mirrors/kube-prometheus
1
0
Fork 0
mirror of https://github.com/prometheus-operator/kube-prometheus.git synced 2025-11-02 17:11:44 +01:00
Code Issues Projects Releases Wiki Activity

jsonnet: unify internal configuration field name

Browse Source 
Signed-off-by: paulfantom <pawel@krupa.net.pl>
This commit is contained in:
paulfantom 2021-03-16 19:14:55 +01:00
parent ed884b0399
commit 0bf34a24f8
No known key found for this signature in database
GPG Key ID: 12AE0185401674E7
14 changed files with 297 additions and 295 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
jsonnet/kube-prometheus/addons/podsecuritypolicies.libsonnet
View File

@ -101,7 +101,7 @@ local restrictedPodSecurityPolicy = {
podSecurityPolicy:
local blackboxExporterPspPrivileged =
if $.blackboxExporter.config.privileged then
if $.blackboxExporter._config.privileged then
{
metadata+: {
name: 'blackbox-exporter-psp',
@ -209,8 +209,8 @@ local restrictedPodSecurityPolicy = {
hostPID: true,
hostPorts: [
{
max: $.nodeExporter.config.port,
min: $.nodeExporter.config.port,
max: $.nodeExporter._config.port,
min: $.nodeExporter._config.port,
},
],
readOnlyRootFilesystem: true,

4
jsonnet/kube-prometheus/addons/weave-net/weave-net.libsonnet
View File

@ -52,9 +52,9 @@
apiVersion: 'monitoring.coreos.com/v1',
kind: 'PrometheusRule',
metadata: {
labels: p.config.mixin.ruleLabels,
labels: p._config.mixin.ruleLabels,
name: 'weave-net-rules',
namespace: p.config.namespace,
namespace: p._config.namespace,
},
spec: {
groups: [{

80
jsonnet/kube-prometheus/components/alertmanager.libsonnet
View File

@ -72,23 +72,23 @@ local defaults = {
function(params) {
local am = self,
config:: defaults + params,
_config:: defaults + params,
// Safety check
assert std.isObject(am.config.resources),
assert std.isObject(am.config.mixin._config),
assert std.isObject(am._config.resources),
assert std.isObject(am._config.mixin._config),
mixin:: (import 'github.com/prometheus/alertmanager/doc/alertmanager-mixin/mixin.libsonnet') +
(import 'github.com/kubernetes-monitoring/kubernetes-mixin/alerts/add-runbook-links.libsonnet') {
_config+:: am.config.mixin._config,
_config+:: am._config.mixin._config,
},
prometheusRule: {
apiVersion: 'monitoring.coreos.com/v1',
kind: 'PrometheusRule',
metadata: {
labels: am.config.commonLabels + am.config.mixin.ruleLabels,
name: 'alertmanager-' + am.config.name + '-rules',
namespace: am.config.namespace,
labels: am._config.commonLabels + am._config.mixin.ruleLabels,
name: 'alertmanager-' + am._config.name + '-rules',
namespace: am._config.namespace,
},
spec: {
local r = if std.objectHasAll(am.mixin, 'prometheusRules') then am.mixin.prometheusRules.groups else [],
@ -102,16 +102,16 @@ function(params) {
kind: 'Secret',
type: 'Opaque',
metadata: {
name: 'alertmanager-' + am.config.name,
namespace: am.config.namespace,
labels: { alertmanager: am.config.name } + am.config.commonLabels,
name: 'alertmanager-' + am._config.name,
namespace: am._config.namespace,
labels: { alertmanager: am._config.name } + am._config.commonLabels,
},
stringData: {
'alertmanager.yaml': if std.type(am.config.config) == 'object'
'alertmanager.yaml': if std.type(am._config.config) == 'object'
then
std.manifestYamlDoc(am.config.config)
std.manifestYamlDoc(am._config.config)
else
am.config.config,
am._config.config,
},
},
@ -119,9 +119,9 @@ function(params) {
apiVersion: 'v1',
kind: 'ServiceAccount',
metadata: {
name: 'alertmanager-' + am.config.name,
namespace: am.config.namespace,
labels: { alertmanager: am.config.name } + am.config.commonLabels,
name: 'alertmanager-' + am._config.name,
namespace: am._config.namespace,
labels: { alertmanager: am._config.name } + am._config.commonLabels,
},
},
@ -129,9 +129,9 @@ function(params) {
apiVersion: 'v1',
kind: 'Service',
metadata: {
name: 'alertmanager-' + am.config.name,
namespace: am.config.namespace,
labels: { alertmanager: am.config.name } + am.config.commonLabels,
name: 'alertmanager-' + am._config.name,
namespace: am._config.namespace,
labels: { alertmanager: am._config.name } + am._config.commonLabels,
},
spec: {
ports: [
@ -139,8 +139,8 @@ function(params) {
],
selector: {
app: 'alertmanager',
alertmanager: am.config.name,
} + am.config.selectorLabels,
alertmanager: am._config.name,
} + am._config.selectorLabels,
sessionAffinity: 'ClientIP',
},
},
@ -150,14 +150,14 @@ function(params) {
kind: 'ServiceMonitor',
metadata: {
name: 'alertmanager',
namespace: am.config.namespace,
labels: am.config.commonLabels,
namespace: am._config.namespace,
labels: am._config.commonLabels,
},
spec: {
selector: {
matchLabels: {
alertmanager: am.config.name,
} + am.config.selectorLabels,
alertmanager: am._config.name,
} + am._config.selectorLabels,
},
endpoints: [
{ port: 'web', interval: '30s' },
@ -169,16 +169,16 @@ function(params) {
apiVersion: 'policy/v1beta1',
kind: 'PodDisruptionBudget',
metadata: {
name: 'alertmanager-' + am.config.name,
namespace: am.config.namespace,
labels: am.config.commonLabels,
name: 'alertmanager-' + am._config.name,
namespace: am._config.namespace,
labels: am._config.commonLabels,
},
spec: {
maxUnavailable: 1,
selector: {
matchLabels: {
alertmanager: am.config.name,
} + am.config.selectorLabels,
alertmanager: am._config.name,
} + am._config.selectorLabels,
},
},
},
@ -187,22 +187,22 @@ function(params) {
apiVersion: 'monitoring.coreos.com/v1',
kind: 'Alertmanager',
metadata: {
name: am.config.name,
namespace: am.config.namespace,
name: am._config.name,
namespace: am._config.namespace,
labels: {
alertmanager: am.config.name,
} + am.config.commonLabels,
alertmanager: am._config.name,
} + am._config.commonLabels,
},
spec: {
replicas: am.config.replicas,
version: am.config.version,
image: am.config.image,
replicas: am._config.replicas,
version: am._config.version,
image: am._config.image,
podMetadata: {
labels: am.config.commonLabels,
labels: am._config.commonLabels,
},
resources: am.config.resources,
resources: am._config.resources,
nodeSelector: { 'kubernetes.io/os': 'linux' },
serviceAccountName: 'alertmanager-' + am.config.name,
serviceAccountName: 'alertmanager-' + am._config.name,
securityContext: {
runAsUser: 1000,
runAsNonRoot: true,

