Skip to content

Commit

Permalink
Add gardener-metrics-exporter.
Browse files Browse the repository at this point in the history
  • Loading branch information
@Gerrit91
Gerrit91 committed Jul 7, 2023
1 parent 02fafc3 commit 82ac662
Show file tree
Hide file tree
Showing 3 changed files with 119 additions and 1 deletion.
8 changes: 8 additions & 0 deletions control-plane/roles/monitoring/defaults/main/main.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,3 +40,11 @@ monitoring_metal_api_hmac: "metal-admin"
# rethinkdb exporter
monitoring_rethinkdb_exporter_metal_db_password: "change-me"
monitoring_rethinkdb_exporter_metal_db_endpoint: metal-db.metal-control-plane:28015

# gardener
monitoring_gardener_enabled: false
monitoring_gardener_virtual_garden_kubeconfig: "{{ lookup('k8s', api_version='v1', kind='Secret', namespace='garden', resource_name='garden-kubeconfig-for-admin').get('data', {}).get('kubeconfig') if monitoring_gardener_enabled else None }}"

# TODO: move into release vector
monitoring_gardener_metrics_exporter_image_name: eu.gcr.io/gardener-project/gardener/metrics-exporter
monitoring_gardener_metrics_exporter_image_tag: "0.20.0"
8 changes: 7 additions & 1 deletion control-plane/roles/monitoring/tasks/exporters.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,13 @@
namespace: "{{ monitoring_namespace }}"
apply: true

- name: Deploy gardener-metrics-exporter
k8s:
definition: "{{ lookup('template', 'metrics-exporters/gardener-metrics-exporter.yaml') }}"
namespace: "{{ monitoring_namespace }}"
apply: true
when: monitoring_gardener_enabled

- name: Add webhook-logger
k8s:
definition: "{{ lookup('template', item) }}"
Expand All @@ -25,4 +32,3 @@
loop:
- webhook-logger-Service.yaml
- webhook-logger-Deployment.yaml

104 changes: 104 additions & 0 deletions control-plane/roles/monitoring/templates/metrics-exporters/gardener-metrics-exporter.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,104 @@
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: gardener-metrics-exporter
labels:
app: gardener
role: metrics-exporter
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: gardener.cloud:metrics-exporter
rules:
- apiGroups:
- core.gardener.cloud
resources:
- shoots
- projects
- seeds
- plants
verbs:
- get
- watch
- list
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: gardener.cloud:metrics-exporter
subjects:
- kind: ServiceAccount
name: gardener-metrics-exporter
namespace: {{ monitoring_namespace }}
roleRef:
kind: ClusterRole
name: gardener.cloud:metrics-exporter
apiGroup: rbac.authorization.k8s.io
apiVersion: v1
kind: Secret
metadata:
name: seed-kubecfg
data:
kubecfg.yaml: {{ monitoring_gardener_virtual_garden_kubeconfig }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: gardener-metrics-exporter
labels:
spec:
replicas: 1
selector:
matchLabels:
app: gardener
role: metrics-exporter
template:
metadata:
labels:
app: gardener
role: metrics-exporter
spec:
serviceAccountName: gardener-metrics-exporter
automountServiceAccountToken: false
containers:
- name: gardener-metrics-exporter
image: {{ monitoring_gardener_metrics_exporter_image_name }}:{{ monitoring_gardener_metrics_exporter_image_tag }}
imagePullPolicy: {{ metal_control_plane_image_pull_policy }}
command:
- /gardener-metrics-exporter
- --bind-address=0.0.0.0
- --port=2718
- --kubeconfig=/etc/seed/kubecfg.yaml
ports:
- name: port
containerPort: 2718
volumeMounts:
- mountPath: /etc/seed
name: seed-kubecfg
readOnly: true
securityContext:
allowPrivilegeEscalation: false
runAsNonRoot: true
volumes:
- name: seed-kubecfg
secret:
defaultMode: 420
secretName: seed-kubecfg
---
apiVersion: v1
kind: Service
metadata:
name: gardener-metrics-exporter
labels:
spec:
type: ClusterIP
sessionAffinity: None
selector:
app: gardener
role: metrics-exporter
ports:
- protocol: TCP
port: 2718
targetPort: 2718

0 comments on commit 82ac662

Please sign in to comment.