From 5d33cbb166e1b5155004152b0286e948fc526725 Mon Sep 17 00:00:00 2001
From: Francisco Ripoli <xico@ripoli.com.br>
Date: Thu, 8 Mar 2018 17:36:05 +0000
Subject: [PATCH] example service monitoring updated with missing config
added service account, role and role binding for the prometheus frontend
example, also updated prometheus to use the correct service account
fixes #1049
---
hack/example-service-monitoring/deploy | 3 +++
.../prometheus-frontend-role-binding.yaml | 13 +++++++++++++
.../example-app/prometheus-frontend-role.yaml | 17 +++++++++++++++++
.../prometheus-frontend-service-account.yaml | 4 ++++
.../example-app/prometheus-frontend.yaml | 1 +
5 files changed, 38 insertions(+)
create mode 100644 manifests/examples/example-app/prometheus-frontend-role-binding.yaml
create mode 100644 manifests/examples/example-app/prometheus-frontend-role.yaml
create mode 100644 manifests/examples/example-app/prometheus-frontend-service-account.yaml
diff --git a/hack/example-service-monitoring/deploy b/hack/example-service-monitoring/deploy
index 7691047c..ba922b84 100755
--- a/hack/example-service-monitoring/deploy
+++ b/hack/example-service-monitoring/deploy
@@ -8,6 +8,9 @@ if [ -z "${NAMESPACE}" ]; then
NAMESPACE=default
fi
+kubectl --namespace "$NAMESPACE" --kubeconfig="$KUBECONFIG" apply -f manifests/examples/example-app/prometheus-frontend-service-account.yaml
+kubectl --namespace "$NAMESPACE" --kubeconfig="$KUBECONFIG" apply -f manifests/examples/example-app/prometheus-frontend-role.yaml
+kubectl --namespace "$NAMESPACE" --kubeconfig="$KUBECONFIG" apply -f manifests/examples/example-app/prometheus-frontend-role-binding.yaml
kubectl --namespace "$NAMESPACE" --kubeconfig="$KUBECONFIG" apply -f manifests/examples/example-app/prometheus-frontend-svc.yaml
kubectl --namespace "$NAMESPACE" --kubeconfig="$KUBECONFIG" apply -f manifests/examples/example-app/example-app.yaml
kubectl --namespace "$NAMESPACE" --kubeconfig="$KUBECONFIG" apply -f manifests/examples/example-app/prometheus-frontend.yaml
diff --git a/manifests/examples/example-app/prometheus-frontend-role-binding.yaml b/manifests/examples/example-app/prometheus-frontend-role-binding.yaml
new file mode 100644
index 00000000..1d6bea2c
--- /dev/null
+++ b/manifests/examples/example-app/prometheus-frontend-role-binding.yaml
@@ -0,0 +1,13 @@
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: RoleBinding
+metadata:
+ name: prometheus-frontend
+ namespace: default
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: Role
+ name: prometheus-frontend
+subjects:
+- kind: ServiceAccount
+ name: prometheus-frontend
+ namespace: default
diff --git a/manifests/examples/example-app/prometheus-frontend-role.yaml b/manifests/examples/example-app/prometheus-frontend-role.yaml
new file mode 100644
index 00000000..79d50501
--- /dev/null
+++ b/manifests/examples/example-app/prometheus-frontend-role.yaml
@@ -0,0 +1,17 @@
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: Role
+metadata:
+ name: prometheus-frontend
+ namespace: default
+rules:
+- apiGroups: [""]
+ resources:
+ - nodes
+ - services
+ - endpoints
+ - pods
+ verbs: ["get", "list", "watch"]
+- apiGroups: [""]
+ resources:
+ - configmaps
+ verbs: ["get"]
diff --git a/manifests/examples/example-app/prometheus-frontend-service-account.yaml b/manifests/examples/example-app/prometheus-frontend-service-account.yaml
new file mode 100644
index 00000000..abd3e0df
--- /dev/null
+++ b/manifests/examples/example-app/prometheus-frontend-service-account.yaml
@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: prometheus-frontend
diff --git a/manifests/examples/example-app/prometheus-frontend.yaml b/manifests/examples/example-app/prometheus-frontend.yaml
index b55b58db..d5651529 100644
--- a/manifests/examples/example-app/prometheus-frontend.yaml
+++ b/manifests/examples/example-app/prometheus-frontend.yaml
@@ -6,6 +6,7 @@ metadata:
labels:
prometheus: frontend
spec:
+ serviceAccountName: prometheus-frontend
version: v1.7.1
serviceMonitorSelector:
matchLabels:
--
GitLab