pharaujo · September 21, 2016 14:18
diff --git a/prometheus-configmap.yaml b/prometheus-configmap.yaml
 apiVersion: v1
 kind: ConfigMap
 metadata:
  name: prometheus
 data:
  alerts.rules: |-
    # Alert for any instance that is unreachable for >5 minutes.
    ALERT InstanceDown
      IF up == 0
      FOR 5m
      LABELS { severity = "page" }
      ANNOTATIONS {
        summary = "Instance {{ $labels.instance }} down",
        description = "{{ $labels.instance }} of job {{ $labels.job }} has been down for more than 5 minutes.",
      }

  prometheus.yml: |-
    global:
      scrape_interval: 15s
      # Attach these labels to any time series or alerts when communicating with
      # external systems (federation, remote storage, Alertmanager).
      external_labels:
        monitor: 'test-cluster1'

    rule_files:
      - '/etc/prometheus/alerts.rules'

    scrape_configs:
    - job_name: 'prometheus'
      scrape_interval: 5s
      static_configs:
        - targets: ['localhost:9090']

    # etcd is living outside of our cluster and we configure
    # it directly.
    - job_name: 'etcd'
      static_configs:
      - targets: ['172.17.4.51:2379']

    - job_name: 'alertmanager'
      static_configs:
      - targets: ['alertmanager:9093']

    - job_name: 'kubernetes_components'
      # needed to add this as everything runs in https and SD defined scrape targets as http
      scheme: https
      # tls_config wasn't working inside kubernetes_sd_config
      # also, in_cluster should make it unnecessary to define this so I guess it
      # wasn't working as well
      tls_config:
        ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
        # I don't understand why, tls config works for worker nodes and not for the controller
        # need this for the controller
        insecure_skip_verify: true
      bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
      kubernetes_sd_configs:
      -
        in_cluster: true
        api_servers: ['https://kubernetes']
        role: node
      -
        in_cluster: true
        api_servers: ['https://kubernetes']
        role: apiserver
      -
        in_cluster: true
        api_servers: ['https://kubernetes']
        role: service
      -
        in_cluster: true
        api_servers: ['https://kubernetes']
        role: pod
      relabel_configs:
      # Only scrape apiserver and kubelets.
      - source_labels: [__meta_kubernetes_role]
        action: keep
        regex: (?:apiserver|node)
      # Redefine the Prometheus job based on the monitored Kubernetes component.
      - source_labels: [__meta_kubernetes_role]
        target_label: job
        replacement: kubernetes_$1
      # Attach all node labels to the metrics scraped from the components running
      # on that node.
      - action: labelmap
        regex: __meta_kubernetes_node_label_(.+)
	apiVersion: v1
	kind: ConfigMap
	metadata:
	name: prometheus
	data:
	alerts.rules: \|-
	# Alert for any instance that is unreachable for >5 minutes.
	ALERT InstanceDown
	IF up == 0
	FOR 5m
	LABELS { severity = "page" }
	ANNOTATIONS {
	summary = "Instance {{ $labels.instance }} down",
	description = "{{ $labels.instance }} of job {{ $labels.job }} has been down for more than 5 minutes.",
	}

	prometheus.yml: \|-
	global:
	scrape_interval: 15s
	# Attach these labels to any time series or alerts when communicating with
	# external systems (federation, remote storage, Alertmanager).
	external_labels:
	monitor: 'test-cluster1'

	rule_files:
	- '/etc/prometheus/alerts.rules'

	scrape_configs:
	- job_name: 'prometheus'
	scrape_interval: 5s
	static_configs:
	- targets: ['localhost:9090']

	# etcd is living outside of our cluster and we configure
	# it directly.
	- job_name: 'etcd'
	static_configs:
	- targets: ['172.17.4.51:2379']

	- job_name: 'alertmanager'
	static_configs:
	- targets: ['alertmanager:9093']

	- job_name: 'kubernetes_components'
	# needed to add this as everything runs in https and SD defined scrape targets as http
	scheme: https
	# tls_config wasn't working inside kubernetes_sd_config
	# also, in_cluster should make it unnecessary to define this so I guess it
	# wasn't working as well
	tls_config:
	ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
	# I don't understand why, tls config works for worker nodes and not for the controller
	# need this for the controller
	insecure_skip_verify: true
	bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
	kubernetes_sd_configs:
	-
	in_cluster: true
	api_servers: ['https://kubernetes']
	role: node
	-
	in_cluster: true
	api_servers: ['https://kubernetes']
	role: apiserver
	-
	in_cluster: true
	api_servers: ['https://kubernetes']
	role: service
	-
	in_cluster: true
	api_servers: ['https://kubernetes']
	role: pod
	relabel_configs:
	# Only scrape apiserver and kubelets.
	- source_labels: [__meta_kubernetes_role]
	action: keep
	regex: (?:apiserver\|node)
	# Redefine the Prometheus job based on the monitored Kubernetes component.
	- source_labels: [__meta_kubernetes_role]
	target_label: job
	replacement: kubernetes_$1
	# Attach all node labels to the metrics scraped from the components running
	# on that node.
	- action: labelmap
	regex: __meta_kubernetes_node_label_(.+)