mirrors/kube-prometheus
1
0
Fork 0
mirror of https://github.com/prometheus-operator/kube-prometheus.git synced 2025-11-02 00:51:01 +01:00
Code Issues Projects Releases Wiki Activity

Use kube-state-metrics jsonnet dependency #369

Browse Source
This commit is contained in:
Oleg Mayko 2020-02-04 18:47:04 +01:00
parent 8550ac35bf
commit f043bc32d3
14 changed files with 174 additions and 435 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
jsonnet/kube-prometheus/jsonnetfile.json
View File

@ -69,6 +69,26 @@
} }
}, },
"version": "master" "version": "master"
},
{
"name": "kube-state-metrics",
"source": {
"git": {
"remote": "https://github.com/kubernetes/kube-state-metrics",
"subdir": "jsonnet/kube-state-metrics"
}
},
"version": "master"
},
{
"name": "kube-state-metrics-mixin",
"source": {
"git": {
"remote": "https://github.com/kubernetes/kube-state-metrics",
"subdir": "jsonnet/kube-state-metrics-mixin"
}
},
"version": "master"
} }
] ]
} }

1
jsonnet/kube-prometheus/kube-prometheus.libsonnet
View File

@ -4,6 +4,7 @@ local configMapList = k3.core.v1.configMapList;
(import 'grafana/grafana.libsonnet') + (import 'grafana/grafana.libsonnet') +
(import 'kube-state-metrics/kube-state-metrics.libsonnet') + (import 'kube-state-metrics/kube-state-metrics.libsonnet') +
(import 'kube-state-metrics-mixin/mixin.libsonnet') +
(import 'node-exporter/node-exporter.libsonnet') + (import 'node-exporter/node-exporter.libsonnet') +
(import 'node-mixin/mixin.libsonnet') + (import 'node-mixin/mixin.libsonnet') +
(import 'alertmanager/alertmanager.libsonnet') + (import 'alertmanager/alertmanager.libsonnet') +

355
jsonnet/kube-prometheus/kube-state-metrics/kube-state-metrics.libsonnet
View File

@ -1,316 +1,43 @@
local k = import 'ksonnet/ksonnet.beta.4/k.libsonnet';
{ {
_config+:: { kubeStateMetrics+:: (import 'kube-state-metrics/kube-state-metrics.libsonnet') +
namespace: 'default', {
local ksm = self,
kubeStateMetrics+:: { name:: 'kube-state-metrics',
collectors: '', // empty string gets a default set namespace:: 'monitoring',
scrapeInterval: '30s', version:: '1.9.4', //$._config.versions.kubeStateMetrics,
scrapeTimeout: '30s', image:: 'quay.io/coreos/kube-state-metrics:v' + ksm.version,
}, serviceMonitor: {
apiVersion: 'monitoring.coreos.com/v1',
versions+:: { kind: 'ServiceMonitor',
kubeStateMetrics: 'v1.9.3', metadata: {
kubeRbacProxy: 'v0.4.1', name: ksm.name,
}, namespace: ksm.namespace,
labels: ksm.commonLabels,
imageRepos+:: { },
kubeStateMetrics: 'quay.io/coreos/kube-state-metrics', spec: {
kubeRbacProxy: 'quay.io/coreos/kube-rbac-proxy', jobLabel: 'app.kubernetes.io/name',
}, selector: {
}, matchLabels: ksm.commonLabels,
},
kubeStateMetrics+:: { endpoints: [
clusterRoleBinding: {
local clusterRoleBinding = k.rbac.v1.clusterRoleBinding; port: 'http-metrics',
interval: '30s',
clusterRoleBinding.new() + scrapeTimeout: '30s',
clusterRoleBinding.mixin.metadata.withName('kube-state-metrics') + honorLabels: true,
clusterRoleBinding.mixin.roleRef.withApiGroup('rbac.authorization.k8s.io') + relabelings: [
clusterRoleBinding.mixin.roleRef.withName('kube-state-metrics') + {
clusterRoleBinding.mixin.roleRef.mixinInstance({ kind: 'ClusterRole' }) + regex: '(pod|service|endpoint|namespace)',
clusterRoleBinding.withSubjects([{ kind: 'ServiceAccount', name: 'kube-state-metrics', namespace: $._config.namespace }]), action: 'labeldrop',
},
clusterRole: ],
local clusterRole = k.rbac.v1.clusterRole; },
local rulesType = clusterRole.rulesType; {
port: 'telemetry',
local rules = [ interval: '30s',
rulesType.new() + },
rulesType.withApiGroups(['']) + ],
rulesType.withResources([ },
'configmaps', },
'secrets', },
'nodes',
'pods',
'services',
'resourcequotas',
'replicationcontrollers',
'limitranges',
'persistentvolumeclaims',
'persistentvolumes',
'namespaces',
'endpoints',
]) +
rulesType.withVerbs(['list', 'watch']),
rulesType.new() +
rulesType.withApiGroups(['extensions']) +
rulesType.withResources([
'daemonsets',
'deployments',
'replicasets',
'ingresses',
]) +
rulesType.withVerbs(['list', 'watch']),
rulesType.new() +
rulesType.withApiGroups(['apps']) +
rulesType.withResources([
'statefulsets',
'daemonsets',
'deployments',
'replicasets',
]) +
rulesType.withVerbs(['list', 'watch']),
rulesType.new() +
rulesType.withApiGroups(['batch']) +
rulesType.withResources([
'cronjobs',
'jobs',
]) +
rulesType.withVerbs(['list', 'watch']),
rulesType.new() +
rulesType.withApiGroups(['autoscaling']) +
rulesType.withResources([
'horizontalpodautoscalers',
]) +
rulesType.withVerbs(['list', 'watch']),
rulesType.new() +
rulesType.withApiGroups(['authentication.k8s.io']) +
rulesType.withResources([
'tokenreviews',
]) +
rulesType.withVerbs(['create']),
rulesType.new() +
rulesType.withApiGroups(['authorization.k8s.io']) +
rulesType.withResources([
'subjectaccessreviews',
]) +
rulesType.withVerbs(['create']),
rulesType.new() +
rulesType.withApiGroups(['policy']) +
rulesType.withResources([
'poddisruptionbudgets',
]) +
rulesType.withVerbs(['list', 'watch']),
rulesType.new() +
rulesType.withApiGroups(['certificates.k8s.io']) +
rulesType.withResources([
'certificatesigningrequests',
]) +
rulesType.withVerbs(['list', 'watch']),
rulesType.new() +
rulesType.withApiGroups(['storage.k8s.io']) +
rulesType.withResources([
'storageclasses',
'volumeattachments',
]) +
rulesType.withVerbs(['list', 'watch']),
rulesType.new() +
rulesType.withApiGroups(['admissionregistration.k8s.io']) +
rulesType.withResources([
'validatingwebhookconfigurations',
'mutatingwebhookconfigurations',
]) +
rulesType.withVerbs(['list', 'watch']),
rulesType.new() +
rulesType.withApiGroups(['networking.k8s.io']) +
rulesType.withResources([
'networkpolicies',
]) +
rulesType.withVerbs(['list', 'watch']),
];
clusterRole.new() +
clusterRole.mixin.metadata.withName('kube-state-metrics') +
clusterRole.withRules(rules),
deployment:
local deployment = k.apps.v1.deployment;
local container = deployment.mixin.spec.template.spec.containersType;
local volume = deployment.mixin.spec.template.spec.volumesType;
local containerPort = container.portsType;
local containerVolumeMount = container.volumeMountsType;
local podSelector = deployment.mixin.spec.template.spec.selectorType;
local podLabels = { app: 'kube-state-metrics' };
local proxyClusterMetrics =
container.new('kube-rbac-proxy-main', $._config.imageRepos.kubeRbacProxy + ':' + $._config.versions.kubeRbacProxy) +
container.withArgs([
'--logtostderr',
'--secure-listen-address=:8443',
'--tls-cipher-suites=' + std.join(',', $._config.tlsCipherSuites),
'--upstream=http://127.0.0.1:8081/',
]) +
