infra for prometheus cluster monitoring

2025-06-06 17:01:30 +00:00 · 2019-12-08 22:02:19 +11:00 · 2019-12-08 22:02:19 +11:00 · 50117a6a2b
commit 50117a6a2b
parent 6eda362268
18 changed files with 34081 additions and 0 deletions
--- a/prometheus-monitoring/kubernetes-1.14.8/grafana/grafana-deployment.yaml
+++ b/prometheus-monitoring/kubernetes-1.14.8/grafana/grafana-deployment.yaml
@ -0,0 +1,102 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: grafana-app
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: grafana-app
+  template:
+    metadata:
+      labels:
+        app: grafana-app
+    spec:
+      volumes:
+      - name: grafana-datasource-provisioning
+        configMap:
+          name: grafana-datasource-provisioning
+      - name: grafana-dashboard-provisioning
+        configMap:
+          name: grafana-dashboard-provisioning
+      - name: grafana-dashboard-node-rsrc-use
+        configMap:
+          name: grafana-dashboard-node-rsrc-use
+      - name: grafana-dashboard-node-cluster-rsrc-use
+        configMap:
+          name: grafana-dashboard-node-cluster-rsrc-use
+      - name: grafana-dashboard-k8s-resources-cluster
+        configMap:
+          name: grafana-dashboard-k8s-resources-cluster
+      - name: grafana-dashboard-k8s-resources-namespace
+        configMap:
+          name: grafana-dashboard-k8s-resources-namespace
+      - name : grafana-dashboard-k8s-resources-pod
+        configMap:
+          name: grafana-dashboard-k8s-resources-pod
+      - name: grafana-dashboard-k8s-resources-workload
+        configMap:
+          name: grafana-dashboard-k8s-resources-workload
+      - name: grafana-dashboard-k8s-resources-workloads-namespace
+        configMap:
+          name: grafana-dashboard-k8s-resources-workloads-namespace
+      - name: grafana-dashboard-kubelet
+        configMap:
+          name: grafana-dashboard-kubelet
+      - name: grafana-dashboard-nodes
+        configMap:
+          name: grafana-dashboard-nodes
+      - name: grafana-dashboard-pods
+        configMap:
+          name: grafana-dashboard-pods
+      containers:
+      - name: grafana-app
+        image: grafana/grafana:6.4.3
+        ports:
+        - name: web
+          containerPort: 3000
+        volumeMounts:
+        - name: grafana-datasource-provisioning
+          mountPath: /etc/grafana/provisioning/datasources/
+
+        - name: grafana-dashboard-provisioning
+          mountPath: /etc/grafana/provisioning/dashboards/
+
+        - name: grafana-dashboard-node-rsrc-use
+          mountPath: /var/lib/grafana/dashboards/kubernetes/node-rsrc-use.json
+          subPath: node-rsrc-use.json
+
+        - name: grafana-dashboard-node-cluster-rsrc-use
+          mountPath: /var/lib/grafana/dashboards/kubernetes/node-cluster-rsrc-use.json
+          subPath: node-cluster-rsrc-use.json
+
+        - name: grafana-dashboard-k8s-resources-cluster
+          mountPath: /var/lib/grafana/dashboards/kubernetes/k8s-resources-cluster.json
+          subPath: k8s-resources-cluster.json
+
+        - name: grafana-dashboard-k8s-resources-namespace
+          mountPath: /var/lib/grafana/dashboards/kubernetes/k8s-resources-namespace.json
+          subPath: k8s-resources-namespace.json
+
+        - name: grafana-dashboard-k8s-resources-pod
+          mountPath: /var/lib/grafana/dashboards/kubernetes/k8s-resources-pod.json
+          subPath: k8s-resources-pod.json
+
+        - name: grafana-dashboard-k8s-resources-workload
+          mountPath: /var/lib/grafana/dashboards/kubernetes/k8s-resources-workload.json
+          subPath: k8s-resources-workload.json
+
+        - name: grafana-dashboard-k8s-resources-workloads-namespace
+          mountPath: /var/lib/grafana/dashboards/kubernetes/k8s-resources-workloads-namespace.json
+          subPath: k8s-resources-workloads-namespace.json
+
+        - name: grafana-dashboard-kubelet
+          mountPath: /var/lib/grafana/dashboards/kubernetes/kubelet.json
+          subPath: kubelet.json
+
+        - name: grafana-dashboard-nodes
+          mountPath: /var/lib/grafana/dashboards/kubernetes/nodes.json
+          subPath: nodes.json
+        - name: grafana-dashboard-pods
+          mountPath: /var/lib/grafana/dashboards/kubernetes/pods.json
+          subPath: pods.json
--- a/prometheus-monitoring/kubernetes-1.14.8/grafana/grafana-service.yaml
+++ b/prometheus-monitoring/kubernetes-1.14.8/grafana/grafana-service.yaml
@ -0,0 +1,12 @@
+kind: Service
+apiVersion: v1
+metadata:
+  name: grafana-app
+  labels:
+    app: grafana-app
+spec:
+  selector:
+    app: grafana-app
+  ports:
+  - name: web
+    port: 3000
--- a/prometheus-monitoring/kubernetes-1.14.8/grafana/grafana.configmap.yaml
+++ b/prometheus-monitoring/kubernetes-1.14.8/grafana/grafana.configmap.yaml
@ -0,0 +1,39 @@
+apiVersion: v1
+items:
+- apiVersion: v1
+  kind: ConfigMap
+  metadata:
+    name: grafana-dashboard-provisioning
+    namespace: monitoring
+  data:
+    dashboard.yaml: |-
+      apiVersion: 1
+      providers:
+      - name: 'kubernetes'
+        orgId: 1
+        # <string, required> name of the dashboard folder. Required
+        folder: 'kubernetes'
+        type: file
+        disableDeletion: true
+        editable: true
+        # <int> how often Grafana will scan for changed dashboards
+        updateIntervalSeconds: 30
+        options:
+          path: /var/lib/grafana/dashboards
+- apiVersion: v1
+  kind: ConfigMap
+  metadata:
+    name: grafana-datasource-provisioning
+    namespace: monitoring
+  data:
+    datasources.yaml: |-
+      apiVersion: 1
+      datasources:
+      - name: prometheus
+        orgId: 1
+        type: prometheus 
+        url: http://prometheus-service:9090
+        isDefault: true
+        access: proxy
+        editable: true
+kind: ConfigMapList
--- a/prometheus-monitoring/kubernetes-1.14.8/grafana/grafana.dashboards.configmap.yaml
+++ b/prometheus-monitoring/kubernetes-1.14.8/grafana/grafana.dashboards.configmap.yaml
--- a/prometheus-monitoring/kubernetes-1.14.8/node-exporter/node-exporter.yaml
+++ b/prometheus-monitoring/kubernetes-1.14.8/node-exporter/node-exporter.yaml
@ -0,0 +1,77 @@
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: node-exporter
+  labels:
+    k8s-app: node-exporter
+    kubernetes.io/cluster-service: "true"
+    addonmanager.kubernetes.io/mode: Reconcile
+    version: v0.15.2
+spec:
+  selector:
+    matchLabels:
+      k8s-app: node-exporter
+      version: v0.18.1
+  updateStrategy:
+    type: OnDelete
+  template:
+    metadata:
+      labels:
+        k8s-app: node-exporter
+        prometheus: cluster-monitoring
+        version: v0.18.1
+    spec:
+      containers:
+        - name: prometheus-node-exporter
+          image: "prom/node-exporter:v0.18.1"
+          imagePullPolicy: "IfNotPresent"
+          args:
+            - --path.procfs=/host/proc
+            - --path.sysfs=/host/sys
+          ports:
+            - name: metrics
+              containerPort: 9100
+              hostPort: 9100
+          volumeMounts:
+            - name: proc
+              mountPath: /host/proc
+              readOnly:  true
+            - name: sys
+              mountPath: /host/sys
+              readOnly: true
+          resources:
+            limits:
+              memory: 50Mi
+            requests:
+              cpu: 100m
+              memory: 50Mi
+      hostNetwork: true
+      hostPID: true
+      volumes:
+        - name: proc
+          hostPath:
+            path: /proc
+        - name: sys
+          hostPath:
+            path: /sys
+--- 
+apiVersion: v1
+kind: Service
+metadata:
+  name: node-exporter
+  annotations:
+    prometheus.io/scrape: "true"
+  labels:
+    kubernetes.io/cluster-service: "true"
+    addonmanager.kubernetes.io/mode: Reconcile
+    kubernetes.io/name: "NodeExporter"
+    k8s-app: node-exporter
+spec:
+  clusterIP: None
+  ports:
+    - name: http-metrics
+      port: 9100
+      protocol: TCP
+      targetPort: 9100
+  selector:
+    k8s-app: node-exporter
--- a/prometheus-monitoring/kubernetes-1.14.8/node-exporter/service-monitor.yaml
+++ b/prometheus-monitoring/kubernetes-1.14.8/node-exporter/service-monitor.yaml
@ -0,0 +1,18 @@
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: node-exporter
+  labels:
+    prometheus: cluster-monitoring
+    k8s-app: node-exporter
+spec:
+  jobLabel: node-exporter
+  selector:
+    matchLabels:
+      k8s-app: node-exporter
+  namespaceSelector:
+    matchNames:
+    - monitoring
+  endpoints:
+  - port: http-metrics
+    interval: 60s
--- a/prometheus-monitoring/kubernetes-1.14.8/prometheus-cluster-monitoring/cluster-role-binding.yaml
+++ b/prometheus-monitoring/kubernetes-1.14.8/prometheus-cluster-monitoring/cluster-role-binding.yaml
@ -0,0 +1,12 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: prometheus
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: prometheus
+subjects:
+- kind: ServiceAccount
+  name: prometheus
+  namespace: monitoring
--- a/prometheus-monitoring/kubernetes-1.14.8/prometheus-cluster-monitoring/cluster-role.yaml
+++ b/prometheus-monitoring/kubernetes-1.14.8/prometheus-cluster-monitoring/cluster-role.yaml
@ -0,0 +1,18 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: prometheus
+rules:
+- apiGroups: [""]
+  resources:
+  - nodes
+  - services
+  - endpoints
+  - pods
+  verbs: ["get", "list", "watch"]
+- apiGroups: [""]
+  resources:
+  - configmaps
+  verbs: ["get"]
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
--- a/prometheus-monitoring/kubernetes-1.14.8/prometheus-cluster-monitoring/prometheus.rules.yaml
+++ b/prometheus-monitoring/kubernetes-1.14.8/prometheus-cluster-monitoring/prometheus.rules.yaml
--- a/prometheus-monitoring/kubernetes-1.14.8/prometheus-cluster-monitoring/prometheus.service.yaml
+++ b/prometheus-monitoring/kubernetes-1.14.8/prometheus-cluster-monitoring/prometheus.service.yaml
@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app: prometheus   
+    prometheus: prometheus
+  name: prometheus-service
+spec:
+  ports:
+  - protocol: TCP
+    port: 9090
+    targetPort: 9090
+  selector:
+    app: prometheus
+    prometheus: prometheus
--- a/prometheus-monitoring/kubernetes-1.14.8/prometheus-cluster-monitoring/prometheus.yaml
+++ b/prometheus-monitoring/kubernetes-1.14.8/prometheus-cluster-monitoring/prometheus.yaml
@ -0,0 +1,28 @@
+apiVersion: monitoring.coreos.com/v1
+kind: Prometheus
+metadata:
+  name: prometheus
+  labels:
+    prometheus: k8s
+spec:
+  externalLabels:
+    cluster: docker-desktop
+  replicas: 1
+  version: v2.13.1
+  serviceAccountName: prometheus
+  serviceMonitorSelector:
+    matchExpressions:
+    - key: k8s-app
+      operator: In
+      values:
+      - node-exporter
+      - kube-state-metrics
+      - apiserver
+      - kubelet
+  ruleSelector:
+    matchLabels:
+      role: alert-rules
+      prometheus: k8s
+  resources:
+    requests:
+      memory: 400Mi
--- a/prometheus-monitoring/kubernetes-1.14.8/prometheus-cluster-monitoring/service-account.yaml
+++ b/prometheus-monitoring/kubernetes-1.14.8/prometheus-cluster-monitoring/service-account.yaml
@ -0,0 +1,4 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: prometheus
--- a/prometheus-monitoring/kubernetes-1.14.8/prometheus-operator/cluster-role-binding.yaml
+++ b/prometheus-monitoring/kubernetes-1.14.8/prometheus-operator/cluster-role-binding.yaml
@ -0,0 +1,16 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  labels:
+    app.kubernetes.io/component: controller
+    app.kubernetes.io/name: prometheus-operator
+    app.kubernetes.io/version: v0.31.1
+  name: prometheus-operator
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: prometheus-operator
+subjects:
+- kind: ServiceAccount
+  name: prometheus-operator
+  namespace: monitoring
--- a/prometheus-monitoring/kubernetes-1.14.8/prometheus-operator/cluster-role.yaml
+++ b/prometheus-monitoring/kubernetes-1.14.8/prometheus-operator/cluster-role.yaml
@ -0,0 +1,73 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    app.kubernetes.io/component: controller
+    app.kubernetes.io/name: prometheus-operator
+    app.kubernetes.io/version: v0.31.1
+  name: prometheus-operator
+rules:
+- apiGroups:
+  - apiextensions.k8s.io
+  resources:
+  - customresourcedefinitions
+  verbs:
+  - '*'
+- apiGroups:
+  - monitoring.coreos.com
+  resources:
+  - alertmanagers
+  - prometheuses
+  - prometheuses/finalizers
+  - alertmanagers/finalizers
+  - servicemonitors
+  - podmonitors
+  - prometheusrules
+  verbs:
+  - '*'
+- apiGroups:
+  - apps
+  resources:
+  - statefulsets
+  verbs:
+  - '*'
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  - secrets
+  verbs:
+  - '*'
+- apiGroups:
+  - ""
+  resources:
+  - pods
+  verbs:
+  - list
+  - delete
+- apiGroups:
+  - ""
+  resources:
+  - services
+  - services/finalizers
+  - endpoints
+  verbs:
+  - get
+  - create
+  - update
+  - delete
+- apiGroups:
+  - ""
+  resources:
+  - nodes
+  verbs:
+  - list
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - namespaces
+  verbs:
+  - get
+  - list
+  - watch
--- a/prometheus-monitoring/kubernetes-1.14.8/prometheus-operator/deployment.yaml
+++ b/prometheus-monitoring/kubernetes-1.14.8/prometheus-operator/deployment.yaml
@ -0,0 +1,47 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app.kubernetes.io/component: controller
+    app.kubernetes.io/name: prometheus-operator
+    app.kubernetes.io/version: v0.33.0
+  name: prometheus-operator
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/component: controller
+      app.kubernetes.io/name: prometheus-operator
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/component: controller
+        app.kubernetes.io/name: prometheus-operator
+        app.kubernetes.io/version: v0.33.0
+    spec:
+      containers:
+      - args:
+        - --kubelet-service=kube-system/kubelet
+        - --logtostderr=true
+        - --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1
+        - --prometheus-config-reloader=quay.io/coreos/prometheus-config-reloader:v0.33.0
+        image: quay.io/coreos/prometheus-operator:v0.33.0
+        name: prometheus-operator
+        ports:
+        - containerPort: 8080
+          name: http
+        # resources:
+        #   limits:
+        #     cpu: 200m
+        #     memory: 200Mi
+        #   requests:
+        #     cpu: 100m
+        #     memory: 100Mi
+        securityContext:
+          allowPrivilegeEscalation: false
+      nodeSelector:
+        beta.kubernetes.io/os: linux
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 65534
+      serviceAccountName: prometheus-operator
--- a/prometheus-monitoring/kubernetes-1.14.8/prometheus-operator/service-account.yaml
+++ b/prometheus-monitoring/kubernetes-1.14.8/prometheus-operator/service-account.yaml
@ -0,0 +1,8 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  labels:
+    app.kubernetes.io/component: controller
+    app.kubernetes.io/name: prometheus-operator
+    app.kubernetes.io/version: v0.31.1
+  name: prometheus-operator
--- a/prometheus-monitoring/kubernetes-1.14.8/prometheus-operator/service-monitor.yaml
+++ b/prometheus-monitoring/kubernetes-1.14.8/prometheus-operator/service-monitor.yaml
@ -0,0 +1,17 @@
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  labels:
+    app.kubernetes.io/component: controller
+    app.kubernetes.io/name: prometheus-operator
+    app.kubernetes.io/version: v0.31.1
+  name: prometheus-operator
+spec:
+  endpoints:
+  - honorLabels: true
+    port: http
+  selector:
+    matchLabels:
+      app.kubernetes.io/component: controller
+      app.kubernetes.io/name: prometheus-operator
+      app.kubernetes.io/version: v0.31.1
--- a/prometheus-monitoring/kubernetes-1.14.8/prometheus-operator/service.yaml
+++ b/prometheus-monitoring/kubernetes-1.14.8/prometheus-operator/service.yaml
@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app.kubernetes.io/component: controller
+    app.kubernetes.io/name: prometheus-operator
+    app.kubernetes.io/version: v0.31.1
+  name: prometheus-operator
+spec:
+  clusterIP: None
+  ports:
+  - name: http
+    port: 8080
+    targetPort: http
+  selector:
+    app.kubernetes.io/component: controller
+    app.kubernetes.io/name: prometheus-operator