12cd0fd34f
This also contains the generated ConfigMaps for the grafana dashboards as well as for alerts. These will be updated in subsequent changes as sets of alerts and dashboards are added/updated in the respective subdirectories in `/assets`.
53 lines
1.7 KiB
YAML
53 lines
1.7 KiB
YAML
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: prometheus-k8s
|
|
data:
|
|
prometheus.yaml: |
|
|
global:
|
|
evaluation_interval: 30s
|
|
|
|
rule_files:
|
|
- /etc/prometheus/rules/*.rules
|
|
|
|
scrape_configs:
|
|
- job_name: kubelets
|
|
scrape_interval: 20s
|
|
scheme: https
|
|
tls_config:
|
|
ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
|
|
# Skip verification until we have resolved why the certificate validation
|
|
# for the kubelet on API server nodes fail.
|
|
insecure_skip_verify: true
|
|
bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
|
|
|
|
kubernetes_sd_configs:
|
|
- role: node
|
|
|
|
# Scrapes the endpoint lists for the Kubernetes API server, kube-state-metrics,
|
|
# and node-exporter, which we all consider part of a default setup.
|
|
- job_name: standard-endpoints
|
|
scrape_interval: 20s
|
|
tls_config:
|
|
ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
|
|
# As for kubelets, certificate validation fails for the API server (node)
|
|
# and we circumvent it for now.
|
|
insecure_skip_verify: true
|
|
bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
|
|
|
|
kubernetes_sd_configs:
|
|
- role: endpoints
|
|
|
|
relabel_configs:
|
|
- action: keep
|
|
source_labels: [__meta_kubernetes_service_name]
|
|
regex: kubernetes|node-exporter|kube-state-metrics|etcd-k8s
|
|
- action: replace
|
|
source_labels: [__meta_kubernetes_service_name]
|
|
target_label: job
|
|
- action: replace
|
|
source_labels: [__meta_kubernetes_service_name]
|
|
regex: kubernetes
|
|
target_label: __scheme__
|
|
replacement: https
|