auto generate thanos example yaml

Makefile

@@ -190,6 +190,9 @@ example/mixin/alerts.yaml: $(JSONNET_BINARY) $(GOJSONTOYAML_BINARY)
 RBAC_MANIFESTS = example/rbac/prometheus-operator/prometheus-operator-cluster-role.yaml example/rbac/prometheus-operator/prometheus-operator-cluster-role-binding.yaml example/rbac/prometheus-operator/prometheus-operator-service-account.yaml example/rbac/prometheus-operator/prometheus-operator-deployment.yaml
 $(RBAC_MANIFESTS): scripts/generate/vendor scripts/generate/prometheus-operator-rbac.jsonnet $(shell find jsonnet -type f)
 	scripts/generate/build-rbac-prometheus-operator.sh
+THANOS_MANIFESTS = example/thanos/prometheus.yaml
+$(THANOS_MANIFESTS): scripts/generate/vendor jsonnet/thanos/thanos.jsonnet $(shell find jsonnet -type f)
+	scripts/generate/build-thanos-example.sh
 
 jsonnet/prometheus-operator/prometheus-operator.libsonnet: VERSION
 	# note: use temporary file to preserve compatibility with darwin

example/thanos/prometheus-cluster-role-binding.yaml

@@ -4,7 +4,6 @@ metadata:
   name: prometheus-self
 roleRef:
   apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
   name: prometheus-self
 subjects:
 - kind: ServiceAccount

example/thanos/prometheus-cluster-role.yaml

@@ -15,9 +15,11 @@ rules:
   - get
   - list
   - watch
-- apiGroups: [""]
+- apiGroups:
+  - ""
   resources:
   - configmaps
-  verbs: ["get"]
-- nonResourceURLs: ["/metrics"]
-  verbs: ["get"]
+  verbs:
+  - get
+- nonResourceURLs:
+  - /metrics

example/thanos/prometheus-rule.yaml

@@ -0,0 +1,15 @@
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  creationTimestamp: null
+  labels:
+    prometheus: example-alert
+    role: thanos-example
+  name: prometheus-example-alerts
+  namespace: default
+spec:
+  groups:
+  - name: ./example-alert.rules
+    rules:
+    - alert: ExampleAlert
+      expr: vector(1)

example/thanos/prometheus-service.yaml

@@ -10,7 +10,6 @@ spec:
   ports:
   - name: web
     port: 9090
-    protocol: TCP
     targetPort: web
   selector:
     prometheus: self

example/thanos/prometheus-servicemonitor.yaml

@@ -1,14 +1,14 @@
 apiVersion: monitoring.coreos.com/v1
 kind: ServiceMonitor
 metadata:
-  name: prometheus
-  namespace: default
   labels:
-    app: prometheus
+    prometheus: self
+  name: prometheus-self
+  namespace: default
 spec:
+  endpoints:
+  - interval: 30s
+    port: web
   selector:
     matchLabels:
       app: prometheus
-  endpoints:
-  - port: web
-    interval: 30s

example/thanos/prometheus.yaml

@@ -1,18 +1,18 @@
 apiVersion: monitoring.coreos.com/v1
 kind: Prometheus
 metadata:
-  name: self
-  namespace: default
   labels:
     prometheus: self
+  name: self
+  namespace: default
 spec:
-  replicas: 2
+  replicas: "2"
+  ruleSelector:
+    matchLabels:
+      prometheus: k8s
+      role: prometheus-rulefiles
   serviceMonitorSelector:
     matchLabels:
       app: prometheus
-  ruleSelector:
-    matchLabels:
-      role: prometheus-rulefiles
-      prometheus: k8s
   thanos:
-    version: v0.11.0
+    version: v0.11.2

