HGKeeper

imfreedom/k8s-cluster

update kube-state-metrics and move it to the new ops namespace

2020-01-04, Gary Kramlich

570c6ca95e04

Parents 8a23c3664f4d
Children 77e90a0ab4e3

update kube-state-metrics and move it to the new ops namespace

3 files changed, 200 insertions(+), 130 deletions(-)

+7 -0

00-namespaces.yaml

+0 -130

10-kube-state-metrics.yaml

+193 -0

20-kube-state-metrics.yaml

~~--- a/00-namespaces.yaml Sat Jan 04 10:35:48 2020 -0600~~

+++ b/00-namespaces.yaml Sat Jan 04 11:30:56 2020 -0600

@@ -64,3 +64,10 @@

# certmanager.k8s.io/disable-validation: "true"

name: cert-manager

---

+apiVersion: v1

+kind: Namespace

+metadata:

+ name: ops

+ labels:

+ name: ops

+---

~~--- a/10-kube-state-metrics.yaml Sat Jan 04 10:35:48 2020 -0600~~

+++ /dev/null Thu Jan 01 00:00:00 1970 +0000

@@ -1,130 +0,0 @@

~~-# This is a lightly modified version of~~

~~-# https://github.com/kubernetes/kube-state-metrics/tree/master/kubernetes to~~

~~-# get some "advanced" metrics into the dashboard on digital ocean.~~

~~----~~

~~-apiVersion: v1~~

~~-kind: ServiceAccount~~

~~-metadata:~~

~~- name: kube-state-metrics~~

~~- namespace: kube-system~~

~~----~~

~~-apiVersion: rbac.authorization.k8s.io/v1~~

~~-kind: ClusterRole~~

~~-metadata:~~

~~- name: kube-state-metrics~~

~~-rules:~~

~~- - apiGroups: [""]~~

~~- resources:~~

~~- - configmaps~~

~~- - secrets~~

~~- - nodes~~

~~- - pods~~

~~- - services~~

~~- - resourcequotas~~

~~- - replicationcontrollers~~

~~- - limitranges~~

~~- - persistentvolumeclaims~~

~~- - persistentvolumes~~

~~- - namespaces~~

~~- - endpoints~~

~~- verbs: ["list", "watch"]~~

~~- - apiGroups: ["extensions"]~~

~~- resources:~~

~~- - daemonsets~~

~~- - deployments~~

~~- - replicasets~~

~~- - ingresses~~

~~- verbs: ["list", "watch"]~~

~~- - apiGroups: ["apps"]~~

~~- resources:~~

~~- - daemonsets~~

~~- - deployments~~

~~- - replicasets~~

~~- - statefulsets~~

~~- verbs: ["list", "watch"]~~

~~- - apiGroups: ["batch"]~~

~~- resources:~~

~~- - cronjobs~~

~~- - jobs~~

~~- verbs: ["list", "watch"]~~

~~- - apiGroups: ["autoscaling"]~~

~~- resources:~~

~~- - horizontalpodautoscalers~~

~~- verbs: ["list", "watch"]~~

~~- - apiGroups: ["policy"]~~

~~- resources:~~

~~- - poddisruptionbudgets~~

~~- verbs: ["list", "watch"]~~

~~- - apiGroups: ["certificates.k8s.io"]~~

~~- resources:~~

~~- - certificatesigningrequests~~

~~- verbs: ["list", "watch"]~~

~~----~~

~~-apiVersion: rbac.authorization.k8s.io/v1~~

~~-kind: ClusterRoleBinding~~

~~-metadata:~~

~~- name: kube-state-metrics~~

~~-roleRef:~~

~~- apiGroup: rbac.authorization.k8s.io~~

~~- kind: ClusterRole~~

~~- name: kube-state-metrics~~

~~-subjects:~~

~~- - kind: ServiceAccount~~

~~- name: kube-state-metrics~~

~~- namespace: kube-system~~

~~----~~

~~-apiVersion: v1~~

~~-kind: Service~~

~~-metadata:~~

~~- name: kube-state-metrics~~

~~- namespace: kube-system~~

~~- labels:~~

~~- k8s-app: kube-state-metrics~~

~~- annotations:~~

~~- prometheus.io/scrape: 'true'~~

~~-spec:~~

~~- ports:~~

~~- - name: http-metrics~~

~~- port: 8080~~

~~- targetPort: http-metrics~~

~~- protocol: TCP~~

~~- - name: telemetry~~

~~- port: 8081~~

~~- targetPort: telemetry~~

~~- protocol: TCP~~

~~- selector:~~

~~- k8s-app: kube-state-metrics~~

~~----~~

~~-apiVersion: apps/v1~~

~~-kind: Deployment~~

~~-metadata:~~

~~- labels:~~

~~- k8s-app: kube-state-metrics~~

~~- name: kube-state-metrics~~

~~- namespace: kube-system~~

~~-spec:~~

~~- selector:~~

~~- matchLabels:~~

~~- k8s-app: kube-state-metrics~~

~~- replicas: 1~~

~~- template:~~

~~- metadata:~~

~~- labels:~~

~~- k8s-app: kube-state-metrics~~

~~- spec:~~

~~- serviceAccountName: kube-state-metrics~~

~~- containers:~~

~~- - name: kube-state-metrics~~

~~- image: quay.io/coreos/kube-state-metrics:v1.6.0~~

~~- ports:~~

~~- - name: http-metrics~~

~~- containerPort: 8080~~

~~- - name: telemetry~~

~~- containerPort: 8081~~

~~- readinessProbe:~~

~~- httpGet:~~

~~- path: /healthz~~

~~- port: 8080~~

~~- initialDelaySeconds: 5~~

~~- timeoutSeconds: 5~~

~~----~~

~~--- /dev/null Thu Jan 01 00:00:00 1970 +0000~~

+++ b/20-kube-state-metrics.yaml Sat Jan 04 11:30:56 2020 -0600

@@ -0,0 +1,193 @@

+# This is a lightly modified version of

+# https://github.com/kubernetes/kube-state-metrics/blob/master/examples/standard

+---

+apiVersion: v1

+kind: ServiceAccount

+metadata:

+ name: kube-state-metrics

+ namespace: ops

+---

+apiVersion: rbac.authorization.k8s.io/v1

+kind: ClusterRole

+metadata:

+ labels:

+ app.kubernetes.io/name: kube-state-metrics

+ app.kubernetes.io/version: v1.9.0

+ name: kube-state-metrics

+rules:

+ - apiGroups:

+ - ""

+ resources:

+ - configmaps

+ - secrets

+ - nodes

+ - pods

+ - services

+ - resourcequotas

+ - replicationcontrollers

+ - limitranges

+ - persistentvolumeclaims

+ - persistentvolumes

+ - namespaces

+ - endpoints

+ verbs:

+ - list

+ - watch

+ - apiGroups:

+ - extensions

+ resources:

+ - daemonsets

+ - deployments

+ - replicasets

+ - ingresses

+ verbs:

+ - list

+ - watch

+ - apiGroups:

+ - apps

+ resources:

+ - statefulsets

+ - daemonsets

+ - deployments

+ - replicasets

+ verbs:

+ - list

+ - watch

+ - apiGroups:

+ - batch

+ resources:

+ - cronjobs

+ - jobs

+ verbs:

+ - list

+ - watch

+ - apiGroups:

+ - autoscaling

+ resources:

+ - horizontalpodautoscalers

+ verbs:

+ - list

+ - watch

+ - apiGroups:

+ - authentication.k8s.io

+ resources:

+ - tokenreviews

+ verbs:

+ - create

+ - apiGroups:

+ - authorization.k8s.io

+ resources:

+ - subjectaccessreviews

+ verbs:

+ - create

+ - apiGroups:

+ - policy

+ resources:

+ - poddisruptionbudgets

+ verbs:

+ - list

+ - watch

+ - apiGroups:

+ - certificates.k8s.io

+ resources:

+ - certificatesigningrequests

+ verbs:

+ - list

+ - watch

+ - apiGroups:

+ - storage.k8s.io

+ resources:

+ - storageclasses

+ - volumeattachments

+ verbs:

+ - list

+ - watch

+ - apiGroups:

+ - admissionregistration.k8s.io

+ resources:

+ - mutatingwebhookconfigurations

+ - validatingwebhookconfigurations

+ verbs:

+ - list

+ - watch

+ - apiGroups:

+ - networking.k8s.io

+ resources:

+ - networkpolicies

+ verbs:

+ - list

+ - watch

+---

+apiVersion: rbac.authorization.k8s.io/v1

+kind: ClusterRoleBinding

+metadata:

+ name: kube-state-metrics

+ labels:

+ app: kube-state-metrics

+roleRef:

+ apiGroup: rbac.authorization.k8s.io

+ kind: ClusterRole

+ name: kube-state-metrics

+subjects:

+ - kind: ServiceAccount

+ name: kube-state-metrics

+ namespace: ops

+---

+apiVersion: v1

+kind: Service

+metadata:

+ name: kube-state-metrics

+ namespace: ops

+ labels:

+ app: kube-state-metrics

+spec:

+ clusterIP: None

+ ports:

+ - name: http-metrics

+ port: 8080

+ targetPort: http-metrics

+ - name: telemetry

+ port: 8081

+ targetPort: telemetry

+ selector:

+ app: kube-state-metrics

+---

+apiVersion: apps/v1

+kind: Deployment

+metadata:

+ name: kube-state-metrics

+ namespace: ops

+ labels:

+ app: kube-state-metrics

+spec:

+ selector:

+ matchLabels:

+ app: kube-state-metrics

+ replicas: 1

+ template:

+ metadata:

+ labels:

+ app: kube-state-metrics

+ spec:

+ serviceAccountName: kube-state-metrics

+ containers:

+ - name: kube-state-metrics

+ image: quay.io/coreos/kube-state-metrics:v1.9.0

+ ports:

+ - name: http-metrics

+ containerPort: 8080

+ - name: telemetry

+ containerPort: 8081

+ livenessProbe:

+ httpGet:

+ path: /healthz

+ port: 8080

+ initialDelaySeconds: 5

+ timeoutSeconds: 5

+ readinessProbe:

+ httpGet:

+ path: /healthz

+ port: 8080

+ initialDelaySeconds: 5

+ timeoutSeconds: 5

+---