apiVersion: v1 kind: ServiceAccount metadata: name: kube-state-metrics namespace: monitoring --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: kube-state-metrics namespace: monitoring rules: - apiGroups: [""] resources: - nodes - pods - resourcequotas verbs: ["list", "watch"] - apiGroups: ["extensions"] resources: - daemonsets - deployments - replicasets verbs: ["list", "watch"] --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: kube-state-metrics roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: kube-state-metrics subjects: - kind: ServiceAccount name: kube-state-metrics namespace: monitoring --- apiVersion: v1 kind: Service metadata: namespace: kube-system name: kube-scheduler-prometheus-discovery labels: k8s-app: kube-scheduler spec: selector: k8s-app: kube-scheduler type: ClusterIP clusterIP: None ports: - name: http-metrics port: 10251 targetPort: 10251 protocol: TCP --- apiVersion: v1 kind: Service metadata: namespace: kube-system name: kube-controller-manager-prometheus-discovery labels: k8s-app: kube-controller-manager spec: selector: k8s-app: kube-controller-manager type: ClusterIP clusterIP: None ports: - name: http-metrics port: 10252 targetPort: 10252 protocol: TCP --- apiVersion: apps/v1 kind: DaemonSet metadata: name: node-exporter namespace: monitoring spec: selector: matchLabels: app: node-exporter template: metadata: labels: app: node-exporter name: node-exporter spec: hostNetwork: true hostPID: true containers: - image: quay.io/prometheus/node-exporter:v0.15.0 args: - "--path.procfs=/host/proc" - "--path.sysfs=/host/sys" name: node-exporter ports: - containerPort: 9100 hostPort: 9100 name: scrape resources: requests: memory: 30Mi cpu: 100m limits: memory: 50Mi cpu: 200m volumeMounts: - name: proc readOnly: true mountPath: /host/proc - name: sys readOnly: true mountPath: /host/sys tolerations: - effect: NoSchedule operator: Exists volumes: - name: proc hostPath: path: /proc - name: sys hostPath: path: /sys --- apiVersion: v1 kind: Service metadata: labels: app: node-exporter k8s-app: node-exporter name: node-exporter namespace: monitoring spec: type: ClusterIP clusterIP: None ports: - name: http-metrics port: 9100 protocol: TCP selector: app: node-exporter --- apiVersion: apps/v1 kind: Deployment metadata: name: kube-state-metrics namespace: monitoring spec: replicas: 1 selector: matchLabels: app: kube-state-metrics template: metadata: labels: app: kube-state-metrics spec: serviceAccountName: kube-state-metrics containers: - name: kube-state-metrics image: quay.io/coreos/kube-state-metrics:v1.0.1 ports: - name: metrics containerPort: 8080 readinessProbe: httpGet: path: /healthz port: 8080 initialDelaySeconds: 5 timeoutSeconds: 5 - name: addon-resizer image: k8s.gcr.io/addon-resizer:1.0 resources: limits: cpu: 100m memory: 30Mi requests: cpu: 100m memory: 30Mi env: - name: MY_POD_NAME valueFrom: fieldRef: fieldPath: metadata.name - name: MY_POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace command: - /pod_nanny - --container=kube-state-metrics - --cpu=100m - --extra-cpu=1m - --memory=100Mi - --extra-memory=2Mi - --threshold=5 - --deployment=kube-state-metrics --- apiVersion: v1 kind: Service metadata: labels: app: kube-state-metrics k8s-app: kube-state-metrics name: kube-state-metrics namespace: monitoring spec: ports: - name: http-metrics port: 8080 targetPort: metrics protocol: TCP selector: app: kube-state-metrics --- apiVersion: monitoring.coreos.com/v1 kind: Prometheus metadata: name: prometheus namespace: monitoring labels: prometheus: prometheus spec: replicas: 2 version: v2.0.0-rc.1 serviceAccountName: prometheus-operator serviceMonitorSelector: matchExpressions: - {key: k8s-app, operator: Exists} ruleSelector: matchLabels: role: prometheus-rulefiles prometheus: prometheus resources: requests: # 2Gi is default, but won't schedule if you don't have a node with >2Gi # memory. Modify based on your target and time-series count for # production use. This value is mainly meant for demonstration/testing # purposes. memory: 400Mi alerting: alertmanagers: - namespace: monitoring name: alertmanager-main port: web --- apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: prometheus-operator namespace: monitoring labels: k8s-app: prometheus-operator spec: endpoints: - port: http selector: matchLabels: k8s-app: prometheus-operator namespaceSelector: matchNames: - monitoring --- apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: kube-apiserver namespace: monitoring labels: k8s-app: apiserver spec: jobLabel: component selector: matchLabels: component: apiserver provider: kubernetes namespaceSelector: matchNames: - default endpoints: - port: https interval: 30s scheme: https tlsConfig: caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt serverName: kubernetes bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token --- apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: kubelet namespace: monitoring labels: k8s-app: kubelet spec: jobLabel: k8s-app endpoints: - port: http-metrics interval: 30s - port: cadvisor interval: 30s honorLabels: true selector: matchLabels: k8s-app: kubelet namespaceSelector: matchNames: - kube-system --- apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: kube-controller-manager namespace: monitoring labels: k8s-app: kube-controller-manager spec: jobLabel: k8s-app endpoints: - port: http-metrics interval: 30s selector: matchLabels: k8s-app: kube-controller-manager namespaceSelector: matchNames: - kube-system --- apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: kube-scheduler namespace: monitoring labels: k8s-app: kube-scheduler spec: jobLabel: k8s-app endpoints: - port: http-metrics interval: 30s selector: matchLabels: k8s-app: kube-scheduler namespaceSelector: matchNames: - kube-system --- apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: kube-state-metrics namespace: monitoring labels: k8s-app: kube-state-metrics spec: jobLabel: k8s-app selector: matchLabels: k8s-app: kube-state-metrics namespaceSelector: matchNames: - monitoring endpoints: - port: http-metrics interval: 30s honorLabels: true --- apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: node-exporter namespace: monitoring labels: k8s-app: node-exporter spec: jobLabel: k8s-app selector: matchLabels: k8s-app: node-exporter namespaceSelector: matchNames: - monitoring endpoints: - port: http-metrics interval: 30s --- apiVersion: monitoring.coreos.com/v1 kind: Alertmanager metadata: name: main namespace: monitoring labels: alertmanager: main spec: replicas: 3 version: v0.9.1 --- apiVersion: v1 data: alertmanager.yaml: Z2xvYmFsOgogIHJlc29sdmVfdGltZW91dDogNW0Kcm91dGU6CiAgZ3JvdXBfYnk6IFsnam9iJ10KICBncm91cF93YWl0OiAzMHMKICBncm91cF9pbnRlcnZhbDogNW0KICByZXBlYXRfaW50ZXJ2YWw6IDEyaAogIHJlY2VpdmVyOiAnd2ViaG9vaycKcmVjZWl2ZXJzOgotIG5hbWU6ICd3ZWJob29rJwogIHdlYmhvb2tfY29uZmlnczoKICAtIHVybDogJ2h0dHA6Ly9hbGVydG1hbmFnZXJ3aDozMDUwMC8nCg== kind: Secret metadata: name: alertmanager-main namespace: monitoring type: Opaque