add promtheus
This commit is contained in:
parent
14342f2136
commit
0a38bbe0fe
|
|
@ -7,7 +7,7 @@
|
||||||
- cert-manager.io/inject-ca-from-secret: 'cert-manager/cert-manager-webhook-ca'
|
- cert-manager.io/inject-ca-from-secret: 'cert-manager/cert-manager-webhook-ca'
|
||||||
+ cert-manager.io/inject-ca-from-secret: 'kube-system/cert-manager-webhook-ca'
|
+ cert-manager.io/inject-ca-from-secret: 'kube-system/cert-manager-webhook-ca'
|
||||||
labels:
|
labels:
|
||||||
app: 'cert-manager'
|
app.kubernetes.io/name: 'cert-manager'
|
||||||
app.kubernetes.io/name: 'cert-manager'
|
app.kubernetes.io/name: 'cert-manager'
|
||||||
@@ -54,7 +54,7 @@
|
@@ -54,7 +54,7 @@
|
||||||
# webhookClientConfig is required when strategy is `Webhook` and it configures the webhook endpoint to be called by API server.
|
# webhookClientConfig is required when strategy is `Webhook` and it configures the webhook endpoint to be called by API server.
|
||||||
|
|
@ -25,7 +25,7 @@
|
||||||
- cert-manager.io/inject-ca-from-secret: 'cert-manager/cert-manager-webhook-ca'
|
- cert-manager.io/inject-ca-from-secret: 'cert-manager/cert-manager-webhook-ca'
|
||||||
+ cert-manager.io/inject-ca-from-secret: 'kube-system/cert-manager-webhook-ca'
|
+ cert-manager.io/inject-ca-from-secret: 'kube-system/cert-manager-webhook-ca'
|
||||||
labels:
|
labels:
|
||||||
app: 'cert-manager'
|
app.kubernetes.io/name: 'cert-manager'
|
||||||
app.kubernetes.io/name: 'cert-manager'
|
app.kubernetes.io/name: 'cert-manager'
|
||||||
@@ -623,7 +623,7 @@
|
@@ -623,7 +623,7 @@
|
||||||
# webhookClientConfig is required when strategy is `Webhook` and it configures the webhook endpoint to be called by API server.
|
# webhookClientConfig is required when strategy is `Webhook` and it configures the webhook endpoint to be called by API server.
|
||||||
|
|
@ -43,7 +43,7 @@
|
||||||
- cert-manager.io/inject-ca-from-secret: 'cert-manager/cert-manager-webhook-ca'
|
- cert-manager.io/inject-ca-from-secret: 'cert-manager/cert-manager-webhook-ca'
|
||||||
+ cert-manager.io/inject-ca-from-secret: 'kube-system/cert-manager-webhook-ca'
|
+ cert-manager.io/inject-ca-from-secret: 'kube-system/cert-manager-webhook-ca'
|
||||||
labels:
|
labels:
|
||||||
app: 'cert-manager'
|
app.kubernetes.io/name: 'cert-manager'
|
||||||
app.kubernetes.io/name: 'cert-manager'
|
app.kubernetes.io/name: 'cert-manager'
|
||||||
@@ -1831,7 +1831,7 @@
|
@@ -1831,7 +1831,7 @@
|
||||||
# webhookClientConfig is required when strategy is `Webhook` and it configures the webhook endpoint to be called by API server.
|
# webhookClientConfig is required when strategy is `Webhook` and it configures the webhook endpoint to be called by API server.
|
||||||
|
|
@ -61,7 +61,7 @@
|
||||||
- cert-manager.io/inject-ca-from-secret: 'cert-manager/cert-manager-webhook-ca'
|
- cert-manager.io/inject-ca-from-secret: 'cert-manager/cert-manager-webhook-ca'
|
||||||
+ cert-manager.io/inject-ca-from-secret: 'kube-system/cert-manager-webhook-ca'
|
+ cert-manager.io/inject-ca-from-secret: 'kube-system/cert-manager-webhook-ca'
|
||||||
labels:
|
labels:
|
||||||
app: 'cert-manager'
|
app.kubernetes.io/name: 'cert-manager'
|
||||||
app.kubernetes.io/name: 'cert-manager'
|
app.kubernetes.io/name: 'cert-manager'
|
||||||
@@ -6291,7 +6291,7 @@
|
@@ -6291,7 +6291,7 @@
|
||||||
# webhookClientConfig is required when strategy is `Webhook` and it configures the webhook endpoint to be called by API server.
|
# webhookClientConfig is required when strategy is `Webhook` and it configures the webhook endpoint to be called by API server.
