The yaml is aimed to deploy minimum prometheus into a Kind cluster.
Last active
May 12, 2022 21:32
-
-
Save Huang-Wei/762d83593a49a644229a5ade15e5c325 to your computer and use it in GitHub Desktop.
prom-deploy.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # https://github.com/kubernetes/kube-state-metrics/tree/master/examples/standard | |
| apiVersion: v1 | |
| kind: Namespace | |
| metadata: | |
| name: monitoring | |
| --- | |
| apiVersion: v1 | |
| automountServiceAccountToken: false | |
| kind: ServiceAccount | |
| metadata: | |
| labels: | |
| app.kubernetes.io/component: exporter | |
| app.kubernetes.io/name: kube-state-metrics | |
| app.kubernetes.io/version: 2.4.2 | |
| name: kube-state-metrics | |
| namespace: monitoring | |
| --- | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| kind: ClusterRole | |
| metadata: | |
| labels: | |
| app.kubernetes.io/component: exporter | |
| app.kubernetes.io/name: kube-state-metrics | |
| app.kubernetes.io/version: 2.4.2 | |
| name: kube-state-metrics | |
| rules: | |
| - apiGroups: | |
| - "" | |
| resources: | |
| - configmaps | |
| - secrets | |
| - nodes | |
| - pods | |
| - services | |
| - resourcequotas | |
| - replicationcontrollers | |
| - limitranges | |
| - persistentvolumeclaims | |
| - persistentvolumes | |
| - namespaces | |
| - endpoints | |
| verbs: | |
| - list | |
| - watch | |
| - apiGroups: | |
| - apps | |
| resources: | |
| - statefulsets | |
| - daemonsets | |
| - deployments | |
| - replicasets | |
| verbs: | |
| - list | |
| - watch | |
| - apiGroups: | |
| - batch | |
| resources: | |
| - cronjobs | |
| - jobs | |
| verbs: | |
| - list | |
| - watch | |
| - apiGroups: | |
| - autoscaling | |
| resources: | |
| - horizontalpodautoscalers | |
| verbs: | |
| - list | |
| - watch | |
| - apiGroups: | |
| - authentication.k8s.io | |
| resources: | |
| - tokenreviews | |
| verbs: | |
| - create | |
| - apiGroups: | |
| - authorization.k8s.io | |
| resources: | |
| - subjectaccessreviews | |
| verbs: | |
| - create | |
| - apiGroups: | |
| - policy | |
| resources: | |
| - poddisruptionbudgets | |
| verbs: | |
| - list | |
| - watch | |
| - apiGroups: | |
| - certificates.k8s.io | |
| resources: | |
| - certificatesigningrequests | |
| verbs: | |
| - list | |
| - watch | |
| - apiGroups: | |
| - storage.k8s.io | |
| resources: | |
| - storageclasses | |
| - volumeattachments | |
| verbs: | |
| - list | |
| - watch | |
| - apiGroups: | |
| - admissionregistration.k8s.io | |
| resources: | |
| - mutatingwebhookconfigurations | |
| - validatingwebhookconfigurations | |
| verbs: | |
| - list | |
| - watch | |
| - apiGroups: | |
| - networking.k8s.io | |
| resources: | |
| - networkpolicies | |
| - ingresses | |
| verbs: | |
| - list | |
| - watch | |
| - apiGroups: | |
| - coordination.k8s.io | |
| resources: | |
| - leases | |
| verbs: | |
| - list | |
| - watch | |
| --- | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| kind: ClusterRoleBinding | |
| metadata: | |
| labels: | |
| app.kubernetes.io/component: exporter | |
| app.kubernetes.io/name: kube-state-metrics | |
| app.kubernetes.io/version: 2.4.2 | |
| name: kube-state-metrics | |
| roleRef: | |
| apiGroup: rbac.authorization.k8s.io | |
| kind: ClusterRole | |
| name: kube-state-metrics | |
| subjects: | |
| - kind: ServiceAccount | |
| name: kube-state-metrics | |
| namespace: monitoring | |
| --- | |
| apiVersion: apps/v1 | |
| kind: Deployment | |
| metadata: | |
| labels: | |
| app.kubernetes.io/component: exporter | |
| app.kubernetes.io/name: kube-state-metrics | |
| app.kubernetes.io/version: 2.4.2 | |
| name: kube-state-metrics | |
| namespace: monitoring | |
| spec: | |
| replicas: 1 | |
| selector: | |
| matchLabels: | |
| app.kubernetes.io/name: kube-state-metrics | |
| template: | |
| metadata: | |
| labels: | |
| app.kubernetes.io/component: exporter | |
| app.kubernetes.io/name: kube-state-metrics | |
| app.kubernetes.io/version: 2.4.2 | |
| spec: | |
| hostNetwork: true | |
| nodeSelector: | |
| node-role.kubernetes.io/master: "" | |
| tolerations: | |
| - key: CriticalAddonsOnly | |
| operator: Exists | |
| - effect: NoSchedule | |
| key: node-role.kubernetes.io/master | |
| - effect: NoSchedule | |
| key: node-role.kubernetes.io/control-plane | |
| automountServiceAccountToken: true | |
| containers: | |
| - image: k8s.gcr.io/kube-state-metrics/kube-state-metrics:v2.4.2 | |
| livenessProbe: | |
| httpGet: | |
| path: /healthz | |
| port: 8080 | |
| initialDelaySeconds: 5 | |
| timeoutSeconds: 5 | |
| name: kube-state-metrics | |
| ports: | |
| - containerPort: 8080 | |
| name: http-metrics | |
| - containerPort: 8081 | |
| name: telemetry | |
| readinessProbe: | |
| httpGet: | |
| path: / | |
| port: 8081 | |
| initialDelaySeconds: 5 | |
| timeoutSeconds: 5 | |
| securityContext: | |
| allowPrivilegeEscalation: false | |
| capabilities: | |
| drop: | |
| - ALL | |
| readOnlyRootFilesystem: true | |
| runAsUser: 65534 | |
| serviceAccountName: kube-state-metrics |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: v1 | |
| kind: Namespace | |
| metadata: | |
| name: monitoring | |
| --- | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| kind: ClusterRole | |
| metadata: | |
| name: prometheus | |
| rules: | |
| - apiGroups: [""] | |
| resources: | |
| - nodes | |
| - nodes/proxy | |
| - services | |
| - endpoints | |
| - pods | |
| verbs: ["get", "list", "watch"] | |
| - apiGroups: | |
| - extensions | |
| resources: | |
| - ingresses | |
| verbs: ["get", "list", "watch"] | |
| - nonResourceURLs: ["/metrics"] | |
| verbs: ["get"] | |
| --- | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| kind: ClusterRoleBinding | |
| metadata: | |
| name: prometheus | |
| roleRef: | |
| apiGroup: rbac.authorization.k8s.io | |
| kind: ClusterRole | |
| name: prometheus | |
| subjects: | |
| - kind: ServiceAccount | |
| name: default | |
| namespace: monitoring | |
| --- | |
| apiVersion: v1 | |
| kind: ConfigMap | |
| metadata: | |
| name: prometheus-server-conf | |
| labels: | |
| name: prometheus-server-conf | |
| namespace: monitoring | |
| data: | |
| prometheus.yml: |- | |
| global: | |
| scrape_interval: 15s | |
| scrape_timeout: 10s | |
| evaluation_interval: 15s | |
| scrape_configs: | |
| - job_name: "prometheus" | |
| scheme: http | |
| honor_timestamps: true | |
| metrics_path: /metrics | |
| follow_redirects: true | |
| enable_http2: true | |
| static_configs: | |
| - targets: | |
| - 127.0.0.1:9090 | |
| - job_name: "etcd" | |
| scheme: http | |
| honor_timestamps: true | |
| metrics_path: /metrics | |
| follow_redirects: true | |
| enable_http2: true | |
| static_configs: | |
| - targets: | |
| - 127.0.0.1:2379 | |
| - job_name: "kube-apiserver" | |
| scheme: https | |
| honor_timestamps: true | |
| metrics_path: /metrics | |
| follow_redirects: true | |
| enable_http2: true | |
| tls_config: | |
| ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt | |
| insecure_skip_verify: true | |
| bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token | |
| static_configs: | |
| - targets: | |
| - 127.0.0.1:6443 | |
| - job_name: "kube-controller-manager" | |
| scheme: https | |
| honor_timestamps: true | |
| metrics_path: /metrics | |
| follow_redirects: true | |
| enable_http2: true | |
| tls_config: | |
| ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt | |
| insecure_skip_verify: true | |
| bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token | |
| static_configs: | |
| - targets: | |
| - 127.0.0.1:10257 | |
| - job_name: "kube-scheduler" | |
| scheme: https | |
| honor_timestamps: true | |
| metrics_path: /metrics | |
| follow_redirects: true | |
| enable_http2: true | |
| tls_config: | |
| ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt | |
| insecure_skip_verify: true | |
| bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token | |
| static_configs: | |
| - targets: | |
| - 127.0.0.1:10259 | |
| - job_name: "kube-state-metrics" | |
| honor_timestamps: true | |
| metrics_path: /metrics | |
| follow_redirects: true | |
| enable_http2: true | |
| static_configs: | |
| - targets: | |
| - 127.0.0.1:8080 | |
| --- | |
| apiVersion: apps/v1 | |
| kind: Deployment | |
| metadata: | |
| name: prometheus-deployment | |
| namespace: monitoring | |
| labels: | |
| app: prometheus-server | |
| spec: | |
| replicas: 1 | |
| selector: | |
| matchLabels: | |
| app: prometheus-server | |
| template: | |
| metadata: | |
| labels: | |
| app: prometheus-server | |
| spec: | |
| hostNetwork: true | |
| nodeSelector: | |
| node-role.kubernetes.io/master: "" | |
| tolerations: | |
| - key: CriticalAddonsOnly | |
| operator: Exists | |
| - effect: NoSchedule | |
| key: node-role.kubernetes.io/master | |
| - effect: NoSchedule | |
| key: node-role.kubernetes.io/control-plane | |
| containers: | |
| - name: prometheus | |
| image: prom/prometheus | |
| args: | |
| - "--config.file=/etc/prometheus/prometheus.yml" | |
| - "--storage.tsdb.path=/prometheus/" | |
| ports: | |
| - containerPort: 9090 | |
| volumeMounts: | |
| - name: prometheus-config-volume | |
| mountPath: /etc/prometheus/ | |
| - name: prometheus-storage-volume | |
| mountPath: /prometheus/ | |
| volumes: | |
| - name: prometheus-config-volume | |
| configMap: | |
| defaultMode: 420 | |
| name: prometheus-server-conf | |
| - name: prometheus-storage-volume | |
| emptyDir: {} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment