From 7c52a9dc34d60a6ec60a5d2e8b384dd285a1123e Mon Sep 17 00:00:00 2001 From: Marcus Noble Date: Sat, 20 Sep 2025 08:43:59 +0100 Subject: [PATCH] Added cadvisor Signed-off-by: Marcus Noble --- manifests/monitoring/cadvisor.yaml | 87 ++++++++++++++++++++++++++++++ manifests/monitoring/vmagent.yaml | 33 ++++++++++++ 2 files changed, 120 insertions(+) create mode 100644 manifests/monitoring/cadvisor.yaml diff --git a/manifests/monitoring/cadvisor.yaml b/manifests/monitoring/cadvisor.yaml new file mode 100644 index 0000000..1e77bf3 --- /dev/null +++ b/manifests/monitoring/cadvisor.yaml @@ -0,0 +1,87 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app: cadvisor + app.kubernetes.io/name: cadvisor + name: cadvisor + namespace: monitoring +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + annotations: + seccomp.security.alpha.kubernetes.io/pod: docker/default + labels: + app: cadvisor + app.kubernetes.io/name: cadvisor + name: cadvisor + namespace: monitoring +spec: + selector: + matchLabels: + app: cadvisor + app.kubernetes.io/name: cadvisor + name: cadvisor + template: + metadata: + labels: + app: cadvisor + app.kubernetes.io/name: cadvisor + name: cadvisor + annotations: + scheduler.alpha.kubernetes.io/critical-pod: '' + spec: + priorityClassName: system-node-critical + tolerations: + - key: "CriticalAddonsOnly" + operator: "Exists" + automountServiceAccountToken: false + containers: + - image: ghcr.io/google/cadvisor:v0.53.0 + name: cadvisor + ports: + - containerPort: 8080 + name: http + protocol: TCP + resources: + limits: + cpu: 800m + memory: 2000Mi + requests: + cpu: 400m + memory: 400Mi + volumeMounts: + - mountPath: /rootfs + name: rootfs + readOnly: true + - mountPath: /var/run + name: var-run + readOnly: true + - mountPath: /sys + name: sys + readOnly: true + - mountPath: /var/lib/docker + name: docker + readOnly: true + - mountPath: /dev/disk + name: disk + readOnly: true + serviceAccountName: cadvisor + terminationGracePeriodSeconds: 30 + volumes: + - hostPath: + path: / + name: rootfs + - hostPath: + path: /var/run + name: var-run + - hostPath: + path: /sys + name: sys + - hostPath: + path: /var/lib/docker + name: docker + - hostPath: + path: /dev/disk + name: disk diff --git a/manifests/monitoring/vmagent.yaml b/manifests/monitoring/vmagent.yaml index e04360e..fc0c186 100644 --- a/manifests/monitoring/vmagent.yaml +++ b/manifests/monitoring/vmagent.yaml @@ -17,6 +17,7 @@ data: - job_name: 'vmagent' static_configs: - targets: ['localhost:8429'] + - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token job_name: kubernetes-nodes kubernetes_sd_configs: @@ -36,6 +37,38 @@ data: ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt insecure_skip_verify: true + - job_name: cadvisor + bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token + scheme: https + tls_config: + ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt + insecure_skip_verify: true + kubernetes_sd_configs: + - role: node + relabel_configs: + - action: labelmap + regex: __meta_kubernetes_node_label_(.+) + - replacement: kubernetes.default.svc:443 + target_label: __address__ + - source_labels: [__meta_kubernetes_node_name] + regex: (.+) + target_label: __metrics_path__ + replacement: /api/v1/nodes/$1/proxy/metrics/cadvisor + # Drop high cardinality labels + - action: labeldrop + regex: id + # Drop unneeded labels + - action: labeldrop + regex: beta_kubernetes_io_os + - action: labeldrop + regex: beta_kubernetes_io_arch + - action: labeldrop + regex: kubernetes_io_arch + - action: labeldrop + regex: kubernetes_io_os + - action: labeldrop + regex: topology_jiva_openebs_io_nodeName + - job_name: kubernetes-service-endpoints kubernetes_sd_configs: - role: endpoints