easylinux/kube-prometheus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

jsonnet: unify metadata management

Browse Source
This commit is contained in:
paulfantom
2021-11-01 11:19:34 +01:00
parent ba8ec69845
commit 1870702831
9 changed files with 156 additions and 253 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
jsonnet/kube-prometheus/components/alertmanager.libsonnet
View File

@@ -77,6 +77,11 @@ function(params) {
// Safety check
assert std.isObject(am._config.resources),
assert std.isObject(am._config.mixin._config),
_metadata:: {
name: 'alertmanager-' + am._config.name,
namespace: am._config.namespace,
labels: am._config.commonLabels,
},
mixin:: (import 'github.com/prometheus/alertmanager/doc/alertmanager-mixin/mixin.libsonnet') +
(import 'github.com/kubernetes-monitoring/kubernetes-mixin/lib/add-runbook-links.libsonnet') {
@@ -86,10 +91,9 @@ function(params) {
prometheusRule: {
apiVersion: 'monitoring.coreos.com/v1',
kind: 'PrometheusRule',
metadata: {
labels: am._config.commonLabels + am._config.mixin.ruleLabels,
name: 'alertmanager-' + am._config.name + '-rules',
namespace: am._config.namespace,
metadata: am._metadata {
labels+: am._config.mixin.ruleLabels,
name: am._metadata.name + '-rules',
},
spec: {
local r = if std.objectHasAll(am.mixin, 'prometheusRules') then am.mixin.prometheusRules.groups else [],
@@ -102,10 +106,8 @@ function(params) {
apiVersion: 'v1',
kind: 'Secret',
type: 'Opaque',
metadata: {
name: 'alertmanager-' + am._config.name,
namespace: am._config.namespace,
labels: { alertmanager: am._config.name } + am._config.commonLabels,
metadata: am._metadata {
labels+: { alertmanager: am._config.name },
},
stringData: {
'alertmanager.yaml': if std.type(am._config.config) == 'object'
@@ -119,20 +121,16 @@ function(params) {
serviceAccount: {
apiVersion: 'v1',
kind: 'ServiceAccount',
metadata: {
name: 'alertmanager-' + am._config.name,
namespace: am._config.namespace,
labels: { alertmanager: am._config.name } + am._config.commonLabels,
metadata: am._metadata {
labels+: { alertmanager: am._config.name },
},
},
service: {
apiVersion: 'v1',
kind: 'Service',
metadata: {
name: 'alertmanager-' + am._config.name,
namespace: am._config.namespace,
labels: { alertmanager: am._config.name } + am._config.commonLabels,
metadata: am._metadata {
labels+: { alertmanager: am._config.name },
},
spec: {
ports: [
@@ -149,11 +147,7 @@ function(params) {
serviceMonitor: {
apiVersion: 'monitoring.coreos.com/v1',
kind: 'ServiceMonitor',
metadata: {
name: 'alertmanager',
namespace: am._config.namespace,
labels: am._config.commonLabels,
},
metadata: am._metadata,
spec: {
selector: {
matchLabels: {
@@ -170,11 +164,7 @@ function(params) {
[if (defaults + params).replicas > 1 then 'podDisruptionBudget']: {
apiVersion: 'policy/v1',
kind: 'PodDisruptionBudget',
metadata: {
name: 'alertmanager-' + am._config.name,
namespace: am._config.namespace,
labels: am._config.commonLabels,
},
metadata: am._metadata,
spec: {
maxUnavailable: 1,
selector: {
@@ -188,23 +178,22 @@ function(params) {
alertmanager: {
apiVersion: 'monitoring.coreos.com/v1',
kind: 'Alertmanager',
metadata: {
metadata: am._metadata {
name: am._config.name,
namespace: am._config.namespace,
labels: {
labels+: {
alertmanager: am._config.name,
} + am._config.commonLabels,
},
},
spec: {
replicas: am._config.replicas,
version: am._config.version,
image: am._config.image,
podMetadata: {
labels: am._config.commonLabels,
labels: am._metadata.labels,
},
resources: am._config.resources,
nodeSelector: { 'kubernetes.io/os': 'linux' },
serviceAccountName: 'alertmanager-' + am._config.name,
serviceAccountName: am._metadata.name,
securityContext: {
runAsUser: 1000,
runAsNonRoot: true,

69
jsonnet/kube-prometheus/components/blackbox-exporter.libsonnet
View File

@@ -92,14 +92,17 @@ function(params) {
_config:: defaults + params,
// Safety check
assert std.isObject(bb._config.resources),
_metadata:: {
name: 'blackbox-exporter',
namespace: bb._config.namespace,
labels: bb._config.commonLabels,
},
configuration: {
apiVersion: 'v1',
kind: 'ConfigMap',
metadata: {
metadata: bb._metadata {
name: 'blackbox-exporter-configuration',
namespace: bb._config.namespace,
labels: bb._config.commonLabels,
},
data: {
'config.yml': std.manifestYamlDoc({ modules: bb._config.modules }),
@@ -109,10 +112,7 @@ function(params) {
serviceAccount: {
apiVersion: 'v1',
kind: 'ServiceAccount',
metadata: {
name: 'blackbox-exporter',
namespace: bb._config.namespace,
},
metadata: bb._metadata,
},
clusterRole: {
@@ -138,9 +138,7 @@ function(params) {
clusterRoleBinding: {
apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'ClusterRoleBinding',
metadata: {
name: 'blackbox-exporter',
},
metadata: bb._metadata,
roleRef: {
apiGroup: 'rbac.authorization.k8s.io',
kind: 'ClusterRole',
@@ -212,11 +210,7 @@ function(params) {
{
apiVersion: 'apps/v1',
kind: 'Deployment',
metadata: {
name: 'blackbox-exporter',
namespace: bb._config.namespace,
labels: bb._config.commonLabels,
},
metadata: bb._metadata,
spec: {
replicas: bb._config.replicas,
selector: { matchLabels: bb._config.selectorLabels },
@@ -243,11 +237,7 @@ function(params) {
service: {
apiVersion: 'v1',
kind: 'Service',
metadata: {
name: 'blackbox-exporter',
namespace: bb._config.namespace,
labels: bb._config.commonLabels,
},
metadata: bb._metadata,
spec: {
ports: [{
name: 'https',
@@ -262,29 +252,24 @@ function(params) {
},
},
serviceMonitor:
{
apiVersion: 'monitoring.coreos.com/v1',
kind: 'ServiceMonitor',
metadata: {
name: 'blackbox-exporter',
namespace: bb._config.namespace,
labels: bb._config.commonLabels,
},
spec: {
endpoints: [{
bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token',
interval: '30s',
path: '/metrics',
port: 'https',
scheme: 'https',
tlsConfig: {
insecureSkipVerify: true,
},
}],
selector: {
matchLabels: bb._config.selectorLabels,
serviceMonitor: {
apiVersion: 'monitoring.coreos.com/v1',
kind: 'ServiceMonitor',
metadata: bb._metadata,
spec: {
endpoints: [{
bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token',
interval: '30s',
path: '/metrics',
port: 'https',
scheme: 'https',
tlsConfig: {
insecureSkipVerify: true,
},
}],
selector: {
matchLabels: bb._config.selectorLabels,
},
},
},
}

11
jsonnet/kube-prometheus/components/grafana.libsonnet
View File

@@ -32,15 +32,16 @@ function(params)
kubernetesGrafana(config) {
local g = self,
_config+:: config,
_metadata:: {
name: 'grafana',
namespace: g._config.namespace,
labels: g._config.commonLabels,
},
serviceMonitor: {
apiVersion: 'monitoring.coreos.com/v1',
kind: 'ServiceMonitor',
metadata: {
name: 'grafana',
namespace: g._config.namespace,
labels: g._config.commonLabels,
},
metadata: g._metadata,
spec: {
selector: {
matchLabels: {

