mirrors/kube-prometheus
1
0
Fork 0
mirror of https://github.com/prometheus-operator/kube-prometheus.git synced 2025-11-06 11:01:03 +01:00
Code Issues Projects Releases Wiki Activity

jsonnet: unify internal configuration field name

Browse Source 
Signed-off-by: paulfantom <pawel@krupa.net.pl>
This commit is contained in:
paulfantom 2021-03-16 19:14:55 +01:00
parent ed884b0399
commit 0bf34a24f8
No known key found for this signature in database
GPG Key ID: 12AE0185401674E7
14 changed files with 297 additions and 295 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
jsonnet/kube-prometheus/addons/podsecuritypolicies.libsonnet
View File

@ -101,7 +101,7 @@ local restrictedPodSecurityPolicy = {
podSecurityPolicy: podSecurityPolicy:
local blackboxExporterPspPrivileged = local blackboxExporterPspPrivileged =
if $.blackboxExporter.config.privileged then if $.blackboxExporter._config.privileged then
{ {
metadata+: { metadata+: {
name: 'blackbox-exporter-psp', name: 'blackbox-exporter-psp',
@ -209,8 +209,8 @@ local restrictedPodSecurityPolicy = {
hostPID: true, hostPID: true,
hostPorts: [ hostPorts: [
{ {
max: $.nodeExporter.config.port, max: $.nodeExporter._config.port,
min: $.nodeExporter.config.port, min: $.nodeExporter._config.port,
}, },
], ],
readOnlyRootFilesystem: true, readOnlyRootFilesystem: true,

4
jsonnet/kube-prometheus/addons/weave-net/weave-net.libsonnet
View File

@ -52,9 +52,9 @@
apiVersion: 'monitoring.coreos.com/v1', apiVersion: 'monitoring.coreos.com/v1',
kind: 'PrometheusRule', kind: 'PrometheusRule',
metadata: { metadata: {
labels: p.config.mixin.ruleLabels, labels: p._config.mixin.ruleLabels,
name: 'weave-net-rules', name: 'weave-net-rules',
namespace: p.config.namespace, namespace: p._config.namespace,
}, },
spec: { spec: {
groups: [{ groups: [{

80
jsonnet/kube-prometheus/components/alertmanager.libsonnet
View File

@ -72,23 +72,23 @@ local defaults = {
function(params) { function(params) {
local am = self, local am = self,
config:: defaults + params, _config:: defaults + params,
// Safety check // Safety check
assert std.isObject(am.config.resources), assert std.isObject(am._config.resources),
assert std.isObject(am.config.mixin._config), assert std.isObject(am._config.mixin._config),
mixin:: (import 'github.com/prometheus/alertmanager/doc/alertmanager-mixin/mixin.libsonnet') + mixin:: (import 'github.com/prometheus/alertmanager/doc/alertmanager-mixin/mixin.libsonnet') +
(import 'github.com/kubernetes-monitoring/kubernetes-mixin/alerts/add-runbook-links.libsonnet') { (import 'github.com/kubernetes-monitoring/kubernetes-mixin/alerts/add-runbook-links.libsonnet') {
_config+:: am.config.mixin._config, _config+:: am._config.mixin._config,
}, },
prometheusRule: { prometheusRule: {
apiVersion: 'monitoring.coreos.com/v1', apiVersion: 'monitoring.coreos.com/v1',
kind: 'PrometheusRule', kind: 'PrometheusRule',
metadata: { metadata: {
labels: am.config.commonLabels + am.config.mixin.ruleLabels, labels: am._config.commonLabels + am._config.mixin.ruleLabels,
name: 'alertmanager-' + am.config.name + '-rules', name: 'alertmanager-' + am._config.name + '-rules',
namespace: am.config.namespace, namespace: am._config.namespace,
}, },
spec: { spec: {
local r = if std.objectHasAll(am.mixin, 'prometheusRules') then am.mixin.prometheusRules.groups else [], local r = if std.objectHasAll(am.mixin, 'prometheusRules') then am.mixin.prometheusRules.groups else [],
@ -102,16 +102,16 @@ function(params) {
kind: 'Secret', kind: 'Secret',
type: 'Opaque', type: 'Opaque',
metadata: { metadata: {
name: 'alertmanager-' + am.config.name, name: 'alertmanager-' + am._config.name,
namespace: am.config.namespace, namespace: am._config.namespace,
labels: { alertmanager: am.config.name } + am.config.commonLabels, labels: { alertmanager: am._config.name } + am._config.commonLabels,
}, },
stringData: { stringData: {
'alertmanager.yaml': if std.type(am.config.config) == 'object' 'alertmanager.yaml': if std.type(am._config.config) == 'object'
then then
std.manifestYamlDoc(am.config.config) std.manifestYamlDoc(am._config.config)
else else
am.config.config, am._config.config,
}, },
}, },
@ -119,9 +119,9 @@ function(params) {
apiVersion: 'v1', apiVersion: 'v1',
kind: 'ServiceAccount', kind: 'ServiceAccount',
metadata: { metadata: {
name: 'alertmanager-' + am.config.name, name: 'alertmanager-' + am._config.name,
namespace: am.config.namespace, namespace: am._config.namespace,
labels: { alertmanager: am.config.name } + am.config.commonLabels, labels: { alertmanager: am._config.name } + am._config.commonLabels,
}, },
}, },
@ -129,9 +129,9 @@ function(params) {
apiVersion: 'v1', apiVersion: 'v1',
kind: 'Service', kind: 'Service',
metadata: { metadata: {
name: 'alertmanager-' + am.config.name, name: 'alertmanager-' + am._config.name,
namespace: am.config.namespace, namespace: am._config.namespace,
labels: { alertmanager: am.config.name } + am.config.commonLabels, labels: { alertmanager: am._config.name } + am._config.commonLabels,
}, },
spec: { spec: {
ports: [ ports: [
@ -139,8 +139,8 @@ function(params) {
], ],
selector: { selector: {
app: 'alertmanager', app: 'alertmanager',
alertmanager: am.config.name, alertmanager: am._config.name,
} + am.config.selectorLabels, } + am._config.selectorLabels,
sessionAffinity: 'ClientIP', sessionAffinity: 'ClientIP',
}, },
}, },
@ -150,14 +150,14 @@ function(params) {
kind: 'ServiceMonitor', kind: 'ServiceMonitor',
metadata: { metadata: {
name: 'alertmanager', name: 'alertmanager',
namespace: am.config.namespace, namespace: am._config.namespace,
labels: am.config.commonLabels, labels: am._config.commonLabels,
}, },
spec: { spec: {
selector: { selector: {
matchLabels: { matchLabels: {
alertmanager: am.config.name, alertmanager: am._config.name,
} + am.config.selectorLabels, } + am._config.selectorLabels,
}, },
endpoints: [ endpoints: [
{ port: 'web', interval: '30s' }, { port: 'web', interval: '30s' },
@ -169,16 +169,16 @@ function(params) {
apiVersion: 'policy/v1beta1', apiVersion: 'policy/v1beta1',
kind: 'PodDisruptionBudget', kind: 'PodDisruptionBudget',
metadata: { metadata: {
name: 'alertmanager-' + am.config.name, name: 'alertmanager-' + am._config.name,
namespace: am.config.namespace, namespace: am._config.namespace,
labels: am.config.commonLabels, labels: am._config.commonLabels,
}, },
spec: { spec: {
maxUnavailable: 1, maxUnavailable: 1,
selector: { selector: {
matchLabels: { matchLabels: {
alertmanager: am.config.name, alertmanager: am._config.name,
} + am.config.selectorLabels, } + am._config.selectorLabels,
}, },
}, },
}, },
@ -187,22 +187,22 @@ function(params) {
apiVersion: 'monitoring.coreos.com/v1', apiVersion: 'monitoring.coreos.com/v1',
kind: 'Alertmanager', kind: 'Alertmanager',
metadata: { metadata: {
name: am.config.name, name: am._config.name,
namespace: am.config.namespace, namespace: am._config.namespace,
labels: { labels: {
alertmanager: am.config.name, alertmanager: am._config.name,
} + am.config.commonLabels, } + am._config.commonLabels,
}, },
spec: { spec: {
replicas: am.config.replicas, replicas: am._config.replicas,
version: am.config.version, version: am._config.version,
image: am.config.image, image: am._config.image,
podMetadata: { podMetadata: {
labels: am.config.commonLabels, labels: am._config.commonLabels,
}, },
resources: am.config.resources, resources: am._config.resources,
nodeSelector: { 'kubernetes.io/os': 'linux' }, nodeSelector: { 'kubernetes.io/os': 'linux' },
serviceAccountName: 'alertmanager-' + am.config.name, serviceAccountName: 'alertmanager-' + am._config.name,
securityContext: { securityContext: {
runAsUser: 1000, runAsUser: 1000,
runAsNonRoot: true, runAsNonRoot: true,

62
jsonnet/kube-prometheus/components/blackbox-exporter.libsonnet
View File

@ -88,20 +88,20 @@ local defaults = {
function(params) { function(params) {
local bb = self, local bb = self,
config:: defaults + params, _config:: defaults + params,
// Safety check // Safety check
assert std.isObject(bb.config.resources), assert std.isObject(bb._config.resources),
configuration: { configuration: {
apiVersion: 'v1', apiVersion: 'v1',
kind: 'ConfigMap', kind: 'ConfigMap',
metadata: { metadata: {
name: 'blackbox-exporter-configuration', name: 'blackbox-exporter-configuration',
namespace: bb.config.namespace, namespace: bb._config.namespace,
labels: bb.config.commonLabels, labels: bb._config.commonLabels,
}, },
data: { data: {
'config.yml': std.manifestYamlDoc({ modules: bb.config.modules }), 'config.yml': std.manifestYamlDoc({ modules: bb._config.modules }),
}, },
}, },
@ -110,7 +110,7 @@ function(params) {
kind: 'ServiceAccount', kind: 'ServiceAccount',
metadata: { metadata: {
name: 'blackbox-exporter', name: 'blackbox-exporter',
namespace: bb.config.namespace, namespace: bb._config.namespace,
}, },
}, },
@ -148,24 +148,24 @@ function(params) {
subjects: [{ subjects: [{
kind: 'ServiceAccount', kind: 'ServiceAccount',
name: 'blackbox-exporter', name: 'blackbox-exporter',
namespace: bb.config.namespace, namespace: bb._config.namespace,
}], }],
}, },
deployment: deployment:
local blackboxExporter = { local blackboxExporter = {
name: 'blackbox-exporter', name: 'blackbox-exporter',
image: bb.config.image, image: bb._config.image,
args: [ args: [
'--config.file=/etc/blackbox_exporter/config.yml', '--config.file=/etc/blackbox_exporter/config.yml',
'--web.listen-address=:%d' % bb.config.internalPort, '--web.listen-address=:%d' % bb._config.internalPort,
], ],
ports: [{ ports: [{
name: 'http', name: 'http',
containerPort: bb.config.internalPort, containerPort: bb._config.internalPort,
}], }],
resources: bb.config.resources, resources: bb._config.resources,
securityContext: if bb.config.privileged then { securityContext: if bb._config.privileged then {
runAsNonRoot: false, runAsNonRoot: false,
capabilities: { drop: ['ALL'], add: ['NET_RAW'] }, capabilities: { drop: ['ALL'], add: ['NET_RAW'] },
} else { } else {
@ -181,12 +181,12 @@ function(params) {
local reloader = { local reloader = {
name: 'module-configmap-reloader', name: 'module-configmap-reloader',
image: bb.config.configmapReloaderImage, image: bb._config.configmapReloaderImage,
args: [ args: [
'--webhook-url=http://localhost:%d/-/reload' % bb.config.internalPort, '--webhook-url=http://localhost:%d/-/reload' % bb._config.internalPort,
'--volume-dir=/etc/blackbox_exporter/', '--volume-dir=/etc/blackbox_exporter/',
], ],
resources: bb.config.resources, resources: bb._config.resources,
securityContext: { runAsNonRoot: true, runAsUser: 65534 }, securityContext: { runAsNonRoot: true, runAsUser: 65534 },
terminationMessagePath: '/dev/termination-log', terminationMessagePath: '/dev/termination-log',
terminationMessagePolicy: 'FallbackToLogsOnError', terminationMessagePolicy: 'FallbackToLogsOnError',
@ -199,10 +199,10 @@ function(params) {
local kubeRbacProxy = krp({ local kubeRbacProxy = krp({
name: 'kube-rbac-proxy', name: 'kube-rbac-proxy',
upstream: 'http://127.0.0.1:' + bb.config.internalPort + '/', upstream: 'http://127.0.0.1:' + bb._config.internalPort + '/',
secureListenAddress: ':' + bb.config.port, secureListenAddress: ':' + bb._config.port,
ports: [ ports: [
{ name: 'https', containerPort: bb.config.port }, { name: 'https', containerPort: bb._config.port },
], ],
}); });
@ -211,14 +211,14 @@ function(params) {
kind: 'Deployment', kind: 'Deployment',
metadata: { metadata: {
name: 'blackbox-exporter', name: 'blackbox-exporter',
namespace: bb.config.namespace, namespace: bb._config.namespace,
labels: bb.config.commonLabels, labels: bb._config.commonLabels,
}, },
spec: { spec: {
replicas: bb.config.replicas, replicas: bb._config.replicas,
selector: { matchLabels: bb.config.selectorLabels }, selector: { matchLabels: bb._config.selectorLabels },
template: { template: {
metadata: { labels: bb.config.commonLabels }, metadata: { labels: bb._config.commonLabels },
spec: { spec: {
containers: [blackboxExporter, reloader, kubeRbacProxy], containers: [blackboxExporter, reloader, kubeRbacProxy],
nodeSelector: { 'kubernetes.io/os': 'linux' }, nodeSelector: { 'kubernetes.io/os': 'linux' },
@ -237,20 +237,20 @@ function(params) {
kind: 'Service', kind: 'Service',
metadata: { metadata: {
name: 'blackbox-exporter', name: 'blackbox-exporter',
namespace: bb.config.namespace, namespace: bb._config.namespace,
labels: bb.config.commonLabels, labels: bb._config.commonLabels,
}, },
spec: { spec: {
ports: [{ ports: [{
name: 'https', name: 'https',
port: bb.config.port, port: bb._config.port,
targetPort: 'https', targetPort: 'https',
}, { }, {
name: 'probe', name: 'probe',
port: bb.config.internalPort, port: bb._config.internalPort,
targetPort: 'http', targetPort: 'http',
}], }],
selector: bb.config.selectorLabels, selector: bb._config.selectorLabels,
}, },
}, },
@ -260,8 +260,8 @@ function(params) {
kind: 'ServiceMonitor', kind: 'ServiceMonitor',
metadata: { metadata: {
name: 'blackbox-exporter', name: 'blackbox-exporter',
namespace: bb.config.namespace, namespace: bb._config.namespace,
labels: bb.config.commonLabels, labels: bb._config.commonLabels,
}, },
spec: { spec: {
endpoints: [{ endpoints: [{
@ -275,7 +275,7 @@ function(params) {
}, },
}], }],
selector: { selector: {
matchLabels: bb.config.selectorLabels, matchLabels: bb._config.selectorLabels,
}, },
}, },
}, },

38
jsonnet/kube-prometheus/components/grafana.libsonnet
View File

@ -33,35 +33,35 @@ local defaults = {
function(params) { function(params) {
local g = self, local g = self,
cfg:: defaults + params, _config:: defaults + params,
// Safety check // Safety check
assert std.isObject(g.cfg.resources), assert std.isObject(g._config.resources),
local glib = (import 'github.com/brancz/kubernetes-grafana/grafana/grafana.libsonnet') + { local glib = (import 'github.com/brancz/kubernetes-grafana/grafana/grafana.libsonnet') + {
_config+:: { _config+:: {
namespace: g.cfg.namespace, namespace: g._config.namespace,
versions+:: { versions+:: {
grafana: g.cfg.version, grafana: g._config.version,
}, },
imageRepos+:: { imageRepos+:: {
grafana: g.cfg.imageRepos, grafana: g._config.imageRepos,
}, },
prometheus+:: { prometheus+:: {
name: g.cfg.prometheusName, name: g._config.prometheusName,
}, },
grafana+:: { grafana+:: {
labels: g.cfg.commonLabels, labels: g._config.commonLabels,
dashboards: g.cfg.dashboards, dashboards: g._config.dashboards,
resources: g.cfg.resources, resources: g._config.resources,
rawDashboards: g.cfg.rawDashboards, rawDashboards: g._config.rawDashboards,
folderDashboards: g.cfg.folderDashboards, folderDashboards: g._config.folderDashboards,
containers: g.cfg.containers, containers: g._config.containers,
config+: g.cfg.config, config+: g._config.config,
plugins+: g.cfg.plugins, plugins+: g._config.plugins,
} + ( } + (
// Conditionally overwrite default setting. // Conditionally overwrite default setting.
if std.length(g.cfg.datasources) > 0 then if std.length(g._config.datasources) > 0 then
{ datasources: g.cfg.datasources } { datasources: g._config.datasources }
else {} else {}
), ),
}, },
@ -75,7 +75,7 @@ function(params) {
dashboardDatasources: glib.grafana.dashboardDatasources, dashboardDatasources: glib.grafana.dashboardDatasources,
dashboardSources: glib.grafana.dashboardSources, dashboardSources: glib.grafana.dashboardSources,
dashboardDefinitions: if std.length(g.cfg.dashboards) > 0 then { dashboardDefinitions: if std.length(g._config.dashboards) > 0 then {
apiVersion: 'v1', apiVersion: 'v1',
kind: 'ConfigMapList', kind: 'ConfigMapList',
items: glib.grafana.dashboardDefinitions, items: glib.grafana.dashboardDefinitions,
@ -85,8 +85,8 @@ function(params) {
kind: 'ServiceMonitor', kind: 'ServiceMonitor',
metadata: { metadata: {
name: 'grafana', name: 'grafana',
namespace: g.cfg.namespace, namespace: g._config.namespace,
labels: g.cfg.commonLabels, labels: g._config.commonLabels,
}, },
spec: { spec: {
selector: { selector: {

18
jsonnet/kube-prometheus/components/k8s-control-plane.libsonnet
View File

@ -26,19 +26,19 @@ local defaults = {
function(params) { function(params) {
local k8s = self, local k8s = self,
config:: defaults + params, _config:: defaults + params,
mixin:: (import 'github.com/kubernetes-monitoring/kubernetes-mixin/mixin.libsonnet') { mixin:: (import 'github.com/kubernetes-monitoring/kubernetes-mixin/mixin.libsonnet') {
_config+:: k8s.config.mixin._config, _config+:: k8s._config.mixin._config,
}, },
prometheusRule: { prometheusRule: {
apiVersion: 'monitoring.coreos.com/v1', apiVersion: 'monitoring.coreos.com/v1',
kind: 'PrometheusRule', kind: 'PrometheusRule',
metadata: { metadata: {
labels: k8s.config.commonLabels + k8s.config.mixin.ruleLabels, labels: k8s._config.commonLabels + k8s._config.mixin.ruleLabels,
name: 'kubernetes-monitoring-rules', name: 'kubernetes-monitoring-rules',
namespace: k8s.config.namespace, namespace: k8s._config.namespace,
}, },
spec: { spec: {
local r = if std.objectHasAll(k8s.mixin, 'prometheusRules') then k8s.mixin.prometheusRules.groups else {}, local r = if std.objectHasAll(k8s.mixin, 'prometheusRules') then k8s.mixin.prometheusRules.groups else {},
@ -52,7 +52,7 @@ function(params) {
kind: 'ServiceMonitor', kind: 'ServiceMonitor',
metadata: { metadata: {
name: 'kube-scheduler', name: 'kube-scheduler',
namespace: k8s.config.namespace, namespace: k8s._config.namespace,
labels: { 'app.kubernetes.io/name': 'kube-scheduler' }, labels: { 'app.kubernetes.io/name': 'kube-scheduler' },
}, },
spec: { spec: {
@ -78,7 +78,7 @@ function(params) {
kind: 'ServiceMonitor', kind: 'ServiceMonitor',
metadata: { metadata: {
name: 'kubelet', name: 'kubelet',
namespace: k8s.config.namespace, namespace: k8s._config.namespace,
labels: { 'app.kubernetes.io/name': 'kubelet' }, labels: { 'app.kubernetes.io/name': 'kubelet' },
}, },
spec: { spec: {
@ -150,7 +150,7 @@ function(params) {
kind: 'ServiceMonitor', kind: 'ServiceMonitor',
metadata: { metadata: {
name: 'kube-controller-manager', name: 'kube-controller-manager',
namespace: k8s.config.namespace, namespace: k8s._config.namespace,
labels: { 'app.kubernetes.io/name': 'kube-controller-manager' }, labels: { 'app.kubernetes.io/name': 'kube-controller-manager' },
}, },
spec: { spec: {
@ -185,7 +185,7 @@ function(params) {
kind: 'ServiceMonitor', kind: 'ServiceMonitor',
metadata: { metadata: {
name: 'kube-apiserver', name: 'kube-apiserver',
namespace: k8s.config.namespace, namespace: k8s._config.namespace,
labels: { 'app.kubernetes.io/name': 'apiserver' }, labels: { 'app.kubernetes.io/name': 'apiserver' },
}, },
spec: { spec: {
@ -239,7 +239,7 @@ function(params) {
kind: 'ServiceMonitor', kind: 'ServiceMonitor',
metadata: { metadata: {
name: 'coredns', name: 'coredns',
namespace: k8s.config.namespace, namespace: k8s._config.namespace,
labels: { 'app.kubernetes.io/name': 'coredns' }, labels: { 'app.kubernetes.io/name': 'coredns' },
}, },
spec: { spec: {

18
jsonnet/kube-prometheus/components/kube-rbac-proxy.libsonnet
View File

@ -41,20 +41,20 @@ local defaults = {
function(params) { function(params) {
local krp = self, local krp = self,
config:: defaults + params, _config:: defaults + params,
// Safety check // Safety check
assert std.isObject(krp.config.resources), assert std.isObject(krp._config.resources),
name: krp.config.name, name: krp._config.name,
image: krp.config.image, image: krp._config.image,
args: [ args: [
'--logtostderr', '--logtostderr',
'--secure-listen-address=' + krp.config.secureListenAddress, '--secure-listen-address=' + krp._config.secureListenAddress,
'--tls-cipher-suites=' + std.join(',', krp.config.tlsCipherSuites), '--tls-cipher-suites=' + std.join(',', krp._config.tlsCipherSuites),
'--upstream=' + krp.config.upstream, '--upstream=' + krp._config.upstream,
], ],
resources: krp.config.resources, resources: krp._config.resources,
ports: krp.config.ports, ports: krp._config.ports,
securityContext: { securityContext: {
runAsUser: 65532, runAsUser: 65532,
runAsGroup: 65532, runAsGroup: 65532,

40
jsonnet/kube-prometheus/components/kube-state-metrics.libsonnet
View File

@ -35,30 +35,30 @@ local defaults = {
function(params) (import 'github.com/kubernetes/kube-state-metrics/jsonnet/kube-state-metrics/kube-state-metrics.libsonnet') { function(params) (import 'github.com/kubernetes/kube-state-metrics/jsonnet/kube-state-metrics/kube-state-metrics.libsonnet') {
local ksm = self, local ksm = self,
config:: defaults + params, _config:: defaults + params,
// Safety check // Safety check
assert std.isObject(ksm.config.resources), assert std.isObject(ksm._config.resources),
assert std.isObject(ksm.config.mixin._config), assert std.isObject(ksm._config.mixin._config),
name:: ksm.config.name, name:: ksm._config.name,
namespace:: ksm.config.namespace, namespace:: ksm._config.namespace,
version:: ksm.config.version, version:: ksm._config.version,
image:: ksm.config.image, image:: ksm._config.image,
commonLabels:: ksm.config.commonLabels, commonLabels:: ksm._config.commonLabels,
podLabels:: ksm.config.selectorLabels, podLabels:: ksm._config.selectorLabels,
mixin:: (import 'github.com/kubernetes/kube-state-metrics/jsonnet/kube-state-metrics-mixin/mixin.libsonnet') + mixin:: (import 'github.com/kubernetes/kube-state-metrics/jsonnet/kube-state-metrics-mixin/mixin.libsonnet') +
(import 'github.com/kubernetes-monitoring/kubernetes-mixin/alerts/add-runbook-links.libsonnet') { (import 'github.com/kubernetes-monitoring/kubernetes-mixin/alerts/add-runbook-links.libsonnet') {
_config+:: ksm.config.mixin._config, _config+:: ksm._config.mixin._config,
}, },
prometheusRule: { prometheusRule: {
apiVersion: 'monitoring.coreos.com/v1', apiVersion: 'monitoring.coreos.com/v1',
kind: 'PrometheusRule', kind: 'PrometheusRule',
metadata: { metadata: {
labels: ksm.config.commonLabels + ksm.config.mixin.ruleLabels, labels: ksm._config.commonLabels + ksm._config.mixin.ruleLabels,
name: ksm.config.name + '-rules', name: ksm._config.name + '-rules',
namespace: ksm.config.namespace, namespace: ksm._config.namespace,
}, },
spec: { spec: {
local r = if std.objectHasAll(ksm.mixin, 'prometheusRules') then ksm.mixin.prometheusRules.groups else [], local r = if std.objectHasAll(ksm.mixin, 'prometheusRules') then ksm.mixin.prometheusRules.groups else [],
@ -115,7 +115,7 @@ function(params) (import 'github.com/kubernetes/kube-state-metrics/jsonnet/kube-
livenessProbe:: null, livenessProbe:: null,
readinessProbe:: null, readinessProbe:: null,
args: ['--host=127.0.0.1', '--port=8081', '--telemetry-host=127.0.0.1', '--telemetry-port=8082'], args: ['--host=127.0.0.1', '--port=8081', '--telemetry-host=127.0.0.1', '--telemetry-port=8082'],
resources: ksm.config.resources, resources: ksm._config.resources,
}, super.containers) + [kubeRbacProxyMain, kubeRbacProxySelf], }, super.containers) + [kubeRbacProxyMain, kubeRbacProxySelf],
}, },
}, },
@ -127,18 +127,18 @@ function(params) (import 'github.com/kubernetes/kube-state-metrics/jsonnet/kube-
kind: 'ServiceMonitor', kind: 'ServiceMonitor',
metadata: { metadata: {
name: ksm.name, name: ksm.name,
namespace: ksm.config.namespace, namespace: ksm._config.namespace,
labels: ksm.config.commonLabels, labels: ksm._config.commonLabels,
}, },
spec: { spec: {
jobLabel: 'app.kubernetes.io/name', jobLabel: 'app.kubernetes.io/name',
selector: { matchLabels: ksm.config.selectorLabels }, selector: { matchLabels: ksm._config.selectorLabels },
endpoints: [ endpoints: [
{ {
port: 'https-main', port: 'https-main',
scheme: 'https', scheme: 'https',
interval: ksm.config.scrapeInterval, interval: ksm._config.scrapeInterval,
scrapeTimeout: ksm.config.scrapeTimeout, scrapeTimeout: ksm._config.scrapeTimeout,
honorLabels: true, honorLabels: true,
bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token', bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token',
relabelings: [ relabelings: [
@ -154,7 +154,7 @@ function(params) (import 'github.com/kubernetes/kube-state-metrics/jsonnet/kube-
{ {
port: 'https-self', port: 'https-self',
scheme: 'https', scheme: 'https',
interval: ksm.config.scrapeInterval, interval: ksm._config.scrapeInterval,
bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token', bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token',
tlsConfig: { tlsConfig: {
insecureSkipVerify: true, insecureSkipVerify: true,

10
jsonnet/kube-prometheus/components/mixin/custom.libsonnet
View File

@ -18,22 +18,22 @@ local defaults = {
function(params) { function(params) {
local m = self, local m = self,
config:: defaults + params, _config:: defaults + params,
local alertsandrules = (import './alerts/alerts.libsonnet') + (import './rules/rules.libsonnet'), local alertsandrules = (import './alerts/alerts.libsonnet') + (import './rules/rules.libsonnet'),
mixin:: alertsandrules + mixin:: alertsandrules +
(import 'github.com/kubernetes-monitoring/kubernetes-mixin/alerts/add-runbook-links.libsonnet') { (import 'github.com/kubernetes-monitoring/kubernetes-mixin/alerts/add-runbook-links.libsonnet') {
_config+:: m.config.mixin._config, _config+:: m._config.mixin._config,
}, },
prometheusRule: { prometheusRule: {
apiVersion: 'monitoring.coreos.com/v1', apiVersion: 'monitoring.coreos.com/v1',
kind: 'PrometheusRule', kind: 'PrometheusRule',
metadata: { metadata: {
labels: m.config.commonLabels + m.config.mixin.ruleLabels, labels: m._config.commonLabels + m._config.mixin.ruleLabels,
name: m.config.name + '-rules', name: m._config.name + '-rules',
namespace: m.config.namespace, namespace: m._config.namespace,
}, },
spec: { spec: {
local r = if std.objectHasAll(m.mixin, 'prometheusRules') then m.mixin.prometheusRules.groups else [], local r = if std.objectHasAll(m.mixin, 'prometheusRules') then m.mixin.prometheusRules.groups else [],

