||
|
values, a key, and an operator that relates the key and values.
|
||||||
|
properties:
|
||||||
|
key:
|
||||||
|
description: key is the label key that the selector applies
|
||||||
|
to.
|
||||||
|
type: string
|
||||||
|
operator:
|
||||||
|
description: operator represents a key's relationship to a
|
||||||
|
set of values. Valid operators are In, NotIn, Exists and
|
||||||
|
DoesNotExist.
|
||||||
|
type: string
|
||||||
|
values:
|
||||||
|
description: values is an array of string values. If the operator
|
||||||
|
is In or NotIn, the values array must be non-empty. If the
|
||||||
|
operator is Exists or DoesNotExist, the values array must
|
||||||
|
be empty. This array is replaced during a strategic merge
|
||||||
|
patch.
|
||||||
|
items:
|
||||||
|
type: string
|
||||||
|
type: array
|
||||||
|
required:
|
||||||
|
- key
|
||||||
|
- operator
|
||||||
|
type: array
|
||||||
|
matchLabels:
|
||||||
|
description: matchLabels is a map of {key,value} pairs. A single
|
||||||
|
{key,value} in the matchLabels map is equivalent to an element
|
||||||
|
of matchExpressions, whose key field is "key", the operator is
|
||||||
|
"In", and the values array contains only "value". The requirements
|
||||||
|
are ANDed.
|
||||||
|
type: object
|
||||||
|
targetLabels:
|
||||||
|
description: TargetLabels transfers labels on the Kubernetes Service
|
||||||
|
onto the target.
|
||||||
|
items:
|
||||||
|
type: string
|
||||||
|
type: array
|
||||||
|
required:
|
||||||
|
- endpoints
|
||||||
|
- selector
|
||||||
|
version: v1
|
66
manifests/0prometheus-operator-clusterRole.yaml
Normal file
66
manifests/0prometheus-operator-clusterRole.yaml
Normal file
@ -0,0 +1,66 @@
|
|||||||
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
|
kind: ClusterRole
|
||||||
|
metadata:
|
||||||
|
name: prometheus-operator
|
||||||
|
rules:
|
||||||
|
- apiGroups:
|
||||||
|
- apiextensions.k8s.io
|
||||||
|
resources:
|
||||||
|
- customresourcedefinitions
|
||||||
|
verbs:
|
||||||
|
- '*'
|
||||||
|
- apiGroups:
|
||||||
|
- monitoring.coreos.com
|
||||||
|
resources:
|
||||||
|
- alertmanagers
|
||||||
|
- prometheuses
|
||||||
|
- prometheuses/finalizers
|
||||||
|
- alertmanagers/finalizers
|
||||||
|
- servicemonitors
|
||||||
|
- prometheusrules
|
||||||
|
verbs:
|
||||||
|
- '*'
|
||||||
|
- apiGroups:
|
||||||
|
- apps
|
||||||
|
resources:
|
||||||
|
- statefulsets
|
||||||
|
verbs:
|
||||||
|
- '*'
|
||||||
|
- apiGroups:
|
||||||
|
- ""
|
||||||
|
resources:
|
||||||
|
- configmaps
|
||||||
|
- secrets
|
||||||
|
verbs:
|
||||||
|
- '*'
|
||||||
|
- apiGroups:
|
||||||
|
- ""
|
||||||
|
resources:
|
||||||
|
- pods
|
||||||
|
verbs:
|
||||||
|
- list
|
||||||
|
- delete
|
||||||
|
- apiGroups:
|
||||||
|
- ""
|
||||||
|
resources:
|
||||||
|
- services
|
||||||
|
- endpoints
|
||||||
|
verbs:
|
||||||
|
- get
|
||||||
|
- create
|
||||||
|
- update
|
||||||
|
- apiGroups:
|
||||||
|
- ""
|
||||||
|
resources:
|
||||||
|
- nodes
|
||||||
|
verbs:
|
||||||
|
- list
|
||||||
|
- watch
|
||||||
|
- apiGroups:
|
||||||
|
- ""
|
||||||
|
resources:
|
||||||
|
- namespaces
|
