imfreedom/k8s-cluster
Clone
Summary
Browse
Changes
Graph
Add limits to reaperworld deployments
2019-05-04, Gary Kramlich
ac7d0d4997e7
Add limits to reaperworld deployments
# This manifest setups up prometheus in the monitoring namespace.
#
# Most of it is taken nearly verbatim from
# https://devopscube.com/setup-prometheus-monitoring-on-kubernetes/
---
apiVersion
:
rbac.authorization.k8s.io/v1beta1
kind
:
ClusterRole
metadata
:
name
:
prometheus
namespace
:
monitoring
rules
:
-
apiGroups
:
[
""
]
resources
:
-
nodes
-
nodes/proxy
-
services
-
endpoints
-
pods
verbs
:
[
"get"
,
"list"
,
"watch"
]
-
apiGroups
:
-
extensions
resources
:
-
ingresses
verbs
:
[
"get"
,
"list"
,
"watch"
]
-
nonResourceURLs
:
[
"/metrics"
]
verbs
:
[
"get"
]
---
apiVersion
:
rbac.authorization.k8s.io/v1beta1
kind
:
ClusterRoleBinding
metadata
:
name
:
prometheus
namespace
:
monitoring
roleRef
:
apiGroup
:
rbac.authorization.k8s.io
kind
:
ClusterRole
name
:
prometheus
subjects
:
-
kind
:
ServiceAccount
name
:
default
namespace
:
monitoring
---
apiVersion
:
v1
kind
:
ConfigMap
metadata
:
name
:
prometheus-server-conf
namespace
:
monitoring
labels
:
name
:
prometheus-server-conf
data
:
prometheus.yml
:
|-
global:
scrape_interval: 5s
evaluation_interval: 5s
scrape_configs:
- job_name: 'kubernetes-apiservers'
kubernetes_sd_configs:
- role: endpoints
scheme: https
tls_config:
ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
relabel_configs:
- source_labels: [__meta_kubernetes_namespace, __meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name]
action: keep
regex: default;kubernetes;https
- job_name: 'kubernetes-nodes'
scheme: https
tls_config:
ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
kubernetes_sd_configs:
- role: node
relabel_configs:
- action: labelmap
regex: __meta_kubernetes_node_label_(.+)
- target_label: __address__
replacement: kubernetes.default.svc:443
- source_labels: [__meta_kubernetes_node_name]
regex: (.+)
target_label: __metrics_path__
replacement: /api/v1/nodes/${1}/proxy/metrics
- job_name: 'kubernetes-pods'
kubernetes_sd_configs:
- role: pod
relabel_configs:
- source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_scrape]
action: keep
regex: true
- source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_path]
action: replace
target_label: __metrics_path__
regex: (.+)
- source_labels: [__address__, __meta_kubernetes_pod_annotation_prometheus_io_port]
action: replace
regex: ([^:]+)(?::\d+)?;(\d+)
replacement: $1:$2
target_label: __address__
- action: labelmap
regex: __meta_kubernetes_pod_label_(.+)
- source_labels: [__meta_kubernetes_namespace]
action: replace
target_label: kubernetes_namespace
- source_labels: [__meta_kubernetes_pod_name]
action: replace
target_label: kubernetes_pod_name
- job_name: 'kubernetes-cadvisor'
scheme: https
tls_config:
ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
kubernetes_sd_configs:
- role: node
relabel_configs:
- action: labelmap
regex: __meta_kubernetes_node_label_(.+)
- target_label: __address__
replacement: kubernetes.default.svc:443
- source_labels: [__meta_kubernetes_node_name]
regex: (.+)
target_label: __metrics_path__
replacement: /api/v1/nodes/${1}/proxy/metrics/cadvisor
- job_name: 'kubernetes-service-endpoints'
kubernetes_sd_configs:
- role: endpoints
relabel_configs:
- source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scrape]
action: keep
regex: true
- source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scheme]
action: replace
target_label: __scheme__
regex: (https?)
- source_labels: [__meta_kubernetes_service_annotation_prometheus_io_path]
action: replace
target_label: __metrics_path__
regex: (.+)
- source_labels: [__address__, __meta_kubernetes_service_annotation_prometheus_io_port]
action: replace
target_label: __address__
regex: ([^:]+)(?::\d+)?;(\d+)
replacement: $1:$2
- action: labelmap
regex: __meta_kubernetes_service_label_(.+)
- source_labels: [__meta_kubernetes_namespace]
action: replace
target_label: kubernetes_namespace
- source_labels: [__meta_kubernetes_service_name]
action: replace
target_label: kubernetes_name
---
apiVersion
:
extensions/v1beta1
kind
:
Deployment
metadata
:
name
:
prometheus
namespace
:
monitoring
spec
:
replicas
:
1
template
:
metadata
:
labels
:
app
:
prometheus-server
spec
:
containers
:
-
name
:
prometheus
image
:
prom/prometheus:v2.2.1
args
:
-
"--config.file=/etc/prometheus/prometheus.yml"
-
"--storage.tsdb.path=/prometheus/"
ports
:
-
containerPort
:
9090
volumeMounts
:
-
name
:
prometheus-config-volume
mountPath
:
/etc/prometheus/
-
name
:
prometheus-storage-volume
mountPath
:
/prometheus/
volumes
:
-
name
:
prometheus-config-volume
configMap
:
defaultMode
:
420
name
:
prometheus-server-conf
-
name
:
prometheus-storage-volume
emptyDir
:
{}
---
apiVersion
:
v1
kind
:
Service
metadata
:
name
:
prometheus-service
namespace
:
monitoring
annotations
:
prometheus.io/scrape
:
'true'
prometheus.io/path
:
/
prometheus.io/port
:
'8080'
spec
:
selector
:
app
:
prometheus-server
type
:
NodePort
ports
:
-
port
:
8080
targetPort
:
9090
nodePort
:
30000
---