78
jsonnet/kube-prometheus/components/node-exporter.libsonnet
View File

@ -37,23 +37,23 @@ local defaults = {
function(params) { function(params) {
local ne = self, local ne = self,
config:: defaults + params, _config:: defaults + params,
// Safety check // Safety check
assert std.isObject(ne.config.resources), assert std.isObject(ne._config.resources),
assert std.isObject(ne.config.mixin._config), assert std.isObject(ne._config.mixin._config),
mixin:: (import 'github.com/prometheus/node_exporter/docs/node-mixin/mixin.libsonnet') + mixin:: (import 'github.com/prometheus/node_exporter/docs/node-mixin/mixin.libsonnet') +
(import 'github.com/kubernetes-monitoring/kubernetes-mixin/alerts/add-runbook-links.libsonnet') { (import 'github.com/kubernetes-monitoring/kubernetes-mixin/alerts/add-runbook-links.libsonnet') {
_config+:: ne.config.mixin._config, _config+:: ne._config.mixin._config,
}, },
prometheusRule: { prometheusRule: {
apiVersion: 'monitoring.coreos.com/v1', apiVersion: 'monitoring.coreos.com/v1',
kind: 'PrometheusRule', kind: 'PrometheusRule',
metadata: { metadata: {
labels: ne.config.commonLabels + ne.config.mixin.ruleLabels, labels: ne._config.commonLabels + ne._config.mixin.ruleLabels,
name: ne.config.name + '-rules', name: ne._config.name + '-rules',
namespace: ne.config.namespace, namespace: ne._config.namespace,
}, },
spec: { spec: {
local r = if std.objectHasAll(ne.mixin, 'prometheusRules') then ne.mixin.prometheusRules.groups else [], local r = if std.objectHasAll(ne.mixin, 'prometheusRules') then ne.mixin.prometheusRules.groups else [],
@ -66,18 +66,18 @@ function(params) {
apiVersion: 'rbac.authorization.k8s.io/v1', apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'ClusterRoleBinding', kind: 'ClusterRoleBinding',
metadata: { metadata: {
name: ne.config.name, name: ne._config.name,
labels: ne.config.commonLabels, labels: ne._config.commonLabels,
}, },
roleRef: { roleRef: {
apiGroup: 'rbac.authorization.k8s.io', apiGroup: 'rbac.authorization.k8s.io',
kind: 'ClusterRole', kind: 'ClusterRole',
name: ne.config.name, name: ne._config.name,
}, },
subjects: [{ subjects: [{
kind: 'ServiceAccount', kind: 'ServiceAccount',
name: ne.config.name, name: ne._config.name,
namespace: ne.config.namespace, namespace: ne._config.namespace,
}], }],
}, },
@ -85,8 +85,8 @@ function(params) {
apiVersion: 'rbac.authorization.k8s.io/v1', apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'ClusterRole', kind: 'ClusterRole',
metadata: { metadata: {
name: ne.config.name, name: ne._config.name,
labels: ne.config.commonLabels, labels: ne._config.commonLabels,
}, },
rules: [ rules: [
{ {
@ -106,9 +106,9 @@ function(params) {
apiVersion: 'v1', apiVersion: 'v1',
kind: 'ServiceAccount', kind: 'ServiceAccount',
metadata: { metadata: {
name: ne.config.name, name: ne._config.name,
namespace: ne.config.namespace, namespace: ne._config.namespace,
labels: ne.config.commonLabels, labels: ne._config.commonLabels,
}, },
}, },
@ -116,15 +116,15 @@ function(params) {
apiVersion: 'v1', apiVersion: 'v1',
kind: 'Service', kind: 'Service',
metadata: { metadata: {
name: ne.config.name, name: ne._config.name,
namespace: ne.config.namespace, namespace: ne._config.namespace,
labels: ne.config.commonLabels, labels: ne._config.commonLabels,
}, },
spec: { spec: {
ports: [ ports: [
{ name: 'https', targetPort: 'https', port: ne.config.port }, { name: 'https', targetPort: 'https', port: ne._config.port },
], ],
selector: ne.config.selectorLabels, selector: ne._config.selectorLabels,
clusterIP: 'None', clusterIP: 'None',
}, },
}, },
@ -133,14 +133,14 @@ function(params) {
apiVersion: 'monitoring.coreos.com/v1', apiVersion: 'monitoring.coreos.com/v1',
kind: 'ServiceMonitor', kind: 'ServiceMonitor',
metadata: { metadata: {
name: ne.config.name, name: ne._config.name,
namespace: ne.config.namespace, namespace: ne._config.namespace,
labels: ne.config.commonLabels, labels: ne._config.commonLabels,
}, },
spec: { spec: {
jobLabel: 'app.kubernetes.io/name', jobLabel: 'app.kubernetes.io/name',
selector: { selector: {
matchLabels: ne.config.selectorLabels, matchLabels: ne._config.selectorLabels,
}, },
endpoints: [{ endpoints: [{
port: 'https', port: 'https',
@ -165,10 +165,10 @@ function(params) {
daemonset: daemonset:
local nodeExporter = { local nodeExporter = {
name: ne.config.name, name: ne._config.name,
image: ne.config.image, image: ne._config.image,
args: [ args: [
'--web.listen-address=' + std.join(':', [ne.config.listenAddress, std.toString(ne.config.port)]), '--web.listen-address=' + std.join(':', [ne._config.listenAddress, std.toString(ne._config.port)]),
'--path.sysfs=/host/sys', '--path.sysfs=/host/sys',
'--path.rootfs=/host/root', '--path.rootfs=/host/root',
'--no-collector.wifi', '--no-collector.wifi',
@ -181,14 +181,14 @@ function(params) {
{ name: 'sys', mountPath: '/host/sys', mountPropagation: 'HostToContainer', readOnly: true }, { name: 'sys', mountPath: '/host/sys', mountPropagation: 'HostToContainer', readOnly: true },
{ name: 'root', mountPath: '/host/root', mountPropagation: 'HostToContainer', readOnly: true }, { name: 'root', mountPath: '/host/root', mountPropagation: 'HostToContainer', readOnly: true },
], ],
resources: ne.config.resources, resources: ne._config.resources,
}; };
local kubeRbacProxy = krp({ local kubeRbacProxy = krp({
name: 'kube-rbac-proxy', name: 'kube-rbac-proxy',
//image: krpImage, //image: krpImage,
upstream: 'http://127.0.0.1:' + ne.config.port + '/', upstream: 'http://127.0.0.1:' + ne._config.port + '/',
secureListenAddress: '[$(IP)]:' + ne.config.port, secureListenAddress: '[$(IP)]:' + ne._config.port,
// Keep `hostPort` here, rather than in the node-exporter container // Keep `hostPort` here, rather than in the node-exporter container
// because Kubernetes mandates that if you define a `hostPort` then // because Kubernetes mandates that if you define a `hostPort` then
// `containerPort` must match. In our case, we are splitting the // `containerPort` must match. In our case, we are splitting the
@ -198,7 +198,7 @@ function(params) {
// forgo declaring the host port, however it is important to declare // forgo declaring the host port, however it is important to declare
// it so that the scheduler can decide if the pod is schedulable. // it so that the scheduler can decide if the pod is schedulable.
ports: [ ports: [
{ name: 'https', containerPort: ne.config.port, hostPort: ne.config.port }, { name: 'https', containerPort: ne._config.port, hostPort: ne._config.port },
], ],
}) + { }) + {
env: [ env: [
@ -210,18 +210,18 @@ function(params) {
apiVersion: 'apps/v1', apiVersion: 'apps/v1',
kind: 'DaemonSet', kind: 'DaemonSet',
metadata: { metadata: {
name: ne.config.name, name: ne._config.name,
namespace: ne.config.namespace, namespace: ne._config.namespace,
labels: ne.config.commonLabels, labels: ne._config.commonLabels,
}, },
spec: { spec: {
selector: { matchLabels: ne.config.selectorLabels }, selector: { matchLabels: ne._config.selectorLabels },
updateStrategy: { updateStrategy: {
type: 'RollingUpdate', type: 'RollingUpdate',
rollingUpdate: { maxUnavailable: '10%' }, rollingUpdate: { maxUnavailable: '10%' },
}, },
template: { template: {
metadata: { labels: ne.config.commonLabels }, metadata: { labels: ne._config.commonLabels },
spec: { spec: {
nodeSelector: { 'kubernetes.io/os': 'linux' }, nodeSelector: { 'kubernetes.io/os': 'linux' },
tolerations: [{ tolerations: [{
@ -232,7 +232,7 @@ function(params) {
{ name: 'sys', hostPath: { path: '/sys' } }, { name: 'sys', hostPath: { path: '/sys' } },
{ name: 'root', hostPath: { path: '/' } }, { name: 'root', hostPath: { path: '/' } },
], ],
serviceAccountName: ne.config.name, serviceAccountName: ne._config.name,
securityContext: { securityContext: {
runAsUser: 65534, runAsUser: 65534,
runAsNonRoot: true, runAsNonRoot: true,

74
jsonnet/kube-prometheus/components/prometheus-adapter.libsonnet
View File

@ -56,21 +56,21 @@ local defaults = {
function(params) { function(params) {
local pa = self, local pa = self,
config:: defaults + params, _config:: defaults + params,
// Safety check // Safety check
assert std.isObject(pa.config.resources), assert std.isObject(pa._config.resources),
apiService: { apiService: {
apiVersion: 'apiregistration.k8s.io/v1', apiVersion: 'apiregistration.k8s.io/v1',
kind: 'APIService', kind: 'APIService',
metadata: { metadata: {
name: 'v1beta1.metrics.k8s.io', name: 'v1beta1.metrics.k8s.io',
labels: pa.config.commonLabels, labels: pa._config.commonLabels,
}, },
spec: { spec: {
service: { service: {
name: $.service.metadata.name, name: $.service.metadata.name,
namespace: pa.config.namespace, namespace: pa._config.namespace,
}, },
group: 'metrics.k8s.io', group: 'metrics.k8s.io',
version: 'v1beta1', version: 'v1beta1',
@ -85,23 +85,23 @@ function(params) {
kind: 'ConfigMap', kind: 'ConfigMap',
metadata: { metadata: {
name: 'adapter-config', name: 'adapter-config',
namespace: pa.config.namespace, namespace: pa._config.namespace,
labels: pa.config.commonLabels, labels: pa._config.commonLabels,
}, },
data: { 'config.yaml': std.manifestYamlDoc(pa.config.config) }, data: { 'config.yaml': std.manifestYamlDoc(pa._config.config) },
}, },
serviceMonitor: { serviceMonitor: {
apiVersion: 'monitoring.coreos.com/v1', apiVersion: 'monitoring.coreos.com/v1',
kind: 'ServiceMonitor', kind: 'ServiceMonitor',
metadata: { metadata: {
name: pa.config.name, name: pa._config.name,
namespace: pa.config.namespace, namespace: pa._config.namespace,
labels: pa.config.commonLabels, labels: pa._config.commonLabels,
}, },
spec: { spec: {
selector: { selector: {
matchLabels: pa.config.selectorLabels, matchLabels: pa._config.selectorLabels,
}, },
endpoints: [ endpoints: [
{ {
@ -121,28 +121,28 @@ function(params) {
apiVersion: 'v1', apiVersion: 'v1',
kind: 'Service', kind: 'Service',
metadata: { metadata: {
name: pa.config.name, name: pa._config.name,
namespace: pa.config.namespace, namespace: pa._config.namespace,
labels: pa.config.commonLabels, labels: pa._config.commonLabels,
}, },
spec: { spec: {
ports: [ ports: [
{ name: 'https', targetPort: 6443, port: 443 }, { name: 'https', targetPort: 6443, port: 443 },
], ],
selector: pa.config.selectorLabels, selector: pa._config.selectorLabels,
}, },
}, },
deployment: deployment:
local c = { local c = {
name: pa.config.name, name: pa._config.name,
image: pa.config.image, image: pa._config.image,
args: [ args: [
'--cert-dir=/var/run/serving-cert', '--cert-dir=/var/run/serving-cert',
'--config=/etc/adapter/config.yaml', '--config=/etc/adapter/config.yaml',
'--logtostderr=true', '--logtostderr=true',
'--metrics-relist-interval=1m', '--metrics-relist-interval=1m',
'--prometheus-url=' + pa.config.prometheusURL, '--prometheus-url=' + pa._config.prometheusURL,
'--secure-port=6443', '--secure-port=6443',
], ],
ports: [{ containerPort: 6443 }], ports: [{ containerPort: 6443 }],
@ -157,13 +157,13 @@ function(params) {
apiVersion: 'apps/v1', apiVersion: 'apps/v1',
kind: 'Deployment', kind: 'Deployment',
metadata: { metadata: {
name: pa.config.name, name: pa._config.name,
namespace: pa.config.namespace, namespace: pa._config.namespace,
labels: pa.config.commonLabels, labels: pa._config.commonLabels,
}, },
spec: { spec: {
replicas: 1, replicas: 1,
selector: { matchLabels: pa.config.selectorLabels }, selector: { matchLabels: pa._config.selectorLabels },
strategy: { strategy: {
rollingUpdate: { rollingUpdate: {
maxSurge: 1, maxSurge: 1,
@ -171,7 +171,7 @@ function(params) {
}, },
}, },
template: { template: {
metadata: { labels: pa.config.commonLabels }, metadata: { labels: pa._config.commonLabels },
spec: { spec: {
containers: [c], containers: [c],
serviceAccountName: $.serviceAccount.metadata.name, serviceAccountName: $.serviceAccount.metadata.name,
@ -190,9 +190,9 @@ function(params) {
apiVersion: 'v1', apiVersion: 'v1',
kind: 'ServiceAccount', kind: 'ServiceAccount',
metadata: { metadata: {
name: pa.config.name, name: pa._config.name,
namespace: pa.config.namespace, namespace: pa._config.namespace,
labels: pa.config.commonLabels, labels: pa._config.commonLabels,
}, },
}, },
@ -200,8 +200,8 @@ function(params) {
apiVersion: 'rbac.authorization.k8s.io/v1', apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'ClusterRole', kind: 'ClusterRole',
metadata: { metadata: {
name: pa.config.name, name: pa._config.name,
labels: pa.config.commonLabels, labels: pa._config.commonLabels,
}, },
rules: [{ rules: [{
apiGroups: [''], apiGroups: [''],
@ -214,8 +214,8 @@ function(params) {
apiVersion: 'rbac.authorization.k8s.io/v1', apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'ClusterRoleBinding', kind: 'ClusterRoleBinding',
metadata: { metadata: {
name: pa.config.name, name: pa._config.name,
labels: pa.config.commonLabels, labels: pa._config.commonLabels,
}, },
roleRef: { roleRef: {
apiGroup: 'rbac.authorization.k8s.io', apiGroup: 'rbac.authorization.k8s.io',
@ -225,7 +225,7 @@ function(params) {
subjects: [{ subjects: [{
kind: 'ServiceAccount', kind: 'ServiceAccount',
name: $.serviceAccount.metadata.name, name: $.serviceAccount.metadata.name,
namespace: pa.config.namespace, namespace: pa._config.namespace,
}], }],
}, },
@ -234,7 +234,7 @@ function(params) {
kind: 'ClusterRoleBinding', kind: 'ClusterRoleBinding',
metadata: { metadata: {
name: 'resource-metrics:system:auth-delegator', name: 'resource-metrics:system:auth-delegator',
labels: pa.config.commonLabels, labels: pa._config.commonLabels,
}, },
roleRef: { roleRef: {
apiGroup: 'rbac.authorization.k8s.io', apiGroup: 'rbac.authorization.k8s.io',
@ -244,7 +244,7 @@ function(params) {
subjects: [{ subjects: [{
kind: 'ServiceAccount', kind: 'ServiceAccount',
name: $.serviceAccount.metadata.name, name: $.serviceAccount.metadata.name,
namespace: pa.config.namespace, namespace: pa._config.namespace,
}], }],
}, },
@ -253,7 +253,7 @@ function(params) {
kind: 'ClusterRole', kind: 'ClusterRole',
metadata: { metadata: {
name: 'resource-metrics-server-resources', name: 'resource-metrics-server-resources',
labels: pa.config.commonLabels, labels: pa._config.commonLabels,
}, },
rules: [{ rules: [{
apiGroups: ['metrics.k8s.io'], apiGroups: ['metrics.k8s.io'],
@ -271,7 +271,7 @@ function(params) {
'rbac.authorization.k8s.io/aggregate-to-admin': 'true', 'rbac.authorization.k8s.io/aggregate-to-admin': 'true',
'rbac.authorization.k8s.io/aggregate-to-edit': 'true', 'rbac.authorization.k8s.io/aggregate-to-edit': 'true',
'rbac.authorization.k8s.io/aggregate-to-view': 'true', 'rbac.authorization.k8s.io/aggregate-to-view': 'true',
} + pa.config.commonLabels, } + pa._config.commonLabels,
}, },
rules: [{ rules: [{
apiGroups: ['metrics.k8s.io'], apiGroups: ['metrics.k8s.io'],
@ -286,7 +286,7 @@ function(params) {
metadata: { metadata: {
name: 'resource-metrics-auth-reader', name: 'resource-metrics-auth-reader',
namespace: 'kube-system', namespace: 'kube-system',
labels: pa.config.commonLabels, labels: pa._config.commonLabels,
}, },
roleRef: { roleRef: {
apiGroup: 'rbac.authorization.k8s.io', apiGroup: 'rbac.authorization.k8s.io',
@ -296,7 +296,7 @@ function(params) {
subjects: [{ subjects: [{
kind: 'ServiceAccount', kind: 'ServiceAccount',
name: $.serviceAccount.metadata.name, name: $.serviceAccount.metadata.name,
namespace: pa.config.namespace, namespace: pa._config.namespace,
}], }],
}, },
} }

10
jsonnet/kube-prometheus/components/prometheus-operator.libsonnet
View File

@ -42,18 +42,20 @@ function(params)
prometheusOperator(config) { prometheusOperator(config) {
local po = self, local po = self,
// declare variable as a field to allow overriding options and to have unified API across all components
_config:: config,
mixin:: (import 'github.com/prometheus-operator/prometheus-operator/jsonnet/mixin/mixin.libsonnet') + mixin:: (import 'github.com/prometheus-operator/prometheus-operator/jsonnet/mixin/mixin.libsonnet') +
(import 'github.com/kubernetes-monitoring/kubernetes-mixin/alerts/add-runbook-links.libsonnet') { (import 'github.com/kubernetes-monitoring/kubernetes-mixin/alerts/add-runbook-links.libsonnet') {
_config+:: config.mixin._config, _config+:: po._config.mixin._config,
}, },
prometheusRule: { prometheusRule: {
apiVersion: 'monitoring.coreos.com/v1', apiVersion: 'monitoring.coreos.com/v1',
kind: 'PrometheusRule', kind: 'PrometheusRule',
metadata: { metadata: {
labels: config.commonLabels + config.mixin.ruleLabels, labels: po._config.commonLabels + po._config.mixin.ruleLabels,
name: config.name + '-rules', name: po._config.name + '-rules',
namespace: config.namespace, namespace: po._config.namespace,
}, },
spec: { spec: {
local r = if std.objectHasAll(po.mixin, 'prometheusRules') then po.mixin.prometheusRules.groups else [], local r = if std.objectHasAll(po.mixin, 'prometheusRules') then po.mixin.prometheusRules.groups else [],

