easylinux/kube-prometheus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #868 from paulfantom/kube-state-metrics-globals

Browse Source
This commit is contained in:
Paweł Krupa
2021-01-12 15:19:10 +01:00
committed by GitHub
parent 2ce2c80a48 a76135a9f9
commit e255923c05
3 changed files with 161 additions and 146 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
jsonnet/kube-prometheus/kube-prometheus.libsonnet
View File

@@ -1,14 +1,12 @@
local kubeRbacProxyContainer = import './kube-rbac-proxy/containerMixin.libsonnet'; local kubeRbacProxyContainer = import './kube-rbac-proxy/containerMixin.libsonnet';
local nodeExporter = import './node-exporter/node-exporter.libsonnet';
local alertmanager = import './alertmanager/alertmanager.libsonnet'; local alertmanager = import './alertmanager/alertmanager.libsonnet';
local blackboxExporter = import './blackbox-exporter/blackbox-exporter.libsonnet';
local kubeStateMetrics = import './kube-state-metrics/kube-state-metrics.libsonnet';
local nodeExporter = import './node-exporter/node-exporter.libsonnet';
local prometheusAdapter = import './prometheus-adapter/prometheus-adapter.libsonnet'; local prometheusAdapter = import './prometheus-adapter/prometheus-adapter.libsonnet';
local blackboxExporter = import './blackbox-exporter/blackbox-exporter.libsonnet';
(import 'github.com/brancz/kubernetes-grafana/grafana/grafana.libsonnet') + (import 'github.com/brancz/kubernetes-grafana/grafana/grafana.libsonnet') +
(import './kube-state-metrics/kube-state-metrics.libsonnet') +
(import 'github.com/kubernetes/kube-state-metrics/jsonnet/kube-state-metrics-mixin/mixin.libsonnet') + (import 'github.com/kubernetes/kube-state-metrics/jsonnet/kube-state-metrics-mixin/mixin.libsonnet') +
(import 'github.com/prometheus/node_exporter/docs/node-mixin/mixin.libsonnet') + (import 'github.com/prometheus/node_exporter/docs/node-mixin/mixin.libsonnet') +
(import 'github.com/prometheus/alertmanager/doc/alertmanager-mixin/mixin.libsonnet') + (import 'github.com/prometheus/alertmanager/doc/alertmanager-mixin/mixin.libsonnet') +
@@ -20,28 +18,33 @@ local blackboxExporter = import './blackbox-exporter/blackbox-exporter.libsonnet
(import './alerts/alerts.libsonnet') + (import './alerts/alerts.libsonnet') +
(import './rules/rules.libsonnet') + (import './rules/rules.libsonnet') +
{ {
nodeExporter: nodeExporter({
namespace: $._config.namespace,
version: '1.0.1',
image: 'quay.io/prometheus/node-exporter:v1.0.1',
}),
alertmanager: alertmanager({ alertmanager: alertmanager({
name: 'main', name: 'main',
namespace: $._config.namespace, namespace: $._config.namespace,
version: '0.21.0', version: '0.21.0',
image: 'quay.io/prometheus/alertmanager:v0.21.0', image: 'quay.io/prometheus/alertmanager:v0.21.0',
}), }),
blackboxExporter: blackboxExporter({
namespace: $._config.namespace,
version: '0.18.0',
image: 'quay.io/prometheus/blackbox-exporter:v0.18.0',
}),
kubeStateMetrics: kubeStateMetrics({
namespace: $._config.namespace,
version: '1.9.7',
image: 'quay.io/coreos/kube-state-metrics:v1.9.7',
}),
nodeExporter: nodeExporter({
namespace: $._config.namespace,
version: '1.0.1',
image: 'quay.io/prometheus/node-exporter:v1.0.1',
}),
prometheusAdapter: prometheusAdapter({ prometheusAdapter: prometheusAdapter({
namespace: $._config.namespace, namespace: $._config.namespace,
version: '0.8.2', version: '0.8.2',
image: 'directxman12/k8s-prometheus-adapter:v0.8.2', image: 'directxman12/k8s-prometheus-adapter:v0.8.2',
prometheusURL: 'http://prometheus-' + $._config.prometheus.name + '.' + $._config.namespace + '.svc.cluster.local:9090/', prometheusURL: 'http://prometheus-' + $._config.prometheus.name + '.' + $._config.namespace + '.svc.cluster.local:9090/',
}), }),
blackboxExporter: blackboxExporter({
namespace: $._config.namespace,
version: '0.18.0',
image: 'quay.io/prometheus/blackbox-exporter:v0.18.0',
}),
kubePrometheus+:: { kubePrometheus+:: {
namespace: { namespace: {
apiVersion: 'v1', apiVersion: 'v1',
@@ -217,10 +220,6 @@ local blackboxExporter = import './blackbox-exporter/blackbox-exporter.libsonnet
requests: { cpu: '10m', memory: '20Mi' }, requests: { cpu: '10m', memory: '20Mi' },
limits: { cpu: '20m', memory: '40Mi' }, limits: { cpu: '20m', memory: '40Mi' },
}, },
'kube-state-metrics': {
requests: { cpu: '100m', memory: '150Mi' },
limits: { cpu: '100m', memory: '150Mi' },
},
}, },
prometheus+:: { rules: $.prometheusRules + $.prometheusAlerts }, prometheus+:: { rules: $.prometheusRules + $.prometheusAlerts },
grafana+:: { grafana+:: {

119
jsonnet/kube-prometheus/kube-state-metrics/kube-state-metrics.libsonnet
View File

@@ -1,39 +1,43 @@
local kubeRbacProxyContainer = import '../kube-rbac-proxy/containerMixin.libsonnet'; local krp = (import '../kube-rbac-proxy/container.libsonnet');
local ksm = import 'github.com/kubernetes/kube-state-metrics/jsonnet/kube-state-metrics/kube-state-metrics.libsonnet';
{ local defaults = {
_config+:: { local defaults = self,
versions+:: { namespace: error 'must provide namespace',
kubeStateMetrics: '1.9.7', version: error 'must provide version',
image: error 'must provide version',
resources: {
requests: { cpu: '10m', memory: '190Mi' },
limits: { cpu: '100m', memory: '250Mi' },
}, },
imageRepos+:: {
kubeStateMetrics: 'quay.io/coreos/kube-state-metrics',
},
kubeStateMetrics+:: {
scrapeInterval: '30s', scrapeInterval: '30s',
scrapeTimeout: '30s', scrapeTimeout: '30s',
labels: { commonLabels:: {
'app.kubernetes.io/name': 'kube-state-metrics', 'app.kubernetes.io/name': 'kube-state-metrics',
'app.kubernetes.io/version': $._config.versions.kubeStateMetrics, 'app.kubernetes.io/version': defaults.version,
'app.kubernetes.io/component': 'exporter', 'app.kubernetes.io/component': 'exporter',
'app.kubernetes.io/part-of': 'kube-prometheus', 'app.kubernetes.io/part-of': 'kube-prometheus',
}, },
selectorLabels: { selectorLabels:: {
[labelName]: $._config.kubeStateMetrics.labels[labelName] [labelName]: defaults.commonLabels[labelName]
for labelName in std.objectFields($._config.kubeStateMetrics.labels) for labelName in std.objectFields(defaults.commonLabels)
if !std.setMember(labelName, ['app.kubernetes.io/version']) if !std.setMember(labelName, ['app.kubernetes.io/version'])
}, },
}, };
},
kubeStateMetrics+:: function(params) (import 'github.com/kubernetes/kube-state-metrics/jsonnet/kube-state-metrics/kube-state-metrics.libsonnet') {
ksm { local ksm = self,
local version = self.version, config:: defaults + params,
// Safety check
assert std.isObject(ksm.config.resources),
name:: 'kube-state-metrics', name:: 'kube-state-metrics',
namespace:: $._config.namespace, namespace:: ksm.config.namespace,
version:: $._config.versions.kubeStateMetrics, version:: ksm.config.version,
image:: $._config.imageRepos.kubeStateMetrics + ':v' + $._config.versions.kubeStateMetrics, image:: ksm.config.image,
commonLabels:: $._config.kubeStateMetrics.labels, commonLabels:: ksm.config.commonLabels,
podLabels:: $._config.kubeStateMetrics.selectorLabels, podLabels:: ksm.config.selectorLabels,
service+: { service+: {
spec+: { spec+: {
ports: [ ports: [
@@ -50,6 +54,25 @@ local ksm = import 'github.com/kubernetes/kube-state-metrics/jsonnet/kube-state-
], ],
}, },
}, },
local kubeRbacProxyMain = krp({
name: 'kube-rbac-proxy-main',
upstream: 'http://127.0.0.1:8081/',
secureListenAddress: ':8443',
ports: [
{ name: 'https-main', containerPort: 8443, },
],
}),
local kubeRbacProxySelf = krp({
name: 'kube-rbac-proxy-self',
upstream: 'http://127.0.0.1:8082/',
secureListenAddress: ':9443',
ports: [
{ name: 'https-self', containerPort: 9443, },
],
}),
deployment+: { deployment+: {
spec+: { spec+: {
template+: { template+: {
@@ -59,7 +82,8 @@ local ksm = import 'github.com/kubernetes/kube-state-metrics/jsonnet/kube-state-
livenessProbe:: null, livenessProbe:: null,
readinessProbe:: null, readinessProbe:: null,
args: ['--host=127.0.0.1', '--port=8081', '--telemetry-host=127.0.0.1', '--telemetry-port=8082'], args: ['--host=127.0.0.1', '--port=8081', '--telemetry-host=127.0.0.1', '--telemetry-port=8082'],
}, super.containers), resources: ksm.config.resources,
}, super.containers) + [kubeRbacProxyMain, kubeRbacProxySelf],
}, },
}, },
}, },
@@ -69,19 +93,19 @@ local ksm = import 'github.com/kubernetes/kube-state-metrics/jsonnet/kube-state-
apiVersion: 'monitoring.coreos.com/v1', apiVersion: 'monitoring.coreos.com/v1',
kind: 'ServiceMonitor', kind: 'ServiceMonitor',
metadata: { metadata: {
name: 'kube-state-metrics', name: ksm.name,
namespace: $._config.namespace, namespace: ksm.config.namespace,
labels: $._config.kubeStateMetrics.labels, labels: ksm.config.commonLabels,
}, },
spec: { spec: {
jobLabel: 'app.kubernetes.io/name', jobLabel: 'app.kubernetes.io/name',
selector: { matchLabels: $._config.kubeStateMetrics.selectorLabels }, selector: { matchLabels: ksm.config.selectorLabels },
endpoints: [ endpoints: [
{ {
port: 'https-main', port: 'https-main',
scheme: 'https', scheme: 'https',
interval: $._config.kubeStateMetrics.scrapeInterval, interval: ksm.config.scrapeInterval,
scrapeTimeout: $._config.kubeStateMetrics.scrapeTimeout, scrapeTimeout: ksm.config.scrapeTimeout,
honorLabels: true, honorLabels: true,
bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token', bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token',
relabelings: [ relabelings: [
@@ -97,7 +121,7 @@ local ksm = import 'github.com/kubernetes/kube-state-metrics/jsonnet/kube-state-
{ {
port: 'https-self', port: 'https-self',
scheme: 'https', scheme: 'https',
interval: $._config.kubeStateMetrics.scrapeInterval, interval: ksm.config.scrapeInterval,
bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token', bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token',
tlsConfig: { tlsConfig: {
insecureSkipVerify: true, insecureSkipVerify: true,
@@ -106,33 +130,4 @@ local ksm = import 'github.com/kubernetes/kube-state-metrics/jsonnet/kube-state-
], ],
}, },
}, },
} +
(kubeRbacProxyContainer {
config+:: {
kubeRbacProxy: {
local cfg = self,
image: $._config.imageRepos.kubeRbacProxy + ':' + $._config.versions.kubeRbacProxy,
name: 'kube-rbac-proxy-main',
securePortName: 'https-main',
securePort: 8443,
secureListenAddress: ':%d' % self.securePort,
upstream: 'http://127.0.0.1:8081/',
tlsCipherSuites: $._config.tlsCipherSuites,
},
},
}).deploymentMixin +
(kubeRbacProxyContainer {
config+:: {
kubeRbacProxy: {
local cfg = self,
image: $._config.imageRepos.kubeRbacProxy + ':' + $._config.versions.kubeRbacProxy,
name: 'kube-rbac-proxy-self',
securePortName: 'https-self',
securePort: 9443,
secureListenAddress: ':%d' % self.securePort,
upstream: 'http://127.0.0.1:8082/',
tlsCipherSuites: $._config.tlsCipherSuites,
},
},
}).deploymentMixin,
} }

21
manifests/kube-state-metrics-deployment.yaml
View File

@@ -31,6 +31,13 @@ spec:
- --telemetry-port=8082 - --telemetry-port=8082
image: quay.io/coreos/kube-state-metrics:v1.9.7 image: quay.io/coreos/kube-state-metrics:v1.9.7
name: kube-state-metrics name: kube-state-metrics
resources:
limits:
cpu: 100m
memory: 250Mi
requests:
cpu: 10m
memory: 190Mi
- args: - args:
- --logtostderr - --logtostderr
- --secure-listen-address=:8443 - --secure-listen-address=:8443
@@ -41,6 +48,13 @@ spec:
ports: ports:
- containerPort: 8443 - containerPort: 8443
name: https-main name: https-main
resources:
limits:
cpu: 20m
memory: 40Mi
requests:
cpu: 10m
memory: 20Mi
securityContext: securityContext:
runAsGroup: 65532 runAsGroup: 65532
runAsNonRoot: true runAsNonRoot: true
@@ -55,6 +69,13 @@ spec:
ports: ports:
- containerPort: 9443 - containerPort: 9443
name: https-self name: https-self
resources:
limits:
cpu: 20m
memory: 40Mi
requests:
cpu: 10m
memory: 20Mi
securityContext: securityContext:
runAsGroup: 65532 runAsGroup: 65532
runAsNonRoot: true runAsNonRoot: true