||||||
|
verbs:
|
||||||
|
- get
|
||||||
|
- list
|
||||||
|
- watch
|
12
manifests/0prometheus-operator-clusterRoleBinding.yaml
Normal file
12
manifests/0prometheus-operator-clusterRoleBinding.yaml
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
|
kind: ClusterRoleBinding
|
||||||
|
metadata:
|
||||||
|
name: prometheus-operator
|
||||||
|
roleRef:
|
||||||
|
apiGroup: rbac.authorization.k8s.io
|
||||||
|
kind: ClusterRole
|
||||||
|
name: prometheus-operator
|
||||||
|
subjects:
|
||||||
|
- kind: ServiceAccount
|
||||||
|
name: prometheus-operator
|
||||||
|
namespace: monitoring
|
44
manifests/0prometheus-operator-deployment.yaml
Normal file
44
manifests/0prometheus-operator-deployment.yaml
Normal file
@ -0,0 +1,44 @@
|
|||||||
|
apiVersion: apps/v1beta2
|
||||||
|
kind: Deployment
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
k8s-app: prometheus-operator
|
||||||
|
name: prometheus-operator
|
||||||
|
namespace: monitoring
|
||||||
|
spec:
|
||||||
|
replicas: 1
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
k8s-app: prometheus-operator
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
k8s-app: prometheus-operator
|
||||||
|
spec:
|
||||||
|
containers:
|
||||||
|
- args:
|
||||||
|
- --kubelet-service=kube-system/kubelet
|
||||||
|
- --logtostderr=true
|
||||||
|
- --config-reloader-image=carlosedp/configmap-reload:v0.2.2
|
||||||
|
- --prometheus-config-reloader=carlosedp/prometheus-config-reloader:v0.26.0
|
||||||
|
image: carlosedp/prometheus-operator:v0.26.0
|
||||||
|
name: prometheus-operator
|
||||||
|
ports:
|
||||||
|
- containerPort: 8080
|
||||||
|
name: http
|
||||||
|
resources:
|
||||||
|
limits:
|
||||||
|
cpu: 200m
|
||||||
|
memory: 200Mi
|
||||||
|
requests:
|
||||||
|
cpu: 100m
|
||||||
|
memory: 100Mi
|
||||||
|
securityContext:
|
||||||
|
allowPrivilegeEscalation: false
|
||||||
|
readOnlyRootFilesystem: true
|
||||||
|
nodeSelector:
|
||||||
|
beta.kubernetes.io/os: linux
|
||||||
|
securityContext:
|
||||||
|
runAsNonRoot: true
|
||||||
|
runAsUser: 65534
|
||||||
|
serviceAccountName: prometheus-operator
|
15
manifests/0prometheus-operator-service.yaml
Normal file
15
manifests/0prometheus-operator-service.yaml
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: Service
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
k8s-app: prometheus-operator
|
||||||
|
name: prometheus-operator
|
||||||
|
namespace: monitoring
|
||||||
|
spec:
|
||||||
|
clusterIP: None
|
||||||
|
ports:
|
||||||
|
- name: http
|
||||||
|
port: 8080
|
||||||
|
targetPort: http
|
||||||
|
selector:
|
||||||
|
k8s-app: prometheus-operator
|
5
manifests/0prometheus-operator-serviceAccount.yaml
Normal file
5
manifests/0prometheus-operator-serviceAccount.yaml
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: ServiceAccount
|
||||||
|
metadata:
|
||||||
|
name: prometheus-operator
|
||||||
|
namespace: monitoring
|
14
manifests/0prometheus-operator-serviceMonitor.yaml
Normal file
14
manifests/0prometheus-operator-serviceMonitor.yaml
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
apiVersion: monitoring.coreos.com/v1
|
||||||
|
kind: ServiceMonitor
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
k8s-app: prometheus-operator
|
||||||
|
name: prometheus-operator
|
||||||
|
namespace: monitoring
|
||||||
|
spec:
|
||||||
|
endpoints:
|
||||||
|
- honorLabels: true
|
||||||
|
port: http
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
k8s-app: prometheus-operator
|
18
manifests/alertmanager-alertmanager.yaml
Normal file
18
manifests/alertmanager-alertmanager.yaml
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
apiVersion: monitoring.coreos.com/v1
|
||||||
|
kind: Alertmanager
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
alertmanager: main
|
||||||
|
name: main
|
||||||
|
namespace: monitoring
|
||||||
|
spec:
|
||||||
|
baseImage: carlosedp/alertmanager
|
||||||
|
nodeSelector:
|
||||||
|
beta.kubernetes.io/os: linux
|
||||||
|
replicas: 1
|
||||||
|
securityContext:
|
||||||
|
fsGroup: 2000
|
||||||
|
runAsNonRoot: true
|
||||||
|
runAsUser: 1000
|
||||||
|
serviceAccountName: alertmanager-main
|
||||||
|
version: v0.15.3
|
8
manifests/alertmanager-secret.yaml
Normal file
8
manifests/alertmanager-secret.yaml
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
data:
|
||||||
|
alertmanager.yaml: Z2xvYmFsOgogIHJlc29sdmVfdGltZW91dDogNW0Kcm91dGU6CiAgZ3JvdXBfYnk6IFsnam9iJ10KICBncm91cF93YWl0OiAzMHMKICBncm91cF9pbnRlcnZhbDogNW0KICByZXBlYXRfaW50ZXJ2YWw6IDEyaAogIHJlY2VpdmVyOiAnbnVsbCcKICByb3V0ZXM6CiAgLSBtYXRjaDoKICAgICAgYWxlcnRuYW1lOiBEZWFkTWFuc1N3aXRjaAogICAgcmVjZWl2ZXI6ICdudWxsJwpyZWNlaXZlcnM6Ci0gbmFtZTogJ251bGwnCg==
|
||||||
|
kind: Secret
|
||||||
|
metadata:
|
||||||
|
name: alertmanager-main
|
||||||
|
namespace: monitoring
|
||||||
|
type: Opaque
|
15
manifests/alertmanager-service.yaml
Normal file
15
manifests/alertmanager-service.yaml
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: Service
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
alertmanager: main
|
||||||
|
name: alertmanager-main
|
||||||
|
namespace: monitoring
|
||||||
|
spec:
|
||||||
|
ports:
|
||||||
|
- name: web
|
||||||
|
port: 9093
|
||||||
|
targetPort: web
|
||||||
|
selector:
|
||||||
|
alertmanager: main
|
||||||
|
app: alertmanager
|
5
manifests/alertmanager-serviceAccount.yaml
Normal file
5
manifests/alertmanager-serviceAccount.yaml
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: ServiceAccount
|
||||||
|
metadata:
|
||||||
|
name: alertmanager-main
|
||||||
|
namespace: monitoring
|
14
manifests/alertmanager-serviceMonitor.yaml
Normal file
14
manifests/alertmanager-serviceMonitor.yaml
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
apiVersion: monitoring.coreos.com/v1
|
||||||
|
kind: ServiceMonitor
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
k8s-app: alertmanager
|
||||||
|
name: alertmanager
|
||||||
|
namespace: monitoring
|
||||||
|
spec:
|
||||||
|
endpoints:
|
||||||
|
- interval: 30s
|
||||||
|
port: web
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
alertmanager: main
|
44
manifests/arm-exporter-daemonset.yaml
Normal file
44
manifests/arm-exporter-daemonset.yaml
Normal file
@ -0,0 +1,44 @@
|
|||||||
|
apiVersion: apps/v1beta2
|
||||||
|
kind: DaemonSet
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
k8s-app: arm-exporter
|
||||||
|
name: arm-exporter
|
||||||
|
namespace: monitoring
|
||||||
|
spec:
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
k8s-app: arm-exporter
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
k8s-app: arm-exporter
|
||||||
|
spec:
|
||||||
|
containers:
|
||||||
|
- image: carlosedp/arm_exporter:latest
|
||||||
|
name: arm-exporter
|
||||||
|
resources:
|
||||||
|
limits:
|
||||||
|
cpu: 200m
|
||||||
|
memory: 180Mi
|
||||||
|
requests:
|
||||||
|
cpu: 100m
|
||||||
|
memory: 180Mi
|
||||||
|
- args:
|
||||||
|
- --secure-listen-address=$(IP):9243
|
||||||
|
- --upstream=http://127.0.0.1:9243/
|
||||||
|
image: carlosedp/kube-rbac-proxy:v0.4.0
|
||||||
|
name: kube-rbac-proxy
|
||||||
|
ports:
|
||||||
|
- containerPort: 9243
|
||||||
|
hostPort: 9243
|
||||||
|
name: https
|
||||||
|
resources:
|
||||||
|
limits:
|
||||||
|
cpu: 20m
|
||||||
|
memory: 40Mi
|
||||||
|
requests:
|
||||||
|
cpu: 10m
|
||||||
|
memory: 20Mi
|
||||||
|
nodeSelector:
|
||||||
|
beta.kubernetes.io/os: linux
|
15
manifests/arm-exporter-service.yaml
Normal file
15
manifests/arm-exporter-service.yaml
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: Service
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
k8s-app: arm-exporter
|
||||||
|
name: arm-exporter
|
||||||
|
namespace: monitoring
|
||||||
|
spec:
|
||||||
|
clusterIP: None
|
||||||
|
ports:
|
||||||
|
- name: https
|
||||||
|
port: 9243
|
||||||
|
targetPort: https
|
||||||
|
selector:
|
||||||
|
k8s-app: arm-exporter
|
19
manifests/arm-exporter-serviceMonitor.yaml
Normal file
19
manifests/arm-exporter-serviceMonitor.yaml
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
apiVersion: monitoring.coreos.com/v1
|
||||||
|
kind: ServiceMonitor
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
k8s-app: arm-exporter
|
||||||
|
name: arm-exporter
|
||||||
|
namespace: monitoring
|
||||||
|
spec:
|
||||||
|
endpoints:
|
||||||
|
- bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
|
||||||
|
interval: 30s
|
||||||
|
port: https
|
||||||
|
scheme: https
|
||||||
|
tlsConfig:
|
||||||
|
insecureSkipVerify: true
|
||||||
|
jobLabel: k8s-app
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
k8s-app: arm-exporter
|
8
manifests/grafana-config.yaml
Normal file
8
manifests/grafana-config.yaml
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
data:
|
||||||
|
grafana.ini: W2F1dGguYW5vbnltb3VzXQplbmFibGVkID0gZmFsc2UKW2F1dGguYmFzaWNdCmVuYWJsZWQgPSBmYWxzZQpbZGF0YWJhc2VdCnBhdGggPSAvZGF0YS9ncmFmYW5hLmRiCltwYXRoc10KZGF0YSA9IC92YXIvbGliL2dyYWZhbmEKbG9ncyA9IC92YXIvbGliL2dyYWZhbmEvbG9nCnBsdWdpbnMgPSAvdmFyL2xpYi9ncmFmYW5hL3BsdWdpbnMKcHJvdmlzaW9uaW5nID0gL2V0Yy9ncmFmYW5hL3Byb3Zpc2lvbmluZwpbc2Vzc2lvbl0KcHJvdmlkZXIgPSBtZW1vcnkKW3NtdHBdCmVuYWJsZWQgPSB0cnVlCmZyb21fYWRkcmVzcyA9IGNhcmxvc2VkcEBnbWFpbC5jb20KZnJvbV9uYW1lID0gR3JhZmFuYSBBbGVydApob3N0ID0gc210cC1zZXJ2ZXIubW9uaXRvcmluZy5zdmM6MjUKcGFzc3dvcmQgPSAKc2tpcF92ZXJpZnkgPSB0cnVlCnVzZXIgPSAK
|
||||||
|
kind: Secret
|
||||||
|
metadata:
|
||||||
|
name: grafana-config
|
||||||
|
namespace: monitoring
|