example/thanos/query-deployment.yaml

@@ -1,10 +1,10 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: thanos-query
-  namespace: default
   labels:
     app: thanos-query
+  name: thanos-query
+  namespace: default
 spec:
   replicas: 1
   selector:
@@ -16,17 +16,24 @@ spec:
         app: thanos-query
     spec:
       containers:
-      - name: thanos-query
-        image: quay.io/thanos/thanos:v0.11.0
-        args:
+      - args:
         - query
         - --log.level=debug
         - --query.replica-label=prometheus_replica
         - --query.replica-label=thanos_ruler_replica
         - --store=dnssrv+_grpc._tcp.thanos-sidecar.default.svc.cluster.local
         - --store=dnssrv+_grpc._tcp.thanos-ruler.default.svc.cluster.local
+        image: quay.io/thanos/thanos:v0.11.2
+        name: thanos-query
         ports:
-        - name: http
-          containerPort: 10902
-        - name: grpc
-          containerPort: 10901
+        - containerPort: 10902
+          name: http
+        - containerPort: 10901
+          name: grpc
+        resources:
+          limits:
+            cpu: 200m
+            memory: 200Mi
+          requests:
+            cpu: 100m
+            memory: 100Mi

example/thanos/query-service.yaml

@@ -1,14 +1,14 @@
 apiVersion: v1
 kind: Service
 metadata:
-  name: thanos-query
-  namespace: default
   labels:
     app: thanos-query
+  name: thanos-query
+  namespace: default
 spec:
-  selector:
-    app: thanos-query
   ports:
   - name: http
     port: 9090
     targetPort: http
+  selector:
+    app: thanos-query

example/thanos/sidecar-service.yaml

@@ -1,15 +1,15 @@
 apiVersion: v1
 kind: Service
 metadata:
+  labels:
+    app: thanos-query
   name: thanos-sidecar
   namespace: default
-  labels:
-    app: thanos-sidecar
 spec:
   clusterIP: None
-  selector:
-    prometheus: self
   ports:
   - name: grpc
     port: 10901
     targetPort: grpc
+  selector:
+    prometheus: self

example/thanos/thanos-ruler-service.yaml

@@ -1,13 +1,12 @@
 apiVersion: v1
 kind: Service
 metadata:
-  name: thanos-ruler
-  namespace: default
   labels:
     app: thanos-ruler
+  name: thanos-ruler
+  namespace: default
 spec:
-  selector:
-    app: thanos-ruler
+  clusterIP: None
   ports:
   - name: grpc
     port: 10901
@@ -15,3 +14,5 @@ spec:
   - name: http
     port: 10902
     targetPort: web
+  selector:
+    app: thanos-ruler

example/thanos/thanos-ruler.yaml

@@ -1,31 +1,14 @@
----
 apiVersion: monitoring.coreos.com/v1
 kind: ThanosRuler
 metadata:
-  name: thanos-ruler
-  namespace: default
   labels:
     app: thanos-ruler
+  name: thanos-ruler
+  namespace: default
 spec:
-  image: quay.io/thanos/thanos:v0.11.0
+  image: quay.io/thanos/thanos:v0.11.2
+  queryEndpoints:
+  - dnssrv+_http._tcp.thanos-query.default.svc.cluster.local
   ruleSelector:
     matchLabels:
       role: thanos-example
-  queryEndpoints:
-  - dnssrv+_http._tcp.thanos-query.default.svc.cluster.local
----
-apiVersion: monitoring.coreos.com/v1
-kind: PrometheusRule
-metadata:
-  creationTimestamp: null
-  labels:
-    prometheus: example-alert
-    role: thanos-example
-  name: prometheus-example-alerts
-  namespace: default
-spec:
-  groups:
-  - name: ./example-alert.rules
-    rules:
-    - alert: ExampleAlert
-      expr: vector(1)