62
jsonnet/kube-prometheus/components/blackbox-exporter.libsonnet
View File

@ -88,20 +88,20 @@ local defaults = {
function(params) {
local bb = self,
config:: defaults + params,
_config:: defaults + params,
// Safety check
assert std.isObject(bb.config.resources),
assert std.isObject(bb._config.resources),
configuration: {
apiVersion: 'v1',
kind: 'ConfigMap',
metadata: {
name: 'blackbox-exporter-configuration',
namespace: bb.config.namespace,
labels: bb.config.commonLabels,
namespace: bb._config.namespace,
labels: bb._config.commonLabels,
},
data: {
'config.yml': std.manifestYamlDoc({ modules: bb.config.modules }),
'config.yml': std.manifestYamlDoc({ modules: bb._config.modules }),
},
},
@ -110,7 +110,7 @@ function(params) {
kind: 'ServiceAccount',
metadata: {
name: 'blackbox-exporter',
namespace: bb.config.namespace,
namespace: bb._config.namespace,
},
},
@ -148,24 +148,24 @@ function(params) {
subjects: [{
kind: 'ServiceAccount',
name: 'blackbox-exporter',
namespace: bb.config.namespace,
namespace: bb._config.namespace,
}],
},
deployment:
local blackboxExporter = {
name: 'blackbox-exporter',
image: bb.config.image,
image: bb._config.image,
args: [
'--config.file=/etc/blackbox_exporter/config.yml',
'--web.listen-address=:%d' % bb.config.internalPort,
'--web.listen-address=:%d' % bb._config.internalPort,
],
ports: [{
name: 'http',
containerPort: bb.config.internalPort,
containerPort: bb._config.internalPort,
}],
resources: bb.config.resources,
securityContext: if bb.config.privileged then {
resources: bb._config.resources,
securityContext: if bb._config.privileged then {
runAsNonRoot: false,
capabilities: { drop: ['ALL'], add: ['NET_RAW'] },
} else {
@ -181,12 +181,12 @@ function(params) {
local reloader = {
name: 'module-configmap-reloader',
image: bb.config.configmapReloaderImage,
image: bb._config.configmapReloaderImage,
args: [
'--webhook-url=http://localhost:%d/-/reload' % bb.config.internalPort,
'--webhook-url=http://localhost:%d/-/reload' % bb._config.internalPort,
'--volume-dir=/etc/blackbox_exporter/',
],
resources: bb.config.resources,
resources: bb._config.resources,
securityContext: { runAsNonRoot: true, runAsUser: 65534 },
terminationMessagePath: '/dev/termination-log',
terminationMessagePolicy: 'FallbackToLogsOnError',
@ -199,10 +199,10 @@ function(params) {
local kubeRbacProxy = krp({
name: 'kube-rbac-proxy',
upstream: 'http://127.0.0.1:' + bb.config.internalPort + '/',
secureListenAddress: ':' + bb.config.port,
upstream: 'http://127.0.0.1:' + bb._config.internalPort + '/',
secureListenAddress: ':' + bb._config.port,
ports: [
{ name: 'https', containerPort: bb.config.port },
{ name: 'https', containerPort: bb._config.port },
],
});
@ -211,14 +211,14 @@ function(params) {
kind: 'Deployment',
metadata: {
name: 'blackbox-exporter',
namespace: bb.config.namespace,
labels: bb.config.commonLabels,
namespace: bb._config.namespace,
labels: bb._config.commonLabels,
},
spec: {
replicas: bb.config.replicas,
selector: { matchLabels: bb.config.selectorLabels },
replicas: bb._config.replicas,
selector: { matchLabels: bb._config.selectorLabels },
template: {
metadata: { labels: bb.config.commonLabels },
metadata: { labels: bb._config.commonLabels },
spec: {
containers: [blackboxExporter, reloader, kubeRbacProxy],
nodeSelector: { 'kubernetes.io/os': 'linux' },
@ -237,20 +237,20 @@ function(params) {
kind: 'Service',
metadata: {
name: 'blackbox-exporter',
namespace: bb.config.namespace,
labels: bb.config.commonLabels,
namespace: bb._config.namespace,
labels: bb._config.commonLabels,
},
spec: {
ports: [{
name: 'https',
port: bb.config.port,
port: bb._config.port,
targetPort: 'https',
}, {
name: 'probe',
port: bb.config.internalPort,
port: bb._config.internalPort,
targetPort: 'http',
}],
selector: bb.config.selectorLabels,
selector: bb._config.selectorLabels,
},
},
@ -260,8 +260,8 @@ function(params) {
kind: 'ServiceMonitor',
metadata: {
name: 'blackbox-exporter',
namespace: bb.config.namespace,
labels: bb.config.commonLabels,
namespace: bb._config.namespace,
labels: bb._config.commonLabels,
},
spec: {
endpoints: [{
@ -275,7 +275,7 @@ function(params) {
},
}],
selector: {
matchLabels: bb.config.selectorLabels,
matchLabels: bb._config.selectorLabels,
},
},
},

38
jsonnet/kube-prometheus/components/grafana.libsonnet
View File

@ -33,35 +33,35 @@ local defaults = {
function(params) {
local g = self,
cfg:: defaults + params,
_config:: defaults + params,
// Safety check
assert std.isObject(g.cfg.resources),
assert std.isObject(g._config.resources),
local glib = (import 'github.com/brancz/kubernetes-grafana/grafana/grafana.libsonnet') + {
_config+:: {
namespace: g.cfg.namespace,
namespace: g._config.namespace,
versions+:: {
grafana: g.cfg.version,
grafana: g._config.version,
},
imageRepos+:: {
grafana: g.cfg.imageRepos,
grafana: g._config.imageRepos,
},
prometheus+:: {
name: g.cfg.prometheusName,
name: g._config.prometheusName,
},
grafana+:: {
labels: g.cfg.commonLabels,
dashboards: g.cfg.dashboards,
resources: g.cfg.resources,
rawDashboards: g.cfg.rawDashboards,
folderDashboards: g.cfg.folderDashboards,
containers: g.cfg.containers,
config+: g.cfg.config,
plugins+: g.cfg.plugins,
labels: g._config.commonLabels,
dashboards: g._config.dashboards,
resources: g._config.resources,
rawDashboards: g._config.rawDashboards,
folderDashboards: g._config.folderDashboards,
containers: g._config.containers,
config+: g._config.config,
plugins+: g._config.plugins,
} + (
// Conditionally overwrite default setting.
if std.length(g.cfg.datasources) > 0 then
{ datasources: g.cfg.datasources }
if std.length(g._config.datasources) > 0 then
{ datasources: g._config.datasources }
else {}
),
},
@ -75,7 +75,7 @@ function(params) {
dashboardDatasources: glib.grafana.dashboardDatasources,
dashboardSources: glib.grafana.dashboardSources,
dashboardDefinitions: if std.length(g.cfg.dashboards) > 0 then {
dashboardDefinitions: if std.length(g._config.dashboards) > 0 then {
apiVersion: 'v1',
kind: 'ConfigMapList',
items: glib.grafana.dashboardDefinitions,
@ -85,8 +85,8 @@ function(params) {
kind: 'ServiceMonitor',
metadata: {
name: 'grafana',
namespace: g.cfg.namespace,
labels: g.cfg.commonLabels,
namespace: g._config.namespace,
labels: g._config.commonLabels,
},
spec: {
selector: {

18
jsonnet/kube-prometheus/components/k8s-control-plane.libsonnet
View File

@ -26,19 +26,19 @@ local defaults = {
function(params) {
local k8s = self,
config:: defaults + params,
_config:: defaults + params,
mixin:: (import 'github.com/kubernetes-monitoring/kubernetes-mixin/mixin.libsonnet') {
_config+:: k8s.config.mixin._config,
_config+:: k8s._config.mixin._config,
},
prometheusRule: {
apiVersion: 'monitoring.coreos.com/v1',
kind: 'PrometheusRule',
metadata: {
labels: k8s.config.commonLabels + k8s.config.mixin.ruleLabels,
labels: k8s._config.commonLabels + k8s._config.mixin.ruleLabels,
name: 'kubernetes-monitoring-rules',
namespace: k8s.config.namespace,
namespace: k8s._config.namespace,
},
spec: {
local r = if std.objectHasAll(k8s.mixin, 'prometheusRules') then k8s.mixin.prometheusRules.groups else {},
@ -52,7 +52,7 @@ function(params) {
kind: 'ServiceMonitor',
metadata: {
name: 'kube-scheduler',
namespace: k8s.config.namespace,
namespace: k8s._config.namespace,
labels: { 'app.kubernetes.io/name': 'kube-scheduler' },
},
spec: {
@ -78,7 +78,7 @@ function(params) {
kind: 'ServiceMonitor',
metadata: {
name: 'kubelet',
namespace: k8s.config.namespace,
namespace: k8s._config.namespace,
labels: { 'app.kubernetes.io/name': 'kubelet' },
},
spec: {
@ -150,7 +150,7 @@ function(params) {
kind: 'ServiceMonitor',
metadata: {
name: 'kube-controller-manager',
namespace: k8s.config.namespace,
namespace: k8s._config.namespace,
labels: { 'app.kubernetes.io/name': 'kube-controller-manager' },
},
spec: {
@ -185,7 +185,7 @@ function(params) {
kind: 'ServiceMonitor',
metadata: {
name: 'kube-apiserver',
namespace: k8s.config.namespace,
namespace: k8s._config.namespace,
labels: { 'app.kubernetes.io/name': 'apiserver' },
},
spec: {
@ -239,7 +239,7 @@ function(params) {
kind: 'ServiceMonitor',
metadata: {
name: 'coredns',
namespace: k8s.config.namespace,
namespace: k8s._config.namespace,
labels: { 'app.kubernetes.io/name': 'coredns' },
},
spec: {

18
jsonnet/kube-prometheus/components/kube-rbac-proxy.libsonnet
View File

@ -41,20 +41,20 @@ local defaults = {
function(params) {
local krp = self,
config:: defaults + params,
_config:: defaults + params,
// Safety check
assert std.isObject(krp.config.resources),
assert std.isObject(krp._config.resources),
name: krp.config.name,
image: krp.config.image,
name: krp._config.name,
image: krp._config.image,
args: [
'--logtostderr',
'--secure-listen-address=' + krp.config.secureListenAddress,
'--tls-cipher-suites=' + std.join(',', krp.config.tlsCipherSuites),
'--upstream=' + krp.config.upstream,
'--secure-listen-address=' + krp._config.secureListenAddress,
'--tls-cipher-suites=' + std.join(',', krp._config.tlsCipherSuites),
'--upstream=' + krp._config.upstream,
],
resources: krp.config.resources,
ports: krp.config.ports,
resources: krp._config.resources,
ports: krp._config.ports,
securityContext: {
runAsUser: 65532,
runAsGroup: 65532,

40
jsonnet/kube-prometheus/components/kube-state-metrics.libsonnet
View File

@ -35,30 +35,30 @@ local defaults = {
function(params) (import 'github.com/kubernetes/kube-state-metrics/jsonnet/kube-state-metrics/kube-state-metrics.libsonnet') {
local ksm = self,
config:: defaults + params,
_config:: defaults + params,
// Safety check
assert std.isObject(ksm.config.resources),
assert std.isObject(ksm.config.mixin._config),
assert std.isObject(ksm._config.resources),
assert std.isObject(ksm._config.mixin._config),
name:: ksm.config.name,
namespace:: ksm.config.namespace,
version:: ksm.config.version,
image:: ksm.config.image,
commonLabels:: ksm.config.commonLabels,
podLabels:: ksm.config.selectorLabels,
name:: ksm._config.name,
namespace:: ksm._config.namespace,
version:: ksm._config.version,
image:: ksm._config.image,
commonLabels:: ksm._config.commonLabels,
podLabels:: ksm._config.selectorLabels,
mixin:: (import 'github.com/kubernetes/kube-state-metrics/jsonnet/kube-state-metrics-mixin/mixin.libsonnet') +
(import 'github.com/kubernetes-monitoring/kubernetes-mixin/alerts/add-runbook-links.libsonnet') {
_config+:: ksm.config.mixin._config,
_config+:: ksm._config.mixin._config,
},
prometheusRule: {
apiVersion: 'monitoring.coreos.com/v1',
kind: 'PrometheusRule',
metadata: {
labels: ksm.config.commonLabels + ksm.config.mixin.ruleLabels,
name: ksm.config.name + '-rules',
namespace: ksm.config.namespace,
labels: ksm._config.commonLabels + ksm._config.mixin.ruleLabels,
name: ksm._config.name + '-rules',
namespace: ksm._config.namespace,
},
spec: {
local r = if std.objectHasAll(ksm.mixin, 'prometheusRules') then ksm.mixin.prometheusRules.groups else [],
@ -115,7 +115,7 @@ function(params) (import 'github.com/kubernetes/kube-state-metrics/jsonnet/kube-
livenessProbe:: null,
readinessProbe:: null,
args: ['--host=127.0.0.1', '--port=8081', '--telemetry-host=127.0.0.1', '--telemetry-port=8082'],
resources: ksm.config.resources,
resources: ksm._config.resources,
}, super.containers) + [kubeRbacProxyMain, kubeRbacProxySelf],
},
},
@ -127,18 +127,18 @@ function(params) (import 'github.com/kubernetes/kube-state-metrics/jsonnet/kube-
kind: 'ServiceMonitor',
metadata: {
name: ksm.name,
namespace: ksm.config.namespace,
labels: ksm.config.commonLabels,
namespace: ksm._config.namespace,
labels: ksm._config.commonLabels,
},
spec: {
jobLabel: 'app.kubernetes.io/name',
selector: { matchLabels: ksm.config.selectorLabels },
selector: { matchLabels: ksm._config.selectorLabels },
endpoints: [
{
port: 'https-main',
scheme: 'https',
interval: ksm.config.scrapeInterval,
scrapeTimeout: ksm.config.scrapeTimeout,
interval: ksm._config.scrapeInterval,
scrapeTimeout: ksm._config.scrapeTimeout,
honorLabels: true,
bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token',
relabelings: [
@ -154,7 +154,7 @@ function(params) (import 'github.com/kubernetes/kube-state-metrics/jsonnet/kube-
{
port: 'https-self',
scheme: 'https',
interval: ksm.config.scrapeInterval,
interval: ksm._config.scrapeInterval,
bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token',
tlsConfig: {
insecureSkipVerify: true,

10
jsonnet/kube-prometheus/components/mixin/custom.libsonnet
View File

@ -18,22 +18,22 @@ local defaults = {
function(params) {
local m = self,
config:: defaults + params,
_config:: defaults + params,
local alertsandrules = (import './alerts/alerts.libsonnet') + (import './rules/rules.libsonnet'),
mixin:: alertsandrules +
(import 'github.com/kubernetes-monitoring/kubernetes-mixin/alerts/add-runbook-links.libsonnet') {
_config+:: m.config.mixin._config,
_config+:: m._config.mixin._config,
},
prometheusRule: {
apiVersion: 'monitoring.coreos.com/v1',
kind: 'PrometheusRule',
metadata: {
labels: m.config.commonLabels + m.config.mixin.ruleLabels,
name: m.config.name + '-rules',
namespace: m.config.namespace,
labels: m._config.commonLabels + m._config.mixin.ruleLabels,
name: m._config.name + '-rules',
namespace: m._config.namespace,
},
spec: {
local r = if std.objectHasAll(m.mixin, 'prometheusRules') then m.mixin.prometheusRules.groups else [],

78
jsonnet/kube-prometheus/components/node-exporter.libsonnet
View File

@ -37,23 +37,23 @@ local defaults = {
function(params) {
local ne = self,
config:: defaults + params,
_config:: defaults + params,
// Safety check
assert std.isObject(ne.config.resources),
assert std.isObject(ne.config.mixin._config),
assert std.isObject(ne._config.resources),
assert std.isObject(ne._config.mixin._config),
mixin:: (import 'github.com/prometheus/node_exporter/docs/node-mixin/mixin.libsonnet') +
(import 'github.com/kubernetes-monitoring/kubernetes-mixin/alerts/add-runbook-links.libsonnet') {
_config+:: ne.config.mixin._config,
_config+:: ne._config.mixin._config,
},
prometheusRule: {
apiVersion: 'monitoring.coreos.com/v1',
kind: 'PrometheusRule',
metadata: {
labels: ne.config.commonLabels + ne.config.mixin.ruleLabels,
name: ne.config.name + '-rules',
namespace: ne.config.namespace,
labels: ne._config.commonLabels + ne._config.mixin.ruleLabels,
name: ne._config.name + '-rules',
namespace: ne._config.namespace,
},
spec: {
local r = if std.objectHasAll(ne.mixin, 'prometheusRules') then ne.mixin.prometheusRules.groups else [],
@ -66,18 +66,18 @@ function(params) {
apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'ClusterRoleBinding',
metadata: {
name: ne.config.name,
labels: ne.config.commonLabels,
name: ne._config.name,
labels: ne._config.commonLabels,
},
roleRef: {
apiGroup: 'rbac.authorization.k8s.io',
kind: 'ClusterRole',
name: ne.config.name,
name: ne._config.name,
},
subjects: [{
kind: 'ServiceAccount',
name: ne.config.name,
namespace: ne.config.namespace,
name: ne._config.name,
namespace: ne._config.namespace,
}],
},
@ -85,8 +85,8 @@ function(params) {
apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'ClusterRole',
metadata: {
name: ne.config.name,
labels: ne.config.commonLabels,
name: ne._config.name,
labels: ne._config.commonLabels,
},
rules: [
{
@ -106,9 +106,9 @@ function(params) {
apiVersion: 'v1',
kind: 'ServiceAccount',
metadata: {
name: ne.config.name,
namespace: ne.config.namespace,
labels: ne.config.commonLabels,
name: ne._config.name,
namespace: ne._config.namespace,
labels: ne._config.commonLabels,
},
},
@ -116,15 +116,15 @@ function(params) {
apiVersion: 'v1',
kind: 'Service',
metadata: {
name: ne.config.name,
namespace: ne.config.namespace,
labels: ne.config.commonLabels,
name: ne._config.name,
namespace: ne._config.namespace,
labels: ne._config.commonLabels,
},
spec: {
ports: [
{ name: 'https', targetPort: 'https', port: ne.config.port },
{ name: 'https', targetPort: 'https', port: ne._config.port },
],
selector: ne.config.selectorLabels,
selector: ne._config.selectorLabels,
clusterIP: 'None',
},
},
@ -133,14 +133,14 @@ function(params) {
apiVersion: 'monitoring.coreos.com/v1',
kind: 'ServiceMonitor',
metadata: {
name: ne.config.name,
namespace: ne.config.namespace,
labels: ne.config.commonLabels,
name: ne._config.name,
namespace: ne._config.namespace,
labels: ne._config.commonLabels,
},
spec: {
jobLabel: 'app.kubernetes.io/name',
selector: {
matchLabels: ne.config.selectorLabels,
matchLabels: ne._config.selectorLabels,
},
endpoints: [{
port: 'https',
@ -165,10 +165,10 @@ function(params) {
daemonset:
local nodeExporter = {
name: ne.config.name,
image: ne.config.image,
name: ne._config.name,
image: ne._config.image,
args: [
'--web.listen-address=' + std.join(':', [ne.config.listenAddress, std.toString(ne.config.port)]),
'--web.listen-address=' + std.join(':', [ne._config.listenAddress, std.toString(ne._config.port)]),
'--path.sysfs=/host/sys',
'--path.rootfs=/host/root',
'--no-collector.wifi',
@ -181,14 +181,14 @@ function(params) {
{ name: 'sys', mountPath: '/host/sys', mountPropagation: 'HostToContainer', readOnly: true },
{ name: 'root', mountPath: '/host/root', mountPropagation: 'HostToContainer', readOnly: true },
],
resources: ne.config.resources,
resources: ne._config.resources,
};
local kubeRbacProxy = krp({
name: 'kube-rbac-proxy',
//image: krpImage,
upstream: 'http://127.0.0.1:' + ne.config.port + '/',
secureListenAddress: '[$(IP)]:' + ne.config.port,
upstream: 'http://127.0.0.1:' + ne._config.port + '/',
secureListenAddress: '[$(IP)]:' + ne._config.port,
// Keep `hostPort` here, rather than in the node-exporter container
// because Kubernetes mandates that if you define a `hostPort` then
// `containerPort` must match. In our case, we are splitting the
@ -198,7 +198,7 @@ function(params) {
// forgo declaring the host port, however it is important to declare
// it so that the scheduler can decide if the pod is schedulable.
ports: [
{ name: 'https', containerPort: ne.config.port, hostPort: ne.config.port },
{ name: 'https', containerPort: ne._config.port, hostPort: ne._config.port },
],
}) + {
env: [
@ -210,18 +210,18 @@ function(params) {
apiVersion: 'apps/v1',
kind: 'DaemonSet',
metadata: {
name: ne.config.name,
namespace: ne.config.namespace,
labels: ne.config.commonLabels,
name: ne._config.name,
namespace: ne._config.namespace,
labels: ne._config.commonLabels,
},
spec: {
selector: { matchLabels: ne.config.selectorLabels },
selector: { matchLabels: ne._config.selectorLabels },
updateStrategy: {
type: 'RollingUpdate',
rollingUpdate: { maxUnavailable: '10%' },
},
template: {
metadata: { labels: ne.config.commonLabels },
metadata: { labels: ne._config.commonLabels },
spec: {
nodeSelector: { 'kubernetes.io/os': 'linux' },
tolerations: [{
@ -232,7 +232,7 @@ function(params) {
{ name: 'sys', hostPath: { path: '/sys' } },
{ name: 'root', hostPath: { path: '/' } },
],
serviceAccountName: ne.config.name,
serviceAccountName: ne._config.name,
securityContext: {
runAsUser: 65534,
runAsNonRoot: true,