|
||||||
|
|
@ -79,7 +79,7 @@
|
||||||
- cert-manager.io/inject-ca-from-secret: 'cert-manager/cert-manager-webhook-ca'
|
- cert-manager.io/inject-ca-from-secret: 'cert-manager/cert-manager-webhook-ca'
|
||||||
+ cert-manager.io/inject-ca-from-secret: 'kube-system/cert-manager-webhook-ca'
|
+ cert-manager.io/inject-ca-from-secret: 'kube-system/cert-manager-webhook-ca'
|
||||||
labels:
|
labels:
|
||||||
app: 'cert-manager'
|
app.kubernetes.io/name: 'cert-manager'
|
||||||
app.kubernetes.io/name: 'cert-manager'
|
app.kubernetes.io/name: 'cert-manager'
|
||||||
@@ -12115,7 +12115,7 @@
|
@@ -12115,7 +12115,7 @@
|
||||||
# webhookClientConfig is required when strategy is `Webhook` and it configures the webhook endpoint to be called by API server.
|
# webhookClientConfig is required when strategy is `Webhook` and it configures the webhook endpoint to be called by API server.
|
||||||
|
|
@ -97,7 +97,7 @@
|
||||||
- cert-manager.io/inject-ca-from-secret: 'cert-manager/cert-manager-webhook-ca'
|
- cert-manager.io/inject-ca-from-secret: 'cert-manager/cert-manager-webhook-ca'
|
||||||
+ cert-manager.io/inject-ca-from-secret: 'kube-system/cert-manager-webhook-ca'
|
+ cert-manager.io/inject-ca-from-secret: 'kube-system/cert-manager-webhook-ca'
|
||||||
labels:
|
labels:
|
||||||
app: 'cert-manager'
|
app.kubernetes.io/name: 'cert-manager'
|
||||||
app.kubernetes.io/name: 'cert-manager'
|
app.kubernetes.io/name: 'cert-manager'
|
||||||
@@ -17940,7 +17940,7 @@
|
@@ -17940,7 +17940,7 @@
|
||||||
# webhookClientConfig is required when strategy is `Webhook` and it configures the webhook endpoint to be called by API server.
|
# webhookClientConfig is required when strategy is `Webhook` and it configures the webhook endpoint to be called by API server.
|
||||||
|
|
|
||||||
|
|
@ -3,18 +3,18 @@ kind: Deployment
|
||||||
metadata:
|
metadata:
|
||||||
name: drone-runner
|
name: drone-runner
|
||||||
labels:
|
labels:
|
||||||
app: drone
|
app.kubernetes.io/name: drone
|
||||||
component: runner
|
app.kubernetes.io/component: runner
|
||||||
spec:
|
spec:
|
||||||
selector:
|
selector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
app: drone
|
app.kubernetes.io/name: drone
|
||||||
component: runner
|
app.kubernetes.io/component: runner
|
||||||
template:
|
template:
|
||||||
metadata:
|
metadata:
|
||||||
labels:
|
labels:
|
||||||
app: drone
|
app.kubernetes.io/name: drone
|
||||||
component: runner
|
app.kubernetes.io/component: runner
|
||||||
spec:
|
spec:
|
||||||
containers:
|
containers:
|
||||||
- name: drone
|
- name: drone
|
||||||
|
|
@ -31,7 +31,7 @@ spec:
|
||||||
key: rpc_secret
|
key: rpc_secret
|
||||||
ports:
|
ports:
|
||||||
- name: http
|
- name: http
|
||||||
containerPort: 80
|
containerPort: 3000
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
cpu: 2000m
|
cpu: 2000m
|
||||||
|
|
@ -72,4 +72,22 @@ subjects:
|
||||||
roleRef:
|
roleRef:
|
||||||
kind: Role
|
kind: Role
|
||||||
name: drone-runner-role
|
name: drone-runner-role
|
||||||
apiGroup: rbac.authorization.k8s.io
|
apiGroup: rbac.authorization.k8s.io
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Service
|
||||||
|
metadata:
|
||||||
|
name: drone-runner
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: drone
|
||||||
|
app.kubernetes.io/component: runner
|
||||||
|
# monitor: prometheus
|
||||||
|
spec:
|
||||||
|
selector:
|
||||||
|
app.kubernetes.io/name: drone
|
||||||
|
app.kubernetes.io/component: runner
|
||||||
|
ports:
|
||||||
|
- name: http
|
||||||
|
protocol: TCP
|
||||||
|
port: 3000
|
||||||
|
targetPort: http
|
||||||
|
|
@ -3,18 +3,18 @@ kind: Deployment
|
||||||
metadata:
|
metadata:
|
||||||
name: drone-server
|
name: drone-server
|
||||||
labels:
|
labels:
|
||||||
app: drone
