easylinux/kube-prometheus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #682 from paulfantom/follow-up-675

Browse Source 
Fixing issues with kube-rbac-proxy when importing kube-prometheus as a library
This commit is contained in:
Matthias Loibl
2020-09-18 16:35:05 +02:00
committed by GitHub
parent 5fe45c57b6 ea109b463d
commit 59d6843d3d
2 changed files with 120 additions and 116 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
jsonnet/kube-prometheus/kube-prometheus.libsonnet
View File

@@ -1,6 +1,7 @@
local k = import 'github.com/ksonnet/ksonnet-lib/ksonnet.beta.4/k.libsonnet'; local k = import 'github.com/ksonnet/ksonnet-lib/ksonnet.beta.4/k.libsonnet';
local k3 = import 'github.com/ksonnet/ksonnet-lib/ksonnet.beta.3/k.libsonnet'; local k3 = import 'github.com/ksonnet/ksonnet-lib/ksonnet.beta.3/k.libsonnet';
local configMapList = k3.core.v1.configMapList; local configMapList = k3.core.v1.configMapList;
local kubeRbacProxyContainer = import './kube-rbac-proxy/container.libsonnet';
(import 'github.com/brancz/kubernetes-grafana/grafana/grafana.libsonnet') + (import 'github.com/brancz/kubernetes-grafana/grafana/grafana.libsonnet') +
(import './kube-state-metrics/kube-state-metrics.libsonnet') + (import './kube-state-metrics/kube-state-metrics.libsonnet') +
@@ -60,7 +61,7 @@ local configMapList = k3.core.v1.configMapList;
], ],
}, },
} + } +
((import 'kube-prometheus/kube-rbac-proxy/container.libsonnet') { (kubeRbacProxyContainer {
config+:: { config+:: {
kubeRbacProxy: { kubeRbacProxy: {
local cfg = self, local cfg = self,

233
jsonnet/kube-prometheus/kube-state-metrics/kube-state-metrics.libsonnet
View File

