easylinux/kube-prometheus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

kube-prometheus: Convert to jsonnet

Browse Source
This commit is contained in:
Frederic Branczyk
2018-04-08 14:53:30 +02:00
parent 0d142fe9da
commit d8692794a9
54 changed files with 1249 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
jsonnet/prometheus/prometheus-k8s-cluster-role-binding.libsonnet Normal file
View File

@@ -0,0 +1,12 @@
local k = import "ksonnet.beta.3/k.libsonnet";
local clusterRoleBinding = k.rbac.v1.clusterRoleBinding;
{
new(namespace)::
clusterRoleBinding.new() +
clusterRoleBinding.mixin.metadata.withName("prometheus-k8s") +
clusterRoleBinding.mixin.roleRef.withApiGroup("rbac.authorization.k8s.io") +
clusterRoleBinding.mixin.roleRef.withName("prometheus-k8s") +
clusterRoleBinding.mixin.roleRef.mixinInstance({kind: "ClusterRole"}) +
clusterRoleBinding.withSubjects([{kind: "ServiceAccount", name: "prometheus-k8s", namespace: namespace}])
}

21
jsonnet/prometheus/prometheus-k8s-cluster-role.libsonnet Normal file
View File

@@ -0,0 +1,21 @@
local k = import "ksonnet.beta.3/k.libsonnet";
local clusterRole = k.rbac.v1.clusterRole;
local policyRule = clusterRole.rulesType;
local nodeMetricsRule = policyRule.new() +
policyRule.withApiGroups([""]) +
policyRule.withResources(["nodes/metrics"]) +
policyRule.withVerbs(["get"]);
local metricsRule = policyRule.new() +
policyRule.withNonResourceUrls("/metrics") +
policyRule.withVerbs(["get"]);
local rules = [nodeMetricsRule, metricsRule];
{
new()::
clusterRole.new() +
clusterRole.mixin.metadata.withName("prometheus-k8s") +
clusterRole.withRules(rules)
}

5
jsonnet/prometheus/prometheus-k8s-role-binding-config.libsonnet Normal file
View File

@@ -0,0 +1,5 @@
local prometheusNamespaceRoleBinding = import "prometheus-namespace-role-binding.libsonnet";
{
new(namespace):: prometheusNamespaceRoleBinding.new(namespace, namespace, "prometheus-k8s-config")
}

5
jsonnet/prometheus/prometheus-k8s-role-binding-default.libsonnet Normal file
View File

@@ -0,0 +1,5 @@
local prometheusNamespaceRoleBinding = import "prometheus-namespace-role-binding.libsonnet";
{
new(namespace):: prometheusNamespaceRoleBinding.new(namespace, "default", "prometheus-k8s")
}

5
jsonnet/prometheus/prometheus-k8s-role-binding-kube-system.libsonnet Normal file
View File

@@ -0,0 +1,5 @@
local prometheusNamespaceRoleBinding = import "prometheus-namespace-role-binding.libsonnet";
{
new(namespace):: prometheusNamespaceRoleBinding.new(namespace, "kube-system", "prometheus-k8s")
}

5
jsonnet/prometheus/prometheus-k8s-role-binding-namespace.libsonnet Normal file
View File

@@ -0,0 +1,5 @@
local prometheusNamespaceRoleBinding = import "prometheus-namespace-role-binding.libsonnet";
{
new(namespace):: prometheusNamespaceRoleBinding.new(namespace, namespace, "prometheus-k8s")
}

18
jsonnet/prometheus/prometheus-k8s-role-config.libsonnet Normal file
View File

@@ -0,0 +1,18 @@
local k = import "ksonnet.beta.3/k.libsonnet";
local role = k.rbac.v1.role;
local policyRule = role.rulesType;
local configmapRule = policyRule.new() +
policyRule.withApiGroups([""]) +
policyRule.withResources([
"configmaps",
]) +
policyRule.withVerbs(["get"]);
{
new(namespace)::
role.new() +
role.mixin.metadata.withName("prometheus-k8s-config") +
role.mixin.metadata.withNamespace(namespace) +
role.withRules(configmapRule),
}

