kube-prometheus: Extract prometheus-operator jsonnet out of contrib

This commit is contained in:
Frederic Branczyk
2018-06-06 11:19:17 +02:00
parent c13b0556ba
commit 1d5623d4a0
10 changed files with 43 additions and 189 deletions

View File

@@ -7,13 +7,7 @@ generate: image
@echo ">> Compiling assets and generating Kubernetes manifests" @echo ">> Compiling assets and generating Kubernetes manifests"
docker run --rm -u=$(shell id -u $(USER)):$(shell id -g $(USER)) -v $(shell dirname $(dir $(abspath $(dir $$PWD)))):/go/src/github.com/coreos/prometheus-operator/ --workdir /go/src/github.com/coreos/prometheus-operator/contrib/kube-prometheus po-jsonnet make generate-raw docker run --rm -u=$(shell id -u $(USER)):$(shell id -g $(USER)) -v $(shell dirname $(dir $(abspath $(dir $$PWD)))):/go/src/github.com/coreos/prometheus-operator/ --workdir /go/src/github.com/coreos/prometheus-operator/contrib/kube-prometheus po-jsonnet make generate-raw
crdtojsonnet: generate-raw: fmt
cat ../../example/prometheus-operator-crd/alertmanager.crd.yaml | gojsontoyaml -yamltojson > jsonnet/kube-prometheus/prometheus-operator/alertmanager-crd.libsonnet
cat ../../example/prometheus-operator-crd/prometheus.crd.yaml | gojsontoyaml -yamltojson > jsonnet/kube-prometheus/prometheus-operator/prometheus-crd.libsonnet
cat ../../example/prometheus-operator-crd/servicemonitor.crd.yaml | gojsontoyaml -yamltojson > jsonnet/kube-prometheus/prometheus-operator/servicemonitor-crd.libsonnet
cat ../../example/prometheus-operator-crd/prometheusrule.crd.yaml | gojsontoyaml -yamltojson > jsonnet/kube-prometheus/prometheus-operator/prometheusrule-crd.libsonnet
generate-raw: crdtojsonnet fmt
jb install jb install
./build.sh ./build.sh

View File

@@ -29,6 +29,16 @@
} }
}, },
"version": "master" "version": "master"
},
{
"name": "prometheus-operator",
"source": {
"git": {
"remote": "https://github.com/coreos/prometheus-operator",
"subdir": "jsonnet/prometheus-operator"
}
},
"version": "extract-po-jsonnet"
} }
] ]
} }

