diff --git a/jsonnet/kube-prometheus/components/k8s-control-plane.libsonnet b/jsonnet/kube-prometheus/components/k8s-control-plane.libsonnet
new file mode 100644
index 0000000000000000000000000000000000000000..dd2282db59c31cd8aa330241e3a6b63ace72875e
--- /dev/null
+++ b/jsonnet/kube-prometheus/components/k8s-control-plane.libsonnet
@@ -0,0 +1,262 @@
+local relabelings = import '../addons/dropping-deprecated-metrics-relabelings.libsonnet';
+
+local defaults = {
+ namespace: error 'must provide namespace',
+ commonLabels:: {
+ 'app.kubernetes.io/name': 'kube-prometheus',
+ 'app.kubernetes.io/part-of': 'kube-prometheus',
+ },
+ mixin: {
+ ruleLabels: {},
+ _config: {
+ cadvisorSelector: 'job="kubelet", metrics_path="/metrics/cadvisor"',
+ kubeletSelector: 'job="kubelet", metrics_path="/metrics"',
+ kubeStateMetricsSelector: 'job="kube-state-metrics"',
+ nodeExporterSelector: 'job="node-exporter"',
+ kubeSchedulerSelector: 'job="kube-scheduler"',
+ kubeControllerManagerSelector: 'job="kube-controller-manager"',
+ kubeApiserverSelector: 'job="apiserver"',
+ podLabel: 'pod',
+ runbookURLPattern: 'https://github.com/prometheus-operator/kube-prometheus/wiki/%s',
+ diskDeviceSelector: 'device=~"mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|dasd.+"',
+ hostNetworkInterfaceSelector: 'device!~"veth.+"',
+ },
+ },
+};
+
+function(params) {
+ local k8s = self,
+ config:: defaults + params,
+
+ mixin:: (import 'github.com/kubernetes-monitoring/kubernetes-mixin/mixin.libsonnet') {
+ _config+:: k8s.config.mixin._config,
+ },
+
+ prometheusRule: {
+ apiVersion: 'monitoring.coreos.com/v1',
+ kind: 'PrometheusRule',
+ metadata: {
+ labels: k8s.config.commonLabels + k8s.config.mixin.ruleLabels,
+ name: 'kubernetes-monitoring-rules',
+ namespace: k8s.config.namespace,
+ },
+ spec: {
+ local r = if std.objectHasAll(k8s.mixin, 'prometheusRules') then k8s.mixin.prometheusRules.groups else {},
+ local a = if std.objectHasAll(k8s.mixin, 'prometheusAlerts') then k8s.mixin.prometheusAlerts.groups else {},
+ groups: a + r,
+ },
+ },
+
+ serviceMonitorKubeScheduler: {
+ apiVersion: 'monitoring.coreos.com/v1',
+ kind: 'ServiceMonitor',
+ metadata: {
+ name: 'kube-scheduler',
+ namespace: k8s.config.namespace,
+ labels: { 'app.kubernetes.io/name': 'kube-scheduler' },
+ },
+ spec: {
+ jobLabel: 'app.kubernetes.io/name',
+ endpoints: [{
+ port: 'https-metrics',
+ interval: '30s',
+ scheme: 'https',
+ bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token',
+ tlsConfig: { insecureSkipVerify: true },
+ }],
+ selector: {
+ matchLabels: { 'app.kubernetes.io/name': 'kube-scheduler' },
+ },
+ namespaceSelector: {
+ matchNames: ['kube-system'],
+ },
+ },
+ },
+
+ serviceMonitorKubelet: {
+ apiVersion: 'monitoring.coreos.com/v1',
+ kind: 'ServiceMonitor',
+ metadata: {
+ name: 'kubelet',
+ namespace: k8s.config.namespace,
+ labels: { 'app.kubernetes.io/name': 'kubelet' },
+ },
+ spec: {
+ jobLabel: 'app.kubernetes.io/name',
+ endpoints: [
+ {
+ port: 'https-metrics',
+ scheme: 'https',
+ interval: '30s',
+ honorLabels: true,
+ tlsConfig: { insecureSkipVerify: true },
+ bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token',
+ metricRelabelings: relabelings,
+ relabelings: [{
+ sourceLabels: ['__metrics_path__'],
+ targetLabel: 'metrics_path',
+ }],
+ },
+ {
+ port: 'https-metrics',
+ scheme: 'https',
+ path: '/metrics/cadvisor',
+ interval: '30s',
+ honorLabels: true,
+ honorTimestamps: false,
+ tlsConfig: {
+ insecureSkipVerify: true,
+ },
+ bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token',
+ relabelings: [{
+ sourceLabels: ['__metrics_path__'],
+ targetLabel: 'metrics_path',
+ }],
+ metricRelabelings: [
+ // Drop a bunch of metrics which are disabled but still sent, see
+ // https://github.com/google/cadvisor/issues/1925.
+ {
+ sourceLabels: ['__name__'],
+ regex: 'container_(network_tcp_usage_total|network_udp_usage_total|tasks_state|cpu_load_average_10s)',
+ action: 'drop',
+ },
+ ],
+ },
+ {
+ port: 'https-metrics',
+ scheme: 'https',
+ path: '/metrics/probes',
+ interval: '30s',
+ honorLabels: true,
+ tlsConfig: { insecureSkipVerify: true },
+ bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token',
+ relabelings: [{
+ sourceLabels: ['__metrics_path__'],
+ targetLabel: 'metrics_path',
+ }],
+ },
+ ],
+ selector: {
+ matchLabels: { 'app.kubernetes.io/name': 'kubelet' },
+ },
+ namespaceSelector: {
+ matchNames: ['kube-system'],
+ },
+ },
+ },
+
+ serviceMonitorKubeControllerManager: {
+ apiVersion: 'monitoring.coreos.com/v1',
+ kind: 'ServiceMonitor',
+ metadata: {
+ name: 'kube-controller-manager',
+ namespace: k8s.config.namespace,
+ labels: { 'app.kubernetes.io/name': 'kube-controller-manager' },
+ },
+ spec: {
+ jobLabel: 'app.kubernetes.io/name',
+ endpoints: [{
+ port: 'https-metrics',
+ interval: '30s',
+ scheme: 'https',
+ bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token',
+ tlsConfig: {
+ insecureSkipVerify: true,
+ },
+ metricRelabelings: relabelings + [
+ {
+ sourceLabels: ['__name__'],
+ regex: 'etcd_(debugging|disk|request|server).*',
+ action: 'drop',
+ },
+ ],
+ }],
+ selector: {
+ matchLabels: { 'app.kubernetes.io/name': 'kube-controller-manager' },
+ },
+ namespaceSelector: {
+ matchNames: ['kube-system'],
+ },
+ },
+ },
+
+ serviceMonitorApiserver: {
+ apiVersion: 'monitoring.coreos.com/v1',
+ kind: 'ServiceMonitor',
+ metadata: {
+ name: 'kube-apiserver',
+ namespace: k8s.config.namespace,
+ labels: { 'app.kubernetes.io/name': 'apiserver' },
+ },
+ spec: {
+ jobLabel: 'component',
+ selector: {
+ matchLabels: {
+ component: 'apiserver',
+ provider: 'kubernetes',
+ },
+ },
+ namespaceSelector: {
+ matchNames: ['default'],
+ },
+ endpoints: [{
+ port: 'https',
+ interval: '30s',
+ scheme: 'https',
+ tlsConfig: {
+ caFile: '/var/run/secrets/kubernetes.io/serviceaccount/ca.crt',
+ serverName: 'kubernetes',
+ },
+ bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token',
+ metricRelabelings: relabelings + [
+ {
+ sourceLabels: ['__name__'],
+ regex: 'etcd_(debugging|disk|server).*',
+ action: 'drop',
+ },
+ {
+ sourceLabels: ['__name__'],
+ regex: 'apiserver_admission_controller_admission_latencies_seconds_.*',
+ action: 'drop',
+ },
+ {
+ sourceLabels: ['__name__'],
+ regex: 'apiserver_admission_step_admission_latencies_seconds_.*',
+ action: 'drop',
+ },
+ {
+ sourceLabels: ['__name__', 'le'],
+ regex: 'apiserver_request_duration_seconds_bucket;(0.15|0.25|0.3|0.35|0.4|0.45|0.6|0.7|0.8|0.9|1.25|1.5|1.75|2.5|3|3.5|4.5|6|7|8|9|15|25|30|50)',
+ action: 'drop',
+ },
+ ],
+ }],
+ },
+ },
+
+ serviceMonitorCoreDNS: {
+ apiVersion: 'monitoring.coreos.com/v1',
+ kind: 'ServiceMonitor',
+ metadata: {
+ name: 'coredns',
+ namespace: k8s.config.namespace,
+ labels: { 'app.kubernetes.io/name': 'coredns' },
+ },
+ spec: {
+ jobLabel: 'app.kubernetes.io/name',
+ selector: {
+ matchLabels: { 'app.kubernetes.io/name': 'kube-dns' },
+ },
+ namespaceSelector: {
+ matchNames: ['kube-system'],
+ },
+ endpoints: [{
+ port: 'metrics',
+ interval: '15s',
+ bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token',
+ }],
+ },
+ },
+
+
+}
diff --git a/jsonnet/kube-prometheus/components/mixin/kubernetes.libsonnet b/jsonnet/kube-prometheus/components/mixin/kubernetes.libsonnet
deleted file mode 100644
index f9e5791fdf262d850d8e9c44ebadf45d475a1ba6..0000000000000000000000000000000000000000
--- a/jsonnet/kube-prometheus/components/mixin/kubernetes.libsonnet
+++ /dev/null
@@ -1,49 +0,0 @@
-local defaults = {
- name: 'kubernetes',
- namespace: error 'must provide namespace',
- commonLabels:: {
- 'app.kubernetes.io/name': 'kube-prometheus',
- 'app.kubernetes.io/component': 'exporter',
- 'app.kubernetes.io/part-of': 'kube-prometheus',
- },
- mixin: {
- ruleLabels: {},
- _config: {
- cadvisorSelector: 'job="kubelet", metrics_path="/metrics/cadvisor"',
- kubeletSelector: 'job="kubelet", metrics_path="/metrics"',
- kubeStateMetricsSelector: 'job="kube-state-metrics"',
- nodeExporterSelector: 'job="node-exporter"',
- kubeSchedulerSelector: 'job="kube-scheduler"',
- kubeControllerManagerSelector: 'job="kube-controller-manager"',
- kubeApiserverSelector: 'job="apiserver"',
- podLabel: 'pod',
- runbookURLPattern: 'https://github.com/prometheus-operator/kube-prometheus/wiki/%s',
- diskDeviceSelector: 'device=~"mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|dasd.+"',
- hostNetworkInterfaceSelector: 'device!~"veth.+"',
- },
- },
-};
-
-function(params) {
- local m = self,
- config:: defaults + params,
-
- mixin:: (import 'github.com/kubernetes-monitoring/kubernetes-mixin/mixin.libsonnet') {
- _config+:: m.config.mixin._config,
- },
-
- prometheusRule: {
- apiVersion: 'monitoring.coreos.com/v1',
- kind: 'PrometheusRule',
- metadata: {
- labels: m.config.commonLabels + m.config.mixin.ruleLabels,
- name: m.config.name + '-rules',
- namespace: m.config.namespace,
- },
- spec: {
- local r = if std.objectHasAll(m.mixin, 'prometheusRules') then m.mixin.prometheusRules.groups else {},
- local a = if std.objectHasAll(m.mixin, 'prometheusAlerts') then m.mixin.prometheusAlerts.groups else {},
- groups: a + r,
- },
- },
-}
diff --git a/jsonnet/kube-prometheus/components/prometheus.libsonnet b/jsonnet/kube-prometheus/components/prometheus.libsonnet
index 58b8e517211549fb80cf5ea0a2f7b10a7718c893..9bbefd47f16db6e0810d78f423b80fde954a0a36 100644
--- a/jsonnet/kube-prometheus/components/prometheus.libsonnet
+++ b/jsonnet/kube-prometheus/components/prometheus.libsonnet
@@ -1,5 +1,3 @@
-local relabelings = import '../addons/dropping-deprecated-metrics-relabelings.libsonnet';
-
local defaults = {
local defaults = self,
namespace: error 'must provide namespace',
@@ -297,217 +295,6 @@ function(params) {
},
},
- serviceMonitorKubeScheduler: {
- apiVersion: 'monitoring.coreos.com/v1',
- kind: 'ServiceMonitor',
- metadata: {
- name: 'kube-scheduler',
- namespace: p.config.namespace,
- labels: { 'app.kubernetes.io/name': 'kube-scheduler' },
- },
- spec: {
- jobLabel: 'app.kubernetes.io/name',
- endpoints: [{
- port: 'https-metrics',
- interval: '30s',
- scheme: 'https',
- bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token',
- tlsConfig: { insecureSkipVerify: true },
- }],
- selector: {
- matchLabels: { 'app.kubernetes.io/name': 'kube-scheduler' },
- },
- namespaceSelector: {
- matchNames: ['kube-system'],
- },
- },
- },
-
- serviceMonitorKubelet: {
- apiVersion: 'monitoring.coreos.com/v1',
- kind: 'ServiceMonitor',
- metadata: {
- name: 'kubelet',
- namespace: p.config.namespace,
- labels: { 'app.kubernetes.io/name': 'kubelet' },
- },
- spec: {