41
jsonnet/kube-prometheus/components/k8s-control-plane.libsonnet
View File

@@ -28,6 +28,10 @@ local defaults = {
function(params) {
local k8s = self,
_config:: defaults + params,
_metadata:: {
labels: k8s._config.commonLabels,
namespace: k8s._config.namespace,
},
mixin:: (import 'github.com/kubernetes-monitoring/kubernetes-mixin/mixin.libsonnet') {
_config+:: k8s._config.mixin._config,
@@ -36,10 +40,9 @@ function(params) {
prometheusRule: {
apiVersion: 'monitoring.coreos.com/v1',
kind: 'PrometheusRule',
metadata: {
labels: k8s._config.commonLabels + k8s._config.mixin.ruleLabels,
metadata: k8s._metadata {
name: 'kubernetes-monitoring-rules',
namespace: k8s._config.namespace,
labels+: k8s._config.mixin.ruleLabels,
},
spec: {
local r = if std.objectHasAll(k8s.mixin, 'prometheusRules') then k8s.mixin.prometheusRules.groups else {},
@@ -51,10 +54,9 @@ function(params) {
serviceMonitorKubeScheduler: {
apiVersion: 'monitoring.coreos.com/v1',
kind: 'ServiceMonitor',
metadata: {
metadata: k8s._metadata {
name: 'kube-scheduler',
namespace: k8s._config.namespace,
labels: { 'app.kubernetes.io/name': 'kube-scheduler' },
labels+: { 'app.kubernetes.io/name': 'kube-scheduler' },
},
spec: {
jobLabel: 'app.kubernetes.io/name',
@@ -77,10 +79,9 @@ function(params) {
serviceMonitorKubelet: {
apiVersion: 'monitoring.coreos.com/v1',
kind: 'ServiceMonitor',
metadata: {
metadata: k8s._metadata {
name: 'kubelet',
namespace: k8s._config.namespace,
labels: { 'app.kubernetes.io/name': 'kubelet' },
labels+: { 'app.kubernetes.io/name': 'kubelet' },
},
spec: {
jobLabel: 'app.kubernetes.io/name',
@@ -172,10 +173,9 @@ function(params) {
serviceMonitorKubeControllerManager: {
apiVersion: 'monitoring.coreos.com/v1',
kind: 'ServiceMonitor',
metadata: {
metadata: k8s._metadata {
name: 'kube-controller-manager',
namespace: k8s._config.namespace,
labels: { 'app.kubernetes.io/name': 'kube-controller-manager' },
labels+: { 'app.kubernetes.io/name': 'kube-controller-manager' },
},
spec: {
jobLabel: 'app.kubernetes.io/name',
@@ -207,10 +207,9 @@ function(params) {
serviceMonitorApiserver: {
apiVersion: 'monitoring.coreos.com/v1',
kind: 'ServiceMonitor',
metadata: {
metadata: k8s._metadata {
name: 'kube-apiserver',
namespace: k8s._config.namespace,
labels: { 'app.kubernetes.io/name': 'apiserver' },
labels+: { 'app.kubernetes.io/name': 'apiserver' },
},
spec: {
jobLabel: 'component',
@@ -261,12 +260,9 @@ function(params) {
[if (defaults + params).kubeProxy then 'podMonitorKubeProxy']: {
apiVersion: 'monitoring.coreos.com/v1',
kind: 'PodMonitor',
metadata: {
labels: {
'k8s-app': 'kube-proxy',
},
metadata: k8s._metadata {
labels+: { 'k8s-app': 'kube-proxy' },
name: 'kube-proxy',
namespace: k8s._config.namespace,
},
spec: {
jobLabel: 'k8s-app',
@@ -300,10 +296,9 @@ function(params) {
serviceMonitorCoreDNS: {
apiVersion: 'monitoring.coreos.com/v1',
kind: 'ServiceMonitor',
metadata: {
metadata: k8s._metadata {
name: 'coredns',
namespace: k8s._config.namespace,
labels: { 'app.kubernetes.io/name': 'coredns' },
labels+: { 'app.kubernetes.io/name': 'coredns' },
},
spec: {
jobLabel: 'app.kubernetes.io/name',

17
jsonnet/kube-prometheus/components/kube-state-metrics.libsonnet
View File

@@ -54,6 +54,12 @@ function(params) (import 'github.com/kubernetes/kube-state-metrics/jsonnet/kube-
commonLabels:: ksm._config.commonLabels,
podLabels:: ksm._config.selectorLabels,
_metadata:: {
labels: ksm._config.commonLabels,
name: ksm._config.name,
namespace: ksm._config.namespace,
},
mixin:: (import 'github.com/kubernetes/kube-state-metrics/jsonnet/kube-state-metrics-mixin/mixin.libsonnet') +
(import 'github.com/kubernetes-monitoring/kubernetes-mixin/lib/add-runbook-links.libsonnet') {
_config+:: ksm._config.mixin._config,
@@ -62,10 +68,9 @@ function(params) (import 'github.com/kubernetes/kube-state-metrics/jsonnet/kube-
prometheusRule: {
apiVersion: 'monitoring.coreos.com/v1',
kind: 'PrometheusRule',
metadata: {
labels: ksm._config.commonLabels + ksm._config.mixin.ruleLabels,
metadata: ksm._metadata {
labels+: ksm._config.mixin.ruleLabels,
name: ksm._config.name + '-rules',
namespace: ksm._config.namespace,
},
spec: {
local r = if std.objectHasAll(ksm.mixin, 'prometheusRules') then ksm.mixin.prometheusRules.groups else [],
@@ -135,11 +140,7 @@ function(params) (import 'github.com/kubernetes/kube-state-metrics/jsonnet/kube-
{
apiVersion: 'monitoring.coreos.com/v1',
kind: 'ServiceMonitor',
metadata: {
name: ksm.name,
namespace: ksm._config.namespace,
labels: ksm._config.commonLabels,
},
metadata: ksm._metadata,
spec: {
jobLabel: 'app.kubernetes.io/name',
selector: { matchLabels: ksm._config.selectorLabels },