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

View File

@@ -1,178 +0,0 @@
local k = import 'ksonnet/ksonnet.beta.3/k.libsonnet';
{
_config+:: {
namespace: 'default',
versions+:: {
prometheusOperator: 'v0.20.0',
configmapReloader: 'v0.0.1',
},
imageRepos+:: {
prometheusOperator: 'quay.io/coreos/prometheus-operator',
configmapReloader: 'quay.io/coreos/configmap-reload',
prometheusConfigReloader: 'quay.io/coreos/prometheus-config-reloader',
},
},
prometheusOperator+:: {
// Prefixing with 0 to ensure these manifests are listed and therefore created first.
'0alertmanagerCustomResourceDefinition': import 'alertmanager-crd.libsonnet',
'0prometheusCustomResourceDefinition': import 'prometheus-crd.libsonnet',
'0servicemonitorCustomResourceDefinition': import 'servicemonitor-crd.libsonnet',
'0prometheusruleCustomResourceDefinition': import 'prometheusrule-crd.libsonnet',
clusterRoleBinding:
local clusterRoleBinding = k.rbac.v1.clusterRoleBinding;
clusterRoleBinding.new() +
clusterRoleBinding.mixin.metadata.withName('prometheus-operator') +
clusterRoleBinding.mixin.roleRef.withApiGroup('rbac.authorization.k8s.io') +
clusterRoleBinding.mixin.roleRef.withName('prometheus-operator') +
clusterRoleBinding.mixin.roleRef.mixinInstance({ kind: 'ClusterRole' }) +
clusterRoleBinding.withSubjects([{ kind: 'ServiceAccount', name: 'prometheus-operator', namespace: $._config.namespace }]),
clusterRole:
local clusterRole = k.rbac.v1.clusterRole;
local policyRule = clusterRole.rulesType;
local apiExtensionsRule = policyRule.new() +
policyRule.withApiGroups(['apiextensions.k8s.io']) +
policyRule.withResources([
'customresourcedefinitions',
]) +
policyRule.withVerbs(['*']);
local monitoringRule = policyRule.new() +
policyRule.withApiGroups(['monitoring.coreos.com']) +
policyRule.withResources([
'alertmanagers',
'prometheuses',
'prometheuses/finalizers',
'alertmanagers/finalizers',
'servicemonitors',
'prometheusrules',
]) +
policyRule.withVerbs(['*']);
local appsRule = policyRule.new() +
policyRule.withApiGroups(['apps']) +
policyRule.withResources([
'statefulsets',
]) +
policyRule.withVerbs(['*']);
local coreRule = policyRule.new() +
policyRule.withApiGroups(['']) +
policyRule.withResources([
'configmaps',
'secrets',
]) +
policyRule.withVerbs(['*']);
local podRule = policyRule.new() +
policyRule.withApiGroups(['']) +
policyRule.withResources([
'pods',
]) +
policyRule.withVerbs(['list', 'delete']);
local routingRule = policyRule.new() +
policyRule.withApiGroups(['']) +
policyRule.withResources([
'services',
'endpoints',
]) +
policyRule.withVerbs(['get', 'create', 'update']);
local nodeRule = policyRule.new() +
policyRule.withApiGroups(['']) +
policyRule.withResources([
'nodes',
]) +
policyRule.withVerbs(['list', 'watch']);
local namespaceRule = policyRule.new() +
policyRule.withApiGroups(['']) +
policyRule.withResources([
'namespaces',
]) +
policyRule.withVerbs(['list', 'watch']);
local rules = [apiExtensionsRule, monitoringRule, appsRule, coreRule, podRule, routingRule, nodeRule, namespaceRule];
clusterRole.new() +
clusterRole.mixin.metadata.withName('prometheus-operator') +
clusterRole.withRules(rules),
deployment:
local deployment = k.apps.v1beta2.deployment;
local container = k.apps.v1beta2.deployment.mixin.spec.template.spec.containersType;
local containerPort = container.portsType;
local targetPort = 8080;
local podLabels = { 'k8s-app': 'prometheus-operator' };
local operatorContainer =
container.new('prometheus-operator', $._config.imageRepos.prometheusOperator + ':' + $._config.versions.prometheusOperator) +
container.withPorts(containerPort.newNamed('http', targetPort)) +
container.withArgs([
'--kubelet-service=kube-system/kubelet',
'--config-reloader-image=' + $._config.imageRepos.configmapReloader + ':' + $._config.versions.configmapReloader,
'--prometheus-config-reloader=' + $._config.imageRepos.prometheusConfigReloader + ':' + $._config.versions.prometheusOperator,
]) +
container.mixin.resources.withRequests({ cpu: '100m', memory: '50Mi' }) +
container.mixin.resources.withLimits({ cpu: '200m', memory: '100Mi' });
deployment.new('prometheus-operator', 1, operatorContainer, podLabels) +
deployment.mixin.metadata.withNamespace($._config.namespace) +
deployment.mixin.metadata.withLabels(podLabels) +
deployment.mixin.spec.selector.withMatchLabels(podLabels) +
deployment.mixin.spec.template.spec.withNodeSelector({ 'beta.kubernetes.io/os': 'linux' }) +
deployment.mixin.spec.template.spec.securityContext.withRunAsNonRoot(true) +
deployment.mixin.spec.template.spec.securityContext.withRunAsUser(65534) +
deployment.mixin.spec.template.spec.withServiceAccountName('prometheus-operator'),
serviceAccount:
local serviceAccount = k.core.v1.serviceAccount;
serviceAccount.new('prometheus-operator') +
serviceAccount.mixin.metadata.withNamespace($._config.namespace),
service:
local service = k.core.v1.service;
local servicePort = k.core.v1.service.mixin.spec.portsType;
local poServicePort = servicePort.newNamed('http', 8080, 'http');
service.new('prometheus-operator', $.prometheusOperator.deployment.spec.selector.matchLabels, [poServicePort]) +
service.mixin.metadata.withLabels({ 'k8s-app': 'prometheus-operator' }) +
service.mixin.metadata.withNamespace($._config.namespace) +
service.mixin.spec.withClusterIp('None'),
serviceMonitor:
{
apiVersion: 'monitoring.coreos.com/v1',
kind: 'ServiceMonitor',
metadata: {
name: 'prometheus-operator',
namespace: $._config.namespace,
labels: {
'k8s-app': 'prometheus-operator',
},
},
spec: {
endpoints: [
{
port: 'http',
},
],
selector: {
matchLabels: {
'k8s-app': 'prometheus-operator',
},
},
},
},
},
}

