From 1221e66316a5fa95383f74b856e41e79bc5b4cfa Mon Sep 17 00:00:00 2001 From: Andrew Titmuss Date: Wed, 28 Feb 2024 15:55:55 +1100 Subject: [PATCH] Allow setting selectors for built-in ServiceMonitors This will make it easier to install the chart in environments where resources cannot be created in the kube-system namespace, such as a tightly scoped ArgoCD AppProject. Without this change, to use the built-in ServiceMonitors with service.enabled=false, the operator is expected to create services in the kube-system namespace that have labels that exactly match what the chart is expecting. With this change, I can create these service resources with my own naming conventions and labels, and inform the ServiceMonitor on how to select them. Signed-off-by: Andrew Titmuss --- charts/kube-prometheus-stack/Chart.yaml | 2 +- .../exporters/core-dns/servicemonitor.yaml | 6 +++- .../servicemonitor.yaml | 6 +++- .../exporters/kube-dns/servicemonitor.yaml | 6 +++- .../exporters/kube-etcd/servicemonitor.yaml | 6 +++- .../exporters/kube-proxy/servicemonitor.yaml | 6 +++- .../kube-scheduler/servicemonitor.yaml | 6 +++- charts/kube-prometheus-stack/values.yaml | 30 +++++++++++++++++++ 8 files changed, 61 insertions(+), 7 deletions(-) diff --git a/charts/kube-prometheus-stack/Chart.yaml b/charts/kube-prometheus-stack/Chart.yaml index 5a073eb3ab2f..f5025417ddd6 100644 --- a/charts/kube-prometheus-stack/Chart.yaml +++ b/charts/kube-prometheus-stack/Chart.yaml @@ -23,7 +23,7 @@ name: kube-prometheus-stack sources: - https://github.com/prometheus-community/helm-charts - https://github.com/prometheus-operator/kube-prometheus -version: 56.13.1 +version: 56.14.0 appVersion: v0.71.2 kubeVersion: ">=1.19.0-0" home: https://github.com/prometheus-operator/kube-prometheus diff --git a/charts/kube-prometheus-stack/templates/exporters/core-dns/servicemonitor.yaml b/charts/kube-prometheus-stack/templates/exporters/core-dns/servicemonitor.yaml index 2bc54df5fc69..59cd363c65d4 100644 --- a/charts/kube-prometheus-stack/templates/exporters/core-dns/servicemonitor.yaml +++ b/charts/kube-prometheus-stack/templates/exporters/core-dns/servicemonitor.yaml @@ -15,12 +15,16 @@ metadata: {{- end }} {{ include "kube-prometheus-stack.labels" . | indent 4 }} spec: - jobLabel: jobLabel + jobLabel: {{ .Values.coreDns.serviceMonitor.jobLabel }} {{- include "servicemonitor.scrapeLimits" .Values.coreDns.serviceMonitor | nindent 2 }} selector: + {{- if .Values.coreDns.serviceMonitor.selector }} + {{ tpl (toYaml .Values.coreDns.serviceMonitor.selector | nindent 4) . }} + {{- else }} matchLabels: app: {{ template "kube-prometheus-stack.name" . }}-coredns release: {{ $.Release.Name | quote }} + {{- end }} namespaceSelector: matchNames: - "kube-system" diff --git a/charts/kube-prometheus-stack/templates/exporters/kube-controller-manager/servicemonitor.yaml b/charts/kube-prometheus-stack/templates/exporters/kube-controller-manager/servicemonitor.yaml index 0f64844cbaf9..f0d7e1b7d163 100644 --- a/charts/kube-prometheus-stack/templates/exporters/kube-controller-manager/servicemonitor.yaml +++ b/charts/kube-prometheus-stack/templates/exporters/kube-controller-manager/servicemonitor.yaml @@ -15,12 +15,16 @@ metadata: {{- end }} {{ include "kube-prometheus-stack.labels" . | indent 4 }} spec: - jobLabel: jobLabel + jobLabel: {{ .Values.kubeControllerManager.serviceMonitor.jobLabel }} {{- include "servicemonitor.scrapeLimits" .Values.kubeControllerManager.serviceMonitor | nindent 2 }} selector: + {{- if .Values.kubeControllerManager.serviceMonitor.selector }} + {{ tpl (toYaml .Values.kubeControllerManager.serviceMonitor.selector | nindent 4) . }} + {{- else }} matchLabels: app: {{ template "kube-prometheus-stack.name" . }}-kube-controller-manager release: {{ $.Release.Name | quote }} + {{- end }} namespaceSelector: matchNames: - "kube-system" diff --git a/charts/kube-prometheus-stack/templates/exporters/kube-dns/servicemonitor.yaml b/charts/kube-prometheus-stack/templates/exporters/kube-dns/servicemonitor.yaml index 260ad1ed3840..52190775b6c6 100644 --- a/charts/kube-prometheus-stack/templates/exporters/kube-dns/servicemonitor.yaml +++ b/charts/kube-prometheus-stack/templates/exporters/kube-dns/servicemonitor.yaml @@ -15,12 +15,16 @@ metadata: {{- end }} {{ include "kube-prometheus-stack.labels" . | indent 4 }} spec: - jobLabel: jobLabel + jobLabel: {{ .Values.kubeDns.serviceMonitor.jobLabel }} {{- include "servicemonitor.scrapeLimits" .Values.kubeDns.serviceMonitor | nindent 2 }} selector: + {{- if .Values.kubeDns.serviceMonitor.selector }} + {{ tpl (toYaml .Values.kubeDns.serviceMonitor.selector | nindent 4) . }} + {{- else }} matchLabels: app: {{ template "kube-prometheus-stack.name" . }}-kube-dns release: {{ $.Release.Name | quote }} + {{- end }} namespaceSelector: matchNames: - "kube-system" diff --git a/charts/kube-prometheus-stack/templates/exporters/kube-etcd/servicemonitor.yaml b/charts/kube-prometheus-stack/templates/exporters/kube-etcd/servicemonitor.yaml index f5048531aca9..43c95e56890a 100644 --- a/charts/kube-prometheus-stack/templates/exporters/kube-etcd/servicemonitor.yaml +++ b/charts/kube-prometheus-stack/templates/exporters/kube-etcd/servicemonitor.yaml @@ -15,12 +15,16 @@ metadata: {{- end }} {{ include "kube-prometheus-stack.labels" . | indent 4 }} spec: - jobLabel: jobLabel + jobLabel: {{ .Values.kubeEtcd.serviceMonitor.jobLabel }} {{- include "servicemonitor.scrapeLimits" .Values.kubeEtcd.serviceMonitor | nindent 4 }} selector: + {{- if .Values.kubeEtcd.serviceMonitor.selector }} + {{ tpl (toYaml .Values.kubeEtcd.serviceMonitor.selector | nindent 4) . }} + {{- else }} matchLabels: app: {{ template "kube-prometheus-stack.name" . }}-kube-etcd release: {{ $.Release.Name | quote }} + {{- end }} namespaceSelector: matchNames: - "kube-system" diff --git a/charts/kube-prometheus-stack/templates/exporters/kube-proxy/servicemonitor.yaml b/charts/kube-prometheus-stack/templates/exporters/kube-proxy/servicemonitor.yaml index 0a01a7f8b903..5fec31a95e8c 100644 --- a/charts/kube-prometheus-stack/templates/exporters/kube-proxy/servicemonitor.yaml +++ b/charts/kube-prometheus-stack/templates/exporters/kube-proxy/servicemonitor.yaml @@ -15,12 +15,16 @@ metadata: {{- end }} {{ include "kube-prometheus-stack.labels" . | indent 4 }} spec: - jobLabel: jobLabel + jobLabel: {{ .Values.kubeProxy.serviceMonitor.jobLabel }} {{- include "servicemonitor.scrapeLimits" .Values.kubeProxy.serviceMonitor | nindent 2 }} selector: + {{- if .Values.kubeProxy.serviceMonitor.selector }} + {{ tpl (toYaml .Values.kubeProxy.serviceMonitor.selector | nindent 4) . }} + {{- else }} matchLabels: app: {{ template "kube-prometheus-stack.name" . }}-kube-proxy release: {{ $.Release.Name | quote }} + {{- end }} namespaceSelector: matchNames: - "kube-system" diff --git a/charts/kube-prometheus-stack/templates/exporters/kube-scheduler/servicemonitor.yaml b/charts/kube-prometheus-stack/templates/exporters/kube-scheduler/servicemonitor.yaml index 6849340c494a..82a1c6bdc2ff 100644 --- a/charts/kube-prometheus-stack/templates/exporters/kube-scheduler/servicemonitor.yaml +++ b/charts/kube-prometheus-stack/templates/exporters/kube-scheduler/servicemonitor.yaml @@ -15,12 +15,16 @@ metadata: {{- end }} {{ include "kube-prometheus-stack.labels" . | indent 4 }} spec: - jobLabel: jobLabel + jobLabel: {{ .Values.kubeScheduler.serviceMonitor.jobLabel }} {{- include "servicemonitor.scrapeLimits" .Values.kubeScheduler.serviceMonitor | nindent 2 }} selector: + {{- if .Values.kubeScheduler.serviceMonitor.selector }} + {{ tpl (toYaml .Values.kubeScheduler.serviceMonitor.selector | nindent 4) . }} + {{- else }} matchLabels: app: {{ template "kube-prometheus-stack.name" . }}-kube-scheduler release: {{ $.Release.Name | quote }} + {{- end }} namespaceSelector: matchNames: - "kube-system" diff --git a/charts/kube-prometheus-stack/values.yaml b/charts/kube-prometheus-stack/values.yaml index 59603ac98877..70aea2c4d1bd 100644 --- a/charts/kube-prometheus-stack/values.yaml +++ b/charts/kube-prometheus-stack/values.yaml @@ -1486,6 +1486,11 @@ kubeControllerManager: ## proxyUrl: "" + jobLabel: jobLabel + selector: {} + # matchLabels: + # component: kube-controller-manager + ## Enable scraping kube-controller-manager over https. ## Requires proper certs (not self-signed) and delegated authentication/authorization checks. ## If null or unset, the value is determined dynamically based on target Kubernetes version. @@ -1562,6 +1567,11 @@ coreDns: ## proxyUrl: "" + jobLabel: jobLabel + selector: {} + # matchLabels: + # k8s-app: kube-dns + ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig ## @@ -1628,6 +1638,11 @@ kubeDns: ## proxyUrl: "" + jobLabel: jobLabel + selector: {} + # matchLabels: + # k8s-app: kube-dns + ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig ## @@ -1739,6 +1754,11 @@ kubeEtcd: certFile: "" keyFile: "" + jobLabel: jobLabel + selector: {} + # matchLabels: + # component: etcd + ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig ## @@ -1822,6 +1842,11 @@ kubeScheduler: ## https: null + jobLabel: jobLabel + selector: {} + # matchLabels: + # component: kube-scheduler + ## Skip TLS certificate validation when scraping insecureSkipVerify: null @@ -1901,6 +1926,11 @@ kubeProxy: ## proxyUrl: "" + jobLabel: jobLabel + selector: {} + # matchLabels: + # k8s-app: kube-proxy + ## Enable scraping kube-proxy over https. ## Requires proper certs (not self-signed) and delegated authentication/authorization checks ##