From c4c88273493d802a9ec22cdbde0efe8f4308b531 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcel=20Zi=C4=99ba?= Date: Tue, 24 Nov 2020 13:03:17 +0000 Subject: [PATCH] Upgrade prometheus-operator to 0.31.0 and improve requests/limits for prometheus --- ...0alertmanagerCustomResourceDefinition.yaml | 207 +++++++- ...r-0podmonitorCustomResourceDefinition.yaml | 236 ++++++++++ ...r-0prometheusCustomResourceDefinition.yaml | 443 ++++++++++++++---- ...rometheusruleCustomResourceDefinition.yaml | 55 ++- ...ervicemonitorCustomResourceDefinition.yaml | 15 +- .../0prometheus-operator-clusterRole.yaml | 3 + .../0prometheus-operator-deployment.yaml | 2 +- .../manifests/prometheus-clusterRole.yaml | 5 + .../manifests/prometheus-prometheus.yaml | 18 +- 9 files changed, 874 insertions(+), 110 deletions(-) create mode 100644 clusterloader2/pkg/prometheus/manifests/0prometheus-operator-0podmonitorCustomResourceDefinition.yaml diff --git a/clusterloader2/pkg/prometheus/manifests/0prometheus-operator-0alertmanagerCustomResourceDefinition.yaml b/clusterloader2/pkg/prometheus/manifests/0prometheus-operator-0alertmanagerCustomResourceDefinition.yaml index 89748f1acd..48057ed50a 100644 --- a/clusterloader2/pkg/prometheus/manifests/0prometheus-operator-0alertmanagerCustomResourceDefinition.yaml +++ b/clusterloader2/pkg/prometheus/manifests/0prometheus-operator-0alertmanagerCustomResourceDefinition.yaml @@ -1,3 +1,4 @@ +--- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: @@ -94,6 +95,7 @@ spec: required: - key - operator + type: object type: array matchFields: description: A list of node selector requirements @@ -127,7 +129,9 @@ spec: required: - key - operator + type: object type: array + type: object weight: description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. @@ -136,6 +140,7 @@ spec: required: - weight - preference + type: object type: array requiredDuringSchedulingIgnoredDuringExecution: description: A node selector represents the union of the results @@ -184,6 +189,7 @@ spec: required: - key - operator + type: object type: array matchFields: description: A list of node selector requirements @@ -217,10 +223,14 @@ spec: required: - key - operator + type: object type: array + type: object type: array required: - nodeSelectorTerms + type: object + type: object podAffinity: description: Pod affinity is a group of inter pod affinity scheduling rules. @@ -287,6 +297,7 @@ spec: required: - key - operator + type: object type: array matchLabels: description: matchLabels is a map of {key,value} @@ -296,6 +307,7 @@ spec: and the values array contains only "value". The requirements are ANDed. type: object + type: object namespaces: description: namespaces specifies which namespaces the labelSelector applies to (matches against); @@ -314,6 +326,7 @@ spec: type: string required: - topologyKey + type: object weight: description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. @@ -322,6 +335,7 @@ spec: required: - weight - podAffinityTerm + type: object type: array requiredDuringSchedulingIgnoredDuringExecution: description: If the affinity requirements specified by this @@ -378,6 +392,7 @@ spec: required: - key - operator + type: object type: array matchLabels: description: matchLabels is a map of {key,value} pairs. @@ -386,6 +401,7 @@ spec: is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object + type: object namespaces: description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or @@ -404,7 +420,9 @@ spec: type: string required: - topologyKey + type: object type: array + type: object podAntiAffinity: description: Pod anti affinity is a group of inter pod anti affinity scheduling rules. @@ -472,6 +490,7 @@ spec: required: - key - operator + type: object type: array matchLabels: description: matchLabels is a map of {key,value} @@ -481,6 +500,7 @@ spec: and the values array contains only "value". The requirements are ANDed. type: object + type: object namespaces: description: namespaces specifies which namespaces the labelSelector applies to (matches against); @@ -499,6 +519,7 @@ spec: type: string required: - topologyKey + type: object weight: description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. @@ -507,6 +528,7 @@ spec: required: - weight - podAffinityTerm + type: object type: array requiredDuringSchedulingIgnoredDuringExecution: description: If the anti-affinity requirements specified by @@ -563,6 +585,7 @@ spec: required: - key - operator + type: object type: array matchLabels: description: matchLabels is a map of {key,value} pairs. @@ -571,6 +594,7 @@ spec: is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object + type: object namespaces: description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or @@ -589,7 +613,10 @@ spec: type: string required: - topologyKey + type: object type: array + type: object + type: object baseImage: description: Base image that is used to deploy pods, without tag. type: string @@ -672,6 +699,7 @@ spec: type: boolean required: - key + type: object fieldRef: description: ObjectFieldSelector selects an APIVersioned field of an object. @@ -686,6 +714,7 @@ spec: type: string required: - fieldPath + type: object resourceFieldRef: description: ResourceFieldSelector represents container resources (cpu, memory) and their output format @@ -700,6 +729,7 @@ spec: type: string required: - resource + type: object secretKeyRef: description: SecretKeySelector selects a key of a Secret. properties: @@ -716,8 +746,11 @@ spec: type: boolean required: - key + type: object + type: object required: - name + type: object type: array envFrom: description: List of sources to populate environment variables @@ -743,6 +776,7 @@ spec: optional: description: Specify whether the ConfigMap must be defined type: boolean + type: object prefix: description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. @@ -759,6 +793,8 @@ spec: optional: description: Specify whether the Secret must be defined type: boolean + type: object + type: object type: array image: description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images @@ -798,6 +834,7 @@ spec: items: type: string type: array + type: object httpGet: description: HTTPGetAction describes an action based on HTTP Get requests. @@ -823,6 +860,7 @@ spec: required: - name - value + type: object type: array path: description: Path to access on the HTTP server. @@ -837,6 +875,7 @@ spec: type: string required: - port + type: object tcpSocket: description: TCPSocketAction describes an action based on opening a socket @@ -851,6 +890,8 @@ spec: - type: integer required: - port + type: object + type: object preStop: description: Handler defines a specific action that should be taken @@ -871,6 +912,7 @@ spec: items: type: string type: array + type: object httpGet: description: HTTPGetAction describes an action based on HTTP Get requests. @@ -896,6 +938,7 @@ spec: required: - name - value + type: object type: array path: description: Path to access on the HTTP server. @@ -910,6 +953,7 @@ spec: type: string required: - port + type: object tcpSocket: description: TCPSocketAction describes an action based on opening a socket @@ -924,6 +968,9 @@ spec: - type: integer required: - port + type: object + type: object + type: object livenessProbe: description: Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive @@ -944,6 +991,7 @@ spec: items: type: string type: array + type: object failureThreshold: description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to @@ -975,6 +1023,7 @@ spec: required: - name - value + type: object type: array path: description: Path to access on the HTTP server. @@ -989,6 +1038,7 @@ spec: type: string required: - port + type: object initialDelaySeconds: description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' @@ -1019,12 +1069,14 @@ spec: - type: integer required: - port + type: object timeoutSeconds: description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer + type: object name: description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot @@ -1069,6 +1121,7 @@ spec: type: string required: - containerPort + type: object type: array readinessProbe: description: Probe describes a health check to be performed against @@ -1090,6 +1143,7 @@ spec: items: type: string type: array + type: object failureThreshold: description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to @@ -1121,6 +1175,7 @@ spec: required: - name - value + type: object type: array path: description: Path to access on the HTTP server. @@ -1135,6 +1190,7 @@ spec: type: string required: - port + type: object initialDelaySeconds: description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' @@ -1165,12 +1221,14 @@ spec: - type: integer required: - port + type: object timeoutSeconds: description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer + type: object resources: description: ResourceRequirements describes the compute resource requirements. @@ -1185,6 +1243,7 @@ spec: it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' type: object + type: object securityContext: description: SecurityContext holds security configuration that will be applied to a container. Some fields are present in both @@ -1213,6 +1272,7 @@ spec: items: type: string type: array + type: object privileged: description: Run container in privileged mode. Processes in privileged containers are essentially equivalent to root @@ -1274,6 +1334,8 @@ spec: description: User is a SELinux user label that applies to the container. type: string + type: object + type: object stdin: description: Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from @@ -1315,8 +1377,7 @@ spec: type: boolean volumeDevices: description: volumeDevices is the list of block devices to be - used by the container. This is an alpha feature and may change - in the future. + used by the container. This is a beta feature. items: description: volumeDevice describes a mapping of a raw block device within a container. @@ -1332,6 +1393,7 @@ spec: required: - name - devicePath + type: object type: array volumeMounts: description: Pod volumes to mount into the container's filesystem. @@ -1361,9 +1423,18 @@ spec: description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). type: string + subPathExpr: + description: Expanded path within the volume from which + the container's volume should be mounted. Behaves similarly + to SubPath but environment variable references $(VAR_NAME) + are expanded using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath are mutually + exclusive. This field is alpha in 1.14. + type: string required: - name - mountPath + type: object type: array workingDir: description: Container's working directory. If not specified, @@ -1372,6 +1443,7 @@ spec: type: string required: - name + type: object type: array externalUrl: description: The external URL the Alertmanager instances will be available @@ -1395,12 +1467,16 @@ spec: name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string + type: object type: array listenLocal: description: ListenLocal makes the Alertmanager server listen on loopback, so that it does not bind against the Pod IP. Note this is only for the Alertmanager UI, not the gossip communication. type: boolean + logFormat: + description: Log format for Alertmanager to be configured with. + type: string logLevel: description: Log level for Alertmanager to be configured with. type: string @@ -1486,6 +1562,7 @@ spec: type: string required: - name + type: object type: array result: description: Status is a return value for calls that don't return @@ -1538,6 +1615,7 @@ spec: the cause of the error. If this value is empty there is no information available. type: string + type: object type: array group: description: The group attribute of the resource associated @@ -1567,6 +1645,7 @@ spec: single resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids' type: string + type: object kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this @@ -1608,6 +1687,7 @@ spec: description: selfLink is a URL representing this object. Populated by the system. Read-only. type: string + type: object reason: description: A machine-readable description of why this operation is in the "Failure" status. If this value is @@ -1618,14 +1698,54 @@ spec: description: 'Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' type: string + type: object required: - pending + type: object labels: description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' type: object + managedFields: + description: |- + ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like "ci-cd". The set of fields is always in the version that the workflow used when modifying the object. + + This field is alpha and can be changed or removed without notice. + items: + description: ManagedFieldsEntry is a workflow-id, a FieldSet and + the group version of the resource that the fieldset applies + to. + properties: + apiVersion: + description: APIVersion defines the version of this resource + that this field set applies to. The format is "group/version" + just like the top-level APIVersion field. It is necessary + to track the version of a field set because it cannot be + automatically converted. + type: string + fields: + description: 'Fields stores a set of fields in a data structure + like a Trie. To understand how this is used, see: https://github.com/kubernetes-sigs/structured-merge-diff' + type: object + manager: + description: Manager is an identifier of the workflow managing + these fields. + type: string + operation: + description: Operation is the type of operation which lead + to this ManagedFieldsEntry being created. The only valid + values for this field are 'Apply' and 'Update'. + type: string + time: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package offers. + format: date-time + type: string + type: object + type: array name: description: 'Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client @@ -1647,8 +1767,9 @@ spec: set to true. There cannot be more than one managing controller. items: description: OwnerReference contains enough information to let - you identify an owning object. Currently, an owning object must - be in the same namespace, so there is no namespace field. + you identify an owning object. An owning object must be in the + same namespace as the dependent, or be cluster-scoped, so there + is no namespace field. properties: apiVersion: description: API version of the referent. @@ -1678,6 +1799,7 @@ spec: - kind - name - uid + type: object type: array resourceVersion: description: |- @@ -1695,6 +1817,7 @@ spec: Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids type: string + type: object priorityClassName: description: Priority class assigned to the Pods type: string @@ -1717,6 +1840,7 @@ spec: to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' type: object + type: object retention: description: Time duration Alertmanager shall retain data for. Default is '120h', and must match the regular expression `[0-9]+(ms|s|m|h)` @@ -1795,6 +1919,7 @@ spec: description: User is a SELinux user label that applies to the container. type: string + type: object supplementalGroups: description: A list of groups applied to the first process run in each container, in addition to the container's primary GID. If @@ -1819,7 +1944,9 @@ spec: required: - name - value + type: object type: array + type: object serviceAccountName: description: ServiceAccountName is the name of the ServiceAccount to use to run the Prometheus Pods. @@ -1846,6 +1973,7 @@ spec: Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string sizeLimit: {} + type: object volumeClaimTemplate: description: PersistentVolumeClaim is a user's request for and claim to a persistent volume @@ -1943,6 +2071,7 @@ spec: type: string required: - name + type: object type: array result: description: Status is a return value for calls that @@ -1998,6 +2127,7 @@ spec: of the cause of the error. If this value is empty there is no information available. type: string + type: object type: array group: description: The group attribute of the resource @@ -2028,6 +2158,7 @@ spec: is a single resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids' type: string + type: object kind: description: 'Kind is a string value representing the REST resource this object represents. Servers @@ -2074,6 +2205,7 @@ spec: description: selfLink is a URL representing this object. Populated by the system. Read-only. type: string + type: object reason: description: A machine-readable description of why this operation is in the "Failure" status. If @@ -2085,14 +2217,57 @@ spec: description: 'Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' type: string + type: object required: - pending + type: object labels: description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' type: object + managedFields: + description: |- + ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like "ci-cd". The set of fields is always in the version that the workflow used when modifying the object. + + This field is alpha and can be changed or removed without notice. + items: + description: ManagedFieldsEntry is a workflow-id, a FieldSet + and the group version of the resource that the fieldset + applies to. + properties: + apiVersion: + description: APIVersion defines the version of this + resource that this field set applies to. The format + is "group/version" just like the top-level APIVersion + field. It is necessary to track the version of a + field set because it cannot be automatically converted. + type: string + fields: + description: 'Fields stores a set of fields in a data + structure like a Trie. To understand how this is + used, see: https://github.com/kubernetes-sigs/structured-merge-diff' + type: object + manager: + description: Manager is an identifier of the workflow + managing these fields. + type: string + operation: + description: Operation is the type of operation which + lead to this ManagedFieldsEntry being created. The + only valid values for this field are 'Apply' and + 'Update'. + type: string + time: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + type: object + type: array name: description: 'Name must be unique within a namespace. Is required when creating resources, although some resources @@ -2116,9 +2291,9 @@ spec: There cannot be more than one managing controller. items: description: OwnerReference contains enough information - to let you identify an owning object. Currently, an - owning object must be in the same namespace, so there - is no namespace field. + to let you identify an owning object. An owning object + must be in the same namespace as the dependent, or be + cluster-scoped, so there is no namespace field. properties: apiVersion: description: API version of the referent. @@ -2149,6 +2324,7 @@ spec: - kind - name - uid + type: object type: array resourceVersion: description: |- @@ -2166,6 +2342,7 @@ spec: Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids type: string + type: object spec: description: PersistentVolumeClaimSpec describes the common attributes of storage devices and allows a Source for provider-specific @@ -2197,6 +2374,7 @@ spec: required: - kind - name + type: object resources: description: ResourceRequirements describes the compute resource requirements. @@ -2212,6 +2390,7 @@ spec: explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' type: object + type: object selector: description: A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions @@ -2248,6 +2427,7 @@ spec: required: - key - operator + type: object type: array matchLabels: description: matchLabels is a map of {key,value} pairs. @@ -2256,6 +2436,7 @@ spec: is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object + type: object storageClassName: description: 'Name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' @@ -2263,13 +2444,13 @@ spec: volumeMode: description: volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not - included in claim spec. This is an alpha feature and may - change in the future. + included in claim spec. This is a beta feature. type: string volumeName: description: VolumeName is the binding reference to the PersistentVolume backing this claim. type: string + type: object status: description: PersistentVolumeClaimStatus is the current status of a persistent volume claim. @@ -2324,10 +2505,14 @@ spec: required: - type - status + type: object type: array phase: description: Phase represents the current phase of PersistentVolumeClaim. type: string + type: object + type: object + type: object tag: description: Tag of Alertmanager container image to be deployed. Defaults to the value of `version`. Version is ignored if Tag is set. @@ -2370,10 +2555,12 @@ spec: If the operator is Exists, the value should be empty, otherwise just a regular string. type: string + type: object type: array version: description: Version the cluster should be on. type: string + type: object status: description: 'AlertmanagerStatus is the most recent observed status of the Alertmanager cluster. Read-only. Not included when requesting from the @@ -2409,4 +2596,6 @@ spec: - updatedReplicas - availableReplicas - unavailableReplicas + type: object + type: object version: v1 diff --git a/clusterloader2/pkg/prometheus/manifests/0prometheus-operator-0podmonitorCustomResourceDefinition.yaml b/clusterloader2/pkg/prometheus/manifests/0prometheus-operator-0podmonitorCustomResourceDefinition.yaml new file mode 100644 index 0000000000..5b630ea52c --- /dev/null +++ b/clusterloader2/pkg/prometheus/manifests/0prometheus-operator-0podmonitorCustomResourceDefinition.yaml @@ -0,0 +1,236 @@ +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: podmonitors.monitoring.coreos.com +spec: + group: monitoring.coreos.com + names: + kind: PodMonitor + plural: podmonitors + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + spec: + description: PodMonitorSpec contains specification parameters for a PodMonitor. + properties: + jobLabel: + description: The label to use to retrieve the job name from. + type: string + namespaceSelector: + description: NamespaceSelector is a selector for selecting either all + namespaces or a list of namespaces. + properties: + any: + description: Boolean describing whether all namespaces are selected + in contrast to a list restricting them. + type: boolean + matchNames: + description: List of namespace names. + items: + type: string + type: array + type: object + podMetricsEndpoints: + description: A list of endpoints allowed as part of this PodMonitor. + items: + description: PodMetricsEndpoint defines a scrapeable endpoint of a + Kubernetes Pod serving Prometheus metrics. + properties: + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + interval: + description: Interval at which metrics should be scraped + type: string + metricRelabelings: + description: MetricRelabelConfigs to apply to samples before ingestion. + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It defines + ``-section of Prometheus configuration. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. defailt is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: object + type: array + params: + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + port: + description: Name of the port this endpoint refers to. Mutually + exclusive with targetPort. + type: string + proxyUrl: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + relabelings: + description: 'RelabelConfigs to apply to samples before ingestion. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It defines + ``-section of Prometheus configuration. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. defailt is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: object + type: array + scheme: + description: HTTP scheme to use for scraping. + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + targetPort: + anyOf: + - type: string + - type: integer + type: object + type: array + podTargetLabels: + description: PodTargetLabels transfers labels on the Kubernetes Pod + onto the target. + items: + type: string + type: array + sampleLimit: + description: SampleLimit defines per-scrape limit on number of scraped + samples that will be accepted. + format: int64 + type: integer + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + required: + - podMetricsEndpoints + - selector + type: object + type: object + version: v1 diff --git a/clusterloader2/pkg/prometheus/manifests/0prometheus-operator-0prometheusCustomResourceDefinition.yaml b/clusterloader2/pkg/prometheus/manifests/0prometheus-operator-0prometheusCustomResourceDefinition.yaml index 158c5cb380..06f230e217 100644 --- a/clusterloader2/pkg/prometheus/manifests/0prometheus-operator-0prometheusCustomResourceDefinition.yaml +++ b/clusterloader2/pkg/prometheus/manifests/0prometheus-operator-0prometheusCustomResourceDefinition.yaml @@ -1,3 +1,4 @@ +--- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: @@ -41,6 +42,7 @@ spec: type: boolean required: - key + type: object additionalAlertRelabelConfigs: description: SecretKeySelector selects a key of a Secret. properties: @@ -56,6 +58,7 @@ spec: type: boolean required: - key + type: object additionalScrapeConfigs: description: SecretKeySelector selects a key of a Secret. properties: @@ -71,6 +74,7 @@ spec: type: boolean required: - key + type: object affinity: description: Affinity is a group of affinity scheduling rules. properties: @@ -133,6 +137,7 @@ spec: required: - key - operator + type: object type: array matchFields: description: A list of node selector requirements @@ -166,7 +171,9 @@ spec: required: - key - operator + type: object type: array + type: object weight: description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. @@ -175,6 +182,7 @@ spec: required: - weight - preference + type: object type: array requiredDuringSchedulingIgnoredDuringExecution: description: A node selector represents the union of the results @@ -223,6 +231,7 @@ spec: required: - key - operator + type: object type: array matchFields: description: A list of node selector requirements @@ -256,10 +265,14 @@ spec: required: - key - operator + type: object type: array + type: object type: array required: - nodeSelectorTerms + type: object + type: object podAffinity: description: Pod affinity is a group of inter pod affinity scheduling rules. @@ -326,6 +339,7 @@ spec: required: - key - operator + type: object type: array matchLabels: description: matchLabels is a map of {key,value} @@ -335,6 +349,7 @@ spec: and the values array contains only "value". The requirements are ANDed. type: object + type: object namespaces: description: namespaces specifies which namespaces the labelSelector applies to (matches against); @@ -353,6 +368,7 @@ spec: type: string required: - topologyKey + type: object weight: description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. @@ -361,6 +377,7 @@ spec: required: - weight - podAffinityTerm + type: object type: array requiredDuringSchedulingIgnoredDuringExecution: description: If the affinity requirements specified by this @@ -417,6 +434,7 @@ spec: required: - key - operator + type: object type: array matchLabels: description: matchLabels is a map of {key,value} pairs. @@ -425,6 +443,7 @@ spec: is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object + type: object namespaces: description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or @@ -443,7 +462,9 @@ spec: type: string required: - topologyKey + type: object type: array + type: object podAntiAffinity: description: Pod anti affinity is a group of inter pod anti affinity scheduling rules. @@ -511,6 +532,7 @@ spec: required: - key - operator + type: object type: array matchLabels: description: matchLabels is a map of {key,value} @@ -520,6 +542,7 @@ spec: and the values array contains only "value". The requirements are ANDed. type: object + type: object namespaces: description: namespaces specifies which namespaces the labelSelector applies to (matches against); @@ -538,6 +561,7 @@ spec: type: string required: - topologyKey + type: object weight: description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. @@ -546,6 +570,7 @@ spec: required: - weight - podAffinityTerm + type: object type: array requiredDuringSchedulingIgnoredDuringExecution: description: If the anti-affinity requirements specified by @@ -602,6 +627,7 @@ spec: required: - key - operator + type: object type: array matchLabels: description: matchLabels is a map of {key,value} pairs. @@ -610,6 +636,7 @@ spec: is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object + type: object namespaces: description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or @@ -628,7 +655,10 @@ spec: type: string required: - topologyKey + type: object type: array + type: object + type: object alerting: description: AlertingSpec defines parameters for alerting configuration of Prometheus servers. @@ -679,13 +709,16 @@ spec: serverName: description: Used to verify the hostname for the targets. type: string + type: object required: - namespace - name - port + type: object type: array required: - alertmanagers + type: object apiserverConfig: description: 'APIServerConfig defines a host and auth methods to access apiserver. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#kubernetes_sd_config' @@ -710,6 +743,7 @@ spec: type: boolean required: - key + type: object username: description: SecretKeySelector selects a key of a Secret. properties: @@ -726,6 +760,8 @@ spec: type: boolean required: - key + type: object + type: object bearerToken: description: Bearer token for accessing apiserver. type: string @@ -754,8 +790,10 @@ spec: serverName: description: Used to verify the hostname for the targets. type: string + type: object required: - host + type: object baseImage: description: Base image to use for a Prometheus deployment. type: string @@ -767,8 +805,16 @@ spec: type: string type: array containers: - description: Containers allows injecting additional containers. This - is meant to allow adding an authentication proxy to a Prometheus pod. + description: 'Containers allows injecting additional containers or modifying + operator generated containers. This can be used to allow adding an + authentication proxy to a Prometheus pod or to change the behavior + of an operator generated container. Containers described here modify + an operator generated container if they share the same name and modifications + are done via a strategic merge patch. The current container names + are: `prometheus`, `prometheus-config-reloader`, `rules-configmap-reloader`, + and `thanos-sidecar`. Overriding containers is entirely outside the + scope of what the maintainers will support and by doing so, you accept + that this behaviour may break at any time without notice.' items: description: A single application container that you want to run within a pod. @@ -837,6 +883,7 @@ spec: type: boolean required: - key + type: object fieldRef: description: ObjectFieldSelector selects an APIVersioned field of an object. @@ -851,6 +898,7 @@ spec: type: string required: - fieldPath + type: object resourceFieldRef: description: ResourceFieldSelector represents container resources (cpu, memory) and their output format @@ -865,6 +913,7 @@ spec: type: string required: - resource + type: object secretKeyRef: description: SecretKeySelector selects a key of a Secret. properties: @@ -881,8 +930,11 @@ spec: type: boolean required: - key + type: object + type: object required: - name + type: object type: array envFrom: description: List of sources to populate environment variables @@ -908,6 +960,7 @@ spec: optional: description: Specify whether the ConfigMap must be defined type: boolean + type: object prefix: description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. @@ -924,6 +977,8 @@ spec: optional: description: Specify whether the Secret must be defined type: boolean + type: object + type: object type: array image: description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images @@ -963,6 +1018,7 @@ spec: items: type: string type: array + type: object httpGet: description: HTTPGetAction describes an action based on HTTP Get requests. @@ -988,6 +1044,7 @@ spec: required: - name - value + type: object type: array path: description: Path to access on the HTTP server. @@ -1002,6 +1059,7 @@ spec: type: string required: - port + type: object tcpSocket: description: TCPSocketAction describes an action based on opening a socket @@ -1016,6 +1074,8 @@ spec: - type: integer required: - port + type: object + type: object preStop: description: Handler defines a specific action that should be taken @@ -1036,6 +1096,7 @@ spec: items: type: string type: array + type: object httpGet: description: HTTPGetAction describes an action based on HTTP Get requests. @@ -1061,6 +1122,7 @@ spec: required: - name - value + type: object type: array path: description: Path to access on the HTTP server. @@ -1075,6 +1137,7 @@ spec: type: string required: - port + type: object tcpSocket: description: TCPSocketAction describes an action based on opening a socket @@ -1089,6 +1152,9 @@ spec: - type: integer required: - port + type: object + type: object + type: object livenessProbe: description: Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive @@ -1109,6 +1175,7 @@ spec: items: type: string type: array + type: object failureThreshold: description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to @@ -1140,6 +1207,7 @@ spec: required: - name - value + type: object type: array path: description: Path to access on the HTTP server. @@ -1154,6 +1222,7 @@ spec: type: string required: - port + type: object initialDelaySeconds: description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' @@ -1184,12 +1253,14 @@ spec: - type: integer required: - port + type: object timeoutSeconds: description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer + type: object name: description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot @@ -1234,6 +1305,7 @@ spec: type: string required: - containerPort + type: object type: array readinessProbe: description: Probe describes a health check to be performed against @@ -1255,6 +1327,7 @@ spec: items: type: string type: array + type: object failureThreshold: description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to @@ -1286,6 +1359,7 @@ spec: required: - name - value + type: object type: array path: description: Path to access on the HTTP server. @@ -1300,6 +1374,7 @@ spec: type: string required: - port + type: object initialDelaySeconds: description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' @@ -1330,12 +1405,14 @@ spec: - type: integer required: - port + type: object timeoutSeconds: description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer + type: object resources: description: ResourceRequirements describes the compute resource requirements. @@ -1350,6 +1427,7 @@ spec: it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' type: object + type: object securityContext: description: SecurityContext holds security configuration that will be applied to a container. Some fields are present in both @@ -1378,6 +1456,7 @@ spec: items: type: string type: array + type: object privileged: description: Run container in privileged mode. Processes in privileged containers are essentially equivalent to root @@ -1439,6 +1518,8 @@ spec: description: User is a SELinux user label that applies to the container. type: string + type: object + type: object stdin: description: Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from @@ -1480,8 +1561,7 @@ spec: type: boolean volumeDevices: description: volumeDevices is the list of block devices to be - used by the container. This is an alpha feature and may change - in the future. + used by the container. This is a beta feature. items: description: volumeDevice describes a mapping of a raw block device within a container. @@ -1497,6 +1577,7 @@ spec: required: - name - devicePath + type: object type: array volumeMounts: description: Pod volumes to mount into the container's filesystem. @@ -1526,9 +1607,18 @@ spec: description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). type: string + subPathExpr: + description: Expanded path within the volume from which + the container's volume should be mounted. Behaves similarly + to SubPath but environment variable references $(VAR_NAME) + are expanded using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath are mutually + exclusive. This field is alpha in 1.14. + type: string required: - name - mountPath + type: object type: array workingDir: description: Container's working directory. If not specified, @@ -1537,6 +1627,7 @@ spec: type: string required: - name + type: object type: array enableAdminAPI: description: 'Enable access to prometheus web admin API. Defaults to @@ -1575,6 +1666,7 @@ spec: name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string + type: object type: array listenLocal: description: ListenLocal makes the Prometheus server listen on loopback, @@ -1668,6 +1760,7 @@ spec: type: string required: - name + type: object type: array result: description: Status is a return value for calls that don't return @@ -1720,6 +1813,7 @@ spec: the cause of the error. If this value is empty there is no information available. type: string + type: object type: array group: description: The group attribute of the resource associated @@ -1749,6 +1843,7 @@ spec: single resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids' type: string + type: object kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this @@ -1790,6 +1885,7 @@ spec: description: selfLink is a URL representing this object. Populated by the system. Read-only. type: string + type: object reason: description: A machine-readable description of why this operation is in the "Failure" status. If this value is @@ -1800,14 +1896,54 @@ spec: description: 'Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' type: string + type: object required: - pending + type: object labels: description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' type: object + managedFields: + description: |- + ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like "ci-cd". The set of fields is always in the version that the workflow used when modifying the object. + + This field is alpha and can be changed or removed without notice. + items: + description: ManagedFieldsEntry is a workflow-id, a FieldSet and + the group version of the resource that the fieldset applies + to. + properties: + apiVersion: + description: APIVersion defines the version of this resource + that this field set applies to. The format is "group/version" + just like the top-level APIVersion field. It is necessary + to track the version of a field set because it cannot be + automatically converted. + type: string + fields: + description: 'Fields stores a set of fields in a data structure + like a Trie. To understand how this is used, see: https://github.com/kubernetes-sigs/structured-merge-diff' + type: object + manager: + description: Manager is an identifier of the workflow managing + these fields. + type: string + operation: + description: Operation is the type of operation which lead + to this ManagedFieldsEntry being created. The only valid + values for this field are 'Apply' and 'Update'. + type: string + time: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package offers. + format: date-time + type: string + type: object + type: array name: description: 'Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client @@ -1829,8 +1965,9 @@ spec: set to true. There cannot be more than one managing controller. items: description: OwnerReference contains enough information to let - you identify an owning object. Currently, an owning object must - be in the same namespace, so there is no namespace field. + you identify an owning object. An owning object must be in the + same namespace as the dependent, or be cluster-scoped, so there + is no namespace field. properties: apiVersion: description: API version of the referent. @@ -1860,6 +1997,7 @@ spec: - kind - name - uid + type: object type: array resourceVersion: description: |- @@ -1877,9 +2015,103 @@ spec: Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids type: string + type: object + podMonitorNamespaceSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + podMonitorSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object