Add prometheus (#202)

* Add prometheus

Add prometheus (#202)
* Add prometheus
1a265d2d · Konstantinos Tsakalozos · GitHub · 804fb4fb · 1a265d2d · 1a265d2d
Unverified Commit 1a265d2d authored Feb 01, 2019 by Konstantinos Tsakalozos Committed by GitHub Feb 01, 2019
--- a/README.md
+++ b/README.md
@@ -90,6 +90,7 @@ With `microk8s.status` you can see the list of available addons and which ones a
 - **istio**: Deploy the core [Istio](https://istio.io/) services. You can use the `microk8s.istioctl` command to manage your deployments.
 - **registry**: Deploy a docker private registry and expose it on `localhost:32000`. The storage addon will be enabled as part of this addon. To [use the registry](docs/registry.md) you can use the `microk8s.docker` command.
 - **metrics-server**: Deploy the [Metrics Server](https://kubernetes.io/docs/tasks/debug-application-cluster/core-metrics-pipeline/#metrics-server).
+- **prometheus**: Deploy the [Prometheus Operator](https://github.com/coreos/prometheus-operator) v0.25.
 ### Stopping and Restarting MicroK8s

--- a/microk8s-resources/actions/disable.prometheus.sh
+++ b/microk8s-resources/actions/disable.prometheus.sh
+#!/usr/bin/env bash
+set -e
+source $SNAP/actions/common/utils.sh
+echo "Disabling Prometheus"
+"$SNAP/kubectl" "--kubeconfig=$SNAP/client.config" delete -f "${SNAP}/actions/prometheus"
+"$SNAP/kubectl" "--kubeconfig=$SNAP/client.config" delete -f "${SNAP}/actions/prometheus/resources"
+echo "The Prometheus operator is disabled"
--- a/microk8s-resources/actions/enable.prometheus.sh
+++ b/microk8s-resources/actions/enable.prometheus.sh
+#!/usr/bin/env bash
+set -e
+source $SNAP/actions/common/utils.sh
+echo "Enabling Prometheus"
+"$SNAP/kubectl" "--kubeconfig=$SNAP/client.config" apply -f "${SNAP}/actions/prometheus/resources"
+n=0
+until [ $n -ge 10 ]
+do
+  sleep 3
+  ("$SNAP/kubectl" "--kubeconfig=$SNAP/client.config" apply -f "${SNAP}/actions/prometheus/") && break
+  n=$[$n+1]
+  if [ $n -ge 10 ]; then
+    echo "The Prometheus operator failed to install"
+    exit 1
+  fi
+done
+echo "The Prometheus operator is enabled (user/pass: admin/admin)"
--- a/microk8s-resources/actions/prometheus/00namespace-namespace.yaml
+++ b/microk8s-resources/actions/prometheus/00namespace-namespace.yaml
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: monitoring
--- a/microk8s-resources/actions/prometheus/0prometheus-operator-clusterRole.yaml
+++ b/microk8s-resources/actions/prometheus/0prometheus-operator-clusterRole.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: prometheus-operator
+rules:
+- apiGroups:
+  - apiextensions.k8s.io
+  resources:
+  - customresourcedefinitions
+  verbs:
+  - '*'
+- apiGroups:
+  - monitoring.coreos.com
+  resources:
+  - alertmanagers
+  - prometheuses
+  - prometheuses/finalizers
+  - alertmanagers/finalizers
+  - servicemonitors
+  - prometheusrules
+  verbs:
+  - '*'
+- apiGroups:
+  - apps
+  resources:
+  - statefulsets
+  verbs:
+  - '*'
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  - secrets
+  verbs:
+  - '*'
+- apiGroups:
+  - ""
+  resources:
+  - pods
+  verbs:
+  - list
+  - delete
+- apiGroups:
+  - ""
+  resources:
+  - services
+  - endpoints
+  verbs:
+  - get
+  - create
+  - update
+- apiGroups:
+  - ""
+  resources:
+  - nodes
+  verbs:
+  - list
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - namespaces
+  verbs:
+  - get
+  - list
+  - watch
--- a/microk8s-resources/actions/prometheus/0prometheus-operator-clusterRoleBinding.yaml
