mirror of
https://github.com/prometheus-operator/kube-prometheus.git
synced 2025-09-02 12:21:26 +02:00
Merge pull request #765 from kakkoyun/ksonnet_no_more_8
Remove ksonnet from kube-prometheus-static-etcd.libsonnet
This commit is contained in:
Lili Cosic
GitHub
commit
a54498482c
@ -12,82 +12,88 @@ local k = import 'github.com/ksonnet/ksonnet-lib/ksonnet.beta.4/k.libsonnet';
|
||||
},
|
||||
},
|
||||
prometheus+:: {
|
||||
serviceEtcd:
|
||||
local service = k.core.v1.service;
|
||||
local servicePort = k.core.v1.service.mixin.spec.portsType;
|
||||
|
||||
local etcdServicePort = servicePort.newNamed('metrics', 2379, 2379);
|
||||
|
||||
service.new('etcd', null, etcdServicePort) +
|
||||
service.mixin.metadata.withNamespace('kube-system') +
|
||||
service.mixin.metadata.withLabels({ 'k8s-app': 'etcd' }) +
|
||||
service.mixin.spec.withClusterIp('None'),
|
||||
endpointsEtcd:
|
||||
local endpoints = k.core.v1.endpoints;
|
||||
local endpointSubset = endpoints.subsetsType;
|
||||
local endpointPort = endpointSubset.portsType;
|
||||
|
||||
local etcdPort = endpointPort.new() +
|
||||
endpointPort.withName('metrics') +
|
||||
endpointPort.withPort(2379) +
|
||||
endpointPort.withProtocol('TCP');
|
||||
|
||||
local subset = endpointSubset.new() +
|
||||
endpointSubset.withAddresses([
|
||||
{ ip: etcdIP }
|
||||
for etcdIP in $._config.etcd.ips
|
||||
]) +
|
||||
endpointSubset.withPorts(etcdPort);
|
||||
|
||||
endpoints.new() +
|
||||
endpoints.mixin.metadata.withName('etcd') +
|
||||
endpoints.mixin.metadata.withNamespace('kube-system') +
|
||||
endpoints.mixin.metadata.withLabels({ 'k8s-app': 'etcd' }) +
|
||||
endpoints.withSubsets(subset),
|
||||
serviceMonitorEtcd:
|
||||
{
|
||||
apiVersion: 'monitoring.coreos.com/v1',
|
||||
kind: 'ServiceMonitor',
|
||||
serviceEtcd: {
|
||||
apiVersion: 'v1',
|
||||
kind: 'Service',
|
||||
metadata: {
|
||||
name: 'etcd',
|
||||
namespace: 'kube-system',
|
||||
labels: { 'k8s-app': 'etcd' },
|
||||
},
|
||||
spec: {
|
||||
ports: [
|
||||
{ name: 'metrics', targetPort: 2379, port: 2379 },
|
||||
],
|
||||
clusterIP: 'None',
|
||||
},
|
||||
},
|
||||
endpointsEtcd: {
|
||||
apiVersion: 'v1',
|
||||
kind: 'Endpoints',
|
||||
metadata: {
|
||||
name: 'etcd',
|
||||
namespace: 'kube-system',
|
||||
labels: {
|
||||
labels: { 'k8s-app': 'etcd' },
|
||||
},
|
||||
subsets: [{
|
||||
addresses: [
|
||||
{ ip: etcdIP }
|
||||
for etcdIP in $._config.etcd.ips
|
||||
],
|
||||
ports: [
|
||||
{ name: 'metrics', port: 2379, protocol: 'TCP' },
|
||||
],
|
||||
}],
|
||||
},
|
||||
serviceMonitorEtcd: {
|
||||
apiVersion: 'monitoring.coreos.com/v1',
|
||||
kind: 'ServiceMonitor',
|
||||
metadata: {
|
||||
name: 'etcd',
|
||||
namespace: 'kube-system',
|
||||
labels: {
|
||||
'k8s-app': 'etcd',
|
||||
},
|
||||
},
|
||||
spec: {
|
||||
jobLabel: 'k8s-app',
|
||||
endpoints: [
|
||||
{
|
||||
port: 'metrics',
|
||||
interval: '30s',
|
||||
scheme: 'https',
|
||||
// Prometheus Operator (and Prometheus) allow us to specify a tlsConfig. This is required as most likely your etcd metrics end points is secure.
|
||||
tlsConfig: {
|
||||
caFile: '/etc/prometheus/secrets/kube-etcd-client-certs/etcd-client-ca.crt',
|
||||
keyFile: '/etc/prometheus/secrets/kube-etcd-client-certs/etcd-client.key',
|
||||
certFile: '/etc/prometheus/secrets/kube-etcd-client-certs/etcd-client.crt',
|
||||
[if $._config.etcd.serverName != null then 'serverName']: $._config.etcd.serverName,
|
||||
[if $._config.etcd.insecureSkipVerify != null then 'insecureSkipVerify']: $._config.etcd.insecureSkipVerify,
|
||||
},
|
||||
},
|
||||
],
|
||||
selector: {
|
||||
matchLabels: {
|
||||
'k8s-app': 'etcd',
|
||||
},
|
||||
},
|
||||
spec: {
|
||||
jobLabel: 'k8s-app',
|
||||
endpoints: [
|
||||
{
|
||||
port: 'metrics',
|
||||
interval: '30s',
|
||||
scheme: 'https',
|
||||
// Prometheus Operator (and Prometheus) allow us to specify a tlsConfig. This is required as most likely your etcd metrics end points is secure.
|
||||
tlsConfig: {
|
||||
caFile: '/etc/prometheus/secrets/kube-etcd-client-certs/etcd-client-ca.crt',
|
||||
keyFile: '/etc/prometheus/secrets/kube-etcd-client-certs/etcd-client.key',
|
||||
certFile: '/etc/prometheus/secrets/kube-etcd-client-certs/etcd-client.crt',
|
||||
[if $._config.etcd.serverName != null then 'serverName']: $._config.etcd.serverName,
|
||||
[if $._config.etcd.insecureSkipVerify != null then 'insecureSkipVerify']: $._config.etcd.insecureSkipVerify,
|
||||
},
|
||||
},
|
||||
],
|
||||
selector: {
|
||||
matchLabels: {
|
||||
'k8s-app': 'etcd',
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
secretEtcdCerts:
|
||||
},
|
||||
secretEtcdCerts: {
|
||||
// Prometheus Operator allows us to mount secrets in the pod. By loading the secrets as files, they can be made available inside the Prometheus pod.
|
||||
local secret = k.core.v1.secret;
|
||||
secret.new('kube-etcd-client-certs', {
|
||||
apiVersion: 'v1',
|
||||
kind: 'Secret',
|
||||
type: 'Opaque',
|
||||
metadata: {
|
||||
name: 'kube-etcd-client-certs',
|
||||
namespace: $._config.namespace,
|
||||
},
|
||||
data: {
|
||||
'etcd-client-ca.crt': std.base64($._config.etcd.clientCA),
|
||||
'etcd-client.key': std.base64($._config.etcd.clientKey),
|
||||
'etcd-client.crt': std.base64($._config.etcd.clientCert),
|
||||
}) +
|
||||
secret.mixin.metadata.withNamespace($._config.namespace),
|
||||
},
|
||||
},
|
||||
prometheus+:
|
||||
{
|
||||
// Reference info: https://coreos.com/operators/prometheus/docs/latest/api.html#prometheusspec
|
||||
|
||||
@ -23,9 +23,9 @@
|
||||
template+: {
|
||||
spec+: {
|
||||
local addArgs(c) =
|
||||
if c.name == 'prometheus-operator'
|
||||
then c + {args+: ['--config-reloader-cpu=0']}
|
||||
else c,
|
||||
if c.name == 'prometheus-operator'
|
||||
then c { args+: ['--config-reloader-cpu=0'] }
|
||||
else c,
|
||||
containers: std.map(addArgs, super.containers),
|
||||
},
|
||||
},
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user