cluster.fun/manifests/monitoring/prometheus-server.yaml

470 lines
13 KiB
YAML
Raw Normal View History

2021-06-14 09:09:27 +00:00
apiVersion: v1
kind: ServiceAccount
metadata:
name: prometheus-server
namespace: monitoring
labels:
app.kubernetes.io/name: prometheus
app.kubernetes.io/component: server
---
apiVersion: v1
kind: ConfigMap
metadata:
name: prometheus-server
namespace: monitoring
labels:
app.kubernetes.io/name: prometheus
app.kubernetes.io/component: server
data:
alerting_rules.yml: |
{}
alerts: |
{}
prometheus.yml: |
global:
evaluation_interval: 1m
scrape_interval: 1m
scrape_timeout: 10s
rule_files:
- /etc/config/recording_rules.yml
- /etc/config/alerting_rules.yml
- /etc/config/rules
- /etc/config/alerts
scrape_configs:
- job_name: prometheus
static_configs:
- targets:
- localhost:9090
2022-04-14 09:12:16 +00:00
# - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
# job_name: kubernetes-apiservers
# kubernetes_sd_configs:
# - role: endpoints
# relabel_configs:
# - action: keep
# regex: default;kubernetes;https
# source_labels:
# - __meta_kubernetes_namespace
# - __meta_kubernetes_service_name
# - __meta_kubernetes_endpoint_port_name
# scheme: https
# tls_config:
# ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
# insecure_skip_verify: true
2021-06-14 09:09:27 +00:00
- bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
job_name: kubernetes-nodes
kubernetes_sd_configs:
- role: node
relabel_configs:
- action: labelmap
regex: __meta_kubernetes_node_label_(.+)
- replacement: kubernetes.default.svc:443
target_label: __address__
- regex: (.+)
replacement: /api/v1/nodes/$1/proxy/metrics
source_labels:
- __meta_kubernetes_node_name
target_label: __metrics_path__
scheme: https
tls_config:
ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
insecure_skip_verify: true
2022-04-14 09:12:16 +00:00
# - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
# job_name: kubernetes-nodes-cadvisor
# kubernetes_sd_configs:
# - role: node
# relabel_configs:
# - action: labelmap
# regex: __meta_kubernetes_node_label_(.+)
# - replacement: kubernetes.default.svc:443
# target_label: __address__
# - regex: (.+)
# replacement: /api/v1/nodes/$1/proxy/metrics/cadvisor
# source_labels:
# - __meta_kubernetes_node_name
# target_label: __metrics_path__
# scheme: https
# tls_config:
# ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
# insecure_skip_verify: true
2021-06-14 09:09:27 +00:00
- job_name: kubernetes-service-endpoints
kubernetes_sd_configs:
- role: endpoints
relabel_configs:
- action: keep
regex: true
source_labels:
- __meta_kubernetes_service_annotation_prometheus_io_scrape
- action: replace
regex: (https?)
source_labels:
- __meta_kubernetes_service_annotation_prometheus_io_scheme
target_label: __scheme__
- action: replace
regex: (.+)
source_labels:
- __meta_kubernetes_service_annotation_prometheus_io_path
target_label: __metrics_path__
- action: replace
regex: ([^:]+)(?::\d+)?;(\d+)
replacement: $1:$2
source_labels:
- __address__
- __meta_kubernetes_service_annotation_prometheus_io_port
target_label: __address__
- action: labelmap
regex: __meta_kubernetes_service_label_(.+)
- action: replace
source_labels:
- __meta_kubernetes_namespace
target_label: kubernetes_namespace
- action: replace
source_labels:
- __meta_kubernetes_service_name
target_label: kubernetes_name
- action: replace
source_labels:
