From 5c1e529d65a58b41f229c4bd4bb88e46525fa832 Mon Sep 17 00:00:00 2001 From: Mitsuru Kariya Date: Mon, 4 Mar 2024 11:03:20 +0900 Subject: [PATCH] [kube-prometheus-stack] Add resources and SLIs metrics support - KEP-1748: Expose Pod Resource Request Metrics - kube-scheduler - KEP-3466: Kubernetes Component SLIs - kube-apiserver - kubelet - kube-controller-manager - kube-scheduler - kube-proxy Signed-off-by: Mitsuru Kariya --- .../templates/_helpers.tpl | 172 ++++++++++++++ .../kube-api-server/servicemonitor.yaml | 26 +-- .../servicemonitor.yaml | 32 +-- .../exporters/kube-proxy/servicemonitor.yaml | 26 +-- .../kube-scheduler/servicemonitor.yaml | 36 +-- .../exporters/kubelet/servicemonitor.yaml | 210 ++---------------- .../templates/prometheus/clusterrole.yaml | 2 +- charts/kube-prometheus-stack/values.yaml | 103 +++++++++ 8 files changed, 313 insertions(+), 294 deletions(-) diff --git a/charts/kube-prometheus-stack/templates/_helpers.tpl b/charts/kube-prometheus-stack/templates/_helpers.tpl index aa0ed4c73623..b9d0a418ea5d 100644 --- a/charts/kube-prometheus-stack/templates/_helpers.tpl +++ b/charts/kube-prometheus-stack/templates/_helpers.tpl @@ -313,3 +313,175 @@ global: {{ $fullname }}-webhook.{{ $namespace }}.svc {{- end }} {{- end }} + +{{/* Create lower camel case string. */}} +{{- define "kube-prometheus-stack.lowerCamelCase" }} +{{- $prefix := index . 0 }} +{{- $base := index . 1 }} +{{- with $prefix }} +{{- printf "%s%s" . (title $base) }} +{{- else }} +{{- $base }} +{{- end }} +{{- end }} + +{{/* Define ServiceMonitor endpoint for kube-apiserver */}} +{{- define "kube-prometheus-stack.kubeApiServer.endpoint" }} +{{- $ := index . 0 }} +{{- $prefix := index . 1 }} +{{- $smon := $.Values.kubeApiServer.serviceMonitor }} +{{- $tlsConfig := $.Values.kubeApiServer.tlsConfig }} + - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + {{- with $smon.interval }} + interval: {{ . }} + {{- end }} + {{- with $smon.proxyUrl }} + proxyUrl: {{ . }} + {{- end }} + port: https + scheme: https + {{- with include "kube-prometheus-stack.lowerCamelCase" (list $prefix "metricRelabelings") | get $smon }} + metricRelabelings: + {{- tpl (toYaml . | nindent 4) $ }} + {{- end }} + {{- with include "kube-prometheus-stack.lowerCamelCase" (list $prefix "relabelings") | get $smon }} + relabelings: + {{- tpl (toYaml . | nindent 4) $ }} + {{- end }} + tlsConfig: + caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt + serverName: {{ $tlsConfig.serverName }} + insecureSkipVerify: {{ $tlsConfig.insecureSkipVerify }} +{{- end }} + +{{/* Define ServiceMonitor endpoint for kubelet */}} +{{- define "kube-prometheus-stack.kubelet.endpoint" -}} +{{- $ := index . 0 }} +{{- $prefix := index . 1 }} +{{- $smon := $.Values.kubelet.serviceMonitor }} + {{- if $smon.https }} + - port: https-metrics + scheme: https + tlsConfig: + caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt + insecureSkipVerify: true + bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + {{- else }} + - port: http-metrics + {{- end }} + {{- with $smon.interval }} + interval: {{ . }} + {{- end }} + {{- with $smon.proxyUrl }} + proxyUrl: {{ . }} + {{- end }} + {{- with $smon.scrapeTimeout }} + scrapeTimeout: {{ . }} + {{- end }} + honorLabels: {{ $smon.honorLabels }} + honorTimestamps: {{ $smon.honorTimestamps }} + {{- with include "kube-prometheus-stack.lowerCamelCase" (list $prefix "metricRelabelings") | get $smon }} + metricRelabelings: + {{- tpl (toYaml . | nindent 4) $ }} + {{- end }} + {{- with include "kube-prometheus-stack.lowerCamelCase" (list $prefix "relabelings") | get $smon }} + relabelings: + {{- tpl (toYaml . | nindent 4) $ }} + {{- end }} +{{- end }} + +{{/* Define ServiceMonitor endpoint for kube-controller-manager */}} +{{- define "kube-prometheus-stack.kubeControllerManager.endpoint" }} +{{- $ := index . 0 }} +{{- $prefix := index . 1 }} +{{- $smon := $.Values.kubeControllerManager.serviceMonitor }} + - port: {{ $smon.port }} + {{- with $smon.interval }} + interval: {{ . }} + {{- end }} + bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + {{- with $smon.proxyUrl }} + proxyUrl: {{ . }} + {{- end }} + {{- if eq (include "kube-prometheus-stack.kubeControllerManager.insecureScrape" (list $ false true $smon.https )) "true" }} + scheme: https + tlsConfig: + caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt + {{- if eq (include "kube-prometheus-stack.kubeControllerManager.insecureScrape" (list $ nil true $smon.insecureSkipVerify)) "true" }} + insecureSkipVerify: true + {{- end }} + {{- with $smon.serverName }} + serverName: {{ . }} + {{- end }} + {{- end }} + {{- with include "kube-prometheus-stack.lowerCamelCase" (list $prefix "metricRelabelings") | get $smon }} + metricRelabelings: + {{- tpl (toYaml . | nindent 4) $ }} + {{- end }} + {{- with include "kube-prometheus-stack.lowerCamelCase" (list $prefix "relabelings") | get $smon }} + relabelings: + {{- tpl (toYaml . | nindent 4) $ }} + {{- end }} +{{- end }} + +{{/* Define ServiceMonitor endpoint for kube-scheduler */}} +{{- define "kube-prometheus-stack.kubeScheduler.endpoint" -}} +{{- $ := index . 0 }} +{{- $prefix := index . 1 }} +{{- $smon := $.Values.kubeScheduler.serviceMonitor }} + - port: {{ $smon.port }} + {{- with $smon.interval }} + interval: {{ . }} + {{- end }} + bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + {{- with $smon.proxyUrl }} + proxyUrl: {{ . }} + {{- end }} + {{- if eq (include "kube-prometheus-stack.kubeScheduler.insecureScrape" (list $ false true $smon.https)) "true" }} + scheme: https + tlsConfig: + caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt + {{- if eq (include "kube-prometheus-stack.kubeScheduler.insecureScrape" (list $ nil true $smon.insecureSkipVerify)) "true" }} + insecureSkipVerify: true + {{- end }} + {{- with $smon.serverName }} + serverName: {{ . }} + {{- end }} + {{- end }} + {{- with include "kube-prometheus-stack.lowerCamelCase" (list $prefix "metricRelabelings") | get $smon }} + metricRelabelings: + {{- tpl (toYaml . | nindent 4) $ }} + {{- end }} + {{- with include "kube-prometheus-stack.lowerCamelCase" (list $prefix "relabelings") | get $smon }} + relabelings: + {{- tpl (toYaml . | nindent 4) $ }} + {{- end }} +{{- end }} + +{{/* Define ServiceMonitor endpoint for kube-proxy */}} +{{- define "kube-prometheus-stack.kubeProxy.endpoint" -}} +{{- $ := index . 0 }} +{{- $prefix := index . 1 }} +{{- $smon := $.Values.kubeProxy.serviceMonitor }} + - port: {{ $smon.port }} + {{- with $smon.interval }} + interval: {{ . }} + {{- end }} + bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + {{- with $smon.proxyUrl }} + proxyUrl: {{ . }} + {{- end }} + {{- if $smon.https }} + scheme: https + tlsConfig: + caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt + {{- end }} + {{- with include "kube-prometheus-stack.lowerCamelCase" (list $prefix "metricRelabelings") | get $smon }} + metricRelabelings: + {{- tpl (toYaml . | nindent 4) $ }} + {{- end }} + {{- with include "kube-prometheus-stack.lowerCamelCase" (list $prefix "relabelings") | get $smon }} + relabelings: + {{- tpl (toYaml . | nindent 4) $ }} + {{- end }} +{{- end }} diff --git a/charts/kube-prometheus-stack/templates/exporters/kube-api-server/servicemonitor.yaml b/charts/kube-prometheus-stack/templates/exporters/kube-api-server/servicemonitor.yaml index a140d4554a7f..ddb1735dc830 100644 --- a/charts/kube-prometheus-stack/templates/exporters/kube-api-server/servicemonitor.yaml +++ b/charts/kube-prometheus-stack/templates/exporters/kube-api-server/servicemonitor.yaml @@ -17,27 +17,11 @@ metadata: spec: {{- include "servicemonitor.scrapeLimits" .Values.kubeApiServer.serviceMonitor | nindent 2 }} endpoints: - - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token - {{- if .Values.kubeApiServer.serviceMonitor.interval }} - interval: {{ .Values.kubeApiServer.serviceMonitor.interval }} - {{- end }} - {{- if .Values.kubeApiServer.serviceMonitor.proxyUrl }} - proxyUrl: {{ .Values.kubeApiServer.serviceMonitor.proxyUrl }} - {{- end }} - port: https - scheme: https -{{- if .Values.kubeApiServer.serviceMonitor.metricRelabelings }} - metricRelabelings: -{{ tpl (toYaml .Values.kubeApiServer.serviceMonitor.metricRelabelings | indent 6) . }} -{{- end }} -{{- if .Values.kubeApiServer.serviceMonitor.relabelings }} - relabelings: -{{ tpl (toYaml .Values.kubeApiServer.serviceMonitor.relabelings | indent 6) . }} -{{- end }} - tlsConfig: - caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - serverName: {{ .Values.kubeApiServer.tlsConfig.serverName }} - insecureSkipVerify: {{ .Values.kubeApiServer.tlsConfig.insecureSkipVerify }} + {{- include "kube-prometheus-stack.kubeApiServer.endpoint" (list $ "") }} + {{- if .Values.kubeApiServer.serviceMonitor.slis }} + {{- include "kube-prometheus-stack.kubeApiServer.endpoint" (list $ "slis") }} + path: /metrics/slis + {{- end }} jobLabel: {{ .Values.kubeApiServer.serviceMonitor.jobLabel }} namespaceSelector: matchNames: diff --git a/charts/kube-prometheus-stack/templates/exporters/kube-controller-manager/servicemonitor.yaml b/charts/kube-prometheus-stack/templates/exporters/kube-controller-manager/servicemonitor.yaml index d4813f0b5308..da699956e7c2 100644 --- a/charts/kube-prometheus-stack/templates/exporters/kube-controller-manager/servicemonitor.yaml +++ b/charts/kube-prometheus-stack/templates/exporters/kube-controller-manager/servicemonitor.yaml @@ -29,31 +29,9 @@ spec: matchNames: - "kube-system" endpoints: - - port: {{ .Values.kubeControllerManager.serviceMonitor.port }} - {{- if .Values.kubeControllerManager.serviceMonitor.interval }} - interval: {{ .Values.kubeControllerManager.serviceMonitor.interval }} - {{- end }} - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token - {{- if .Values.kubeControllerManager.serviceMonitor.proxyUrl }} - proxyUrl: {{ .Values.kubeControllerManager.serviceMonitor.proxyUrl}} - {{- end }} - {{- if eq (include "kube-prometheus-stack.kubeControllerManager.insecureScrape" (list . false true .Values.kubeControllerManager.serviceMonitor.https )) "true" }} - scheme: https - tlsConfig: - caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - {{- if eq (include "kube-prometheus-stack.kubeControllerManager.insecureScrape" (list . nil true .Values.kubeControllerManager.serviceMonitor.insecureSkipVerify)) "true" }} - insecureSkipVerify: true - {{- end }} - {{- if .Values.kubeControllerManager.serviceMonitor.serverName }} - serverName: {{ .Values.kubeControllerManager.serviceMonitor.serverName }} - {{- end }} - {{- end }} -{{- if .Values.kubeControllerManager.serviceMonitor.metricRelabelings }} - metricRelabelings: -{{ tpl (toYaml .Values.kubeControllerManager.serviceMonitor.metricRelabelings | indent 4) . }} -{{- end }} -{{- if .Values.kubeControllerManager.serviceMonitor.relabelings }} - relabelings: -{{ tpl (toYaml .Values.kubeControllerManager.serviceMonitor.relabelings | indent 4) . }} -{{- end }} + {{- include "kube-prometheus-stack.kubeControllerManager.endpoint" (list $ "") }} + {{- if .Values.kubeControllerManager.serviceMonitor.slis }} + {{- include "kube-prometheus-stack.kubeControllerManager.endpoint" (list $ "slis") }} + path: /metrics/slis + {{- end }} {{- end }} diff --git a/charts/kube-prometheus-stack/templates/exporters/kube-proxy/servicemonitor.yaml b/charts/kube-prometheus-stack/templates/exporters/kube-proxy/servicemonitor.yaml index ab9bb8fa8120..a1d3499734c2 100644 --- a/charts/kube-prometheus-stack/templates/exporters/kube-proxy/servicemonitor.yaml +++ b/charts/kube-prometheus-stack/templates/exporters/kube-proxy/servicemonitor.yaml @@ -29,25 +29,9 @@ spec: matchNames: - "kube-system" endpoints: - - port: {{ .Values.kubeProxy.serviceMonitor.port }} - {{- if .Values.kubeProxy.serviceMonitor.interval }} - interval: {{ .Values.kubeProxy.serviceMonitor.interval }} - {{- end }} - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token - {{- if .Values.kubeProxy.serviceMonitor.proxyUrl }} - proxyUrl: {{ .Values.kubeProxy.serviceMonitor.proxyUrl}} - {{- end }} - {{- if .Values.kubeProxy.serviceMonitor.https }} - scheme: https - tlsConfig: - caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - {{- end}} -{{- if .Values.kubeProxy.serviceMonitor.metricRelabelings }} - metricRelabelings: -{{ tpl (toYaml .Values.kubeProxy.serviceMonitor.metricRelabelings | indent 4) . }} -{{- end }} -{{- if .Values.kubeProxy.serviceMonitor.relabelings }} - relabelings: -{{ tpl (toYaml .Values.kubeProxy.serviceMonitor.relabelings | indent 4) . }} -{{- end }} + {{- include "kube-prometheus-stack.kubeProxy.endpoint" (list $ "") }} + {{- if .Values.kubeProxy.serviceMonitor.slis }} + {{- include "kube-prometheus-stack.kubeProxy.endpoint" (list $ "slis") }} + path: /metrics/slis + {{- end }} {{- end }} diff --git a/charts/kube-prometheus-stack/templates/exporters/kube-scheduler/servicemonitor.yaml b/charts/kube-prometheus-stack/templates/exporters/kube-scheduler/servicemonitor.yaml index 73de91de12c0..793dcf9f0dd8 100644 --- a/charts/kube-prometheus-stack/templates/exporters/kube-scheduler/servicemonitor.yaml +++ b/charts/kube-prometheus-stack/templates/exporters/kube-scheduler/servicemonitor.yaml @@ -29,31 +29,13 @@ spec: matchNames: - "kube-system" endpoints: - - port: {{ .Values.kubeScheduler.serviceMonitor.port }} - {{- if .Values.kubeScheduler.serviceMonitor.interval }} - interval: {{ .Values.kubeScheduler.serviceMonitor.interval }} - {{- end }} - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token - {{- if .Values.kubeScheduler.serviceMonitor.proxyUrl }} - proxyUrl: {{ .Values.kubeScheduler.serviceMonitor.proxyUrl}} - {{- end }} - {{- if eq (include "kube-prometheus-stack.kubeScheduler.insecureScrape" (list . false true .Values.kubeScheduler.serviceMonitor.https )) "true" }} - scheme: https - tlsConfig: - caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - {{- if eq (include "kube-prometheus-stack.kubeScheduler.insecureScrape" (list . nil true .Values.kubeScheduler.serviceMonitor.insecureSkipVerify)) "true" }} - insecureSkipVerify: true - {{- end }} - {{- if .Values.kubeScheduler.serviceMonitor.serverName }} - serverName: {{ .Values.kubeScheduler.serviceMonitor.serverName }} - {{- end}} - {{- end}} -{{- if .Values.kubeScheduler.serviceMonitor.metricRelabelings }} - metricRelabelings: -{{ tpl (toYaml .Values.kubeScheduler.serviceMonitor.metricRelabelings | indent 4) . }} -{{- end }} -{{- if .Values.kubeScheduler.serviceMonitor.relabelings }} - relabelings: -{{ tpl (toYaml .Values.kubeScheduler.serviceMonitor.relabelings | indent 4) . }} -{{- end }} + {{- include "kube-prometheus-stack.kubeScheduler.endpoint" (list $ "") }} + {{- if .Values.kubeScheduler.serviceMonitor.slis }} + {{- include "kube-prometheus-stack.kubeScheduler.endpoint" (list $ "slis") }} + path: /metrics/slis + {{- end }} + {{- if .Values.kubeScheduler.serviceMonitor.resources }} + {{- include "kube-prometheus-stack.kubeScheduler.endpoint" (list $ "resources") }} + path: /metrics/resources + {{- end }} {{- end }} diff --git a/charts/kube-prometheus-stack/templates/exporters/kubelet/servicemonitor.yaml b/charts/kube-prometheus-stack/templates/exporters/kubelet/servicemonitor.yaml index f27f232abf94..3e85a579acd1 100644 --- a/charts/kube-prometheus-stack/templates/exporters/kubelet/servicemonitor.yaml +++ b/charts/kube-prometheus-stack/templates/exporters/kubelet/servicemonitor.yaml @@ -21,206 +21,22 @@ spec: {{- toYaml . | nindent 4 }} {{- end }} endpoints: - {{- if .Values.kubelet.serviceMonitor.https }} - - port: https-metrics - scheme: https - {{- if .Values.kubelet.serviceMonitor.interval }} - interval: {{ .Values.kubelet.serviceMonitor.interval }} - {{- end }} - {{- if .Values.kubelet.serviceMonitor.proxyUrl }} - proxyUrl: {{ .Values.kubelet.serviceMonitor.proxyUrl }} - {{- end }} - {{- if .Values.kubelet.serviceMonitor.scrapeTimeout }} - scrapeTimeout: {{ .Values.kubelet.serviceMonitor.scrapeTimeout }} - {{- end }} - tlsConfig: - caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - insecureSkipVerify: true - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token - honorLabels: {{ .Values.kubelet.serviceMonitor.honorLabels }} - honorTimestamps: {{ .Values.kubelet.serviceMonitor.honorTimestamps }} -{{- if .Values.kubelet.serviceMonitor.metricRelabelings }} - metricRelabelings: -{{ tpl (toYaml .Values.kubelet.serviceMonitor.metricRelabelings | indent 4) . }} -{{- end }} -{{- if .Values.kubelet.serviceMonitor.relabelings }} - relabelings: -{{ tpl (toYaml .Values.kubelet.serviceMonitor.relabelings | indent 4) . }} -{{- end }} -{{- if .Values.kubelet.serviceMonitor.cAdvisor }} - - port: https-metrics - scheme: https + {{- include "kube-prometheus-stack.kubelet.endpoint" (list $ "") }} + {{- if .Values.kubelet.serviceMonitor.cAdvisor }} + {{- include "kube-prometheus-stack.kubelet.endpoint" (list $ "cAdvisor") }} path: /metrics/cadvisor - {{- if .Values.kubelet.serviceMonitor.interval }} - interval: {{ .Values.kubelet.serviceMonitor.interval }} - {{- end }} - {{- if .Values.kubelet.serviceMonitor.proxyUrl }} - proxyUrl: {{ .Values.kubelet.serviceMonitor.proxyUrl }} - {{- end }} - {{- if .Values.kubelet.serviceMonitor.scrapeTimeout }} - scrapeTimeout: {{ .Values.kubelet.serviceMonitor.scrapeTimeout }} - {{- end }} - honorLabels: {{ .Values.kubelet.serviceMonitor.honorLabels }} - honorTimestamps: {{ .Values.kubelet.serviceMonitor.honorTimestamps }} - tlsConfig: - caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - insecureSkipVerify: true - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token -{{- if .Values.kubelet.serviceMonitor.cAdvisorMetricRelabelings }} - metricRelabelings: -{{ tpl (toYaml .Values.kubelet.serviceMonitor.cAdvisorMetricRelabelings | indent 4) . }} -{{- end }} -{{- if .Values.kubelet.serviceMonitor.cAdvisorRelabelings }} - relabelings: -{{ tpl (toYaml .Values.kubelet.serviceMonitor.cAdvisorRelabelings | indent 4) . }} -{{- end }} -{{- end }} -{{- if .Values.kubelet.serviceMonitor.probes }} - - port: https-metrics - scheme: https - path: /metrics/probes - {{- if .Values.kubelet.serviceMonitor.interval }} - interval: {{ .Values.kubelet.serviceMonitor.interval }} - {{- end }} - {{- if .Values.kubelet.serviceMonitor.proxyUrl }} - proxyUrl: {{ .Values.kubelet.serviceMonitor.proxyUrl }} - {{- end }} - {{- if .Values.kubelet.serviceMonitor.scrapeTimeout }} - scrapeTimeout: {{ .Values.kubelet.serviceMonitor.scrapeTimeout }} - {{- end }} - honorLabels: {{ .Values.kubelet.serviceMonitor.honorLabels }} - honorTimestamps: {{ .Values.kubelet.serviceMonitor.honorTimestamps }} - tlsConfig: - caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - insecureSkipVerify: true - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token -{{- if .Values.kubelet.serviceMonitor.probesMetricRelabelings }} - metricRelabelings: -{{ tpl (toYaml .Values.kubelet.serviceMonitor.probesMetricRelabelings | indent 4) . }} -{{- end }} -{{- if .Values.kubelet.serviceMonitor.probesRelabelings }} - relabelings: -{{ tpl (toYaml .Values.kubelet.serviceMonitor.probesRelabelings | indent 4) . }} -{{- end }} -{{- end }} -{{- if .Values.kubelet.serviceMonitor.resource }} - - port: https-metrics - scheme: https - path: {{ .Values.kubelet.serviceMonitor.resourcePath }} - {{- if .Values.kubelet.serviceMonitor.interval }} - interval: {{ .Values.kubelet.serviceMonitor.interval }} - {{- end }} - {{- if .Values.kubelet.serviceMonitor.proxyUrl }} - proxyUrl: {{ .Values.kubelet.serviceMonitor.proxyUrl }} - {{- end }} - {{- if .Values.kubelet.serviceMonitor.scrapeTimeout }} - scrapeTimeout: {{ .Values.kubelet.serviceMonitor.scrapeTimeout }} - {{- end }} - honorLabels: {{ .Values.kubelet.serviceMonitor.honorLabels }} - honorTimestamps: {{ .Values.kubelet.serviceMonitor.honorTimestamps }} - tlsConfig: - caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - insecureSkipVerify: true - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token -{{- if .Values.kubelet.serviceMonitor.resourceMetricRelabelings }} - metricRelabelings: -{{ tpl (toYaml .Values.kubelet.serviceMonitor.resourceMetricRelabelings | indent 4) . }} -{{- end }} -{{- if .Values.kubelet.serviceMonitor.resourceRelabelings }} - relabelings: -{{ tpl (toYaml .Values.kubelet.serviceMonitor.resourceRelabelings | indent 4) . }} -{{- end }} -{{- end }} - {{- else }} - - port: http-metrics - {{- if .Values.kubelet.serviceMonitor.interval }} - interval: {{ .Values.kubelet.serviceMonitor.interval }} - {{- end }} - {{- if .Values.kubelet.serviceMonitor.proxyUrl }} - proxyUrl: {{ .Values.kubelet.serviceMonitor.proxyUrl }} - {{- end }} - {{- if .Values.kubelet.serviceMonitor.scrapeTimeout }} - scrapeTimeout: {{ .Values.kubelet.serviceMonitor.scrapeTimeout }} - {{- end }} - honorLabels: {{ .Values.kubelet.serviceMonitor.honorLabels }} - honorTimestamps: {{ .Values.kubelet.serviceMonitor.honorTimestamps }} -{{- if .Values.kubelet.serviceMonitor.metricRelabelings }} - metricRelabelings: -{{ tpl (toYaml .Values.kubelet.serviceMonitor.metricRelabelings | indent 4) . }} -{{- end }} -{{- if .Values.kubelet.serviceMonitor.relabelings }} - relabelings: -{{ tpl (toYaml .Values.kubelet.serviceMonitor.relabelings | indent 4) . }} -{{- end }} -{{- if .Values.kubelet.serviceMonitor.cAdvisor }} - - port: http-metrics - path: /metrics/cadvisor - {{- if .Values.kubelet.serviceMonitor.interval }} - interval: {{ .Values.kubelet.serviceMonitor.interval }} - {{- end }} - {{- if .Values.kubelet.serviceMonitor.proxyUrl }} - proxyUrl: {{ .Values.kubelet.serviceMonitor.proxyUrl }} - {{- end }} - {{- if .Values.kubelet.serviceMonitor.scrapeTimeout }} - scrapeTimeout: {{ .Values.kubelet.serviceMonitor.scrapeTimeout }} - {{- end }} - honorLabels: {{ .Values.kubelet.serviceMonitor.honorLabels }} - honorTimestamps: {{ .Values.kubelet.serviceMonitor.honorTimestamps }} -{{- if .Values.kubelet.serviceMonitor.cAdvisorMetricRelabelings }} - metricRelabelings: -{{ tpl (toYaml .Values.kubelet.serviceMonitor.cAdvisorMetricRelabelings | indent 4) . }} -{{- end }} -{{- if .Values.kubelet.serviceMonitor.cAdvisorRelabelings }} - relabelings: -{{ tpl (toYaml .Values.kubelet.serviceMonitor.cAdvisorRelabelings | indent 4) . }} -{{- end }} -{{- if .Values.kubelet.serviceMonitor.probes }} - - port: http-metrics + {{- end }} + {{- if .Values.kubelet.serviceMonitor.probes }} + {{- include "kube-prometheus-stack.kubelet.endpoint" (list $ "probes") }} path: /metrics/probes - {{- if .Values.kubelet.serviceMonitor.interval }} - interval: {{ .Values.kubelet.serviceMonitor.interval }} - {{- end }} - {{- if .Values.kubelet.serviceMonitor.proxyUrl }} - proxyUrl: {{ .Values.kubelet.serviceMonitor.proxyUrl }} - {{- end }} - {{- if .Values.kubelet.serviceMonitor.scrapeTimeout }} - scrapeTimeout: {{ .Values.kubelet.serviceMonitor.scrapeTimeout }} - {{- end }} - honorLabels: {{ .Values.kubelet.serviceMonitor.honorLabels }} - honorTimestamps: {{ .Values.kubelet.serviceMonitor.honorTimestamps }} -{{- if .Values.kubelet.serviceMonitor.probesMetricRelabelings }} - metricRelabelings: -{{ tpl (toYaml .Values.kubelet.serviceMonitor.probesMetricRelabelings | indent 4) . }} -{{- end }} -{{- if .Values.kubelet.serviceMonitor.probesRelabelings }} - relabelings: -{{ tpl (toYaml .Values.kubelet.serviceMonitor.probesRelabelings | indent 4) . }} -{{- end }} -{{- end }} -{{- if .Values.kubelet.serviceMonitor.resource }} - - port: http-metrics + {{- end }} + {{- if .Values.kubelet.serviceMonitor.resource }} + {{- include "kube-prometheus-stack.kubelet.endpoint" (list $ "resource") }} path: {{ .Values.kubelet.serviceMonitor.resourcePath }} - {{- if .Values.kubelet.serviceMonitor.interval }} - interval: {{ .Values.kubelet.serviceMonitor.interval }} - {{- end }} - {{- if .Values.kubelet.serviceMonitor.proxyUrl }} - proxyUrl: {{ .Values.kubelet.serviceMonitor.proxyUrl }} - {{- end }} - {{- if .Values.kubelet.serviceMonitor.scrapeTimeout }} - scrapeTimeout: {{ .Values.kubelet.serviceMonitor.scrapeTimeout }} - {{- end }} - honorLabels: {{ .Values.kubelet.serviceMonitor.honorLabels }} - honorTimestamps: {{ .Values.kubelet.serviceMonitor.honorTimestamps }} -{{- if .Values.kubelet.serviceMonitor.resourceMetricRelabelings }} - metricRelabelings: -{{ tpl (toYaml .Values.kubelet.serviceMonitor.resourceMetricRelabelings | indent 4) . }} -{{- end }} -{{- if .Values.kubelet.serviceMonitor.resourceRelabelings }} - relabelings: -{{ tpl (toYaml .Values.kubelet.serviceMonitor.resourceRelabelings | indent 4) . }} -{{- end }} -{{- end }} -{{- end }} + {{- end }} + {{- if .Values.kubelet.serviceMonitor.slis }} + {{- include "kube-prometheus-stack.kubelet.endpoint" (list $ "slis") }} + path: /metrics/slis {{- end }} jobLabel: k8s-app namespaceSelector: diff --git a/charts/kube-prometheus-stack/templates/prometheus/clusterrole.yaml b/charts/kube-prometheus-stack/templates/prometheus/clusterrole.yaml index 3585b5db1151..79dac8dbe9fe 100644 --- a/charts/kube-prometheus-stack/templates/prometheus/clusterrole.yaml +++ b/charts/kube-prometheus-stack/templates/prometheus/clusterrole.yaml @@ -22,7 +22,7 @@ rules: resources: - ingresses verbs: ["get", "list", "watch"] -- nonResourceURLs: ["/metrics", "/metrics/cadvisor"] +- nonResourceURLs: ["/metrics", "/metrics/slis", "/metrics/resources"] verbs: ["get"] {{- if .Values.prometheus.additionalRulesForClusterRole }} {{ toYaml .Values.prometheus.additionalRulesForClusterRole | indent 0 }} diff --git a/charts/kube-prometheus-stack/values.yaml b/charts/kube-prometheus-stack/values.yaml index 2ddca700e545..374804177757 100644 --- a/charts/kube-prometheus-stack/values.yaml +++ b/charts/kube-prometheus-stack/values.yaml @@ -1227,6 +1227,23 @@ kubeApiServer: # - targetLabel: __address__ # replacement: kubernetes.default.svc:443 + ## Enable scraping Service Level Indicator (SLI) metrics (/metrics/slis) + slis: false + + ## SLIs MetricRelabelConfigs to apply to samples after scraping, but before ingestion. + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig + ## + slisMetricRelabelings: [] + + ## SLIs RelabelConfigs to apply to samples before scraping + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig + ## + slisRelabelings: + - sourceLabels: [__metrics_path__] + targetLabel: metrics_path + # - sourceLabels: [__meta_kubernetes_pod_node_name] + # targetLabel: nodename + ## Additional labels ## additionalLabels: {} @@ -1300,6 +1317,10 @@ kubelet: # From kubernetes 1.18, /metrics/resource/v1alpha1 renamed to /metrics/resource resourcePath: "/metrics/resource/v1alpha1" + ## Enable scraping Service Level Indicator (SLI) metrics (/metrics/slis) from kubelet's service + ## + slis: false + ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig ## @@ -1427,6 +1448,20 @@ kubelet: # replacement: $1 # action: replace + ## SLIs MetricRelabelConfigs to apply to samples after scraping, but before ingestion. + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig + ## + slisMetricRelabelings: [] + + ## SLIs RelabelConfigs to apply to samples before scraping + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig + ## + slisRelabelings: + - sourceLabels: [__metrics_path__] + targetLabel: metrics_path + # - sourceLabels: [__meta_kubernetes_pod_node_name] + # targetLabel: nodename + ## Additional labels ## additionalLabels: {} @@ -1526,6 +1561,23 @@ kubeControllerManager: # replacement: $1 # action: replace + ## Enable scraping Service Level Indicator (SLI) metrics (/metrics/slis) + slis: false + + ## SLIs MetricRelabelConfigs to apply to samples after scraping, but before ingestion. + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig + ## + slisMetricRelabelings: [] + + ## SLIs RelabelConfigs to apply to samples before scraping + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig + ## + slisRelabelings: + - sourceLabels: [__metrics_path__] + targetLabel: metrics_path + # - sourceLabels: [__meta_kubernetes_pod_node_name] + # targetLabel: nodename + ## Additional labels ## additionalLabels: {} @@ -1888,6 +1940,40 @@ kubeScheduler: # replacement: $1 # action: replace + ## Enable scraping Service Level Indicator (SLI) metrics (/metrics/slis) + slis: false + + ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion. + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig + ## + slisMetricRelabelings: [] + + ## RelabelConfigs to apply to samples before scraping + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig + ## + slisRelabelings: + - sourceLabels: [__metrics_path__] + targetLabel: metrics_path + # - sourceLabels: [__meta_kubernetes_pod_node_name] + # targetLabel: nodename + + ## Enable scraping resources metrics (/metrics/resources) + resources: false + + ## resources MetricRelabelConfigs to apply to samples after scraping, but before ingestion. + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig + ## + resourcesMetricRelabelings: [] + + ## resources RelabelConfigs to apply to samples before scraping + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig + ## + resourcesRelabelings: + - sourceLabels: [__metrics_path__] + targetLabel: metrics_path + # - sourceLabels: [__meta_kubernetes_pod_node_name] + # targetLabel: nodename + ## Additional labels ## additionalLabels: {} @@ -1972,6 +2058,23 @@ kubeProxy: # regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+' # sourceLabels: [__name__] + ## Enable scraping Service Level Indicator (SLI) metrics (/metrics/slis) + slis: false + + ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion. + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig + ## + slisMetricRelabelings: [] + + ## RelabelConfigs to apply to samples before scraping + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig + ## + slisRelabelings: + - sourceLabels: [__metrics_path__] + targetLabel: metrics_path + # - sourceLabels: [__meta_kubernetes_pod_node_name] + # targetLabel: nodename + ## Additional labels ## additionalLabels: {}