74
jsonnet/kube-prometheus/components/prometheus-adapter.libsonnet
View File

@ -56,21 +56,21 @@ local defaults = {
function(params) {
local pa = self,
config:: defaults + params,
_config:: defaults + params,
// Safety check
assert std.isObject(pa.config.resources),
assert std.isObject(pa._config.resources),
apiService: {
apiVersion: 'apiregistration.k8s.io/v1',
kind: 'APIService',
metadata: {
name: 'v1beta1.metrics.k8s.io',
labels: pa.config.commonLabels,
labels: pa._config.commonLabels,
},
spec: {
service: {
name: $.service.metadata.name,
namespace: pa.config.namespace,
namespace: pa._config.namespace,
},
group: 'metrics.k8s.io',
version: 'v1beta1',
@ -85,23 +85,23 @@ function(params) {
kind: 'ConfigMap',
metadata: {
name: 'adapter-config',
namespace: pa.config.namespace,
labels: pa.config.commonLabels,
namespace: pa._config.namespace,
labels: pa._config.commonLabels,
},
data: { 'config.yaml': std.manifestYamlDoc(pa.config.config) },
data: { 'config.yaml': std.manifestYamlDoc(pa._config.config) },
},
serviceMonitor: {
apiVersion: 'monitoring.coreos.com/v1',
kind: 'ServiceMonitor',
metadata: {
name: pa.config.name,
namespace: pa.config.namespace,
labels: pa.config.commonLabels,
name: pa._config.name,
namespace: pa._config.namespace,
labels: pa._config.commonLabels,
},
spec: {
selector: {
matchLabels: pa.config.selectorLabels,
matchLabels: pa._config.selectorLabels,
},
endpoints: [
{
@ -121,28 +121,28 @@ function(params) {
apiVersion: 'v1',
kind: 'Service',
metadata: {
name: pa.config.name,
namespace: pa.config.namespace,
labels: pa.config.commonLabels,
name: pa._config.name,
namespace: pa._config.namespace,
labels: pa._config.commonLabels,
},
spec: {
ports: [
{ name: 'https', targetPort: 6443, port: 443 },
],
selector: pa.config.selectorLabels,
selector: pa._config.selectorLabels,
},
},
deployment:
local c = {
name: pa.config.name,
image: pa.config.image,
name: pa._config.name,
image: pa._config.image,
args: [
'--cert-dir=/var/run/serving-cert',
'--config=/etc/adapter/config.yaml',
'--logtostderr=true',
'--metrics-relist-interval=1m',
'--prometheus-url=' + pa.config.prometheusURL,
'--prometheus-url=' + pa._config.prometheusURL,
'--secure-port=6443',
],
ports: [{ containerPort: 6443 }],
@ -157,13 +157,13 @@ function(params) {
apiVersion: 'apps/v1',
kind: 'Deployment',
metadata: {
name: pa.config.name,
namespace: pa.config.namespace,
labels: pa.config.commonLabels,
name: pa._config.name,
namespace: pa._config.namespace,
labels: pa._config.commonLabels,
},
spec: {
replicas: 1,
selector: { matchLabels: pa.config.selectorLabels },
selector: { matchLabels: pa._config.selectorLabels },
strategy: {
rollingUpdate: {
maxSurge: 1,
@ -171,7 +171,7 @@ function(params) {
},
},
template: {
metadata: { labels: pa.config.commonLabels },
metadata: { labels: pa._config.commonLabels },
spec: {
containers: [c],
serviceAccountName: $.serviceAccount.metadata.name,
@ -190,9 +190,9 @@ function(params) {
apiVersion: 'v1',
kind: 'ServiceAccount',
metadata: {
name: pa.config.name,
namespace: pa.config.namespace,
labels: pa.config.commonLabels,
name: pa._config.name,
namespace: pa._config.namespace,
labels: pa._config.commonLabels,
},
},
@ -200,8 +200,8 @@ function(params) {
apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'ClusterRole',
metadata: {
name: pa.config.name,
labels: pa.config.commonLabels,
name: pa._config.name,
labels: pa._config.commonLabels,
},
rules: [{
apiGroups: [''],
@ -214,8 +214,8 @@ function(params) {
apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'ClusterRoleBinding',
metadata: {
name: pa.config.name,
labels: pa.config.commonLabels,
name: pa._config.name,
labels: pa._config.commonLabels,
},
roleRef: {
apiGroup: 'rbac.authorization.k8s.io',
@ -225,7 +225,7 @@ function(params) {
subjects: [{
kind: 'ServiceAccount',
name: $.serviceAccount.metadata.name,
namespace: pa.config.namespace,
namespace: pa._config.namespace,
}],
},
@ -234,7 +234,7 @@ function(params) {
kind: 'ClusterRoleBinding',
metadata: {
name: 'resource-metrics:system:auth-delegator',
labels: pa.config.commonLabels,
labels: pa._config.commonLabels,
},
roleRef: {
apiGroup: 'rbac.authorization.k8s.io',
@ -244,7 +244,7 @@ function(params) {
subjects: [{
kind: 'ServiceAccount',
name: $.serviceAccount.metadata.name,
namespace: pa.config.namespace,
namespace: pa._config.namespace,
}],
},
@ -253,7 +253,7 @@ function(params) {
kind: 'ClusterRole',
metadata: {
name: 'resource-metrics-server-resources',
labels: pa.config.commonLabels,
labels: pa._config.commonLabels,
},
rules: [{
apiGroups: ['metrics.k8s.io'],
@ -271,7 +271,7 @@ function(params) {
'rbac.authorization.k8s.io/aggregate-to-admin': 'true',
'rbac.authorization.k8s.io/aggregate-to-edit': 'true',
'rbac.authorization.k8s.io/aggregate-to-view': 'true',
} + pa.config.commonLabels,
} + pa._config.commonLabels,
},
rules: [{
apiGroups: ['metrics.k8s.io'],
@ -286,7 +286,7 @@ function(params) {
metadata: {
name: 'resource-metrics-auth-reader',
namespace: 'kube-system',
labels: pa.config.commonLabels,
labels: pa._config.commonLabels,
},
roleRef: {
apiGroup: 'rbac.authorization.k8s.io',
@ -296,7 +296,7 @@ function(params) {
subjects: [{
kind: 'ServiceAccount',
name: $.serviceAccount.metadata.name,
namespace: pa.config.namespace,
namespace: pa._config.namespace,
}],
},
}

10
jsonnet/kube-prometheus/components/prometheus-operator.libsonnet
View File

@ -42,18 +42,20 @@ function(params)
prometheusOperator(config) {
local po = self,
// declare variable as a field to allow overriding options and to have unified API across all components
_config:: config,
mixin:: (import 'github.com/prometheus-operator/prometheus-operator/jsonnet/mixin/mixin.libsonnet') +
(import 'github.com/kubernetes-monitoring/kubernetes-mixin/alerts/add-runbook-links.libsonnet') {
_config+:: config.mixin._config,
_config+:: po._config.mixin._config,
},
prometheusRule: {
apiVersion: 'monitoring.coreos.com/v1',
kind: 'PrometheusRule',
metadata: {
labels: config.commonLabels + config.mixin.ruleLabels,
name: config.name + '-rules',
namespace: config.namespace,
labels: po._config.commonLabels + po._config.mixin.ruleLabels,
name: po._config.name + '-rules',
namespace: po._config.namespace,
},
spec: {
local r = if std.objectHasAll(po.mixin, 'prometheusRules') then po.mixin.prometheusRules.groups else [],

