From 0b49c3102df4233c17299ecaccbc180413a20743 Mon Sep 17 00:00:00 2001
From: Luis Vidal Ernst <l.vidalernst@traveltrex.com>
Date: Mon, 12 Jul 2021 13:59:45 +0200
Subject: [PATCH] Added PodMonitor for kube-proxy

---
 README.md                                     |  8 ++++
 examples/kubeProxy.jsonnet                    | 20 ++++++++++
 .../components/k8s-control-plane.libsonnet    | 40 +++++++++++++++++++
 3 files changed, 68 insertions(+)
 create mode 100644 examples/kubeProxy.jsonnet

diff --git a/README.md b/README.md
index 528199e8..425b2d40 100644
--- a/README.md
+++ b/README.md
@@ -70,6 +70,7 @@ If you are migrating from `release-0.7` branch or earlier please read [what chan
       - [Authentication problem](#authentication-problem)
       - [Authorization problem](#authorization-problem)
     - [kube-state-metrics resource usage](#kube-state-metrics-resource-usage)
+    - [Error retrieving kube-proxy metrics](#error-retrieving-kube-proxy-metrics)
   - [Contributing](#contributing)
   - [License](#license)
 
@@ -770,6 +771,13 @@ config. They default to:
     }
 ```
 
+### Error retrieving kube-proxy metrics
+By default, kubeadm will configure kube-proxy to listen on 127.0.0.1 for metrics. Because of this prometheus would not be able to scrape these metrics. This would have to be changed to 0.0.0.0 in one of the following two places:
+
+1. Before cluster initialization, the config file passed to kubeadm init should have KubeProxyConfiguration manifest with the field metricsBindAddress set to 0.0.0.0:10249
+2. If the k8s cluster is already up and running, we'll have to modify the configmap kube-proxy in the namespace kube-system and set the metricsBindAddress field. After this kube-proxy daemonset would have to be restarted with
+`kubectl -n kube-system rollout restart daemonset kube-proxy`
+
 ## Contributing
 
 All `.yaml` files in the `/manifests` folder are generated via
diff --git a/examples/kubeProxy.jsonnet b/examples/kubeProxy.jsonnet
new file mode 100644
index 00000000..03a7b3c7
--- /dev/null
+++ b/examples/kubeProxy.jsonnet
@@ -0,0 +1,20 @@
+local kp = (import 'kube-prometheus/main.libsonnet') + {
+  values+:: {
+    common+: {
+      namespace: 'monitoring',
+    },
+
+    kubernetesControlPlane+: {
+      kubeProxy: true,
+    },
+  },
+};
+
+{ ['00namespace-' + name]: kp.kubePrometheus[name] for name in std.objectFields(kp.kubePrometheus) } +
+{ ['0prometheus-operator-' + name]: kp.prometheusOperator[name] for name in std.objectFields(kp.prometheusOperator) } +
+{ ['node-exporter-' + name]: kp.nodeExporter[name] for name in std.objectFields(kp.nodeExporter) } +
+{ ['kube-state-metrics-' + name]: kp.kubeStateMetrics[name] for name in std.objectFields(kp.kubeStateMetrics) } +
+{ ['alertmanager-' + name]: kp.alertmanager[name] for name in std.objectFields(kp.alertmanager) } +
+{ ['prometheus-' + name]: kp.prometheus[name] for name in std.objectFields(kp.prometheus) } +
+{ ['grafana-' + name]: kp.grafana[name] for name in std.objectFields(kp.grafana) } +
+{ ['kubernetes-' + name]: kp.kubernetesControlPlane[name] for name in std.objectFields(kp.kubernetesControlPlane) }
diff --git a/jsonnet/kube-prometheus/components/k8s-control-plane.libsonnet b/jsonnet/kube-prometheus/components/k8s-control-plane.libsonnet
index dbf3474b..f407e3a9 100644
--- a/jsonnet/kube-prometheus/components/k8s-control-plane.libsonnet
+++ b/jsonnet/kube-prometheus/components/k8s-control-plane.libsonnet
@@ -22,6 +22,7 @@ local defaults = {
       hostNetworkInterfaceSelector: 'device!~"veth.+"',
     },
   },
+  kubeProxy: false,
 };
 
 function(params) {
@@ -234,6 +235,45 @@ function(params) {
     },
   },
 
+  [if (defaults + params).kubeProxy then 'podMonitorKubeProxy']: {
+    apiVersion: 'monitoring.coreos.com/v1',
+    kind: 'PodMonitor',
+    metadata: {
+      labels: {
+        'k8s-app': 'kube-proxy',
+      },
+      name: 'kube-proxy',
+      namespace: k8s._config.namespace,
+    },
+    spec: {
+      jobLabel: 'k8s-app',
+      namespaceSelector: {
+        matchNames: [
+          'kube-system',
+        ],
+      },
+      selector: {
+        matchLabels: {
+          'k8s-app': 'kube-proxy',
+        },
+      },
+      podMetricsEndpoints: [{
+        honorLabels: true,
+        targetPort: 10249,
+        relabelings: [
+          {
+            action: 'replace',
+            regex: '(.*)',
+            replacement: '$1',
+            sourceLabels: ['__meta_kubernetes_pod_node_name'],
+            targetLabel: 'instance',
+          },
+        ],
+      }],
+    },
+  },
+
+
   serviceMonitorCoreDNS: {
     apiVersion: 'monitoring.coreos.com/v1',
     kind: 'ServiceMonitor',
-- 
GitLab