- __meta_kubernetes_pod_node_name
target_label: kubernetes_node
2022-04-14 09:12:16 +00:00
# - job_name: kubernetes-service-endpoints-slow
# kubernetes_sd_configs:
# - role: endpoints
# relabel_configs:
# - action: keep
# regex: true
# source_labels:
# - __meta_kubernetes_service_annotation_prometheus_io_scrape_slow
# - action: replace
# regex: (https?)
# source_labels:
# - __meta_kubernetes_service_annotation_prometheus_io_scheme
# target_label: __scheme__
# - action: replace
# regex: (.+)
# source_labels:
# - __meta_kubernetes_service_annotation_prometheus_io_path
# target_label: __metrics_path__
# - action: replace
# regex: ([^:]+)(?::\d+)?;(\d+)
# replacement: $1:$2
# source_labels:
# - __address__
# - __meta_kubernetes_service_annotation_prometheus_io_port
# target_label: __address__
# - action: labelmap
# regex: __meta_kubernetes_service_label_(.+)
# - action: replace
# source_labels:
# - __meta_kubernetes_namespace
# target_label: kubernetes_namespace
# - action: replace
# source_labels:
# - __meta_kubernetes_service_name
# target_label: kubernetes_name
# - action: replace
# source_labels:
# - __meta_kubernetes_pod_node_name
# target_label: kubernetes_node
# scrape_interval: 5m
# scrape_timeout: 30s
# - job_name: kubernetes-services
# kubernetes_sd_configs:
# - role: service
# metrics_path: /probe
# params:
# module:
# - http_2xx
# relabel_configs:
# - action: keep
# regex: true
# source_labels:
# - __meta_kubernetes_service_annotation_prometheus_io_probe
# - source_labels:
# - __address__
# target_label: __param_target
# - replacement: blackbox
# target_label: __address__
# - source_labels:
# - __param_target
# target_label: instance
# - action: labelmap
# regex: __meta_kubernetes_service_label_(.+)
# - source_labels:
# - __meta_kubernetes_namespace
# target_label: kubernetes_namespace
# - source_labels:
# - __meta_kubernetes_service_name
# target_label: kubernetes_name
2021-06-14 09:09:27 +00:00
- job_name: kubernetes-pods
kubernetes_sd_configs:
- role: pod
relabel_configs:
- action: keep
regex: true
source_labels:
- __meta_kubernetes_pod_annotation_prometheus_io_scrape
- action: replace
regex: (.+)
source_labels:
- __meta_kubernetes_pod_annotation_prometheus_io_path
target_label: __metrics_path__
- action: replace
regex: ([^:]+)(?::\d+)?;(\d+)
replacement: $1:$2
source_labels:
- __address__
- __meta_kubernetes_pod_annotation_prometheus_io_port
target_label: __address__
- action: labelmap
regex: __meta_kubernetes_pod_label_(.+)
- action: replace
source_labels:
- __meta_kubernetes_namespace
target_label: kubernetes_namespace
- action: replace
source_labels:
- __meta_kubernetes_pod_name
target_label: kubernetes_pod_name
- action: drop
regex: Pending|Succeeded|Failed
source_labels:
- __meta_kubernetes_pod_phase
2022-04-14 09:12:16 +00:00
# - job_name: kubernetes-pods-slow
# kubernetes_sd_configs:
# - role: pod
# relabel_configs:
# - action: keep
# regex: true
# source_labels:
# - __meta_kubernetes_pod_annotation_prometheus_io_scrape_slow
# - action: replace
# regex: (.+)
# source_labels:
# - __meta_kubernetes_pod_annotation_prometheus_io_path
# target_label: __metrics_path__
# - action: replace
# regex: ([^:]+)(?::\d+)?;(\d+)
# replacement: $1:$2
# source_labels:
# - __address__
# - __meta_kubernetes_pod_annotation_prometheus_io_port
# target_label: __address__
# - action: labelmap
# regex: __meta_kubernetes_pod_label_(.+)
# - action: replace
# source_labels:
# - __meta_kubernetes_namespace
# target_label: kubernetes_namespace
# - action: replace
# source_labels:
# - __meta_kubernetes_pod_name
# target_label: kubernetes_pod_name
# - action: drop
# regex: Pending|Succeeded|Failed
# source_labels:
# - __meta_kubernetes_pod_phase
# scrape_interval: 5m
# scrape_timeout: 30s
# - job_name: 'node-exporter'
# kubernetes_sd_configs:
# - role: endpoints
# relabel_configs:
# - source_labels: [__meta_kubernetes_endpoints_name]
# regex: 'node-exporter'
# action: keep
2021-12-31 18:53:56 +00:00
