-
Notifications
You must be signed in to change notification settings - Fork 0
/
k8s-manifest.yaml
240 lines (240 loc) · 5.58 KB
/
k8s-manifest.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: kv-sa
namespace: kyverno
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: kv-cluster-role
namespace: kyverno
rules:
- apiGroups: ["*"]
resources: ["*"]
verbs: ["get", "list"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: kv-cluster-role-binding
namespace: kyverno
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: kv-cluster-role
subjects:
- kind: ServiceAccount
name: kv-sa
namespace: kyverno
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: kv-exporter
name: kv-exporter
namespace: kyverno
spec:
replicas: 2
selector:
matchLabels:
app: kv-exporter
template:
metadata:
labels:
app: kv-exporter
spec:
serviceAccountName: kv-sa
containers:
- image: imrajdas/kv-exporter:ci
imagePullPolicy: Always
name: kv-exporter
---
apiVersion: v1
kind: Service
metadata:
labels:
app: kv-exporter
name: kv-exporter
namespace: kyverno
spec:
ports:
- port: 8080
protocol: TCP
targetPort: 8080
selector:
app: kv-exporter
type: NodePort
---
# Prometheus tunables
apiVersion: v1
kind: ConfigMap
metadata:
name: prometheus-tunables
namespace: kyverno
data:
storage-retention: 24h
---
# Define the openebs prometheus jobs
kind: ConfigMap
metadata:
name: prometheus-config
namespace: kyverno
apiVersion: v1
data:
prometheus.yml: |-
global:
external_labels:
app: kv-exporter
scrape_interval: 10s
evaluation_interval: 10s
rule_files:
- "/etc/prometheus-rules/*.rules"
scrape_configs:
- job_name: 'kv-exporter'
static_configs:
- targets: ['kv-exporter.kyverno.svc.cluster.local:8080']
---
# prometheus-deployment
apiVersion: apps/v1
kind: Deployment
metadata:
name: prometheus
namespace: kyverno
spec:
replicas: 1
selector:
matchLabels:
app: prometheus
template:
metadata:
labels:
app: prometheus
spec:
containers:
- name: prometheus
image: prom/prometheus:v2.11.0
args:
- "--config.file=/etc/prometheus/conf/prometheus.yml"
# Metrics are stored in an emptyDir volume which
# exists as long as the Pod is running on that Node.
# The data in an emptyDir volume is safe across container crashes.
- "--storage.tsdb.path=/prometheus"
# How long to retain samples in the local storage.
- "--storage.tsdb.retention=$(STORAGE_RETENTION)"
ports:
- containerPort: 9090
env:
# environment vars are stored in prometheus-env configmap.
- name: STORAGE_RETENTION
valueFrom:
configMapKeyRef:
name: prometheus-tunables
key: storage-retention
volumeMounts:
# prometheus config file stored in the given mountpath
- name: prometheus-server-volume
mountPath: /etc/prometheus/conf
# metrics collected by prometheus will be stored at the given mountpath.
- name: prometheus-storage-volume
mountPath: /prometheus
volumes:
# Prometheus Config file will be stored in this volume
- name: prometheus-server-volume
configMap:
name: prometheus-config
# All the time series stored in this volume in form of .db file.
- name: prometheus-storage-volume
# containers in the Pod can all read and write the same files here.
emptyDir: {}
---
# prometheus-service
apiVersion: v1
kind: Service
metadata:
name: prometheus-service
namespace: kyverno
spec:
selector:
app: prometheus
type: NodePort
ports:
- port: 80 # this Service's port (cluster-internal IP clusterIP)
targetPort: 9090 # pods expose this port
# Note that this Service will be visible as both NodeIP:nodePort and clusterIp:Port
---
apiVersion: v1
kind: ConfigMap
metadata:
name: grafana-datasources
namespace: kyverno
data:
prometheus.yaml: |-
{
"apiVersion": 1,
"datasources": [
{
"access":"proxy",
"editable": true,
"name": "kyverno-metrics",
"orgId": 1,
"type": "prometheus",
"url": "http://prometheus-service.kyverno.svc.cluster.local:80",
"version": 1
}
]
}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: grafana
namespace: kyverno
spec:
replicas: 1
selector:
matchLabels:
app: grafana
template:
metadata:
name: grafana
labels:
app: grafana
spec:
containers:
- name: grafana
image: grafana/grafana:latest
ports:
- name: grafana
containerPort: 3000
volumeMounts:
- mountPath: /etc/grafana/provisioning/datasources
name: grafana-datasources
readOnly: false
- mountPath: /var/lib/grafana
name: grafana-storage
volumes:
- name: grafana-storage
emptyDir: {}
- name: grafana-datasources
configMap:
defaultMode: 420
name: grafana-datasources
---
apiVersion: v1
kind: Service
metadata:
name: grafana
namespace: kyverno
annotations:
prometheus.io/scrape: 'true'
prometheus.io/port: '3000'
spec:
selector:
app: grafana
type: NodePort
ports:
- port: 3000
targetPort: 3000