-
Notifications
You must be signed in to change notification settings - Fork 168
/
Copy pathmonitor-kubernetes.yml
86 lines (79 loc) · 3.51 KB
/
monitor-kubernetes.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
# This file assumes bosh_exporter based Service Discovery is being used: ./monitor-bosh.yml
# Exporter jobs
- type: replace
path: /instance_groups/name=prometheus2/jobs/-
value:
name: kube_state_metrics_exporter
release: prometheus
properties:
kube_state_metrics_exporter:
apiserver: ((kubernetes_apiserver_scheme))://((kubernetes_apiserver_ip)):((kubernetes_apiserver_port))
kubeconfig: ((kubernetes_kubeconfig))
# Scrape config for kubernetes nodes service discovery (kubelet).
#
# Rather than connecting directly to the node, the scrape is proxied though the
# Kubernetes apiserver. This means it will work if Prometheus is running out of
# cluster, or can't connect to nodes for some other reason (e.g. because of
# firewalling).
- type: replace
path: /instance_groups/name=prometheus2/jobs/name=prometheus2/properties/prometheus/scrape_configs/-
value:
job_name: kubernetes_nodes
scheme: ((kubernetes_apiserver_scheme))
bearer_token: ((kubernetes_bearer_token))
tls_config:
insecure_skip_verify: ((skip_ssl_verify))
kubernetes_sd_configs:
- role: node
api_server: ((kubernetes_apiserver_scheme))://((kubernetes_apiserver_ip)):((kubernetes_apiserver_port))
bearer_token: ((kubernetes_bearer_token))
tls_config:
insecure_skip_verify: ((skip_ssl_verify))
relabel_configs:
- action: labelmap
regex: __meta_kubernetes_node_label_(.+)
- target_label: __address__
replacement: ((kubernetes_apiserver_ip)):((kubernetes_apiserver_port))
- source_labels: [__meta_kubernetes_node_name]
regex: (.+)
target_label: __metrics_path__
replacement: /api/v1/nodes/${1}/proxy/metrics
# Scrape config for kubernetes API servers service discovery.
#
# Kubernetes exposes API servers as endpoints to the default/kubernetes
# service so this uses `endpoints` role and uses relabelling to only keep
# the endpoints associated with the default/kubernetes service using the
# default named port `https`. This works for single API server deployments as
# well as HA API server deployments.
- type: replace
path: /instance_groups/name=prometheus2/jobs/name=prometheus2/properties/prometheus/scrape_configs/-
value:
job_name: kubernetes_apiservers
scheme: ((kubernetes_apiserver_scheme))
bearer_token: ((kubernetes_bearer_token))
tls_config:
insecure_skip_verify: ((skip_ssl_verify))
kubernetes_sd_configs:
- role: endpoints
api_server: ((kubernetes_apiserver_scheme))://((kubernetes_apiserver_ip)):((kubernetes_apiserver_port))
bearer_token: ((kubernetes_bearer_token))
tls_config:
insecure_skip_verify: ((skip_ssl_verify))
relabel_configs:
- source_labels: [__meta_kubernetes_namespace, __meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name]
action: keep
regex: default;kubernetes;https
# Prometheus Alerts
- type: replace
path: /instance_groups/name=prometheus2/jobs/name=kubernetes_alerts?/release
value: prometheus
- type: replace
path: /instance_groups/name=prometheus2/jobs/name=prometheus2/properties/prometheus/rule_files/-
value: /var/vcap/jobs/kubernetes_alerts/*.alerts.yml
# Grafana Dashboards
- type: replace
path: /instance_groups/name=grafana/jobs/name=kubernetes_dashboards?/release
value: prometheus
- type: replace
path: /instance_groups/name=grafana/jobs/name=grafana/properties/grafana/prometheus/dashboard_folders/name=Kubernetes?/files/-
value: /var/vcap/jobs/kubernetes_dashboards/*.json