easylinux/kube-prometheus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #260 from s-urbaniak/prometheus-constructor

Browse Source 
kube-prometheus/prometheus: Add local configuration
This commit is contained in:
Sergiusz Urbaniak
2019-10-08 17:16:01 +02:00
committed by GitHub
parent 52685175f2 40a5dc2b71
commit bcadf3ae05
2 changed files with 53 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
jsonnet/kube-prometheus/alertmanager/alertmanager.libsonnet
View File

@@ -13,7 +13,7 @@ local k = import 'ksonnet/ksonnet.beta.4/k.libsonnet';
}, },
alertmanager+:: { alertmanager+:: {
name: $._config.alertmanager.name, name: 'main',
config: { config: {
global: { global: {
resolve_timeout: '5m', resolve_timeout: '5m',

96
jsonnet/kube-prometheus/prometheus/prometheus.libsonnet
View File

@@ -18,60 +18,68 @@ local k = import 'ksonnet/ksonnet.beta.4/k.libsonnet';
}, },
prometheus+:: { prometheus+:: {
name: 'k8s',
replicas: 2,
rules: {}, rules: {},
renderedRules: {},
namespaces: ['default', 'kube-system', $._config.namespace], namespaces: ['default', 'kube-system', $._config.namespace],
}, },
}, },
prometheus+:: { prometheus+:: {
local p = self,
name:: 'k8s',
namespace:: $._config.namespace,
roleBindingNamespaces:: $._config.prometheus.namespaces,
replicas:: 2,
prometheusRules:: $._config.prometheus.rules,
alertmanagerName:: $.alertmanager.service.metadata.name,
serviceAccount: serviceAccount:
local serviceAccount = k.core.v1.serviceAccount; local serviceAccount = k.core.v1.serviceAccount;
serviceAccount.new('prometheus-' + $._config.prometheus.name) + serviceAccount.new('prometheus-' + p.name) +
serviceAccount.mixin.metadata.withNamespace($._config.namespace), serviceAccount.mixin.metadata.withNamespace(p.namespace),
service: service:
local service = k.core.v1.service; local service = k.core.v1.service;
local servicePort = k.core.v1.service.mixin.spec.portsType; local servicePort = k.core.v1.service.mixin.spec.portsType;
local prometheusPort = servicePort.newNamed('web', 9090, 'web'); local prometheusPort = servicePort.newNamed('web', 9090, 'web');
service.new('prometheus-' + $._config.prometheus.name, { app: 'prometheus', prometheus: $._config.prometheus.name }, prometheusPort) + service.new('prometheus-' + p.name, { app: 'prometheus', prometheus: p.name }, prometheusPort) +
service.mixin.spec.withSessionAffinity('ClientIP') + service.mixin.spec.withSessionAffinity('ClientIP') +
service.mixin.metadata.withNamespace($._config.namespace) + service.mixin.metadata.withNamespace(p.namespace) +
service.mixin.metadata.withLabels({ prometheus: $._config.prometheus.name }), service.mixin.metadata.withLabels({ prometheus: p.name }),
[if $._config.prometheus.rules != null && $._config.prometheus.rules != {} then 'rules']:
rules:
{ {
apiVersion: 'monitoring.coreos.com/v1', apiVersion: 'monitoring.coreos.com/v1',
kind: 'PrometheusRule', kind: 'PrometheusRule',
metadata: { metadata: {
labels: { labels: {
prometheus: $._config.prometheus.name, prometheus: p.name,
role: 'alert-rules', role: 'alert-rules',
}, },
name: 'prometheus-' + $._config.prometheus.name + '-rules', name: 'prometheus-' + p.name + '-rules',
namespace: $._config.namespace, namespace: p.namespace,
}, },
spec: { spec: {
groups: $._config.prometheus.rules.groups, groups: p.prometheusRules.groups,
}, },
}, },
roleBindingSpecificNamespaces: roleBindingSpecificNamespaces:
local roleBinding = k.rbac.v1.roleBinding; local roleBinding = k.rbac.v1.roleBinding;
local newSpecificRoleBinding(namespace) = local newSpecificRoleBinding(namespace) =
roleBinding.new() + roleBinding.new() +
roleBinding.mixin.metadata.withName('prometheus-' + $._config.prometheus.name) + roleBinding.mixin.metadata.withName('prometheus-' + p.name) +
roleBinding.mixin.metadata.withNamespace(namespace) + roleBinding.mixin.metadata.withNamespace(namespace) +
roleBinding.mixin.roleRef.withApiGroup('rbac.authorization.k8s.io') + roleBinding.mixin.roleRef.withApiGroup('rbac.authorization.k8s.io') +
roleBinding.mixin.roleRef.withName('prometheus-' + $._config.prometheus.name) + roleBinding.mixin.roleRef.withName('prometheus-' + p.name) +
roleBinding.mixin.roleRef.mixinInstance({ kind: 'Role' }) + roleBinding.mixin.roleRef.mixinInstance({ kind: 'Role' }) +
roleBinding.withSubjects([{ kind: 'ServiceAccount', name: 'prometheus-' + $._config.prometheus.name, namespace: $._config.namespace }]); roleBinding.withSubjects([{ kind: 'ServiceAccount', name: 'prometheus-' + p.name, namespace: p.namespace }]);
local roleBindingList = k3.rbac.v1.roleBindingList; local roleBindingList = k3.rbac.v1.roleBindingList;
roleBindingList.new([newSpecificRoleBinding(x) for x in $._config.prometheus.namespaces]), roleBindingList.new([newSpecificRoleBinding(x) for x in p.roleBindingNamespaces]),
clusterRole: clusterRole:
local clusterRole = k.rbac.v1.clusterRole; local clusterRole = k.rbac.v1.clusterRole;
local policyRule = clusterRole.rulesType; local policyRule = clusterRole.rulesType;
@@ -88,7 +96,7 @@ local k = import 'ksonnet/ksonnet.beta.4/k.libsonnet';
local rules = [nodeMetricsRule, metricsRule]; local rules = [nodeMetricsRule, metricsRule];
clusterRole.new() + clusterRole.new() +
clusterRole.mixin.metadata.withName('prometheus-' + $._config.prometheus.name) + clusterRole.mixin.metadata.withName('prometheus-' + p.name) +
clusterRole.withRules(rules), clusterRole.withRules(rules),
roleConfig: roleConfig:
local role = k.rbac.v1.role; local role = k.rbac.v1.role;
@@ -102,28 +110,28 @@ local k = import 'ksonnet/ksonnet.beta.4/k.libsonnet';
policyRule.withVerbs(['get']); policyRule.withVerbs(['get']);
role.new() + role.new() +
role.mixin.metadata.withName('prometheus-' + $._config.prometheus.name + '-config') + role.mixin.metadata.withName('prometheus-' + p.name + '-config') +
role.mixin.metadata.withNamespace($._config.namespace) + role.mixin.metadata.withNamespace(p.namespace) +
role.withRules(configmapRule), role.withRules(configmapRule),
roleBindingConfig: roleBindingConfig:
local roleBinding = k.rbac.v1.roleBinding; local roleBinding = k.rbac.v1.roleBinding;
roleBinding.new() + roleBinding.new() +
roleBinding.mixin.metadata.withName('prometheus-' + $._config.prometheus.name + '-config') + roleBinding.mixin.metadata.withName('prometheus-' + p.name + '-config') +
roleBinding.mixin.metadata.withNamespace($._config.namespace) + roleBinding.mixin.metadata.withNamespace(p.namespace) +
roleBinding.mixin.roleRef.withApiGroup('rbac.authorization.k8s.io') + roleBinding.mixin.roleRef.withApiGroup('rbac.authorization.k8s.io') +
roleBinding.mixin.roleRef.withName('prometheus-' + $._config.prometheus.name + '-config') + roleBinding.mixin.roleRef.withName('prometheus-' + p.name + '-config') +
roleBinding.mixin.roleRef.mixinInstance({ kind: 'Role' }) + roleBinding.mixin.roleRef.mixinInstance({ kind: 'Role' }) +
roleBinding.withSubjects([{ kind: 'ServiceAccount', name: 'prometheus-' + $._config.prometheus.name, namespace: $._config.namespace }]), roleBinding.withSubjects([{ kind: 'ServiceAccount', name: 'prometheus-' + p.name, namespace: p.namespace }]),
clusterRoleBinding: clusterRoleBinding:
local clusterRoleBinding = k.rbac.v1.clusterRoleBinding; local clusterRoleBinding = k.rbac.v1.clusterRoleBinding;
clusterRoleBinding.new() + clusterRoleBinding.new() +
clusterRoleBinding.mixin.metadata.withName('prometheus-' + $._config.prometheus.name) + clusterRoleBinding.mixin.metadata.withName('prometheus-' + p.name) +
clusterRoleBinding.mixin.roleRef.withApiGroup('rbac.authorization.k8s.io') + clusterRoleBinding.mixin.roleRef.withApiGroup('rbac.authorization.k8s.io') +
clusterRoleBinding.mixin.roleRef.withName('prometheus-' + $._config.prometheus.name) + clusterRoleBinding.mixin.roleRef.withName('prometheus-' + p.name) +
clusterRoleBinding.mixin.roleRef.mixinInstance({ kind: 'ClusterRole' }) + clusterRoleBinding.mixin.roleRef.mixinInstance({ kind: 'ClusterRole' }) +
clusterRoleBinding.withSubjects([{ kind: 'ServiceAccount', name: 'prometheus-' + $._config.prometheus.name, namespace: $._config.namespace }]), clusterRoleBinding.withSubjects([{ kind: 'ServiceAccount', name: 'prometheus-' + p.name, namespace: p.namespace }]),
roleSpecificNamespaces: roleSpecificNamespaces:
local role = k.rbac.v1.role; local role = k.rbac.v1.role;
local policyRule = role.rulesType; local policyRule = role.rulesType;
@@ -138,12 +146,12 @@ local k = import 'ksonnet/ksonnet.beta.4/k.libsonnet';
local newSpecificRole(namespace) = local newSpecificRole(namespace) =
role.new() + role.new() +
role.mixin.metadata.withName('prometheus-' + $._config.prometheus.name) + role.mixin.metadata.withName('prometheus-' + p.name) +
role.mixin.metadata.withNamespace(namespace) + role.mixin.metadata.withNamespace(namespace) +
role.withRules(coreRule); role.withRules(coreRule);
local roleList = k3.rbac.v1.roleList; local roleList = k3.rbac.v1.roleList;
roleList.new([newSpecificRole(x) for x in $._config.prometheus.namespaces]), roleList.new([newSpecificRole(x) for x in p.roleBindingNamespaces]),
prometheus: prometheus:
local statefulSet = k.apps.v1.statefulSet; local statefulSet = k.apps.v1.statefulSet;
local container = statefulSet.mixin.spec.template.spec.containersType; local container = statefulSet.mixin.spec.template.spec.containersType;
@@ -158,31 +166,31 @@ local k = import 'ksonnet/ksonnet.beta.4/k.libsonnet';
apiVersion: 'monitoring.coreos.com/v1', apiVersion: 'monitoring.coreos.com/v1',
kind: 'Prometheus', kind: 'Prometheus',
metadata: { metadata: {
name: $._config.prometheus.name, name: p.name,
namespace: $._config.namespace, namespace: p.namespace,
labels: { labels: {
prometheus: $._config.prometheus.name, prometheus: p.name,
}, },
}, },
spec: { spec: {
replicas: $._config.prometheus.replicas, replicas: p.replicas,
version: $._config.versions.prometheus, version: $._config.versions.prometheus,
baseImage: $._config.imageRepos.prometheus, baseImage: $._config.imageRepos.prometheus,
serviceAccountName: 'prometheus-' + $._config.prometheus.name, serviceAccountName: 'prometheus-' + p.name,
serviceMonitorSelector: {}, serviceMonitorSelector: {},
podMonitorSelector: {}, podMonitorSelector: {},
serviceMonitorNamespaceSelector: {}, serviceMonitorNamespaceSelector: {},
nodeSelector: { 'kubernetes.io/os': 'linux' }, nodeSelector: { 'kubernetes.io/os': 'linux' },
ruleSelector: selector.withMatchLabels({ ruleSelector: selector.withMatchLabels({
role: 'alert-rules', role: 'alert-rules',
prometheus: $._config.prometheus.name, prometheus: p.name,
}), }),
resources: resources, resources: resources,
alerting: { alerting: {
alertmanagers: [ alertmanagers: [
{ {
namespace: $._config.namespace, namespace: p.namespace,
name: 'alertmanager-' + $._config.alertmanager.name, name: p.alertmanagerName,
port: 'web', port: 'web',
}, },
], ],
@@ -200,7 +208,7 @@ local k = import 'ksonnet/ksonnet.beta.4/k.libsonnet';
kind: 'ServiceMonitor', kind: 'ServiceMonitor',
metadata: { metadata: {
name: 'prometheus', name: 'prometheus',
namespace: $._config.namespace, namespace: p.namespace,
labels: { labels: {
'k8s-app': 'prometheus', 'k8s-app': 'prometheus',
}, },
@@ -208,7 +216,7 @@ local k = import 'ksonnet/ksonnet.beta.4/k.libsonnet';
spec: { spec: {
selector: { selector: {
matchLabels: { matchLabels: {
prometheus: $._config.prometheus.name, prometheus: p.name,
}, },
}, },
endpoints: [ endpoints: [
@@ -225,7 +233,7 @@ local k = import 'ksonnet/ksonnet.beta.4/k.libsonnet';
kind: 'ServiceMonitor', kind: 'ServiceMonitor',
metadata: { metadata: {
name: 'kube-scheduler', name: 'kube-scheduler',
namespace: $._config.namespace, namespace: p.namespace,
labels: { labels: {
'k8s-app': 'kube-scheduler', 'k8s-app': 'kube-scheduler',
}, },
@@ -256,7 +264,7 @@ local k = import 'ksonnet/ksonnet.beta.4/k.libsonnet';
kind: 'ServiceMonitor', kind: 'ServiceMonitor',
metadata: { metadata: {
name: 'kubelet', name: 'kubelet',
namespace: $._config.namespace, namespace: p.namespace,
labels: { labels: {
'k8s-app': 'kubelet', 'k8s-app': 'kubelet',
}, },
@@ -313,7 +321,7 @@ local k = import 'ksonnet/ksonnet.beta.4/k.libsonnet';
kind: 'ServiceMonitor', kind: 'ServiceMonitor',
metadata: { metadata: {
name: 'kube-controller-manager', name: 'kube-controller-manager',
namespace: $._config.namespace, namespace: p.namespace,
labels: { labels: {
'k8s-app': 'kube-controller-manager', 'k8s-app': 'kube-controller-manager',
}, },
@@ -351,7 +359,7 @@ local k = import 'ksonnet/ksonnet.beta.4/k.libsonnet';
kind: 'ServiceMonitor', kind: 'ServiceMonitor',
metadata: { metadata: {
name: 'kube-apiserver', name: 'kube-apiserver',
namespace: $._config.namespace, namespace: p.namespace,
labels: { labels: {
'k8s-app': 'apiserver', 'k8s-app': 'apiserver',
}, },
@@ -406,7 +414,7 @@ local k = import 'ksonnet/ksonnet.beta.4/k.libsonnet';
kind: 'ServiceMonitor', kind: 'ServiceMonitor',
metadata: { metadata: {
name: 'coredns', name: 'coredns',
namespace: $._config.namespace, namespace: p.namespace,
labels: { labels: {
'k8s-app': 'coredns', 'k8s-app': 'coredns',
}, },