46
jsonnet/kube-prometheus/components/node-exporter.libsonnet
View File

@@ -49,6 +49,11 @@ function(params) {
// Safety check
assert std.isObject(ne._config.resources),
assert std.isObject(ne._config.mixin._config),
_metadata:: {
name: ne._config.name,
namespace: ne._config.namespace,
labels: ne._config.commonLabels,
},
mixin:: (import 'github.com/prometheus/node_exporter/docs/node-mixin/mixin.libsonnet') +
(import 'github.com/kubernetes-monitoring/kubernetes-mixin/lib/add-runbook-links.libsonnet') {
@@ -58,10 +63,9 @@ function(params) {
prometheusRule: {
apiVersion: 'monitoring.coreos.com/v1',
kind: 'PrometheusRule',
metadata: {
labels: ne._config.commonLabels + ne._config.mixin.ruleLabels,
metadata: ne._metadata {
labels+: ne._config.mixin.ruleLabels,
name: ne._config.name + '-rules',
namespace: ne._config.namespace,
},
spec: {
local r = if std.objectHasAll(ne.mixin, 'prometheusRules') then ne.mixin.prometheusRules.groups else [],
@@ -73,10 +77,7 @@ function(params) {
clusterRoleBinding: {
apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'ClusterRoleBinding',
metadata: {
name: ne._config.name,
labels: ne._config.commonLabels,
},
metadata: ne._metadata,
roleRef: {
apiGroup: 'rbac.authorization.k8s.io',
kind: 'ClusterRole',
@@ -92,10 +93,7 @@ function(params) {
clusterRole: {
apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'ClusterRole',
metadata: {
name: ne._config.name,
labels: ne._config.commonLabels,
},
metadata: ne._metadata,
rules: [
{
apiGroups: ['authentication.k8s.io'],
@@ -113,21 +111,13 @@ function(params) {
serviceAccount: {
apiVersion: 'v1',
kind: 'ServiceAccount',
metadata: {
name: ne._config.name,
namespace: ne._config.namespace,
labels: ne._config.commonLabels,
},
metadata: ne._metadata,
},
service: {
apiVersion: 'v1',
kind: 'Service',
metadata: {
name: ne._config.name,
namespace: ne._config.namespace,
labels: ne._config.commonLabels,
},
metadata: ne._metadata,
spec: {
ports: [
{ name: 'https', targetPort: 'https', port: ne._config.port },
@@ -140,11 +130,7 @@ function(params) {
serviceMonitor: {
apiVersion: 'monitoring.coreos.com/v1',
kind: 'ServiceMonitor',
metadata: {
name: ne._config.name,
namespace: ne._config.namespace,
labels: ne._config.commonLabels,
},
metadata: ne._metadata,
spec: {
jobLabel: 'app.kubernetes.io/name',
selector: {
@@ -221,11 +207,7 @@ function(params) {
{
apiVersion: 'apps/v1',
kind: 'DaemonSet',
metadata: {
name: ne._config.name,
namespace: ne._config.namespace,
labels: ne._config.commonLabels,
},
metadata: ne._metadata,
spec: {
selector: { matchLabels: ne._config.selectorLabels },
updateStrategy: {
@@ -260,6 +242,4 @@ function(params) {
},
},
},
}