||||||
|
type: Opaque
|
8
manifests/grafana-dashboardDatasources.yaml
Normal file
8
manifests/grafana-dashboardDatasources.yaml
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
data:
|
||||||
|
prometheus.yaml: ewogICAgImFwaVZlcnNpb24iOiAxLAogICAgImRhdGFzb3VyY2VzIjogWwogICAgICAgIHsKICAgICAgICAgICAgImFjY2VzcyI6ICJwcm94eSIsCiAgICAgICAgICAgICJlZGl0YWJsZSI6IGZhbHNlLAogICAgICAgICAgICAibmFtZSI6ICJwcm9tZXRoZXVzIiwKICAgICAgICAgICAgIm9yZ0lkIjogMSwKICAgICAgICAgICAgInR5cGUiOiAicHJvbWV0aGV1cyIsCiAgICAgICAgICAgICJ1cmwiOiAiaHR0cDovL3Byb21ldGhldXMtazhzLm1vbml0b3Jpbmcuc3ZjOjkwOTAiLAogICAgICAgICAgICAidmVyc2lvbiI6IDEKICAgICAgICB9CiAgICBdCn0=
|
||||||
|
kind: Secret
|
||||||
|
metadata:
|
||||||
|
name: grafana-datasources
|
||||||
|
namespace: monitoring
|
||||||
|
type: Opaque
|
7891
manifests/grafana-dashboardDefinitions.yaml
Normal file
7891
manifests/grafana-dashboardDefinitions.yaml
Normal file
File diff suppressed because it is too large
Load Diff
21
manifests/grafana-dashboardSources.yaml
Normal file
21
manifests/grafana-dashboardSources.yaml
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
data:
|
||||||
|
dashboards.yaml: |-
|
||||||
|
{
|
||||||
|
"apiVersion": 1,
|
||||||
|
"providers": [
|
||||||
|
{
|
||||||
|
"folder": "",
|
||||||
|
"name": "0",
|
||||||
|
"options": {
|
||||||
|
"path": "/grafana-dashboard-definitions/0"
|
||||||
|
},
|
||||||
|
"orgId": 1,
|
||||||
|
"type": "file"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
kind: ConfigMap
|
||||||
|
metadata:
|
||||||
|
name: grafana-dashboards
|
||||||
|
namespace: monitoring
|
132
manifests/grafana-deployment.yaml
Normal file
132
manifests/grafana-deployment.yaml
Normal file
@ -0,0 +1,132 @@
|
|||||||
|
apiVersion: apps/v1beta2
|
||||||
|
kind: Deployment
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
app: grafana
|
||||||
|
name: grafana
|
||||||
|
namespace: monitoring
|
||||||
|
spec:
|
||||||
|
replicas: 1
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
app: grafana
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
app: grafana
|
||||||
|
spec:
|
||||||
|
containers:
|
||||||
|
- args:
|
||||||
|
- -config=/etc/grafana/grafana.ini
|
||||||
|
image: carlosedp/monitoring-grafana:v5.4.0
|
||||||
|
name: grafana
|
||||||
|
ports:
|
||||||
|
- containerPort: 3000
|
||||||
|
name: http
|
||||||
|
readinessProbe:
|
||||||
|
httpGet:
|
||||||
|
path: /api/health
|
||||||
|
port: http
|
||||||
|
resources:
|
||||||
|
limits:
|
||||||
|
cpu: 200m
|
||||||
|
memory: 200Mi
|
||||||
|
requests:
|
||||||
|
cpu: 100m
|
||||||
|
memory: 100Mi
|
||||||
|
volumeMounts:
|
||||||
|
- mountPath: /var/lib/grafana
|
||||||
|
name: grafana-storage
|
||||||
|
readOnly: false
|
||||||
|
- mountPath: /etc/grafana/provisioning/datasources
|
||||||
|
name: grafana-datasources
|
||||||
|
readOnly: false
|
||||||
|
- mountPath: /etc/grafana/provisioning/dashboards
|
||||||
|
name: grafana-dashboards
|
||||||
|
readOnly: false
|
||||||
|
- mountPath: /grafana-dashboard-definitions/0/k8s-cluster-rsrc-use
|
||||||
|
name: grafana-dashboard-k8s-cluster-rsrc-use
|
||||||
|
readOnly: false
|
||||||
|
