Exclude Kubernetes control plane rules when running on IBM Cloud

openshift · Mar 12, 2020 · 52285ea · 52285ea
1 parent 1a18ef5
commit 52285ea
Show file tree

Hide file tree

Showing 5 changed files with 101 additions and 2 deletions.
diff --git a/pkg/client/client.go b/pkg/client/client.go
@@ -239,6 +239,10 @@ func (c *Client) GetProxy(name string) (*configv1.Proxy, error) {
 	return c.oscclient.ConfigV1().Proxies().Get(name, metav1.GetOptions{})
 }
 
+func (c *Client) GetInfrastructure(name string) (*configv1.Infrastructure, error) {
+	return c.oscclient.ConfigV1().Infrastructures().Get(name, metav1.GetOptions{})
+}
+
 func (c *Client) GetConfigmap(namespace, name string) (*v1.ConfigMap, error) {
 	return c.kclient.CoreV1().ConfigMaps(namespace).Get(name, metav1.GetOptions{})
 }

diff --git a/pkg/manifests/config.go b/pkg/manifests/config.go
@@ -27,8 +27,9 @@ import (
 )
 
 type Config struct {
-	Images      *Images `json:"-"`
-	RemoteWrite bool    `json:"-"`
+	Images      *Images               `json:"-"`
+	RemoteWrite bool                  `json:"-"`
+	Platform    configv1.PlatformType `json:"-"`
 
 	PrometheusOperatorConfig             *PrometheusOperatorConfig `json:"prometheusOperator"`
 	PrometheusOperatorUserWorkloadConfig *PrometheusOperatorConfig `json:"prometheusOperatorUserWorkload"`
@@ -335,6 +336,15 @@ func (c *Config) LoadProxy(load func() (*configv1.Proxy, error)) error {
 	return nil
 }
 
+func (c *Config) LoadPlatform(load func() (*configv1.Infrastructure, error)) error {
+	i, err := load()
+	if err != nil {
+		return fmt.Errorf("error loading platform: %v", err)
+	}
+	c.Platform = i.Status.Platform
+	return nil
+}
+
 func NewConfigFromString(content string) (*Config, error) {
 	if content == "" {
 		return NewDefaultConfig(), nil

diff --git a/pkg/manifests/manifests.go b/pkg/manifests/manifests.go
@@ -30,6 +30,7 @@ import (
 	"strings"
 
 	monv1 "github.com/coreos/prometheus-operator/pkg/apis/monitoring/v1"
+	configv1 "github.com/openshift/api/config/v1"
 	routev1 "github.com/openshift/api/route/v1"
 	securityv1 "github.com/openshift/api/security/v1"
 	"github.com/openshift/cluster-monitoring-operator/pkg/promqlgen"
@@ -219,6 +220,10 @@ var (
 	PrometheusTrustedCABundlePath = PrometheusTrustedCABundleDir + "ca-bundle.crt"
 )
 
+var (
+	IBMCloudPlatformType configv1.PlatformType = "IBMCloud"
+)
+
 func MustAssetReader(asset string) io.Reader {
 	return bytes.NewReader(MustAsset(asset))
 }
@@ -804,6 +809,21 @@ func (f *Factory) PrometheusK8sRules() (*monv1.PrometheusRule, error) {
 		r.Spec.Groups = groups
 	}
 
+	if f.config.Platform == IBMCloudPlatformType {
+		groups := []monv1.RuleGroup{}
+		for _, g := range r.Spec.Groups {
+			switch g.Name {
+			case "kubernetes-system-apiserver",
+				"kubernetes-system-controller-manager",
+				"kubernetes-system-scheduler":
+				// skip
+			default:
+				groups = append(groups, g)
+			}
+		}
+		r.Spec.Groups = groups
+	}
+
 	return r, nil
 }
 

diff --git a/pkg/manifests/manifests_test.go b/pkg/manifests/manifests_test.go
@@ -22,6 +22,7 @@ import (
 	"testing"
 
 	monv1 "github.com/coreos/prometheus-operator/pkg/apis/monitoring/v1"
+	configv1 "github.com/openshift/api/config/v1"
 
 	v1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -1176,6 +1177,63 @@ func TestOpenShiftStateMetrics(t *testing.T) {
 	}
 }
 
+func TestPrometheusK8sControlPlaneRulesFiltered(t *testing.T) {
+	tests := []struct {
+		name   string
+		config *Config
+		verify func(bool, bool, bool)
+	}{
+		{
+			name: "default config",
+			config: func() *Config {
+				c := NewDefaultConfig()
+				c.Platform = configv1.AWSPlatformType
+				return c
+			}(),
+			verify: func(api, cm, sched bool) {
+				if !api || !cm || !sched {
+					t.Fatal("did not get all expected kubernetes control plane rules")
+				}
+			},
+		},
+		{
+			name: "hosted control plane",
+			config: func() *Config {
+				c := NewDefaultConfig()
+				c.Platform = IBMCloudPlatformType
+				return c
+			}(),
+			verify: func(api, cm, sched bool) {
+				if api || cm || sched {
+					t.Fatalf("kubernetes control plane rules found, none expected")
+				}
+			},
+		},
+	}
+
+	for _, tc := range tests {
+		f := NewFactory("openshift-monitoring", "openshift-user-workload-monitoring", tc.config)
+		r, err := f.PrometheusK8sRules()
+		if err != nil {
+			t.Fatal(err)
+		}
+		apiServerRulesFound := false
+		controllerManagerRulesFound := false
+		schedulerRulesFound := false
+		for _, g := range r.Spec.Groups {
+			switch g.Name {
+			case "kubernetes-system-apiserver":
+				apiServerRulesFound = true
+			case "kubernetes-system-controller-manager":
+				controllerManagerRulesFound = true
+			case "kubernetes-system-scheduler":
+				schedulerRulesFound = true
+			}
+		}
+		tc.verify(apiServerRulesFound, controllerManagerRulesFound, schedulerRulesFound)
+	}
+}
+
 func TestPrometheusEtcdRulesFiltered(t *testing.T) {
 	enabled := false
 	c := NewDefaultConfig()

diff --git a/pkg/operator/operator.go b/pkg/operator/operator.go
@@ -410,6 +410,13 @@ func (o *Operator) Config(key string) *manifests.Config {
 		klog.Warningf("Could not load proxy configuration from API. This is expected and message can be ignored when proxy configuration doesn't exist. Proceeding without it: %v", err)
 	}
 
+	err = c.LoadPlatform(func() (*configv1.Infrastructure, error) {
+		return o.client.GetInfrastructure("cluster")
+	})
+	if err != nil {
+		klog.Warningf("Could not load platform from infrastructure resource: %v. This may result in alerts that are not appropriate for the platform.", err)
+	}
+
 	cm, err := o.client.GetConfigmap("openshift-config", "etcd-metric-serving-ca")
 	if err != nil {
 		klog.Warningf("Error loading etcd CA certificates for Prometheus. Proceeding with etcd disabled. Error: %v", err)