150
jsonnet/kube-prometheus/components/prometheus.libsonnet
View File

@ -44,31 +44,31 @@ local defaults = {
function(params) {
local p = self,
config:: defaults + params,
_config:: defaults + params,
// Safety check
assert std.isObject(p.config.resources),
assert std.isObject(p.config.mixin._config),
assert std.isObject(p._config.resources),
assert std.isObject(p._config.mixin._config),
mixin:: (import 'github.com/prometheus/prometheus/documentation/prometheus-mixin/mixin.libsonnet') +
(import 'github.com/kubernetes-monitoring/kubernetes-mixin/alerts/add-runbook-links.libsonnet') + (
if p.config.thanos != {} then
if p._config.thanos != {} then
(import 'github.com/thanos-io/thanos/mixin/alerts/sidecar.libsonnet') + {
sidecar: {
selector: p.config.mixin._config.thanosSelector,
selector: p._config.mixin._config.thanosSelector,
},
}
else {}
) {
_config+:: p.config.mixin._config,
_config+:: p._config.mixin._config,
},
prometheusRule: {
apiVersion: 'monitoring.coreos.com/v1',
kind: 'PrometheusRule',
metadata: {
labels: p.config.commonLabels + p.config.mixin.ruleLabels,
name: 'prometheus-' + p.config.name + '-prometheus-rules',
namespace: p.config.namespace,
labels: p._config.commonLabels + p._config.mixin.ruleLabels,
name: 'prometheus-' + p._config.name + '-prometheus-rules',
namespace: p._config.namespace,
},
spec: {
local r = if std.objectHasAll(p.mixin, 'prometheusRules') then p.mixin.prometheusRules.groups else [],
@ -81,9 +81,9 @@ function(params) {
apiVersion: 'v1',
kind: 'ServiceAccount',
metadata: {
name: 'prometheus-' + p.config.name,
namespace: p.config.namespace,
labels: p.config.commonLabels,
name: 'prometheus-' + p._config.name,
namespace: p._config.namespace,
labels: p._config.commonLabels,
},
},
@ -91,20 +91,20 @@ function(params) {
apiVersion: 'v1',
kind: 'Service',
metadata: {
name: 'prometheus-' + p.config.name,
namespace: p.config.namespace,
labels: { prometheus: p.config.name } + p.config.commonLabels,
name: 'prometheus-' + p._config.name,
namespace: p._config.namespace,
labels: { prometheus: p._config.name } + p._config.commonLabels,
},
spec: {
ports: [
{ name: 'web', targetPort: 'web', port: 9090 },
] +
(
if p.config.thanos != {} then
if p._config.thanos != {} then
[{ name: 'grpc', port: 10901, targetPort: 10901 }]
else []
),
selector: { app: 'prometheus' } + p.config.selectorLabels,
selector: { app: 'prometheus' } + p._config.selectorLabels,
sessionAffinity: 'ClientIP',
},
},
@ -114,33 +114,33 @@ function(params) {
apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'RoleBinding',
metadata: {
name: 'prometheus-' + p.config.name,
name: 'prometheus-' + p._config.name,
namespace: namespace,
labels: p.config.commonLabels,
labels: p._config.commonLabels,
},
roleRef: {
apiGroup: 'rbac.authorization.k8s.io',
kind: 'Role',
name: 'prometheus-' + p.config.name,
name: 'prometheus-' + p._config.name,
},
subjects: [{
kind: 'ServiceAccount',
name: 'prometheus-' + p.config.name,
namespace: p.config.namespace,
name: 'prometheus-' + p._config.name,
namespace: p._config.namespace,
}],
};
{
apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'RoleBindingList',
items: [newSpecificRoleBinding(x) for x in p.config.namespaces],
items: [newSpecificRoleBinding(x) for x in p._config.namespaces],
},
clusterRole: {
apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'ClusterRole',
metadata: {
name: 'prometheus-' + p.config.name,
labels: p.config.commonLabels,
name: 'prometheus-' + p._config.name,
labels: p._config.commonLabels,
},
rules: [
{
@ -159,9 +159,9 @@ function(params) {
apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'Role',
metadata: {
name: 'prometheus-' + p.config.name + '-config',
namespace: p.config.namespace,
labels: p.config.commonLabels,
name: 'prometheus-' + p._config.name + '-config',
namespace: p._config.namespace,
labels: p._config.commonLabels,
},
rules: [{
apiGroups: [''],
@ -174,19 +174,19 @@ function(params) {
apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'RoleBinding',
metadata: {
name: 'prometheus-' + p.config.name + '-config',
namespace: p.config.namespace,
labels: p.config.commonLabels,
name: 'prometheus-' + p._config.name + '-config',
namespace: p._config.namespace,
labels: p._config.commonLabels,
},
roleRef: {
apiGroup: 'rbac.authorization.k8s.io',
kind: 'Role',
name: 'prometheus-' + p.config.name + '-config',
name: 'prometheus-' + p._config.name + '-config',
},
subjects: [{
kind: 'ServiceAccount',
name: 'prometheus-' + p.config.name,
namespace: p.config.namespace,
name: 'prometheus-' + p._config.name,
namespace: p._config.namespace,
}],
},
@ -194,18 +194,18 @@ function(params) {
apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'ClusterRoleBinding',
metadata: {
name: 'prometheus-' + p.config.name,
labels: p.config.commonLabels,
name: 'prometheus-' + p._config.name,
labels: p._config.commonLabels,
},
roleRef: {
apiGroup: 'rbac.authorization.k8s.io',
kind: 'ClusterRole',
name: 'prometheus-' + p.config.name,
name: 'prometheus-' + p._config.name,
},
subjects: [{