- mountPath: /grafana-dashboard-definitions/0/k8s-node-rsrc-use
|
||||||
|
name: grafana-dashboard-k8s-node-rsrc-use
|
||||||
|
readOnly: false
|
||||||
|
- mountPath: /grafana-dashboard-definitions/0/k8s-resources-cluster
|
||||||
|
name: grafana-dashboard-k8s-resources-cluster
|
||||||
|
readOnly: false
|
||||||
|
- mountPath: /grafana-dashboard-definitions/0/k8s-resources-namespace
|
||||||
|
name: grafana-dashboard-k8s-resources-namespace
|
||||||
|
readOnly: false
|
||||||
|
- mountPath: /grafana-dashboard-definitions/0/k8s-resources-pod
|
||||||
|
name: grafana-dashboard-k8s-resources-pod
|
||||||
|
readOnly: false
|
||||||
|
- mountPath: /grafana-dashboard-definitions/0/nodes
|
||||||
|
name: grafana-dashboard-nodes
|
||||||
|
readOnly: false
|
||||||
|
- mountPath: /grafana-dashboard-definitions/0/persistentvolumesusage
|
||||||
|
name: grafana-dashboard-persistentvolumesusage
|
||||||
|
readOnly: false
|
||||||
|
- mountPath: /grafana-dashboard-definitions/0/pods
|
||||||
|
name: grafana-dashboard-pods
|
||||||
|
readOnly: false
|
||||||
|
- mountPath: /grafana-dashboard-definitions/0/statefulset
|
||||||
|
name: grafana-dashboard-statefulset
|
||||||
|
readOnly: false
|
||||||
|
- mountPath: /etc/grafana
|
||||||
|
name: grafana-config
|
||||||
|
readOnly: false
|
||||||
|
securityContext:
|
||||||
|
runAsNonRoot: true
|
||||||
|
runAsUser: 65534
|
||||||
|
serviceAccountName: grafana
|
||||||
|
volumes:
|
||||||
|
- emptyDir: {}
|
||||||
|
name: grafana-storage
|
||||||
|
- name: grafana-datasources
|
||||||
|
secret:
|
||||||
|
secretName: grafana-datasources
|
||||||
|
- configMap:
|
||||||
|
name: grafana-dashboards
|
||||||
|
name: grafana-dashboards
|
||||||
|
- configMap:
|
||||||
|
name: grafana-dashboard-k8s-cluster-rsrc-use
|
||||||
|
name: grafana-dashboard-k8s-cluster-rsrc-use
|
||||||
|
- configMap:
|
||||||
|
name: grafana-dashboard-k8s-node-rsrc-use
|
||||||
|
name: grafana-dashboard-k8s-node-rsrc-use
|
||||||
|
- configMap:
|
||||||
|
name: grafana-dashboard-k8s-resources-cluster
|
||||||
|
name: grafana-dashboard-k8s-resources-cluster
|
||||||
|
- configMap:
|
||||||
|
name: grafana-dashboard-k8s-resources-namespace
|
||||||
|
name: grafana-dashboard-k8s-resources-namespace
|
||||||
|
- configMap:
|
||||||
|
name: grafana-dashboard-k8s-resources-pod
|
||||||
|
name: grafana-dashboard-k8s-resources-pod
|
||||||
|
- configMap:
|
||||||
|
name: grafana-dashboard-nodes
|
||||||
|
name: grafana-dashboard-nodes
|
||||||
|
- configMap:
|
||||||
|
name: grafana-dashboard-persistentvolumesusage
|
||||||
|
name: grafana-dashboard-persistentvolumesusage
|
||||||
|
- configMap:
|
||||||
|
name: grafana-dashboard-pods
|
||||||
|
name: grafana-dashboard-pods
|
||||||
|
- configMap:
|
||||||
|
name: grafana-dashboard-statefulset
|
||||||
|
name: grafana-dashboard-statefulset
|
||||||
|
- name: grafana-config
|
||||||
|
secret:
|
||||||
|
secretName: grafana-config
|
||||||
|
volumeClaimTemplate:
|
||||||
|
apiVersion: v1
|
||||||
|
kind: PersistentVolumeClaim
|
||||||
|
metadata:
|
||||||
|
name: grafana-storage
|
||||||
|
namespace: monitoring
|
||||||
|
spec:
|
||||||
|