150
jsonnet/kube-prometheus/components/prometheus.libsonnet
View File

@ -44,31 +44,31 @@ local defaults = {
function(params) { function(params) {
local p = self, local p = self,
config:: defaults + params, _config:: defaults + params,
// Safety check // Safety check
assert std.isObject(p.config.resources), assert std.isObject(p._config.resources),
assert std.isObject(p.config.mixin._config), assert std.isObject(p._config.mixin._config),
mixin:: (import 'github.com/prometheus/prometheus/documentation/prometheus-mixin/mixin.libsonnet') + mixin:: (import 'github.com/prometheus/prometheus/documentation/prometheus-mixin/mixin.libsonnet') +
(import 'github.com/kubernetes-monitoring/kubernetes-mixin/alerts/add-runbook-links.libsonnet') + ( (import 'github.com/kubernetes-monitoring/kubernetes-mixin/alerts/add-runbook-links.libsonnet') + (
if p.config.thanos != {} then if p._config.thanos != {} then
(import 'github.com/thanos-io/thanos/mixin/alerts/sidecar.libsonnet') + { (import 'github.com/thanos-io/thanos/mixin/alerts/sidecar.libsonnet') + {
sidecar: { sidecar: {
selector: p.config.mixin._config.thanosSelector, selector: p._config.mixin._config.thanosSelector,
}, },
} }
else {} else {}
) { ) {
_config+:: p.config.mixin._config, _config+:: p._config.mixin._config,
}, },
prometheusRule: { prometheusRule: {
apiVersion: 'monitoring.coreos.com/v1', apiVersion: 'monitoring.coreos.com/v1',
kind: 'PrometheusRule', kind: 'PrometheusRule',
metadata: { metadata: {
labels: p.config.commonLabels + p.config.mixin.ruleLabels, labels: p._config.commonLabels + p._config.mixin.ruleLabels,
name: 'prometheus-' + p.config.name + '-prometheus-rules', name: 'prometheus-' + p._config.name + '-prometheus-rules',
namespace: p.config.namespace, namespace: p._config.namespace,
}, },
spec: { spec: {
local r = if std.objectHasAll(p.mixin, 'prometheusRules') then p.mixin.prometheusRules.groups else [], local r = if std.objectHasAll(p.mixin, 'prometheusRules') then p.mixin.prometheusRules.groups else [],
@ -81,9 +81,9 @@ function(params) {
apiVersion: 'v1', apiVersion: 'v1',
kind: 'ServiceAccount', kind: 'ServiceAccount',
metadata: { metadata: {
name: 'prometheus-' + p.config.name, name: 'prometheus-' + p._config.name,
namespace: p.config.namespace, namespace: p._config.namespace,
labels: p.config.commonLabels, labels: p._config.commonLabels,
}, },
}, },
@ -91,20 +91,20 @@ function(params) {
apiVersion: 'v1', apiVersion: 'v1',
kind: 'Service', kind: 'Service',
metadata: { metadata: {
name: 'prometheus-' + p.config.name, name: 'prometheus-' + p._config.name,
namespace: p.config.namespace, namespace: p._config.namespace,
labels: { prometheus: p.config.name } + p.config.commonLabels, labels: { prometheus: p._config.name } + p._config.commonLabels,
}, },
spec: { spec: {
ports: [ ports: [
{ name: 'web', targetPort: 'web', port: 9090 }, { name: 'web', targetPort: 'web', port: 9090 },
] + ] +
( (
if p.config.thanos != {} then if p._config.thanos != {} then
[{ name: 'grpc', port: 10901, targetPort: 10901 }] [{ name: 'grpc', port: 10901, targetPort: 10901 }]
else [] else []
), ),
selector: { app: 'prometheus' } + p.config.selectorLabels, selector: { app: 'prometheus' } + p._config.selectorLabels,
sessionAffinity: 'ClientIP', sessionAffinity: 'ClientIP',
}, },
}, },
@ -114,33 +114,33 @@ function(params) {
apiVersion: 'rbac.authorization.k8s.io/v1', apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'RoleBinding', kind: 'RoleBinding',
metadata: { metadata: {
name: 'prometheus-' + p.config.name, name: 'prometheus-' + p._config.name,
namespace: namespace, namespace: namespace,
labels: p.config.commonLabels, labels: p._config.commonLabels,
}, },
roleRef: { roleRef: {
apiGroup: 'rbac.authorization.k8s.io', apiGroup: 'rbac.authorization.k8s.io',
kind: 'Role', kind: 'Role',
name: 'prometheus-' + p.config.name, name: 'prometheus-' + p._config.name,
}, },
subjects: [{ subjects: [{
kind: 'ServiceAccount', kind: 'ServiceAccount',
name: 'prometheus-' + p.config.name, name: 'prometheus-' + p._config.name,
namespace: p.config.namespace, namespace: p._config.namespace,
}], }],
}; };
{ {
apiVersion: 'rbac.authorization.k8s.io/v1', apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'RoleBindingList', kind: 'RoleBindingList',
items: [newSpecificRoleBinding(x) for x in p.config.namespaces], items: [newSpecificRoleBinding(x) for x in p._config.namespaces],
}, },
clusterRole: { clusterRole: {
apiVersion: 'rbac.authorization.k8s.io/v1', apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'ClusterRole', kind: 'ClusterRole',
metadata: { metadata: {
name: 'prometheus-' + p.config.name, name: 'prometheus-' + p._config.name,
labels: p.config.commonLabels, labels: p._config.commonLabels,
}, },
rules: [ rules: [
{ {
@ -159,9 +159,9 @@ function(params) {
apiVersion: 'rbac.authorization.k8s.io/v1', apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'Role', kind: 'Role',
metadata: { metadata: {
name: 'prometheus-' + p.config.name + '-config', name: 'prometheus-' + p._config.name + '-config',
namespace: p.config.namespace, namespace: p._config.namespace,
labels: p.config.commonLabels, labels: p._config.commonLabels,
}, },
rules: [{ rules: [{
apiGroups: [''], apiGroups: [''],
@ -174,19 +174,19 @@ function(params) {
apiVersion: 'rbac.authorization.k8s.io/v1', apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'RoleBinding', kind: 'RoleBinding',
metadata: { metadata: {
name: 'prometheus-' + p.config.name + '-config', name: 'prometheus-' + p._config.name + '-config',
namespace: p.config.namespace, namespace: p._config.namespace,
labels: p.config.commonLabels, labels: p._config.commonLabels,
}, },
roleRef: { roleRef: {
apiGroup: 'rbac.authorization.k8s.io', apiGroup: 'rbac.authorization.k8s.io',
kind: 'Role', kind: 'Role',
name: 'prometheus-' + p.config.name + '-config', name: 'prometheus-' + p._config.name + '-config',
}, },
subjects: [{ subjects: [{
kind: 'ServiceAccount', kind: 'ServiceAccount',
name: 'prometheus-' + p.config.name, name: 'prometheus-' + p._config.name,
namespace: p.config.namespace, namespace: p._config.namespace,
}], }],
}, },
@ -194,18 +194,18 @@ function(params) {
apiVersion: 'rbac.authorization.k8s.io/v1', apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'ClusterRoleBinding', kind: 'ClusterRoleBinding',
metadata: { metadata: {
name: 'prometheus-' + p.config.name, name: 'prometheus-' + p._config.name,
labels: p.config.commonLabels, labels: p._config.commonLabels,
}, },
roleRef: { roleRef: {
apiGroup: 'rbac.authorization.k8s.io', apiGroup: 'rbac.authorization.k8s.io',
kind: 'ClusterRole', kind: 'ClusterRole',
name: 'prometheus-' + p.config.name, name: 'prometheus-' + p._config.name,
