AverageMarcus
/
cluster.fun
1
0
Fork 0
Code Issues 1 Pull Requests 1 Releases Activity
cluster.fun/manifests/monitoring/blackbox-exporter.yaml

183 lines
4.0 KiB
YAML
Raw Blame History

apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:
name: blackbox-exporter-psp
namespace: monitoring
labels:
app.kubernetes.io/name: prometheus
app.kubernetes.io/component: blackbox-exporter
spec:
privileged: false
allowPrivilegeEscalation: false
volumes:
- configMap
- secret
hostNetwork: false
hostIPC: false
hostPID: false
runAsUser:
rule: RunAsAny
seLinux:
rule: RunAsAny
supplementalGroups:
rule: 'MustRunAs'
ranges:
- min: 1
max: 65535
fsGroup:
rule: 'MustRunAs'
ranges:
- min: 1
max: 65535
readOnlyRootFilesystem: true
allowedCapabilities:
- NET_RAW
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: blackbox-exporter
namespace: monitoring
labels:
app.kubernetes.io/name: prometheus
app.kubernetes.io/component: blackbox-exporter
---
apiVersion: v1
kind: ConfigMap
metadata:
name: blackbox-exporter
namespace: monitoring
labels:
app.kubernetes.io/name: prometheus
app.kubernetes.io/component: blackbox-exporter
data:
blackbox.yaml: |
modules:
http_2xx:
http:
follow_redirects: true
preferred_ip_protocol: ip4
tls_config:
insecure_skip_verify: true
valid_http_versions:
- HTTP/1.1
- HTTP/2.0
prober: http
timeout: 5s
icmp_ping:
icmp:
preferred_ip_protocol: ip4
source_ip_address: 127.0.0.1
prober: icmp
timeout: 5s
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
labels:
app.kubernetes.io/name: prometheus
app.kubernetes.io/component: blackbox-exporter
name: blackbox-exporter
namespace: monitoring
rules:
- apiGroups:
- policy
resources:
- podsecuritypolicies
resourceNames:
- blackbox-exporter-psp
verbs:
- use
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
labels:
app.kubernetes.io/name: prometheus
app.kubernetes.io/component: blackbox-exporter
name: blackbox-exporter
namespace: monitoring
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: blackbox-exporter
subjects:
- kind: ServiceAccount
name: blackbox-exporter
---
kind: Service
apiVersion: v1
metadata:
name: blackbox-exporter
namespace: monitoring
labels:
app.kubernetes.io/name: prometheus
app.kubernetes.io/component: blackbox-exporter
spec:
type: ClusterIP
ports:
- name: http
port: 9115
targetPort: http
protocol: TCP
selector:
app.kubernetes.io/name: prometheus
app.kubernetes.io/component: blackbox-exporter
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: blackbox-exporter
namespace: monitoring
labels:
app.kubernetes.io/name: prometheus
app.kubernetes.io/component: blackbox-exporter
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: prometheus
app.kubernetes.io/component: blackbox-exporter
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
type: RollingUpdate
template:
metadata:
labels:
app.kubernetes.io/name: prometheus
app.kubernetes.io/component: blackbox-exporter
spec:
serviceAccountName: blackbox-exporter
restartPolicy: Always
containers:
- name: blackbox-exporter
image: "prom/blackbox-exporter:v0.19.0"
imagePullPolicy: IfNotPresent
securityContext:
readOnlyRootFilesystem: true
capabilities:
add: ["NET_RAW"]
args:
- "--config.file=/config/blackbox.yaml"
ports:
- containerPort: 9115
name: http
livenessProbe:
httpGet:
path: /health
port: http
readinessProbe:
httpGet:
path: /health
port: http
volumeMounts:
- mountPath: /config
name: config
volumes:
- name: config
configMap:
name: blackbox-exporter
Reference in New Issue View Git Blame Copy Permalink