|
app.kubernetes.io/name: drone
|
||||||
component: server
|
app.kubernetes.io/component: server
|
||||||
spec:
|
spec:
|
||||||
selector:
|
selector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
app: drone
|
app.kubernetes.io/name: drone
|
||||||
component: server
|
app.kubernetes.io/component: server
|
||||||
template:
|
template:
|
||||||
metadata:
|
metadata:
|
||||||
labels:
|
labels:
|
||||||
app: drone
|
app.kubernetes.io/name: drone
|
||||||
component: server
|
app.kubernetes.io/component: server
|
||||||
spec:
|
spec:
|
||||||
containers:
|
containers:
|
||||||
- name: drone
|
- name: drone
|
||||||
|
|
@ -22,6 +22,8 @@ spec:
|
||||||
env:
|
env:
|
||||||
- name: DRONE_SERVER_HOST
|
- name: DRONE_SERVER_HOST
|
||||||
value: ${DRONE_EXTERNAL_HOST}
|
value: ${DRONE_EXTERNAL_HOST}
|
||||||
|
- name: DRONE_SERVER_PORT
|
||||||
|
value: ":80"
|
||||||
- name: DRONE_SERVER_PROTO
|
- name: DRONE_SERVER_PROTO
|
||||||
value: https
|
value: https
|
||||||
- name: DRONE_GITEA_SERVER
|
- name: DRONE_GITEA_SERVER
|
||||||
|
|
@ -41,6 +43,9 @@ spec:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: drone-secret
|
name: drone-secret
|
||||||
key: rpc_secret
|
key: rpc_secret
|
||||||
|
ports:
|
||||||
|
- name: http
|
||||||
|
containerPort: 80
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
cpu: 500m
|
cpu: 500m
|
||||||
|
|
@ -49,13 +54,15 @@ spec:
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Service
|
kind: Service
|
||||||
metadata:
|
metadata:
|
||||||
name: drone
|
name: drone-server
|
||||||
labels:
|
labels:
|
||||||
app: drone
|
app.kubernetes.io/name: drone
|
||||||
|
app.kubernetes.io/component: server
|
||||||
|
# monitor: prometheus
|
||||||
spec:
|
spec:
|
||||||
selector:
|
selector:
|
||||||
app: drone
|
app.kubernetes.io/name: drone
|
||||||
component: server
|
app.kubernetes.io/component: server
|
||||||
ports:
|
ports:
|
||||||
- name: http
|
- name: http
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
|
|
|
||||||
|
|
@ -3,7 +3,7 @@ kind: Ingress
|
||||||
metadata:
|
metadata:
|
||||||
name: drone
|
name: drone
|
||||||
labels:
|
labels:
|
||||||
app: drone
|
app.kubernetes.io/name: drone
|
||||||
annotations:
|
annotations:
|
||||||
# nginx.ingress.kubernetes.io/rewrite-target: /
|
# nginx.ingress.kubernetes.io/rewrite-target: /
|
||||||
# cert-manager.io/cluster-issuer: letsencrypt
|
# cert-manager.io/cluster-issuer: letsencrypt
|
||||||
|
|
@ -20,6 +20,6 @@ spec:
|
||||||
pathType: Prefix
|
pathType: Prefix
|
||||||
backend:
|
backend:
|
||||||
service:
|
service:
|
||||||
name: drone
|
name: drone-server
|
||||||
port:
|
port:
|
||||||
name: http
|
name: http
|
||||||
|
|
|
||||||
|
|
@ -3,16 +3,16 @@ kind: Deployment
|
||||||
metadata:
|
metadata:
|
||||||
name: gitea
|
name: gitea
|
||||||
labels:
|
labels:
|
||||||
app: gitea
|
app.kubernetes.io/name: gitea
|
||||||
spec:
|
spec:
|
||||||
replicas: 1 # replica count must be set to 1 in database is sqlite
|
replicas: 1 # replica count must be set to 1 in database is sqlite
|
||||||
selector:
|
selector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
app: gitea
|
app.kubernetes.io/name: gitea
|
||||||
template:
|
template:
|
||||||
metadata:
|
metadata:
|
||||||
labels:
|
labels:
|
||||||
app: gitea
|
app.kubernetes.io/name: gitea
|
||||||
spec:
|
spec:
|
||||||
containers:
|
containers:
|
||||||
- name: gitea
|
- name: gitea
|
||||||
|
|
@ -30,6 +30,8 @@ spec:
|
||||||
value: https://${GITEA_EXTERNAL_HOST}
|
value: https://${GITEA_EXTERNAL_HOST}
|
||||||
- name: SSH_DOMAIN
|
- name: SSH_DOMAIN
|
||||||
value: ${GITEA_EXTERNAL_HOST}
|
value: ${GITEA_EXTERNAL_HOST}
|
||||||
|
- name: GITEA__METRICS__ENABLED
|
||||||
|
value: "true"
|
||||||
# - name: DB_TYPE
|
# - name: DB_TYPE
|
||||||
# value: postgres
|
# value: postgres
|
||||||
# - name: DB_HOST
|
# - name: DB_HOST
|
||||||
|
|
@ -74,7 +76,7 @@ spec:
|
||||||
# metadata:
|
# metadata:
|
||||||
# name: gitea-data-nfs
|
# name: gitea-data-nfs
|
||||||
# labels:
|
# labels:
|
||||||
# app: gitea
|
# app.kubernetes.io/name: gitea
|
||||||
# spec:
|
# spec:
|
||||||
# accessModes:
|
# accessModes:
|
||||||
# - ReadWriteMany
|
# - ReadWriteMany
|
||||||
|
|
@ -90,7 +92,7 @@ kind: PersistentVolumeClaim
|
||||||
metadata:
|
metadata:
|
||||||
name: gitea-pvc
|
name: gitea-pvc
|
||||||
labels:
|
labels:
|
||||||
app: gitea
|
app.kubernetes.io/name: gitea
|
||||||
spec:
|
spec:
|
||||||
# storageClassName: ""
|
# storageClassName: ""
|
||||||
accessModes:
|
accessModes:
|
||||||
|
|
@ -100,17 +102,18 @@ spec:
|
||||||
storage: 10Gi
|
storage: 10Gi
|
||||||
# selector:
|
# selector:
|
||||||
# matchLabels:
|
# matchLabels:
|
||||||
# app: gitea
|
# app.kubernetes.io/name: gitea
|
||||||
---
|
---
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Service
|
kind: Service
|
||||||
metadata:
|
metadata:
|
||||||
name: gitea
|
name: gitea
|
||||||
labels:
|
labels:
|
||||||
app: gitea
|
app.kubernetes.io/name: gitea
|
||||||
|
monitor: prometheus
|
||||||
spec:
|
spec:
|
||||||
selector:
|
selector:
|
||||||
app: gitea
|
app.kubernetes.io/name: gitea
|
||||||
ports:
|
ports:
|
||||||
- name: http
|
- name: http
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
|
|
|
||||||
|
|
@ -3,7 +3,7 @@ kind: Ingress
|
||||||
metadata:
|
metadata:
|
||||||
name: gitea
|
name: gitea
|
||||||
labels:
|
labels:
|
||||||
app: gitea
|
app.kubernetes.io/name: gitea
|
||||||
annotations:
|
annotations:
|
||||||
# nginx.ingress.kubernetes.io/rewrite-target: /
|
# nginx.ingress.kubernetes.io/rewrite-target: /
|
||||||
# cert-manager.io/cluster-issuer: letsencrypt
|
# cert-manager.io/cluster-issuer: letsencrypt
|
||||||
|
|
|
||||||
|
|
@ -3,15 +3,15 @@ kind: Deployment
|
||||||
metadata:
|
metadata:
|
||||||
name: grafana
|
name: grafana
|
||||||
labels:
|
labels:
|
||||||
app: grafana
|
app.kubernetes.io/name: grafana
|
||||||
spec:
|
spec:
|
||||||
selector:
|
selector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
app: grafana
|
app.kubernetes.io/name: grafana
|
||||||
template:
|
template:
|
||||||
metadata:
|
metadata:
|
||||||
labels:
|
labels:
|
||||||
app: grafana
|
app.kubernetes.io/name: grafana
|
||||||
spec:
|
spec:
|
||||||
containers:
|
containers:
|
||||||
- name: grafana
|
- name: grafana
|
||||||
|
|
@ -97,10 +97,11 @@ kind: Service
|
||||||
metadata:
|
metadata:
|
||||||
name: grafana
|
name: grafana
|
||||||
labels:
|
labels:
|
||||||
app: grafana
|
app.kubernetes.io/name: grafana
|
||||||
|
monitor: prometheus
|
||||||
spec:
|
spec:
|
||||||
selector:
|
selector:
|
||||||
app: grafana
|
app.kubernetes.io/name: grafana
|
||||||
ports:
|
ports:
|
||||||
- name: http
|
- name: http
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
|
|
|
||||||
|
|
@ -3,7 +3,7 @@ kind: Ingress
|
||||||
metadata:
|
metadata:
|
||||||
name: grafana
|
name: grafana
|
||||||
labels:
|
labels:
|
||||||
app: grafana
|
app.kubernetes.io/name: grafana
|
||||||
annotations:
|
annotations:
|
||||||
# nginx.ingress.kubernetes.io/rewrite-target: /
|
# nginx.ingress.kubernetes.io/rewrite-target: /
|
||||||
# cert-manager.io/cluster-issuer: letsencrypt
|
# cert-manager.io/cluster-issuer: letsencrypt
|
||||||
|
|
|
||||||
|
|
@ -3,5 +3,5 @@ datasources:
|
||||||
- name: prometheus
|
- name: prometheus
|
||||||
type: prometheus
|
type: prometheus
|
||||||
access: proxy
|
access: proxy
|
||||||
url: http://prometheus-main.monitoring.svc:9090
|
url: http://prometheus-operated.monitoring.svc:9090
|
||||||
is_default: true