+++ b/microk8s-resources/actions/prometheus/0prometheus-operator-clusterRoleBinding.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: prometheus-operator
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: prometheus-operator
+subjects:
+- kind: ServiceAccount
+  name: prometheus-operator
+  namespace: monitoring
--- a/microk8s-resources/actions/prometheus/0prometheus-operator-deployment.yaml
+++ b/microk8s-resources/actions/prometheus/0prometheus-operator-deployment.yaml
+apiVersion: apps/v1beta2
+kind: Deployment
+metadata:
+  labels:
+    k8s-app: prometheus-operator
+  name: prometheus-operator
+  namespace: monitoring
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      k8s-app: prometheus-operator
+  template:
+    metadata:
+      labels:
+        k8s-app: prometheus-operator
+    spec:
+      containers:
+      - args:
+        - --kubelet-service=kube-system/kubelet
+        - --logtostderr=true
+        - --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1
+        - --prometheus-config-reloader=quay.io/coreos/prometheus-config-reloader:v0.25.0
+        image: quay.io/coreos/prometheus-operator:v0.25.0
+        name: prometheus-operator
+        ports:
+        - containerPort: 8080
+          name: http
+        resources:
+          limits:
+            cpu: 200m
+            memory: 200Mi
+          requests:
+            cpu: 100m
+            memory: 100Mi
+        securityContext:
+          allowPrivilegeEscalation: false
+          readOnlyRootFilesystem: true
+      nodeSelector:
+        beta.kubernetes.io/os: linux
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 65534
+      serviceAccountName: prometheus-operator
--- a/microk8s-resources/actions/prometheus/0prometheus-operator-service.yaml
+++ b/microk8s-resources/actions/prometheus/0prometheus-operator-service.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    k8s-app: prometheus-operator
+  name: prometheus-operator
+  namespace: monitoring
+spec:
+  clusterIP: None
+  ports:
+  - name: http
+    port: 8080
+    targetPort: http
+  selector:
+    k8s-app: prometheus-operator
--- a/microk8s-resources/actions/prometheus/0prometheus-operator-serviceAccount.yaml
+++ b/microk8s-resources/actions/prometheus/0prometheus-operator-serviceAccount.yaml
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: prometheus-operator
+  namespace: monitoring
--- a/microk8s-resources/actions/prometheus/0prometheus-operator-serviceMonitor.yaml
+++ b/microk8s-resources/actions/prometheus/0prometheus-operator-serviceMonitor.yaml
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  labels:
+    k8s-app: prometheus-operator
+  name: prometheus-operator
+  namespace: monitoring
+spec:
+  endpoints:
+  - honorLabels: true
+    port: http
+  selector:
+    matchLabels:
+      k8s-app: prometheus-operator
--- a/microk8s-resources/actions/prometheus/README.md
+++ b/microk8s-resources/actions/prometheus/README.md
+# Prometheus Operator
+This is how we got the manifests:
+```
+git clone https://github.com/coreos/prometheus-operator.git
+git checkout release-0.25
+cp ./prometheus-operator/contrib/kube-prometheus/manifests $MICROK8S_HOME/microk8s-resources/prometheus
+mkdir $MICROK8S_HOME/microk8s-resources/prometheus/resources/
+mv $MICROK8S_HOME/microk8s-resources/prometheus/*CustomResourceDefinitions.yaml $MICROK8S_HOME/microk8s-resources/prometheus/resources/
+```
+Then update the deployments of prometheus and alertmanager to have one replica only.
+There is no reason to automate this because this may not work in the future. This is not the recommended way of installing Prometheus Operator.
+# References
+ - https://github.com/coreos/prometheus-operator/tree/master/contrib/kube-prometheus
\ No newline at end of file
--- a/microk8s-resources/actions/prometheus/alertmanager-alertmanager.yaml
+++ b/microk8s-resources/actions/prometheus/alertmanager-alertmanager.yaml
+apiVersion: monitoring.coreos.com/v1
+kind: Alertmanager
+metadata:
+  labels:
+    alertmanager: main
+  name: main
+  namespace: monitoring
+spec:
+  baseImage: quay.io/prometheus/alertmanager
+  nodeSelector:
+    beta.kubernetes.io/os: linux
+  replicas: 1
+  serviceAccountName: alertmanager-main
+  version: v0.15.3
--- a/microk8s-resources/actions/prometheus/alertmanager-secret.yaml
+++ b/microk8s-resources/actions/prometheus/alertmanager-secret.yaml
+apiVersion: v1
+data:
+  alertmanager.yaml: Imdsb2JhbCI6IAogICJyZXNvbHZlX3RpbWVvdXQiOiAiNW0iCiJyZWNlaXZlcnMiOiAKLSAibmFtZSI6ICJudWxsIgoicm91dGUiOiAKICAiZ3JvdXBfYnkiOiAKICAtICJqb2IiCiAgImdyb3VwX2ludGVydmFsIjogIjVtIgogICJncm91cF93YWl0IjogIjMwcyIKICAicmVjZWl2ZXIiOiAibnVsbCIKICAicmVwZWF0X2ludGVydmFsIjogIjEyaCIKICAicm91dGVzIjogCiAgLSAibWF0Y2giOiAKICAgICAgImFsZXJ0bmFtZSI6ICJEZWFkTWFuc1N3aXRjaCIKICAgICJyZWNlaXZlciI6ICJudWxsIg==
+kind: Secret
+metadata:
+  name: alertmanager-main
+  namespace: monitoring
+type: Opaque
--- a/microk8s-resources/actions/prometheus/alertmanager-service.yaml
+++ b/microk8s-resources/actions/prometheus/alertmanager-service.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    alertmanager: main
+  name: alertmanager-main
+  namespace: monitoring
+spec:
+  ports:
+  - name: web
+    port: 9093
+    targetPort: web
+  selector:
+    alertmanager: main
+    app: alertmanager
--- a/microk8s-resources/actions/prometheus/alertmanager-serviceAccount.yaml
+++ b/microk8s-resources/actions/prometheus/alertmanager-serviceAccount.yaml
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: alertmanager-main
+  namespace: monitoring
--- a/microk8s-resources/actions/prometheus/alertmanager-serviceMonitor.yaml
+++ b/microk8s-resources/actions/prometheus/alertmanager-serviceMonitor.yaml
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  labels:
+    k8s-app: alertmanager
+  name: alertmanager
+  namespace: monitoring
+spec:
+  endpoints:
+  - interval: 30s
+    port: web
+  selector:
+    matchLabels:
+      alertmanager: main
--- a/microk8s-resources/actions/prometheus/grafana-dashboardDatasources.yaml
+++ b/microk8s-resources/actions/prometheus/grafana-dashboardDatasources.yaml
+apiVersion: v1
+data:
+  prometheus.yaml: ewogICAgImFwaVZlcnNpb24iOiAxLAogICAgImRhdGFzb3VyY2VzIjogWwogICAgICAgIHsKICAgICAgICAgICAgImFjY2VzcyI6ICJwcm94eSIsCiAgICAgICAgICAgICJlZGl0YWJsZSI6IGZhbHNlLAogICAgICAgICAgICAibmFtZSI6ICJwcm9tZXRoZXVzIiwKICAgICAgICAgICAgIm9yZ0lkIjogMSwKICAgICAgICAgICAgInR5cGUiOiAicHJvbWV0aGV1cyIsCiAgICAgICAgICAgICJ1cmwiOiAiaHR0cDovL3Byb21ldGhldXMtazhzLm1vbml0b3Jpbmcuc3ZjOjkwOTAiLAogICAgICAgICAgICAidmVyc2lvbiI6IDEKICAgICAgICB9CiAgICBdCn0=
+kind: Secret
+metadata:
+  name: grafana-datasources
+  namespace: monitoring
+type: Opaque
--- a/microk8s-resources/actions/prometheus/grafana-dashboardDefinitions.yaml
+++ b/microk8s-resources/actions/prometheus/grafana-dashboardDefinitions.yaml
--- a/microk8s-resources/actions/prometheus/grafana-dashboardSources.yaml
+++ b/microk8s-resources/actions/prometheus/grafana-dashboardSources.yaml
+apiVersion: v1
+data:
+  dashboards.yaml: |-
+    {
+        "apiVersion": 1,
+        "providers": [
+            {
+                "folder": "",
+                "name": "0",
+                "options": {
+                    "path": "/grafana-dashboard-definitions/0"
+                },
+                "orgId": 1,
+                "type": "file"
+            }
+        ]
+    }
+kind: ConfigMap
+metadata:
+  name: grafana-dashboards
+  namespace: monitoring
--- a/microk8s-resources/actions/prometheus/grafana-deployment.yaml
+++ b/microk8s-resources/actions/prometheus/grafana-deployment.yaml
+apiVersion: apps/v1beta2
+kind: Deployment
+metadata:
+  labels:
+    app: grafana
+  name: grafana
+  namespace: monitoring
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: grafana
+  template:
+    metadata:
+      labels:
+        app: grafana
+    spec:
+      containers:
+      - image: grafana/grafana:5.2.4
+        name: grafana
+        ports:
+        - containerPort: 3000
+          name: http
+        readinessProbe:
+          httpGet:
+            path: /api/health
+            port: http
+        resources:
+          limits:
+            cpu: 200m
+            memory: 200Mi
+          requests:
+            cpu: 100m
+            memory: 100Mi
+        volumeMounts:
+        - mountPath: /var/lib/grafana
+          name: grafana-storage
+          readOnly: false
+        - mountPath: /etc/grafana/provisioning/datasources
+          name: grafana-datasources
+          readOnly: false
+        - mountPath: /etc/grafana/provisioning/dashboards
+          name: grafana-dashboards
+          readOnly: false
+        - mountPath: /grafana-dashboard-definitions/0/k8s-cluster-rsrc-use
+          name: grafana-dashboard-k8s-cluster-rsrc-use
+          readOnly: false
+        - mountPath: /grafana-dashboard-definitions/0/k8s-node-rsrc-use
+          name: grafana-dashboard-k8s-node-rsrc-use
+          readOnly: false
+        - mountPath: /grafana-dashboard-definitions/0/k8s-resources-cluster
+          name: grafana-dashboard-k8s-resources-cluster
+          readOnly: false
+        - mountPath: /grafana-dashboard-definitions/0/k8s-resources-namespace
+          name: grafana-dashboard-k8s-resources-namespace
+          readOnly: false
+        - mountPath: /grafana-dashboard-definitions/0/k8s-resources-pod
+          name: grafana-dashboard-k8s-resources-pod
+          readOnly: false
+        - mountPath: /grafana-dashboard-definitions/0/nodes
+          name: grafana-dashboard-nodes
+          readOnly: false
+        - mountPath: /grafana-dashboard-definitions/0/pods
+          name: grafana-dashboard-pods
+          readOnly: false
+        - mountPath: /grafana-dashboard-definitions/0/statefulset
+          name: grafana-dashboard-statefulset
+          readOnly: false
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 65534
+      serviceAccountName: grafana
+      volumes:
+      - emptyDir: {}
+        name: grafana-storage
+      - name: grafana-datasources
+        secret:
+          secretName: grafana-datasources
+      - configMap:
+          name: grafana-dashboards
+        name: grafana-dashboards
+      - configMap:
+          name: grafana-dashboard-k8s-cluster-rsrc-use
+        name: grafana-dashboard-k8s-cluster-rsrc-use
+      - configMap:
+          name: grafana-dashboard-k8s-node-rsrc-use
+        name: grafana-dashboard-k8s-node-rsrc-use
+      - configMap:
+          name: grafana-dashboard-k8s-resources-cluster
+        name: grafana-dashboard-k8s-resources-cluster
+      - configMap:
+          name: grafana-dashboard-k8s-resources-namespace
+        name: grafana-dashboard-k8s-resources-namespace
+      - configMap:
+          name: grafana-dashboard-k8s-resources-pod
+        name: grafana-dashboard-k8s-resources-pod
+      - configMap:
+          name: grafana-dashboard-nodes
+        name: grafana-dashboard-nodes
+      - configMap:
+          name: grafana-dashboard-pods
+        name: grafana-dashboard-pods
+      - configMap:
+          name: grafana-dashboard-statefulset
+        name: grafana-dashboard-statefulset