65
jsonnet/kube-prometheus/components/prometheus-adapter.libsonnet
View File

@@ -120,6 +120,12 @@ function(params) {
// Safety check
assert std.isObject(pa._config.resources),
_metadata:: {
name: pa._config.name,
namespace: pa._config.namespace,
labels: pa._config.commonLabels,
},
apiService: {
apiVersion: 'apiregistration.k8s.io/v1',
kind: 'APIService',
@@ -143,10 +149,8 @@ function(params) {
configMap: {
apiVersion: 'v1',
kind: 'ConfigMap',
metadata: {
metadata: pa._metadata {
name: 'adapter-config',
namespace: pa._config.namespace,
labels: pa._config.commonLabels,
},
data: { 'config.yaml': std.manifestYamlDoc(pa._config.config) },
},
@@ -154,11 +158,7 @@ function(params) {
serviceMonitor: {
apiVersion: 'monitoring.coreos.com/v1',
kind: 'ServiceMonitor',
metadata: {
name: pa._config.name,
namespace: pa._config.namespace,
labels: pa._config.commonLabels,
},
metadata: pa._metadata,
spec: {
selector: {
matchLabels: pa._config.selectorLabels,
@@ -195,11 +195,7 @@ function(params) {
service: {
apiVersion: 'v1',
kind: 'Service',
metadata: {
name: pa._config.name,
namespace: pa._config.namespace,
labels: pa._config.commonLabels,
},
metadata: pa._metadata,
spec: {
ports: [
{ name: 'https', targetPort: 6443, port: 443 },
@@ -233,11 +229,7 @@ function(params) {
{
apiVersion: 'apps/v1',
kind: 'Deployment',
metadata: {
name: pa._config.name,
namespace: pa._config.namespace,
labels: pa._config.commonLabels,
},
metadata: pa._metadata,
spec: {
replicas: pa._config.replicas,
selector: { matchLabels: pa._config.selectorLabels },
@@ -266,20 +258,13 @@ function(params) {
serviceAccount: {
apiVersion: 'v1',
kind: 'ServiceAccount',
metadata: {
name: pa._config.name,
namespace: pa._config.namespace,
labels: pa._config.commonLabels,
},
metadata: pa._metadata,
},
clusterRole: {
apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'ClusterRole',
metadata: {
name: pa._config.name,
labels: pa._config.commonLabels,
},
metadata: pa._metadata,
rules: [{
apiGroups: [''],
resources: ['nodes', 'namespaces', 'pods', 'services'],
@@ -290,10 +275,7 @@ function(params) {
clusterRoleBinding: {
apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'ClusterRoleBinding',
metadata: {
name: pa._config.name,
labels: pa._config.commonLabels,
},
metadata: pa._metadata,
roleRef: {
apiGroup: 'rbac.authorization.k8s.io',
kind: 'ClusterRole',
@@ -309,9 +291,8 @@ function(params) {
clusterRoleBindingDelegator: {
apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'ClusterRoleBinding',
metadata: {
metadata: pa._metadata {
name: 'resource-metrics:system:auth-delegator',
labels: pa._config.commonLabels,
},
roleRef: {
apiGroup: 'rbac.authorization.k8s.io',
@@ -328,9 +309,8 @@ function(params) {
clusterRoleServerResources: {
apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'ClusterRole',
metadata: {
metadata: pa._metadata {
name: 'resource-metrics-server-resources',
labels: pa._config.commonLabels,
},
rules: [{
apiGroups: ['metrics.k8s.io'],
@@ -342,13 +322,13 @@ function(params) {
clusterRoleAggregatedMetricsReader: {
apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'ClusterRole',
metadata: {
metadata: pa._metadata {
name: 'system:aggregated-metrics-reader',
labels: {
labels+: {
'rbac.authorization.k8s.io/aggregate-to-admin': 'true',
'rbac.authorization.k8s.io/aggregate-to-edit': 'true',
'rbac.authorization.k8s.io/aggregate-to-view': 'true',
} + pa._config.commonLabels,
},
},
rules: [{
apiGroups: ['metrics.k8s.io'],
@@ -360,10 +340,9 @@ function(params) {
roleBindingAuthReader: {
apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'RoleBinding',
metadata: {
metadata: pa._metadata {
name: 'resource-metrics-auth-reader',
namespace: 'kube-system',
labels: pa._config.commonLabels,
},
roleRef: {
apiGroup: 'rbac.authorization.k8s.io',
@@ -380,11 +359,7 @@ function(params) {
[if (defaults + params).replicas > 1 then 'podDisruptionBudget']: {
apiVersion: 'policy/v1',
kind: 'PodDisruptionBudget',
metadata: {
name: pa._config.name,
namespace: pa._config.namespace,
labels: pa._config.commonLabels,
},
metadata: pa._metadata,
spec: {
minAvailable: 1,
selector: {

