From edf21e4382401bb778c8026e1b42e2fd5a77a6f4 Mon Sep 17 00:00:00 2001
From: Frederic Branczyk <fbranczyk@gmail.com>
Date: Wed, 25 Apr 2018 15:04:20 +0100
Subject: [PATCH] kube-prometheus/jsonnet: Use jsonnet-bundler
---
.gitignore | 1 +
Makefile | 8 +-
README.md | 295 +-
example-dist/base/kube-prometheus.jsonnet | 6 -
example-dist/bootkube/.gitignore | 2 -
example-dist/bootkube/kube-prometheus.jsonnet | 36 -
example-dist/kubeadm/.gitignore | 2 -
example-dist/kubeadm/kube-prometheus.jsonnet | 31 -
examples/bootkube.jsonnet | 2 +
examples/ksonnet-example.jsonnet | 9 +
examples/kubeadm.jsonnet | 2 +
examples/node-ports.jsonnet | 2 +
examples/prometheus-name-override.jsonnet | 9 +
hack/cluster-monitoring/deploy | 18 +-
hack/scripts/build-jsonnet.sh | 10 +-
hack/scripts/kube-prometheus-base.jsonnet | 12 +
hack/scripts/kube-prometheus-minikube.jsonnet | 16 +
.../alertmanager-main-secret.libsonnet | 8 -
...lertmanager-main-service-account.libsonnet | 8 -
...lertmanager-main-service-monitor.libsonnet | 32 -
.../alertmanager-main-service.libsonnet | 12 -
.../alertmanager/alertmanager-main.libsonnet | 19 -
jsonnet/alertmanager/alertmanager.libsonnet | 7 -
jsonnet/kube-prometheus.libsonnet | 85 -
jsonnet/kube-prometheus/.gitignore | 2 +
.../alertmanager/alertmanager.libsonnet | 97 +
jsonnet/kube-prometheus/jsonnetfile.json | 34 +
.../kube-prometheus-bootkube.libsonnet | 23 +
.../kube-prometheus-ksonnet.libsonnet | 8 +
.../kube-prometheus-kubeadm.libsonnet | 18 +
.../kube-prometheus-node-ports.libsonnet | 21 +
.../kube-prometheus/kube-prometheus.libsonnet | 26 +
.../kube-state-metrics.libsonnet | 286 +
.../node-exporter/node-exporter.libsonnet | 167 +
.../alertmanager-crd.libsonnet | 1 +
.../prometheus-crd.libsonnet | 1 +
.../prometheus-operator.libsonnet | 152 +
.../servicemonitor-crd.libsonnet | 1 +
.../prometheus/prometheus.libsonnet | 454 ++
...ate-metrics-cluster-role-binding.libsonnet | 12 -
.../kube-state-metrics-cluster-role.libsonnet | 75 -
.../kube-state-metrics-deployment.libsonnet | 86 -
.../kube-state-metrics-role-binding.libsonnet | 13 -
.../kube-state-metrics-role.libsonnet | 28 -
...be-state-metrics-service-account.libsonnet | 8 -
...be-state-metrics-service-monitor.libsonnet | 48 -
.../kube-state-metrics-service.libsonnet | 15 -
.../kube-state-metrics.libsonnet | 10 -
...de-exporter-cluster-role-binding.libsonnet | 12 -
.../node-exporter-cluster-role.libsonnet | 26 -
.../node-exporter-daemonset.libsonnet | 58 -
.../node-exporter-service-account.libsonnet | 8 -
.../node-exporter-service-monitor.libsonnet | 38 -
.../node-exporter-service.libsonnet | 14 -
jsonnet/node-exporter/node-exporter.libsonnet | 8 -
...us-operator-cluster-role-binding.libsonnet | 12 -
...prometheus-operator-cluster-role.libsonnet | 81 -
.../prometheus-operator-deployment.libsonnet | 28 -
...metheus-operator-service-account.libsonnet | 8 -
...metheus-operator-service-monitor.libsonnet | 26 -
.../prometheus-operator-service.libsonnet | 14 -
.../prometheus-operator.libsonnet | 8 -
...metheus-k8s-cluster-role-binding.libsonnet | 12 -
.../prometheus-k8s-cluster-role.libsonnet | 21 -
...ometheus-k8s-role-binding-config.libsonnet | 5 -
...metheus-k8s-role-binding-default.libsonnet | 5 -
...eus-k8s-role-binding-kube-system.libsonnet | 5 -
...theus-k8s-role-binding-namespace.libsonnet | 5 -
.../prometheus-k8s-role-config.libsonnet | 18 -
.../prometheus-k8s-role-default.libsonnet | 5 -
.../prometheus-k8s-role-kube-system.libsonnet | 5 -
.../prometheus-k8s-role-namespace.libsonnet | 5 -
.../prometheus/prometheus-k8s-rules.libsonnet | 9 -
.../prometheus-k8s-service-account.libsonnet | 8 -
...us-k8s-service-monitor-apiserver.libsonnet | 40 -
...heus-k8s-service-monitor-coredns.libsonnet | 35 -
...-monitor-kube-controller-manager.libsonnet | 33 -
...s-service-monitor-kube-scheduler.libsonnet | 33 -
...heus-k8s-service-monitor-kubelet.libsonnet | 49 -
...s-k8s-service-monitor-prometheus.libsonnet | 32 -
.../prometheus-k8s-service.libsonnet | 12 -
jsonnet/prometheus/prometheus-k8s.libsonnet | 43 -
...rometheus-namespace-role-binding.libsonnet | 13 -
.../prometheus-namespace-role.libsonnet | 21 -
jsonnet/prometheus/prometheus.libsonnet | 22 -
...ertmanager-custom-resource-definition.yaml | 2270 ++++++
...prometheus-custom-resource-definition.yaml | 2688 +++++++
...icemonitor-custom-resource-definition.yaml | 236 +
...etheus-operator-cluster-role-binding.yaml} | 0
...=> 0prometheus-operator-cluster-role.yaml} | 0
...l => 0prometheus-operator-deployment.yaml} | 2 +
...0prometheus-operator-service-account.yaml} | 0
...yaml => 0prometheus-operator-service.yaml} | 3 +
...in.yaml => alertmanager-alertmanager.yaml} | 3 +
.../alertmanager-main-secret.yaml | 8 -
manifests/alertmanager-secret.yaml | 8 +
...yaml => alertmanager-service-account.yaml} | 0
...yaml => alertmanager-service-monitor.yaml} | 0
...service.yaml => alertmanager-service.yaml} | 0
...aml => grafana-dashboard-datasources.yaml} | 0
.../grafana-dashboard-definitions.yaml | 6685 ++++++++---------
.../grafana-dashboard-sources.yaml | 0
.../{grafana => }/grafana-deployment.yaml | 8 +-
.../grafana-service-account.yaml | 0
manifests/{grafana => }/grafana-service.yaml | 0
...be-state-metrics-cluster-role-binding.yaml | 0
.../kube-state-metrics-cluster-role.yaml | 0
.../kube-state-metrics-deployment.yaml | 2 +
.../kube-state-metrics-role-binding.yaml | 0
.../kube-state-metrics-role.yaml | 0
.../kube-state-metrics-service-account.yaml | 0
.../kube-state-metrics-service-monitor.yaml | 0
.../kube-state-metrics-service.yaml | 1 +
.../node-exporter-cluster-role-binding.yaml | 0
.../node-exporter-cluster-role.yaml | 0
.../node-exporter-daemonset.yaml | 5 +
.../node-exporter-service-account.yaml | 0
.../node-exporter-service-monitor.yaml | 0
.../node-exporter-service.yaml | 1 +
...l => prometheus-cluster-role-binding.yaml} | 0
...role.yaml => prometheus-cluster-role.yaml} | 0
.../prometheus-k8s/prometheus-k8s-rules.yaml | 590 --
...us-k8s.yaml => prometheus-prometheus.yaml} | 3 +
...ml => prometheus-role-binding-config.yaml} | 0
...l => prometheus-role-binding-default.yaml} | 0
... prometheus-role-binding-kube-system.yaml} | 0
...=> prometheus-role-binding-namespace.yaml} | 0
...onfig.yaml => prometheus-role-config.yaml} | 0
...ault.yaml => prometheus-role-default.yaml} | 0
....yaml => prometheus-role-kube-system.yaml} | 0
...ce.yaml => prometheus-role-namespace.yaml} | 0
manifests/prometheus-rules.yaml | 166 +
...t.yaml => prometheus-service-account.yaml} | 0
...prometheus-service-monitor-apiserver.yaml} | 0
... prometheus-service-monitor-core-dns.yaml} | 0
...vice-monitor-kube-controller-manager.yaml} | 0
...theus-service-monitor-kube-scheduler.yaml} | 0
...> prometheus-service-monitor-kubelet.yaml} | 0
...-service-monitor-prometheus-operator.yaml} | 0
...rometheus-service-monitor-prometheus.yaml} | 0
...s-service.yaml => prometheus-service.yaml} | 0
141 files changed, 9980 insertions(+), 5694 deletions(-)
delete mode 100644 example-dist/base/kube-prometheus.jsonnet
delete mode 100644 example-dist/bootkube/.gitignore
delete mode 100644 example-dist/bootkube/kube-prometheus.jsonnet
delete mode 100644 example-dist/kubeadm/.gitignore
delete mode 100644 example-dist/kubeadm/kube-prometheus.jsonnet
create mode 100644 examples/bootkube.jsonnet
create mode 100644 examples/ksonnet-example.jsonnet
create mode 100644 examples/kubeadm.jsonnet
create mode 100644 examples/node-ports.jsonnet
create mode 100644 examples/prometheus-name-override.jsonnet
create mode 100644 hack/scripts/kube-prometheus-base.jsonnet
create mode 100644 hack/scripts/kube-prometheus-minikube.jsonnet
delete mode 100644 jsonnet/alertmanager/alertmanager-main-secret.libsonnet
delete mode 100644 jsonnet/alertmanager/alertmanager-main-service-account.libsonnet
delete mode 100644 jsonnet/alertmanager/alertmanager-main-service-monitor.libsonnet
delete mode 100644 jsonnet/alertmanager/alertmanager-main-service.libsonnet
delete mode 100644 jsonnet/alertmanager/alertmanager-main.libsonnet
delete mode 100644 jsonnet/alertmanager/alertmanager.libsonnet
delete mode 100644 jsonnet/kube-prometheus.libsonnet
create mode 100644 jsonnet/kube-prometheus/.gitignore
create mode 100644 jsonnet/kube-prometheus/alertmanager/alertmanager.libsonnet
create mode 100644 jsonnet/kube-prometheus/jsonnetfile.json
create mode 100644 jsonnet/kube-prometheus/kube-prometheus-bootkube.libsonnet
create mode 100644 jsonnet/kube-prometheus/kube-prometheus-ksonnet.libsonnet
create mode 100644 jsonnet/kube-prometheus/kube-prometheus-kubeadm.libsonnet
create mode 100644 jsonnet/kube-prometheus/kube-prometheus-node-ports.libsonnet
create mode 100644 jsonnet/kube-prometheus/kube-prometheus.libsonnet
create mode 100644 jsonnet/kube-prometheus/kube-state-metrics/kube-state-metrics.libsonnet
create mode 100644 jsonnet/kube-prometheus/node-exporter/node-exporter.libsonnet
create mode 100644 jsonnet/kube-prometheus/prometheus-operator/alertmanager-crd.libsonnet
create mode 100644 jsonnet/kube-prometheus/prometheus-operator/prometheus-crd.libsonnet
create mode 100644 jsonnet/kube-prometheus/prometheus-operator/prometheus-operator.libsonnet
create mode 100644 jsonnet/kube-prometheus/prometheus-operator/servicemonitor-crd.libsonnet
create mode 100644 jsonnet/kube-prometheus/prometheus/prometheus.libsonnet
delete mode 100644 jsonnet/kube-state-metrics/kube-state-metrics-cluster-role-binding.libsonnet
delete mode 100644 jsonnet/kube-state-metrics/kube-state-metrics-cluster-role.libsonnet
delete mode 100644 jsonnet/kube-state-metrics/kube-state-metrics-deployment.libsonnet
delete mode 100644 jsonnet/kube-state-metrics/kube-state-metrics-role-binding.libsonnet
delete mode 100644 jsonnet/kube-state-metrics/kube-state-metrics-role.libsonnet
delete mode 100644 jsonnet/kube-state-metrics/kube-state-metrics-service-account.libsonnet
delete mode 100644 jsonnet/kube-state-metrics/kube-state-metrics-service-monitor.libsonnet
delete mode 100644 jsonnet/kube-state-metrics/kube-state-metrics-service.libsonnet
delete mode 100644 jsonnet/kube-state-metrics/kube-state-metrics.libsonnet
delete mode 100644 jsonnet/node-exporter/node-exporter-cluster-role-binding.libsonnet
delete mode 100644 jsonnet/node-exporter/node-exporter-cluster-role.libsonnet
delete mode 100644 jsonnet/node-exporter/node-exporter-daemonset.libsonnet
delete mode 100644 jsonnet/node-exporter/node-exporter-service-account.libsonnet
delete mode 100644 jsonnet/node-exporter/node-exporter-service-monitor.libsonnet
delete mode 100644 jsonnet/node-exporter/node-exporter-service.libsonnet
delete mode 100644 jsonnet/node-exporter/node-exporter.libsonnet
delete mode 100644 jsonnet/prometheus-operator/prometheus-operator-cluster-role-binding.libsonnet
delete mode 100644 jsonnet/prometheus-operator/prometheus-operator-cluster-role.libsonnet
delete mode 100644 jsonnet/prometheus-operator/prometheus-operator-deployment.libsonnet
delete mode 100644 jsonnet/prometheus-operator/prometheus-operator-service-account.libsonnet
delete mode 100644 jsonnet/prometheus-operator/prometheus-operator-service-monitor.libsonnet
delete mode 100644 jsonnet/prometheus-operator/prometheus-operator-service.libsonnet
delete mode 100644 jsonnet/prometheus-operator/prometheus-operator.libsonnet
delete mode 100644 jsonnet/prometheus/prometheus-k8s-cluster-role-binding.libsonnet
delete mode 100644 jsonnet/prometheus/prometheus-k8s-cluster-role.libsonnet
delete mode 100644 jsonnet/prometheus/prometheus-k8s-role-binding-config.libsonnet
delete mode 100644 jsonnet/prometheus/prometheus-k8s-role-binding-default.libsonnet
delete mode 100644 jsonnet/prometheus/prometheus-k8s-role-binding-kube-system.libsonnet
delete mode 100644 jsonnet/prometheus/prometheus-k8s-role-binding-namespace.libsonnet
delete mode 100644 jsonnet/prometheus/prometheus-k8s-role-config.libsonnet
delete mode 100644 jsonnet/prometheus/prometheus-k8s-role-default.libsonnet
delete mode 100644 jsonnet/prometheus/prometheus-k8s-role-kube-system.libsonnet
delete mode 100644 jsonnet/prometheus/prometheus-k8s-role-namespace.libsonnet
delete mode 100644 jsonnet/prometheus/prometheus-k8s-rules.libsonnet
delete mode 100644 jsonnet/prometheus/prometheus-k8s-service-account.libsonnet
delete mode 100644 jsonnet/prometheus/prometheus-k8s-service-monitor-apiserver.libsonnet
delete mode 100644 jsonnet/prometheus/prometheus-k8s-service-monitor-coredns.libsonnet
delete mode 100644 jsonnet/prometheus/prometheus-k8s-service-monitor-kube-controller-manager.libsonnet
delete mode 100644 jsonnet/prometheus/prometheus-k8s-service-monitor-kube-scheduler.libsonnet
delete mode 100644 jsonnet/prometheus/prometheus-k8s-service-monitor-kubelet.libsonnet
delete mode 100644 jsonnet/prometheus/prometheus-k8s-service-monitor-prometheus.libsonnet
delete mode 100644 jsonnet/prometheus/prometheus-k8s-service.libsonnet
delete mode 100644 jsonnet/prometheus/prometheus-k8s.libsonnet
delete mode 100644 jsonnet/prometheus/prometheus-namespace-role-binding.libsonnet
delete mode 100644 jsonnet/prometheus/prometheus-namespace-role.libsonnet
delete mode 100644 jsonnet/prometheus/prometheus.libsonnet
create mode 100644 manifests/0prometheus-operator-0alertmanager-custom-resource-definition.yaml
create mode 100644 manifests/0prometheus-operator-0prometheus-custom-resource-definition.yaml
create mode 100644 manifests/0prometheus-operator-0servicemonitor-custom-resource-definition.yaml
rename manifests/{prometheus-operator/prometheus-operator-cluster-role-binding.yaml => 0prometheus-operator-cluster-role-binding.yaml} (100%)
rename manifests/{prometheus-operator/prometheus-operator-cluster-role.yaml => 0prometheus-operator-cluster-role.yaml} (100%)
rename manifests/{prometheus-operator/prometheus-operator-deployment.yaml => 0prometheus-operator-deployment.yaml} (94%)
rename manifests/{prometheus-operator/prometheus-operator-service-account.yaml => 0prometheus-operator-service-account.yaml} (100%)
rename manifests/{prometheus-operator/prometheus-operator-service.yaml => 0prometheus-operator-service.yaml} (76%)
rename manifests/{alertmanager-main/alertmanager-main.yaml => alertmanager-alertmanager.yaml} (69%)
delete mode 100644 manifests/alertmanager-main/alertmanager-main-secret.yaml
create mode 100644 manifests/alertmanager-secret.yaml
rename manifests/{alertmanager-main/alertmanager-main-service-account.yaml => alertmanager-service-account.yaml} (100%)
rename manifests/{alertmanager-main/alertmanager-main-service-monitor.yaml => alertmanager-service-monitor.yaml} (100%)
rename manifests/{alertmanager-main/alertmanager-main-service.yaml => alertmanager-service.yaml} (100%)
rename manifests/{grafana/grafana-datasources.yaml => grafana-dashboard-datasources.yaml} (100%)
rename manifests/{grafana => }/grafana-dashboard-definitions.yaml (54%)
rename manifests/{grafana => }/grafana-dashboard-sources.yaml (100%)
rename manifests/{grafana => }/grafana-deployment.yaml (86%)
rename manifests/{grafana => }/grafana-service-account.yaml (100%)
rename manifests/{grafana => }/grafana-service.yaml (100%)
rename manifests/{kube-state-metrics => }/kube-state-metrics-cluster-role-binding.yaml (100%)
rename manifests/{kube-state-metrics => }/kube-state-metrics-cluster-role.yaml (100%)
rename manifests/{kube-state-metrics => }/kube-state-metrics-deployment.yaml (97%)
rename manifests/{kube-state-metrics => }/kube-state-metrics-role-binding.yaml (100%)
rename manifests/{kube-state-metrics => }/kube-state-metrics-role.yaml (100%)
rename manifests/{kube-state-metrics => }/kube-state-metrics-service-account.yaml (100%)
rename manifests/{kube-state-metrics => }/kube-state-metrics-service-monitor.yaml (100%)
rename manifests/{kube-state-metrics => }/kube-state-metrics-service.yaml (94%)
rename manifests/{node-exporter => }/node-exporter-cluster-role-binding.yaml (100%)
rename manifests/{node-exporter => }/node-exporter-cluster-role.yaml (100%)
rename manifests/{node-exporter => }/node-exporter-daemonset.yaml (90%)
rename manifests/{node-exporter => }/node-exporter-service-account.yaml (100%)
rename manifests/{node-exporter => }/node-exporter-service-monitor.yaml (100%)
rename manifests/{node-exporter => }/node-exporter-service.yaml (92%)
rename manifests/{prometheus-k8s/prometheus-k8s-cluster-role-binding.yaml => prometheus-cluster-role-binding.yaml} (100%)
rename manifests/{prometheus-k8s/prometheus-k8s-cluster-role.yaml => prometheus-cluster-role.yaml} (100%)
delete mode 100644 manifests/prometheus-k8s/prometheus-k8s-rules.yaml
rename manifests/{prometheus-k8s/prometheus-k8s.yaml => prometheus-prometheus.yaml} (85%)
rename manifests/{prometheus-k8s/prometheus-k8s-role-binding-config.yaml => prometheus-role-binding-config.yaml} (100%)
rename manifests/{prometheus-k8s/prometheus-k8s-role-binding-default.yaml => prometheus-role-binding-default.yaml} (100%)
rename manifests/{prometheus-k8s/prometheus-k8s-role-binding-kube-system.yaml => prometheus-role-binding-kube-system.yaml} (100%)
rename manifests/{prometheus-k8s/prometheus-k8s-role-binding-namespace.yaml => prometheus-role-binding-namespace.yaml} (100%)
rename manifests/{prometheus-k8s/prometheus-k8s-role-config.yaml => prometheus-role-config.yaml} (100%)
rename manifests/{prometheus-k8s/prometheus-k8s-role-default.yaml => prometheus-role-default.yaml} (100%)
rename manifests/{prometheus-k8s/prometheus-k8s-role-kube-system.yaml => prometheus-role-kube-system.yaml} (100%)
rename manifests/{prometheus-k8s/prometheus-k8s-role-namespace.yaml => prometheus-role-namespace.yaml} (100%)
create mode 100644 manifests/prometheus-rules.yaml
rename manifests/{prometheus-k8s/prometheus-k8s-service-account.yaml => prometheus-service-account.yaml} (100%)
rename manifests/{prometheus-k8s/prometheus-k8s-service-monitor-apiserver.yaml => prometheus-service-monitor-apiserver.yaml} (100%)
rename manifests/{prometheus-k8s/prometheus-k8s-service-monitor-coredns.yaml => prometheus-service-monitor-core-dns.yaml} (100%)
rename manifests/{prometheus-k8s/prometheus-k8s-service-monitor-kube-controller-manager.yaml => prometheus-service-monitor-kube-controller-manager.yaml} (100%)
rename manifests/{prometheus-k8s/prometheus-k8s-service-monitor-kube-scheduler.yaml => prometheus-service-monitor-kube-scheduler.yaml} (100%)
rename manifests/{prometheus-k8s/prometheus-k8s-service-monitor-kubelet.yaml => prometheus-service-monitor-kubelet.yaml} (100%)
rename manifests/{prometheus-operator/prometheus-operator-service-monitor.yaml => prometheus-service-monitor-prometheus-operator.yaml} (100%)
rename manifests/{prometheus-k8s/prometheus-k8s-service-monitor-prometheus.yaml => prometheus-service-monitor-prometheus.yaml} (100%)
rename manifests/{prometheus-k8s/prometheus-k8s-service.yaml => prometheus-service.yaml} (100%)
diff --git a/.gitignore b/.gitignore
index 3fec32c8..0887fe6e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
tmp/
+minikube-manifests/
diff --git a/Makefile b/Makefile
index 8ff81356..90736d61 100644
--- a/Makefile
+++ b/Makefile
@@ -7,5 +7,11 @@ generate: image
@echo ">> Compiling assets and generating Kubernetes manifests"
docker run --rm -u=$(shell id -u $(USER)):$(shell id -g $(USER)) -v `pwd`:/go/src/github.com/coreos/prometheus-operator/contrib/kube-prometheus --workdir /go/src/github.com/coreos/prometheus-operator/contrib/kube-prometheus po-jsonnet make generate-raw
+crdtojsonnet:
+ cat ../../example/prometheus-operator-crd/alertmanager.crd.yaml | gojsontoyaml -yamltojson > jsonnet/kube-prometheus/prometheus-operator/alertmanager-crd.libsonnet
+ cat ../../example/prometheus-operator-crd/prometheus.crd.yaml | gojsontoyaml -yamltojson > jsonnet/kube-prometheus/prometheus-operator/prometheus-crd.libsonnet
+ cat ../../example/prometheus-operator-crd/servicemonitor.crd.yaml | gojsontoyaml -yamltojson > jsonnet/kube-prometheus/prometheus-operator/servicemonitor-crd.libsonnet
+
generate-raw:
- ./hack/scripts/build-jsonnet.sh example-dist/base/kube-prometheus.jsonnet manifests
+ cd jsonnet/kube-prometheus; jb install
+ ./hack/scripts/build-jsonnet.sh hack/scripts/kube-prometheus-base.jsonnet manifests
diff --git a/README.md b/README.md
index 7defae27..ac4497d2 100644
--- a/README.md
+++ b/README.md
@@ -2,221 +2,184 @@
> Note that everything in the `contrib/kube-prometheus/` directory is experimental and may change significantly at any time.
-This repository collects Kubernetes manifests, [Grafana](http://grafana.com/) dashboards, and
-[Prometheus rules](https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/)
-combined with documentation and scripts to provide single-command deployments of end-to-end
-Kubernetes cluster monitoring with [Prometheus](https://prometheus.io/) (Operator).
+This repository collects Kubernetes manifests, [Grafana](http://grafana.com/) dashboards, and [Prometheus rules](https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/) combined with documentation and scripts to provide easy to operate end-to-end Kubernetes cluster monitoring with [Prometheus](https://prometheus.io/) using the Prometheus Operator.
-## Prerequisites
+The content of this project is written in [jsonnet](http://jsonnet.org/). This project could both be described as a package as well as a library.
+
+Components included in this package:
-First, you need a running Kubernetes cluster. If you don't have one, we recommend you create one
-with [Tectonic Installer](https://coreos.com/tectonic/docs/latest/). Despite the name,
-Tectonic Installer gives you also the choice to create a barebones Kubernetes cluster, without
-CoreOS' Tectonic technology. Otherwise, you can simply make use of
-[bootkube](https://github.com/kubernetes-incubator/bootkube) or
-[minikube](https://github.com/kubernetes/minikube) for local testing. Some sample contents of this
-repository are adapted to work with a [multi-node setup](https://github.com/kubernetes-incubator/bootkube/tree/master/hack/multi-node)
-using [bootkube](https://github.com/kubernetes-incubator/bootkube).
-
-
-> We assume that the kubelet uses token authN and authZ, as otherwise
-> Prometheus needs a client certificate, which gives it full access to the
-> kubelet, rather than just the metrics. Token authN and authZ allows more fine
-> grained and easier access control. Simply start minikube with the following
-> command (you can of course adapt the version and memory to your needs):
->
-> $ minikube delete && minikube start --kubernetes-version=v1.9.1 --memory=4096 --bootstrapper=kubeadm --extra-config=kubelet.authentication-token-webhook=true --extra-config=kubelet.authorization-mode=Webhook --extra-config=scheduler.address=0.0.0.0 --extra-config=controller-manager.address=0.0.0.0
->
-> In future versions of minikube and kubeadm this will be the default, but for
-> the time being, we will have to configure it ourselves.
-
-## Monitoring Kubernetes
-
-The manifests here use the [Prometheus Operator](https://github.com/coreos/prometheus-operator),
-which manages Prometheus servers and their configuration in a cluster. With a single command we can
-install
-
-* The Operator itself
-* The Prometheus [node_exporter](https://github.com/prometheus/node_exporter)
+* The [Prometheus Operator](https://github.com/coreos/prometheus-operator)
+* Highly available [Prometheus](https://prometheus.io/)
+* Highly available [Alertmanager](https://github.com/prometheus/alertmanager)
+* [Prometheus node-exporter](https://github.com/prometheus/node_exporter)
* [kube-state-metrics](https://github.com/kubernetes/kube-state-metrics)
-* The [Prometheus specification](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheus) based on which the Operator deploys a Prometheus setup
-* A Prometheus configuration covering monitoring of all Kubernetes core components and exporters
-* A default set of alerting rules on the cluster components' health
-* A Grafana instance serving dashboards on cluster metrics
-* A three node highly available Alertmanager cluster
+* [Grafana](https://grafana.com/)
-Simply run:
+This stack is meant for cluster monitoring, so it is pre-configured to collect metrics from all Kubernetes components. In addition to that it delivers a default set of dashboards and alerting rules. Many of the useful dashboards and alerts come from the [kubernetes-mixin project](https://github.com/kubernetes-monitoring/kubernetes-mixin), similar to this project it provides composable jsonnet as a library for users to customize to their needs.
-```bash
-cd contrib/kube-prometheus/
-hack/cluster-monitoring/deploy
-```
+## Prerequisites
-After all pods are ready, you can reach each of the UIs by port-forwarding:
+You will need a Kubernetes cluster, that's it! By default it is assumed, that the kubelet uses token authN and authZ, as otherwise Prometheus needs a client certificate, which gives it full access to the kubelet, rather than just the metrics. Token authN and authZ allows more fine grained and easier access control.
-* Prometheus UI on node port `kubectl -n monitoring port-forward prometheus-k8s-0 9090`
-* Alertmanager UI on node port `kubectl -n monitoring port-forward alertmanager-main-0 9093`
-* Grafana on node port `kubectl -n monitoring port-forward $(kubectl get pods -n monitoring -lapp=grafana -ojsonpath='{range .items[*]}{.metadata.name}{"\n"}{end}') 3000`
+### minikube
-To tear it all down again, run:
+In order to just try out this stack, start minikube with the following command:
-```bash
-hack/cluster-monitoring/teardown
+```
+$ minikube delete && minikube start --kubernetes-version=v1.10.1 --memory=4096 --bootstrapper=kubeadm --extra-config=kubelet.authentication-token-webhook=true --extra-config=kubelet.authorization-mode=Webhook --extra-config=scheduler.address=0.0.0.0 --extra-config=controller-manager.address=0.0.0.0
```
-## Customizing
-
-As everyone's infrastructure is slightly different, different organizations have different requirements. Thereby there may be modifications you want to do on kube-prometheus to fit your needs.
-
-The kube-prometheus stack is intended to be a jsonnet library for organizations to consume and use in their own infrastructure repository. Below is an example how it can be used to deploy the stack properly on minikube.
-
-The three "distribution" examples we have assembled can be found in:
-
-* `example-dist/base`: contains the plain kube-prometheus stack for organizations to build on.
-* `example-dist/kubeadm`: contains the kube-prometheus stack with slight modifications to work properly monitoring kubeadm clusters and exposes UIs on NodePorts for demonstration purposes.
-* `example-dist/bootkube`: contains the kube-prometheus stack with slight modifications to work properly on clusters created with bootkube.
-
-The examples in `example-dist/` are purely meant for demonstration purposes, the `kube-prometheus.jsonnet` file should live in your organizations infrastructure repository and use the kube-prometheus library provided here.
-
-Examples of additoinal modifications you may want to make could be adding an `Ingress` object for each of the UIs, but the point of this is that as opposed to other solutions out there, this library does not need to yield all possible customization options, it's all up to the user to customize!
-
-### minikube kubeadm example
+## Quickstart
-See `example-dist/kubeadm` for an example for deploying on minikube, using the minikube kubeadm bootstrapper. The `example-dist/kubeadm/kube-prometheus.jsonnet` file renders the kube-prometheus manifests using jsonnet and then merges the result with kubeadm specifics, such as information on how to monitor kube-controller-manager and kube-scheduler as created by kubeadm. In addition for demonstration purposes, it converts the services selecting Prometheus, Alertmanager and Grafana to NodePort services.
+Although this project is intended to be used as a library, a compiled version of the Kubernetes manifests generated with this library is checked into this repository in order to try the content our quickly.
-Let's give that a try, and create a minikube cluster:
+Simply create the stack:
```
-minikube delete && minikube start --kubernetes-version=v1.9.6 --memory=4096 --bootstrapper=kubeadm --extra-config=kubelet.authentication-token-webhook=true --extra-config=kubelet.authorization-mode=Webhook --extra-config=scheduler.address=0.0.0.0 --extra-config=controller-manager.address=0.0.0.0
+$ kubectl create -f manifests/
```
-Then we can render the manifests for kubeadm (because we are using the minikube kubeadm bootstrapper):
-
-```
-docker run --rm \
- -v `pwd`:/go/src/github.com/coreos/prometheus-operator/contrib/kube-prometheus \
- --workdir /go/src/github.com/coreos/prometheus-operator/contrib/kube-prometheus \
- po-jsonnet \
- ./hack/scripts/build-jsonnet.sh example-dist/kubeadm/kube-prometheus.jsonnet example-dist/kubeadm/manifests
-```
+## Usage
-> Note the `po-jsonnet` docker image is built using [this Dockerfile](/scripts/jsonnet/Dockerfile), you can also build it using `make image` from the `contrib/kube-prometheus` folder.
+The content of this project consists of a set of [jsonnet](http://jsonnet.org/) files making up a library to be consumed.
-Then the stack can be deployed using
+Install this library in your own project with [jsonnet-bundler](https://github.com/jsonnet-bundler/jsonnet-bundler#install):
```
-hack/cluster-monitoring/deploy example-dist/kubeadm
+$ mkdir my-kube-prometheus; cd my-kube-prometheus
+$ jb init
+$ jb install github.com/coreos/prometheus-operator/contrib/kube-prometheus/jsonnet/kube-prometheus
```
-## Monitoring custom services
+> `jb` can be installed with `go get github.com/jsonnet-bundler/jsonnet-bundler/cmd/jb`
-The example manifests in [examples/example-app](/contrib/kube-prometheus/examples/example-app)
-deploy a fake service exposing Prometheus metrics. They additionally define a new Prometheus
-server and a [`ServiceMonitor`](https://github.com/coreos/prometheus-operator/blob/master/Documentation/design.md#servicemonitor),
-which specifies how the example service should be monitored.
-The Prometheus Operator will deploy and configure the desired Prometheus instance and continuously
-manage its life cycle.
-
-```bash
-hack/example-service-monitoring/deploy
-```
+You may wish to not use ksonnet and simply render the generated manifests to files on disk, this can be done with:
-After all pods are ready you can reach the Prometheus server similar to the Prometheus server above:
+[embedmd]:# (hack/scripts/kube-prometheus-base.jsonnet)
+```jsonnet
+local kp = (import "kube-prometheus/kube-prometheus.libsonnet") + {
+ _config+:: {
+ namespace: "monitoring",
+ }
+};
-```bash
-kubectl port-forward prometheus-frontend-0 9090
+{["0prometheus-operator-"+name+".yaml"]: std.manifestYamlDoc(kp.prometheusOperator[name]) for name in std.objectFields(kp.prometheusOperator)} +
+{["node-exporter-"+name+".yaml"]: std.manifestYamlDoc(kp.nodeExporter[name]) for name in std.objectFields(kp.nodeExporter)} +
+{["kube-state-metrics-"+name+".yaml"]: std.manifestYamlDoc(kp.kubeStateMetrics[name]) for name in std.objectFields(kp.kubeStateMetrics)} +
+{["alertmanager-"+name+".yaml"]: std.manifestYamlDoc(kp.alertmanager[name]) for name in std.objectFields(kp.alertmanager)} +
+{["prometheus-"+name+".yaml"]: std.manifestYamlDoc(kp.prometheus[name]) for name in std.objectFields(kp.prometheus)} +
+{["grafana-"+name+".yaml"]: std.manifestYamlDoc(kp.grafana[name]) for name in std.objectFields(kp.grafana)}
```
-Then you can access Prometheus through `http://localhost:9090/`.
+This renders all manifests in a json structure of `{filename: manifest-content}`. To split this into files on disk use:
-Teardown:
+> Note you need `jsonnet`, `jq`, `sed`, `tr` and `gojsonyaml` (`go get github.com/brancz/gojsontoyaml`) installed.
```bash
-hack/example-service-monitoring/teardown
-```
+jsonnet -J vendor example.jsonnet > tmp.json
-## Dashboarding
+files=$(jq -r 'keys[]' tmp.json)
-The provided manifests deploy a Grafana instance serving dashboards provided via ConfigMaps.
-Said ConfigMaps are generated from Python scripts in assets/grafana, that all have the extension
-.dashboard.py as they are loaded by the [grafanalib](https://github.com/aknuds1/grafanalib)
-Grafana dashboard generator. Bear in mind that we are for now using a fork of grafanalib as
-we needed to make extensive changes to it, in order to be able to generate our dashboards. We are
-hoping to be able to consolidate our version with the original.
+for file in ${files}; do
+ # prepare directory
+ dir=$(dirname "${file}")
+ path="${dir}"
+ mkdir -p ${path}
-As such, in order to make changes to the dashboard bundle, you need to change the \*.dashboard.py
-files in assets/grafana, eventually add your own, and then run `make generate` in the
-kube-prometheus root directory.
-
-To read more in depth about developing dashboards, read the
-[Developing Prometheus Rules and Grafana Dashboards](docs/developing-alerts-and-dashboards.md)
-documentation.
+ # covert file name to snake case with dashes
+ fullfile=$(echo ${file} | sed -r 's/([a-z0-9])([A-Z])/\1-\L\2/g' | tr '[:upper:]' '[:lower:]')
-### Reloading of dashboards
+ # write each value to the path in key; convert multiple times to prettify yaml
+ jq -r ".[\"${file}\"]" tmp.json | gojsontoyaml -yamltojson | gojsontoyaml > "${fullfile}"
+done
-Currently, Grafana does not support serving dashboards from static files. Instead, the `grafana-watcher`
-sidecar container aims to emulate the behavior, by keeping the Grafana database always in sync
-with the provided ConfigMap. Hence, the Grafana pod is effectively stateless.
-This allows managing dashboards via `git` etc. and easily deploying them via CD pipelines.
+rm tmp.json
+```
-In the future, a separate Grafana operator will support gathering dashboards from multiple
-ConfigMaps based on label selection.
+## Configuration
-WARNING: If you deploy multiple Grafana instances for HA, you must use session affinity.
-Otherwise if pods restart the prometheus datasource ID can get out of sync between the pods,
-breaking the UI
+A hidden `_config` field is located at the top level of the object this library provides. These are the available fields with their respective default values:
-## Roadmap
+```
+{
+ _config+:: {
+ namespace: "default",
+
+ versions+:: {
+ alertmanager: "v0.14.0",
+ nodeExporter: "v0.15.2",
+ kubeStateMetrics: "v1.3.0",
+ kubeRbacProxy: "v0.3.0",
+ addonResizer: "1.0",
+ prometheusOperator: "v0.18.1",
+ prometheus: "v2.2.1",
+ },
+
+ imageRepos+:: {
+ prometheus: "quay.io/prometheus/prometheus",
+ alertmanager: "quay.io/prometheus/alertmanager",
+ kubeStateMetrics: "quay.io/coreos/kube-state-metrics",
+ kubeRbacProxy: "quay.io/coreos/kube-rbac-proxy",
+ addonResizer: "quay.io/coreos/addon-resizer",
+ nodeExporter: "quay.io/prometheus/node-exporter",
+ prometheusOperator: "quay.io/coreos/prometheus-operator",
+ },
+
+ prometheus+:: {
+ replicas: 2,
+ rules: {},
+ },
+
+ alertmanager+:: {
+ config: alertmanagerConfig,
+ replicas: 3,
+ },
+ },
+}
+```
-* Grafana Operator that dynamically discovers and deploys dashboards from ConfigMaps
-* KPM/Helm packages to easily provide production-ready cluster-monitoring setup (essentially contents of `hack/cluster-monitoring`)
-* Add meta-monitoring to default cluster monitoring setup
-* Build out the provided dashboards and alerts for cluster monitoring to have full coverage of all system aspects
+## Customization
-## Monitoring other Cluster Components
+Jsonnet is a turing complete language, any logic can be reflected in it. It also has powerful merge functionalities, allowing sophisticated customizations of any kind simply by merging it into the object the library provides.
-Discovery of API servers and kubelets works the same across all clusters.
-Depending on a cluster's setup several other core components, such as etcd or the
-scheduler, may be deployed in different ways.
-The easiest integration point is for the cluster operator to provide headless services
-of all those components to provide a common interface of discovering them. With that
-setup they will automatically be discovered by the provided Prometheus configuration.
+A common example is that not all Kubernetes clusters are created exactly the same way, meaning the configuration to monitor them may be slightly different. For [kubeadm]() and [bootkube]() clusters there are mixins available to easily configure these:
-For the `kube-scheduler` and `kube-controller-manager` there are headless
-services prepared, simply add them to your running cluster:
+kubeadm:
+[embedmd]:# (examples/kubeadm.jsonnet)
-```bash
-kubectl -n kube-system create -f manifests/k8s/
-```
+bootkube:
+[embedmd]:# (examples/bootkube.jsonnet)
-> Hint: if you use this for a cluster not created with bootkube, make sure you
-> populate an endpoints object with the address to your `kube-scheduler` and
-> `kube-controller-manager`, or adapt the label selectors to match your setup.
+Another mixin that may be useful for exploring the stack is to expose the UIs of Prometheus, Alertmanager and Grafana on NodePorts:
-Aside from Kubernetes specific components, etcd is an important part of a
-working cluster, but is typically deployed outside of it. This monitoring
-setup assumes that it is made visible from within the cluster through a headless
-service as well.
+[embedmd]:# (examples/node-ports.jsonnet)
-> Note that minikube hides some components like etcd so to see the extend of
-> this setup we recommend setting up a [local cluster using bootkube](https://github.com/kubernetes-incubator/bootkube/tree/master/hack/multi-node).
+For example the name of the `Prometheus` object provided by this library can be overridden:
-An example for bootkube's multi-node vagrant setup is [here](/contrib/kube-prometheus/manifests/etcd/etcd-bootkube-vagrant-multi.yaml).
+[embedmd]:# (examples/prometheus-name-override.jsonnet)
+```jsonnet
+((import "kube-prometheus/kube-prometheus.libsonnet") + {
+ prometheus+: {
+ prometheus+: {
+ metadata+: {
+ name: "my-name",
+ }
+ }
+ }
+}).prometheus.prometheus
+```
-> Hint: this is merely an example for a local setup. The addresses will have to
-> be adapted for a setup, that is not a single etcd bootkube created cluster.
+Standard Kubernetes manifests are all written using [ksonnet-lib](https://github.com/ksonnet/ksonnet-lib/), so they can be modified with the mixins supplied by ksonnet-lib. For example to override the namespace of the node-exporter DaemonSet:
-With that setup the headless services provide endpoint lists consumed by
-Prometheus to discover the endpoints as targets:
+[embedmd]:# (examples/ksonnet-example.jsonnet)
+```jsonnet
+local k = import "ksonnet/ksonnet.beta.3/k.libsonnet";
+local daemonset = k.apps.v1beta2.daemonSet;
-```bash
-$ kubectl get endpoints --all-namespaces
-NAMESPACE NAME ENDPOINTS AGE
-default kubernetes 172.17.4.101:443 2h
-kube-system kube-controller-manager-prometheus-discovery 10.2.30.2:10252 1h
-kube-system kube-scheduler-prometheus-discovery 10.2.30.4:10251 1h
-monitoring etcd-k8s 172.17.4.51:2379 1h
+((import "kube-prometheus/kube-prometheus.libsonnet") + {
+ nodeExporter+: {
+ daemonset+:
+ daemonset.mixin.metadata.withNamespace("my-custom-namespace") +
+ }
+}).nodeExporter.daemonset
```
-
-## Other Documentation
-[Install Docs for a cluster created with KOPS on AWS](docs/KOPSonAWS.md)
diff --git a/example-dist/base/kube-prometheus.jsonnet b/example-dist/base/kube-prometheus.jsonnet
deleted file mode 100644
index 01760e65..00000000
--- a/example-dist/base/kube-prometheus.jsonnet
+++ /dev/null
@@ -1,6 +0,0 @@
-local kubePrometheus = import "kube-prometheus.libsonnet";
-
-local namespace = "monitoring";
-local objects = kubePrometheus.new(namespace);
-
-{[path]: std.manifestYamlDoc(objects[path]) for path in std.objectFields(objects)}
diff --git a/example-dist/bootkube/.gitignore b/example-dist/bootkube/.gitignore
deleted file mode 100644
index 4ea90de6..00000000
--- a/example-dist/bootkube/.gitignore
+++ /dev/null
@@ -1,2 +0,0 @@
-tmp/
-manifests/
diff --git a/example-dist/bootkube/kube-prometheus.jsonnet b/example-dist/bootkube/kube-prometheus.jsonnet
deleted file mode 100644
index fa731106..00000000
--- a/example-dist/bootkube/kube-prometheus.jsonnet
+++ /dev/null
@@ -1,36 +0,0 @@
-local k = import "ksonnet.beta.3/k.libsonnet";
-local service = k.core.v1.service;
-local servicePort = k.core.v1.service.mixin.spec.portsType;
-local kubePrometheus = import "kube-prometheus.libsonnet";
-
-local namespace = "monitoring";
-
-local controllerManagerService = service.new("kube-controller-manager-prometheus-discovery", {"k8s-app": "kube-controller-manager"}, servicePort.newNamed("http-metrics", 10252, 10252)) +
- service.mixin.metadata.withNamespace("kube-system") +
- service.mixin.metadata.withLabels({"k8s-app": "kube-controller-manager"});
-
-local schedulerService = service.new("kube-scheduler-prometheus-discovery", {"k8s-app": "kube-scheduler"}, servicePort.newNamed("http-metrics", 10251, 10251)) +
- service.mixin.metadata.withNamespace("kube-system") +
- service.mixin.metadata.withLabels({"k8s-app": "kube-scheduler"});
-
-local kubeDNSService = service.new("kube-dns-prometheus-discovery", {"k8s-app": "kube-dns"}, [servicePort.newNamed("http-metrics-skydns", 10055, 10055), servicePort.newNamed("http-metrics-dnsmasq", 10054, 10054)]) +
- service.mixin.metadata.withNamespace("kube-system") +
- service.mixin.metadata.withLabels({"k8s-app": "kube-dns"});
-
-local objects = kubePrometheus.new(namespace) +
- {
- "prometheus-k8s/prometheus-k8s-service.yaml"+:
- service.mixin.spec.withPorts(servicePort.newNamed("web", 9090, "web") + servicePort.withNodePort(30900)) +
- service.mixin.spec.withType("NodePort"),
- "alertmanager-main/alertmanager-main-service.yaml"+:
- service.mixin.spec.withPorts(servicePort.newNamed("web", 9093, "web") + servicePort.withNodePort(30903)) +
- service.mixin.spec.withType("NodePort"),
- "grafana/grafana-service.yaml"+:
- service.mixin.spec.withPorts(servicePort.newNamed("http", 3000, "http") + servicePort.withNodePort(30902)) +
- service.mixin.spec.withType("NodePort"),
- "prometheus-k8s/kube-controller-manager-prometheus-discovery-service.yaml": controllerManagerService,
- "prometheus-k8s/kube-scheduler-prometheus-discovery-service.yaml": schedulerService,
- "prometheus-k8s/kube-dns-prometheus-discovery-service.yaml": kubeDNSService,
- };
-
-{[path]: std.manifestYamlDoc(objects[path]) for path in std.objectFields(objects)}
diff --git a/example-dist/kubeadm/.gitignore b/example-dist/kubeadm/.gitignore
deleted file mode 100644
index 4ea90de6..00000000
--- a/example-dist/kubeadm/.gitignore
+++ /dev/null
@@ -1,2 +0,0 @@
-tmp/
-manifests/
diff --git a/example-dist/kubeadm/kube-prometheus.jsonnet b/example-dist/kubeadm/kube-prometheus.jsonnet
deleted file mode 100644
index 50ce1020..00000000
--- a/example-dist/kubeadm/kube-prometheus.jsonnet
+++ /dev/null
@@ -1,31 +0,0 @@
-local k = import "ksonnet.beta.3/k.libsonnet";
-local service = k.core.v1.service;
-local servicePort = k.core.v1.service.mixin.spec.portsType;
-local kubePrometheus = import "kube-prometheus.libsonnet";
-
-local namespace = "monitoring";
-
-local controllerManagerService = service.new("kube-controller-manager-prometheus-discovery", {component: "kube-controller-manager"}, servicePort.newNamed("http-metrics", 10252, 10252)) +
- service.mixin.metadata.withNamespace("kube-system") +
- service.mixin.metadata.withLabels({"k8s-app": "kube-controller-manager"});
-
-local schedulerService = service.new("kube-scheduler-prometheus-discovery", {component: "kube-scheduler"}, servicePort.newNamed("http-metrics", 10251, 10251)) +
- service.mixin.metadata.withNamespace("kube-system") +
- service.mixin.metadata.withLabels({"k8s-app": "kube-scheduler"});
-
-local objects = kubePrometheus.new(namespace) +
- {
- "prometheus-k8s/prometheus-k8s-service.yaml"+:
- service.mixin.spec.withPorts(servicePort.newNamed("web", 9090, "web") + servicePort.withNodePort(30900)) +
- service.mixin.spec.withType("NodePort"),
- "alertmanager-main/alertmanager-main-service.yaml"+:
- service.mixin.spec.withPorts(servicePort.newNamed("web", 9093, "web") + servicePort.withNodePort(30903)) +
- service.mixin.spec.withType("NodePort"),
- "grafana/grafana-service.yaml"+:
- service.mixin.spec.withPorts(servicePort.newNamed("http", 3000, "http") + servicePort.withNodePort(30902)) +
- service.mixin.spec.withType("NodePort"),
- "prometheus-k8s/kube-controller-manager-prometheus-discovery-service.yaml": controllerManagerService,
- "prometheus-k8s/kube-scheduler-prometheus-discovery-service.yaml": schedulerService,
- };
-
-{[path]: std.manifestYamlDoc(objects[path]) for path in std.objectFields(objects)}
diff --git a/examples/bootkube.jsonnet b/examples/bootkube.jsonnet
new file mode 100644
index 00000000..89a7eb7b
--- /dev/null
+++ b/examples/bootkube.jsonnet
@@ -0,0 +1,2 @@
+(import "kube-prometheus/kube-prometheus.libsonnet") +
+(import "kube-prometheus/kube-prometheus-bootkube.libsonnet")
diff --git a/examples/ksonnet-example.jsonnet b/examples/ksonnet-example.jsonnet
new file mode 100644
index 00000000..e83ceaf0
--- /dev/null
+++ b/examples/ksonnet-example.jsonnet
@@ -0,0 +1,9 @@
+local k = import "ksonnet/ksonnet.beta.3/k.libsonnet";
+local daemonset = k.apps.v1beta2.daemonSet;
+
+((import "kube-prometheus/kube-prometheus.libsonnet") + {
+ nodeExporter+: {
+ daemonset+:
+ daemonset.mixin.metadata.withNamespace("my-custom-namespace")
+ }
+}).nodeExporter.daemonset
diff --git a/examples/kubeadm.jsonnet b/examples/kubeadm.jsonnet
new file mode 100644
index 00000000..591809eb
--- /dev/null
+++ b/examples/kubeadm.jsonnet
@@ -0,0 +1,2 @@
+(import "kube-prometheus/kube-prometheus.libsonnet") +
+(import "kube-prometheus/kube-prometheus-kubeadm.libsonnet")
diff --git a/examples/node-ports.jsonnet b/examples/node-ports.jsonnet
new file mode 100644
index 00000000..68731676
--- /dev/null
+++ b/examples/node-ports.jsonnet
@@ -0,0 +1,2 @@
+(import "kube-prometheus/kube-prometheus.libsonnet") +
+(import "kube-prometheus/kube-prometheus-node-ports.libsonnet")
diff --git a/examples/prometheus-name-override.jsonnet b/examples/prometheus-name-override.jsonnet
new file mode 100644
index 00000000..d6410fd8
--- /dev/null
+++ b/examples/prometheus-name-override.jsonnet
@@ -0,0 +1,9 @@
+((import "kube-prometheus/kube-prometheus.libsonnet") + {
+ prometheus+: {
+ prometheus+: {
+ metadata+: {
+ name: "my-name",
+ }
+ }
+ }
+}).prometheus.prometheus
diff --git a/hack/cluster-monitoring/deploy b/hack/cluster-monitoring/deploy
index 9e1b4881..6be94e01 100755
--- a/hack/cluster-monitoring/deploy
+++ b/hack/cluster-monitoring/deploy
@@ -8,11 +8,11 @@ set -u
# print each command before executing it
set -x
-manifest_prefix=${1-.}
+manifest_prefix=${1-./manifests}
kubectl create namespace monitoring
-find ${manifest_prefix}/manifests/prometheus-operator/ -type f ! -name prometheus-operator-service-monitor.yaml -exec kubectl apply -f {} \;
+find ${manifest_prefix}/prometheus-operator/ -type f ! -name service-monitor.yaml -exec kubectl apply -f {} \;
# Wait for CRDs to be ready.
printf "Waiting for Operator to register custom resource definitions..."
@@ -25,14 +25,14 @@ until kubectl get alertmanagers.monitoring.coreos.com > /dev/null 2>&1; do sleep
echo "done!"
# need to ensure that ServiceMonitors are registered before we can create the prometheus-operator ServiceMonitor
-kubectl apply -f ${manifest_prefix}/manifests/prometheus-operator/prometheus-operator-service-monitor.yaml
+kubectl apply -f ${manifest_prefix}/prometheus-operator/service-monitor.yaml
-kubectl apply -f ${manifest_prefix}/manifests/node-exporter/
-kubectl apply -f ${manifest_prefix}/manifests/kube-state-metrics/
-find ${manifest_prefix}/manifests/grafana/ -type f ! -name grafana-dashboard-definitions.yaml -exec kubectl apply -f {} \;
+kubectl apply -f ${manifest_prefix}/node-exporter/
+kubectl apply -f ${manifest_prefix}/kube-state-metrics/
+find ${manifest_prefix}/grafana/ -type f ! -name dashboard-definitions.yaml -exec kubectl apply -f {} \;
# kubectl apply wants to put the previous version in an annotation, which is too large, therefore create instead of apply
-kubectl create -f ${manifest_prefix}/manifests/grafana/grafana-dashboard-definitions.yaml
-kubectl apply -f ${manifest_prefix}/manifests/prometheus-k8s/
-kubectl apply -f ${manifest_prefix}/manifests/alertmanager-main/
+kubectl create -f ${manifest_prefix}/grafana/dashboard-definitions.yaml
+kubectl apply -f ${manifest_prefix}/prometheus/
+kubectl apply -f ${manifest_prefix}/alertmanager/
diff --git a/hack/scripts/build-jsonnet.sh b/hack/scripts/build-jsonnet.sh
index 7189962f..7a754e6c 100755
--- a/hack/scripts/build-jsonnet.sh
+++ b/hack/scripts/build-jsonnet.sh
@@ -8,12 +8,7 @@ json="tmp/manifests.json"
rm -rf ${prefix}
mkdir -p $(dirname "${json}")
-jsonnet \
- -J $GOPATH/src/github.com/ksonnet/ksonnet-lib \
- -J $GOPATH/src/github.com/grafana/grafonnet-lib \
- -J $GOPATH/src/github.com/coreos/prometheus-operator/contrib/kube-prometheus/jsonnet \
- -J $GOPATH/src/github.com/brancz/kubernetes-grafana/src/kubernetes-jsonnet \
- ${jsonnet} > ${json}
+jsonnet -J jsonnet/kube-prometheus/vendor -J jsonnet ${jsonnet} > ${json}
files=$(jq -r 'keys[]' ${json})
@@ -21,5 +16,6 @@ for file in ${files}; do
dir=$(dirname "${file}")
path="${prefix}/${dir}"
mkdir -p ${path}
- jq -r ".[\"${file}\"]" ${json} | gojsontoyaml -yamltojson | gojsontoyaml > "${prefix}/${file}"
+ fullfile=$(echo ${file} | sed -r 's/([a-z0-9])([A-Z])/\1-\L\2/g' | tr '[:upper:]' '[:lower:]')
+ jq -r ".[\"${file}\"]" ${json} | gojsontoyaml -yamltojson | gojsontoyaml > "${prefix}/${fullfile}"
done
diff --git a/hack/scripts/kube-prometheus-base.jsonnet b/hack/scripts/kube-prometheus-base.jsonnet
new file mode 100644
index 00000000..84eb3c29
--- /dev/null
+++ b/hack/scripts/kube-prometheus-base.jsonnet
@@ -0,0 +1,12 @@
+local kp = (import 'kube-prometheus/kube-prometheus.libsonnet') + {
+ _config+:: {
+ namespace: 'monitoring',
+ },
+};
+
+{ ['0prometheus-operator-' + name + '.yaml']: std.manifestYamlDoc(kp.prometheusOperator[name]) for name in std.objectFields(kp.prometheusOperator) } +
+{ ['node-exporter-' + name + '.yaml']: std.manifestYamlDoc(kp.nodeExporter[name]) for name in std.objectFields(kp.nodeExporter) } +
+{ ['kube-state-metrics-' + name + '.yaml']: std.manifestYamlDoc(kp.kubeStateMetrics[name]) for name in std.objectFields(kp.kubeStateMetrics) } +
+{ ['alertmanager-' + name + '.yaml']: std.manifestYamlDoc(kp.alertmanager[name]) for name in std.objectFields(kp.alertmanager) } +
+{ ['prometheus-' + name + '.yaml']: std.manifestYamlDoc(kp.prometheus[name]) for name in std.objectFields(kp.prometheus) } +
+{ ['grafana-' + name + '.yaml']: std.manifestYamlDoc(kp.grafana[name]) for name in std.objectFields(kp.grafana) }
diff --git a/hack/scripts/kube-prometheus-minikube.jsonnet b/hack/scripts/kube-prometheus-minikube.jsonnet
new file mode 100644
index 00000000..9a6fff17
--- /dev/null
+++ b/hack/scripts/kube-prometheus-minikube.jsonnet
@@ -0,0 +1,16 @@
+local kp =
+ (import 'kube-prometheus/kube-prometheus.libsonnet') +
+ (import 'kube-prometheus/kube-prometheus-kubeadm.libsonnet') +
+ (import 'kube-prometheus/kube-prometheus-node-ports.libsonnet') +
+ {
+ _config+:: {
+ namespace: 'monitoring',
+ },
+ };
+
+{ ['0prometheus-operator-' + name + '.yaml']: std.manifestYamlDoc(kp.prometheusOperator[name]) for name in std.objectFields(kp.prometheusOperator) } +
+{ ['node-exporter-' + name + '.yaml']: std.manifestYamlDoc(kp.nodeExporter[name]) for name in std.objectFields(kp.nodeExporter) } +
+{ ['kube-state-metrics-' + name + '.yaml']: std.manifestYamlDoc(kp.kubeStateMetrics[name]) for name in std.objectFields(kp.kubeStateMetrics) } +
+{ ['alertmanager-' + name + '.yaml']: std.manifestYamlDoc(kp.alertmanager[name]) for name in std.objectFields(kp.alertmanager) } +
+{ ['prometheus-' + name + '.yaml']: std.manifestYamlDoc(kp.prometheus[name]) for name in std.objectFields(kp.prometheus) } +
+{ ['grafana-' + name + '.yaml']: std.manifestYamlDoc(kp.grafana[name]) for name in std.objectFields(kp.grafana) }
diff --git a/jsonnet/alertmanager/alertmanager-main-secret.libsonnet b/jsonnet/alertmanager/alertmanager-main-secret.libsonnet
deleted file mode 100644
index a8f9011b..00000000
--- a/jsonnet/alertmanager/alertmanager-main-secret.libsonnet
+++ /dev/null
@@ -1,8 +0,0 @@
-local k = import "ksonnet.beta.3/k.libsonnet";
-local secret = k.core.v1.secret;
-
-{
- new(namespace, plainConfig)::
- secret.new("alertmanager-main", {"alertmanager.yaml": std.base64(plainConfig)}) +
- secret.mixin.metadata.withNamespace(namespace)
-}
diff --git a/jsonnet/alertmanager/alertmanager-main-service-account.libsonnet b/jsonnet/alertmanager/alertmanager-main-service-account.libsonnet
deleted file mode 100644
index 89ca2f80..00000000
--- a/jsonnet/alertmanager/alertmanager-main-service-account.libsonnet
+++ /dev/null
@@ -1,8 +0,0 @@
-local k = import "ksonnet.beta.3/k.libsonnet";
-local serviceAccount = k.core.v1.serviceAccount;
-
-{
- new(namespace)::
- serviceAccount.new("alertmanager-main") +
- serviceAccount.mixin.metadata.withNamespace(namespace)
-}
diff --git a/jsonnet/alertmanager/alertmanager-main-service-monitor.libsonnet b/jsonnet/alertmanager/alertmanager-main-service-monitor.libsonnet
deleted file mode 100644
index 5f13a2b4..00000000
--- a/jsonnet/alertmanager/alertmanager-main-service-monitor.libsonnet
+++ /dev/null
@@ -1,32 +0,0 @@
-{
- new(namespace)::
- {
- "apiVersion": "monitoring.coreos.com/v1",
- "kind": "ServiceMonitor",
- "metadata": {
- "name": "alertmanager",
- "namespace": namespace,
- "labels": {
- "k8s-app": "alertmanager"
- }
- },
- "spec": {
- "selector": {
- "matchLabels": {
- "alertmanager": "main"
- }
- },
- "namespaceSelector": {
- "matchNames": [
- "monitoring"
- ]
- },
- "endpoints": [
- {
- "port": "web",
- "interval": "30s"
- }
- ]
- }
- }
-}
diff --git a/jsonnet/alertmanager/alertmanager-main-service.libsonnet b/jsonnet/alertmanager/alertmanager-main-service.libsonnet
deleted file mode 100644
index e89f009f..00000000
--- a/jsonnet/alertmanager/alertmanager-main-service.libsonnet
+++ /dev/null
@@ -1,12 +0,0 @@
-local k = import "ksonnet.beta.3/k.libsonnet";
-local service = k.core.v1.service;
-local servicePort = k.core.v1.service.mixin.spec.portsType;
-
-local alertmanagerPort = servicePort.newNamed("web", 9093, "web");
-
-{
- new(namespace)::
- service.new("alertmanager-main", {app: "alertmanager", alertmanager: "main"}, alertmanagerPort) +
- service.mixin.metadata.withNamespace(namespace) +
- service.mixin.metadata.withLabels({alertmanager: "main"})
-}
diff --git a/jsonnet/alertmanager/alertmanager-main.libsonnet b/jsonnet/alertmanager/alertmanager-main.libsonnet
deleted file mode 100644
index 63e06a16..00000000
--- a/jsonnet/alertmanager/alertmanager-main.libsonnet
+++ /dev/null
@@ -1,19 +0,0 @@
-{
- new(namespace)::
- {
- apiVersion: "monitoring.coreos.com/v1",
- kind: "Alertmanager",
- metadata: {
- name: "main",
- namespace: namespace,
- labels: {
- alertmanager: "main",
- },
- },
- spec: {
- replicas: 3,
- version: "v0.14.0",
- serviceAccountName: "alertmanager-main",
- },
- }
-}
diff --git a/jsonnet/alertmanager/alertmanager.libsonnet b/jsonnet/alertmanager/alertmanager.libsonnet
deleted file mode 100644
index ec3954c3..00000000
--- a/jsonnet/alertmanager/alertmanager.libsonnet
+++ /dev/null
@@ -1,7 +0,0 @@
-{
- config:: import "alertmanager-main-secret.libsonnet",
- serviceAccount:: import "alertmanager-main-service-account.libsonnet",
- service:: import "alertmanager-main-service.libsonnet",
- serviceMonitor:: import "alertmanager-main-service-monitor.libsonnet",
- alertmanager:: import "alertmanager-main.libsonnet",
-}
diff --git a/jsonnet/kube-prometheus.libsonnet b/jsonnet/kube-prometheus.libsonnet
deleted file mode 100644
index 14864056..00000000
--- a/jsonnet/kube-prometheus.libsonnet
+++ /dev/null
@@ -1,85 +0,0 @@
-local k = import "ksonnet.beta.3/k.libsonnet";
-
-local alertmanager = import "alertmanager/alertmanager.libsonnet";
-local ksm = import "kube-state-metrics/kube-state-metrics.libsonnet";
-local nodeExporter = import "node-exporter/node-exporter.libsonnet";
-local po = import "prometheus-operator/prometheus-operator.libsonnet";
-local prometheus = import "prometheus/prometheus.libsonnet";
-local grafana = import "grafana/grafana.libsonnet";
-
-local alertmanagerConfig = importstr "../assets/alertmanager/alertmanager.yaml";
-
-local ruleFiles = {
- "alertmanager.rules.yaml": importstr "../assets/prometheus/rules/alertmanager.rules.yaml",
- "etcd3.rules.yaml": importstr "../assets/prometheus/rules/etcd3.rules.yaml",
- "general.rules.yaml": importstr "../assets/prometheus/rules/general.rules.yaml",
- "kube-controller-manager.rules.yaml": importstr "../assets/prometheus/rules/kube-controller-manager.rules.yaml",
- "kube-scheduler.rules.yaml": importstr "../assets/prometheus/rules/kube-scheduler.rules.yaml",
- "kube-state-metrics.rules.yaml": importstr "../assets/prometheus/rules/kube-state-metrics.rules.yaml",
- "kubelet.rules.yaml": importstr "../assets/prometheus/rules/kubelet.rules.yaml",
- "kubernetes.rules.yaml": importstr "../assets/prometheus/rules/kubernetes.rules.yaml",
- "node.rules.yaml": importstr "../assets/prometheus/rules/node.rules.yaml",
- "prometheus.rules.yaml": importstr "../assets/prometheus/rules/prometheus.rules.yaml",
-};
-
-{
- new(namespace)::
- {
- "grafana/grafana-dashboard-definitions.yaml": grafana.dashboardDefinitions.new(namespace),
- "grafana/grafana-dashboard-sources.yaml": grafana.dashboardSources.new(namespace),
- "grafana/grafana-datasources.yaml": grafana.dashboardDatasources.new(namespace),
- "grafana/grafana-deployment.yaml": grafana.deployment.new(namespace),
- "grafana/grafana-service-account.yaml": grafana.serviceAccount.new(namespace),
- "grafana/grafana-service.yaml": grafana.service.new(namespace),
-
- "alertmanager-main/alertmanager-main-secret.yaml": alertmanager.config.new(namespace, alertmanagerConfig),
- "alertmanager-main/alertmanager-main-service-account.yaml": alertmanager.serviceAccount.new(namespace),
- "alertmanager-main/alertmanager-main-service.yaml": alertmanager.service.new(namespace),
- "alertmanager-main/alertmanager-main-service-monitor.yaml": alertmanager.serviceMonitor.new(namespace),
- "alertmanager-main/alertmanager-main.yaml": alertmanager.alertmanager.new(namespace),
-
- "kube-state-metrics/kube-state-metrics-cluster-role-binding.yaml": ksm.clusterRoleBinding.new(namespace),
- "kube-state-metrics/kube-state-metrics-cluster-role.yaml": ksm.clusterRole.new(),
- "kube-state-metrics/kube-state-metrics-deployment.yaml": ksm.deployment.new(namespace),
- "kube-state-metrics/kube-state-metrics-role-binding.yaml": ksm.roleBinding.new(namespace),
- "kube-state-metrics/kube-state-metrics-role.yaml": ksm.role.new(namespace),
- "kube-state-metrics/kube-state-metrics-service-account.yaml": ksm.serviceAccount.new(namespace),
- "kube-state-metrics/kube-state-metrics-service.yaml": ksm.service.new(namespace),
- "kube-state-metrics/kube-state-metrics-service-monitor.yaml": ksm.serviceMonitor.new(namespace),
-
- "node-exporter/node-exporter-cluster-role-binding.yaml": nodeExporter.clusterRoleBinding.new(namespace),
- "node-exporter/node-exporter-cluster-role.yaml": nodeExporter.clusterRole.new(),
- "node-exporter/node-exporter-daemonset.yaml": nodeExporter.daemonset.new(namespace),
- "node-exporter/node-exporter-service-account.yaml": nodeExporter.serviceAccount.new(namespace),
- "node-exporter/node-exporter-service.yaml": nodeExporter.service.new(namespace),
- "node-exporter/node-exporter-service-monitor.yaml": nodeExporter.serviceMonitor.new(namespace),
-
- "prometheus-operator/prometheus-operator-cluster-role-binding.yaml": po.clusterRoleBinding.new(namespace),
- "prometheus-operator/prometheus-operator-cluster-role.yaml": po.clusterRole.new(),
- "prometheus-operator/prometheus-operator-deployment.yaml": po.deployment.new(namespace),
- "prometheus-operator/prometheus-operator-service.yaml": po.service.new(namespace),
- "prometheus-operator/prometheus-operator-service-monitor.yaml": po.serviceMonitor.new(namespace),
- "prometheus-operator/prometheus-operator-service-account.yaml": po.serviceAccount.new(namespace),
-
- "prometheus-k8s/prometheus-k8s-cluster-role-binding.yaml": prometheus.clusterRoleBinding.new(namespace),
- "prometheus-k8s/prometheus-k8s-cluster-role.yaml": prometheus.clusterRole.new(),
- "prometheus-k8s/prometheus-k8s-service-account.yaml": prometheus.serviceAccount.new(namespace),
- "prometheus-k8s/prometheus-k8s-service.yaml": prometheus.service.new(namespace),
- "prometheus-k8s/prometheus-k8s.yaml": prometheus.prometheus.new(namespace),
- "prometheus-k8s/prometheus-k8s-rules.yaml": prometheus.rules.new(namespace, ruleFiles),
- "prometheus-k8s/prometheus-k8s-role-binding-config.yaml": prometheus.roleBindingConfig.new(namespace),
- "prometheus-k8s/prometheus-k8s-role-binding-namespace.yaml": prometheus.roleBindingNamespace.new(namespace),
- "prometheus-k8s/prometheus-k8s-role-binding-kube-system.yaml": prometheus.roleBindingKubeSystem.new(namespace),
- "prometheus-k8s/prometheus-k8s-role-binding-default.yaml": prometheus.roleBindingDefault.new(namespace),
- "prometheus-k8s/prometheus-k8s-role-config.yaml": prometheus.roleConfig.new(namespace),
- "prometheus-k8s/prometheus-k8s-role-namespace.yaml": prometheus.roleNamespace.new(namespace),
- "prometheus-k8s/prometheus-k8s-role-kube-system.yaml": prometheus.roleKubeSystem.new(),
- "prometheus-k8s/prometheus-k8s-role-default.yaml": prometheus.roleDefault.new(),
- "prometheus-k8s/prometheus-k8s-service-monitor-apiserver.yaml": prometheus.serviceMonitorApiserver.new(namespace),
- "prometheus-k8s/prometheus-k8s-service-monitor-coredns.yaml": prometheus.serviceMonitorCoreDNS.new(namespace),
- "prometheus-k8s/prometheus-k8s-service-monitor-kube-controller-manager.yaml": prometheus.serviceMonitorControllerManager.new(namespace),
- "prometheus-k8s/prometheus-k8s-service-monitor-kube-scheduler.yaml": prometheus.serviceMonitorScheduler.new(namespace),
- "prometheus-k8s/prometheus-k8s-service-monitor-kubelet.yaml": prometheus.serviceMonitorKubelet.new(namespace),
- "prometheus-k8s/prometheus-k8s-service-monitor-prometheus.yaml": prometheus.serviceMonitorPrometheus.new(namespace),
- }
-}
diff --git a/jsonnet/kube-prometheus/.gitignore b/jsonnet/kube-prometheus/.gitignore
new file mode 100644
index 00000000..52a75ecb
--- /dev/null
+++ b/jsonnet/kube-prometheus/.gitignore
@@ -0,0 +1,2 @@
+jsonnetfile.lock.json
+vendor/
diff --git a/jsonnet/kube-prometheus/alertmanager/alertmanager.libsonnet b/jsonnet/kube-prometheus/alertmanager/alertmanager.libsonnet
new file mode 100644
index 00000000..f4634703
--- /dev/null
+++ b/jsonnet/kube-prometheus/alertmanager/alertmanager.libsonnet
@@ -0,0 +1,97 @@
+local k = import 'ksonnet/ksonnet.beta.3/k.libsonnet';
+
+local alertmanagerConfig = "\nglobal:\n resolve_timeout: 5m\nroute:\n group_by: ['job']\n group_wait: 30s\n group_interval: 5m\n repeat_interval: 12h\n receiver: 'null'\n routes:\n - match:\n alertname: DeadMansSwitch\n receiver: 'null'\nreceivers:\n- name: 'null'\n";
+
+{
+ _config+:: {
+ namespace: 'default',
+
+ versions+:: {
+ alertmanager: 'v0.14.0',
+ },
+
+ imageRepos+:: {
+ alertmanager: 'quay.io/prometheus/alertmanager',
+ },
+
+ alertmanager+:: {
+ config: alertmanagerConfig,
+ replicas: 3,
+ },
+ },
+
+ alertmanager+:: {
+ secret:
+ local secret = k.core.v1.secret;
+
+ secret.new('alertmanager-main', { 'alertmanager.yaml': std.base64($._config.alertmanager.config) }) +
+ secret.mixin.metadata.withNamespace($._config.namespace),
+
+ serviceAccount:
+ local serviceAccount = k.core.v1.serviceAccount;
+
+ serviceAccount.new('alertmanager-main') +
+ serviceAccount.mixin.metadata.withNamespace($._config.namespace),
+
+ service:
+ local service = k.core.v1.service;
+ local servicePort = k.core.v1.service.mixin.spec.portsType;
+
+ local alertmanagerPort = servicePort.newNamed('web', 9093, 'web');
+
+ service.new('alertmanager-main', { app: 'alertmanager', alertmanager: 'main' }, alertmanagerPort) +
+ service.mixin.metadata.withNamespace($._config.namespace) +
+ service.mixin.metadata.withLabels({ alertmanager: 'main' }),
+
+ serviceMonitor:
+ {
+ apiVersion: 'monitoring.coreos.com/v1',
+ kind: 'ServiceMonitor',
+ metadata: {
+ name: 'alertmanager',
+ namespace: $._config.namespace,
+ labels: {
+ 'k8s-app': 'alertmanager',
+ },
+ },
+ spec: {
+ selector: {
+ matchLabels: {
+ alertmanager: 'main',
+ },
+ },
+ namespaceSelector: {
+ matchNames: [
+ 'monitoring',
+ ],
+ },
+ endpoints: [
+ {
+ port: 'web',
+ interval: '30s',
+ },
+ ],
+ },
+ },
+
+ alertmanager:
+ {
+ apiVersion: 'monitoring.coreos.com/v1',
+ kind: 'Alertmanager',
+ metadata: {
+ name: 'main',
+ namespace: $._config.namespace,
+ labels: {
+ alertmanager: 'main',
+ },
+ },
+ spec: {
+ replicas: $._config.alertmanager.replicas,
+ version: $._config.versions.alertmanager,
+ baseImage: $._config.imageRepos.alertmanager,
+ nodeSelector: { 'beta.kubernetes.io/os': 'linux' },
+ serviceAccountName: 'alertmanager-main',
+ },
+ },
+ },
+}
diff --git a/jsonnet/kube-prometheus/jsonnetfile.json b/jsonnet/kube-prometheus/jsonnetfile.json
new file mode 100644
index 00000000..f9014406
--- /dev/null
+++ b/jsonnet/kube-prometheus/jsonnetfile.json
@@ -0,0 +1,34 @@
+{
+ "dependencies": [
+ {
+ "name": "ksonnet",
+ "source": {
+ "git": {
+ "remote": "https://github.com/ksonnet/ksonnet-lib",
+ "subdir": ""
+ }
+ },
+ "version": "master"
+ },
+ {
+ "name": "kubernetes-mixin",
+ "source": {
+ "git": {
+ "remote": "https://github.com/kubernetes-monitoring/kubernetes-mixin",
+ "subdir": ""
+ }
+ },
+ "version": "master"
+ },
+ {
+ "name": "grafana",
+ "source": {
+ "git": {
+ "remote": "https://github.com/brancz/kubernetes-grafana",
+ "subdir": "grafana"
+ }
+ },
+ "version": "master"
+ }
+ ]
+}
\ No newline at end of file
diff --git a/jsonnet/kube-prometheus/kube-prometheus-bootkube.libsonnet b/jsonnet/kube-prometheus/kube-prometheus-bootkube.libsonnet
new file mode 100644
index 00000000..a9cf3bb3
--- /dev/null
+++ b/jsonnet/kube-prometheus/kube-prometheus-bootkube.libsonnet
@@ -0,0 +1,23 @@
+local k = import 'ksonnet/ksonnet.beta.3/k.libsonnet';
+local service = k.core.v1.service;
+local servicePort = k.core.v1.service.mixin.spec.portsType;
+
+{
+ prometheus+:: {
+ kubeControllerManagerPrometheusDiscoveryService:
+ service.new('kube-controller-manager-prometheus-discovery', { 'k8s-app': 'kube-controller-manager' }, servicePort.newNamed('http-metrics', 10252, 10252)) +
+ service.mixin.metadata.withNamespace('kube-system') +
+ service.mixin.metadata.withLabels({ 'k8s-app': 'kube-controller-manager' }) +
+ service.mixin.spec.withClusterIp('None'),
+ kubeSchedulerPrometheusDiscoveryService:
+ service.new('kube-scheduler-prometheus-discovery', { 'k8s-app': 'kube-scheduler' }, servicePort.newNamed('http-metrics', 10251, 10251)) +
+ service.mixin.metadata.withNamespace('kube-system') +
+ service.mixin.metadata.withLabels({ 'k8s-app': 'kube-scheduler' }) +
+ service.mixin.spec.withClusterIp('None'),
+ kubeDnsPrometheusDiscoveryService:
+ service.new('kube-dns-prometheus-discovery', { 'k8s-app': 'kube-dns' }, [servicePort.newNamed('http-metrics-skydns', 10055, 10055), servicePort.newNamed('http-metrics-dnsmasq', 10054, 10054)]) +
+ service.mixin.metadata.withNamespace('kube-system') +
+ service.mixin.metadata.withLabels({ 'k8s-app': 'kube-dns' }) +
+ service.mixin.spec.withClusterIp('None'),
+ },
+}
diff --git a/jsonnet/kube-prometheus/kube-prometheus-ksonnet.libsonnet b/jsonnet/kube-prometheus/kube-prometheus-ksonnet.libsonnet
new file mode 100644
index 00000000..664e1912
--- /dev/null
+++ b/jsonnet/kube-prometheus/kube-prometheus-ksonnet.libsonnet
@@ -0,0 +1,8 @@
+local kp = (import 'kube-prometheus/kube-prometheus.libsonnet');
+
+{ ['0prometheus-operator-' + name]: kp.prometheusOperator[name] for name in std.objectFields(kp.prometheusOperator) } +
+{ ['node-exporter-' + name]: kp.nodeExporter[name] for name in std.objectFields(kp.nodeExporter) } +
+{ ['kube-state-metrics-' + name]: kp.kubeStateMetrics[name] for name in std.objectFields(kp.kubeStateMetrics) } +
+{ ['alertmanager-' + name]: kp.alertmanager[name] for name in std.objectFields(kp.alertmanager) } +
+{ ['prometheus-' + name]: kp.prometheus[name] for name in std.objectFields(kp.prometheus) } +
+{ ['grafana-' + name]: kp.grafana[name] for name in std.objectFields(kp.grafana) }
diff --git a/jsonnet/kube-prometheus/kube-prometheus-kubeadm.libsonnet b/jsonnet/kube-prometheus/kube-prometheus-kubeadm.libsonnet
new file mode 100644
index 00000000..a249d1db
--- /dev/null
+++ b/jsonnet/kube-prometheus/kube-prometheus-kubeadm.libsonnet
@@ -0,0 +1,18 @@
+local k = import 'ksonnet/ksonnet.beta.3/k.libsonnet';
+local service = k.core.v1.service;
+local servicePort = k.core.v1.service.mixin.spec.portsType;
+
+{
+ prometheus+: {
+ kubeControllerManagerPrometheusDiscoveryService:
+ service.new('kube-controller-manager-prometheus-discovery', { component: 'kube-controller-manager' }, servicePort.newNamed('http-metrics', 10252, 10252)) +
+ service.mixin.metadata.withNamespace('kube-system') +
+ service.mixin.metadata.withLabels({ 'k8s-app': 'kube-controller-manager' }) +
+ service.mixin.spec.withClusterIp('None'),
+ kubeSchedulerPrometheusDiscoveryService:
+ service.new('kube-scheduler-prometheus-discovery', { component: 'kube-scheduler' }, servicePort.newNamed('http-metrics', 10251, 10251)) +
+ service.mixin.metadata.withNamespace('kube-system') +
+ service.mixin.metadata.withLabels({ 'k8s-app': 'kube-scheduler' }) +
+ service.mixin.spec.withClusterIp('None'),
+ },
+}
diff --git a/jsonnet/kube-prometheus/kube-prometheus-node-ports.libsonnet b/jsonnet/kube-prometheus/kube-prometheus-node-ports.libsonnet
new file mode 100644
index 00000000..48df7478
--- /dev/null
+++ b/jsonnet/kube-prometheus/kube-prometheus-node-ports.libsonnet
@@ -0,0 +1,21 @@
+local k = import 'ksonnet/ksonnet.beta.3/k.libsonnet';
+local service = k.core.v1.service;
+local servicePort = k.core.v1.service.mixin.spec.portsType;
+
+{
+ prometheus+: {
+ service+:
+ service.mixin.spec.withPorts(servicePort.newNamed('web', 9090, 'web') + servicePort.withNodePort(30900)) +
+ service.mixin.spec.withType('NodePort'),
+ },
+ alertmanager+: {
+ service+:
+ service.mixin.spec.withPorts(servicePort.newNamed('web', 9093, 'web') + servicePort.withNodePort(30903)) +
+ service.mixin.spec.withType('NodePort'),
+ },
+ grafana+: {
+ service+:
+ service.mixin.spec.withPorts(servicePort.newNamed('http', 3000, 'http') + servicePort.withNodePort(30902)) +
+ service.mixin.spec.withType('NodePort'),
+ },
+}
diff --git a/jsonnet/kube-prometheus/kube-prometheus.libsonnet b/jsonnet/kube-prometheus/kube-prometheus.libsonnet
new file mode 100644
index 00000000..36eae76d
--- /dev/null
+++ b/jsonnet/kube-prometheus/kube-prometheus.libsonnet
@@ -0,0 +1,26 @@
+local k = import 'ksonnet/ksonnet.beta.3/k.libsonnet';
+
+(import 'grafana/grafana.libsonnet') +
+(import 'kube-state-metrics/kube-state-metrics.libsonnet') +
+(import 'node-exporter/node-exporter.libsonnet') +
+(import 'alertmanager/alertmanager.libsonnet') +
+(import 'prometheus-operator/prometheus-operator.libsonnet') +
+(import 'prometheus/prometheus.libsonnet') +
+(import 'kubernetes-mixin/mixin.libsonnet') +
+{
+ _config+:: {
+ kubeStateMetricsSelector: 'job="kube-state-metrics"',
+ cadvisorSelector: 'job="kubelet"',
+ nodeExporterSelector: 'job="node-exporter"',
+ kubeletSelector: 'job="kubelet"',
+ notKubeDnsSelector: 'job!="kube-dns"',
+
+ prometheus+:: {
+ rules: $.prometheusRules + $.prometheusAlerts,
+ },
+
+ grafana+:: {
+ dashboards: $.grafanaDashboards,
+ },
+ },
+}
diff --git a/jsonnet/kube-prometheus/kube-state-metrics/kube-state-metrics.libsonnet b/jsonnet/kube-prometheus/kube-state-metrics/kube-state-metrics.libsonnet
new file mode 100644
index 00000000..c73c16ab
--- /dev/null
+++ b/jsonnet/kube-prometheus/kube-state-metrics/kube-state-metrics.libsonnet
@@ -0,0 +1,286 @@
+local k = import 'ksonnet/ksonnet.beta.3/k.libsonnet';
+
+{
+ _config+:: {
+ namespace: 'default',
+
+ versions+:: {
+ kubeStateMetrics: 'v1.3.0',
+ kubeRbacProxy: 'v0.3.0',
+ addonResizer: '1.0',
+ },
+
+ imageRepos+:: {
+ kubeStateMetrics: 'quay.io/coreos/kube-state-metrics',
+ kubeRbacProxy: 'quay.io/coreos/kube-rbac-proxy',
+ addonResizer: 'quay.io/coreos/addon-resizer',
+ },
+ },
+
+ kubeStateMetrics+:: {
+ clusterRoleBinding:
+ local clusterRoleBinding = k.rbac.v1.clusterRoleBinding;
+
+ clusterRoleBinding.new() +
+ clusterRoleBinding.mixin.metadata.withName('kube-state-metrics') +
+ clusterRoleBinding.mixin.roleRef.withApiGroup('rbac.authorization.k8s.io') +
+ clusterRoleBinding.mixin.roleRef.withName('kube-state-metrics') +
+ clusterRoleBinding.mixin.roleRef.mixinInstance({ kind: 'ClusterRole' }) +
+ clusterRoleBinding.withSubjects([{ kind: 'ServiceAccount', name: 'kube-state-metrics', namespace: $._config.namespace }]),
+
+ clusterRole:
+ local clusterRole = k.rbac.v1.clusterRole;
+ local policyRule = clusterRole.rulesType;
+
+ local coreRule = policyRule.new() +
+ policyRule.withApiGroups(['']) +
+ policyRule.withResources([
+ 'configmaps',
+ 'secrets',
+ 'nodes',
+ 'pods',
+ 'services',
+ 'resourcequotas',
+ 'replicationcontrollers',
+ 'limitranges',
+ 'persistentvolumeclaims',
+ 'persistentvolumes',
+ 'namespaces',
+ 'endpoints',
+ ]) +
+ policyRule.withVerbs(['list', 'watch']);
+
+ local extensionsRule = policyRule.new() +
+ policyRule.withApiGroups(['extensions']) +
+ policyRule.withResources([
+ 'daemonsets',
+ 'deployments',
+ 'replicasets',
+ ]) +
+ policyRule.withVerbs(['list', 'watch']);
+
+ local appsRule = policyRule.new() +
+ policyRule.withApiGroups(['apps']) +
+ policyRule.withResources([
+ 'statefulsets',
+ ]) +
+ policyRule.withVerbs(['list', 'watch']);
+
+ local batchRule = policyRule.new() +
+ policyRule.withApiGroups(['batch']) +
+ policyRule.withResources([
+ 'cronjobs',
+ 'jobs',
+ ]) +
+ policyRule.withVerbs(['list', 'watch']);
+
+ local autoscalingRule = policyRule.new() +
+ policyRule.withApiGroups(['autoscaling']) +
+ policyRule.withResources([
+ 'horizontalpodautoscalers',
+ ]) +
+ policyRule.withVerbs(['list', 'watch']);
+
+ local authenticationRole = policyRule.new() +
+ policyRule.withApiGroups(['authentication.k8s.io']) +
+ policyRule.withResources([
+ 'tokenreviews',
+ ]) +
+ policyRule.withVerbs(['create']);
+
+ local authorizationRole = policyRule.new() +
+ policyRule.withApiGroups(['authorization.k8s.io']) +
+ policyRule.withResources([
+ 'subjectaccessreviews',
+ ]) +
+ policyRule.withVerbs(['create']);
+
+ local rules = [coreRule, extensionsRule, appsRule, batchRule, autoscalingRule, authenticationRole, authorizationRole];
+
+ clusterRole.new() +
+ clusterRole.mixin.metadata.withName('kube-state-metrics') +
+ clusterRole.withRules(rules),
+ deployment:
+ local deployment = k.apps.v1beta2.deployment;
+ local container = k.apps.v1beta2.deployment.mixin.spec.template.spec.containersType;
+ local volume = k.apps.v1beta2.deployment.mixin.spec.template.spec.volumesType;
+ local containerPort = container.portsType;
+ local containerVolumeMount = container.volumeMountsType;
+ local podSelector = deployment.mixin.spec.template.spec.selectorType;
+
+ local podLabels = { app: 'kube-state-metrics' };
+
+ local proxyClusterMetrics =
+ container.new('kube-rbac-proxy-main', $._config.imageRepos.kubeRbacProxy + ':' + $._config.versions.kubeRbacProxy) +
+ container.withArgs([
+ '--secure-listen-address=:8443',
+ '--upstream=http://127.0.0.1:8081/',
+ ]) +
+ container.withPorts(containerPort.newNamed('https-main', 8443)) +
+ container.mixin.resources.withRequests({ cpu: '10m', memory: '20Mi' }) +
+ container.mixin.resources.withLimits({ cpu: '20m', memory: '40Mi' });
+
+ local proxySelfMetrics =
+ container.new('kube-rbac-proxy-self', $._config.imageRepos.kubeRbacProxy + ':' + $._config.versions.kubeRbacProxy) +
+ container.withArgs([
+ '--secure-listen-address=:9443',
+ '--upstream=http://127.0.0.1:8082/',
+ ]) +
+ container.withPorts(containerPort.newNamed('https-self', 9443)) +
+ container.mixin.resources.withRequests({ cpu: '10m', memory: '20Mi' }) +
+ container.mixin.resources.withLimits({ cpu: '20m', memory: '40Mi' });
+
+ local kubeStateMetrics =
+ container.new('kube-state-metrics', $._config.imageRepos.kubeStateMetrics + ':' + $._config.versions.kubeStateMetrics) +
+ container.withArgs([
+ '--host=127.0.0.1',
+ '--port=8081',
+ '--telemetry-host=127.0.0.1',
+ '--telemetry-port=8082',
+ ]) +
+ container.mixin.resources.withRequests({ cpu: '102m', memory: '180Mi' }) +
+ container.mixin.resources.withLimits({ cpu: '102m', memory: '180Mi' });
+
+ local addonResizer =
+ container.new('addon-resizer', $._config.imageRepos.addonResizer + ':' + $._config.versions.addonResizer) +
+ container.withCommand([
+ '/pod_nanny',
+ '--container=kube-state-metrics',
+ '--cpu=100m',
+ '--extra-cpu=2m',
+ '--memory=150Mi',
+ '--extra-memory=30Mi',
+ '--threshold=5',
+ '--deployment=kube-state-metrics',
+ ]) +
+ container.withEnv([
+ {
+ name: 'MY_POD_NAME',
+ valueFrom: {
+ fieldRef: { apiVersion: 'v1', fieldPath: 'metadata.name' },
+ },
+ },
+ {
+ name: 'MY_POD_NAMESPACE',
+ valueFrom: {
+ fieldRef: { apiVersion: 'v1', fieldPath: 'metadata.namespace' },
+ },
+ },
+ ]) +
+ container.mixin.resources.withRequests({ cpu: '10m', memory: '30Mi' }) +
+ container.mixin.resources.withLimits({ cpu: '10m', memory: '30Mi' });
+
+ local c = [proxyClusterMetrics, proxySelfMetrics, kubeStateMetrics, addonResizer];
+
+ deployment.new('kube-state-metrics', 1, c, podLabels) +
+ deployment.mixin.metadata.withNamespace($._config.namespace) +
+ deployment.mixin.metadata.withLabels(podLabels) +
+ deployment.mixin.spec.selector.withMatchLabels(podLabels) +
+ deployment.mixin.spec.template.spec.withNodeSelector({ 'beta.kubernetes.io/os': 'linux' }) +
+ deployment.mixin.spec.template.spec.securityContext.withRunAsNonRoot(true) +
+ deployment.mixin.spec.template.spec.securityContext.withRunAsUser(65534) +
+ deployment.mixin.spec.template.spec.withServiceAccountName('kube-state-metrics'),
+
+ roleBinding:
+ local roleBinding = k.rbac.v1.roleBinding;
+
+ roleBinding.new() +
+ roleBinding.mixin.metadata.withName('kube-state-metrics') +
+ roleBinding.mixin.metadata.withNamespace($._config.namespace) +
+ roleBinding.mixin.roleRef.withApiGroup('rbac.authorization.k8s.io') +
+ roleBinding.mixin.roleRef.withName('kube-state-metrics') +
+ roleBinding.mixin.roleRef.mixinInstance({ kind: 'Role' }) +
+ roleBinding.withSubjects([{ kind: 'ServiceAccount', name: 'kube-state-metrics' }]),
+
+ role:
+ local role = k.rbac.v1.role;
+ local policyRule = role.rulesType;
+
+ local coreRule = policyRule.new() +
+ policyRule.withApiGroups(['']) +
+ policyRule.withResources([
+ 'pods',
+ ]) +
+ policyRule.withVerbs(['get']);
+
+ local extensionsRule = policyRule.new() +
+ policyRule.withApiGroups(['extensions']) +
+ policyRule.withResources([
+ 'deployments',
+ ]) +
+ policyRule.withVerbs(['get', 'update']) +
+ policyRule.withResourceNames(['kube-state-metrics']);
+
+ local rules = [coreRule, extensionsRule];
+
+ role.new() +
+ role.mixin.metadata.withName('kube-state-metrics') +
+ role.mixin.metadata.withNamespace($._config.namespace) +
+ role.withRules(rules),
+
+ serviceAccount:
+ local serviceAccount = k.core.v1.serviceAccount;
+
+ serviceAccount.new('kube-state-metrics') +
+ serviceAccount.mixin.metadata.withNamespace($._config.namespace),
+
+ service:
+ local service = k.core.v1.service;
+ local servicePort = k.core.v1.service.mixin.spec.portsType;
+
+ local ksmServicePortMain = servicePort.newNamed('https-main', 8443, 'https-main');
+ local ksmServicePortSelf = servicePort.newNamed('https-self', 9443, 'https-self');
+
+ service.new('kube-state-metrics', $.kubeStateMetrics.deployment.spec.selector.matchLabels, [ksmServicePortMain, ksmServicePortSelf]) +
+ service.mixin.metadata.withNamespace($._config.namespace) +
+ service.mixin.metadata.withLabels({ 'k8s-app': 'kube-state-metrics' }) +
+ service.mixin.spec.withClusterIp('None'),
+
+ serviceMonitor:
+ {
+ apiVersion: 'monitoring.coreos.com/v1',
+ kind: 'ServiceMonitor',
+ metadata: {
+ name: 'kube-state-metrics',
+ namespace: $._config.namespace,
+ labels: {
+ 'k8s-app': 'kube-state-metrics',
+ },
+ },
+ spec: {
+ jobLabel: 'k8s-app',
+ selector: {
+ matchLabels: {
+ 'k8s-app': 'kube-state-metrics',
+ },
+ },
+ namespaceSelector: {
+ matchNames: [
+ 'monitoring',
+ ],
+ },
+ endpoints: [
+ {
+ port: 'https-main',
+ scheme: 'https',
+ interval: '30s',
+ honorLabels: true,
+ bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token',
+ tlsConfig: {
+ insecureSkipVerify: true,
+ },
+ },
+ {
+ port: 'https-self',
+ scheme: 'https',
+ interval: '30s',
+ bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token',
+ tlsConfig: {
+ insecureSkipVerify: true,
+ },
+ },
+ ],
+ },
+ },
+ },
+}
diff --git a/jsonnet/kube-prometheus/node-exporter/node-exporter.libsonnet b/jsonnet/kube-prometheus/node-exporter/node-exporter.libsonnet
new file mode 100644
index 00000000..d232d920
--- /dev/null
+++ b/jsonnet/kube-prometheus/node-exporter/node-exporter.libsonnet
@@ -0,0 +1,167 @@
+local k = import 'ksonnet/ksonnet.beta.3/k.libsonnet';
+
+{
+ _config+:: {
+ namespace: 'default',
+
+ versions+:: {
+ nodeExporter: 'v0.15.2',
+ kubeRbacProxy: 'v0.3.0',
+ },
+
+ imageRepos+:: {
+ nodeExporter: 'quay.io/prometheus/node-exporter',
+ kubeRbacProxy: 'quay.io/coreos/kube-rbac-proxy',
+ },
+ },
+
+ nodeExporter+:: {
+ clusterRoleBinding:
+ local clusterRoleBinding = k.rbac.v1.clusterRoleBinding;
+
+ clusterRoleBinding.new() +
+ clusterRoleBinding.mixin.metadata.withName('node-exporter') +
+ clusterRoleBinding.mixin.roleRef.withApiGroup('rbac.authorization.k8s.io') +
+ clusterRoleBinding.mixin.roleRef.withName('node-exporter') +
+ clusterRoleBinding.mixin.roleRef.mixinInstance({ kind: 'ClusterRole' }) +
+ clusterRoleBinding.withSubjects([{ kind: 'ServiceAccount', name: 'node-exporter', namespace: $._config.namespace }]),
+
+ clusterRole:
+ local clusterRole = k.rbac.v1.clusterRole;
+ local policyRule = clusterRole.rulesType;
+
+ local authenticationRole = policyRule.new() +
+ policyRule.withApiGroups(['authentication.k8s.io']) +
+ policyRule.withResources([
+ 'tokenreviews',
+ ]) +
+ policyRule.withVerbs(['create']);
+
+ local authorizationRole = policyRule.new() +
+ policyRule.withApiGroups(['authorization.k8s.io']) +
+ policyRule.withResources([
+ 'subjectaccessreviews',
+ ]) +
+ policyRule.withVerbs(['create']);
+
+ local rules = [authenticationRole, authorizationRole];
+
+ clusterRole.new() +
+ clusterRole.mixin.metadata.withName('node-exporter') +
+ clusterRole.withRules(rules),
+
+ daemonset:
+ local daemonset = k.apps.v1beta2.daemonSet;
+ local container = daemonset.mixin.spec.template.spec.containersType;
+ local volume = daemonset.mixin.spec.template.spec.volumesType;
+ local containerPort = container.portsType;
+ local containerVolumeMount = container.volumeMountsType;
+ local podSelector = daemonset.mixin.spec.template.spec.selectorType;
+ local toleration = daemonset.mixin.spec.template.spec.tolerationsType;
+
+ local podLabels = { app: 'node-exporter' };
+
+ local masterToleration = toleration.new() +
+ toleration.withEffect('NoSchedule') +
+ toleration.withKey('node-role.kubernetes.io/master');
+
+ local procVolumeName = 'proc';
+ local procVolume = volume.fromHostPath(procVolumeName, '/proc');
+ local procVolumeMount = containerVolumeMount.new(procVolumeName, '/host/proc');
+
+ local sysVolumeName = 'sys';
+ local sysVolume = volume.fromHostPath(sysVolumeName, '/sys');
+ local sysVolumeMount = containerVolumeMount.new(sysVolumeName, '/host/sys');
+
+ local nodeExporter =
+ container.new('node-exporter', $._config.imageRepos.nodeExporter + ':' + $._config.versions.nodeExporter) +
+ container.withArgs([
+ '--web.listen-address=127.0.0.1:9101',
+ '--path.procfs=/host/proc',
+ '--path.sysfs=/host/sys',
+ ]) +
+ container.withVolumeMounts([procVolumeMount, sysVolumeMount]) +
+ container.mixin.resources.withRequests({ cpu: '102m', memory: '180Mi' }) +
+ container.mixin.resources.withLimits({ cpu: '102m', memory: '180Mi' });
+
+ local proxy =
+ container.new('kube-rbac-proxy', $._config.imageRepos.kubeRbacProxy + ':' + $._config.versions.kubeRbacProxy) +
+ container.withArgs([
+ '--secure-listen-address=:9100',
+ '--upstream=http://127.0.0.1:9101/',
+ ]) +
+ container.withPorts(containerPort.newNamed('https', 9100)) +
+ container.mixin.resources.withRequests({ cpu: '10m', memory: '20Mi' }) +
+ container.mixin.resources.withLimits({ cpu: '20m', memory: '40Mi' });
+
+ local c = [nodeExporter, proxy];
+
+ daemonset.new() +
+ daemonset.mixin.metadata.withName('node-exporter') +
+ daemonset.mixin.metadata.withNamespace($._config.namespace) +
+ daemonset.mixin.metadata.withLabels(podLabels) +
+ daemonset.mixin.spec.selector.withMatchLabels(podLabels) +
+ daemonset.mixin.spec.template.metadata.withLabels(podLabels) +
+ daemonset.mixin.spec.template.spec.withTolerations([masterToleration]) +
+ daemonset.mixin.spec.template.spec.withNodeSelector({ 'beta.kubernetes.io/os': 'linux' }) +
+ daemonset.mixin.spec.template.spec.withContainers(c) +
+ daemonset.mixin.spec.template.spec.withVolumes([procVolume, sysVolume]) +
+ daemonset.mixin.spec.template.spec.securityContext.withRunAsNonRoot(true) +
+ daemonset.mixin.spec.template.spec.securityContext.withRunAsUser(65534) +
+ daemonset.mixin.spec.template.spec.withServiceAccountName('node-exporter'),
+
+ serviceAccount:
+ local serviceAccount = k.core.v1.serviceAccount;
+
+ serviceAccount.new('node-exporter') +
+ serviceAccount.mixin.metadata.withNamespace($._config.namespace),
+
+ serviceMonitor:
+ {
+ apiVersion: 'monitoring.coreos.com/v1',
+ kind: 'ServiceMonitor',
+ metadata: {
+ name: 'node-exporter',
+ namespace: $._config.namespace,
+ labels: {
+ 'k8s-app': 'node-exporter',
+ },
+ },
+ spec: {
+ jobLabel: 'k8s-app',
+ selector: {
+ matchLabels: {
+ 'k8s-app': 'node-exporter',
+ },
+ },
+ namespaceSelector: {
+ matchNames: [
+ 'monitoring',
+ ],
+ },
+ endpoints: [
+ {
+ port: 'https',
+ scheme: 'https',
+ interval: '30s',
+ bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token',
+ tlsConfig: {
+ insecureSkipVerify: true,
+ },
+ },
+ ],
+ },
+ },
+
+ service:
+ local service = k.core.v1.service;
+ local servicePort = k.core.v1.service.mixin.spec.portsType;
+
+ local nodeExporterPort = servicePort.newNamed('https', 9100, 'https');
+
+ service.new('node-exporter', $.nodeExporter.daemonset.spec.selector.matchLabels, nodeExporterPort) +
+ service.mixin.metadata.withNamespace($._config.namespace) +
+ service.mixin.metadata.withLabels({ 'k8s-app': 'node-exporter' }) +
+ service.mixin.spec.withClusterIp('None'),
+ },
+}
diff --git a/jsonnet/kube-prometheus/prometheus-operator/alertmanager-crd.libsonnet b/jsonnet/kube-prometheus/prometheus-operator/alertmanager-crd.libsonnet
new file mode 100644
index 00000000..1970adc7
--- /dev/null
+++ b/jsonnet/kube-prometheus/prometheus-operator/alertmanager-crd.libsonnet
@@ -0,0 +1 @@
+{"apiVersion":"apiextensions.k8s.io/v1beta1","kind":"CustomResourceDefinition","metadata":{"creationTimestamp":null,"name":"alertmanagers.monitoring.coreos.com"},"spec":{"group":"monitoring.coreos.com","names":{"kind":"Alertmanager","plural":"alertmanagers"},"scope":"Namespaced","validation":{"openAPIV3Schema":{"description":"Describes an Alertmanager cluster.","properties":{"apiVersion":{"description":"APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources","type":"string"},"kind":{"description":"Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds","type":"string"},"spec":{"description":"Specification of the desired behavior of the Alertmanager cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status","properties":{"affinity":{"description":"Affinity is a group of affinity scheduling rules.","properties":{"nodeAffinity":{"description":"Node affinity is a group of node affinity scheduling rules.","properties":{"preferredDuringSchedulingIgnoredDuringExecution":{"description":"The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.","items":{"description":"An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).","properties":{"preference":{"description":"A null or empty node selector term matches no objects.","properties":{"matchExpressions":{"description":"Required. A list of node selector requirements. The requirements are ANDed.","items":{"description":"A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.","properties":{"key":{"description":"The label key that the selector applies to.","type":"string"},"operator":{"description":"Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.","type":"string"},"values":{"description":"An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.","items":{"type":"string"},"type":"array"}},"required":["key","operator"]},"type":"array"}},"required":["matchExpressions"]},"weight":{"description":"Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.","format":"int32","type":"integer"}},"required":["weight","preference"]},"type":"array"},"requiredDuringSchedulingIgnoredDuringExecution":{"description":"A node selector represents the union of the results of one or more label queries over a set of nodes; that is, it represents the OR of the selectors represented by the node selector terms.","properties":{"nodeSelectorTerms":{"description":"Required. A list of node selector terms. The terms are ORed.","items":{"description":"A null or empty node selector term matches no objects.","properties":{"matchExpressions":{"description":"Required. A list of node selector requirements. The requirements are ANDed.","items":{"description":"A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.","properties":{"key":{"description":"The label key that the selector applies to.","type":"string"},"operator":{"description":"Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.","type":"string"},"values":{"description":"An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.","items":{"type":"string"},"type":"array"}},"required":["key","operator"]},"type":"array"}},"required":["matchExpressions"]},"type":"array"}},"required":["nodeSelectorTerms"]}}},"podAffinity":{"description":"Pod affinity is a group of inter pod affinity scheduling rules.","properties":{"preferredDuringSchedulingIgnoredDuringExecution":{"description":"The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.","items":{"description":"The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)","properties":{"podAffinityTerm":{"description":"Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key \u003ctopologyKey\u003e matches that of any node on which a pod of the set of pods is running","properties":{"labelSelector":{"description":"A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.","properties":{"matchExpressions":{"description":"matchExpressions is a list of label selector requirements. The requirements are ANDed.","items":{"description":"A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.","properties":{"key":{"description":"key is the label key that the selector applies to.","type":"string"},"operator":{"description":"operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.","type":"string"},"values":{"description":"values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.","items":{"type":"string"},"type":"array"}},"required":["key","operator"]},"type":"array"},"matchLabels":{"description":"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.","type":"object"}}},"namespaces":{"description":"namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means \"this pod's namespace\"","items":{"type":"string"},"type":"array"},"topologyKey":{"description":"This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.","type":"string"}},"required":["topologyKey"]},"weight":{"description":"weight associated with matching the corresponding podAffinityTerm, in the range 1-100.","format":"int32","type":"integer"}},"required":["weight","podAffinityTerm"]},"type":"array"},"requiredDuringSchedulingIgnoredDuringExecution":{"description":"If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.","items":{"description":"Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key \u003ctopologyKey\u003e matches that of any node on which a pod of the set of pods is running","properties":{"labelSelector":{"description":"A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.","properties":{"matchExpressions":{"description":"matchExpressions is a list of label selector requirements. The requirements are ANDed.","items":{"description":"A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.","properties":{"key":{"description":"key is the label key that the selector applies to.","type":"string"},"operator":{"description":"operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.","type":"string"},"values":{"description":"values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.","items":{"type":"string"},"type":"array"}},"required":["key","operator"]},"type":"array"},"matchLabels":{"description":"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.","type":"object"}}},"namespaces":{"description":"namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means \"this pod's namespace\"","items":{"type":"string"},"type":"array"},"topologyKey":{"description":"This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.","type":"string"}},"required":["topologyKey"]},"type":"array"}}},"podAntiAffinity":{"description":"Pod anti affinity is a group of inter pod anti affinity scheduling rules.","properties":{"preferredDuringSchedulingIgnoredDuringExecution":{"description":"The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.","items":{"description":"The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)","properties":{"podAffinityTerm":{"description":"Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key \u003ctopologyKey\u003e matches that of any node on which a pod of the set of pods is running","properties":{"labelSelector":{"description":"A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.","properties":{"matchExpressions":{"description":"matchExpressions is a list of label selector requirements. The requirements are ANDed.","items":{"description":"A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.","properties":{"key":{"description":"key is the label key that the selector applies to.","type":"string"},"operator":{"description":"operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.","type":"string"},"values":{"description":"values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.","items":{"type":"string"},"type":"array"}},"required":["key","operator"]},"type":"array"},"matchLabels":{"description":"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.","type":"object"}}},"namespaces":{"description":"namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means \"this pod's namespace\"","items":{"type":"string"},"type":"array"},"topologyKey":{"description":"This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.","type":"string"}},"required":["topologyKey"]},"weight":{"description":"weight associated with matching the corresponding podAffinityTerm, in the range 1-100.","format":"int32","type":"integer"}},"required":["weight","podAffinityTerm"]},"type":"array"},"requiredDuringSchedulingIgnoredDuringExecution":{"description":"If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.","items":{"description":"Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key \u003ctopologyKey\u003e matches that of any node on which a pod of the set of pods is running","properties":{"labelSelector":{"description":"A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.","properties":{"matchExpressions":{"description":"matchExpressions is a list of label selector requirements. The requirements are ANDed.","items":{"description":"A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.","properties":{"key":{"description":"key is the label key that the selector applies to.","type":"string"},"operator":{"description":"operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.","type":"string"},"values":{"description":"values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.","items":{"type":"string"},"type":"array"}},"required":["key","operator"]},"type":"array"},"matchLabels":{"description":"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.","type":"object"}}},"namespaces":{"description":"namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means \"this pod's namespace\"","items":{"type":"string"},"type":"array"},"topologyKey":{"description":"This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.","type":"string"}},"required":["topologyKey"]},"type":"array"}}}}},"baseImage":{"description":"Base image that is used to deploy pods, without tag.","type":"string"},"containers":{"description":"Containers allows injecting additional containers. This is meant to allow adding an authentication proxy to an Alertmanager pod.","items":{"description":"A single application container that you want to run within a pod.","properties":{"args":{"description":"Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell","items":{"type":"string"},"type":"array"},"command":{"description":"Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell","items":{"type":"string"},"type":"array"},"env":{"description":"List of environment variables to set in the container. Cannot be updated.","items":{"description":"EnvVar represents an environment variable present in a Container.","properties":{"name":{"description":"Name of the environment variable. Must be a C_IDENTIFIER.","type":"string"},"value":{"description":"Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".","type":"string"},"valueFrom":{"description":"EnvVarSource represents a source for the value of an EnvVar.","properties":{"configMapKeyRef":{"description":"Selects a key from a ConfigMap.","properties":{"key":{"description":"The key to select.","type":"string"},"name":{"description":"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names","type":"string"},"optional":{"description":"Specify whether the ConfigMap or it's key must be defined","type":"boolean"}},"required":["key"]},"fieldRef":{"description":"ObjectFieldSelector selects an APIVersioned field of an object.","properties":{"apiVersion":{"description":"Version of the schema the FieldPath is written in terms of, defaults to \"v1\".","type":"string"},"fieldPath":{"description":"Path of the field to select in the specified API version.","type":"string"}},"required":["fieldPath"]},"resourceFieldRef":{"description":"ResourceFieldSelector represents container resources (cpu, memory) and their output format","properties":{"containerName":{"description":"Container name: required for volumes, optional for env vars","type":"string"},"divisor":{},"resource":{"description":"Required: resource to select","type":"string"}},"required":["resource"]},"secretKeyRef":{"description":"SecretKeySelector selects a key of a Secret.","properties":{"key":{"description":"The key of the secret to select from. Must be a valid secret key.","type":"string"},"name":{"description":"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names","type":"string"},"optional":{"description":"Specify whether the Secret or it's key must be defined","type":"boolean"}},"required":["key"]}}}},"required":["name"]},"type":"array"},"envFrom":{"description":"List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.","items":{"description":"EnvFromSource represents the source of a set of ConfigMaps","properties":{"configMapRef":{"description":"ConfigMapEnvSource selects a ConfigMap to populate the environment variables with.\n\nThe contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables.","properties":{"name":{"description":"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names","type":"string"},"optional":{"description":"Specify whether the ConfigMap must be defined","type":"boolean"}}},"prefix":{"description":"An optional identifer to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.","type":"string"},"secretRef":{"description":"SecretEnvSource selects a Secret to populate the environment variables with.\n\nThe contents of the target Secret's Data field will represent the key-value pairs as environment variables.","properties":{"name":{"description":"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names","type":"string"},"optional":{"description":"Specify whether the Secret must be defined","type":"boolean"}}}}},"type":"array"},"image":{"description":"Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.","type":"string"},"imagePullPolicy":{"description":"Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images","type":"string"},"lifecycle":{"description":"Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted.","properties":{"postStart":{"description":"Handler defines a specific action that should be taken","properties":{"exec":{"description":"ExecAction describes a \"run in container\" action.","properties":{"command":{"description":"Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.","items":{"type":"string"},"type":"array"}}},"httpGet":{"description":"HTTPGetAction describes an action based on HTTP Get requests.","properties":{"host":{"description":"Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.","type":"string"},"httpHeaders":{"description":"Custom headers to set in the request. HTTP allows repeated headers.","items":{"description":"HTTPHeader describes a custom header to be used in HTTP probes","properties":{"name":{"description":"The header field name","type":"string"},"value":{"description":"The header field value","type":"string"}},"required":["name","value"]},"type":"array"},"path":{"description":"Path to access on the HTTP server.","type":"string"},"port":{},"scheme":{"description":"Scheme to use for connecting to the host. Defaults to HTTP.","type":"string"}},"required":["port"]},"tcpSocket":{"description":"TCPSocketAction describes an action based on opening a socket","properties":{"host":{"description":"Optional: Host name to connect to, defaults to the pod IP.","type":"string"},"port":{}},"required":["port"]}}},"preStop":{"description":"Handler defines a specific action that should be taken","properties":{"exec":{"description":"ExecAction describes a \"run in container\" action.","properties":{"command":{"description":"Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.","items":{"type":"string"},"type":"array"}}},"httpGet":{"description":"HTTPGetAction describes an action based on HTTP Get requests.","properties":{"host":{"description":"Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.","type":"string"},"httpHeaders":{"description":"Custom headers to set in the request. HTTP allows repeated headers.","items":{"description":"HTTPHeader describes a custom header to be used in HTTP probes","properties":{"name":{"description":"The header field name","type":"string"},"value":{"description":"The header field value","type":"string"}},"required":["name","value"]},"type":"array"},"path":{"description":"Path to access on the HTTP server.","type":"string"},"port":{},"scheme":{"description":"Scheme to use for connecting to the host. Defaults to HTTP.","type":"string"}},"required":["port"]},"tcpSocket":{"description":"TCPSocketAction describes an action based on opening a socket","properties":{"host":{"description":"Optional: Host name to connect to, defaults to the pod IP.","type":"string"},"port":{}},"required":["port"]}}}}},"livenessProbe":{"description":"Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.","properties":{"exec":{"description":"ExecAction describes a \"run in container\" action.","properties":{"command":{"description":"Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.","items":{"type":"string"},"type":"array"}}},"failureThreshold":{"description":"Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.","format":"int32","type":"integer"},"httpGet":{"description":"HTTPGetAction describes an action based on HTTP Get requests.","properties":{"host":{"description":"Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.","type":"string"},"httpHeaders":{"description":"Custom headers to set in the request. HTTP allows repeated headers.","items":{"description":"HTTPHeader describes a custom header to be used in HTTP probes","properties":{"name":{"description":"The header field name","type":"string"},"value":{"description":"The header field value","type":"string"}},"required":["name","value"]},"type":"array"},"path":{"description":"Path to access on the HTTP server.","type":"string"},"port":{},"scheme":{"description":"Scheme to use for connecting to the host. Defaults to HTTP.","type":"string"}},"required":["port"]},"initialDelaySeconds":{"description":"Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes","format":"int32","type":"integer"},"periodSeconds":{"description":"How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.","format":"int32","type":"integer"},"successThreshold":{"description":"Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1.","format":"int32","type":"integer"},"tcpSocket":{"description":"TCPSocketAction describes an action based on opening a socket","properties":{"host":{"description":"Optional: Host name to connect to, defaults to the pod IP.","type":"string"},"port":{}},"required":["port"]},"timeoutSeconds":{"description":"Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes","format":"int32","type":"integer"}}},"name":{"description":"Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.","type":"string"},"ports":{"description":"List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Cannot be updated.","items":{"description":"ContainerPort represents a network port in a single container.","properties":{"containerPort":{"description":"Number of port to expose on the pod's IP address. This must be a valid port number, 0 \u003c x \u003c 65536.","format":"int32","type":"integer"},"hostIP":{"description":"What host IP to bind the external port to.","type":"string"},"hostPort":{"description":"Number of port to expose on the host. If specified, this must be a valid port number, 0 \u003c x \u003c 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.","format":"int32","type":"integer"},"name":{"description":"If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.","type":"string"},"protocol":{"description":"Protocol for port. Must be UDP or TCP. Defaults to \"TCP\".","type":"string"}},"required":["containerPort"]},"type":"array"},"readinessProbe":{"description":"Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.","properties":{"exec":{"description":"ExecAction describes a \"run in container\" action.","properties":{"command":{"description":"Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.","items":{"type":"string"},"type":"array"}}},"failureThreshold":{"description":"Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.","format":"int32","type":"integer"},"httpGet":{"description":"HTTPGetAction describes an action based on HTTP Get requests.","properties":{"host":{"description":"Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.","type":"string"},"httpHeaders":{"description":"Custom headers to set in the request. HTTP allows repeated headers.","items":{"description":"HTTPHeader describes a custom header to be used in HTTP probes","properties":{"name":{"description":"The header field name","type":"string"},"value":{"description":"The header field value","type":"string"}},"required":["name","value"]},"type":"array"},"path":{"description":"Path to access on the HTTP server.","type":"string"},"port":{},"scheme":{"description":"Scheme to use for connecting to the host. Defaults to HTTP.","type":"string"}},"required":["port"]},"initialDelaySeconds":{"description":"Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes","format":"int32","type":"integer"},"periodSeconds":{"description":"How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.","format":"int32","type":"integer"},"successThreshold":{"description":"Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1.","format":"int32","type":"integer"},"tcpSocket":{"description":"TCPSocketAction describes an action based on opening a socket","properties":{"host":{"description":"Optional: Host name to connect to, defaults to the pod IP.","type":"string"},"port":{}},"required":["port"]},"timeoutSeconds":{"description":"Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes","format":"int32","type":"integer"}}},"resources":{"description":"ResourceRequirements describes the compute resource requirements.","properties":{"limits":{"description":"Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/","type":"object"},"requests":{"description":"Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/","type":"object"}}},"securityContext":{"description":"SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence.","properties":{"allowPrivilegeEscalation":{"description":"AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN","type":"boolean"},"capabilities":{"description":"Adds and removes POSIX capabilities from running containers.","properties":{"add":{"description":"Added capabilities","items":{"type":"string"},"type":"array"},"drop":{"description":"Removed capabilities","items":{"type":"string"},"type":"array"}}},"privileged":{"description":"Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false.","type":"boolean"},"readOnlyRootFilesystem":{"description":"Whether this container has a read-only root filesystem. Default is false.","type":"boolean"},"runAsNonRoot":{"description":"Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.","type":"boolean"},"runAsUser":{"description":"The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.","format":"int64","type":"integer"},"seLinuxOptions":{"description":"SELinuxOptions are the labels to be applied to the container","properties":{"level":{"description":"Level is SELinux level label that applies to the container.","type":"string"},"role":{"description":"Role is a SELinux role label that applies to the container.","type":"string"},"type":{"description":"Type is a SELinux type label that applies to the container.","type":"string"},"user":{"description":"User is a SELinux user label that applies to the container.","type":"string"}}}}},"stdin":{"description":"Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.","type":"boolean"},"stdinOnce":{"description":"Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false","type":"boolean"},"terminationMessagePath":{"description":"Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.","type":"string"},"terminationMessagePolicy":{"description":"Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.","type":"string"},"tty":{"description":"Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false.","type":"boolean"},"volumeDevices":{"description":"volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future.","items":{"description":"volumeDevice describes a mapping of a raw block device within a container.","properties":{"devicePath":{"description":"devicePath is the path inside of the container that the device will be mapped to.","type":"string"},"name":{"description":"name must match the name of a persistentVolumeClaim in the pod","type":"string"}},"required":["name","devicePath"]},"type":"array"},"volumeMounts":{"description":"Pod volumes to mount into the container's filesystem. Cannot be updated.","items":{"description":"VolumeMount describes a mounting of a Volume within a container.","properties":{"mountPath":{"description":"Path within the container at which the volume should be mounted. Must not contain ':'.","type":"string"},"mountPropagation":{"description":"mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is alpha in 1.8 and can be reworked or removed in a future release.","type":"string"},"name":{"description":"This must match the Name of a Volume.","type":"string"},"readOnly":{"description":"Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.","type":"boolean"},"subPath":{"description":"Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).","type":"string"}},"required":["name","mountPath"]},"type":"array"},"workingDir":{"description":"Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated.","type":"string"}},"required":["name"]},"type":"array"},"externalUrl":{"description":"The external URL the Alertmanager instances will be available under. This is necessary to generate correct URLs. This is necessary if Alertmanager is not served from root of a DNS name.","type":"string"},"imagePullSecrets":{"description":"An optional list of references to secrets in the same namespace to use for pulling prometheus and alertmanager images from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod","items":{"description":"LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.","properties":{"name":{"description":"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names","type":"string"}}},"type":"array"},"listenLocal":{"description":"ListenLocal makes the Alertmanager server listen on loopback, so that it does not bind against the Pod IP. Note this is only for the Alertmanager UI, not the gossip communication.","type":"boolean"},"logLevel":{"description":"Log level for Alertmanager to be configured with.","type":"string"},"nodeSelector":{"description":"Define which Nodes the Pods are scheduled on.","type":"object"},"paused":{"description":"If set to true all actions on the underlaying managed objects are not goint to be performed, except for delete actions.","type":"boolean"},"podMetadata":{"description":"ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.","properties":{"annotations":{"description":"Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations","type":"object"},"clusterName":{"description":"The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.","type":"string"},"creationTimestamp":{"format":"date-time","type":"string"},"deletionGracePeriodSeconds":{"description":"Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.","format":"int64","type":"integer"},"deletionTimestamp":{"format":"date-time","type":"string"},"finalizers":{"description":"Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed.","items":{"type":"string"},"type":"array"},"generateName":{"description":"GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.\n\nIf this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).\n\nApplied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency","type":"string"},"generation":{"description":"A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.","format":"int64","type":"integer"},"initializers":{"description":"Initializers tracks the progress of initialization.","properties":{"pending":{"description":"Pending is a list of initializers that must execute in order before this object is visible. When the last pending initializer is removed, and no failing result is set, the initializers struct will be set to nil and the object is considered as initialized and visible to all clients.","items":{"description":"Initializer is information about an initializer that has not yet completed.","properties":{"name":{"description":"name of the process that is responsible for initializing this object.","type":"string"}},"required":["name"]},"type":"array"},"result":{"description":"Status is a return value for calls that don't return other objects.","properties":{"apiVersion":{"description":"APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources","type":"string"},"code":{"description":"Suggested HTTP return code for this status, 0 if not set.","format":"int32","type":"integer"},"details":{"description":"StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined.","properties":{"causes":{"description":"The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes.","items":{"description":"StatusCause provides more information about an api.Status failure, including cases when multiple errors are encountered.","properties":{"field":{"description":"The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional.\n\nExamples:\n \"name\" - the field \"name\" on the current resource\n \"items[0].name\" - the field \"name\" on the first array entry in \"items\"","type":"string"},"message":{"description":"A human-readable description of the cause of the error. This field may be presented as-is to a reader.","type":"string"},"reason":{"description":"A machine-readable description of the cause of the error. If this value is empty there is no information available.","type":"string"}}},"type":"array"},"group":{"description":"The group attribute of the resource associated with the status StatusReason.","type":"string"},"kind":{"description":"The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds","type":"string"},"name":{"description":"The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described).","type":"string"},"retryAfterSeconds":{"description":"If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action.","format":"int32","type":"integer"},"uid":{"description":"UID of the resource. (when there is a single resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids","type":"string"}}},"kind":{"description":"Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds","type":"string"},"message":{"description":"A human-readable description of the status of this operation.","type":"string"},"metadata":{"description":"ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}.","properties":{"continue":{"description":"continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response.","type":"string"},"resourceVersion":{"description":"String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency","type":"string"},"selfLink":{"description":"selfLink is a URL representing this object. Populated by the system. Read-only.","type":"string"}}},"reason":{"description":"A machine-readable description of why this operation is in the \"Failure\" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it.","type":"string"},"status":{"description":"Status of the operation. One of: \"Success\" or \"Failure\". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status","type":"string"}}}},"required":["pending"]},"labels":{"description":"Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels","type":"object"},"name":{"description":"Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names","type":"string"},"namespace":{"description":"Namespace defines the space within each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.\n\nMust be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces","type":"string"},"ownerReferences":{"description":"List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.","items":{"description":"OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.","properties":{"apiVersion":{"description":"API version of the referent.","type":"string"},"blockOwnerDeletion":{"description":"If true, AND if the owner has the \"foregroundDeletion\" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs \"delete\" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned.","type":"boolean"},"controller":{"description":"If true, this reference points to the managing controller.","type":"boolean"},"kind":{"description":"Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds","type":"string"},"name":{"description":"Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names","type":"string"},"uid":{"description":"UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids","type":"string"}},"required":["apiVersion","kind","name","uid"]},"type":"array"},"resourceVersion":{"description":"An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.\n\nPopulated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency","type":"string"},"selfLink":{"description":"SelfLink is a URL representing this object. Populated by the system. Read-only.","type":"string"},"uid":{"description":"UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.\n\nPopulated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids","type":"string"}}},"replicas":{"description":"Size is the expected size of the alertmanager cluster. The controller will eventually make the size of the running cluster equal to the expected size.","format":"int32","type":"integer"},"resources":{"description":"ResourceRequirements describes the compute resource requirements.","properties":{"limits":{"description":"Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/","type":"object"},"requests":{"description":"Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/","type":"object"}}},"routePrefix":{"description":"The route prefix Alertmanager registers HTTP handlers for. This is useful, if using ExternalURL and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true, but the server serves requests under a different route prefix. For example for use with `kubectl proxy`.","type":"string"},"secrets":{"description":"Secrets is a list of Secrets in the same namespace as the Alertmanager object, which shall be mounted into the Alertmanager Pods. The Secrets are mounted into /etc/alertmanager/secrets/\u003csecret-name\u003e.","items":{"type":"string"},"type":"array"},"securityContext":{"description":"PodSecurityContext holds pod-level security attributes and common container settings. Some fields are also present in container.securityContext. Field values of container.securityContext take precedence over field values of PodSecurityContext.","properties":{"fsGroup":{"description":"A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:\n\n1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw----\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.","format":"int64","type":"integer"},"runAsNonRoot":{"description":"Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.","type":"boolean"},"runAsUser":{"description":"The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container.","format":"int64","type":"integer"},"seLinuxOptions":{"description":"SELinuxOptions are the labels to be applied to the container","properties":{"level":{"description":"Level is SELinux level label that applies to the container.","type":"string"},"role":{"description":"Role is a SELinux role label that applies to the container.","type":"string"},"type":{"description":"Type is a SELinux type label that applies to the container.","type":"string"},"user":{"description":"User is a SELinux user label that applies to the container.","type":"string"}}},"supplementalGroups":{"description":"A list of groups applied to the first process run in each container, in addition to the container's primary GID. If unspecified, no groups will be added to any container.","items":{"format":"int64","type":"integer"},"type":"array"}}},"serviceAccountName":{"description":"ServiceAccountName is the name of the ServiceAccount to use to run the Prometheus Pods.","type":"string"},"storage":{"description":"StorageSpec defines the configured storage for a group Prometheus servers.","properties":{"class":{"description":"Name of the StorageClass to use when requesting storage provisioning. More info: https://kubernetes.io/docs/user-guide/persistent-volumes/#storageclasses DEPRECATED","type":"string"},"emptyDir":{"description":"Represents an empty directory for a pod. Empty directory volumes support ownership management and SELinux relabeling.","properties":{"medium":{"description":"What type of storage medium should back this directory. The default is \"\" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir","type":"string"},"sizeLimit":{}}},"resources":{"description":"ResourceRequirements describes the compute resource requirements.","properties":{"limits":{"description":"Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/","type":"object"},"requests":{"description":"Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/","type":"object"}}},"selector":{"description":"A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.","properties":{"matchExpressions":{"description":"matchExpressions is a list of label selector requirements. The requirements are ANDed.","items":{"description":"A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.","properties":{"key":{"description":"key is the label key that the selector applies to.","type":"string"},"operator":{"description":"operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.","type":"string"},"values":{"description":"values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.","items":{"type":"string"},"type":"array"}},"required":["key","operator"]},"type":"array"},"matchLabels":{"description":"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.","type":"object"}}},"volumeClaimTemplate":{"description":"PersistentVolumeClaim is a user's request for and claim to a persistent volume","properties":{"apiVersion":{"description":"APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources","type":"string"},"kind":{"description":"Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds","type":"string"},"metadata":{"description":"ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.","properties":{"annotations":{"description":"Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations","type":"object"},"clusterName":{"description":"The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.","type":"string"},"creationTimestamp":{"format":"date-time","type":"string"},"deletionGracePeriodSeconds":{"description":"Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.","format":"int64","type":"integer"},"deletionTimestamp":{"format":"date-time","type":"string"},"finalizers":{"description":"Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed.","items":{"type":"string"},"type":"array"},"generateName":{"description":"GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.\n\nIf this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).\n\nApplied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency","type":"string"},"generation":{"description":"A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.","format":"int64","type":"integer"},"initializers":{"description":"Initializers tracks the progress of initialization.","properties":{"pending":{"description":"Pending is a list of initializers that must execute in order before this object is visible. When the last pending initializer is removed, and no failing result is set, the initializers struct will be set to nil and the object is considered as initialized and visible to all clients.","items":{"description":"Initializer is information about an initializer that has not yet completed.","properties":{"name":{"description":"name of the process that is responsible for initializing this object.","type":"string"}},"required":["name"]},"type":"array"},"result":{"description":"Status is a return value for calls that don't return other objects.","properties":{"apiVersion":{"description":"APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources","type":"string"},"code":{"description":"Suggested HTTP return code for this status, 0 if not set.","format":"int32","type":"integer"},"details":{"description":"StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined.","properties":{"causes":{"description":"The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes.","items":{"description":"StatusCause provides more information about an api.Status failure, including cases when multiple errors are encountered.","properties":{"field":{"description":"The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional.\n\nExamples:\n \"name\" - the field \"name\" on the current resource\n \"items[0].name\" - the field \"name\" on the first array entry in \"items\"","type":"string"},"message":{"description":"A human-readable description of the cause of the error. This field may be presented as-is to a reader.","type":"string"},"reason":{"description":"A machine-readable description of the cause of the error. If this value is empty there is no information available.","type":"string"}}},"type":"array"},"group":{"description":"The group attribute of the resource associated with the status StatusReason.","type":"string"},"kind":{"description":"The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds","type":"string"},"name":{"description":"The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described).","type":"string"},"retryAfterSeconds":{"description":"If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action.","format":"int32","type":"integer"},"uid":{"description":"UID of the resource. (when there is a single resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids","type":"string"}}},"kind":{"description":"Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds","type":"string"},"message":{"description":"A human-readable description of the status of this operation.","type":"string"},"metadata":{"description":"ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}.","properties":{"continue":{"description":"continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response.","type":"string"},"resourceVersion":{"description":"String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency","type":"string"},"selfLink":{"description":"selfLink is a URL representing this object. Populated by the system. Read-only.","type":"string"}}},"reason":{"description":"A machine-readable description of why this operation is in the \"Failure\" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it.","type":"string"},"status":{"description":"Status of the operation. One of: \"Success\" or \"Failure\". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status","type":"string"}}}},"required":["pending"]},"labels":{"description":"Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels","type":"object"},"name":{"description":"Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names","type":"string"},"namespace":{"description":"Namespace defines the space within each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.\n\nMust be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces","type":"string"},"ownerReferences":{"description":"List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.","items":{"description":"OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.","properties":{"apiVersion":{"description":"API version of the referent.","type":"string"},"blockOwnerDeletion":{"description":"If true, AND if the owner has the \"foregroundDeletion\" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs \"delete\" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned.","type":"boolean"},"controller":{"description":"If true, this reference points to the managing controller.","type":"boolean"},"kind":{"description":"Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds","type":"string"},"name":{"description":"Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names","type":"string"},"uid":{"description":"UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids","type":"string"}},"required":["apiVersion","kind","name","uid"]},"type":"array"},"resourceVersion":{"description":"An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.\n\nPopulated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency","type":"string"},"selfLink":{"description":"SelfLink is a URL representing this object. Populated by the system. Read-only.","type":"string"},"uid":{"description":"UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.\n\nPopulated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids","type":"string"}}},"spec":{"description":"PersistentVolumeClaimSpec describes the common attributes of storage devices and allows a Source for provider-specific attributes","properties":{"accessModes":{"description":"AccessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1","items":{"type":"string"},"type":"array"},"resources":{"description":"ResourceRequirements describes the compute resource requirements.","properties":{"limits":{"description":"Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/","type":"object"},"requests":{"description":"Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/","type":"object"}}},"selector":{"description":"A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.","properties":{"matchExpressions":{"description":"matchExpressions is a list of label selector requirements. The requirements are ANDed.","items":{"description":"A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.","properties":{"key":{"description":"key is the label key that the selector applies to.","type":"string"},"operator":{"description":"operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.","type":"string"},"values":{"description":"values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.","items":{"type":"string"},"type":"array"}},"required":["key","operator"]},"type":"array"},"matchLabels":{"description":"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.","type":"object"}}},"storageClassName":{"description":"Name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1","type":"string"},"volumeMode":{"description":"volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. This is an alpha feature and may change in the future.","type":"string"},"volumeName":{"description":"VolumeName is the binding reference to the PersistentVolume backing this claim.","type":"string"}}},"status":{"description":"PersistentVolumeClaimStatus is the current status of a persistent volume claim.","properties":{"accessModes":{"description":"AccessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1","items":{"type":"string"},"type":"array"},"capacity":{"description":"Represents the actual resources of the underlying volume.","type":"object"},"conditions":{"description":"Current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'.","items":{"description":"PersistentVolumeClaimCondition contails details about state of pvc","properties":{"lastProbeTime":{"format":"date-time","type":"string"},"lastTransitionTime":{"format":"date-time","type":"string"},"message":{"description":"Human-readable message indicating details about last transition.","type":"string"},"reason":{"description":"Unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports \"ResizeStarted\" that means the underlying persistent volume is being resized.","type":"string"},"status":{"type":"string"},"type":{"type":"string"}},"required":["type","status"]},"type":"array"},"phase":{"description":"Phase represents the current phase of PersistentVolumeClaim.","type":"string"}}}}}}},"tolerations":{"description":"If specified, the pod's tolerations.","items":{"description":"The pod this Toleration is attached to tolerates any taint that matches the triple \u003ckey,value,effect\u003e using the matching operator \u003coperator\u003e.","properties":{"effect":{"description":"Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.","type":"string"},"key":{"description":"Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.","type":"string"},"operator":{"description":"Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.","type":"string"},"tolerationSeconds":{"description":"TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.","format":"int64","type":"integer"},"value":{"description":"Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.","type":"string"}}},"type":"array"},"version":{"description":"Version the cluster should be on.","type":"string"}}},"status":{"description":"Most recent observed status of the Alertmanager cluster. Read-only. Not included when requesting from the apiserver, only from the Prometheus Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status","properties":{"availableReplicas":{"description":"Total number of available pods (ready for at least minReadySeconds) targeted by this Alertmanager cluster.","format":"int32","type":"integer"},"paused":{"description":"Represents whether any actions on the underlaying managed objects are being performed. Only delete actions will be performed.","type":"boolean"},"replicas":{"description":"Total number of non-terminated pods targeted by this Alertmanager cluster (their labels match the selector).","format":"int32","type":"integer"},"unavailableReplicas":{"description":"Total number of unavailable pods targeted by this Alertmanager cluster.","format":"int32","type":"integer"},"updatedReplicas":{"description":"Total number of non-terminated pods targeted by this Alertmanager cluster that have the desired version spec.","format":"int32","type":"integer"}},"required":["paused","replicas","updatedReplicas","availableReplicas","unavailableReplicas"]}},"required":["spec"]}},"version":"v1"},"status":{"acceptedNames":{"kind":"","plural":""},"conditions":null}}
\ No newline at end of file
diff --git a/jsonnet/kube-prometheus/prometheus-operator/prometheus-crd.libsonnet b/jsonnet/kube-prometheus/prometheus-operator/prometheus-crd.libsonnet
new file mode 100644
index 00000000..d6b13ad9
--- /dev/null
+++ b/jsonnet/kube-prometheus/prometheus-operator/prometheus-crd.libsonnet
@@ -0,0 +1 @@
+{"apiVersion":"apiextensions.k8s.io/v1beta1","kind":"CustomResourceDefinition","metadata":{"creationTimestamp":null,"name":"prometheuses.monitoring.coreos.com"},"spec":{"group":"monitoring.coreos.com","names":{"kind":"Prometheus","plural":"prometheuses"},"scope":"Namespaced","validation":{"openAPIV3Schema":{"description":"Prometheus defines a Prometheus deployment.","properties":{"apiVersion":{"description":"APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources","type":"string"},"kind":{"description":"Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds","type":"string"},"spec":{"description":"Specification of the desired behavior of the Prometheus cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status","properties":{"additionalScrapeConfigs":{"description":"SecretKeySelector selects a key of a Secret.","properties":{"key":{"description":"The key of the secret to select from. Must be a valid secret key.","type":"string"},"name":{"description":"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names","type":"string"},"optional":{"description":"Specify whether the Secret or it's key must be defined","type":"boolean"}},"required":["key"]},"affinity":{"description":"Affinity is a group of affinity scheduling rules.","properties":{"nodeAffinity":{"description":"Node affinity is a group of node affinity scheduling rules.","properties":{"preferredDuringSchedulingIgnoredDuringExecution":{"description":"The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.","items":{"description":"An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).","properties":{"preference":{"description":"A null or empty node selector term matches no objects.","properties":{"matchExpressions":{"description":"Required. A list of node selector requirements. The requirements are ANDed.","items":{"description":"A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.","properties":{"key":{"description":"The label key that the selector applies to.","type":"string"},"operator":{"description":"Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.","type":"string"},"values":{"description":"An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.","items":{"type":"string"},"type":"array"}},"required":["key","operator"]},"type":"array"}},"required":["matchExpressions"]},"weight":{"description":"Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.","format":"int32","type":"integer"}},"required":["weight","preference"]},"type":"array"},"requiredDuringSchedulingIgnoredDuringExecution":{"description":"A node selector represents the union of the results of one or more label queries over a set of nodes; that is, it represents the OR of the selectors represented by the node selector terms.","properties":{"nodeSelectorTerms":{"description":"Required. A list of node selector terms. The terms are ORed.","items":{"description":"A null or empty node selector term matches no objects.","properties":{"matchExpressions":{"description":"Required. A list of node selector requirements. The requirements are ANDed.","items":{"description":"A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.","properties":{"key":{"description":"The label key that the selector applies to.","type":"string"},"operator":{"description":"Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.","type":"string"},"values":{"description":"An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.","items":{"type":"string"},"type":"array"}},"required":["key","operator"]},"type":"array"}},"required":["matchExpressions"]},"type":"array"}},"required":["nodeSelectorTerms"]}}},"podAffinity":{"description":"Pod affinity is a group of inter pod affinity scheduling rules.","properties":{"preferredDuringSchedulingIgnoredDuringExecution":{"description":"The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.","items":{"description":"The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)","properties":{"podAffinityTerm":{"description":"Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key \u003ctopologyKey\u003e matches that of any node on which a pod of the set of pods is running","properties":{"labelSelector":{"description":"A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.","properties":{"matchExpressions":{"description":"matchExpressions is a list of label selector requirements. The requirements are ANDed.","items":{"description":"A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.","properties":{"key":{"description":"key is the label key that the selector applies to.","type":"string"},"operator":{"description":"operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.","type":"string"},"values":{"description":"values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.","items":{"type":"string"},"type":"array"}},"required":["key","operator"]},"type":"array"},"matchLabels":{"description":"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.","type":"object"}}},"namespaces":{"description":"namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means \"this pod's namespace\"","items":{"type":"string"},"type":"array"},"topologyKey":{"description":"This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.","type":"string"}},"required":["topologyKey"]},"weight":{"description":"weight associated with matching the corresponding podAffinityTerm, in the range 1-100.","format":"int32","type":"integer"}},"required":["weight","podAffinityTerm"]},"type":"array"},"requiredDuringSchedulingIgnoredDuringExecution":{"description":"If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.","items":{"description":"Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key \u003ctopologyKey\u003e matches that of any node on which a pod of the set of pods is running","properties":{"labelSelector":{"description":"A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.","properties":{"matchExpressions":{"description":"matchExpressions is a list of label selector requirements. The requirements are ANDed.","items":{"description":"A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.","properties":{"key":{"description":"key is the label key that the selector applies to.","type":"string"},"operator":{"description":"operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.","type":"string"},"values":{"description":"values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.","items":{"type":"string"},"type":"array"}},"required":["key","operator"]},"type":"array"},"matchLabels":{"description":"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.","type":"object"}}},"namespaces":{"description":"namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means \"this pod's namespace\"","items":{"type":"string"},"type":"array"},"topologyKey":{"description":"This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.","type":"string"}},"required":["topologyKey"]},"type":"array"}}},"podAntiAffinity":{"description":"Pod anti affinity is a group of inter pod anti affinity scheduling rules.","properties":{"preferredDuringSchedulingIgnoredDuringExecution":{"description":"The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.","items":{"description":"The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)","properties":{"podAffinityTerm":{"description":"Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key \u003ctopologyKey\u003e matches that of any node on which a pod of the set of pods is running","properties":{"labelSelector":{"description":"A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.","properties":{"matchExpressions":{"description":"matchExpressions is a list of label selector requirements. The requirements are ANDed.","items":{"description":"A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.","properties":{"key":{"description":"key is the label key that the selector applies to.","type":"string"},"operator":{"description":"operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.","type":"string"},"values":{"description":"values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.","items":{"type":"string"},"type":"array"}},"required":["key","operator"]},"type":"array"},"matchLabels":{"description":"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.","type":"object"}}},"namespaces":{"description":"namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means \"this pod's namespace\"","items":{"type":"string"},"type":"array"},"topologyKey":{"description":"This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.","type":"string"}},"required":["topologyKey"]},"weight":{"description":"weight associated with matching the corresponding podAffinityTerm, in the range 1-100.","format":"int32","type":"integer"}},"required":["weight","podAffinityTerm"]},"type":"array"},"requiredDuringSchedulingIgnoredDuringExecution":{"description":"If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.","items":{"description":"Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key \u003ctopologyKey\u003e matches that of any node on which a pod of the set of pods is running","properties":{"labelSelector":{"description":"A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.","properties":{"matchExpressions":{"description":"matchExpressions is a list of label selector requirements. The requirements are ANDed.","items":{"description":"A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.","properties":{"key":{"description":"key is the label key that the selector applies to.","type":"string"},"operator":{"description":"operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.","type":"string"},"values":{"description":"values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.","items":{"type":"string"},"type":"array"}},"required":["key","operator"]},"type":"array"},"matchLabels":{"description":"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.","type":"object"}}},"namespaces":{"description":"namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means \"this pod's namespace\"","items":{"type":"string"},"type":"array"},"topologyKey":{"description":"This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.","type":"string"}},"required":["topologyKey"]},"type":"array"}}}}},"alerting":{"description":"AlertingSpec defines parameters for alerting configuration of Prometheus servers.","properties":{"alertmanagers":{"description":"AlertmanagerEndpoints Prometheus should fire alerts against.","items":{"description":"AlertmanagerEndpoints defines a selection of a single Endpoints object containing alertmanager IPs to fire alerts against.","properties":{"bearerTokenFile":{"description":"BearerTokenFile to read from filesystem to use when authenticating to Alertmanager.","type":"string"},"name":{"description":"Name of Endpoints object in Namespace.","type":"string"},"namespace":{"description":"Namespace of Endpoints object.","type":"string"},"pathPrefix":{"description":"Prefix for the HTTP path alerts are pushed to.","type":"string"},"port":{},"scheme":{"description":"Scheme to use when firing alerts.","type":"string"},"tlsConfig":{"description":"TLSConfig specifies TLS configuration parameters.","properties":{"caFile":{"description":"The CA cert to use for the targets.","type":"string"},"certFile":{"description":"The client cert file for the targets.","type":"string"},"insecureSkipVerify":{"description":"Disable target certificate validation.","type":"boolean"},"keyFile":{"description":"The client key file for the targets.","type":"string"},"serverName":{"description":"Used to verify the hostname for the targets.","type":"string"}}}},"required":["namespace","name","port"]},"type":"array"}},"required":["alertmanagers"]},"baseImage":{"description":"Base image to use for a Prometheus deployment.","type":"string"},"containers":{"description":"Containers allows injecting additional containers. This is meant to allow adding an authentication proxy to a Prometheus pod.","items":{"description":"A single application container that you want to run within a pod.","properties":{"args":{"description":"Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell","items":{"type":"string"},"type":"array"},"command":{"description":"Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell","items":{"type":"string"},"type":"array"},"env":{"description":"List of environment variables to set in the container. Cannot be updated.","items":{"description":"EnvVar represents an environment variable present in a Container.","properties":{"name":{"description":"Name of the environment variable. Must be a C_IDENTIFIER.","type":"string"},"value":{"description":"Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".","type":"string"},"valueFrom":{"description":"EnvVarSource represents a source for the value of an EnvVar.","properties":{"configMapKeyRef":{"description":"Selects a key from a ConfigMap.","properties":{"key":{"description":"The key to select.","type":"string"},"name":{"description":"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names","type":"string"},"optional":{"description":"Specify whether the ConfigMap or it's key must be defined","type":"boolean"}},"required":["key"]},"fieldRef":{"description":"ObjectFieldSelector selects an APIVersioned field of an object.","properties":{"apiVersion":{"description":"Version of the schema the FieldPath is written in terms of, defaults to \"v1\".","type":"string"},"fieldPath":{"description":"Path of the field to select in the specified API version.","type":"string"}},"required":["fieldPath"]},"resourceFieldRef":{"description":"ResourceFieldSelector represents container resources (cpu, memory) and their output format","properties":{"containerName":{"description":"Container name: required for volumes, optional for env vars","type":"string"},"divisor":{},"resource":{"description":"Required: resource to select","type":"string"}},"required":["resource"]},"secretKeyRef":{"description":"SecretKeySelector selects a key of a Secret.","properties":{"key":{"description":"The key of the secret to select from. Must be a valid secret key.","type":"string"},"name":{"description":"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names","type":"string"},"optional":{"description":"Specify whether the Secret or it's key must be defined","type":"boolean"}},"required":["key"]}}}},"required":["name"]},"type":"array"},"envFrom":{"description":"List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.","items":{"description":"EnvFromSource represents the source of a set of ConfigMaps","properties":{"configMapRef":{"description":"ConfigMapEnvSource selects a ConfigMap to populate the environment variables with.\n\nThe contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables.","properties":{"name":{"description":"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names","type":"string"},"optional":{"description":"Specify whether the ConfigMap must be defined","type":"boolean"}}},"prefix":{"description":"An optional identifer to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.","type":"string"},"secretRef":{"description":"SecretEnvSource selects a Secret to populate the environment variables with.\n\nThe contents of the target Secret's Data field will represent the key-value pairs as environment variables.","properties":{"name":{"description":"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names","type":"string"},"optional":{"description":"Specify whether the Secret must be defined","type":"boolean"}}}}},"type":"array"},"image":{"description":"Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.","type":"string"},"imagePullPolicy":{"description":"Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images","type":"string"},"lifecycle":{"description":"Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted.","properties":{"postStart":{"description":"Handler defines a specific action that should be taken","properties":{"exec":{"description":"ExecAction describes a \"run in container\" action.","properties":{"command":{"description":"Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.","items":{"type":"string"},"type":"array"}}},"httpGet":{"description":"HTTPGetAction describes an action based on HTTP Get requests.","properties":{"host":{"description":"Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.","type":"string"},"httpHeaders":{"description":"Custom headers to set in the request. HTTP allows repeated headers.","items":{"description":"HTTPHeader describes a custom header to be used in HTTP probes","properties":{"name":{"description":"The header field name","type":"string"},"value":{"description":"The header field value","type":"string"}},"required":["name","value"]},"type":"array"},"path":{"description":"Path to access on the HTTP server.","type":"string"},"port":{},"scheme":{"description":"Scheme to use for connecting to the host. Defaults to HTTP.","type":"string"}},"required":["port"]},"tcpSocket":{"description":"TCPSocketAction describes an action based on opening a socket","properties":{"host":{"description":"Optional: Host name to connect to, defaults to the pod IP.","type":"string"},"port":{}},"required":["port"]}}},"preStop":{"description":"Handler defines a specific action that should be taken","properties":{"exec":{"description":"ExecAction describes a \"run in container\" action.","properties":{"command":{"description":"Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.","items":{"type":"string"},"type":"array"}}},"httpGet":{"description":"HTTPGetAction describes an action based on HTTP Get requests.","properties":{"host":{"description":"Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.","type":"string"},"httpHeaders":{"description":"Custom headers to set in the request. HTTP allows repeated headers.","items":{"description":"HTTPHeader describes a custom header to be used in HTTP probes","properties":{"name":{"description":"The header field name","type":"string"},"value":{"description":"The header field value","type":"string"}},"required":["name","value"]},"type":"array"},"path":{"description":"Path to access on the HTTP server.","type":"string"},"port":{},"scheme":{"description":"Scheme to use for connecting to the host. Defaults to HTTP.","type":"string"}},"required":["port"]},"tcpSocket":{"description":"TCPSocketAction describes an action based on opening a socket","properties":{"host":{"description":"Optional: Host name to connect to, defaults to the pod IP.","type":"string"},"port":{}},"required":["port"]}}}}},"livenessProbe":{"description":"Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.","properties":{"exec":{"description":"ExecAction describes a \"run in container\" action.","properties":{"command":{"description":"Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.","items":{"type":"string"},"type":"array"}}},"failureThreshold":{"description":"Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.","format":"int32","type":"integer"},"httpGet":{"description":"HTTPGetAction describes an action based on HTTP Get requests.","properties":{"host":{"description":"Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.","type":"string"},"httpHeaders":{"description":"Custom headers to set in the request. HTTP allows repeated headers.","items":{"description":"HTTPHeader describes a custom header to be used in HTTP probes","properties":{"name":{"description":"The header field name","type":"string"},"value":{"description":"The header field value","type":"string"}},"required":["name","value"]},"type":"array"},"path":{"description":"Path to access on the HTTP server.","type":"string"},"port":{},"scheme":{"description":"Scheme to use for connecting to the host. Defaults to HTTP.","type":"string"}},"required":["port"]},"initialDelaySeconds":{"description":"Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes","format":"int32","type":"integer"},"periodSeconds":{"description":"How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.","format":"int32","type":"integer"},"successThreshold":{"description":"Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1.","format":"int32","type":"integer"},"tcpSocket":{"description":"TCPSocketAction describes an action based on opening a socket","properties":{"host":{"description":"Optional: Host name to connect to, defaults to the pod IP.","type":"string"},"port":{}},"required":["port"]},"timeoutSeconds":{"description":"Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes","format":"int32","type":"integer"}}},"name":{"description":"Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.","type":"string"},"ports":{"description":"List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Cannot be updated.","items":{"description":"ContainerPort represents a network port in a single container.","properties":{"containerPort":{"description":"Number of port to expose on the pod's IP address. This must be a valid port number, 0 \u003c x \u003c 65536.","format":"int32","type":"integer"},"hostIP":{"description":"What host IP to bind the external port to.","type":"string"},"hostPort":{"description":"Number of port to expose on the host. If specified, this must be a valid port number, 0 \u003c x \u003c 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.","format":"int32","type":"integer"},"name":{"description":"If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.","type":"string"},"protocol":{"description":"Protocol for port. Must be UDP or TCP. Defaults to \"TCP\".","type":"string"}},"required":["containerPort"]},"type":"array"},"readinessProbe":{"description":"Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.","properties":{"exec":{"description":"ExecAction describes a \"run in container\" action.","properties":{"command":{"description":"Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.","items":{"type":"string"},"type":"array"}}},"failureThreshold":{"description":"Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.","format":"int32","type":"integer"},"httpGet":{"description":"HTTPGetAction describes an action based on HTTP Get requests.","properties":{"host":{"description":"Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.","type":"string"},"httpHeaders":{"description":"Custom headers to set in the request. HTTP allows repeated headers.","items":{"description":"HTTPHeader describes a custom header to be used in HTTP probes","properties":{"name":{"description":"The header field name","type":"string"},"value":{"description":"The header field value","type":"string"}},"required":["name","value"]},"type":"array"},"path":{"description":"Path to access on the HTTP server.","type":"string"},"port":{},"scheme":{"description":"Scheme to use for connecting to the host. Defaults to HTTP.","type":"string"}},"required":["port"]},"initialDelaySeconds":{"description":"Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes","format":"int32","type":"integer"},"periodSeconds":{"description":"How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.","format":"int32","type":"integer"},"successThreshold":{"description":"Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1.","format":"int32","type":"integer"},"tcpSocket":{"description":"TCPSocketAction describes an action based on opening a socket","properties":{"host":{"description":"Optional: Host name to connect to, defaults to the pod IP.","type":"string"},"port":{}},"required":["port"]},"timeoutSeconds":{"description":"Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes","format":"int32","type":"integer"}}},"resources":{"description":"ResourceRequirements describes the compute resource requirements.","properties":{"limits":{"description":"Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/","type":"object"},"requests":{"description":"Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/","type":"object"}}},"securityContext":{"description":"SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence.","properties":{"allowPrivilegeEscalation":{"description":"AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN","type":"boolean"},"capabilities":{"description":"Adds and removes POSIX capabilities from running containers.","properties":{"add":{"description":"Added capabilities","items":{"type":"string"},"type":"array"},"drop":{"description":"Removed capabilities","items":{"type":"string"},"type":"array"}}},"privileged":{"description":"Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false.","type":"boolean"},"readOnlyRootFilesystem":{"description":"Whether this container has a read-only root filesystem. Default is false.","type":"boolean"},"runAsNonRoot":{"description":"Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.","type":"boolean"},"runAsUser":{"description":"The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.","format":"int64","type":"integer"},"seLinuxOptions":{"description":"SELinuxOptions are the labels to be applied to the container","properties":{"level":{"description":"Level is SELinux level label that applies to the container.","type":"string"},"role":{"description":"Role is a SELinux role label that applies to the container.","type":"string"},"type":{"description":"Type is a SELinux type label that applies to the container.","type":"string"},"user":{"description":"User is a SELinux user label that applies to the container.","type":"string"}}}}},"stdin":{"description":"Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.","type":"boolean"},"stdinOnce":{"description":"Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false","type":"boolean"},"terminationMessagePath":{"description":"Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.","type":"string"},"terminationMessagePolicy":{"description":"Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.","type":"string"},"tty":{"description":"Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false.","type":"boolean"},"volumeDevices":{"description":"volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future.","items":{"description":"volumeDevice describes a mapping of a raw block device within a container.","properties":{"devicePath":{"description":"devicePath is the path inside of the container that the device will be mapped to.","type":"string"},"name":{"description":"name must match the name of a persistentVolumeClaim in the pod","type":"string"}},"required":["name","devicePath"]},"type":"array"},"volumeMounts":{"description":"Pod volumes to mount into the container's filesystem. Cannot be updated.","items":{"description":"VolumeMount describes a mounting of a Volume within a container.","properties":{"mountPath":{"description":"Path within the container at which the volume should be mounted. Must not contain ':'.","type":"string"},"mountPropagation":{"description":"mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is alpha in 1.8 and can be reworked or removed in a future release.","type":"string"},"name":{"description":"This must match the Name of a Volume.","type":"string"},"readOnly":{"description":"Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.","type":"boolean"},"subPath":{"description":"Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).","type":"string"}},"required":["name","mountPath"]},"type":"array"},"workingDir":{"description":"Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated.","type":"string"}},"required":["name"]},"type":"array"},"evaluationInterval":{"description":"Interval between consecutive evaluations.","type":"string"},"externalLabels":{"description":"The labels to add to any time series or alerts when communicating with external systems (federation, remote storage, Alertmanager).","type":"object"},"externalUrl":{"description":"The external URL the Prometheus instances will be available under. This is necessary to generate correct URLs. This is necessary if Prometheus is not served from root of a DNS name.","type":"string"},"imagePullSecrets":{"description":"An optional list of references to secrets in the same namespace to use for pulling prometheus and alertmanager images from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod","items":{"description":"LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.","properties":{"name":{"description":"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names","type":"string"}}},"type":"array"},"listenLocal":{"description":"ListenLocal makes the Prometheus server listen on loopback, so that it does not bind against the Pod IP.","type":"boolean"},"logLevel":{"description":"Log level for Prometheus to be configured with.","type":"string"},"nodeSelector":{"description":"Define which Nodes the Pods are scheduled on.","type":"object"},"paused":{"description":"When a Prometheus deployment is paused, no actions except for deletion will be performed on the underlying objects.","type":"boolean"},"podMetadata":{"description":"ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.","properties":{"annotations":{"description":"Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations","type":"object"},"clusterName":{"description":"The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.","type":"string"},"creationTimestamp":{"format":"date-time","type":"string"},"deletionGracePeriodSeconds":{"description":"Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.","format":"int64","type":"integer"},"deletionTimestamp":{"format":"date-time","type":"string"},"finalizers":{"description":"Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed.","items":{"type":"string"},"type":"array"},"generateName":{"description":"GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.\n\nIf this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).\n\nApplied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency","type":"string"},"generation":{"description":"A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.","format":"int64","type":"integer"},"initializers":{"description":"Initializers tracks the progress of initialization.","properties":{"pending":{"description":"Pending is a list of initializers that must execute in order before this object is visible. When the last pending initializer is removed, and no failing result is set, the initializers struct will be set to nil and the object is considered as initialized and visible to all clients.","items":{"description":"Initializer is information about an initializer that has not yet completed.","properties":{"name":{"description":"name of the process that is responsible for initializing this object.","type":"string"}},"required":["name"]},"type":"array"},"result":{"description":"Status is a return value for calls that don't return other objects.","properties":{"apiVersion":{"description":"APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources","type":"string"},"code":{"description":"Suggested HTTP return code for this status, 0 if not set.","format":"int32","type":"integer"},"details":{"description":"StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined.","properties":{"causes":{"description":"The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes.","items":{"description":"StatusCause provides more information about an api.Status failure, including cases when multiple errors are encountered.","properties":{"field":{"description":"The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional.\n\nExamples:\n \"name\" - the field \"name\" on the current resource\n \"items[0].name\" - the field \"name\" on the first array entry in \"items\"","type":"string"},"message":{"description":"A human-readable description of the cause of the error. This field may be presented as-is to a reader.","type":"string"},"reason":{"description":"A machine-readable description of the cause of the error. If this value is empty there is no information available.","type":"string"}}},"type":"array"},"group":{"description":"The group attribute of the resource associated with the status StatusReason.","type":"string"},"kind":{"description":"The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds","type":"string"},"name":{"description":"The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described).","type":"string"},"retryAfterSeconds":{"description":"If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action.","format":"int32","type":"integer"},"uid":{"description":"UID of the resource. (when there is a single resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids","type":"string"}}},"kind":{"description":"Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds","type":"string"},"message":{"description":"A human-readable description of the status of this operation.","type":"string"},"metadata":{"description":"ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}.","properties":{"continue":{"description":"continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response.","type":"string"},"resourceVersion":{"description":"String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency","type":"string"},"selfLink":{"description":"selfLink is a URL representing this object. Populated by the system. Read-only.","type":"string"}}},"reason":{"description":"A machine-readable description of why this operation is in the \"Failure\" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it.","type":"string"},"status":{"description":"Status of the operation. One of: \"Success\" or \"Failure\". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status","type":"string"}}}},"required":["pending"]},"labels":{"description":"Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels","type":"object"},"name":{"description":"Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names","type":"string"},"namespace":{"description":"Namespace defines the space within each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.\n\nMust be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces","type":"string"},"ownerReferences":{"description":"List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.","items":{"description":"OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.","properties":{"apiVersion":{"description":"API version of the referent.","type":"string"},"blockOwnerDeletion":{"description":"If true, AND if the owner has the \"foregroundDeletion\" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs \"delete\" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned.","type":"boolean"},"controller":{"description":"If true, this reference points to the managing controller.","type":"boolean"},"kind":{"description":"Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds","type":"string"},"name":{"description":"Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names","type":"string"},"uid":{"description":"UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids","type":"string"}},"required":["apiVersion","kind","name","uid"]},"type":"array"},"resourceVersion":{"description":"An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.\n\nPopulated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency","type":"string"},"selfLink":{"description":"SelfLink is a URL representing this object. Populated by the system. Read-only.","type":"string"},"uid":{"description":"UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.\n\nPopulated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids","type":"string"}}},"remoteRead":{"description":"If specified, the remote_read spec. This is an experimental feature, it may change in any upcoming release in a breaking way.","items":{"description":"RemoteReadSpec defines the remote_read configuration for prometheus.","properties":{"basicAuth":{"description":"BasicAuth allow an endpoint to authenticate over basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints","properties":{"password":{"description":"SecretKeySelector selects a key of a Secret.","properties":{"key":{"description":"The key of the secret to select from. Must be a valid secret key.","type":"string"},"name":{"description":"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names","type":"string"},"optional":{"description":"Specify whether the Secret or it's key must be defined","type":"boolean"}},"required":["key"]},"username":{"description":"SecretKeySelector selects a key of a Secret.","properties":{"key":{"description":"The key of the secret to select from. Must be a valid secret key.","type":"string"},"name":{"description":"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names","type":"string"},"optional":{"description":"Specify whether the Secret or it's key must be defined","type":"boolean"}},"required":["key"]}}},"bearerToken":{"description":"bearer token for remote read.","type":"string"},"bearerTokenFile":{"description":"File to read bearer token for remote read.","type":"string"},"proxyUrl":{"description":"Optional ProxyURL","type":"string"},"readRecent":{"description":"Whether reads should be made for queries for time ranges that the local storage should have complete data for.","type":"boolean"},"remoteTimeout":{"description":"Timeout for requests to the remote read endpoint.","type":"string"},"requiredMatchers":{"description":"An optional list of equality matchers which have to be present in a selector to query the remote read endpoint.","type":"object"},"tlsConfig":{"description":"TLSConfig specifies TLS configuration parameters.","properties":{"caFile":{"description":"The CA cert to use for the targets.","type":"string"},"certFile":{"description":"The client cert file for the targets.","type":"string"},"insecureSkipVerify":{"description":"Disable target certificate validation.","type":"boolean"},"keyFile":{"description":"The client key file for the targets.","type":"string"},"serverName":{"description":"Used to verify the hostname for the targets.","type":"string"}}},"url":{"description":"The URL of the endpoint to send samples to.","type":"string"}},"required":["url"]},"type":"array"},"remoteWrite":{"description":"If specified, the remote_write spec. This is an experimental feature, it may change in any upcoming release in a breaking way.","items":{"description":"RemoteWriteSpec defines the remote_write configuration for prometheus.","properties":{"basicAuth":{"description":"BasicAuth allow an endpoint to authenticate over basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints","properties":{"password":{"description":"SecretKeySelector selects a key of a Secret.","properties":{"key":{"description":"The key of the secret to select from. Must be a valid secret key.","type":"string"},"name":{"description":"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names","type":"string"},"optional":{"description":"Specify whether the Secret or it's key must be defined","type":"boolean"}},"required":["key"]},"username":{"description":"SecretKeySelector selects a key of a Secret.","properties":{"key":{"description":"The key of the secret to select from. Must be a valid secret key.","type":"string"},"name":{"description":"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names","type":"string"},"optional":{"description":"Specify whether the Secret or it's key must be defined","type":"boolean"}},"required":["key"]}}},"bearerToken":{"description":"File to read bearer token for remote write.","type":"string"},"bearerTokenFile":{"description":"File to read bearer token for remote write.","type":"string"},"proxyUrl":{"description":"Optional ProxyURL","type":"string"},"remoteTimeout":{"description":"Timeout for requests to the remote write endpoint.","type":"string"},"tlsConfig":{"description":"TLSConfig specifies TLS configuration parameters.","properties":{"caFile":{"description":"The CA cert to use for the targets.","type":"string"},"certFile":{"description":"The client cert file for the targets.","type":"string"},"insecureSkipVerify":{"description":"Disable target certificate validation.","type":"boolean"},"keyFile":{"description":"The client key file for the targets.","type":"string"},"serverName":{"description":"Used to verify the hostname for the targets.","type":"string"}}},"url":{"description":"The URL of the endpoint to send samples to.","type":"string"},"writeRelabelConfigs":{"description":"The list of remote write relabel configurations.","items":{"description":"RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. It defines `\u003cmetric_relabel_configs\u003e`-section of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs","properties":{"action":{"description":"Action to perform based on regex matching. Default is 'replace'","type":"string"},"modulus":{"description":"Modulus to take of the hash of the source label values.","format":"int64","type":"integer"},"regex":{"description":"Regular expression against which the extracted value is matched. defailt is '(.*)'","type":"string"},"replacement":{"description":"Replacement value against which a regex replace is performed if the regular expression matches. Regex capture groups are available. Default is '$1'","type":"string"},"separator":{"description":"Separator placed between concatenated source label values. default is ';'.","type":"string"},"sourceLabels":{"description":"The source labels select values from existing labels. Their content is concatenated using the configured separator and matched against the configured regular expression for the replace, keep, and drop actions.","items":{"type":"string"},"type":"array"},"targetLabel":{"description":"Label to which the resulting value is written in a replace action. It is mandatory for replace actions. Regex capture groups are available.","type":"string"}}},"type":"array"}},"required":["url"]},"type":"array"},"replicas":{"description":"Number of instances to deploy for a Prometheus deployment.","format":"int32","type":"integer"},"resources":{"description":"ResourceRequirements describes the compute resource requirements.","properties":{"limits":{"description":"Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/","type":"object"},"requests":{"description":"Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/","type":"object"}}},"retention":{"description":"Time duration Prometheus shall retain data for.","type":"string"},"routePrefix":{"description":"The route prefix Prometheus registers HTTP handlers for. This is useful, if using ExternalURL and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true, but the server serves requests under a different route prefix. For example for use with `kubectl proxy`.","type":"string"},"ruleSelector":{"description":"A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.","properties":{"matchExpressions":{"description":"matchExpressions is a list of label selector requirements. The requirements are ANDed.","items":{"description":"A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.","properties":{"key":{"description":"key is the label key that the selector applies to.","type":"string"},"operator":{"description":"operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.","type":"string"},"values":{"description":"values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.","items":{"type":"string"},"type":"array"}},"required":["key","operator"]},"type":"array"},"matchLabels":{"description":"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.","type":"object"}}},"scrapeInterval":{"description":"Interval between consecutive scrapes.","type":"string"},"secrets":{"description":"Secrets is a list of Secrets in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods. The Secrets are mounted into /etc/prometheus/secrets/\u003csecret-name\u003e. Secrets changes after initial creation of a Prometheus object are not reflected in the running Pods. To change the secrets mounted into the Prometheus Pods, the object must be deleted and recreated with the new list of secrets.","items":{"type":"string"},"type":"array"},"securityContext":{"description":"PodSecurityContext holds pod-level security attributes and common container settings. Some fields are also present in container.securityContext. Field values of container.securityContext take precedence over field values of PodSecurityContext.","properties":{"fsGroup":{"description":"A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:\n\n1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw----\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.","format":"int64","type":"integer"},"runAsNonRoot":{"description":"Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.","type":"boolean"},"runAsUser":{"description":"The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container.","format":"int64","type":"integer"},"seLinuxOptions":{"description":"SELinuxOptions are the labels to be applied to the container","properties":{"level":{"description":"Level is SELinux level label that applies to the container.","type":"string"},"role":{"description":"Role is a SELinux role label that applies to the container.","type":"string"},"type":{"description":"Type is a SELinux type label that applies to the container.","type":"string"},"user":{"description":"User is a SELinux user label that applies to the container.","type":"string"}}},"supplementalGroups":{"description":"A list of groups applied to the first process run in each container, in addition to the container's primary GID. If unspecified, no groups will be added to any container.","items":{"format":"int64","type":"integer"},"type":"array"}}},"serviceAccountName":{"description":"ServiceAccountName is the name of the ServiceAccount to use to run the Prometheus Pods.","type":"string"},"serviceMonitorNamespaceSelector":{"description":"A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.","properties":{"matchExpressions":{"description":"matchExpressions is a list of label selector requirements. The requirements are ANDed.","items":{"description":"A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.","properties":{"key":{"description":"key is the label key that the selector applies to.","type":"string"},"operator":{"description":"operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.","type":"string"},"values":{"description":"values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.","items":{"type":"string"},"type":"array"}},"required":["key","operator"]},"type":"array"},"matchLabels":{"description":"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.","type":"object"}}},"serviceMonitorSelector":{"description":"A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.","properties":{"matchExpressions":{"description":"matchExpressions is a list of label selector requirements. The requirements are ANDed.","items":{"description":"A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.","properties":{"key":{"description":"key is the label key that the selector applies to.","type":"string"},"operator":{"description":"operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.","type":"string"},"values":{"description":"values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.","items":{"type":"string"},"type":"array"}},"required":["key","operator"]},"type":"array"},"matchLabels":{"description":"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.","type":"object"}}},"storage":{"description":"StorageSpec defines the configured storage for a group Prometheus servers.","properties":{"class":{"description":"Name of the StorageClass to use when requesting storage provisioning. More info: https://kubernetes.io/docs/user-guide/persistent-volumes/#storageclasses DEPRECATED","type":"string"},"emptyDir":{"description":"Represents an empty directory for a pod. Empty directory volumes support ownership management and SELinux relabeling.","properties":{"medium":{"description":"What type of storage medium should back this directory. The default is \"\" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir","type":"string"},"sizeLimit":{}}},"resources":{"description":"ResourceRequirements describes the compute resource requirements.","properties":{"limits":{"description":"Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/","type":"object"},"requests":{"description":"Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/","type":"object"}}},"selector":{"description":"A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.","properties":{"matchExpressions":{"description":"matchExpressions is a list of label selector requirements. The requirements are ANDed.","items":{"description":"A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.","properties":{"key":{"description":"key is the label key that the selector applies to.","type":"string"},"operator":{"description":"operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.","type":"string"},"values":{"description":"values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.","items":{"type":"string"},"type":"array"}},"required":["key","operator"]},"type":"array"},"matchLabels":{"description":"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.","type":"object"}}},"volumeClaimTemplate":{"description":"PersistentVolumeClaim is a user's request for and claim to a persistent volume","properties":{"apiVersion":{"description":"APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources","type":"string"},"kind":{"description":"Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds","type":"string"},"metadata":{"description":"ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.","properties":{"annotations":{"description":"Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations","type":"object"},"clusterName":{"description":"The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.","type":"string"},"creationTimestamp":{"format":"date-time","type":"string"},"deletionGracePeriodSeconds":{"description":"Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.","format":"int64","type":"integer"},"deletionTimestamp":{"format":"date-time","type":"string"},"finalizers":{"description":"Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed.","items":{"type":"string"},"type":"array"},"generateName":{"description":"GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.\n\nIf this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).\n\nApplied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency","type":"string"},"generation":{"description":"A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.","format":"int64","type":"integer"},"initializers":{"description":"Initializers tracks the progress of initialization.","properties":{"pending":{"description":"Pending is a list of initializers that must execute in order before this object is visible. When the last pending initializer is removed, and no failing result is set, the initializers struct will be set to nil and the object is considered as initialized and visible to all clients.","items":{"description":"Initializer is information about an initializer that has not yet completed.","properties":{"name":{"description":"name of the process that is responsible for initializing this object.","type":"string"}},"required":["name"]},"type":"array"},"result":{"description":"Status is a return value for calls that don't return other objects.","properties":{"apiVersion":{"description":"APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources","type":"string"},"code":{"description":"Suggested HTTP return code for this status, 0 if not set.","format":"int32","type":"integer"},"details":{"description":"StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined.","properties":{"causes":{"description":"The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes.","items":{"description":"StatusCause provides more information about an api.Status failure, including cases when multiple errors are encountered.","properties":{"field":{"description":"The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional.\n\nExamples:\n \"name\" - the field \"name\" on the current resource\n \"items[0].name\" - the field \"name\" on the first array entry in \"items\"","type":"string"},"message":{"description":"A human-readable description of the cause of the error. This field may be presented as-is to a reader.","type":"string"},"reason":{"description":"A machine-readable description of the cause of the error. If this value is empty there is no information available.","type":"string"}}},"type":"array"},"group":{"description":"The group attribute of the resource associated with the status StatusReason.","type":"string"},"kind":{"description":"The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds","type":"string"},"name":{"description":"The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described).","type":"string"},"retryAfterSeconds":{"description":"If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action.","format":"int32","type":"integer"},"uid":{"description":"UID of the resource. (when there is a single resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids","type":"string"}}},"kind":{"description":"Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds","type":"string"},"message":{"description":"A human-readable description of the status of this operation.","type":"string"},"metadata":{"description":"ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}.","properties":{"continue":{"description":"continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response.","type":"string"},"resourceVersion":{"description":"String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency","type":"string"},"selfLink":{"description":"selfLink is a URL representing this object. Populated by the system. Read-only.","type":"string"}}},"reason":{"description":"A machine-readable description of why this operation is in the \"Failure\" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it.","type":"string"},"status":{"description":"Status of the operation. One of: \"Success\" or \"Failure\". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status","type":"string"}}}},"required":["pending"]},"labels":{"description":"Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels","type":"object"},"name":{"description":"Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names","type":"string"},"namespace":{"description":"Namespace defines the space within each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.\n\nMust be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces","type":"string"},"ownerReferences":{"description":"List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.","items":{"description":"OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.","properties":{"apiVersion":{"description":"API version of the referent.","type":"string"},"blockOwnerDeletion":{"description":"If true, AND if the owner has the \"foregroundDeletion\" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs \"delete\" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned.","type":"boolean"},"controller":{"description":"If true, this reference points to the managing controller.","type":"boolean"},"kind":{"description":"Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds","type":"string"},"name":{"description":"Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names","type":"string"},"uid":{"description":"UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids","type":"string"}},"required":["apiVersion","kind","name","uid"]},"type":"array"},"resourceVersion":{"description":"An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.\n\nPopulated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency","type":"string"},"selfLink":{"description":"SelfLink is a URL representing this object. Populated by the system. Read-only.","type":"string"},"uid":{"description":"UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.\n\nPopulated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids","type":"string"}}},"spec":{"description":"PersistentVolumeClaimSpec describes the common attributes of storage devices and allows a Source for provider-specific attributes","properties":{"accessModes":{"description":"AccessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1","items":{"type":"string"},"type":"array"},"resources":{"description":"ResourceRequirements describes the compute resource requirements.","properties":{"limits":{"description":"Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/","type":"object"},"requests":{"description":"Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/","type":"object"}}},"selector":{"description":"A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.","properties":{"matchExpressions":{"description":"matchExpressions is a list of label selector requirements. The requirements are ANDed.","items":{"description":"A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.","properties":{"key":{"description":"key is the label key that the selector applies to.","type":"string"},"operator":{"description":"operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.","type":"string"},"values":{"description":"values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.","items":{"type":"string"},"type":"array"}},"required":["key","operator"]},"type":"array"},"matchLabels":{"description":"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.","type":"object"}}},"storageClassName":{"description":"Name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1","type":"string"},"volumeMode":{"description":"volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. This is an alpha feature and may change in the future.","type":"string"},"volumeName":{"description":"VolumeName is the binding reference to the PersistentVolume backing this claim.","type":"string"}}},"status":{"description":"PersistentVolumeClaimStatus is the current status of a persistent volume claim.","properties":{"accessModes":{"description":"AccessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1","items":{"type":"string"},"type":"array"},"capacity":{"description":"Represents the actual resources of the underlying volume.","type":"object"},"conditions":{"description":"Current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'.","items":{"description":"PersistentVolumeClaimCondition contails details about state of pvc","properties":{"lastProbeTime":{"format":"date-time","type":"string"},"lastTransitionTime":{"format":"date-time","type":"string"},"message":{"description":"Human-readable message indicating details about last transition.","type":"string"},"reason":{"description":"Unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports \"ResizeStarted\" that means the underlying persistent volume is being resized.","type":"string"},"status":{"type":"string"},"type":{"type":"string"}},"required":["type","status"]},"type":"array"},"phase":{"description":"Phase represents the current phase of PersistentVolumeClaim.","type":"string"}}}}}}},"tolerations":{"description":"If specified, the pod's tolerations.","items":{"description":"The pod this Toleration is attached to tolerates any taint that matches the triple \u003ckey,value,effect\u003e using the matching operator \u003coperator\u003e.","properties":{"effect":{"description":"Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.","type":"string"},"key":{"description":"Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.","type":"string"},"operator":{"description":"Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.","type":"string"},"tolerationSeconds":{"description":"TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.","format":"int64","type":"integer"},"value":{"description":"Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.","type":"string"}}},"type":"array"},"version":{"description":"Version of Prometheus to be deployed.","type":"string"}}},"status":{"description":"Most recent observed status of the Prometheus cluster. Read-only. Not included when requesting from the apiserver, only from the Prometheus Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status","properties":{"availableReplicas":{"description":"Total number of available pods (ready for at least minReadySeconds) targeted by this Prometheus deployment.","format":"int32","type":"integer"},"paused":{"description":"Represents whether any actions on the underlaying managed objects are being performed. Only delete actions will be performed.","type":"boolean"},"replicas":{"description":"Total number of non-terminated pods targeted by this Prometheus deployment (their labels match the selector).","format":"int32","type":"integer"},"unavailableReplicas":{"description":"Total number of unavailable pods targeted by this Prometheus deployment.","format":"int32","type":"integer"},"updatedReplicas":{"description":"Total number of non-terminated pods targeted by this Prometheus deployment that have the desired version spec.","format":"int32","type":"integer"}},"required":["paused","replicas","updatedReplicas","availableReplicas","unavailableReplicas"]}},"required":["spec"]}},"version":"v1"},"status":{"acceptedNames":{"kind":"","plural":""},"conditions":null}}
\ No newline at end of file
diff --git a/jsonnet/kube-prometheus/prometheus-operator/prometheus-operator.libsonnet b/jsonnet/kube-prometheus/prometheus-operator/prometheus-operator.libsonnet
new file mode 100644
index 00000000..c1003ebf
--- /dev/null
+++ b/jsonnet/kube-prometheus/prometheus-operator/prometheus-operator.libsonnet
@@ -0,0 +1,152 @@
+local k = import 'ksonnet/ksonnet.beta.3/k.libsonnet';
+
+{
+ _config+:: {
+ namespace: 'default',
+
+ versions+:: {
+ prometheusOperator: 'v0.19.0',
+ },
+
+ imageRepos+:: {
+ prometheusOperator: 'quay.io/coreos/prometheus-operator',
+ },
+ },
+
+ prometheusOperator+:: {
+ // Prefixing with 0 to ensure these manifests are listed and therefore created first.
