istio.io/istio@v0.0.0-20240520182934-d79c90f27776/samples/addons/prometheus.yaml (about) 1 --- 2 # Source: prometheus/templates/serviceaccount.yaml 3 apiVersion: v1 4 kind: ServiceAccount 5 metadata: 6 labels: 7 app.kubernetes.io/component: server 8 app.kubernetes.io/name: prometheus 9 app.kubernetes.io/instance: prometheus 10 app.kubernetes.io/version: v2.51.1 11 helm.sh/chart: prometheus-25.19.1 12 app.kubernetes.io/managed-by: Helm 13 app.kubernetes.io/part-of: prometheus 14 name: prometheus 15 namespace: istio-system 16 annotations: 17 {} 18 --- 19 # Source: prometheus/templates/cm.yaml 20 apiVersion: v1 21 kind: ConfigMap 22 metadata: 23 labels: 24 app.kubernetes.io/component: server 25 app.kubernetes.io/name: prometheus 26 app.kubernetes.io/instance: prometheus 27 app.kubernetes.io/version: v2.51.1 28 helm.sh/chart: prometheus-25.19.1 29 app.kubernetes.io/managed-by: Helm 30 app.kubernetes.io/part-of: prometheus 31 name: prometheus 32 namespace: istio-system 33 data: 34 allow-snippet-annotations: "false" 35 alerting_rules.yml: | 36 {} 37 alerts: | 38 {} 39 prometheus.yml: | 40 global: 41 evaluation_interval: 1m 42 scrape_interval: 15s 43 scrape_timeout: 10s 44 rule_files: 45 - /etc/config/recording_rules.yml 46 - /etc/config/alerting_rules.yml 47 - /etc/config/rules 48 - /etc/config/alerts 49 scrape_configs: 50 - job_name: prometheus 51 static_configs: 52 - targets: 53 - localhost:9090 54 - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token 55 job_name: kubernetes-apiservers 56 kubernetes_sd_configs: 57 - role: endpoints 58 relabel_configs: 59 - action: keep 60 regex: default;kubernetes;https 61 source_labels: 62 - __meta_kubernetes_namespace 63 - __meta_kubernetes_service_name 64 - __meta_kubernetes_endpoint_port_name 65 scheme: https 66 tls_config: 67 ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt 68 insecure_skip_verify: true 69 - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token 70 job_name: kubernetes-nodes 71 kubernetes_sd_configs: 72 - role: node 73 relabel_configs: 74 - action: labelmap 75 regex: __meta_kubernetes_node_label_(.+) 76 - replacement: kubernetes.default.svc:443 77 target_label: __address__ 78 - regex: (.+) 79 replacement: /api/v1/nodes/$1/proxy/metrics 80 source_labels: 81 - __meta_kubernetes_node_name 82 target_label: __metrics_path__ 83 scheme: https 84 tls_config: 85 ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt 86 insecure_skip_verify: true 87 - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token 88 job_name: kubernetes-nodes-cadvisor 89 kubernetes_sd_configs: 90 - role: node 91 relabel_configs: 92 - action: labelmap 93 regex: __meta_kubernetes_node_label_(.+) 94 - replacement: kubernetes.default.svc:443 95 target_label: __address__ 96 - regex: (.+) 97 replacement: /api/v1/nodes/$1/proxy/metrics/cadvisor 98 source_labels: 99 - __meta_kubernetes_node_name 100 target_label: __metrics_path__ 101 scheme: https 102 tls_config: 103 ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt 104 insecure_skip_verify: true 105 - honor_labels: true 106 job_name: kubernetes-service-endpoints 107 kubernetes_sd_configs: 108 - role: endpoints 109 relabel_configs: 110 - action: keep 111 regex: true 112 source_labels: 113 - __meta_kubernetes_service_annotation_prometheus_io_scrape 114 - action: drop 115 regex: true 116 source_labels: 117 - __meta_kubernetes_service_annotation_prometheus_io_scrape_slow 118 - action: replace 119 regex: (https?) 120 source_labels: 121 - __meta_kubernetes_service_annotation_prometheus_io_scheme 122 target_label: __scheme__ 123 - action: replace 124 regex: (.+) 125 source_labels: 126 - __meta_kubernetes_service_annotation_prometheus_io_path 127 target_label: __metrics_path__ 128 - action: replace 129 regex: (.+?)(?::\d+)?;(\d+) 130 replacement: $1:$2 131 source_labels: 132 - __address__ 133 - __meta_kubernetes_service_annotation_prometheus_io_port 134 target_label: __address__ 135 - action: labelmap 136 regex: __meta_kubernetes_service_annotation_prometheus_io_param_(.+) 137 replacement: __param_$1 138 - action: labelmap 139 regex: __meta_kubernetes_service_label_(.+) 140 - action: replace 141 source_labels: 142 - __meta_kubernetes_namespace 143 target_label: namespace 144 - action: replace 145 source_labels: 146 - __meta_kubernetes_service_name 147 target_label: service 148 - action: replace 149 source_labels: 150 - __meta_kubernetes_pod_node_name 151 target_label: node 152 - honor_labels: true 153 job_name: kubernetes-service-endpoints-slow 154 kubernetes_sd_configs: 155 - role: endpoints 156 relabel_configs: 157 - action: keep 158 regex: true 159 source_labels: 160 - __meta_kubernetes_service_annotation_prometheus_io_scrape_slow 161 - action: replace 162 regex: (https?) 163 source_labels: 164 - __meta_kubernetes_service_annotation_prometheus_io_scheme 165 target_label: __scheme__ 166 - action: replace 167 regex: (.+) 168 source_labels: 169 - __meta_kubernetes_service_annotation_prometheus_io_path 170 target_label: __metrics_path__ 171 - action: replace 172 regex: (.+?)(?::\d+)?;(\d+) 173 replacement: $1:$2 174 source_labels: 175 - __address__ 176 - __meta_kubernetes_service_annotation_prometheus_io_port 177 target_label: __address__ 178 - action: labelmap 179 regex: __meta_kubernetes_service_annotation_prometheus_io_param_(.+) 180 replacement: __param_$1 181 - action: labelmap 182 regex: __meta_kubernetes_service_label_(.+) 183 - action: replace 184 source_labels: 185 - __meta_kubernetes_namespace 186 target_label: namespace 187 - action: replace 188 source_labels: 189 - __meta_kubernetes_service_name 190 target_label: service 191 - action: replace 192 source_labels: 193 - __meta_kubernetes_pod_node_name 194 target_label: node 195 scrape_interval: 5m 196 scrape_timeout: 30s 197 - honor_labels: true 198 job_name: prometheus-pushgateway 199 kubernetes_sd_configs: 200 - role: service 201 relabel_configs: 202 - action: keep 203 regex: pushgateway 204 source_labels: 205 - __meta_kubernetes_service_annotation_prometheus_io_probe 206 - honor_labels: true 207 job_name: kubernetes-services 208 kubernetes_sd_configs: 209 - role: service 210 metrics_path: /probe 211 params: 212 module: 213 - http_2xx 214 relabel_configs: 215 - action: keep 216 regex: true 217 source_labels: 218 - __meta_kubernetes_service_annotation_prometheus_io_probe 219 - source_labels: 220 - __address__ 221 target_label: __param_target 222 - replacement: blackbox 223 target_label: __address__ 224 - source_labels: 225 - __param_target 226 target_label: instance 227 - action: labelmap 228 regex: __meta_kubernetes_service_label_(.+) 229 - source_labels: 230 - __meta_kubernetes_namespace 231 target_label: namespace 232 - source_labels: 233 - __meta_kubernetes_service_name 234 target_label: service 235 - honor_labels: true 236 job_name: kubernetes-pods 237 kubernetes_sd_configs: 238 - role: pod 239 relabel_configs: 240 - action: keep 241 regex: true 242 source_labels: 243 - __meta_kubernetes_pod_annotation_prometheus_io_scrape 244 - action: drop 245 regex: true 246 source_labels: 247 - __meta_kubernetes_pod_annotation_prometheus_io_scrape_slow 248 - action: replace 249 regex: (https?) 250 source_labels: 251 - __meta_kubernetes_pod_annotation_prometheus_io_scheme 252 target_label: __scheme__ 253 - action: replace 254 regex: (.+) 255 source_labels: 256 - __meta_kubernetes_pod_annotation_prometheus_io_path 257 target_label: __metrics_path__ 258 - action: replace 259 regex: (\d+);(([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}) 260 replacement: '[$2]:$1' 261 source_labels: 262 - __meta_kubernetes_pod_annotation_prometheus_io_port 263 - __meta_kubernetes_pod_ip 264 target_label: __address__ 265 - action: replace 266 regex: (\d+);((([0-9]+?)(\.|$)){4}) 267 replacement: $2:$1 268 source_labels: 269 - __meta_kubernetes_pod_annotation_prometheus_io_port 270 - __meta_kubernetes_pod_ip 271 target_label: __address__ 272 - action: labelmap 273 regex: __meta_kubernetes_pod_annotation_prometheus_io_param_(.+) 274 replacement: __param_$1 275 - action: labelmap 276 regex: __meta_kubernetes_pod_label_(.+) 277 - action: replace 278 source_labels: 279 - __meta_kubernetes_namespace 280 target_label: namespace 281 - action: replace 282 source_labels: 283 - __meta_kubernetes_pod_name 284 target_label: pod 285 - action: drop 286 regex: Pending|Succeeded|Failed|Completed 287 source_labels: 288 - __meta_kubernetes_pod_phase 289 - action: replace 290 source_labels: 291 - __meta_kubernetes_pod_node_name 292 target_label: node 293 - honor_labels: true 294 job_name: kubernetes-pods-slow 295 kubernetes_sd_configs: 296 - role: pod 297 relabel_configs: 298 - action: keep 299 regex: true 300 source_labels: 301 - __meta_kubernetes_pod_annotation_prometheus_io_scrape_slow 302 - action: replace 303 regex: (https?) 304 source_labels: 305 - __meta_kubernetes_pod_annotation_prometheus_io_scheme 306 target_label: __scheme__ 307 - action: replace 308 regex: (.+) 309 source_labels: 310 - __meta_kubernetes_pod_annotation_prometheus_io_path 311 target_label: __metrics_path__ 312 - action: replace 313 regex: (\d+);(([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}) 314 replacement: '[$2]:$1' 315 source_labels: 316 - __meta_kubernetes_pod_annotation_prometheus_io_port 317 - __meta_kubernetes_pod_ip 318 target_label: __address__ 319 - action: replace 320 regex: (\d+);((([0-9]+?)(\.|$)){4}) 321 replacement: $2:$1 322 source_labels: 323 - __meta_kubernetes_pod_annotation_prometheus_io_port 324 - __meta_kubernetes_pod_ip 325 target_label: __address__ 326 - action: labelmap 327 regex: __meta_kubernetes_pod_annotation_prometheus_io_param_(.+) 328 replacement: __param_$1 329 - action: labelmap 330 regex: __meta_kubernetes_pod_label_(.+) 331 - action: replace 332 source_labels: 333 - __meta_kubernetes_namespace 334 target_label: namespace 335 - action: replace 336 source_labels: 337 - __meta_kubernetes_pod_name 338 target_label: pod 339 - action: drop 340 regex: Pending|Succeeded|Failed|Completed 341 source_labels: 342 - __meta_kubernetes_pod_phase 343 - action: replace 344 source_labels: 345 - __meta_kubernetes_pod_node_name 346 target_label: node 347 scrape_interval: 5m 348 scrape_timeout: 30s 349 recording_rules.yml: | 350 {} 351 rules: | 352 {} 353 --- 354 # Source: prometheus/templates/clusterrole.yaml 355 apiVersion: rbac.authorization.k8s.io/v1 356 kind: ClusterRole 357 metadata: 358 labels: 359 app.kubernetes.io/component: server 360 app.kubernetes.io/name: prometheus 361 app.kubernetes.io/instance: prometheus 362 app.kubernetes.io/version: v2.51.1 363 helm.sh/chart: prometheus-25.19.1 364 app.kubernetes.io/managed-by: Helm 365 app.kubernetes.io/part-of: prometheus 366 name: prometheus 367 rules: 368 - apiGroups: 369 - "" 370 resources: 371 - nodes 372 - nodes/proxy 373 - nodes/metrics 374 - services 375 - endpoints 376 - pods 377 - ingresses 378 - configmaps 379 verbs: 380 - get 381 - list 382 - watch 383 - apiGroups: 384 - "extensions" 385 - "networking.k8s.io" 386 resources: 387 - ingresses/status 388 - ingresses 389 verbs: 390 - get 391 - list 392 - watch 393 - apiGroups: 394 - "discovery.k8s.io" 395 resources: 396 - endpointslices 397 verbs: 398 - get 399 - list 400 - watch 401 - nonResourceURLs: 402 - "/metrics" 403 verbs: 404 - get 405 --- 406 # Source: prometheus/templates/clusterrolebinding.yaml 407 apiVersion: rbac.authorization.k8s.io/v1 408 kind: ClusterRoleBinding 409 metadata: 410 labels: 411 app.kubernetes.io/component: server 412 app.kubernetes.io/name: prometheus 413 app.kubernetes.io/instance: prometheus 414 app.kubernetes.io/version: v2.51.1 415 helm.sh/chart: prometheus-25.19.1 416 app.kubernetes.io/managed-by: Helm 417 app.kubernetes.io/part-of: prometheus 418 name: prometheus 419 subjects: 420 - kind: ServiceAccount 421 name: prometheus 422 namespace: istio-system 423 roleRef: 424 apiGroup: rbac.authorization.k8s.io 425 kind: ClusterRole 426 name: prometheus 427 --- 428 # Source: prometheus/templates/service.yaml 429 apiVersion: v1 430 kind: Service 431 metadata: 432 labels: 433 app.kubernetes.io/component: server 434 app.kubernetes.io/name: prometheus 435 app.kubernetes.io/instance: prometheus 436 app.kubernetes.io/version: v2.51.1 437 helm.sh/chart: prometheus-25.19.1 438 app.kubernetes.io/managed-by: Helm 439 app.kubernetes.io/part-of: prometheus 440 name: prometheus 441 namespace: istio-system 442 spec: 443 ports: 444 - name: http 445 port: 9090 446 protocol: TCP 447 targetPort: 9090 448 selector: 449 app.kubernetes.io/component: server 450 app.kubernetes.io/name: prometheus 451 app.kubernetes.io/instance: prometheus 452 sessionAffinity: None 453 type: "ClusterIP" 454 --- 455 # Source: prometheus/templates/deploy.yaml 456 apiVersion: apps/v1 457 kind: Deployment 458 metadata: 459 labels: 460 app.kubernetes.io/component: server 461 app.kubernetes.io/name: prometheus 462 app.kubernetes.io/instance: prometheus 463 app.kubernetes.io/version: v2.51.1 464 helm.sh/chart: prometheus-25.19.1 465 app.kubernetes.io/managed-by: Helm 466 app.kubernetes.io/part-of: prometheus 467 name: prometheus 468 namespace: istio-system 469 spec: 470 selector: 471 matchLabels: 472 app.kubernetes.io/component: server 473 app.kubernetes.io/name: prometheus 474 app.kubernetes.io/instance: prometheus 475 replicas: 1 476 revisionHistoryLimit: 10 477 strategy: 478 type: Recreate 479 rollingUpdate: null 480 template: 481 metadata: 482 labels: 483 app.kubernetes.io/component: server 484 app.kubernetes.io/name: prometheus 485 app.kubernetes.io/instance: prometheus 486 app.kubernetes.io/version: v2.51.1 487 helm.sh/chart: prometheus-25.19.1 488 app.kubernetes.io/managed-by: Helm 489 app.kubernetes.io/part-of: prometheus 490 491 sidecar.istio.io/inject: "false" 492 spec: 493 enableServiceLinks: true 494 serviceAccountName: prometheus 495 containers: 496 - name: prometheus-server-configmap-reload 497 image: "ghcr.io/prometheus-operator/prometheus-config-reloader:v0.72.0" 498 imagePullPolicy: "IfNotPresent" 499 args: 500 - --watched-dir=/etc/config 501 - --reload-url=http://127.0.0.1:9090/-/reload 502 volumeMounts: 503 - name: config-volume 504 mountPath: /etc/config 505 readOnly: true 506 507 - name: prometheus-server 508 image: "prom/prometheus:v2.51.1" 509 imagePullPolicy: "IfNotPresent" 510 args: 511 - --storage.tsdb.retention.time=15d 512 - --config.file=/etc/config/prometheus.yml 513 - --storage.tsdb.path=/data 514 - --web.console.libraries=/etc/prometheus/console_libraries 515 - --web.console.templates=/etc/prometheus/consoles 516 - --web.enable-lifecycle 517 ports: 518 - containerPort: 9090 519 readinessProbe: 520 httpGet: 521 path: /-/ready 522 port: 9090 523 scheme: HTTP 524 initialDelaySeconds: 0 525 periodSeconds: 5 526 timeoutSeconds: 4 527 failureThreshold: 3 528 successThreshold: 1 529 livenessProbe: 530 httpGet: 531 path: /-/healthy 532 port: 9090 533 scheme: HTTP 534 initialDelaySeconds: 30 535 periodSeconds: 15 536 timeoutSeconds: 10 537 failureThreshold: 3 538 successThreshold: 1 539 volumeMounts: 540 - name: config-volume 541 mountPath: /etc/config 542 - name: storage-volume 543 mountPath: /data 544 subPath: "" 545 dnsPolicy: ClusterFirst 546 terminationGracePeriodSeconds: 300 547 volumes: 548 - name: config-volume 549 configMap: 550 name: prometheus 551 - name: storage-volume 552 emptyDir: 553 {}