- jobLabel: 'app.kubernetes.io/name',
- endpoints: [
- {
- port: 'https-metrics',
- scheme: 'https',
- interval: '30s',
- honorLabels: true,
- tlsConfig: { insecureSkipVerify: true },
- bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token',
- metricRelabelings: relabelings,
- relabelings: [{
- sourceLabels: ['__metrics_path__'],
- targetLabel: 'metrics_path',
- }],
- },
- {
- port: 'https-metrics',
- scheme: 'https',
- path: '/metrics/cadvisor',
- interval: '30s',
- honorLabels: true,
- honorTimestamps: false,
- tlsConfig: {
- insecureSkipVerify: true,
- },
- bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token',
- relabelings: [{
- sourceLabels: ['__metrics_path__'],
- targetLabel: 'metrics_path',
- }],
- metricRelabelings: [
- // Drop a bunch of metrics which are disabled but still sent, see
- // https://github.com/google/cadvisor/issues/1925.
- {
- sourceLabels: ['__name__'],
- regex: 'container_(network_tcp_usage_total|network_udp_usage_total|tasks_state|cpu_load_average_10s)',
- action: 'drop',
- },
- ],
- },
- {
- port: 'https-metrics',
- scheme: 'https',
- path: '/metrics/probes',
- interval: '30s',
- honorLabels: true,
- tlsConfig: { insecureSkipVerify: true },
- bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token',
- relabelings: [{
- sourceLabels: ['__metrics_path__'],
- targetLabel: 'metrics_path',
- }],
- },
- ],
- selector: {
- matchLabels: { 'app.kubernetes.io/name': 'kubelet' },
- },
- namespaceSelector: {
- matchNames: ['kube-system'],
- },
- },
- },
-
- serviceMonitorKubeControllerManager: {
- apiVersion: 'monitoring.coreos.com/v1',
- kind: 'ServiceMonitor',
- metadata: {
- name: 'kube-controller-manager',
- namespace: p.config.namespace,
- labels: { 'app.kubernetes.io/name': 'kube-controller-manager' },
- },
- spec: {
- jobLabel: 'app.kubernetes.io/name',
- endpoints: [{
- port: 'https-metrics',
- interval: '30s',
- scheme: 'https',
- bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token',
- tlsConfig: {
- insecureSkipVerify: true,
- },
- metricRelabelings: relabelings + [
- {
- sourceLabels: ['__name__'],
- regex: 'etcd_(debugging|disk|request|server).*',
- action: 'drop',
- },
- ],
- }],
- selector: {
- matchLabels: { 'app.kubernetes.io/name': 'kube-controller-manager' },
- },
- namespaceSelector: {
- matchNames: ['kube-system'],
- },
- },
- },
-
- serviceMonitorApiserver: {
- apiVersion: 'monitoring.coreos.com/v1',
- kind: 'ServiceMonitor',
- metadata: {
- name: 'kube-apiserver',
- namespace: p.config.namespace,
- labels: { 'app.kubernetes.io/name': 'apiserver' },
- },
- spec: {
- jobLabel: 'component',
- selector: {
- matchLabels: {
- component: 'apiserver',
- provider: 'kubernetes',
- },
- },
- namespaceSelector: {
- matchNames: ['default'],
- },
- endpoints: [{
- port: 'https',
- interval: '30s',
- scheme: 'https',
- tlsConfig: {
- caFile: '/var/run/secrets/kubernetes.io/serviceaccount/ca.crt',
- serverName: 'kubernetes',
- },
- bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token',
- metricRelabelings: relabelings + [
- {
- sourceLabels: ['__name__'],
- regex: 'etcd_(debugging|disk|server).*',
- action: 'drop',
- },
- {
- sourceLabels: ['__name__'],
- regex: 'apiserver_admission_controller_admission_latencies_seconds_.*',
- action: 'drop',
- },
- {
- sourceLabels: ['__name__'],
- regex: 'apiserver_admission_step_admission_latencies_seconds_.*',
- action: 'drop',
- },
- {
- sourceLabels: ['__name__', 'le'],
- regex: 'apiserver_request_duration_seconds_bucket;(0.15|0.25|0.3|0.35|0.4|0.45|0.6|0.7|0.8|0.9|1.25|1.5|1.75|2.5|3|3.5|4.5|6|7|8|9|15|25|30|50)',
- action: 'drop',
- },
- ],
- }],
- },
- },
-
- serviceMonitorCoreDNS: {
- apiVersion: 'monitoring.coreos.com/v1',
- kind: 'ServiceMonitor',
- metadata: {
- name: 'coredns',
- namespace: p.config.namespace,
- labels: { 'app.kubernetes.io/name': 'coredns' },
- },
- spec: {
- jobLabel: 'app.kubernetes.io/name',
- selector: {
- matchLabels: { 'app.kubernetes.io/name': 'kube-dns' },
- },
- namespaceSelector: {
- matchNames: ['kube-system'],
- },
- endpoints: [{
- port: 'metrics',
- interval: '15s',
- bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token',
- }],
- },
- },
-
// Include thanos sidecar Service only if thanos config was passed by user
[if std.objectHas(params, 'thanos') && std.length(params.thanos) > 0 then 'serviceThanosSidecar']: {
apiVersion: 'v1',
diff --git a/jsonnet/kube-prometheus/main.libsonnet b/jsonnet/kube-prometheus/main.libsonnet
index bd2a60b321289c94631e3411011436dae4361f63..aa684c8df883161009c07710137495d8a0a6cc88 100644
--- a/jsonnet/kube-prometheus/main.libsonnet
+++ b/jsonnet/kube-prometheus/main.libsonnet
@@ -1,9 +1,9 @@
local alertmanager = import './components/alertmanager.libsonnet';
local blackboxExporter = import './components/blackbox-exporter.libsonnet';
local grafana = import './components/grafana.libsonnet';
+local kubernetesControlPlane = import './components/k8s-control-plane.libsonnet';
local kubeStateMetrics = import './components/kube-state-metrics.libsonnet';
local customMixin = import './components/mixin/custom.libsonnet';
-local kubernetesMixin = import './components/mixin/kubernetes.libsonnet';
local nodeExporter = import './components/node-exporter.libsonnet';
local prometheusAdapter = import './components/prometheus-adapter.libsonnet';
local prometheusOperator = import './components/prometheus-operator.libsonnet';
@@ -58,7 +58,7 @@ local prometheus = import './components/prometheus.libsonnet';
image: $.values.common.images.grafana,
prometheusName: $.values.prometheus.name,
// TODO(paulfantom) This should be done by iterating over all objects and looking for object.mixin.grafanaDashboards
- dashboards: $.nodeExporter.mixin.grafanaDashboards + $.prometheus.mixin.grafanaDashboards + $.kubernetesMixin.mixin.grafanaDashboards,
+ dashboards: $.nodeExporter.mixin.grafanaDashboards + $.prometheus.mixin.grafanaDashboards + $.kubernetesControlPlane.mixin.grafanaDashboards,
},
kubeStateMetrics: {
namespace: $.values.common.namespace,
@@ -96,7 +96,7 @@ local prometheus = import './components/prometheus.libsonnet';
},
mixin+: { ruleLabels: $.values.common.ruleLabels },
},
- kubernetesMixin: {
+ kubernetesControlPlane: {
namespace: $.values.common.namespace,
mixin+: { ruleLabels: $.values.common.ruleLabels },
},
@@ -114,7 +114,7 @@ local prometheus = import './components/prometheus.libsonnet';
prometheus: prometheus($.values.prometheus),
prometheusAdapter: prometheusAdapter($.values.prometheusAdapter),
prometheusOperator: prometheusOperator($.values.prometheusOperator),
- kubernetesMixin: kubernetesMixin($.values.kubernetesMixin),
+ kubernetesControlPlane: kubernetesControlPlane($.values.kubernetesControlPlane),
kubePrometheus: customMixin($.values.kubePrometheus) + {
namespace: {
apiVersion: 'v1',