From 57c607f8b9c480867204ba122a31bc69f9b1b02b Mon Sep 17 00:00:00 2001 From: Daniel Talamas Date: Wed, 2 Mar 2022 16:56:44 -0600 Subject: [PATCH] Make changes --- deploy/addepar/certs/gencerts.sh | 8 +- deploy/addepar/prometheus/prometheus.yaml | 54 +++++---- deploy/addepar/sample-hpa/Makefile | 1 - deploy/addepar/sample-hpa/sample-app.hpa.yaml | 23 ++-- .../custom-metrics-apiserver-deployment.yaml | 5 +- .../manifests/custom-metrics-apiservice.yaml | 34 +----- .../manifests/custom-metrics-config-map.yaml | 104 +----------------- 7 files changed, 52 insertions(+), 177 deletions(-) diff --git a/deploy/addepar/certs/gencerts.sh b/deploy/addepar/certs/gencerts.sh index 17abb6b9..2422b6f9 100755 --- a/deploy/addepar/certs/gencerts.sh +++ b/deploy/addepar/certs/gencerts.sh @@ -15,14 +15,14 @@ case $(uname) in b64_opts='--wrap=0' esac -#go get -v -u github.com/cloudflare/cfssl/cmd/... +go get -v -u github.com/cloudflare/cfssl/cmd/... export PURPOSE=metrics openssl req -x509 -sha256 -new -nodes -days 365 -newkey rsa:2048 -keyout ${PURPOSE}-ca.key -out ${PURPOSE}-ca.crt -subj "/CN=ca" echo '{"signing":{"default":{"expiry":"43800h","usages":["signing","key encipherment","'${PURPOSE}'"]}}}' > "${PURPOSE}-ca-config.json" export SERVICE_NAME=custom-metrics-apiserver -export ALT_NAMES='"custom-metrics-apiserver.monitoring","custom-metrics-apiserver.monitoring.svc"' +export ALT_NAMES='"custom-metrics-apiserver.custom-metrics","custom-metrics-apiserver.custom-metrics.svc"' echo "{\"CN\":\"${SERVICE_NAME}\", \"hosts\": [${ALT_NAMES}], \"key\": {\"algo\": \"rsa\",\"size\": 2048}}" | \ cfssl gencert -ca=metrics-ca.crt -ca-key=metrics-ca.key -config=metrics-ca-config.json - | cfssljson -bare apiserver @@ -32,6 +32,6 @@ kind: Secret metadata: name: cm-adapter-serving-certs data: - serving.crt: $(base64 ${b64_opts} < apiserver.pem) - serving.key: $(base64 ${b64_opts} < apiserver-key.pem) + serving.crt: $(cat apiserver.pem | base64 ${b64_opts}) + serving.key: $(cat apiserver-key.pem | base64 ${b64_opts}) EOF diff --git a/deploy/addepar/prometheus/prometheus.yaml b/deploy/addepar/prometheus/prometheus.yaml index f9df65f1..8fe726c0 100644 --- a/deploy/addepar/prometheus/prometheus.yaml +++ b/deploy/addepar/prometheus/prometheus.yaml @@ -3,26 +3,32 @@ kind: ServiceAccount metadata: name: prometheus --- -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: prometheus rules: - - apiGroups: [""] - resources: - - nodes - - services - - endpoints - - pods - verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: - - configmaps - verbs: ["get"] - - nonResourceURLs: ["/metrics"] - verbs: ["get"] +- apiGroups: [""] + resources: + - nodes + - nodes/metrics + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] +- apiGroups: [""] + resources: + - configmaps + verbs: ["get"] +- apiGroups: + - networking.k8s.io + resources: + - ingresses + verbs: ["get", "list", "watch"] +- nonResourceURLs: ["/metrics"] + verbs: ["get"] --- -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: prometheus @@ -31,9 +37,9 @@ roleRef: kind: ClusterRole name: prometheus subjects: - - kind: ServiceAccount - name: prometheus - namespace: prom +- kind: ServiceAccount + name: prometheus + namespace: default --- apiVersion: monitoring.coreos.com/v1 kind: Prometheus @@ -41,11 +47,13 @@ metadata: name: prometheus spec: # Match all service monitors in all namespaces + serviceAccountName: prometheus serviceMonitorNamespaceSelector: {} serviceMonitorSelector: {} resources: requests: memory: 400Mi + enableAdminAPI: false --- apiVersion: v1 kind: Service @@ -54,10 +62,10 @@ metadata: spec: type: NodePort ports: - - name: web - nodePort: 30900 - port: 9090 - protocol: TCP - targetPort: web + - name: web + nodePort: 30900 + port: 9090 + protocol: TCP + targetPort: web selector: prometheus: prometheus diff --git a/deploy/addepar/sample-hpa/Makefile b/deploy/addepar/sample-hpa/Makefile index 995c5070..2068f9dc 100644 --- a/deploy/addepar/sample-hpa/Makefile +++ b/deploy/addepar/sample-hpa/Makefile @@ -10,7 +10,6 @@ monitor: kubectl create -n default -f service-monitor.yaml hpa: - kubectl delete -f sample-app.hpa.yaml kubectl create -f sample-app.hpa.yaml test: diff --git a/deploy/addepar/sample-hpa/sample-app.hpa.yaml b/deploy/addepar/sample-hpa/sample-app.hpa.yaml index 674ffbde..0e0f73ae 100644 --- a/deploy/addepar/sample-hpa/sample-app.hpa.yaml +++ b/deploy/addepar/sample-hpa/sample-app.hpa.yaml @@ -1,24 +1,19 @@ +apiVersion: autoscaling/v2beta2 kind: HorizontalPodAutoscaler -apiVersion: autoscaling/v2beta1 metadata: name: sample-app spec: scaleTargetRef: - # point the HPA at the sample application - # you created above apiVersion: apps/v1 kind: Deployment name: sample-app - # autoscale between 1 and 10 replicas minReplicas: 1 - maxReplicas: 10 + maxReplicas: 5 metrics: - # use a "Pods" metric, which takes the average of the - # given metric across all pods controlled by the autoscaling target - - type: Pods - pods: - # use the metric that you used above: pods/http_requests - metricName: http_requests - # target 500 milli-requests per second, - # which is 1 request every two seconds - targetAverageValue: 20m + - type: Pods + pods: + metric: + name: http_requests_total + target: + type: AverageValue + averageValue: 20m diff --git a/deploy/manifests/custom-metrics-apiserver-deployment.yaml b/deploy/manifests/custom-metrics-apiserver-deployment.yaml index 2227585f..98551354 100644 --- a/deploy/manifests/custom-metrics-apiserver-deployment.yaml +++ b/deploy/manifests/custom-metrics-apiserver-deployment.yaml @@ -19,14 +19,13 @@ spec: serviceAccountName: custom-metrics-apiserver containers: - name: custom-metrics-apiserver - image: gcr.io/k8s-staging-prometheus-adapter/prometheus-adapter-amd64 - imagePullPolicy: Never + image: gcr.io/k8s-staging-prometheus-adapter/prometheus-adapter-amd64:v0.9.1 args: - --secure-port=6443 - --tls-cert-file=/var/run/serving-cert/serving.crt - --tls-private-key-file=/var/run/serving-cert/serving.key - --logtostderr=true - - --prometheus-url=http://prometheus.prom.svc:9090/ + - --prometheus-url=http://host.docker.internal:30900 - --metrics-relist-interval=1m - --v=10 - --config=/etc/adapter/config.yaml diff --git a/deploy/manifests/custom-metrics-apiservice.yaml b/deploy/manifests/custom-metrics-apiservice.yaml index f329531b..9b5d8b30 100644 --- a/deploy/manifests/custom-metrics-apiservice.yaml +++ b/deploy/manifests/custom-metrics-apiservice.yaml @@ -1,4 +1,4 @@ -apiVersion: apiregistration.k8s.io/v1beta1 +apiVersion: apiregistration.k8s.io/v1 kind: APIService metadata: name: v1beta1.custom.metrics.k8s.io @@ -8,35 +8,7 @@ spec: namespace: custom-metrics group: custom.metrics.k8s.io version: v1beta1 - insecureSkipTLSVerify: true + insecureSkipTLSVerify: false groupPriorityMinimum: 100 versionPriority: 100 ---- -apiVersion: apiregistration.k8s.io/v1beta1 -kind: APIService -metadata: - name: v1beta2.custom.metrics.k8s.io -spec: - service: - name: custom-metrics-apiserver - namespace: custom-metrics - group: custom.metrics.k8s.io - version: v1beta2 - insecureSkipTLSVerify: true - groupPriorityMinimum: 100 - versionPriority: 200 ---- -apiVersion: apiregistration.k8s.io/v1beta1 -kind: APIService -metadata: - name: v1beta1.external.metrics.k8s.io -spec: - service: - name: custom-metrics-apiserver - namespace: custom-metrics - group: external.metrics.k8s.io - version: v1beta1 - insecureSkipTLSVerify: true - groupPriorityMinimum: 100 - versionPriority: 100 ---- + caBundle: LS0 # insert full base64 crt here, should start with LS0 diff --git a/deploy/manifests/custom-metrics-config-map.yaml b/deploy/manifests/custom-metrics-config-map.yaml index d68f4ac2..bab1b5be 100644 --- a/deploy/manifests/custom-metrics-config-map.yaml +++ b/deploy/manifests/custom-metrics-config-map.yaml @@ -6,8 +6,7 @@ metadata: data: config.yaml: | rules: - - seriesQuery: '{__name__=~"^container_.*",container!="POD",namespace!="",pod!=""}' - seriesFilters: [] + - seriesQuery: '{__name__=~"^.*$", pod!="", namespace!=""}' resources: overrides: namespace: @@ -15,103 +14,6 @@ data: pod: resource: pod name: - matches: ^container_(.*)_seconds_total$ - as: "" - metricsQuery: sum(rate(<<.Series>>{<<.LabelMatchers>>,container!="POD"}[1m])) by (<<.GroupBy>>) - - seriesQuery: '{__name__=~"^container_.*",container!="POD",namespace!="",pod!=""}' - seriesFilters: - - isNot: ^container_.*_seconds_total$ - resources: - overrides: - namespace: - resource: namespace - pod: - resource: pod - name: - matches: ^container_(.*)_total$ - as: "" - metricsQuery: sum(rate(<<.Series>>{<<.LabelMatchers>>,container!="POD"}[1m])) by (<<.GroupBy>>) - - seriesQuery: '{__name__=~"^container_.*",container!="POD",namespace!="",pod!=""}' - seriesFilters: - - isNot: ^container_.*_total$ - resources: - overrides: - namespace: - resource: namespace - pod: - resource: pod - name: - matches: ^container_(.*)$ - as: "" - metricsQuery: sum(<<.Series>>{<<.LabelMatchers>>,container!="POD"}) by (<<.GroupBy>>) - - seriesQuery: '{namespace!="",__name__!~"^container_.*"}' - seriesFilters: - - isNot: .*_total$ - resources: - template: <<.Resource>> - name: - matches: "" - as: "" + matches: "^(.*)$" + as: "${1}" metricsQuery: sum(<<.Series>>{<<.LabelMatchers>>}) by (<<.GroupBy>>) - - seriesQuery: '{namespace!="",__name__!~"^container_.*"}' - seriesFilters: - - isNot: .*_seconds_total - resources: - template: <<.Resource>> - name: - matches: ^(.*)_total$ - as: "" - metricsQuery: sum(rate(<<.Series>>{<<.LabelMatchers>>}[1m])) by (<<.GroupBy>>) - - seriesQuery: '{namespace!="",__name__!~"^container_.*"}' - seriesFilters: [] - resources: - template: <<.Resource>> - name: - matches: ^(.*)_seconds_total$ - as: "" - metricsQuery: sum(rate(<<.Series>>{<<.LabelMatchers>>}[1m])) by (<<.GroupBy>>) - resourceRules: - cpu: - containerQuery: sum(rate(container_cpu_usage_seconds_total{<<.LabelMatchers>>}[1m])) by (<<.GroupBy>>) - nodeQuery: sum(rate(container_cpu_usage_seconds_total{<<.LabelMatchers>>, id='/'}[1m])) by (<<.GroupBy>>) - resources: - overrides: - instance: - resource: node - namespace: - resource: namespace - pod: - resource: pod - containerLabel: container - memory: - containerQuery: sum(container_memory_working_set_bytes{<<.LabelMatchers>>}) by (<<.GroupBy>>) - nodeQuery: sum(container_memory_working_set_bytes{<<.LabelMatchers>>,id='/'}) by (<<.GroupBy>>) - resources: - overrides: - instance: - resource: node - namespace: - resource: namespace - pod: - resource: pod - containerLabel: container - window: 1m - externalRules: - - seriesQuery: '{__name__=~"^.*_queue_(length|size)$",namespace!=""}' - resources: - overrides: - namespace: - resource: namespace - name: - matches: ^.*_queue_(length|size)$ - as: "$0" - metricsQuery: max(<<.Series>>{<<.LabelMatchers>>}) - - seriesQuery: '{__name__=~"^.*_queue$",namespace!=""}' - resources: - overrides: - namespace: - resource: namespace - name: - matches: ^.*_queue$ - as: "$0" - metricsQuery: max(<<.Series>>{<<.LabelMatchers>>})