accessModes:
|
||||||
|
- ReadWriteMany
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
storage: 2Gi
|
||||||
|
storageClassName: nfs-ssd-node1
|
12
manifests/grafana-service.yaml
Normal file
12
manifests/grafana-service.yaml
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: Service
|
||||||
|
metadata:
|
||||||
|
name: grafana
|
||||||
|
namespace: monitoring
|
||||||
|
spec:
|
||||||
|
ports:
|
||||||
|
- name: http
|
||||||
|
port: 3000
|
||||||
|
targetPort: http
|
||||||
|
selector:
|
||||||
|
app: grafana
|
5
manifests/grafana-serviceAccount.yaml
Normal file
5
manifests/grafana-serviceAccount.yaml
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: ServiceAccount
|
||||||
|
metadata:
|
||||||
|
name: grafana
|
||||||
|
namespace: monitoring
|
14
manifests/ingress-alertmanager-main.yaml
Normal file
14
manifests/ingress-alertmanager-main.yaml
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
apiVersion: extensions/v1beta1
|
||||||
|
kind: Ingress
|
||||||
|
metadata:
|
||||||
|
name: alertmanager-main
|
||||||
|
namespace: monitoring
|
||||||
|
spec:
|
||||||
|
rules:
|
||||||
|
- host: alertmanager.internal.carlosedp.com
|
||||||
|
http:
|
||||||
|
paths:
|
||||||
|
- backend:
|
||||||
|
serviceName: alertmanager-main
|
||||||
|
servicePort: web
|
||||||
|
path: /
|
14
manifests/ingress-grafana.yaml
Normal file
14
manifests/ingress-grafana.yaml
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
apiVersion: extensions/v1beta1
|
||||||
|
kind: Ingress
|
||||||
|
metadata:
|
||||||
|
name: grafana
|
||||||
|
namespace: monitoring
|
||||||
|
spec:
|
||||||
|
rules:
|
||||||
|
- host: grafana.internal.carlosedp.com
|
||||||
|
http:
|
||||||
|
paths:
|
||||||
|
- backend:
|
||||||
|
serviceName: grafana
|
||||||
|
servicePort: http
|
||||||
|
path: /
|
14
manifests/ingress-prometheus-k8s.yaml
Normal file
14
manifests/ingress-prometheus-k8s.yaml
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
apiVersion: extensions/v1beta1
|
||||||
|
kind: Ingress
|
||||||
|
metadata:
|
||||||
|
name: prometheus-k8s
|
||||||
|
namespace: monitoring
|
||||||
|
spec:
|
||||||
|
rules:
|
||||||
|
- host: prometheus.internal.carlosedp.com
|
||||||
|
http:
|
||||||
|
paths:
|
||||||
|
- backend:
|
||||||
|
serviceName: prometheus-k8s
|
||||||
|
servicePort: web
|
||||||
|
path: /
|
69
manifests/kube-state-metrics-clusterRole.yaml
Normal file
69
manifests/kube-state-metrics-clusterRole.yaml
Normal file
@ -0,0 +1,69 @@
|
|||||||
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
|
kind: ClusterRole
|
||||||
|
metadata:
|
||||||
|
name: kube-state-metrics
|
||||||
|
rules:
|
||||||
|
- apiGroups:
|
||||||
|
- ""
|
||||||
|
resources:
|
||||||
|
- configmaps
|
||||||
|
- secrets
|
||||||
|
- nodes
|
||||||
|
- pods
|
||||||
|
- services
|
||||||
|
- resourcequotas
|
||||||
|
- replicationcontrollers
|
||||||
|
- limitranges
|
||||||
|
- persistentvolumeclaims
|
||||||
|
- persistentvolumes
|
||||||
|
- namespaces
|
||||||
|
- endpoints
|
||||||
|
verbs:
|
||||||
|
- list
|
||||||
|
- watch
|
||||||
|
- apiGroups:
|
||||||
|
- extensions
|
||||||
|
resources:
|
||||||
|