}, },
subjects: [{ subjects: [{
kind: 'ServiceAccount', kind: 'ServiceAccount',
name: 'prometheus-' + p.config.name, name: 'prometheus-' + p._config.name,
namespace: p.config.namespace, namespace: p._config.namespace,
}], }],
}, },
@ -214,9 +214,9 @@ function(params) {
apiVersion: 'rbac.authorization.k8s.io/v1', apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'Role', kind: 'Role',
metadata: { metadata: {
name: 'prometheus-' + p.config.name, name: 'prometheus-' + p._config.name,
namespace: namespace, namespace: namespace,
labels: p.config.commonLabels, labels: p._config.commonLabels,
}, },
rules: [ rules: [
{ {
@ -234,23 +234,23 @@ function(params) {
{ {
apiVersion: 'rbac.authorization.k8s.io/v1', apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'RoleList', kind: 'RoleList',
items: [newSpecificRole(x) for x in p.config.namespaces], items: [newSpecificRole(x) for x in p._config.namespaces],
}, },
[if (defaults + params).replicas > 1 then 'podDisruptionBudget']: { [if (defaults + params).replicas > 1 then 'podDisruptionBudget']: {
apiVersion: 'policy/v1beta1', apiVersion: 'policy/v1beta1',
kind: 'PodDisruptionBudget', kind: 'PodDisruptionBudget',
metadata: { metadata: {
name: 'prometheus-' + p.config.name, name: 'prometheus-' + p._config.name,
namespace: p.config.namespace, namespace: p._config.namespace,
labels: p.config.commonLabels, labels: p._config.commonLabels,
}, },
spec: { spec: {
minAvailable: 1, minAvailable: 1,
selector: { selector: {
matchLabels: { matchLabels: {
prometheus: p.config.name, prometheus: p._config.name,
} + p.config.selectorLabels, } + p._config.selectorLabels,
}, },
}, },
}, },
@ -259,19 +259,19 @@ function(params) {
apiVersion: 'monitoring.coreos.com/v1', apiVersion: 'monitoring.coreos.com/v1',
kind: 'Prometheus', kind: 'Prometheus',
metadata: { metadata: {
name: p.config.name, name: p._config.name,
namespace: p.config.namespace, namespace: p._config.namespace,
labels: { prometheus: p.config.name } + p.config.commonLabels, labels: { prometheus: p._config.name } + p._config.commonLabels,
}, },
spec: { spec: {
replicas: p.config.replicas, replicas: p._config.replicas,
version: p.config.version, version: p._config.version,
image: p.config.image, image: p._config.image,
podMetadata: { podMetadata: {
labels: p.config.commonLabels, labels: p._config.commonLabels,
}, },
externalLabels: p.config.externalLabels, externalLabels: p._config.externalLabels,
serviceAccountName: 'prometheus-' + p.config.name, serviceAccountName: 'prometheus-' + p._config.name,
serviceMonitorSelector: {}, serviceMonitorSelector: {},
podMonitorSelector: {}, podMonitorSelector: {},
probeSelector: {}, probeSelector: {},
@ -279,12 +279,12 @@ function(params) {
podMonitorNamespaceSelector: {}, podMonitorNamespaceSelector: {},
probeNamespaceSelector: {}, probeNamespaceSelector: {},
nodeSelector: { 'kubernetes.io/os': 'linux' }, nodeSelector: { 'kubernetes.io/os': 'linux' },
ruleSelector: p.config.ruleSelector, ruleSelector: p._config.ruleSelector,
resources: p.config.resources, resources: p._config.resources,
alerting: { alerting: {
alertmanagers: [{ alertmanagers: [{
namespace: p.config.namespace, namespace: p._config.namespace,
name: 'alertmanager-' + p.config.alertmanagerName, name: 'alertmanager-' + p._config.alertmanagerName,
port: 'web', port: 'web',
apiVersion: 'v2', apiVersion: 'v2',
}], }],
@ -294,7 +294,7 @@ function(params) {
runAsNonRoot: true, runAsNonRoot: true,
fsGroup: 2000, fsGroup: 2000,
}, },
[if std.objectHas(params, 'thanos') then 'thanos']: p.config.thanos, [if std.objectHas(params, 'thanos') then 'thanos']: p._config.thanos,
}, },
}, },
@ -302,13 +302,13 @@ function(params) {
apiVersion: 'monitoring.coreos.com/v1', apiVersion: 'monitoring.coreos.com/v1',
kind: 'ServiceMonitor', kind: 'ServiceMonitor',
metadata: { metadata: {
name: 'prometheus-' + p.config.name, name: 'prometheus-' + p._config.name,
namespace: p.config.namespace, namespace: p._config.namespace,
labels: p.config.commonLabels, labels: p._config.commonLabels,
}, },
spec: { spec: {
selector: { selector: {
matchLabels: p.config.selectorLabels, matchLabels: p._config.selectorLabels,
}, },
endpoints: [{ endpoints: [{
port: 'web', port: 'web',
@ -322,10 +322,10 @@ function(params) {
apiVersion: 'v1', apiVersion: 'v1',
kind: 'Service', kind: 'Service',
metadata+: { metadata+: {
name: 'prometheus-' + p.config.name + '-thanos-sidecar', name: 'prometheus-' + p._config.name + '-thanos-sidecar',
namespace: p.config.namespace, namespace: p._config.namespace,
labels+: p.config.commonLabels { labels+: p._config.commonLabels {
prometheus: p.config.name, prometheus: p._config.name,
'app.kubernetes.io/component': 'thanos-sidecar', 'app.kubernetes.io/component': 'thanos-sidecar',
}, },
}, },
@ -334,8 +334,8 @@ function(params) {
{ name: 'grpc', port: 10901, targetPort: 10901 }, { name: 'grpc', port: 10901, targetPort: 10901 },
{ name: 'http', port: 10902, targetPort: 10902 }, { name: 'http', port: 10902, targetPort: 10902 },
], ],
selector: p.config.selectorLabels { selector: p._config.selectorLabels {
prometheus: p.config.name, prometheus: p._config.name,
'app.kubernetes.io/component': 'prometheus', 'app.kubernetes.io/component': 'prometheus',
}, },
clusterIP: 'None', clusterIP: 'None',
@ -348,9 +348,9 @@ function(params) {
kind: 'ServiceMonitor', kind: 'ServiceMonitor',
metadata+: { metadata+: {
name: 'thanos-sidecar', name: 'thanos-sidecar',
namespace: p.config.namespace, namespace: p._config.namespace,
labels: p.config.commonLabels { labels: p._config.commonLabels {
prometheus: p.config.name, prometheus: p._config.name,
'app.kubernetes.io/component': 'thanos-sidecar', 'app.kubernetes.io/component': 'thanos-sidecar',
}, },
}, },
@ -358,7 +358,7 @@ function(params) {
jobLabel: 'app.kubernetes.io/component', jobLabel: 'app.kubernetes.io/component',
selector: { selector: {
matchLabels: { matchLabels: {
prometheus: p.config.name, prometheus: p._config.name,
'app.kubernetes.io/component': 'thanos-sidecar', 'app.kubernetes.io/component': 'thanos-sidecar',
}, },
}, },

4
jsonnet/kube-prometheus/platforms/eks.libsonnet
View File

@ -69,9 +69,9 @@
apiVersion: 'monitoring.coreos.com/v1', apiVersion: 'monitoring.coreos.com/v1',
kind: 'PrometheusRule', kind: 'PrometheusRule',
metadata: { metadata: {
labels: $.prometheus.config.commonLabels + $.prometheus.config.mixin.ruleLabels, labels: $.prometheus._config.commonLabels + $.prometheus._config.mixin.ruleLabels,
name: 'eks-rules', name: 'eks-rules',
namespace: $.prometheus.config.namespace, namespace: $.prometheus._config.namespace,
}, },
spec: { spec: {
groups: [ groups: [