@@ -1,3 +1,6 @@
local kubeRbacProxyContainer = import '../kube-rbac-proxy/container.libsonnet';
local ksm = import 'github.com/kubernetes/kube-state-metrics/jsonnet/kube-state-metrics/kube-state-metrics.libsonnet';
{ {
_config+:: { _config+:: {
versions+:: { versions+:: {
@@ -11,119 +14,119 @@
scrapeTimeout: '30s', scrapeTimeout: '30s',
}, },
}, },
kubeStateMetrics+:: (import 'github.com/kubernetes/kube-state-metrics/jsonnet/kube-state-metrics/kube-state-metrics.libsonnet') + kubeStateMetrics+::
{ ksm + {
local ksm = self, local version = self.version,
name:: 'kube-state-metrics', name:: 'kube-state-metrics',
namespace:: $._config.namespace, namespace:: $._config.namespace,
version:: $._config.versions.kubeStateMetrics, version:: $._config.versions.kubeStateMetrics,
image:: $._config.imageRepos.kubeStateMetrics + ':v' + $._config.versions.kubeStateMetrics, image:: $._config.imageRepos.kubeStateMetrics + ':v' + $._config.versions.kubeStateMetrics,
service+: { service+: {
spec+: { spec+: {
ports: [ ports: [
{ {
name: 'https-main', name: 'https-main',
port: 8443, port: 8443,
targetPort: 'https-main', targetPort: 'https-main',
}, },
{ {
name: 'https-self', name: 'https-self',
port: 9443, port: 9443,
targetPort: 'https-self', targetPort: 'https-self',
}, },
], ],
}, },
}, },
deployment+: { deployment+: {
spec+: { spec+: {
template+: { template+: {
spec+: { spec+: {
containers: std.map(function(c) c { containers: std.map(function(c) c {
ports:: null, ports:: null,
livenessProbe:: null, livenessProbe:: null,
readinessProbe:: null, readinessProbe:: null,
args: ['--host=127.0.0.1', '--port=8081', '--telemetry-host=127.0.0.1', '--telemetry-port=8082'], args: ['--host=127.0.0.1', '--port=8081', '--telemetry-host=127.0.0.1', '--telemetry-port=8082'],
}, super.containers), }, super.containers),
}, },
}, },
}, },
}, },
serviceMonitor: serviceMonitor:
{ {
apiVersion: 'monitoring.coreos.com/v1', apiVersion: 'monitoring.coreos.com/v1',
kind: 'ServiceMonitor', kind: 'ServiceMonitor',
metadata: { metadata: {
name: 'kube-state-metrics', name: 'kube-state-metrics',
namespace: $._config.namespace, namespace: $._config.namespace,
labels: { labels: {
'app.kubernetes.io/name': 'kube-state-metrics', 'app.kubernetes.io/name': 'kube-state-metrics',
'app.kubernetes.io/version': ksm.version, 'app.kubernetes.io/version': version,
}, },
}, },
spec: { spec: {
jobLabel: 'app.kubernetes.io/name', jobLabel: 'app.kubernetes.io/name',
selector: { selector: {
matchLabels: { matchLabels: {
'app.kubernetes.io/name': 'kube-state-metrics', 'app.kubernetes.io/name': 'kube-state-metrics',
}, },
}, },
endpoints: [ endpoints: [
{ {
port: 'https-main', port: 'https-main',
scheme: 'https', scheme: 'https',
interval: $._config.kubeStateMetrics.scrapeInterval, interval: $._config.kubeStateMetrics.scrapeInterval,
scrapeTimeout: $._config.kubeStateMetrics.scrapeTimeout, scrapeTimeout: $._config.kubeStateMetrics.scrapeTimeout,
honorLabels: true, honorLabels: true,
bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token', bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token',
relabelings: [ relabelings: [
{ {
regex: '(pod|service|endpoint|namespace)', regex: '(pod|service|endpoint|namespace)',
action: 'labeldrop', action: 'labeldrop',
}, },
], ],
tlsConfig: { tlsConfig: {
insecureSkipVerify: true, insecureSkipVerify: true,
}, },
}, },
{ {
port: 'https-self', port: 'https-self',
scheme: 'https', scheme: 'https',
interval: $._config.kubeStateMetrics.scrapeInterval, interval: $._config.kubeStateMetrics.scrapeInterval,
bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token', bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token',
tlsConfig: { tlsConfig: {
insecureSkipVerify: true, insecureSkipVerify: true,
}, },
}, },
], ],
}, },
}, },
} + } +
((import 'kube-prometheus/kube-rbac-proxy/container.libsonnet') { (kubeRbacProxyContainer {
config+:: { config+:: {
kubeRbacProxy: { kubeRbacProxy: {
local cfg = self, local cfg = self,
image: $._config.imageRepos.kubeRbacProxy + ':' + $._config.versions.kubeRbacProxy, image: $._config.imageRepos.kubeRbacProxy + ':' + $._config.versions.kubeRbacProxy,
name: 'kube-rbac-proxy-main', name: 'kube-rbac-proxy-main',
securePortName: 'https-main', securePortName: 'https-main',
securePort: 8443, securePort: 8443,
secureListenAddress: ':%d' % self.securePort, secureListenAddress: ':%d' % self.securePort,
upstream: 'http://127.0.0.1:8081/', upstream: 'http://127.0.0.1:8081/',
tlsCipherSuites: $._config.tlsCipherSuites, tlsCipherSuites: $._config.tlsCipherSuites,
}, },
}, },
}).deploymentMixin + }).deploymentMixin +
((import 'kube-prometheus/kube-rbac-proxy/container.libsonnet') { (kubeRbacProxyContainer {
config+:: { config+:: {
kubeRbacProxy: { kubeRbacProxy: {
local cfg = self, local cfg = self,
image: $._config.imageRepos.kubeRbacProxy + ':' + $._config.versions.kubeRbacProxy, image: $._config.imageRepos.kubeRbacProxy + ':' + $._config.versions.kubeRbacProxy,
name: 'kube-rbac-proxy-self', name: 'kube-rbac-proxy-self',
securePortName: 'https-self', securePortName: 'https-self',
securePort: 9443, securePort: 9443,
secureListenAddress: ':%d' % self.securePort, secureListenAddress: ':%d' % self.securePort,
upstream: 'http://127.0.0.1:8082/', upstream: 'http://127.0.0.1:8082/',
tlsCipherSuites: $._config.tlsCipherSuites, tlsCipherSuites: $._config.tlsCipherSuites,
}, },
}, },
}).deploymentMixin, }).deploymentMixin,
} }