5
jsonnet/kube-prometheus/components/prometheus-operator.libsonnet
View File

@@ -45,6 +45,11 @@ function(params)
local po = self,
// declare variable as a field to allow overriding options and to have unified API across all components
_config:: config,
_metadata:: {
labels: po._config.commonLabels,
name: po._config.name,
namespace: po._config.namespace,
},
mixin:: (import 'github.com/prometheus-operator/prometheus-operator/jsonnet/mixin/mixin.libsonnet') +
(import 'github.com/kubernetes-monitoring/kubernetes-mixin/lib/add-runbook-links.libsonnet') {
_config+:: po._config.mixin._config,

102
jsonnet/kube-prometheus/components/prometheus.libsonnet
View File

@@ -45,6 +45,11 @@ function(params) {
// Safety check
assert std.isObject(p._config.resources),
assert std.isObject(p._config.mixin._config),
_metadata:: {
name: 'prometheus-' + p._config.name,
namespace: p._config.namespace,
labels: p._config.commonLabels,
},
mixin::
(import 'github.com/prometheus/prometheus/documentation/prometheus-mixin/mixin.libsonnet') +
@@ -67,10 +72,9 @@ function(params) {
prometheusRule: {
apiVersion: 'monitoring.coreos.com/v1',
kind: 'PrometheusRule',
metadata: {
labels: p._config.commonLabels + p._config.mixin.ruleLabels,
name: 'prometheus-' + p._config.name + '-prometheus-rules',
namespace: p._config.namespace,
metadata: p._metadata {
labels+: p._config.mixin.ruleLabels,
name: p._metadata.name + '-prometheus-rules',
},
spec: {
local r = if std.objectHasAll(p.mixin, 'prometheusRules') then p.mixin.prometheusRules.groups else [],
@@ -82,20 +86,14 @@ function(params) {
serviceAccount: {
apiVersion: 'v1',
kind: 'ServiceAccount',
metadata: {
name: 'prometheus-' + p._config.name,
namespace: p._config.namespace,
labels: p._config.commonLabels,
},
metadata: p._metadata,
},
service: {
apiVersion: 'v1',
kind: 'Service',
metadata: {
name: 'prometheus-' + p._config.name,
namespace: p._config.namespace,
labels: { prometheus: p._config.name } + p._config.commonLabels,
metadata: p._metadata {
labels+: { prometheus: p._config.name },
},
spec: {
ports: [
@@ -116,10 +114,8 @@ function(params) {
local newSpecificRoleBinding(namespace) = {
apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'RoleBinding',
metadata: {
name: 'prometheus-' + p._config.name,
metadata: p._metadata {
namespace: namespace,
labels: p._config.commonLabels,
},
roleRef: {
apiGroup: 'rbac.authorization.k8s.io',
@@ -141,10 +137,7 @@ function(params) {
clusterRole: {
apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'ClusterRole',
metadata: {
name: 'prometheus-' + p._config.name,
labels: p._config.commonLabels,
},
metadata: p._metadata,
rules: [
{
apiGroups: [''],
@@ -161,10 +154,8 @@ function(params) {
roleConfig: {
apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'Role',
metadata: {
name: 'prometheus-' + p._config.name + '-config',
namespace: p._config.namespace,
labels: p._config.commonLabels,
metadata: p._metadata {
name: p._metadata.name + '-config',
},
rules: [{
apiGroups: [''],
@@ -176,19 +167,17 @@ function(params) {
roleBindingConfig: {
apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'RoleBinding',
metadata: {
name: 'prometheus-' + p._config.name + '-config',
namespace: p._config.namespace,
labels: p._config.commonLabels,
metadata: p._metadata {
name: p._metadata.name + '-config',
},
roleRef: {
apiGroup: 'rbac.authorization.k8s.io',
kind: 'Role',
name: 'prometheus-' + p._config.name + '-config',
name: p._metadata.name + '-config',
},
subjects: [{
kind: 'ServiceAccount',
name: 'prometheus-' + p._config.name,
name: p._metadata.name,
namespace: p._config.namespace,
}],
},
@@ -196,18 +185,15 @@ function(params) {
clusterRoleBinding: {
apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'ClusterRoleBinding',
metadata: {
name: 'prometheus-' + p._config.name,
labels: p._config.commonLabels,
},
metadata: p._metadata,
roleRef: {
apiGroup: 'rbac.authorization.k8s.io',
kind: 'ClusterRole',
name: 'prometheus-' + p._config.name,
name: p._metadata.name,
},
subjects: [{
kind: 'ServiceAccount',
name: 'prometheus-' + p._config.name,
name: p._metadata.name,
namespace: p._config.namespace,
}],
},
@@ -216,10 +202,8 @@ function(params) {
local newSpecificRole(namespace) = {
apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'Role',
metadata: {
name: 'prometheus-' + p._config.name,
metadata: p._metadata {
namespace: namespace,
labels: p._config.commonLabels,
},
rules: [
{
@@ -248,11 +232,7 @@ function(params) {
[if (defaults + params).replicas > 1 then 'podDisruptionBudget']: {
apiVersion: 'policy/v1',
kind: 'PodDisruptionBudget',
metadata: {
name: 'prometheus-' + p._config.name,
namespace: p._config.namespace,
labels: p._config.commonLabels,
},
metadata: p._metadata,
spec: {
minAvailable: 1,
selector: {
@@ -266,21 +246,20 @@ function(params) {
prometheus: {
apiVersion: 'monitoring.coreos.com/v1',
kind: 'Prometheus',
metadata: {
metadata: p._metadata {
name: p._config.name,
namespace: p._config.namespace,
labels: { prometheus: p._config.name } + p._config.commonLabels,
labels+: { prometheus: p._config.name },
},
spec: {
replicas: p._config.replicas,
version: p._config.version,
image: p._config.image,
podMetadata: {
labels: p._config.commonLabels,
labels: p._metadata.labels,
},
externalLabels: p._config.externalLabels,
enableFeatures: p._config.enableFeatures,
serviceAccountName: 'prometheus-' + p._config.name,
serviceAccountName: p._metadata.name,
podMonitorSelector: {},
podMonitorNamespaceSelector: {},
probeSelector: {},
@@ -311,11 +290,7 @@ function(params) {
serviceMonitor: {
apiVersion: 'monitoring.coreos.com/v1',
kind: 'ServiceMonitor',
metadata: {
name: 'prometheus-' + p._config.name,
namespace: p._config.namespace,
labels: p._config.commonLabels,
},
metadata: p._metadata,
spec: {
selector: {
matchLabels: p._config.selectorLabels,
@@ -331,10 +306,9 @@ function(params) {
[if std.objectHas(params, 'thanos') && params.thanos != null then 'prometheusRuleThanosSidecar']: {
apiVersion: 'monitoring.coreos.com/v1',
kind: 'PrometheusRule',
metadata: {
labels: p._config.commonLabels + p._config.mixin.ruleLabels,
name: 'prometheus-' + p._config.name + '-thanos-sidecar-rules',
namespace: p._config.namespace,
metadata: p._metadata {
labels+: p._config.mixin.ruleLabels,
name: p._metadata.name + '-thanos-sidecar-rules',
},
spec: {
local r = if std.objectHasAll(p.mixinThanos, 'prometheusRules') then p.mixinThanos.prometheusRules.groups else [],
@@ -347,10 +321,9 @@ function(params) {
[if std.objectHas(params, 'thanos') && params.thanos != null then 'serviceThanosSidecar']: {
apiVersion: 'v1',
kind: 'Service',
metadata+: {
name: 'prometheus-' + p._config.name + '-thanos-sidecar',
namespace: p._config.namespace,
labels+: p._config.commonLabels {
metadata+: p._metadata {
name: p._metadata.name + '-thanos-sidecar',
labels+: {
prometheus: p._config.name,
'app.kubernetes.io/component': 'thanos-sidecar',
},
@@ -372,10 +345,9 @@ function(params) {
[if std.objectHas(params, 'thanos') && params.thanos != null then 'serviceMonitorThanosSidecar']: {
apiVersion: 'monitoring.coreos.com/v1',
kind: 'ServiceMonitor',
metadata+: {
metadata+: p._metadata {
name: 'thanos-sidecar',
namespace: p._config.namespace,
labels: p._config.commonLabels {
labels+: {
prometheus: p._config.name,
'app.kubernetes.io/component': 'thanos-sidecar',
},