diff --git a/deploy/manifests/api-service.yaml b/deploy/manifests/api-service.yaml new file mode 100644 index 00000000..b4c68196 --- /dev/null +++ b/deploy/manifests/api-service.yaml @@ -0,0 +1,17 @@ +apiVersion: apiregistration.k8s.io/v1 +kind: APIService +metadata: + labels: + app.kubernetes.io/component: metrics-adapter + app.kubernetes.io/name: prometheus-adapter + app.kubernetes.io/version: 0.9.1 + name: v1beta1.metrics.k8s.io +spec: + group: metrics.k8s.io + groupPriorityMinimum: 100 + insecureSkipTLSVerify: true + service: + name: prometheus-adapter + namespace: monitoring + version: v1beta1 + versionPriority: 100 diff --git a/deploy/manifests/cluster-role-aggregated-metrics-reader.yaml b/deploy/manifests/cluster-role-aggregated-metrics-reader.yaml new file mode 100644 index 00000000..668f05be --- /dev/null +++ b/deploy/manifests/cluster-role-aggregated-metrics-reader.yaml @@ -0,0 +1,22 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/component: metrics-adapter + app.kubernetes.io/name: prometheus-adapter + app.kubernetes.io/version: 0.9.1 + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" + rbac.authorization.k8s.io/aggregate-to-view: "true" + name: system:aggregated-metrics-reader + namespace: monitoring +rules: +- apiGroups: + - metrics.k8s.io + resources: + - pods + - nodes + verbs: + - get + - list + - watch diff --git a/deploy/manifests/cluster-role-binding-delegator.yaml b/deploy/manifests/cluster-role-binding-delegator.yaml new file mode 100644 index 00000000..abf31c74 --- /dev/null +++ b/deploy/manifests/cluster-role-binding-delegator.yaml @@ -0,0 +1,17 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + app.kubernetes.io/component: metrics-adapter + app.kubernetes.io/name: prometheus-adapter + app.kubernetes.io/version: 0.9.1 + name: resource-metrics:system:auth-delegator + namespace: monitoring +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:auth-delegator +subjects: +- kind: ServiceAccount + name: prometheus-adapter + namespace: monitoring diff --git a/deploy/manifests/hpa-custom-metrics-cluster-role-binding.yaml b/deploy/manifests/cluster-role-binding-hpa-custom-metrics.yaml similarity index 74% rename from deploy/manifests/hpa-custom-metrics-cluster-role-binding.yaml rename to deploy/manifests/cluster-role-binding-hpa-custom-metrics.yaml index 23ed7dc4..606af11f 100644 --- a/deploy/manifests/hpa-custom-metrics-cluster-role-binding.yaml +++ b/deploy/manifests/cluster-role-binding-hpa-custom-metrics.yaml @@ -2,6 +2,9 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: hpa-controller-custom-metrics + labels: + app.kubernetes.io/component: metrics-adapter + app.kubernetes.io/name: prometheus-adapter roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole diff --git a/deploy/manifests/cluster-role-binding.yaml b/deploy/manifests/cluster-role-binding.yaml new file mode 100644 index 00000000..a4ab887b --- /dev/null +++ b/deploy/manifests/cluster-role-binding.yaml @@ -0,0 +1,17 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + app.kubernetes.io/component: metrics-adapter + app.kubernetes.io/name: prometheus-adapter + app.kubernetes.io/version: 0.9.1 + name: prometheus-adapter + namespace: monitoring +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: prometheus-adapter +subjects: +- kind: ServiceAccount + name: prometheus-adapter + namespace: monitoring diff --git a/deploy/manifests/cluster-role-metrics-server-resources.yaml b/deploy/manifests/cluster-role-metrics-server-resources.yaml new file mode 100644 index 00000000..16131a7d --- /dev/null +++ b/deploy/manifests/cluster-role-metrics-server-resources.yaml @@ -0,0 +1,15 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/component: metrics-adapter + app.kubernetes.io/name: prometheus-adapter + app.kubernetes.io/version: 0.9.1 + name: resource-metrics-server-resources +rules: +- apiGroups: + - metrics.k8s.io + resources: + - '*' + verbs: + - '*' diff --git a/deploy/manifests/cluster-role.yaml b/deploy/manifests/cluster-role.yaml new file mode 100644 index 00000000..0f223d8d --- /dev/null +++ b/deploy/manifests/cluster-role.yaml @@ -0,0 +1,20 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/component: metrics-adapter + app.kubernetes.io/name: prometheus-adapter + app.kubernetes.io/version: 0.9.1 + name: prometheus-adapter +rules: +- apiGroups: + - "" + resources: + - nodes + - namespaces + - pods + - services + verbs: + - get + - list + - watch diff --git a/deploy/manifests/config-map.yaml b/deploy/manifests/config-map.yaml new file mode 100644 index 00000000..0056b75c --- /dev/null +++ b/deploy/manifests/config-map.yaml @@ -0,0 +1,68 @@ +apiVersion: v1 +data: + config.yaml: |- + "resourceRules": + "cpu": + "containerLabel": "container" + "containerQuery": | + sum by (<<.GroupBy>>) ( + irate ( + container_cpu_usage_seconds_total{<<.LabelMatchers>>,container!="",pod!=""}[4m] + ) + ) + "nodeQuery": | + sum by (<<.GroupBy>>) ( + 1 - irate( + node_cpu_seconds_total{mode="idle"}[4m] + ) + * on(namespace, pod) group_left(node) ( + node_namespace_pod:kube_pod_info:{<<.LabelMatchers>>} + ) + ) + or sum by (<<.GroupBy>>) ( + 1 - irate( + windows_cpu_time_total{mode="idle", job="windows-exporter",<<.LabelMatchers>>}[4m] + ) + ) + "resources": + "overrides": + "namespace": + "resource": "namespace" + "node": + "resource": "node" + "pod": + "resource": "pod" + "memory": + "containerLabel": "container" + "containerQuery": | + sum by (<<.GroupBy>>) ( + container_memory_working_set_bytes{<<.LabelMatchers>>,container!="",pod!=""} + ) + "nodeQuery": | + sum by (<<.GroupBy>>) ( + node_memory_MemTotal_bytes{job="node-exporter",<<.LabelMatchers>>} + - + node_memory_MemAvailable_bytes{job="node-exporter",<<.LabelMatchers>>} + ) + or sum by (<<.GroupBy>>) ( + windows_cs_physical_memory_bytes{job="windows-exporter",<<.LabelMatchers>>} + - + windows_memory_available_bytes{job="windows-exporter",<<.LabelMatchers>>} + ) + "resources": + "overrides": + "instance": + "resource": "node" + "namespace": + "resource": "namespace" + "pod": + "resource": "pod" + "window": "5m" +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/component: metrics-adapter + app.kubernetes.io/name: prometheus-adapter + app.kubernetes.io/version: 0.9.1 + name: adapter-config + namespace: monitoring diff --git a/deploy/manifests/custom-metrics-apiserver-auth-delegator-cluster-role-binding.yaml b/deploy/manifests/custom-metrics-apiserver-auth-delegator-cluster-role-binding.yaml deleted file mode 100644 index d008b234..00000000 --- a/deploy/manifests/custom-metrics-apiserver-auth-delegator-cluster-role-binding.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: custom-metrics:system:auth-delegator -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: system:auth-delegator -subjects: -- kind: ServiceAccount - name: custom-metrics-apiserver - namespace: custom-metrics diff --git a/deploy/manifests/custom-metrics-apiserver-deployment.yaml b/deploy/manifests/custom-metrics-apiserver-deployment.yaml deleted file mode 100644 index 35a4a27b..00000000 --- a/deploy/manifests/custom-metrics-apiserver-deployment.yaml +++ /dev/null @@ -1,51 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: custom-metrics-apiserver - name: custom-metrics-apiserver - namespace: custom-metrics -spec: - replicas: 1 - selector: - matchLabels: - app: custom-metrics-apiserver - template: - metadata: - labels: - app: custom-metrics-apiserver - name: custom-metrics-apiserver - spec: - serviceAccountName: custom-metrics-apiserver - containers: - - name: custom-metrics-apiserver - image: registry.k8s.io/prometheus-adapter/prometheus-adapter:v0.10.0 - args: - - --secure-port=6443 - - --tls-cert-file=/var/run/serving-cert/serving.crt - - --tls-private-key-file=/var/run/serving-cert/serving.key - - --logtostderr=true - - --prometheus-url=http://prometheus.prom.svc:9090/ - - --metrics-relist-interval=1m - - --v=10 - - --config=/etc/adapter/config.yaml - ports: - - containerPort: 6443 - volumeMounts: - - mountPath: /var/run/serving-cert - name: volume-serving-cert - readOnly: true - - mountPath: /etc/adapter/ - name: config - readOnly: true - - mountPath: /tmp - name: tmp-vol - volumes: - - name: volume-serving-cert - secret: - secretName: cm-adapter-serving-certs - - name: config - configMap: - name: adapter-config - - name: tmp-vol - emptyDir: {} diff --git a/deploy/manifests/custom-metrics-apiserver-resource-reader-cluster-role-binding.yaml b/deploy/manifests/custom-metrics-apiserver-resource-reader-cluster-role-binding.yaml deleted file mode 100644 index 145e8db8..00000000 --- a/deploy/manifests/custom-metrics-apiserver-resource-reader-cluster-role-binding.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: custom-metrics-resource-reader -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: custom-metrics-resource-reader -subjects: -- kind: ServiceAccount - name: custom-metrics-apiserver - namespace: custom-metrics diff --git a/deploy/manifests/custom-metrics-apiserver-service-account.yaml b/deploy/manifests/custom-metrics-apiserver-service-account.yaml deleted file mode 100644 index b833e758..00000000 --- a/deploy/manifests/custom-metrics-apiserver-service-account.yaml +++ /dev/null @@ -1,5 +0,0 @@ -kind: ServiceAccount -apiVersion: v1 -metadata: - name: custom-metrics-apiserver - namespace: custom-metrics diff --git a/deploy/manifests/custom-metrics-apiserver-service.yaml b/deploy/manifests/custom-metrics-apiserver-service.yaml deleted file mode 100644 index c8f9344f..00000000 --- a/deploy/manifests/custom-metrics-apiserver-service.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: custom-metrics-apiserver - namespace: custom-metrics -spec: - ports: - - port: 443 - targetPort: 6443 - selector: - app: custom-metrics-apiserver diff --git a/deploy/manifests/custom-metrics-apiservice.yaml b/deploy/manifests/custom-metrics-apiservice.yaml deleted file mode 100644 index 7208efcd..00000000 --- a/deploy/manifests/custom-metrics-apiservice.yaml +++ /dev/null @@ -1,42 +0,0 @@ -apiVersion: apiregistration.k8s.io/v1 -kind: APIService -metadata: - name: v1beta1.custom.metrics.k8s.io -spec: - service: - name: custom-metrics-apiserver - namespace: custom-metrics - group: custom.metrics.k8s.io - version: v1beta1 - insecureSkipTLSVerify: true - groupPriorityMinimum: 100 - versionPriority: 100 ---- -apiVersion: apiregistration.k8s.io/v1 -kind: APIService -metadata: - name: v1beta2.custom.metrics.k8s.io -spec: - service: - name: custom-metrics-apiserver - namespace: custom-metrics - group: custom.metrics.k8s.io - version: v1beta2 - insecureSkipTLSVerify: true - groupPriorityMinimum: 100 - versionPriority: 200 ---- -apiVersion: apiregistration.k8s.io/v1 -kind: APIService -metadata: - name: v1beta1.external.metrics.k8s.io -spec: - service: - name: custom-metrics-apiserver - namespace: custom-metrics - group: external.metrics.k8s.io - version: v1beta1 - insecureSkipTLSVerify: true - groupPriorityMinimum: 100 - versionPriority: 100 ---- diff --git a/deploy/manifests/custom-metrics-cluster-role.yaml b/deploy/manifests/custom-metrics-cluster-role.yaml deleted file mode 100644 index 4fc9f97d..00000000 --- a/deploy/manifests/custom-metrics-cluster-role.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: custom-metrics-server-resources -rules: -- apiGroups: - - custom.metrics.k8s.io - - external.metrics.k8s.io - resources: ["*"] - verbs: ["*"] diff --git a/deploy/manifests/custom-metrics-config-map.yaml b/deploy/manifests/custom-metrics-config-map.yaml deleted file mode 100644 index d68f4ac2..00000000 --- a/deploy/manifests/custom-metrics-config-map.yaml +++ /dev/null @@ -1,117 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: adapter-config - namespace: custom-metrics -data: - config.yaml: | - rules: - - seriesQuery: '{__name__=~"^container_.*",container!="POD",namespace!="",pod!=""}' - seriesFilters: [] - resources: - overrides: - namespace: - resource: namespace - pod: - resource: pod - name: - matches: ^container_(.*)_seconds_total$ - as: "" - metricsQuery: sum(rate(<<.Series>>{<<.LabelMatchers>>,container!="POD"}[1m])) by (<<.GroupBy>>) - - seriesQuery: '{__name__=~"^container_.*",container!="POD",namespace!="",pod!=""}' - seriesFilters: - - isNot: ^container_.*_seconds_total$ - resources: - overrides: - namespace: - resource: namespace - pod: - resource: pod - name: - matches: ^container_(.*)_total$ - as: "" - metricsQuery: sum(rate(<<.Series>>{<<.LabelMatchers>>,container!="POD"}[1m])) by (<<.GroupBy>>) - - seriesQuery: '{__name__=~"^container_.*",container!="POD",namespace!="",pod!=""}' - seriesFilters: - - isNot: ^container_.*_total$ - resources: - overrides: - namespace: - resource: namespace - pod: - resource: pod - name: - matches: ^container_(.*)$ - as: "" - metricsQuery: sum(<<.Series>>{<<.LabelMatchers>>,container!="POD"}) by (<<.GroupBy>>) - - seriesQuery: '{namespace!="",__name__!~"^container_.*"}' - seriesFilters: - - isNot: .*_total$ - resources: - template: <<.Resource>> - name: - matches: "" - as: "" - metricsQuery: sum(<<.Series>>{<<.LabelMatchers>>}) by (<<.GroupBy>>) - - seriesQuery: '{namespace!="",__name__!~"^container_.*"}' - seriesFilters: - - isNot: .*_seconds_total - resources: - template: <<.Resource>> - name: - matches: ^(.*)_total$ - as: "" - metricsQuery: sum(rate(<<.Series>>{<<.LabelMatchers>>}[1m])) by (<<.GroupBy>>) - - seriesQuery: '{namespace!="",__name__!~"^container_.*"}' - seriesFilters: [] - resources: - template: <<.Resource>> - name: - matches: ^(.*)_seconds_total$ - as: "" - metricsQuery: sum(rate(<<.Series>>{<<.LabelMatchers>>}[1m])) by (<<.GroupBy>>) - resourceRules: - cpu: - containerQuery: sum(rate(container_cpu_usage_seconds_total{<<.LabelMatchers>>}[1m])) by (<<.GroupBy>>) - nodeQuery: sum(rate(container_cpu_usage_seconds_total{<<.LabelMatchers>>, id='/'}[1m])) by (<<.GroupBy>>) - resources: - overrides: - instance: - resource: node - namespace: - resource: namespace - pod: - resource: pod - containerLabel: container - memory: - containerQuery: sum(container_memory_working_set_bytes{<<.LabelMatchers>>}) by (<<.GroupBy>>) - nodeQuery: sum(container_memory_working_set_bytes{<<.LabelMatchers>>,id='/'}) by (<<.GroupBy>>) - resources: - overrides: - instance: - resource: node - namespace: - resource: namespace - pod: - resource: pod - containerLabel: container - window: 1m - externalRules: - - seriesQuery: '{__name__=~"^.*_queue_(length|size)$",namespace!