easylinux/kube-prometheus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

make fmt corrections to migration examples

Browse Source
This commit is contained in:
Paul Sweeney
2021-07-06 11:19:33 +01:00
parent e77664f325
commit f95eaf8598
2 changed files with 108 additions and 150 deletions
Download Patch File Download Diff File Expand all files Collapse all files

141
docs/migration-example/my.release-0.3.jsonnet
View File

@@ -1,16 +1,15 @@
# Has the following customisations
# Custom alert manager config
# Ingresses for the alert manager, prometheus and grafana
# Grafana admin user password
# Custom prometheus rules
# Custom grafana dashboards
# Custom prometheus config - Data retention, memory, etc.
# Node exporter role and role binding so we can use a PSP for the node exporter
// Has the following customisations
// Custom alert manager config
// Ingresses for the alert manager, prometheus and grafana
// Grafana admin user password
// Custom prometheus rules
// Custom grafana dashboards
// Custom prometheus config - Data retention, memory, etc.
// Node exporter role and role binding so we can use a PSP for the node exporter
# External variables
# See https://jsonnet.org/learning/tutorial.html
// External variables
// See https://jsonnet.org/learning/tutorial.html
local cluster_identifier = std.extVar('cluster_identifier');
local etcd_ip = std.extVar('etcd_ip');
local etcd_tls_ca = std.extVar('etcd_tls_ca');
@@ -21,13 +20,13 @@ local prometheus_data_retention_period = std.extVar('prometheus_data_retention_p
local prometheus_request_memory = std.extVar('prometheus_request_memory');
# Derived variables
// Derived variables
local alert_manager_host = 'alertmanager.' + cluster_identifier + '.myorg.local';
local grafana_host = 'grafana.' + cluster_identifier + '.myorg.local';
local prometheus_host = 'prometheus.' + cluster_identifier + '.myorg.local';
# Imports
// Imports
local k = import 'ksonnet/ksonnet.beta.3/k.libsonnet';
local ingress = k.extensions.v1beta1.ingress;
local ingressRule = ingress.mixin.spec.rulesType;
@@ -41,78 +40,71 @@ local roleRulesType = k.rbac.v1.role.rulesType;
local kp =
(import 'kube-prometheus/kube-prometheus.libsonnet') +
(import 'kube-prometheus/kube-prometheus-kubeadm.libsonnet') +
(import 'kube-prometheus/kube-prometheus-static-etcd.libsonnet') +
(import 'kube-prometheus/kube-prometheus-static-etcd.libsonnet') +
{
_config+:: {
# Override namespace
// Override namespace
namespace: 'monitoring',
# Override alert manager config
# See https://github.com/coreos/kube-prometheus/tree/master/examples/alertmanager-config-external.jsonnet
// Override alert manager config
// See https://github.com/coreos/kube-prometheus/tree/master/examples/alertmanager-config-external.jsonnet
alertmanager+: {
config: importstr 'alertmanager.yaml',
},
# Override etcd config
# See https://github.com/coreos/kube-prometheus/blob/master/jsonnet/kube-prometheus/kube-prometheus-static-etcd.libsonnet
# See https://github.com/coreos/kube-prometheus/blob/master/examples/etcd-skip-verify.jsonnet
// Override etcd config
// See https://github.com/coreos/kube-prometheus/blob/master/jsonnet/kube-prometheus/kube-prometheus-static-etcd.libsonnet
// See https://github.com/coreos/kube-prometheus/blob/master/examples/etcd-skip-verify.jsonnet
etcd+:: {
clientCA: etcd_tls_ca,
clientCert: etcd_tls_cert,
clientKey: etcd_tls_key,
ips: [ etcd_ip ],
ips: [etcd_ip],
},
# Override grafana config
# anonymous access
# See http://docs.grafana.org/installation/configuration/
# See http://docs.grafana.org/auth/overview/#anonymous-authentication
# admin_password
# See http://docs.grafana.org/installation/configuration/#admin-password
// Override grafana config
// anonymous access
// See http://docs.grafana.org/installation/configuration/
// See http://docs.grafana.org/auth/overview/#anonymous-authentication
// admin_password
// See http://docs.grafana.org/installation/configuration/#admin-password
grafana+:: {
config: {
sections: {
'auth.anonymous': {
enabled: true
enabled: true,
},
security: {
admin_password: grafana_admin_password
admin_password: grafana_admin_password,
},
},
},
},
},
# Additional grafana dashboards
// Additional grafana dashboards
grafanaDashboards+:: {
'my-specific.json': (import 'my-grafana-dashboard-definitions.json'),
},
# Alert manager needs an externalUrl
// Alert manager needs an externalUrl
alertmanager+:: {
alertmanager+: {
spec+: {
# See https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md
# See https://github.com/coreos/prometheus-operator/blob/master/Documentation/user-guides/exposing-prometheus-and-alertmanager.md
// See https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md
// See https://github.com/coreos/prometheus-operator/blob/master/Documentation/user-guides/exposing-prometheus-and-alertmanager.md
externalUrl: 'https://' + alert_manager_host,
},
},
},
# Add additional ingresses
# See https://github.com/coreos/kube-prometheus/tree/master/examples/ingress.jsonnet
// Add additional ingresses
// See https://github.com/coreos/kube-prometheus/tree/master/examples/ingress.jsonnet
ingress+:: {
alertmanager:
ingress.new() +
@@ -131,8 +123,6 @@ local kp =
ingressRuleHttpPath.new() +
ingressRuleHttpPath.mixin.backend.withServiceName('alertmanager-operated') +
ingressRuleHttpPath.mixin.backend.withServicePort(9093)
@@ -140,8 +130,8 @@ local kp =
) +
# Note we do not need a TLS secretName here as we are going to use the nginx-ingress default secret which is a wildcard
# secretName would need to be in the same namespace at this time, see https://github.com/kubernetes/ingress-nginx/issues/2371
// Note we do not need a TLS secretName here as we are going to use the nginx-ingress default secret which is a wildcard
// secretName would need to be in the same namespace at this time, see https://github.com/kubernetes/ingress-nginx/issues/2371
ingress.mixin.spec.withTls(
ingressTls.new() +
ingressTls.withHosts(alert_manager_host)
@@ -165,8 +155,6 @@ local kp =
ingressRuleHttpPath.new() +
ingressRuleHttpPath.mixin.backend.withServiceName('grafana') +
ingressRuleHttpPath.mixin.backend.withServicePort(3000)
@@ -174,8 +162,8 @@ local kp =
) +
# Note we do not need a TLS secretName here as we are going to use the nginx-ingress default secret which is a wildcard
# secretName would need to be in the same namespace at this time, see https://github.com/kubernetes/ingress-nginx/issues/2371
// Note we do not need a TLS secretName here as we are going to use the nginx-ingress default secret which is a wildcard
// secretName would need to be in the same namespace at this time, see https://github.com/kubernetes/ingress-nginx/issues/2371
ingress.mixin.spec.withTls(
ingressTls.new() +
ingressTls.withHosts(grafana_host)
@@ -199,17 +187,15 @@ local kp =
ingressRuleHttpPath.new() +
ingressRuleHttpPath.mixin.backend.withServiceName('prometheus-operated') +
ingressRuleHttpPath.mixin.backend.withServicePort(9090)
),
) +
# Note we do not need a TLS secretName here as we are going to use the nginx-ingress default secret which is a wildcard
# secretName would need to be in the same namespace at this time, see https://github.com/kubernetes/ingress-nginx/issues/2371
// Note we do not need a TLS secretName here as we are going to use the nginx-ingress default secret which is a wildcard
// secretName would need to be in the same namespace at this time, see https://github.com/kubernetes/ingress-nginx/issues/2371
ingress.mixin.spec.withTls(
ingressTls.new() +
ingressTls.withHosts(prometheus_host)
@@ -217,9 +203,9 @@ local kp =
},
# Node exporter PSP role and role binding
# Add a new top level field for this, the "node-exporter" PSP already exists, so not defining here just referencing
# See https://github.com/coreos/prometheus-operator/issues/787
// Node exporter PSP role and role binding
// Add a new top level field for this, the "node-exporter" PSP already exists, so not defining here just referencing
// See https://github.com/coreos/prometheus-operator/issues/787
nodeExporterPSP: {
role:
role.new() +
@@ -232,7 +218,7 @@ local kp =
roleRulesType.withApiGroups(['policy']) +
roleRulesType.withResources(['podsecuritypolicies']) +
roleRulesType.withVerbs(['use']) +
roleRulesType.withResourceNames(['node-exporter'])
roleRulesType.withResourceNames(['node-exporter']),
]),
roleBinding:
@@ -244,7 +230,6 @@ local kp =
roleBinding.mixin.metadata.withNamespace($._config.namespace) +
roleBinding.mixin.roleRef.withName('node-exporter-psp') +
roleBinding.mixin.roleRef.mixinInstance({ kind: 'Role' }) +
@@ -255,48 +240,36 @@ local kp =
},
# Prometheus needs some extra custom config
// Prometheus needs some extra custom config
prometheus+:: {
prometheus+: {
spec+: {
# See https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec
// See https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec
externalLabels: {
cluster: cluster_identifier,
},
# See https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md
# See https://github.com/coreos/prometheus-operator/blob/master/Documentation/user-guides/exposing-prometheus-and-alertmanager.md
// See https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md
// See https://github.com/coreos/prometheus-operator/blob/master/Documentation/user-guides/exposing-prometheus-and-alertmanager.md
externalUrl: 'https://' + prometheus_host,
# Override reuest memory
// Override reuest memory
resources: {
requests: {
memory: prometheus_request_memory,
},
},
# Override data retention period
// Override data retention period
retention: prometheus_data_retention_period,
},
},
},
# Additional prometheus rules
# See https://github.com/coreos/kube-prometheus/docs/developing-prometheus-rules-and-grafana-dashboards.md
# cat my-prometheus-rules.yaml | gojsontoyaml -yamltojson | jq . > my-prometheus-rules.json
// Additional prometheus rules
// See https://github.com/coreos/kube-prometheus/docs/developing-prometheus-rules-and-grafana-dashboards.md
// cat my-prometheus-rules.yaml | gojsontoyaml -yamltojson | jq . > my-prometheus-rules.json
prometheusRules+:: {
groups+: import 'my-prometheus-rules.json',
@@ -304,13 +277,10 @@ local kp =
};
# Render
// Render
{ ['00namespace-' + name]: kp.kubePrometheus[name] for name in std.objectFields(kp.kubePrometheus) } +
{ ['0prometheus-operator-' + name]: kp.prometheusOperator[name] for name in std.objectFields(kp.prometheusOperator) } +
@@ -324,4 +294,3 @@ local kp =
{ ['node-exporter-psp-' + name]: kp.nodeExporterPSP[name] for name in std.objectFields(kp.nodeExporterPSP) } +
{ ['prometheus-' + name]: kp.prometheus[name] for name in std.objectFields(kp.prometheus) } +
{ ['prometheus-adapter-' + name]: kp.prometheusAdapter[name] for name in std.objectFields(kp.prometheusAdapter) }

117
docs/migration-example/my.release-0.8.jsonnet
View File

@@ -1,16 +1,16 @@
# Has the following customisations
# Custom alert manager config
# Ingresses for the alert manager, prometheus and grafana
# Grafana admin user password
# Custom prometheus rules
# Custom grafana dashboards
# Custom prometheus config - Data retention, memory, etc.
# Node exporter role and role binding so we can use a PSP for the node exporter
// Has the following customisations
// Custom alert manager config
// Ingresses for the alert manager, prometheus and grafana
// Grafana admin user password
// Custom prometheus rules
// Custom grafana dashboards
// Custom prometheus config - Data retention, memory, etc.
// Node exporter role and role binding so we can use a PSP for the node exporter
# for help with expected content, see https://github.com/thaum-xyz/ankhmorpork
// for help with expected content, see https://github.com/thaum-xyz/ankhmorpork
# External variables
# See https://jsonnet.org/learning/tutorial.html
// External variables
// See https://jsonnet.org/learning/tutorial.html
local cluster_identifier = std.extVar('cluster_identifier');
local etcd_ip = std.extVar('etcd_ip');
local etcd_tls_ca = std.extVar('etcd_tls_ca');
@@ -21,26 +21,18 @@ local prometheus_data_retention_period = std.extVar('prometheus_data_retention_p
local prometheus_request_memory = std.extVar('prometheus_request_memory');
# Derived variables
// Derived variables
local alert_manager_host = 'alertmanager.' + cluster_identifier + '.myorg.local';
local grafana_host = 'grafana.' + cluster_identifier + '.myorg.local';
local prometheus_host = 'prometheus.' + cluster_identifier + '.myorg.local';
# ksonnet no longer required
// ksonnet no longer required
local kp =
(import 'kube-prometheus/main.libsonnet') +
# kubeadm now achieved by setting platform value - see 9 lines below
// kubeadm now achieved by setting platform value - see 9 lines below
(import 'kube-prometheus/addons/static-etcd.libsonnet') +
(import 'kube-prometheus/addons/podsecuritypolicies.libsonnet') +
{
@@ -49,72 +41,69 @@ local kp =
namespace: 'monitoring',
},
# Add kubeadm platform-specific items,
# including kube-contoller-manager and kube-scheduler discovery
// Add kubeadm platform-specific items,
// including kube-contoller-manager and kube-scheduler discovery
kubePrometheus+: {
platform: 'kubeadm'
platform: 'kubeadm',
},
# Override alert manager config
# See https://github.com/prometheus-operator/kube-prometheus/blob/main/examples/alertmanager-config-external.jsonnet
// Override alert manager config
// See https://github.com/prometheus-operator/kube-prometheus/blob/main/examples/alertmanager-config-external.jsonnet
alertmanager+: {
config: importstr 'alertmanager.yaml',
},
# Override etcd config
# See https://github.com/prometheus-operator/kube-prometheus/blob/main/jsonnet/kube-prometheus/addons/static-etcd.libsonnet
# See https://github.com/prometheus-operator/kube-prometheus/blob/main/examples/etcd-skip-verify.jsonnet
// Override etcd config
// See https://github.com/prometheus-operator/kube-prometheus/blob/main/jsonnet/kube-prometheus/addons/static-etcd.libsonnet
// See https://github.com/prometheus-operator/kube-prometheus/blob/main/examples/etcd-skip-verify.jsonnet
etcd+:: {
clientCA: etcd_tls_ca,
clientCert: etcd_tls_cert,
clientKey: etcd_tls_key,
ips: [ etcd_ip ],
ips: [etcd_ip],
},
# Override grafana config
# anonymous access
# See http://docs.grafana.org/installation/configuration/
# See http://docs.grafana.org/auth/overview/#anonymous-authentication
# admin_password
# See http://docs.grafana.org/installation/configuration/#admin-password
// Override grafana config
// anonymous access
// See http://docs.grafana.org/installation/configuration/
// See http://docs.grafana.org/auth/overview/#anonymous-authentication
// admin_password
// See http://docs.grafana.org/installation/configuration/#admin-password
grafana+:: {
config: {
sections: {
'auth.anonymous': {
enabled: true
enabled: true,
},
security: {
admin_password: grafana_admin_password
admin_password: grafana_admin_password,
},
},
},
# Additional grafana dashboards
// Additional grafana dashboards
dashboards+:: {
'my-specific.json': (import 'my-grafana-dashboard-definitions.json'),
}
},
},
},
# Alert manager needs an externalUrl
// Alert manager needs an externalUrl
alertmanager+:: {
alertmanager+: {
spec+: {
# See https://github.com/prometheus-operator/kube-prometheus/blob/main/docs/exposing-prometheus-alertmanager-grafana-ingress.md
// See https://github.com/prometheus-operator/kube-prometheus/blob/main/docs/exposing-prometheus-alertmanager-grafana-ingress.md
externalUrl: 'https://' + alert_manager_host,
},
},
},
# Add additional ingresses
# See https://github.com/prometheus-operator/kube-prometheus/blob/main/examples/ingress.jsonnet
// Add additional ingresses
// See https://github.com/prometheus-operator/kube-prometheus/blob/main/examples/ingress.jsonnet
ingress+:: {
'alertmanager': {
alertmanager: {
apiVersion: 'networking.k8s.io/v1',
kind: 'Ingress',
metadata: {
@@ -148,7 +137,7 @@ local kp =
}],
},
},
'grafana': {
grafana: {
apiVersion: 'networking.k8s.io/v1',
kind: 'Ingress',
metadata: {
@@ -182,7 +171,7 @@ local kp =
}],
},
},
'prometheus': {
prometheus: {
apiVersion: 'networking.k8s.io/v1',
kind: 'Ingress',
metadata: {
@@ -219,7 +208,7 @@ local kp =
},
# Node exporter PSP role and role binding
// Node exporter PSP role and role binding
nodeExporter+: {
'psp-role'+: {
apiVersion: 'rbac.authorization.k8s.io/v1',
@@ -232,7 +221,7 @@ local kp =
apiGroups: ['policy'],
resources: ['podsecuritypolicies'],
verbs: ['use'],
resourceNames: ['node-exporter']
resourceNames: ['node-exporter'],
}],
},
'psp-rolebinding'+: {
@@ -250,12 +239,12 @@ local kp =
},
subjects: [{
kind: 'ServiceAccount',
name: 'node-exporter'
name: 'node-exporter',
}],
},
},
# Prometheus needs some extra custom config
// Prometheus needs some extra custom config
prometheus+:: {
prometheus+: {
spec+: {
@@ -264,24 +253,24 @@ local kp =
cluster: cluster_identifier,
},
# See https://github.com/prometheus-operator/kube-prometheus/blob/main/docs/exposing-prometheus-alertmanager-grafana-ingress.md
// See https://github.com/prometheus-operator/kube-prometheus/blob/main/docs/exposing-prometheus-alertmanager-grafana-ingress.md
externalUrl: 'https://' + prometheus_host,
# Override reuest memory
// Override reuest memory
resources: {
requests: {
memory: prometheus_request_memory,
},
},
# Override data retention period
// Override data retention period
retention: prometheus_data_retention_period,
},
},
},
# Additional prometheus rules
# See https://github.com/prometheus-operator/kube-prometheus/blob/main/docs/developing-prometheus-rules-and-grafana-dashboards.md#pre-rendered-rules
# cat my-prometheus-rules.yaml | gojsontoyaml -yamltojson | jq . > my-prometheus-rules.json
// Additional prometheus rules
// See https://github.com/prometheus-operator/kube-prometheus/blob/main/docs/developing-prometheus-rules-and-grafana-dashboards.md#pre-rendered-rules
// cat my-prometheus-rules.yaml | gojsontoyaml -yamltojson | jq . > my-prometheus-rules.json
prometheusMe: {
rules: {
apiVersion: 'monitoring.coreos.com/v1',
@@ -292,8 +281,8 @@ local kp =
labels: {
'app.kubernetes.io/name': 'kube-prometheus',
'app.kubernetes.io/part-of': 'kube-prometheus',
'prometheus': 'k8s',
'role': 'alert-rules'
prometheus: 'k8s',
role: 'alert-rules',
},
},
spec: {
@@ -304,7 +293,7 @@ local kp =
};
# Render
// Render
{ 'setup/0namespace-namespace': kp.kubePrometheus.namespace } +
{
['setup/prometheus-operator-' + name]: kp.prometheusOperator[name]