priorityClassName: description: Priority class assigned to the Pods type: string + prometheusExternalLabelName: + description: Name of Prometheus external label used to denote Prometheus + instance name. Defaults to the value of `prometheus`. External label + will _not_ be added when value is set to empty string (`""`). + type: string query: description: QuerySpec defines the query command line flags when starting Prometheus. @@ -1892,9 +2124,17 @@ spec: description: Number of concurrent queries that can be run at once. format: int32 type: integer + maxSamples: + description: Maximum number of samples a single query can load into + memory. Note that queries will fail if they would load more samples + than this into memory, so this also limits the number of samples + a query can return. + format: int32 + type: integer timeout: description: Maximum time a query may take before being aborted. type: string + type: object remoteRead: description: If specified, the remote_read spec. This is an experimental feature, it may change in any upcoming release in a breaking way. @@ -1922,6 +2162,7 @@ spec: type: boolean required: - key + type: object username: description: SecretKeySelector selects a key of a Secret. properties: @@ -1938,6 +2179,8 @@ spec: type: boolean required: - key + type: object + type: object bearerToken: description: bearer token for remote read. type: string @@ -1976,11 +2219,13 @@ spec: serverName: description: Used to verify the hostname for the targets. type: string + type: object url: description: The URL of the endpoint to send samples to. type: string required: - url + type: object type: array remoteWrite: description: If specified, the remote_write spec. This is an experimental @@ -2009,6 +2254,7 @@ spec: type: boolean required: - key + type: object username: description: SecretKeySelector selects a key of a Secret. properties: @@ -2025,6 +2271,8 @@ spec: type: boolean required: - key + type: object + type: object bearerToken: description: File to read bearer token for remote write. type: string @@ -2075,6 +2323,7 @@ spec: amount of concurrency. format: int32 type: integer + type: object remoteTimeout: description: Timeout for requests to the remote write endpoint. type: string @@ -2096,6 +2345,7 @@ spec: serverName: description: Used to verify the hostname for the targets. type: string + type: object url: description: The URL of the endpoint to send samples to. type: string @@ -2142,10 +2392,17 @@ spec: in a replace action. It is mandatory for replace actions. Regex capture groups are available. type: string + type: object type: array required: - url + type: object type: array + replicaExternalLabelName: + description: Name of Prometheus external label used to denote replica + name. Defaults to the value of `prometheus_replica`. External label + will _not_ be added when value is set to empty string (`""`). + type: string replicas: description: Number of instances to deploy for a Prometheus deployment. format: int32 @@ -2163,11 +2420,15 @@ spec: to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' type: object + type: object retention: description: Time duration Prometheus shall retain data for. Default is '24h', and must match the regular expression `[0-9]+(ms|s|m|h|d|w|y)` (milliseconds seconds minutes hours days weeks years). type: string + retentionSize: + description: Maximum amount of disk space used by blocks. + type: string routePrefix: description: The route prefix Prometheus registers HTTP handlers for. This is useful, if using ExternalURL and a proxy is rewriting HTTP @@ -2209,6 +2470,7 @@ spec: required: - key - operator + type: object type: array matchLabels: description: matchLabels is a map of {key,value} pairs. A single @@ -2217,6 +2479,7 @@ spec: "In", and the values array contains only "value". The requirements are ANDed. type: object + type: object ruleSelector: description: A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty @@ -2251,6 +2514,7 @@ spec: required: - key - operator + type: object type: array matchLabels: description: matchLabels is a map of {key,value} pairs. A single @@ -2259,6 +2523,7 @@ spec: "In", and the values array contains only "value". The requirements are ANDed. type: object + type: object rules: description: /--rules.*/ command-line arguments properties: @@ -2278,6 +2543,8 @@ spec: description: Minimum amount of time to wait before resending an alert to Alertmanager. type: string + type: object + type: object scrapeInterval: description: Interval between consecutive scrapes. type: string @@ -2347,6 +2614,7 @@ spec: description: User is a SELinux user label that applies to the container. type: string + type: object supplementalGroups: description: A list of groups applied to the first process run in each container, in addition to the container's primary GID. If @@ -2371,7 +2639,9 @@ spec: required: - name - value + type: object type: array + type: object serviceAccountName: description: ServiceAccountName is the name of the ServiceAccount to use to run the Prometheus Pods. @@ -2410,6 +2680,7 @@ spec: required: - key - operator + type: object type: array matchLabels: description: matchLabels is a map of {key,value} pairs. A single @@ -2418,6 +2689,7 @@ spec: "In", and the values array contains only "value". The requirements are ANDed. type: object + type: object serviceMonitorSelector: description: A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty @@ -2452,6 +2724,7 @@ spec: required: - key - operator + type: object type: array matchLabels: description: matchLabels is a map of {key,value} pairs. A single @@ -2460,6 +2733,7 @@ spec: "In", and the values array contains only "value". The requirements are ANDed. type: object + type: object sha: description: SHA of Prometheus container image to be deployed. Defaults to the value of `version`. Similar to a tag, but the SHA explicitly @@ -2482,6 +2756,7 @@ spec: Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string sizeLimit: {} + type: object volumeClaimTemplate: description: PersistentVolumeClaim is a user's request for and claim to a persistent volume @@ -2579,6 +2854,7 @@ spec: type: string required: - name + type: object type: array result: description: Status is a return value for calls that @@ -2634,6 +2910,7 @@ spec: of the cause of the error. If this value is empty there is no information available. type: string + type: object type: array group: description: The group attribute of the resource @@ -2664,6 +2941,7 @@ spec: is a single resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids' type: string + type: object kind: description: 'Kind is a string value representing the REST resource this object represents. Servers @@ -2710,6 +2988,7 @@ spec: description: selfLink is a URL representing this object. Populated by the system. Read-only. type: string + type: object reason: description: A machine-readable description of why this operation is in the "Failure" status. If @@ -2721,14 +3000,57 @@ spec: description: 'Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' type: string + type: object required: - pending + type: object labels: description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' type: object + managedFields: + description: |- + ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like "ci-cd". The set of fields is always in the version that the workflow used when modifying the object. + + This field is alpha and can be changed or removed without notice. + items: + description: ManagedFieldsEntry is a workflow-id, a FieldSet + and the group version of the resource that the fieldset + applies to. + properties: + apiVersion: + description: APIVersion defines the version of this + resource that this field set applies to. The format + is "group/version" just like the top-level APIVersion + field. It is necessary to track the version of a + field set because it cannot be automatically converted. + type: string + fields: + description: 'Fields stores a set of fields in a data + structure like a Trie. To understand how this is + used, see: https://github.com/kubernetes-sigs/structured-merge-diff' + type: object + manager: + description: Manager is an identifier of the workflow + managing these fields. + type: string + operation: + description: Operation is the type of operation which + lead to this ManagedFieldsEntry being created. The + only valid values for this field are 'Apply' and + 'Update'. + type: string + time: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + type: object + type: array name: description: 'Name must be unique within a namespace. Is required when creating resources, although some resources @@ -2752,9 +3074,9 @@ spec: There cannot be more than one managing controller. items: description: OwnerReference contains enough information - to let you identify an owning object. Currently, an - owning object must be in the same namespace, so there - is no namespace field. + to let you identify an owning object. An owning object + must be in the same namespace as the dependent, or be + cluster-scoped, so there is no namespace field. properties: apiVersion: description: API version of the referent. @@ -2785,6 +3107,7 @@ spec: - kind - name - uid + type: object type: array resourceVersion: description: |- @@ -2802,6 +3125,7 @@ spec: Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids type: string + type: object spec: description: PersistentVolumeClaimSpec describes the common attributes of storage devices and allows a Source for provider-specific @@ -2833,6 +3157,7 @@ spec: required: - kind - name + type: object resources: description: ResourceRequirements describes the compute resource requirements. @@ -2848,6 +3173,7 @@ spec: explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' type: object + type: object selector: description: A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions @@ -2884,6 +3210,7 @@ spec: required: - key - operator + type: object type: array matchLabels: description: matchLabels is a map of {key,value} pairs. @@ -2892,6 +3219,7 @@ spec: is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object + type: object storageClassName: description: 'Name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' @@ -2899,13 +3227,13 @@ spec: volumeMode: description: volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not - included in claim spec. This is an alpha feature and may - change in the future. + included in claim spec. This is a beta feature. type: string volumeName: description: VolumeName is the binding reference to the PersistentVolume backing this claim. type: string + type: object status: description: PersistentVolumeClaimStatus is the current status of a persistent volume claim. @@ -2960,10 +3288,14 @@ spec: required: - type - status + type: object type: array phase: description: Phase represents the current phase of PersistentVolumeClaim. type: string + type: object + type: object + type: object tag: description: Tag of Prometheus container image to be deployed. Defaults to the value of `version`. Version is ignored if Tag is set. @@ -2975,31 +3307,6 @@ spec: baseImage: description: Thanos base image if other than default. type: string - gcs: - description: 'Deprecated: ThanosGCSSpec should be configured with - an ObjectStorageConfig secret starting with Thanos v0.2.0. ThanosGCSSpec - will be removed.' - properties: - bucket: - description: Google Cloud Storage bucket name for stored blocks. - If empty it won't store any block inside Google Cloud Storage. - type: string - credentials: - description: SecretKeySelector selects a key of a Secret. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - optional: - description: Specify whether the Secret or it's key must - be defined - type: boolean - required: - - key image: description: Image if specified has precedence over baseImage, tag and sha combinations. Specifying the version is still necessary @@ -3022,9 +3329,7 @@ spec: type: boolean required: - key - peers: - description: Peers is a DNS name for Thanos to discover peers through. - type: string + type: object resources: description: ResourceRequirements describes the compute resource requirements. @@ -3039,60 +3344,7 @@ spec: it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' type: object - s3: - description: 'Deprecated: ThanosS3Spec should be configured with - an ObjectStorageConfig secret starting with Thanos v0.2.0. ThanosS3Spec - will be removed.' - properties: - accessKey: - description: SecretKeySelector selects a key of a Secret. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - optional: - description: Specify whether the Secret or it's key must - be defined - type: boolean - required: - - key - bucket: - description: S3-Compatible API bucket name for stored blocks. - type: string - encryptsse: - description: Whether to use Server Side Encryption - type: boolean - endpoint: - description: S3-Compatible API endpoint for stored blocks. - type: string - insecure: - description: Whether to use an insecure connection with an S3-Compatible - API. - type: boolean - secretKey: - description: SecretKeySelector selects a key of a Secret. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - optional: - description: Specify whether the Secret or it's key must - be defined - type: boolean - required: - - key - signatureVersion2: - description: Whether to use S3 Signature Version 2; otherwise - Signature Version 4 will be used. - type: boolean + type: object sha: description: SHA of Thanos container image to be deployed. Defaults to the value of `version`. Similar to a tag, but the SHA explicitly @@ -3107,6 +3359,7 @@ spec: version: description: Version describes the version of Thanos to use. type: string + type: object tolerations: description: If specified, the pod's tolerations. items: @@ -3145,10 +3398,12 @@ spec: If the operator is Exists, the value should be empty, otherwise just a regular string. type: string + type: object type: array version: description: Version of Prometheus to be deployed. type: string + type: object status: description: 'PrometheusStatus is the most recent observed status of the Prometheus cluster. Read-only. Not included when requesting from the apiserver, @@ -3184,4 +3439,6 @@ spec: - updatedReplicas - availableReplicas - unavailableReplicas + type: object + type: object version: v1 diff --git a/clusterloader2/pkg/prometheus/manifests/0prometheus-operator-0prometheusruleCustomResourceDefinition.yaml b/clusterloader2/pkg/prometheus/manifests/0prometheus-operator-0prometheusruleCustomResourceDefinition.yaml index 877fadac96..39238c214d 100644 --- a/clusterloader2/pkg/prometheus/manifests/0prometheus-operator-0prometheusruleCustomResourceDefinition.yaml +++ b/clusterloader2/pkg/prometheus/manifests/0prometheus-operator-0prometheusruleCustomResourceDefinition.yaml @@ -1,3 +1,4 @@ +--- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: @@ -96,6 +97,7 @@ spec: type: string required: - name + type: object type: array result: description: Status is a return value for calls that don't return @@ -148,6 +150,7 @@ spec: cause of the error. If this value is empty there is no information available. type: string + type: object type: array group: description: The group attribute of the resource associated @@ -175,6 +178,7 @@ spec: description: 'UID of the resource. (when there is a single resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids' type: string + type: object kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint @@ -215,6 +219,7 @@ spec: description: selfLink is a URL representing this object. Populated by the system. Read-only. type: string + type: object reason: description: A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is @@ -225,13 +230,52 @@ spec: description: 'Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' type: string + type: object required: - pending + type: object labels: description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' type: object + managedFields: + description: |- + ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like "ci-cd". The set of fields is always in the version that the workflow used when modifying the object. + + This field is alpha and can be changed or removed without notice. + items: + description: ManagedFieldsEntry is a workflow-id, a FieldSet and the + group version of the resource that the fieldset applies to. + properties: + apiVersion: + description: APIVersion defines the version of this resource that + this field set applies to. The format is "group/version" just + like the top-level APIVersion field. It is necessary to track + the version of a field set because it cannot be automatically + converted. + type: string + fields: + description: 'Fields stores a set of fields in a data structure + like a Trie. To understand how this is used, see: https://github.com/kubernetes-sigs/structured-merge-diff' + type: object + manager: + description: Manager is an identifier of the workflow managing + these fields. + type: string + operation: + description: Operation is the type of operation which lead to + this ManagedFieldsEntry being created. The only valid values + for this field are 'Apply' and 'Update'. + type: string + time: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package offers. + format: date-time + type: string + type: object + type: array name: description: 'Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to @@ -253,8 +297,9 @@ spec: There cannot be more than one managing controller. items: description: OwnerReference contains enough information to let you - identify an owning object. Currently, an owning object must be in - the same namespace, so there is no namespace field. + identify an owning object. An owning object must be in the same + namespace as the dependent, or be cluster-scoped, so there is no + namespace field. properties: apiVersion: description: API version of the referent. @@ -283,6 +328,7 @@ spec: - kind - name - uid + type: object type: array resourceVersion: description: |- @@ -300,6 +346,7 @@ spec: Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids type: string + type: object spec: description: PrometheusRuleSpec contains specification parameters for a Rule. @@ -334,9 +381,13 @@ spec: type: string required: - expr + type: object type: array required: - name - rules + type: object type: array + type: object + type: object version: v1 diff --git a/clusterloader2/pkg/prometheus/manifests/0prometheus-operator-0servicemonitorCustomResourceDefinition.yaml b/clusterloader2/pkg/prometheus/manifests/0prometheus-operator-0servicemonitorCustomResourceDefinition.yaml index d2e310fde6..00a49c154c 100644 --- a/clusterloader2/pkg/prometheus/manifests/0prometheus-operator-0servicemonitorCustomResourceDefinition.yaml +++ b/clusterloader2/pkg/prometheus/manifests/0prometheus-operator-0servicemonitorCustomResourceDefinition.yaml @@ -1,3 +1,4 @@ +--- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: @@ -52,6 +53,7 @@ spec: type: boolean required: - key + type: object username: description: SecretKeySelector selects a key of a Secret. properties: @@ -68,6 +70,8 @@ spec: type: boolean required: - key + type: object + type: object bearerTokenFile: description: File to read bearer token for scraping targets. type: string @@ -121,6 +125,7 @@ spec: in a replace action. It is mandatory for replace actions. Regex capture groups are available. type: string + type: object type: array params: description: Optional HTTP URL parameters @@ -138,7 +143,7 @@ spec: type: string relabelings: description: 'RelabelConfigs to apply to samples before ingestion. - More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#' + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' items: description: 'RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. It defines @@ -180,6 +185,7 @@ spec: in a replace action. It is mandatory for replace actions. Regex capture groups are available. type: string + type: object type: array scheme: description: HTTP scheme to use for scraping. @@ -209,6 +215,8 @@ spec: serverName: description: Used to verify the hostname for the targets. type: string + type: object + type: object type: array jobLabel: description: The label to use to retrieve the job name from. @@ -226,6 +234,7 @@ spec: items: type: string type: array + type: object podTargetLabels: description: PodTargetLabels transfers labels on the Kubernetes Pod onto the target. @@ -271,6 +280,7 @@ spec: required: - key - operator + type: object type: array matchLabels: description: matchLabels is a map of {key,value} pairs. A single @@ -279,6 +289,7 @@ spec: "In", and the values array contains only "value". The requirements are ANDed. type: object + type: object targetLabels: description: TargetLabels transfers labels on the Kubernetes Service onto the target. @@ -288,4 +299,6 @@ spec: required: - endpoints - selector + type: object + type: object version: v1 diff --git a/clusterloader2/pkg/prometheus/manifests/0prometheus-operator-clusterRole.yaml b/clusterloader2/pkg/prometheus/manifests/0prometheus-operator-clusterRole.yaml index 123f78e93b..15c045c564 100644 --- a/clusterloader2/pkg/prometheus/manifests/0prometheus-operator-clusterRole.yaml +++ b/clusterloader2/pkg/prometheus/manifests/0prometheus-operator-clusterRole.yaml @@ -17,6 +17,7 @@ rules: - prometheuses/finalizers - alertmanagers/finalizers - servicemonitors + - podmonitors - prometheusrules verbs: - '*' @@ -40,6 +41,7 @@ rules: verbs: - list - delete + - watch - apiGroups: - "" resources: @@ -47,6 +49,7 @@ rules: - services/finalizers - endpoints verbs: + - list - get - create - update diff --git a/clusterloader2/pkg/prometheus/manifests/0prometheus-operator-deployment.yaml b/clusterloader2/pkg/prometheus/manifests/0prometheus-operator-deployment.yaml index c7b42eeb3a..83c023271e 100644 --- a/clusterloader2/pkg/prometheus/manifests/0prometheus-operator-deployment.yaml +++ b/clusterloader2/pkg/prometheus/manifests/0prometheus-operator-deployment.yaml @@ -25,7 +25,7 @@ spec: {{if $PROMETHEUS_SCRAPE_KUBELETS}} - --kubelet-service=kube-system/kubelet {{end}} - image: gcr.io/k8s-testimages/quay.io/coreos/prometheus-operator:v0.30.0 + image: gcr.io/k8s-testimages/quay.io/coreos/prometheus-operator:v0.31.0 name: prometheus-operator ports: - containerPort: 8080 diff --git a/clusterloader2/pkg/prometheus/manifests/prometheus-clusterRole.yaml b/clusterloader2/pkg/prometheus/manifests/prometheus-clusterRole.yaml index d5c4598304..59791de991 100644 --- a/clusterloader2/pkg/prometheus/manifests/prometheus-clusterRole.yaml +++ b/clusterloader2/pkg/prometheus/manifests/prometheus-clusterRole.yaml @@ -7,8 +7,13 @@ rules: - "" resources: - nodes/metrics + - services + - endpoints + - pods verbs: - get + - list + - watch - nonResourceURLs: - /metrics verbs: diff --git a/clusterloader2/pkg/prometheus/manifests/prometheus-prometheus.yaml b/clusterloader2/pkg/prometheus/manifests/prometheus-prometheus.yaml index 934740ff24..46e66328f4 100644 --- a/clusterloader2/pkg/prometheus/manifests/prometheus-prometheus.yaml +++ b/clusterloader2/pkg/prometheus/manifests/prometheus-prometheus.yaml @@ -9,18 +9,26 @@ metadata: name: k8s namespace: monitoring spec: + logLevel: debug baseImage: gcr.io/k8s-testimages/quay.io/prometheus/prometheus nodeSelector: kubernetes.io/os: linux replicas: 1 resources: requests: + cpu: {{AddInt 200 (MultiplyInt 500 (DivideInt .Nodes 1000))}}m {{if $PROMETHEUS_SCRAPE_KUBELETS}} - # TODO(oxddr): figure out memory limit - memory: 10Gi # {{MultiplyInt 2 (AddInt 1 (DivideInt .Nodes 2000))}}Gi + memory: 10Gi {{else}} - # Start with 2Gi and add 2Gi for each 2K nodes. - memory: {{MultiplyInt 2 (AddInt 1 (DivideInt .Nodes 2000))}}Gi + # Start with 2Gi and add 2Gi for each 1K nodes. + memory: {{MultiplyInt 2 (AddInt 1 (DivideInt .Nodes 1000))}}Gi + {{end}} + limits: + {{if $PROMETHEUS_SCRAPE_KUBELETS}} + memory: 10Gi + {{else}} + # Start with 2Gi and add 2Gi for each 1K nodes. + memory: {{MultiplyInt 2 (AddInt 1 (DivideInt .Nodes 1000))}}Gi {{end}} ruleSelector: matchLabels: @@ -36,6 +44,8 @@ spec: serviceAccountName: prometheus-k8s serviceMonitorNamespaceSelector: {} serviceMonitorSelector: {} + podMonitorNamespaceSelector: {} + podMonitorSelector: {} version: v2.9.2 retention: 7d storage: