infrastructure/kubernetes
2
0
Fork 0
mirror of https://github.com/nofusscomputing/kubernetes.git synced 2025-08-02 04:22:42 +00:00
Code Issues Activity

feat(prometheus-operator): Add manifests

Browse Source 
ref: #5
This commit is contained in:
Jon Lockwood
2025-06-11 21:43:22 +09:30
parent eef9bd858a
commit a303d9e9e0
18 changed files with 132297 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

106
manifests/prometheus-operator/base/clusterrole.yaml Normal file
View File

@ -0,0 +1,106 @@
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/component: controller
name: prometheus-operator
rules:
- apiGroups:
- monitoring.coreos.com
resources:
- alertmanagers
- alertmanagers/finalizers
- alertmanagers/status
- alertmanagerconfigs
- prometheuses
- prometheuses/finalizers
- prometheuses/status
- prometheusagents
- prometheusagents/finalizers
- prometheusagents/status
- thanosrulers
- thanosrulers/finalizers
- thanosrulers/status
- scrapeconfigs
- servicemonitors
- podmonitors
- probes
- prometheusrules
verbs:
- "*"
- apiGroups:
- apps
resources:
- statefulsets
verbs:
- "*"
- apiGroups:
- ""
resources:
- configmaps
- secrets
verbs:
- "*"
- apiGroups:
- ""
resources:
- pods
verbs:
- list
- delete
- apiGroups:
- ""
resources:
- services
- services/finalizers
verbs:
- get
- create
- update
- delete
- apiGroups:
- ""
resources:
- nodes
verbs:
- list
- watch
- apiGroups:
- ""
resources:
- namespaces
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- events
verbs:
- patch
- create
- apiGroups:
- networking.k8s.io
resources:
- ingresses
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- storageclasses
verbs:
- get
- apiGroups:
- ""
resources:
- endpoints
verbs:
- get
- create
- update
- delete

15
manifests/prometheus-operator/base/clusterrolebinding.yaml Normal file
View File

@ -0,0 +1,15 @@
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
app.kubernetes.io/component: controller
name: prometheus-operator
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: prometheus-operator
subjects:
- kind: ServiceAccount
name: prometheus-operator
namespace: default

10037
manifests/prometheus-operator/base/crd/CustomResourceDefinition-alertmanagerconfigs.monitoring.coreos.com.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

8712
manifests/prometheus-operator/base/crd/CustomResourceDefinition-alertmanagers.monitoring.coreos.com.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

1206
manifests/prometheus-operator/base/crd/CustomResourceDefinition-podmonitors.monitoring.coreos.com.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

1173
manifests/prometheus-operator/base/crd/CustomResourceDefinition-probes.monitoring.coreos.com.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

10752
manifests/prometheus-operator/base/crd/CustomResourceDefinition-prometheusagents.monitoring.coreos.com.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

12981
manifests/prometheus-operator/base/crd/CustomResourceDefinition-prometheuses.monitoring.coreos.com.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

159
manifests/prometheus-operator/base/crd/CustomResourceDefinition-prometheusrules.monitoring.coreos.com.yaml Normal file
View File

@ -0,0 +1,159 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.16.5
operator.prometheus.io/version: 0.79.2
name: prometheusrules.monitoring.coreos.com
spec:
group: monitoring.coreos.com
names:
categories:
- prometheus-operator
kind: PrometheusRule
listKind: PrometheusRuleList
plural: prometheusrules
shortNames:
- promrule
singular: prometheusrule
scope: Namespaced
versions:
- name: v1
schema:
openAPIV3Schema:
description: |-
The `PrometheusRule` custom resource definition (CRD) defines [alerting](https://prometheus.io/docs/prometheus/latest/configuration/alerting_rules/) and [recording](https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/) rules to be evaluated by `Prometheus` or `ThanosRuler` objects.
`Prometheus` and `ThanosRuler` objects select `PrometheusRule` objects using label and namespace selectors.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: Specification of desired alerting rule definitions for Prometheus.
properties:
groups:
description: Content of Prometheus rule file
items:
description: RuleGroup is a list of sequentially evaluated recording
and alerting rules.
properties:
interval:
description: Interval determines how often rules in the group
are evaluated.
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
labels:
additionalProperties:
type: string
description: |-
Labels to add or overwrite before storing the result for its rules.
The labels defined at the rule level take precedence.
It requires Prometheus >= 3.0.0.
The field is ignored for Thanos Ruler.
type: object
limit:
description: |-
Limit the number of alerts an alerting rule and series a recording
rule can produce.
Limit is supported starting with Prometheus >= 2.31 and Thanos Ruler >= 0.24.
type: integer
name:
description: Name of the rule group.
minLength: 1
type: string
partial_response_strategy:
description: |-
PartialResponseStrategy is only used by ThanosRuler and will
be ignored by Prometheus instances.
More info: https://github.com/thanos-io/thanos/blob/main/docs/components/rule.md#partial-response
pattern: ^(?i)(abort|warn)?$
type: string
query_offset:
description: |-
Defines the offset the rule evaluation timestamp of this particular group by the specified duration into the past.
It requires Prometheus >= v2.53.0.
It is not supported for ThanosRuler.
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
rules:
description: List of alerting and recording rules.
items:
description: |-
Rule describes an alerting or recording rule
See Prometheus documentation: [alerting](https://www.prometheus.io/docs/prometheus/latest/configuration/alerting_rules/) or [recording](https://www.prometheus.io/docs/prometheus/latest/configuration/recording_rules/#recording-rules) rule
properties:
alert:
description: |-
Name of the alert. Must be a valid label value.
Only one of `record` and `alert` must be set.
type: string
annotations:
additionalProperties:
type: string
description: |-
Annotations to add to each alert.
Only valid for alerting rules.
type: object
expr:
anyOf:
- type: integer
- type: string
description: PromQL expression to evaluate.
x-kubernetes-int-or-string: true
for:
description: Alerts are considered firing once they have
been returned for this long.
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
keep_firing_for:
description: KeepFiringFor defines how long an alert will
continue firing after the condition that triggered it
has cleared.
minLength: 1
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
labels:
additionalProperties:
type: string
description: Labels to add or overwrite.
type: object
record:
description: |-
Name of the time series to output to. Must be a valid metric name.
Only one of `record` and `alert` must be set.
type: string
required:
- expr
type: object
type: array
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
type: object
required:
- spec
type: object
served: true
storage: true

11514
manifests/prometheus-operator/base/crd/CustomResourceDefinition-scrapeconfigs.monitoring.coreos.com.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

1228
manifests/prometheus-operator/base/crd/CustomResourceDefinition-servicemonitors.monitoring.coreos.com.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

8115
manifests/prometheus-operator/base/crd/CustomResourceDefinition-thanosrulers.monitoring.coreos.com.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

55
manifests/prometheus-operator/base/deployment.yaml Normal file
View File

@ -0,0 +1,55 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/component: controller
name: prometheus-operator
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/component: controller
template:
metadata:
annotations:
kubectl.kubernetes.io/default-container: prometheus-operator
labels:
app.kubernetes.io/component: controller
spec:
automountServiceAccountToken: true
containers:
- args:
- --kubelet-service=kube-system/kubelet
- --prometheus-config-reloader=quay.io/prometheus-operator/prometheus-config-reloader:v0.79.2
- --kubelet-endpoints=true
- --kubelet-endpointslice=false
env:
- name: GOGC
value: "30"
image: quay.io/prometheus-operator/prometheus-operator:v0.79.2
name: prometheus-operator
ports:
- containerPort: 8080
name: http
resources:
limits:
cpu: 200m
memory: 200Mi
requests:
cpu: 100m
memory: 100Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
nodeSelector:
kubernetes.io/os: linux
securityContext:
runAsNonRoot: true
runAsUser: 65534
seccompProfile:
type: RuntimeDefault
serviceAccountName: prometheus-operator

92
manifests/prometheus-operator/base/kustomization.yaml Normal file
View File

@ -0,0 +1,92 @@
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: operators
labels:
- includeSelectors: true
pairs:
app.kubernetes.io/instance: cluster
app.kubernetes.io/name: prometheus-operator
app.kubernetes.io/part-of: prometheus-operator
resources:
- crd/CustomResourceDefinition-prometheusrules.monitoring.coreos.com.yaml
- crd/CustomResourceDefinition-scrapeconfigs.monitoring.coreos.com.yaml
- crd/CustomResourceDefinition-alertmanagerconfigs.monitoring.coreos.com.yaml
- crd/CustomResourceDefinition-servicemonitors.monitoring.coreos.com.yaml
- crd/CustomResourceDefinition-alertmanagers.monitoring.coreos.com.yaml
- crd/CustomResourceDefinition-thanosrulers.monitoring.coreos.com.yaml
- crd/CustomResourceDefinition-podmonitors.monitoring.coreos.com.yaml
- crd/CustomResourceDefinition-probes.monitoring.coreos.com.yaml
- crd/CustomResourceDefinition-prometheusagents.monitoring.coreos.com.yaml
- crd/CustomResourceDefinition-prometheuses.monitoring.coreos.com.yaml
- serviceaccount.yaml
- clusterrole.yaml
- clusterrolebinding.yaml
- deployment.yaml
- service.yaml
replacements:
- source:
kind: Deployment
name: prometheus-operator
fieldPath: metadata.namespace
targets:
- select:
kind: ClusterRoleBinding
name: prometheus-operator
fieldPaths:
- subjects.[name=prometheus-operator].namespace
patches:
- patch: |-
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
argocd.argoproj.io/sync-options: ServerSideApply=true
name: prometheusagents.monitoring.coreos.com
- patch: |-
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
argocd.argoproj.io/sync-options: ServerSideApply=true
name: prometheuses.monitoring.coreos.com
- patch: |-
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
argocd.argoproj.io/sync-options: ServerSideApply=true
name: scrapeconfigs.monitoring.coreos.com
- patch: |-
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
argocd.argoproj.io/sync-options: ServerSideApply=true
name: thanosrulers.monitoring.coreos.com
- patch: |-
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
argocd.argoproj.io/sync-options: ServerSideApply=true
name: alertmanagerconfigs.monitoring.coreos.com
- patch: |-
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
argocd.argoproj.io/sync-options: ServerSideApply=true
name: alertmanagers.monitoring.coreos.com

15
manifests/prometheus-operator/base/service.yaml Normal file
View File

@ -0,0 +1,15 @@
---
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/component: controller
name: prometheus-operator
spec:
clusterIP: None
ports:
- name: http
port: 8080
targetPort: http
selector:
app.kubernetes.io/component: controller

8
manifests/prometheus-operator/base/serviceaccount.yaml Normal file
View File

@ -0,0 +1,8 @@
---
apiVersion: v1
automountServiceAccountToken: false
kind: ServiceAccount
metadata:
labels:
app.kubernetes.io/component: controller
name: prometheus-operator

27
manifests/prometheus-operator/overlays/production/kustomization.yaml Normal file
View File

@ -0,0 +1,27 @@
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: operators
images:
#
# Note; if you update the image, update the image within the patch
#
- name: quay.io/prometheus-operator/prometheus-operator
newTag: v0.79.2
resources:
- ../../base
patches:
- target:
kind: Deployment
name: prometheus-operator
patch: |-
- op: replace
path: /spec/template/spec/containers/0/args/1
value: --prometheus-config-reloader=quay.io/prometheus-operator/prometheus-config-reloader:v0.79.2

66102
manifests/prometheus-operator/source/bundle.yaml Normal file
View File

File diff suppressed because it is too large Load Diff