Created
August 4, 2022 21:30
-
-
Save justinschuldt/45b7c2cabd1a9ee49e31bbb6b2a07849 to your computer and use it in GitHub Desktop.
wormhole devnet cluster monitoring
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # enable metrics-server | |
| minikube addons enable metrics-server | |
| # wait for rollout to complete | |
| minikube kubectl -- -n kube-system rollout status deployment metrics-server | |
| # verify metrics-server pods are healthy | |
| minikube kubectl -- get pods --namespace kube-system | grep metrics-server | |
| # give wormhole:default serviceaccount cluster-admin permissions. | |
| # probably better to create a new serviceaccount for prometheus, rather than | |
| # over-permission the wormhole:default account. | |
| kubectl create clusterrolebinding add-on-cluster-admin \ | |
| --clusterrole=cluster-admin \ | |
| --serviceaccount=wormhole:default |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - job_name: 'node-exporter' | |
| kubernetes_sd_configs: | |
| - role: endpoints | |
| relabel_configs: | |
| - source_labels: [__meta_kubernetes_endpoints_name] | |
| regex: 'node-exporter' | |
| action: keep | |
| - job_name: 'kubernetes-apiservers' | |
| kubernetes_sd_configs: | |
| - role: endpoints | |
| scheme: https | |
| tls_config: | |
| ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt | |
| bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token | |
| relabel_configs: | |
| - source_labels: [__meta_kubernetes_namespace, __meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name] | |
| action: keep | |
| regex: default;kubernetes;https | |
| - job_name: 'kubernetes-nodes' | |
| scheme: https | |
| tls_config: | |
| ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt | |
| bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token | |
| kubernetes_sd_configs: | |
| - role: node | |
| relabel_configs: | |
| - action: labelmap | |
| regex: __meta_kubernetes_node_label_(.+) | |
| - target_label: __address__ | |
| replacement: kubernetes.default.svc:443 | |
| - source_labels: [__meta_kubernetes_node_name] | |
| regex: (.+) | |
| target_label: __metrics_path__ | |
| replacement: /api/v1/nodes/${1}/proxy/metrics | |
| - job_name: 'kubernetes-pods' | |
| kubernetes_sd_configs: | |
| - role: pod | |
| relabel_configs: | |
| - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_scrape] | |
| action: keep | |
| regex: true | |
| - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_path] | |
| action: replace | |
| target_label: __metrics_path__ | |
| regex: (.+) | |
| - source_labels: [__address__, __meta_kubernetes_pod_annotation_prometheus_io_port] | |
| action: replace | |
| regex: ([^:]+)(?::\d+)?;(\d+) | |
| replacement: $1:$2 | |
| target_label: __address__ | |
| - action: labelmap | |
| regex: __meta_kubernetes_pod_label_(.+) | |
| - source_labels: [__meta_kubernetes_namespace] | |
| action: replace | |
| target_label: kubernetes_namespace | |
| - source_labels: [__meta_kubernetes_pod_name] | |
| action: replace | |
| target_label: kubernetes_pod_name | |
| - job_name: 'kube-state-metrics' | |
| static_configs: | |
| - targets: ['kube-state-metrics.kube-system.svc.cluster.local:8080'] | |
| - job_name: 'kubernetes-cadvisor' | |
| scheme: https | |
| tls_config: | |
| ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt | |
| bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token | |
| kubernetes_sd_configs: | |
| - role: node | |
| relabel_configs: | |
| - action: labelmap | |
| regex: __meta_kubernetes_node_label_(.+) | |
| - target_label: __address__ | |
| replacement: kubernetes.default.svc:443 | |
| - source_labels: [__meta_kubernetes_node_name] | |
| regex: (.+) | |
| target_label: __metrics_path__ | |
| replacement: /api/v1/nodes/${1}/proxy/metrics/cadvisor | |
| - job_name: 'kubernetes-service-endpoints' | |
| kubernetes_sd_configs: | |
| - role: endpoints | |
| relabel_configs: | |
| - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scrape] | |
| action: keep | |
| regex: true | |
| - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scheme] | |
| action: replace | |
| target_label: __scheme__ | |
| regex: (https?) | |
| - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_path] | |
| action: replace | |
| target_label: __metrics_path__ | |
| regex: (.+) | |
| - source_labels: [__address__, __meta_kubernetes_service_annotation_prometheus_io_port] | |
| action: replace | |
| target_label: __address__ | |
| regex: ([^:]+)(?::\d+)?;(\d+) | |
| replacement: $1:$2 | |
| - action: labelmap | |
| regex: __meta_kubernetes_service_label_(.+) | |
| - source_labels: [__meta_kubernetes_namespace] | |
| action: replace | |
| target_label: kubernetes_namespace | |
| - source_labels: [__meta_kubernetes_service_name] | |
| action: replace | |
| target_label: kubernetes_name |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # grafana + prometheus for node metrics | |
| if node_metrics: | |
| dashboard_files = listdir("dashboards") | |
| dashboards = {} | |
| for d in dashboard_files: | |
| file_name = d.split("/")[-1] | |
| if file_name.endswith(".json"): | |
| dashboards[file_name] = encode_json(read_json(d)) | |
| dashboard_yaml = { | |
| "apiVersion": "v1", | |
| "kind": "ConfigMap", | |
| "metadata": { | |
| "name": "grafana-dashboards-json" | |
| }, | |
| "data": dashboards | |
| } | |
| k8s_yaml_with_ns(encode_yaml(dashboard_yaml)) | |
| # ... |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment