Allow attaching node metadata #10080
Conversation
discovery/kubernetes/pod.go
Outdated
| @@ -87,7 +109,12 @@ func (p *Pod) enqueue(obj interface{}) { | |||
| func (p *Pod) Run(ctx context.Context, ch chan<- []*targetgroup.Group) { | |||
| defer p.queue.ShutDown() | |||
|
|
|||
| if !cache.WaitForCacheSync(ctx.Done(), p.informer.HasSynced) { | |||
| cacheSyncs := []cache.InformerSynced{p.podInf.HasSynced} | |||
| if p.nodeInf != nil { | |||
There was a problem hiding this comment.
I don't know if it's a good idea to use the value of the informer as a discriminator of whether node metadata should be attached or not. Any feedback is welcome.
There was a problem hiding this comment.
I think that deserves a comment at least, otherwise a config field on the pod role would be ok as well I think
There was a problem hiding this comment.
I like the field on the pod role 👍
fpetkovski
force-pushed
the
attach-target-metadata
branch
from
312cd19
to
4e3ae8a
Compare
|
cc @rfratto |
docs/configuration/configuration.md
Outdated
| attach_metadata: | ||
| # Attaches node metadata to discovered targets. Only valid for role: pod. | ||
| # When set to true, Prometheus must have permissions to get Nodes. | ||
| [ node: <boolean> | default = false ] |
There was a problem hiding this comment.
| [ node: <boolean> | default = false ] | |
| [ node: <boolean> | default = false ] |
fpetkovski
force-pushed
the
attach-target-metadata
branch
2 times, most recently
from
ebcb7e1
to
434e720
Compare
|
@brancz @roidelapluie would you mind taking another look? |
There was a problem hiding this comment.
LGTM. My only remark is that the kube SD documentation needs an update to mention that the pod role supports node selectors when attach_metadata: {node: true}.
prometheus/docs/configuration/configuration.md
Lines 1706 to 1710 in afdd135
Signed-off-by: fpetkovski <filip.petkovsky@gmail.com>
fpetkovski
force-pushed
the
attach-target-metadata
branch
from
96c305e
to
608ce83
Compare
Signed-off-by: fpetkovski <filip.petkovsky@gmail.com>
fpetkovski
force-pushed
the
attach-target-metadata
branch
from
608ce83
to
eb55125
Compare
discovery/kubernetes/pod.go
Outdated
| } | ||
|
|
||
| func (p *Pod) enqueuePodsForNode(nodeName string) { | ||
| for _, pod := range p.store.List() { |
There was a problem hiding this comment.
Is there no way to index this? This seems like it could potentially be expensive in large clusters.
There was a problem hiding this comment.
Thanks, this is a good point, and I think the solution should be straightforward. I added a new commit that converts the pod informer to an informer indexer.
Signed-off-by: fpetkovski <filip.petkovsky@gmail.com>
fpetkovski
force-pushed
the
attach-target-metadata
branch
from
f8b0e15
to
16bd0d7
Compare
…s and annotations to discovered pod targets in the same way as Prometheus 2.35 does See prometheus/prometheus#9510 and prometheus/prometheus#10080
…s and annotations to discovered pod targets in the same way as Prometheus 2.35 does See prometheus/prometheus#9510 and prometheus/prometheus#10080
… if the corresponding node objects are missing This reflects the logic used in Prometheus. See prometheus/prometheus#10080
… if the corresponding node objects are missing This reflects the logic used in Prometheus. See prometheus/prometheus#10080
|
@fpetkovski It seems to use node selectors with pods is not working. When I try to use it, I receive the following error: |
|
Can you please post a config example? |
|
|
Does this configuration work when you remove the following snippet? |
|
I believe there's even a test case to verify that node selectors for the pod role are not supported: https://github.com/prometheus/prometheus/blob/main/config/testdata/kubernetes_selectors_pod.bad.yml If you would like to filter out pods from certain nodes, can you use relabel configs against the attached node metadata? |
Filtering using relabel works fine but the selector would be more efficient. As this PR added the following text to the documentation, I wonder if it is just the configuration validation that is failing this feature.
|
|
I see, so the docs say that this should be supported but validation fails. Let me look into it and see whether we can support that easily, or we have to change the docs and potentially implement it in a follow up. |
|
I am looking at the behavior of using pod selectors under the endpoints role. Prometheus doesn't seem to use those pod selectors to filter out pods, but to rather not attach pod specific metadata from pods which do not match the specified selectors. So filtering still has to be done with Based on that, I would suggest that we change the validation to match what is specified in the docs and allow setting node selectors when node metadata is attached. In that specific case, the service discovery would only attach node metadata for nodes which match the selector. Any thoughts on this @simonpasquier @brancz? |
|
Has the issue @laurovenancio raised, that is Prometheus reporting " |
This PR implements part of the functionality suggested in #9510.
In order to gather feedback and keep changes small, this commit only implements attaching metadata from nodes when the
podrole is used for Kubernetes SD.