jsonnet/thanos/config.libsonnet

@@ -3,6 +3,10 @@ local k = import 'ksonnet/ksonnet.beta.4/k.libsonnet';
 {
 	_config+:: {
 		namespace: 'default',
+		prometheusName: 'prometheus-self',
+		thanosQueryName: 'thanos-query',
+		thanosRulerName: 'thanos-ruler',
+		thanosSidecarName: 'thanos-sidecar',
 		versions+:: {
 			thanos: 'v0.11.2',
 		},
@@ -10,24 +14,44 @@ local k = import 'ksonnet/ksonnet.beta.4/k.libsonnet';
 		imageRepos+:: {
 			thanos: 'quay.io/thanos/thanos',
 		},
+		labels+:: {
+            prometheusLabels: {
+                'prometheus': 'self',
+            },
+            commonLabels:{
+             'prometheus': 'self',
+             'app': 'prometheus'
+            },
+            queryLabels: {'app':'thanos-query'},
+            sidecarLabels: {'app':'thanos-query'},
+            rulerLabels: {'app':'thanos-ruler'},
+        },
+
 	},
 	thanos+:: {
 		local po = self,
 		namespace:: $._config.namespace,
 		image:: $._config.imageRepos.thanos,
 		version:: $._config.versions.thanos,
+	    commonLabels:: $._config.labels.commonLabels,
+	    prometheusLabels:: $._config.labels.prometheusLabels,
+	    queryLabels:: $._config.labels.queryLabels,
+	    sidecarLabels:: $._config.labels.sidecarLabels,
+	    rulerLabels:: $._config.labels.rulerLabels,
+	    prometheusName:: $._config.prometheusName,
+	    thanosQueryName:: $._config.thanosQueryName,
+	    thanosRulerName:: $._config.thanosRulerName,
+	    thanosSidecarName:: $._config.thanosSidecarName,
 		prometheus+:: {
 			"apiVersion": "monitoring.coreos.com/v1",
         	"kind": "Prometheus",
         	"metadata": {
-        		"labels": {
-        			"prometheus": "self"
-        		},
+        		"labels": po.prometheusLabels,
         		"name": "self",
         		"namespace": "%s" % $._config.namespace
         	},
         	"spec": {
-        		"replicas": "2",
+        		"replicas": 2,
         		"serviceMonitorSelector": {
         			"matchLabels": {
         				"app": "prometheus"
@@ -47,23 +71,164 @@ local k = import 'ksonnet/ksonnet.beta.4/k.libsonnet';
         clusterRole:
           local clusterRole = k.rbac.v1.clusterRole;
           local policyRule = clusterRole.rulesType;
-          policyRule.new() +
+          local monitoringRule = policyRule.new() +
                                  policyRule.withApiGroups(['']) +
                                  policyRule.withResources([
-                                   'nodes',
-                                   'nodes/metrics',
-                                   'services',
-                                   'endpoints',
-                                   'pods',
-                                 ]) +
-                                 policyRule.withVerbs(['get','list','watch']) +
-                                 policyRule.withApiGroups(['']) +
-                                 policyRule.withResources([
-                                 'configmaps',
-                                  ]) +
-                                 policyRule.withVerbs(['get']) +
-                                 policyRule.withNonResourceUrls(['/metrics']) +
-                                 policyRule.withVerbs(['get']),
-          clusterRole.new(),
+                                       'nodes',
+                                       'nodes/metrics',
+                                       'services',
+                                       'endpoints',
+                                       'pods',
+                                       ]) +
+                                       policyRule.withVerbs(['get','list','watch']);
+           local configmapRule =     policyRule.new()+
+                                policyRule.withApiGroups(['']) +
+                                policyRule.withResources([
+                                     'configmaps',
+                                     ]) +
+                                     policyRule.withVerbs(['get'])
+                                 ;
+          local noResourceRule= policyRule.new()+policyRule.withNonResourceUrls(['/metrics'])  ;
+          local rules = [monitoringRule,configmapRule,noResourceRule];
+
+          clusterRole.new() +
+          clusterRole.mixin.metadata.withName(po.prometheusName) +
+          clusterRole.withRules(rules),
+        clusterRoleBinding:
+          local clusterRoleBinding = k.rbac.v1.clusterRoleBinding;
+          clusterRoleBinding.new() +
+          clusterRoleBinding.mixin.metadata.withName(po.prometheusName) +
+          clusterRoleBinding.mixin.roleRef.withApiGroup('rbac.authorization.k8s.io') +
+          clusterRoleBinding.mixin.roleRef.withName(po.prometheusName) +
+          clusterRoleBinding.mixin.roleRef.withKind('ClusterRole') +
+          clusterRoleBinding.withSubjects([{ kind: 'ServiceAccount', name: 'default', namespace: po.namespace }]),
+        service:
+          local service = k.core.v1.service;
+          local servicePort = k.core.v1.service.mixin.spec.portsType;
+
+          local poServicePort = servicePort.newNamed('web', 9090, 'web');
+
+          service.new(po.prometheusName, po.prometheusLabels, [poServicePort]) +
+          service.mixin.metadata.withLabels(po.commonLabels) +
+          service.mixin.metadata.withNamespace(po.namespace) ,
+        serviceMonitor:
+          {
+            apiVersion: 'monitoring.coreos.com/v1',
+            kind: 'ServiceMonitor',
+            metadata: {
+              name: po.prometheusName,
+              namespace: po.namespace,
+              labels: po.prometheusLabels,
+          },
+          spec: {
+            endpoints: [
+            {
+              port: 'web',
+              interval: '30s',
+            },
+            ],
+            selector: {
+              matchLabels:  {
+                  "app":"prometheus"
+              },
+            },
+           },
+          },
+        queryDeployment:
+          local deployment = k.apps.v1.deployment;
+          local container = k.apps.v1.deployment.mixin.spec.template.spec.containersType;
+          local containerPort = container.portsType;
+          local name = 'thanos-query';
+          local queryContainer =
+           container.new(name, po.image + ':' + po.version) +
+
+           container.withPorts([containerPort.newNamed(10902, 'http'),containerPort.newNamed(10901, 'grpc')]) +
+           container.withArgs([
+                'query',
+                '--log.level=debug',
+                '--query.replica-label=prometheus_replica',
+                '--query.replica-label=thanos_ruler_replica',
+                '--store=dnssrv+_grpc._tcp.thanos-sidecar.default.svc.cluster.local',
+                '--store=dnssrv+_grpc._tcp.thanos-ruler.default.svc.cluster.local'
+           ]) +
+          container.mixin.resources.withRequests({ cpu: '100m', memory: '100Mi' }) +
+          container.mixin.resources.withLimits({ cpu: '200m', memory: '200Mi' });
+
+          deployment.new(name, 1, queryContainer, {app:"thanos-query"}) +
+          deployment.mixin.metadata.withNamespace(po.namespace) +
+          deployment.mixin.metadata.withLabels({app:"thanos-query"}) +
+          deployment.mixin.spec.selector.withMatchLabels({app:"thanos-query"}) ,
+        queryService:
+          local service = k.core.v1.service;
+          local servicePort = k.core.v1.service.mixin.spec.portsType;
+
+          local poServicePort = servicePort.newNamed('http', 9090, 'http');
+          service.new(po.thanosQueryName, po.queryLabels, [poServicePort]) +
+          service.mixin.metadata.withLabels(po.queryLabels) +
+          service.mixin.metadata.withNamespace(po.namespace) ,
+        sidecarService:
+          local service = k.core.v1.service;
+          local servicePort = k.core.v1.service.mixin.spec.portsType;
+
+          local poServicePort = servicePort.newNamed('grpc', 10901, 'grpc');
+          service.new(po.thanosSidecarName, po.commonLabels, [poServicePort]) +
+          service.mixin.metadata.withLabels(po.sidecarLabels) +
+          service.mixin.metadata.withNamespace(po.namespace) +
+          service.mixin.spec.withSelector(po.prometheusLabels) +
+          service.mixin.spec.withClusterIp('None'),
+        thanosRuler:
+            {
+                "apiVersion": "monitoring.coreos.com/v1",
+                "kind": "ThanosRuler",
+                "metadata": {
+                    "labels":po.rulerLabels,
+                    "name": po.thanosRulerName,
+                    "namespace": po.namespace
+                },
+                "spec": {
+                    "image": po.image + ':' + po.version,
+                    "ruleSelector":{
+                        "matchLabels":{
+                            "role":"thanos-example"
+                        }
+                    },
+                    "queryEndpoints":["dnssrv+_http._tcp.thanos-query.default.svc.cluster.local"]
+                }
+            },
+        prometheusRule:
+            {
+                "apiVersion": "monitoring.coreos.com/v1",
+                "kind": "PrometheusRule",
+                "metadata": {
+                    "labels": {
+                        "prometheus": "example-alert",
+                        "role": "thanos-example"
+                    },
+                    "creationTimestamp": null,
+                    "name": "prometheus-example-alerts",
+                    "namespace": "default"
+                },
+                "spec": {
+                    "groups": [{
+                        "name": "./example-alert.rules",
+                        "rules": [{
+                            "alert": "ExampleAlert",
+                            "expr": "vector(1)"
+
+                        }]
+                    }]
+                }
+            },
+        thanosRulerService:
+          local service = k.core.v1.service;
+          local servicePort = k.core.v1.service.mixin.spec.portsType;
+          local grpcServicePort = servicePort.newNamed('grpc', 10901, 'grpc');
+          local httpServicePort = servicePort.newNamed('http', 10902, 'web');
+
+          service.new(po.thanosRulerName, po.rulerLabels, [grpcServicePort,httpServicePort]) +
+          service.mixin.metadata.withLabels(po.rulerLabels) +
+          service.mixin.metadata.withNamespace(po.namespace) +
+          service.mixin.spec.withSelector(po.rulerLabels) +
+          service.mixin.spec.withClusterIp('None'),
 	}
 }

jsonnet/thanos/thanos.jsonnet

@@ -3,4 +3,13 @@ local po = (import 'config.libsonnet').thanos;
 {
   'prometheus.yaml': po.prometheus,
   'prometheus-cluster-role.yaml': po.clusterRole,
+  'prometheus-cluster-role-binding.yaml': po.clusterRoleBinding,
+  'prometheus-service.yaml': po.service,
+  'prometheus-servicemonitor.yaml': po.serviceMonitor,
+  'query-deployment.yaml': po.queryDeployment,
+  'query-service.yaml': po.queryService,
+  'sidecar-service.yaml': po.sidecarService,
+  'thanos-ruler.yaml': po.thanosRuler,
+  'prometheus-rule.yaml': po.prometheusRule,
+  'thanos-ruler-service.yaml': po.thanosRulerService,
 }

jsonnet/thanos/thanos/prometheus-cluster-role-binding.libsonnet

@@ -1,12 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: prometheus-self
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: prometheus-self
-subjects:
-- kind: ServiceAccount
-  name: default
-  namespace: default

jsonnet/thanos/thanos/prometheus-service.libsonnet

@@ -1,16 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  labels:
-    app: prometheus
-    prometheus: self
-  name: prometheus-self
-  namespace: default
-spec:
-  ports:
-  - name: web
-    port: 9090
-    protocol: TCP
-    targetPort: web
-  selector:
-    prometheus: self

jsonnet/thanos/thanos/prometheus-servicemonitor.libsonnet

@@ -1,14 +0,0 @@
-apiVersion: monitoring.coreos.com/v1
-kind: ServiceMonitor
-metadata:
-  name: prometheus
-  namespace: default
-  labels:
-    app: prometheus
-spec:
-  selector:
-    matchLabels:
-      app: prometheus
-  endpoints:
-  - port: web
-    interval: 30s

jsonnet/thanos/thanos/prometheus.libsonnet

@@ -1,28 +0,0 @@
-{
-	"apiVersion": "monitoring.coreos.com/v1",
-	"kind": "Prometheus",
-	"metadata": {
-		"labels": {
-			"prometheus": "self"
-		},
-		"name": "self",
-		"namespace": "default"
-	},
-	"spec": {
-		"replicas": "2",
-		"serviceMonitorSelector": {
-			"matchLabels": {
-				"app": "prometheus"
-			}
-		},
-		"ruleSelector": {
-			"matchLabels": {
-				"role": "prometheus-rulefiles",
-				"prometheus": "k8s"
-			}
-		},
-		"thanos": {
-			"version": "v0.11.0"
-		}
-	}
-}

jsonnet/thanos/thanos/query-deployment.libsonnet

@@ -1,32 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: thanos-query
-  namespace: default
-  labels:
-    app: thanos-query
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: thanos-query
-  template:
-    metadata:
-      labels:
-        app: thanos-query
-    spec:
-      containers:
-      - name: thanos-query
-        image: quay.io/thanos/thanos:v0.11.0
-        args:
-        - query
-        - --log.level=debug
-        - --query.replica-label=prometheus_replica
-        - --query.replica-label=thanos_ruler_replica
-        - --store=dnssrv+_grpc._tcp.thanos-sidecar.default.svc.cluster.local
-        - --store=dnssrv+_grpc._tcp.thanos-ruler.default.svc.cluster.local
-        ports:
-        - name: http
-          containerPort: 10902
-        - name: grpc
-          containerPort: 10901

jsonnet/thanos/thanos/query-service.libsonnet

@@ -1,14 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: thanos-query
-  namespace: default
-  labels:
-    app: thanos-query
-spec:
-  selector:
-    app: thanos-query
-  ports:
-  - name: http
-    port: 9090
-    targetPort: http

jsonnet/thanos/thanos/sidecar-service.libsonnet

@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: thanos-sidecar
-  namespace: default
-  labels:
-    app: thanos-sidecar
-spec:
-  clusterIP: None
-  selector:
-    prometheus: self
-  ports:
-  - name: grpc
-    port: 10901
-    targetPort: grpc

jsonnet/thanos/thanos/thanos-ruler-service.libsonnet

@@ -1,17 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: thanos-ruler
-  namespace: default
-  labels:
-    app: thanos-ruler
-spec:
-  selector:
-    app: thanos-ruler
-  ports:
-  - name: grpc
-    port: 10901
-    targetPort: grpc
-  - name: http
-    port: 10902
-    targetPort: web

jsonnet/thanos/thanos/thanos-ruler.libsonnet

@@ -1,31 +0,0 @@
----
-apiVersion: monitoring.coreos.com/v1
-kind: ThanosRuler
-metadata:
-  name: thanos-ruler
-  namespace: default
-  labels:
-    app: thanos-ruler
-spec:
-  image: quay.io/thanos/thanos:v0.11.0
-  ruleSelector:
-    matchLabels:
-      role: thanos-example
-  queryEndpoints:
-  - dnssrv+_http._tcp.thanos-query.default.svc.cluster.local
----
-apiVersion: monitoring.coreos.com/v1
-kind: PrometheusRule
-metadata:
-  creationTimestamp: null
-  labels:
-    prometheus: example-alert
-    role: thanos-example
-  name: prometheus-example-alerts
-  namespace: default
-spec:
-  groups:
-  - name: ./example-alert.rules
-    rules:
-    - alert: ExampleAlert
-      expr: vector(1)

scripts/generate/build-rbac-prometheus-operator.sh

@@ -11,9 +11,3 @@ echo "$PO" | jq -r 'keys[]' | while read -r file
 do
     echo "$PO" | jq -r ".[\"${file}\"]" | gojsontoyaml > "example/rbac/prometheus-operator/${file}"
 done
-
-PO=$(jsonnet -J scripts/generate/vendor jsonnet/thanos/thanos.jsonnet)
-echo "$PO" | jq -r 'keys[]' | while read -r file
-do
-    echo "$PO" | jq -r ".[\"${file}\"]" | gojsontoyaml > "example/demo/${file}"
-done

scripts/generate/build-thanos-example.sh

@@ -0,0 +1,13 @@
+#!/usr/bin/env bash
+# exit immediately when a command fails
+set -e
+# only exit with zero if all commands of the pipeline exit successfully
+set -o pipefail
+# error on unset variables
+set -u
+
+PO=$(jsonnet -J scripts/generate/vendor jsonnet/thanos/thanos.jsonnet)
+echo "$PO" | jq -r 'keys[]' | while read -r file
+do
+    echo "$PO" | jq -r ".[\"${file}\"]" | gojsontoyaml > "example/thanos/${file}"
+done