5
jsonnet/prometheus/prometheus-k8s-role-default.libsonnet Normal file
View File

@@ -0,0 +1,5 @@
local prometheusNamespaceRole = import "prometheus-namespace-role.libsonnet";
{
new():: prometheusNamespaceRole.new("default")
}

5
jsonnet/prometheus/prometheus-k8s-role-kube-system.libsonnet Normal file
View File

@@ -0,0 +1,5 @@
local prometheusNamespaceRole = import "prometheus-namespace-role.libsonnet";
{
new():: prometheusNamespaceRole.new("kube-system")
}

5
jsonnet/prometheus/prometheus-k8s-role-namespace.libsonnet Normal file
View File

@@ -0,0 +1,5 @@
local prometheusNamespaceRole = import "prometheus-namespace-role.libsonnet";
{
new(namespace):: prometheusNamespaceRole.new(namespace)
}

8
jsonnet/prometheus/prometheus-k8s-service-account.libsonnet Normal file
View File

@@ -0,0 +1,8 @@
local k = import "ksonnet.beta.3/k.libsonnet";
local serviceAccount = k.core.v1.serviceAccount;
{
new(namespace)::
serviceAccount.new("prometheus-k8s") +
serviceAccount.mixin.metadata.withNamespace(namespace)
}

32
jsonnet/prometheus/prometheus-k8s-service-monitor-alertmanager.libsonnet Normal file
View File

@@ -0,0 +1,32 @@
{
new(namespace)::
{
"apiVersion": "monitoring.coreos.com/v1",
"kind": "ServiceMonitor",
"metadata": {
"name": "alertmanager",
"namespace": namespace,
"labels": {
"k8s-app": "alertmanager"
}
},
"spec": {
"selector": {
"matchLabels": {
"alertmanager": "main"
}
},
"namespaceSelector": {
"matchNames": [
"monitoring"
]
},
"endpoints": [
{
"port": "web",
"interval": "30s"
}
]
}
}
}

40
jsonnet/prometheus/prometheus-k8s-service-monitor-apiserver.libsonnet Normal file
View File

@@ -0,0 +1,40 @@
{
new(namespace)::
{
"apiVersion": "monitoring.coreos.com/v1",
"kind": "ServiceMonitor",
"metadata": {
"name": "kube-apiserver",
"namespace": namespace,
"labels": {
"k8s-app": "apiserver"
}
},
"spec": {
"jobLabel": "component",
"selector": {
"matchLabels": {
"component": "apiserver",
"provider": "kubernetes"
}
},
"namespaceSelector": {
"matchNames": [
"default"
]
},
"endpoints": [
{
"port": "https",
"interval": "30s",
"scheme": "https",
"tlsConfig": {
"caFile": "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt",
"serverName": "kubernetes"
},
"bearerTokenFile": "/var/run/secrets/kubernetes.io/serviceaccount/token"
}
]
}
}
}

35
jsonnet/prometheus/prometheus-k8s-service-monitor-coredns.libsonnet Normal file
View File

@@ -0,0 +1,35 @@
{
new(namespace)::
{
"apiVersion": "monitoring.coreos.com/v1",
"kind": "ServiceMonitor",
"metadata": {
"name": "coredns",
"namespace": namespace,
"labels": {
"k8s-app": "coredns"
},
},
"spec": {
"jobLabel": "k8s-app",
"selector": {
"matchLabels": {
"k8s-app": "coredns",
"component": "metrics"
}
},
"namespaceSelector": {
"matchNames": [
"kube-system"
]
},
"endpoints": [
{
"port": "http-metrics",
"interval": "15s",
"bearerTokenFile": "/var/run/secrets/kubernetes.io/serviceaccount/token"
}
]
}
}
}

33
jsonnet/prometheus/prometheus-k8s-service-monitor-kube-controller-manager.libsonnet Normal file
View File

@@ -0,0 +1,33 @@
{
new(namespace)::
{
"apiVersion": "monitoring.coreos.com/v1",
"kind": "ServiceMonitor",
"metadata": {
"name": "kube-controller-manager",
"namespace": namespace,
"labels": {
"k8s-app": "kube-controller-manager"
}
},
"spec": {
"jobLabel": "k8s-app",
"endpoints": [
{
"port": "http-metrics",
"interval": "30s"
}
],
"selector": {
"matchLabels": {
"k8s-app": "kube-controller-manager"
}
},
"namespaceSelector": {
"matchNames": [
"kube-system"
]
}
}
}
}

33
jsonnet/prometheus/prometheus-k8s-service-monitor-kube-scheduler.libsonnet Normal file
View File

@@ -0,0 +1,33 @@
{
new(namespace)::
{
"apiVersion": "monitoring.coreos.com/v1",
"kind": "ServiceMonitor",
"metadata": {
"name": "kube-scheduler",
"namespace": namespace,
"labels": {
"k8s-app": "kube-scheduler"
}
},
"spec": {
"jobLabel": "k8s-app",
"endpoints": [
{
"port": "http-metrics",
"interval": "30s"
}
],
"selector": {
"matchLabels": {
"k8s-app": "kube-scheduler"
}
},
"namespaceSelector": {
"matchNames": [
"kube-system"
]
}
}
}
}

48
jsonnet/prometheus/prometheus-k8s-service-monitor-kube-state-metrics.libsonnet Normal file
View File

@@ -0,0 +1,48 @@
{
new(namespace)::
{
"apiVersion": "monitoring.coreos.com/v1",
"kind": "ServiceMonitor",
"metadata": {
"name": "kube-state-metrics",
"namespace": namespace,
"labels": {
"k8s-app": "kube-state-metrics"
}
},
"spec": {
"jobLabel": "k8s-app",
"selector": {
"matchLabels": {
"k8s-app": "kube-state-metrics"
}
},
"namespaceSelector": {
"matchNames": [
"monitoring"
]
},
"endpoints": [
{
"port": "https-main",
"scheme": "https",
"interval": "30s",
"honorLabels": true,
"bearerTokenFile": "/var/run/secrets/kubernetes.io/serviceaccount/token",
"tlsConfig": {
"insecureSkipVerify": true
}
},
{
"port": "https-self",
"scheme": "https",
"interval": "30s",
"bearerTokenFile": "/var/run/secrets/kubernetes.io/serviceaccount/token",
"tlsConfig": {
"insecureSkipVerify": true
}
}
]
}
}
}

49
jsonnet/prometheus/prometheus-k8s-service-monitor-kubelet.libsonnet Normal file
View File

@@ -0,0 +1,49 @@
{
new(namespace)::
{
"apiVersion": "monitoring.coreos.com/v1",
"kind": "ServiceMonitor",
"metadata": {
"name": "kubelet",
"namespace": namespace,
"labels": {
"k8s-app": "kubelet"
}
},
"spec": {
"jobLabel": "k8s-app",
"endpoints": [
{
"port": "https-metrics",
"scheme": "https",
"interval": "30s",
"tlsConfig": {
"insecureSkipVerify": true
},
"bearerTokenFile": "/var/run/secrets/kubernetes.io/serviceaccount/token"
},
{
"port": "https-metrics",
"scheme": "https",
"path": "/metrics/cadvisor",
"interval": "30s",
"honorLabels": true,
"tlsConfig": {
"insecureSkipVerify": true
},
"bearerTokenFile": "/var/run/secrets/kubernetes.io/serviceaccount/token"
}
],
"selector": {
"matchLabels": {
"k8s-app": "kubelet"
}
},
"namespaceSelector": {
"matchNames": [
"kube-system"
]
}
}
}
}

38
jsonnet/prometheus/prometheus-k8s-service-monitor-node-exporter.libsonnet Normal file
View File

@@ -0,0 +1,38 @@
{
new(namespace)::
{
"apiVersion": "monitoring.coreos.com/v1",
"kind": "ServiceMonitor",
"metadata": {
"name": "node-exporter",
"namespace": namespace,
"labels": {
"k8s-app": "node-exporter"
}
},
"spec": {
"jobLabel": "k8s-app",
"selector": {
"matchLabels": {
"k8s-app": "node-exporter"
}
},
"namespaceSelector": {
"matchNames": [
"monitoring"
]
},
"endpoints": [
{
"port": "https",
"scheme": "https",
"interval": "30s",
"bearerTokenFile": "/var/run/secrets/kubernetes.io/serviceaccount/token",
"tlsConfig": {
"insecureSkipVerify": true
}
}
]
}
}
}

26
jsonnet/prometheus/prometheus-k8s-service-monitor-prometheus-operator.libsonnet Normal file
View File

@@ -0,0 +1,26 @@
{
new(namespace)::
{
"apiVersion": "monitoring.coreos.com/v1",
"kind": "ServiceMonitor",
"metadata": {
"name": "prometheus-operator",
"namespace": namespace,
"labels": {
"k8s-app": "prometheus-operator"
}
},
"spec": {
"endpoints": [
{
"port": "http"
}
],
"selector": {
"matchLabels": {
"k8s-app": "prometheus-operator"
}
}
}
}
}

32
jsonnet/prometheus/prometheus-k8s-service-monitor-prometheus.libsonnet Normal file
View File

@@ -0,0 +1,32 @@
{
new(namespace)::
{
"apiVersion": "monitoring.coreos.com/v1",
"kind": "ServiceMonitor",
"metadata": {
"name": "prometheus",
"namespace": namespace,
"labels": {
"k8s-app": "prometheus"
}
},
"spec": {
"selector": {
"matchLabels": {
"prometheus": "k8s"
}
},
"namespaceSelector": {
"matchNames": [
"monitoring"
]
},
"endpoints": [
{
"port": "web",
"interval": "30s"
}
]
}
}
}

13
jsonnet/prometheus/prometheus-k8s-service.libsonnet Normal file
View File

@@ -0,0 +1,13 @@
local k = import "ksonnet.beta.3/k.libsonnet";
local service = k.core.v1.service;
local servicePort = k.core.v1.service.mixin.spec.portsType;
local prometheusPort = servicePort.newNamed("web", 9090, "web");
{
new(namespace)::
service.new("prometheus-k8s", {app: "prometheus", prometheus: "k8s"}, prometheusPort) +
service.mixin.metadata.withNamespace(namespace) +
service.mixin.metadata.withLabels({prometheus: "k8s"})
}

43
jsonnet/prometheus/prometheus-k8s.libsonnet Normal file
View File

@@ -0,0 +1,43 @@
local k = import "ksonnet.beta.3/k.libsonnet";
local container = k.core.v1.pod.mixin.spec.containersType;
local resourceRequirements = container.mixin.resourcesType;
local selector = k.apps.v1beta2.deployment.mixin.spec.selectorType;
local resources = resourceRequirements.new() +
resourceRequirements.withRequests({memory: "400Mi"});
{
new(namespace)::
{
apiVersion: "monitoring.coreos.com/v1",
kind: "Prometheus",
metadata: {
name: "k8s",
namespace: namespace,
labels: {
prometheus: "k8s",
},
},
spec: {
replicas: 2,
version: "v2.2.1",
serviceAccountName: "prometheus-k8s",
serviceMonitorSelector: selector.withMatchExpressions({key: "k8s-app", operator: "Exists"}),
ruleSelector: selector.withMatchLabels({
role: "alert-rules",
prometheus: "k8s",
}),
resources: resources,
alerting: {
alertmanagers: [
{
namespace: "monitoring",
name: "alertmanager-main",
port: "web",
},
],
},
},
}
}

