easylinux/kube-prometheus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,600 Commits 19 Branches 14 Tags
1d46f7ece964fc8311279e83c8ce8352b3288e6f
Commit Graph

865 Commits

Author SHA1 Message Date
Joao Marcal
1d46f7ece9 Adds port name to prometheus-adapter jsonnet 2022-03-30 15:34:40 +01:00
Philip Gough
6f7a799b78 Merge pull request #1696 from JoaoBraveCoding/2048333 
Adds readinessProbe and livenessProbe to prometheus-adapter jsonnet
 2022-03-30 09:18:11 +01:00
Joao Marcal
f6190e200a Adds readinessProbe and livenessProbe to prometheus-adapter jsonnet 
Problem: Currently the prometheus-adapter pods are restarted at the same
time even though the deployment is configured with strategy RollingUpdate.
This happens because the kubelet does not know when the prometheus-adapter
pods are ready to start receiving requests.

Solution: Add both readinessProbe and livenessProbe to the
prometheus-adapter, this way the kubelet will know when either the pod
stoped working and should be restarted or simply when it ready to start
receiving requests.

Issue: https://bugzilla.redhat.com/show_bug.cgi?id=2048333
 2022-03-30 07:22:55 +01:00
Prometheus Operator Bot
c30d8c1ef6 [bot] [main] Automated version update 2022-03-28 07:41:44 +00:00
Prometheus Operator Bot
c8361720f9 [bot] [main] Automated version update 2022-03-21 07:41:58 +00:00
Prometheus Operator Bot
1f74cb4148 [bot] [main] Automated version update 2022-03-14 07:41:15 +00:00
Prometheus Operator Bot
4a9f97b41f [bot] [main] Automated version update 2022-03-07 07:41:44 +00:00
Prometheus Operator Bot
61c007ef56 [bot] [main] Automated version update 2022-02-28 07:40:53 +00:00
Prometheus Operator Bot
36ace1ce7a [bot] [main] Automated version update 2022-02-21 07:40:44 +00:00
Philip Gough
53542d5cce Merge pull request #1637 from ahysing/custom-requests-kube-rbacc-proxy-self 
Added custom overrides for kube-rbac-proxy-self.
 2022-02-18 16:32:30 +00:00
Philip Gough
2918583c81 node_exporter: Add priorityClassName as system-cluster-critical 2022-02-17 12:11:31 +00:00
Paweł Krupa
5ff20b1718 Merge pull request #1630 from PhilipGough/fix-1603 2022-02-16 21:46:08 +01:00
Wulf Thimm
30bfd69c3e removed CAP_ from node-exporter daemonset 2022-02-16 14:41:20 +00:00
ArthurSens
78ca6d9579 Address FIXME 
Signed-off-by: ArthurSens <arthursens2005@gmail.com>
 2022-02-15 15:20:34 +00:00
Arthur Silva Sens
d270540308 Merge pull request #1628 from ravilr/fix_cluster_cpu_query 
fix cluster:node_cpu:ratio query
 2022-02-15 06:28:22 +00:00
Wulf Thimm
a5c5adba68 added allowedCapabilities to node-exporter psp 2022-02-14 14:38:13 +00:00
Philip Gough
7c715c8126 Merge pull request #1624 from ArthurSens/grafana-volume 
Add extra-volume mount for plugins downloads
 2022-02-14 11:15:14 +00:00
Prometheus Operator Bot
ac7f6b42ab [bot] [main] Automated version update 2022-02-14 07:41:12 +00:00
Andreas Dreyer Hysing
154019ad82 Added custom overrides for kube-rbac-proxy-self. 2022-02-11 15:29:58 +01:00
Prometheus Operator Bot
2de3d810b1 [bot] [main] Automated version update 2022-02-10 15:40:58 +00:00
Philip Gough
58fa27a40e Update PodMonitor for kube-proxy 2022-02-10 09:45:27 +00:00
ravilr
1d1ca283b1 fix cluster:node_cpu:ratio query 2022-02-09 20:21:05 -08:00
Arthur Silva Sens
43879b5217 Add extra-volume mount for plugins downloads 
Signed-off-by: GitHub <noreply@github.com>
 2022-02-07 20:31:58 +00:00
Prometheus Operator Bot
7b602e1372 [bot] [main] Automated version update 2022-02-07 07:40:53 +00:00
Arthur Silva Sens
db61b3e18e Merge pull request #1591 from paulfantom/automountServiceAccountToken 
disable injecting unnecessary variables allowing access to k8s API
 2022-02-05 18:28:33 +00:00
Paweł Krupa (paulfantom)
3429bc77a4 disable injecting unnecessary variables allowing access to k8s API 2022-02-04 14:08:52 +01:00
Paweł Krupa
3436e1a92e Merge pull request #1612 from ArthurSens/remove-hostport 2022-02-04 12:58:13 +01:00
ArthurSens
fb92a6dbe0 Document better why we use hostPort on node-exporter 
Signed-off-by: ArthurSens <arthursens2005@gmail.com>
 2022-02-03 15:47:43 +00:00
Arunprasad Rajkumar
0eabbb5d0c Sanitize all regex denylist in ksm-lite addon 
This is a follow up fix of https://github.com/prometheus-operator/kube-prometheus/pull/1613. @simonpasquier recommended to sanitize all denylist metrics.

Signed-off-by: Arunprasad Rajkumar <arajkuma@redhat.com>
 2022-02-03 19:52:44 +05:30
Arunprasad Rajkumar
f16277e8e0 Sanitize regex denylist in ksm-lite addon 
The following metrics are missing from kube-state-metrics:
- kube_pod_container_status_terminated_reason
- kube_pod_init_container_status_terminated_reason
- kube_pod_status_scheduled_time

Previously, some metrics were removed from kube-state-metrics by adding the following --metric-denylist argument to the kube-state-metrics container

```
--metric-denylist=
kube_.+_created,
kube_.+_metadata_resource_version,
kube_replicaset_metadata_generation,
kube_replicaset_status_observed_generation,
kube_pod_restart_policy,
kube_pod_init_container_status_terminated,
kube_pod_init_container_status_running,
kube_pod_container_status_terminated,
kube_pod_container_status_running,
kube_pod_completion_time,
kube_pod_status_scheduled
```

--metric-denylist: Comma-separated list of metrics not to be enabled. This list comprises of exact metric names and/or regex patterns. The allowlist and denylist are mutually exclusive.

However, all the list of metrics is managed as RegEx, thus "kube_pod_container_status_terminated" denies .*kube_pod_container_status_terminated.*, that's why kube_pod_init_container_status_terminated_reason is missing

Co-authored-by: Florian Gleizes <fgleizes@redhat.com>
Signed-off-by: Arunprasad Rajkumar <arajkuma@redhat.com>
 2022-02-03 17:50:22 +05:30
Arthur Silva Sens
755d27bb46 Merge pull request #1610 from ArthurSens/as/linux-hardening 
Drop Linux capabilities
 2022-02-02 12:56:21 +00:00
Paweł Krupa (paulfantom)
86ac6f79b1 jsonnet: filter out kube-proxy alerts when kube-proxy is disabled 
Signed-off-by: Paweł Krupa (paulfantom) <pawel@krupa.net.pl>
 2022-02-01 16:22:48 +01:00
Arthur Silva Sens
931af3241d Drop Linux capabilities 
Signed-off-by: GitHub <noreply@github.com>
 2022-02-01 09:25:21 +00:00
ArthurSens
e5610b2e8d Address FIXME 
Signed-off-by: ArthurSens <arthursens2005@gmail.com>
 2022-01-31 17:25:00 +00:00
Prometheus Operator Bot
dad37c968d [bot] [main] Automated version update 2022-01-31 17:04:19 +00:00
Arthur Silva Sens
57c46a2861 components/*: Forbid write access to root filesystem 
Signed-off-by: GitHub <noreply@github.com>
 2022-01-27 16:03:58 +00:00
Paweł Krupa
b68f3f0f07 Merge pull request #1556 from arajkumar/fix-thanos-sidecar-selector 2022-01-27 13:06:59 +01:00
Arthur Silva Sens
4d004393e1 Merge pull request #1593 from prometheus-operator/as/forbid-privilege-scalation 
Explicitly declare allowPrivilegeEscalation to false in all components
 2022-01-24 10:38:33 +00:00
Arthur Silva Sens
b60b302499 Explicitly declare allowPrivilegeEscalation to false 
Although containers that do not run as privileged already have this set to false by kubernetes
Kubespace [asks us](https://hub.armo.cloud/docs/c-0016) to explicitly declare it to false where not needed.

Signed-off-by: Arthur Silva Sens <arthursens2005@gmail.com>
 2022-01-24 10:31:43 +00:00
Prometheus Operator Bot
ef40bc5759 [bot] [main] Automated version update 2022-01-24 07:43:49 +00:00
Philip Gough
f2559e0ced Merge pull request #1566 from primeroz/fix/do-not-add-namespace-to-clusterwide-resources 
Hide namespace for prometheus clusterRole and clusterRolebinding
 2022-01-10 11:19:31 +00:00
Andrei Nistor
1d3dbe61cb Inhibit info alerts unless other alerts fire (#1507) 
* Inhibit info alerts unless other alerts fire

* Fix nits
 2022-01-10 10:37:43 +01:00
Arunprasad Rajkumar
b7a135a101 Fix thanos sidecar selector 
Previous PR[1] which deprecated `thanosSelector` accidentally broke the
usage of it. This commit restores the old behaviour along with newly
introduced `thanos` config variable.

[1] https://github.com/prometheus-operator/kube-prometheus/pull/1543

Co-authored-by: Pawe? Krupa <pawel@krupa.net.pl>
Signed-off-by: Arunprasad Rajkumar <arajkuma@redhat.com>
 2022-01-05 16:23:24 +05:30
Paweł Krupa
529739d5ef Merge pull request #1572 from ArthurSens/as/projected-psp 2022-01-04 13:37:13 +01:00
ArthurSens
f4a5ff3e3b addon/podsecuritypolicies: Add projected volumes permission 
Signed-off-by: ArthurSens <arthursens2005@gmail.com>
 2022-01-04 12:24:05 +00:00
Francesco Ciocchetti
f7738d7434 Set namespace to null for clusterwide resources and generate manifests 2022-01-04 10:03:14 +01:00
paulfantom
ec40014ac3 jsonnet: add grafana-mixin 
Signed-off-by: paulfantom <pawel@krupa.net.pl>
Signed-off-by: Paweł Krupa (paulfantom) <pawel@krupa.net.pl>
 2022-01-04 09:14:43 +01:00
Prometheus Operator Bot
8aca1fb1cb [bot] [main] Automated version update 2021-12-20 14:15:02 +00:00
Prometheus Operator Bot
245427cafb [bot] [main] Automated version update 2021-12-20 07:41:04 +00:00
Philip Gough
2a135c38d7 jsonnet: Track latest deps 2021-12-17 12:31:25 +00:00