- job_name: "synapse"
scrape_interval: 15s
metrics_path: "/_synapse/metrics"
static_configs:
- targets: ["chat-matrix-synapse.chat.svc:9092"]
2021-06-14 09:09:27 +00:00
recording_rules.yml: |
{}
rules: |
{}
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: prometheus-server
namespace: monitoring
labels:
app.kubernetes.io/name: prometheus
app.kubernetes.io/component: server
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: "8Gi"
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/name: prometheus
app.kubernetes.io/component: server
name: prometheus-server
rules:
- apiGroups:
- ""
resources:
- nodes
- nodes/proxy
- nodes/metrics
- services
- endpoints
- pods
- ingresses
- configmaps
verbs:
- get
- list
- watch
- apiGroups:
- "extensions"
- "networking.k8s.io"
resources:
- ingresses/status
- ingresses
verbs:
- get
- list
- watch
- nonResourceURLs:
- "/metrics"
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
app.kubernetes.io/name: prometheus
app.kubernetes.io/component: server
name: prometheus-server
subjects:
- kind: ServiceAccount
name: prometheus-server
namespace: monitoring
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: prometheus-server
---
apiVersion: v1
kind: Service
metadata:
2021-12-24 15:55:56 +00:00
annotations:
prometheus.io/scrape: "true"
2021-06-14 09:09:27 +00:00
labels:
app.kubernetes.io/name: prometheus
app.kubernetes.io/component: server
name: prometheus-server
namespace: monitoring
spec:
ports:
- name: http
port: 80
protocol: TCP
targetPort: 9090
selector:
app.kubernetes.io/name: prometheus
app.kubernetes.io/component: server
sessionAffinity: None
type: "ClusterIP"
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/name: prometheus
app.kubernetes.io/component: server
name: prometheus-server
namespace: monitoring
spec:
2021-06-14 09:34:51 +00:00
strategy:
type: Recreate
2021-06-14 09:09:27 +00:00
selector:
matchLabels:
app.kubernetes.io/name: prometheus
app.kubernetes.io/component: server
2022-04-14 10:07:25 +00:00
replicas: 0
2021-06-14 09:09:27 +00:00
template:
metadata:
labels:
app.kubernetes.io/name: prometheus
app.kubernetes.io/component: server
spec:
serviceAccountName: prometheus-server
containers:
- name: prometheus-server-configmap-reload
image: "jimmidyson/configmap-reload:v0.5.0"
imagePullPolicy: "IfNotPresent"
args:
- --volume-dir=/etc/config
- --webhook-url=http://127.0.0.1:9090/-/reload
volumeMounts:
- name: config-volume
mountPath: /etc/config
readOnly: true
- name: prometheus-server
image: "prom/prometheus:v2.27.1"
imagePullPolicy: "IfNotPresent"
args:
2022-04-14 09:12:16 +00:00
- --storage.tsdb.retention.time=5d
2021-06-14 09:09:27 +00:00
- --config.file=/etc/config/prometheus.yml
- --storage.tsdb.path=/data
- --web.console.libraries=/etc/prometheus/console_libraries
- --web.console.templates=/etc/prometheus/consoles
- --web.enable-lifecycle
ports:
- containerPort: 9090
readinessProbe:
httpGet:
path: /-/ready
port: 9090
initialDelaySeconds: 30
periodSeconds: 5
timeoutSeconds: 30
failureThreshold: 3
successThreshold: 1
livenessProbe:
httpGet:
path: /-/healthy
port: 9090
initialDelaySeconds: 30
periodSeconds: 15
timeoutSeconds: 30
failureThreshold: 3
successThreshold: 1
2022-03-17 06:45:38 +00:00
resources:
requests:
2022-04-14 09:12:16 +00:00
memory: 1500Mi
limits:
memory: 2000Mi
2021-06-14 09:09:27 +00:00
volumeMounts:
- name: config-volume
mountPath: /etc/config
- name: storage-volume
mountPath: /data
subPath: ""
securityContext:
fsGroup: 65534
runAsGroup: 65534
runAsNonRoot: true
runAsUser: 65534
terminationGracePeriodSeconds: 300
volumes:
- name: config-volume
configMap:
name: prometheus-server
- name: storage-volume
persistentVolumeClaim:
claimName: prometheus-server
---