- daemonsets
|
||||||
|
- deployments
|
||||||
|
- replicasets
|
||||||
|
verbs:
|
||||||
|
- list
|
||||||
|
- watch
|
||||||
|
- apiGroups:
|
||||||
|
- apps
|
||||||
|
resources:
|
||||||
|
- statefulsets
|
||||||
|
- daemonsets
|
||||||
|
- deployments
|
||||||
|
- replicasets
|
||||||
|
verbs:
|
||||||
|
- list
|
||||||
|
- watch
|
||||||
|
- apiGroups:
|
||||||
|
- batch
|
||||||
|
resources:
|
||||||
|
- cronjobs
|
||||||
|
- jobs
|
||||||
|
verbs:
|
||||||
|
- list
|
||||||
|
- watch
|
||||||
|
- apiGroups:
|
||||||
|
- autoscaling
|
||||||
|
resources:
|
||||||
|
- horizontalpodautoscalers
|
||||||
|
verbs:
|
||||||
|
- list
|
||||||
|
- watch
|
||||||
|
- apiGroups:
|
||||||
|
- authentication.k8s.io
|
||||||
|
resources:
|
||||||
|
- tokenreviews
|
||||||
|
verbs:
|
||||||
|
- create
|
||||||
|
- apiGroups:
|
||||||
|
- authorization.k8s.io
|
||||||
|
resources:
|
||||||
|
- subjectaccessreviews
|
||||||
|
verbs:
|
||||||
|
- create
|
12
manifests/kube-state-metrics-clusterRoleBinding.yaml
Normal file
12
manifests/kube-state-metrics-clusterRoleBinding.yaml
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
|
kind: ClusterRoleBinding
|
||||||
|
metadata:
|
||||||
|
name: kube-state-metrics
|
||||||
|
roleRef:
|
||||||
|
apiGroup: rbac.authorization.k8s.io
|
||||||
|
kind: ClusterRole
|
||||||
|
name: kube-state-metrics
|
||||||
|
subjects:
|
||||||
|
- kind: ServiceAccount
|
||||||
|
name: kube-state-metrics
|
||||||
|
namespace: monitoring
|
53
manifests/kube-state-metrics-deployment.yaml
Normal file
53
manifests/kube-state-metrics-deployment.yaml
Normal file
@ -0,0 +1,53 @@
|
|||||||
|
apiVersion: apps/v1beta2
|
||||||
|
kind: Deployment
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
app: kube-state-metrics
|
||||||
|
name: kube-state-metrics
|
||||||
|
namespace: monitoring
|
||||||
|
spec:
|
||||||
|
replicas: 1
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
app: kube-state-metrics
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
app: kube-state-metrics
|
||||||
|
spec:
|
||||||
|
containers:
|
||||||
|
- command:
|
||||||
|
- /pod_nanny
|
||||||
|
- --container=kube-state-metrics
|
||||||
|
- --cpu=100m
|
||||||
|
- --extra-cpu=2m
|
||||||
|
- --memory=150Mi
|
||||||
|
- --extra-memory=30Mi
|
||||||
|
- --acceptance-offset=5
|
||||||
|
- --deployment=kube-state-metrics
|
||||||
|
env:
|
||||||
|
- name: MY_POD_NAME
|
||||||
|
valueFrom:
|
||||||
|
fieldRef:
|
||||||
|
apiVersion: v1
|
||||||
|
fieldPath: metadata.name
|
||||||
|
- name: MY_POD_NAMESPACE
|
||||||
|
valueFrom:
|
||||||
|
fieldRef:
|
||||||
|
apiVersion: v1
|
||||||
|
fieldPath: metadata.namespace
|
||||||
|
image: carlosedp/addon-resizer:2.1
|
||||||
|
name: addon-resizer
|
||||||
|
resources:
|
||||||
|
limits:
|
||||||
|
cpu: 50m
|
||||||
|
memory: 30Mi
|
||||||
|
requests:
|
||||||
|
cpu: 10m
|
||||||
|
memory: 30Mi
|
||||||
|
nodeSelector:
|
||||||
|
beta.kubernetes.io/os: linux
|
||||||
|
securityContext:
|
||||||
|
runAsNonRoot: true
|
||||||
|
runAsUser: 65534
|
||||||
|
serviceAccountName: kube-state-metrics
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user