1{{ if .Values.prometheus.enabled -}}
2---
3###
4### Prometheus
5###
6kind: ConfigMap
7apiVersion: v1
8metadata:
9 name: prometheus-config
10 namespace: {{ .Release.Namespace }}
11 labels:
12 linkerd.io/extension: viz
13 component: prometheus
14 namespace: {{.Release.Namespace}}
15 {{- with .Values.commonLabels }}{{ toYaml . | trim | nindent 4 }}{{- end }}
16 annotations:
17 {{ include "partials.annotations.created-by" . }}
18data:
19 prometheus.yml: |-
20 global:
21 {{- if .Values.prometheus.globalConfig -}}
22 {{- toYaml .Values.prometheus.globalConfig | trim | nindent 6 }}
23 {{- end}}
24
25 rule_files:
26 - /etc/prometheus/*_rules.yml
27 - /etc/prometheus/*_rules.yaml
28
29 scrape_configs:
30 - job_name: 'prometheus'
31 static_configs:
32 - targets: ['localhost:9090']
33
34 # Required for: https://grafana.com/grafana/dashboards/315
35 - job_name: 'kubernetes-nodes-cadvisor'
36 scheme: https
37 tls_config:
38 ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
39 insecure_skip_verify: true
40 bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
41 kubernetes_sd_configs:
42 - role: node
43 relabel_configs:
44 - action: labelmap
45 regex: __meta_kubernetes_node_label_(.+)
46 - target_label: __address__
47 replacement: kubernetes.default.svc:443
48 - source_labels: [__meta_kubernetes_node_name]
49 regex: (.+)
50 target_label: __metrics_path__
51 replacement: /api/v1/nodes/$1/proxy/metrics/cadvisor
52 metric_relabel_configs:
53 - source_labels: [__name__]
54 regex: '(container|machine)_(cpu|memory|network|fs)_(.+)'
55 action: keep
56 - source_labels: [__name__]
57 regex: 'container_memory_failures_total' # unneeded large metric
58 action: drop
59
60 - job_name: 'linkerd-controller'
61 kubernetes_sd_configs:
62 - role: pod
63 namespaces:
64 names:
65 - '{{.Values.linkerdNamespace}}'
66 - '{{.Release.Namespace}}'
67 relabel_configs:
68 - source_labels:
69 - __meta_kubernetes_pod_container_port_name
70 action: keep
71 regex: admin-http
72 - source_labels: [__meta_kubernetes_pod_container_name]
73 action: replace
74 target_label: component
75
76 - job_name: 'linkerd-service-mirror'
77 kubernetes_sd_configs:
78 - role: pod
79 relabel_configs:
80 - source_labels:
81 - __meta_kubernetes_pod_label_component
82 - __meta_kubernetes_pod_container_port_name
83 action: keep
84 regex: linkerd-service-mirror;admin-http$
85 - source_labels: [__meta_kubernetes_pod_container_name]
86 action: replace
87 target_label: component
88
89 - job_name: 'linkerd-proxy'
90 kubernetes_sd_configs:
91 - role: pod
92 relabel_configs:
93 - source_labels:
94 - __meta_kubernetes_pod_container_name
95 - __meta_kubernetes_pod_container_port_name
96 - __meta_kubernetes_pod_label_linkerd_io_control_plane_ns
97 action: keep
98 regex: ^{{default .Values.proxyContainerName "linkerd-proxy" .Values.proxyContainerName}};linkerd-admin;{{.Values.linkerdNamespace}}$
99 - source_labels: [__meta_kubernetes_namespace]
100 action: replace
101 target_label: namespace
102 - source_labels: [__meta_kubernetes_pod_name]
103 action: replace
104 target_label: pod
105 # special case k8s' "job" label, to not interfere with prometheus' "job"
106 # label
107 # __meta_kubernetes_pod_label_linkerd_io_proxy_job=foo =>
108 # k8s_job=foo
109 - source_labels: [__meta_kubernetes_pod_label_linkerd_io_proxy_job]
110 action: replace
111 target_label: k8s_job
112 # drop __meta_kubernetes_pod_label_linkerd_io_proxy_job
113 - action: labeldrop
114 regex: __meta_kubernetes_pod_label_linkerd_io_proxy_job
115 # __meta_kubernetes_pod_label_linkerd_io_proxy_deployment=foo =>
116 # deployment=foo
117 - action: labelmap
118 regex: __meta_kubernetes_pod_label_linkerd_io_proxy_(.+)
119 # drop all labels that we just made copies of in the previous labelmap
120 - action: labeldrop
121 regex: __meta_kubernetes_pod_label_linkerd_io_proxy_(.+)
122 # __meta_kubernetes_pod_label_linkerd_io_foo=bar =>
123 # foo=bar
124 - action: labelmap
125 regex: __meta_kubernetes_pod_label_linkerd_io_(.+)
126 # Copy all pod labels to tmp labels
127 - action: labelmap
128 regex: __meta_kubernetes_pod_label_(.+)
129 replacement: __tmp_pod_label_$1
130 # Take `linkerd_io_` prefixed labels and copy them without the prefix
131 - action: labelmap
132 regex: __tmp_pod_label_linkerd_io_(.+)
133 replacement: __tmp_pod_label_$1
134 # Drop the `linkerd_io_` originals
135 - action: labeldrop
136 regex: __tmp_pod_label_linkerd_io_(.+)
137 # Copy tmp labels into real labels
138 - action: labelmap
139 regex: __tmp_pod_label_(.+)
140 {{- if .Values.prometheus.metricRelabelConfigs }}
141 metric_relabel_configs:
142 {{- toYaml .Values.prometheus.metricRelabelConfigs | trim | nindent 6 }}
143 {{- end}}
144
145 {{- if .Values.prometheus.scrapeConfigs }}
146 {{- toYaml .Values.prometheus.scrapeConfigs | trim | nindent 4 }}
147 {{- end }}
148
149 {{- if (or .Values.prometheus.alertmanagers .Values.prometheus.alertRelabelConfigs) }}
150 alerting:
151 alert_relabel_configs:
152 {{- if .Values.prometheus.alertRelabelConfigs }}
153 {{- toYaml .Values.prometheus.alertRelabelConfigs | trim | nindent 6 }}
154 {{- end }}
155 alertmanagers:
156 {{- if .Values.prometheus.alertmanagers }}
157 {{- toYaml .Values.prometheus.alertmanagers | trim | nindent 6 }}
158 {{- end }}
159 {{- end }}
160
161 {{- if .Values.prometheus.remoteWrite }}
162 remote_write:
163 {{- toYaml .Values.prometheus.remoteWrite | trim | nindent 6 }}
164 {{- end }}
165---
166kind: Service
167apiVersion: v1
168metadata:
169 name: prometheus
170 namespace: {{ .Release.Namespace }}
171 labels:
172 linkerd.io/extension: viz
173 component: prometheus
174 namespace: {{.Release.Namespace}}
175 {{- with .Values.commonLabels }}{{ toYaml . | trim | nindent 4 }}{{- end }}
176 annotations:
177 {{ include "partials.annotations.created-by" . }}
178 linkerd.io/inject: enabled
179spec:
180 type: ClusterIP
181 selector:
182 linkerd.io/extension: viz
183 component: prometheus
184 ports:
185 - name: admin-http
186 port: 9090
187 targetPort: 9090
188---
189apiVersion: apps/v1
190kind: Deployment
191metadata:
192 annotations:
193 {{ include "partials.annotations.created-by" . }}
194 linkerd.io/inject: enabled
195 config.linkerd.io/proxy-await: "enabled"
196 labels:
197 linkerd.io/extension: viz
198 app.kubernetes.io/name: prometheus
199 app.kubernetes.io/part-of: Linkerd
200 app.kubernetes.io/version: {{default .Values.linkerdVersion .Values.cliVersion}}
201 component: prometheus
202 namespace: {{.Release.Namespace}}
203 {{- with .Values.commonLabels }}{{ toYaml . | trim | nindent 4 }}{{- end }}
204 name: prometheus
205 namespace: {{ .Release.Namespace }}
206spec:
207 replicas: 1
208 revisionHistoryLimit: {{.Values.revisionHistoryLimit}}
209 {{- if .Values.prometheus.persistence }}
210 strategy:
211 type: Recreate
212 {{- end }}
213 selector:
214 matchLabels:
215 linkerd.io/extension: viz
216 component: prometheus
217 namespace: {{.Release.Namespace}}
218 template:
219 metadata:
220 annotations:
221 {{ include "partials.annotations.created-by" . }}
222 {{- with .Values.prometheus.proxy }}
223 {{- include "partials.proxy.config.annotations" .resources | nindent 8 }}
224 {{- end }}
225 {{- with .Values.podAnnotations }}{{ toYaml . | trim | nindent 8 }}{{- end }}
226 {{- with .Values.prometheus.podAnnotations }}{{ toYaml . | trim | nindent 8 }}{{- end }}
227 linkerd.io/inject: enabled
228 config.alpha.linkerd.io/proxy-wait-before-exit-seconds: "0"
229 labels:
230 linkerd.io/extension: viz
231 component: prometheus
232 namespace: {{.Release.Namespace}}
233 {{- with .Values.podLabels }}{{ toYaml . | trim | nindent 8 }}{{- end }}
234 spec:
235 {{- if .Values.prometheus.tolerations -}}
236 {{- include "linkerd.tolerations" (dict "Values" .Values.prometheus) | nindent 6 }}
237 {{- end -}}
238 {{- include "linkerd.node-selector" (dict "Values" .Values.prometheus) | nindent 6 }}
239 containers:
240 {{- if .Values.prometheus.sidecarContainers -}}
241 {{- toYaml .Values.prometheus.sidecarContainers | trim | nindent 6 }}
242 {{- end}}
243 - args:
244 {{- if not (hasKey .Values.prometheus.args "log.level") }}
245 - --log.level={{.Values.prometheus.logLevel | default .Values.defaultLogLevel}}
246 {{- end }}
247 {{- if not (hasKey .Values.prometheus.args "log.format") }}
248 - --log.format={{.Values.prometheus.logFormat | default .Values.defaultLogFormat | replace "plain" "logfmt" }}
249 {{- end }}
250 {{- range $key, $value := .Values.prometheus.args}}
251 - --{{ $key }}{{ if $value }}={{ $value }}{{ end }}
252 {{- end }}
253 image: {{.Values.prometheus.image.registry}}/{{.Values.prometheus.image.name}}:{{.Values.prometheus.image.tag}}
254 imagePullPolicy: {{.Values.prometheus.image.pullPolicy | default .Values.defaultImagePullPolicy}}
255 livenessProbe:
256 httpGet:
257 path: /-/healthy
258 port: 9090
259 initialDelaySeconds: 30
260 timeoutSeconds: 30
261 name: prometheus
262 ports:
263 - containerPort: 9090
264 name: admin-http
265 readinessProbe:
266 httpGet:
267 path: /-/ready
268 port: 9090
269 initialDelaySeconds: 30
270 timeoutSeconds: 30
271 {{- if .Values.prometheus.resources -}}
272 {{- include "partials.resources" .Values.prometheus.resources | nindent 8 }}
273 {{- end }}
274 securityContext:
275 allowPrivilegeEscalation: false
276 capabilities:
277 drop:
278 - ALL
279 readOnlyRootFilesystem: true
280 runAsGroup: 65534
281 runAsNonRoot: true
282 runAsUser: 65534
283 seccompProfile:
284 type: RuntimeDefault
285 volumeMounts:
286 {{- range .Values.prometheus.ruleConfigMapMounts }}
287 - name: {{ .name }}
288 mountPath: /etc/prometheus/{{ .subPath }}
289 subPath: {{ .subPath }}
290 readOnly: true
291 {{- end }}
292 - mountPath: /data
293 name: data
294 - mountPath: /etc/prometheus/prometheus.yml
295 name: prometheus-config
296 subPath: prometheus.yml
297 readOnly: true
298 securityContext:
299 fsGroup: 65534
300 seccompProfile:
301 type: RuntimeDefault
302 serviceAccountName: prometheus
303 volumes:
304 {{- range .Values.prometheus.ruleConfigMapMounts }}
305 - name: {{ .name }}
306 configMap:
307 name: {{ .configMap }}
308 {{- end }}
309 - name: data
310 {{- if .Values.prometheus.persistence }}
311 persistentVolumeClaim:
312 claimName: prometheus
313 {{- else }}
314 emptyDir: {}
315 {{- end }}
316 - configMap:
317 name: prometheus-config
318 name: prometheus-config
319{{- if .Values.prometheus.persistence }}
320---
321kind: PersistentVolumeClaim
322apiVersion: v1
323metadata:
324 labels:
325 linkerd.io/extension: viz
326 app.kubernetes.io/name: prometheus
327 app.kubernetes.io/part-of: Linkerd
328 app.kubernetes.io/version: {{default .Values.linkerdVersion}}
329 component: prometheus
330 {{- with .Values.commonLabels }}{{ toYaml . | trim | nindent 4 }}{{- end }}
331 name: prometheus
332 namespace: {{ .Release.Namespace }}
333spec:
334 accessModes:
335 - {{ .Values.prometheus.persistence.accessMode | quote }}
336 resources:
337 requests:
338 storage: {{ .Values.prometheus.persistence.size | quote }}
339{{- if .Values.prometheus.persistence.storageClass }}
340 storageClassName: "{{ .Values.prometheus.persistence.storageClass }}"
341{{- end }}
342{{- end }}
343{{ end -}}
View as plain text