kind: 'ServiceAccount',
name: 'prometheus-' + p.config.name,
namespace: p.config.namespace,
name: 'prometheus-' + p._config.name,
namespace: p._config.namespace,
}],
},
@ -214,9 +214,9 @@ function(params) {
apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'Role',
metadata: {
name: 'prometheus-' + p.config.name,
name: 'prometheus-' + p._config.name,
namespace: namespace,
labels: p.config.commonLabels,
labels: p._config.commonLabels,
},
rules: [
{
@ -234,23 +234,23 @@ function(params) {
{
apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'RoleList',
items: [newSpecificRole(x) for x in p.config.namespaces],
items: [newSpecificRole(x) for x in p._config.namespaces],
},
[if (defaults + params).replicas > 1 then 'podDisruptionBudget']: {
apiVersion: 'policy/v1beta1',
kind: 'PodDisruptionBudget',
metadata: {
name: 'prometheus-' + p.config.name,
namespace: p.config.namespace,
labels: p.config.commonLabels,
name: 'prometheus-' + p._config.name,
namespace: p._config.namespace,
labels: p._config.commonLabels,
},
spec: {
minAvailable: 1,
selector: {
matchLabels: {
prometheus: p.config.name,
} + p.config.selectorLabels,
prometheus: p._config.name,
} + p._config.selectorLabels,
},
},
},
@ -259,19 +259,19 @@ function(params) {
apiVersion: 'monitoring.coreos.com/v1',
kind: 'Prometheus',
metadata: {
name: p.config.name,
namespace: p.config.namespace,
labels: { prometheus: p.config.name } + p.config.commonLabels,
name: p._config.name,
namespace: p._config.namespace,
labels: { prometheus: p._config.name } + p._config.commonLabels,
},
spec: {
replicas: p.config.replicas,
version: p.config.version,
image: p.config.image,
replicas: p._config.replicas,
version: p._config.version,
image: p._config.image,
podMetadata: {
labels: p.config.commonLabels,
labels: p._config.commonLabels,
},
externalLabels: p.config.externalLabels,
serviceAccountName: 'prometheus-' + p.config.name,
externalLabels: p._config.externalLabels,
serviceAccountName: 'prometheus-' + p._config.name,
serviceMonitorSelector: {},
podMonitorSelector: {},
probeSelector: {},
@ -279,12 +279,12 @@ function(params) {
podMonitorNamespaceSelector: {},
probeNamespaceSelector: {},
nodeSelector: { 'kubernetes.io/os': 'linux' },
ruleSelector: p.config.ruleSelector,
resources: p.config.resources,
ruleSelector: p._config.ruleSelector,
resources: p._config.resources,
alerting: {
alertmanagers: [{
namespace: p.config.namespace,
name: 'alertmanager-' + p.config.alertmanagerName,
namespace: p._config.namespace,
name: 'alertmanager-' + p._config.alertmanagerName,
port: 'web',
apiVersion: 'v2',
}],
@ -294,7 +294,7 @@ function(params) {
runAsNonRoot: true,
fsGroup: 2000,
},
[if std.objectHas(params, 'thanos') then 'thanos']: p.config.thanos,
[if std.objectHas(params, 'thanos') then 'thanos']: p._config.thanos,
},
},
@ -302,13 +302,13 @@ function(params) {
apiVersion: 'monitoring.coreos.com/v1',
kind: 'ServiceMonitor',
metadata: {
name: 'prometheus-' + p.config.name,
namespace: p.config.namespace,
labels: p.config.commonLabels,
name: 'prometheus-' + p._config.name,
namespace: p._config.namespace,
labels: p._config.commonLabels,
},
spec: {
selector: {
matchLabels: p.config.selectorLabels,
matchLabels: p._config.selectorLabels,
},
endpoints: [{
port: 'web',
@ -322,10 +322,10 @@ function(params) {
apiVersion: 'v1',
kind: 'Service',
metadata+: {
name: 'prometheus-' + p.config.name + '-thanos-sidecar',
namespace: p.config.namespace,
labels+: p.config.commonLabels {
prometheus: p.config.name,
name: 'prometheus-' + p._config.name + '-thanos-sidecar',
namespace: p._config.namespace,
labels+: p._config.commonLabels {
prometheus: p._config.name,
'app.kubernetes.io/component': 'thanos-sidecar',
},
},
@ -334,8 +334,8 @@ function(params) {
{ name: 'grpc', port: 10901, targetPort: 10901 },
{ name: 'http', port: 10902, targetPort: 10902 },
],
selector: p.config.selectorLabels {
prometheus: p.config.name,
selector: p._config.selectorLabels {
prometheus: p._config.name,
'app.kubernetes.io/component': 'prometheus',
},
clusterIP: 'None',
@ -348,9 +348,9 @@ function(params) {
kind: 'ServiceMonitor',
metadata+: {
name: 'thanos-sidecar',
namespace: p.config.namespace,
labels: p.config.commonLabels {
prometheus: p.config.name,
namespace: p._config.namespace,
labels: p._config.commonLabels {
prometheus: p._config.name,
'app.kubernetes.io/component': 'thanos-sidecar',
},
},
@ -358,7 +358,7 @@ function(params) {
jobLabel: 'app.kubernetes.io/component',
selector: {
matchLabels: {
prometheus: p.config.name,
prometheus: p._config.name,
'app.kubernetes.io/component': 'thanos-sidecar',
},
},

4
jsonnet/kube-prometheus/platforms/eks.libsonnet
View File

@ -69,9 +69,9 @@
apiVersion: 'monitoring.coreos.com/v1',
kind: 'PrometheusRule',
metadata: {
labels: $.prometheus.config.commonLabels + $.prometheus.config.mixin.ruleLabels,
labels: $.prometheus._config.commonLabels + $.prometheus._config.mixin.ruleLabels,
name: 'eks-rules',
namespace: $.prometheus.config.namespace,
namespace: $.prometheus._config.namespace,
},
spec: {
groups: [