github.com/looshlee/cilium@v1.6.12/examples/kubernetes/addons/prometheus/templates/02-prometheus.yaml (about) 1 --- 2 kind: ConfigMap 3 metadata: 4 name: prometheus 5 namespace: cilium-monitoring 6 apiVersion: v1 7 data: 8 prometheus.yaml: | 9 global: 10 scrape_interval: 10s 11 scrape_timeout: 10s 12 evaluation_interval: 10s 13 rule_files: 14 - "/etc/prometheus-rules/*.rules" 15 scrape_configs: 16 # https://github.com/prometheus/prometheus/blob/master/documentation/examples/prometheus-kubernetes.yml#L79 17 - job_name: 'kubernetes-endpoints' 18 kubernetes_sd_configs: 19 - role: endpoints 20 relabel_configs: 21 - source_labels: [__meta_kubernetes_pod_label_k8s_app] 22 action: keep 23 regex: cilium 24 - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scrape] 25 action: keep 26 regex: true 27 - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scheme] 28 action: replace 29 target_label: __scheme__ 30 regex: (https?) 31 - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_path] 32 action: replace 33 target_label: __metrics_path__ 34 regex: (.+) 35 - source_labels: [__address__, __meta_kubernetes_service_annotation_prometheus_io_port] 36 action: replace 37 target_label: __address__ 38 regex: (.+)(?::\d+);(\d+) 39 replacement: $1:$2 40 - action: labelmap 41 regex: __meta_kubernetes_service_label_(.+) 42 - source_labels: [__meta_kubernetes_namespace] 43 action: replace 44 target_label: kubernetes_namespace 45 - source_labels: [__meta_kubernetes_service_name] 46 action: replace 47 target_label: kubernetes_name 48 49 # https://github.com/prometheus/prometheus/blob/master/documentation/examples/prometheus-kubernetes.yml#L156 50 - job_name: 'kubernetes-pods' 51 kubernetes_sd_configs: 52 - role: pod 53 relabel_configs: 54 - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_scrape] 55 action: keep 56 regex: true 57 - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_path] 58 action: replace 59 target_label: __metrics_path__ 60 regex: (.+) 61 - source_labels: [__address__, __meta_kubernetes_pod_annotation_prometheus_io_port] 62 action: replace 63 regex: (.+):(?:\d+);(\d+) 64 replacement: ${1}:${2} 65 target_label: __address__ 66 - action: labelmap 67 regex: __meta_kubernetes_pod_label_(.+) 68 - source_labels: [__meta_kubernetes_namespace] 69 action: replace 70 target_label: kubernetes_namespace 71 - source_labels: [__meta_kubernetes_pod_name] 72 action: replace 73 target_label: kubernetes_pod_name 74 - source_labels: [__meta_kubernetes_pod_container_port_number] 75 action: keep 76 regex: \d+ 77 78 # https://github.com/prometheus/prometheus/blob/master/documentation/examples/prometheus-kubernetes.yml#L119 79 - job_name: 'kubernetes-services' 80 metrics_path: /metrics 81 params: 82 module: [http_2xx] 83 kubernetes_sd_configs: 84 - role: service 85 relabel_configs: 86 - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_probe] 87 action: keep 88 regex: true 89 - source_labels: [__address__, __meta_kubernetes_pod_annotation_prometheus_io_port] 90 action: replace 91 regex: ([^:]+)(?::\d+)?;(\d+) 92 replacement: ${1}:${2} 93 target_label: __address__ 94 - action: labelmap 95 regex: __meta_kubernetes_service_label_(.+) 96 - source_labels: [__meta_kubernetes_namespace] 97 target_label: kubernetes_namespace 98 - source_labels: [__meta_kubernetes_service_name] 99 target_label: kubernetes_name 100 101 - job_name: 'kubernetes-cadvisor' 102 scheme: https 103 tls_config: 104 ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt 105 bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token 106 kubernetes_sd_configs: 107 - role: node 108 relabel_configs: 109 - action: labelmap 110 regex: __meta_kubernetes_node_label_(.+) 111 - target_label: __address__ 112 replacement: kubernetes.default.svc:443 113 - source_labels: [__meta_kubernetes_node_name] 114 regex: (.+) 115 target_label: __metrics_path__ 116 replacement: /api/v1/nodes/${1}/proxy/metrics/cadvisor 117 --- 118 apiVersion: apps/v1 119 kind: Deployment 120 metadata: 121 labels: 122 app: prometheus 123 name: prometheus 124 namespace: cilium-monitoring 125 spec: 126 replicas: 1 127 selector: 128 matchLabels: 129 app: prometheus 130 template: 131 metadata: 132 labels: 133 app: prometheus 134 name: prometheus-main 135 spec: 136 containers: 137 - args: 138 - --config.file=/etc/prometheus/prometheus.yaml 139 - --storage.tsdb.path=/prometheus/ 140 - --log.level=debug 141 image: docker.io/prom/prometheus:v2.6.1 142 imagePullPolicy: IfNotPresent 143 name: prometheus 144 ports: 145 - containerPort: 9090 146 name: webui 147 protocol: TCP 148 volumeMounts: 149 - mountPath: /etc/prometheus 150 name: config-volume 151 readOnly: true 152 - mountPath: /prometheus/ 153 name: storage 154 dnsPolicy: ClusterFirst 155 restartPolicy: Always 156 serviceAccount: prometheus-k8s 157 volumes: 158 - configMap: 159 name: prometheus 160 name: config-volume 161 - emptyDir: {} 162 name: storage 163 --- 164 apiVersion: rbac.authorization.k8s.io/v1 165 kind: ClusterRoleBinding 166 metadata: 167 name: prometheus 168 roleRef: 169 apiGroup: rbac.authorization.k8s.io 170 kind: ClusterRole 171 name: prometheus 172 subjects: 173 - kind: ServiceAccount 174 name: prometheus-k8s 175 namespace: cilium-monitoring 176 --- 177 apiVersion: rbac.authorization.k8s.io/v1 178 kind: ClusterRole 179 metadata: 180 name: prometheus 181 rules: 182 - apiGroups: 183 - "" 184 resources: 185 - nodes 186 - nodes/proxy 187 - services 188 - endpoints 189 - pods 190 verbs: 191 - get 192 - list 193 - watch 194 - apiGroups: 195 - "" 196 resources: 197 - configmaps 198 verbs: 199 - get 200 - nonResourceURLs: 201 - /metrics 202 verbs: 203 - get 204 --- 205 apiVersion: v1 206 kind: ServiceAccount 207 metadata: 208 name: prometheus-k8s 209 namespace: cilium-monitoring 210 --- 211 apiVersion: v1 212 kind: Service 213 metadata: 214 labels: 215 app: prometheus 216 name: prometheus 217 namespace: cilium-monitoring 218 spec: 219 ports: 220 - name: webui 221 port: 9090 222 protocol: TCP 223 targetPort: 9090 224 selector: 225 app: prometheus 226 type: ClusterIP