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

View File

@@ -306,6 +306,7 @@ local k = import 'ksonnet/ksonnet.beta.3/k.libsonnet';
port: 'https-metrics', port: 'https-metrics',
scheme: 'https', scheme: 'https',
interval: '30s', interval: '30s',
honorLabels: true,
tlsConfig: { tlsConfig: {
insecureSkipVerify: true, insecureSkipVerify: true,
}, },

View File

@@ -4707,6 +4707,9 @@ data:
}, },
"lines": true, "lines": true,
"linewidth": 1, "linewidth": 1,
"links": [
],
"nullPointMode": "null", "nullPointMode": "null",
"percentage": false, "percentage": false,
"pointradius": 5, "pointradius": 5,
@@ -4795,6 +4798,9 @@ data:
}, },
"lines": true, "lines": true,
"linewidth": 1, "linewidth": 1,
"links": [
],
"nullPointMode": "null", "nullPointMode": "null",
"percentage": false, "percentage": false,
"pointradius": 5, "pointradius": 5,
@@ -4911,6 +4917,9 @@ data:
}, },
"lines": true, "lines": true,
"linewidth": 1, "linewidth": 1,
"links": [
],
"nullPointMode": "null", "nullPointMode": "null",
"percentage": false, "percentage": false,
"pointradius": 5, "pointradius": 5,
@@ -5114,6 +5123,9 @@ data:
}, },
"lines": true, "lines": true,
"linewidth": 1, "linewidth": 1,
"links": [
],
"nullPointMode": "null", "nullPointMode": "null",
"percentage": false, "percentage": false,
"pointradius": 5, "pointradius": 5,
@@ -5317,6 +5329,9 @@ data:
}, },
"lines": true, "lines": true,
"linewidth": 1, "linewidth": 1,
"links": [
],
"nullPointMode": "null", "nullPointMode": "null",
"percentage": false, "percentage": false,
"pointradius": 5, "pointradius": 5,
@@ -5405,6 +5420,9 @@ data:
}, },
"lines": true, "lines": true,
"linewidth": 1, "linewidth": 1,
"links": [
],
"nullPointMode": "null", "nullPointMode": "null",
"percentage": false, "percentage": false,
"pointradius": 5, "pointradius": 5,
@@ -5609,6 +5627,9 @@ data:
}, },
"lines": true, "lines": true,
"linewidth": 1, "linewidth": 1,
"links": [
],
"nullPointMode": "null", "nullPointMode": "null",
"percentage": false, "percentage": false,
"pointradius": 5, "pointradius": 5,
@@ -5725,6 +5746,9 @@ data:
}, },
"lines": true, "lines": true,
"linewidth": 1, "linewidth": 1,
"links": [
],
"nullPointMode": "null", "nullPointMode": "null",
"percentage": false, "percentage": false,
"pointradius": 5, "pointradius": 5,
@@ -5827,6 +5851,9 @@ data:
}, },
"lines": true, "lines": true,
"linewidth": 1, "linewidth": 1,
"links": [
],
"nullPointMode": "null", "nullPointMode": "null",
"percentage": false, "percentage": false,
"pointradius": 5, "pointradius": 5,
@@ -6668,6 +6695,9 @@ data:
}, },
"lines": true, "lines": true,
"linewidth": 1, "linewidth": 1,
"links": [
],
"nullPointMode": "null", "nullPointMode": "null",
"percentage": false, "percentage": false,
"pointradius": 5, "pointradius": 5,

View File

@@ -8,6 +8,7 @@ metadata:
spec: spec:
endpoints: endpoints:
- bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
honorLabels: true
interval: 30s interval: 30s
port: https-metrics port: https-metrics
scheme: https scheme: https