container.withPorts(containerPort.newNamed(8443, 'https-main',)) +
container.mixin.resources.withRequests($._config.resources['kube-rbac-proxy'].requests) +
container.mixin.resources.withLimits($._config.resources['kube-rbac-proxy'].limits);
local proxySelfMetrics =
container.new('kube-rbac-proxy-self', $._config.imageRepos.kubeRbacProxy + ':' + $._config.versions.kubeRbacProxy) +
container.withArgs([
'--logtostderr',
'--secure-listen-address=:9443',
'--tls-cipher-suites=' + std.join(',', $._config.tlsCipherSuites),
'--upstream=http://127.0.0.1:8082/',
]) +
container.withPorts(containerPort.newNamed(9443, 'https-self',)) +
container.mixin.resources.withRequests($._config.resources['kube-rbac-proxy'].requests) +
container.mixin.resources.withLimits($._config.resources['kube-rbac-proxy'].limits);
local kubeStateMetrics =
container.new('kube-state-metrics', $._config.imageRepos.kubeStateMetrics + ':' + $._config.versions.kubeStateMetrics) +
container.withArgs([
'--host=127.0.0.1',
'--port=8081',
'--telemetry-host=127.0.0.1',
'--telemetry-port=8082',
] + if $._config.kubeStateMetrics.collectors != '' then ['--collectors=' + $._config.kubeStateMetrics.collectors] else []) +
container.mixin.resources.withRequests($._config.resources['kube-state-metrics'].requests) +
container.mixin.resources.withLimits($._config.resources['kube-state-metrics'].limits);
local c = [proxyClusterMetrics, proxySelfMetrics, kubeStateMetrics];
deployment.new('kube-state-metrics', 1, c, podLabels) +
deployment.mixin.metadata.withNamespace($._config.namespace) +
deployment.mixin.metadata.withLabels(podLabels) +
deployment.mixin.spec.selector.withMatchLabels(podLabels) +
deployment.mixin.spec.template.spec.withNodeSelector({ 'kubernetes.io/os': 'linux' }) +
deployment.mixin.spec.template.spec.securityContext.withRunAsNonRoot(true) +
deployment.mixin.spec.template.spec.securityContext.withRunAsUser(65534) +
deployment.mixin.spec.template.spec.withServiceAccountName('kube-state-metrics'),
roleBinding:
local roleBinding = k.rbac.v1.roleBinding;
roleBinding.new() +
roleBinding.mixin.metadata.withName('kube-state-metrics') +
roleBinding.mixin.metadata.withNamespace($._config.namespace) +
roleBinding.mixin.roleRef.withApiGroup('rbac.authorization.k8s.io') +
roleBinding.mixin.roleRef.withName('kube-state-metrics') +
roleBinding.mixin.roleRef.mixinInstance({ kind: 'Role' }) +
roleBinding.withSubjects([{ kind: 'ServiceAccount', name: 'kube-state-metrics' }]),
role:
local role = k.rbac.v1.role;
local rulesType = role.rulesType;
local coreRule = rulesType.new() +
rulesType.withApiGroups(['']) +
rulesType.withResources([
'pods',
]) +
rulesType.withVerbs(['get']);
local extensionsRule = rulesType.new() +
rulesType.withApiGroups(['extensions']) +
rulesType.withResources([
'deployments',
]) +
rulesType.withVerbs(['get', 'update']) +
rulesType.withResourceNames(['kube-state-metrics']);
local appsRule = rulesType.new() +
rulesType.withApiGroups(['apps']) +
rulesType.withResources([
'deployments',
]) +
rulesType.withVerbs(['get', 'update']) +
rulesType.withResourceNames(['kube-state-metrics']);
local rules = [coreRule, extensionsRule, appsRule];
role.new() +
role.mixin.metadata.withName('kube-state-metrics') +
role.mixin.metadata.withNamespace($._config.namespace) +
role.withRules(rules),
serviceAccount:
local serviceAccount = k.core.v1.serviceAccount;
serviceAccount.new('kube-state-metrics') +
serviceAccount.mixin.metadata.withNamespace($._config.namespace),
service:
local service = k.core.v1.service;
local servicePort = service.mixin.spec.portsType;
local ksmServicePortMain = servicePort.newNamed('https-main', 8443, 'https-main');
local ksmServicePortSelf = servicePort.newNamed('https-self', 9443, 'https-self');
service.new('kube-state-metrics', $.kubeStateMetrics.deployment.spec.selector.matchLabels, [ksmServicePortMain, ksmServicePortSelf]) +
service.mixin.metadata.withNamespace($._config.namespace) +
service.mixin.metadata.withLabels({ 'k8s-app': 'kube-state-metrics' }) +
service.mixin.spec.withClusterIp('None'),
serviceMonitor:
{
apiVersion: 'monitoring.coreos.com/v1',
kind: 'ServiceMonitor',
metadata: {
name: 'kube-state-metrics',
namespace: $._config.namespace,
labels: {
'k8s-app': 'kube-state-metrics',
},
},
spec: {
jobLabel: 'k8s-app',
selector: {
matchLabels: {
'k8s-app': 'kube-state-metrics',
},
},
endpoints: [
{
port: 'https-main',
scheme: 'https',
interval: $._config.kubeStateMetrics.scrapeInterval,
scrapeTimeout: $._config.kubeStateMetrics.scrapeTimeout,
honorLabels: true,
bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token',
relabelings: [
{
regex: '(pod|service|endpoint|namespace)',
action: 'labeldrop',
},
],
tlsConfig: {
insecureSkipVerify: true,
},
},
{
port: 'https-self',
scheme: 'https',
interval: '30s',
bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token',
tlsConfig: {
insecureSkipVerify: true,
},
},
],
},
},
},
} }

22
jsonnetfile.lock.json
View File

@ -64,6 +64,28 @@
}, },
"version": "" "version": ""
}, },
{
"name": "kube-state-metrics",
"source": {
"git": {
"remote": "https://github.com/kubernetes/kube-state-metrics",
"subdir": "jsonnet/kube-state-metrics"
}
},
"version": "2148cb9bd5ba51d3911a93c4d61ddf084999f8c7",
"sum": "a+rigolTUlmpxlwu2hxnPvZ50Cg5WYuuC7irTma5Xbo="
},
{
"name": "kube-state-metrics-mixin",
"source": {
"git": {
"remote": "https://github.com/kubernetes/kube-state-metrics",
"subdir": "jsonnet/kube-state-metrics-mixin"
}
},
"version": "2148cb9bd5ba51d3911a93c4d61ddf084999f8c7",
"sum": "E1GGavnf9PCWBm4WVrxWnc0FIj72UcbcweqGioWrOdU="
},
{ {
"name": "kubernetes-mixin", "name": "kubernetes-mixin",
"source": { "source": {

2
kustomization.yaml
View File

@ -16,8 +16,6 @@ resources:
- ./manifests/kube-state-metrics-clusterRole.yaml - ./manifests/kube-state-metrics-clusterRole.yaml
- ./manifests/kube-state-metrics-clusterRoleBinding.yaml - ./manifests/kube-state-metrics-clusterRoleBinding.yaml
- ./manifests/kube-state-metrics-deployment.yaml - ./manifests/kube-state-metrics-deployment.yaml
- ./manifests/kube-state-metrics-role.yaml
- ./manifests/kube-state-metrics-roleBinding.yaml
- ./manifests/kube-state-metrics-service.yaml - ./manifests/kube-state-metrics-service.yaml
- ./manifests/kube-state-metrics-serviceAccount.yaml - ./manifests/kube-state-metrics-serviceAccount.yaml
- ./manifests/kube-state-metrics-serviceMonitor.yaml - ./manifests/kube-state-metrics-serviceMonitor.yaml

12
manifests/kube-state-metrics-clusterRole.yaml
View File

@ -1,6 +1,9 @@
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole kind: ClusterRole
metadata: metadata:
labels:
app.kubernetes.io/name: kube-state-metrics
app.kubernetes.io/version: v1.9.4
name: kube-state-metrics name: kube-state-metrics
rules: rules:
- apiGroups: - apiGroups:
@ -93,8 +96,8 @@ rules:
- apiGroups: - apiGroups:
- admissionregistration.k8s.io - admissionregistration.k8s.io
resources: resources:
- validatingwebhookconfigurations
- mutatingwebhookconfigurations - mutatingwebhookconfigurations
- validatingwebhookconfigurations
verbs: verbs:
- list - list
- watch - watch
@ -105,3 +108,10 @@ rules:
verbs: verbs:
- list - list
- watch - watch
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- list
- watch

3
manifests/kube-state-metrics-clusterRoleBinding.yaml
View File

@ -1,6 +1,9 @@
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding kind: ClusterRoleBinding
metadata: metadata:
labels:
app.kubernetes.io/name: kube-state-metrics
app.kubernetes.io/version: v1.9.4
name: kube-state-metrics name: kube-state-metrics
roleRef: roleRef:
apiGroup: rbac.authorization.k8s.io apiGroup: rbac.authorization.k8s.io

78
manifests/kube-state-metrics-deployment.yaml
View File

@ -2,71 +2,43 @@ apiVersion: apps/v1
kind: Deployment kind: Deployment
metadata: metadata:
labels: labels:
app: kube-state-metrics app.kubernetes.io/name: kube-state-metrics
app.kubernetes.io/version: v1.9.4
name: kube-state-metrics name: kube-state-metrics
namespace: monitoring namespace: monitoring
spec: spec:
replicas: 1 replicas: 1
selector: selector:
matchLabels: matchLabels:
app: kube-state-metrics app.kubernetes.io/name: kube-state-metrics
template: template:
metadata: metadata:
labels: labels:
app: kube-state-metrics app.kubernetes.io/name: kube-state-metrics
app.kubernetes.io/version: v1.9.4
spec: spec:
containers: containers:
- args: - image: quay.io/coreos/kube-state-metrics:v1.9.4
- --logtostderr livenessProbe:
- --secure-listen-address=:8443 httpGet:
- --tls-cipher-suites=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 path: /healthz
- --upstream=http://127.0.0.1:8081/ port: 8080
image: quay.io/coreos/kube-rbac-proxy:v0.4.1 initialDelaySeconds: 5
name: kube-rbac-proxy-main timeoutSeconds: 5
ports:
- containerPort: 8443
name: https-main
resources:
limits:
cpu: 20m
memory: 40Mi
requests:
cpu: 10m
memory: 20Mi
- args:
- --logtostderr
- --secure-listen-address=:9443
- --tls-cipher-suites=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
- --upstream=http://127.0.0.1:8082/
image: quay.io/coreos/kube-rbac-proxy:v0.4.1
name: kube-rbac-proxy-self
ports:
- containerPort: 9443
name: https-self
resources:
limits:
cpu: 20m
memory: 40Mi
requests:
cpu: 10m
memory: 20Mi
- args:
- --host=127.0.0.1
- --port=8081
- --telemetry-host=127.0.0.1
- --telemetry-port=8082
image: quay.io/coreos/kube-state-metrics:v1.9.3
name: kube-state-metrics name: kube-state-metrics
resources: ports:
limits: - containerPort: 8080
cpu: 100m name: http-metrics
memory: 150Mi - containerPort: 8081
requests: name: telemetry
cpu: 100m readinessProbe:
memory: 150Mi httpGet:
path: /
port: 8081
initialDelaySeconds: 5
timeoutSeconds: 5
securityContext:
runAsUser: 65534
nodeSelector: nodeSelector:
kubernetes.io/os: linux kubernetes.io/os: linux
securityContext:
runAsNonRoot: true
runAsUser: 65534
serviceAccountName: kube-state-metrics serviceAccountName: kube-state-metrics

30
manifests/kube-state-metrics-role.yaml
View File

@ -1,30 +0,0 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: kube-state-metrics
namespace: monitoring
rules:
- apiGroups:
- ""
resources:
- pods
verbs:
- get
- apiGroups:
- extensions
resourceNames:
- kube-state-metrics
resources:
- deployments
verbs:
- get
- update
- apiGroups:
- apps
resourceNames:
- kube-state-metrics
resources:
- deployments
verbs:
- get
- update

12
manifests/kube-state-metrics-roleBinding.yaml
View File

@ -1,12 +0,0 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: kube-state-metrics
namespace: monitoring
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: kube-state-metrics
subjects:
- kind: ServiceAccount
name: kube-state-metrics

17
manifests/kube-state-metrics-service.yaml
View File

@ -2,17 +2,18 @@ apiVersion: v1
kind: Service kind: Service
metadata: metadata:
labels: labels:
k8s-app: kube-state-metrics app.kubernetes.io/name: kube-state-metrics
app.kubernetes.io/version: v1.9.4
name: kube-state-metrics name: kube-state-metrics
namespace: monitoring namespace: monitoring
spec: spec:
clusterIP: None clusterIP: None
ports: ports:
- name: https-main - name: http-metrics
port: 8443 port: 8080
targetPort: https-main targetPort: http-metrics
- name: https-self - name: telemetry
port: 9443 port: 8081
targetPort: https-self targetPort: telemetry
selector: selector:
app: kube-state-metrics app.kubernetes.io/name: kube-state-metrics

3
manifests/kube-state-metrics-serviceAccount.yaml
View File

@ -1,5 +1,8 @@
apiVersion: v1 apiVersion: v1
kind: ServiceAccount kind: ServiceAccount
metadata: metadata:
labels:
app.kubernetes.io/name: kube-state-metrics
app.kubernetes.io/version: v1.9.4
name: kube-state-metrics name: kube-state-metrics
namespace: monitoring namespace: monitoring

24
manifests/kube-state-metrics-serviceMonitor.yaml
View File

@ -2,29 +2,23 @@ apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor kind: ServiceMonitor
metadata: metadata:
labels: labels:
k8s-app: kube-state-metrics app.kubernetes.io/name: kube-state-metrics
app.kubernetes.io/version: v1.9.4
name: kube-state-metrics name: kube-state-metrics
namespace: monitoring namespace: monitoring
spec: spec:
endpoints: endpoints:
- bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token - honorLabels: true
honorLabels: true
interval: 30s interval: 30s
port: https-main port: http-metrics
relabelings: relabelings:
- action: labeldrop - action: labeldrop
regex: (pod|service|endpoint|namespace) regex: (pod|service|endpoint|namespace)
scheme: https
scrapeTimeout: 30s scrapeTimeout: 30s
tlsConfig: - interval: 30s
insecureSkipVerify: true port: telemetry
- bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token jobLabel: app.kubernetes.io/name
interval: 30s
port: https-self
scheme: https
tlsConfig:
insecureSkipVerify: true
jobLabel: k8s-app
selector: selector:
matchLabels: matchLabels:
k8s-app: kube-state-metrics app.kubernetes.io/name: kube-state-metrics
app.kubernetes.io/version: v1.9.4

30
manifests/prometheus-rules.yaml
View File

@ -271,6 +271,36 @@ spec:
record: count:up1 record: count:up1
- expr: count without(instance, pod, node) (up == 0) - expr: count without(instance, pod, node) (up == 0)
record: count:up0 record: count:up0
- name: kube-state-metrics
rules:
- alert: KubeStateMetricsListErrors
annotations:
message: kube-state-metrics is experiencing errors at an elevated rate in
list operations. This is likely causing it to not be able to expose metrics
about Kubernetes objects correctly or at all.
runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubestatemetricslisterrors
expr: |
(sum(rate(kube_state_metrics_list_total{job="kube-state-metrics",result="error"}[5m]))
/
sum(rate(kube_state_metrics_list_total{job="kube-state-metrics"}[5m])))
> 0.01
for: 15m
labels:
severity: critical
- alert: KubeStateMetricsWatchErrors
annotations:
message: kube-state-metrics is experiencing errors at an elevated rate in
watch operations. This is likely causing it to not be able to expose metrics
about Kubernetes objects correctly or at all.
runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubestatemetricswatcherrors
expr: |
(sum(rate(kube_state_metrics_watch_total{job="kube-state-metrics",result="error"}[5m]))
/
sum(rate(kube_state_metrics_watch_total{job="kube-state-metrics"}[5m])))
> 0.01
for: 15m
labels:
severity: critical
- name: node-exporter - name: node-exporter
rules: rules:
- alert: NodeFilesystemSpaceFillingUp - alert: NodeFilesystemSpaceFillingUp