|
is_default: true
|
||||||
|
|
|
||||||
|
|
@ -3,13 +3,11 @@ kind: ServiceMonitor
|
||||||
metadata:
|
metadata:
|
||||||
name: kube-state-metrics
|
name: kube-state-metrics
|
||||||
labels:
|
labels:
|
||||||
monitor: main
|
monitor: prometheus
|
||||||
spec:
|
spec:
|
||||||
selector:
|
selector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
managed-by: kustomize
|
app.kubernetes.io/name: kube-state-metrics
|
||||||
app: kube-state-metrics
|
|
||||||
endpoints:
|
endpoints:
|
||||||
- port: http-metrics
|
- port: http-metrics
|
||||||
path: /metrics
|
|
||||||
honorLabels: true
|
honorLabels: true
|
||||||
|
|
@ -0,0 +1,13 @@
|
||||||
|
resources:
|
||||||
|
- kube-state-metrics-servicemonitors.yaml
|
||||||
|
- https://raw.githubusercontent.com/kubernetes/kube-state-metrics/v2.1.1/examples/standard/cluster-role-binding.yaml
|
||||||
|
- https://raw.githubusercontent.com/kubernetes/kube-state-metrics/v2.1.1/examples/standard/cluster-role.yaml
|
||||||
|
- https://raw.githubusercontent.com/kubernetes/kube-state-metrics/v2.1.1/examples/standard/deployment.yaml
|
||||||
|
- https://raw.githubusercontent.com/kubernetes/kube-state-metrics/v2.1.1/examples/standard/service-account.yaml
|
||||||
|
- https://raw.githubusercontent.com/kubernetes/kube-state-metrics/v2.1.1/examples/standard/service.yaml
|
||||||
|
|
||||||
|
commonLabels:
|
||||||
|
app.kubernetes.io/name: kube-state-metrics
|
||||||
|
|
||||||
|
# generators:
|
||||||
|
# - kube-state-metrics.yaml
|
||||||
|
|
@ -3,7 +3,7 @@ kind: Ingress
|
||||||
metadata:
|
metadata:
|
||||||
name: kubernetes-dashboard
|
name: kubernetes-dashboard
|
||||||
labels:
|
labels:
|
||||||
app: kubernetes-dashboard
|
app.kubernetes.io/name: kubernetes-dashboard
|
||||||
annotations:
|
annotations:
|
||||||
# nginx.ingress.kubernetes.io/rewrite-target: /
|
# nginx.ingress.kubernetes.io/rewrite-target: /
|
||||||
# nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
|
# nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
|
||||||
|
|
|
||||||
|
|
@ -1,8 +0,0 @@
|
||||||
resources:
|
|
||||||
- kube-state-metrics-servicemonitors.yaml
|
|
||||||
|
|
||||||
commonLabels:
|
|
||||||
app: kube-state-metrics
|
|
||||||
|
|
||||||
generators:
|
|
||||||
- kube-state-metrics.yaml
|
|
||||||
|
|
@ -1,2 +0,0 @@
|
||||||
generators:
|
|
||||||
- prometheus-operator.yaml
|
|
||||||
|
|
@ -1,7 +0,0 @@
|
||||||
resources:
|
|
||||||
- prometheus.yaml
|
|
||||||
- prometheus-rbac.yaml
|
|
||||||
- servicemonitors.yaml
|
|
||||||
|
|
||||||
commonLabels:
|
|
||||||
app: prometheus
|
|
||||||
|
|
@ -1,35 +0,0 @@
|
||||||
apiVersion: monitoring.coreos.com/v1
|
|
||||||
kind: Prometheus
|
|
||||||
metadata:
|
|
||||||
name: main
|
|
||||||
spec:
|
|
||||||
serviceAccountName: prometheus
|
|
||||||
serviceMonitorSelector:
|
|
||||||
matchLabels:
|
|
||||||
monitor: main
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
memory: 300Mi
|
|
||||||
limits:
|
|
||||||
memory: 500Mi
|
|
||||||
---
|
|
||||||
apiVersion: networking.k8s.io/v1beta1
|
|
||||||
kind: Ingress
|
|
||||||
metadata:
|
|
||||||
name: prometheus
|
|
||||||
annotations:
|
|
||||||
nginx.ingress.kubernetes.io/rewrite-target: /
|
|
||||||
cert-manager.io/cluster-issuer: letsencrypt
|
|
||||||
spec:
|
|
||||||
tls:
|
|
||||||
- hosts:
|
|
||||||
- prometheus.127.0.0.1.nip.io
|
|
||||||
secretName: letsencrypt-cert
|
|
||||||
rules:
|
|
||||||
- host: prometheus.127.0.0.1.nip.io
|
|
||||||
http:
|
|
||||||
paths:
|
|
||||||
- path: /
|
|
||||||
backend:
|
|
||||||
serviceName: prometheus-operated
|
|
||||||
servicePort: web
|
|
||||||
|
|
@ -3,7 +3,7 @@ kind: Ingress
|
||||||
metadata:
|
metadata:
|
||||||
name: nextcloud
|
name: nextcloud
|
||||||
labels:
|
labels:
|
||||||
app: nextcloud
|
app.kubernetes.io/name: nextcloud
|
||||||
annotations:
|
annotations:
|
||||||
nginx.ingress.kubernetes.io/rewrite-target: /
|
nginx.ingress.kubernetes.io/rewrite-target: /
|
||||||
cert-manager.io/cluster-issuer: letsencrypt
|
cert-manager.io/cluster-issuer: letsencrypt
|
||||||
|
|
|
||||||
|
|
@ -3,15 +3,15 @@ kind: Deployment
|
||||||
metadata:
|
metadata:
|
||||||
name: nextcloud
|
name: nextcloud
|
||||||
labels:
|
labels:
|
||||||
app: nextcloud
|
app.kubernetes.io/name: nextcloud
|
||||||
spec:
|
spec:
|
||||||
selector:
|
selector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
app: nextcloud
|
app.kubernetes.io/name: nextcloud
|
||||||
template:
|
template:
|
||||||
metadata:
|
metadata:
|
||||||
labels:
|
labels:
|
||||||
app: nextcloud
|
app.kubernetes.io/name: nextcloud
|
||||||
spec:
|
spec:
|
||||||
containers:
|
containers:
|
||||||
- name: nextcloud
|
- name: nextcloud
|
||||||
|
|
@ -55,7 +55,7 @@ kind: PersistentVolume
|
||||||
metadata:
|
metadata:
|
||||||
name: nextcloud-data-nfs
|
name: nextcloud-data-nfs
|
||||||
labels:
|
labels:
|
||||||
app: nextcloud
|
app.kubernetes.io/name: nextcloud
|
||||||
spec:
|
spec:
|
||||||
accessModes:
|
accessModes:
|
||||||
- ReadWriteMany
|
- ReadWriteMany
|
||||||
|
|
@ -71,7 +71,7 @@ kind: PersistentVolumeClaim
|
||||||
metadata:
|
metadata:
|
||||||
name: nextcloud-data
|
name: nextcloud-data
|
||||||
labels:
|
labels:
|
||||||
app: nextcloud
|
app.kubernetes.io/name: nextcloud
|
||||||
spec:
|
spec:
|
||||||
storageClassName: ""
|
storageClassName: ""
|
||||||
accessModes:
|
accessModes:
|
||||||
|
|
@ -81,17 +81,17 @@ spec:
|
||||||
storage: 100Mi
|
storage: 100Mi
|
||||||
selector:
|
selector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
app: nextcloud
|
app.kubernetes.io/name: nextcloud
|
||||||
---
|
---
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Service
|
kind: Service
|
||||||
metadata:
|
metadata:
|
||||||
name: nextcloud
|
name: nextcloud
|
||||||
labels:
|
labels:
|
||||||
app: nextcloud
|
app.kubernetes.io/name: nextcloud
|
||||||
spec:
|
spec:
|
||||||
selector:
|
selector:
|
||||||
app: nextcloud
|
app.kubernetes.io/name: nextcloud
|
||||||
ports:
|
ports:
|
||||||
- name: http
|
- name: http
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
|
|
|
||||||
|
|
@ -1,2 +1,3 @@
|
||||||
resources:
|
resources:
|
||||||
- node-exporter-daemonset.yaml
|
- node-exporter-daemonset.yaml
|
||||||
|
- node-exporter-servicemonitor.yaml
|
||||||
|
|
@ -4,16 +4,16 @@ metadata:
|
||||||
name: node-exporter
|
name: node-exporter
|
||||||
namespace: kube-monitoring
|
namespace: kube-monitoring
|
||||||
labels:
|
labels:
|
||||||
app: node-exporter
|
app.kubernetes.io/name: node-exporter
|
||||||
spec:
|
spec:
|
||||||
selector:
|
selector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
app: node-exporter
|
app.kubernetes.io/name: node-exporter
|
||||||
template:
|
template:
|
||||||
metadata:
|
metadata:
|
||||||
name: node-exporter
|
name: node-exporter
|
||||||
labels:
|
labels:
|
||||||
app: node-exporter
|
app.kubernetes.io/name: node-exporter
|
||||||
spec:
|
spec:
|
||||||
hostNetwork: true
|
hostNetwork: true
|
||||||
hostPID: true
|
hostPID: true
|
||||||
|
|
@ -56,14 +56,12 @@ kind: Service
|
||||||
metadata:
|
metadata:
|
||||||
name: nodes-exporter
|
name: nodes-exporter
|
||||||
labels:
|
labels:
|
||||||
app: node-exporter
|
app.kubernetes.io/name: node-exporter
|
||||||
monitor: main
|
|
||||||
spec:
|
spec:
|
||||||
type: ClusterIP
|
selector:
|
||||||
|
app.kubernetes.io/name: node-exporter
|
||||||
ports:
|
ports:
|
||||||
- name: http-metrics
|
- name: http-metrics
|
||||||
port: 9100
|
port: 9100
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