=""}' - resources: - overrides: - namespace: - resource: namespace - name: - matches: ^.*_queue_(length|size)$ - as: "$0" - metricsQuery: max(<<.Series>>{<<.LabelMatchers>>}) - - seriesQuery: '{__name__=~"^.*_queue$",namespace!=""}' - resources: - overrides: - namespace: - resource: namespace - name: - matches: ^.*_queue$ - as: "$0" - metricsQuery: max(<<.Series>>{<<.LabelMatchers>>}) diff --git a/deploy/manifests/custom-metrics-resource-reader-cluster-role.yaml b/deploy/manifests/custom-metrics-resource-reader-cluster-role.yaml deleted file mode 100644 index b922b02d..00000000 --- a/deploy/manifests/custom-metrics-resource-reader-cluster-role.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: custom-metrics-resource-reader -rules: -- apiGroups: - - "" - resources: - - pods - - nodes - - nodes/stats - verbs: - - get - - list - - watch diff --git a/deploy/manifests/deployment.yaml b/deploy/manifests/deployment.yaml new file mode 100644 index 00000000..8ac43de8 --- /dev/null +++ b/deploy/manifests/deployment.yaml @@ -0,0 +1,90 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/component: metrics-adapter + app.kubernetes.io/name: prometheus-adapter + app.kubernetes.io/version: 0.9.1 + name: prometheus-adapter + namespace: monitoring +spec: + replicas: 2 + selector: + matchLabels: + app.kubernetes.io/component: metrics-adapter + app.kubernetes.io/name: prometheus-adapter + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 1 + template: + metadata: + labels: + app.kubernetes.io/component: metrics-adapter + app.kubernetes.io/name: prometheus-adapter + app.kubernetes.io/version: 0.9.1 + spec: + automountServiceAccountToken: true + containers: + - args: + - --cert-dir=/var/run/serving-cert + - --config=/etc/adapter/config.yaml + - --logtostderr=true + - --metrics-relist-interval=1m + - --prometheus-url=https://setup-monit-prometheus.monitoring.svc:9090/ + - --secure-port=6443 + - --tls-cipher-suites=TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA + image: registry.k8s.io/prometheus-adapter/prometheus-adapter:v0.10.0 + livenessProbe: + failureThreshold: 5 + httpGet: + path: /livez + port: https + scheme: HTTPS + initialDelaySeconds: 30 + periodSeconds: 5 + name: prometheus-adapter + ports: + - containerPort: 6443 + name: https + readinessProbe: + failureThreshold: 5 + httpGet: + path: /readyz + port: https + scheme: HTTPS + initialDelaySeconds: 30 + periodSeconds: 5 + resources: + requests: + cpu: 102m + memory: 180Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /tmp + name: tmpfs + readOnly: false + - mountPath: /var/run/serving-cert + name: volume-serving-cert + readOnly: false + - mountPath: /etc/adapter + name: config + readOnly: false + nodeSelector: + kubernetes.io/os: linux + securityContext: {} + serviceAccountName: prometheus-adapter + volumes: + - emptyDir: {} + name: tmpfs + - emptyDir: {} + name: volume-serving-cert + - configMap: + name: adapter-config + name: config \ No newline at end of file diff --git a/deploy/manifests/network-policy.yaml b/deploy/manifests/network-policy.yaml new file mode 100644 index 00000000..44bfee31 --- /dev/null +++ b/deploy/manifests/network-policy.yaml @@ -0,0 +1,21 @@ +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + labels: + app.kubernetes.io/component: metrics-adapter + app.kubernetes.io/name: prometheus-adapter + app.kubernetes.io/version: 0.9.1 + name: prometheus-adapter + namespace: monitoring +spec: + egress: + - {} + ingress: + - {} + podSelector: + matchLabels: + app.kubernetes.io/component: metrics-adapter + app.kubernetes.io/name: prometheus-adapter + policyTypes: + - Egress + - Ingress diff --git a/deploy/manifests/pod-disruption-budget.yaml b/deploy/manifests/pod-disruption-budget.yaml new file mode 100644 index 00000000..ac862482 --- /dev/null +++ b/deploy/manifests/pod-disruption-budget.yaml @@ -0,0 +1,15 @@ +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + labels: + app.kubernetes.io/component: metrics-adapter + app.kubernetes.io/name: prometheus-adapter + app.kubernetes.io/version: 0.9.1 + name: prometheus-adapter + namespace: monitoring +spec: + minAvailable: 1 + selector: + matchLabels: + app.kubernetes.io/component: metrics-adapter + app.kubernetes.io/name: prometheus-adapter diff --git a/deploy/manifests/custom-metrics-apiserver-auth-reader-role-binding.yaml b/deploy/manifests/role-binding-auth-reader.yaml similarity index 50% rename from deploy/manifests/custom-metrics-apiserver-auth-reader-role-binding.yaml rename to deploy/manifests/role-binding-auth-reader.yaml index fd98db92..7a613941 100644 --- a/deploy/manifests/custom-metrics-apiserver-auth-reader-role-binding.yaml +++ b/deploy/manifests/role-binding-auth-reader.yaml @@ -1,7 +1,11 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: custom-metrics-auth-reader + labels: + app.kubernetes.io/component: metrics-adapter + app.kubernetes.io/name: prometheus-adapter + app.kubernetes.io/version: 0.9.1 + name: resource-metrics-auth-reader namespace: kube-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -9,5 +13,5 @@ roleRef: name: extension-apiserver-authentication-reader subjects: - kind: ServiceAccount - name: custom-metrics-apiserver - namespace: custom-metrics + name: prometheus-adapter + namespace: monitoring diff --git a/deploy/manifests/service-account.yaml b/deploy/manifests/service-account.yaml new file mode 100644 index 00000000..a7ad4ba2 --- /dev/null +++ b/deploy/manifests/service-account.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +automountServiceAccountToken: false +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/component: metrics-adapter + app.kubernetes.io/name: prometheus-adapter + app.kubernetes.io/version: 0.9.1 + name: prometheus-adapter + namespace: monitoring diff --git a/deploy/manifests/service-monitor.yaml b/deploy/manifests/service-monitor.yaml new file mode 100644 index 00000000..ffa733ab --- /dev/null +++ b/deploy/manifests/service-monitor.yaml @@ -0,0 +1,26 @@ +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + labels: + app.kubernetes.io/component: metrics-adapter + app.kubernetes.io/name: prometheus-adapter + app.kubernetes.io/version: 0.9.1 + name: prometheus-adapter + namespace: monitoring +spec: + endpoints: + - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + interval: 30s + metricRelabelings: + - action: drop + regex: (apiserver_client_certificate_.*|apiserver_envelope_.*|apiserver_flowcontrol_.*|apiserver_storage_.*|apiserver_webhooks_.*|workqueue_.*) + sourceLabels: + - __name__ + port: https + scheme: https + tlsConfig: + insecureSkipVerify: true + selector: + matchLabels: + app.kubernetes.io/component: metrics-adapter + app.kubernetes.io/name: prometheus-adapter diff --git a/deploy/manifests/service.yaml b/deploy/manifests/service.yaml new file mode 100644 index 00000000..011e7f88 --- /dev/null +++ b/deploy/manifests/service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/component: metrics-adapter + app.kubernetes.io/name: prometheus-adapter + app.kubernetes.io/version: 0.9.1 + name: prometheus-adapter + namespace: monitoring +spec: + ports: + - name: https + port: 443 + targetPort: 6443 + selector: + app.kubernetes.io/component: metrics-adapter + app.kubernetes.io/name: prometheus-adapter