13
jsonnet/prometheus/prometheus-namespace-role-binding.libsonnet Normal file
View File

@@ -0,0 +1,13 @@
local k = import "ksonnet.beta.3/k.libsonnet";
local roleBinding = k.rbac.v1.roleBinding;
{
new(serviceAccountNamespace, namespace, name)::
roleBinding.new() +
roleBinding.mixin.metadata.withName(name) +
roleBinding.mixin.metadata.withNamespace(namespace) +
roleBinding.mixin.roleRef.withApiGroup("rbac.authorization.k8s.io") +
roleBinding.mixin.roleRef.withName(name) +
roleBinding.mixin.roleRef.mixinInstance({kind: "Role"}) +
roleBinding.withSubjects([{kind: "ServiceAccount", name: name, namespace: serviceAccountNamespace}])
}

21
jsonnet/prometheus/prometheus-namespace-role.libsonnet Normal file
View File

@@ -0,0 +1,21 @@
local k = import "ksonnet.beta.3/k.libsonnet";
local role = k.rbac.v1.role;
local policyRule = role.rulesType;
{
new(namespace)::
local coreRule = policyRule.new() +
policyRule.withApiGroups([""]) +
policyRule.withResources([
"nodes",
"services",
"endpoints",
"pods",
]) +
policyRule.withVerbs(["get", "list", "watch"]);
role.new() +
role.mixin.metadata.withName("prometheus-k8s") +
role.mixin.metadata.withNamespace(namespace) +
role.withRules(coreRule)
}

25
jsonnet/prometheus/prometheus.libsonnet Normal file
View File

@@ -0,0 +1,25 @@
{
clusterRoleBinding:: import "prometheus-k8s-cluster-role-binding.libsonnet",
clusterRole:: import "prometheus-k8s-cluster-role.libsonnet",
roleBindingConfig:: import "prometheus-k8s-role-binding-config.libsonnet",
roleBindingNamespace:: import "prometheus-k8s-role-binding-namespace.libsonnet",
roleBindingKubeSystem:: import "prometheus-k8s-role-binding-kube-system.libsonnet",
roleBindingDefault:: import "prometheus-k8s-role-binding-default.libsonnet",
roleConfig:: import "prometheus-k8s-role-config.libsonnet",
roleNamespace:: import "prometheus-k8s-role-namespace.libsonnet",
roleKubeSystem:: import "prometheus-k8s-role-kube-system.libsonnet",
roleDefault:: import "prometheus-k8s-role-default.libsonnet",
serviceAccount:: import "prometheus-k8s-service-account.libsonnet",
serviceMonitorAlertmanager:: import "prometheus-k8s-service-monitor-alertmanager.libsonnet",
serviceMonitorApiserver:: import "prometheus-k8s-service-monitor-apiserver.libsonnet",
serviceMonitorCoreDNS:: import "prometheus-k8s-service-monitor-coredns.libsonnet",
serviceMonitorControllerManager:: import "prometheus-k8s-service-monitor-kube-controller-manager.libsonnet",
serviceMonitorScheduler:: import "prometheus-k8s-service-monitor-kube-scheduler.libsonnet",
serviceMonitorKubeStateMetrics:: import "prometheus-k8s-service-monitor-kube-state-metrics.libsonnet",
serviceMonitorKubelet:: import "prometheus-k8s-service-monitor-kubelet.libsonnet",
serviceMonitorNodeExporter:: import "prometheus-k8s-service-monitor-node-exporter.libsonnet",
serviceMonitorPrometheusOperator:: import "prometheus-k8s-service-monitor-prometheus-operator.libsonnet",
serviceMonitorPrometheus:: import "prometheus-k8s-service-monitor-prometheus.libsonnet",
service:: import "prometheus-k8s-service.libsonnet",
prometheus:: import "prometheus-k8s.libsonnet",
}