targetPort: http-metrics
|
targetPort: http-metrics
|
||||||
selector:
|
|
||||||
app: node-exporter
|
|
||||||
|
|
@ -0,0 +1,13 @@
|
||||||
|
apiVersion: monitoring.coreos.com/v1
|
||||||
|
kind: ServiceMonitor
|
||||||
|
metadata:
|
||||||
|
name: node-exporter
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: node-exporter
|
||||||
|
monitor: prometheus
|
||||||
|
spec:
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
app.kubernetes.io/name: node-exporter
|
||||||
|
endpoints:
|
||||||
|
- port: http-metrics
|
||||||
|
|
@ -0,0 +1,2 @@
|
||||||
|
resources:
|
||||||
|
- https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/release-0.50/bundle.yaml
|
||||||
|
|
@ -0,0 +1,6 @@
|
||||||
|
resources:
|
||||||
|
- prometheus.yaml
|
||||||
|
- prometheus-rbac.yaml
|
||||||
|
- prometheus-ingress.yaml
|
||||||
|
- traefik-podmonitor.yaml
|
||||||
|
- servicemonitors.yaml
|
||||||
|
|
@ -0,0 +1,25 @@
|
||||||
|
apiVersion: networking.k8s.io/v1
|
||||||
|
kind: Ingress
|
||||||
|
metadata:
|
||||||
|
name: prometheus
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: prometheus
|
||||||
|
annotations:
|
||||||
|
# nginx.ingress.kubernetes.io/rewrite-target: /
|
||||||
|
# cert-manager.io/cluster-issuer: letsencrypt
|
||||||
|
spec:
|
||||||
|
# tls:
|
||||||
|
# - hosts:
|
||||||
|
# - ${prometheus_EXTERNAL_HOST}
|
||||||
|
# secretName: letsencrypt-cert
|
||||||
|
rules:
|
||||||
|
- host: ${PROMETHEUS_EXTERNAL_HOST}
|
||||||
|
http:
|
||||||
|
paths:
|
||||||
|
- path: /
|
||||||
|
pathType: Prefix
|
||||||
|
backend:
|
||||||
|
service:
|
||||||
|
name: prometheus-operated
|
||||||
|
port:
|
||||||
|
name: web
|
||||||
|
|
@ -0,0 +1,17 @@
|
||||||
|
apiVersion: monitoring.coreos.com/v1
|
||||||
|
kind: Prometheus
|
||||||
|
metadata:
|
||||||
|
name: prometheus
|
||||||
|
spec:
|
||||||
|
serviceAccountName: prometheus
|
||||||
|
serviceMonitorSelector:
|
||||||
|
matchLabels:
|
||||||
|
monitor: prometheus
|
||||||
|
podMonitorSelector:
|
||||||
|
matchLabels:
|
||||||
|
monitor: prometheus
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
memory: 3Gi
|
||||||
|
limits:
|
||||||
|
memory: 4Gi
|
||||||
|
|
@ -3,37 +3,21 @@ kind: ServiceMonitor
|
||||||
metadata:
|
metadata:
|
||||||
name: prometheus
|
name: prometheus
|
||||||
labels:
|
labels:
|
||||||
monitor: main
|
app.kubernetes.io/name: prometheus
|
||||||
|
monitor: prometheus
|
||||||
spec:
|
spec:
|
||||||
selector:
|
selector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
operated-prometheus: "true"
|
operated-prometheus: "true"
|
||||||
endpoints:
|
endpoints:
|
||||||
- port: web
|
- port: web
|
||||||
path: /metrics
|
|
||||||
---
|
|
||||||
apiVersion: monitoring.coreos.com/v1
|
|
||||||
kind: ServiceMonitor
|
|
||||||
metadata:
|
|
||||||
name: servicemonitor-http
|
|
||||||
labels:
|
|
||||||
monitor: main
|
|
||||||
spec:
|
|
||||||
namespaceSelector:
|
|
||||||
any: true
|
|
||||||
selector:
|
|
||||||
matchLabels:
|
|
||||||
monitor: main
|
|
||||||
endpoints:
|
|
||||||
- port: http
|
|
||||||
path: /metrics
|
|
||||||
---
|
---
|
||||||
apiVersion: monitoring.coreos.com/v1
|
apiVersion: monitoring.coreos.com/v1
|
||||||
kind: ServiceMonitor
|
kind: ServiceMonitor
|
||||||
metadata:
|
metadata:
|
||||||
name: kubelet
|
name: kubelet
|
||||||
labels:
|
labels:
|
||||||
monitor: main
|
monitor: prometheus
|
||||||
spec:
|
spec:
|
||||||
namespaceSelector:
|
namespaceSelector:
|
||||||
matchNames:
|
matchNames:
|
||||||
|
|
@ -60,3 +44,18 @@ spec:
|
||||||
tlsConfig:
|
tlsConfig:
|
||||||
caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
|
caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
|
||||||
insecureSkipVerify: true
|
insecureSkipVerify: true
|
||||||
|
---
|
||||||
|
