342 lines
7.5 KiB
YAML
342 lines
7.5 KiB
YAML
# Copyright 2023 Google LLC
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# https://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
apiVersion: apps/v1
|
|
kind: StatefulSet
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: kube-state-metrics
|
|
app.kubernetes.io/version: 2.3.0
|
|
namespace: gmp-public
|
|
name: kube-state-metrics
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: kube-state-metrics
|
|
serviceName: kube-state-metrics
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: kube-state-metrics
|
|
app.kubernetes.io/version: 2.3.0
|
|
spec:
|
|
affinity:
|
|
nodeAffinity:
|
|
requiredDuringSchedulingIgnoredDuringExecution:
|
|
nodeSelectorTerms:
|
|
- matchExpressions:
|
|
- key: kubernetes.io/arch
|
|
operator: In
|
|
values:
|
|
- arm64
|
|
- amd64
|
|
- key: kubernetes.io/os
|
|
operator: In
|
|
values:
|
|
- linux
|
|
containers:
|
|
- name: kube-state-metric
|
|
image: k8s.gcr.io/kube-state-metrics/kube-state-metrics:v2.3.0
|
|
env:
|
|
- name: POD_NAME
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: metadata.name
|
|
- name: POD_NAMESPACE
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: metadata.namespace
|
|
args:
|
|
- --pod=$(POD_NAME)
|
|
- --pod-namespace=$(POD_NAMESPACE)
|
|
- --port=8080
|
|
- --telemetry-port=8081
|
|
ports:
|
|
- name: metrics
|
|
containerPort: 8080
|
|
- name: metrics-self
|
|
containerPort: 8081
|
|
resources:
|
|
requests:
|
|
cpu: 10m
|
|
memory: 50Mi
|
|
limits:
|
|
memory: 50Mi
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
privileged: false
|
|
capabilities:
|
|
drop:
|
|
- all
|
|
runAsUser: 1000
|
|
runAsGroup: 1000
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /healthz
|
|
port: 8080
|
|
initialDelaySeconds: 5
|
|
timeoutSeconds: 5
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /
|
|
port: 8081
|
|
initialDelaySeconds: 5
|
|
timeoutSeconds: 5
|
|
serviceAccountName: kube-state-metrics
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: kube-state-metrics
|
|
app.kubernetes.io/version: 2.3.0
|
|
namespace: gmp-public
|
|
name: kube-state-metrics
|
|
spec:
|
|
clusterIP: None
|
|
ports:
|
|
- name: metrics
|
|
port: 8080
|
|
targetPort: metrics
|
|
- name: metrics-self
|
|
port: 8081
|
|
targetPort: metrics-self
|
|
selector:
|
|
app.kubernetes.io/name: kube-state-metrics
|
|
---
|
|
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
namespace: gmp-public
|
|
name: kube-state-metrics
|
|
labels:
|
|
app.kubernetes.io/name: kube-state-metrics
|
|
app.kubernetes.io/version: 2.3.0
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRoleBinding
|
|
metadata:
|
|
name: gmp-public:kube-state-metrics
|
|
labels:
|
|
app.kubernetes.io/name: kube-state-metrics
|
|
app.kubernetes.io/version: 2.3.0
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: ClusterRole
|
|
name: gmp-public:kube-state-metrics
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
namespace: gmp-public
|
|
name: kube-state-metrics
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRole
|
|
metadata:
|
|
name: gmp-public:kube-state-metrics
|
|
labels:
|
|
app.kubernetes.io/name: kube-state-metrics
|
|
app.kubernetes.io/version: 2.3.0
|
|
rules:
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- configmaps
|
|
- secrets
|
|
- nodes
|
|
- pods
|
|
- services
|
|
- resourcequotas
|
|
- replicationcontrollers
|
|
- limitranges
|
|
- persistentvolumeclaims
|
|
- persistentvolumes
|
|
- namespaces
|
|
- endpoints
|
|
verbs:
|
|
- list
|
|
- watch
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- pods
|
|
verbs:
|
|
- get
|
|
- apiGroups:
|
|
- extensions
|
|
resources:
|
|
- daemonsets
|
|
- deployments
|
|
- replicasets
|
|
- ingresses
|
|
verbs:
|
|
- list
|
|
- watch
|
|
- apiGroups:
|
|
- apps
|
|
resources:
|
|
- statefulsets
|
|
- daemonsets
|
|
- deployments
|
|
- replicasets
|
|
verbs:
|
|
- list
|
|
- watch
|
|
- apiGroups:
|
|
- apps
|
|
resources:
|
|
- statefulsets
|
|
verbs:
|
|
- get
|
|
- apiGroups:
|
|
- batch
|
|
resources:
|
|
- cronjobs
|
|
- jobs
|
|
verbs:
|
|
- list
|
|
- watch
|
|
- apiGroups:
|
|
- autoscaling
|
|
resources:
|
|
- horizontalpodautoscalers
|
|
verbs:
|
|
- list
|
|
- watch
|
|
- apiGroups:
|
|
- authentication.k8s.io
|
|
resources:
|
|
- tokenreviews
|
|
verbs:
|
|
- create
|
|
- apiGroups:
|
|
- authorization.k8s.io
|
|
resources:
|
|
- subjectaccessreviews
|
|
verbs:
|
|
- create
|
|
- apiGroups:
|
|
- policy
|
|
resources:
|
|
- poddisruptionbudgets
|
|
verbs:
|
|
- list
|
|
- watch
|
|
- apiGroups:
|
|
- certificates.k8s.io
|
|
resources:
|
|
- certificatesigningrequests
|
|
verbs:
|
|
- list
|
|
- watch
|
|
- apiGroups:
|
|
- storage.k8s.io
|
|
resources:
|
|
- storageclasses
|
|
- volumeattachments
|
|
verbs:
|
|
- list
|
|
- watch
|
|
- apiGroups:
|
|
- admissionregistration.k8s.io
|
|
resources:
|
|
- mutatingwebhookconfigurations
|
|
- validatingwebhookconfigurations
|
|
verbs:
|
|
- list
|
|
- watch
|
|
- apiGroups:
|
|
- networking.k8s.io
|
|
resources:
|
|
- networkpolicies
|
|
- ingresses
|
|
verbs:
|
|
- list
|
|
- watch
|
|
- apiGroups:
|
|
- coordination.k8s.io
|
|
resources:
|
|
- leases
|
|
verbs:
|
|
- list
|
|
- watch
|
|
---
|
|
# TODO(pintohutch): bump to autoscaling/v2 when 1.23 is the default in the GKE
|
|
# stable release channel.
|
|
apiVersion: autoscaling/v2
|
|
kind: HorizontalPodAutoscaler
|
|
metadata:
|
|
name: kube-state-metrics
|
|
namespace: gmp-public
|
|
spec:
|
|
maxReplicas: 10
|
|
minReplicas: 1
|
|
scaleTargetRef:
|
|
apiVersion: apps/v1
|
|
kind: StatefulSet
|
|
name: kube-state-metrics
|
|
metrics:
|
|
- type: Resource
|
|
resource:
|
|
name: memory
|
|
target:
|
|
type: Utilization
|
|
averageUtilization: 60
|
|
behavior:
|
|
scaleDown:
|
|
policies:
|
|
- type: Pods
|
|
value: 1
|
|
# Under-utilization needs to persist for `periodSeconds` before any action can be taken.
|
|
# Current supported max from https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/horizontal-pod-autoscaler-v2beta2/.
|
|
periodSeconds: 1800
|
|
# Current supported max from https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/horizontal-pod-autoscaler-v2beta2/.
|
|
stabilizationWindowSeconds: 3600
|
|
---
|
|
apiVersion: monitoring.googleapis.com/v1
|
|
kind: ClusterPodMonitoring
|
|
metadata:
|
|
name: kube-state-metrics
|
|
labels:
|
|
app.kubernetes.io/name: kube-state-metrics
|
|
app.kubernetes.io/part-of: google-cloud-managed-prometheus
|
|
spec:
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: kube-state-metrics
|
|
endpoints:
|
|
- port: metrics
|
|
interval: 30s
|
|
metricRelabeling:
|
|
- action: keep
|
|
regex: kube_(daemonset|deployment|pod|namespace|node|statefulset)_.+
|
|
sourceLabels: [__name__]
|
|
targetLabels:
|
|
metadata: [] # explicitly empty so the metric labels are respected
|
|
---
|
|
apiVersion: monitoring.googleapis.com/v1
|
|
kind: PodMonitoring
|
|
metadata:
|
|
namespace: gmp-public
|
|
name: kube-state-metrics
|
|
labels:
|
|
app.kubernetes.io/name: kube-state-metrics
|
|
app.kubernetes.io/part-of: google-cloud-managed-prometheus
|
|
spec:
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: kube-state-metrics
|
|
endpoints:
|
|
- port: metrics-self
|
|
interval: 30s |