+ '0alertmanagerCustomResourceDefinition': import 'alertmanager-crd.libsonnet',
+ '0prometheusCustomResourceDefinition': import 'prometheus-crd.libsonnet',
+ '0servicemonitorCustomResourceDefinition': import 'servicemonitor-crd.libsonnet',
+
+ clusterRoleBinding:
+ local clusterRoleBinding = k.rbac.v1.clusterRoleBinding;
+
+ clusterRoleBinding.new() +
+ clusterRoleBinding.mixin.metadata.withName('prometheus-operator') +
+ clusterRoleBinding.mixin.roleRef.withApiGroup('rbac.authorization.k8s.io') +
+ clusterRoleBinding.mixin.roleRef.withName('prometheus-operator') +
+ clusterRoleBinding.mixin.roleRef.mixinInstance({ kind: 'ClusterRole' }) +
+ clusterRoleBinding.withSubjects([{ kind: 'ServiceAccount', name: 'prometheus-operator', namespace: $._config.namespace }]),
+
+ clusterRole:
+ local clusterRole = k.rbac.v1.clusterRole;
+ local policyRule = clusterRole.rulesType;
+
+ local extensionsRule = policyRule.new() +
+ policyRule.withApiGroups(['extensions']) +
+ policyRule.withResources([
+ 'thirdpartyresources',
+ ]) +
+ policyRule.withVerbs(['*']);
+
+ local apiExtensionsRule = policyRule.new() +
+ policyRule.withApiGroups(['apiextensions.k8s.io']) +
+ policyRule.withResources([
+ 'customresourcedefinitions',
+ ]) +
+ policyRule.withVerbs(['*']);
+
+ local monitoringRule = policyRule.new() +
+ policyRule.withApiGroups(['monitoring.coreos.com']) +
+ policyRule.withResources([
+ 'alertmanagers',
+ 'prometheuses',
+ 'prometheuses/finalizers',
+ 'alertmanagers/finalizers',
+ 'servicemonitors',
+ ]) +
+ policyRule.withVerbs(['*']);
+
+ local appsRule = policyRule.new() +
+ policyRule.withApiGroups(['apps']) +
+ policyRule.withResources([
+ 'statefulsets',
+ ]) +
+ policyRule.withVerbs(['*']);
+
+ local coreRule = policyRule.new() +
+ policyRule.withApiGroups(['']) +
+ policyRule.withResources([
+ 'configmaps',
+ 'secrets',
+ ]) +
+ policyRule.withVerbs(['*']);
+
+ local podRule = policyRule.new() +
+ policyRule.withApiGroups(['']) +
+ policyRule.withResources([
+ 'pods',
+ ]) +
+ policyRule.withVerbs(['list', 'delete']);
+
+ local routingRule = policyRule.new() +
+ policyRule.withApiGroups(['']) +
+ policyRule.withResources([
+ 'services',
+ 'endpoints',
+ ]) +
+ policyRule.withVerbs(['get', 'create', 'update']);
+
+ local nodeRule = policyRule.new() +
+ policyRule.withApiGroups(['']) +
+ policyRule.withResources([
+ 'nodes',
+ ]) +
+ policyRule.withVerbs(['list', 'watch']);
+
+ local namespaceRule = policyRule.new() +
+ policyRule.withApiGroups(['']) +
+ policyRule.withResources([
+ 'namespaces',
+ ]) +
+ policyRule.withVerbs(['list']);
+
+ local rules = [extensionsRule, apiExtensionsRule, monitoringRule, appsRule, coreRule, podRule, routingRule, nodeRule, namespaceRule];
+
+ clusterRole.new() +
+ clusterRole.mixin.metadata.withName('prometheus-operator') +
+ clusterRole.withRules(rules),
+
+ deployment:
+ local deployment = k.apps.v1beta2.deployment;
+ local container = k.apps.v1beta2.deployment.mixin.spec.template.spec.containersType;
+ local containerPort = container.portsType;
+
+ local targetPort = 8080;
+ local podLabels = { 'k8s-app': 'prometheus-operator' };
+
+ local operatorContainer =
+ container.new('prometheus-operator', $._config.imageRepos.prometheusOperator + ':' + $._config.versions.prometheusOperator) +
+ container.withPorts(containerPort.newNamed('http', targetPort)) +
+ container.withArgs(['--kubelet-service=kube-system/kubelet', '--config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1']) +
+ container.mixin.resources.withRequests({ cpu: '100m', memory: '50Mi' }) +
+ container.mixin.resources.withLimits({ cpu: '200m', memory: '100Mi' });
+
+ deployment.new('prometheus-operator', 1, operatorContainer, podLabels) +
+ deployment.mixin.metadata.withNamespace($._config.namespace) +
+ deployment.mixin.metadata.withLabels(podLabels) +
+ deployment.mixin.spec.selector.withMatchLabels(podLabels) +
+ deployment.mixin.spec.template.spec.withNodeSelector({ 'beta.kubernetes.io/os': 'linux' }) +
+ deployment.mixin.spec.template.spec.securityContext.withRunAsNonRoot(true) +
+ deployment.mixin.spec.template.spec.securityContext.withRunAsUser(65534) +
+ deployment.mixin.spec.template.spec.withServiceAccountName('prometheus-operator'),
+
+ serviceAccount:
+ local serviceAccount = k.core.v1.serviceAccount;
+
+ serviceAccount.new('prometheus-operator') +
+ serviceAccount.mixin.metadata.withNamespace($._config.namespace),
+
+ service:
+ local service = k.core.v1.service;
+ local servicePort = k.core.v1.service.mixin.spec.portsType;
+
+ local poServicePort = servicePort.newNamed('http', 8080, 'http');
+
+ service.new('prometheus-operator', $.prometheusOperator.deployment.spec.selector.matchLabels, [poServicePort]) +
+ service.mixin.metadata.withLabels({ 'k8s-app': 'prometheus-operator' }) +
+ service.mixin.metadata.withNamespace($._config.namespace) +
+ service.mixin.spec.withClusterIp('None'),
+ },
+}
diff --git a/jsonnet/kube-prometheus/prometheus-operator/servicemonitor-crd.libsonnet b/jsonnet/kube-prometheus/prometheus-operator/servicemonitor-crd.libsonnet
new file mode 100644
index 00000000..1df3123f
--- /dev/null
+++ b/jsonnet/kube-prometheus/prometheus-operator/servicemonitor-crd.libsonnet
@@ -0,0 +1 @@
+{"apiVersion":"apiextensions.k8s.io/v1beta1","kind":"CustomResourceDefinition","metadata":{"creationTimestamp":null,"name":"servicemonitors.monitoring.coreos.com"},"spec":{"group":"monitoring.coreos.com","names":{"kind":"ServiceMonitor","plural":"servicemonitors"},"scope":"Namespaced","validation":{"openAPIV3Schema":{"description":"ServiceMonitor defines monitoring for a set of services.","properties":{"apiVersion":{"description":"APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources","type":"string"},"kind":{"description":"Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds","type":"string"},"spec":{"description":"ServiceMonitorSpec contains specification parameters for a ServiceMonitor.","properties":{"endpoints":{"description":"A list of endpoints allowed as part of this ServiceMonitor.","items":{"description":"Endpoint defines a scrapeable endpoint serving Prometheus metrics.","properties":{"basicAuth":{"description":"BasicAuth allow an endpoint to authenticate over basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints","properties":{"password":{"description":"SecretKeySelector selects a key of a Secret.","properties":{"key":{"description":"The key of the secret to select from. Must be a valid secret key.","type":"string"},"name":{"description":"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names","type":"string"},"optional":{"description":"Specify whether the Secret or it's key must be defined","type":"boolean"}},"required":["key"]},"username":{"description":"SecretKeySelector selects a key of a Secret.","properties":{"key":{"description":"The key of the secret to select from. Must be a valid secret key.","type":"string"},"name":{"description":"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names","type":"string"},"optional":{"description":"Specify whether the Secret or it's key must be defined","type":"boolean"}},"required":["key"]}}},"bearerTokenFile":{"description":"File to read bearer token for scraping targets.","type":"string"},"honorLabels":{"description":"HonorLabels chooses the metric's labels on collisions with target labels.","type":"boolean"},"interval":{"description":"Interval at which metrics should be scraped","type":"string"},"metricRelabelings":{"description":"MetricRelabelConfigs to apply to samples before ingestion.","items":{"description":"RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. It defines `\u003cmetric_relabel_configs\u003e`-section of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs","properties":{"action":{"description":"Action to perform based on regex matching. Default is 'replace'","type":"string"},"modulus":{"description":"Modulus to take of the hash of the source label values.","format":"int64","type":"integer"},"regex":{"description":"Regular expression against which the extracted value is matched. defailt is '(.*)'","type":"string"},"replacement":{"description":"Replacement value against which a regex replace is performed if the regular expression matches. Regex capture groups are available. Default is '$1'","type":"string"},"separator":{"description":"Separator placed between concatenated source label values. default is ';'.","type":"string"},"sourceLabels":{"description":"The source labels select values from existing labels. Their content is concatenated using the configured separator and matched against the configured regular expression for the replace, keep, and drop actions.","items":{"type":"string"},"type":"array"},"targetLabel":{"description":"Label to which the resulting value is written in a replace action. It is mandatory for replace actions. Regex capture groups are available.","type":"string"}}},"type":"array"},"params":{"description":"Optional HTTP URL parameters","type":"object"},"path":{"description":"HTTP path to scrape for metrics.","type":"string"},"port":{"description":"Name of the service port this endpoint refers to. Mutually exclusive with targetPort.","type":"string"},"scheme":{"description":"HTTP scheme to use for scraping.","type":"string"},"scrapeTimeout":{"description":"Timeout after which the scrape is ended","type":"string"},"targetPort":{},"tlsConfig":{"description":"TLSConfig specifies TLS configuration parameters.","properties":{"caFile":{"description":"The CA cert to use for the targets.","type":"string"},"certFile":{"description":"The client cert file for the targets.","type":"string"},"insecureSkipVerify":{"description":"Disable target certificate validation.","type":"boolean"},"keyFile":{"description":"The client key file for the targets.","type":"string"},"serverName":{"description":"Used to verify the hostname for the targets.","type":"string"}}}}},"type":"array"},"jobLabel":{"description":"The label to use to retrieve the job name from.","type":"string"},"namespaceSelector":{"description":"A selector for selecting namespaces either selecting all namespaces or a list of namespaces.","properties":{"any":{"description":"Boolean describing whether all namespaces are selected in contrast to a list restricting them.","type":"boolean"},"matchNames":{"description":"List of namespace names.","items":{"type":"string"},"type":"array"}}},"selector":{"description":"A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.","properties":{"matchExpressions":{"description":"matchExpressions is a list of label selector requirements. The requirements are ANDed.","items":{"description":"A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.","properties":{"key":{"description":"key is the label key that the selector applies to.","type":"string"},"operator":{"description":"operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.","type":"string"},"values":{"description":"values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.","items":{"type":"string"},"type":"array"}},"required":["key","operator"]},"type":"array"},"matchLabels":{"description":"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.","type":"object"}}},"targetLabels":{"description":"TargetLabels transfers labels on the Kubernetes Service onto the target.","items":{"type":"string"},"type":"array"}},"required":["endpoints","selector"]}},"required":["spec"]}},"version":"v1"},"status":{"acceptedNames":{"kind":"","plural":""},"conditions":null}}
\ No newline at end of file
diff --git a/jsonnet/kube-prometheus/prometheus/prometheus.libsonnet b/jsonnet/kube-prometheus/prometheus/prometheus.libsonnet
new file mode 100644
index 00000000..3b2d415c
--- /dev/null
+++ b/jsonnet/kube-prometheus/prometheus/prometheus.libsonnet
@@ -0,0 +1,454 @@
+local k = import 'ksonnet/ksonnet.beta.3/k.libsonnet';
+
+{
+ _config+:: {
+ namespace: 'default',
+
+ versions+:: {
+ prometheus: 'v2.2.1',
+ },
+
+ imageRepos+:: {
+ prometheus: 'quay.io/prometheus/prometheus',
+ },
+
+ prometheus+:: {
+ replicas: 2,
+ rules: {},
+ },
+ },
+
+ prometheus+:: {
+ serviceAccount:
+ local serviceAccount = k.core.v1.serviceAccount;
+
+ serviceAccount.new('prometheus-k8s') +
+ serviceAccount.mixin.metadata.withNamespace($._config.namespace),
+ service:
+ local service = k.core.v1.service;
+ local servicePort = k.core.v1.service.mixin.spec.portsType;
+
+ local prometheusPort = servicePort.newNamed('web', 9090, 'web');
+
+ service.new('prometheus-k8s', { app: 'prometheus', prometheus: 'k8s' }, prometheusPort) +
+ service.mixin.metadata.withNamespace($._config.namespace) +
+ service.mixin.metadata.withLabels({ prometheus: 'k8s' }),
+ rules:
+ local configMap = k.core.v1.configMap;
+
+ configMap.new('prometheus-k8s-rules', { 'all.rules.yaml': std.manifestYamlDoc($._config.prometheus.rules) }) +
+ configMap.mixin.metadata.withLabels({ role: 'alert-rules', prometheus: 'k8s' }) +
+ configMap.mixin.metadata.withNamespace($._config.namespace),
+ roleBindingDefault:
+ local roleBinding = k.rbac.v1.roleBinding;
+
+ roleBinding.new() +
+ roleBinding.mixin.metadata.withName('prometheus-k8s') +
+ roleBinding.mixin.metadata.withNamespace('default') +
+ roleBinding.mixin.roleRef.withApiGroup('rbac.authorization.k8s.io') +
+ roleBinding.mixin.roleRef.withName('prometheus-k8s') +
+ roleBinding.mixin.roleRef.mixinInstance({ kind: 'Role' }) +
+ roleBinding.withSubjects([{ kind: 'ServiceAccount', name: 'prometheus-k8s', namespace: $._config.namespace }]),
+ clusterRole:
+ local clusterRole = k.rbac.v1.clusterRole;
+ local policyRule = clusterRole.rulesType;
+
+ local nodeMetricsRule = policyRule.new() +
+ policyRule.withApiGroups(['']) +
+ policyRule.withResources(['nodes/metrics']) +
+ policyRule.withVerbs(['get']);
+
+ local metricsRule = policyRule.new() +
+ policyRule.withNonResourceUrls('/metrics') +
+ policyRule.withVerbs(['get']);
+
+ local rules = [nodeMetricsRule, metricsRule];
+
+ clusterRole.new() +
+ clusterRole.mixin.metadata.withName('prometheus-k8s') +
+ clusterRole.withRules(rules),
+ roleConfig:
+ local role = k.rbac.v1.role;
+ local policyRule = role.rulesType;
+
+ local configmapRule = policyRule.new() +
+ policyRule.withApiGroups(['']) +
+ policyRule.withResources([
+ 'configmaps',
+ ]) +
+ policyRule.withVerbs(['get']);
+
+ role.new() +
+ role.mixin.metadata.withName('prometheus-k8s-config') +
+ role.mixin.metadata.withNamespace($._config.namespace) +
+ role.withRules(configmapRule),
+ roleBindingConfig:
+ local roleBinding = k.rbac.v1.roleBinding;
+
+ roleBinding.new() +
+ roleBinding.mixin.metadata.withName('prometheus-k8s-config') +
+ roleBinding.mixin.metadata.withNamespace($._config.namespace) +
+ roleBinding.mixin.roleRef.withApiGroup('rbac.authorization.k8s.io') +
+ roleBinding.mixin.roleRef.withName('prometheus-k8s-config') +
+ roleBinding.mixin.roleRef.mixinInstance({ kind: 'Role' }) +
+ roleBinding.withSubjects([{ kind: 'ServiceAccount', name: 'prometheus-k8s', namespace: $._config.namespace }]),
+ roleBindingNamespace:
+ local roleBinding = k.rbac.v1.roleBinding;
+
+ roleBinding.new() +
+ roleBinding.mixin.metadata.withName('prometheus-k8s') +
+ roleBinding.mixin.metadata.withNamespace($._config.namespace) +
+ roleBinding.mixin.roleRef.withApiGroup('rbac.authorization.k8s.io') +
+ roleBinding.mixin.roleRef.withName('prometheus-k8s') +
+ roleBinding.mixin.roleRef.mixinInstance({ kind: 'Role' }) +
+ roleBinding.withSubjects([{ kind: 'ServiceAccount', name: 'prometheus-k8s', namespace: $._config.namespace }]),
+ clusterRoleBinding:
+ local clusterRoleBinding = k.rbac.v1.clusterRoleBinding;
+
+ clusterRoleBinding.new() +
+ clusterRoleBinding.mixin.metadata.withName('prometheus-k8s') +
+ clusterRoleBinding.mixin.roleRef.withApiGroup('rbac.authorization.k8s.io') +
+ clusterRoleBinding.mixin.roleRef.withName('prometheus-k8s') +
+ clusterRoleBinding.mixin.roleRef.mixinInstance({ kind: 'ClusterRole' }) +
+ clusterRoleBinding.withSubjects([{ kind: 'ServiceAccount', name: 'prometheus-k8s', namespace: $._config.namespace }]),
+ roleKubeSystem:
+ local role = k.rbac.v1.role;
+ local policyRule = role.rulesType;
+
+ local coreRule = policyRule.new() +
+ policyRule.withApiGroups(['']) +
+ policyRule.withResources([
+ 'nodes',
+ 'services',
+ 'endpoints',
+ 'pods',
+ ]) +
+ policyRule.withVerbs(['get', 'list', 'watch']);
+
+ role.new() +
+ role.mixin.metadata.withName('prometheus-k8s') +
+ role.mixin.metadata.withNamespace('kube-system') +
+ role.withRules(coreRule),
+ roleDefault:
+ local role = k.rbac.v1.role;
+ local policyRule = role.rulesType;
+
+ local coreRule = policyRule.new() +
+ policyRule.withApiGroups(['']) +
+ policyRule.withResources([
+ 'nodes',
+ 'services',
+ 'endpoints',
+ 'pods',
+ ]) +
+ policyRule.withVerbs(['get', 'list', 'watch']);
+
+ role.new() +
+ role.mixin.metadata.withName('prometheus-k8s') +
+ role.mixin.metadata.withNamespace('default') +
+ role.withRules(coreRule),
+ roleBindingKubeSystem:
+ local roleBinding = k.rbac.v1.roleBinding;
+
+ roleBinding.new() +
+ roleBinding.mixin.metadata.withName('prometheus-k8s') +
+ roleBinding.mixin.metadata.withNamespace('kube-system') +
+ roleBinding.mixin.roleRef.withApiGroup('rbac.authorization.k8s.io') +
+ roleBinding.mixin.roleRef.withName('prometheus-k8s') +
+ roleBinding.mixin.roleRef.mixinInstance({ kind: 'Role' }) +
+ roleBinding.withSubjects([{ kind: 'ServiceAccount', name: 'prometheus-k8s', namespace: $._config.namespace }]),
+ roleNamespace:
+ local role = k.rbac.v1.role;
+ local policyRule = role.rulesType;
+
+ local coreRule = policyRule.new() +
+ policyRule.withApiGroups(['']) +
+ policyRule.withResources([
+ 'nodes',
+ 'services',
+ 'endpoints',
+ 'pods',
+ ]) +
+ policyRule.withVerbs(['get', 'list', 'watch']);
+
+ role.new() +
+ role.mixin.metadata.withName('prometheus-k8s') +
+ role.mixin.metadata.withNamespace($._config.namespace) +
+ role.withRules(coreRule),
+ prometheus:
+ local container = k.core.v1.pod.mixin.spec.containersType;
+ local resourceRequirements = container.mixin.resourcesType;
+ local selector = k.apps.v1beta2.deployment.mixin.spec.selectorType;
+
+ local resources = resourceRequirements.new() +
+ resourceRequirements.withRequests({ memory: '400Mi' });
+
+ {
+ apiVersion: 'monitoring.coreos.com/v1',
+ kind: 'Prometheus',
+ metadata: {
+ name: 'k8s',
+ namespace: $._config.namespace,
+ labels: {
+ prometheus: 'k8s',
+ },
+ },
+ spec: {
+ replicas: $._config.prometheus.replicas,
+ version: $._config.versions.prometheus,
+ baseImage: $._config.imageRepos.prometheus,
+ serviceAccountName: 'prometheus-k8s',
+ serviceMonitorSelector: selector.withMatchExpressions({ key: 'k8s-app', operator: 'Exists' }),
+ nodeSelector: { 'beta.kubernetes.io/os': 'linux' },
+ ruleSelector: selector.withMatchLabels({
+ role: 'alert-rules',
+ prometheus: 'k8s',
+ }),
+ resources: resources,
+ alerting: {
+ alertmanagers: [
+ {
+ namespace: $._config.namespace,
+ name: 'alertmanager-main',
+ port: 'web',
+ },
+ ],
+ },
+ },
+ },
+ serviceMonitorPrometheus:
+ {
+ apiVersion: 'monitoring.coreos.com/v1',
+ kind: 'ServiceMonitor',
+ metadata: {
+ name: 'prometheus',
+ namespace: $._config.namespace,
+ labels: {
+ 'k8s-app': 'prometheus',
+ },
+ },
+ spec: {
+ selector: {
+ matchLabels: {
+ prometheus: 'k8s',
+ },
+ },
+ namespaceSelector: {
+ matchNames: [
+ 'monitoring',
+ ],
+ },
+ endpoints: [
+ {
+ port: 'web',
+ interval: '30s',
+ },
+ ],
+ },
+ },
+ serviceMonitorPrometheusOperator:
+ {
+ apiVersion: 'monitoring.coreos.com/v1',
+ kind: 'ServiceMonitor',
+ metadata: {
+ name: 'prometheus-operator',
+ namespace: $._config.namespace,
+ labels: {
+ 'k8s-app': 'prometheus-operator',
+ },
+ },
+ spec: {
+ endpoints: [
+ {
+ port: 'http',
+ },
+ ],
+ selector: {
+ matchLabels: {
+ 'k8s-app': 'prometheus-operator',
+ },
+ },
+ },
+ },
+ serviceMonitorKubeScheduler:
+ {
+ apiVersion: 'monitoring.coreos.com/v1',
+ kind: 'ServiceMonitor',
+ metadata: {
+ name: 'kube-scheduler',
+ namespace: $._config.namespace,
+ labels: {
+ 'k8s-app': 'kube-scheduler',
+ },
+ },
+ spec: {
+ jobLabel: 'k8s-app',
+ endpoints: [
+ {
+ port: 'http-metrics',
+ interval: '30s',
+ },
+ ],
+ selector: {
+ matchLabels: {
+ 'k8s-app': 'kube-scheduler',
+ },
+ },
+ namespaceSelector: {
+ matchNames: [
+ 'kube-system',
+ ],
+ },
+ },
+ },
+ serviceMonitorKubelet:
+ {
+ apiVersion: 'monitoring.coreos.com/v1',
+ kind: 'ServiceMonitor',
+ metadata: {
+ name: 'kubelet',
+ namespace: $._config.namespace,
+ labels: {
+ 'k8s-app': 'kubelet',
+ },
+ },
+ spec: {
+ jobLabel: 'k8s-app',
+ endpoints: [
+ {
+ port: 'https-metrics',
+ scheme: 'https',
+ interval: '30s',
+ tlsConfig: {
+ insecureSkipVerify: true,
+ },
+ bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token',
+ },
+ {
+ port: 'https-metrics',
+ scheme: 'https',
+ path: '/metrics/cadvisor',
+ interval: '30s',
+ honorLabels: true,
+ tlsConfig: {
+ insecureSkipVerify: true,
+ },
+ bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token',
+ },
+ ],
+ selector: {
+ matchLabels: {
+ 'k8s-app': 'kubelet',
+ },
+ },
+ namespaceSelector: {
+ matchNames: [
+ 'kube-system',
+ ],
+ },
+ },
+ },
+ serviceMonitorKubeControllerManager:
+ {
+ apiVersion: 'monitoring.coreos.com/v1',
+ kind: 'ServiceMonitor',
+ metadata: {
+ name: 'kube-controller-manager',
+ namespace: $._config.namespace,
+ labels: {
+ 'k8s-app': 'kube-controller-manager',
+ },
+ },
+ spec: {
+ jobLabel: 'k8s-app',
+ endpoints: [
+ {
+ port: 'http-metrics',
+ interval: '30s',
+ },
+ ],
+ selector: {
+ matchLabels: {
+ 'k8s-app': 'kube-controller-manager',
+ },
+ },
+ namespaceSelector: {
+ matchNames: [
+ 'kube-system',
+ ],
+ },
+ },
+ },
+ serviceMonitorApiserver:
+ {
+ apiVersion: 'monitoring.coreos.com/v1',
+ kind: 'ServiceMonitor',
+ metadata: {
+ name: 'kube-apiserver',
+ namespace: $._config.namespace,
+ labels: {
+ 'k8s-app': 'apiserver',
+ },
+ },
+ spec: {
+ jobLabel: 'component',
+ selector: {
+ matchLabels: {
+ component: 'apiserver',
+ provider: 'kubernetes',
+ },
+ },
+ namespaceSelector: {
+ matchNames: [
+ 'default',
+ ],
+ },
+ endpoints: [
+ {
+ port: 'https',
+ interval: '30s',
+ scheme: 'https',
+ tlsConfig: {
+ caFile: '/var/run/secrets/kubernetes.io/serviceaccount/ca.crt',
+ serverName: 'kubernetes',
+ },
+ bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token',
+ },
+ ],
+ },
+ },
+ serviceMonitorCoreDNS:
+ {
+ apiVersion: 'monitoring.coreos.com/v1',
+ kind: 'ServiceMonitor',
+ metadata: {
+ name: 'coredns',
+ namespace: $._config.namespace,
+ labels: {
+ 'k8s-app': 'coredns',
+ },
+ },
+ spec: {
+ jobLabel: 'k8s-app',
+ selector: {
+ matchLabels: {
+ 'k8s-app': 'coredns',
+ component: 'metrics',
+ },
+ },
+ namespaceSelector: {
+ matchNames: [
+ 'kube-system',
+ ],
+ },
+ endpoints: [
+ {
+ port: 'http-metrics',
+ interval: '15s',
+ bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token',
+ },
+ ],
+ },
+ },
+ },
+}
diff --git a/jsonnet/kube-state-metrics/kube-state-metrics-cluster-role-binding.libsonnet b/jsonnet/kube-state-metrics/kube-state-metrics-cluster-role-binding.libsonnet
deleted file mode 100644
index ae150c35..00000000
--- a/jsonnet/kube-state-metrics/kube-state-metrics-cluster-role-binding.libsonnet
+++ /dev/null
@@ -1,12 +0,0 @@
-local k = import "ksonnet.beta.3/k.libsonnet";
-local clusterRoleBinding = k.rbac.v1.clusterRoleBinding;
-
-{
- new(namespace)::
- clusterRoleBinding.new() +
- clusterRoleBinding.mixin.metadata.withName("kube-state-metrics") +
- clusterRoleBinding.mixin.roleRef.withApiGroup("rbac.authorization.k8s.io") +
- clusterRoleBinding.mixin.roleRef.withName("kube-state-metrics") +
- clusterRoleBinding.mixin.roleRef.mixinInstance({kind: "ClusterRole"}) +
- clusterRoleBinding.withSubjects([{kind: "ServiceAccount", name: "kube-state-metrics", namespace: namespace}])
-}
diff --git a/jsonnet/kube-state-metrics/kube-state-metrics-cluster-role.libsonnet b/jsonnet/kube-state-metrics/kube-state-metrics-cluster-role.libsonnet
deleted file mode 100644
index 976d850a..00000000
--- a/jsonnet/kube-state-metrics/kube-state-metrics-cluster-role.libsonnet
+++ /dev/null
@@ -1,75 +0,0 @@
-local k = import "ksonnet.beta.3/k.libsonnet";
-local clusterRole = k.rbac.v1.clusterRole;
-local policyRule = clusterRole.rulesType;
-
-local coreRule = policyRule.new() +
- policyRule.withApiGroups([""]) +
- policyRule.withResources([
- "configmaps",
- "secrets",
- "nodes",
- "pods",
- "services",
- "resourcequotas",
- "replicationcontrollers",
- "limitranges",
- "persistentvolumeclaims",
- "persistentvolumes",
- "namespaces",
- "endpoints",
- ]) +
- policyRule.withVerbs(["list", "watch"]);
-
-local extensionsRule = policyRule.new() +
- policyRule.withApiGroups(["extensions"]) +
- policyRule.withResources([
- "daemonsets",
- "deployments",
- "replicasets",
- ]) +
- policyRule.withVerbs(["list", "watch"]);
-
-local appsRule = policyRule.new() +
- policyRule.withApiGroups(["apps"]) +
- policyRule.withResources([
- "statefulsets",
- ]) +
- policyRule.withVerbs(["list", "watch"]);
-
-local batchRule = policyRule.new() +
- policyRule.withApiGroups(["batch"]) +
- policyRule.withResources([
- "cronjobs",
- "jobs",
- ]) +
- policyRule.withVerbs(["list", "watch"]);
-
-local autoscalingRule = policyRule.new() +
- policyRule.withApiGroups(["autoscaling"]) +
- policyRule.withResources([
- "horizontalpodautoscalers",
- ]) +
- policyRule.withVerbs(["list", "watch"]);
-
-local authenticationRole = policyRule.new() +
- policyRule.withApiGroups(["authentication.k8s.io"]) +
- policyRule.withResources([
- "tokenreviews",
- ]) +
- policyRule.withVerbs(["create"]);
-
-local authorizationRole = policyRule.new() +
- policyRule.withApiGroups(["authorization.k8s.io"]) +
- policyRule.withResources([
- "subjectaccessreviews",
- ]) +
- policyRule.withVerbs(["create"]);
-
-local rules = [coreRule, extensionsRule, appsRule, batchRule, autoscalingRule, authenticationRole, authorizationRole];
-
-{
- new()::
- clusterRole.new() +
- clusterRole.mixin.metadata.withName("kube-state-metrics") +
- clusterRole.withRules(rules)
-}
diff --git a/jsonnet/kube-state-metrics/kube-state-metrics-deployment.libsonnet b/jsonnet/kube-state-metrics/kube-state-metrics-deployment.libsonnet
deleted file mode 100644
index e873fa30..00000000
--- a/jsonnet/kube-state-metrics/kube-state-metrics-deployment.libsonnet
+++ /dev/null
@@ -1,86 +0,0 @@
-local k = import "ksonnet.beta.3/k.libsonnet";
-local deployment = k.apps.v1beta2.deployment;
-
-local deployment = k.apps.v1beta2.deployment;
-local container = k.apps.v1beta2.deployment.mixin.spec.template.spec.containersType;
-local volume = k.apps.v1beta2.deployment.mixin.spec.template.spec.volumesType;
-local containerPort = container.portsType;
-local containerVolumeMount = container.volumeMountsType;
-local podSelector = deployment.mixin.spec.template.spec.selectorType;
-
-local kubeStateMetricsVersion = "v1.3.0";
-local kubeRbacProxyVersion = "v0.3.0";
-local addonResizerVersion = "1.0";
-local podLabels = {"app": "kube-state-metrics"};
-
-local proxyClusterMetrics =
- container.new("kube-rbac-proxy-main", "quay.io/coreos/kube-rbac-proxy:" + kubeRbacProxyVersion) +
- container.withArgs([
- "--secure-listen-address=:8443",
- "--upstream=http://127.0.0.1:8081/",
- ]) +
- container.withPorts(containerPort.newNamed("https-main", 8443)) +
- container.mixin.resources.withRequests({cpu: "10m", memory: "20Mi"}) +
- container.mixin.resources.withLimits({cpu: "20m", memory: "40Mi"});
-
-local proxySelfMetrics =
- container.new("kube-rbac-proxy-self", "quay.io/coreos/kube-rbac-proxy:" + kubeRbacProxyVersion) +
- container.withArgs([
- "--secure-listen-address=:9443",
- "--upstream=http://127.0.0.1:8082/",
- ]) +
- container.withPorts(containerPort.newNamed("https-self", 9443)) +
- container.mixin.resources.withRequests({cpu: "10m", memory: "20Mi"}) +
- container.mixin.resources.withLimits({cpu: "20m", memory: "40Mi"});
-
-local kubeStateMetrics =
- container.new("kube-state-metrics", "quay.io/coreos/kube-state-metrics:" + kubeStateMetricsVersion) +
- container.withArgs([
- "--host=127.0.0.1",
- "--port=8081",
- "--telemetry-host=127.0.0.1",
- "--telemetry-port=8082",
- ]) +
- container.mixin.resources.withRequests({cpu: "102m", memory: "180Mi"}) +
- container.mixin.resources.withLimits({cpu: "102m", memory: "180Mi"});
-
-local addonResizer =
- container.new("addon-resizer", "quay.io/coreos/addon-resizer:" + addonResizerVersion) +
- container.withCommand([
- "/pod_nanny",
- "--container=kube-state-metrics",
- "--cpu=100m",
- "--extra-cpu=2m",
- "--memory=150Mi",
- "--extra-memory=30Mi",
- "--threshold=5",
- "--deployment=kube-state-metrics",
- ]) +
- container.withEnv([
- {
- name: "MY_POD_NAME",
- valueFrom: {
- fieldRef: {apiVersion: "v1", fieldPath: "metadata.name"}
- }
- }, {
- name: "MY_POD_NAMESPACE",
- valueFrom: {
- fieldRef: {apiVersion: "v1", fieldPath: "metadata.namespace"}
- }
- }
- ]) +
- container.mixin.resources.withRequests({cpu: "10m", memory: "30Mi"}) +
- container.mixin.resources.withLimits({cpu: "10m", memory: "30Mi"});
-
-local c = [proxyClusterMetrics, proxySelfMetrics, kubeStateMetrics, addonResizer];
-
-{
- new(namespace)::
- deployment.new("kube-state-metrics", 1, c, podLabels) +
- deployment.mixin.metadata.withNamespace(namespace) +
- deployment.mixin.metadata.withLabels(podLabels) +
- deployment.mixin.spec.selector.withMatchLabels(podLabels) +
- deployment.mixin.spec.template.spec.securityContext.withRunAsNonRoot(true) +
- deployment.mixin.spec.template.spec.securityContext.withRunAsUser(65534) +
- deployment.mixin.spec.template.spec.withServiceAccountName("kube-state-metrics")
-}
diff --git a/jsonnet/kube-state-metrics/kube-state-metrics-role-binding.libsonnet b/jsonnet/kube-state-metrics/kube-state-metrics-role-binding.libsonnet
deleted file mode 100644
index 02a43b7a..00000000
--- a/jsonnet/kube-state-metrics/kube-state-metrics-role-binding.libsonnet
+++ /dev/null
@@ -1,13 +0,0 @@
-local k = import "ksonnet.beta.3/k.libsonnet";
-local roleBinding = k.rbac.v1.roleBinding;
-
-{
- new(namespace)::
- roleBinding.new() +
- roleBinding.mixin.metadata.withName("kube-state-metrics") +
- roleBinding.mixin.metadata.withNamespace(namespace) +
- roleBinding.mixin.roleRef.withApiGroup("rbac.authorization.k8s.io") +
- roleBinding.mixin.roleRef.withName("kube-state-metrics") +
- roleBinding.mixin.roleRef.mixinInstance({kind: "Role"}) +
- roleBinding.withSubjects([{kind: "ServiceAccount", name: "kube-state-metrics"}])
-}
diff --git a/jsonnet/kube-state-metrics/kube-state-metrics-role.libsonnet b/jsonnet/kube-state-metrics/kube-state-metrics-role.libsonnet
deleted file mode 100644
index bf80880f..00000000
--- a/jsonnet/kube-state-metrics/kube-state-metrics-role.libsonnet
+++ /dev/null
@@ -1,28 +0,0 @@
-local k = import "ksonnet.beta.3/k.libsonnet";
-local role = k.rbac.v1.role;
-local policyRule = role.rulesType;
-
-local coreRule = policyRule.new() +
- policyRule.withApiGroups([""]) +
- policyRule.withResources([
- "pods",
- ]) +
- policyRule.withVerbs(["get"]);
-
-local extensionsRule = policyRule.new() +
- policyRule.withApiGroups(["extensions"]) +
- policyRule.withResources([
- "deployments",
- ]) +
- policyRule.withVerbs(["get", "update"]) +
- policyRule.withResourceNames(["kube-state-metrics"]);
-
-local rules = [coreRule, extensionsRule];
-
-{
- new(namespace)::
- role.new() +
- role.mixin.metadata.withName("kube-state-metrics") +
- role.mixin.metadata.withNamespace(namespace) +
- role.withRules(rules)
-}
diff --git a/jsonnet/kube-state-metrics/kube-state-metrics-service-account.libsonnet b/jsonnet/kube-state-metrics/kube-state-metrics-service-account.libsonnet
deleted file mode 100644
index 6e6904ff..00000000
--- a/jsonnet/kube-state-metrics/kube-state-metrics-service-account.libsonnet
+++ /dev/null
@@ -1,8 +0,0 @@
-local k = import "ksonnet.beta.3/k.libsonnet";
-local serviceAccount = k.core.v1.serviceAccount;
-
-{
- new(namespace)::
- serviceAccount.new("kube-state-metrics") +
- serviceAccount.mixin.metadata.withNamespace(namespace)
-}
diff --git a/jsonnet/kube-state-metrics/kube-state-metrics-service-monitor.libsonnet b/jsonnet/kube-state-metrics/kube-state-metrics-service-monitor.libsonnet
deleted file mode 100644
index 3d24aec3..00000000
--- a/jsonnet/kube-state-metrics/kube-state-metrics-service-monitor.libsonnet
+++ /dev/null
@@ -1,48 +0,0 @@
-{
- new(namespace)::
- {
- "apiVersion": "monitoring.coreos.com/v1",
- "kind": "ServiceMonitor",
- "metadata": {
- "name": "kube-state-metrics",
- "namespace": namespace,
- "labels": {
- "k8s-app": "kube-state-metrics"
- }
- },
- "spec": {
- "jobLabel": "k8s-app",
- "selector": {
- "matchLabels": {
- "k8s-app": "kube-state-metrics"
- }
- },
- "namespaceSelector": {
- "matchNames": [
- "monitoring"
- ]
- },
- "endpoints": [
- {
- "port": "https-main",
- "scheme": "https",
- "interval": "30s",
- "honorLabels": true,
- "bearerTokenFile": "/var/run/secrets/kubernetes.io/serviceaccount/token",
- "tlsConfig": {
- "insecureSkipVerify": true
- }
- },
- {
- "port": "https-self",
- "scheme": "https",
- "interval": "30s",
- "bearerTokenFile": "/var/run/secrets/kubernetes.io/serviceaccount/token",
- "tlsConfig": {
- "insecureSkipVerify": true
- }
- }
- ]
- }
- }
-}
diff --git a/jsonnet/kube-state-metrics/kube-state-metrics-service.libsonnet b/jsonnet/kube-state-metrics/kube-state-metrics-service.libsonnet
deleted file mode 100644
index c8eaee18..00000000
--- a/jsonnet/kube-state-metrics/kube-state-metrics-service.libsonnet
+++ /dev/null
@@ -1,15 +0,0 @@
-local k = import "ksonnet.beta.3/k.libsonnet";
-local service = k.core.v1.service;
-local servicePort = k.core.v1.service.mixin.spec.portsType;
-
-local ksmDeployment = import "kube-state-metrics-deployment.libsonnet";
-
-local ksmServicePortMain = servicePort.newNamed("https-main", 8443, "https-main");
-local ksmServicePortSelf = servicePort.newNamed("https-self", 9443, "https-self");
-
-{
- new(namespace)::
- service.new("kube-state-metrics", ksmDeployment.new(namespace).spec.selector.matchLabels, [ksmServicePortMain, ksmServicePortSelf]) +
- service.mixin.metadata.withNamespace(namespace) +
- service.mixin.metadata.withLabels({"k8s-app": "kube-state-metrics"})
-}
diff --git a/jsonnet/kube-state-metrics/kube-state-metrics.libsonnet b/jsonnet/kube-state-metrics/kube-state-metrics.libsonnet
deleted file mode 100644
index d82765f6..00000000
--- a/jsonnet/kube-state-metrics/kube-state-metrics.libsonnet
+++ /dev/null
@@ -1,10 +0,0 @@
-{
- clusterRoleBinding:: import "kube-state-metrics-cluster-role-binding.libsonnet",
- clusterRole:: import "kube-state-metrics-cluster-role.libsonnet",
- deployment:: import "kube-state-metrics-deployment.libsonnet",
- roleBinding:: import "kube-state-metrics-role-binding.libsonnet",
- role:: import "kube-state-metrics-role.libsonnet",
- serviceAccount:: import "kube-state-metrics-service-account.libsonnet",
- service:: import "kube-state-metrics-service.libsonnet",
- serviceMonitor:: import "kube-state-metrics-service-monitor.libsonnet",
-}
diff --git a/jsonnet/node-exporter/node-exporter-cluster-role-binding.libsonnet b/jsonnet/node-exporter/node-exporter-cluster-role-binding.libsonnet
deleted file mode 100644
index 39f373b5..00000000
--- a/jsonnet/node-exporter/node-exporter-cluster-role-binding.libsonnet
+++ /dev/null
@@ -1,12 +0,0 @@
-local k = import "ksonnet.beta.3/k.libsonnet";
-local clusterRoleBinding = k.rbac.v1.clusterRoleBinding;
-
-{
- new(namespace)::
- clusterRoleBinding.new() +
- clusterRoleBinding.mixin.metadata.withName("node-exporter") +
- clusterRoleBinding.mixin.roleRef.withApiGroup("rbac.authorization.k8s.io") +
- clusterRoleBinding.mixin.roleRef.withName("node-exporter") +
- clusterRoleBinding.mixin.roleRef.mixinInstance({kind: "ClusterRole"}) +
- clusterRoleBinding.withSubjects([{kind: "ServiceAccount", name: "node-exporter", namespace: namespace}])
-}
diff --git a/jsonnet/node-exporter/node-exporter-cluster-role.libsonnet b/jsonnet/node-exporter/node-exporter-cluster-role.libsonnet
deleted file mode 100644
index 426e0a66..00000000
--- a/jsonnet/node-exporter/node-exporter-cluster-role.libsonnet
+++ /dev/null
@@ -1,26 +0,0 @@
-local k = import "ksonnet.beta.3/k.libsonnet";
-local clusterRole = k.rbac.v1.clusterRole;
-local policyRule = clusterRole.rulesType;
-
-local authenticationRole = policyRule.new() +
- policyRule.withApiGroups(["authentication.k8s.io"]) +
- policyRule.withResources([
- "tokenreviews",
- ]) +
- policyRule.withVerbs(["create"]);
-
-local authorizationRole = policyRule.new() +
- policyRule.withApiGroups(["authorization.k8s.io"]) +
- policyRule.withResources([
- "subjectaccessreviews",
- ]) +
- policyRule.withVerbs(["create"]);
-
-local rules = [authenticationRole, authorizationRole];
-
-{
- new()::
- clusterRole.new() +
- clusterRole.mixin.metadata.withName("node-exporter") +
- clusterRole.withRules(rules)
-}
diff --git a/jsonnet/node-exporter/node-exporter-daemonset.libsonnet b/jsonnet/node-exporter/node-exporter-daemonset.libsonnet
deleted file mode 100644
index ac642891..00000000
--- a/jsonnet/node-exporter/node-exporter-daemonset.libsonnet
+++ /dev/null
@@ -1,58 +0,0 @@
-local k = import "ksonnet.beta.3/k.libsonnet";
-
-local daemonset = k.apps.v1beta2.daemonSet;
-local container = daemonset.mixin.spec.template.spec.containersType;
-local volume = daemonset.mixin.spec.template.spec.volumesType;
-local containerPort = container.portsType;
-local containerVolumeMount = container.volumeMountsType;
-local podSelector = daemonset.mixin.spec.template.spec.selectorType;
-
-local nodeExporterVersion = "v0.15.2";
-local kubeRbacProxyVersion = "v0.3.0";
-local podLabels = {"app": "node-exporter"};
-
-local procVolumeName = "proc";
-local procVolume = volume.fromHostPath(procVolumeName, "/proc");
-local procVolumeMount = containerVolumeMount.new(procVolumeName, "/host/proc");
-
-local sysVolumeName = "sys";
-local sysVolume = volume.fromHostPath(sysVolumeName, "/sys");
-local sysVolumeMount = containerVolumeMount.new(sysVolumeName, "/host/sys");
-
-local nodeExporter =
- container.new("node-exporter", "quay.io/prometheus/node-exporter:" + nodeExporterVersion) +
- container.withArgs([
- "--web.listen-address=127.0.0.1:9101",
- "--path.procfs=/host/proc",
- "--path.sysfs=/host/sys",
- ]) +
- container.withVolumeMounts([procVolumeMount, sysVolumeMount]) +
- container.mixin.resources.withRequests({cpu: "102m", memory: "180Mi"}) +
- container.mixin.resources.withLimits({cpu: "102m", memory: "180Mi"});
-
-local proxy =
- container.new("kube-rbac-proxy", "quay.io/coreos/kube-rbac-proxy:" + kubeRbacProxyVersion) +
- container.withArgs([
- "--secure-listen-address=:9100",
- "--upstream=http://127.0.0.1:9101/",
- ]) +
- container.withPorts(containerPort.newNamed("https", 9100)) +
- container.mixin.resources.withRequests({cpu: "10m", memory: "20Mi"}) +
- container.mixin.resources.withLimits({cpu: "20m", memory: "40Mi"});
-
-local c = [nodeExporter, proxy];
-
-{
- new(namespace)::
- daemonset.new() +
- daemonset.mixin.metadata.withName("node-exporter") +
- daemonset.mixin.metadata.withNamespace(namespace) +
- daemonset.mixin.metadata.withLabels(podLabels) +
- daemonset.mixin.spec.selector.withMatchLabels(podLabels) +
- daemonset.mixin.spec.template.metadata.withLabels(podLabels) +
- daemonset.mixin.spec.template.spec.withContainers(c) +
- daemonset.mixin.spec.template.spec.withVolumes([procVolume, sysVolume]) +
- daemonset.mixin.spec.template.spec.securityContext.withRunAsNonRoot(true) +
- daemonset.mixin.spec.template.spec.securityContext.withRunAsUser(65534) +
- daemonset.mixin.spec.template.spec.withServiceAccountName("node-exporter")
-}
diff --git a/jsonnet/node-exporter/node-exporter-service-account.libsonnet b/jsonnet/node-exporter/node-exporter-service-account.libsonnet
deleted file mode 100644
index f75a6827..00000000
--- a/jsonnet/node-exporter/node-exporter-service-account.libsonnet
+++ /dev/null
@@ -1,8 +0,0 @@
-local k = import "ksonnet.beta.3/k.libsonnet";
-local serviceAccount = k.core.v1.serviceAccount;
-
-{
- new(namespace)::
- serviceAccount.new("node-exporter") +
- serviceAccount.mixin.metadata.withNamespace(namespace)
-}
diff --git a/jsonnet/node-exporter/node-exporter-service-monitor.libsonnet b/jsonnet/node-exporter/node-exporter-service-monitor.libsonnet
deleted file mode 100644
index d1ff25e7..00000000
--- a/jsonnet/node-exporter/node-exporter-service-monitor.libsonnet
+++ /dev/null
@@ -1,38 +0,0 @@
-{
- new(namespace)::
- {
- "apiVersion": "monitoring.coreos.com/v1",
- "kind": "ServiceMonitor",
- "metadata": {
- "name": "node-exporter",
- "namespace": namespace,
- "labels": {
- "k8s-app": "node-exporter"
- }
- },
- "spec": {
- "jobLabel": "k8s-app",
- "selector": {
- "matchLabels": {
- "k8s-app": "node-exporter"
- }
- },
- "namespaceSelector": {
- "matchNames": [
- "monitoring"
- ]
- },
- "endpoints": [
- {
- "port": "https",
- "scheme": "https",
- "interval": "30s",
- "bearerTokenFile": "/var/run/secrets/kubernetes.io/serviceaccount/token",
- "tlsConfig": {
- "insecureSkipVerify": true
- }
- }
- ]
- }
- }
-}
diff --git a/jsonnet/node-exporter/node-exporter-service.libsonnet b/jsonnet/node-exporter/node-exporter-service.libsonnet
deleted file mode 100644
index addbc598..00000000
--- a/jsonnet/node-exporter/node-exporter-service.libsonnet
+++ /dev/null
@@ -1,14 +0,0 @@
-local k = import "ksonnet.beta.3/k.libsonnet";
-local service = k.core.v1.service;
-local servicePort = k.core.v1.service.mixin.spec.portsType;
-
-local nodeExporterDaemonset = import "node-exporter-daemonset.libsonnet";
-
-local nodeExporterPort = servicePort.newNamed("https", 9100, "https");
-
-{
- new(namespace)::
- service.new("node-exporter", nodeExporterDaemonset.new(namespace).spec.selector.matchLabels, nodeExporterPort) +
- service.mixin.metadata.withNamespace(namespace) +
- service.mixin.metadata.withLabels({"k8s-app": "node-exporter"})
-}
diff --git a/jsonnet/node-exporter/node-exporter.libsonnet b/jsonnet/node-exporter/node-exporter.libsonnet
deleted file mode 100644
index 5438f001..00000000
--- a/jsonnet/node-exporter/node-exporter.libsonnet
+++ /dev/null
@@ -1,8 +0,0 @@
-{
- clusterRoleBinding:: import "node-exporter-cluster-role-binding.libsonnet",
- clusterRole:: import "node-exporter-cluster-role.libsonnet",
- daemonset:: import "node-exporter-daemonset.libsonnet",
- serviceAccount:: import "node-exporter-service-account.libsonnet",
- service:: import "node-exporter-service.libsonnet",
- serviceMonitor:: import "node-exporter-service-monitor.libsonnet",
-}
diff --git a/jsonnet/prometheus-operator/prometheus-operator-cluster-role-binding.libsonnet b/jsonnet/prometheus-operator/prometheus-operator-cluster-role-binding.libsonnet
deleted file mode 100644
index 64453c52..00000000
--- a/jsonnet/prometheus-operator/prometheus-operator-cluster-role-binding.libsonnet
+++ /dev/null
@@ -1,12 +0,0 @@
-local k = import "ksonnet.beta.3/k.libsonnet";
-local clusterRoleBinding = k.rbac.v1.clusterRoleBinding;
-
-{
- new(namespace)::
- clusterRoleBinding.new() +
- clusterRoleBinding.mixin.metadata.withName("prometheus-operator") +
- clusterRoleBinding.mixin.roleRef.withApiGroup("rbac.authorization.k8s.io") +
- clusterRoleBinding.mixin.roleRef.withName("prometheus-operator") +
- clusterRoleBinding.mixin.roleRef.mixinInstance({kind: "ClusterRole"}) +
- clusterRoleBinding.withSubjects([{kind: "ServiceAccount", name: "prometheus-operator", namespace: namespace}])
-}
diff --git a/jsonnet/prometheus-operator/prometheus-operator-cluster-role.libsonnet b/jsonnet/prometheus-operator/prometheus-operator-cluster-role.libsonnet
deleted file mode 100644
index 858d7542..00000000
--- a/jsonnet/prometheus-operator/prometheus-operator-cluster-role.libsonnet
+++ /dev/null
@@ -1,81 +0,0 @@
-local k = import "ksonnet.beta.3/k.libsonnet";
-local clusterRole = k.rbac.v1.clusterRole;
-local policyRule = clusterRole.rulesType;
-
-local extensionsRule = policyRule.new() +
- policyRule.withApiGroups(["extensions"]) +
- policyRule.withResources([
- "thirdpartyresources",
- ]) +
- policyRule.withVerbs(["*"]);
-
-local apiExtensionsRule = policyRule.new() +
- policyRule.withApiGroups(["apiextensions.k8s.io"]) +
- policyRule.withResources([
- "customresourcedefinitions",
- ]) +
- policyRule.withVerbs(["*"]);
-
-local monitoringRule = policyRule.new() +
- policyRule.withApiGroups(["monitoring.coreos.com"]) +
- policyRule.withResources([
- "alertmanagers",
- "prometheuses",
- "prometheuses/finalizers",
- "alertmanagers/finalizers",
- "servicemonitors",
- ]) +
- policyRule.withVerbs(["*"]);
-
-local appsRule = policyRule.new() +
- policyRule.withApiGroups(["apps"]) +
- policyRule.withResources([
- "statefulsets",
- ]) +
- policyRule.withVerbs(["*"]);
-
-local coreRule = policyRule.new() +
- policyRule.withApiGroups([""]) +
- policyRule.withResources([
- "configmaps",
- "secrets",
- ]) +
- policyRule.withVerbs(["*"]);
-
-local podRule = policyRule.new() +
- policyRule.withApiGroups([""]) +
- policyRule.withResources([
- "pods",
- ]) +
- policyRule.withVerbs(["list", "delete"]);
-
-local routingRule = policyRule.new() +
- policyRule.withApiGroups([""]) +
- policyRule.withResources([
- "services",
- "endpoints",
- ]) +
- policyRule.withVerbs(["get", "create", "update"]);
-
-local nodeRule = policyRule.new() +
- policyRule.withApiGroups([""]) +
- policyRule.withResources([
- "nodes",
- ]) +
- policyRule.withVerbs(["list", "watch"]);
-
-local namespaceRule = policyRule.new() +
- policyRule.withApiGroups([""]) +
- policyRule.withResources([
- "namespaces",
- ]) +
- policyRule.withVerbs(["list"]);
-
-local rules = [extensionsRule, apiExtensionsRule, monitoringRule, appsRule, coreRule, podRule, routingRule, nodeRule, namespaceRule];
-
-{
- new()::
- clusterRole.new() +
- clusterRole.mixin.metadata.withName("prometheus-operator") +
- clusterRole.withRules(rules)
-}
diff --git a/jsonnet/prometheus-operator/prometheus-operator-deployment.libsonnet b/jsonnet/prometheus-operator/prometheus-operator-deployment.libsonnet
deleted file mode 100644
index f8c9ca2a..00000000
--- a/jsonnet/prometheus-operator/prometheus-operator-deployment.libsonnet
+++ /dev/null
@@ -1,28 +0,0 @@
-local k = import "ksonnet.beta.3/k.libsonnet";
-
-local version = "v0.19.0";
-
-local deployment = k.apps.v1beta2.deployment;
-local container = k.apps.v1beta2.deployment.mixin.spec.template.spec.containersType;
-local containerPort = container.portsType;
-
-local targetPort = 8080;
-local podLabels = {"k8s-app": "prometheus-operator"};
-
-local operatorContainer =
- container.new("prometheus-operator", "quay.io/coreos/prometheus-operator:" + version) +
- container.withPorts(containerPort.newNamed("http", targetPort)) +
- container.withArgs(["--kubelet-service=kube-system/kubelet", "--config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1"]) +
- container.mixin.resources.withRequests({cpu: "100m", memory: "50Mi"}) +
- container.mixin.resources.withLimits({cpu: "200m", memory: "100Mi"});
-
-{
- new(namespace)::
- deployment.new("prometheus-operator", 1, operatorContainer, podLabels) +
- deployment.mixin.metadata.withNamespace(namespace) +
- deployment.mixin.metadata.withLabels(podLabels) +
- deployment.mixin.spec.selector.withMatchLabels(podLabels) +
- deployment.mixin.spec.template.spec.securityContext.withRunAsNonRoot(true) +
- deployment.mixin.spec.template.spec.securityContext.withRunAsUser(65534) +
- deployment.mixin.spec.template.spec.withServiceAccountName("prometheus-operator")
-}
diff --git a/jsonnet/prometheus-operator/prometheus-operator-service-account.libsonnet b/jsonnet/prometheus-operator/prometheus-operator-service-account.libsonnet
deleted file mode 100644
index 791ce93c..00000000
--- a/jsonnet/prometheus-operator/prometheus-operator-service-account.libsonnet
+++ /dev/null
@@ -1,8 +0,0 @@
-local k = import "ksonnet.beta.3/k.libsonnet";
-local serviceAccount = k.core.v1.serviceAccount;
-
-{
- new(namespace)::
- serviceAccount.new("prometheus-operator") +
- serviceAccount.mixin.metadata.withNamespace(namespace)
-}
diff --git a/jsonnet/prometheus-operator/prometheus-operator-service-monitor.libsonnet b/jsonnet/prometheus-operator/prometheus-operator-service-monitor.libsonnet
deleted file mode 100644
index 07613f8c..00000000
--- a/jsonnet/prometheus-operator/prometheus-operator-service-monitor.libsonnet
+++ /dev/null
@@ -1,26 +0,0 @@
-{
- new(namespace)::
- {
- "apiVersion": "monitoring.coreos.com/v1",
- "kind": "ServiceMonitor",
- "metadata": {
- "name": "prometheus-operator",
- "namespace": namespace,
- "labels": {
- "k8s-app": "prometheus-operator"
- }
- },
- "spec": {
- "endpoints": [
- {
- "port": "http"
- }
- ],
- "selector": {
- "matchLabels": {
- "k8s-app": "prometheus-operator"
- }
- }
- }
- }
-}
diff --git a/jsonnet/prometheus-operator/prometheus-operator-service.libsonnet b/jsonnet/prometheus-operator/prometheus-operator-service.libsonnet
deleted file mode 100644
index 8bbd1477..00000000
--- a/jsonnet/prometheus-operator/prometheus-operator-service.libsonnet
+++ /dev/null
@@ -1,14 +0,0 @@
-local k = import "ksonnet.beta.3/k.libsonnet";
-local service = k.core.v1.service;
-local servicePort = k.core.v1.service.mixin.spec.portsType;
-
-local poDeployment = import "prometheus-operator-deployment.libsonnet";
-
-local poServicePort = servicePort.newNamed("http", 8080, "http");
-
-
-{
- new(namespace)::
- service.new("prometheus-operator", poDeployment.new(namespace).spec.selector.matchLabels, [poServicePort]) +
- service.mixin.metadata.withNamespace(namespace)
-}
diff --git a/jsonnet/prometheus-operator/prometheus-operator.libsonnet b/jsonnet/prometheus-operator/prometheus-operator.libsonnet
deleted file mode 100644
index 3659250d..00000000
--- a/jsonnet/prometheus-operator/prometheus-operator.libsonnet
+++ /dev/null
@@ -1,8 +0,0 @@
-{
- clusterRoleBinding:: import "prometheus-operator-cluster-role-binding.libsonnet",
- clusterRole:: import "prometheus-operator-cluster-role.libsonnet",
- deployment:: import "prometheus-operator-deployment.libsonnet",
- serviceAccount:: import "prometheus-operator-service-account.libsonnet",
- service:: import "prometheus-operator-service.libsonnet",
- serviceMonitor:: import "prometheus-operator-service-monitor.libsonnet",
-}
diff --git a/jsonnet/prometheus/prometheus-k8s-cluster-role-binding.libsonnet b/jsonnet/prometheus/prometheus-k8s-cluster-role-binding.libsonnet
deleted file mode 100644
index d577bee5..00000000
--- a/jsonnet/prometheus/prometheus-k8s-cluster-role-binding.libsonnet
+++ /dev/null
@@ -1,12 +0,0 @@
-local k = import "ksonnet.beta.3/k.libsonnet";
-local clusterRoleBinding = k.rbac.v1.clusterRoleBinding;
-
-{
- new(namespace)::
- clusterRoleBinding.new() +
- clusterRoleBinding.mixin.metadata.withName("prometheus-k8s") +
- clusterRoleBinding.mixin.roleRef.withApiGroup("rbac.authorization.k8s.io") +
- clusterRoleBinding.mixin.roleRef.withName("prometheus-k8s") +
- clusterRoleBinding.mixin.roleRef.mixinInstance({kind: "ClusterRole"}) +
- clusterRoleBinding.withSubjects([{kind: "ServiceAccount", name: "prometheus-k8s", namespace: namespace}])
-}
diff --git a/jsonnet/prometheus/prometheus-k8s-cluster-role.libsonnet b/jsonnet/prometheus/prometheus-k8s-cluster-role.libsonnet
deleted file mode 100644
index c514624c..00000000
--- a/jsonnet/prometheus/prometheus-k8s-cluster-role.libsonnet
+++ /dev/null
@@ -1,21 +0,0 @@
-local k = import "ksonnet.beta.3/k.libsonnet";
-local clusterRole = k.rbac.v1.clusterRole;
-local policyRule = clusterRole.rulesType;
-
-local nodeMetricsRule = policyRule.new() +
- policyRule.withApiGroups([""]) +
- policyRule.withResources(["nodes/metrics"]) +
- policyRule.withVerbs(["get"]);
-
-local metricsRule = policyRule.new() +
- policyRule.withNonResourceUrls("/metrics") +
- policyRule.withVerbs(["get"]);
-
-local rules = [nodeMetricsRule, metricsRule];
-
-{
- new()::
- clusterRole.new() +
- clusterRole.mixin.metadata.withName("prometheus-k8s") +
- clusterRole.withRules(rules)
-}
diff --git a/jsonnet/prometheus/prometheus-k8s-role-binding-config.libsonnet b/jsonnet/prometheus/prometheus-k8s-role-binding-config.libsonnet
deleted file mode 100644
index 631e5fa5..00000000
--- a/jsonnet/prometheus/prometheus-k8s-role-binding-config.libsonnet
+++ /dev/null
@@ -1,5 +0,0 @@
-local prometheusNamespaceRoleBinding = import "prometheus-namespace-role-binding.libsonnet";
-
-{
- new(namespace):: prometheusNamespaceRoleBinding.new(namespace, namespace, "prometheus-k8s-config", "prometheus-k8s")
-}
diff --git a/jsonnet/prometheus/prometheus-k8s-role-binding-default.libsonnet b/jsonnet/prometheus/prometheus-k8s-role-binding-default.libsonnet
deleted file mode 100644
index e88ece99..00000000
--- a/jsonnet/prometheus/prometheus-k8s-role-binding-default.libsonnet
+++ /dev/null
@@ -1,5 +0,0 @@
-local prometheusNamespaceRoleBinding = import "prometheus-namespace-role-binding.libsonnet";
-
-{
- new(namespace):: prometheusNamespaceRoleBinding.new(namespace, "default", "prometheus-k8s", "prometheus-k8s")
-}
diff --git a/jsonnet/prometheus/prometheus-k8s-role-binding-kube-system.libsonnet b/jsonnet/prometheus/prometheus-k8s-role-binding-kube-system.libsonnet
deleted file mode 100644
index 33967e0a..00000000
--- a/jsonnet/prometheus/prometheus-k8s-role-binding-kube-system.libsonnet
+++ /dev/null
@@ -1,5 +0,0 @@
-local prometheusNamespaceRoleBinding = import "prometheus-namespace-role-binding.libsonnet";
-
-{
- new(namespace):: prometheusNamespaceRoleBinding.new(namespace, "kube-system", "prometheus-k8s", "prometheus-k8s")
-}
diff --git a/jsonnet/prometheus/prometheus-k8s-role-binding-namespace.libsonnet b/jsonnet/prometheus/prometheus-k8s-role-binding-namespace.libsonnet
deleted file mode 100644
index d70ed6ac..00000000
--- a/jsonnet/prometheus/prometheus-k8s-role-binding-namespace.libsonnet
+++ /dev/null
@@ -1,5 +0,0 @@
-local prometheusNamespaceRoleBinding = import "prometheus-namespace-role-binding.libsonnet";
-
-{
- new(namespace):: prometheusNamespaceRoleBinding.new(namespace, namespace, "prometheus-k8s", "prometheus-k8s")
-}
diff --git a/jsonnet/prometheus/prometheus-k8s-role-config.libsonnet b/jsonnet/prometheus/prometheus-k8s-role-config.libsonnet
deleted file mode 100644
index abd43433..00000000
--- a/jsonnet/prometheus/prometheus-k8s-role-config.libsonnet
+++ /dev/null
@@ -1,18 +0,0 @@
-local k = import "ksonnet.beta.3/k.libsonnet";
-local role = k.rbac.v1.role;
-local policyRule = role.rulesType;
-
-local configmapRule = policyRule.new() +
- policyRule.withApiGroups([""]) +
- policyRule.withResources([
- "configmaps",
- ]) +
- policyRule.withVerbs(["get"]);
-
-{
- new(namespace)::
- role.new() +
- role.mixin.metadata.withName("prometheus-k8s-config") +
- role.mixin.metadata.withNamespace(namespace) +
- role.withRules(configmapRule),
-}
diff --git a/jsonnet/prometheus/prometheus-k8s-role-default.libsonnet b/jsonnet/prometheus/prometheus-k8s-role-default.libsonnet
deleted file mode 100644
index a9abbb1a..00000000
--- a/jsonnet/prometheus/prometheus-k8s-role-default.libsonnet
+++ /dev/null
@@ -1,5 +0,0 @@
-local prometheusNamespaceRole = import "prometheus-namespace-role.libsonnet";
-
-{
- new():: prometheusNamespaceRole.new("default")
-}
diff --git a/jsonnet/prometheus/prometheus-k8s-role-kube-system.libsonnet b/jsonnet/prometheus/prometheus-k8s-role-kube-system.libsonnet
deleted file mode 100644
index f1ee9860..00000000
--- a/jsonnet/prometheus/prometheus-k8s-role-kube-system.libsonnet
+++ /dev/null
@@ -1,5 +0,0 @@
-local prometheusNamespaceRole = import "prometheus-namespace-role.libsonnet";
-
-{
- new():: prometheusNamespaceRole.new("kube-system")
-}
diff --git a/jsonnet/prometheus/prometheus-k8s-role-namespace.libsonnet b/jsonnet/prometheus/prometheus-k8s-role-namespace.libsonnet
deleted file mode 100644
index 3149cbf0..00000000
--- a/jsonnet/prometheus/prometheus-k8s-role-namespace.libsonnet
+++ /dev/null
@@ -1,5 +0,0 @@
-local prometheusNamespaceRole = import "prometheus-namespace-role.libsonnet";
-
-{
- new(namespace):: prometheusNamespaceRole.new(namespace)
-}
diff --git a/jsonnet/prometheus/prometheus-k8s-rules.libsonnet b/jsonnet/prometheus/prometheus-k8s-rules.libsonnet
deleted file mode 100644
index d2014569..00000000
--- a/jsonnet/prometheus/prometheus-k8s-rules.libsonnet
+++ /dev/null
@@ -1,9 +0,0 @@
-local k = import "ksonnet.beta.3/k.libsonnet";
-local configMap = k.core.v1.configMap;
-
-{
- new(namespace, ruleFiles)::
- configMap.new("prometheus-k8s-rules", ruleFiles) +
- configMap.mixin.metadata.withLabels({role: "alert-rules", prometheus: "k8s"}) +
- configMap.mixin.metadata.withNamespace(namespace)
-}
diff --git a/jsonnet/prometheus/prometheus-k8s-service-account.libsonnet b/jsonnet/prometheus/prometheus-k8s-service-account.libsonnet
deleted file mode 100644
index e8164556..00000000
--- a/jsonnet/prometheus/prometheus-k8s-service-account.libsonnet
+++ /dev/null
@@ -1,8 +0,0 @@
-local k = import "ksonnet.beta.3/k.libsonnet";
-local serviceAccount = k.core.v1.serviceAccount;
-
-{
- new(namespace)::
- serviceAccount.new("prometheus-k8s") +
- serviceAccount.mixin.metadata.withNamespace(namespace)
-}
diff --git a/jsonnet/prometheus/prometheus-k8s-service-monitor-apiserver.libsonnet b/jsonnet/prometheus/prometheus-k8s-service-monitor-apiserver.libsonnet
deleted file mode 100644
index e53ed231..00000000
--- a/jsonnet/prometheus/prometheus-k8s-service-monitor-apiserver.libsonnet
+++ /dev/null
@@ -1,40 +0,0 @@
-{
- new(namespace)::
- {
- "apiVersion": "monitoring.coreos.com/v1",
- "kind": "ServiceMonitor",
- "metadata": {
- "name": "kube-apiserver",
- "namespace": namespace,
- "labels": {
- "k8s-app": "apiserver"
- }
- },
- "spec": {
- "jobLabel": "component",
- "selector": {
- "matchLabels": {
- "component": "apiserver",
- "provider": "kubernetes"
- }
- },
- "namespaceSelector": {
- "matchNames": [
- "default"
- ]
- },
- "endpoints": [
- {
- "port": "https",
- "interval": "30s",
- "scheme": "https",
- "tlsConfig": {
- "caFile": "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt",
- "serverName": "kubernetes"
- },
- "bearerTokenFile": "/var/run/secrets/kubernetes.io/serviceaccount/token"
- }
- ]
- }
- }
-}
diff --git a/jsonnet/prometheus/prometheus-k8s-service-monitor-coredns.libsonnet b/jsonnet/prometheus/prometheus-k8s-service-monitor-coredns.libsonnet
deleted file mode 100644
index 89afb452..00000000
--- a/jsonnet/prometheus/prometheus-k8s-service-monitor-coredns.libsonnet
+++ /dev/null
@@ -1,35 +0,0 @@
-{
- new(namespace)::
- {
- "apiVersion": "monitoring.coreos.com/v1",
- "kind": "ServiceMonitor",
- "metadata": {
- "name": "coredns",
- "namespace": namespace,
- "labels": {
- "k8s-app": "coredns"
- },
- },
- "spec": {
- "jobLabel": "k8s-app",
- "selector": {
- "matchLabels": {
- "k8s-app": "coredns",
- "component": "metrics"
- }
- },
- "namespaceSelector": {
- "matchNames": [
- "kube-system"
- ]
- },
- "endpoints": [
- {
- "port": "http-metrics",
- "interval": "15s",
- "bearerTokenFile": "/var/run/secrets/kubernetes.io/serviceaccount/token"
- }
- ]
- }
- }
-}
diff --git a/jsonnet/prometheus/prometheus-k8s-service-monitor-kube-controller-manager.libsonnet b/jsonnet/prometheus/prometheus-k8s-service-monitor-kube-controller-manager.libsonnet
deleted file mode 100644
index 447e8a4b..00000000
--- a/jsonnet/prometheus/prometheus-k8s-service-monitor-kube-controller-manager.libsonnet
+++ /dev/null
@@ -1,33 +0,0 @@
-{
- new(namespace)::
- {
- "apiVersion": "monitoring.coreos.com/v1",
- "kind": "ServiceMonitor",
- "metadata": {
- "name": "kube-controller-manager",
- "namespace": namespace,
- "labels": {
- "k8s-app": "kube-controller-manager"
- }
- },
- "spec": {
- "jobLabel": "k8s-app",
- "endpoints": [
- {
- "port": "http-metrics",
- "interval": "30s"
- }
- ],
- "selector": {
- "matchLabels": {
- "k8s-app": "kube-controller-manager"
- }
- },
- "namespaceSelector": {
- "matchNames": [
- "kube-system"
- ]
- }
- }
- }
-}
diff --git a/jsonnet/prometheus/prometheus-k8s-service-monitor-kube-scheduler.libsonnet b/jsonnet/prometheus/prometheus-k8s-service-monitor-kube-scheduler.libsonnet
deleted file mode 100644
index eaae0c39..00000000
--- a/jsonnet/prometheus/prometheus-k8s-service-monitor-kube-scheduler.libsonnet
+++ /dev/null
@@ -1,33 +0,0 @@
-{
- new(namespace)::
- {
- "apiVersion": "monitoring.coreos.com/v1",
- "kind": "ServiceMonitor",
- "metadata": {
- "name": "kube-scheduler",
- "namespace": namespace,
- "labels": {
- "k8s-app": "kube-scheduler"
- }
- },
- "spec": {
- "jobLabel": "k8s-app",
- "endpoints": [
- {
- "port": "http-metrics",
- "interval": "30s"
- }
- ],
- "selector": {
- "matchLabels": {
- "k8s-app": "kube-scheduler"
- }
- },
- "namespaceSelector": {
- "matchNames": [
- "kube-system"
- ]
- }
- }
- }
-}
diff --git a/jsonnet/prometheus/prometheus-k8s-service-monitor-kubelet.libsonnet b/jsonnet/prometheus/prometheus-k8s-service-monitor-kubelet.libsonnet
deleted file mode 100644
index 6b7dd28e..00000000
--- a/jsonnet/prometheus/prometheus-k8s-service-monitor-kubelet.libsonnet
+++ /dev/null
@@ -1,49 +0,0 @@
-{
- new(namespace)::
- {
- "apiVersion": "monitoring.coreos.com/v1",
- "kind": "ServiceMonitor",
- "metadata": {
- "name": "kubelet",
- "namespace": namespace,
- "labels": {
- "k8s-app": "kubelet"
- }
- },
- "spec": {
- "jobLabel": "k8s-app",
- "endpoints": [
- {
- "port": "https-metrics",
- "scheme": "https",
- "interval": "30s",
- "tlsConfig": {
- "insecureSkipVerify": true
- },
- "bearerTokenFile": "/var/run/secrets/kubernetes.io/serviceaccount/token"
- },
- {
- "port": "https-metrics",
- "scheme": "https",
- "path": "/metrics/cadvisor",
- "interval": "30s",
- "honorLabels": true,
- "tlsConfig": {
- "insecureSkipVerify": true
- },
- "bearerTokenFile": "/var/run/secrets/kubernetes.io/serviceaccount/token"
- }
- ],
- "selector": {
- "matchLabels": {
- "k8s-app": "kubelet"
- }
- },
- "namespaceSelector": {
- "matchNames": [
- "kube-system"
- ]
- }
- }
- }
-}
diff --git a/jsonnet/prometheus/prometheus-k8s-service-monitor-prometheus.libsonnet b/jsonnet/prometheus/prometheus-k8s-service-monitor-prometheus.libsonnet
deleted file mode 100644
index 0f4ef084..00000000
--- a/jsonnet/prometheus/prometheus-k8s-service-monitor-prometheus.libsonnet
+++ /dev/null
@@ -1,32 +0,0 @@
-{
- new(namespace)::
- {
- "apiVersion": "monitoring.coreos.com/v1",
- "kind": "ServiceMonitor",
- "metadata": {
- "name": "prometheus",
- "namespace": namespace,
- "labels": {
- "k8s-app": "prometheus"
- }
- },
- "spec": {
- "selector": {
- "matchLabels": {
- "prometheus": "k8s"
- }
- },
- "namespaceSelector": {
- "matchNames": [
- "monitoring"
- ]
- },
- "endpoints": [
- {
- "port": "web",
- "interval": "30s"
- }
- ]
- }
- }
-}
diff --git a/jsonnet/prometheus/prometheus-k8s-service.libsonnet b/jsonnet/prometheus/prometheus-k8s-service.libsonnet
deleted file mode 100644
index add240dd..00000000
--- a/jsonnet/prometheus/prometheus-k8s-service.libsonnet
+++ /dev/null
@@ -1,12 +0,0 @@
-local k = import "ksonnet.beta.3/k.libsonnet";
-local service = k.core.v1.service;
-local servicePort = k.core.v1.service.mixin.spec.portsType;
-
-local prometheusPort = servicePort.newNamed("web", 9090, "web");
-
-{
- new(namespace)::
- service.new("prometheus-k8s", {app: "prometheus", prometheus: "k8s"}, prometheusPort) +
- service.mixin.metadata.withNamespace(namespace) +
- service.mixin.metadata.withLabels({prometheus: "k8s"})
-}
diff --git a/jsonnet/prometheus/prometheus-k8s.libsonnet b/jsonnet/prometheus/prometheus-k8s.libsonnet
deleted file mode 100644
index 853f62b1..00000000
--- a/jsonnet/prometheus/prometheus-k8s.libsonnet
+++ /dev/null
@@ -1,43 +0,0 @@
-local k = import "ksonnet.beta.3/k.libsonnet";
-
-local container = k.core.v1.pod.mixin.spec.containersType;
-local resourceRequirements = container.mixin.resourcesType;
-local selector = k.apps.v1beta2.deployment.mixin.spec.selectorType;
-
-local resources = resourceRequirements.new() +
- resourceRequirements.withRequests({memory: "400Mi"});
-
-{
- new(namespace)::
- {
- apiVersion: "monitoring.coreos.com/v1",
- kind: "Prometheus",
- metadata: {
- name: "k8s",
- namespace: namespace,
- labels: {
- prometheus: "k8s",
- },
- },
- spec: {
- replicas: 2,
- version: "v2.2.1",
- serviceAccountName: "prometheus-k8s",
- serviceMonitorSelector: selector.withMatchExpressions({key: "k8s-app", operator: "Exists"}),
- ruleSelector: selector.withMatchLabels({
- role: "alert-rules",
- prometheus: "k8s",
- }),
- resources: resources,
- alerting: {
- alertmanagers: [
- {
- namespace: "monitoring",
- name: "alertmanager-main",
- port: "web",
- },
- ],
- },
- },
- }
-}
diff --git a/jsonnet/prometheus/prometheus-namespace-role-binding.libsonnet b/jsonnet/prometheus/prometheus-namespace-role-binding.libsonnet
deleted file mode 100644
index a63bcc9c..00000000
--- a/jsonnet/prometheus/prometheus-namespace-role-binding.libsonnet
+++ /dev/null
@@ -1,13 +0,0 @@
-local k = import "ksonnet.beta.3/k.libsonnet";
-local roleBinding = k.rbac.v1.roleBinding;
-
-{
- new(serviceAccountNamespace, namespace, roleName, serviceAccountName)::
- roleBinding.new() +
- roleBinding.mixin.metadata.withName(roleName) +
- roleBinding.mixin.metadata.withNamespace(namespace) +
- roleBinding.mixin.roleRef.withApiGroup("rbac.authorization.k8s.io") +
- roleBinding.mixin.roleRef.withName(roleName) +
- roleBinding.mixin.roleRef.mixinInstance({kind: "Role"}) +
- roleBinding.withSubjects([{kind: "ServiceAccount", name: serviceAccountName, namespace: serviceAccountNamespace}])
-}
diff --git a/jsonnet/prometheus/prometheus-namespace-role.libsonnet b/jsonnet/prometheus/prometheus-namespace-role.libsonnet
deleted file mode 100644
index 5afdcff4..00000000
--- a/jsonnet/prometheus/prometheus-namespace-role.libsonnet
+++ /dev/null
@@ -1,21 +0,0 @@
-local k = import "ksonnet.beta.3/k.libsonnet";
-local role = k.rbac.v1.role;
-local policyRule = role.rulesType;
-
-{
- new(namespace)::
- local coreRule = policyRule.new() +
- policyRule.withApiGroups([""]) +
- policyRule.withResources([
- "nodes",
- "services",
- "endpoints",
- "pods",
- ]) +
- policyRule.withVerbs(["get", "list", "watch"]);
-
- role.new() +
- role.mixin.metadata.withName("prometheus-k8s") +
- role.mixin.metadata.withNamespace(namespace) +
- role.withRules(coreRule)
-}
diff --git a/jsonnet/prometheus/prometheus.libsonnet b/jsonnet/prometheus/prometheus.libsonnet
deleted file mode 100644
index 1ba4f55d..00000000
--- a/jsonnet/prometheus/prometheus.libsonnet
+++ /dev/null
@@ -1,22 +0,0 @@
-{
- clusterRoleBinding:: import "prometheus-k8s-cluster-role-binding.libsonnet",
- clusterRole:: import "prometheus-k8s-cluster-role.libsonnet",
- roleBindingConfig:: import "prometheus-k8s-role-binding-config.libsonnet",
- roleBindingNamespace:: import "prometheus-k8s-role-binding-namespace.libsonnet",
- roleBindingKubeSystem:: import "prometheus-k8s-role-binding-kube-system.libsonnet",
- roleBindingDefault:: import "prometheus-k8s-role-binding-default.libsonnet",
- roleConfig:: import "prometheus-k8s-role-config.libsonnet",
- roleNamespace:: import "prometheus-k8s-role-namespace.libsonnet",
- roleKubeSystem:: import "prometheus-k8s-role-kube-system.libsonnet",
- roleDefault:: import "prometheus-k8s-role-default.libsonnet",
- rules:: import "prometheus-k8s-rules.libsonnet",
- serviceAccount:: import "prometheus-k8s-service-account.libsonnet",
- serviceMonitorApiserver:: import "prometheus-k8s-service-monitor-apiserver.libsonnet",
- serviceMonitorCoreDNS:: import "prometheus-k8s-service-monitor-coredns.libsonnet",
- serviceMonitorControllerManager:: import "prometheus-k8s-service-monitor-kube-controller-manager.libsonnet",
- serviceMonitorScheduler:: import "prometheus-k8s-service-monitor-kube-scheduler.libsonnet",
- serviceMonitorKubelet:: import "prometheus-k8s-service-monitor-kubelet.libsonnet",
- serviceMonitorPrometheus:: import "prometheus-k8s-service-monitor-prometheus.libsonnet",
- service:: import "prometheus-k8s-service.libsonnet",
- prometheus:: import "prometheus-k8s.libsonnet",
-}
diff --git a/manifests/0prometheus-operator-0alertmanager-custom-resource-definition.yaml b/manifests/0prometheus-operator-0alertmanager-custom-resource-definition.yaml
new file mode 100644
index 00000000..b0976073
--- /dev/null
+++ b/manifests/0prometheus-operator-0alertmanager-custom-resource-definition.yaml
@@ -0,0 +1,2270 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+ creationTimestamp: null
+ name: alertmanagers.monitoring.coreos.com
+spec:
+ group: monitoring.coreos.com
+ names:
+ kind: Alertmanager
+ plural: alertmanagers
+ scope: Namespaced
+ validation:
+ openAPIV3Schema:
+ description: Describes an Alertmanager cluster.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
+ type: string
+ spec:
+ description: 'Specification of the desired behavior of the Alertmanager
+ cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status'
+ properties:
+ affinity:
+ description: Affinity is a group of affinity scheduling rules.
+ properties:
+ nodeAffinity:
+ description: Node affinity is a group of node affinity scheduling
+ rules.
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ description: The scheduler will prefer to schedule pods to nodes
+ that satisfy the affinity expressions specified by this field,
+ but it may choose a node that violates one or more of the
+ expressions. The node that is most preferred is the one with
+ the greatest sum of weights, i.e. for each node that meets
+ all of the scheduling requirements (resource request, requiredDuringScheduling
+ affinity expressions, etc.), compute a sum by iterating through
+ the elements of this field and adding "weight" to the sum
+ if the node matches the corresponding matchExpressions; the
+ node(s) with the highest sum are the most preferred.
+ items:
+ description: An empty preferred scheduling term matches all
+ objects with implicit weight 0 (i.e. it's a no-op). A null
+ preferred scheduling term matches no objects (i.e. is also
+ a no-op).
+ properties:
+ preference:
+ description: A null or empty node selector term matches
+ no objects.
+ properties:
+ matchExpressions:
+ description: Required. A list of node selector requirements.
+ The requirements are ANDed.
+ items:
+ description: A node selector requirement is a selector
+ that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: The label key that the selector
+ applies to.
+ type: string
+ operator:
+ description: Represents a key's relationship
+ to a set of values. Valid operators are In,
+ NotIn, Exists, DoesNotExist. Gt, and Lt.
+ type: string
+ values:
+ description: An array of string values. If the
+ operator is In or NotIn, the values array
+ must be non-empty. If the operator is Exists
+ or DoesNotExist, the values array must be
+ empty. If the operator is Gt or Lt, the values
+ array must have a single element, which will
+ be interpreted as an integer. This array is
+ replaced during a strategic merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: array
+ required:
+ - matchExpressions
+ weight:
+ description: Weight associated with matching the corresponding
+ nodeSelectorTerm, in the range 1-100.
+ format: int32
+ type: integer
+ required:
+ - weight
+ - preference
+ type: array
+ requiredDuringSchedulingIgnoredDuringExecution:
+ description: A node selector represents the union of the results
+ of one or more label queries over a set of nodes; that is,
+ it represents the OR of the selectors represented by the node
+ selector terms.
+ properties:
+ nodeSelectorTerms:
+ description: Required. A list of node selector terms. The
+ terms are ORed.
+ items:
+ description: A null or empty node selector term matches
+ no objects.
+ properties:
+ matchExpressions:
+ description: Required. A list of node selector requirements.
+ The requirements are ANDed.
+ items:
+ description: A node selector requirement is a selector
+ that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: The label key that the selector
+ applies to.
+ type: string
+ operator:
+ description: Represents a key's relationship
+ to a set of values. Valid operators are In,
+ NotIn, Exists, DoesNotExist. Gt, and Lt.
+ type: string
+ values:
+ description: An array of string values. If the
+ operator is In or NotIn, the values array
+ must be non-empty. If the operator is Exists
+ or DoesNotExist, the values array must be
+ empty. If the operator is Gt or Lt, the values
+ array must have a single element, which will
+ be interpreted as an integer. This array is
+ replaced during a strategic merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: array
+ required:
+ - matchExpressions
+ type: array
+ required:
+ - nodeSelectorTerms
+ podAffinity:
+ description: Pod affinity is a group of inter pod affinity scheduling
+ rules.
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ description: The scheduler will prefer to schedule pods to nodes
+ that satisfy the affinity expressions specified by this field,
+ but it may choose a node that violates one or more of the
+ expressions. The node that is most preferred is the one with
+ the greatest sum of weights, i.e. for each node that meets
+ all of the scheduling requirements (resource request, requiredDuringScheduling
+ affinity expressions, etc.), compute a sum by iterating through
+ the elements of this field and adding "weight" to the sum
+ if the node has pods which matches the corresponding podAffinityTerm;
+ the node(s) with the highest sum are the most preferred.
+ items:
+ description: The weights of all of the matched WeightedPodAffinityTerm
+ fields are added per-node to find the most preferred node(s)
+ properties:
+ podAffinityTerm:
+ description: Defines a set of pods (namely those matching
+ the labelSelector relative to the given namespace(s))
+ that this pod should be co-located (affinity) or not
+ co-located (anti-affinity) with, where co-located is
+ defined as running on a node whose value of the label
+ with key <topologyKey> matches that of any node on which
+ a pod of the set of pods is running
+ properties:
+ labelSelector:
+ description: A label selector is a label query over
+ a set of resources. The result of matchLabels and
+ matchExpressions are ANDed. An empty label selector
+ matches all objects. A null label selector matches
+ no objects.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label
+ selector requirements. The requirements are
+ ANDed.
+ items:
+ description: A label selector requirement is
+ a selector that contains values, a key, and
+ an operator that relates the key and values.
+ properties:
+ key:
+ description: key is the label key that the
+ selector applies to.
+ type: string
+ operator:
+ description: operator represents a key's
+ relationship to a set of values. Valid
+ operators are In, NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string
+ values. If the operator is In or NotIn,
+ the values array must be non-empty. If
+ the operator is Exists or DoesNotExist,
+ the values array must be empty. This array
+ is replaced during a strategic merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: array
+ matchLabels:
+ description: matchLabels is a map of {key,value}
+ pairs. A single {key,value} in the matchLabels
+ map is equivalent to an element of matchExpressions,
+ whose key field is "key", the operator is "In",
+ and the values array contains only "value".
+ The requirements are ANDed.
+ type: object
+ namespaces:
+ description: namespaces specifies which namespaces
+ the labelSelector applies to (matches against);
+ null or empty list means "this pod's namespace"
+ items:
+ type: string
+ type: array
+ topologyKey:
+ description: This pod should be co-located (affinity)
+ or not co-located (anti-affinity) with the pods
+ matching the labelSelector in the specified namespaces,
+ where co-located is defined as running on a node
+ whose value of the label with key topologyKey matches
+ that of any node on which any of the selected pods
+ is running. Empty topologyKey is not allowed.
+ type: string
+ required:
+ - topologyKey
+ weight:
+ description: weight associated with matching the corresponding
+ podAffinityTerm, in the range 1-100.
+ format: int32
+ type: integer
+ required:
+ - weight
+ - podAffinityTerm
+ type: array
+ requiredDuringSchedulingIgnoredDuringExecution:
+ description: If the affinity requirements specified by this
+ field are not met at scheduling time, the pod will not be
+ scheduled onto the node. If the affinity requirements specified
+ by this field cease to be met at some point during pod execution
+ (e.g. due to a pod label update), the system may or may not
+ try to eventually evict the pod from its node. When there
+ are multiple elements, the lists of nodes corresponding to
+ each podAffinityTerm are intersected, i.e. all terms must
+ be satisfied.
+ items:
+ description: Defines a set of pods (namely those matching
+ the labelSelector relative to the given namespace(s)) that
+ this pod should be co-located (affinity) or not co-located
+ (anti-affinity) with, where co-located is defined as running
+ on a node whose value of the label with key <topologyKey>
+ matches that of any node on which a pod of the set of pods
+ is running
+ properties:
+ labelSelector:
+ description: A label selector is a label query over a
+ set of resources. The result of matchLabels and matchExpressions
+ are ANDed. An empty label selector matches all objects.
+ A null label selector matches no objects.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector
+ requirements. The requirements are ANDed.
+ items:
+ description: A label selector requirement is a selector
+ that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the label key that the selector
+ applies to.
+ type: string
+ operator:
+ description: operator represents a key's relationship
+ to a set of values. Valid operators are In,
+ NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string values.
+ If the operator is In or NotIn, the values
+ array must be non-empty. If the operator is
+ Exists or DoesNotExist, the values array must
+ be empty. This array is replaced during a
+ strategic merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: array
+ matchLabels:
+ description: matchLabels is a map of {key,value} pairs.
+ A single {key,value} in the matchLabels map is equivalent
+ to an element of matchExpressions, whose key field
+ is "key", the operator is "In", and the values array
+ contains only "value". The requirements are ANDed.
+ type: object
+ namespaces:
+ description: namespaces specifies which namespaces the
+ labelSelector applies to (matches against); null or
+ empty list means "this pod's namespace"
+ items:
+ type: string
+ type: array
+ topologyKey:
+ description: This pod should be co-located (affinity)
+ or not co-located (anti-affinity) with the pods matching
+ the labelSelector in the specified namespaces, where
+ co-located is defined as running on a node whose value
+ of the label with key topologyKey matches that of any
+ node on which any of the selected pods is running. Empty
+ topologyKey is not allowed.
+ type: string
+ required:
+ - topologyKey
+ type: array
+ podAntiAffinity:
+ description: Pod anti affinity is a group of inter pod anti affinity
+ scheduling rules.
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ description: The scheduler will prefer to schedule pods to nodes
+ that satisfy the anti-affinity expressions specified by this
+ field, but it may choose a node that violates one or more
+ of the expressions. The node that is most preferred is the
+ one with the greatest sum of weights, i.e. for each node that
+ meets all of the scheduling requirements (resource request,
+ requiredDuringScheduling anti-affinity expressions, etc.),
+ compute a sum by iterating through the elements of this field
+ and adding "weight" to the sum if the node has pods which
+ matches the corresponding podAffinityTerm; the node(s) with
+ the highest sum are the most preferred.
+ items:
+ description: The weights of all of the matched WeightedPodAffinityTerm
+ fields are added per-node to find the most preferred node(s)
+ properties:
+ podAffinityTerm:
+ description: Defines a set of pods (namely those matching
+ the labelSelector relative to the given namespace(s))
+ that this pod should be co-located (affinity) or not
+ co-located (anti-affinity) with, where co-located is
+ defined as running on a node whose value of the label
+ with key <topologyKey> matches that of any node on which
+ a pod of the set of pods is running
+ properties:
+ labelSelector:
+ description: A label selector is a label query over
+ a set of resources. The result of matchLabels and
+ matchExpressions are ANDed. An empty label selector
+ matches all objects. A null label selector matches
+ no objects.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label
+ selector requirements. The requirements are
+ ANDed.
+ items:
+ description: A label selector requirement is
+ a selector that contains values, a key, and
+ an operator that relates the key and values.
+ properties:
+ key:
+ description: key is the label key that the
+ selector applies to.
+ type: string
+ operator:
+ description: operator represents a key's
+ relationship to a set of values. Valid
+ operators are In, NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string
+ values. If the operator is In or NotIn,
+ the values array must be non-empty. If
+ the operator is Exists or DoesNotExist,
+ the values array must be empty. This array
+ is replaced during a strategic merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: array
+ matchLabels:
+ description: matchLabels is a map of {key,value}
+ pairs. A single {key,value} in the matchLabels
+ map is equivalent to an element of matchExpressions,
+ whose key field is "key", the operator is "In",
+ and the values array contains only "value".
+ The requirements are ANDed.
+ type: object
+ namespaces:
+ description: namespaces specifies which namespaces
+ the labelSelector applies to (matches against);
+ null or empty list means "this pod's namespace"
+ items:
+ type: string
+ type: array
+ topologyKey:
+ description: This pod should be co-located (affinity)
+ or not co-located (anti-affinity) with the pods
+ matching the labelSelector in the specified namespaces,
+ where co-located is defined as running on a node
+ whose value of the label with key topologyKey matches
+ that of any node on which any of the selected pods
+ is running. Empty topologyKey is not allowed.
+ type: string
+ required:
+ - topologyKey
+ weight:
+ description: weight associated with matching the corresponding
+ podAffinityTerm, in the range 1-100.
+ format: int32
+ type: integer
+ required:
+ - weight
+ - podAffinityTerm
+ type: array
+ requiredDuringSchedulingIgnoredDuringExecution:
+ description: If the anti-affinity requirements specified by
+ this field are not met at scheduling time, the pod will not
+ be scheduled onto the node. If the anti-affinity requirements
+ specified by this field cease to be met at some point during
+ pod execution (e.g. due to a pod label update), the system
+ may or may not try to eventually evict the pod from its node.
+ When there are multiple elements, the lists of nodes corresponding
+ to each podAffinityTerm are intersected, i.e. all terms must
+ be satisfied.
+ items:
+ description: Defines a set of pods (namely those matching
+ the labelSelector relative to the given namespace(s)) that
+ this pod should be co-located (affinity) or not co-located
+ (anti-affinity) with, where co-located is defined as running
+ on a node whose value of the label with key <topologyKey>
+ matches that of any node on which a pod of the set of pods
+ is running
+ properties:
+ labelSelector:
+ description: A label selector is a label query over a
+ set of resources. The result of matchLabels and matchExpressions
+ are ANDed. An empty label selector matches all objects.
+ A null label selector matches no objects.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector
+ requirements. The requirements are ANDed.
+ items:
+ description: A label selector requirement is a selector
+ that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the label key that the selector
+ applies to.
+ type: string
+ operator:
+ description: operator represents a key's relationship
+ to a set of values. Valid operators are In,
+ NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string values.
+ If the operator is In or NotIn, the values
+ array must be non-empty. If the operator is
+ Exists or DoesNotExist, the values array must
+ be empty. This array is replaced during a
+ strategic merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: array
+ matchLabels:
+ description: matchLabels is a map of {key,value} pairs.
+ A single {key,value} in the matchLabels map is equivalent
+ to an element of matchExpressions, whose key field
+ is "key", the operator is "In", and the values array
+ contains only "value". The requirements are ANDed.
+ type: object
+ namespaces:
+ description: namespaces specifies which namespaces the
+ labelSelector applies to (matches against); null or
+ empty list means "this pod's namespace"
+ items:
+ type: string
+ type: array
+ topologyKey:
+ description: This pod should be co-located (affinity)
+ or not co-located (anti-affinity) with the pods matching
+ the labelSelector in the specified namespaces, where
+ co-located is defined as running on a node whose value
+ of the label with key topologyKey matches that of any
+ node on which any of the selected pods is running. Empty
+ topologyKey is not allowed.
+ type: string
+ required:
+ - topologyKey
+ type: array
+ baseImage:
+ description: Base image that is used to deploy pods, without tag.
+ type: string
+ containers:
+ description: Containers allows injecting additional containers. This
+ is meant to allow adding an authentication proxy to an Alertmanager
+ pod.
+ items:
+ description: A single application container that you want to run within
+ a pod.
+ properties:
+ args:
+ description: 'Arguments to the entrypoint. The docker image''s
+ CMD is used if this is not provided. Variable references $(VAR_NAME)
+ are expanded using the container''s environment. If a variable
+ cannot be resolved, the reference in the input string will be
+ unchanged. The $(VAR_NAME) syntax can be escaped with a double
+ $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
+ regardless of whether the variable exists or not. Cannot be
+ updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
+ items:
+ type: string
+ type: array
+ command:
+ description: 'Entrypoint array. Not executed within a shell. The
+ docker image''s ENTRYPOINT is used if this is not provided.
+ Variable references $(VAR_NAME) are expanded using the container''s
+ environment. If a variable cannot be resolved, the reference
+ in the input string will be unchanged. The $(VAR_NAME) syntax
+ can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references
+ will never be expanded, regardless of whether the variable exists
+ or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
+ items:
+ type: string
+ type: array
+ env:
+ description: List of environment variables to set in the container.
+ Cannot be updated.
+ items:
+ description: EnvVar represents an environment variable present
+ in a Container.
+ properties:
+ name:
+ description: Name of the environment variable. Must be a
+ C_IDENTIFIER.
+ type: string
+ value:
+ description: 'Variable references $(VAR_NAME) are expanded
+ using the previous defined environment variables in the
+ container and any service environment variables. If a
+ variable cannot be resolved, the reference in the input
+ string will be unchanged. The $(VAR_NAME) syntax can be
+ escaped with a double $$, ie: $$(VAR_NAME). Escaped references
+ will never be expanded, regardless of whether the variable
+ exists or not. Defaults to "".'
+ type: string
+ valueFrom:
+ description: EnvVarSource represents a source for the value
+ of an EnvVar.
+ properties:
+ configMapKeyRef:
+ description: Selects a key from a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or it's
+ key must be defined
+ type: boolean
+ required:
+ - key
+ fieldRef:
+ description: ObjectFieldSelector selects an APIVersioned
+ field of an object.
+ properties:
+ apiVersion:
+ description: Version of the schema the FieldPath
+ is written in terms of, defaults to "v1".
+ type: string
+ fieldPath:
+ description: Path of the field to select in the
+ specified API version.
+ type: string
+ required:
+ - fieldPath
+ resourceFieldRef:
+ description: ResourceFieldSelector represents container
+ resources (cpu, memory) and their output format
+ properties:
+ containerName:
+ description: 'Container name: required for volumes,
+ optional for env vars'
+ type: string
+ divisor: {}
+ resource:
+ description: 'Required: resource to select'
+ type: string
+ required:
+ - resource
+ secretKeyRef:
+ description: SecretKeySelector selects a key of a Secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ optional:
+ description: Specify whether the Secret or it's
+ key must be defined
+ type: boolean
+ required:
+ - key
+ required:
+ - name
+ type: array
+ envFrom:
+ description: List of sources to populate environment variables
+ in the container. The keys defined within a source must be a
+ C_IDENTIFIER. All invalid keys will be reported as an event
+ when the container is starting. When a key exists in multiple
+ sources, the value associated with the last source will take
+ precedence. Values defined by an Env with a duplicate key will
+ take precedence. Cannot be updated.
+ items:
+ description: EnvFromSource represents the source of a set of
+ ConfigMaps
+ properties:
+ configMapRef:
+ description: |-
+ ConfigMapEnvSource selects a ConfigMap to populate the environment variables with.
+
+ The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables.
+ properties:
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ optional:
+ description: Specify whether the ConfigMap must be defined
+ type: boolean
+ prefix:
+ description: An optional identifer to prepend to each key
+ in the ConfigMap. Must be a C_IDENTIFIER.
+ type: string
+ secretRef:
+ description: |-
+ SecretEnvSource selects a Secret to populate the environment variables with.
+
+ The contents of the target Secret's Data field will represent the key-value pairs as environment variables.
+ properties:
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ optional:
+ description: Specify whether the Secret must be defined
+ type: boolean
+ type: array
+ image:
+ description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images
+ This field is optional to allow higher level config management
+ to default or override container images in workload controllers
+ like Deployments and StatefulSets.'
+ type: string
+ imagePullPolicy:
+ description: 'Image pull policy. One of Always, Never, IfNotPresent.
+ Defaults to Always if :latest tag is specified, or IfNotPresent
+ otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
+ type: string
+ lifecycle:
+ description: Lifecycle describes actions that the management system
+ should take in response to container lifecycle events. For the
+ PostStart and PreStop lifecycle handlers, management of the
+ container blocks until the action is complete, unless the container
+ process fails, in which case the handler is aborted.
+ properties:
+ postStart:
+ description: Handler defines a specific action that should
+ be taken
+ properties:
+ exec:
+ description: ExecAction describes a "run in container"
+ action.
+ properties:
+ command:
+ description: Command is the command line to execute
+ inside the container, the working directory for
+ the command is root ('/') in the container's filesystem.
+ The command is simply exec'd, it is not run inside
+ a shell, so traditional shell instructions ('|',
+ etc) won't work. To use a shell, you need to explicitly
+ call out to that shell. Exit status of 0 is treated
+ as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ httpGet:
+ description: HTTPGetAction describes an action based on
+ HTTP Get requests.
+ properties:
+ host:
+ description: Host name to connect to, defaults to
+ the pod IP. You probably want to set "Host" in httpHeaders
+ instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the request.
+ HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom header
+ to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port: {}
+ scheme:
+ description: Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ tcpSocket:
+ description: TCPSocketAction describes an action based
+ on opening a socket
+ properties:
+ host:
+ description: 'Optional: Host name to connect to, defaults
+ to the pod IP.'
+ type: string
+ port: {}
+ required:
+ - port
+ preStop:
+ description: Handler defines a specific action that should
+ be taken
+ properties:
+ exec:
+ description: ExecAction describes a "run in container"
+ action.
+ properties:
+ command:
+ description: Command is the command line to execute
+ inside the container, the working directory for
+ the command is root ('/') in the container's filesystem.
+ The command is simply exec'd, it is not run inside
+ a shell, so traditional shell instructions ('|',
+ etc) won't work. To use a shell, you need to explicitly
+ call out to that shell. Exit status of 0 is treated
+ as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ httpGet:
+ description: HTTPGetAction describes an action based on
+ HTTP Get requests.
+ properties:
+ host:
+ description: Host name to connect to, defaults to
+ the pod IP. You probably want to set "Host" in httpHeaders
+ instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the request.
+ HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom header
+ to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port: {}
+ scheme:
+ description: Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ tcpSocket:
+ description: TCPSocketAction describes an action based
+ on opening a socket
+ properties:
+ host:
+ description: 'Optional: Host name to connect to, defaults
+ to the pod IP.'
+ type: string
+ port: {}
+ required:
+ - port
+ livenessProbe:
+ description: Probe describes a health check to be performed against
+ a container to determine whether it is alive or ready to receive
+ traffic.
+ properties:
+ exec:
+ description: ExecAction describes a "run in container" action.
+ properties:
+ command:
+ description: Command is the command line to execute inside
+ the container, the working directory for the command is
+ root ('/') in the container's filesystem. The command
+ is simply exec'd, it is not run inside a shell, so traditional
+ shell instructions ('|', etc) won't work. To use a shell,
+ you need to explicitly call out to that shell. Exit
+ status of 0 is treated as live/healthy and non-zero
+ is unhealthy.
+ items:
+ type: string
+ type: array
+ failureThreshold:
+ description: Minimum consecutive failures for the probe to
+ be considered failed after having succeeded. Defaults to
+ 3. Minimum value is 1.
+ format: int32
+ type: integer
+ httpGet:
+ description: HTTPGetAction describes an action based on HTTP
+ Get requests.
+ properties:
+ host:
+ description: Host name to connect to, defaults to the
+ pod IP. You probably want to set "Host" in httpHeaders
+ instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the request. HTTP
+ allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom header to
+ be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port: {}
+ scheme:
+ description: Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ initialDelaySeconds:
+ description: 'Number of seconds after the container has started
+ before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ periodSeconds:
+ description: How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: Minimum consecutive successes for the probe to
+ be considered successful after having failed. Defaults to
+ 1. Must be 1 for liveness. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: TCPSocketAction describes an action based on
+ opening a socket
+ properties:
+ host:
+ description: 'Optional: Host name to connect to, defaults
+ to the pod IP.'
+ type: string
+ port: {}
+ required:
+ - port
+ timeoutSeconds:
+ description: 'Number of seconds after which the probe times
+ out. Defaults to 1 second. Minimum value is 1. More info:
+ https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ name:
+ description: Name of the container specified as a DNS_LABEL. Each
+ container in a pod must have a unique name (DNS_LABEL). Cannot
+ be updated.
+ type: string
+ ports:
+ description: List of ports to expose from the container. Exposing
+ a port here gives the system additional information about the
+ network connections a container uses, but is primarily informational.
+ Not specifying a port here DOES NOT prevent that port from being
+ exposed. Any port which is listening on the default "0.0.0.0"
+ address inside a container will be accessible from the network.
+ Cannot be updated.
+ items:
+ description: ContainerPort represents a network port in a single
+ container.
+ properties:
+ containerPort:
+ description: Number of port to expose on the pod's IP address.
+ This must be a valid port number, 0 < x < 65536.
+ format: int32
+ type: integer
+ hostIP:
+ description: What host IP to bind the external port to.
+ type: string
+ hostPort:
+ description: Number of port to expose on the host. If specified,
+ this must be a valid port number, 0 < x < 65536. If HostNetwork
+ is specified, this must match ContainerPort. Most containers
+ do not need this.
+ format: int32
+ type: integer
+ name:
+ description: If specified, this must be an IANA_SVC_NAME
+ and unique within the pod. Each named port in a pod must
+ have a unique name. Name for the port that can be referred
+ to by services.
+ type: string
+ protocol:
+ description: Protocol for port. Must be UDP or TCP. Defaults
+ to "TCP".
+ type: string
+ required:
+ - containerPort
+ type: array
+ readinessProbe:
+ description: Probe describes a health check to be performed against
+ a container to determine whether it is alive or ready to receive
+ traffic.
+ properties:
+ exec:
+ description: ExecAction describes a "run in container" action.
+ properties:
+ command:
+ description: Command is the command line to execute inside
+ the container, the working directory for the command is
+ root ('/') in the container's filesystem. The command
+ is simply exec'd, it is not run inside a shell, so traditional
+ shell instructions ('|', etc) won't work. To use a shell,
+ you need to explicitly call out to that shell. Exit
+ status of 0 is treated as live/healthy and non-zero
+ is unhealthy.
+ items:
+ type: string
+ type: array
+ failureThreshold:
+ description: Minimum consecutive failures for the probe to
+ be considered failed after having succeeded. Defaults to
+ 3. Minimum value is 1.
+ format: int32
+ type: integer
+ httpGet:
+ description: HTTPGetAction describes an action based on HTTP
+ Get requests.
+ properties:
+ host:
+ description: Host name to connect to, defaults to the
+ pod IP. You probably want to set "Host" in httpHeaders
+ instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the request. HTTP
+ allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom header to
+ be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port: {}
+ scheme:
+ description: Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ initialDelaySeconds:
+ description: 'Number of seconds after the container has started
+ before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ periodSeconds:
+ description: How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: Minimum consecutive successes for the probe to
+ be considered successful after having failed. Defaults to
+ 1. Must be 1 for liveness. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: TCPSocketAction describes an action based on
+ opening a socket
+ properties:
+ host:
+ description: 'Optional: Host name to connect to, defaults
+ to the pod IP.'
+ type: string
+ port: {}
+ required:
+ - port
+ timeoutSeconds:
+ description: 'Number of seconds after which the probe times
+ out. Defaults to 1 second. Minimum value is 1. More info:
+ https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ resources:
+ description: ResourceRequirements describes the compute resource
+ requirements.
+ properties:
+ limits:
+ description: 'Limits describes the maximum amount of compute
+ resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+ type: object
+ requests:
+ description: 'Requests describes the minimum amount of compute
+ resources required. If Requests is omitted for a container,
+ it defaults to Limits if that is explicitly specified, otherwise
+ to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+ type: object
+ securityContext:
+ description: SecurityContext holds security configuration that
+ will be applied to a container. Some fields are present in both
+ SecurityContext and PodSecurityContext. When both are set,
+ the values in SecurityContext take precedence.
+ properties:
+ allowPrivilegeEscalation:
+ description: 'AllowPrivilegeEscalation controls whether a
+ process can gain more privileges than its parent process.
+ This bool directly controls if the no_new_privs flag will
+ be set on the container process. AllowPrivilegeEscalation
+ is true always when the container is: 1) run as Privileged
+ 2) has CAP_SYS_ADMIN'
+ type: boolean
+ capabilities:
+ description: Adds and removes POSIX capabilities from running
+ containers.
+ properties:
+ add:
+ description: Added capabilities
+ items:
+ type: string
+ type: array
+ drop:
+ description: Removed capabilities
+ items:
+ type: string
+ type: array
+ privileged:
+ description: Run container in privileged mode. Processes in
+ privileged containers are essentially equivalent to root
+ on the host. Defaults to false.
+ type: boolean
+ readOnlyRootFilesystem:
+ description: Whether this container has a read-only root filesystem.
+ Default is false.
+ type: boolean
+ runAsNonRoot:
+ description: Indicates that the container must run as a non-root
+ user. If true, the Kubelet will validate the image at runtime
+ to ensure that it does not run as UID 0 (root) and fail
+ to start the container if it does. If unset or false, no
+ such validation will be performed. May also be set in PodSecurityContext. If
+ set in both SecurityContext and PodSecurityContext, the
+ value specified in SecurityContext takes precedence.
+ type: boolean
+ runAsUser:
+ description: The UID to run the entrypoint of the container
+ process. Defaults to user specified in image metadata if
+ unspecified. May also be set in PodSecurityContext. If
+ set in both SecurityContext and PodSecurityContext, the
+ value specified in SecurityContext takes precedence.
+ format: int64
+ type: integer
+ seLinuxOptions:
+ description: SELinuxOptions are the labels to be applied to
+ the container
+ properties:
+ level:
+ description: Level is SELinux level label that applies
+ to the container.
+ type: string
+ role:
+ description: Role is a SELinux role label that applies
+ to the container.
+ type: string
+ type:
+ description: Type is a SELinux type label that applies
+ to the container.
+ type: string
+ user:
+ description: User is a SELinux user label that applies
+ to the container.
+ type: string
+ stdin:
+ description: Whether this container should allocate a buffer for
+ stdin in the container runtime. If this is not set, reads from
+ stdin in the container will always result in EOF. Default is
+ false.
+ type: boolean
+ stdinOnce:
+ description: Whether the container runtime should close the stdin
+ channel after it has been opened by a single attach. When stdin
+ is true the stdin stream will remain open across multiple attach
+ sessions. If stdinOnce is set to true, stdin is opened on container
+ start, is empty until the first client attaches to stdin, and
+ then remains open and accepts data until the client disconnects,
+ at which time stdin is closed and remains closed until the container
+ is restarted. If this flag is false, a container processes that
+ reads from stdin will never receive an EOF. Default is false
+ type: boolean
+ terminationMessagePath:
+ description: 'Optional: Path at which the file to which the container''s
+ termination message will be written is mounted into the container''s
+ filesystem. Message written is intended to be brief final status,
+ such as an assertion failure message. Will be truncated by the
+ node if greater than 4096 bytes. The total message length across
+ all containers will be limited to 12kb. Defaults to /dev/termination-log.
+ Cannot be updated.'
+ type: string
+ terminationMessagePolicy:
+ description: Indicate how the termination message should be populated.
+ File will use the contents of terminationMessagePath to populate
+ the container status message on both success and failure. FallbackToLogsOnError
+ will use the last chunk of container log output if the termination
+ message file is empty and the container exited with an error.
+ The log output is limited to 2048 bytes or 80 lines, whichever
+ is smaller. Defaults to File. Cannot be updated.
+ type: string
+ tty:
+ description: Whether this container should allocate a TTY for
+ itself, also requires 'stdin' to be true. Default is false.
+ type: boolean
+ volumeDevices:
+ description: volumeDevices is the list of block devices to be
+ used by the container. This is an alpha feature and may change
+ in the future.
+ items:
+ description: volumeDevice describes a mapping of a raw block
+ device within a container.
+ properties:
+ devicePath:
+ description: devicePath is the path inside of the container
+ that the device will be mapped to.
+ type: string
+ name:
+ description: name must match the name of a persistentVolumeClaim
+ in the pod
+ type: string
+ required:
+ - name
+ - devicePath
+ type: array
+ volumeMounts:
+ description: Pod volumes to mount into the container's filesystem.
+ Cannot be updated.
+ items:
+ description: VolumeMount describes a mounting of a Volume within
+ a container.
+ properties:
+ mountPath:
+ description: Path within the container at which the volume
+ should be mounted. Must not contain ':'.
+ type: string
+ mountPropagation:
+ description: mountPropagation determines how mounts are
+ propagated from the host to container and the other way
+ around. When not set, MountPropagationHostToContainer
+ is used. This field is alpha in 1.8 and can be reworked
+ or removed in a future release.
+ type: string
+ name:
+ description: This must match the Name of a Volume.
+ type: string
+ readOnly:
+ description: Mounted read-only if true, read-write otherwise
+ (false or unspecified). Defaults to false.
+ type: boolean
+ subPath:
+ description: Path within the volume from which the container's
+ volume should be mounted. Defaults to "" (volume's root).
+ type: string
+ required:
+ - name
+ - mountPath
+ type: array
+ workingDir:
+ description: Container's working directory. If not specified,
+ the container runtime's default will be used, which might be
+ configured in the container image. Cannot be updated.
+ type: string
+ required:
+ - name
+ type: array
+ externalUrl:
+ description: The external URL the Alertmanager instances will be available
+ under. This is necessary to generate correct URLs. This is necessary
+ if Alertmanager is not served from root of a DNS name.
+ type: string
+ imagePullSecrets:
+ description: An optional list of references to secrets in the same namespace
+ to use for pulling prometheus and alertmanager images from registries
+ see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod
+ items:
+ description: LocalObjectReference contains enough information to let
+ you locate the referenced object inside the same namespace.
+ properties:
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ type: array
+ listenLocal:
+ description: ListenLocal makes the Alertmanager server listen on loopback,
+ so that it does not bind against the Pod IP. Note this is only for
+ the Alertmanager UI, not the gossip communication.
+ type: boolean
+ logLevel:
+ description: Log level for Alertmanager to be configured with.
+ type: string
+ nodeSelector:
+ description: Define which Nodes the Pods are scheduled on.
+ type: object
+ paused:
+ description: If set to true all actions on the underlaying managed objects
+ are not goint to be performed, except for delete actions.
+ type: boolean
+ podMetadata:
+ description: ObjectMeta is metadata that all persisted resources must
+ have, which includes all objects users must create.
+ properties:
+ annotations:
+ description: 'Annotations is an unstructured key value map stored
+ with a resource that may be set by external tools to store and
+ retrieve arbitrary metadata. They are not queryable and should
+ be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations'
+ type: object
+ clusterName:
+ description: The name of the cluster which the object belongs to.
+ This is used to distinguish resources with same name and namespace
+ in different clusters. This field is not set anywhere right now
+ and apiserver is going to ignore it if set in create or update
+ request.
+ type: string
+ creationTimestamp:
+ format: date-time
+ type: string
+ deletionGracePeriodSeconds:
+ description: Number of seconds allowed for this object to gracefully
+ terminate before it will be removed from the system. Only set
+ when deletionTimestamp is also set. May only be shortened. Read-only.
+ format: int64
+ type: integer
+ deletionTimestamp:
+ format: date-time
+ type: string
+ finalizers:
+ description: Must be empty before the object is deleted from the
+ registry. Each entry is an identifier for the responsible component
+ that will remove the entry from the list. If the deletionTimestamp
+ of the object is non-nil, entries in this list can only be removed.
+ items:
+ type: string
+ type: array
+ generateName:
+ description: |-
+ GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.
+
+ If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).
+
+ Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
+ type: string
+ generation:
+ description: A sequence number representing a specific generation
+ of the desired state. Populated by the system. Read-only.
+ format: int64
+ type: integer
+ initializers:
+ description: Initializers tracks the progress of initialization.
+ properties:
+ pending:
+ description: Pending is a list of initializers that must execute
+ in order before this object is visible. When the last pending
+ initializer is removed, and no failing result is set, the
+ initializers struct will be set to nil and the object is considered
+ as initialized and visible to all clients.
+ items:
+ description: Initializer is information about an initializer
+ that has not yet completed.
+ properties:
+ name:
+ description: name of the process that is responsible for
+ initializing this object.
+ type: string
+ required:
+ - name
+ type: array
+ result:
+ description: Status is a return value for calls that don't return
+ other objects.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of
+ this representation of an object. Servers should convert
+ recognized schemas to the latest internal value, and may
+ reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
+ type: string
+ code:
+ description: Suggested HTTP return code for this status,
+ 0 if not set.
+ format: int32
+ type: integer
+ details:
+ description: StatusDetails is a set of additional properties
+ that MAY be set by the server to provide additional information
+ about a response. The Reason field of a Status object
+ defines what attributes will be set. Clients must ignore
+ fields that do not match the defined type of each attribute,
+ and should assume that any attribute may be empty, invalid,
+ or under defined.
+ properties:
+ causes:
+ description: The Causes array includes more details
+ associated with the StatusReason failure. Not all
+ StatusReasons may provide detailed causes.
+ items:
+ description: StatusCause provides more information
+ about an api.Status failure, including cases when
+ multiple errors are encountered.
+ properties:
+ field:
+ description: |-
+ The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional.
+
+ Examples:
+ "name" - the field "name" on the current resource
+ "items[0].name" - the field "name" on the first array entry in "items"
+ type: string
+ message:
+ description: A human-readable description of the
+ cause of the error. This field may be presented
+ as-is to a reader.
+ type: string
+ reason:
+ description: A machine-readable description of
+ the cause of the error. If this value is empty
+ there is no information available.
+ type: string
+ type: array
+ group:
+ description: The group attribute of the resource associated
+ with the status StatusReason.
+ type: string
+ kind:
+ description: 'The kind attribute of the resource associated
+ with the status StatusReason. On some operations may
+ differ from the requested resource Kind. More info:
+ https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
+ type: string
+ name:
+ description: The name attribute of the resource associated
+ with the status StatusReason (when there is a single
+ name which can be described).
+ type: string
+ retryAfterSeconds:
+ description: If specified, the time in seconds before
+ the operation should be retried. Some errors may indicate
+ the client must take an alternate action - for those
+ errors this field may indicate how long to wait before
+ taking the alternate action.
+ format: int32
+ type: integer
+ uid:
+ description: 'UID of the resource. (when there is a
+ single resource which can be described). More info:
+ http://kubernetes.io/docs/user-guide/identifiers#uids'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST
+ resource this object represents. Servers may infer this
+ from the endpoint the client submits requests to. Cannot
+ be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
+ type: string
+ message:
+ description: A human-readable description of the status
+ of this operation.
+ type: string
+ metadata:
+ description: ListMeta describes metadata that synthetic
+ resources must have, including lists and various status
+ objects. A resource may have only one of {ObjectMeta,
+ ListMeta}.
+ properties:
+ continue:
+ description: continue may be set if the user set a limit
+ on the number of items returned, and indicates that
+ the server has more data available. The value is opaque
+ and may be used to issue another request to the endpoint
+ that served this list to retrieve the next set of
+ available objects. Continuing a list may not be possible
+ if the server configuration has changed or more than
+ a few minutes have passed. The resourceVersion field
+ returned when using this continue value will be identical
+ to the value in the first response.
+ type: string
+ resourceVersion:
+ description: 'String that identifies the server''s internal
+ version of this object that can be used by clients
+ to determine when objects have changed. Value must
+ be treated as opaque by clients and passed unmodified
+ back to the server. Populated by the system. Read-only.
+ More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency'
+ type: string
+ selfLink:
+ description: selfLink is a URL representing this object.
+ Populated by the system. Read-only.
+ type: string
+ reason:
+ description: A machine-readable description of why this
+ operation is in the "Failure" status. If this value is
+ empty there is no information available. A Reason clarifies
+ an HTTP status code but does not override it.
+ type: string
+ status:
+ description: 'Status of the operation. One of: "Success"
+ or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status'
+ type: string
+ required:
+ - pending
+ labels:
+ description: 'Map of string keys and values that can be used to
+ organize and categorize (scope and select) objects. May match
+ selectors of replication controllers and services. More info:
+ http://kubernetes.io/docs/user-guide/labels'
+ type: object
+ name:
+ description: 'Name must be unique within a namespace. Is required
+ when creating resources, although some resources may allow a client
+ to request the generation of an appropriate name automatically.
+ Name is primarily intended for creation idempotence and configuration
+ definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names'
+ type: string
+ namespace:
+ description: |-
+ Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.
+
+ Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces
+ type: string
+ ownerReferences:
+ description: List of objects depended by this object. If ALL objects
+ in the list have been deleted, this object will be garbage collected.
+ If this object is managed by a controller, then an entry in this
+ list will point to this controller, with the controller field
+ set to true. There cannot be more than one managing controller.
+ items:
+ description: OwnerReference contains enough information to let
+ you identify an owning object. Currently, an owning object must
+ be in the same namespace, so there is no namespace field.
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ blockOwnerDeletion:
+ description: If true, AND if the owner has the "foregroundDeletion"
+ finalizer, then the owner cannot be deleted from the key-value
+ store until this reference is removed. Defaults to false.
+ To set this field, a user needs "delete" permission of the
+ owner, otherwise 422 (Unprocessable Entity) will be returned.
+ type: boolean
+ controller:
+ description: If true, this reference points to the managing
+ controller.
+ type: boolean
+ kind:
+ description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
+ type: string
+ name:
+ description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names'
+ type: string
+ uid:
+ description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids'
+ type: string
+ required:
+ - apiVersion
+ - kind
+ - name
+ - uid
+ type: array
+ resourceVersion:
+ description: |-
+ An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.
+
+ Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
+ type: string
+ selfLink:
+ description: SelfLink is a URL representing this object. Populated
+ by the system. Read-only.
+ type: string
+ uid:
+ description: |-
+ UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.
+
+ Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids
+ type: string
+ replicas:
+ description: Size is the expected size of the alertmanager cluster.
+ The controller will eventually make the size of the running cluster
+ equal to the expected size.
+ format: int32
+ type: integer
+ resources:
+ description: ResourceRequirements describes the compute resource requirements.
+ properties:
+ limits:
+ description: 'Limits describes the maximum amount of compute resources
+ allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+ type: object
+ requests:
+ description: 'Requests describes the minimum amount of compute resources
+ required. If Requests is omitted for a container, it defaults
+ to Limits if that is explicitly specified, otherwise to an implementation-defined
+ value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+ type: object
+ routePrefix:
+ description: The route prefix Alertmanager registers HTTP handlers for.
+ This is useful, if using ExternalURL and a proxy is rewriting HTTP
+ routes of a request, and the actual ExternalURL is still true, but
+ the server serves requests under a different route prefix. For example
+ for use with `kubectl proxy`.
+ type: string
+ secrets:
+ description: Secrets is a list of Secrets in the same namespace as the
+ Alertmanager object, which shall be mounted into the Alertmanager
+ Pods. The Secrets are mounted into /etc/alertmanager/secrets/<secret-name>.
+ items:
+ type: string
+ type: array
+ securityContext:
+ description: PodSecurityContext holds pod-level security attributes
+ and common container settings. Some fields are also present in container.securityContext. Field
+ values of container.securityContext take precedence over field values
+ of PodSecurityContext.
+ properties:
+ fsGroup:
+ description: |-
+ A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:
+
+ 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw----
+
+ If unset, the Kubelet will not modify the ownership and permissions of any volume.
+ format: int64
+ type: integer
+ runAsNonRoot:
+ description: Indicates that the container must run as a non-root
+ user. If true, the Kubelet will validate the image at runtime
+ to ensure that it does not run as UID 0 (root) and fail to start
+ the container if it does. If unset or false, no such validation
+ will be performed. May also be set in SecurityContext. If set
+ in both SecurityContext and PodSecurityContext, the value specified
+ in SecurityContext takes precedence.
+ type: boolean
+ runAsUser:
+ description: The UID to run the entrypoint of the container process.
+ Defaults to user specified in image metadata if unspecified. May
+ also be set in SecurityContext. If set in both SecurityContext
+ and PodSecurityContext, the value specified in SecurityContext
+ takes precedence for that container.
+ format: int64
+ type: integer
+ seLinuxOptions:
+ description: SELinuxOptions are the labels to be applied to the
+ container
+ properties:
+ level:
+ description: Level is SELinux level label that applies to the
+ container.
+ type: string
+ role:
+ description: Role is a SELinux role label that applies to the
+ container.
+ type: string
+ type:
+ description: Type is a SELinux type label that applies to the
+ container.
+ type: string
+ user:
+ description: User is a SELinux user label that applies to the
+ container.
+ type: string
+ supplementalGroups:
+ description: A list of groups applied to the first process run in
+ each container, in addition to the container's primary GID. If
+ unspecified, no groups will be added to any container.
+ items:
+ format: int64
+ type: integer
+ type: array
+ serviceAccountName:
+ description: ServiceAccountName is the name of the ServiceAccount to
+ use to run the Prometheus Pods.
+ type: string
+ storage:
+ description: StorageSpec defines the configured storage for a group
+ Prometheus servers.
+ properties:
+ class:
+ description: 'Name of the StorageClass to use when requesting storage
+ provisioning. More info: https://kubernetes.io/docs/user-guide/persistent-volumes/#storageclasses
+ DEPRECATED'
+ type: string
+ emptyDir:
+ description: Represents an empty directory for a pod. Empty directory
+ volumes support ownership management and SELinux relabeling.
+ properties:
+ medium:
+ description: 'What type of storage medium should back this directory.
+ The default is "" which means to use the node''s default medium.
+ Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+ type: string
+ sizeLimit: {}
+ resources:
+ description: ResourceRequirements describes the compute resource
+ requirements.
+ properties:
+ limits:
+ description: 'Limits describes the maximum amount of compute
+ resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+ type: object
+ requests:
+ description: 'Requests describes the minimum amount of compute
+ resources required. If Requests is omitted for a container,
+ it defaults to Limits if that is explicitly specified, otherwise
+ to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+ type: object
+ selector:
+ description: A label selector is a label query over a set of resources.
+ The result of matchLabels and matchExpressions are ANDed. An empty
+ label selector matches all objects. A null label selector matches
+ no objects.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: A label selector requirement is a selector that
+ contains values, a key, and an operator that relates the
+ key and values.
+ properties:
+ key:
+ description: key is the label key that the selector applies
+ to.
+ type: string
+ operator:
+ description: operator represents a key's relationship
+ to a set of values. Valid operators are In, NotIn, Exists
+ and DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string values. If the
+ operator is In or NotIn, the values array must be non-empty.
+ If the operator is Exists or DoesNotExist, the values
+ array must be empty. This array is replaced during a
+ strategic merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: array
+ matchLabels:
+ description: matchLabels is a map of {key,value} pairs. A single
+ {key,value} in the matchLabels map is equivalent to an element
+ of matchExpressions, whose key field is "key", the operator
+ is "In", and the values array contains only "value". The requirements
+ are ANDed.
+ type: object
+ volumeClaimTemplate:
+ description: PersistentVolumeClaim is a user's request for and claim
+ to a persistent volume
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this
+ representation of an object. Servers should convert recognized
+ schemas to the latest internal value, and may reject unrecognized
+ values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource
+ this object represents. Servers may infer this from the endpoint
+ the client submits requests to. Cannot be updated. In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ description: ObjectMeta is metadata that all persisted resources
+ must have, which includes all objects users must create.
+ properties:
+ annotations:
+ description: 'Annotations is an unstructured key value map
+ stored with a resource that may be set by external tools
+ to store and retrieve arbitrary metadata. They are not
+ queryable and should be preserved when modifying objects.
+ More info: http://kubernetes.io/docs/user-guide/annotations'
+ type: object
+ clusterName:
+ description: The name of the cluster which the object belongs
+ to. This is used to distinguish resources with same name
+ and namespace in different clusters. This field is not
+ set anywhere right now and apiserver is going to ignore
+ it if set in create or update request.
+ type: string
+ creationTimestamp:
+ format: date-time
+ type: string
+ deletionGracePeriodSeconds:
+ description: Number of seconds allowed for this object to
+ gracefully terminate before it will be removed from the
+ system. Only set when deletionTimestamp is also set. May
+ only be shortened. Read-only.
+ format: int64
+ type: integer
+ deletionTimestamp:
+ format: date-time
+ type: string
+ finalizers:
+ description: Must be empty before the object is deleted
+ from the registry. Each entry is an identifier for the
+ responsible component that will remove the entry from
+ the list. If the deletionTimestamp of the object is non-nil,
+ entries in this list can only be removed.
+ items:
+ type: string
+ type: array
+ generateName:
+ description: |-
+ GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.
+
+ If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).
+
+ Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
+ type: string
+ generation:
+ description: A sequence number representing a specific generation
+ of the desired state. Populated by the system. Read-only.
+ format: int64
+ type: integer
+ initializers:
+ description: Initializers tracks the progress of initialization.
+ properties:
+ pending:
+ description: Pending is a list of initializers that
+ must execute in order before this object is visible.
+ When the last pending initializer is removed, and
+ no failing result is set, the initializers struct
+ will be set to nil and the object is considered as
+ initialized and visible to all clients.
+ items:
+ description: Initializer is information about an initializer
+ that has not yet completed.
+ properties:
+ name:
+ description: name of the process that is responsible
+ for initializing this object.
+ type: string
+ required:
+ - name
+ type: array
+ result:
+ description: Status is a return value for calls that
+ don't return other objects.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema
+ of this representation of an object. Servers should
+ convert recognized schemas to the latest internal
+ value, and may reject unrecognized values. More
+ info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
+ type: string
+ code:
+ description: Suggested HTTP return code for this
+ status, 0 if not set.
+ format: int32
+ type: integer
+ details:
+ description: StatusDetails is a set of additional
+ properties that MAY be set by the server to provide
+ additional information about a response. The Reason
+ field of a Status object defines what attributes
+ will be set. Clients must ignore fields that do
+ not match the defined type of each attribute,
+ and should assume that any attribute may be empty,
+ invalid, or under defined.
+ properties:
+ causes:
+ description: The Causes array includes more
+ details associated with the StatusReason failure.
+ Not all StatusReasons may provide detailed
+ causes.
+ items:
+ description: StatusCause provides more information
+ about an api.Status failure, including cases
+ when multiple errors are encountered.
+ properties:
+ field:
+ description: |-
+ The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional.
+
+ Examples:
+ "name" - the field "name" on the current resource
+ "items[0].name" - the field "name" on the first array entry in "items"
+ type: string
+ message:
+ description: A human-readable description
+ of the cause of the error. This field
+ may be presented as-is to a reader.
+ type: string
+ reason:
+ description: A machine-readable description
+ of the cause of the error. If this value
+ is empty there is no information available.
+ type: string
+ type: array
+ group:
+ description: The group attribute of the resource
+ associated with the status StatusReason.
+ type: string
+ kind:
+ description: 'The kind attribute of the resource
+ associated with the status StatusReason. On
+ some operations may differ from the requested
+ resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
+ type: string
+ name:
+ description: The name attribute of the resource
+ associated with the status StatusReason (when
+ there is a single name which can be described).
+ type: string
+ retryAfterSeconds:
+ description: If specified, the time in seconds
+ before the operation should be retried. Some
+ errors may indicate the client must take an
+ alternate action - for those errors this field
+ may indicate how long to wait before taking
+ the alternate action.
+ format: int32
+ type: integer
+ uid:
+ description: 'UID of the resource. (when there
+ is a single resource which can be described).
+ More info: http://kubernetes.io/docs/user-guide/identifiers#uids'
+ type: string
+ kind:
+ description: 'Kind is a string value representing
+ the REST resource this object represents. Servers
+ may infer this from the endpoint the client submits
+ requests to. Cannot be updated. In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
+ type: string
+ message:
+ description: A human-readable description of the
+ status of this operation.
+ type: string
+ metadata:
+ description: ListMeta describes metadata that synthetic
+ resources must have, including lists and various
+ status objects. A resource may have only one of
+ {ObjectMeta, ListMeta}.
+ properties:
+ continue:
+ description: continue may be set if the user
+ set a limit on the number of items returned,
+ and indicates that the server has more data
+ available. The value is opaque and may be
+ used to issue another request to the endpoint
+ that served this list to retrieve the next
+ set of available objects. Continuing a list
+ may not be possible if the server configuration
+ has changed or more than a few minutes have
+ passed. The resourceVersion field returned
+ when using this continue value will be identical
+ to the value in the first response.
+ type: string
+ resourceVersion:
+ description: 'String that identifies the server''s
+ internal version of this object that can be
+ used by clients to determine when objects
+ have changed. Value must be treated as opaque
+ by clients and passed unmodified back to the
+ server. Populated by the system. Read-only.
+ More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency'
+ type: string
+ selfLink:
+ description: selfLink is a URL representing
+ this object. Populated by the system. Read-only.
+ type: string
+ reason:
+ description: A machine-readable description of why
+ this operation is in the "Failure" status. If
+ this value is empty there is no information available.
+ A Reason clarifies an HTTP status code but does
+ not override it.
+ type: string
+ status:
+ description: 'Status of the operation. One of: "Success"
+ or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status'
+ type: string
+ required:
+ - pending
+ labels:
+ description: 'Map of string keys and values that can be
+ used to organize and categorize (scope and select) objects.
+ May match selectors of replication controllers and services.
+ More info: http://kubernetes.io/docs/user-guide/labels'
+ type: object
+ name:
+ description: 'Name must be unique within a namespace. Is
+ required when creating resources, although some resources
+ may allow a client to request the generation of an appropriate
+ name automatically. Name is primarily intended for creation
+ idempotence and configuration definition. Cannot be updated.
+ More info: http://kubernetes.io/docs/user-guide/identifiers#names'
+ type: string
+ namespace:
+ description: |-
+ Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.
+
+ Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces
+ type: string
+ ownerReferences:
+ description: List of objects depended by this object. If
+ ALL objects in the list have been deleted, this object
+ will be garbage collected. If this object is managed by
+ a controller, then an entry in this list will point to
+ this controller, with the controller field set to true.
+ There cannot be more than one managing controller.
+ items:
+ description: OwnerReference contains enough information
+ to let you identify an owning object. Currently, an
+ owning object must be in the same namespace, so there
+ is no namespace field.
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ blockOwnerDeletion:
+ description: If true, AND if the owner has the "foregroundDeletion"
+ finalizer, then the owner cannot be deleted from
+ the key-value store until this reference is removed.
+ Defaults to false. To set this field, a user needs
+ "delete" permission of the owner, otherwise 422
+ (Unprocessable Entity) will be returned.
+ type: boolean
+ controller:
+ description: If true, this reference points to the
+ managing controller.
+ type: boolean
+ kind:
+ description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
+ type: string
+ name:
+ description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names'
+ type: string
+ uid:
+ description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids'
+ type: string
+ required:
+ - apiVersion
+ - kind
+ - name
+ - uid
+ type: array
+ resourceVersion:
+ description: |-
+ An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.
+
+ Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
+ type: string
+ selfLink:
+ description: SelfLink is a URL representing this object.
+ Populated by the system. Read-only.
+ type: string
+ uid:
+ description: |-
+ UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.
+
+ Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids
+ type: string
+ spec:
+ description: PersistentVolumeClaimSpec describes the common
+ attributes of storage devices and allows a Source for provider-specific
+ attributes
+ properties:
+ accessModes:
+ description: 'AccessModes contains the desired access modes
+ the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
+ items:
+ type: string
+ type: array
+ resources:
+ description: ResourceRequirements describes the compute
+ resource requirements.
+ properties:
+ limits:
+ description: 'Limits describes the maximum amount of
+ compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+ type: object
+ requests:
+ description: 'Requests describes the minimum amount
+ of compute resources required. If Requests is omitted
+ for a container, it defaults to Limits if that is
+ explicitly specified, otherwise to an implementation-defined
+ value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+ type: object
+ selector:
+ description: A label selector is a label query over a set
+ of resources. The result of matchLabels and matchExpressions
+ are ANDed. An empty label selector matches all objects.
+ A null label selector matches no objects.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector
+ requirements. The requirements are ANDed.
+ items:
+ description: A label selector requirement is a selector
+ that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the label key that the selector
+ applies to.
+ type: string
+ operator:
+ description: operator represents a key's relationship
+ to a set of values. Valid operators are In,
+ NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string values.
+ If the operator is In or NotIn, the values array
+ must be non-empty. If the operator is Exists
+ or DoesNotExist, the values array must be empty.
+ This array is replaced during a strategic merge
+ patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: array
+ matchLabels:
+ description: matchLabels is a map of {key,value} pairs.
+ A single {key,value} in the matchLabels map is equivalent
+ to an element of matchExpressions, whose key field
+ is "key", the operator is "In", and the values array
+ contains only "value". The requirements are ANDed.
+ type: object
+ storageClassName:
+ description: 'Name of the StorageClass required by the claim.
+ More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
+ type: string
+ volumeMode:
+ description: volumeMode defines what type of volume is required
+ by the claim. Value of Filesystem is implied when not
+ included in claim spec. This is an alpha feature and may
+ change in the future.
+ type: string
+ volumeName:
+ description: VolumeName is the binding reference to the
+ PersistentVolume backing this claim.
+ type: string
+ status:
+ description: PersistentVolumeClaimStatus is the current status
+ of a persistent volume claim.
+ properties:
+ accessModes:
+ description: 'AccessModes contains the actual access modes
+ the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
+ items:
+ type: string
+ type: array
+ capacity:
+ description: Represents the actual resources of the underlying
+ volume.
+ type: object
+ conditions:
+ description: Current Condition of persistent volume claim.
+ If underlying persistent volume is being resized then
+ the Condition will be set to 'ResizeStarted'.
+ items:
+ description: PersistentVolumeClaimCondition contails details
+ about state of pvc
+ properties:
+ lastProbeTime:
+ format: date-time
+ type: string
+ lastTransitionTime:
+ format: date-time
+ type: string
+ message:
+ description: Human-readable message indicating details
+ about last transition.
+ type: string
+ reason:
+ description: Unique, this should be a short, machine
+ understandable string that gives the reason for
+ condition's last transition. If it reports "ResizeStarted"
+ that means the underlying persistent volume is being
+ resized.
+ type: string
+ status:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ - status
+ type: array
+ phase:
+ description: Phase represents the current phase of PersistentVolumeClaim.
+ type: string
+ tolerations:
+ description: If specified, the pod's tolerations.
+ items:
+ description: The pod this Toleration is attached to tolerates any
+ taint that matches the triple <key,value,effect> using the matching
+ operator <operator>.
+ properties:
+ effect:
+ description: Effect indicates the taint effect to match. Empty
+ means match all taint effects. When specified, allowed values
+ are NoSchedule, PreferNoSchedule and NoExecute.
+ type: string
+ key:
+ description: Key is the taint key that the toleration applies
+ to. Empty means match all taint keys. If the key is empty, operator
+ must be Exists; this combination means to match all values and
+ all keys.
+ type: string
+ operator:
+ description: Operator represents a key's relationship to the value.
+ Valid operators are Exists and Equal. Defaults to Equal. Exists
+ is equivalent to wildcard for value, so that a pod can tolerate
+ all taints of a particular category.
+ type: string
+ tolerationSeconds:
+ description: TolerationSeconds represents the period of time the
+ toleration (which must be of effect NoExecute, otherwise this
+ field is ignored) tolerates the taint. By default, it is not
+ set, which means tolerate the taint forever (do not evict).
+ Zero and negative values will be treated as 0 (evict immediately)
+ by the system.
+ format: int64
+ type: integer
+ value:
+ description: Value is the taint value the toleration matches to.
+ If the operator is Exists, the value should be empty, otherwise
+ just a regular string.
+ type: string
+ type: array
+ version:
+ description: Version the cluster should be on.
+ type: string
+ status:
+ description: 'Most recent observed status of the Alertmanager cluster. Read-only.
+ Not included when requesting from the apiserver, only from the Prometheus
+ Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status'
+ properties:
+ availableReplicas:
+ description: Total number of available pods (ready for at least minReadySeconds)
+ targeted by this Alertmanager cluster.
+ format: int32
+ type: integer
+ paused:
+ description: Represents whether any actions on the underlaying managed
+ objects are being performed. Only delete actions will be performed.
+ type: boolean
+ replicas:
+ description: Total number of non-terminated pods targeted by this Alertmanager
+ cluster (their labels match the selector).
+ format: int32
+ type: integer
+ unavailableReplicas:
+ description: Total number of unavailable pods targeted by this Alertmanager
+ cluster.
+ format: int32
+ type: integer
+ updatedReplicas:
+ description: Total number of non-terminated pods targeted by this Alertmanager
+ cluster that have the desired version spec.
+ format: int32
+ type: integer
+ required:
+ - paused
+ - replicas
+ - updatedReplicas
+ - availableReplicas
+ - unavailableReplicas
+ required:
+ - spec
+ version: v1
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: null
diff --git a/manifests/0prometheus-operator-0prometheus-custom-resource-definition.yaml b/manifests/0prometheus-operator-0prometheus-custom-resource-definition.yaml
new file mode 100644
index 00000000..e30f5bb2
--- /dev/null
+++ b/manifests/0prometheus-operator-0prometheus-custom-resource-definition.yaml
@@ -0,0 +1,2688 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+ creationTimestamp: null
+ name: prometheuses.monitoring.coreos.com
+spec:
+ group: monitoring.coreos.com
+ names:
+ kind: Prometheus
+ plural: prometheuses
+ scope: Namespaced
+ validation:
+ openAPIV3Schema:
+ description: Prometheus defines a Prometheus deployment.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
+ type: string
+ spec:
+ description: 'Specification of the desired behavior of the Prometheus cluster.
+ More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status'
+ properties:
+ additionalScrapeConfigs:
+ description: SecretKeySelector selects a key of a Secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid
+ secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ optional:
+ description: Specify whether the Secret or it's key must be defined
+ type: boolean
+ required:
+ - key
+ affinity:
+ description: Affinity is a group of affinity scheduling rules.
+ properties:
+ nodeAffinity:
+ description: Node affinity is a group of node affinity scheduling
+ rules.
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ description: The scheduler will prefer to schedule pods to nodes
+ that satisfy the affinity expressions specified by this field,
+ but it may choose a node that violates one or more of the
+ expressions. The node that is most preferred is the one with
+ the greatest sum of weights, i.e. for each node that meets
+ all of the scheduling requirements (resource request, requiredDuringScheduling
+ affinity expressions, etc.), compute a sum by iterating through
+ the elements of this field and adding "weight" to the sum
+ if the node matches the corresponding matchExpressions; the
+ node(s) with the highest sum are the most preferred.
+ items:
+ description: An empty preferred scheduling term matches all
+ objects with implicit weight 0 (i.e. it's a no-op). A null
+ preferred scheduling term matches no objects (i.e. is also
+ a no-op).
+ properties:
+ preference:
+ description: A null or empty node selector term matches
+ no objects.
+ properties:
+ matchExpressions:
+ description: Required. A list of node selector requirements.
+ The requirements are ANDed.
+ items:
+ description: A node selector requirement is a selector
+ that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: The label key that the selector
+ applies to.
+ type: string
+ operator:
+ description: Represents a key's relationship
+ to a set of values. Valid operators are In,
+ NotIn, Exists, DoesNotExist. Gt, and Lt.
+ type: string
+ values:
+ description: An array of string values. If the
+ operator is In or NotIn, the values array
+ must be non-empty. If the operator is Exists
+ or DoesNotExist, the values array must be
+ empty. If the operator is Gt or Lt, the values
+ array must have a single element, which will
+ be interpreted as an integer. This array is
+ replaced during a strategic merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: array
+ required:
+ - matchExpressions
+ weight:
+ description: Weight associated with matching the corresponding
+ nodeSelectorTerm, in the range 1-100.
+ format: int32
+ type: integer
+ required:
+ - weight
+ - preference
+ type: array
+ requiredDuringSchedulingIgnoredDuringExecution:
+ description: A node selector represents the union of the results
+ of one or more label queries over a set of nodes; that is,
+ it represents the OR of the selectors represented by the node
+ selector terms.
+ properties:
+ nodeSelectorTerms:
+ description: Required. A list of node selector terms. The
+ terms are ORed.
+ items:
+ description: A null or empty node selector term matches
+ no objects.
+ properties:
+ matchExpressions:
+ description: Required. A list of node selector requirements.
+ The requirements are ANDed.
+ items:
+ description: A node selector requirement is a selector
+ that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: The label key that the selector
+ applies to.
+ type: string
+ operator:
+ description: Represents a key's relationship
+ to a set of values. Valid operators are In,
+ NotIn, Exists, DoesNotExist. Gt, and Lt.
+ type: string
+ values:
+ description: An array of string values. If the
+ operator is In or NotIn, the values array
+ must be non-empty. If the operator is Exists
+ or DoesNotExist, the values array must be
+ empty. If the operator is Gt or Lt, the values
+ array must have a single element, which will
+ be interpreted as an integer. This array is
+ replaced during a strategic merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: array
+ required:
+ - matchExpressions
+ type: array
+ required:
+ - nodeSelectorTerms
+ podAffinity:
+ description: Pod affinity is a group of inter pod affinity scheduling
+ rules.
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ description: The scheduler will prefer to schedule pods to nodes
+ that satisfy the affinity expressions specified by this field,
+ but it may choose a node that violates one or more of the
+ expressions. The node that is most preferred is the one with
+ the greatest sum of weights, i.e. for each node that meets
+ all of the scheduling requirements (resource request, requiredDuringScheduling
+ affinity expressions, etc.), compute a sum by iterating through
+ the elements of this field and adding "weight" to the sum
+ if the node has pods which matches the corresponding podAffinityTerm;
+ the node(s) with the highest sum are the most preferred.
+ items:
+ description: The weights of all of the matched WeightedPodAffinityTerm
+ fields are added per-node to find the most preferred node(s)
+ properties:
+ podAffinityTerm:
+ description: Defines a set of pods (namely those matching
+ the labelSelector relative to the given namespace(s))
+ that this pod should be co-located (affinity) or not
+ co-located (anti-affinity) with, where co-located is
+ defined as running on a node whose value of the label
+ with key <topologyKey> matches that of any node on which
+ a pod of the set of pods is running
+ properties:
+ labelSelector:
+ description: A label selector is a label query over
+ a set of resources. The result of matchLabels and
+ matchExpressions are ANDed. An empty label selector
+ matches all objects. A null label selector matches
+ no objects.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label
+ selector requirements. The requirements are
+ ANDed.
+ items:
+ description: A label selector requirement is
+ a selector that contains values, a key, and
+ an operator that relates the key and values.
+ properties:
+ key:
+ description: key is the label key that the
+ selector applies to.
+ type: string
+ operator:
+ description: operator represents a key's
+ relationship to a set of values. Valid
+ operators are In, NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string
+ values. If the operator is In or NotIn,
+ the values array must be non-empty. If
+ the operator is Exists or DoesNotExist,
+ the values array must be empty. This array
+ is replaced during a strategic merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: array
+ matchLabels:
+ description: matchLabels is a map of {key,value}
+ pairs. A single {key,value} in the matchLabels
+ map is equivalent to an element of matchExpressions,
+ whose key field is "key", the operator is "In",
+ and the values array contains only "value".
+ The requirements are ANDed.
+ type: object
+ namespaces:
+ description: namespaces specifies which namespaces
+ the labelSelector applies to (matches against);
+ null or empty list means "this pod's namespace"
+ items:
+ type: string
+ type: array
+ topologyKey:
+ description: This pod should be co-located (affinity)
+ or not co-located (anti-affinity) with the pods
+ matching the labelSelector in the specified namespaces,
+ where co-located is defined as running on a node
+ whose value of the label with key topologyKey matches
+ that of any node on which any of the selected pods
+ is running. Empty topologyKey is not allowed.
+ type: string
+ required:
+ - topologyKey
+ weight:
+ description: weight associated with matching the corresponding
+ podAffinityTerm, in the range 1-100.
+ format: int32
+ type: integer
+ required:
+ - weight
+ - podAffinityTerm
+ type: array
+ requiredDuringSchedulingIgnoredDuringExecution:
+ description: If the affinity requirements specified by this
+ field are not met at scheduling time, the pod will not be
+ scheduled onto the node. If the affinity requirements specified
+ by this field cease to be met at some point during pod execution
+ (e.g. due to a pod label update), the system may or may not
+ try to eventually evict the pod from its node. When there
+ are multiple elements, the lists of nodes corresponding to
+ each podAffinityTerm are intersected, i.e. all terms must
+ be satisfied.
+ items:
+ description: Defines a set of pods (namely those matching
+ the labelSelector relative to the given namespace(s)) that
+ this pod should be co-located (affinity) or not co-located
+ (anti-affinity) with, where co-located is defined as running
+ on a node whose value of the label with key <topologyKey>
+ matches that of any node on which a pod of the set of pods
+ is running
+ properties:
+ labelSelector:
+ description: A label selector is a label query over a
+ set of resources. The result of matchLabels and matchExpressions
+ are ANDed. An empty label selector matches all objects.
+ A null label selector matches no objects.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector
+ requirements. The requirements are ANDed.
+ items:
+ description: A label selector requirement is a selector
+ that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the label key that the selector
+ applies to.
+ type: string
+ operator:
+ description: operator represents a key's relationship
+ to a set of values. Valid operators are In,
+ NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string values.
+ If the operator is In or NotIn, the values
+ array must be non-empty. If the operator is
+ Exists or DoesNotExist, the values array must
+ be empty. This array is replaced during a
+ strategic merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: array
+ matchLabels:
+ description: matchLabels is a map of {key,value} pairs.
+ A single {key,value} in the matchLabels map is equivalent
+ to an element of matchExpressions, whose key field
+ is "key", the operator is "In", and the values array
+ contains only "value". The requirements are ANDed.
+ type: object
+ namespaces:
+ description: namespaces specifies which namespaces the
+ labelSelector applies to (matches against); null or
+ empty list means "this pod's namespace"
+ items:
+ type: string
+ type: array
+ topologyKey:
+ description: This pod should be co-located (affinity)
+ or not co-located (anti-affinity) with the pods matching
+ the labelSelector in the specified namespaces, where
+ co-located is defined as running on a node whose value
+ of the label with key topologyKey matches that of any
+ node on which any of the selected pods is running. Empty
+ topologyKey is not allowed.
+ type: string
+ required:
+ - topologyKey
+ type: array
+ podAntiAffinity:
+ description: Pod anti affinity is a group of inter pod anti affinity
+ scheduling rules.
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ description: The scheduler will prefer to schedule pods to nodes
+ that satisfy the anti-affinity expressions specified by this
+ field, but it may choose a node that violates one or more
+ of the expressions. The node that is most preferred is the
+ one with the greatest sum of weights, i.e. for each node that
+ meets all of the scheduling requirements (resource request,
+ requiredDuringScheduling anti-affinity expressions, etc.),
+ compute a sum by iterating through the elements of this field
+ and adding "weight" to the sum if the node has pods which
+ matches the corresponding podAffinityTerm; the node(s) with
+ the highest sum are the most preferred.
+ items:
+ description: The weights of all of the matched WeightedPodAffinityTerm
+ fields are added per-node to find the most preferred node(s)
+ properties:
+ podAffinityTerm:
+ description: Defines a set of pods (namely those matching
+ the labelSelector relative to the given namespace(s))
+ that this pod should be co-located (affinity) or not
+ co-located (anti-affinity) with, where co-located is
+ defined as running on a node whose value of the label
+ with key <topologyKey> matches that of any node on which
+ a pod of the set of pods is running
+ properties:
+ labelSelector:
+ description: A label selector is a label query over
+ a set of resources. The result of matchLabels and
+ matchExpressions are ANDed. An empty label selector
+ matches all objects. A null label selector matches
+ no objects.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label
+ selector requirements. The requirements are
+ ANDed.
+ items:
+ description: A label selector requirement is
+ a selector that contains values, a key, and
+ an operator that relates the key and values.
+ properties:
+ key:
+ description: key is the label key that the
+ selector applies to.
+ type: string
+ operator:
+ description: operator represents a key's
+ relationship to a set of values. Valid
+ operators are In, NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string
+ values. If the operator is In or NotIn,
+ the values array must be non-empty. If
+ the operator is Exists or DoesNotExist,
+ the values array must be empty. This array
+ is replaced during a strategic merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: array
+ matchLabels:
+ description: matchLabels is a map of {key,value}
+ pairs. A single {key,value} in the matchLabels
+ map is equivalent to an element of matchExpressions,
+ whose key field is "key", the operator is "In",
+ and the values array contains only "value".
+ The requirements are ANDed.
+ type: object
+ namespaces:
+ description: namespaces specifies which namespaces
+ the labelSelector applies to (matches against);
+ null or empty list means "this pod's namespace"
+ items:
+ type: string
+ type: array
+ topologyKey:
+ description: This pod should be co-located (affinity)
+ or not co-located (anti-affinity) with the pods
+ matching the labelSelector in the specified namespaces,
+ where co-located is defined as running on a node
+ whose value of the label with key topologyKey matches
+ that of any node on which any of the selected pods
+ is running. Empty topologyKey is not allowed.
+ type: string
+ required:
+ - topologyKey
+ weight:
+ description: weight associated with matching the corresponding
+ podAffinityTerm, in the range 1-100.
+ format: int32
+ type: integer
+ required:
+ - weight
+ - podAffinityTerm
+ type: array
+ requiredDuringSchedulingIgnoredDuringExecution:
+ description: If the anti-affinity requirements specified by
+ this field are not met at scheduling time, the pod will not
+ be scheduled onto the node. If the anti-affinity requirements
+ specified by this field cease to be met at some point during
+ pod execution (e.g. due to a pod label update), the system
+ may or may not try to eventually evict the pod from its node.
+ When there are multiple elements, the lists of nodes corresponding
+ to each podAffinityTerm are intersected, i.e. all terms must
+ be satisfied.
+ items:
+ description: Defines a set of pods (namely those matching
+ the labelSelector relative to the given namespace(s)) that
+ this pod should be co-located (affinity) or not co-located
+ (anti-affinity) with, where co-located is defined as running
+ on a node whose value of the label with key <topologyKey>
+ matches that of any node on which a pod of the set of pods
+ is running
+ properties:
+ labelSelector:
+ description: A label selector is a label query over a
+ set of resources. The result of matchLabels and matchExpressions
+ are ANDed. An empty label selector matches all objects.
+ A null label selector matches no objects.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector
+ requirements. The requirements are ANDed.
+ items:
+ description: A label selector requirement is a selector
+ that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the label key that the selector
+ applies to.
+ type: string
+ operator:
+ description: operator represents a key's relationship
+ to a set of values. Valid operators are In,
+ NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string values.
+ If the operator is In or NotIn, the values
+ array must be non-empty. If the operator is
+ Exists or DoesNotExist, the values array must
+ be empty. This array is replaced during a
+ strategic merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: array
+ matchLabels:
+ description: matchLabels is a map of {key,value} pairs.
+ A single {key,value} in the matchLabels map is equivalent
+ to an element of matchExpressions, whose key field
+ is "key", the operator is "In", and the values array
+ contains only "value". The requirements are ANDed.
+ type: object
+ namespaces:
+ description: namespaces specifies which namespaces the
+ labelSelector applies to (matches against); null or
+ empty list means "this pod's namespace"
+ items:
+ type: string
+ type: array
+ topologyKey:
+ description: This pod should be co-located (affinity)
+ or not co-located (anti-affinity) with the pods matching
+ the labelSelector in the specified namespaces, where
+ co-located is defined as running on a node whose value
+ of the label with key topologyKey matches that of any
+ node on which any of the selected pods is running. Empty
+ topologyKey is not allowed.
+ type: string
+ required:
+ - topologyKey
+ type: array
+ alerting:
+ description: AlertingSpec defines parameters for alerting configuration
+ of Prometheus servers.
+ properties:
+ alertmanagers:
+ description: AlertmanagerEndpoints Prometheus should fire alerts
+ against.
+ items:
+ description: AlertmanagerEndpoints defines a selection of a single
+ Endpoints object containing alertmanager IPs to fire alerts
+ against.
+ properties:
+ bearerTokenFile:
+ description: BearerTokenFile to read from filesystem to use
+ when authenticating to Alertmanager.
+ type: string
+ name:
+ description: Name of Endpoints object in Namespace.
+ type: string
+ namespace:
+ description: Namespace of Endpoints object.
+ type: string
+ pathPrefix:
+ description: Prefix for the HTTP path alerts are pushed to.
+ type: string
+ port: {}
+ scheme:
+ description: Scheme to use when firing alerts.
+ type: string
+ tlsConfig:
+ description: TLSConfig specifies TLS configuration parameters.
+ properties:
+ caFile:
+ description: The CA cert to use for the targets.
+ type: string
+ certFile:
+ description: The client cert file for the targets.
+ type: string
+ insecureSkipVerify:
+ description: Disable target certificate validation.
+ type: boolean
+ keyFile:
+ description: The client key file for the targets.
+ type: string
+ serverName:
+ description: Used to verify the hostname for the targets.
+ type: string
+ required:
+ - namespace
+ - name
+ - port
+ type: array
+ required:
+ - alertmanagers
+ baseImage:
+ description: Base image to use for a Prometheus deployment.
+ type: string
+ containers:
+ description: Containers allows injecting additional containers. This
+ is meant to allow adding an authentication proxy to a Prometheus pod.
+ items:
+ description: A single application container that you want to run within
+ a pod.
+ properties:
+ args:
+ description: 'Arguments to the entrypoint. The docker image''s
+ CMD is used if this is not provided. Variable references $(VAR_NAME)
+ are expanded using the container''s environment. If a variable
+ cannot be resolved, the reference in the input string will be
+ unchanged. The $(VAR_NAME) syntax can be escaped with a double
+ $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
+ regardless of whether the variable exists or not. Cannot be
+ updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
+ items:
+ type: string
+ type: array
+ command:
+ description: 'Entrypoint array. Not executed within a shell. The
+ docker image''s ENTRYPOINT is used if this is not provided.
+ Variable references $(VAR_NAME) are expanded using the container''s
+ environment. If a variable cannot be resolved, the reference
+ in the input string will be unchanged. The $(VAR_NAME) syntax
+ can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references
+ will never be expanded, regardless of whether the variable exists
+ or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
+ items:
+ type: string
+ type: array
+ env:
+ description: List of environment variables to set in the container.
+ Cannot be updated.
+ items:
+ description: EnvVar represents an environment variable present
+ in a Container.
+ properties:
+ name:
+ description: Name of the environment variable. Must be a
+ C_IDENTIFIER.
+ type: string
+ value:
+ description: 'Variable references $(VAR_NAME) are expanded
+ using the previous defined environment variables in the
+ container and any service environment variables. If a
+ variable cannot be resolved, the reference in the input
+ string will be unchanged. The $(VAR_NAME) syntax can be
+ escaped with a double $$, ie: $$(VAR_NAME). Escaped references
+ will never be expanded, regardless of whether the variable
+ exists or not. Defaults to "".'
+ type: string
+ valueFrom:
+ description: EnvVarSource represents a source for the value
+ of an EnvVar.
+ properties:
+ configMapKeyRef:
+ description: Selects a key from a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or it's
+ key must be defined
+ type: boolean
+ required:
+ - key
+ fieldRef:
+ description: ObjectFieldSelector selects an APIVersioned
+ field of an object.
+ properties:
+ apiVersion:
+ description: Version of the schema the FieldPath
+ is written in terms of, defaults to "v1".
+ type: string
+ fieldPath:
+ description: Path of the field to select in the
+ specified API version.
+ type: string
+ required:
+ - fieldPath
+ resourceFieldRef:
+ description: ResourceFieldSelector represents container
+ resources (cpu, memory) and their output format
+ properties:
+ containerName:
+ description: 'Container name: required for volumes,
+ optional for env vars'
+ type: string
+ divisor: {}
+ resource:
+ description: 'Required: resource to select'
+ type: string
+ required:
+ - resource
+ secretKeyRef:
+ description: SecretKeySelector selects a key of a Secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ optional:
+ description: Specify whether the Secret or it's
+ key must be defined
+ type: boolean
+ required:
+ - key
+ required:
+ - name
+ type: array
+ envFrom:
+ description: List of sources to populate environment variables
+ in the container. The keys defined within a source must be a
+ C_IDENTIFIER. All invalid keys will be reported as an event
+ when the container is starting. When a key exists in multiple
+ sources, the value associated with the last source will take
+ precedence. Values defined by an Env with a duplicate key will
+ take precedence. Cannot be updated.
+ items:
+ description: EnvFromSource represents the source of a set of
+ ConfigMaps
+ properties:
+ configMapRef:
+ description: |-
+ ConfigMapEnvSource selects a ConfigMap to populate the environment variables with.
+
+ The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables.
+ properties:
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ optional:
+ description: Specify whether the ConfigMap must be defined
+ type: boolean
+ prefix:
+ description: An optional identifer to prepend to each key
+ in the ConfigMap. Must be a C_IDENTIFIER.
+ type: string
+ secretRef:
+ description: |-
+ SecretEnvSource selects a Secret to populate the environment variables with.
+
+ The contents of the target Secret's Data field will represent the key-value pairs as environment variables.
+ properties:
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ optional:
+ description: Specify whether the Secret must be defined
+ type: boolean
+ type: array
+ image:
+ description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images
+ This field is optional to allow higher level config management
+ to default or override container images in workload controllers
+ like Deployments and StatefulSets.'
+ type: string
+ imagePullPolicy:
+ description: 'Image pull policy. One of Always, Never, IfNotPresent.
+ Defaults to Always if :latest tag is specified, or IfNotPresent
+ otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
+ type: string
+ lifecycle:
+ description: Lifecycle describes actions that the management system
+ should take in response to container lifecycle events. For the
+ PostStart and PreStop lifecycle handlers, management of the
+ container blocks until the action is complete, unless the container
+ process fails, in which case the handler is aborted.
+ properties:
+ postStart:
+ description: Handler defines a specific action that should
+ be taken
+ properties:
+ exec:
+ description: ExecAction describes a "run in container"
+ action.
+ properties:
+ command:
+ description: Command is the command line to execute
+ inside the container, the working directory for
+ the command is root ('/') in the container's filesystem.
+ The command is simply exec'd, it is not run inside
+ a shell, so traditional shell instructions ('|',
+ etc) won't work. To use a shell, you need to explicitly
+ call out to that shell. Exit status of 0 is treated
+ as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ httpGet:
+ description: HTTPGetAction describes an action based on
+ HTTP Get requests.
+ properties:
+ host:
+ description: Host name to connect to, defaults to
+ the pod IP. You probably want to set "Host" in httpHeaders
+ instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the request.
+ HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom header
+ to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port: {}
+ scheme:
+ description: Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ tcpSocket:
+ description: TCPSocketAction describes an action based
+ on opening a socket
+ properties:
+ host:
+ description: 'Optional: Host name to connect to, defaults
+ to the pod IP.'
+ type: string
+ port: {}
+ required:
+ - port
+ preStop:
+ description: Handler defines a specific action that should
+ be taken
+ properties:
+ exec:
+ description: ExecAction describes a "run in container"
+ action.
+ properties:
+ command:
+ description: Command is the command line to execute
+ inside the container, the working directory for
+ the command is root ('/') in the container's filesystem.
+ The command is simply exec'd, it is not run inside
+ a shell, so traditional shell instructions ('|',
+ etc) won't work. To use a shell, you need to explicitly
+ call out to that shell. Exit status of 0 is treated
+ as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ httpGet:
+ description: HTTPGetAction describes an action based on
+ HTTP Get requests.
+ properties:
+ host:
+ description: Host name to connect to, defaults to
+ the pod IP. You probably want to set "Host" in httpHeaders
+ instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the request.
+ HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom header
+ to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port: {}
+ scheme:
+ description: Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ tcpSocket:
+ description: TCPSocketAction describes an action based
+ on opening a socket
+ properties:
+ host:
+ description: 'Optional: Host name to connect to, defaults
+ to the pod IP.'
+ type: string
+ port: {}
+ required:
+ - port
+ livenessProbe:
+ description: Probe describes a health check to be performed against
+ a container to determine whether it is alive or ready to receive
+ traffic.
+ properties:
+ exec:
+ description: ExecAction describes a "run in container" action.
+ properties:
+ command:
+ description: Command is the command line to execute inside
+ the container, the working directory for the command is
+ root ('/') in the container's filesystem. The command
+ is simply exec'd, it is not run inside a shell, so traditional
+ shell instructions ('|', etc) won't work. To use a shell,
+ you need to explicitly call out to that shell. Exit
+ status of 0 is treated as live/healthy and non-zero
+ is unhealthy.
+ items:
+ type: string
+ type: array
+ failureThreshold:
+ description: Minimum consecutive failures for the probe to
+ be considered failed after having succeeded. Defaults to
+ 3. Minimum value is 1.
+ format: int32
+ type: integer
+ httpGet:
+ description: HTTPGetAction describes an action based on HTTP
+ Get requests.
+ properties:
+ host:
+ description: Host name to connect to, defaults to the
+ pod IP. You probably want to set "Host" in httpHeaders
+ instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the request. HTTP
+ allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom header to
+ be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port: {}
+ scheme:
+ description: Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ initialDelaySeconds:
+ description: 'Number of seconds after the container has started
+ before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ periodSeconds:
+ description: How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: Minimum consecutive successes for the probe to
+ be considered successful after having failed. Defaults to
+ 1. Must be 1 for liveness. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: TCPSocketAction describes an action based on
+ opening a socket
+ properties:
+ host:
+ description: 'Optional: Host name to connect to, defaults
+ to the pod IP.'
+ type: string
+ port: {}
+ required:
+ - port
+ timeoutSeconds:
+ description: 'Number of seconds after which the probe times
+ out. Defaults to 1 second. Minimum value is 1. More info:
+ https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ name:
+ description: Name of the container specified as a DNS_LABEL. Each
+ container in a pod must have a unique name (DNS_LABEL). Cannot
+ be updated.
+ type: string
+ ports:
+ description: List of ports to expose from the container. Exposing
+ a port here gives the system additional information about the
+ network connections a container uses, but is primarily informational.
+ Not specifying a port here DOES NOT prevent that port from being
+ exposed. Any port which is listening on the default "0.0.0.0"
+ address inside a container will be accessible from the network.
+ Cannot be updated.
+ items:
+ description: ContainerPort represents a network port in a single
+ container.
+ properties:
+ containerPort:
+ description: Number of port to expose on the pod's IP address.
+ This must be a valid port number, 0 < x < 65536.
+ format: int32
+ type: integer
+ hostIP:
+ description: What host IP to bind the external port to.
+ type: string
+ hostPort:
+ description: Number of port to expose on the host. If specified,
+ this must be a valid port number, 0 < x < 65536. If HostNetwork
+ is specified, this must match ContainerPort. Most containers
+ do not need this.
+ format: int32
+ type: integer
+ name:
+ description: If specified, this must be an IANA_SVC_NAME
+ and unique within the pod. Each named port in a pod must
+ have a unique name. Name for the port that can be referred
+ to by services.
+ type: string
+ protocol:
+ description: Protocol for port. Must be UDP or TCP. Defaults
+ to "TCP".
+ type: string
+ required:
+ - containerPort
+ type: array
+ readinessProbe:
+ description: Probe describes a health check to be performed against
+ a container to determine whether it is alive or ready to receive
+ traffic.
+ properties:
+ exec:
+ description: ExecAction describes a "run in container" action.
+ properties:
+ command:
+ description: Command is the command line to execute inside
+ the container, the working directory for the command is
+ root ('/') in the container's filesystem. The command
+ is simply exec'd, it is not run inside a shell, so traditional
+ shell instructions ('|', etc) won't work. To use a shell,
+ you need to explicitly call out to that shell. Exit
+ status of 0 is treated as live/healthy and non-zero
+ is unhealthy.
+ items:
+ type: string
+ type: array
+ failureThreshold:
+ description: Minimum consecutive failures for the probe to
+ be considered failed after having succeeded. Defaults to
+ 3. Minimum value is 1.
+ format: int32
+ type: integer
+ httpGet:
+ description: HTTPGetAction describes an action based on HTTP
+ Get requests.
+ properties:
+ host:
+ description: Host name to connect to, defaults to the
+ pod IP. You probably want to set "Host" in httpHeaders
+ instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the request. HTTP
+ allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom header to
+ be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port: {}
+ scheme:
+ description: Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ initialDelaySeconds:
+ description: 'Number of seconds after the container has started
+ before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ periodSeconds:
+ description: How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: Minimum consecutive successes for the probe to
+ be considered successful after having failed. Defaults to
+ 1. Must be 1 for liveness. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: TCPSocketAction describes an action based on
+ opening a socket
+ properties:
+ host:
+ description: 'Optional: Host name to connect to, defaults
+ to the pod IP.'
+ type: string
+ port: {}
+ required:
+ - port
+ timeoutSeconds:
+ description: 'Number of seconds after which the probe times
+ out. Defaults to 1 second. Minimum value is 1. More info:
+ https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ resources:
+ description: ResourceRequirements describes the compute resource
+ requirements.
+ properties:
+ limits:
+ description: 'Limits describes the maximum amount of compute
+ resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+ type: object
+ requests:
+ description: 'Requests describes the minimum amount of compute
+ resources required. If Requests is omitted for a container,
+ it defaults to Limits if that is explicitly specified, otherwise
+ to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+ type: object
+ securityContext:
+ description: SecurityContext holds security configuration that
+ will be applied to a container. Some fields are present in both
+ SecurityContext and PodSecurityContext. When both are set,
+ the values in SecurityContext take precedence.
+ properties:
+ allowPrivilegeEscalation:
+ description: 'AllowPrivilegeEscalation controls whether a
+ process can gain more privileges than its parent process.
+ This bool directly controls if the no_new_privs flag will
+ be set on the container process. AllowPrivilegeEscalation
+ is true always when the container is: 1) run as Privileged
+ 2) has CAP_SYS_ADMIN'
+ type: boolean
+ capabilities:
+ description: Adds and removes POSIX capabilities from running
+ containers.
+ properties:
+ add:
+ description: Added capabilities
+ items:
+ type: string
+ type: array
+ drop:
+ description: Removed capabilities
+ items:
+ type: string
+ type: array
+ privileged:
+ description: Run container in privileged mode. Processes in
+ privileged containers are essentially equivalent to root
+ on the host. Defaults to false.
+ type: boolean
+ readOnlyRootFilesystem:
+ description: Whether this container has a read-only root filesystem.
+ Default is false.
+ type: boolean
+ runAsNonRoot:
+ description: Indicates that the container must run as a non-root
+ user. If true, the Kubelet will validate the image at runtime
+ to ensure that it does not run as UID 0 (root) and fail
+ to start the container if it does. If unset or false, no
+ such validation will be performed. May also be set in PodSecurityContext. If
+ set in both SecurityContext and PodSecurityContext, the
+ value specified in SecurityContext takes precedence.
+ type: boolean
+ runAsUser:
+ description: The UID to run the entrypoint of the container
+ process. Defaults to user specified in image metadata if
+ unspecified. May also be set in PodSecurityContext. If
+ set in both SecurityContext and PodSecurityContext, the
+ value specified in SecurityContext takes precedence.
+ format: int64
+ type: integer
+ seLinuxOptions:
+ description: SELinuxOptions are the labels to be applied to
+ the container
+ properties:
+ level:
+ description: Level is SELinux level label that applies
+ to the container.
+ type: string
+ role:
+ description: Role is a SELinux role label that applies
+ to the container.
+ type: string
+ type:
+ description: Type is a SELinux type label that applies
+ to the container.
+ type: string
+ user:
+ description: User is a SELinux user label that applies
+ to the container.
+ type: string
+ stdin:
+ description: Whether this container should allocate a buffer for
+ stdin in the container runtime. If this is not set, reads from
+ stdin in the container will always result in EOF. Default is
+ false.
+ type: boolean
+ stdinOnce:
+ description: Whether the container runtime should close the stdin
+ channel after it has been opened by a single attach. When stdin
+ is true the stdin stream will remain open across multiple attach
+ sessions. If stdinOnce is set to true, stdin is opened on container
+ start, is empty until the first client attaches to stdin, and
+ then remains open and accepts data until the client disconnects,
+ at which time stdin is closed and remains closed until the container
+ is restarted. If this flag is false, a container processes that
+ reads from stdin will never receive an EOF. Default is false
+ type: boolean
+ terminationMessagePath:
+ description: 'Optional: Path at which the file to which the container''s
+ termination message will be written is mounted into the container''s
+ filesystem. Message written is intended to be brief final status,
+ such as an assertion failure message. Will be truncated by the
+ node if greater than 4096 bytes. The total message length across
+ all containers will be limited to 12kb. Defaults to /dev/termination-log.
+ Cannot be updated.'
+ type: string
+ terminationMessagePolicy:
+ description: Indicate how the termination message should be populated.
+ File will use the contents of terminationMessagePath to populate
+ the container status message on both success and failure. FallbackToLogsOnError
+ will use the last chunk of container log output if the termination
+ message file is empty and the container exited with an error.
+ The log output is limited to 2048 bytes or 80 lines, whichever
+ is smaller. Defaults to File. Cannot be updated.
+ type: string
+ tty:
+ description: Whether this container should allocate a TTY for
+ itself, also requires 'stdin' to be true. Default is false.
+ type: boolean
+ volumeDevices:
+ description: volumeDevices is the list of block devices to be
+ used by the container. This is an alpha feature and may change
+ in the future.
+ items:
+ description: volumeDevice describes a mapping of a raw block
+ device within a container.
+ properties:
+ devicePath:
+ description: devicePath is the path inside of the container
+ that the device will be mapped to.
+ type: string
+ name:
+ description: name must match the name of a persistentVolumeClaim
+ in the pod
+ type: string
+ required:
+ - name
+ - devicePath
+ type: array
+ volumeMounts:
+ description: Pod volumes to mount into the container's filesystem.
+ Cannot be updated.
+ items:
+ description: VolumeMount describes a mounting of a Volume within
+ a container.
+ properties:
+ mountPath:
+ description: Path within the container at which the volume
+ should be mounted. Must not contain ':'.
+ type: string
+ mountPropagation:
+ description: mountPropagation determines how mounts are
+ propagated from the host to container and the other way
+ around. When not set, MountPropagationHostToContainer
+ is used. This field is alpha in 1.8 and can be reworked
+ or removed in a future release.
+ type: string
+ name:
+ description: This must match the Name of a Volume.
+ type: string
+ readOnly:
+ description: Mounted read-only if true, read-write otherwise
+ (false or unspecified). Defaults to false.
+ type: boolean
+ subPath:
+ description: Path within the volume from which the container's
+ volume should be mounted. Defaults to "" (volume's root).
+ type: string
+ required:
+ - name
+ - mountPath
+ type: array
+ workingDir:
+ description: Container's working directory. If not specified,
+ the container runtime's default will be used, which might be
+ configured in the container image. Cannot be updated.
+ type: string
+ required:
+ - name
+ type: array
+ evaluationInterval:
+ description: Interval between consecutive evaluations.
+ type: string
+ externalLabels:
+ description: The labels to add to any time series or alerts when communicating
+ with external systems (federation, remote storage, Alertmanager).
+ type: object
+ externalUrl:
+ description: The external URL the Prometheus instances will be available
+ under. This is necessary to generate correct URLs. This is necessary
+ if Prometheus is not served from root of a DNS name.
+ type: string
+ imagePullSecrets:
+ description: An optional list of references to secrets in the same namespace
+ to use for pulling prometheus and alertmanager images from registries
+ see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod
+ items:
+ description: LocalObjectReference contains enough information to let
+ you locate the referenced object inside the same namespace.
+ properties:
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ type: array
+ listenLocal:
+ description: ListenLocal makes the Prometheus server listen on loopback,
+ so that it does not bind against the Pod IP.
+ type: boolean
+ logLevel:
+ description: Log level for Prometheus to be configured with.
+ type: string
+ nodeSelector:
+ description: Define which Nodes the Pods are scheduled on.
+ type: object
+ paused:
+ description: When a Prometheus deployment is paused, no actions except
+ for deletion will be performed on the underlying objects.
+ type: boolean
+ podMetadata:
+ description: ObjectMeta is metadata that all persisted resources must
+ have, which includes all objects users must create.
+ properties:
+ annotations:
+ description: 'Annotations is an unstructured key value map stored
+ with a resource that may be set by external tools to store and
+ retrieve arbitrary metadata. They are not queryable and should
+ be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations'
+ type: object
+ clusterName:
+ description: The name of the cluster which the object belongs to.
+ This is used to distinguish resources with same name and namespace
+ in different clusters. This field is not set anywhere right now
+ and apiserver is going to ignore it if set in create or update
+ request.
+ type: string
+ creationTimestamp:
+ format: date-time
+ type: string
+ deletionGracePeriodSeconds:
+ description: Number of seconds allowed for this object to gracefully
+ terminate before it will be removed from the system. Only set
+ when deletionTimestamp is also set. May only be shortened. Read-only.
+ format: int64
+ type: integer
+ deletionTimestamp:
+ format: date-time
+ type: string
+ finalizers:
+ description: Must be empty before the object is deleted from the
+ registry. Each entry is an identifier for the responsible component
+ that will remove the entry from the list. If the deletionTimestamp
+ of the object is non-nil, entries in this list can only be removed.
+ items:
+ type: string
+ type: array
+ generateName:
+ description: |-
+ GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.
+
+ If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).
+
+ Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
+ type: string
+ generation:
+ description: A sequence number representing a specific generation
+ of the desired state. Populated by the system. Read-only.
+ format: int64
+ type: integer
+ initializers:
+ description: Initializers tracks the progress of initialization.
+ properties:
+ pending:
+ description: Pending is a list of initializers that must execute
+ in order before this object is visible. When the last pending
+ initializer is removed, and no failing result is set, the
+ initializers struct will be set to nil and the object is considered
+ as initialized and visible to all clients.
+ items:
+ description: Initializer is information about an initializer
+ that has not yet completed.
+ properties:
+ name:
+ description: name of the process that is responsible for
+ initializing this object.
+ type: string
+ required:
+ - name
+ type: array
+ result:
+ description: Status is a return value for calls that don't return
+ other objects.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of
+ this representation of an object. Servers should convert
+ recognized schemas to the latest internal value, and may
+ reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
+ type: string
+ code:
+ description: Suggested HTTP return code for this status,
+ 0 if not set.
+ format: int32
+ type: integer
+ details:
+ description: StatusDetails is a set of additional properties
+ that MAY be set by the server to provide additional information
+ about a response. The Reason field of a Status object
+ defines what attributes will be set. Clients must ignore
+ fields that do not match the defined type of each attribute,
+ and should assume that any attribute may be empty, invalid,
+ or under defined.
+ properties:
+ causes:
+ description: The Causes array includes more details
+ associated with the StatusReason failure. Not all
+ StatusReasons may provide detailed causes.
+ items:
+ description: StatusCause provides more information
+ about an api.Status failure, including cases when
+ multiple errors are encountered.
+ properties:
+ field:
+ description: |-
+ The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional.
+
+ Examples:
+ "name" - the field "name" on the current resource
+ "items[0].name" - the field "name" on the first array entry in "items"
+ type: string
+ message:
+ description: A human-readable description of the
+ cause of the error. This field may be presented
+ as-is to a reader.
+ type: string
+ reason:
+ description: A machine-readable description of
+ the cause of the error. If this value is empty
+ there is no information available.
+ type: string
+ type: array
+ group:
+ description: The group attribute of the resource associated
+ with the status StatusReason.
+ type: string
+ kind:
+ description: 'The kind attribute of the resource associated
+ with the status StatusReason. On some operations may
+ differ from the requested resource Kind. More info:
+ https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
+ type: string
+ name:
+ description: The name attribute of the resource associated
+ with the status StatusReason (when there is a single
+ name which can be described).
+ type: string
+ retryAfterSeconds:
+ description: If specified, the time in seconds before
+ the operation should be retried. Some errors may indicate
+ the client must take an alternate action - for those
+ errors this field may indicate how long to wait before
+ taking the alternate action.
+ format: int32
+ type: integer
+ uid:
+ description: 'UID of the resource. (when there is a
+ single resource which can be described). More info:
+ http://kubernetes.io/docs/user-guide/identifiers#uids'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST
+ resource this object represents. Servers may infer this
+ from the endpoint the client submits requests to. Cannot
+ be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
+ type: string
+ message:
+ description: A human-readable description of the status
+ of this operation.
+ type: string
+ metadata:
+ description: ListMeta describes metadata that synthetic
+ resources must have, including lists and various status
+ objects. A resource may have only one of {ObjectMeta,
+ ListMeta}.
+ properties:
+ continue:
+ description: continue may be set if the user set a limit
+ on the number of items returned, and indicates that
+ the server has more data available. The value is opaque
+ and may be used to issue another request to the endpoint
+ that served this list to retrieve the next set of
+ available objects. Continuing a list may not be possible
+ if the server configuration has changed or more than
+ a few minutes have passed. The resourceVersion field
+ returned when using this continue value will be identical
+ to the value in the first response.
+ type: string
+ resourceVersion:
+ description: 'String that identifies the server''s internal
+ version of this object that can be used by clients
+ to determine when objects have changed. Value must
+ be treated as opaque by clients and passed unmodified
+ back to the server. Populated by the system. Read-only.
+ More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency'
+ type: string
+ selfLink:
+ description: selfLink is a URL representing this object.
+ Populated by the system. Read-only.
+ type: string
+ reason:
+ description: A machine-readable description of why this
+ operation is in the "Failure" status. If this value is
+ empty there is no information available. A Reason clarifies
+ an HTTP status code but does not override it.
+ type: string
+ status:
+ description: 'Status of the operation. One of: "Success"
+ or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status'
+ type: string
+ required:
+ - pending
+ labels:
+ description: 'Map of string keys and values that can be used to
+ organize and categorize (scope and select) objects. May match
+ selectors of replication controllers and services. More info:
+ http://kubernetes.io/docs/user-guide/labels'
+ type: object
+ name:
+ description: 'Name must be unique within a namespace. Is required
+ when creating resources, although some resources may allow a client
+ to request the generation of an appropriate name automatically.
+ Name is primarily intended for creation idempotence and configuration
+ definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names'
+ type: string
+ namespace:
+ description: |-
+ Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.
+
+ Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces
+ type: string
+ ownerReferences:
+ description: List of objects depended by this object. If ALL objects
+ in the list have been deleted, this object will be garbage collected.
+ If this object is managed by a controller, then an entry in this
+ list will point to this controller, with the controller field
+ set to true. There cannot be more than one managing controller.
+ items:
+ description: OwnerReference contains enough information to let
+ you identify an owning object. Currently, an owning object must
+ be in the same namespace, so there is no namespace field.
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ blockOwnerDeletion:
+ description: If true, AND if the owner has the "foregroundDeletion"
+ finalizer, then the owner cannot be deleted from the key-value
+ store until this reference is removed. Defaults to false.
+ To set this field, a user needs "delete" permission of the
+ owner, otherwise 422 (Unprocessable Entity) will be returned.
+ type: boolean
+ controller:
+ description: If true, this reference points to the managing
+ controller.
+ type: boolean
+ kind:
+ description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
+ type: string
+ name:
+ description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names'
+ type: string
+ uid:
+ description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids'
+ type: string
+ required:
+ - apiVersion
+ - kind
+ - name
+ - uid
+ type: array
+ resourceVersion:
+ description: |-
+ An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.
+
+ Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
+ type: string
+ selfLink:
+ description: SelfLink is a URL representing this object. Populated
+ by the system. Read-only.
+ type: string
+ uid:
+ description: |-
+ UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.
+
+ Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids
+ type: string
+ remoteRead:
+ description: If specified, the remote_read spec. This is an experimental
+ feature, it may change in any upcoming release in a breaking way.
+ items:
+ description: RemoteReadSpec defines the remote_read configuration
+ for prometheus.
+ properties:
+ basicAuth:
+ description: 'BasicAuth allow an endpoint to authenticate over
+ basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints'
+ properties:
+ password:
+ description: SecretKeySelector selects a key of a Secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ optional:
+ description: Specify whether the Secret or it's key must
+ be defined
+ type: boolean
+ required:
+ - key
+ username:
+ description: SecretKeySelector selects a key of a Secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ optional:
+ description: Specify whether the Secret or it's key must
+ be defined
+ type: boolean
+ required:
+ - key
+ bearerToken:
+ description: bearer token for remote read.
+ type: string
+ bearerTokenFile:
+ description: File to read bearer token for remote read.
+ type: string
+ proxyUrl:
+ description: Optional ProxyURL
+ type: string
+ readRecent:
+ description: Whether reads should be made for queries for time
+ ranges that the local storage should have complete data for.
+ type: boolean
+ remoteTimeout:
+ description: Timeout for requests to the remote read endpoint.
+ type: string
+ requiredMatchers:
+ description: An optional list of equality matchers which have
+ to be present in a selector to query the remote read endpoint.
+ type: object
+ tlsConfig:
+ description: TLSConfig specifies TLS configuration parameters.
+ properties:
+ caFile:
+ description: The CA cert to use for the targets.
+ type: string
+ certFile:
+ description: The client cert file for the targets.
+ type: string
+ insecureSkipVerify:
+ description: Disable target certificate validation.
+ type: boolean
+ keyFile:
+ description: The client key file for the targets.
+ type: string
+ serverName:
+ description: Used to verify the hostname for the targets.
+ type: string
+ url:
+ description: The URL of the endpoint to send samples to.
+ type: string
+ required:
+ - url
+ type: array
+ remoteWrite:
+ description: If specified, the remote_write spec. This is an experimental
+ feature, it may change in any upcoming release in a breaking way.
+ items:
+ description: RemoteWriteSpec defines the remote_write configuration
+ for prometheus.
+ properties:
+ basicAuth:
+ description: 'BasicAuth allow an endpoint to authenticate over
+ basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints'
+ properties:
+ password:
+ description: SecretKeySelector selects a key of a Secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ optional:
+ description: Specify whether the Secret or it's key must
+ be defined
+ type: boolean
+ required:
+ - key
+ username:
+ description: SecretKeySelector selects a key of a Secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ optional:
+ description: Specify whether the Secret or it's key must
+ be defined
+ type: boolean
+ required:
+ - key
+ bearerToken:
+ description: File to read bearer token for remote write.
+ type: string
+ bearerTokenFile:
+ description: File to read bearer token for remote write.
+ type: string
+ proxyUrl:
+ description: Optional ProxyURL
+ type: string
+ remoteTimeout:
+ description: Timeout for requests to the remote write endpoint.
+ type: string
+ tlsConfig:
+ description: TLSConfig specifies TLS configuration parameters.
+ properties:
+ caFile:
+ description: The CA cert to use for the targets.
+ type: string
+ certFile:
+ description: The client cert file for the targets.
+ type: string
+ insecureSkipVerify:
+ description: Disable target certificate validation.
+ type: boolean
+ keyFile:
+ description: The client key file for the targets.
+ type: string
+ serverName:
+ description: Used to verify the hostname for the targets.
+ type: string
+ url:
+ description: The URL of the endpoint to send samples to.
+ type: string
+ writeRelabelConfigs:
+ description: The list of remote write relabel configurations.
+ items:
+ description: 'RelabelConfig allows dynamic rewriting of the
+ label set, being applied to samples before ingestion. It defines
+ `<metric_relabel_configs>`-section of Prometheus configuration.
+ More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
+ properties:
+ action:
+ description: Action to perform based on regex matching.
+ Default is 'replace'
+ type: string
+ modulus:
+ description: Modulus to take of the hash of the source label
+ values.
+ format: int64
+ type: integer
+ regex:
+ description: Regular expression against which the extracted
+ value is matched. defailt is '(.*)'
+ type: string
+ replacement:
+ description: Replacement value against which a regex replace
+ is performed if the regular expression matches. Regex
+ capture groups are available. Default is '$1'
+ type: string
+ separator:
+ description: Separator placed between concatenated source
+ label values. default is ';'.
+ type: string
+ sourceLabels:
+ description: The source labels select values from existing
+ labels. Their content is concatenated using the configured
+ separator and matched against the configured regular expression
+ for the replace, keep, and drop actions.
+ items:
+ type: string
+ type: array
+ targetLabel:
+ description: Label to which the resulting value is written
+ in a replace action. It is mandatory for replace actions.
+ Regex capture groups are available.
+ type: string
+ type: array
+ required:
+ - url
+ type: array
+ replicas:
+ description: Number of instances to deploy for a Prometheus deployment.
+ format: int32
+ type: integer
+ resources:
+ description: ResourceRequirements describes the compute resource requirements.
+ properties:
+ limits:
+ description: 'Limits describes the maximum amount of compute resources
+ allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+ type: object
+ requests:
+ description: 'Requests describes the minimum amount of compute resources
+ required. If Requests is omitted for a container, it defaults
+ to Limits if that is explicitly specified, otherwise to an implementation-defined
+ value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+ type: object
+ retention:
+ description: Time duration Prometheus shall retain data for.
+ type: string
+ routePrefix:
+ description: The route prefix Prometheus registers HTTP handlers for.
+ This is useful, if using ExternalURL and a proxy is rewriting HTTP
+ routes of a request, and the actual ExternalURL is still true, but
+ the server serves requests under a different route prefix. For example
+ for use with `kubectl proxy`.
+ type: string
+ ruleSelector:
+ description: A label selector is a label query over a set of resources.
+ The result of matchLabels and matchExpressions are ANDed. An empty
+ label selector matches all objects. A null label selector matches
+ no objects.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: A label selector requirement is a selector that contains
+ values, a key, and an operator that relates the key and values.
+ properties:
+ key:
+ description: key is the label key that the selector applies
+ to.
+ type: string
+ operator:
+ description: operator represents a key's relationship to a
+ set of values. Valid operators are In, NotIn, Exists and
+ DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string values. If the operator
+ is In or NotIn, the values array must be non-empty. If the
+ operator is Exists or DoesNotExist, the values array must
+ be empty. This array is replaced during a strategic merge
+ patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: array
+ matchLabels:
+ description: matchLabels is a map of {key,value} pairs. A single
+ {key,value} in the matchLabels map is equivalent to an element
+ of matchExpressions, whose key field is "key", the operator is
+ "In", and the values array contains only "value". The requirements
+ are ANDed.
+ type: object
+ scrapeInterval:
+ description: Interval between consecutive scrapes.
+ type: string
+ secrets:
+ description: Secrets is a list of Secrets in the same namespace as the
+ Prometheus object, which shall be mounted into the Prometheus Pods.
+ The Secrets are mounted into /etc/prometheus/secrets/<secret-name>.
+ Secrets changes after initial creation of a Prometheus object are
+ not reflected in the running Pods. To change the secrets mounted into
+ the Prometheus Pods, the object must be deleted and recreated with
+ the new list of secrets.
+ items:
+ type: string
+ type: array
+ securityContext:
+ description: PodSecurityContext holds pod-level security attributes
+ and common container settings. Some fields are also present in container.securityContext. Field
+ values of container.securityContext take precedence over field values
+ of PodSecurityContext.
+ properties:
+ fsGroup:
+ description: |-
+ A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:
+
+ 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw----
+
+ If unset, the Kubelet will not modify the ownership and permissions of any volume.
+ format: int64
+ type: integer
+ runAsNonRoot:
+ description: Indicates that the container must run as a non-root
+ user. If true, the Kubelet will validate the image at runtime
+ to ensure that it does not run as UID 0 (root) and fail to start
+ the container if it does. If unset or false, no such validation
+ will be performed. May also be set in SecurityContext. If set
+ in both SecurityContext and PodSecurityContext, the value specified
+ in SecurityContext takes precedence.
+ type: boolean
+ runAsUser:
+ description: The UID to run the entrypoint of the container process.
+ Defaults to user specified in image metadata if unspecified. May
+ also be set in SecurityContext. If set in both SecurityContext
+ and PodSecurityContext, the value specified in SecurityContext
+ takes precedence for that container.
+ format: int64
+ type: integer
+ seLinuxOptions:
+ description: SELinuxOptions are the labels to be applied to the
+ container
+ properties:
+ level:
+ description: Level is SELinux level label that applies to the
+ container.
+ type: string
+ role:
+ description: Role is a SELinux role label that applies to the
+ container.
+ type: string
+ type:
+ description: Type is a SELinux type label that applies to the
+ container.
+ type: string
+ user:
+ description: User is a SELinux user label that applies to the
+ container.
+ type: string
+ supplementalGroups:
+ description: A list of groups applied to the first process run in
+ each container, in addition to the container's primary GID. If
+ unspecified, no groups will be added to any container.
+ items:
+ format: int64
+ type: integer
+ type: array
+ serviceAccountName:
+ description: ServiceAccountName is the name of the ServiceAccount to
+ use to run the Prometheus Pods.
+ type: string
+ serviceMonitorNamespaceSelector:
+ description: A label selector is a label query over a set of resources.
+ The result of matchLabels and matchExpressions are ANDed. An empty
+ label selector matches all objects. A null label selector matches
+ no objects.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: A label selector requirement is a selector that contains
+ values, a key, and an operator that relates the key and values.
+ properties:
+ key:
+ description: key is the label key that the selector applies
+ to.
+ type: string
+ operator:
+ description: operator represents a key's relationship to a
+ set of values. Valid operators are In, NotIn, Exists and
+ DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string values. If the operator
+ is In or NotIn, the values array must be non-empty. If the
+ operator is Exists or DoesNotExist, the values array must
+ be empty. This array is replaced during a strategic merge
+ patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: array
+ matchLabels:
+ description: matchLabels is a map of {key,value} pairs. A single
+ {key,value} in the matchLabels map is equivalent to an element
+ of matchExpressions, whose key field is "key", the operator is
+ "In", and the values array contains only "value". The requirements
+ are ANDed.
+ type: object
+ serviceMonitorSelector:
+ description: A label selector is a label query over a set of resources.
+ The result of matchLabels and matchExpressions are ANDed. An empty
+ label selector matches all objects. A null label selector matches
+ no objects.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: A label selector requirement is a selector that contains
+ values, a key, and an operator that relates the key and values.
+ properties:
+ key:
+ description: key is the label key that the selector applies
+ to.
+ type: string
+ operator:
+ description: operator represents a key's relationship to a
+ set of values. Valid operators are In, NotIn, Exists and
+ DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string values. If the operator
+ is In or NotIn, the values array must be non-empty. If the
+ operator is Exists or DoesNotExist, the values array must
+ be empty. This array is replaced during a strategic merge
+ patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: array
+ matchLabels:
+ description: matchLabels is a map of {key,value} pairs. A single
+ {key,value} in the matchLabels map is equivalent to an element
+ of matchExpressions, whose key field is "key", the operator is
+ "In", and the values array contains only "value". The requirements
+ are ANDed.
+ type: object
+ storage:
+ description: StorageSpec defines the configured storage for a group
+ Prometheus servers.
+ properties:
+ class:
+ description: 'Name of the StorageClass to use when requesting storage
+ provisioning. More info: https://kubernetes.io/docs/user-guide/persistent-volumes/#storageclasses
+ DEPRECATED'
+ type: string
+ emptyDir:
+ description: Represents an empty directory for a pod. Empty directory
+ volumes support ownership management and SELinux relabeling.
+ properties:
+ medium:
+ description: 'What type of storage medium should back this directory.
+ The default is "" which means to use the node''s default medium.
+ Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+ type: string
+ sizeLimit: {}
+ resources:
+ description: ResourceRequirements describes the compute resource
+ requirements.
+ properties:
+ limits:
+ description: 'Limits describes the maximum amount of compute
+ resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+ type: object
+ requests:
+ description: 'Requests describes the minimum amount of compute
+ resources required. If Requests is omitted for a container,
+ it defaults to Limits if that is explicitly specified, otherwise
+ to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+ type: object
+ selector:
+ description: A label selector is a label query over a set of resources.
+ The result of matchLabels and matchExpressions are ANDed. An empty
+ label selector matches all objects. A null label selector matches
+ no objects.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: A label selector requirement is a selector that
+ contains values, a key, and an operator that relates the
+ key and values.
+ properties:
+ key:
+ description: key is the label key that the selector applies
+ to.
+ type: string
+ operator:
+ description: operator represents a key's relationship
+ to a set of values. Valid operators are In, NotIn, Exists
+ and DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string values. If the
+ operator is In or NotIn, the values array must be non-empty.
+ If the operator is Exists or DoesNotExist, the values
+ array must be empty. This array is replaced during a
+ strategic merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: array
+ matchLabels:
+ description: matchLabels is a map of {key,value} pairs. A single
+ {key,value} in the matchLabels map is equivalent to an element
+ of matchExpressions, whose key field is "key", the operator
+ is "In", and the values array contains only "value". The requirements
+ are ANDed.
+ type: object
+ volumeClaimTemplate:
+ description: PersistentVolumeClaim is a user's request for and claim
+ to a persistent volume
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this
+ representation of an object. Servers should convert recognized
+ schemas to the latest internal value, and may reject unrecognized
+ values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource
+ this object represents. Servers may infer this from the endpoint
+ the client submits requests to. Cannot be updated. In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ description: ObjectMeta is metadata that all persisted resources
+ must have, which includes all objects users must create.
+ properties:
+ annotations:
+ description: 'Annotations is an unstructured key value map
+ stored with a resource that may be set by external tools
+ to store and retrieve arbitrary metadata. They are not
+ queryable and should be preserved when modifying objects.
+ More info: http://kubernetes.io/docs/user-guide/annotations'
+ type: object
+ clusterName:
+ description: The name of the cluster which the object belongs
+ to. This is used to distinguish resources with same name
+ and namespace in different clusters. This field is not
+ set anywhere right now and apiserver is going to ignore
+ it if set in create or update request.
+ type: string
+ creationTimestamp:
+ format: date-time
+ type: string
+ deletionGracePeriodSeconds:
+ description: Number of seconds allowed for this object to
+ gracefully terminate before it will be removed from the
+ system. Only set when deletionTimestamp is also set. May
+ only be shortened. Read-only.
+ format: int64
+ type: integer
+ deletionTimestamp:
+ format: date-time
+ type: string
+ finalizers:
+ description: Must be empty before the object is deleted
+ from the registry. Each entry is an identifier for the
+ responsible component that will remove the entry from
+ the list. If the deletionTimestamp of the object is non-nil,
+ entries in this list can only be removed.
+ items:
+ type: string
+ type: array
+ generateName:
+ description: |-
+ GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.
+
+ If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).
+
+ Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
+ type: string
+ generation:
+ description: A sequence number representing a specific generation
+ of the desired state. Populated by the system. Read-only.
+ format: int64
+ type: integer
+ initializers:
+ description: Initializers tracks the progress of initialization.
+ properties:
+ pending:
+ description: Pending is a list of initializers that
+ must execute in order before this object is visible.
+ When the last pending initializer is removed, and
+ no failing result is set, the initializers struct
+ will be set to nil and the object is considered as
+ initialized and visible to all clients.
+ items:
+ description: Initializer is information about an initializer
+ that has not yet completed.
+ properties:
+ name:
+ description: name of the process that is responsible
+ for initializing this object.
+ type: string
+ required:
+ - name
+ type: array
+ result:
+ description: Status is a return value for calls that
+ don't return other objects.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema
+ of this representation of an object. Servers should
+ convert recognized schemas to the latest internal
+ value, and may reject unrecognized values. More
+ info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
+ type: string
+ code:
+ description: Suggested HTTP return code for this
+ status, 0 if not set.
+ format: int32
+ type: integer
+ details:
+ description: StatusDetails is a set of additional
+ properties that MAY be set by the server to provide
+ additional information about a response. The Reason
+ field of a Status object defines what attributes
+ will be set. Clients must ignore fields that do
+ not match the defined type of each attribute,
+ and should assume that any attribute may be empty,
+ invalid, or under defined.
+ properties:
+ causes:
+ description: The Causes array includes more
+ details associated with the StatusReason failure.
+ Not all StatusReasons may provide detailed
+ causes.
+ items:
+ description: StatusCause provides more information
+ about an api.Status failure, including cases
+ when multiple errors are encountered.
+ properties:
+ field:
+ description: |-
+ The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional.
+
+ Examples:
+ "name" - the field "name" on the current resource
+ "items[0].name" - the field "name" on the first array entry in "items"
+ type: string
+ message:
+ description: A human-readable description
+ of the cause of the error. This field
+ may be presented as-is to a reader.
+ type: string
+ reason:
+ description: A machine-readable description
+ of the cause of the error. If this value
+ is empty there is no information available.
+ type: string
+ type: array
+ group:
+ description: The group attribute of the resource
+ associated with the status StatusReason.
+ type: string
+ kind:
+ description: 'The kind attribute of the resource
+ associated with the status StatusReason. On
+ some operations may differ from the requested
+ resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
+ type: string
+ name:
+ description: The name attribute of the resource
+ associated with the status StatusReason (when
+ there is a single name which can be described).
+ type: string
+ retryAfterSeconds:
+ description: If specified, the time in seconds
+ before the operation should be retried. Some
+ errors may indicate the client must take an
+ alternate action - for those errors this field
+ may indicate how long to wait before taking
+ the alternate action.
+ format: int32
+ type: integer
+ uid:
+ description: 'UID of the resource. (when there
+ is a single resource which can be described).
+ More info: http://kubernetes.io/docs/user-guide/identifiers#uids'
+ type: string
+ kind:
+ description: 'Kind is a string value representing
+ the REST resource this object represents. Servers
+ may infer this from the endpoint the client submits
+ requests to. Cannot be updated. In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
+ type: string
+ message:
+ description: A human-readable description of the
+ status of this operation.
+ type: string
+ metadata:
+ description: ListMeta describes metadata that synthetic
+ resources must have, including lists and various
+ status objects. A resource may have only one of
+ {ObjectMeta, ListMeta}.
+ properties:
+ continue:
+ description: continue may be set if the user
+ set a limit on the number of items returned,
+ and indicates that the server has more data
+ available. The value is opaque and may be
+ used to issue another request to the endpoint
+ that served this list to retrieve the next
+ set of available objects. Continuing a list
+ may not be possible if the server configuration
+ has changed or more than a few minutes have
+ passed. The resourceVersion field returned
+ when using this continue value will be identical
+ to the value in the first response.
+ type: string
+ resourceVersion:
+ description: 'String that identifies the server''s
+ internal version of this object that can be
+ used by clients to determine when objects
+ have changed. Value must be treated as opaque
+ by clients and passed unmodified back to the
+ server. Populated by the system. Read-only.
+ More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency'
+ type: string
+ selfLink:
+ description: selfLink is a URL representing
+ this object. Populated by the system. Read-only.
+ type: string
+ reason:
+ description: A machine-readable description of why
+ this operation is in the "Failure" status. If
+ this value is empty there is no information available.
+ A Reason clarifies an HTTP status code but does
+ not override it.
+ type: string
+ status:
+ description: 'Status of the operation. One of: "Success"
+ or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status'
+ type: string
+ required:
+ - pending
+ labels:
+ description: 'Map of string keys and values that can be
+ used to organize and categorize (scope and select) objects.
+ May match selectors of replication controllers and services.
+ More info: http://kubernetes.io/docs/user-guide/labels'
+ type: object
+ name:
+ description: 'Name must be unique within a namespace. Is
+ required when creating resources, although some resources
+ may allow a client to request the generation of an appropriate
+ name automatically. Name is primarily intended for creation
+ idempotence and configuration definition. Cannot be updated.
+ More info: http://kubernetes.io/docs/user-guide/identifiers#names'
+ type: string
+ namespace:
+ description: |-
+ Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.
+
+ Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces
+ type: string
+ ownerReferences:
+ description: List of objects depended by this object. If
+ ALL objects in the list have been deleted, this object
+ will be garbage collected. If this object is managed by
+ a controller, then an entry in this list will point to
+ this controller, with the controller field set to true.
+ There cannot be more than one managing controller.
+ items:
+ description: OwnerReference contains enough information
+ to let you identify an owning object. Currently, an
+ owning object must be in the same namespace, so there
+ is no namespace field.
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ blockOwnerDeletion:
+ description: If true, AND if the owner has the "foregroundDeletion"
+ finalizer, then the owner cannot be deleted from
+ the key-value store until this reference is removed.
+ Defaults to false. To set this field, a user needs
+ "delete" permission of the owner, otherwise 422
+ (Unprocessable Entity) will be returned.
+ type: boolean
+ controller:
+ description: If true, this reference points to the
+ managing controller.
+ type: boolean
+ kind:
+ description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
+ type: string
+ name:
+ description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names'
+ type: string
+ uid:
+ description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids'
+ type: string
+ required:
+ - apiVersion
+ - kind
+ - name
+ - uid
+ type: array
+ resourceVersion:
+ description: |-
+ An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.
+
+ Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
+ type: string
+ selfLink:
+ description: SelfLink is a URL representing this object.
+ Populated by the system. Read-only.
+ type: string
+ uid:
+ description: |-
+ UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.
+
+ Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids
+ type: string
+ spec:
+ description: PersistentVolumeClaimSpec describes the common
+ attributes of storage devices and allows a Source for provider-specific
+ attributes
+ properties:
+ accessModes:
+ description: 'AccessModes contains the desired access modes
+ the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
+ items:
+ type: string
+ type: array
+ resources:
+ description: ResourceRequirements describes the compute
+ resource requirements.
+ properties:
+ limits:
+ description: 'Limits describes the maximum amount of
+ compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+ type: object
+ requests:
+ description: 'Requests describes the minimum amount
+ of compute resources required. If Requests is omitted
+ for a container, it defaults to Limits if that is
+ explicitly specified, otherwise to an implementation-defined
+ value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+ type: object
+ selector:
+ description: A label selector is a label query over a set
+ of resources. The result of matchLabels and matchExpressions
+ are ANDed. An empty label selector matches all objects.
+ A null label selector matches no objects.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector
+ requirements. The requirements are ANDed.
+ items:
+ description: A label selector requirement is a selector
+ that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the label key that the selector
+ applies to.
+ type: string
+ operator:
+ description: operator represents a key's relationship
+ to a set of values. Valid operators are In,
+ NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string values.
+ If the operator is In or NotIn, the values array
+ must be non-empty. If the operator is Exists
+ or DoesNotExist, the values array must be empty.
+ This array is replaced during a strategic merge
+ patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: array
+ matchLabels:
+ description: matchLabels is a map of {key,value} pairs.
+ A single {key,value} in the matchLabels map is equivalent
+ to an element of matchExpressions, whose key field
+ is "key", the operator is "In", and the values array
+ contains only "value". The requirements are ANDed.
+ type: object
+ storageClassName:
+ description: 'Name of the StorageClass required by the claim.
+ More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
+ type: string
+ volumeMode:
+ description: volumeMode defines what type of volume is required
+ by the claim. Value of Filesystem is implied when not
+ included in claim spec. This is an alpha feature and may
+ change in the future.
+ type: string
+ volumeName:
+ description: VolumeName is the binding reference to the
+ PersistentVolume backing this claim.
+ type: string
+ status:
+ description: PersistentVolumeClaimStatus is the current status
+ of a persistent volume claim.
+ properties:
+ accessModes:
+ description: 'AccessModes contains the actual access modes
+ the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
+ items:
+ type: string
+ type: array
+ capacity:
+ description: Represents the actual resources of the underlying
+ volume.
+ type: object
+ conditions:
+ description: Current Condition of persistent volume claim.
+ If underlying persistent volume is being resized then
+ the Condition will be set to 'ResizeStarted'.
+ items:
+ description: PersistentVolumeClaimCondition contails details
+ about state of pvc
+ properties:
+ lastProbeTime:
+ format: date-time
+ type: string
+ lastTransitionTime:
+ format: date-time
+ type: string
+ message:
+ description: Human-readable message indicating details
+ about last transition.
+ type: string
+ reason:
+ description: Unique, this should be a short, machine
+ understandable string that gives the reason for
+ condition's last transition. If it reports "ResizeStarted"
+ that means the underlying persistent volume is being
+ resized.
+ type: string
+ status:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ - status
+ type: array
+ phase:
+ description: Phase represents the current phase of PersistentVolumeClaim.
+ type: string
+ tolerations:
+ description: If specified, the pod's tolerations.
+ items:
+ description: The pod this Toleration is attached to tolerates any
+ taint that matches the triple <key,value,effect> using the matching
+ operator <operator>.
+ properties:
+ effect:
+ description: Effect indicates the taint effect to match. Empty
+ means match all taint effects. When specified, allowed values
+ are NoSchedule, PreferNoSchedule and NoExecute.
+ type: string
+ key:
+ description: Key is the taint key that the toleration applies
+ to. Empty means match all taint keys. If the key is empty, operator
+ must be Exists; this combination means to match all values and
+ all keys.
+ type: string
+ operator:
+ description: Operator represents a key's relationship to the value.
+ Valid operators are Exists and Equal. Defaults to Equal. Exists
+ is equivalent to wildcard for value, so that a pod can tolerate
+ all taints of a particular category.
+ type: string
+ tolerationSeconds:
+ description: TolerationSeconds represents the period of time the
+ toleration (which must be of effect NoExecute, otherwise this
+ field is ignored) tolerates the taint. By default, it is not
+ set, which means tolerate the taint forever (do not evict).
+ Zero and negative values will be treated as 0 (evict immediately)
+ by the system.
+ format: int64
+ type: integer
+ value:
+ description: Value is the taint value the toleration matches to.
+ If the operator is Exists, the value should be empty, otherwise
+ just a regular string.
+ type: string
+ type: array
+ version:
+ description: Version of Prometheus to be deployed.
+ type: string
+ status:
+ description: 'Most recent observed status of the Prometheus cluster. Read-only.
+ Not included when requesting from the apiserver, only from the Prometheus
+ Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status'
+ properties:
+ availableReplicas:
+ description: Total number of available pods (ready for at least minReadySeconds)
+ targeted by this Prometheus deployment.
+ format: int32
+ type: integer
+ paused:
+ description: Represents whether any actions on the underlaying managed
+ objects are being performed. Only delete actions will be performed.
+ type: boolean
+ replicas:
+ description: Total number of non-terminated pods targeted by this Prometheus
+ deployment (their labels match the selector).
+ format: int32
+ type: integer
+ unavailableReplicas:
+ description: Total number of unavailable pods targeted by this Prometheus
+ deployment.
+ format: int32
+ type: integer
+ updatedReplicas:
+ description: Total number of non-terminated pods targeted by this Prometheus
+ deployment that have the desired version spec.
+ format: int32
+ type: integer
+ required:
+ - paused
+ - replicas
+ - updatedReplicas
+ - availableReplicas
+ - unavailableReplicas
+ required:
+ - spec
+ version: v1
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: null
diff --git a/manifests/0prometheus-operator-0servicemonitor-custom-resource-definition.yaml b/manifests/0prometheus-operator-0servicemonitor-custom-resource-definition.yaml
new file mode 100644
index 00000000..6573b146
--- /dev/null
+++ b/manifests/0prometheus-operator-0servicemonitor-custom-resource-definition.yaml
@@ -0,0 +1,236 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+ creationTimestamp: null
+ name: servicemonitors.monitoring.coreos.com
+spec:
+ group: monitoring.coreos.com
+ names:
+ kind: ServiceMonitor
+ plural: servicemonitors
+ scope: Namespaced
+ validation:
+ openAPIV3Schema:
+ description: ServiceMonitor defines monitoring for a set of services.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
+ type: string
+ spec:
+ description: ServiceMonitorSpec contains specification parameters for a
+ ServiceMonitor.
+ properties:
+ endpoints:
+ description: A list of endpoints allowed as part of this ServiceMonitor.
+ items:
+ description: Endpoint defines a scrapeable endpoint serving Prometheus
+ metrics.
+ properties:
+ basicAuth:
+ description: 'BasicAuth allow an endpoint to authenticate over
+ basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints'
+ properties:
+ password:
+ description: SecretKeySelector selects a key of a Secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ optional:
+ description: Specify whether the Secret or it's key must
+ be defined
+ type: boolean
+ required:
+ - key
+ username:
+ description: SecretKeySelector selects a key of a Secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ optional:
+ description: Specify whether the Secret or it's key must
+ be defined
+ type: boolean
+ required:
+ - key
+ bearerTokenFile:
+ description: File to read bearer token for scraping targets.
+ type: string
+ honorLabels:
+ description: HonorLabels chooses the metric's labels on collisions
+ with target labels.
+ type: boolean
+ interval:
+ description: Interval at which metrics should be scraped
+ type: string
+ metricRelabelings:
+ description: MetricRelabelConfigs to apply to samples before ingestion.
+ items:
+ description: 'RelabelConfig allows dynamic rewriting of the
+ label set, being applied to samples before ingestion. It defines
+ `<metric_relabel_configs>`-section of Prometheus configuration.
+ More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
+ properties:
+ action:
+ description: Action to perform based on regex matching.
+ Default is 'replace'
+ type: string
+ modulus:
+ description: Modulus to take of the hash of the source label
+ values.
+ format: int64
+ type: integer
+ regex:
+ description: Regular expression against which the extracted
+ value is matched. defailt is '(.*)'
+ type: string
+ replacement:
+ description: Replacement value against which a regex replace
+ is performed if the regular expression matches. Regex
+ capture groups are available. Default is '$1'
+ type: string
+ separator:
+ description: Separator placed between concatenated source
+ label values. default is ';'.
+ type: string
+ sourceLabels:
+ description: The source labels select values from existing
+ labels. Their content is concatenated using the configured
+ separator and matched against the configured regular expression
+ for the replace, keep, and drop actions.
+ items:
+ type: string
+ type: array
+ targetLabel:
+ description: Label to which the resulting value is written
+ in a replace action. It is mandatory for replace actions.
+ Regex capture groups are available.
+ type: string
+ type: array
+ params:
+ description: Optional HTTP URL parameters
+ type: object
+ path:
+ description: HTTP path to scrape for metrics.
+ type: string
+ port:
+ description: Name of the service port this endpoint refers to.
+ Mutually exclusive with targetPort.
+ type: string
+ scheme:
+ description: HTTP scheme to use for scraping.
+ type: string
+ scrapeTimeout:
+ description: Timeout after which the scrape is ended
+ type: string
+ targetPort: {}
+ tlsConfig:
+ description: TLSConfig specifies TLS configuration parameters.
+ properties:
+ caFile:
+ description: The CA cert to use for the targets.
+ type: string
+ certFile:
+ description: The client cert file for the targets.
+ type: string
+ insecureSkipVerify:
+ description: Disable target certificate validation.
+ type: boolean
+ keyFile:
+ description: The client key file for the targets.
+ type: string
+ serverName:
+ description: Used to verify the hostname for the targets.
+ type: string
+ type: array
+ jobLabel:
+ description: The label to use to retrieve the job name from.
+ type: string
+ namespaceSelector:
+ description: A selector for selecting namespaces either selecting all
+ namespaces or a list of namespaces.
+ properties:
+ any:
+ description: Boolean describing whether all namespaces are selected
+ in contrast to a list restricting them.
+ type: boolean
+ matchNames:
+ description: List of namespace names.
+ items:
+ type: string
+ type: array
+ selector:
+ description: A label selector is a label query over a set of resources.
+ The result of matchLabels and matchExpressions are ANDed. An empty
+ label selector matches all objects. A null label selector matches
+ no objects.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: A label selector requirement is a selector that contains
+ values, a key, and an operator that relates the key and values.
+ properties:
+ key:
+ description: key is the label key that the selector applies
+ to.
+ type: string
+ operator:
+ description: operator represents a key's relationship to a
+ set of values. Valid operators are In, NotIn, Exists and
+ DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string values. If the operator
+ is In or NotIn, the values array must be non-empty. If the
+ operator is Exists or DoesNotExist, the values array must
+ be empty. This array is replaced during a strategic merge
+ patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: array
+ matchLabels:
+ description: matchLabels is a map of {key,value} pairs. A single
+ {key,value} in the matchLabels map is equivalent to an element
+ of matchExpressions, whose key field is "key", the operator is
+ "In", and the values array contains only "value". The requirements
+ are ANDed.
+ type: object
+ targetLabels:
+ description: TargetLabels transfers labels on the Kubernetes Service
+ onto the target.
+ items:
+ type: string
+ type: array
+ required:
+ - endpoints
+ - selector
+ required:
+ - spec
+ version: v1
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: null
diff --git a/manifests/prometheus-operator/prometheus-operator-cluster-role-binding.yaml b/manifests/0prometheus-operator-cluster-role-binding.yaml
similarity index 100%
rename from manifests/prometheus-operator/prometheus-operator-cluster-role-binding.yaml
rename to manifests/0prometheus-operator-cluster-role-binding.yaml
diff --git a/manifests/prometheus-operator/prometheus-operator-cluster-role.yaml b/manifests/0prometheus-operator-cluster-role.yaml
similarity index 100%
rename from manifests/prometheus-operator/prometheus-operator-cluster-role.yaml
rename to manifests/0prometheus-operator-cluster-role.yaml
diff --git a/manifests/prometheus-operator/prometheus-operator-deployment.yaml b/manifests/0prometheus-operator-deployment.yaml
similarity index 94%
rename from manifests/prometheus-operator/prometheus-operator-deployment.yaml
rename to manifests/0prometheus-operator-deployment.yaml
index ac744b2a..b965ec1c 100644
--- a/manifests/prometheus-operator/prometheus-operator-deployment.yaml
+++ b/manifests/0prometheus-operator-deployment.yaml
@@ -31,6 +31,8 @@ spec:
requests:
cpu: 100m
memory: 50Mi
+ nodeSelector:
+ beta.kubernetes.io/os: linux
securityContext:
runAsNonRoot: true
runAsUser: 65534
diff --git a/manifests/prometheus-operator/prometheus-operator-service-account.yaml b/manifests/0prometheus-operator-service-account.yaml
similarity index 100%
rename from manifests/prometheus-operator/prometheus-operator-service-account.yaml
rename to manifests/0prometheus-operator-service-account.yaml
diff --git a/manifests/prometheus-operator/prometheus-operator-service.yaml b/manifests/0prometheus-operator-service.yaml
similarity index 76%
rename from manifests/prometheus-operator/prometheus-operator-service.yaml
rename to manifests/0prometheus-operator-service.yaml
index 8a825387..5231b337 100644
--- a/manifests/prometheus-operator/prometheus-operator-service.yaml
+++ b/manifests/0prometheus-operator-service.yaml
@@ -1,9 +1,12 @@
apiVersion: v1
kind: Service
metadata:
+ labels:
+ k8s-app: prometheus-operator
name: prometheus-operator
namespace: monitoring
spec:
+ clusterIP: None
ports:
- name: http
port: 8080
diff --git a/manifests/alertmanager-main/alertmanager-main.yaml b/manifests/alertmanager-alertmanager.yaml
similarity index 69%
rename from manifests/alertmanager-main/alertmanager-main.yaml
rename to manifests/alertmanager-alertmanager.yaml
index 84e72ec5..2a8daa8d 100644
--- a/manifests/alertmanager-main/alertmanager-main.yaml
+++ b/manifests/alertmanager-alertmanager.yaml
@@ -6,6 +6,9 @@ metadata:
name: main
namespace: monitoring
spec:
+ baseImage: quay.io/prometheus/alertmanager
+ nodeSelector:
+ beta.kubernetes.io/os: linux
replicas: 3
serviceAccountName: alertmanager-main
version: v0.14.0
diff --git a/manifests/alertmanager-main/alertmanager-main-secret.yaml b/manifests/alertmanager-main/alertmanager-main-secret.yaml
deleted file mode 100644
index 4a143fbb..00000000
--- a/manifests/alertmanager-main/alertmanager-main-secret.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
-apiVersion: v1
-data:
- alertmanager.yaml: Z2xvYmFsOgogIHJlc29sdmVfdGltZW91dDogNW0Kcm91dGU6CiAgZ3JvdXBfYnk6IFsnam9iJ10KICBncm91cF93YWl0OiAzMHMKICBncm91cF9pbnRlcnZhbDogNW0KICByZXBlYXRfaW50ZXJ2YWw6IDEyaAogIHJlY2VpdmVyOiAnbnVsbCcKICByb3V0ZXM6CiAgLSBtYXRjaDoKICAgICAgYWxlcnRuYW1lOiBEZWFkTWFuc1N3aXRjaAogICAgcmVjZWl2ZXI6ICdudWxsJwpyZWNlaXZlcnM6Ci0gbmFtZTogJ251bGwnCg==
-kind: Secret
-metadata:
- name: alertmanager-main
- namespace: monitoring
-type: Opaque
diff --git a/manifests/alertmanager-secret.yaml b/manifests/alertmanager-secret.yaml
new file mode 100644
index 00000000..07155d97
--- /dev/null
+++ b/manifests/alertmanager-secret.yaml
@@ -0,0 +1,8 @@
+apiVersion: v1
+data:
+ alertmanager.yaml: Cmdsb2JhbDoKICByZXNvbHZlX3RpbWVvdXQ6IDVtCnJvdXRlOgogIGdyb3VwX2J5OiBbJ2pvYiddCiAgZ3JvdXBfd2FpdDogMzBzCiAgZ3JvdXBfaW50ZXJ2YWw6IDVtCiAgcmVwZWF0X2ludGVydmFsOiAxMmgKICByZWNlaXZlcjogJ251bGwnCiAgcm91dGVzOgogIC0gbWF0Y2g6CiAgICAgIGFsZXJ0bmFtZTogRGVhZE1hbnNTd2l0Y2gKICAgIHJlY2VpdmVyOiAnbnVsbCcKcmVjZWl2ZXJzOgotIG5hbWU6ICdudWxsJwo=
+kind: Secret
+metadata:
+ name: alertmanager-main
+ namespace: monitoring
+type: Opaque
diff --git a/manifests/alertmanager-main/alertmanager-main-service-account.yaml b/manifests/alertmanager-service-account.yaml
similarity index 100%
rename from manifests/alertmanager-main/alertmanager-main-service-account.yaml
rename to manifests/alertmanager-service-account.yaml
diff --git a/manifests/alertmanager-main/alertmanager-main-service-monitor.yaml b/manifests/alertmanager-service-monitor.yaml
similarity index 100%
rename from manifests/alertmanager-main/alertmanager-main-service-monitor.yaml
rename to manifests/alertmanager-service-monitor.yaml
diff --git a/manifests/alertmanager-main/alertmanager-main-service.yaml b/manifests/alertmanager-service.yaml
similarity index 100%
rename from manifests/alertmanager-main/alertmanager-main-service.yaml
rename to manifests/alertmanager-service.yaml
diff --git a/manifests/grafana/grafana-datasources.yaml b/manifests/grafana-dashboard-datasources.yaml
similarity index 100%
rename from manifests/grafana/grafana-datasources.yaml
rename to manifests/grafana-dashboard-datasources.yaml
diff --git a/manifests/grafana/grafana-dashboard-definitions.yaml b/manifests/grafana-dashboard-definitions.yaml
similarity index 54%
rename from manifests/grafana/grafana-dashboard-definitions.yaml
rename to manifests/grafana-dashboard-definitions.yaml
index 573281af..8fd4a0d6 100644
--- a/manifests/grafana/grafana-dashboard-definitions.yaml
+++ b/manifests/grafana-dashboard-definitions.yaml
@@ -1,610 +1,391 @@
apiVersion: v1
data:
- deployments-dashboard.json: |-
+ k8s-cluster-rsrc-use.json: |-
{
"annotations": {
"list": [
]
},
- "editable": false,
+ "editable": true,
"gnetId": null,
"graphTooltip": 0,
"hideControls": false,
- "id": null,
"links": [
],
- "refresh": "",
+ "refresh": "10s",
"rows": [
{
"collapse": false,
- "collapsed": false,
"height": "250px",
"panels": [
{
- "cacheTimeout": null,
- "colorBackground": false,
- "colorValue": false,
- "colors": [
- "#299c46",
- "rgba(237, 129, 40, 0.89)",
- "#d44a3a"
- ],
- "datasource": "prometheus",
- "format": "none",
- "gauge": {
- "maxValue": 100,
- "minValue": 0,
- "show": false,
- "thresholdLabels": false,
- "thresholdMarkers": true
- },
- "gridPos": {
+ "aliasColors": {
},
- "id": 2,
- "interval": null,
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "datasource": "$datasource",
+ "fill": 10,
+ "id": 0,
+ "legend": {
+ "avg": false,
+ "current": false,
+ "max": false,
+ "min": false,
+ "show": true,
+ "total": false,
+ "values": false
+ },
+ "lines": true,
+ "linewidth": 0,
"links": [
],
- "mappingType": 1,
- "mappingTypes": [
- {
- "name": "value to text",
- "value": 1
- },
- {
- "name": "range to text",
- "value": 2
- }
- ],
- "maxDataPoints": 100,
- "nullPointMode": "connected",
- "nullText": null,
- "postfix": "",
- "postfixFontSize": "50%",
- "prefix": "",
- "prefixFontSize": "50%",
- "rangeMaps": [
- {
- "from": "null",
- "text": "N/A",
- "to": "null"
- }
+ "nullPointMode": "null as zero",
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [
+
],
- "span": 4,
- "sparkline": {
- "fillColor": "rgba(31, 118, 189, 0.18)",
- "lineColor": "rgb(31, 120, 193)",
- "show": true
- },
- "tableColumn": "",
+ "spaceLength": 10,
+ "span": 6,
+ "stack": true,
+ "steppedLine": false,
"targets": [
{
- "expr": "sum(rate(container_cpu_usage_seconds_total{namespace=\"$deployment_namespace\",pod_name=\u007e\"$deployment_name.*\"}[3m]))",
+ "expr": "node:node_cpu_utilisation:avg1m * node:node_num_cpu:sum / scalar(sum(node:node_num_cpu:sum))",
"format": "time_series",
"intervalFactor": 2,
- "legendFormat": ""
- }
- ],
- "thresholds": "",
- "title": "CPU",
- "type": "singlestat",
- "valueFontSize": "80%",
- "valueMaps": [
- {
- "op": "=",
- "text": "0",
- "value": "null"
+ "legendFormat": "{{node}}",
+ "legendLink": "/dashboard/file/k8s-node-rsrc-use.json",
+ "step": 10
}
],
- "valueName": "current"
- },
- {
- "cacheTimeout": null,
- "colorBackground": false,
- "colorValue": false,
- "colors": [
- "#299c46",
- "rgba(237, 129, 40, 0.89)",
- "#d44a3a"
+ "thresholds": [
+
],
- "datasource": "prometheus",
- "format": "none",
- "gauge": {
- "maxValue": 100,
- "minValue": 0,
- "show": false,
- "thresholdLabels": false,
- "thresholdMarkers": true
+ "timeFrom": null,
+ "timeShift": null,
+ "title": "CPU Utilisation",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
},
- "gridPos": {
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": [
+ ]
},
- "id": 3,
- "interval": null,
- "links": [
-
- ],
- "mappingType": 1,
- "mappingTypes": [
+ "yaxes": [
{
- "name": "value to text",
- "value": 1
+ "format": "percentunit",
+ "label": null,
+ "logBase": 1,
+ "max": 1,
+ "min": 0,
+ "show": true
},
{
- "name": "range to text",
- "value": 2
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": false
}
+ ]
+ },
+ {
+ "aliasColors": {
+
+ },
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "datasource": "$datasource",
+ "fill": 10,
+ "id": 1,
+ "legend": {
+ "avg": false,
+ "current": false,
+ "max": false,
+ "min": false,
+ "show": true,
+ "total": false,
+ "values": false
+ },
+ "lines": true,
+ "linewidth": 0,
+ "links": [
+
],
- "maxDataPoints": 100,
- "nullPointMode": "connected",
- "nullText": null,
- "postfix": "",
- "postfixFontSize": "50%",
- "prefix": "",
- "prefixFontSize": "50%",
- "rangeMaps": [
- {
- "from": "null",
- "text": "N/A",
- "to": "null"
- }
+ "nullPointMode": "null as zero",
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [
+
],
- "span": 4,
- "sparkline": {
- "fillColor": "rgba(31, 118, 189, 0.18)",
- "lineColor": "rgb(31, 120, 193)",
- "show": true
- },
- "tableColumn": "",
+ "spaceLength": 10,
+ "span": 6,
+ "stack": true,
+ "steppedLine": false,
"targets": [
{
- "expr": "sum(container_memory_usage_bytes{namespace=\"$deployment_namespace\",pod_name=\u007e\"$deployment_name.*\"}) / 1024^3",
+ "expr": "node:node_cpu_saturation_load1: / scalar(sum(min(kube_pod_info) by (node)))",
"format": "time_series",
"intervalFactor": 2,
- "legendFormat": ""
- }
- ],
- "thresholds": "",
- "title": "Memory",
- "type": "singlestat",
- "valueFontSize": "80%",
- "valueMaps": [
- {
- "op": "=",
- "text": "0",
- "value": "null"
+ "legendFormat": "{{node}}",
+ "legendLink": "/dashboard/file/k8s-node-rsrc-use.json",
+ "step": 10
}
],
- "valueName": "current"
- },
- {
- "cacheTimeout": null,
- "colorBackground": false,
- "colorValue": false,
- "colors": [
- "#299c46",
- "rgba(237, 129, 40, 0.89)",
- "#d44a3a"
+ "thresholds": [
+
],
- "datasource": "prometheus",
- "format": "none",
- "gauge": {
- "maxValue": 100,
- "minValue": 0,
- "show": false,
- "thresholdLabels": false,
- "thresholdMarkers": true
+ "timeFrom": null,
+ "timeShift": null,
+ "title": "CPU Saturation (Load1)",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
},
- "gridPos": {
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": [
+ ]
},
- "id": 4,
- "interval": null,
- "links": [
-
- ],
- "mappingType": 1,
- "mappingTypes": [
+ "yaxes": [
{
- "name": "value to text",
- "value": 1
+ "format": "percentunit",
+ "label": null,
+ "logBase": 1,
+ "max": 1,
+ "min": 0,
+ "show": true
},
{
- "name": "range to text",
- "value": 2
- }
- ],
- "maxDataPoints": 100,
- "nullPointMode": "connected",
- "nullText": null,
- "postfix": "",
- "postfixFontSize": "50%",
- "prefix": "",
- "prefixFontSize": "50%",
- "rangeMaps": [
- {
- "from": "null",
- "text": "N/A",
- "to": "null"
- }
- ],
- "span": 4,
- "sparkline": {
- "fillColor": "rgba(31, 118, 189, 0.18)",
- "lineColor": "rgb(31, 120, 193)",
- "show": true
- },
- "tableColumn": "",
- "targets": [
- {
- "expr": "sum(rate(container_network_transmit_bytes_total{namespace=\"$deployment_namespace\",pod_name=\u007e\"$deployment_name.*\"}[3m])) + sum(rate(container_network_receive_bytes_total{namespace=\"$deployment_namespace\",pod_name=\u007e\"$deployment_name.*\"}[3m]))",
- "format": "time_series",
- "intervalFactor": 2,
- "legendFormat": ""
- }
- ],
- "thresholds": "",
- "title": "Network",
- "type": "singlestat",
- "valueFontSize": "80%",
- "valueMaps": [
- {
- "op": "=",
- "text": "0",
- "value": "null"
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": false
}
- ],
- "valueName": "current"
+ ]
}
],
"repeat": null,
"repeatIteration": null,
"repeatRowId": null,
- "showTitle": false,
- "title": "Dashboard Row",
- "titleSize": "h6",
- "type": "row"
+ "showTitle": true,
+ "title": "CPU",
+ "titleSize": "h6"
},
{
"collapse": false,
- "collapsed": false,
- "height": "100px",
+ "height": "250px",
"panels": [
{
- "cacheTimeout": null,
- "colorBackground": false,
- "colorValue": false,
- "colors": [
- "#299c46",
- "rgba(237, 129, 40, 0.89)",
- "#d44a3a"
- ],
- "datasource": "prometheus",
- "format": "none",
- "gauge": {
- "maxValue": 100,
- "minValue": 0,
- "show": false,
- "thresholdLabels": false,
- "thresholdMarkers": true
- },
- "gridPos": {
+ "aliasColors": {
},
- "id": 5,
- "interval": null,
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "datasource": "$datasource",
+ "fill": 10,
+ "id": 2,
+ "legend": {
+ "avg": false,
+ "current": false,
+ "max": false,
+ "min": false,
+ "show": true,
+ "total": false,
+ "values": false
+ },
+ "lines": true,
+ "linewidth": 0,
"links": [
],
- "mappingType": 1,
- "mappingTypes": [
- {
- "name": "value to text",
- "value": 1
- },
- {
- "name": "range to text",
- "value": 2
- }
- ],
- "maxDataPoints": 100,
- "nullPointMode": "connected",
- "nullText": null,
- "postfix": "",
- "postfixFontSize": "50%",
- "prefix": "",
- "prefixFontSize": "50%",
- "rangeMaps": [
- {
- "from": "null",
- "text": "N/A",
- "to": "null"
- }
+ "nullPointMode": "null as zero",
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [
+
],
- "span": 3,
- "sparkline": {
- "fillColor": "rgba(31, 118, 189, 0.18)",
- "full": false,
- "lineColor": "rgb(31, 120, 193)",
- "show": false
- },
- "tableColumn": "",
+ "spaceLength": 10,
+ "span": 6,
+ "stack": true,
+ "steppedLine": false,
"targets": [
{
- "expr": "max(kube_deployment_spec_replicas{namespace=\"$deployment_namespace\",deployment=\"$deployment_name\"}) without (instance, pod)",
+ "expr": "node:node_memory_utilisation:ratio",
"format": "time_series",
"intervalFactor": 2,
- "legendFormat": ""
+ "legendFormat": "{{node}}",
+ "legendLink": "/dashboard/file/k8s-node-rsrc-use.json",
+ "step": 10
}
],
- "thresholds": "",
- "title": "Desired Replicas",
- "type": "singlestat",
- "valueFontSize": "80%",
- "valueMaps": [
+ "thresholds": [
+
+ ],
+ "timeFrom": null,
+ "timeShift": null,
+ "title": "Memory Utilisation",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
+ },
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": [
+
+ ]
+ },
+ "yaxes": [
{
- "op": "=",
- "text": "0",
- "value": "null"
+ "format": "percentunit",
+ "label": null,
+ "logBase": 1,
+ "max": 1,
+ "min": 0,
+ "show": true
+ },
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": false
}
- ],
- "valueName": "current"
+ ]
},
{
- "cacheTimeout": null,
- "colorBackground": false,
- "colorValue": false,
- "colors": [
- "#299c46",
- "rgba(237, 129, 40, 0.89)",
- "#d44a3a"
- ],
- "datasource": "prometheus",
- "format": "none",
- "gauge": {
- "maxValue": 100,
- "minValue": 0,
- "show": false,
- "thresholdLabels": false,
- "thresholdMarkers": true
- },
- "gridPos": {
+ "aliasColors": {
},
- "id": 6,
- "interval": null,
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "datasource": "$datasource",
+ "fill": 10,
+ "id": 3,
+ "legend": {
+ "avg": false,
+ "current": false,
+ "max": false,
+ "min": false,
+ "show": true,
+ "total": false,
+ "values": false
+ },
+ "lines": true,
+ "linewidth": 0,
"links": [
],
- "mappingType": 1,
- "mappingTypes": [
- {
- "name": "value to text",
- "value": 1
- },
- {
- "name": "range to text",
- "value": 2
- }
+ "nullPointMode": "null as zero",
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [
+
],
- "maxDataPoints": 100,
- "nullPointMode": "connected",
- "nullText": null,
- "postfix": "",
- "postfixFontSize": "50%",
- "prefix": "",
- "prefixFontSize": "50%",
- "rangeMaps": [
+ "spaceLength": 10,
+ "span": 6,
+ "stack": true,
+ "steppedLine": false,
+ "targets": [
{
- "from": "null",
- "text": "N/A",
- "to": "null"
+ "expr": "node:node_memory_swap_io_bytes:sum_rate",
+ "format": "time_series",
+ "intervalFactor": 2,
+ "legendFormat": "{{node}}",
+ "legendLink": "/dashboard/file/k8s-node-rsrc-use.json",
+ "step": 10
}
],
- "span": 3,
- "sparkline": {
- "fillColor": "rgba(31, 118, 189, 0.18)",
- "full": false,
- "lineColor": "rgb(31, 120, 193)",
- "show": false
- },
- "tableColumn": "",
- "targets": [
- {
- "expr": "min(kube_deployment_status_replicas_available{namespace=\"$deployment_namespace\",deployment=\"$deployment_name\"}) without (instance, pod)",
- "format": "time_series",
- "intervalFactor": 2,
- "legendFormat": ""
- }
- ],
- "thresholds": "",
- "title": "Available Replicas",
- "type": "singlestat",
- "valueFontSize": "80%",
- "valueMaps": [
- {
- "op": "=",
- "text": "0",
- "value": "null"
- }
- ],
- "valueName": "current"
- },
- {
- "cacheTimeout": null,
- "colorBackground": false,
- "colorValue": false,
- "colors": [
- "#299c46",
- "rgba(237, 129, 40, 0.89)",
- "#d44a3a"
- ],
- "datasource": "prometheus",
- "format": "none",
- "gauge": {
- "maxValue": 100,
- "minValue": 0,
- "show": false,
- "thresholdLabels": false,
- "thresholdMarkers": true
- },
- "gridPos": {
-
- },
- "id": 7,
- "interval": null,
- "links": [
+ "thresholds": [
],
- "mappingType": 1,
- "mappingTypes": [
- {
- "name": "value to text",
- "value": 1
- },
- {
- "name": "range to text",
- "value": 2
- }
- ],
- "maxDataPoints": 100,
- "nullPointMode": "connected",
- "nullText": null,
- "postfix": "",
- "postfixFontSize": "50%",
- "prefix": "",
- "prefixFontSize": "50%",
- "rangeMaps": [
- {
- "from": "null",
- "text": "N/A",
- "to": "null"
- }
- ],
- "span": 3,
- "sparkline": {
- "fillColor": "rgba(31, 118, 189, 0.18)",
- "full": false,
- "lineColor": "rgb(31, 120, 193)",
- "show": false
- },
- "tableColumn": "",
- "targets": [
- {
- "expr": "max(kube_deployment_status_observed_generation{namespace=\"$deployment_namespace\",deployment=\"$deployment_name\"}) without (instance, pod)",
- "format": "time_series",
- "intervalFactor": 2,
- "legendFormat": ""
- }
- ],
- "thresholds": "",
- "title": "Observed Generation",
- "type": "singlestat",
- "valueFontSize": "80%",
- "valueMaps": [
- {
- "op": "=",
- "text": "0",
- "value": "null"
- }
- ],
- "valueName": "current"
- },
- {
- "cacheTimeout": null,
- "colorBackground": false,
- "colorValue": false,
- "colors": [
- "#299c46",
- "rgba(237, 129, 40, 0.89)",
- "#d44a3a"
- ],
- "datasource": "prometheus",
- "format": "none",
- "gauge": {
- "maxValue": 100,
- "minValue": 0,
- "show": false,
- "thresholdLabels": false,
- "thresholdMarkers": true
+ "timeFrom": null,
+ "timeShift": null,
+ "title": "Memory Saturation (Swap I/O)",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
},
- "gridPos": {
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": [
+ ]
},
- "id": 8,
- "interval": null,
- "links": [
-
- ],
- "mappingType": 1,
- "mappingTypes": [
+ "yaxes": [
{
- "name": "value to text",
- "value": 1
+ "format": "Bps",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": 0,
+ "show": true
},
{
- "name": "range to text",
- "value": 2
- }
- ],
- "maxDataPoints": 100,
- "nullPointMode": "connected",
- "nullText": null,
- "postfix": "",
- "postfixFontSize": "50%",
- "prefix": "",
- "prefixFontSize": "50%",
- "rangeMaps": [
- {
- "from": "null",
- "text": "N/A",
- "to": "null"
- }
- ],
- "span": 3,
- "sparkline": {
- "fillColor": "rgba(31, 118, 189, 0.18)",
- "full": false,
- "lineColor": "rgb(31, 120, 193)",
- "show": false
- },
- "tableColumn": "",
- "targets": [
- {
- "expr": "max(kube_deployment_metadata_generation{deployment=\"$deployment_name\",namespace=\"$deployment_namespace\"}) without (instance, pod)",
- "format": "time_series",
- "intervalFactor": 2,
- "legendFormat": ""
- }
- ],
- "thresholds": "",
- "title": "Metadata Generation",
- "type": "singlestat",
- "valueFontSize": "80%",
- "valueMaps": [
- {
- "op": "=",
- "text": "0",
- "value": "null"
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": false
}
- ],
- "valueName": "current"
+ ]
}
],
"repeat": null,
"repeatIteration": null,
"repeatRowId": null,
- "showTitle": false,
- "title": "Dashboard Row",
- "titleSize": "h6",
- "type": "row"
+ "showTitle": true,
+ "title": "Memory",
+ "titleSize": "h6"
},
{
"collapse": false,
- "collapsed": false,
"height": "250px",
"panels": [
{
@@ -614,73 +395,43 @@ data:
"bars": false,
"dashLength": 10,
"dashes": false,
- "datasource": "prometheus",
- "fill": 1,
- "gridPos": {
-
- },
- "id": 9,
+ "datasource": "$datasource",
+ "fill": 10,
+ "id": 4,
"legend": {
- "alignAsTable": false,
"avg": false,
"current": false,
"max": false,
"min": false,
- "rightSide": false,
"show": true,
"total": false,
"values": false
},
"lines": true,
- "linewidth": 1,
- "nullPointMode": "null",
+ "linewidth": 0,
+ "links": [
+
+ ],
+ "nullPointMode": "null as zero",
"percentage": false,
"pointradius": 5,
"points": false,
"renderer": "flot",
- "repeat": null,
"seriesOverrides": [
],
"spaceLength": 10,
- "span": 12,
- "stack": false,
+ "span": 6,
+ "stack": true,
"steppedLine": false,
"targets": [
{
- "expr": "max(kube_deployment_status_replicas{deployment=\"$deployment_name\",namespace=\"$deployment_namespace\"}) without (instance, pod)",
- "format": "time_series",
- "intervalFactor": 2,
- "legendFormat": "current replicas",
- "refId": "A"
- },
- {
- "expr": "min(kube_deployment_status_replicas_available{deployment=\"$deployment_name\",namespace=\"$deployment_namespace\"}) without (instance, pod)",
- "format": "time_series",
- "intervalFactor": 2,
- "legendFormat": "available",
- "refId": "B"
- },
- {
- "expr": "max(kube_deployment_status_replicas_unavailable{deployment=\"$deployment_name\",namespace=\"$deployment_namespace\"}) without (instance, pod)",
- "format": "time_series",
- "intervalFactor": 2,
- "legendFormat": "unavailable",
- "refId": "C"
- },
- {
- "expr": "min(kube_deployment_status_replicas_updated{deployment=\"$deployment_name\",namespace=\"$deployment_namespace\"}) without (instance, pod)",
- "format": "time_series",
- "intervalFactor": 2,
- "legendFormat": "updated",
- "refId": "D"
- },
- {
- "expr": "max(kube_deployment_spec_replicas{deployment=\"$deployment_name\",namespace=\"$deployment_namespace\"}) without (instance, pod)",
+ "expr": "node:node_disk_utilisation:avg_irate / scalar(:kube_pod_info_node_count:)",
"format": "time_series",
"intervalFactor": 2,
- "legendFormat": "desired",
- "refId": "E"
+ "legendFormat": "{{node}}",
+ "legendLink": "/dashboard/file/k8s-node-rsrc-use.json",
+ "step": 10
}
],
"thresholds": [
@@ -688,7 +439,7 @@ data:
],
"timeFrom": null,
"timeShift": null,
- "title": "Replicas",
+ "title": "Disk IO Utilisation",
"tooltip": {
"shared": true,
"sort": 0,
@@ -706,11 +457,11 @@ data:
},
"yaxes": [
{
- "format": "short",
+ "format": "percentunit",
"label": null,
"logBase": 1,
- "max": null,
- "min": null,
+ "max": 1,
+ "min": 0,
"show": true
},
{
@@ -719,136 +470,10 @@ data:
"logBase": 1,
"max": null,
"min": null,
- "show": true
+ "show": false
}
]
- }
- ],
- "repeat": null,
- "repeatIteration": null,
- "repeatRowId": null,
- "showTitle": false,
- "title": "Dashboard Row",
- "titleSize": "h6",
- "type": "row"
- }
- ],
- "schemaVersion": 14,
- "style": "dark",
- "tags": [
-
- ],
- "templating": {
- "list": [
- {
- "allValue": null,
- "current": {
-
- },
- "datasource": "prometheus",
- "hide": 0,
- "includeAll": false,
- "label": "Namespace",
- "multi": false,
- "name": "deployment_namespace",
- "options": [
-
- ],
- "query": "label_values(kube_deployment_metadata_generation, namespace)",
- "refresh": 2,
- "regex": "",
- "sort": 0,
- "tagValuesQuery": "",
- "tags": [
-
- ],
- "tagsQuery": "",
- "type": "query",
- "useTags": false
- },
- {
- "allValue": null,
- "current": {
-
},
- "datasource": "prometheus",
- "hide": 0,
- "includeAll": false,
- "label": "Name",
- "multi": false,
- "name": "deployment_name",
- "options": [
-
- ],
- "query": "label_values(kube_deployment_metadata_generation{namespace=\"$deployment_namespace\"}, deployment)",
- "refresh": 2,
- "regex": "",
- "sort": 0,
- "tagValuesQuery": "",
- "tags": [
-
- ],
- "tagsQuery": "",
- "type": "query",
- "useTags": false
- }
- ]
- },
- "time": {
- "from": "now-1h",
- "to": "now"
- },
- "timepicker": {
- "refresh_intervals": [
- "5s",
- "10s",
- "30s",
- "1m",
- "5m",
- "15m",
- "30m",
- "1h",
- "2h",
- "1d"
- ],
- "time_options": [
- "5m",
- "15m",
- "1h",
- "6h",
- "12h",
- "24h",
- "2d",
- "7d",
- "30d"
- ]
- },
- "timezone": "browser",
- "title": "Deployments",
- "version": 0
- }
- kubernetes-capacity-planning-dashboard.json: |-
- {
- "annotations": {
- "list": [
-
- ]
- },
- "editable": false,
- "gnetId": null,
- "graphTooltip": 0,
- "hideControls": false,
- "id": null,
- "links": [
-
- ],
- "refresh": "",
- "rows": [
- {
- "collapse": false,
- "collapsed": false,
- "height": "250px",
- "panels": [
{
"aliasColors": {
@@ -856,45 +481,43 @@ data:
"bars": false,
"dashLength": 10,
"dashes": false,
- "datasource": "prometheus",
- "fill": 1,
- "gridPos": {
-
- },
- "id": 2,
+ "datasource": "$datasource",
+ "fill": 10,
+ "id": 5,
"legend": {
- "alignAsTable": false,
"avg": false,
"current": false,
"max": false,
"min": false,
- "rightSide": false,
"show": true,
"total": false,
"values": false
},
"lines": true,
- "linewidth": 1,
- "nullPointMode": "null",
+ "linewidth": 0,
+ "links": [
+
+ ],
+ "nullPointMode": "null as zero",
"percentage": false,
"pointradius": 5,
"points": false,
"renderer": "flot",
- "repeat": null,
"seriesOverrides": [
],
"spaceLength": 10,
"span": 6,
- "stack": false,
+ "stack": true,
"steppedLine": false,
"targets": [
{
- "expr": "sum(rate(node_cpu{mode=\"idle\"}[2m])) * 100",
+ "expr": "node:node_disk_saturation:avg_irate / scalar(:kube_pod_info_node_count:)",
"format": "time_series",
"intervalFactor": 2,
- "legendFormat": "{{cpu}}",
- "refId": "A"
+ "legendFormat": "{{node}}",
+ "legendLink": "/dashboard/file/k8s-node-rsrc-use.json",
+ "step": 10
}
],
"thresholds": [
@@ -902,7 +525,7 @@ data:
],
"timeFrom": null,
"timeShift": null,
- "title": "Idle CPU",
+ "title": "Disk IO Saturation",
"tooltip": {
"shared": true,
"sort": 0,
@@ -920,23 +543,35 @@ data:
},
"yaxes": [
{
- "format": "percent",
+ "format": "percentunit",
"label": null,
"logBase": 1,
- "max": null,
+ "max": 1,
"min": 0,
"show": true
},
{
- "format": "percent",
+ "format": "short",
"label": null,
"logBase": 1,
"max": null,
- "min": 0,
- "show": true
+ "min": null,
+ "show": false
}
]
- },
+ }
+ ],
+ "repeat": null,
+ "repeatIteration": null,
+ "repeatRowId": null,
+ "showTitle": true,
+ "title": "Disk",
+ "titleSize": "h6"
+ },
+ {
+ "collapse": false,
+ "height": "250px",
+ "panels": [
{
"aliasColors": {
@@ -944,59 +579,43 @@ data:
"bars": false,
"dashLength": 10,
"dashes": false,
- "datasource": "prometheus",
- "fill": 1,
- "gridPos": {
-
- },
- "id": 3,
+ "datasource": "$datasource",
+ "fill": 10,
+ "id": 6,
"legend": {
- "alignAsTable": false,
"avg": false,
"current": false,
"max": false,
"min": false,
- "rightSide": false,
"show": true,
"total": false,
"values": false
},
"lines": true,
- "linewidth": 1,
- "nullPointMode": "null",
+ "linewidth": 0,
+ "links": [
+
+ ],
+ "nullPointMode": "null as zero",
"percentage": false,
"pointradius": 5,
"points": false,
"renderer": "flot",
- "repeat": null,
"seriesOverrides": [
],
"spaceLength": 10,
"span": 6,
- "stack": false,
+ "stack": true,
"steppedLine": false,
"targets": [
{
- "expr": "sum(node_load1)",
- "format": "time_series",
- "intervalFactor": 2,
- "legendFormat": "load 1m",
- "refId": "A"
- },
- {
- "expr": "sum(node_load5)",
+ "expr": "node:node_net_utilisation:sum_irate",
"format": "time_series",
"intervalFactor": 2,
- "legendFormat": "load 5m",
- "refId": "B"
- },
- {
- "expr": "sum(node_load15)",
- "format": "time_series",
- "intervalFactor": 2,
- "legendFormat": "load 15m",
- "refId": "C"
+ "legendFormat": "{{node}}",
+ "legendLink": "/dashboard/file/k8s-node-rsrc-use.json",
+ "step": 10
}
],
"thresholds": [
@@ -1004,7 +623,7 @@ data:
],
"timeFrom": null,
"timeShift": null,
- "title": "System Load",
+ "title": "Net Utilisation (Transmitted)",
"tooltip": {
"shared": true,
"sort": 0,
@@ -1022,7 +641,7 @@ data:
},
"yaxes": [
{
- "format": "percent",
+ "format": "Bps",
"label": null,
"logBase": 1,
"max": null,
@@ -1030,29 +649,15 @@ data:
"show": true
},
{
- "format": "percent",
+ "format": "short",
"label": null,
"logBase": 1,
"max": null,
- "min": 0,
- "show": true
+ "min": null,
+ "show": false
}
]
- }
- ],
- "repeat": null,
- "repeatIteration": null,
- "repeatRowId": null,
- "showTitle": false,
- "title": "Dashboard Row",
- "titleSize": "h6",
- "type": "row"
- },
- {
- "collapse": false,
- "collapsed": false,
- "height": "250px",
- "panels": [
+ },
{
"aliasColors": {
@@ -1060,66 +665,43 @@ data:
"bars": false,
"dashLength": 10,
"dashes": false,
- "datasource": "prometheus",
- "fill": 1,
- "gridPos": {
-
- },
- "id": 4,
+ "datasource": "$datasource",
+ "fill": 10,
+ "id": 7,
"legend": {
- "alignAsTable": false,
"avg": false,
"current": false,
"max": false,
"min": false,
- "rightSide": false,
"show": true,
"total": false,
"values": false
},
"lines": true,
- "linewidth": 1,
- "nullPointMode": "null",
+ "linewidth": 0,
+ "links": [
+
+ ],
+ "nullPointMode": "null as zero",
"percentage": false,
"pointradius": 5,
"points": false,
"renderer": "flot",
- "repeat": null,
"seriesOverrides": [
],
"spaceLength": 10,
- "span": 9,
- "stack": false,
+ "span": 6,
+ "stack": true,
"steppedLine": false,
"targets": [
{
- "expr": "sum(node_memory_MemTotal) - sum(node_memory_MemFree) - sum(node_memory_Buffers) - sum(node_memory_Cached)",
- "format": "time_series",
- "intervalFactor": 2,
- "legendFormat": "memory used",
- "refId": "A"
- },
- {
- "expr": "sum(node_memory_Buffers)",
- "format": "time_series",
- "intervalFactor": 2,
- "legendFormat": "memory buffers",
- "refId": "B"
- },
- {
- "expr": "sum(node_memory_Cached)",
- "format": "time_series",
- "intervalFactor": 2,
- "legendFormat": "memory cached",
- "refId": "C"
- },
- {
- "expr": "sum(node_memory_MemFree)",
+ "expr": "node:node_net_saturation:sum_irate",
"format": "time_series",
"intervalFactor": 2,
- "legendFormat": "memory free",
- "refId": "D"
+ "legendFormat": "{{node}}",
+ "legendLink": "/dashboard/file/k8s-node-rsrc-use.json",
+ "step": 10
}
],
"thresholds": [
@@ -1127,7 +709,7 @@ data:
],
"timeFrom": null,
"timeShift": null,
- "title": "Memory Usage",
+ "title": "Net Saturation (Dropped)",
"tooltip": {
"shared": true,
"sort": 0,
@@ -1145,7 +727,7 @@ data:
},
"yaxes": [
{
- "format": "bytes",
+ "format": "Bps",
"label": null,
"logBase": 1,
"max": null,
@@ -1153,107 +735,198 @@ data:
"show": true
},
{
- "format": "bytes",
+ "format": "short",
"label": null,
"logBase": 1,
"max": null,
- "min": 0,
- "show": true
+ "min": null,
+ "show": false
}
]
- },
- {
- "cacheTimeout": null,
- "colorBackground": false,
- "colorValue": false,
- "colors": [
- "rgba(50, 172, 45, 0.97)",
- "rgba(237, 129, 40, 0.89)",
- "rgba(245, 54, 54, 0.9)"
- ],
- "datasource": "prometheus",
- "format": "percent",
- "gauge": {
- "maxValue": 100,
- "minValue": 0,
- "show": true,
- "thresholdLabels": false,
- "thresholdMarkers": true
- },
- "gridPos": {
+ }
+ ],
+ "repeat": null,
+ "repeatIteration": null,
+ "repeatRowId": null,
+ "showTitle": true,
+ "title": "Network",
+ "titleSize": "h6"
+ },
+ {
+ "collapse": false,
+ "height": "250px",
+ "panels": [
+ {
+ "aliasColors": {
},
- "id": 5,
- "interval": null,
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "datasource": "$datasource",
+ "fill": 10,
+ "id": 8,
+ "legend": {
+ "avg": false,
+ "current": false,
+ "max": false,
+ "min": false,
+ "show": true,
+ "total": false,
+ "values": false
+ },
+ "lines": true,
+ "linewidth": 0,
"links": [
],
- "mappingType": 1,
- "mappingTypes": [
- {
- "name": "value to text",
- "value": 1
- },
- {
- "name": "range to text",
- "value": 2
- }
- ],
- "maxDataPoints": 100,
- "nullPointMode": "connected",
- "nullText": null,
- "postfix": "",
- "postfixFontSize": "50%",
- "prefix": "",
- "prefixFontSize": "50%",
- "rangeMaps": [
- {
- "from": "null",
- "text": "N/A",
- "to": "null"
- }
+ "nullPointMode": "null as zero",
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [
+
],
- "span": 3,
- "sparkline": {
- "fillColor": "rgba(31, 118, 189, 0.18)",
- "full": false,
- "lineColor": "rgb(31, 120, 193)",
- "show": false
- },
- "tableColumn": "",
+ "spaceLength": 10,
+ "span": 12,
+ "stack": true,
+ "steppedLine": false,
"targets": [
{
- "expr": "((sum(node_memory_MemTotal) - sum(node_memory_MemFree) - sum(node_memory_Buffers) - sum(node_memory_Cached)) / sum(node_memory_MemTotal)) * 100",
+ "expr": "sum(max(node_filesystem_size{fstype=\u007e\"ext[24]\"} - node_filesystem_free{fstype=\u007e\"ext[24]\"}) by (device,pod,namespace)) by (pod,namespace) / scalar(sum(max(node_filesystem_size{fstype=\u007e\"ext[24]\"}) by (device,pod,namespace))) * on (namespace, pod) group_left(node) node_namespace_pod:kube_pod_info:\n",
"format": "time_series",
"intervalFactor": 2,
- "legendFormat": ""
+ "legendFormat": "{{node}}",
+ "legendLink": "/dashboard/file/k8s-node-rsrc-use.json",
+ "step": 10
}
],
- "thresholds": "80, 90",
- "title": "Memory Usage",
- "type": "singlestat",
- "valueFontSize": "80%",
- "valueMaps": [
+ "thresholds": [
+
+ ],
+ "timeFrom": null,
+ "timeShift": null,
+ "title": "Disk Capacity",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
+ },
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": [
+
+ ]
+ },
+ "yaxes": [
{
- "op": "=",
- "text": "N/A",
- "value": "null"
+ "format": "percentunit",
+ "label": null,
+ "logBase": 1,
+ "max": 1,
+ "min": 0,
+ "show": true
+ },
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": false
}
- ],
- "valueName": "current"
+ ]
}
],
"repeat": null,
"repeatIteration": null,
"repeatRowId": null,
- "showTitle": false,
- "title": "Dashboard Row",
- "titleSize": "h6",
- "type": "row"
- },
+ "showTitle": true,
+ "title": "Storage",
+ "titleSize": "h6"
+ }
+ ],
+ "schemaVersion": 14,
+ "style": "dark",
+ "tags": [
+
+ ],
+ "templating": {
+ "list": [
+ {
+ "current": {
+ "text": "Prometheus",
+ "value": "Prometheus"
+ },
+ "hide": 0,
+ "label": null,
+ "name": "datasource",
+ "options": [
+
+ ],
+ "query": "prometheus",
+ "refresh": 1,
+ "regex": "",
+ "type": "datasource"
+ }
+ ]
+ },
+ "time": {
+ "from": "now-1h",
+ "to": "now"
+ },
+ "timepicker": {
+ "refresh_intervals": [
+ "5s",
+ "10s",
+ "30s",
+ "1m",
+ "5m",
+ "15m",
+ "30m",
+ "1h",
+ "2h",
+ "1d"
+ ],
+ "time_options": [
+ "5m",
+ "15m",
+ "1h",
+ "6h",
+ "12h",
+ "24h",
+ "2d",
+ "7d",
+ "30d"
+ ]
+ },
+ "timezone": "utc",
+ "title": "K8s / USE Method / Cluster",
+ "version": 0
+ }
+ k8s-node-rsrc-use.json: |-
+ {
+ "annotations": {
+ "list": [
+
+ ]
+ },
+ "editable": true,
+ "gnetId": null,
+ "graphTooltip": 0,
+ "hideControls": false,
+ "links": [
+
+ ],
+ "refresh": "10s",
+ "rows": [
{
"collapse": false,
- "collapsed": false,
"height": "250px",
"panels": [
{
@@ -1263,59 +936,43 @@ data:
"bars": false,
"dashLength": 10,
"dashes": false,
- "datasource": "prometheus",
+ "datasource": "$datasource",
"fill": 1,
- "gridPos": {
-
- },
- "id": 6,
+ "id": 0,
"legend": {
- "alignAsTable": false,
"avg": false,
"current": false,
"max": false,
"min": false,
- "rightSide": false,
"show": true,
"total": false,
"values": false
},
"lines": true,
"linewidth": 1,
- "nullPointMode": "null",
+ "links": [
+
+ ],
+ "nullPointMode": "null as zero",
"percentage": false,
"pointradius": 5,
"points": false,
"renderer": "flot",
- "repeat": null,
"seriesOverrides": [
],
"spaceLength": 10,
- "span": 9,
+ "span": 6,
"stack": false,
"steppedLine": false,
"targets": [
{
- "expr": "sum(rate(node_disk_bytes_read[5m]))",
- "format": "time_series",
- "intervalFactor": 2,
- "legendFormat": "read",
- "refId": "A"
- },
- {
- "expr": "sum(rate(node_disk_bytes_written[5m]))",
+ "expr": "node:node_cpu_utilisation:avg1m{node=\"$node\"}",
"format": "time_series",
"intervalFactor": 2,
- "legendFormat": "written",
- "refId": "B"
- },
- {
- "expr": "sum(rate(node_disk_io_time_ms[5m]))",
- "format": "time_series",
- "intervalFactor": 2,
- "legendFormat": "io time",
- "refId": "C"
+ "legendFormat": "Utilisation",
+ "legendLink": null,
+ "step": 10
}
],
"thresholds": [
@@ -1323,7 +980,7 @@ data:
],
"timeFrom": null,
"timeShift": null,
- "title": "Disk I/O",
+ "title": "CPU Utilisation",
"tooltip": {
"shared": true,
"sort": 0,
@@ -1341,7 +998,7 @@ data:
},
"yaxes": [
{
- "format": "bytes",
+ "format": "percentunit",
"label": null,
"logBase": 1,
"max": null,
@@ -1349,107 +1006,111 @@ data:
"show": true
},
{
- "format": "bytes",
+ "format": "short",
"label": null,
"logBase": 1,
"max": null,
- "min": 0,
- "show": true
+ "min": null,
+ "show": false
}
]
},
{
- "cacheTimeout": null,
- "colorBackground": false,
- "colorValue": false,
- "colors": [
- "rgba(50, 172, 45, 0.97)",
- "rgba(237, 129, 40, 0.89)",
- "rgba(245, 54, 54, 0.9)"
- ],
- "datasource": "prometheus",
- "format": "percent",
- "gauge": {
- "maxValue": 100,
- "minValue": 0,
- "show": true,
- "thresholdLabels": false,
- "thresholdMarkers": true
- },
- "gridPos": {
+ "aliasColors": {
},
- "id": 7,
- "interval": null,
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "datasource": "$datasource",
+ "fill": 1,
+ "id": 1,
+ "legend": {
+ "avg": false,
+ "current": false,
+ "max": false,
+ "min": false,
+ "show": true,
+ "total": false,
+ "values": false
+ },
+ "lines": true,
+ "linewidth": 1,
"links": [
],
- "mappingType": 1,
- "mappingTypes": [
- {
- "name": "value to text",
- "value": 1
- },
- {
- "name": "range to text",
- "value": 2
- }
- ],
- "maxDataPoints": 100,
- "nullPointMode": "connected",
- "nullText": null,
- "postfix": "",
- "postfixFontSize": "50%",
- "prefix": "",
- "prefixFontSize": "50%",
- "rangeMaps": [
- {
- "from": "null",
- "text": "N/A",
- "to": "null"
- }
+ "nullPointMode": "null as zero",
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [
+
],
- "span": 3,
- "sparkline": {
- "fillColor": "rgba(31, 118, 189, 0.18)",
- "full": false,
- "lineColor": "rgb(31, 120, 193)",
- "show": false
- },
- "tableColumn": "",
+ "spaceLength": 10,
+ "span": 6,
+ "stack": false,
+ "steppedLine": false,
"targets": [
{
- "expr": "(sum(node_filesystem_size{device!=\"rootfs\"}) - sum(node_filesystem_free{device!=\"rootfs\"})) / sum(node_filesystem_size{device!=\"rootfs\"}) * 100",
+ "expr": "node:node_cpu_saturation_load1:{node=\"$node\"}",
"format": "time_series",
"intervalFactor": 2,
- "legendFormat": ""
+ "legendFormat": "Saturation",
+ "legendLink": null,
+ "step": 10
}
],
- "thresholds": "80, 90",
- "title": "Disk Space Usage",
- "type": "singlestat",
- "valueFontSize": "80%",
- "valueMaps": [
+ "thresholds": [
+
+ ],
+ "timeFrom": null,
+ "timeShift": null,
+ "title": "CPU Saturation (Load1)",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
+ },
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": [
+
+ ]
+ },
+ "yaxes": [
{
- "op": "=",
- "text": "N/A",
- "value": "null"
+ "format": "percentunit",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": 0,
+ "show": true
+ },
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": false
}
- ],
- "valueName": "current"
+ ]
}
],
"repeat": null,
"repeatIteration": null,
"repeatRowId": null,
- "showTitle": false,
- "title": "Dashboard Row",
- "titleSize": "h6",
- "type": "row"
+ "showTitle": true,
+ "title": "CPU",
+ "titleSize": "h6"
},
{
"collapse": false,
- "collapsed": false,
"height": "250px",
"panels": [
{
@@ -1459,31 +1120,28 @@ data:
"bars": false,
"dashLength": 10,
"dashes": false,
- "datasource": "prometheus",
+ "datasource": "$datasource",
"fill": 1,
- "gridPos": {
-
- },
- "id": 8,
+ "id": 2,
"legend": {
- "alignAsTable": false,
"avg": false,
"current": false,
"max": false,
"min": false,
- "rightSide": false,
"show": true,
"total": false,
"values": false
},
"lines": true,
"linewidth": 1,
- "nullPointMode": "null",
+ "links": [
+
+ ],
+ "nullPointMode": "null as zero",
"percentage": false,
"pointradius": 5,
"points": false,
"renderer": "flot",
- "repeat": null,
"seriesOverrides": [
],
@@ -1493,11 +1151,12 @@ data:
"steppedLine": false,
"targets": [
{
- "expr": "sum(rate(node_network_receive_bytes{device!\u007e\"lo\"}[5m]))",
+ "expr": "node:node_memory_utilisation:{node=\"$node\"}",
"format": "time_series",
"intervalFactor": 2,
- "legendFormat": "",
- "refId": "A"
+ "legendFormat": "Memory",
+ "legendLink": null,
+ "step": 10
}
],
"thresholds": [
@@ -1505,7 +1164,7 @@ data:
],
"timeFrom": null,
"timeShift": null,
- "title": "Network Received",
+ "title": "Memory Utilisation",
"tooltip": {
"shared": true,
"sort": 0,
@@ -1523,7 +1182,7 @@ data:
},
"yaxes": [
{
- "format": "bytes",
+ "format": "percentunit",
"label": null,
"logBase": 1,
"max": null,
@@ -1531,12 +1190,12 @@ data:
"show": true
},
{
- "format": "bytes",
+ "format": "short",
"label": null,
"logBase": 1,
"max": null,
- "min": 0,
- "show": true
+ "min": null,
+ "show": false
}
]
},
@@ -1547,31 +1206,28 @@ data:
"bars": false,
"dashLength": 10,
"dashes": false,
- "datasource": "prometheus",
+ "datasource": "$datasource",
"fill": 1,
- "gridPos": {
-
- },
- "id": 9,
+ "id": 3,
"legend": {
- "alignAsTable": false,
"avg": false,
"current": false,
"max": false,
"min": false,
- "rightSide": false,
"show": true,
"total": false,
"values": false
},
"lines": true,
"linewidth": 1,
- "nullPointMode": "null",
+ "links": [
+
+ ],
+ "nullPointMode": "null as zero",
"percentage": false,
"pointradius": 5,
"points": false,
"renderer": "flot",
- "repeat": null,
"seriesOverrides": [
],
@@ -1581,11 +1237,12 @@ data:
"steppedLine": false,
"targets": [
{
- "expr": "sum(rate(node_network_transmit_bytes{device!\u007e\"lo\"}[5m]))",
+ "expr": "node:node_memory_swap_io_bytes:sum_rate{node=\"$node\"}",
"format": "time_series",
"intervalFactor": 2,
- "legendFormat": "",
- "refId": "A"
+ "legendFormat": "Swap IO",
+ "legendLink": null,
+ "step": 10
}
],
"thresholds": [
@@ -1593,7 +1250,7 @@ data:
],
"timeFrom": null,
"timeShift": null,
- "title": "Network Transmitted",
+ "title": "Memory Saturation (Swap I/O)",
"tooltip": {
"shared": true,
"sort": 0,
@@ -1611,7 +1268,7 @@ data:
},
"yaxes": [
{
- "format": "bytes",
+ "format": "Bps",
"label": null,
"logBase": 1,
"max": null,
@@ -1619,12 +1276,12 @@ data:
"show": true
},
{
- "format": "bytes",
+ "format": "short",
"label": null,
"logBase": 1,
"max": null,
- "min": 0,
- "show": true
+ "min": null,
+ "show": false
}
]
}
@@ -1632,14 +1289,12 @@ data:
"repeat": null,
"repeatIteration": null,
"repeatRowId": null,
- "showTitle": false,
- "title": "Dashboard Row",
- "titleSize": "h6",
- "type": "row"
+ "showTitle": true,
+ "title": "Memory",
+ "titleSize": "h6"
},
{
"collapse": false,
- "collapsed": false,
"height": "250px",
"panels": [
{
@@ -1649,52 +1304,43 @@ data:
"bars": false,
"dashLength": 10,
"dashes": false,
- "datasource": "prometheus",
+ "datasource": "$datasource",
"fill": 1,
- "gridPos": {
-
- },
- "id": 10,
+ "id": 4,
"legend": {
- "alignAsTable": false,
"avg": false,
"current": false,
"max": false,
"min": false,
- "rightSide": false,
"show": true,
"total": false,
"values": false
},
"lines": true,
"linewidth": 1,
- "nullPointMode": "null",
+ "links": [
+
+ ],
+ "nullPointMode": "null as zero",
"percentage": false,
"pointradius": 5,
"points": false,
"renderer": "flot",
- "repeat": null,
"seriesOverrides": [
],
"spaceLength": 10,
- "span": 9,
+ "span": 6,
"stack": false,
"steppedLine": false,
"targets": [
{
- "expr": "sum(kube_pod_info)",
+ "expr": "node:node_disk_utilisation:avg_irate{node=\"$node\"}",
"format": "time_series",
"intervalFactor": 2,
- "legendFormat": "Current Number of Pods",
- "refId": "A"
- },
- {
- "expr": "sum(kube_node_status_capacity_pods)",
- "format": "time_series",
- "intervalFactor": 2,
- "legendFormat": "Maximum Capacity of Pods",
- "refId": "B"
+ "legendFormat": "Utilisation",
+ "legendLink": null,
+ "step": 10
}
],
"thresholds": [
@@ -1702,7 +1348,7 @@ data:
],
"timeFrom": null,
"timeShift": null,
- "title": "Cluster Pod Utilization",
+ "title": "Disk IO Utilisation",
"tooltip": {
"shared": true,
"sort": 0,
@@ -1720,7 +1366,7 @@ data:
},
"yaxes": [
{
- "format": "short",
+ "format": "percentunit",
"label": null,
"logBase": 1,
"max": null,
@@ -1732,838 +1378,438 @@ data:
"label": null,
"logBase": 1,
"max": null,
- "min": 0,
- "show": true
+ "min": null,
+ "show": false
}
]
},
{
- "cacheTimeout": null,
- "colorBackground": false,
- "colorValue": false,
- "colors": [
- "rgba(50, 172, 45, 0.97)",
- "rgba(237, 129, 40, 0.89)",
- "rgba(245, 54, 54, 0.9)"
- ],
- "datasource": "prometheus",
- "format": "percent",
- "gauge": {
- "maxValue": 100,
- "minValue": 0,
- "show": true,
- "thresholdLabels": false,
- "thresholdMarkers": true
- },
- "gridPos": {
+ "aliasColors": {
},
- "id": 11,
- "interval": null,
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "datasource": "$datasource",
+ "fill": 1,
+ "id": 5,
+ "legend": {
+ "avg": false,
+ "current": false,
+ "max": false,
+ "min": false,
+ "show": true,
+ "total": false,
+ "values": false
+ },
+ "lines": true,
+ "linewidth": 1,
"links": [
],
- "mappingType": 1,
- "mappingTypes": [
- {
- "name": "value to text",
- "value": 1
- },
- {
- "name": "range to text",
- "value": 2
- }
+ "nullPointMode": "null as zero",
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [
+
],
- "maxDataPoints": 100,
- "nullPointMode": "connected",
- "nullText": null,
- "postfix": "",
- "postfixFontSize": "50%",
- "prefix": "",
- "prefixFontSize": "50%",
- "rangeMaps": [
+ "spaceLength": 10,
+ "span": 6,
+ "stack": false,
+ "steppedLine": false,
+ "targets": [
{
- "from": "null",
- "text": "N/A",
- "to": "null"
+ "expr": "node:node_disk_saturation:avg_irate{node=\"$node\"}",
+ "format": "time_series",
+ "intervalFactor": 2,
+ "legendFormat": "Saturation",
+ "legendLink": null,
+ "step": 10
}
],
- "span": 3,
- "sparkline": {
- "fillColor": "rgba(31, 118, 189, 0.18)",
- "full": false,
- "lineColor": "rgb(31, 120, 193)",
- "show": false
+ "thresholds": [
+
+ ],
+ "timeFrom": null,
+ "timeShift": null,
+ "title": "Disk IO Saturation",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
},
- "tableColumn": "",
- "targets": [
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": [
+
+ ]
+ },
+ "yaxes": [
{
- "expr": "100 - (sum(kube_node_status_capacity_pods) - sum(kube_pod_info)) / sum(kube_node_status_capacity_pods) * 100",
- "format": "time_series",
- "intervalFactor": 2,
- "legendFormat": ""
- }
- ],
- "thresholds": "80, 90",
- "title": "Pod Utilization",
- "type": "singlestat",
- "valueFontSize": "80%",
- "valueMaps": [
+ "format": "percentunit",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": 0,
+ "show": true
+ },
{
- "op": "=",
- "text": "N/A",
- "value": "null"
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": false
}
- ],
- "valueName": "current"
+ ]
}
],
"repeat": null,
"repeatIteration": null,
"repeatRowId": null,
- "showTitle": false,
- "title": "Dashboard Row",
- "titleSize": "h6",
- "type": "row"
- }
- ],
- "schemaVersion": 14,
- "style": "dark",
- "tags": [
-
- ],
- "templating": {
- "list": [
-
- ]
- },
- "time": {
- "from": "now-24h",
- "to": "now"
- },
- "timepicker": {
- "refresh_intervals": [
- "5s",
- "10s",
- "30s",
- "1m",
- "5m",
- "15m",
- "30m",
- "1h",
- "2h",
- "1d"
- ],
- "time_options": [
- "5m",
- "15m",
- "1h",
- "6h",
- "12h",
- "24h",
- "2d",
- "7d",
- "30d"
- ]
- },
- "timezone": "browser",
- "title": "Kubernetes Capacity Planning",
- "version": 0
- }
- kubernetes-cluster-health-dashboard.json: |-
- {
- "annotations": {
- "list": [
-
- ]
- },
- "editable": false,
- "gnetId": null,
- "graphTooltip": 0,
- "hideControls": false,
- "id": null,
- "links": [
-
- ],
- "refresh": "10s",
- "rows": [
+ "showTitle": true,
+ "title": "Disk",
+ "titleSize": "h6"
+ },
{
"collapse": false,
- "collapsed": false,
"height": "250px",
"panels": [
{
- "cacheTimeout": null,
- "colorBackground": false,
- "colorValue": false,
- "colors": [
- "#299c46",
- "rgba(237, 129, 40, 0.89)",
- "#d44a3a"
- ],
- "datasource": "prometheus",
- "format": "none",
- "gauge": {
- "maxValue": 100,
- "minValue": 0,
- "show": false,
- "thresholdLabels": false,
- "thresholdMarkers": true
- },
- "gridPos": {
+ "aliasColors": {
},
- "id": 2,
- "interval": null,
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "datasource": "$datasource",
+ "fill": 1,
+ "id": 6,
+ "legend": {
+ "avg": false,
+ "current": false,
+ "max": false,
+ "min": false,
+ "show": true,
+ "total": false,
+ "values": false
+ },
+ "lines": true,
+ "linewidth": 1,
"links": [
],
- "mappingType": 1,
- "mappingTypes": [
- {
- "name": "value to text",
- "value": 1
- },
- {
- "name": "range to text",
- "value": 2
- }
- ],
- "maxDataPoints": 100,
- "nullPointMode": "connected",
- "nullText": null,
- "postfix": "",
- "postfixFontSize": "50%",
- "prefix": "",
- "prefixFontSize": "50%",
- "rangeMaps": [
- {
- "from": "null",
- "text": "N/A",
- "to": "null"
- }
+ "nullPointMode": "null as zero",
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [
+
],
- "span": 3,
- "sparkline": {
- "fillColor": "rgba(31, 118, 189, 0.18)",
- "full": false,
- "lineColor": "rgb(31, 120, 193)",
- "show": false
- },
- "tableColumn": "",
+ "spaceLength": 10,
+ "span": 6,
+ "stack": false,
+ "steppedLine": false,
"targets": [
{
- "expr": "sum(up{job=\u007e\"apiserver|kube-scheduler|kube-controller-manager\"} == 0)",
+ "expr": "node:node_net_utilisation:sum_irate{node=\"$node\"}",
"format": "time_series",
"intervalFactor": 2,
- "legendFormat": ""
- }
- ],
- "thresholds": "",
- "title": "Control Plane Components Down",
- "type": "singlestat",
- "valueFontSize": "80%",
- "valueMaps": [
- {
- "op": "=",
- "text": "Everything UP and healthy",
- "value": "null"
+ "legendFormat": "Utilisation",
+ "legendLink": null,
+ "step": 10
}
],
- "valueName": "current"
- },
- {
- "cacheTimeout": null,
- "colorBackground": false,
- "colorValue": false,
- "colors": [
- "#299c46",
- "rgba(237, 129, 40, 0.89)",
- "#d44a3a"
+ "thresholds": [
+
],
- "datasource": "prometheus",
- "format": "none",
- "gauge": {
- "maxValue": 100,
- "minValue": 0,
- "show": false,
- "thresholdLabels": false,
- "thresholdMarkers": true
+ "timeFrom": null,
+ "timeShift": null,
+ "title": "Net Utilisation (Transmitted)",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
},
- "gridPos": {
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": [
+ ]
},
- "id": 3,
- "interval": null,
- "links": [
-
- ],
- "mappingType": 1,
- "mappingTypes": [
- {
- "name": "value to text",
- "value": 1
- },
+ "yaxes": [
{
- "name": "range to text",
- "value": 2
- }
- ],
- "maxDataPoints": 100,
- "nullPointMode": "connected",
- "nullText": null,
- "postfix": "",
- "postfixFontSize": "50%",
- "prefix": "",
- "prefixFontSize": "50%",
- "rangeMaps": [
- {
- "from": "null",
- "text": "N/A",
- "to": "null"
- }
- ],
- "span": 3,
- "sparkline": {
- "fillColor": "rgba(31, 118, 189, 0.18)",
- "full": false,
- "lineColor": "rgb(31, 120, 193)",
- "show": false
- },
- "tableColumn": "",
- "targets": [
- {
- "expr": "sum(ALERTS{alertstate=\"firing\",alertname!=\"DeadMansSwitch\"})",
- "format": "time_series",
- "intervalFactor": 2,
- "legendFormat": ""
- }
- ],
- "thresholds": "",
- "title": "Alerts Firing",
- "type": "singlestat",
- "valueFontSize": "80%",
- "valueMaps": [
+ "format": "Bps",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": 0,
+ "show": true
+ },
{
- "op": "=",
- "text": "0",
- "value": "null"
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": false
}
- ],
- "valueName": "current"
+ ]
},
{
- "cacheTimeout": null,
- "colorBackground": false,
- "colorValue": false,
- "colors": [
- "#299c46",
- "rgba(237, 129, 40, 0.89)",
- "#d44a3a"
- ],
- "datasource": "prometheus",
- "format": "none",
- "gauge": {
- "maxValue": 100,
- "minValue": 0,
- "show": false,
- "thresholdLabels": false,
- "thresholdMarkers": true
- },
- "gridPos": {
+ "aliasColors": {
},
- "id": 4,
- "interval": null,
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "datasource": "$datasource",
+ "fill": 1,
+ "id": 7,
+ "legend": {
+ "avg": false,
+ "current": false,
+ "max": false,
+ "min": false,
+ "show": true,
+ "total": false,
+ "values": false
+ },
+ "lines": true,
+ "linewidth": 1,
"links": [
],
- "mappingType": 1,
- "mappingTypes": [
- {
- "name": "value to text",
- "value": 1
- },
- {
- "name": "range to text",
- "value": 2
- }
- ],
- "maxDataPoints": 100,
- "nullPointMode": "connected",
- "nullText": null,
- "postfix": "",
- "postfixFontSize": "50%",
- "prefix": "",
- "prefixFontSize": "50%",
- "rangeMaps": [
- {
- "from": "null",
- "text": "N/A",
- "to": "null"
- }
+ "nullPointMode": "null as zero",
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [
+
],
- "span": 3,
- "sparkline": {
- "fillColor": "rgba(31, 118, 189, 0.18)",
- "full": false,
- "lineColor": "rgb(31, 120, 193)",
- "show": false
- },
- "tableColumn": "",
+ "spaceLength": 10,
+ "span": 6,
+ "stack": false,
+ "steppedLine": false,
"targets": [
{
- "expr": "sum(ALERTS{alertstate=\"pending\",alertname!=\"DeadMansSwitch\"})",
+ "expr": "node:node_net_saturation:sum_irate{node=\"$node\"}",
"format": "time_series",
"intervalFactor": 2,
- "legendFormat": ""
- }
- ],
- "thresholds": "",
- "title": "Alerts Pending",
- "type": "singlestat",
- "valueFontSize": "80%",
- "valueMaps": [
- {
- "op": "=",
- "text": "0",
- "value": "null"
+ "legendFormat": "Saturation",
+ "legendLink": null,
+ "step": 10
}
],
- "valueName": "current"
- },
- {
- "cacheTimeout": null,
- "colorBackground": false,
- "colorValue": false,
- "colors": [
- "#299c46",
- "rgba(237, 129, 40, 0.89)",
- "#d44a3a"
+ "thresholds": [
+
],
- "datasource": "prometheus",
- "format": "none",
- "gauge": {
- "maxValue": 100,
- "minValue": 0,
- "show": false,
- "thresholdLabels": false,
- "thresholdMarkers": true
+ "timeFrom": null,
+ "timeShift": null,
+ "title": "Net Saturation (Dropped)",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
},
- "gridPos": {
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": [
+ ]
},
- "id": 5,
- "interval": null,
- "links": [
-
- ],
- "mappingType": 1,
- "mappingTypes": [
+ "yaxes": [
{
- "name": "value to text",
- "value": 1
+ "format": "Bps",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": 0,
+ "show": true
},
{
- "name": "range to text",
- "value": 2
- }
- ],
- "maxDataPoints": 100,
- "nullPointMode": "connected",
- "nullText": null,
- "postfix": "",
- "postfixFontSize": "50%",
- "prefix": "",
- "prefixFontSize": "50%",
- "rangeMaps": [
- {
- "from": "null",
- "text": "N/A",
- "to": "null"
- }
- ],
- "span": 3,
- "sparkline": {
- "fillColor": "rgba(31, 118, 189, 0.18)",
- "full": false,
- "lineColor": "rgb(31, 120, 193)",
- "show": false
- },
- "tableColumn": "",
- "targets": [
- {
- "expr": "count(increase(kube_pod_container_status_restarts[1h]) > 5)",
- "format": "time_series",
- "intervalFactor": 2,
- "legendFormat": ""
- }
- ],
- "thresholds": "",
- "title": "Crashlooping Pods",
- "type": "singlestat",
- "valueFontSize": "80%",
- "valueMaps": [
- {
- "op": "=",
- "text": "0",
- "value": "null"
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": false
}
- ],
- "valueName": "current"
+ ]
}
],
"repeat": null,
"repeatIteration": null,
"repeatRowId": null,
- "showTitle": false,
- "title": "Dashboard Row",
- "titleSize": "h6",
- "type": "row"
+ "showTitle": true,
+ "title": "Net",
+ "titleSize": "h6"
},
{
"collapse": false,
- "collapsed": false,
"height": "250px",
"panels": [
{
- "cacheTimeout": null,
- "colorBackground": false,
- "colorValue": false,
- "colors": [
- "#299c46",
- "rgba(237, 129, 40, 0.89)",
- "#d44a3a"
- ],
- "datasource": "prometheus",
- "format": "none",
- "gauge": {
- "maxValue": 100,
- "minValue": 0,
- "show": false,
- "thresholdLabels": false,
- "thresholdMarkers": true
- },
- "gridPos": {
+ "aliasColors": {
},
- "id": 6,
- "interval": null,
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "datasource": "$datasource",
+ "fill": 1,
+ "id": 8,
+ "legend": {
+ "avg": false,
+ "current": false,
+ "max": false,
+ "min": false,
+ "show": true,
+ "total": false,
+ "values": false
+ },
+ "lines": true,
+ "linewidth": 1,
"links": [
],
- "mappingType": 1,
- "mappingTypes": [
- {
- "name": "value to text",
- "value": 1
- },
- {
- "name": "range to text",
- "value": 2
- }
- ],
- "maxDataPoints": 100,
- "nullPointMode": "connected",
- "nullText": null,
- "postfix": "",
- "postfixFontSize": "50%",
- "prefix": "",
- "prefixFontSize": "50%",
- "rangeMaps": [
- {
- "from": "null",
- "text": "N/A",
- "to": "null"
- }
+ "nullPointMode": "null as zero",
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [
+
],
- "span": 3,
- "sparkline": {
- "fillColor": "rgba(31, 118, 189, 0.18)",
- "full": false,
- "lineColor": "rgb(31, 120, 193)",
- "show": false
- },
- "tableColumn": "",
+ "spaceLength": 10,
+ "span": 12,
+ "stack": false,
+ "steppedLine": false,
"targets": [
{
- "expr": "sum(kube_node_status_condition{condition=\"Ready\",status!=\"true\"})",
+ "expr": "1 - sum(max by (device, node) (node_filesystem_free{fstype=\u007e\"ext[24]\"})) / sum(max by (device, node) (node_filesystem_size{fstype=\u007e\"ext[24]\"}))",
"format": "time_series",
"intervalFactor": 2,
- "legendFormat": ""
- }
- ],
- "thresholds": "",
- "title": "Node Not Ready",
- "type": "singlestat",
- "valueFontSize": "80%",
- "valueMaps": [
- {
- "op": "=",
- "text": "0",
- "value": "null"
+ "legendFormat": "Disk",
+ "legendLink": null,
+ "step": 10
}
],
- "valueName": "current"
- },
- {
- "cacheTimeout": null,
- "colorBackground": false,
- "colorValue": false,
- "colors": [
- "#299c46",
- "rgba(237, 129, 40, 0.89)",
- "#d44a3a"
+ "thresholds": [
+
],
- "datasource": "prometheus",
- "format": "none",
- "gauge": {
- "maxValue": 100,
- "minValue": 0,
- "show": false,
- "thresholdLabels": false,
- "thresholdMarkers": true
+ "timeFrom": null,
+ "timeShift": null,
+ "title": "Disk Utilisation",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
},
- "gridPos": {
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": [
+ ]
},
- "id": 7,
- "interval": null,
- "links": [
-
- ],
- "mappingType": 1,
- "mappingTypes": [
+ "yaxes": [
{
- "name": "value to text",
- "value": 1
+ "format": "percentunit",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": 0,
+ "show": true
},
{
- "name": "range to text",
- "value": 2
- }
- ],
- "maxDataPoints": 100,
- "nullPointMode": "connected",
- "nullText": null,
- "postfix": "",
- "postfixFontSize": "50%",
- "prefix": "",
- "prefixFontSize": "50%",
- "rangeMaps": [
- {
- "from": "null",
- "text": "N/A",
- "to": "null"
- }
- ],
- "span": 3,
- "sparkline": {
- "fillColor": "rgba(31, 118, 189, 0.18)",
- "full": false,
- "lineColor": "rgb(31, 120, 193)",
- "show": false
- },
- "tableColumn": "",
- "targets": [
- {
- "expr": "sum(kube_node_status_condition{condition=\"DiskPressure\",status=\"true\"})",
- "format": "time_series",
- "intervalFactor": 2,
- "legendFormat": ""
- }
- ],
- "thresholds": "",
- "title": "Node Disk Pressure",
- "type": "singlestat",
- "valueFontSize": "80%",
- "valueMaps": [
- {
- "op": "=",
- "text": "0",
- "value": "null"
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": false
}
- ],
- "valueName": "current"
+ ]
+ }
+ ],
+ "repeat": null,
+ "repeatIteration": null,
+ "repeatRowId": null,
+ "showTitle": true,
+ "title": "Disk",
+ "titleSize": "h6"
+ }
+ ],
+ "schemaVersion": 14,
+ "style": "dark",
+ "tags": [
+
+ ],
+ "templating": {
+ "list": [
+ {
+ "current": {
+ "text": "Prometheus",
+ "value": "Prometheus"
},
- {
- "cacheTimeout": null,
- "colorBackground": false,
- "colorValue": false,
- "colors": [
- "#299c46",
- "rgba(237, 129, 40, 0.89)",
- "#d44a3a"
- ],
- "datasource": "prometheus",
- "format": "none",
- "gauge": {
- "maxValue": 100,
- "minValue": 0,
- "show": false,
- "thresholdLabels": false,
- "thresholdMarkers": true
- },
- "gridPos": {
+ "hide": 0,
+ "label": null,
+ "name": "datasource",
+ "options": [
- },
- "id": 8,
- "interval": null,
- "links": [
+ ],
+ "query": "prometheus",
+ "refresh": 1,
+ "regex": "",
+ "type": "datasource"
+ },
+ {
+ "allValue": null,
+ "current": {
+ "text": "prod",
+ "value": "prod"
+ },
+ "datasource": "$datasource",
+ "hide": 0,
+ "includeAll": false,
+ "label": "node",
+ "multi": false,
+ "name": "node",
+ "options": [
- ],
- "mappingType": 1,
- "mappingTypes": [
- {
- "name": "value to text",
- "value": 1
- },
- {
- "name": "range to text",
- "value": 2
- }
- ],
- "maxDataPoints": 100,
- "nullPointMode": "connected",
- "nullText": null,
- "postfix": "",
- "postfixFontSize": "50%",
- "prefix": "",
- "prefixFontSize": "50%",
- "rangeMaps": [
- {
- "from": "null",
- "text": "N/A",
- "to": "null"
- }
- ],
- "span": 3,
- "sparkline": {
- "fillColor": "rgba(31, 118, 189, 0.18)",
- "full": false,
- "lineColor": "rgb(31, 120, 193)",
- "show": false
- },
- "tableColumn": "",
- "targets": [
- {
- "expr": "sum(kube_node_status_condition{condition=\"MemoryPressure\",status=\"true\"})",
- "format": "time_series",
- "intervalFactor": 2,
- "legendFormat": ""
- }
- ],
- "thresholds": "",
- "title": "Node Memory Pressure",
- "type": "singlestat",
- "valueFontSize": "80%",
- "valueMaps": [
- {
- "op": "=",
- "text": "0",
- "value": "null"
- }
- ],
- "valueName": "current"
- },
- {
- "cacheTimeout": null,
- "colorBackground": false,
- "colorValue": false,
- "colors": [
- "#299c46",
- "rgba(237, 129, 40, 0.89)",
- "#d44a3a"
- ],
- "datasource": "prometheus",
- "format": "none",
- "gauge": {
- "maxValue": 100,
- "minValue": 0,
- "show": false,
- "thresholdLabels": false,
- "thresholdMarkers": true
- },
- "gridPos": {
-
- },
- "id": 9,
- "interval": null,
- "links": [
-
- ],
- "mappingType": 1,
- "mappingTypes": [
- {
- "name": "value to text",
- "value": 1
- },
- {
- "name": "range to text",
- "value": 2
- }
- ],
- "maxDataPoints": 100,
- "nullPointMode": "connected",
- "nullText": null,
- "postfix": "",
- "postfixFontSize": "50%",
- "prefix": "",
- "prefixFontSize": "50%",
- "rangeMaps": [
- {
- "from": "null",
- "text": "N/A",
- "to": "null"
- }
- ],
- "span": 3,
- "sparkline": {
- "fillColor": "rgba(31, 118, 189, 0.18)",
- "full": false,
- "lineColor": "rgb(31, 120, 193)",
- "show": false
- },
- "tableColumn": "",
- "targets": [
- {
- "expr": "sum(kube_node_spec_unschedulable)",
- "format": "time_series",
- "intervalFactor": 2,
- "legendFormat": ""
- }
- ],
- "thresholds": "",
- "title": "Node Unschedulable",
- "type": "singlestat",
- "valueFontSize": "80%",
- "valueMaps": [
- {
- "op": "=",
- "text": "0",
- "value": "null"
- }
- ],
- "valueName": "current"
- }
- ],
- "repeat": null,
- "repeatIteration": null,
- "repeatRowId": null,
- "showTitle": false,
- "title": "Dashboard Row",
- "titleSize": "h6",
- "type": "row"
- }
- ],
- "schemaVersion": 14,
- "style": "dark",
- "tags": [
-
- ],
- "templating": {
- "list": [
+ ],
+ "query": "label_values(kube_node_info, node)",
+ "refresh": 1,
+ "regex": "",
+ "sort": 2,
+ "tagValuesQuery": "",
+ "tags": [
+ ],
+ "tagsQuery": "",
+ "type": "query",
+ "useTags": false
+ }
]
},
"time": {
@@ -2595,1267 +1841,1171 @@ data:
"30d"
]
},
- "timezone": "browser",
- "title": "Kubernetes Cluster Health",
+ "timezone": "utc",
+ "title": "K8s / USE Method / Node",
"version": 0
- }
- kubernetes-cluster-status-dashboard.json: |-
- {
- "annotations": {
- "list": [
-
- ]
- },
- "editable": false,
- "gnetId": null,
- "graphTooltip": 0,
- "hideControls": false,
- "id": null,
- "links": [
-
- ],
- "refresh": "10s",
- "rows": [
- {
- "collapse": false,
- "collapsed": false,
- "height": "250px",
- "panels": [
- {
- "cacheTimeout": null,
- "colorBackground": false,
- "colorValue": false,
- "colors": [
- "#299c46",
- "rgba(237, 129, 40, 0.89)",
- "#d44a3a"
- ],
- "datasource": "prometheus",
- "format": "none",
- "gauge": {
- "maxValue": 100,
- "minValue": 0,
- "show": false,
- "thresholdLabels": false,
- "thresholdMarkers": true
- },
- "gridPos": {
-
- },
- "id": 2,
- "interval": null,
- "links": [
-
- ],
- "mappingType": 1,
- "mappingTypes": [
- {
- "name": "value to text",
- "value": 1
- },
- {
- "name": "range to text",
- "value": 2
- }
- ],
- "maxDataPoints": 100,
- "nullPointMode": "connected",
- "nullText": null,
- "postfix": "",
- "postfixFontSize": "50%",
- "prefix": "",
- "prefixFontSize": "50%",
- "rangeMaps": [
- {
- "from": "null",
- "text": "N/A",
- "to": "null"
- }
- ],
- "span": 6,
- "sparkline": {
- "fillColor": "rgba(31, 118, 189, 0.18)",
- "full": false,
- "lineColor": "rgb(31, 120, 193)",
- "show": false
- },
- "tableColumn": "",
- "targets": [
- {
- "expr": "sum(up{job=\u007e\"apiserver|kube-scheduler|kube-controller-manager\"} == 0)",
- "format": "time_series",
- "intervalFactor": 2,
- "legendFormat": ""
- }
- ],
- "thresholds": "",
- "title": "Control Plane UP",
- "type": "singlestat",
- "valueFontSize": "80%",
- "valueMaps": [
- {
- "op": "=",
- "text": "0",
- "value": "null"
- }
- ],
- "valueName": "current"
- },
- {
- "cacheTimeout": null,
- "colorBackground": false,
- "colorValue": false,
- "colors": [
- "#299c46",
- "rgba(237, 129, 40, 0.89)",
- "#d44a3a"
- ],
- "datasource": "prometheus",
- "format": "none",
- "gauge": {
- "maxValue": 100,
- "minValue": 0,
- "show": false,
- "thresholdLabels": false,
- "thresholdMarkers": true
- },
- "gridPos": {
-
- },
- "id": 3,
- "interval": null,
- "links": [
-
- ],
- "mappingType": 1,
- "mappingTypes": [
- {
- "name": "value to text",
- "value": 1
- },
- {
- "name": "range to text",
- "value": 2
- }
- ],
- "maxDataPoints": 100,
- "nullPointMode": "connected",
- "nullText": null,
- "postfix": "",
- "postfixFontSize": "50%",
- "prefix": "",
- "prefixFontSize": "50%",
- "rangeMaps": [
- {
- "from": "null",
- "text": "N/A",
- "to": "null"
- }
- ],
- "span": 6,
- "sparkline": {
- "fillColor": "rgba(31, 118, 189, 0.18)",
- "full": false,
- "lineColor": "rgb(31, 120, 193)",
- "show": false
- },
- "tableColumn": "",
- "targets": [
- {
- "expr": "sum(ALERTS{alertstate=\"firing\",alertname!=\"DeadMansSwitch\"})",
- "format": "time_series",
- "intervalFactor": 2,
- "legendFormat": ""
- }
- ],
- "thresholds": "",
- "title": "Alerts Firing",
- "type": "singlestat",
- "valueFontSize": "80%",
- "valueMaps": [
- {
- "op": "=",
- "text": "0",
- "value": "null"
- }
- ],
- "valueName": "current"
- }
- ],
- "repeat": null,
- "repeatIteration": null,
- "repeatRowId": null,
- "showTitle": false,
- "title": "Dashboard Row",
- "titleSize": "h6",
- "type": "row"
- },
- {
- "collapse": false,
- "collapsed": false,
- "height": "250px",
- "panels": [
- {
- "cacheTimeout": null,
- "colorBackground": false,
- "colorValue": false,
- "colors": [
- "rgba(245, 54, 54, 0.9)",
- "rgba(237, 129, 40, 0.89)",
- "rgba(50, 172, 45, 0.97)"
- ],
- "datasource": "prometheus",
- "format": "percent",
- "gauge": {
- "maxValue": 100,
- "minValue": 0,
- "show": true,
- "thresholdLabels": false,
- "thresholdMarkers": true
- },
- "gridPos": {
-
- },
- "id": 4,
- "interval": null,
- "links": [
-
- ],
- "mappingType": 1,
- "mappingTypes": [
- {
- "name": "value to text",
- "value": 1
- },
- {
- "name": "range to text",
- "value": 2
- }
- ],
- "maxDataPoints": 100,
- "nullPointMode": "connected",
- "nullText": null,
- "postfix": "",
- "postfixFontSize": "50%",
- "prefix": "",
- "prefixFontSize": "50%",
- "rangeMaps": [
- {
- "from": "null",
- "text": "N/A",
- "to": "null"
- }
- ],
- "span": 3,
- "sparkline": {
- "fillColor": "rgba(31, 118, 189, 0.18)",
- "full": false,
- "lineColor": "rgb(31, 120, 193)",
- "show": false
- },
- "tableColumn": "",
- "targets": [
- {
- "expr": "(sum(up{job=\"apiserver\"} == 1) / count(up{job=\"apiserver\"})) * 100",
- "format": "time_series",
- "intervalFactor": 2,
- "legendFormat": ""
- }
- ],
- "thresholds": "50, 80",
- "title": "API Servers UP",
- "type": "singlestat",
- "valueFontSize": "80%",
- "valueMaps": [
- {
- "op": "=",
- "text": "N/A",
- "value": "null"
- }
- ],
- "valueName": "current"
- },
- {
- "cacheTimeout": null,
- "colorBackground": false,
- "colorValue": false,
- "colors": [
- "rgba(245, 54, 54, 0.9)",
- "rgba(237, 129, 40, 0.89)",
- "rgba(50, 172, 45, 0.97)"
- ],
- "datasource": "prometheus",
- "format": "percent",
- "gauge": {
- "maxValue": 100,
- "minValue": 0,
- "show": true,
- "thresholdLabels": false,
- "thresholdMarkers": true
- },
- "gridPos": {
-
- },
- "id": 5,
- "interval": null,
- "links": [
-
- ],
- "mappingType": 1,
- "mappingTypes": [
- {
- "name": "value to text",
- "value": 1
- },
- {
- "name": "range to text",
- "value": 2
- }
- ],
- "maxDataPoints": 100,
- "nullPointMode": "connected",
- "nullText": null,
- "postfix": "",
- "postfixFontSize": "50%",
- "prefix": "",
- "prefixFontSize": "50%",
- "rangeMaps": [
- {
- "from": "null",
- "text": "N/A",
- "to": "null"
- }
- ],
- "span": 3,
- "sparkline": {
- "fillColor": "rgba(31, 118, 189, 0.18)",
- "full": false,
- "lineColor": "rgb(31, 120, 193)",
- "show": false
- },
- "tableColumn": "",
- "targets": [
- {
- "expr": "(sum(up{job=\"kube-controller-manager\"} == 1) / count(up{job=\"kube-controller-manager\"})) * 100",
- "format": "time_series",
- "intervalFactor": 2,
- "legendFormat": ""
- }
- ],
- "thresholds": "50, 80",
- "title": "Controller Managers UP",
- "type": "singlestat",
- "valueFontSize": "80%",
- "valueMaps": [
- {
- "op": "=",
- "text": "N/A",
- "value": "null"
- }
- ],
- "valueName": "current"
- },
- {
- "cacheTimeout": null,
- "colorBackground": false,
- "colorValue": false,
- "colors": [
- "rgba(245, 54, 54, 0.9)",
- "rgba(237, 129, 40, 0.89)",
- "rgba(50, 172, 45, 0.97)"
- ],
- "datasource": "prometheus",
- "format": "percent",
- "gauge": {
- "maxValue": 100,
- "minValue": 0,
- "show": true,
- "thresholdLabels": false,
- "thresholdMarkers": true
- },
- "gridPos": {
-
- },
- "id": 6,
- "interval": null,
- "links": [
-
- ],
- "mappingType": 1,
- "mappingTypes": [
- {
- "name": "value to text",
- "value": 1
- },
- {
- "name": "range to text",
- "value": 2
- }
- ],
- "maxDataPoints": 100,
- "nullPointMode": "connected",
- "nullText": null,
- "postfix": "",
- "postfixFontSize": "50%",
- "prefix": "",
- "prefixFontSize": "50%",
- "rangeMaps": [
- {
- "from": "null",
- "text": "N/A",
- "to": "null"
- }
- ],
- "span": 3,
- "sparkline": {
- "fillColor": "rgba(31, 118, 189, 0.18)",
- "full": false,
- "lineColor": "rgb(31, 120, 193)",
- "show": false
- },
- "tableColumn": "",
- "targets": [
- {
- "expr": "(sum(up{job=\"kube-scheduler\"} == 1) / count(up{job=\"kube-scheduler\"})) * 100",
- "format": "time_series",
- "intervalFactor": 2,
- "legendFormat": ""
- }
- ],
- "thresholds": "50, 80",
- "title": "Schedulers Up",
- "type": "singlestat",
- "valueFontSize": "80%",
- "valueMaps": [
- {
- "op": "=",
- "text": "N/A",
- "value": "null"
- }
- ],
- "valueName": "current"
- },
+ }
+ k8s-resources-cluster.json: |-
+ {
+ "annotations": {
+ "list": [
+
+ ]
+ },
+ "editable": true,
+ "gnetId": null,
+ "graphTooltip": 0,
+ "hideControls": false,
+ "links": [
+
+ ],
+ "refresh": "10s",
+ "rows": [
+ {
+ "collapse": false,
+ "height": "100px",
+ "panels": [
{
- "cacheTimeout": null,
- "colorBackground": false,
- "colorValue": false,
- "colors": [
- "#299c46",
- "rgba(237, 129, 40, 0.89)",
- "#d44a3a"
- ],
- "datasource": "prometheus",
- "format": "none",
- "gauge": {
- "maxValue": 100,
- "minValue": 0,
- "show": false,
- "thresholdLabels": false,
- "thresholdMarkers": true
- },
- "gridPos": {
+ "aliasColors": {
},
- "id": 7,
- "interval": null,
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "datasource": "$datasource",
+ "fill": 1,
+ "format": "percentunit",
+ "id": 0,
+ "legend": {
+ "avg": false,
+ "current": false,
+ "max": false,
+ "min": false,
+ "show": true,
+ "total": false,
+ "values": false
+ },
+ "lines": true,
+ "linewidth": 1,
"links": [
],
- "mappingType": 1,
- "mappingTypes": [
- {
- "name": "value to text",
- "value": 1
- },
- {
- "name": "range to text",
- "value": 2
- }
- ],
- "maxDataPoints": 100,
- "nullPointMode": "connected",
- "nullText": null,
- "postfix": "",
- "postfixFontSize": "50%",
- "prefix": "",
- "prefixFontSize": "50%",
- "rangeMaps": [
- {
- "from": "null",
- "text": "N/A",
- "to": "null"
- }
+ "nullPointMode": "null as zero",
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [
+
],
+ "spaceLength": 10,
"span": 3,
- "sparkline": {
- "fillColor": "rgba(31, 118, 189, 0.18)",
- "full": false,
- "lineColor": "rgb(31, 120, 193)",
- "show": false
- },
- "tableColumn": "",
+ "stack": false,
+ "steppedLine": false,
"targets": [
{
- "expr": "count(increase(kube_pod_container_status_restarts{namespace=\u007e\"kube-system|tectonic-system\"}[1h]) > 5)",
+ "expr": "sum(kube_pod_container_resource_requests_cpu_cores) / sum(node:node_num_cpu:sum)",
"format": "time_series",
+ "instant": true,
"intervalFactor": 2,
- "legendFormat": ""
+ "refId": "A"
}
],
- "thresholds": "",
- "title": "Crashlooping Control Plane Pods",
+ "thresholds": "70,80",
+ "timeFrom": null,
+ "timeShift": null,
+ "title": "CPU Requests Commitment",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
+ },
"type": "singlestat",
- "valueFontSize": "80%",
- "valueMaps": [
- {
- "op": "=",
- "text": "0",
- "value": "null"
- }
- ],
- "valueName": "current"
- }
- ],
- "repeat": null,
- "repeatIteration": null,
- "repeatRowId": null,
- "showTitle": false,
- "title": "Dashboard Row",
- "titleSize": "h6",
- "type": "row"
- },
- {
- "collapse": false,
- "collapsed": false,
- "height": "250px",
- "panels": [
- {
- "cacheTimeout": null,
- "colorBackground": false,
- "colorValue": false,
- "colors": [
- "rgba(50, 172, 45, 0.97)",
- "rgba(237, 129, 40, 0.89)",
- "rgba(245, 54, 54, 0.9)"
- ],
- "datasource": "prometheus",
- "format": "percent",
- "gauge": {
- "maxValue": 100,
- "minValue": 0,
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
"show": true,
- "thresholdLabels": false,
- "thresholdMarkers": true
- },
- "gridPos": {
+ "values": [
+ ]
},
- "id": 8,
- "interval": null,
- "links": [
-
- ],
- "mappingType": 1,
- "mappingTypes": [
+ "yaxes": [
{
- "name": "value to text",
- "value": 1
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": 0,
+ "show": true
},
{
- "name": "range to text",
- "value": 2
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": false
}
+ ]
+ },
+ {
+ "aliasColors": {
+
+ },
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "datasource": "$datasource",
+ "fill": 1,
+ "format": "percentunit",
+ "id": 1,
+ "legend": {
+ "avg": false,
+ "current": false,
+ "max": false,
+ "min": false,
+ "show": true,
+ "total": false,
+ "values": false
+ },
+ "lines": true,
+ "linewidth": 1,
+ "links": [
+
],
- "maxDataPoints": 100,
- "nullPointMode": "connected",
- "nullText": null,
- "postfix": "",
- "postfixFontSize": "50%",
- "prefix": "",
- "prefixFontSize": "50%",
- "rangeMaps": [
- {
- "from": "null",
- "text": "N/A",
- "to": "null"
- }
+ "nullPointMode": "null as zero",
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [
+
],
+ "spaceLength": 10,
"span": 3,
- "sparkline": {
- "fillColor": "rgba(31, 118, 189, 0.18)",
- "full": false,
- "lineColor": "rgb(31, 120, 193)",
- "show": false
- },
- "tableColumn": "",
+ "stack": false,
+ "steppedLine": false,
"targets": [
{
- "expr": "sum(100 - (avg by (instance) (rate(node_cpu{job=\"node-exporter\",mode=\"idle\"}[5m])) * 100)) / count(node_cpu{job=\"node-exporter\",mode=\"idle\"})",
+ "expr": "sum(kube_pod_container_resource_limits_cpu_cores) / sum(node:node_num_cpu:sum)",
"format": "time_series",
+ "instant": true,
"intervalFactor": 2,
- "legendFormat": ""
+ "refId": "A"
}
],
- "thresholds": "80, 90",
- "title": "CPU Utilization",
+ "thresholds": "70,80",
+ "timeFrom": null,
+ "timeShift": null,
+ "title": "CPU Limits Commitment",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
+ },
"type": "singlestat",
- "valueFontSize": "80%",
- "valueMaps": [
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": [
+
+ ]
+ },
+ "yaxes": [
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": 0,
+ "show": true
+ },
{
- "op": "=",
- "text": "N/A",
- "value": "null"
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": false
}
- ],
- "valueName": "current"
+ ]
},
{
- "cacheTimeout": null,
- "colorBackground": false,
- "colorValue": false,
- "colors": [
- "rgba(50, 172, 45, 0.97)",
- "rgba(237, 129, 40, 0.89)",
- "rgba(245, 54, 54, 0.9)"
- ],
- "datasource": "prometheus",
- "format": "percent",
- "gauge": {
- "maxValue": 100,
- "minValue": 0,
- "show": true,
- "thresholdLabels": false,
- "thresholdMarkers": true
- },
- "gridPos": {
+ "aliasColors": {
},
- "id": 9,
- "interval": null,
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "datasource": "$datasource",
+ "fill": 1,
+ "format": "percentunit",
+ "id": 2,
+ "legend": {
+ "avg": false,
+ "current": false,
+ "max": false,
+ "min": false,
+ "show": true,
+ "total": false,
+ "values": false
+ },
+ "lines": true,
+ "linewidth": 1,
"links": [
],
- "mappingType": 1,
- "mappingTypes": [
- {
- "name": "value to text",
- "value": 1
- },
- {
- "name": "range to text",
- "value": 2
- }
- ],
- "maxDataPoints": 100,
- "nullPointMode": "connected",
- "nullText": null,
- "postfix": "",
- "postfixFontSize": "50%",
- "prefix": "",
- "prefixFontSize": "50%",
- "rangeMaps": [
- {
- "from": "null",
- "text": "N/A",
- "to": "null"
- }
+ "nullPointMode": "null as zero",
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [
+
],
+ "spaceLength": 10,
"span": 3,
- "sparkline": {
- "fillColor": "rgba(31, 118, 189, 0.18)",
- "full": false,
- "lineColor": "rgb(31, 120, 193)",
- "show": false
- },
- "tableColumn": "",
+ "stack": false,
+ "steppedLine": false,
"targets": [
{
- "expr": "((sum(node_memory_MemTotal) - sum(node_memory_MemFree) - sum(node_memory_Buffers) - sum(node_memory_Cached)) / sum(node_memory_MemTotal)) * 100",
+ "expr": "sum(kube_pod_container_resource_requests_memory_bytes) / sum(node_memory_MemTotal)",
"format": "time_series",
+ "instant": true,
"intervalFactor": 2,
- "legendFormat": ""
+ "refId": "A"
}
],
- "thresholds": "80, 90",
- "title": "Memory Utilization",
+ "thresholds": "70,80",
+ "timeFrom": null,
+ "timeShift": null,
+ "title": "Memory Requests Commitment",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
+ },
"type": "singlestat",
- "valueFontSize": "80%",
- "valueMaps": [
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": [
+
+ ]
+ },
+ "yaxes": [
{
- "op": "=",
- "text": "N/A",
- "value": "null"
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": 0,
+ "show": true
+ },
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": false
}
- ],
- "valueName": "current"
+ ]
},
{
- "cacheTimeout": null,
- "colorBackground": false,
- "colorValue": false,
- "colors": [
- "rgba(50, 172, 45, 0.97)",
- "rgba(237, 129, 40, 0.89)",
- "rgba(245, 54, 54, 0.9)"
- ],
- "datasource": "prometheus",
- "format": "percent",
- "gauge": {
- "maxValue": 100,
- "minValue": 0,
- "show": true,
- "thresholdLabels": false,
- "thresholdMarkers": true
- },
- "gridPos": {
+ "aliasColors": {
},
- "id": 10,
- "interval": null,
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "datasource": "$datasource",
+ "fill": 1,
+ "format": "percentunit",
+ "id": 3,
+ "legend": {
+ "avg": false,
+ "current": false,
+ "max": false,
+ "min": false,
+ "show": true,
+ "total": false,
+ "values": false
+ },
+ "lines": true,
+ "linewidth": 1,
"links": [
],
- "mappingType": 1,
- "mappingTypes": [
- {
- "name": "value to text",
- "value": 1
- },
- {
- "name": "range to text",
- "value": 2
- }
- ],
- "maxDataPoints": 100,
- "nullPointMode": "connected",
- "nullText": null,
- "postfix": "",
- "postfixFontSize": "50%",
- "prefix": "",
- "prefixFontSize": "50%",
- "rangeMaps": [
- {
- "from": "null",
- "text": "N/A",
- "to": "null"
- }
+ "nullPointMode": "null as zero",
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [
+
],
+ "spaceLength": 10,
"span": 3,
- "sparkline": {
- "fillColor": "rgba(31, 118, 189, 0.18)",
- "full": false,
- "lineColor": "rgb(31, 120, 193)",
- "show": false
- },
- "tableColumn": "",
+ "stack": false,
+ "steppedLine": false,
"targets": [
{
- "expr": "(sum(node_filesystem_size{device!=\"rootfs\"}) - sum(node_filesystem_free{device!=\"rootfs\"})) / sum(node_filesystem_size{device!=\"rootfs\"})",
+ "expr": "sum(kube_pod_container_resource_limits_memory_bytes) / sum(node_memory_MemTotal)",
"format": "time_series",
+ "instant": true,
"intervalFactor": 2,
- "legendFormat": ""
+ "refId": "A"
}
],
- "thresholds": "80, 90",
- "title": "Filesystem Utilization",
+ "thresholds": "70,80",
+ "timeFrom": null,
+ "timeShift": null,
+ "title": "Memory Limits Commitment",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
+ },
"type": "singlestat",
- "valueFontSize": "80%",
- "valueMaps": [
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": [
+
+ ]
+ },
+ "yaxes": [
{
- "op": "=",
- "text": "N/A",
- "value": "null"
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": 0,
+ "show": true
+ },
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": false
}
- ],
- "valueName": "current"
- },
+ ]
+ }
+ ],
+ "repeat": null,
+ "repeatIteration": null,
+ "repeatRowId": null,
+ "showTitle": false,
+ "title": "Headlines",
+ "titleSize": "h6"
+ },
+ {
+ "collapse": false,
+ "height": "250px",
+ "panels": [
{
- "cacheTimeout": null,
- "colorBackground": false,
- "colorValue": false,
- "colors": [
- "rgba(50, 172, 45, 0.97)",
- "rgba(237, 129, 40, 0.89)",
- "rgba(245, 54, 54, 0.9)"
- ],
- "datasource": "prometheus",
- "format": "percent",
- "gauge": {
- "maxValue": 100,
- "minValue": 0,
- "show": true,
- "thresholdLabels": false,
- "thresholdMarkers": true
- },
- "gridPos": {
+ "aliasColors": {
},
- "id": 11,
- "interval": null,
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "datasource": "$datasource",
+ "fill": 10,
+ "id": 4,
+ "legend": {
+ "avg": false,
+ "current": false,
+ "max": false,
+ "min": false,
+ "show": true,
+ "total": false,
+ "values": false
+ },
+ "lines": true,
+ "linewidth": 0,
"links": [
],
- "mappingType": 1,
- "mappingTypes": [
- {
- "name": "value to text",
- "value": 1
- },
- {
- "name": "range to text",
- "value": 2
- }
- ],
- "maxDataPoints": 100,
- "nullPointMode": "connected",
- "nullText": null,
- "postfix": "",
- "postfixFontSize": "50%",
- "prefix": "",
- "prefixFontSize": "50%",
- "rangeMaps": [
- {
- "from": "null",
- "text": "N/A",
- "to": "null"
- }
+ "nullPointMode": "null as zero",
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [
+
],
- "span": 3,
- "sparkline": {
- "fillColor": "rgba(31, 118, 189, 0.18)",
- "full": false,
- "lineColor": "rgb(31, 120, 193)",
- "show": false
- },
- "tableColumn": "",
+ "spaceLength": 10,
+ "span": 12,
+ "stack": true,
+ "steppedLine": false,
"targets": [
{
- "expr": "100 - (sum(kube_node_status_capacity_pods) - sum(kube_pod_info)) / sum(kube_node_status_capacity_pods) * 100",
+ "expr": "sum(irate(container_cpu_usage_seconds_total[1m])) by (namespace)",
"format": "time_series",
"intervalFactor": 2,
- "legendFormat": ""
+ "legendFormat": "{{namespace}}",
+ "legendLink": null,
+ "step": 10
}
],
- "thresholds": "80, 90",
- "title": "Pod Utilization",
- "type": "singlestat",
- "valueFontSize": "80%",
- "valueMaps": [
+ "thresholds": [
+
+ ],
+ "timeFrom": null,
+ "timeShift": null,
+ "title": "CPU Usage",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
+ },
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": [
+
+ ]
+ },
+ "yaxes": [
{
- "op": "=",
- "text": "N/A",
- "value": "null"
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": 0,
+ "show": true
+ },
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": false
}
- ],
- "valueName": "current"
+ ]
}
],
"repeat": null,
"repeatIteration": null,
"repeatRowId": null,
- "showTitle": false,
- "title": "Dashboard Row",
- "titleSize": "h6",
- "type": "row"
- }
- ],
- "schemaVersion": 14,
- "style": "dark",
- "tags": [
-
- ],
- "templating": {
- "list": [
-
- ]
- },
- "time": {
- "from": "now-1h",
- "to": "now"
- },
- "timepicker": {
- "refresh_intervals": [
- "5s",
- "10s",
- "30s",
- "1m",
- "5m",
- "15m",
- "30m",
- "1h",
- "2h",
- "1d"
- ],
- "time_options": [
- "5m",
- "15m",
- "1h",
- "6h",
- "12h",
- "24h",
- "2d",
- "7d",
- "30d"
- ]
- },
- "timezone": "browser",
- "title": "Kubernetes Cluster Status",
- "version": 0
- }
- kubernetes-control-plane-status-dashboard.json: |-
- {
- "annotations": {
- "list": [
-
- ]
- },
- "editable": false,
- "gnetId": null,
- "graphTooltip": 0,
- "hideControls": false,
- "id": null,
- "links": [
-
- ],
- "refresh": "10s",
- "rows": [
+ "showTitle": true,
+ "title": "CPU",
+ "titleSize": "h6"
+ },
{
"collapse": false,
- "collapsed": false,
"height": "250px",
"panels": [
{
- "cacheTimeout": null,
- "colorBackground": false,
- "colorValue": false,
- "colors": [
- "rgba(245, 54, 54, 0.9)",
- "rgba(237, 129, 40, 0.89)",
- "rgba(50, 172, 45, 0.97)"
- ],
- "datasource": "prometheus",
- "format": "percent",
- "gauge": {
- "maxValue": 100,
- "minValue": 0,
- "show": true,
- "thresholdLabels": false,
- "thresholdMarkers": true
- },
- "gridPos": {
+ "aliasColors": {
},
- "id": 2,
- "interval": null,
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "datasource": "$datasource",
+ "fill": 1,
+ "id": 5,
+ "legend": {
+ "avg": false,
+ "current": false,
+ "max": false,
+ "min": false,
+ "show": true,
+ "total": false,
+ "values": false
+ },
+ "lines": true,
+ "linewidth": 1,
"links": [
],
- "mappingType": 1,
- "mappingTypes": [
+ "nullPointMode": "null as zero",
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [
+
+ ],
+ "spaceLength": 10,
+ "span": 12,
+ "stack": false,
+ "steppedLine": false,
+ "styles": [
{
- "name": "value to text",
- "value": 1
+ "alias": "Time",
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "pattern": "Time",
+ "type": "hidden"
},
{
- "name": "range to text",
- "value": 2
- }
- ],
- "maxDataPoints": 100,
- "nullPointMode": "connected",
- "nullText": null,
- "postfix": "",
- "postfixFontSize": "50%",
- "prefix": "",
- "prefixFontSize": "50%",
- "rangeMaps": [
- {
- "from": "null",
- "text": "N/A",
- "to": "null"
+ "alias": "CPU Usage",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "link": false,
+ "linkTooltip": "Drill down",
+ "linkUrl": "",
+ "pattern": "Value #A",
+ "thresholds": [
+
+ ],
+ "type": "number",
+ "unit": "short"
+ },
+ {
+ "alias": "CPU Requests",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "link": false,
+ "linkTooltip": "Drill down",
+ "linkUrl": "",
+ "pattern": "Value #B",
+ "thresholds": [
+
+ ],
+ "type": "number",
+ "unit": "short"
+ },
+ {
+ "alias": "CPU Requests %",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "link": false,
+ "linkTooltip": "Drill down",
+ "linkUrl": "",
+ "pattern": "Value #C",
+ "thresholds": [
+
+ ],
+ "type": "number",
+ "unit": "percentunit"
+ },
+ {
+ "alias": "CPU Limits",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "link": false,
+ "linkTooltip": "Drill down",
+ "linkUrl": "",
+ "pattern": "Value #D",
+ "thresholds": [
+
+ ],
+ "type": "number",
+ "unit": "short"
+ },
+ {
+ "alias": "CPU Limits %",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "link": false,
+ "linkTooltip": "Drill down",
+ "linkUrl": "",
+ "pattern": "Value #E",
+ "thresholds": [
+
+ ],
+ "type": "number",
+ "unit": "percentunit"
+ },
+ {
+ "alias": "Namespace",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "link": true,
+ "linkTooltip": "Drill down",
+ "linkUrl": "/dashboard/file/k8s-resources-namespace.json?var-datasource=$datasource&var-namespace=$__cell",
+ "pattern": "namespace",
+ "thresholds": [
+
+ ],
+ "type": "number",
+ "unit": "short"
+ },
+ {
+ "alias": "",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "pattern": "/.*/",
+ "thresholds": [
+
+ ],
+ "type": "string",
+ "unit": "short"
}
],
- "span": 3,
- "sparkline": {
- "fillColor": "rgba(31, 118, 189, 0.18)",
- "full": false,
- "lineColor": "rgb(31, 120, 193)",
- "show": false
- },
- "tableColumn": "",
"targets": [
{
- "expr": "(sum(up{job=\"apiserver\"} == 1) / sum(up{job=\"apiserver\"})) * 100",
- "format": "time_series",
+ "expr": "sum(rate(container_cpu_usage_seconds_total[5m])) by (namespace)",
+ "format": "table",
+ "instant": true,
"intervalFactor": 2,
- "legendFormat": ""
- }
- ],
- "thresholds": "50, 80",
- "title": "API Servers UP",
- "type": "singlestat",
- "valueFontSize": "80%",
- "valueMaps": [
+ "legendFormat": "",
+ "step": 10
+ },
{
- "op": "=",
- "text": "N/A",
- "value": "null"
+ "expr": "sum(kube_pod_container_resource_requests_cpu_cores) by (namespace)",
+ "format": "table",
+ "instant": true,
+ "intervalFactor": 2,
+ "legendFormat": "",
+ "step": 10
+ },
+ {
+ "expr": "sum(rate(container_cpu_usage_seconds_total[5m])) by (namespace) / sum(kube_pod_container_resource_requests_cpu_cores) by (namespace)",
+ "format": "table",
+ "instant": true,
+ "intervalFactor": 2,
+ "legendFormat": "",
+ "step": 10
+ },
+ {
+ "expr": "sum(kube_pod_container_resource_limits_cpu_cores) by (namespace)",
+ "format": "table",
+ "instant": true,
+ "intervalFactor": 2,
+ "legendFormat": "",
+ "step": 10
+ },
+ {
+ "expr": "sum(rate(container_cpu_usage_seconds_total[5m])) by (namespace) / sum(kube_pod_container_resource_limits_cpu_cores) by (namespace)",
+ "format": "table",
+ "instant": true,
+ "intervalFactor": 2,
+ "legendFormat": "",
+ "step": 10
}
],
- "valueName": "current"
- },
- {
- "cacheTimeout": null,
- "colorBackground": false,
- "colorValue": false,
- "colors": [
- "rgba(245, 54, 54, 0.9)",
- "rgba(237, 129, 40, 0.89)",
- "rgba(50, 172, 45, 0.97)"
+ "thresholds": [
+
],
- "datasource": "prometheus",
- "format": "percent",
- "gauge": {
- "maxValue": 100,
- "minValue": 0,
- "show": true,
- "thresholdLabels": false,
- "thresholdMarkers": true
+ "timeFrom": null,
+ "timeShift": null,
+ "title": "CPU Quota",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
},
- "gridPos": {
+ "transform": "table",
+ "type": "table",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": [
+ ]
},
- "id": 3,
- "interval": null,
- "links": [
-
- ],
- "mappingType": 1,
- "mappingTypes": [
+ "yaxes": [
{
- "name": "value to text",
- "value": 1
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": 0,
+ "show": true
},
{
- "name": "range to text",
- "value": 2
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": false
}
+ ]
+ }
+ ],
+ "repeat": null,
+ "repeatIteration": null,
+ "repeatRowId": null,
+ "showTitle": true,
+ "title": "CPU Quota",
+ "titleSize": "h6"
+ },
+ {
+ "collapse": false,
+ "height": "250px",
+ "panels": [
+ {
+ "aliasColors": {
+
+ },
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "datasource": "$datasource",
+ "fill": 10,
+ "id": 6,
+ "legend": {
+ "avg": false,
+ "current": false,
+ "max": false,
+ "min": false,
+ "show": true,
+ "total": false,
+ "values": false
+ },
+ "lines": true,
+ "linewidth": 0,
+ "links": [
+
],
- "maxDataPoints": 100,
- "nullPointMode": "connected",
- "nullText": null,
- "postfix": "",
- "postfixFontSize": "50%",
- "prefix": "",
- "prefixFontSize": "50%",
- "rangeMaps": [
- {
- "from": "null",
- "text": "N/A",
- "to": "null"
- }
+ "nullPointMode": "null as zero",
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [
+
],
- "span": 3,
- "sparkline": {
- "fillColor": "rgba(31, 118, 189, 0.18)",
- "full": false,
- "lineColor": "rgb(31, 120, 193)",
- "show": false
- },
- "tableColumn": "",
+ "spaceLength": 10,
+ "span": 12,
+ "stack": true,
+ "steppedLine": false,
"targets": [
{
- "expr": "(sum(up{job=\"kube-controller-manager\"} == 1) / sum(up{job=\"kube-controller-manager\"})) * 100",
+ "expr": "sum(container_memory_rss) by (namespace)",
"format": "time_series",
"intervalFactor": 2,
- "legendFormat": ""
- }
- ],
- "thresholds": "50, 80",
- "title": "Controller Mangers UP",
- "type": "singlestat",
- "valueFontSize": "80%",
- "valueMaps": [
- {
- "op": "=",
- "text": "N/A",
- "value": "null"
+ "legendFormat": "{{namespace}}",
+ "legendLink": null,
+ "step": 10
}
],
- "valueName": "current"
- },
- {
- "cacheTimeout": null,
- "colorBackground": false,
- "colorValue": false,
- "colors": [
- "rgba(245, 54, 54, 0.9)",
- "rgba(237, 129, 40, 0.89)",
- "rgba(50, 172, 45, 0.97)"
+ "thresholds": [
+
],
- "datasource": "prometheus",
- "format": "percent",
- "gauge": {
- "maxValue": 100,
- "minValue": 0,
+ "timeFrom": null,
+ "timeShift": null,
+ "title": "Memory Usage (w/o cache)",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
+ },
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
"show": true,
- "thresholdLabels": false,
- "thresholdMarkers": true
+ "values": [
+
+ ]
},
- "gridPos": {
+ "yaxes": [
+ {
+ "format": "decbytes",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": 0,
+ "show": true
+ },
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": false
+ }
+ ]
+ }
+ ],
+ "repeat": null,
+ "repeatIteration": null,
+ "repeatRowId": null,
+ "showTitle": true,
+ "title": "Memory",
+ "titleSize": "h6"
+ },
+ {
+ "collapse": false,
+ "height": "250px",
+ "panels": [
+ {
+ "aliasColors": {
},
- "id": 4,
- "interval": null,
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "datasource": "$datasource",
+ "fill": 1,
+ "id": 7,
+ "legend": {
+ "avg": false,
+ "current": false,
+ "max": false,
+ "min": false,
+ "show": true,
+ "total": false,
+ "values": false
+ },
+ "lines": true,
+ "linewidth": 1,
"links": [
],
- "mappingType": 1,
- "mappingTypes": [
+ "nullPointMode": "null as zero",
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [
+
+ ],
+ "spaceLength": 10,
+ "span": 12,
+ "stack": false,
+ "steppedLine": false,
+ "styles": [
{
- "name": "value to text",
- "value": 1
+ "alias": "Time",
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "pattern": "Time",
+ "type": "hidden"
},
{
- "name": "range to text",
- "value": 2
- }
- ],
- "maxDataPoints": 100,
- "nullPointMode": "connected",
- "nullText": null,
- "postfix": "",
- "postfixFontSize": "50%",
- "prefix": "",
- "prefixFontSize": "50%",
- "rangeMaps": [
+ "alias": "Memory Usage",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "link": false,
+ "linkTooltip": "Drill down",
+ "linkUrl": "",
+ "pattern": "Value #A",
+ "thresholds": [
+
+ ],
+ "type": "number",
+ "unit": "decbytes"
+ },
{
- "from": "null",
- "text": "N/A",
- "to": "null"
+ "alias": "Memory Requests",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "link": false,
+ "linkTooltip": "Drill down",
+ "linkUrl": "",
+ "pattern": "Value #B",
+ "thresholds": [
+
+ ],
+ "type": "number",
+ "unit": "decbytes"
+ },
+ {
+ "alias": "Memory Requests %",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "link": false,
+ "linkTooltip": "Drill down",
+ "linkUrl": "",
+ "pattern": "Value #C",
+ "thresholds": [
+
+ ],
+ "type": "number",
+ "unit": "percentunit"
+ },
+ {
+ "alias": "Memory Limits",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "link": false,
+ "linkTooltip": "Drill down",
+ "linkUrl": "",
+ "pattern": "Value #D",
+ "thresholds": [
+
+ ],
+ "type": "number",
+ "unit": "decbytes"
+ },
+ {
+ "alias": "Memory Limits %",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "link": false,
+ "linkTooltip": "Drill down",
+ "linkUrl": "",
+ "pattern": "Value #E",
+ "thresholds": [
+
+ ],
+ "type": "number",
+ "unit": "percentunit"
+ },
+ {
+ "alias": "Namespace",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "link": true,
+ "linkTooltip": "Drill down",
+ "linkUrl": "/dashboard/file/k8s-resources-namespace.json?var-datasource=$datasource&var-namespace=$__cell",
+ "pattern": "namespace",
+ "thresholds": [
+
+ ],
+ "type": "number",
+ "unit": "short"
+ },
+ {
+ "alias": "",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "pattern": "/.*/",
+ "thresholds": [
+
+ ],
+ "type": "string",
+ "unit": "short"
}
],
- "span": 3,
- "sparkline": {
- "fillColor": "rgba(31, 118, 189, 0.18)",
- "full": false,
- "lineColor": "rgb(31, 120, 193)",
- "show": false
- },
- "tableColumn": "",
"targets": [
{
- "expr": "(sum(up{job=\"kube-scheduler\"} == 1) / sum(up{job=\"kube-scheduler\"})) * 100",
- "format": "time_series",
+ "expr": "sum(container_memory_rss) by (namespace)",
+ "format": "table",
+ "instant": true,
"intervalFactor": 2,
- "legendFormat": ""
- }
- ],
- "thresholds": "50, 80",
- "title": "Schedulers UP",
- "type": "singlestat",
- "valueFontSize": "80%",
- "valueMaps": [
+ "legendFormat": "",
+ "step": 10
+ },
{
- "op": "=",
- "text": "N/A",
- "value": "null"
- }
- ],
- "valueName": "current"
- },
- {
- "cacheTimeout": null,
- "colorBackground": false,
- "colorValue": false,
- "colors": [
- "rgba(245, 54, 54, 0.9)",
- "rgba(237, 129, 40, 0.89)",
- "rgba(50, 172, 45, 0.97)"
- ],
- "datasource": "prometheus",
- "format": "percent",
- "gauge": {
- "maxValue": 100,
- "minValue": 0,
- "show": true,
- "thresholdLabels": false,
- "thresholdMarkers": true
- },
- "gridPos": {
-
- },
- "id": 5,
- "interval": null,
- "links": [
-
- ],
- "mappingType": 1,
- "mappingTypes": [
+ "expr": "sum(kube_pod_container_resource_requests_memory_bytes) by (namespace)",
+ "format": "table",
+ "instant": true,
+ "intervalFactor": 2,
+ "legendFormat": "",
+ "step": 10
+ },
{
- "name": "value to text",
- "value": 1
+ "expr": "sum(container_memory_rss) by (namespace) / sum(kube_pod_container_resource_requests_memory_bytes) by (namespace)",
+ "format": "table",
+ "instant": true,
+ "intervalFactor": 2,
+ "legendFormat": "",
+ "step": 10
},
{
- "name": "range to text",
- "value": 2
- }
- ],
- "maxDataPoints": 100,
- "nullPointMode": "connected",
- "nullText": null,
- "postfix": "",
- "postfixFontSize": "50%",
- "prefix": "",
- "prefixFontSize": "50%",
- "rangeMaps": [
+ "expr": "sum(kube_pod_container_resource_limits_memory_bytes) by (namespace)",
+ "format": "table",
+ "instant": true,
+ "intervalFactor": 2,
+ "legendFormat": "",
+ "step": 10
+ },
{
- "from": "null",
- "text": "N/A",
- "to": "null"
+ "expr": "sum(container_memory_rss) by (namespace) / sum(kube_pod_container_resource_limits_memory_bytes) by (namespace)",
+ "format": "table",
+ "instant": true,
+ "intervalFactor": 2,
+ "legendFormat": "",
+ "step": 10
}
],
- "span": 3,
- "sparkline": {
- "fillColor": "rgba(31, 118, 189, 0.18)",
- "full": false,
- "lineColor": "rgb(31, 120, 193)",
- "show": false
+ "thresholds": [
+
+ ],
+ "timeFrom": null,
+ "timeShift": null,
+ "title": "Requests by Namespace",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
},
- "tableColumn": "",
- "targets": [
+ "transform": "table",
+ "type": "table",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": [
+
+ ]
+ },
+ "yaxes": [
{
- "expr": "max(sum by(instance) (rate(apiserver_request_count{code=\u007e\"5..\"}[5m])) / sum by(instance) (rate(apiserver_request_count[5m]))) * 100",
- "format": "time_series",
- "intervalFactor": 2,
- "legendFormat": ""
- }
- ],
- "thresholds": "50, 80",
- "title": "API Request Error Rate",
- "type": "singlestat",
- "valueFontSize": "80%",
- "valueMaps": [
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": 0,
+ "show": true
+ },
{
- "op": "=",
- "text": "N/A",
- "value": "null"
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": false
}
- ],
- "valueName": "current"
+ ]
}
],
"repeat": null,
"repeatIteration": null,
"repeatRowId": null,
- "showTitle": false,
- "title": "Dashboard Row",
- "titleSize": "h6",
- "type": "row"
- },
+ "showTitle": true,
+ "title": "Memory Requests",
+ "titleSize": "h6"
+ }
+ ],
+ "schemaVersion": 14,
+ "style": "dark",
+ "tags": [
+
+ ],
+ "templating": {
+ "list": [
+ {
+ "current": {
+ "text": "Prometheus",
+ "value": "Prometheus"
+ },
+ "hide": 0,
+ "label": null,
+ "name": "datasource",
+ "options": [
+
+ ],
+ "query": "prometheus",
+ "refresh": 1,
+ "regex": "",
+ "type": "datasource"
+ }
+ ]
+ },
+ "time": {
+ "from": "now-1h",
+ "to": "now"
+ },
+ "timepicker": {
+ "refresh_intervals": [
+ "5s",
+ "10s",
+ "30s",
+ "1m",
+ "5m",
+ "15m",
+ "30m",
+ "1h",
+ "2h",
+ "1d"
+ ],
+ "time_options": [
+ "5m",
+ "15m",
+ "1h",
+ "6h",
+ "12h",
+ "24h",
+ "2d",
+ "7d",
+ "30d"
+ ]
+ },
+ "timezone": "utc",
+ "title": "K8s / Compute Resources / Cluster",
+ "version": 0
+ }
+ k8s-resources-namespace.json: |-
+ {
+ "annotations": {
+ "list": [
+
+ ]
+ },
+ "editable": true,
+ "gnetId": null,
+ "graphTooltip": 0,
+ "hideControls": false,
+ "links": [
+
+ ],
+ "refresh": "10s",
+ "rows": [
{
"collapse": false,
- "collapsed": false,
"height": "250px",
"panels": [
{
@@ -3864,46 +3014,44 @@ data:
},
"bars": false,
"dashLength": 10,
- "dashes": false,
- "datasource": "prometheus",
- "fill": 1,
- "gridPos": {
-
- },
- "id": 6,
+ "dashes": false,
+ "datasource": "$datasource",
+ "fill": 10,
+ "id": 0,
"legend": {
- "alignAsTable": false,
"avg": false,
"current": false,
"max": false,
"min": false,
- "rightSide": false,
"show": true,
"total": false,
"values": false
},
"lines": true,
- "linewidth": 1,
- "nullPointMode": "null",
+ "linewidth": 0,
+ "links": [
+
+ ],
+ "nullPointMode": "null as zero",
"percentage": false,
"pointradius": 5,
"points": false,
"renderer": "flot",
- "repeat": null,
"seriesOverrides": [
],
"spaceLength": 10,
"span": 12,
- "stack": false,
+ "stack": true,
"steppedLine": false,
"targets": [
{
- "expr": "sum by(verb) (rate(apiserver_latency_seconds:quantile[5m]) >= 0)",
+ "expr": "sum(irate(container_cpu_usage_seconds_total{namespace=\"$namespace\"}[1m])) by (pod_name)",
"format": "time_series",
"intervalFactor": 2,
- "legendFormat": "",
- "refId": "A"
+ "legendFormat": "{{pod_name}}",
+ "legendLink": null,
+ "step": 10
}
],
"thresholds": [
@@ -3911,7 +3059,7 @@ data:
],
"timeFrom": null,
"timeShift": null,
- "title": "API Request Latency",
+ "title": "CPU Usage",
"tooltip": {
"shared": true,
"sort": 0,
@@ -3933,7 +3081,7 @@ data:
"label": null,
"logBase": 1,
"max": null,
- "min": null,
+ "min": 0,
"show": true
},
{
@@ -3942,7 +3090,7 @@ data:
"logBase": 1,
"max": null,
"min": null,
- "show": true
+ "show": false
}
]
}
@@ -3950,14 +3098,12 @@ data:
"repeat": null,
"repeatIteration": null,
"repeatRowId": null,
- "showTitle": false,
- "title": "Dashboard Row",
- "titleSize": "h6",
- "type": "row"
+ "showTitle": true,
+ "title": "CPU Usage",
+ "titleSize": "h6"
},
{
"collapse": false,
- "collapsed": false,
"height": "250px",
"panels": [
{
@@ -3967,31 +3113,28 @@ data:
"bars": false,
"dashLength": 10,
"dashes": false,
- "datasource": "prometheus",
+ "datasource": "$datasource",
"fill": 1,
- "gridPos": {
-
- },
- "id": 7,
+ "id": 1,
"legend": {
- "alignAsTable": false,
"avg": false,
"current": false,
"max": false,
"min": false,
- "rightSide": false,
"show": true,
"total": false,
"values": false
},
"lines": true,
"linewidth": 1,
- "nullPointMode": "null",
+ "links": [
+
+ ],
+ "nullPointMode": "null as zero",
"percentage": false,
"pointradius": 5,
"points": false,
"renderer": "flot",
- "repeat": null,
"seriesOverrides": [
],
@@ -3999,20 +3142,177 @@ data:
"span": 12,
"stack": false,
"steppedLine": false,
+ "styles": [
+ {
+ "alias": "Time",
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "pattern": "Time",
+ "type": "hidden"
+ },
+ {
+ "alias": "CPU Usage",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "link": false,
+ "linkTooltip": "Drill down",
+ "linkUrl": "",
+ "pattern": "Value #A",
+ "thresholds": [
+
+ ],
+ "type": "number",
+ "unit": "short"
+ },
+ {
+ "alias": "CPU Requests",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "link": false,
+ "linkTooltip": "Drill down",
+ "linkUrl": "",
+ "pattern": "Value #B",
+ "thresholds": [
+
+ ],
+ "type": "number",
+ "unit": "short"
+ },
+ {
+ "alias": "CPU Requests %",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "link": false,
+ "linkTooltip": "Drill down",
+ "linkUrl": "",
+ "pattern": "Value #C",
+ "thresholds": [
+
+ ],
+ "type": "number",
+ "unit": "percentunit"
+ },
+ {
+ "alias": "CPU Limits",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "link": false,
+ "linkTooltip": "Drill down",
+ "linkUrl": "",
+ "pattern": "Value #D",
+ "thresholds": [
+
+ ],
+ "type": "number",
+ "unit": "short"
+ },
+ {
+ "alias": "CPU Limits %",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "link": false,
+ "linkTooltip": "Drill down",
+ "linkUrl": "",
+ "pattern": "Value #E",
+ "thresholds": [
+
+ ],
+ "type": "number",
+ "unit": "percentunit"
+ },
+ {
+ "alias": "Pod",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "link": true,
+ "linkTooltip": "Drill down",
+ "linkUrl": "/dashboard/file/k8s-resources-pod.json?var-datasource=$datasource&var-namespace=$namespace&var-pod=$__cell",
+ "pattern": "pod",
+ "thresholds": [
+
+ ],
+ "type": "number",
+ "unit": "short"
+ },
+ {
+ "alias": "",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "pattern": "/.*/",
+ "thresholds": [
+
+ ],
+ "type": "string",
+ "unit": "short"
+ }
+ ],
"targets": [
{
- "expr": "sum by(instance) (rate(apiserver_request_count{code!\u007e\"2..\"}[5m]))",
- "format": "time_series",
+ "expr": "sum(label_replace(rate(container_cpu_usage_seconds_total{namespace=\"$namespace\"}[5m]), \"pod\", \"$1\", \"pod_name\", \"(.*)\")) by (pod)",
+ "format": "table",
+ "instant": true,
"intervalFactor": 2,
- "legendFormat": "Error Rate",
- "refId": "A"
+ "legendFormat": "",
+ "step": 10
},
{
- "expr": "sum by(instance) (rate(apiserver_request_count[5m]))",
- "format": "time_series",
+ "expr": "sum(kube_pod_container_resource_requests_cpu_cores{namespace=\"$namespace\"}) by (pod)",
+ "format": "table",
+ "instant": true,
"intervalFactor": 2,
- "legendFormat": "Request Rate",
- "refId": "B"
+ "legendFormat": "",
+ "step": 10
+ },
+ {
+ "expr": "sum(label_replace(rate(container_cpu_usage_seconds_total{namespace=\"$namespace\"}[5m]), \"pod\", \"$1\", \"pod_name\", \"(.*)\")) by (pod) / sum(kube_pod_container_resource_requests_cpu_cores{namespace=\"$namespace\"}) by (pod)",
+ "format": "table",
+ "instant": true,
+ "intervalFactor": 2,
+ "legendFormat": "",
+ "step": 10
+ },
+ {
+ "expr": "sum(kube_pod_container_resource_limits_cpu_cores{namespace=\"$namespace\"}) by (pod)",
+ "format": "table",
+ "instant": true,
+ "intervalFactor": 2,
+ "legendFormat": "",
+ "step": 10
+ },
+ {
+ "expr": "sum(label_replace(rate(container_cpu_usage_seconds_total{namespace=\"$namespace\"}[5m]), \"pod\", \"$1\", \"pod_name\", \"(.*)\")) by (pod) / sum(kube_pod_container_resource_limits_cpu_cores{namespace=\"$namespace\"}) by (pod)",
+ "format": "table",
+ "instant": true,
+ "intervalFactor": 2,
+ "legendFormat": "",
+ "step": 10
}
],
"thresholds": [
@@ -4020,13 +3320,14 @@ data:
],
"timeFrom": null,
"timeShift": null,
- "title": "API Request Rate",
+ "title": "CPU Quota",
"tooltip": {
"shared": true,
"sort": 0,
"value_type": "individual"
},
- "type": "graph",
+ "transform": "table",
+ "type": "table",
"xaxis": {
"buckets": null,
"mode": "time",
@@ -4042,7 +3343,7 @@ data:
"label": null,
"logBase": 1,
"max": null,
- "min": null,
+ "min": 0,
"show": true
},
{
@@ -4051,7 +3352,7 @@ data:
"logBase": 1,
"max": null,
"min": null,
- "show": true
+ "show": false
}
]
}
@@ -4059,14 +3360,12 @@ data:
"repeat": null,
"repeatIteration": null,
"repeatRowId": null,
- "showTitle": false,
- "title": "Dashboard Row",
- "titleSize": "h6",
- "type": "row"
+ "showTitle": true,
+ "title": "CPU Quota",
+ "titleSize": "h6"
},
{
"collapse": false,
- "collapsed": false,
"height": "250px",
"panels": [
{
@@ -4076,45 +3375,43 @@ data:
"bars": false,
"dashLength": 10,
"dashes": false,
- "datasource": "prometheus",
- "fill": 1,
- "gridPos": {
-
- },
- "id": 8,
+ "datasource": "$datasource",
+ "fill": 10,
+ "id": 2,
"legend": {
- "alignAsTable": false,
"avg": false,
"current": false,
"max": false,
"min": false,
- "rightSide": false,
"show": true,
"total": false,
"values": false
},
"lines": true,
- "linewidth": 1,
- "nullPointMode": "null",
+ "linewidth": 0,
+ "links": [
+
+ ],
+ "nullPointMode": "null as zero",
"percentage": false,
"pointradius": 5,
"points": false,
"renderer": "flot",
- "repeat": null,
"seriesOverrides": [
],
"spaceLength": 10,
"span": 12,
- "stack": false,
+ "stack": true,
"steppedLine": false,
"targets": [
{
- "expr": "cluster:scheduler_e2e_scheduling_latency_seconds:quantile",
+ "expr": "sum(container_memory_usage_bytes{namespace=\"$namespace\"}) by (pod_name)",
"format": "time_series",
"intervalFactor": 2,
- "legendFormat": "",
- "refId": "A"
+ "legendFormat": "{{pod_name}}",
+ "legendLink": null,
+ "step": 10
}
],
"thresholds": [
@@ -4122,7 +3419,7 @@ data:
],
"timeFrom": null,
"timeShift": null,
- "title": "End to End Scheduling Latency",
+ "title": "Memory Usage",
"tooltip": {
"shared": true,
"sort": 0,
@@ -4144,173 +3441,31 @@ data:
"label": null,
"logBase": 1,
"max": null,
- "min": null,
+ "min": 0,
"show": true
},
{
"format": "short",
"label": null,
- "logBase": 1,
- "max": null,
- "min": null,
- "show": true
- }
- ]
- }
- ],
- "repeat": null,
- "repeatIteration": null,
- "repeatRowId": null,
- "showTitle": false,
- "title": "Dashboard Row",
- "titleSize": "h6",
- "type": "row"
- }
- ],
- "schemaVersion": 14,
- "style": "dark",
- "tags": [
-
- ],
- "templating": {
- "list": [
-
- ]
- },
- "time": {
- "from": "now-1h",
- "to": "now"
- },
- "timepicker": {
- "refresh_intervals": [
- "5s",
- "10s",
- "30s",
- "1m",
- "5m",
- "15m",
- "30m",
- "1h",
- "2h",
- "1d"
- ],
- "time_options": [
- "5m",
- "15m",
- "1h",
- "6h",
- "12h",
- "24h",
- "2d",
- "7d",
- "30d"
- ]
- },
- "timezone": "browser",
- "title": "Kubernetes Control Plane Status",
- "version": 0
- }
- kubernetes-kubelet-dashboard.json: |-
- {
- "annotations": {
- "list": [
-
- ]
- },
- "editable": false,
- "gnetId": null,
- "graphTooltip": 0,
- "hideControls": false,
- "id": null,
- "links": [
-
- ],
- "refresh": "",
- "rows": [
- {
- "collapse": false,
- "collapsed": false,
- "height": "250px",
- "panels": [
- {
- "cacheTimeout": null,
- "colorBackground": false,
- "colorValue": false,
- "colors": [
- "#299c46",
- "rgba(237, 129, 40, 0.89)",
- "#d44a3a"
- ],
- "datasource": "prometheus",
- "format": "none",
- "gauge": {
- "maxValue": 100,
- "minValue": 0,
- "show": false,
- "thresholdLabels": false,
- "thresholdMarkers": true
- },
- "gridPos": {
-
- },
- "id": 2,
- "interval": null,
- "links": [
-
- ],
- "mappingType": 1,
- "mappingTypes": [
- {
- "name": "value to text",
- "value": 1
- },
- {
- "name": "range to text",
- "value": 2
- }
- ],
- "maxDataPoints": 100,
- "nullPointMode": "connected",
- "nullText": null,
- "postfix": "",
- "postfixFontSize": "50%",
- "prefix": "",
- "prefixFontSize": "50%",
- "rangeMaps": [
- {
- "from": "null",
- "text": "N/A",
- "to": "null"
- }
- ],
- "span": 2,
- "sparkline": {
- "fillColor": "rgba(31, 118, 189, 0.18)",
- "lineColor": "rgb(31, 120, 193)",
- "show": true
- },
- "tableColumn": "",
- "targets": [
- {
- "expr": "sum(kubelet_running_pod_count{instance=\u007e\"$instance\"})",
- "format": "time_series",
- "intervalFactor": 2,
- "legendFormat": ""
- }
- ],
- "thresholds": "",
- "title": "Count",
- "type": "singlestat",
- "valueFontSize": "80%",
- "valueMaps": [
- {
- "op": "=",
- "text": "0",
- "value": "null"
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": false
}
- ],
- "valueName": "current"
- },
+ ]
+ }
+ ],
+ "repeat": null,
+ "repeatIteration": null,
+ "repeatRowId": null,
+ "showTitle": true,
+ "title": "Memory Usage",
+ "titleSize": "h6"
+ },
+ {
+ "collapse": false,
+ "height": "250px",
+ "panels": [
{
"aliasColors": {
@@ -4318,45 +3473,206 @@ data:
"bars": false,
"dashLength": 10,
"dashes": false,
- "datasource": "prometheus",
+ "datasource": "$datasource",
"fill": 1,
- "gridPos": {
-
- },
"id": 3,
"legend": {
- "alignAsTable": false,
"avg": false,
"current": false,
"max": false,
"min": false,
- "rightSide": false,
"show": true,
"total": false,
"values": false
},
"lines": true,
"linewidth": 1,
- "nullPointMode": "null",
+ "links": [
+
+ ],
+ "nullPointMode": "null as zero",
"percentage": false,
"pointradius": 5,
"points": false,
"renderer": "flot",
- "repeat": null,
"seriesOverrides": [
],
"spaceLength": 10,
- "span": 10,
- "stack": true,
+ "span": 12,
+ "stack": false,
"steppedLine": false,
+ "styles": [
+ {
+ "alias": "Time",
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "pattern": "Time",
+ "type": "hidden"
+ },
+ {
+ "alias": "Memory Usage",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "link": false,
+ "linkTooltip": "Drill down",
+ "linkUrl": "",
+ "pattern": "Value #A",
+ "thresholds": [
+
+ ],
+ "type": "number",
+ "unit": "decbytes"
+ },
+ {
+ "alias": "Memory Requests",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "link": false,
+ "linkTooltip": "Drill down",
+ "linkUrl": "",
+ "pattern": "Value #B",
+ "thresholds": [
+
+ ],
+ "type": "number",
+ "unit": "decbytes"
+ },
+ {
+ "alias": "Memory Requests %",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "link": false,
+ "linkTooltip": "Drill down",
+ "linkUrl": "",
+ "pattern": "Value #C",
+ "thresholds": [
+
+ ],
+ "type": "number",
+ "unit": "percentunit"
+ },
+ {
+ "alias": "Memory Limits",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "link": false,
+ "linkTooltip": "Drill down",
+ "linkUrl": "",
+ "pattern": "Value #D",
+ "thresholds": [
+
+ ],
+ "type": "number",
+ "unit": "decbytes"
+ },
+ {
+ "alias": "Memory Limits %",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "link": false,
+ "linkTooltip": "Drill down",
+ "linkUrl": "",
+ "pattern": "Value #E",
+ "thresholds": [
+
+ ],
+ "type": "number",
+ "unit": "percentunit"
+ },
+ {
+ "alias": "Pod",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "link": true,
+ "linkTooltip": "Drill down",
+ "linkUrl": "/dashboard/file/k8s-resources-pod.json?var-datasource=$datasource&var-namespace=$namespace&var-pod=$__cell",
+ "pattern": "pod",
+ "thresholds": [
+
+ ],
+ "type": "number",
+ "unit": "short"
+ },
+ {
+ "alias": "",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "pattern": "/.*/",
+ "thresholds": [
+
+ ],
+ "type": "string",
+ "unit": "short"
+ }
+ ],
"targets": [
{
- "expr": "kubelet_running_pod_count{instance=\u007e\"$instance\"}",
- "format": "time_series",
+ "expr": "sum(label_replace(container_memory_usage_bytes{namespace=\"$namespace\"}, \"pod\", \"$1\", \"pod_name\", \"(.*)\")) by (pod)",
+ "format": "table",
+ "instant": true,
"intervalFactor": 2,
- "legendFormat": "{{ instance }}",
- "refId": "A"
+ "legendFormat": "",
+ "step": 10
+ },
+ {
+ "expr": "sum(kube_pod_container_resource_requests_memory_bytes{namespace=\"$namespace\"}) by (pod)",
+ "format": "table",
+ "instant": true,
+ "intervalFactor": 2,
+ "legendFormat": "",
+ "step": 10
+ },
+ {
+ "expr": "sum(label_replace(container_memory_usage_bytes{namespace=\"$namespace\"}, \"pod\", \"$1\", \"pod_name\", \"(.*)\")) by (pod) / sum(kube_pod_container_resource_requests_memory_bytes{namespace=\"$namespace\"}) by (pod)",
+ "format": "table",
+ "instant": true,
+ "intervalFactor": 2,
+ "legendFormat": "",
+ "step": 10
+ },
+ {
+ "expr": "sum(kube_pod_container_resource_limits_memory_bytes{namespace=\"$namespace\"}) by (pod)",
+ "format": "table",
+ "instant": true,
+ "intervalFactor": 2,
+ "legendFormat": "",
+ "step": 10
+ },
+ {
+ "expr": "sum(label_replace(container_memory_usage_bytes{namespace=\"$namespace\"}, \"pod\", \"$1\", \"pod_name\", \"(.*)\")) by (pod) / sum(kube_pod_container_resource_limits_memory_bytes{namespace=\"$namespace\"}) by (pod)",
+ "format": "table",
+ "instant": true,
+ "intervalFactor": 2,
+ "legendFormat": "",
+ "step": 10
}
],
"thresholds": [
@@ -4364,13 +3680,14 @@ data:
],
"timeFrom": null,
"timeShift": null,
- "title": "Count",
+ "title": "Memory Quota",
"tooltip": {
"shared": true,
"sort": 0,
"value_type": "individual"
},
- "type": "graph",
+ "transform": "table",
+ "type": "table",
"xaxis": {
"buckets": null,
"mode": "time",
@@ -4394,8 +3711,8 @@ data:
"label": null,
"logBase": 1,
"max": null,
- "min": 0,
- "show": true
+ "min": null,
+ "show": false
}
]
}
@@ -4404,94 +3721,115 @@ data:
"repeatIteration": null,
"repeatRowId": null,
"showTitle": true,
- "title": "Pods",
- "titleSize": "h4",
- "type": "row"
- },
+ "title": "Memory Quota",
+ "titleSize": "h6"
+ }
+ ],
+ "schemaVersion": 14,
+ "style": "dark",
+ "tags": [
+
+ ],
+ "templating": {
+ "list": [
+ {
+ "current": {
+ "text": "Prometheus",
+ "value": "Prometheus"
+ },
+ "hide": 0,
+ "label": null,
+ "name": "datasource",
+ "options": [
+
+ ],
+ "query": "prometheus",
+ "refresh": 1,
+ "regex": "",
+ "type": "datasource"
+ },
+ {
+ "allValue": null,
+ "current": {
+ "text": "prod",
+ "value": "prod"
+ },
+ "datasource": "$datasource",
+ "hide": 0,
+ "includeAll": false,
+ "label": "namespace",
+ "multi": false,
+ "name": "namespace",
+ "options": [
+
+ ],
+ "query": "label_values(kube_pod_info, namespace)",
+ "refresh": 1,
+ "regex": "",
+ "sort": 2,
+ "tagValuesQuery": "",
+ "tags": [
+
+ ],
+ "tagsQuery": "",
+ "type": "query",
+ "useTags": false
+ }
+ ]
+ },
+ "time": {
+ "from": "now-1h",
+ "to": "now"
+ },
+ "timepicker": {
+ "refresh_intervals": [
+ "5s",
+ "10s",
+ "30s",
+ "1m",
+ "5m",
+ "15m",
+ "30m",
+ "1h",
+ "2h",
+ "1d"
+ ],
+ "time_options": [
+ "5m",
+ "15m",
+ "1h",
+ "6h",
+ "12h",
+ "24h",
+ "2d",
+ "7d",
+ "30d"
+ ]
+ },
+ "timezone": "utc",
+ "title": "K8s / Compute Resources / Namespace",
+ "version": 0
+ }
+ k8s-resources-pod.json: |-
+ {
+ "annotations": {
+ "list": [
+
+ ]
+ },
+ "editable": true,
+ "gnetId": null,
+ "graphTooltip": 0,
+ "hideControls": false,
+ "links": [
+
+ ],
+ "refresh": "10s",
+ "rows": [
{
"collapse": false,
- "collapsed": false,
"height": "250px",
"panels": [
- {
- "cacheTimeout": null,
- "colorBackground": false,
- "colorValue": false,
- "colors": [
- "#299c46",
- "rgba(237, 129, 40, 0.89)",
- "#d44a3a"
- ],
- "datasource": "prometheus",
- "format": "none",
- "gauge": {
- "maxValue": 100,
- "minValue": 0,
- "show": false,
- "thresholdLabels": false,
- "thresholdMarkers": true
- },
- "gridPos": {
-
- },
- "id": 4,
- "interval": null,
- "links": [
-
- ],
- "mappingType": 1,
- "mappingTypes": [
- {
- "name": "value to text",
- "value": 1
- },
- {
- "name": "range to text",
- "value": 2
- }
- ],
- "maxDataPoints": 100,
- "nullPointMode": "connected",
- "nullText": null,
- "postfix": "",
- "postfixFontSize": "50%",
- "prefix": "",
- "prefixFontSize": "50%",
- "rangeMaps": [
- {
- "from": "null",
- "text": "N/A",
- "to": "null"
- }
- ],
- "span": 2,
- "sparkline": {
- "fillColor": "rgba(31, 118, 189, 0.18)",
- "lineColor": "rgb(31, 120, 193)",
- "show": true
- },
- "tableColumn": "",
- "targets": [
- {
- "expr": "sum(kubelet_running_container_count{instance=\u007e\"$instance\"})",
- "format": "time_series",
- "intervalFactor": 2,
- "legendFormat": ""
- }
- ],
- "thresholds": "",
- "title": "Count",
- "type": "singlestat",
- "valueFontSize": "80%",
- "valueMaps": [
- {
- "op": "=",
- "text": "0",
- "value": "null"
- }
- ],
- "valueName": "current"
- },
{
"aliasColors": {
@@ -4499,45 +3837,43 @@ data:
"bars": false,
"dashLength": 10,
"dashes": false,
- "datasource": "prometheus",
- "fill": 1,
- "gridPos": {
-
- },
- "id": 5,
+ "datasource": "$datasource",
+ "fill": 10,
+ "id": 0,
"legend": {
- "alignAsTable": false,
"avg": false,
"current": false,
"max": false,
"min": false,
- "rightSide": false,
"show": true,
"total": false,
"values": false
},
"lines": true,
- "linewidth": 1,
- "nullPointMode": "null",
+ "linewidth": 0,
+ "links": [
+
+ ],
+ "nullPointMode": "null as zero",
"percentage": false,
"pointradius": 5,
"points": false,
"renderer": "flot",
- "repeat": null,
"seriesOverrides": [
],
"spaceLength": 10,
- "span": 10,
+ "span": 12,
"stack": true,
"steppedLine": false,
"targets": [
{
- "expr": "kubelet_running_container_count{instance=\u007e\"$instance\"}",
+ "expr": "sum(irate(container_cpu_usage_seconds_total{namespace=\"$namespace\",pod_name=\"$pod\"}[1m])) by (container_name)",
"format": "time_series",
"intervalFactor": 2,
- "legendFormat": "{{ instance }}",
- "refId": "A"
+ "legendFormat": "{{container_name}}",
+ "legendLink": null,
+ "step": 10
}
],
"thresholds": [
@@ -4545,7 +3881,7 @@ data:
],
"timeFrom": null,
"timeShift": null,
- "title": "Count",
+ "title": "CPU Usage",
"tooltip": {
"shared": true,
"sort": 0,
@@ -4575,8 +3911,8 @@ data:
"label": null,
"logBase": 1,
"max": null,
- "min": 0,
- "show": true
+ "min": null,
+ "show": false
}
]
}
@@ -4585,13 +3921,11 @@ data:
"repeatIteration": null,
"repeatRowId": null,
"showTitle": true,
- "title": "Containers",
- "titleSize": "h4",
- "type": "row"
+ "title": "CPU Usage",
+ "titleSize": "h6"
},
{
"collapse": false,
- "collapsed": false,
"height": "250px",
"panels": [
{
@@ -4601,32 +3935,28 @@ data:
"bars": false,
"dashLength": 10,
"dashes": false,
- "datasource": "prometheus",
- "description": "Rate of Kubelet Operations in 5min",
+ "datasource": "$datasource",
"fill": 1,
- "gridPos": {
-
- },
- "id": 6,
+ "id": 1,
"legend": {
- "alignAsTable": false,
"avg": false,
"current": false,
"max": false,
"min": false,
- "rightSide": false,
"show": true,
"total": false,
"values": false
},
"lines": true,
"linewidth": 1,
- "nullPointMode": "null",
+ "links": [
+
+ ],
+ "nullPointMode": "null as zero",
"percentage": false,
"pointradius": 5,
"points": false,
"renderer": "flot",
- "repeat": null,
"seriesOverrides": [
],
@@ -4634,13 +3964,177 @@ data:
"span": 12,
"stack": false,
"steppedLine": false,
+ "styles": [
+ {
+ "alias": "Time",
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "pattern": "Time",
+ "type": "hidden"
+ },
+ {
+ "alias": "CPU Usage",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "link": false,
+ "linkTooltip": "Drill down",
+ "linkUrl": "",
+ "pattern": "Value #A",
+ "thresholds": [
+
+ ],
+ "type": "number",
+ "unit": "short"
+ },
+ {
+ "alias": "CPU Requests",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "link": false,
+ "linkTooltip": "Drill down",
+ "linkUrl": "",
+ "pattern": "Value #B",
+ "thresholds": [
+
+ ],
+ "type": "number",
+ "unit": "short"
+ },
+ {
+ "alias": "CPU Requests %",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "link": false,
+ "linkTooltip": "Drill down",
+ "linkUrl": "",
+ "pattern": "Value #C",
+ "thresholds": [
+
+ ],
+ "type": "number",
+ "unit": "percentunit"
+ },
+ {
+ "alias": "CPU Limits",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "link": false,
+ "linkTooltip": "Drill down",
+ "linkUrl": "",
+ "pattern": "Value #D",
+ "thresholds": [
+
+ ],
+ "type": "number",
+ "unit": "short"
+ },
+ {
+ "alias": "CPU Limits %",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "link": false,
+ "linkTooltip": "Drill down",
+ "linkUrl": "",
+ "pattern": "Value #E",
+ "thresholds": [
+
+ ],
+ "type": "number",
+ "unit": "percentunit"
+ },
+ {
+ "alias": "Container",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "link": false,
+ "linkTooltip": "Drill down",
+ "linkUrl": "",
+ "pattern": "container",
+ "thresholds": [
+
+ ],
+ "type": "number",
+ "unit": "short"
+ },
+ {
+ "alias": "",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "pattern": "/.*/",
+ "thresholds": [
+
+ ],
+ "type": "string",
+ "unit": "short"
+ }
+ ],
"targets": [
{
- "expr": "sum(rate(kubelet_runtime_operations{instance=\u007e\"$instance\"}[5m])) by (instance)",
- "format": "time_series",
+ "expr": "sum(label_replace(rate(container_cpu_usage_seconds_total{namespace=\"$namespace\", pod_name=\"$pod\"}[5m]), \"container\", \"$1\", \"container_name\", \"(.*)\")) by (container)",
+ "format": "table",
+ "instant": true,
"intervalFactor": 2,
- "legendFormat": "{{ instance }}",
- "refId": "A"
+ "legendFormat": "",
+ "step": 10
+ },
+ {
+ "expr": "sum(kube_pod_container_resource_requests_cpu_cores{namespace=\"$namespace\", pod=\"$pod\"}) by (container)",
+ "format": "table",
+ "instant": true,
+ "intervalFactor": 2,
+ "legendFormat": "",
+ "step": 10
+ },
+ {
+ "expr": "sum(label_replace(rate(container_cpu_usage_seconds_total{namespace=\"$namespace\", pod_name=\"$pod\"}[5m]), \"container\", \"$1\", \"container_name\", \"(.*)\")) by (container) / sum(kube_pod_container_resource_requests_cpu_cores{namespace=\"$namespace\", pod=\"$pod\"}) by (container)",
+ "format": "table",
+ "instant": true,
+ "intervalFactor": 2,
+ "legendFormat": "",
+ "step": 10
+ },
+ {
+ "expr": "sum(kube_pod_container_resource_limits_cpu_cores{namespace=\"$namespace\", pod=\"$pod\"}) by (container)",
+ "format": "table",
+ "instant": true,
+ "intervalFactor": 2,
+ "legendFormat": "",
+ "step": 10
+ },
+ {
+ "expr": "sum(label_replace(rate(container_cpu_usage_seconds_total{namespace=\"$namespace\", pod_name=\"$pod\"}[5m]), \"container\", \"$1\", \"container_name\", \"(.*)\")) by (container) / sum(kube_pod_container_resource_limits_cpu_cores{namespace=\"$namespace\", pod=\"$pod\"}) by (container)",
+ "format": "table",
+ "instant": true,
+ "intervalFactor": 2,
+ "legendFormat": "",
+ "step": 10
}
],
"thresholds": [
@@ -4648,13 +4142,14 @@ data:
],
"timeFrom": null,
"timeShift": null,
- "title": "Operations",
+ "title": "CPU Quota",
"tooltip": {
"shared": true,
"sort": 0,
"value_type": "individual"
},
- "type": "graph",
+ "transform": "table",
+ "type": "table",
"xaxis": {
"buckets": null,
"mode": "time",
@@ -4678,8 +4173,8 @@ data:
"label": null,
"logBase": 1,
"max": null,
- "min": 0,
- "show": true
+ "min": null,
+ "show": false
}
]
}
@@ -4688,99 +4183,11 @@ data:
"repeatIteration": null,
"repeatRowId": null,
"showTitle": true,
- "title": "Kubelet",
- "titleSize": "h4",
- "type": "row"
- }
- ],
- "schemaVersion": 14,
- "style": "dark",
- "tags": [
-
- ],
- "templating": {
- "list": [
- {
- "allValue": null,
- "current": {
-
- },
- "datasource": "prometheus",
- "hide": 0,
- "includeAll": true,
- "label": null,
- "multi": false,
- "name": "instance",
- "options": [
-
- ],
- "query": "label_values(kubelet_running_pod_count,instance)",
- "refresh": 2,
- "regex": "",
- "sort": 0,
- "tagValuesQuery": "",
- "tags": [
-
- ],
- "tagsQuery": "",
- "type": "query",
- "useTags": false
- }
- ]
- },
- "time": {
- "from": "now-1h",
- "to": "now"
- },
- "timepicker": {
- "refresh_intervals": [
- "5s",
- "10s",
- "30s",
- "1m",
- "5m",
- "15m",
- "30m",
- "1h",
- "2h",
- "1d"
- ],
- "time_options": [
- "5m",
- "15m",
- "1h",
- "6h",
- "12h",
- "24h",
- "2d",
- "7d",
- "30d"
- ]
- },
- "timezone": "browser",
- "title": "Kubelet",
- "version": 0
- }
- kubernetes-resource-requests-dashboard.json: |-
- {
- "annotations": {
- "list": [
-
- ]
- },
- "editable": false,
- "gnetId": null,
- "graphTooltip": 0,
- "hideControls": false,
- "id": null,
- "links": [
-
- ],
- "refresh": "10s",
- "rows": [
+ "title": "CPU Quota",
+ "titleSize": "h6"
+ },
{
"collapse": false,
- "collapsed": false,
"height": "250px",
"panels": [
{
@@ -4790,52 +4197,43 @@ data:
"bars": false,
"dashLength": 10,
"dashes": false,
- "datasource": "prometheus",
- "fill": 1,
- "gridPos": {
-
- },
+ "datasource": "$datasource",
+ "fill": 10,
"id": 2,
"legend": {
- "alignAsTable": false,
"avg": false,
"current": false,
"max": false,
"min": false,
- "rightSide": false,
"show": true,
"total": false,
"values": false
},
"lines": true,
- "linewidth": 1,
- "nullPointMode": "null",
+ "linewidth": 0,
+ "links": [
+
+ ],
+ "nullPointMode": "null as zero",
"percentage": false,
"pointradius": 5,
"points": false,
"renderer": "flot",
- "repeat": null,
"seriesOverrides": [
],
"spaceLength": 10,
- "span": 9,
- "stack": false,
+ "span": 12,
+ "stack": true,
"steppedLine": false,
"targets": [
{
- "expr": "min(sum(kube_node_status_allocatable_cpu_cores) by (instance))",
- "format": "time_series",
- "intervalFactor": 2,
- "legendFormat": "Allocatable CPU Cores",
- "refId": "A"
- },
- {
- "expr": "max(sum(kube_pod_container_resource_requests_cpu_cores) by (instance))",
+ "expr": "sum(container_memory_usage_bytes{namespace=\"$namespace\", pod_name=\"$pod\"}) by (container_name)",
"format": "time_series",
"intervalFactor": 2,
- "legendFormat": "Requested CPU Cores",
- "refId": "B"
+ "legendFormat": "{{container_name}}",
+ "legendLink": null,
+ "step": 10
}
],
"thresholds": [
@@ -4843,7 +4241,7 @@ data:
],
"timeFrom": null,
"timeShift": null,
- "title": "CPU Cores",
+ "title": "Memory Usage",
"tooltip": {
"shared": true,
"sort": 0,
@@ -4867,109 +4265,27 @@ data:
"max": null,
"min": 0,
"show": true
- },
- {
- "format": "short",
- "label": null,
- "logBase": 1,
- "max": null,
- "min": 0,
- "show": true
- }
- ]
- },
- {
- "cacheTimeout": null,
- "colorBackground": false,
- "colorValue": false,
- "colors": [
- "rgba(50, 172, 45, 0.97)",
- "rgba(237, 129, 40, 0.89)",
- "rgba(245, 54, 54, 0.9)"
- ],
- "datasource": "prometheus",
- "format": "percent",
- "gauge": {
- "maxValue": 100,
- "minValue": 0,
- "show": true,
- "thresholdLabels": false,
- "thresholdMarkers": true
- },
- "gridPos": {
-
- },
- "id": 3,
- "interval": null,
- "links": [
-
- ],
- "mappingType": 1,
- "mappingTypes": [
- {
- "name": "value to text",
- "value": 1
- },
- {
- "name": "range to text",
- "value": 2
- }
- ],
- "maxDataPoints": 100,
- "nullPointMode": "connected",
- "nullText": null,
- "postfix": "",
- "postfixFontSize": "50%",
- "prefix": "",
- "prefixFontSize": "50%",
- "rangeMaps": [
- {
- "from": "null",
- "text": "N/A",
- "to": "null"
- }
- ],
- "span": 3,
- "sparkline": {
- "fillColor": "rgba(31, 118, 189, 0.18)",
- "full": false,
- "lineColor": "rgb(31, 120, 193)",
- "show": false
- },
- "tableColumn": "",
- "targets": [
- {
- "expr": "max(sum(kube_pod_container_resource_requests_cpu_cores) by (instance)) / min(sum(kube_node_status_allocatable_cpu_cores) by (instance)) * 100",
- "format": "time_series",
- "intervalFactor": 2,
- "legendFormat": ""
- }
- ],
- "thresholds": "80, 90",
- "title": "CPU Cores",
- "type": "singlestat",
- "valueFontSize": "80%",
- "valueMaps": [
- {
- "op": "=",
- "text": "N/A",
- "value": "null"
+ },
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": false
}
- ],
- "valueName": "current"
+ ]
}
],
"repeat": null,
"repeatIteration": null,
"repeatRowId": null,
- "showTitle": false,
- "title": "Dashboard Row",
- "titleSize": "h6",
- "type": "row"
+ "showTitle": true,
+ "title": "Memory Usage",
+ "titleSize": "h6"
},
{
"collapse": false,
- "collapsed": false,
"height": "250px",
"panels": [
{
@@ -4979,52 +4295,206 @@ data:
"bars": false,
"dashLength": 10,
"dashes": false,
- "datasource": "prometheus",
+ "datasource": "$datasource",
"fill": 1,
- "gridPos": {
-
- },
- "id": 4,
+ "id": 3,
"legend": {
- "alignAsTable": false,
"avg": false,
"current": false,
"max": false,
"min": false,
- "rightSide": false,
"show": true,
"total": false,
"values": false
},
"lines": true,
"linewidth": 1,
- "nullPointMode": "null",
+ "links": [
+
+ ],
+ "nullPointMode": "null as zero",
"percentage": false,
"pointradius": 5,
"points": false,
"renderer": "flot",
- "repeat": null,
"seriesOverrides": [
],
"spaceLength": 10,
- "span": 9,
+ "span": 12,
"stack": false,
"steppedLine": false,
+ "styles": [
+ {
+ "alias": "Time",
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "pattern": "Time",
+ "type": "hidden"
+ },
+ {
+ "alias": "Memory Usage",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "link": false,
+ "linkTooltip": "Drill down",
+ "linkUrl": "",
+ "pattern": "Value #A",
+ "thresholds": [
+
+ ],
+ "type": "number",
+ "unit": "decbytes"
+ },
+ {
+ "alias": "Memory Requests",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "link": false,
+ "linkTooltip": "Drill down",
+ "linkUrl": "",
+ "pattern": "Value #B",
+ "thresholds": [
+
+ ],
+ "type": "number",
+ "unit": "decbytes"
+ },
+ {
+ "alias": "Memory Requests %",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "link": false,
+ "linkTooltip": "Drill down",
+ "linkUrl": "",
+ "pattern": "Value #C",
+ "thresholds": [
+
+ ],
+ "type": "number",
+ "unit": "percentunit"
+ },
+ {
+ "alias": "Memory Limits",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "link": false,
+ "linkTooltip": "Drill down",
+ "linkUrl": "",
+ "pattern": "Value #D",
+ "thresholds": [
+
+ ],
+ "type": "number",
+ "unit": "decbytes"
+ },
+ {
+ "alias": "Memory Limits %",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "link": false,
+ "linkTooltip": "Drill down",
+ "linkUrl": "",
+ "pattern": "Value #E",
+ "thresholds": [
+
+ ],
+ "type": "number",
+ "unit": "percentunit"
+ },
+ {
+ "alias": "Container",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "link": false,
+ "linkTooltip": "Drill down",
+ "linkUrl": "",
+ "pattern": "container",
+ "thresholds": [
+
+ ],
+ "type": "number",
+ "unit": "short"
+ },
+ {
+ "alias": "",
+ "colorMode": null,
+ "colors": [
+
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 2,
+ "pattern": "/.*/",
+ "thresholds": [
+
+ ],
+ "type": "string",
+ "unit": "short"
+ }
+ ],
"targets": [
{
- "expr": "min(sum(kube_node_status_allocatable_memory_bytes) by (instance))",
- "format": "time_series",
+ "expr": "sum(label_replace(container_memory_usage_bytes{namespace=\"$namespace\", pod_name=\"$pod\"}, \"container\", \"$1\", \"container_name\", \"(.*)\")) by (container)",
+ "format": "table",
+ "instant": true,
"intervalFactor": 2,
- "legendFormat": "Allocatable Memory",
- "refId": "A"
+ "legendFormat": "",
+ "step": 10
},
{
- "expr": "max(sum(kube_pod_container_resource_requests_memory_bytes) by (instance))",
- "format": "time_series",
+ "expr": "sum(kube_pod_container_resource_requests_memory_bytes{namespace=\"$namespace\", pod=\"$pod\"}) by (container)",
+ "format": "table",
+ "instant": true,
"intervalFactor": 2,
- "legendFormat": "Requested Memory",
- "refId": "B"
+ "legendFormat": "",
+ "step": 10
+ },
+ {
+ "expr": "sum(label_replace(container_memory_usage_bytes{namespace=\"$namespace\", pod_name=\"$pod\"}, \"container\", \"$1\", \"container_name\", \"(.*)\")) by (container) / sum(kube_pod_container_resource_requests_memory_bytes{namespace=\"$namespace\", pod=\"$pod\"}) by (container)",
+ "format": "table",
+ "instant": true,
+ "intervalFactor": 2,
+ "legendFormat": "",
+ "step": 10
+ },
+ {
+ "expr": "sum(kube_pod_container_resource_limits_memory_bytes{namespace=\"$namespace\", pod=\"$pod\"}) by (container)",
+ "format": "table",
+ "instant": true,
+ "intervalFactor": 2,
+ "legendFormat": "",
+ "step": 10
+ },
+ {
+ "expr": "sum(label_replace(container_memory_usage_bytes{namespace=\"$namespace\", pod_name=\"$pod\"}, \"container\", \"$1\", \"container_name\", \"(.*)\")) by (container) / sum(kube_pod_container_resource_limits_memory_bytes{namespace=\"$namespace\", pod=\"$pod\"}) by (container)",
+ "format": "table",
+ "instant": true,
+ "intervalFactor": 2,
+ "legendFormat": "",
+ "step": 10
}
],
"thresholds": [
@@ -5032,13 +4502,14 @@ data:
],
"timeFrom": null,
"timeShift": null,
- "title": "Memory",
+ "title": "Memory Quota",
"tooltip": {
"shared": true,
"sort": 0,
"value_type": "individual"
},
- "type": "graph",
+ "transform": "table",
+ "type": "table",
"xaxis": {
"buckets": null,
"mode": "time",
@@ -5062,99 +4533,18 @@ data:
"label": null,
"logBase": 1,
"max": null,
- "min": 0,
- "show": true
+ "min": null,
+ "show": false
}
]
- },
- {
- "cacheTimeout": null,
- "colorBackground": false,
- "colorValue": false,
- "colors": [
- "rgba(50, 172, 45, 0.97)",
- "rgba(237, 129, 40, 0.89)",
- "rgba(245, 54, 54, 0.9)"
- ],
- "datasource": "prometheus",
- "format": "percent",
- "gauge": {
- "maxValue": 100,
- "minValue": 0,
- "show": true,
- "thresholdLabels": false,
- "thresholdMarkers": true
- },
- "gridPos": {
-
- },
- "id": 5,
- "interval": null,
- "links": [
-
- ],
- "mappingType": 1,
- "mappingTypes": [
- {
- "name": "value to text",
- "value": 1
- },
- {
- "name": "range to text",
- "value": 2
- }
- ],
- "maxDataPoints": 100,
- "nullPointMode": "connected",
- "nullText": null,
- "postfix": "",
- "postfixFontSize": "50%",
- "prefix": "",
- "prefixFontSize": "50%",
- "rangeMaps": [
- {
- "from": "null",
- "text": "N/A",
- "to": "null"
- }
- ],
- "span": 3,
- "sparkline": {
- "fillColor": "rgba(31, 118, 189, 0.18)",
- "full": false,
- "lineColor": "rgb(31, 120, 193)",
- "show": false
- },
- "tableColumn": "",
- "targets": [
- {
- "expr": "max(sum(kube_pod_container_resource_requests_memory_bytes) by (instance)) / min(sum(kube_node_status_allocatable_memory_bytes) by (instance)) * 100",
- "format": "time_series",
- "intervalFactor": 2,
- "legendFormat": ""
- }
- ],
- "thresholds": "80, 90",
- "title": "Memory",
- "type": "singlestat",
- "valueFontSize": "80%",
- "valueMaps": [
- {
- "op": "=",
- "text": "N/A",
- "value": "null"
- }
- ],
- "valueName": "current"
}
],
"repeat": null,
"repeatIteration": null,
"repeatRowId": null,
- "showTitle": false,
- "title": "Dashboard Row",
- "titleSize": "h6",
- "type": "row"
+ "showTitle": true,
+ "title": "Memory Quota",
+ "titleSize": "h6"
}
],
"schemaVersion": 14,
@@ -5164,7 +4554,76 @@ data:
],
"templating": {
"list": [
+ {
+ "current": {
+ "text": "Prometheus",
+ "value": "Prometheus"
+ },
+ "hide": 0,
+ "label": null,
+ "name": "datasource",
+ "options": [
+
+ ],
+ "query": "prometheus",
+ "refresh": 1,
+ "regex": "",
+ "type": "datasource"
+ },
+ {
+ "allValue": null,
+ "current": {
+ "text": "prod",
+ "value": "prod"
+ },
+ "datasource": "$datasource",
+ "hide": 0,
+ "includeAll": false,
+ "label": "namespace",
+ "multi": false,
+ "name": "namespace",
+ "options": [
+
+ ],
+ "query": "label_values(kube_pod_info, namespace)",
+ "refresh": 1,
+ "regex": "",
+ "sort": 2,
+ "tagValuesQuery": "",
+ "tags": [
+
+ ],
+ "tagsQuery": "",
+ "type": "query",
+ "useTags": false
+ },
+ {
+ "allValue": null,
+ "current": {
+ "text": "prod",
+ "value": "prod"
+ },
+ "datasource": "$datasource",
+ "hide": 0,
+ "includeAll": false,
+ "label": "pod",
+ "multi": false,
+ "name": "pod",
+ "options": [
+
+ ],
+ "query": "label_values(kube_pod_info{namespace=\"$namespace\"}, pod)",
+ "refresh": 1,
+ "regex": "",
+ "sort": 2,
+ "tagValuesQuery": "",
+ "tags": [
+ ],
+ "tagsQuery": "",
+ "type": "query",
+ "useTags": false
+ }
]
},
"time": {
@@ -5196,8 +4655,8 @@ data:
"30d"
]
},
- "timezone": "browser",
- "title": "Kubernetes Resource Requests",
+ "timezone": "utc",
+ "title": "K8s / Compute Resources / Pod",
"version": 0
}
nodes.json: |-
@@ -5229,7 +4688,7 @@ data:
"bars": false,
"dashLength": 10,
"dashes": false,
- "datasource": "prometheus",
+ "datasource": "$datasource",
"fill": 1,
"gridPos": {
@@ -5263,7 +4722,7 @@ data:
"steppedLine": false,
"targets": [
{
- "expr": "100 - (avg by (cpu) (irate(node_cpu{mode=\"idle\", instance=\"$server\"}[5m])) * 100)",
+ "expr": "100 - (avg by (cpu) (irate(node_cpu{job=\"node-exporter\", mode=\"idle\", instance=\"$instance\"}[5m])) * 100)\n",
"format": "time_series",
"intervalFactor": 10,
"legendFormat": "{{cpu}}",
@@ -5317,7 +4776,7 @@ data:
"bars": false,
"dashLength": 10,
"dashes": false,
- "datasource": "prometheus",
+ "datasource": "$datasource",
"fill": 1,
"gridPos": {
@@ -5351,21 +4810,21 @@ data:
"steppedLine": false,
"targets": [
{
- "expr": "node_load1{instance=\"$server\"} * 100",
+ "expr": "node_load1{job=\"node-exporter\", instance=\"$instance\"} * 100",
"format": "time_series",
"intervalFactor": 2,
"legendFormat": "load 1m",
"refId": "A"
},
{
- "expr": "node_load5{instance=\"$server\"} * 100",
+ "expr": "node_load5{job=\"node-exporter\", instance=\"$instance\"} * 100",
"format": "time_series",
"intervalFactor": 2,
"legendFormat": "load 5m",
"refId": "B"
},
{
- "expr": "node_load15{instance=\"$server\"} * 100",
+ "expr": "node_load15{job=\"node-exporter\", instance=\"$instance\"} * 100",
"format": "time_series",
"intervalFactor": 2,
"legendFormat": "load 15m",
@@ -5433,7 +4892,7 @@ data:
"bars": false,
"dashLength": 10,
"dashes": false,
- "datasource": "prometheus",
+ "datasource": "$datasource",
"fill": 1,
"gridPos": {
@@ -5467,28 +4926,28 @@ data:
"steppedLine": false,
"targets": [
{
- "expr": "node_memory_MemTotal{instance=\"$server\"} - node_memory_MemFree{instance=\"$server\"} - node_memory_Buffers{instance=\"$server\"} - node_memory_Cached{instance=\"$server\"}",
+ "expr": "node_memory_MemTotal{job=\"node-exporter\", instance=\"$instance\"}\n- node_memory_MemFree{job=\"node-exporter\", instance=\"$instance\"}\n- node_memory_Buffers{job=\"node-exporter\", instance=\"$instance\"}\n- node_memory_Cached{job=\"node-exporter\", instance=\"$instance\"}\n",
"format": "time_series",
"intervalFactor": 2,
"legendFormat": "memory used",
"refId": "A"
},
{
- "expr": "node_memory_Buffers{instance=\"$server\"}",
+ "expr": "node_memory_Buffers{job=\"node-exporter\", instance=\"$instance\"}",
"format": "time_series",
"intervalFactor": 2,
"legendFormat": "memory buffers",
"refId": "B"
},
{
- "expr": "node_memory_Cached{instance=\"$server\"}",
+ "expr": "node_memory_Cached{job=\"node-exporter\", instance=\"$instance\"}",
"format": "time_series",
"intervalFactor": 2,
"legendFormat": "memory cached",
"refId": "C"
},
{
- "expr": "node_memory_MemFree{instance=\"$server\"}",
+ "expr": "node_memory_MemFree{job=\"node-exporter\", instance=\"$instance\"}",
"format": "time_series",
"intervalFactor": 2,
"legendFormat": "memory free",
@@ -5596,7 +5055,7 @@ data:
"tableColumn": "",
"targets": [
{
- "expr": "((node_memory_MemTotal{instance=\"$server\"} - node_memory_MemFree{instance=\"$server\"} - node_memory_Buffers{instance=\"$server\"} - node_memory_Cached{instance=\"$server\"}) / node_memory_MemTotal{instance=\"$server\"}) * 100",
+ "expr": "(\n node_memory_MemTotal{job=\"node-exporter\", instance=\"$instance\"}\n- node_memory_MemFree{job=\"node-exporter\", instance=\"$instance\"}\n- node_memory_Buffers{job=\"node-exporter\", instance=\"$instance\"}\n- node_memory_Cached{job=\"node-exporter\", instance=\"$instance\"}\n) * 100\n /\nnode_memory_MemTotal{job=\"node-exporter\", instance=\"$instance\"}\n",
"format": "time_series",
"intervalFactor": 2,
"legendFormat": ""
@@ -5636,7 +5095,7 @@ data:
"bars": false,
"dashLength": 10,
"dashes": false,
- "datasource": "prometheus",
+ "datasource": "$datasource",
"fill": 1,
"gridPos": {
@@ -5677,21 +5136,21 @@ data:
"steppedLine": false,
"targets": [
{
- "expr": "sum by (instance) (rate(node_disk_bytes_read{instance=\"$server\"}[2m]))",
+ "expr": "sum by (instance) (rate(node_disk_bytes_read{job=\"node-exporter\", instance=\"$instance\"}[2m]))",
"format": "time_series",
"intervalFactor": 2,
"legendFormat": "read",
"refId": "A"
},
{
- "expr": "sum by (instance) (rate(node_disk_bytes_written{instance=\"$server\"}[2m]))",
+ "expr": "sum by (instance) (rate(node_disk_bytes_written{job=\"node-exporter\", instance=\"$instance\"}[2m]))",
"format": "time_series",
"intervalFactor": 2,
"legendFormat": "written",
"refId": "B"
},
{
- "expr": "sum by (instance) (rate(node_disk_io_time_ms{instance=\"$server\"}[2m]))",
+ "expr": "sum by (instance) (rate(node_disk_io_time_ms{job=\"node-exporter\", instance=\"$instance\"}[2m]))",
"format": "time_series",
"intervalFactor": 2,
"legendFormat": "io time",
@@ -5799,7 +5258,7 @@ data:
"tableColumn": "",
"targets": [
{
- "expr": "(sum(node_filesystem_size{device!=\"rootfs\",instance=\"$server\"}) - sum(node_filesystem_free{device!=\"rootfs\",instance=\"$server\"})) / sum(node_filesystem_size{device!=\"rootfs\",instance=\"$server\"}) * 100",
+ "expr": "(\n sum(node_filesystem_size{job=\"node-exporter\", device!=\"rootfs\", instance=\"$instance\"})\n- sum(node_filesystem_free{job=\"node-exporter\", device!=\"rootfs\", instance=\"$instance\"})\n) * 100\n /\nsum(node_filesystem_size{job=\"node-exporter\", device!=\"rootfs\", instance=\"$instance\"})\n",
"format": "time_series",
"intervalFactor": 2,
"legendFormat": ""
@@ -5839,7 +5298,7 @@ data:
"bars": false,
"dashLength": 10,
"dashes": false,
- "datasource": "prometheus",
+ "datasource": "$datasource",
"fill": 1,
"gridPos": {
@@ -5873,7 +5332,7 @@ data:
"steppedLine": false,
"targets": [
{
- "expr": "rate(node_network_receive_bytes{instance=\"$server\",device!\u007e\"lo\"}[5m])",
+ "expr": "rate(node_network_receive_bytes{job=\"node-exporter\", instance=\"$instance\", device!\u007e\"lo\"}[5m])",
"format": "time_series",
"intervalFactor": 2,
"legendFormat": "{{device}}",
@@ -5927,7 +5386,7 @@ data:
"bars": false,
"dashLength": 10,
"dashes": false,
- "datasource": "prometheus",
+ "datasource": "$datasource",
"fill": 1,
"gridPos": {
@@ -5961,7 +5420,7 @@ data:
"steppedLine": false,
"targets": [
{
- "expr": "rate(node_network_transmit_bytes{instance=\"$server\",device!\u007e\"lo\"}[5m])",
+ "expr": "rate(node_network_transmit_bytes{job=\"node-exporter\", instance=\"$instance\", device!\u007e\"lo\"}[5m])",
"format": "time_series",
"intervalFactor": 2,
"legendFormat": "{{device}}",
@@ -6025,21 +5484,37 @@ data:
],
"templating": {
"list": [
+ {
+ "current": {
+ "text": "Prometheus",
+ "value": "Prometheus"
+ },
+ "hide": 0,
+ "label": null,
+ "name": "datasource",
+ "options": [
+
+ ],
+ "query": "prometheus",
+ "refresh": 1,
+ "regex": "",
+ "type": "datasource"
+ },
{
"allValue": null,
"current": {
},
- "datasource": "prometheus",
+ "datasource": "$datasource",
"hide": 0,
"includeAll": false,
"label": null,
"multi": false,
- "name": "server",
+ "name": "instance",
"options": [
],
- "query": "label_values(node_boot_time, instance)",
+ "query": "label_values(node_boot_time{job=\"node-exporter\"}, instance)",
"refresh": 2,
"regex": "",
"sort": 0,
@@ -6086,7 +5561,7 @@ data:
"title": "Nodes",
"version": 0
}
- pods-dashboard.json: |-
+ pods.json: |-
{
"annotations": {
"list": [
@@ -6115,7 +5590,7 @@ data:
"bars": false,
"dashLength": 10,
"dashes": false,
- "datasource": "prometheus",
+ "datasource": "$datasource",
"fill": 1,
"gridPos": {
@@ -6149,21 +5624,21 @@ data:
"steppedLine": false,
"targets": [
{
- "expr": "sum by(container_name) (container_memory_usage_bytes{namespace=\"$namespace\", pod_name=\"$pod\", container_name=\u007e\"$container\", container_name!=\"POD\"})",
+ "expr": "sum by(container_name) (container_memory_usage_bytes{job=\"kubelet\", namespace=\"$namespace\", pod_name=\"$pod\", container_name=\u007e\"$container\", container_name!=\"POD\"})",
"format": "time_series",
"intervalFactor": 2,
"legendFormat": "Current: {{ container_name }}",
"refId": "A"
},
{
- "expr": "sum by(container) (kube_pod_container_resource_requests_memory_bytes{namespace=\"$namespace\", pod=\"$pod\", container=\u007e\"$container\", container!=\"POD\"})",
+ "expr": "sum by(container) (kube_pod_container_resource_requests_memory_bytes{job=\"kubelet\", namespace=\"$namespace\", pod=\"$pod\", container=\u007e\"$container\", container!=\"POD\"})",
"format": "time_series",
"intervalFactor": 2,
"legendFormat": "Requested: {{ container }}",
"refId": "B"
},
{
- "expr": "sum by(container) (kube_pod_container_resource_limits_memory_bytes{namespace=\"$namespace\", pod=\"$pod\", container=\u007e\"$container\", container!=\"POD\"})",
+ "expr": "sum by(container) (kube_pod_container_resource_limits_memory_bytes{job=\"kubelet\", namespace=\"$namespace\", pod=\"$pod\", container=\u007e\"$container\", container!=\"POD\"})",
"format": "time_series",
"intervalFactor": 2,
"legendFormat": "Limit: {{ container }}",
@@ -6231,7 +5706,7 @@ data:
"bars": false,
"dashLength": 10,
"dashes": false,
- "datasource": "prometheus",
+ "datasource": "$datasource",
"fill": 1,
"gridPos": {
@@ -6265,7 +5740,7 @@ data:
"steppedLine": false,
"targets": [
{
- "expr": "sum by (container_name) (rate(container_cpu_usage_seconds_total{image!=\"\",container_name!=\"POD\",pod_name=\"$pod\"}[1m]))",
+ "expr": "sum by (container_name) (rate(container_cpu_usage_seconds_total{job=\"kubelet\", image!=\"\",container_name!=\"POD\",pod_name=\"$pod\"}[1m]))",
"format": "time_series",
"intervalFactor": 2,
"legendFormat": "{{ container_name }}",
@@ -6333,7 +5808,7 @@ data:
"bars": false,
"dashLength": 10,
"dashes": false,
- "datasource": "prometheus",
+ "datasource": "$datasource",
"fill": 1,
"gridPos": {
@@ -6367,7 +5842,7 @@ data:
"steppedLine": false,
"targets": [
{
- "expr": "sort_desc(sum by (pod_name) (rate(container_network_receive_bytes_total{pod_name=\"$pod\"}[1m])))",
+ "expr": "sort_desc(sum by (pod_name) (rate(container_network_receive_bytes_total{job=\"kubelet\", pod_name=\"$pod\"}[1m])))",
"format": "time_series",
"intervalFactor": 2,
"legendFormat": "{{ pod_name }}",
@@ -6431,12 +5906,28 @@ data:
],
"templating": {
"list": [
+ {
+ "current": {
+ "text": "Prometheus",
+ "value": "Prometheus"
+ },
+ "hide": 0,
+ "label": null,
+ "name": "datasource",
+ "options": [
+
+ ],
+ "query": "prometheus",
+ "refresh": 1,
+ "regex": "",
+ "type": "datasource"
+ },
{
"allValue": null,
"current": {
},
- "datasource": "prometheus",
+ "datasource": "$datasource",
"hide": 0,
"includeAll": false,
"label": "Namespace",
@@ -6462,7 +5953,7 @@ data:
"current": {
},
- "datasource": "prometheus",
+ "datasource": "$datasource",
"hide": 0,
"includeAll": false,
"label": "Pod",
@@ -6488,7 +5979,7 @@ data:
"current": {
},
- "datasource": "prometheus",
+ "datasource": "$datasource",
"hide": 0,
"includeAll": true,
"label": "Container",
@@ -6544,7 +6035,7 @@ data:
"title": "Pods",
"version": 0
}
- statefulset-dashboard.json: |-
+ statefulset.json: |-
{
"annotations": {
"list": [
@@ -6606,7 +6097,7 @@ data:
"maxDataPoints": 100,
"nullPointMode": "connected",
"nullText": null,
- "postfix": "",
+ "postfix": "cores",
"postfixFontSize": "50%",
"prefix": "",
"prefixFontSize": "50%",
@@ -6626,7 +6117,7 @@ data:
"tableColumn": "",
"targets": [
{
- "expr": "sum(rate(container_cpu_usage_seconds_total{namespace=\"$statefulset_namespace\",pod_name=\u007e\"$statefulset_name.*\"}[3m]))",
+ "expr": "sum(rate(container_cpu_usage_seconds_total{job=\"kubelet\", namespace=\"$namespace\", pod_name=\u007e\"$statefulset.*\"}[3m]))",
"format": "time_series",
"intervalFactor": 2,
"legendFormat": ""
@@ -6685,7 +6176,7 @@ data:
"maxDataPoints": 100,
"nullPointMode": "connected",
"nullText": null,
- "postfix": "",
+ "postfix": "GB",
"postfixFontSize": "50%",
"prefix": "",
"prefixFontSize": "50%",
@@ -6705,7 +6196,7 @@ data:
"tableColumn": "",
"targets": [
{
- "expr": "sum(container_memory_usage_bytes{namespace=\"$statefulset_namespace\",pod_name=\u007e\"$statefulset_name.*\"}) / 1024^3",
+ "expr": "sum(container_memory_usage_bytes{job=\"kubelet\", namespace=\"$namespace\", pod_name=\u007e\"$statefulset.*\"}) / 1024^3",
"format": "time_series",
"intervalFactor": 2,
"legendFormat": ""
@@ -6764,7 +6255,7 @@ data:
"maxDataPoints": 100,
"nullPointMode": "connected",
"nullText": null,
- "postfix": "",
+ "postfix": "Bps",
"postfixFontSize": "50%",
"prefix": "",
"prefixFontSize": "50%",
@@ -6784,7 +6275,7 @@ data:
"tableColumn": "",
"targets": [
{
- "expr": "sum(rate(container_network_transmit_bytes_total{namespace=\"$statefulset_namespace\",pod_name=\u007e\"$statefulset_name.*\"}[3m])) + sum(rate(container_network_receive_bytes_total{namespace=\"$statefulset_namespace\",pod_name=\u007e\"$statefulset_name.*\"}[3m]))",
+ "expr": "sum(rate(container_network_transmit_bytes_total{job=\"kubelet\", namespace=\"$namespace\", pod_name=\u007e\"$statefulset.*\"}[3m])) + sum(rate(container_network_receive_bytes_total{namespace=\"$namespace\",pod_name=\u007e\"$statefulset.*\"}[3m]))",
"format": "time_series",
"intervalFactor": 2,
"legendFormat": ""
@@ -6878,7 +6369,7 @@ data:
"tableColumn": "",
"targets": [
{
- "expr": "max(kube_statefulset_replicas{namespace=\"$statefulset_namespace\",statefulset=\"$statefulset_name\"}) without (instance, pod)",
+ "expr": "max(kube_statefulset_replicas{job=\"kube-state-metrics\", namespace=\"$namespace\", statefulset=\"$statefulset\"}) without (instance, pod)",
"format": "time_series",
"intervalFactor": 2,
"legendFormat": ""
@@ -6958,7 +6449,7 @@ data:
"tableColumn": "",
"targets": [
{
- "expr": "min(kube_statefulset_status_replicas_current{namespace=\"$statefulset_namespace\",statefulset=\"$statefulset_name\"}) without (instance, pod)",
+ "expr": "min(kube_statefulset_status_replicas_current{job=\"kube-state-metrics\", namespace=\"$namespace\", statefulset=\"$statefulset\"}) without (instance, pod)",
"format": "time_series",
"intervalFactor": 2,
"legendFormat": ""
@@ -7038,7 +6529,7 @@ data:
"tableColumn": "",
"targets": [
{
- "expr": "max(kube_statefulset_status_observed_generation{namespace=\"$statefulset_namespace\",statefulset=\"$statefulset_name\"}) without (instance, pod)",
+ "expr": "max(kube_statefulset_status_observed_generation{job=\"kube-state-metrics\", namespace=\"$namespace\", statefulset=\"$statefulset\"}) without (instance, pod)",
"format": "time_series",
"intervalFactor": 2,
"legendFormat": ""
@@ -7118,7 +6609,7 @@ data:
"tableColumn": "",
"targets": [
{
- "expr": "max(kube_statefulset_metadata_generation{statefulset=\"$statefulset_name\",namespace=\"$statefulset_namespace\"}) without (instance, pod)",
+ "expr": "max(kube_statefulset_metadata_generation{job=\"kube-state-metrics\", statefulset=\"$statefulset\", namespace=\"$namespace\"}) without (instance, pod)",
"format": "time_series",
"intervalFactor": 2,
"legendFormat": ""
@@ -7192,35 +6683,35 @@ data:
"steppedLine": false,
"targets": [
{
- "expr": "max(kube_statefulset_replicas{statefulset=\"$statefulset_name\",namespace=\"$statefulset_namespace\"}) without (instance, pod)",
+ "expr": "max(kube_statefulset_replicas{job=\"kube-state-metrics\", statefulset=\"$statefulset\",namespace=\"$namespace\"}) without (instance, pod)",
"format": "time_series",
"intervalFactor": 2,
"legendFormat": "replicas specified",
"refId": "A"
},
{
- "expr": "max(kube_statefulset_status_replicas{statefulset=\"$statefulset_name\",namespace=\"$statefulset_namespace\"}) without (instance, pod)",
+ "expr": "max(kube_statefulset_status_replicas{job=\"kube-state-metrics\", statefulset=\"$statefulset\",namespace=\"$namespace\"}) without (instance, pod)",
"format": "time_series",
"intervalFactor": 2,
"legendFormat": "replicas created",
"refId": "B"
},
{
- "expr": "min(kube_statefulset_status_replicas_ready{statefulset=\"$statefulset_name\",namespace=\"$statefulset_namespace\"}) without (instance, pod)",
+ "expr": "min(kube_statefulset_status_replicas_ready{job=\"kube-state-metrics\", statefulset=\"$statefulset\",namespace=\"$namespace\"}) without (instance, pod)",
"format": "time_series",
"intervalFactor": 2,
"legendFormat": "ready",
"refId": "C"
},
{
- "expr": "min(kube_statefulset_status_replicas_current{statefulset=\"$statefulset_name\",namespace=\"$statefulset_namespace\"}) without (instance, pod)",
+ "expr": "min(kube_statefulset_status_replicas_current{job=\"kube-state-metrics\", statefulset=\"$statefulset\",namespace=\"$namespace\"}) without (instance, pod)",
"format": "time_series",
"intervalFactor": 2,
"legendFormat": "replicas of current version",
"refId": "D"
},
{
- "expr": "min(kube_statefulset_status_replicas_updated{statefulset=\"$statefulset_name\",namespace=\"$statefulset_namespace\"}) without (instance, pod)",
+ "expr": "min(kube_statefulset_status_replicas_updated{job=\"kube-state-metrics\", statefulset=\"$statefulset\",namespace=\"$namespace\"}) without (instance, pod)",
"format": "time_series",
"intervalFactor": 2,
"legendFormat": "updated",
@@ -7284,6 +6775,22 @@ data:
],
"templating": {
"list": [
+ {
+ "current": {
+ "text": "Prometheus",
+ "value": "Prometheus"
+ },
+ "hide": 0,
+ "label": null,
+ "name": "datasource",
+ "options": [
+
+ ],
+ "query": "prometheus",
+ "refresh": 1,
+ "regex": "",
+ "type": "datasource"
+ },
{
"allValue": null,
"current": {
@@ -7294,11 +6801,11 @@ data:
"includeAll": false,
"label": "Namespace",
"multi": false,
- "name": "statefulset_namespace",
+ "name": "namespace",
"options": [
],
- "query": "label_values(kube_statefulset_metadata_generation, namespace)",
+ "query": "label_values(kube_statefulset_metadata_generation{job=\"kube-state-metrics\"}, namespace)",
"refresh": 2,
"regex": "",
"sort": 0,
@@ -7320,11 +6827,11 @@ data:
"includeAll": false,
"label": "Name",
"multi": false,
- "name": "statefulset_name",
+ "name": "statefulset",
"options": [
],
- "query": "label_values(kube_statefulset_metadata_generation{namespace=\"$statefulset_namespace\"}, statefulset)",
+ "query": "label_values(kube_statefulset_metadata_generation{job=\"kube-state-metrics\", namespace=\"$namespace\"}, statefulset)",
"refresh": 2,
"regex": "",
"sort": 0,
diff --git a/manifests/grafana/grafana-dashboard-sources.yaml b/manifests/grafana-dashboard-sources.yaml
similarity index 100%
rename from manifests/grafana/grafana-dashboard-sources.yaml
rename to manifests/grafana-dashboard-sources.yaml
diff --git a/manifests/grafana/grafana-deployment.yaml b/manifests/grafana-deployment.yaml
similarity index 86%
rename from manifests/grafana/grafana-deployment.yaml
rename to manifests/grafana-deployment.yaml
index 9d7ae88f..814e98cb 100644
--- a/manifests/grafana/grafana-deployment.yaml
+++ b/manifests/grafana-deployment.yaml
@@ -16,7 +16,7 @@ spec:
app: grafana
spec:
containers:
- - image: quay.io/coreos/monitoring-grafana:5.0.3
+ - image: grafana/grafana:5.1.0
name: grafana
ports:
- containerPort: 3000
@@ -29,13 +29,13 @@ spec:
cpu: 100m
memory: 100Mi
volumeMounts:
- - mountPath: /data
+ - mountPath: /var/lib/grafana
name: grafana-storage
readOnly: false
- - mountPath: /grafana/conf/provisioning/datasources
+ - mountPath: /etc/grafana/provisioning/datasources
name: grafana-datasources
readOnly: false
- - mountPath: /grafana/conf/provisioning/dashboards
+ - mountPath: /etc/grafana/provisioning/dashboards
name: grafana-dashboards
readOnly: false
- mountPath: /grafana-dashboard-definitions/0
diff --git a/manifests/grafana/grafana-service-account.yaml b/manifests/grafana-service-account.yaml
similarity index 100%
rename from manifests/grafana/grafana-service-account.yaml
rename to manifests/grafana-service-account.yaml
diff --git a/manifests/grafana/grafana-service.yaml b/manifests/grafana-service.yaml
similarity index 100%
rename from manifests/grafana/grafana-service.yaml
rename to manifests/grafana-service.yaml
diff --git a/manifests/kube-state-metrics/kube-state-metrics-cluster-role-binding.yaml b/manifests/kube-state-metrics-cluster-role-binding.yaml
similarity index 100%
rename from manifests/kube-state-metrics/kube-state-metrics-cluster-role-binding.yaml
rename to manifests/kube-state-metrics-cluster-role-binding.yaml
diff --git a/manifests/kube-state-metrics/kube-state-metrics-cluster-role.yaml b/manifests/kube-state-metrics-cluster-role.yaml
similarity index 100%
rename from manifests/kube-state-metrics/kube-state-metrics-cluster-role.yaml
rename to manifests/kube-state-metrics-cluster-role.yaml
diff --git a/manifests/kube-state-metrics/kube-state-metrics-deployment.yaml b/manifests/kube-state-metrics-deployment.yaml
similarity index 97%
rename from manifests/kube-state-metrics/kube-state-metrics-deployment.yaml
rename to manifests/kube-state-metrics-deployment.yaml
index bd6d9475..fb2a8b5f 100644
--- a/manifests/kube-state-metrics/kube-state-metrics-deployment.yaml
+++ b/manifests/kube-state-metrics-deployment.yaml
@@ -89,6 +89,8 @@ spec:
requests:
cpu: 10m
memory: 30Mi
+ nodeSelector:
+ beta.kubernetes.io/os: linux
securityContext:
runAsNonRoot: true
runAsUser: 65534
diff --git a/manifests/kube-state-metrics/kube-state-metrics-role-binding.yaml b/manifests/kube-state-metrics-role-binding.yaml
similarity index 100%
rename from manifests/kube-state-metrics/kube-state-metrics-role-binding.yaml
rename to manifests/kube-state-metrics-role-binding.yaml
diff --git a/manifests/kube-state-metrics/kube-state-metrics-role.yaml b/manifests/kube-state-metrics-role.yaml
similarity index 100%
rename from manifests/kube-state-metrics/kube-state-metrics-role.yaml
rename to manifests/kube-state-metrics-role.yaml
diff --git a/manifests/kube-state-metrics/kube-state-metrics-service-account.yaml b/manifests/kube-state-metrics-service-account.yaml
similarity index 100%
rename from manifests/kube-state-metrics/kube-state-metrics-service-account.yaml
rename to manifests/kube-state-metrics-service-account.yaml
diff --git a/manifests/kube-state-metrics/kube-state-metrics-service-monitor.yaml b/manifests/kube-state-metrics-service-monitor.yaml
similarity index 100%
rename from manifests/kube-state-metrics/kube-state-metrics-service-monitor.yaml
rename to manifests/kube-state-metrics-service-monitor.yaml
diff --git a/manifests/kube-state-metrics/kube-state-metrics-service.yaml b/manifests/kube-state-metrics-service.yaml
similarity index 94%
rename from manifests/kube-state-metrics/kube-state-metrics-service.yaml
rename to manifests/kube-state-metrics-service.yaml
index 3e88b562..84927af3 100644
--- a/manifests/kube-state-metrics/kube-state-metrics-service.yaml
+++ b/manifests/kube-state-metrics-service.yaml
@@ -6,6 +6,7 @@ metadata:
name: kube-state-metrics
namespace: monitoring
spec:
+ clusterIP: None
ports:
- name: https-main
port: 8443
diff --git a/manifests/node-exporter/node-exporter-cluster-role-binding.yaml b/manifests/node-exporter-cluster-role-binding.yaml
similarity index 100%
rename from manifests/node-exporter/node-exporter-cluster-role-binding.yaml
rename to manifests/node-exporter-cluster-role-binding.yaml
diff --git a/manifests/node-exporter/node-exporter-cluster-role.yaml b/manifests/node-exporter-cluster-role.yaml
similarity index 100%
rename from manifests/node-exporter/node-exporter-cluster-role.yaml
rename to manifests/node-exporter-cluster-role.yaml
diff --git a/manifests/node-exporter/node-exporter-daemonset.yaml b/manifests/node-exporter-daemonset.yaml
similarity index 90%
rename from manifests/node-exporter/node-exporter-daemonset.yaml
rename to manifests/node-exporter-daemonset.yaml
index 1284e93d..8488735c 100644
--- a/manifests/node-exporter/node-exporter-daemonset.yaml
+++ b/manifests/node-exporter-daemonset.yaml
@@ -50,10 +50,15 @@ spec:
requests:
cpu: 10m
memory: 20Mi
+ nodeSelector:
+ beta.kubernetes.io/os: linux
securityContext:
runAsNonRoot: true
runAsUser: 65534
serviceAccountName: node-exporter
+ tolerations:
+ - effect: NoSchedule
+ key: node-role.kubernetes.io/master
volumes:
- hostPath:
path: /proc
diff --git a/manifests/node-exporter/node-exporter-service-account.yaml b/manifests/node-exporter-service-account.yaml
similarity index 100%
rename from manifests/node-exporter/node-exporter-service-account.yaml
rename to manifests/node-exporter-service-account.yaml
diff --git a/manifests/node-exporter/node-exporter-service-monitor.yaml b/manifests/node-exporter-service-monitor.yaml
similarity index 100%
rename from manifests/node-exporter/node-exporter-service-monitor.yaml
rename to manifests/node-exporter-service-monitor.yaml
diff --git a/manifests/node-exporter/node-exporter-service.yaml b/manifests/node-exporter-service.yaml
similarity index 92%
rename from manifests/node-exporter/node-exporter-service.yaml
rename to manifests/node-exporter-service.yaml
index 101a9769..1d728d76 100644
--- a/manifests/node-exporter/node-exporter-service.yaml
+++ b/manifests/node-exporter-service.yaml
@@ -6,6 +6,7 @@ metadata:
name: node-exporter
namespace: monitoring
spec:
+ clusterIP: None
ports:
- name: https
port: 9100
diff --git a/manifests/prometheus-k8s/prometheus-k8s-cluster-role-binding.yaml b/manifests/prometheus-cluster-role-binding.yaml
similarity index 100%
rename from manifests/prometheus-k8s/prometheus-k8s-cluster-role-binding.yaml
rename to manifests/prometheus-cluster-role-binding.yaml
diff --git a/manifests/prometheus-k8s/prometheus-k8s-cluster-role.yaml b/manifests/prometheus-cluster-role.yaml
similarity index 100%
rename from manifests/prometheus-k8s/prometheus-k8s-cluster-role.yaml
rename to manifests/prometheus-cluster-role.yaml
diff --git a/manifests/prometheus-k8s/prometheus-k8s-rules.yaml b/manifests/prometheus-k8s/prometheus-k8s-rules.yaml
deleted file mode 100644
index 0c03de56..00000000
--- a/manifests/prometheus-k8s/prometheus-k8s-rules.yaml
+++ /dev/null
@@ -1,590 +0,0 @@
-apiVersion: v1
-data:
- alertmanager.rules.yaml: |
- groups:
- - name: alertmanager.rules
- rules:
- - alert: AlertmanagerConfigInconsistent
- expr: count_values("config_hash", alertmanager_config_hash) BY (service) / ON(service)
- GROUP_LEFT() label_replace(prometheus_operator_alertmanager_spec_replicas, "service",
- "alertmanager-$1", "alertmanager", "(.*)") != 1
- for: 5m
- labels:
- severity: critical
- annotations:
- description: The configuration of the instances of the Alertmanager cluster
- `{{$labels.service}}` are out of sync.
- summary: Configuration out of sync
- - alert: AlertmanagerDownOrMissing
- expr: label_replace(prometheus_operator_alertmanager_spec_replicas, "job", "alertmanager-$1",
- "alertmanager", "(.*)") / ON(job) GROUP_RIGHT() sum(up) BY (job) != 1
- for: 5m
- labels:
- severity: warning
- annotations:
- description: An unexpected number of Alertmanagers are scraped or Alertmanagers
- disappeared from discovery.
- summary: Alertmanager down or missing
- - alert: AlertmanagerFailedReload
- expr: alertmanager_config_last_reload_successful == 0
- for: 10m
- labels:
- severity: warning
- annotations:
- description: Reloading Alertmanager's configuration has failed for {{ $labels.namespace
- }}/{{ $labels.pod}}.
- summary: Alertmanager's configuration reload failed
- etcd3.rules.yaml: |
- groups:
- - name: ./etcd3.rules
- rules:
- - alert: InsufficientMembers
- expr: count(up{job="etcd"} == 0) > (count(up{job="etcd"}) / 2 - 1)
- for: 3m
- labels:
- severity: critical
- annotations:
- description: If one more etcd member goes down the cluster will be unavailable
- summary: etcd cluster insufficient members
- - alert: NoLeader
- expr: etcd_server_has_leader{job="etcd"} == 0
- for: 1m
- labels:
- severity: critical
- annotations:
- description: etcd member {{ $labels.instance }} has no leader
- summary: etcd member has no leader
- - alert: HighNumberOfLeaderChanges
- expr: increase(etcd_server_leader_changes_seen_total{job="etcd"}[1h]) > 3
- labels:
- severity: warning
- annotations:
- description: etcd instance {{ $labels.instance }} has seen {{ $value }} leader
- changes within the last hour
- summary: a high number of leader changes within the etcd cluster are happening
- - alert: HighNumberOfFailedGRPCRequests
- expr: sum(rate(grpc_server_handled_total{grpc_code!="OK",job="etcd"}[5m])) BY (grpc_service, grpc_method)
- / sum(rate(grpc_server_handled_total{job="etcd"}[5m])) BY (grpc_service, grpc_method) > 0.01
- for: 10m
- labels:
- severity: warning
- annotations:
- description: '{{ $value }}% of requests for {{ $labels.grpc_method }} failed
- on etcd instance {{ $labels.instance }}'
- summary: a high number of gRPC requests are failing
- - alert: HighNumberOfFailedGRPCRequests
- expr: sum(rate(grpc_server_handled_total{grpc_code!="OK",job="etcd"}[5m])) BY (grpc_service, grpc_method)
- / sum(rate(grpc_server_handled_total{job="etcd"}[5m])) BY (grpc_service, grpc_method) > 0.05
- for: 5m
- labels:
- severity: critical
- annotations:
- description: '{{ $value }}% of requests for {{ $labels.grpc_method }} failed
- on etcd instance {{ $labels.instance }}'
- summary: a high number of gRPC requests are failing
- - alert: GRPCRequestsSlow
- expr: histogram_quantile(0.99, sum(rate(grpc_server_handling_seconds_bucket{job="etcd",grpc_type="unary"}[5m])) by (grpc_service, grpc_method, le))
- > 0.15
- for: 10m
- labels:
- severity: critical
- annotations:
- description: on etcd instance {{ $labels.instance }} gRPC requests to {{ $labels.grpc_method
- }} are slow
- summary: slow gRPC requests
- - alert: HighNumberOfFailedHTTPRequests
- expr: sum(rate(etcd_http_failed_total{job="etcd"}[5m])) BY (method) / sum(rate(etcd_http_received_total{job="etcd"}[5m]))
- BY (method) > 0.01
- for: 10m
- labels:
- severity: warning
- annotations:
- description: '{{ $value }}% of requests for {{ $labels.method }} failed on etcd
- instance {{ $labels.instance }}'
- summary: a high number of HTTP requests are failing
- - alert: HighNumberOfFailedHTTPRequests
- expr: sum(rate(etcd_http_failed_total{job="etcd"}[5m])) BY (method) / sum(rate(etcd_http_received_total{job="etcd"}[5m]))
- BY (method) > 0.05
- for: 5m
- labels:
- severity: critical
- annotations:
- description: '{{ $value }}% of requests for {{ $labels.method }} failed on etcd
- instance {{ $labels.instance }}'
- summary: a high number of HTTP requests are failing
- - alert: HTTPRequestsSlow
- expr: histogram_quantile(0.99, rate(etcd_http_successful_duration_seconds_bucket[5m]))
- > 0.15
- for: 10m
- labels:
- severity: warning
- annotations:
- description: on etcd instance {{ $labels.instance }} HTTP requests to {{ $labels.method
- }} are slow
- summary: slow HTTP requests
- - alert: EtcdMemberCommunicationSlow
- expr: histogram_quantile(0.99, rate(etcd_network_peer_round_trip_time_seconds_bucket[5m]))
- > 0.15
- for: 10m
- labels:
- severity: warning
- annotations:
- description: etcd instance {{ $labels.instance }} member communication with
- {{ $labels.To }} is slow
- summary: etcd member communication is slow
- - alert: HighNumberOfFailedProposals
- expr: increase(etcd_server_proposals_failed_total{job="etcd"}[1h]) > 5
- labels:
- severity: warning
- annotations:
- description: etcd instance {{ $labels.instance }} has seen {{ $value }} proposal
- failures within the last hour
- summary: a high number of proposals within the etcd cluster are failing
- - alert: HighFsyncDurations
- expr: histogram_quantile(0.99, rate(etcd_disk_wal_fsync_duration_seconds_bucket[5m]))
- > 0.5
- for: 10m
- labels:
- severity: warning
- annotations:
- description: etcd instance {{ $labels.instance }} fync durations are high
- summary: high fsync durations
- - alert: HighCommitDurations
- expr: histogram_quantile(0.99, rate(etcd_disk_backend_commit_duration_seconds_bucket[5m]))
- > 0.25
- for: 10m
- labels:
- severity: warning
- annotations:
- description: etcd instance {{ $labels.instance }} commit durations are high
- summary: high commit durations
- general.rules.yaml: |
- groups:
- - name: general.rules
- rules:
- - alert: TargetDown
- expr: 100 * (count(up == 0) BY (job) / count(up) BY (job)) > 10
- for: 10m
- labels:
- severity: warning
- annotations:
- description: '{{ $value }}% of {{ $labels.job }} targets are down.'
- summary: Targets are down
- - alert: DeadMansSwitch
- expr: vector(1)
- labels:
- severity: none
- annotations:
- description: This is a DeadMansSwitch meant to ensure that the entire Alerting
- pipeline is functional.
- summary: Alerting DeadMansSwitch
- - record: fd_utilization
- expr: process_open_fds / process_max_fds
- - alert: FdExhaustionClose
- expr: predict_linear(fd_utilization[1h], 3600 * 4) > 1
- for: 10m
- labels:
- severity: warning
- annotations:
- description: '{{ $labels.job }}: {{ $labels.namespace }}/{{ $labels.pod }} instance
- will exhaust in file/socket descriptors within the next 4 hours'
- summary: file descriptors soon exhausted
- - alert: FdExhaustionClose
- expr: predict_linear(fd_utilization[10m], 3600) > 1
- for: 10m
- labels:
- severity: critical
- annotations:
- description: '{{ $labels.job }}: {{ $labels.namespace }}/{{ $labels.pod }} instance
- will exhaust in file/socket descriptors within the next hour'
- summary: file descriptors soon exhausted
- kube-controller-manager.rules.yaml: |
- groups:
- - name: kube-controller-manager.rules
- rules:
- - alert: K8SControllerManagerDown
- expr: absent(up{job="kube-controller-manager"} == 1)
- for: 5m
- labels:
- severity: critical
- annotations:
- description: There is no running K8S controller manager. Deployments and replication
- controllers are not making progress.
- runbook: https://coreos.com/tectonic/docs/latest/troubleshooting/controller-recovery.html#recovering-a-controller-manager
- summary: Controller manager is down
- kube-scheduler.rules.yaml: |
- groups:
- - name: kube-scheduler.rules
- rules:
- - record: cluster:scheduler_e2e_scheduling_latency_seconds:quantile
- expr: histogram_quantile(0.99, sum(scheduler_e2e_scheduling_latency_microseconds_bucket)
- BY (le, cluster)) / 1e+06
- labels:
- quantile: "0.99"
- - record: cluster:scheduler_e2e_scheduling_latency_seconds:quantile
- expr: histogram_quantile(0.9, sum(scheduler_e2e_scheduling_latency_microseconds_bucket)
- BY (le, cluster)) / 1e+06
- labels:
- quantile: "0.9"
- - record: cluster:scheduler_e2e_scheduling_latency_seconds:quantile
- expr: histogram_quantile(0.5, sum(scheduler_e2e_scheduling_latency_microseconds_bucket)
- BY (le, cluster)) / 1e+06
- labels:
- quantile: "0.5"
- - record: cluster:scheduler_scheduling_algorithm_latency_seconds:quantile
- expr: histogram_quantile(0.99, sum(scheduler_scheduling_algorithm_latency_microseconds_bucket)
- BY (le, cluster)) / 1e+06
- labels:
- quantile: "0.99"
- - record: cluster:scheduler_scheduling_algorithm_latency_seconds:quantile
- expr: histogram_quantile(0.9, sum(scheduler_scheduling_algorithm_latency_microseconds_bucket)
- BY (le, cluster)) / 1e+06
- labels:
- quantile: "0.9"
- - record: cluster:scheduler_scheduling_algorithm_latency_seconds:quantile
- expr: histogram_quantile(0.5, sum(scheduler_scheduling_algorithm_latency_microseconds_bucket)
- BY (le, cluster)) / 1e+06
- labels:
- quantile: "0.5"
- - record: cluster:scheduler_binding_latency_seconds:quantile
- expr: histogram_quantile(0.99, sum(scheduler_binding_latency_microseconds_bucket)
- BY (le, cluster)) / 1e+06
- labels:
- quantile: "0.99"
- - record: cluster:scheduler_binding_latency_seconds:quantile
- expr: histogram_quantile(0.9, sum(scheduler_binding_latency_microseconds_bucket)
- BY (le, cluster)) / 1e+06
- labels:
- quantile: "0.9"
- - record: cluster:scheduler_binding_latency_seconds:quantile
- expr: histogram_quantile(0.5, sum(scheduler_binding_latency_microseconds_bucket)
- BY (le, cluster)) / 1e+06
- labels:
- quantile: "0.5"
- - alert: K8SSchedulerDown
- expr: absent(up{job="kube-scheduler"} == 1)
- for: 5m
- labels:
- severity: critical
- annotations:
- description: There is no running K8S scheduler. New pods are not being assigned
- to nodes.
- runbook: https://coreos.com/tectonic/docs/latest/troubleshooting/controller-recovery.html#recovering-a-scheduler
- summary: Scheduler is down
- kube-state-metrics.rules.yaml: |
- groups:
- - name: kube-state-metrics.rules
- rules:
- - alert: DeploymentGenerationMismatch
- expr: kube_deployment_status_observed_generation != kube_deployment_metadata_generation
- for: 15m
- labels:
- severity: warning
- annotations:
- description: Observed deployment generation does not match expected one for
- deployment {{$labels.namespace}}/{{$labels.deployment}}
- summary: Deployment is outdated
- - alert: DeploymentReplicasNotUpdated
- expr: ((kube_deployment_status_replicas_updated != kube_deployment_spec_replicas)
- or (kube_deployment_status_replicas_available != kube_deployment_spec_replicas))
- unless (kube_deployment_spec_paused == 1)
- for: 15m
- labels:
- severity: warning
- annotations:
- description: Replicas are not updated and available for deployment {{$labels.namespace}}/{{$labels.deployment}}
- summary: Deployment replicas are outdated
- - alert: DaemonSetRolloutStuck
- expr: kube_daemonset_status_number_ready / kube_daemonset_status_desired_number_scheduled
- * 100 < 100
- for: 15m
- labels:
- severity: warning
- annotations:
- description: Only {{$value}}% of desired pods scheduled and ready for daemon
- set {{$labels.namespace}}/{{$labels.daemonset}}
- summary: DaemonSet is missing pods
- - alert: K8SDaemonSetsNotScheduled
- expr: kube_daemonset_status_desired_number_scheduled - kube_daemonset_status_current_number_scheduled
- > 0
- for: 10m
- labels:
- severity: warning
- annotations:
- description: A number of daemonsets are not scheduled.
- summary: Daemonsets are not scheduled correctly
- - alert: DaemonSetsMissScheduled
- expr: kube_daemonset_status_number_misscheduled > 0
- for: 10m
- labels:
- severity: warning
- annotations:
- description: A number of daemonsets are running where they are not supposed
- to run.
- summary: Daemonsets are not scheduled correctly
- - alert: PodFrequentlyRestarting
- expr: increase(kube_pod_container_status_restarts_total[1h]) > 5
- for: 10m
- labels:
- severity: warning
- annotations:
- description: Pod {{$labels.namespace}}/{{$labels.pod}} was restarted {{$value}}
- times within the last hour
- summary: Pod is restarting frequently
- kubelet.rules.yaml: |
- groups:
- - name: kubelet.rules
- rules:
- - alert: K8SNodeNotReady
- expr: kube_node_status_condition{condition="Ready",status="true"} == 0
- for: 1h
- labels:
- severity: warning
- annotations:
- description: The Kubelet on {{ $labels.node }} has not checked in with the API,
- or has set itself to NotReady, for more than an hour
- summary: Node status is NotReady
- - alert: K8SManyNodesNotReady
- expr: count(kube_node_status_condition{condition="Ready",status="true"} == 0)
- > 1 and (count(kube_node_status_condition{condition="Ready",status="true"} ==
- 0) / count(kube_node_status_condition{condition="Ready",status="true"})) > 0.2
- for: 1m
- labels:
- severity: critical
- annotations:
- description: '{{ $value }}% of Kubernetes nodes are not ready'
- - alert: K8SKubeletDown
- expr: count(up{job="kubelet"} == 0) / count(up{job="kubelet"}) * 100 > 3
- for: 1h
- labels:
- severity: warning
- annotations:
- description: Prometheus failed to scrape {{ $value }}% of kubelets.
- summary: Prometheus failed to scrape
- - alert: K8SKubeletDown
- expr: (absent(up{job="kubelet"} == 1) or count(up{job="kubelet"} == 0) / count(up{job="kubelet"}))
- * 100 > 10
- for: 1h
- labels:
- severity: critical
- annotations:
- description: Prometheus failed to scrape {{ $value }}% of kubelets, or all Kubelets
- have disappeared from service discovery.
- summary: Many Kubelets cannot be scraped
- - alert: K8SKubeletTooManyPods
- expr: kubelet_running_pod_count > 100
- for: 10m
- labels:
- severity: warning
- annotations:
- description: Kubelet {{$labels.instance}} is running {{$value}} pods, close
- to the limit of 110
- summary: Kubelet is close to pod limit
- kubernetes.rules.yaml: |
- groups:
- - name: kubernetes.rules
- rules:
- - record: pod_name:container_memory_usage_bytes:sum
- expr: sum(container_memory_usage_bytes{container_name!="POD",pod_name!=""}) BY
- (pod_name)
- - record: pod_name:container_spec_cpu_shares:sum
- expr: sum(container_spec_cpu_shares{container_name!="POD",pod_name!=""}) BY (pod_name)
- - record: pod_name:container_cpu_usage:sum
- expr: sum(rate(container_cpu_usage_seconds_total{container_name!="POD",pod_name!=""}[5m]))
- BY (pod_name)
- - record: pod_name:container_fs_usage_bytes:sum
- expr: sum(container_fs_usage_bytes{container_name!="POD",pod_name!=""}) BY (pod_name)
- - record: namespace:container_memory_usage_bytes:sum
- expr: sum(container_memory_usage_bytes{container_name!=""}) BY (namespace)
- - record: namespace:container_spec_cpu_shares:sum
- expr: sum(container_spec_cpu_shares{container_name!=""}) BY (namespace)
- - record: namespace:container_cpu_usage:sum
- expr: sum(rate(container_cpu_usage_seconds_total{container_name!="POD"}[5m]))
- BY (namespace)
- - record: cluster:memory_usage:ratio
- expr: sum(container_memory_usage_bytes{container_name!="POD",pod_name!=""}) BY
- (cluster) / sum(machine_memory_bytes) BY (cluster)
- - record: cluster:container_spec_cpu_shares:ratio
- expr: sum(container_spec_cpu_shares{container_name!="POD",pod_name!=""}) / 1000
- / sum(machine_cpu_cores)
- - record: cluster:container_cpu_usage:ratio
- expr: sum(rate(container_cpu_usage_seconds_total{container_name!="POD",pod_name!=""}[5m]))
- / sum(machine_cpu_cores)
- - record: apiserver_latency_seconds:quantile
- expr: histogram_quantile(0.99, rate(apiserver_request_latencies_bucket[5m])) /
- 1e+06
- labels:
- quantile: "0.99"
- - record: apiserver_latency:quantile_seconds
- expr: histogram_quantile(0.9, rate(apiserver_request_latencies_bucket[5m])) /
- 1e+06
- labels:
- quantile: "0.9"
- - record: apiserver_latency_seconds:quantile
- expr: histogram_quantile(0.5, rate(apiserver_request_latencies_bucket[5m])) /
- 1e+06
- labels:
- quantile: "0.5"
- - alert: APIServerLatencyHigh
- expr: apiserver_latency_seconds:quantile{quantile="0.99",subresource!="log",verb!~"^(?:WATCH|WATCHLIST|PROXY|CONNECT)$"}
- > 1
- for: 10m
- labels:
- severity: warning
- annotations:
- description: the API server has a 99th percentile latency of {{ $value }} seconds
- for {{$labels.verb}} {{$labels.resource}}
- summary: API server high latency
- - alert: APIServerLatencyHigh
- expr: apiserver_latency_seconds:quantile{quantile="0.99",subresource!="log",verb!~"^(?:WATCH|WATCHLIST|PROXY|CONNECT)$"}
- > 4
- for: 10m
- labels:
- severity: critical
- annotations:
- description: the API server has a 99th percentile latency of {{ $value }} seconds
- for {{$labels.verb}} {{$labels.resource}}
- summary: API server high latency
- - alert: APIServerErrorsHigh
- expr: rate(apiserver_request_count{code=~"^(?:5..)$"}[5m]) / rate(apiserver_request_count[5m])
- * 100 > 2
- for: 10m
- labels:
- severity: warning
- annotations:
- description: API server returns errors for {{ $value }}% of requests
- summary: API server request errors
- - alert: APIServerErrorsHigh
- expr: rate(apiserver_request_count{code=~"^(?:5..)$"}[5m]) / rate(apiserver_request_count[5m])
- * 100 > 5
- for: 10m
- labels:
- severity: critical
- annotations:
- description: API server returns errors for {{ $value }}% of requests
- - alert: K8SApiserverDown
- expr: absent(up{job="apiserver"} == 1)
- for: 20m
- labels:
- severity: critical
- annotations:
- description: No API servers are reachable or all have disappeared from service
- discovery
- summary: No API servers are reachable
-
- - alert: K8sCertificateExpirationNotice
- labels:
- severity: warning
- annotations:
- description: Kubernetes API Certificate is expiring soon (less than 7 days)
- summary: Kubernetes API Certificate is expiering soon
- expr: sum(apiserver_client_certificate_expiration_seconds_bucket{le="604800"}) > 0
-
- - alert: K8sCertificateExpirationNotice
- labels:
- severity: critical
- annotations:
- description: Kubernetes API Certificate is expiring in less than 1 day
- summary: Kubernetes API Certificate is expiering
- expr: sum(apiserver_client_certificate_expiration_seconds_bucket{le="86400"}) > 0
- node.rules.yaml: |
- groups:
- - name: node.rules
- rules:
- - record: instance:node_cpu:rate:sum
- expr: sum(rate(node_cpu{mode!="idle",mode!="iowait"}[3m]))
- BY (instance)
- - record: instance:node_filesystem_usage:sum
- expr: sum((node_filesystem_size{mountpoint="/"} - node_filesystem_free{mountpoint="/"}))
- BY (instance)
- - record: instance:node_network_receive_bytes:rate:sum
- expr: sum(rate(node_network_receive_bytes[3m])) BY (instance)
- - record: instance:node_network_transmit_bytes:rate:sum
- expr: sum(rate(node_network_transmit_bytes[3m])) BY (instance)
- - record: instance:node_cpu:ratio
- expr: sum(rate(node_cpu{mode!="idle",mode!="iowait"}[5m])) WITHOUT (cpu, mode) / ON(instance)
- GROUP_LEFT() count(sum(node_cpu) BY (instance, cpu)) BY (instance)
- - record: cluster:node_cpu:sum_rate5m
- expr: sum(rate(node_cpu{mode!="idle",mode!="iowait"}[5m]))
- - record: cluster:node_cpu:ratio
- expr: cluster:node_cpu:rate5m / count(sum(node_cpu) BY (instance, cpu))
- - alert: NodeExporterDown
- expr: absent(up{job="node-exporter"} == 1)
- for: 10m
- labels:
- severity: warning
- annotations:
- description: Prometheus could not scrape a node-exporter for more than 10m,
- or node-exporters have disappeared from discovery
- summary: Prometheus could not scrape a node-exporter
- - alert: NodeDiskRunningFull
- expr: predict_linear(node_filesystem_free[6h], 3600 * 24) < 0
- for: 30m
- labels:
- severity: warning
- annotations:
- description: device {{$labels.device}} on node {{$labels.instance}} is running
- full within the next 24 hours (mounted at {{$labels.mountpoint}})
- summary: Node disk is running full within 24 hours
- - alert: NodeDiskRunningFull
- expr: predict_linear(node_filesystem_free[30m], 3600 * 2) < 0
- for: 10m
- labels:
- severity: critical
- annotations:
- description: device {{$labels.device}} on node {{$labels.instance}} is running
- full within the next 2 hours (mounted at {{$labels.mountpoint}})
- summary: Node disk is running full within 2 hours
- prometheus.rules.yaml: "groups:\n- name: prometheus.rules\n rules:\n - alert:
- PrometheusConfigReloadFailed\n expr: prometheus_config_last_reload_successful
- == 0\n for: 10m\n labels:\n severity: warning\n annotations:\n description:
- Reloading Prometheus' configuration has failed for {{$labels.namespace}}/{{$labels.pod}}\n
- \ summary: Reloading Promehteus' configuration failed\n\n - alert: PrometheusNotificationQueueRunningFull\n
- \ expr: predict_linear(prometheus_notifications_queue_length[5m], 60 * 30) >
- prometheus_notifications_queue_capacity\n for: 10m\n labels:\n severity:
- warning\n annotations:\n description: Prometheus' alert notification queue
- is running full for {{$labels.namespace}}/{{\n $labels.pod}}\n summary:
- Prometheus' alert notification queue is running full \n\n - alert: PrometheusErrorSendingAlerts\n
- \ expr: rate(prometheus_notifications_errors_total[5m]) / rate(prometheus_notifications_sent_total[5m])\n
- \ > 0.01\n for: 10m\n labels:\n severity: warning\n annotations:\n
- \ description: Errors while sending alerts from Prometheus {{$labels.namespace}}/{{\n
- \ $labels.pod}} to Alertmanager {{$labels.Alertmanager}}\n summary:
- Errors while sending alert from Prometheus\n\n - alert: PrometheusErrorSendingAlerts\n
- \ expr: rate(prometheus_notifications_errors_total[5m]) / rate(prometheus_notifications_sent_total[5m])\n
- \ > 0.03\n for: 10m\n labels:\n severity: critical\n annotations:\n
- \ description: Errors while sending alerts from Prometheus {{$labels.namespace}}/{{\n
- \ $labels.pod}} to Alertmanager {{$labels.Alertmanager}}\n summary:
- Errors while sending alerts from Prometheus\n\n - alert: PrometheusNotConnectedToAlertmanagers\n
- \ expr: prometheus_notifications_alertmanagers_discovered < 1\n for: 10m\n
- \ labels:\n severity: warning\n annotations:\n description: Prometheus
- {{ $labels.namespace }}/{{ $labels.pod}} is not connected\n to any Alertmanagers\n
- \ summary: Prometheus is not connected to any Alertmanagers\n\n - alert:
- PrometheusTSDBReloadsFailing\n expr: increase(prometheus_tsdb_reloads_failures_total[2h])
- > 0\n for: 12h\n labels:\n severity: warning\n annotations:\n description:
- '{{$labels.job}} at {{$labels.instance}} had {{$value | humanize}}\n reload
- failures over the last four hours.'\n summary: Prometheus has issues reloading
- data blocks from disk\n\n - alert: PrometheusTSDBCompactionsFailing\n expr:
- increase(prometheus_tsdb_compactions_failed_total[2h]) > 0\n for: 12h\n labels:\n
- \ severity: warning\n annotations:\n description: '{{$labels.job}}
- at {{$labels.instance}} had {{$value | humanize}}\n compaction failures
- over the last four hours.'\n summary: Prometheus has issues compacting sample
- blocks\n\n - alert: PrometheusTSDBWALCorruptions\n expr: tsdb_wal_corruptions_total
- > 0\n for: 4h\n labels:\n severity: warning\n annotations:\n description:
- '{{$labels.job}} at {{$labels.instance}} has a corrupted write-ahead\n log
- (WAL).'\n summary: Prometheus write-ahead log is corrupted\n\n - alert:
- PrometheusNotIngestingSamples\n expr: rate(prometheus_tsdb_head_samples_appended_total[5m])
- <= 0\n for: 10m\n labels:\n severity: warning\n annotations:\n description:
- \"Prometheus {{ $labels.namespace }}/{{ $labels.pod}} isn't ingesting samples.\"\n
- \ summary: \"Prometheus isn't ingesting samples\"\n\n - alert: PrometheusTargetScapesDuplicate\n
- \ expr: increase(prometheus_target_scrapes_sample_duplicate_timestamp_total[5m])
- > 0\n for: 10m\n labels:\n severity: warning\n annotations:\n description:
- \"{{$labels.namespace}}/{{$labels.pod}} has many samples rejected due to duplicate
- timestamps but different values\"\n summary: Prometheus has many samples
- rejected\n"
-kind: ConfigMap
-metadata:
- labels:
- prometheus: k8s
- role: alert-rules
- name: prometheus-k8s-rules
- namespace: monitoring
diff --git a/manifests/prometheus-k8s/prometheus-k8s.yaml b/manifests/prometheus-prometheus.yaml
similarity index 85%
rename from manifests/prometheus-k8s/prometheus-k8s.yaml
rename to manifests/prometheus-prometheus.yaml
index 324d96c7..b7fe9f25 100644
--- a/manifests/prometheus-k8s/prometheus-k8s.yaml
+++ b/manifests/prometheus-prometheus.yaml
@@ -11,6 +11,9 @@ spec:
- name: alertmanager-main
namespace: monitoring
port: web
+ baseImage: quay.io/prometheus/prometheus
+ nodeSelector:
+ beta.kubernetes.io/os: linux
replicas: 2
resources:
requests:
diff --git a/manifests/prometheus-k8s/prometheus-k8s-role-binding-config.yaml b/manifests/prometheus-role-binding-config.yaml
similarity index 100%
rename from manifests/prometheus-k8s/prometheus-k8s-role-binding-config.yaml
rename to manifests/prometheus-role-binding-config.yaml
diff --git a/manifests/prometheus-k8s/prometheus-k8s-role-binding-default.yaml b/manifests/prometheus-role-binding-default.yaml
similarity index 100%
rename from manifests/prometheus-k8s/prometheus-k8s-role-binding-default.yaml
rename to manifests/prometheus-role-binding-default.yaml
diff --git a/manifests/prometheus-k8s/prometheus-k8s-role-binding-kube-system.yaml b/manifests/prometheus-role-binding-kube-system.yaml
similarity index 100%
rename from manifests/prometheus-k8s/prometheus-k8s-role-binding-kube-system.yaml
rename to manifests/prometheus-role-binding-kube-system.yaml
diff --git a/manifests/prometheus-k8s/prometheus-k8s-role-binding-namespace.yaml b/manifests/prometheus-role-binding-namespace.yaml
similarity index 100%
rename from manifests/prometheus-k8s/prometheus-k8s-role-binding-namespace.yaml
rename to manifests/prometheus-role-binding-namespace.yaml
diff --git a/manifests/prometheus-k8s/prometheus-k8s-role-config.yaml b/manifests/prometheus-role-config.yaml
similarity index 100%
rename from manifests/prometheus-k8s/prometheus-k8s-role-config.yaml
rename to manifests/prometheus-role-config.yaml
diff --git a/manifests/prometheus-k8s/prometheus-k8s-role-default.yaml b/manifests/prometheus-role-default.yaml
similarity index 100%
rename from manifests/prometheus-k8s/prometheus-k8s-role-default.yaml
rename to manifests/prometheus-role-default.yaml
diff --git a/manifests/prometheus-k8s/prometheus-k8s-role-kube-system.yaml b/manifests/prometheus-role-kube-system.yaml
similarity index 100%
rename from manifests/prometheus-k8s/prometheus-k8s-role-kube-system.yaml
rename to manifests/prometheus-role-kube-system.yaml
diff --git a/manifests/prometheus-k8s/prometheus-k8s-role-namespace.yaml b/manifests/prometheus-role-namespace.yaml
similarity index 100%
rename from manifests/prometheus-k8s/prometheus-k8s-role-namespace.yaml
rename to manifests/prometheus-role-namespace.yaml
diff --git a/manifests/prometheus-rules.yaml b/manifests/prometheus-rules.yaml
new file mode 100644
index 00000000..852a3362
--- /dev/null
+++ b/manifests/prometheus-rules.yaml
@@ -0,0 +1,166 @@
+apiVersion: v1
+data:
+ all.rules.yaml: "\"groups\": \n- \"name\": \"k8s.rules\"\n \"rules\": \n - \"expr\":
+ |\n sum(rate(container_cpu_usage_seconds_total{job=\"kubelet\", image!=\"\"}[5m]))
+ by (namespace)\n \"record\": \"namespace:container_cpu_usage_seconds_total:sum_rate\"\n
+ \ - \"expr\": |\n sum(container_memory_usage_bytes{job=\"kubelet\", image!=\"\"})
+ by (namespace)\n \"record\": \"namespace:container_memory_usage_bytes:sum\"\n
+ \ - \"expr\": |\n sum by (namespace, label_name) (\n sum(rate(container_cpu_usage_seconds_total{job=\"kubelet\",
+ image!=\"\"}[5m])) by (namespace, pod_name)\n * on (namespace, pod_name)
+ group_left(label_name)\n label_replace(kube_pod_labels{job=\"kube-state-metrics\"},
+ \"pod_name\", \"$1\", \"pod\", \"(.*)\")\n )\n \"record\": \"namespace_name:container_cpu_usage_seconds_total:sum_rate\"\n
+ \ - \"expr\": |\n sum by (namespace, label_name) (\n sum(container_memory_usage_bytes{job=\"kubelet\",image!=\"\"})
+ by (pod_name, namespace)\n * on (namespace, pod_name) group_left(label_name)\n
+ \ label_replace(kube_pod_labels{job=\"kube-state-metrics\"}, \"pod_name\",
+ \"$1\", \"pod\", \"(.*)\")\n )\n \"record\": \"namespace_name:container_memory_usage_bytes:sum\"\n
+ \ - \"expr\": |\n sum by (namespace, label_name) (\n sum(kube_pod_container_resource_requests_memory_bytes{job=\"kube-state-metrics\"})
+ by (namespace, pod)\n * on (namespace, pod) group_left(label_name)\n label_replace(kube_pod_labels{job=\"kube-state-metrics\"},
+ \"pod_name\", \"$1\", \"pod\", \"(.*)\")\n )\n \"record\": \"namespace_name:kube_pod_container_resource_requests_memory_bytes:sum\"\n
+ \ - \"expr\": |\n sum by (namespace, label_name) (\n sum(kube_pod_container_resource_requests_cpu_cores{job=\"kube-state-metrics\"})
+ by (namespace, pod)\n * on (namespace, pod) group_left(label_name)\n label_replace(kube_pod_labels{job=\"kube-state-metrics\"},
+ \"pod_name\", \"$1\", \"pod\", \"(.*)\")\n )\n \"record\": \"namespace_name:kube_pod_container_resource_requests_cpu_cores:sum\"\n-
+ \"name\": \"node.rules\"\n \"rules\": \n - \"expr\": \"sum(min(kube_pod_info)
+ by (node))\"\n \"record\": \":kube_pod_info_node_count:\"\n - \"expr\": |\n
+ \ max(label_replace(kube_pod_info{job=\"kube-state-metrics\"}, \"pod\", \"$1\",
+ \"pod\", \"(.*)\")) by (node, namespace, pod)\n \"record\": \"node_namespace_pod:kube_pod_info:\"\n
+ \ - \"expr\": |\n count by (node) (sum by (node, cpu) (\n node_cpu{job=\"node-exporter\"}\n
+ \ * on (namespace, pod) group_left(node)\n node_namespace_pod:kube_pod_info:\n
+ \ ))\n \"record\": \"node:node_num_cpu:sum\"\n - \"expr\": |\n 1
+ - avg(rate(node_cpu{job=\"node-exporter\",mode=\"idle\"}[1m]))\n \"record\":
+ \":node_cpu_utilisation:avg1m\"\n - \"expr\": |\n 1 - avg by (node) (\n
+ \ rate(node_cpu{job=\"node-exporter\",mode=\"idle\"}[1m])\n * on (namespace,
+ pod) group_left(node)\n node_namespace_pod:kube_pod_info:)\n \"record\":
+ \"node:node_cpu_utilisation:avg1m\"\n - \"expr\": |\n sum(node_load1{job=\"node-exporter\"})\n
+ \ /\n sum(node:node_num_cpu:sum)\n \"record\": \":node_cpu_saturation_load1:\"\n
+ \ - \"expr\": |\n sum by (node) (\n node_load1{job=\"node-exporter\"}\n
+ \ * on (namespace, pod) group_left(node)\n node_namespace_pod:kube_pod_info:\n
+ \ )\n /\n node:node_num_cpu:sum\n \"record\": \"node:node_cpu_saturation_load1:\"\n
+ \ - \"expr\": |\n 1 -\n sum(node_memory_MemFree{job=\"node-exporter\"}
+ + node_memory_Cached{job=\"node-exporter\"} + node_memory_Buffers{job=\"node-exporter\"})\n
+ \ /\n sum(node_memory_MemTotal{job=\"node-exporter\"})\n \"record\":
+ \":node_memory_utilisation:\"\n - \"expr\": |\n sum by (node) (\n (node_memory_MemFree{job=\"node-exporter\"}
+ + node_memory_Cached{job=\"node-exporter\"} + node_memory_Buffers{job=\"node-exporter\"})\n
+ \ * on (namespace, pod) group_left(node)\n node_namespace_pod:kube_pod_info:\n
+ \ )\n \"record\": \"node:node_memory_bytes_available:sum\"\n - \"expr\":
+ |\n sum by (node) (\n node_memory_MemTotal{job=\"node-exporter\"}\n
+ \ * on (namespace, pod) group_left(node)\n node_namespace_pod:kube_pod_info:\n
+ \ )\n \"record\": \"node:node_memory_bytes_total:sum\"\n - \"expr\": |\n
+ \ (node:node_memory_bytes_total:sum - node:node_memory_bytes_available:sum)\n
+ \ /\n scalar(sum(node:node_memory_bytes_total:sum))\n \"record\":
+ \"node:node_memory_utilisation:ratio\"\n - \"expr\": |\n 1e3 * sum(\n (rate(node_vmstat_pgpgin{job=\"node-exporter\"}[1m])\n
+ \ + rate(node_vmstat_pgpgout{job=\"node-exporter\"}[1m]))\n )\n \"record\":
+ \":node_memory_swap_io_bytes:sum_rate\"\n - \"expr\": |\n 1 -\n sum
+ by (node) (\n (node_memory_MemFree{job=\"node-exporter\"} + node_memory_Cached{job=\"node-exporter\"}
+ + node_memory_Buffers{job=\"node-exporter\"})\n * on (namespace, pod) group_left(node)\n
+ \ node_namespace_pod:kube_pod_info:\n )\n /\n sum by (node)
+ (\n node_memory_MemTotal{job=\"node-exporter\"}\n * on (namespace,
+ pod) group_left(node)\n node_namespace_pod:kube_pod_info:\n )\n \"record\":
+ \"node:node_memory_utilisation:\"\n - \"expr\": |\n 1 - (node:node_memory_bytes_available:sum
+ / node:node_memory_bytes_total:sum)\n \"record\": \"node:node_memory_utilisation_2:\"\n
+ \ - \"expr\": |\n 1e3 * sum by (node) (\n (rate(node_vmstat_pgpgin{job=\"node-exporter\"}[1m])\n
+ \ + rate(node_vmstat_pgpgout{job=\"node-exporter\"}[1m]))\n * on (namespace,
+ pod) group_left(node)\n node_namespace_pod:kube_pod_info:\n )\n \"record\":
+ \"node:node_memory_swap_io_bytes:sum_rate\"\n - \"expr\": |\n avg(irate(node_disk_io_time_ms{job=\"node-exporter\",device=~\"(sd|xvd).+\"}[1m])
+ / 1e3)\n \"record\": \":node_disk_utilisation:avg_irate\"\n - \"expr\": |\n
+ \ avg by (node) (\n irate(node_disk_io_time_ms{job=\"node-exporter\",device=~\"(sd|xvd).+\"}[1m])
+ / 1e3\n * on (namespace, pod) group_left(node)\n node_namespace_pod:kube_pod_info:\n
+ \ )\n \"record\": \"node:node_disk_utilisation:avg_irate\"\n - \"expr\":
+ |\n avg(irate(node_disk_io_time_weighted{job=\"node-exporter\",device=~\"(sd|xvd).+\"}[1m])
+ / 1e3)\n \"record\": \":node_disk_saturation:avg_irate\"\n - \"expr\": |\n
+ \ avg by (node) (\n irate(node_disk_io_time_weighted{job=\"node-exporter\",device=~\"(sd|xvd).+\"}[1m])
+ / 1e3\n * on (namespace, pod) group_left(node)\n node_namespace_pod:kube_pod_info:\n
+ \ )\n \"record\": \"node:node_disk_saturation:avg_irate\"\n - \"expr\":
+ |\n sum(irate(node_network_receive_bytes{job=\"node-exporter\",device=\"eth0\"}[1m]))
+ +\n sum(irate(node_network_transmit_bytes{job=\"node-exporter\",device=\"eth0\"}[1m]))\n
+ \ \"record\": \":node_net_utilisation:sum_irate\"\n - \"expr\": |\n sum
+ by (node) (\n (irate(node_network_receive_bytes{job=\"node-exporter\",device=\"eth0\"}[1m])
+ +\n irate(node_network_transmit_bytes{job=\"node-exporter\",device=\"eth0\"}[1m]))\n
+ \ * on (namespace, pod) group_left(node)\n node_namespace_pod:kube_pod_info:\n
+ \ )\n \"record\": \"node:node_net_utilisation:sum_irate\"\n - \"expr\":
+ |\n sum(irate(node_network_receive_drop{job=\"node-exporter\",device=\"eth0\"}[1m]))
+ +\n sum(irate(node_network_transmit_drop{job=\"node-exporter\",device=\"eth0\"}[1m]))\n
+ \ \"record\": \":node_net_saturation:sum_irate\"\n - \"expr\": |\n sum
+ by (node) (\n (irate(node_network_receive_drop{job=\"node-exporter\",device=\"eth0\"}[1m])
+ +\n irate(node_network_transmit_drop{job=\"node-exporter\",device=\"eth0\"}[1m]))\n
+ \ * on (namespace, pod) group_left(node)\n node_namespace_pod:kube_pod_info:\n
+ \ )\n \"record\": \"node:node_net_saturation:sum_irate\"\n- \"name\": \"kubernetes-apps\"\n
+ \ \"rules\": \n - \"alert\": \"KubePodCrashLooping\"\n \"annotations\": \n
+ \ \"message\": \"{{ $labels.namespace }}/{{ $labels.pod }} ({{ $labels.container
+ }}) is restarting {{ printf \\\"%.2f\\\" $value }} / second\"\n \"expr\": |\n
+ \ rate(kube_pod_container_status_restarts_total{job=\"kube-state-metrics\"}[15m])
+ > 0\n \"for\": \"1h\"\n \"labels\": \n \"severity\": \"critical\"\n
+ \ - \"alert\": \"KubePodNotReady\"\n \"annotations\": \n \"message\":
+ \"{{ $labels.namespace }}/{{ $labels.pod }} is not ready.\"\n \"expr\": |\n
+ \ sum by (namespace, pod) (kube_pod_status_phase{job=\"kube-state-metrics\",
+ phase!~\"Running|Succeeded\"}) > 0\n \"for\": \"1h\"\n \"labels\": \n \"severity\":
+ \"critical\"\n - \"alert\": \"KubeDeploymentGenerationMismatch\"\n \"annotations\":
+ \n \"message\": \"Deployment {{ $labels.namespace }}/{{ labels.deployment
+ }} generation mismatch\"\n \"expr\": |\n kube_deployment_status_observed_generation{job=\"kube-state-metrics\"}\n
+ \ !=\n kube_deployment_metadata_generation{job=\"kube-state-metrics\"}\n
+ \ \"for\": \"15m\"\n \"labels\": \n \"severity\": \"critical\"\n -
+ \"alert\": \"KubeDeploymentReplicasMismatch\"\n \"annotations\": \n \"message\":
+ \"Deployment {{ $labels.namespace }}/{{ $labels.deployment }} replica mismatch\"\n
+ \ \"expr\": |\n kube_deployment_spec_replicas{job=\"kube-state-metrics\"}\n
+ \ !=\n kube_deployment_status_replicas_available{job=\"kube-state-metrics\"}\n
+ \ \"for\": \"15m\"\n \"labels\": \n \"severity\": \"critical\"\n- \"name\":
+ \"kubernetes-resources\"\n \"rules\": \n - \"alert\": \"KubeCPUOvercommit\"\n
+ \ \"annotations\": \n \"message\": \"Overcommited CPU resource requests
+ on Pods, cannot tolerate node failure.\"\n \"expr\": |\n sum(namespace_name:kube_pod_container_resource_requests_cpu_cores:sum)\n
+ \ /\n sum(node:node_num_cpu:sum)\n >\n (count(node:node_num_cpu:sum)-1)
+ / count(node:node_num_cpu:sum)\n \"for\": \"5m\"\n \"labels\": \n \"severity\":
+ \"warning\"\n - \"alert\": \"KubeMemOvercommit\"\n \"annotations\": \n \"message\":
+ \"Overcommited Memory resource requests on Pods, cannot tolerate node failure.\"\n
+ \ \"expr\": |\n sum(namespace_name:kube_pod_container_resource_requests_memory_bytes:sum)\n
+ \ /\n sum(node_memory_MemTotal)\n >\n (count(node:node_num_cpu:sum)-1)\n
+ \ /\n count(node:node_num_cpu:sum)\n \"for\": \"5m\"\n \"labels\":
+ \n \"severity\": \"warning\"\n - \"alert\": \"KubeCPUOvercommit\"\n \"annotations\":
+ \n \"message\": \"Overcommited CPU resource request quota on Namespaces.\"\n
+ \ \"expr\": |\n sum(kube_resourcequota{job=\"kube-state-metrics\", type=\"hard\",
+ resource=\"requests.cpu\"})\n /\n sum(node:node_num_cpu:sum)\n >
+ 1.5\n \"for\": \"5m\"\n \"labels\": \n \"severity\": \"warning\"\n
+ \ - \"alert\": \"KubeMemOvercommit\"\n \"annotations\": \n \"message\":
+ \"Overcommited Memory resource request quota on Namespaces.\"\n \"expr\": |\n
+ \ sum(kube_resourcequota{job=\"kube-state-metrics\", type=\"hard\", resource=\"requests.memory\"})\n
+ \ /\n sum(node_memory_MemTotal{job=\"node-exporter\"})\n > 1.5\n
+ \ \"for\": \"5m\"\n \"labels\": \n \"severity\": \"warning\"\n - \"alert\":
+ \"KubeQuotaExceeded\"\n \"annotations\": \n \"message\": \"{{ printf \\\"%0.0f\\\"
+ $value }}% usage of {{ $labels.resource }} in namespace {{ $labels.namespace }}.\"\n
+ \ \"expr\": |\n 100 * kube_resourcequota{job=\"kube-state-metrics\", type=\"used\"}\n
+ \ / ignoring(instance, job, type)\n kube_resourcequota{job=\"kube-state-metrics\",
+ type=\"hard\"}\n > 90\n \"for\": \"15m\"\n \"labels\": \n \"severity\":
+ \"warning\"\n- \"name\": \"kubernetes-storage\"\n \"rules\": \n - \"alert\":
+ \"KubePersistentVolumeUsageCritical\"\n \"annotations\": \n \"message\":
+ \"The persistent volume claimed by {{ $labels.persistentvolumeclaim }} in namespace
+ {{ $labels.namespace }} has {{ printf \\\"%0.0f\\\" $value }}% free.\"\n \"expr\":
+ |\n 100 * kubelet_volume_stats_available_bytes{job=\"kubelet\"}\n /\n
+ \ kubelet_volume_stats_capacity_bytes{job=\"kubelet\"}\n < 3\n \"for\":
+ \"1m\"\n \"labels\": \n \"severity\": \"critical\"\n - \"alert\": \"KubePersistentVolumeFullInFourDays\"\n
+ \ \"annotations\": \n \"message\": \"Based on recent sampling, the persistent
+ volume claimed by {{ $labels.persistentvolumeclaim }} in namespace {{ $labels.namespace
+ }} is expected to fill up within four days.\"\n \"expr\": |\n predict_linear(kubelet_volume_stats_available_bytes{job=\"kubelet\"}[1h],
+ 4 * 24 * 3600) < 0\n \"for\": \"5m\"\n \"labels\": \n \"severity\":
+ \"critical\"\n- \"name\": \"kubernetes-system\"\n \"rules\": \n - \"alert\":
+ \"KubeNodeNotReady\"\n \"annotations\": \n \"message\": \"{{ $labels.node
+ }} has been unready for more than an hour\"\n \"expr\": |\n max(kube_node_status_ready{job=\"kube-state-metrics\",
+ condition=\"false\"} == 1) BY (node)\n \"for\": \"1h\"\n \"labels\": \n
+ \ \"severity\": \"warning\"\n - \"alert\": \"KubeVersionMismatch\"\n \"annotations\":
+ \n \"message\": \"There are {{ $value }} different versions of Kubernetes
+ components running.\"\n \"expr\": |\n count(count(kubernetes_build_info{job!=\"kube-dns\"})
+ by (gitVersion)) > 1\n \"for\": \"1h\"\n \"labels\": \n \"severity\":
+ \"warning\"\n - \"alert\": \"KubeClientErrors\"\n \"annotations\": \n \"message\":
+ \"Kubernetes API server client '{{ $labels.job }}/{{ $labels.instance }}' is experiencing
+ {{ printf \\\"%0.0f\\\" $value }}% errors.'\"\n \"expr\": |\n sum(rate(rest_client_requests_total{code!~\"2..\"}[5m]))
+ by (instance, job) * 100\n /\n sum(rate(rest_client_requests_total[5m]))
+ by (instance, job)\n > 1\n \"for\": \"15m\"\n \"labels\": \n \"severity\":
+ \"warning\"\n - \"alert\": \"KubeClientErrors\"\n \"annotations\": \n \"message\":
+ \"Kubernetes API server client '{{ $labels.job }}/{{ $labels.instance }}' is experiencing
+ {{ printf \\\"%0.0f\\\" $value }} errors / sec.'\"\n \"expr\": |\n sum(rate(ksm_scrape_error_total{job=\"kube-state-metrics\"}[5m]))
+ by (instance, job) > 0.1\n \"for\": \"15m\"\n \"labels\": \n \"severity\":
+ \"warning\""
+kind: ConfigMap
+metadata:
+ labels:
+ prometheus: k8s
+ role: alert-rules
+ name: prometheus-k8s-rules
+ namespace: monitoring
diff --git a/manifests/prometheus-k8s/prometheus-k8s-service-account.yaml b/manifests/prometheus-service-account.yaml
similarity index 100%
rename from manifests/prometheus-k8s/prometheus-k8s-service-account.yaml
rename to manifests/prometheus-service-account.yaml
diff --git a/manifests/prometheus-k8s/prometheus-k8s-service-monitor-apiserver.yaml b/manifests/prometheus-service-monitor-apiserver.yaml
similarity index 100%
rename from manifests/prometheus-k8s/prometheus-k8s-service-monitor-apiserver.yaml
rename to manifests/prometheus-service-monitor-apiserver.yaml
diff --git a/manifests/prometheus-k8s/prometheus-k8s-service-monitor-coredns.yaml b/manifests/prometheus-service-monitor-core-dns.yaml
similarity index 100%
rename from manifests/prometheus-k8s/prometheus-k8s-service-monitor-coredns.yaml
rename to manifests/prometheus-service-monitor-core-dns.yaml
diff --git a/manifests/prometheus-k8s/prometheus-k8s-service-monitor-kube-controller-manager.yaml b/manifests/prometheus-service-monitor-kube-controller-manager.yaml
similarity index 100%
rename from manifests/prometheus-k8s/prometheus-k8s-service-monitor-kube-controller-manager.yaml
rename to manifests/prometheus-service-monitor-kube-controller-manager.yaml
diff --git a/manifests/prometheus-k8s/prometheus-k8s-service-monitor-kube-scheduler.yaml b/manifests/prometheus-service-monitor-kube-scheduler.yaml
similarity index 100%
rename from manifests/prometheus-k8s/prometheus-k8s-service-monitor-kube-scheduler.yaml
rename to manifests/prometheus-service-monitor-kube-scheduler.yaml
diff --git a/manifests/prometheus-k8s/prometheus-k8s-service-monitor-kubelet.yaml b/manifests/prometheus-service-monitor-kubelet.yaml
similarity index 100%
rename from manifests/prometheus-k8s/prometheus-k8s-service-monitor-kubelet.yaml
rename to manifests/prometheus-service-monitor-kubelet.yaml
diff --git a/manifests/prometheus-operator/prometheus-operator-service-monitor.yaml b/manifests/prometheus-service-monitor-prometheus-operator.yaml
similarity index 100%
rename from manifests/prometheus-operator/prometheus-operator-service-monitor.yaml
rename to manifests/prometheus-service-monitor-prometheus-operator.yaml
diff --git a/manifests/prometheus-k8s/prometheus-k8s-service-monitor-prometheus.yaml b/manifests/prometheus-service-monitor-prometheus.yaml
similarity index 100%
rename from manifests/prometheus-k8s/prometheus-k8s-service-monitor-prometheus.yaml
rename to manifests/prometheus-service-monitor-prometheus.yaml
diff --git a/manifests/prometheus-k8s/prometheus-k8s-service.yaml b/manifests/prometheus-service.yaml
similarity index 100%
rename from manifests/prometheus-k8s/prometheus-k8s-service.yaml
rename to manifests/prometheus-service.yaml
--
GitLab