mirrors/prometheus-operator
mirrors/prometheus-operator
1
0
Fork 0
mirror of https://github.com/prometheus-operator/prometheus-operator.git synced 2025-04-08 10:04:09 +00:00
Code Activity

Merge branch 'master' into allow-setting-prometheus-pod-annotations

Browse source
This commit is contained in:
Giancarlo Rubio 2018-07-20 12:16:03 +02:00 committed by GitHub
commit a7c5c5c44b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
121 changed files with 948 additions and 530 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
.travis.yml
View file

@ -10,7 +10,6 @@ before_install:
jobs:
include:
- stage: Sanity check and tests
# Check generated contents are up to date and code is formatted.
script: make format generate-in-docker && git diff --exit-code
- script: cd contrib/kube-prometheus && make test-in-docker
@ -21,12 +20,10 @@ jobs:
# Unit tests
- script: make test-unit
# E2e tests
script: ./scripts/travis-e2e.sh
- script: ./scripts/travis-e2e.sh
- script: ./scripts/travis-e2e-helm.sh
- stage: deploy
script: skip
deploy:
provider: script
@ -34,7 +31,5 @@ jobs:
on:
branch: master
- stage: push-docker-image
script: ./scripts/travis-push-docker-image.sh

8
CHANGELOG.md
View file

@ -2,6 +2,14 @@
* [CHANGE] Deprecate specification of Prometheus rules via ConfigMaps in favor of `PrometheusRule` CRDs
## 0.22.0 / 2018-07-09
* [FEATURE] Allow setting volume name via volumetemplateclaimtemplate in prom and alertmanager (#1538)
* [FEATURE] Allow setting custom tags of container images (#1584)
* [ENHANCEMENT] Update default Thanos to v0.1.0-rc.2 (#1585)
* [ENHANCEMENT] Split rule config map mounted into Prometheus if it exceeds Kubernetes config map limit (#1562)
* [BUGFIX] Mount Prometheus data volume into Thanos sidecar & pass correct path to Thanos sidecar (#1583)
## 0.21.0 / 2018-06-28
* [CHANGE] Default to Prometheus v2.3.1.

3
Dockerfile
View file

@ -2,4 +2,7 @@ FROM quay.io/prometheus/busybox:latest
ADD operator /bin/operator
# On busybox 'nobody' has uid `65534'
USER 65534
ENTRYPOINT ["/bin/operator"]

65
Documentation/api.md
View file

@ -57,7 +57,7 @@ Alertmanager describes an Alertmanager cluster.
| Field | Description | Scheme | Required |
| ----- | ----------- | ------ | -------- |
| metadata | Standard objects metadata. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#metadata | [metav1.ObjectMeta](https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#objectmeta-v1-meta) | false |
| metadata | Standard objects metadata. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#metadata | [metav1.ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#objectmeta-v1-meta) | false |
| spec | Specification of the desired behavior of the Alertmanager cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status | [AlertmanagerSpec](#alertmanagerspec) | true |
| status | Most recent observed status of the Alertmanager cluster. Read-only. Not included when requesting from the apiserver, only from the Prometheus Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status | *[AlertmanagerStatus](#alertmanagerstatus) | false |
@ -85,7 +85,7 @@ A list of Alertmanagers.
| Field | Description | Scheme | Required |
| ----- | ----------- | ------ | -------- |
| metadata | Standard list metadata More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#metadata | [metav1.ListMeta](https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#listmeta-v1-meta) | false |
| metadata | Standard list metadata More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#metadata | [metav1.ListMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#listmeta-v1-meta) | false |
| items | List of Alertmanagers | [][Alertmanager](#alertmanager) | true |
[Back to TOC](#table-of-contents)
@ -96,10 +96,11 @@ Specification of the desired behavior of the Alertmanager cluster. More info: ht
| Field | Description | Scheme | Required |
| ----- | ----------- | ------ | -------- |
| podMetadata | Standard objects metadata. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#metadata Metadata Labels and Annotations gets propagated to the prometheus pods. | *[metav1.ObjectMeta](https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#objectmeta-v1-meta) | false |
| podMetadata | Standard objects metadata. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#metadata Metadata Labels and Annotations gets propagated to the prometheus pods. | *[metav1.ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#objectmeta-v1-meta) | false |
| version | Version the cluster should be on. | string | false |
| tag | Tag of Alertmanager container image to be deployed. Defaults to the value of `version`. | string | false |
| baseImage | Base image that is used to deploy pods, without tag. | string | false |
| imagePullSecrets | An optional list of references to secrets in the same namespace to use for pulling prometheus and alertmanager images from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod | [][v1.LocalObjectReference](https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#localobjectreference-v1-core) | false |
| imagePullSecrets | An optional list of references to secrets in the same namespace to use for pulling prometheus and alertmanager images from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod | [][v1.LocalObjectReference](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#localobjectreference-v1-core) | false |
| secrets | Secrets is a list of Secrets in the same namespace as the Alertmanager object, which shall be mounted into the Alertmanager Pods. The Secrets are mounted into /etc/alertmanager/secrets/<secret-name>. | []string | false |
| logLevel | Log level for Alertmanager to be configured with. | string | false |
| replicas | Size is the expected size of the alertmanager cluster. The controller will eventually make the size of the running cluster equal to the expected size. | *int32 | false |
@ -108,7 +109,7 @@ Specification of the desired behavior of the Alertmanager cluster. More info: ht
| routePrefix | The route prefix Alertmanager registers HTTP handlers for. This is useful, if using ExternalURL and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true, but the server serves requests under a different route prefix. For example for use with `kubectl proxy`. | string | false |
| paused | If set to true all actions on the underlaying managed objects are not goint to be performed, except for delete actions. | bool | false |
| nodeSelector | Define which Nodes the Pods are scheduled on. | map[string]string | false |
| resources | Define resources requests and limits for single Pods. | [v1.ResourceRequirements](https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#resourcerequirements-v1-core) | false |
| resources | Define resources requests and limits for single Pods. | [v1.ResourceRequirements](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#resourcerequirements-v1-core) | false |
| affinity | If specified, the pod's scheduling constraints. | *v1.Affinity | false |
| tolerations | If specified, the pod's tolerations. | []v1.Toleration | false |
| securityContext | SecurityContext holds pod-level security attributes and common container settings. This defaults to non root user with uid 1000 and gid 2000. | *v1.PodSecurityContext | false |
@ -138,8 +139,8 @@ BasicAuth allow an endpoint to authenticate over basic authentication More info:
| Field | Description | Scheme | Required |
| ----- | ----------- | ------ | -------- |
| username | The secret that contains the username for authenticate | [v1.SecretKeySelector](https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#secretkeyselector-v1-core) | false |
| password | The secret that contains the password for authenticate | [v1.SecretKeySelector](https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#secretkeyselector-v1-core) | false |
| username | The secret that contains the username for authenticate | [v1.SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#secretkeyselector-v1-core) | false |
| password | The secret that contains the password for authenticate | [v1.SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#secretkeyselector-v1-core) | false |
[Back to TOC](#table-of-contents)
@ -182,7 +183,7 @@ Prometheus defines a Prometheus deployment.
| Field | Description | Scheme | Required |
| ----- | ----------- | ------ | -------- |
| metadata | Standard objects metadata. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#metadata | [metav1.ObjectMeta](https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#objectmeta-v1-meta) | false |
| metadata | Standard objects metadata. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#metadata | [metav1.ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#objectmeta-v1-meta) | false |
| spec | Specification of the desired behavior of the Prometheus cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status | [PrometheusSpec](#prometheusspec) | true |
| status | Most recent observed status of the Prometheus cluster. Read-only. Not included when requesting from the apiserver, only from the Prometheus Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status | *[PrometheusStatus](#prometheusstatus) | false |
@ -194,7 +195,7 @@ PrometheusList is a list of Prometheuses.
| Field | Description | Scheme | Required |
| ----- | ----------- | ------ | -------- |
| metadata | Standard list metadata More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#metadata | [metav1.ListMeta](https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#listmeta-v1-meta) | false |
| metadata | Standard list metadata More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#metadata | [metav1.ListMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#listmeta-v1-meta) | false |
| items | List of Prometheuses | []*[Prometheus](#prometheus) | true |
[Back to TOC](#table-of-contents)
@ -205,7 +206,7 @@ PrometheusRule defines alerting rules for a Prometheus instance
| Field | Description | Scheme | Required |
| ----- | ----------- | ------ | -------- |
| metadata | Standard objects metadata. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#metadata | [metav1.ObjectMeta](https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#objectmeta-v1-meta) | false |
| metadata | Standard objects metadata. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#metadata | [metav1.ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#objectmeta-v1-meta) | false |
| spec | Specification of desired alerting rule definitions for Prometheus. | [PrometheusRuleSpec](#prometheusrulespec) | true |
[Back to TOC](#table-of-contents)
@ -216,7 +217,7 @@ A list of PrometheusRules.
| Field | Description | Scheme | Required |
| ----- | ----------- | ------ | -------- |
| metadata | Standard list metadata More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#metadata | [metav1.ListMeta](https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#listmeta-v1-meta) | false |
| metadata | Standard list metadata More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#metadata | [metav1.ListMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#listmeta-v1-meta) | false |
| items | List of Rules | []*[PrometheusRule](#prometheusrule) | true |
[Back to TOC](#table-of-contents)
@ -237,13 +238,14 @@ Specification of the desired behavior of the Prometheus cluster. More info: http
| Field | Description | Scheme | Required |
| ----- | ----------- | ------ | -------- |
| podMetadata | Standard objects metadata. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#metadata Metadata Labels and Annotations gets propagated to the prometheus pods. | *[metav1.ObjectMeta](https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#objectmeta-v1-meta) | false |
| serviceMonitorSelector | ServiceMonitors to be selected for target discovery. | *[metav1.LabelSelector](https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#labelselector-v1-meta) | false |
| serviceMonitorNamespaceSelector | Namespaces to be selected for ServiceMonitor discovery. If nil, only check own namespace. | *[metav1.LabelSelector](https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#labelselector-v1-meta) | false |
| podMetadata | Standard objects metadata. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#metadata Metadata Labels and Annotations gets propagated to the prometheus pods. | *[metav1.ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#objectmeta-v1-meta) | false |
| serviceMonitorSelector | ServiceMonitors to be selected for target discovery. | *[metav1.LabelSelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#labelselector-v1-meta) | false |
| serviceMonitorNamespaceSelector | Namespaces to be selected for ServiceMonitor discovery. If nil, only check own namespace. | *[metav1.LabelSelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#labelselector-v1-meta) | false |
| version | Version of Prometheus to be deployed. | string | false |
| tag | Tag of Prometheus container image to be deployed. Defaults to the value of `version`. | string | false |
| paused | When a Prometheus deployment is paused, no actions except for deletion will be performed on the underlying objects. | bool | false |
| baseImage | Base image to use for a Prometheus deployment. | string | false |
| imagePullSecrets | An optional list of references to secrets in the same namespace to use for pulling prometheus and alertmanager images from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod | [][v1.LocalObjectReference](https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#localobjectreference-v1-core) | false |
| imagePullSecrets | An optional list of references to secrets in the same namespace to use for pulling prometheus and alertmanager images from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod | [][v1.LocalObjectReference](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#localobjectreference-v1-core) | false |
| replicas | Number of instances to deploy for a Prometheus deployment. | *int32 | false |
| retention | Time duration Prometheus shall retain data for. | string | false |
| logLevel | Log level for Prometheus to be configured with. | string | false |
@ -253,10 +255,10 @@ Specification of the desired behavior of the Prometheus cluster. More info: http
| externalUrl | The external URL the Prometheus instances will be available under. This is necessary to generate correct URLs. This is necessary if Prometheus is not served from root of a DNS name. | string | false |
| routePrefix | The route prefix Prometheus registers HTTP handlers for. This is useful, if using ExternalURL and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true, but the server serves requests under a different route prefix. For example for use with `kubectl proxy`. | string | false |
| storage | Storage spec to specify how storage shall be used. | *[StorageSpec](#storagespec) | false |
| ruleSelector | A selector to select which PrometheusRules to mount for loading alerting rules from. | *[metav1.LabelSelector](https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#labelselector-v1-meta) | false |
| ruleNamespaceSelector | Namespaces to be selected for PrometheusRules discovery. If unspecified, only the same namespace as the Prometheus object is in is used. | *[metav1.LabelSelector](https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#labelselector-v1-meta) | false |
| ruleSelector | A selector to select which PrometheusRules to mount for loading alerting rules from. | *[metav1.LabelSelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#labelselector-v1-meta) | false |
| ruleNamespaceSelector | Namespaces to be selected for PrometheusRules discovery. If unspecified, only the same namespace as the Prometheus object is in is used. | *[metav1.LabelSelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#labelselector-v1-meta) | false |
| alerting | Define details regarding alerting. | *[AlertingSpec](#alertingspec) | false |
| resources | Define resources requests and limits for single Pods. | [v1.ResourceRequirements](https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#resourcerequirements-v1-core) | false |
| resources | Define resources requests and limits for single Pods. | [v1.ResourceRequirements](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#resourcerequirements-v1-core) | false |
| nodeSelector | Define which Nodes the Pods are scheduled on. | map[string]string | false |
| serviceAccountName | ServiceAccountName is the name of the ServiceAccount to use to run the Prometheus Pods. | string | false |
| secrets | Secrets is a list of Secrets in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods. The Secrets are mounted into /etc/prometheus/secrets/<secret-name>. Secrets changes after initial creation of a Prometheus object are not reflected in the running Pods. To change the secrets mounted into the Prometheus Pods, the object must be deleted and recreated with the new list of secrets. | []string | false |
@ -267,8 +269,8 @@ Specification of the desired behavior of the Prometheus cluster. More info: http
| securityContext | SecurityContext holds pod-level security attributes and common container settings. This defaults to non root user with uid 1000 and gid 2000 for Prometheus >v2.0 and default PodSecurityContext for other versions. | *v1.PodSecurityContext | false |
| listenLocal | ListenLocal makes the Prometheus server listen on loopback, so that it does not bind against the Pod IP. | bool | false |
| containers | Containers allows injecting additional containers. This is meant to allow adding an authentication proxy to a Prometheus pod. | []v1.Container | false |
| additionalScrapeConfigs | AdditionalScrapeConfigs allows specifying a key of a Secret containing additional Prometheus scrape configurations. Scrape configurations specified are appended to the configurations generated by the Prometheus Operator. Job configurations specified must have the form as specified in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#<scrape_config>. As scrape configs are appended, the user is responsible to make sure it is valid. Note that using this feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible scrape configs are going to break Prometheus after the upgrade. | *[v1.SecretKeySelector](https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#secretkeyselector-v1-core) | false |
| additionalAlertManagerConfigs | AdditionalAlertManagerConfigs allows specifying a key of a Secret containing additional Prometheus AlertManager configurations. AlertManager configurations specified are appended to the configurations generated by the Prometheus Operator. Job configurations specified must have the form as specified in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#<alertmanager_config>. As AlertManager configs are appended, the user is responsible to make sure it is valid. Note that using this feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible AlertManager configs are going to break Prometheus after the upgrade. | *[v1.SecretKeySelector](https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#secretkeyselector-v1-core) | false |
| additionalScrapeConfigs | AdditionalScrapeConfigs allows specifying a key of a Secret containing additional Prometheus scrape configurations. Scrape configurations specified are appended to the configurations generated by the Prometheus Operator. Job configurations specified must have the form as specified in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#<scrape_config>. As scrape configs are appended, the user is responsible to make sure it is valid. Note that using this feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible scrape configs are going to break Prometheus after the upgrade. | *[v1.SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#secretkeyselector-v1-core) | false |
| additionalAlertManagerConfigs | AdditionalAlertManagerConfigs allows specifying a key of a Secret containing additional Prometheus AlertManager configurations. AlertManager configurations specified are appended to the configurations generated by the Prometheus Operator. Job configurations specified must have the form as specified in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#<alertmanager_config>. As AlertManager configs are appended, the user is responsible to make sure it is valid. Note that using this feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible AlertManager configs are going to break Prometheus after the upgrade. | *[v1.SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#secretkeyselector-v1-core) | false |
| thanos | Thanos configuration allows configuring various aspects of a Prometheus server in a Thanos environment.\n\nThis section is experimental, it may change significantly without deprecation notice in any release.\n\nThis is experimental and may change significantly without backward compatibility in any release. | *[ThanosSpec](#thanosspec) | false |
[Back to TOC](#table-of-contents)
@ -388,7 +390,7 @@ ServiceMonitor defines monitoring for a set of services.
| Field | Description | Scheme | Required |
| ----- | ----------- | ------ | -------- |
| metadata | Standard objects metadata. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#metadata | [metav1.ObjectMeta](https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#objectmeta-v1-meta) | false |
| metadata | Standard objects metadata. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#metadata | [metav1.ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#objectmeta-v1-meta) | false |
| spec | Specification of desired Service selection for target discrovery by Prometheus. | [ServiceMonitorSpec](#servicemonitorspec) | true |
[Back to TOC](#table-of-contents)
@ -399,7 +401,7 @@ A list of ServiceMonitors.
| Field | Description | Scheme | Required |
| ----- | ----------- | ------ | -------- |
| metadata | Standard list metadata More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#metadata | [metav1.ListMeta](https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#listmeta-v1-meta) | false |
| metadata | Standard list metadata More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#metadata | [metav1.ListMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#listmeta-v1-meta) | false |
| items | List of ServiceMonitors | []*[ServiceMonitor](#servicemonitor) | true |
[Back to TOC](#table-of-contents)
@ -413,7 +415,7 @@ ServiceMonitorSpec contains specification parameters for a ServiceMonitor.
| jobLabel | The label to use to retrieve the job name from. | string | false |
| targetLabels | TargetLabels transfers labels on the Kubernetes Service onto the target. | []string | false |
| endpoints | A list of endpoints allowed as part of this ServiceMonitor. | [][Endpoint](#endpoint) | true |
| selector | Selector to select Endpoints objects. | [metav1.LabelSelector](https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#labelselector-v1-meta) | true |
| selector | Selector to select Endpoints objects. | [metav1.LabelSelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#labelselector-v1-meta) | true |
| namespaceSelector | Selector to select which namespaces the Endpoints objects are discovered from. | [NamespaceSelector](#namespaceselector) | false |
[Back to TOC](#table-of-contents)
@ -425,10 +427,10 @@ StorageSpec defines the configured storage for a group Prometheus servers.
| Field | Description | Scheme | Required |
| ----- | ----------- | ------ | -------- |
| class | Name of the StorageClass to use when requesting storage provisioning. More info: https://kubernetes.io/docs/user-guide/persistent-volumes/#storageclasses DEPRECATED | string | false |
| emptyDir | EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir | *[v1.EmptyDirVolumeSource](https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#emptydirvolumesource-v1-core) | false |
| selector | A label query over volumes to consider for binding. DEPRECATED | *[metav1.LabelSelector](https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#labelselector-v1-meta) | false |
| resources | Resources represents the minimum resources the volume should have. More info: http://kubernetes.io/docs/user-guide/persistent-volumes#resources DEPRECATED | [v1.ResourceRequirements](https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#resourcerequirements-v1-core) | false |
| volumeClaimTemplate | A PVC spec to be used by the Prometheus StatefulSets. | [v1.PersistentVolumeClaim](https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#persistentvolumeclaim-v1-core) | false |
| emptyDir | EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir | *[v1.EmptyDirVolumeSource](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#emptydirvolumesource-v1-core) | false |
| selector | A label query over volumes to consider for binding. DEPRECATED | *[metav1.LabelSelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#labelselector-v1-meta) | false |
| resources | Resources represents the minimum resources the volume should have. More info: http://kubernetes.io/docs/user-guide/persistent-volumes#resources DEPRECATED | [v1.ResourceRequirements](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#resourcerequirements-v1-core) | false |
| volumeClaimTemplate | A PVC spec to be used by the Prometheus StatefulSets. | [v1.PersistentVolumeClaim](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#persistentvolumeclaim-v1-core) | false |
[Back to TOC](#table-of-contents)
@ -464,8 +466,8 @@ ThanosSpec defines parameters for of AWS Simple Storage Service (S3) with Thanos
| ----- | ----------- | ------ | -------- |
| bucket | S3-Compatible API bucket name for stored blocks. | *string | false |
| endpoint | S3-Compatible API endpoint for stored blocks. | *string | false |
| accessKey | AccessKey for an S3-Compatible API. | *[v1.SecretKeySelector](https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#secretkeyselector-v1-core) | false |
| secretKey | SecretKey for an S3-Compatible API. | *[v1.SecretKeySelector](https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#secretkeyselector-v1-core) | false |
| accessKey | AccessKey for an S3-Compatible API. | *[v1.SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#secretkeyselector-v1-core) | false |
| secretKey | SecretKey for an S3-Compatible API. | *[v1.SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#secretkeyselector-v1-core) | false |
| insecure | Whether to use an insecure connection with an S3-Compatible API. | *bool | false |
| signatureVersion2 | Whether to use S3 Signature Version 2; otherwise Signature Version 4 will be used. | *bool | false |
@ -479,8 +481,9 @@ ThanosSpec defines parameters for a Prometheus server within a Thanos deployment
| ----- | ----------- | ------ | -------- |
| peers | Peers is a DNS name for Thanos to discover peers through. | *string | false |
| version | Version describes the version of Thanos to use. | *string | false |
| tag | Tag of Thanos sidecar container image to be deployed. Defaults to the value of `version`. | *string | false |
| baseImage | Thanos base image if other than default. | *string | false |
| gcs | GCS configures use of GCS in Thanos. | *[ThanosGCSSpec](#thanosgcsspec) | true |
| s3 | S3 configures use of S3 in Thanos. | *[ThanosS3Spec](#thanoss3spec) | true |
| gcs | GCS configures use of GCS in Thanos. | *[ThanosGCSSpec](#thanosgcsspec) | false |
| s3 | S3 configures use of S3 in Thanos. | *[ThanosS3Spec](#thanoss3spec) | false |
[Back to TOC](#table-of-contents)

17
Documentation/user-guides/cluster-monitoring.md
View file

@ -59,9 +59,10 @@ spec:
containers:
- args:
- --kubelet-service=kube-system/kubelet
- -logtostderr=true
- --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1
- --prometheus-config-reloader=quay.io/coreos/prometheus-config-reloader:v0.21.0
image: quay.io/coreos/prometheus-operator:v0.21.0
- --prometheus-config-reloader=quay.io/coreos/prometheus-config-reloader:v0.22.0
image: quay.io/coreos/prometheus-operator:v0.22.0
name: prometheus-operator
ports:
- containerPort: 8080
@ -73,6 +74,9 @@ spec:
requests:
cpu: 100m
memory: 50Mi
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
nodeSelector:
beta.kubernetes.io/os: linux
securityContext:
@ -308,11 +312,11 @@ spec:
name: kube-state-metrics
resources:
limits:
cpu: 102m
memory: 180Mi
cpu: 100m
memory: 150Mi
requests:
cpu: 102m
memory: 180Mi
cpu: 100m
memory: 150Mi
- command:
- /pod_nanny
- --container=kube-state-metrics
@ -541,6 +545,7 @@ spec:
interval: 30s
port: https-main
scheme: https
scrapeTimeout: 30s
tlsConfig:
insecureSkipVerify: true
- bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token

8
Documentation/user-guides/getting-started.md
View file

@ -115,9 +115,10 @@ spec:
containers:
- args:
- --kubelet-service=kube-system/kubelet
- -logtostderr=true
- --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1
- --prometheus-config-reloader=quay.io/coreos/prometheus-config-reloader:v0.21.0
image: quay.io/coreos/prometheus-operator:v0.21.0
- --prometheus-config-reloader=quay.io/coreos/prometheus-config-reloader:v0.22.0
image: quay.io/coreos/prometheus-operator:v0.22.0
name: prometheus-operator
ports:
- containerPort: 8080
@ -129,6 +130,9 @@ spec:
requests:
cpu: 100m
memory: 50Mi
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
nodeSelector:
beta.kubernetes.io/os: linux
securityContext:

21
Makefile
View file

@ -78,7 +78,7 @@ hack/prometheus-config-reloader-image: cmd/prometheus-config-reloader/Dockerfile
##############
.PHONY: generate
generate: pkg/client/monitoring/v1/zz_generated.deepcopy.go pkg/client/monitoring/v1/openapi_generated.go jsonnet/prometheus-operator/**-crd.libsonnet bundle.yaml kube-prometheus Documentation/*
generate: pkg/client/monitoring/v1/zz_generated.deepcopy.go pkg/client/monitoring/v1/openapi_generated.go $(shell find jsonnet/prometheus-operator/*-crd.libsonnet -type f) bundle.yaml kube-prometheus $(shell find Documentation -type f)
.PHONY: generate-in-docker
generate-in-docker: hack/jsonnet-docker-image
@ -98,7 +98,7 @@ example/prometheus-operator-crd/**.crd.yaml: pkg/client/monitoring/v1/openapi_ge
po-crdgen servicemonitor > example/prometheus-operator-crd/servicemonitor.crd.yaml
po-crdgen prometheusrule > example/prometheus-operator-crd/prometheusrule.crd.yaml
jsonnet/prometheus-operator/**-crd.libsonnet: example/prometheus-operator-crd/**.crd.yaml $(GOJSONTOYAML_BINARY)
jsonnet/prometheus-operator/**-crd.libsonnet: $(shell find -type f example/prometheus-operator-crd/*.crd.yaml) $(GOJSONTOYAML_BINARY)
cat example/prometheus-operator-crd/alertmanager.crd.yaml | gojsontoyaml -yamltojson > jsonnet/prometheus-operator/alertmanager-crd.libsonnet
cat example/prometheus-operator-crd/prometheus.crd.yaml | gojsontoyaml -yamltojson > jsonnet/prometheus-operator/prometheus-crd.libsonnet
cat example/prometheus-operator-crd/servicemonitor.crd.yaml | gojsontoyaml -yamltojson > jsonnet/prometheus-operator/servicemonitor-crd.libsonnet
@ -110,16 +110,17 @@ pkg/client/monitoring/v1/openapi_generated.go: pkg/client/monitoring/v1/types.go
-p github.com/coreos/prometheus-operator/pkg/client/monitoring/v1 \
--go-header-file="$(GOPATH)/src/github.com/coreos/prometheus-operator/.header"
bundle.yaml: example/rbac/prometheus-operator/*.yaml
bundle.yaml: $(shell find example/rbac/prometheus-operator/*.yaml -type f)
hack/generate-bundle.sh
hack/generate/vendor: $(JB_BINARY) jsonnet/prometheus-operator/**
hack/generate/vendor: $(JB_BINARY) $(shell find -type f jsonnet/prometheus-operator)
cd hack/generate; $(JB_BINARY) install;
example/non-rbac/prometheus-operator.yaml: hack/generate/vendor hack/generate/prometheus-operator-non-rbac.jsonnet
example/non-rbac/prometheus-operator.yaml: hack/generate/vendor hack/generate/prometheus-operator-non-rbac.jsonnet $(shell find jsonnet -type f)
hack/generate/build-non-rbac-prometheus-operator.sh
example/rbac/prometheus-operator/*.yaml: hack/generate/vendor hack/generate/prometheus-operator-rbac.jsonnet
RBAC_MANIFESTS = example/rbac/prometheus-operator/prometheus-operator-cluster-role.yaml example/rbac/prometheus-operator/prometheus-operator-cluster-role-binding.yaml example/rbac/prometheus-operator/prometheus-operator-service-account.yaml example/rbac/prometheus-operator/prometheus-operator-deployment.yaml
$(RBAC_MANIFESTS): hack/generate/vendor hack/generate/prometheus-operator-rbac.jsonnet $(shell find jsonnet -type f)
hack/generate/build-rbac-prometheus-operator.sh
jsonnet/prometheus-operator/prometheus-operator.libsonnet: VERSION
@ -145,7 +146,7 @@ $(TO_BE_EXTENDED_DOCS): $(EMBEDMD_BINARY) $(shell find example) kube-prometheus
##############
.PHONY: format
format: go-fmt check-license
format: go-fmt check-license shellcheck
.PHONY: go-fmt
go-fmt:
@ -155,6 +156,10 @@ go-fmt:
check-license:
./scripts/check_license.sh
.PHONY: shellcheck
shellcheck:
docker run -v "${PWD}:/mnt" koalaman/shellcheck:stable $(shell find -type f -name "*.sh" -not -path "*vendor*")
###########
# Testing #
@ -210,7 +215,7 @@ $(JB_BINARY):
$(PO_CRDGEN_BINARY): cmd/po-crdgen/main.go pkg/client/monitoring/v1/openapi_generated.go
go install github.com/coreos/prometheus-operator/cmd/po-crdgen
$(PO_DOCGEN_BINARY): cmd/po-docgen/**.go
$(PO_DOCGEN_BINARY): $(shell find cmd/po-docgen -type f) pkg/client/monitoring/v1/types.go
go install github.com/coreos/prometheus-operator/cmd/po-docgen
$(OPENAPI_GEN_BINARY):

49
README.md
View file

@ -42,33 +42,6 @@ Prometheus Operator, it is highly recommended to use the latest version.
If you have an older version of Kubernetes and the Prometheus Operator running,
we recommend upgrading Kubernetes first and then the Prometheus Operator.
If you have previously used pre-1.5.0 releases of Kubernetes with the `0.1.0`
version of the Prometheus Operator, see the [migration](#migration) section.
## Migration
The `PetSet` was deprecated in the `1.5.0` release of Kubernetes in favor of
the `StatefulSet`. As the Prometheus Operator used the `PetSet` in version
`0.1.0`, those need to be migrated as we upgrade our Kubernetes cluster as well
as the Prometheus Operator.
First the Prometheus Operator needs to be shut down. Once shut down, retrieve
the `PetSet`s that were generated by it. You can do so simply by finding all
`Prometheus` and `Alertmanager` objects created:
```sh
kubectl get prometheuses --all-namespaces
kubectl get alertmanagers --all-namespaces
```
For each `Prometheus` and `Alertmanager` object, a respective `PetSet` with the
same name was created in the same namespace. Those `PetSet`s need to be
migrated according to the [official migration documentation](http://kubernetes.io/docs/tasks/manage-stateful-set/upgrade-pet-set-to-stateful-set/).
Once migrated and on Kubernetes version `>=1.5.0`, you can start the
Prometheus Operator of version `>=0.2.0`, and the `StatefulSet` created
in the migration will from now on be managed by the Prometheus Operator.
## CustomResourceDefinitions
The Operator acts on the following [custom resource definitions (CRDs)](https://kubernetes.io/docs/tasks/access-kubernetes-api/extend-api-custom-resource-definitions/):
@ -80,6 +53,10 @@ The Operator acts on the following [custom resource definitions (CRDs)](https://
of services should be monitored. The Operator automatically generates Prometheus scrape configuration
based on the definition.
* **`PrometheusRule`**, which defines a desired Prometheus rule file, which can
be loaded by a Prometheus instance containing Prometheus alerting and
recording rules.
* **`Alertmanager`**, which defines a desired Alertmanager deployment.
The Operator ensures at all times that a deployment matching the resource definition is running.
@ -144,10 +121,14 @@ kubectl delete --ignore-not-found customresourcedefinitions \
### Testing
1. Ensure that you're running tests in the following path: `$GOPATH/src/github.com/coreos/prometheus-operator` as tests expect paths to match.
1. If you're working from a fork, just add the forked repo as a remote and pull against your local coreos checkout before running tests.
1. `make test` executes all *unit tests*.
2. You can execute the *e2e tests* on a local minikube by compiling the static binary (which is what is used for the container images) with `make crossbuild`.
1. build the container image with the docker host from within minikube by running `eval $(minikube docker-env)`.
2. You can build the container images using `make image`.
3. Finally run the e2e tests using `make e2e-test`.
> Ensure that you're running tests in the following path:
> `$GOPATH/src/github.com/coreos/prometheus-operator` as tests expect paths to
> match. If you're working from a fork, just add the forked repo as a remote and
> pull against your local coreos checkout before running tests.
1. Running *unit tests*:
1. `make test-unit`
1. Running *end-to-end* tests on local minikube cluster:
1. `minikube start --kubernetes-version=v1.10.0 --memory=4096 --extra-config=apiserver.Authorization.Mode=RBAC`
2. `eval $(minikube docker-env) && make image` - build Prometheus Operator docker image on minikube's docker
3. `make test-e2e`

2
VERSION
View file

@ -1 +1 @@
0.21.0
0.22.0

8
bundle.yaml
View file

@ -97,9 +97,10 @@ spec:
containers:
- args:
- --kubelet-service=kube-system/kubelet
- -logtostderr=true
- --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1
- --prometheus-config-reloader=quay.io/coreos/prometheus-config-reloader:v0.21.0
image: quay.io/coreos/prometheus-operator:v0.21.0
- --prometheus-config-reloader=quay.io/coreos/prometheus-config-reloader:v0.22.0
image: quay.io/coreos/prometheus-operator:v0.22.0
name: prometheus-operator
ports:
- containerPort: 8080
@ -111,6 +112,9 @@ spec:
requests:
cpu: 100m
memory: 50Mi
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
nodeSelector:
beta.kubernetes.io/os: linux
securityContext:

13
cmd/operator/main.go
View file

@ -49,6 +49,11 @@ const (
logLevelNone = "none"
)
const (
logFormatLogfmt = "logfmt"
logFormatJson = "json"
)
var (
cfg prometheuscontroller.Config
availableLogLevels = []string{
@ -59,6 +64,10 @@ var (
logLevelError,
logLevelNone,
}
availableLogFormats = []string{
logFormatLogfmt,
logFormatJson,
}
)
func init() {
@ -86,12 +95,16 @@ func init() {
flagset.BoolVar(&cfg.EnableValidation, "with-validation", true, "Include the validation spec in the CRD")
flagset.BoolVar(&cfg.DisableAutoUserGroup, "disable-auto-user-group", false, "Disables the Prometheus Operator setting the `runAsUser` and `fsGroup` fields in Pods.")
flagset.StringVar(&cfg.LogLevel, "log-level", logLevelInfo, fmt.Sprintf("Log level to use. Possible values: %s", strings.Join(availableLogLevels, ", ")))
flagset.StringVar(&cfg.LogFormat, "log-format", logFormatLogfmt, fmt.Sprintf("Log format to use. Possible values: %s", strings.Join(availableLogFormats, ", ")))
flagset.Parse(os.Args[1:])
}
func Main() int {
logger := log.NewLogfmtLogger(log.NewSyncWriter(os.Stdout))
if cfg.LogFormat == logFormatJson {
logger = log.NewJSONLogger(log.NewSyncWriter(os.Stdout))
}
switch cfg.LogLevel {
case logLevelAll:
logger = level.NewFilter(logger, level.AllowAll())

16
cmd/po-docgen/api.go
View file

@ -40,14 +40,14 @@ This Document documents the types introduced by the Prometheus Operator to be co
var (
links = map[string]string{
"metav1.ObjectMeta": "https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#objectmeta-v1-meta",
"metav1.ListMeta": "https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#listmeta-v1-meta",
"metav1.LabelSelector": "https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#labelselector-v1-meta",
"v1.ResourceRequirements": "https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#resourcerequirements-v1-core",
"v1.LocalObjectReference": "https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#localobjectreference-v1-core",
"v1.SecretKeySelector": "https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#secretkeyselector-v1-core",
"v1.PersistentVolumeClaim": "https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#persistentvolumeclaim-v1-core",
"v1.EmptyDirVolumeSource": "https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#emptydirvolumesource-v1-core",
"metav1.ObjectMeta": "https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#objectmeta-v1-meta",
"metav1.ListMeta": "https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#listmeta-v1-meta",
"metav1.LabelSelector": "https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#labelselector-v1-meta",
"v1.ResourceRequirements": "https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#resourcerequirements-v1-core",
"v1.LocalObjectReference": "https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#localobjectreference-v1-core",
"v1.SecretKeySelector": "https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#secretkeyselector-v1-core",
"v1.PersistentVolumeClaim": "https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#persistentvolumeclaim-v1-core",
"v1.EmptyDirVolumeSource": "https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#emptydirvolumesource-v1-core",
}
selfLinks = map[string]string{}

31
cmd/prometheus-config-reloader/main.go
View file

@ -18,6 +18,7 @@ import (
"context"
"fmt"
"os"
"strings"
"github.com/coreos/prometheus-operator/pkg/version"
@ -27,21 +28,28 @@ import (
kingpin "gopkg.in/alecthomas/kingpin.v2"
)
const (
logFormatLogfmt = "logfmt"
logFormatJson = "json"
)
var (
availableLogFormats = []string{
logFormatLogfmt,
logFormatJson,
}
)
func main() {
logger := log.NewLogfmtLogger(log.NewSyncWriter(os.Stdout))
logger = log.With(logger, "ts", log.DefaultTimestampUTC)
logger = log.With(logger, "caller", log.DefaultCaller)
logger.Log("msg", fmt.Sprintf("Starting prometheus-config-reloader version '%v'.", version.Version))
app := kingpin.New("prometheus-config-reloader", "")
cfgFile := app.Flag("config-file", "config file watched by the reloader").
String()
cfgSubstFile := app.Flag("config-envsubst-file", "output file for environment variable substituted config file").
String()
logFormat := app.Flag("log-format", fmt.Sprintf("Log format to use. Possible values: %s", strings.Join(availableLogFormats, ", "))).Default(logFormatLogfmt).String()
ruleDir := app.Flag("rule-dir", "rule directory for the reloader to refresh").String()
reloadURL := app.Flag("reload-url", "reload URL to trigger Prometheus reload on").
@ -52,6 +60,15 @@ func main() {
os.Exit(2)
}
logger := log.NewLogfmtLogger(log.NewSyncWriter(os.Stdout))
if *logFormat == logFormatJson {
logger = log.NewJSONLogger(log.NewSyncWriter(os.Stdout))
}
logger = log.With(logger, "ts", log.DefaultTimestampUTC)
logger = log.With(logger, "caller", log.DefaultCaller)
logger.Log("msg", fmt.Sprintf("Starting prometheus-config-reloader version '%v'.", version.Version))
if *ruleDir != "" {
if err := os.MkdirAll(*ruleDir, 0777); err != nil {
fmt.Fprintln(os.Stderr, err)

5
contrib/kube-prometheus/Makefile
View file

@ -3,8 +3,6 @@ JSONNET_FMT := jsonnet fmt -n 2 --max-blank-lines 2 --string-style s --comment-s
JB_BINARY:=$(GOPATH)/bin/jb
EMBEDMD_BINARY:=$(GOPATH)/bin/embedmd
# edit 1
all: generate fmt test
../../hack/jsonnet-docker-image: ../../scripts/jsonnet/Dockerfile
@ -26,10 +24,9 @@ generate-in-docker: ../../hack/jsonnet-docker-image
generate: manifests **.md
**.md: $(EMBEDMD_BINARY) $(shell find examples) build.sh example.jsonnet
echo '>>> inside **.md'
$(EMBEDMD_BINARY) -w `find . -name "*.md" | grep -v vendor`
manifests: vendor example.jsonnet
manifests: vendor example.jsonnet build.sh
rm -rf manifests
./build.sh

22
contrib/kube-prometheus/README.md
View file

@ -112,7 +112,7 @@ rm -rf manifests
mkdir manifests
# optional, but we would like to generate yaml, not json
jsonnet -J vendor -m manifests ${1-example.jsonnet} | xargs -I{} sh -c 'cat $1 | gojsontoyaml > $1.yaml; rm -f $1' -- {}
jsonnet -J vendor -m manifests "${1-example.jsonnet}" | xargs -I{} sh -c 'cat {} | gojsontoyaml > {}.yaml; rm -f {}' -- {}
```
@ -369,3 +369,23 @@ The Prometheus `/targets` page will show the kubelet job with the error `403 Una
#### Authorization problem
The Prometheus `/targets` page will show the kubelet job with the error `401 Unauthorized`, when token authorization is not enabled. Ensure that the `--authorization-mode=Webhook` flag is enabled on all kubelet configurations.
### kube-state-metrics resource usage
In some environments, kube-state-metrics may need additional
resources. One driver for more resource needs, is a high number of
namespaces. There may be others.
kube-state-metrics resource allocation is managed by
[addon-resizer](https://github.com/kubernetes/autoscaler/tree/master/addon-resizer/nanny)
You can control it's parameters by setting variables in the
config. They default to:
``` jsonnet
kubeStateMetrics+:: {
baseCPU: '100m',
cpuPerNode: '2m',
baseMemory: '150Mi',
memoryPerNode: '30Mi',
}
```

2
contrib/kube-prometheus/build.sh
View file

@ -9,5 +9,5 @@ rm -rf manifests
mkdir manifests
# optional, but we would like to generate yaml, not json
jsonnet -J vendor -m manifests ${1-example.jsonnet} | xargs -I{} sh -c 'cat $1 | gojsontoyaml > $1.yaml; rm -f $1' -- {}
jsonnet -J vendor -m manifests "${1-example.jsonnet}" | xargs -I{} sh -c 'cat {} | gojsontoyaml > {}.yaml; rm -f {}' -- {}

9
contrib/kube-prometheus/experimental/custom-metrics-api/gencerts.sh
View file

@ -1,7 +1,7 @@
#!/usr/bin/env bash
# Detect if we are on mac or should use GNU base64 options
case `uname` in
case $(uname) in
Darwin)
b64_opts='-b=0'
;;
@ -17,7 +17,8 @@ echo '{"signing":{"default":{"expiry":"43800h","usages":["signing","key encipher
export SERVICE_NAME=custom-metrics-apiserver
export ALT_NAMES='"custom-metrics-apiserver.monitoring","custom-metrics-apiserver.monitoring.svc"'
echo '{"CN":"'${SERVICE_NAME}'","hosts":['${ALT_NAMES}'],"key":{"algo":"rsa","size":2048}}' | cfssl gencert -ca=metrics-ca.crt -ca-key=metrics-ca.key -config=metrics-ca-config.json - | cfssljson -bare apiserver
echo "{\"CN\":\"${SERVICE_NAME}\", \"hosts\": [${ALT_NAMES}], \"key\": {\"algo\": \"rsa\",\"size\": 2048}}" | \
cfssl gencert -ca=metrics-ca.crt -ca-key=metrics-ca.key -config=metrics-ca-config.json - | cfssljson -bare apiserver
cat <<-EOF > cm-adapter-serving-certs.yaml
apiVersion: v1
@ -25,6 +26,6 @@ kind: Secret
metadata:
name: cm-adapter-serving-certs
data:
serving.crt: $(cat apiserver.pem | base64 ${b64_opts})
serving.key: $(cat apiserver-key.pem | base64 ${b64_opts})
serving.crt: $(base64 ${b64_opts} < apiserver.pem)
serving.key: $(base64 ${b64_opts} < apiserver-key.pem)
EOF

28
contrib/kube-prometheus/jsonnet/kube-prometheus/kube-state-metrics/kube-state-metrics.libsonnet
View file

@ -4,6 +4,17 @@ local k = import 'ksonnet/ksonnet.beta.3/k.libsonnet';
_config+:: {
namespace: 'default',
kubeStateMetrics+:: {
collectors: '', // empty string gets a default set
scrapeInterval: '30s',
scrapeTimeout: '30s',
baseCPU: '100m',
baseMemory: '150Mi',
cpuPerNode: '2m',
memoryPerNode: '30Mi',
},
versions+:: {
kubeStateMetrics: 'v1.3.1',
kubeRbacProxy: 'v0.3.1',
@ -137,19 +148,19 @@ local k = import 'ksonnet/ksonnet.beta.3/k.libsonnet';
'--port=8081',
'--telemetry-host=127.0.0.1',
'--telemetry-port=8082',
]) +
container.mixin.resources.withRequests({ cpu: '102m', memory: '180Mi' }) +
container.mixin.resources.withLimits({ cpu: '102m', memory: '180Mi' });
] + if $._config.kubeStateMetrics.collectors != '' then ['--collectors=' + $._config.kubeStateMetrics.collectors] else []) +
container.mixin.resources.withRequests({ cpu: $._config.kubeStateMetrics.baseCPU, memory: $._config.kubeStateMetrics.baseMemory }) +
container.mixin.resources.withLimits({ cpu: $._config.kubeStateMetrics.baseCPU, memory: $._config.kubeStateMetrics.baseMemory });
local addonResizer =
container.new('addon-resizer', $._config.imageRepos.addonResizer + ':' + $._config.versions.addonResizer) +
container.withCommand([
'/pod_nanny',
'--container=kube-state-metrics',
'--cpu=100m',
'--extra-cpu=2m',
'--memory=150Mi',
'--extra-memory=30Mi',
'--cpu=' + $._config.kubeStateMetrics.baseCPU,
'--extra-cpu=' + $._config.kubeStateMetrics.cpuPerNode,
'--memory=' + $._config.kubeStateMetrics.baseMemory,
'--extra-memory=' + $._config.kubeStateMetrics.memoryPerNode,
'--threshold=5',
'--deployment=kube-state-metrics',
]) +
@ -258,7 +269,8 @@ local k = import 'ksonnet/ksonnet.beta.3/k.libsonnet';
{
port: 'https-main',
scheme: 'https',
interval: '30s',
interval: $._config.kubeStateMetrics.scrapeInterval,
scrapeTimeout: $._config.kubeStateMetrics.scrapeTimeout,
honorLabels: true,
bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token',
tlsConfig: {

4
contrib/kube-prometheus/manifests/0prometheus-operator-0alertmanagerCustomResourceDefinition.yaml
View file

@ -2325,6 +2325,10 @@ spec:
phase:
description: Phase represents the current phase of PersistentVolumeClaim.
type: string
tag:
description: Tag of Alertmanager container image to be deployed. Defaults
to the value of `version`.
type: string
tolerations:
description: If specified, the pod's tolerations.
items:

8
contrib/kube-prometheus/manifests/0prometheus-operator-0prometheusCustomResourceDefinition.yaml
View file

@ -2839,6 +2839,10 @@ spec:
phase:
description: Phase represents the current phase of PersistentVolumeClaim.
type: string
tag:
description: Tag of Prometheus container image to be deployed. Defaults
to the value of `version`.
type: string
thanos:
description: ThanosSpec defines parameters for a Prometheus server within
a Thanos deployment.
@ -2907,6 +2911,10 @@ spec:
description: Whether to use S3 Signature Version 2; otherwise
Signature Version 4 will be used.
type: boolean
tag:
description: Tag of Thanos sidecar container image to be deployed.
Defaults to the value of `version`.
type: string
version:
description: Version describes the version of Thanos to use.
type: string

8
contrib/kube-prometheus/manifests/0prometheus-operator-deployment.yaml
View file

@ -18,9 +18,10 @@ spec:
containers:
- args:
- --kubelet-service=kube-system/kubelet
- -logtostderr=true
- --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1
- --prometheus-config-reloader=quay.io/coreos/prometheus-config-reloader:v0.21.0
image: quay.io/coreos/prometheus-operator:v0.21.0
- --prometheus-config-reloader=quay.io/coreos/prometheus-config-reloader:v0.22.0
image: quay.io/coreos/prometheus-operator:v0.22.0
name: prometheus-operator
ports:
- containerPort: 8080
@ -32,6 +33,9 @@ spec:
requests:
cpu: 100m
memory: 50Mi
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
nodeSelector:
beta.kubernetes.io/os: linux
securityContext:

34
contrib/kube-prometheus/manifests/grafana-dashboardDefinitions.yaml
View file

@ -2501,6 +2501,7 @@ items:
"instant": true,
"intervalFactor": 2,
"legendFormat": "",
"refId": "A",
"step": 10
},
{
@ -2509,6 +2510,7 @@ items:
"instant": true,
"intervalFactor": 2,
"legendFormat": "",
"refId": "B",
"step": 10
},
{
@ -2517,6 +2519,7 @@ items:
"instant": true,
"intervalFactor": 2,
"legendFormat": "",
"refId": "C",
"step": 10
},
{
@ -2525,6 +2528,7 @@ items:
"instant": true,
"intervalFactor": 2,
"legendFormat": "",
"refId": "D",
"step": 10
},
{
@ -2533,6 +2537,7 @@ items:
"instant": true,
"intervalFactor": 2,
"legendFormat": "",
"refId": "E",
"step": 10
}
],
@ -2861,6 +2866,7 @@ items:
"instant": true,
"intervalFactor": 2,
"legendFormat": "",
"refId": "A",
"step": 10
},
{
@ -2869,6 +2875,7 @@ items:
"instant": true,
"intervalFactor": 2,
"legendFormat": "",
"refId": "B",
"step": 10
},
{
@ -2877,6 +2884,7 @@ items:
"instant": true,
"intervalFactor": 2,
"legendFormat": "",
"refId": "C",
"step": 10
},
{
@ -2885,6 +2893,7 @@ items:
"instant": true,
"intervalFactor": 2,
"legendFormat": "",
"refId": "D",
"step": 10
},
{
@ -2893,6 +2902,7 @@ items:
"instant": true,
"intervalFactor": 2,
"legendFormat": "",
"refId": "E",
"step": 10
}
],
@ -3303,6 +3313,7 @@ items:
"instant": true,
"intervalFactor": 2,
"legendFormat": "",
"refId": "A",
"step": 10
},
{
@ -3311,6 +3322,7 @@ items:
"instant": true,
"intervalFactor": 2,
"legendFormat": "",
"refId": "B",
"step": 10
},
{
@ -3319,6 +3331,7 @@ items:
"instant": true,
"intervalFactor": 2,
"legendFormat": "",
"refId": "C",
"step": 10
},
{
@ -3327,6 +3340,7 @@ items:
"instant": true,
"intervalFactor": 2,
"legendFormat": "",
"refId": "D",
"step": 10
},
{
@ -3335,6 +3349,7 @@ items:
"instant": true,
"intervalFactor": 2,
"legendFormat": "",
"refId": "E",
"step": 10
}
],
@ -3663,6 +3678,7 @@ items:
"instant": true,
"intervalFactor": 2,
"legendFormat": "",
"refId": "A",
"step": 10
},
{
@ -3671,6 +3687,7 @@ items:
"instant": true,
"intervalFactor": 2,
"legendFormat": "",
"refId": "B",
"step": 10
},
{
@ -3679,6 +3696,7 @@ items:
"instant": true,
"intervalFactor": 2,
"legendFormat": "",
"refId": "C",
"step": 10
},
{
@ -3687,6 +3705,7 @@ items:
"instant": true,
"intervalFactor": 2,
"legendFormat": "",
"refId": "D",
"step": 10
},
{
@ -3695,6 +3714,7 @@ items:
"instant": true,
"intervalFactor": 2,
"legendFormat": "",
"refId": "E",
"step": 10
}
],
@ -4132,6 +4152,7 @@ items:
"instant": true,
"intervalFactor": 2,
"legendFormat": "",
"refId": "A",
"step": 10
},
{
@ -4140,6 +4161,7 @@ items:
"instant": true,
"intervalFactor": 2,
"legendFormat": "",
"refId": "B",
"step": 10
},
{
@ -4148,6 +4170,7 @@ items:
"instant": true,
"intervalFactor": 2,
"legendFormat": "",
"refId": "C",
"step": 10
},
{
@ -4156,6 +4179,7 @@ items:
"instant": true,
"intervalFactor": 2,
"legendFormat": "",
"refId": "D",
"step": 10
},
{
@ -4164,6 +4188,7 @@ items:
"instant": true,
"intervalFactor": 2,
"legendFormat": "",
"refId": "E",
"step": 10
}
],
@ -4492,6 +4517,7 @@ items:
"instant": true,
"intervalFactor": 2,
"legendFormat": "",
"refId": "A",
"step": 10
},
{
@ -4500,6 +4526,7 @@ items:
"instant": true,
"intervalFactor": 2,
"legendFormat": "",
"refId": "B",
"step": 10
},
{
@ -4508,6 +4535,7 @@ items:
"instant": true,
"intervalFactor": 2,
"legendFormat": "",
"refId": "C",
"step": 10
},
{
@ -4516,6 +4544,7 @@ items:
"instant": true,
"intervalFactor": 2,
"legendFormat": "",
"refId": "D",
"step": 10
},
{
@ -4524,6 +4553,7 @@ items:
"instant": true,
"intervalFactor": 2,
"legendFormat": "",
"refId": "E",
"step": 10
}
],
@ -5696,14 +5726,14 @@ items:
"refId": "A"
},
{
"expr": "sum by(container) (kube_pod_container_resource_requests_memory_bytes{job=\"kubelet\", namespace=\"$namespace\", pod=\"$pod\", container=\u007e\"$container\", container!=\"POD\"})",
"expr": "sum by(container) (kube_pod_container_resource_requests_memory_bytes{job=\"kube-state-metrics\", namespace=\"$namespace\", pod=\"$pod\", container=\u007e\"$container\"})",
"format": "time_series",
"intervalFactor": 2,
"legendFormat": "Requested: {{ container }}",
"refId": "B"
},
{
"expr": "sum by(container) (kube_pod_container_resource_limits_memory_bytes{job=\"kubelet\", namespace=\"$namespace\", pod=\"$pod\", container=\u007e\"$container\", container!=\"POD\"})",
"expr": "sum by(container) (kube_pod_container_resource_limits_memory_bytes{job=\"kube-state-metrics\", namespace=\"$namespace\", pod=\"$pod\", container=\u007e\"$container\"})",
"format": "time_series",
"intervalFactor": 2,
"legendFormat": "Limit: {{ container }}",

2
contrib/kube-prometheus/manifests/grafana-deployment.yaml
View file

@ -16,7 +16,7 @@ spec:
app: grafana
spec:
containers:
- image: grafana/grafana:5.1.0
- image: grafana/grafana:5.2.1
name: grafana
ports:
- containerPort: 3000

8
contrib/kube-prometheus/manifests/kube-state-metrics-deployment.yaml
View file

@ -55,11 +55,11 @@ spec:
name: kube-state-metrics
resources:
limits:
cpu: 102m
memory: 180Mi
cpu: 100m
memory: 150Mi
requests:
cpu: 102m
memory: 180Mi
cpu: 100m
memory: 150Mi
- command:
- /pod_nanny
- --container=kube-state-metrics

1
contrib/kube-prometheus/manifests/kube-state-metrics-serviceMonitor.yaml
View file

@ -12,6 +12,7 @@ spec:
interval: 30s
port: https-main
scheme: https
scrapeTimeout: 30s
tlsConfig:
insecureSkipVerify: true
- bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token

2
contrib/kube-prometheus/manifests/prometheus-rules.yaml
View file

@ -388,7 +388,7 @@ spec:
kube_deployment_spec_replicas{job="kube-state-metrics"}
!=
kube_deployment_status_replicas_available{job="kube-state-metrics"}
for: 15m
for: 1h
labels:
severity: critical
- alert: KubeStatefulSetReplicasMismatch

7
contrib/kube-prometheus/test.sh
View file

@ -8,7 +8,8 @@ for i in examples/jsonnet-snippets/*.jsonnet; do
[ -f "$i" ] || break
echo "Testing: ${i}"
echo ""
snippet="local kp = $(<${i});
fileContent=$(<"$i")
snippet="local kp = $fileContent;
$(<examples/jsonnet-build-snippet/build-snippet.jsonnet)"
echo "${snippet}" > "test.jsonnet"
@ -25,8 +26,8 @@ for i in examples/*.jsonnet; do
echo "Testing: ${i}"
echo ""
echo "\`\`\`"
echo "$(<${i})"
cat "${i}"
echo "\`\`\`"
echo ""
jsonnet -J vendor ${i} > /dev/null
jsonnet -J vendor "${i}" > /dev/null
done

8
example/non-rbac/prometheus-operator.yaml
View file

@ -18,9 +18,10 @@ spec:
containers:
- args:
- --kubelet-service=kube-system/kubelet
- -logtostderr=true
- --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1
- --prometheus-config-reloader=quay.io/coreos/prometheus-config-reloader:v0.21.0
image: quay.io/coreos/prometheus-operator:v0.21.0
- --prometheus-config-reloader=quay.io/coreos/prometheus-config-reloader:v0.22.0
image: quay.io/coreos/prometheus-operator:v0.22.0
name: prometheus-operator
ports:
- containerPort: 8080
@ -32,6 +33,9 @@ spec:
requests:
cpu: 100m
memory: 50Mi
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
nodeSelector:
beta.kubernetes.io/os: linux
securityContext:

4
example/prometheus-operator-crd/alertmanager.crd.yaml
View file

@ -2326,6 +2326,10 @@ spec:
phase:
description: Phase represents the current phase of PersistentVolumeClaim.
type: string
tag:
description: Tag of Alertmanager container image to be deployed. Defaults
to the value of `version`.
type: string
tolerations:
description: If specified, the pod's tolerations.
items:

8
example/prometheus-operator-crd/prometheus.crd.yaml
View file

@ -2840,6 +2840,10 @@ spec:
phase:
description: Phase represents the current phase of PersistentVolumeClaim.
type: string
tag:
description: Tag of Prometheus container image to be deployed. Defaults
to the value of `version`.
type: string
thanos:
description: ThanosSpec defines parameters for a Prometheus server within
a Thanos deployment.
@ -2908,6 +2912,10 @@ spec:
description: Whether to use S3 Signature Version 2; otherwise
Signature Version 4 will be used.
type: boolean
tag:
description: Tag of Thanos sidecar container image to be deployed.
Defaults to the value of `version`.
type: string
version:
description: Version describes the version of Thanos to use.
type: string

8
example/rbac/prometheus-operator/prometheus-operator-deployment.yaml
View file

@ -18,9 +18,10 @@ spec:
containers:
- args:
- --kubelet-service=kube-system/kubelet
- -logtostderr=true
- --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1
- --prometheus-config-reloader=quay.io/coreos/prometheus-config-reloader:v0.21.0
image: quay.io/coreos/prometheus-operator:v0.21.0
- --prometheus-config-reloader=quay.io/coreos/prometheus-config-reloader:v0.22.0
image: quay.io/coreos/prometheus-operator:v0.22.0
name: prometheus-operator
ports:
- containerPort: 8080
@ -32,6 +33,9 @@ spec:
requests:
cpu: 100m
memory: 50Mi
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
nodeSelector:
beta.kubernetes.io/os: linux
securityContext:

2
hack/concat-kubernetes-manifests.sh
View file

@ -3,4 +3,4 @@
# Concatenate all files with "---" because that's how to specify multiple
# Kubernetes manifests in one file. Because the first `awk` also adds "---" in
# the first line, we remove it with the second `awk` call.
awk 'FNR==1{print "---"}1' $@ | awk '{if (NR!=1) {print}}'
awk 'FNR==1{print "---"}1' "$@" | awk '{if (NR!=1) {print}}'

4
hack/run-external.sh
View file

@ -1,4 +1,4 @@
#!/bin/sh
#!/usr/bin/env bash
if [[ -z "$1" ]]; then
echo "missing cluster name"
@ -10,4 +10,4 @@ cafile=$(kubectl config view -o jsonpath="{.clusters[?(@.name == \"$1\")].cluste
certfile=$(kubectl config view -o jsonpath="{.users[?(@.name == \"$1\")].user.client-certificate}")
keyfile=$(kubectl config view -o jsonpath="{.users[?(@.name == \"$1\")].user.client-key}")
./operator --apiserver=$apiserver --ca-file=$cafile --cert-file=$certfile --key-file=$keyfile
./operator --apiserver="${apiserver}" --ca-file="${cafile}" --cert-file="${certfile}" --key-file="${keyfile}"

2
hack/show-image.sh
View file

@ -1,3 +1,3 @@
#!/bin/bash
kubectl get pods --all-namespaces -l app=$1 -ojsonpath=\{\.items\[\*\]\.spec\.containers\[\?\(\@.name==\"$1\"\)\].image\}
kubectl get pods --all-namespaces -l app="${1}" -ojsonpath="{.items[*].spec.containers[?(@.name==\"$1\")].image}"

2
helm/alertmanager/Chart.yaml
View file

@ -8,7 +8,7 @@ name: alertmanager
sources:
- https://github.com/coreos/prometheus-operator
- https://github.com/prometheus/alertmanager
version: 0.1.3
version: 0.1.4
appVersion: "0.14.0"
home: https://github.com/prometheus/alertmanager
keywords:

4
helm/alertmanager/templates/NOTES.txt
View file

@ -1 +1,5 @@
A new Alertmanager instance has been created.
DEPRECATION NOTICE:
- additionalRulesConfigMapLabels is not used anymore, use additionalRulesLabels

25
helm/alertmanager/templates/configmap.yaml
View file

@ -1,25 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
labels:
app: "alertmanager"
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
heritage: {{ .Release.Service }}
prometheus: {{ .Values.prometheusLabelValue | default .Release.Name | quote }}
release: {{ .Release.Name }}
role: alert-rules
{{- if .Values.additionalRulesConfigMapLabels }}
{{ toYaml .Values.additionalRulesConfigMapLabels | indent 4 }}
{{- end }}
name: {{ template "alertmanager.fullname" . }}
data:
{{- if .Values.prometheusRules }}
{{- $root := . }}
{{- range $key, $val := .Values.prometheusRules }}
{{ $key }}: |-
{{ $val | indent 4}}
{{- end }}
{{ else }}
alertmanager.rules: |-
{{- include "alertmanager.rules.yaml.tpl" . | indent 4}}
{{ end }}

22
helm/alertmanager/templates/prometheusrule.yaml Normal file
View file

@ -0,0 +1,22 @@
apiVersion: monitoring.coreos.com/v1
kind: PrometheusRule
metadata:
labels:
app: "alertmanager"
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
heritage: {{ .Release.Service }}
prometheus: {{ .Values.prometheusLabelValue | default .Release.Name | quote }}
release: {{ .Release.Name }}
{{- if .Values.additionalRulesLabels }}
{{ toYaml .Values.additionalRulesLabels | indent 4 }}
{{- else if .Values.additionalRulesConfigMapLabels }} # Deprecated for .Values.additionalRulesLabels
{{ toYaml .Values.additionalRulesConfigMapLabels | indent 4 }} # Deprecated for .Values.additionalRulesLabels
{{- end }}
name: {{ template "alertmanager.fullname" . }}
spec:
{{- if .Values.prometheusRules }}
groups:
{{ toYaml .Values.prometheusRules | indent 4 }}
{{ else }}
{{ include "alertmanager.rules.yaml.tpl" . | indent 2}}
{{ end }}

6
helm/alertmanager/values.yaml
View file

@ -49,9 +49,9 @@ selfServiceMonitor: true
##
additionalServiceMonitorLabels: {}
##Custom Labels to be added to Prometheus Rules ConfigMap
##Custom Labels to be added to Prometheus Rules CRD
##
additionalRulesConfigMapLabels: {}
additionalRulesLabels: {}
## Alertmanager container image
##
@ -63,7 +63,7 @@ image:
##
labels: {}
## "prometheus" label value for ServiceMonitor and rules ConfigMap
## "prometheus" label value for ServiceMonitor ConfigMap and Prometheus Rules CRD
## Release.Name by default
prometheusLabelValue: ""

2
helm/exporter-kube-controller-manager/Chart.yaml
View file

@ -1,7 +1,7 @@
apiVersion: v1
description: A Helm chart for Kubernetes
name: exporter-kube-controller-manager
version: 0.1.9
version: 0.1.10
maintainers:
- name: Michael Goodness
email: mgoodness@gmail.com

3
helm/exporter-kube-controller-manager/templates/NOTES.txt Normal file
View file

@ -0,0 +1,3 @@
DEPRECATION NOTICE:
- additionalRulesConfigMapLabels is not used anymore, use additionalRulesLabels

25
helm/exporter-kube-controller-manager/templates/configmap.yaml
View file

@ -1,25 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
labels:
app: "prometheus"
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
heritage: {{ .Release.Service }}
prometheus: {{ .Release.Name }}
release: {{ .Release.Name }}
role: alert-rules
{{- if .Values.additionalRulesConfigMapLabels }}
{{ toYaml .Values.additionalRulesConfigMapLabels | indent 4 }}
{{- end }}
name: {{ template "exporter-kube-controller-manager.fullname" . }}
data:
{{- if .Values.prometheusRules }}
{{- $root := . }}
{{- range $key, $val := .Values.prometheusRules }}
{{ $key }}: |-
{{ $val | indent 4}}
{{- end }}
{{ else }}
kube-controller-manager.rules: |-
{{- include "kube-controller-manager.rules.yaml.tpl" . | indent 4}}
{{ end }}

22
helm/exporter-kube-controller-manager/templates/prometheusrule.yaml Normal file
View file

@ -0,0 +1,22 @@
apiVersion: monitoring.coreos.com/v1
kind: PrometheusRule
metadata:
labels:
app: "prometheus"
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
heritage: {{ .Release.Service }}
prometheus: {{ .Release.Name }}
release: {{ .Release.Name }}
{{- if .Values.additionalRulesLabels }}
{{ toYaml .Values.additionalRulesLabels | indent 4 }}
{{- else if .Values.additionalRulesConfigMapLabels }} # Deprecated for .Values.additionalRulesLabels
{{ toYaml .Values.additionalRulesConfigMapLabels | indent 4 }} # Deprecated for .Values.additionalRulesLabels
{{- end }}
name: {{ template "exporter-kube-controller-manager.fullname" . }}
spec:
{{- if .Values.prometheusRules }}
groups:
{{ toYaml .Values.prometheusRules | indent 4 }}
{{ else }}
{{ include "kube-controller-manager.rules.yaml.tpl" . | indent 2}}
{{ end }}

4
helm/exporter-kube-controller-manager/values.yaml
View file

@ -12,6 +12,6 @@ serviceSelectorLabelKey: k8s-app
##
additionalServiceMonitorLabels: {}
##Custom Labels to be added to Prometheus Rules ConfigMap
##Custom Labels to be added to Prometheus Rules CRD
##
additionalRulesConfigMapLabels: {}
additionalRulesLabels: {}

2
helm/exporter-kube-etcd/Chart.yaml
View file

@ -1,7 +1,7 @@
apiVersion: v1
description: A Helm chart for Kubernetes
name: exporter-kube-etcd
version: 0.1.13
version: 0.1.15
maintainers:
- name: Giancarlo Rubio
email: gianrubio@gmail.com

3
helm/exporter-kube-etcd/templates/NOTES.txt Normal file
View file

@ -0,0 +1,3 @@
DEPRECATION NOTICE:
- additionalRulesConfigMapLabels is not used anymore, use additionalRulesLabels

25
helm/exporter-kube-etcd/templates/configmap.yaml
View file

@ -1,25 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
labels:
app: "prometheus"
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
heritage: {{ .Release.Service }}
prometheus: {{ .Release.Name }}
release: {{ .Release.Name }}
role: alert-rules
{{- if .Values.additionalRulesConfigMapLabels }}
{{ toYaml .Values.additionalRulesConfigMapLabels | indent 4 }}
{{- end }}
name: {{ template "exporter-kube-etcd.fullname" . }}
data:
{{- if .Values.prometheusRules }}
{{- $root := . }}
{{- range $key, $val := .Values.prometheusRules }}
{{ $key }}: |-
{{ tpl $val $root | indent 4}}
{{- end }}
{{ else }}
etcd3.rules: |-
{{- include "etcd3.rules.yaml.tpl" . | indent 4}}
{{ end }}

22
helm/exporter-kube-etcd/templates/prometheusrule.yaml Normal file
View file

@ -0,0 +1,22 @@
apiVersion: monitoring.coreos.com/v1
kind: PrometheusRule
metadata:
labels:
app: "prometheus"
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
heritage: {{ .Release.Service }}
prometheus: {{ .Release.Name }}
release: {{ .Release.Name }}
{{- if .Values.additionalRulesLabels }}
{{ toYaml .Values.additionalRulesLabels | indent 4 }}
{{- else if .Values.additionalRulesConfigMapLabels }} # Deprecated for .Values.additionalRulesLabels
{{ toYaml .Values.additionalRulesConfigMapLabels | indent 4 }} # Deprecated for .Values.additionalRulesLabels
{{- end }}
name: {{ template "exporter-kube-etcd.fullname" . }}
spec:
{{- if .Values.prometheusRules }}
groups:
{{ toYaml .Values.prometheusRules | indent 4 }}
{{ else }}
{{ include "etcd3.rules.yaml.tpl" . | indent 2}}
{{ end }}

2
helm/exporter-kube-etcd/templates/service.yaml
View file

@ -18,6 +18,6 @@ spec:
targetPort: {{ .Values.etcdPort }}
{{- if .Values.endpoints }}{{- else }}
selector:
k8s-app: etcd-server
{{ .Values.serviceSelectorLabelKey }}: {{ .Values.serviceSelectorLabelValue }}
{{- end }}
type: ClusterIP

8
helm/exporter-kube-etcd/values.yaml
View file

@ -4,6 +4,10 @@ etcdPort: 4001
endpoints: []
# Are we talking http or https?
scheme: http
# service selector label key to target kube etcd pods
serviceSelectorLabelKey: k8s-app
# service selector label value to target kube etcd pods
serviceSelectorLabelValue: etcd-server
# default rules are in templates/etcd3.rules.yaml
# prometheusRules: {}
@ -15,9 +19,9 @@ keyFile: ""
## Custom Labels to be added to ServiceMonitor
##
additionalServiceMonitorLabels: {}
##Custom Labels to be added to Prometheus Rules ConfigMap
##Custom Labels to be added to Prometheus Rules CRD
##
additionalRulesConfigMapLabels: {}
additionalRulesLabels: {}
serviceMonitor:
create: true

2
helm/exporter-kube-scheduler/Chart.yaml
View file

@ -1,7 +1,7 @@
apiVersion: v1
description: A Helm chart singleton for kube-state-metrics
name: exporter-kube-scheduler
version: 0.1.8
version: 0.1.9
maintainers:
- name: Michael Goodness
email: mgoodness@gmail.com

3
helm/exporter-kube-scheduler/templates/NOTES.txt Normal file
View file

@ -0,0 +1,3 @@
DEPRECATION NOTICE:
- additionalRulesConfigMapLabels is not used anymore, use additionalRulesLabels

25
helm/exporter-kube-scheduler/templates/configmap.yaml
View file

@ -1,25 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
labels:
app: "prometheus"
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
heritage: {{ .Release.Service }}
prometheus: {{ .Release.Name }}
release: {{ .Release.Name }}
role: alert-rules
{{- if .Values.additionalRulesConfigMapLabels }}
{{ toYaml .Values.additionalRulesConfigMapLabels | indent 4 }}
{{- end }}
name: {{ template "exporter-kube-scheduler.fullname" . }}
data:
{{- if .Values.prometheusRules }}
{{- $root := . }}
{{- range $key, $val := .Values.prometheusRules }}
{{ $key }}: |-
{{ tpl $val $root | indent 4}}
{{- end }}
{{ else }}
kube-scheduler.rules: |-
{{- include "kube-scheduler.rules.yaml.tpl" . | indent 4}}
{{ end }}

22
helm/exporter-kube-scheduler/templates/prometheusrule.yaml Normal file
View file

@ -0,0 +1,22 @@
apiVersion: monitoring.coreos.com/v1
kind: PrometheusRule
metadata:
labels:
app: "prometheus"
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
heritage: {{ .Release.Service }}
prometheus: {{ .Release.Name }}
release: {{ .Release.Name }}
{{- if .Values.additionalRulesLabels }}
{{ toYaml .Values.additionalRulesLabels | indent 4 }}
{{- else if .Values.additionalRulesConfigMapLabels }} # Deprecated for .Values.additionalRulesLabels
{{ toYaml .Values.additionalRulesConfigMapLabels | indent 4 }} # Deprecated for .Values.additionalRulesLabels
{{- end }}
name: {{ template "exporter-kube-scheduler.fullname" . }}
spec:
{{- if .Values.prometheusRules }}
groups:
{{ toYaml .Values.prometheusRules | indent 4 }}
{{ else }}
{{ include "kube-scheduler.rules.yaml.tpl" . | indent 2}}
{{ end }}

4
helm/exporter-kube-scheduler/values.yaml
View file

@ -11,6 +11,6 @@ serviceSelectorLabelKey: k8s-app
## Custom Labels to be added to ServiceMonitor
##
additionalServiceMonitorLabels: {}
##Custom Labels to be added to Prometheus Rules ConfigMap
##Custom Labels to be added to Prometheus Rules CRD
##
additionalRulesConfigMapLabels: {}
additionalRulesLabels: {}

2
helm/exporter-kube-state/Chart.yaml
View file

@ -1,7 +1,7 @@
apiVersion: v1
description: A Helm chart singleton for kube-state-metrics
name: exporter-kube-state
version: 0.2.4
version: 0.2.5
maintainers:
- name: Giancarlo Rubio
email: gianrubio@gmail.com

4
helm/exporter-kube-state/templates/NOTES.txt
View file

@ -15,3 +15,7 @@
{{- end }}
IMPORTANT: this is a singleton chart; only install one per cluster
DEPRECATION NOTICE:
- additionalRulesConfigMapLabels is not used anymore, use additionalRulesLabels

25
helm/exporter-kube-state/templates/configmap.yaml
View file

@ -1,25 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
labels:
app: "prometheus"
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
heritage: {{ .Release.Service }}
prometheus: {{ .Release.Name }}
release: {{ .Release.Name }}
role: alert-rules
{{- if .Values.additionalRulesConfigMapLabels }}
{{ toYaml .Values.additionalRulesConfigMapLabels | indent 4 }}
{{- end }}
name: {{ template "exporter-kube-state.fullname" . }}
data:
{{- if .Values.prometheusRules }}
{{- $root := . }}
{{- range $key, $val := .Values.prometheusRules }}
{{ $key }}: |-
{{ $val | indent 4}}
{{- end }}
{{ else }}
kube-state-metrics.rules: |-
{{- include "kube-state-metrics.rules.yaml.tpl" . | indent 4}}
{{ end }}

22
helm/exporter-kube-state/templates/prometheusrule.yaml Normal file
View file

@ -0,0 +1,22 @@
apiVersion: monitoring.coreos.com/v1
kind: PrometheusRule
metadata:
labels:
app: "prometheus"
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
heritage: {{ .Release.Service }}
prometheus: {{ .Release.Name }}
release: {{ .Release.Name }}
{{- if .Values.additionalRulesLabels }}
{{ toYaml .Values.additionalRulesLabels | indent 4 }}
{{- else if .Values.additionalRulesConfigMapLabels }} # Deprecated for .Values.additionalRulesLabels
{{ toYaml .Values.additionalRulesConfigMapLabels | indent 4 }} # Deprecated for .Values.additionalRulesLabels
{{- end }}
name: {{ template "exporter-kube-state.fullname" . }}
spec:
{{- if .Values.prometheusRules }}
groups:
{{ toYaml .Values.prometheusRules | indent 4 }}
{{ else }}
{{ include "kube-state-metrics.rules.yaml.tpl" . | indent 2}}
{{ end }}

4
helm/exporter-kube-state/values.yaml
View file

@ -55,6 +55,6 @@ tolerations: {}
## Custom Labels to be added to ServiceMonitor
##
additionalServiceMonitorLabels: {}
##Custom Labels to be added to Prometheus Rules ConfigMap
##Custom Labels to be added to Prometheus Rules CRD
##
additionalRulesConfigMapLabels: {}
additionalRulesLabels: {}

2
helm/exporter-kubelets/Chart.yaml
View file

@ -1,7 +1,7 @@
apiVersion: v1
description: A Helm chart for Kubernetes
name: exporter-kubelets
version: 0.2.10
version: 0.2.11
maintainers:
- name: Michael Goodness
email: mgoodness@gmail.com

3
helm/exporter-kubelets/templates/NOTES.txt Normal file
View file

@ -0,0 +1,3 @@
DEPRECATION NOTICE:
- additionalRulesConfigMapLabels is not used anymore, use additionalRulesLabels

25
helm/exporter-kubelets/templates/configmap.yaml
View file

@ -1,25 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
labels:
app: "prometheus"
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
heritage: {{ .Release.Service }}
prometheus: {{ .Release.Name }}
release: {{ .Release.Name }}
role: alert-rules
{{- if .Values.additionalRulesConfigMapLabels }}
{{ toYaml .Values.additionalRulesConfigMapLabels | indent 4 }}
{{- end }}
name: {{ template "exporter-kubelets.fullname" . }}
data:
{{- if .Values.prometheusRules }}
{{- $root := . }}
{{- range $key, $val := .Values.prometheusRules }}
{{ $key }}: |-
{{ $val | indent 4}}
{{- end }}
{{ else }}
kubelet.rules: |-
{{- include "kubelet.rules.yaml.tpl" . | indent 4}}
{{ end }}

22
helm/exporter-kubelets/templates/prometheusrule.yaml Normal file
View file

@ -0,0 +1,22 @@
apiVersion: monitoring.coreos.com/v1
kind: PrometheusRule
metadata:
labels:
app: "prometheus"
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
heritage: {{ .Release.Service }}
prometheus: {{ .Release.Name }}
release: {{ .Release.Name }}
{{- if .Values.additionalRulesLabels }}
{{ toYaml .Values.additionalRulesLabels | indent 4 }}
{{- else if .Values.additionalRulesConfigMapLabels }} # Deprecated for .Values.additionalRulesLabels
{{ toYaml .Values.additionalRulesConfigMapLabels | indent 4 }} # Deprecated for .Values.additionalRulesLabels
{{- end }}
name: {{ template "exporter-kubelets.fullname" . }}
spec:
{{- if .Values.prometheusRules }}
groups:
{{ toYaml .Values.prometheusRules | indent 4 }}
{{ else }}
{{ include "kubelet.rules.yaml.tpl" . | indent 2}}
{{ end }}

4
helm/exporter-kubelets/values.yaml
View file

@ -9,6 +9,6 @@ insecureSkipVerify: true
## Custom Labels to be added to ServiceMonitor
##
additionalServiceMonitorLabels: {}
##Custom Labels to be added to Prometheus Rules ConfigMap
##Custom Labels to be added to Prometheus Rules CRD
##
additionalRulesConfigMapLabels: {}
additionalRulesLabels: {}

2
helm/exporter-kubernetes/Chart.yaml
View file

@ -1,7 +1,7 @@
apiVersion: v1
description: A Helm chart for Kubernetes
name: exporter-kubernetes
version: 0.1.9
version: 0.1.10
maintainers:
- name: Giancarlo Rubio
email: gianrubio@gmail.com

3
helm/exporter-kubernetes/templates/NOTES.txt Normal file
View file

@ -0,0 +1,3 @@
DEPRECATION NOTICE:
- additionalRulesConfigMapLabels is not used anymore, use additionalRulesLabels

25
helm/exporter-kubernetes/templates/configmap.yaml
View file

@ -1,25 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
labels:
app: "prometheus"
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
heritage: {{ .Release.Service }}
prometheus: {{ .Release.Name }}
release: {{ .Release.Name }}
role: alert-rules
{{- if .Values.additionalRulesConfigMapLabels }}
{{ toYaml .Values.additionalRulesConfigMapLabels | indent 4 }}
{{- end }}
name: {{ template "exporter-kubernetes.fullname" . }}
data:
{{- if .Values.prometheusRules }}
{{- $root := . }}
{{- range $key, $val := .Values.prometheusRules }}
{{ $key }}: |-
{{ $val | indent 4}}
{{- end }}
{{ else }}
kubernetes.rules: |-
{{- include "kubernetes.rules.yaml.tpl" . | indent 4}}
{{ end }}

22
helm/exporter-kubernetes/templates/prometheusrule.yaml Normal file
View file

@ -0,0 +1,22 @@
apiVersion: monitoring.coreos.com/v1
kind: PrometheusRule
metadata:
labels:
app: "prometheus"
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
heritage: {{ .Release.Service }}
prometheus: {{ .Release.Name }}
release: {{ .Release.Name }}
{{- if .Values.additionalRulesLabels }}
{{ toYaml .Values.additionalRulesLabels | indent 4 }}
{{- else if .Values.additionalRulesConfigMapLabels }} # Deprecated for .Values.additionalRulesLabels
{{ toYaml .Values.additionalRulesConfigMapLabels | indent 4 }} # Deprecated for .Values.additionalRulesLabels
{{- end }}
name: {{ template "exporter-kubernetes.fullname" . }}
spec:
{{- if .Values.prometheusRules }}
groups:
{{ toYaml .Values.prometheusRules | indent 4 }}
{{ else }}
{{ include "kubernetes.rules.yaml.tpl" . | indent 2}}
{{ end }}

4
helm/exporter-kubernetes/values.yaml
View file

@ -4,6 +4,6 @@
## Custom Labels to be added to ServiceMonitor
##
additionalServiceMonitorLabels: {}
##Custom Labels to be added to Prometheus Rules ConfigMap
##Custom Labels to be added to Prometheus Rules CRD
##
additionalRulesConfigMapLabels: {}
additionalRulesLabels: {}

4
helm/exporter-node/Chart.yaml
View file

@ -1,7 +1,7 @@
apiVersion: v1
description: A Helm chart for Kubernetes node exporter
name: exporter-node
version: 0.3.3
version: 0.4.2
maintainers:
- name: Giancarlo Rubio
email: gianrubio@gmail.com
@ -12,4 +12,4 @@ sources:
keywords:
- node-exporter
- monitoring
- prometheus
- prometheus

25
helm/exporter-node/templates/configmap.yaml
View file

@ -1,25 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
labels:
app: "prometheus"
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
heritage: {{ .Release.Service }}
prometheus: {{ .Release.Name }}
release: {{ .Release.Name }}
role: alert-rules
{{- if .Values.additionalRulesConfigMapLabels }}
{{ toYaml .Values.additionalRulesConfigMapLabels | indent 4 }}
{{- end }}
name: {{ template "exporter-node.fullname" . }}
data:
{{- if .Values.prometheusRules }}
{{- $root := . }}
{{- range $key, $val := .Values.prometheusRules }}
{{ $key }}: |-
{{ $val | indent 4}}
{{- end }}
{{ else }}
node.rules: |-
{{- include "node.rules.yaml.tpl" . | indent 4}}
{{ end }}

2
helm/exporter-node/templates/daemonset.yaml
View file

@ -1,3 +1,4 @@
{{- if .Values.enableDaemonSet }}
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
@ -48,3 +49,4 @@ spec:
volumes:
{{ toYaml .Values.container.volumes | indent 6 }}
{{- end}}
{{- end }}

21
helm/exporter-node/templates/endpoints.yaml Normal file
View file

@ -0,0 +1,21 @@
{{- if .Values.endpoints }}
apiVersion: v1
kind: Endpoints
metadata:
labels:
app: {{ template "exporter-node.name" . }}
component: node-exporter
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
name: {{ template "exporter-node.fullname" . }}
subsets:
- addresses:
{{- range .Values.endpoints }}
- ip: {{ . }}
{{- end }}
ports:
- name: metrics
port: {{ .Values.nodeExporterPort }}
protocol: TCP
{{- end }}

22
helm/exporter-node/templates/prometheusrule.yaml Normal file
View file

@ -0,0 +1,22 @@
apiVersion: monitoring.coreos.com/v1
kind: PrometheusRule
metadata:
labels:
app: "prometheus"
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
heritage: {{ .Release.Service }}
prometheus: {{ .Release.Name }}
release: {{ .Release.Name }}
{{- if .Values.additionalRulesLabels }}
{{ toYaml .Values.additionalRulesLabels | indent 4 }}
{{- else if .Values.additionalRulesConfigMapLabels }} # Deprecated for .Values.additionalRulesLabels
{{ toYaml .Values.additionalRulesConfigMapLabels | indent 4 }} # Deprecated for .Values.additionalRulesLabels
{{- end }}
name: {{ template "exporter-node.fullname" . }}
spec:
{{- if .Values.prometheusRules }}
groups:
{{ toYaml .Values.prometheusRules | indent 4 }}
{{ else }}
{{ include "node.rules.yaml.tpl" . | indent 2}}
{{ end }}

2
helm/exporter-node/templates/psp-clusterrole.yaml
View file

@ -1,3 +1,4 @@
{{- if .Values.enableDaemonSet }}
{{- if .Values.global.rbacEnable }}
{{- if .Values.global.pspEnable }}
kind: ClusterRole
@ -21,3 +22,4 @@ rules:
- {{ template "exporter-node.fullname" . }}
{{- end }}
{{- end }}
{{- end }}

2
helm/exporter-node/templates/psp-clusterrolebinding.yaml
View file

@ -1,3 +1,4 @@
{{- if .Values.enableDaemonSet }}
{{- if .Values.global.rbacEnable }}
{{- if .Values.global.pspEnable }}
{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1beta1" }}
@ -23,3 +24,4 @@ subjects:
namespace: {{ .Release.Namespace }}
{{- end }}
{{- end }}
{{- end }}

2
helm/exporter-node/templates/psp.yaml
View file

@ -1,3 +1,4 @@
{{- if .Values.enableDaemonSet }}
{{- if .Values.global.pspEnable }}
apiVersion: extensions/v1beta1
kind: PodSecurityPolicy
@ -51,3 +52,4 @@ spec:
max: 65535
readOnlyRootFilesystem: false
{{- end }}
{{- end }}

10
helm/exporter-node/templates/service.yaml
View file

@ -9,6 +9,7 @@ metadata:
release: {{ .Release.Name }}
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
spec:
{{- if .Values.enableDaemonSet }}
type: {{ .Values.service.type }}
ports:
- name: metrics
@ -19,3 +20,12 @@ spec:
app: {{ template "exporter-node.fullname" . }}
component: node-exporter
release: {{ .Release.Name }}
{{- else }}
type: ClusterIP
clusterIP: None
ports:
- name: metrics
port: {{ .Values.service.externalPort }}
protocol: TCP
targetPort: metrics
{{- end }}

2
helm/exporter-node/templates/serviceaccount.yaml
View file

@ -1,3 +1,4 @@
{{- if .Values.enableDaemonSet }}
{{- if .Values.global.rbacEnable }}
apiVersion: v1
kind: ServiceAccount
@ -11,3 +12,4 @@ metadata:
imagePullSecrets:
{{ toYaml .Values.global.imagePullSecrets | indent 2 }}
{{- end }}
{{- end }}

11
helm/exporter-node/values.yaml
View file

@ -62,6 +62,13 @@ global:
## Custom Labels to be added to ServiceMonitor
##
additionalServiceMonitorLabels: {}
##Custom Labels to be added to Prometheus Rules ConfigMap
##Custom Labels to be added to Prometheus Rules CRD
##
additionalRulesConfigMapLabels: {}
additionalRulesLabels: {}
# deploy node_exporter as a DaemonSet
enableDaemonSet: true
# for deployments that have node_exporter deployed outside of the cluster, list
# their addresses here
endpoints: []
nodeExporterPort: 9100

22
helm/hack/e2e-test.sh
View file

@ -9,7 +9,7 @@ set -o xtrace
HELM_URL=https://storage.googleapis.com/kubernetes-helm
HELM_TARBALL=helm-v2.7.2-linux-amd64.tar.gz
NAMESPACE="helm-monitoring"
CUR_DIR=$(dirname "$BASH_SOURCE")
CUR_DIR=$(dirname "${BASH_SOURCE[0]}")
wget -q ${HELM_URL}/${HELM_TARBALL}
tar xzfv ${HELM_TARBALL}
@ -22,23 +22,23 @@ kubectl create clusterrolebinding tiller --clusterrole cluster-admin --serviceac
helm init --service-account tiller --upgrade
# wait until all minkube pods, including tiller, are in reading state
$(dirname "$BASH_SOURCE")/wait-pods-running-state.sh kube-system
"${CUR_DIR}"/wait-pods-running-state.sh kube-system
kubectl create ns ${NAMESPACE}
# replace current http repository to the helm path
sed -ie 's/ repository/# repository/g' $(pwd)/helm/*/requirements.yaml
sed -ie 's/#e2e-repository/repository/g' $(pwd)/helm/*/requirements.yaml
sed -ie 's/ repository/# repository/g' "$(pwd)"/helm/*/requirements.yaml
sed -ie 's/#e2e-repository/repository/g' "$(pwd)"/helm/*/requirements.yaml
# package charts and install all
$(dirname "$BASH_SOURCE")/helm-package.sh prometheus-operator
$(dirname "$BASH_SOURCE")/helm-package.sh kube-prometheus
# package charts and install all
"${CUR_DIR}"/helm-package.sh prometheus-operator
"${CUR_DIR}"/helm-package.sh kube-prometheus
helm install --namespace=${NAMESPACE} $(pwd)/helm/prometheus-operator --name prometheus-operator
helm install --namespace=${NAMESPACE} $(pwd)/helm/kube-prometheus --name kube-prometheus
helm install --namespace="${NAMESPACE}" "$(pwd)/helm/prometheus-operator" --name prometheus-operator
helm install --namespace="${NAMESPACE}" "$(pwd)/helm/kube-prometheus" --name kube-prometheus
# check if all pods are ready
$(dirname "$BASH_SOURCE")/wait-pods-running-state.sh ${NAMESPACE}
"${CUR_DIR}"/wait-pods-running-state.sh ${NAMESPACE}
# reset helm changes
git reset --hard
git reset --hard

20
helm/hack/helm-package.sh
View file

@ -17,24 +17,26 @@ HELM_INDEX="${HELM_CHARTS_PACKAGED_DIR}/index.yaml"
wget ${HELM_URL}/${HELM_TARBALL}
tar xzfv ${HELM_TARBALL}
export PATH=${PATH}:$(pwd)/linux-amd64/
PATH=${PATH}:$(pwd)/linux-amd64/
export PATH
# Clean up tarball
rm -f ${HELM_TARBALL}
# Package helm and dependencies
mkdir -p ${HELM_CHARTS_PACKAGED_DIR}
mkdir -p "${HELM_CHARTS_PACKAGED_DIR}"
helm init --client-only
helm repo add ${HELM_BUCKET_NAME} ${HELM_REPO_URL}
# check if charts has dependencies,
for chart in ${HELM_PACKAGES}
do
# # update dependencies before package the chart
cd ${HELM_CHARTS_DIRECTORY}/${chart}
helm dep update
helm package . -d ${HELM_CHARTS_PACKAGED_DIR}
cd -
do
(
# update dependencies before package the chart
cd "${HELM_CHARTS_DIRECTORY}/${chart}"
helm dep update
helm package . -d "${HELM_CHARTS_PACKAGED_DIR}"
)
done
# donwload the current remote index.yaml
@ -42,4 +44,4 @@ if [ ! -f "${HELM_INDEX}" ]; then
wget ${HELM_REPO_URL}index.yaml -O "${HELM_INDEX}"
fi
helm repo index ${HELM_CHARTS_PACKAGED_DIR} --url ${HELM_REPO_URL} --debug --merge ${HELM_INDEX}
helm repo index "${HELM_CHARTS_PACKAGED_DIR}" --url "${HELM_REPO_URL}" --debug --merge "${HELM_INDEX}"

13
helm/hack/sync-repo.sh
View file

@ -6,18 +6,17 @@ set -o xtrace
HELM_BUCKET_NAME="coreos-charts"
SYNC_TO_S3=${1:-"false"}
HELM_CHARTS_PACKAGED_DIR=${2:-"/tmp/helm-packaged"}
AWS_REGION=${3:-"eu-west-1"}
#Check if the current chart has the same hash from the remote one
for tgz in $(ls ${HELM_CHARTS_PACKAGED_DIR})
for tgz in "${HELM_CHARTS_PACKAGED_DIR}"/*
do
if echo "${tgz}" | grep -vq "kube-prometheus"
then # if remote file doesn't exist we can skip the comparison
status_code=$(curl -s -o /dev/null -w "%{http_code}" https://s3-eu-west-1.amazonaws.com/${HELM_BUCKET_NAME}/stable/${tgz})
status_code=$(curl -s -o /dev/null -w "%{http_code}" "https://s3-eu-west-1.amazonaws.com/${HELM_BUCKET_NAME}/stable/${tgz}")
if [ "$status_code" == "200" ]
then
cur_hash=$(md5sum ${HELM_CHARTS_PACKAGED_DIR}/${tgz} | awk '{print $1}' )
remote_hash=$(curl -s https://s3-eu-west-1.amazonaws.com/${HELM_BUCKET_NAME}/stable/${tgz} | md5sum | awk '{print $1}')
cur_hash=$(md5sum "${HELM_CHARTS_PACKAGED_DIR}/${tgz}" | awk '{print $1}' )
remote_hash=$(curl -s "https://s3-eu-west-1.amazonaws.com/${HELM_BUCKET_NAME}/stable/${tgz}" | md5sum | awk '{print $1}')
if [ "${tgz}" != "index.yaml" ] && [ "$cur_hash" != "$remote_hash" ]
then
echo "ERROR: Current hash should be the same as the remote hash. Please bump the version of chart {$tgz}."
@ -28,9 +27,9 @@ do
done
# sync charts
if [ ${SYNC_TO_S3} = true ]
if [ "${SYNC_TO_S3}" = true ]
then
aws s3 sync --acl public-read ${HELM_CHARTS_PACKAGED_DIR} s3://${HELM_BUCKET_NAME}/stable/
aws s3 sync --acl public-read "${HELM_CHARTS_PACKAGED_DIR}" "s3://${HELM_BUCKET_NAME}/stable/"
fi
exit 0

7
helm/hack/wait-pods-running-state.sh
View file

@ -11,14 +11,13 @@ set -o xtrace
NAMESPACE=$1
# Ensure all pods in the namespace entered a Running state
SUCCESS=0
PODS_FOUND=0
POD_RETRY_COUNT=0
RETRY=60
RETRY_DELAY=10
while [ "$POD_RETRY_COUNT" -lt "$RETRY" ]; do
POD_RETRY_COUNT=$((POD_RETRY_COUNT+1))
POD_STATUS=`kubectl get pods --no-headers --namespace $NAMESPACE`
POD_STATUS=$(kubectl get pods --no-headers --namespace "${NAMESPACE}")
if [ -z "$POD_STATUS" ];then
echo "INFO: No pods found for this release, retrying after sleep"
POD_RETRY_COUNT=$((POD_RETRY_COUNT+1))
@ -34,8 +33,8 @@ while [ "$POD_RETRY_COUNT" -lt "$RETRY" ]; do
CONTAINER_RETRY_COUNT=0
while [ "$CONTAINER_RETRY_COUNT" -lt "$RETRY" ]; do
UNREADY_CONTAINERS=`kubectl get pods --namespace $NAMESPACE \
-o jsonpath="{.items[*].status.containerStatuses[?(@.ready!=true)].name}"`
UNREADY_CONTAINERS=$(kubectl get pods --namespace "${NAMESPACE}" \
-o jsonpath="{.items[*].status.containerStatuses[?(@.ready!=true)].name}")
if [ -n "$UNREADY_CONTAINERS" ];then
echo "INFO: Some containers are not yet ready; retrying after sleep"
CONTAINER_RETRY_COUNT=$((CONTAINER_RETRY_COUNT+1))

16
helm/kube-prometheus/requirements.yaml
View file

@ -1,6 +1,6 @@
dependencies:
- name: alertmanager
version: 0.1.3
version: 0.1.4
#e2e-repository: file://../alertmanager
repository: https://s3-eu-west-1.amazonaws.com/coreos-charts/stable/
condition: deployAlertManager
@ -17,7 +17,7 @@ dependencies:
condition: deployCoreDNS
- name: exporter-kube-controller-manager
version: 0.1.9
version: 0.1.10
#e2e-repository: file://../exporter-kube-controller-manager
repository: https://s3-eu-west-1.amazonaws.com/coreos-charts/stable/
condition: deployKubeControllerManager
@ -29,36 +29,36 @@ dependencies:
condition: deployKubeDNS
- name: exporter-kube-etcd
version: 0.1.13
version: 0.1.15
#e2e-repository: file://../exporter-kube-etcd
repository: https://s3-eu-west-1.amazonaws.com/coreos-charts/stable/
condition: deployKubeEtcd
- name: exporter-kube-scheduler
version: 0.1.8
version: 0.1.9
#e2e-repository: file://../exporter-kube-scheduler
repository: https://s3-eu-west-1.amazonaws.com/coreos-charts/stable/
condition: deployKubeScheduler
- name: exporter-kube-state
version: 0.2.4
version: 0.2.5
#e2e-repository: file://../exporter-kube-state
repository: https://s3-eu-west-1.amazonaws.com/coreos-charts/stable/
condition: deployKubeState
- name: exporter-kubelets
version: 0.2.10
version: 0.2.11
#e2e-repository: file://../exporter-kubelets
repository: https://s3-eu-west-1.amazonaws.com/coreos-charts/stable/
condition: deployKubelets
- name: exporter-kubernetes
version: 0.1.9
version: 0.1.10
#e2e-repository: file://../exporter-kubernetes
repository: https://s3-eu-west-1.amazonaws.com/coreos-charts/stable/
- name: exporter-node
version: 0.3.3
version: 0.4.2
#e2e-repository: file://../exporter-node
repository: https://s3-eu-west-1.amazonaws.com/coreos-charts/stable/
condition: deployExporterNode

9
helm/kube-prometheus/templates/NOTES.txt
View file

@ -3,3 +3,12 @@ DEPRECATION NOTICE:
- alertmanager.ingress.fqdn is not used anymore, use alertmanager.ingress.hosts []
- prometheus.ingress.fqdn is not used anymore, use prometheus.ingress.hosts []
- grafana.ingress.fqdn is not used anymore, use prometheus.grafana.hosts []
- additionalRulesConfigMapLabels is not used anymore, use additionalRulesLabels
- prometheus.additionalRulesConfigMapLabels is not used anymore, use additionalRulesLabels
- alertmanager.additionalRulesConfigMapLabels is not used anymore, use additionalRulesLabels
- exporter-kube-controller-manager.additionalRulesConfigMapLabels is not used anymore, use additionalRulesLabels
- exporter-kube-etcd.additionalRulesConfigMapLabels is not used anymore, use additionalRulesLabels
- exporter-kube-scheduler.additionalRulesConfigMapLabels is not used anymore, use additionalRulesLabels
- exporter-kubelets.additionalRulesConfigMapLabels is not used anymore, use additionalRulesLabels
- exporter-kubernetes.additionalRulesConfigMapLabels is not used anymore, use additionalRulesLabels

22
helm/kube-prometheus/templates/configmap.yaml
View file

@ -1,22 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
labels:
app: "prometheus"
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
heritage: {{ .Release.Service }}
prometheus: {{ .Release.Name }}
release: {{ .Release.Name }}
role: alert-rules
name: {{ template "kube-prometheus.fullname" . }}
data:
{{- if .Values.prometheusRules }}
{{- $root := . }}
{{- range $key, $val := .Values.prometheusRules }}
{{ $key }}: |-
{{ tpl $val $root | indent 4}}
{{- end }}
{{ else }}
general.rules: |-
{{- include "general.rules.yaml.tpl" . | indent 4}}
{{ end }}

22
helm/kube-prometheus/templates/prometheusrule.yaml Normal file
View file

@ -0,0 +1,22 @@
apiVersion: monitoring.coreos.com/v1
kind: PrometheusRule
metadata:
labels:
app: "prometheus"
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
heritage: {{ .Release.Service }}
prometheus: {{ .Release.Name }}
release: {{ .Release.Name }}
{{- if .Values.additionalRulesLabels }}
{{ toYaml .Values.additionalRulesLabels | indent 4 }}
{{- else if .Values.additionalRulesConfigMapLabels }} # Deprecated for .Values.additionalRulesLabels
{{ toYaml .Values.additionalRulesConfigMapLabels | indent 4 }} # Deprecated for .Values.additionalRulesLabels
{{- end }}
name: {{ template "kube-prometheus.fullname" . }}
spec:
{{- if .Values.prometheusRules }}
groups:
{{ toYaml .Values.prometheusRules | indent 4 }}
{{ else }}
{{ include "general.rules.yaml.tpl" . | indent 2}}
{{ end }}

10
helm/kube-prometheus/values.yaml
View file

@ -269,7 +269,7 @@ prometheus:
## If unspecified, only the same namespace as the Prometheus object is in is used.
ruleNamespaceSelector: {}
## Rules configmap selector
## Rules PrometheusRule CRD selector
## Ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/design.md
##
## 1. If `matchLabels` is used, `rules.additionalLabels` must contain all the labels from
@ -292,7 +292,7 @@ prometheus:
##
rules:
specifiedInValues: true
## What additional rules to be added to the ConfigMap
## What additional rules to be added to the PrometheusRule CRD
## You can use this together with `rulesSelector`
additionalLabels: {}
# prometheus: example-rules
@ -439,3 +439,9 @@ prometheus:
deployCoreDNS: false
deployKubeDNS: true
deployKubeEtcd: true
##Custom Labels to be added to Prometheus Rules CRD
##
additionalRulesLabels: {}
# additionalRulesConfigMapLabels:
# team: devops

2
helm/prometheus/README.md
View file

@ -67,7 +67,7 @@ Parameter | Description | Default
`routePrefix` | Prefix used to register routes, overriding externalUrl route | `/`
`rules` | Prometheus alerting & recording rules | `{}`
`ruleNamespaceSelector` | Namespaces to be selected for PrometheusRules discovery | `{}`
`rulesSelector` | Rules ConfigMap selector | `{}`
`rulesSelector` | Rules CRD selector | `{}`
`secrets` | List of Secrets in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods. | `{}`
`service.annotations` | Annotations to be added to the Prometheus Service | `{}`
`service.clusterIP` | Cluster-internal IP address for Prometheus Service | `""`

4
helm/prometheus/templates/NOTES.txt
View file

@ -1 +1,5 @@
A new Prometheus instance has been created.
DEPRECATION NOTICE:
- additionalRulesConfigMapLabels is not used anymore, use additionalRulesLabels

25
helm/prometheus/templates/configmap.yaml
View file

@ -1,25 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
labels:
app: "prometheus"
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
heritage: {{ .Release.Service }}
prometheus: {{ .Values.prometheusLabelValue | default .Release.Name | quote }}
release: {{ .Release.Name }}
role: alert-rules
{{- if .Values.additionalRulesConfigMapLabels }}
{{ toYaml .Values.additionalRulesConfigMapLabels | indent 4 }}
{{- end }}
name: {{ template "prometheus.fullname" . }}-rules
data:
{{- if .Values.prometheusRules }}
{{- $root := . }}
{{- range $key, $val := .Values.prometheusRules }}
{{ $key }}: |-
{{ $val | indent 4}}
{{- end }}
{{ else }}
prometheus.rules: |-
{{- include "prometheus.rules.yaml.tpl" . | indent 4}}
{{ end }}

1
helm/prometheus/templates/prometheus.yaml
View file

@ -106,7 +106,6 @@ spec:
{{- else }}
ruleSelector:
matchLabels:
role: alert-rules
prometheus: {{ .Values.prometheusLabelValue | default .Release.Name | quote }}
{{- end }}
{{- if .Values.storageSpec }}

22
helm/prometheus/templates/prometheusrule.yaml Normal file
View file

@ -0,0 +1,22 @@
apiVersion: monitoring.coreos.com/v1
kind: PrometheusRule
metadata:
labels:
app: "prometheus"
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
heritage: {{ .Release.Service }}
prometheus: {{ .Values.prometheusLabelValue | default .Release.Name | quote }}
release: {{ .Release.Name }}
{{- if .Values.additionalRulesLabels }}
{{ toYaml .Values.additionalRulesLabels | indent 4 }}
{{- else if .Values.additionalRulesConfigMapLabels }} # Deprecated for .Values.additionalRulesLabels
{{ toYaml .Values.additionalRulesConfigMapLabels | indent 4 }} # Deprecated for .Values.additionalRulesLabels
{{- end }}
name: {{ template "prometheus.fullname" . }}-rules
spec:
{{- if .Values.prometheusRules }}
groups:
{{ toYaml .Values.prometheusRules | indent 4 }}
{{ else }}
{{ include "prometheus.rules.yaml.tpl" . | indent 2}}
{{ end }}

12
helm/prometheus/templates/rules.yaml
View file

@ -1,6 +1,6 @@
{{- if and .Values.rules.specifiedInValues .Values.rules.value }}
apiVersion: v1
kind: ConfigMap
apiVersion: monitoring.coreos.com/v1
kind: PrometheusRule
metadata:
labels:
app: {{ template "prometheus.name" . }}
@ -8,10 +8,12 @@ metadata:
heritage: {{ .Release.Service }}
prometheus: {{ .Values.prometheusLabelValue | default .Release.Name | quote }}
release: {{ .Release.Name }}
role: alert-rules
{{- if .Values.rules.additionalLabels }}
{{ toYaml .Values.rules.additionalLabels | indent 4 }}
{{- end }}
name: prometheus-{{ .Release.Name }}-rules
data:
{{ toYaml .Values.rules.value | indent 2 }}
name: {{ template "prometheus.fullname" . }}-extra-rules
spec:
groups:
{{ toYaml .Values.rules.value | indent 4 }}
{{- end }}

9
helm/prometheus/values.yaml
View file

@ -34,9 +34,10 @@ prometheusLabelValue: ""
## Custom Labels to be added to ServiceMonitor
##
additionalSelfServiceMonitorLabels: {}
##Custom Labels to be added to Prometheus Rules ConfigMap
##Custom Labels to be added to Prometheus Rules CRDs
##
additionalRulesConfigMapLabels: {}
additionalRulesLabels: {}
## Prometheus container image
##
@ -167,7 +168,7 @@ routePrefix: /
## Namespaces to be selected for PrometheusRules discovery.
## If unspecified, only the same namespace as the Prometheus object is in is used.
ruleNamespaceSelector: {}
## Rules configmap selector
## Rules CRD selector
## Ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/design.md
##
## 1. If `matchLabels` is used, `rules.additionalLabels` must contain all the labels from
@ -190,7 +191,7 @@ rulesSelector: {}
##
rules:
specifiedInValues: true
## What additional rules to be added to the ConfigMap
## What additional rules to be added to the CRD
## You can use this together with `rulesSelector`
additionalLabels: {}
# prometheus: example-rules

2
jsonnet/prometheus-operator/alertmanager-crd.libsonnet
View file

File diff suppressed because one or more lines are too long

2
jsonnet/prometheus-operator/prometheus-crd.libsonnet
View file

File diff suppressed because one or more lines are too long

7
jsonnet/prometheus-operator/prometheus-operator.libsonnet
View file

@ -5,7 +5,7 @@ local k = import 'ksonnet/ksonnet.beta.3/k.libsonnet';
namespace: 'default',
versions+:: {
prometheusOperator: 'v0.21.0',
prometheusOperator: 'v0.22.0',
configmapReloader: 'v0.0.1',
},
@ -119,9 +119,14 @@ local k = import 'ksonnet/ksonnet.beta.3/k.libsonnet';
container.withPorts(containerPort.newNamed('http', targetPort)) +
container.withArgs([
'--kubelet-service=kube-system/kubelet',
# Prometheus Operator is run with a read-only root file system. By
# default glog saves logfiles to /tmp. Make it log to stderr instead.
'-logtostderr=true',
'--config-reloader-image=' + $._config.imageRepos.configmapReloader + ':' + $._config.versions.configmapReloader,
'--prometheus-config-reloader=' + $._config.imageRepos.prometheusConfigReloader + ':' + $._config.versions.prometheusOperator,
]) +
container.mixin.securityContext.withAllowPrivilegeEscalation(false) +
container.mixin.securityContext.withReadOnlyRootFilesystem(true) +
container.mixin.resources.withRequests({ cpu: '100m', memory: '50Mi' }) +
container.mixin.resources.withLimits({ cpu: '200m', memory: '100Mi' });

Some files were not shown because too many files have changed in this diff Show more