apiVersion: monitoring.coreos.com/v1
|
||||||
|
kind: ServiceMonitor
|
||||||
|
metadata:
|
||||||
|
name: servicemonitor-http
|
||||||
|
labels:
|
||||||
|
monitor: prometheus
|
||||||
|
spec:
|
||||||
|
namespaceSelector:
|
||||||
|
any: true
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
monitor: prometheus
|
||||||
|
endpoints:
|
||||||
|
- port: http
|
||||||
|
|
@ -0,0 +1,16 @@
|
||||||
|
apiVersion: monitoring.coreos.com/v1
|
||||||
|
kind: PodMonitor
|
||||||
|
metadata:
|
||||||
|
name: traefik
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: traefik
|
||||||
|
monitor: prometheus
|
||||||
|
spec:
|
||||||
|
namespaceSelector:
|
||||||
|
matchNames:
|
||||||
|
- kube-system
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
app.kubernetes.io/name: traefik
|
||||||
|
podMetricsEndpoints:
|
||||||
|
- port: traefik
|
||||||
|
|
@ -6,6 +6,7 @@ spec:
|
||||||
valuesContent: |-
|
valuesContent: |-
|
||||||
additionalArguments:
|
additionalArguments:
|
||||||
- '--serversTransport.insecureSkipVerify=true'
|
- '--serversTransport.insecureSkipVerify=true'
|
||||||
ports:
|
- '--metrics.prometheus=true'
|
||||||
web:
|
# ports:
|
||||||
redirectTo: websecure
|
# web:
|
||||||
|
# redirectTo: websecure
|
||||||
|
|
@ -0,0 +1,10 @@
|
||||||
|
bases:
|
||||||
|
- ../../bases/prometheus
|
||||||
|
- ../../bases/node-exporter
|
||||||
|
- ../../bases/kube-state-metrics
|
||||||
|
# - ../../base/postgres
|
||||||
|
|
||||||
|
resources:
|
||||||
|
- namespace.yaml
|
||||||
|
|
||||||
|
namespace: monitoring
|
||||||
|
|
@ -0,0 +1,4 @@
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Namespace
|
||||||
|
metadata:
|
||||||
|
name: monitoring
|
||||||
|
|
@ -0,0 +1,7 @@
|
||||||
|
bases:
|
||||||
|
- ../../bases/prometheus-operator
|
||||||
|
|
||||||
|
resources:
|
||||||
|
- namespace.yaml
|
||||||
|
|
||||||
|
namespace: operators
|
||||||
|
|
@ -0,0 +1,4 @@
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Namespace
|
||||||
|
metadata:
|
||||||
|
name: operators
|
||||||
|
|
@ -1,5 +1,6 @@
|
||||||
bases:
|
bases:
|
||||||
- ../../namespaces/kube-system
|
- ../../namespaces/kube-system
|
||||||
|
- ../../namespaces/operators
|
||||||
# - ../../namespaces/cert-manager
|
# - ../../namespaces/cert-manager
|
||||||
|
|
||||||
# allow "kubectl apply -l managed-by=cluster --prune ..."
|
# allow "kubectl apply -l managed-by=cluster --prune ..."
|
||||||
|
|
|
||||||
|
|
@ -2,6 +2,7 @@ bases:
|
||||||
- ../../namespaces/kubernetes-dashboard
|
- ../../namespaces/kubernetes-dashboard
|
||||||
- ../../namespaces/gitea
|
- ../../namespaces/gitea
|
||||||
- ../../namespaces/grafana
|
- ../../namespaces/grafana
|
||||||
|
- ../../namespaces/monitoring
|
||||||
# - ../../namespaces/nextcloud
|
# - ../../namespaces/nextcloud
|
||||||
|
|
||||||
# resources:
|
# resources:
|
||||||
|
|
@ -43,7 +44,7 @@ commonlabels:
|
||||||
|
|
||||||
transformers:
|
transformers:
|
||||||
- transformers/placeholders.yaml
|
- transformers/placeholders.yaml
|
||||||
- transformers/ssm-secrets.yaml
|
# - transformers/ssm-secrets.yaml
|
||||||
|
|
||||||
# configurations:
|
# configurations:
|
||||||
# - cert-manager/kustomizeconfig.yaml
|
# - cert-manager/kustomizeconfig.yaml
|
||||||
|
|
|
||||||
|
|
@ -3,3 +3,4 @@ GITEA_EXTERNAL_HOST=gitea.localhost
|
||||||
GRAFANA_EXTERNAL_HOST=grafana.localhost
|
GRAFANA_EXTERNAL_HOST=grafana.localhost
|
||||||
KUBERNETES_DASHBOARD_EXTERNAL_HOST=kubernetes-dashboard.localhost
|
KUBERNETES_DASHBOARD_EXTERNAL_HOST=kubernetes-dashboard.localhost
|
||||||
NEXTCLOUD_EXTERNAL_HOST=nextcloud.localhost
|
NEXTCLOUD_EXTERNAL_HOST=nextcloud.localhost
|
||||||
|
PROMETHEUS_EXTERNAL_HOST=prometheus.localhost
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue