diff --git a/manifests/monitoring/prometheus-server.yaml b/manifests/monitoring/prometheus-server.yaml index d8d4417..6f69f2c 100644 --- a/manifests/monitoring/prometheus-server.yaml +++ b/manifests/monitoring/prometheus-server.yaml @@ -7,298 +7,6 @@ metadata: app.kubernetes.io/name: prometheus app.kubernetes.io/component: server --- -apiVersion: v1 -kind: ConfigMap -metadata: - name: prometheus-server - namespace: monitoring - labels: - app.kubernetes.io/name: prometheus - app.kubernetes.io/component: server -data: - alerting_rules.yml: | - {} - alerts: | - {} - prometheus.yml: | - global: - evaluation_interval: 1m - scrape_interval: 1m - scrape_timeout: 10s - rule_files: - - /etc/config/recording_rules.yml - - /etc/config/alerting_rules.yml - - /etc/config/rules - - /etc/config/alerts - scrape_configs: - - job_name: prometheus - static_configs: - - targets: - - localhost:9090 - # - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token - # job_name: kubernetes-apiservers - # kubernetes_sd_configs: - # - role: endpoints - # relabel_configs: - # - action: keep - # regex: default;kubernetes;https - # source_labels: - # - __meta_kubernetes_namespace - # - __meta_kubernetes_service_name - # - __meta_kubernetes_endpoint_port_name - # scheme: https - # tls_config: - # ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - # insecure_skip_verify: true - - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token - job_name: kubernetes-nodes - kubernetes_sd_configs: - - role: node - relabel_configs: - - action: labelmap - regex: __meta_kubernetes_node_label_(.+) - - replacement: kubernetes.default.svc:443 - target_label: __address__ - - regex: (.+) - replacement: /api/v1/nodes/$1/proxy/metrics - source_labels: - - __meta_kubernetes_node_name - target_label: __metrics_path__ - scheme: https - tls_config: - ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - insecure_skip_verify: true - # - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token - # job_name: kubernetes-nodes-cadvisor - # kubernetes_sd_configs: - # - role: node - # relabel_configs: - # - action: labelmap - # regex: __meta_kubernetes_node_label_(.+) - # - replacement: kubernetes.default.svc:443 - # target_label: __address__ - # - regex: (.+) - # replacement: /api/v1/nodes/$1/proxy/metrics/cadvisor - # source_labels: - # - __meta_kubernetes_node_name - # target_label: __metrics_path__ - # scheme: https - # tls_config: - # ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - # insecure_skip_verify: true - - job_name: kubernetes-service-endpoints - kubernetes_sd_configs: - - role: endpoints - relabel_configs: - - action: keep - regex: true - source_labels: - - __meta_kubernetes_service_annotation_prometheus_io_scrape - - action: replace - regex: (https?) - source_labels: - - __meta_kubernetes_service_annotation_prometheus_io_scheme - target_label: __scheme__ - - action: replace - regex: (.+) - source_labels: - - __meta_kubernetes_service_annotation_prometheus_io_path - target_label: __metrics_path__ - - action: replace - regex: ([^:]+)(?::\d+)?;(\d+) - replacement: $1:$2 - source_labels: - - __address__ - - __meta_kubernetes_service_annotation_prometheus_io_port - target_label: __address__ - - action: labelmap - regex: __meta_kubernetes_service_label_(.+) - - action: replace - source_labels: - - __meta_kubernetes_namespace - target_label: kubernetes_namespace - - action: replace - source_labels: - - __meta_kubernetes_service_name - target_label: kubernetes_name - - action: replace - source_labels: - - __meta_kubernetes_pod_node_name - target_label: kubernetes_node - # - job_name: kubernetes-service-endpoints-slow - # kubernetes_sd_configs: - # - role: endpoints - # relabel_configs: - # - action: keep - # regex: true - # source_labels: - # - __meta_kubernetes_service_annotation_prometheus_io_scrape_slow - # - action: replace - # regex: (https?) - # source_labels: - # - __meta_kubernetes_service_annotation_prometheus_io_scheme - # target_label: __scheme__ - # - action: replace - # regex: (.+) - # source_labels: - # - __meta_kubernetes_service_annotation_prometheus_io_path - # target_label: __metrics_path__ - # - action: replace - # regex: ([^:]+)(?::\d+)?;(\d+) - # replacement: $1:$2 - # source_labels: - # - __address__ - # - __meta_kubernetes_service_annotation_prometheus_io_port - # target_label: __address__ - # - action: labelmap - # regex: __meta_kubernetes_service_label_(.+) - # - action: replace - # source_labels: - # - __meta_kubernetes_namespace - # target_label: kubernetes_namespace - # - action: replace - # source_labels: - # - __meta_kubernetes_service_name - # target_label: kubernetes_name - # - action: replace - # source_labels: - # - __meta_kubernetes_pod_node_name - # target_label: kubernetes_node - # scrape_interval: 5m - # scrape_timeout: 30s - # - job_name: kubernetes-services - # kubernetes_sd_configs: - # - role: service - # metrics_path: /probe - # params: - # module: - # - http_2xx - # relabel_configs: - # - action: keep - # regex: true - # source_labels: - # - __meta_kubernetes_service_annotation_prometheus_io_probe - # - source_labels: - # - __address__ - # target_label: __param_target - # - replacement: blackbox - # target_label: __address__ - # - source_labels: - # - __param_target - # target_label: instance - # - action: labelmap - # regex: __meta_kubernetes_service_label_(.+) - # - source_labels: - # - __meta_kubernetes_namespace - # target_label: kubernetes_namespace - # - source_labels: - # - __meta_kubernetes_service_name - # target_label: kubernetes_name - - job_name: kubernetes-pods - kubernetes_sd_configs: - - role: pod - relabel_configs: - - action: keep - regex: true - source_labels: - - __meta_kubernetes_pod_annotation_prometheus_io_scrape - - action: replace - regex: (.+) - source_labels: - - __meta_kubernetes_pod_annotation_prometheus_io_path - target_label: __metrics_path__ - - action: replace - regex: ([^:]+)(?::\d+)?;(\d+) - replacement: $1:$2 - source_labels: - - __address__ - - __meta_kubernetes_pod_annotation_prometheus_io_port - target_label: __address__ - - action: labelmap - regex: __meta_kubernetes_pod_label_(.+) - - action: replace - source_labels: - - __meta_kubernetes_namespace - target_label: kubernetes_namespace - - action: replace - source_labels: - - __meta_kubernetes_pod_name - target_label: kubernetes_pod_name - - action: drop - regex: Pending|Succeeded|Failed - source_labels: - - __meta_kubernetes_pod_phase - # - job_name: kubernetes-pods-slow - # kubernetes_sd_configs: - # - role: pod - # relabel_configs: - # - action: keep - # regex: true - # source_labels: - # - __meta_kubernetes_pod_annotation_prometheus_io_scrape_slow - # - action: replace - # regex: (.+) - # source_labels: - # - __meta_kubernetes_pod_annotation_prometheus_io_path - # target_label: __metrics_path__ - # - action: replace - # regex: ([^:]+)(?::\d+)?;(\d+) - # replacement: $1:$2 - # source_labels: - # - __address__ - # - __meta_kubernetes_pod_annotation_prometheus_io_port - # target_label: __address__ - # - action: labelmap - # regex: __meta_kubernetes_pod_label_(.+) - # - action: replace - # source_labels: - # - __meta_kubernetes_namespace - # target_label: kubernetes_namespace - # - action: replace - # source_labels: - # - __meta_kubernetes_pod_name - # target_label: kubernetes_pod_name - # - action: drop - # regex: Pending|Succeeded|Failed - # source_labels: - # - __meta_kubernetes_pod_phase - # scrape_interval: 5m - # scrape_timeout: 30s - # - job_name: 'node-exporter' - # kubernetes_sd_configs: - # - role: endpoints - # relabel_configs: - # - source_labels: [__meta_kubernetes_endpoints_name] - # regex: 'node-exporter' - # action: keep - - - job_name: "synapse" - scrape_interval: 15s - metrics_path: "/_synapse/metrics" - static_configs: - - targets: ["chat-matrix-synapse.chat.svc:9092"] - - - recording_rules.yml: | - {} - rules: | - {} ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: prometheus-server - namespace: monitoring - labels: - app.kubernetes.io/name: prometheus - app.kubernetes.io/component: server -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: "8Gi" ---- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: @@ -354,116 +62,3 @@ roleRef: kind: ClusterRole name: prometheus-server --- - -apiVersion: v1 -kind: Service -metadata: - annotations: - prometheus.io/scrape: "true" - labels: - app.kubernetes.io/name: prometheus - app.kubernetes.io/component: server - name: prometheus-server - namespace: monitoring -spec: - ports: - - name: http - port: 80 - protocol: TCP - targetPort: 9090 - selector: - app.kubernetes.io/name: prometheus - app.kubernetes.io/component: server - sessionAffinity: None - type: "ClusterIP" ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/name: prometheus - app.kubernetes.io/component: server - name: prometheus-server - namespace: monitoring -spec: - strategy: - type: Recreate - selector: - matchLabels: - app.kubernetes.io/name: prometheus - app.kubernetes.io/component: server - replicas: 0 - template: - metadata: - labels: - app.kubernetes.io/name: prometheus - app.kubernetes.io/component: server - spec: - serviceAccountName: prometheus-server - containers: - - name: prometheus-server-configmap-reload - image: "jimmidyson/configmap-reload:v0.5.0" - imagePullPolicy: "IfNotPresent" - args: - - --volume-dir=/etc/config - - --webhook-url=http://127.0.0.1:9090/-/reload - volumeMounts: - - name: config-volume - mountPath: /etc/config - readOnly: true - - - name: prometheus-server - image: "prom/prometheus:v2.27.1" - imagePullPolicy: "IfNotPresent" - args: - - --storage.tsdb.retention.time=5d - - --config.file=/etc/config/prometheus.yml - - --storage.tsdb.path=/data - - --web.console.libraries=/etc/prometheus/console_libraries - - --web.console.templates=/etc/prometheus/consoles - - --web.enable-lifecycle - ports: - - containerPort: 9090 - readinessProbe: - httpGet: - path: /-/ready - port: 9090 - initialDelaySeconds: 30 - periodSeconds: 5 - timeoutSeconds: 30 - failureThreshold: 3 - successThreshold: 1 - livenessProbe: - httpGet: - path: /-/healthy - port: 9090 - initialDelaySeconds: 30 - periodSeconds: 15 - timeoutSeconds: 30 - failureThreshold: 3 - successThreshold: 1 - resources: - requests: - memory: 1500Mi - limits: - memory: 2000Mi - volumeMounts: - - name: config-volume - mountPath: /etc/config - - name: storage-volume - mountPath: /data - subPath: "" - securityContext: - fsGroup: 65534 - runAsGroup: 65534 - runAsNonRoot: true - runAsUser: 65534 - terminationGracePeriodSeconds: 300 - volumes: - - name: config-volume - configMap: - name: prometheus-server - - name: storage-volume - persistentVolumeClaim: - claimName: prometheus-server ----