Skip to content

S
system-charts
Commit c2bc5b9f by Frank Mai Committed by orangedeng
Options

Embed Nginx into Prometheus Pod

**Issues:** https://github.com/rancher/rancher/issues/18166
parent 8f54c9d7
Showing with 59 additions and 163 deletions
charts/rancher-monitoring/v0.0.2/charts/prometheus/templates/_helpers.tpl
...@@ -21,7 +21,7 @@ ...@@ -21,7 +21,7 @@
{{- $_ := set $yamls (.Values.additionalScrapeConfigs | toYaml) "" -}} {{- $_ := set $yamls (.Values.additionalScrapeConfigs | toYaml) "" -}}
{{- end -}} {{- end -}}
{{- if $yamls -}} {{- if $yamls -}}
{{- keys $yamls | join "\n" | b64enc | quote -}} {{- keys $yamls | join "\n" | quote -}}
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}
...@@ -47,7 +47,7 @@ ...@@ -47,7 +47,7 @@
{{- $_ := set $yamls (.Values.additionalAlertManagerConfigs | toYaml) "" -}} {{- $_ := set $yamls (.Values.additionalAlertManagerConfigs | toYaml) "" -}}
{{- end -}} {{- end -}}
{{- if $yamls -}} {{- if $yamls -}}
{{- keys $yamls | join "\n" | b64enc | quote -}} {{- keys $yamls | join "\n" | quote -}}
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}
......
charts/rancher-monitoring/v0.0.2/charts/prometheus/templates/hooks-configmap.yaml deleted 100644 → 0
apiVersion: v1
kind: ConfigMap
metadata:
labels:
app: {{ template "app.name" . }}
chart: {{ template "app.version" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
name: {{ template "app.hooks.fullname" . }}
data:
replace-config-by-auth.sh: |-
#!/bin/sh
srcpath="/template/nginx.conf"
dstpath="/host/nginx.conf"
if [ -f $srcpath ] && [ -d /host ]; then
token=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)
sed "s/REPLACE_PARAM_AUTHORIZATION/Bearer ${token}/g" $srcpath > $dstpath
exit 0
fi
exit 1
charts/rancher-monitoring/v0.0.2/charts/prometheus/templates/nginx-comfigmap.yaml charts/rancher-monitoring/v0.0.2/charts/prometheus/templates/nginx-configmap.yaml
...@@ -7,12 +7,27 @@ metadata: ...@@ -7,12 +7,27 @@ metadata:
chart: {{ template "app.version" . }} chart: {{ template "app.version" . }}
heritage: {{ .Release.Service }} heritage: {{ .Release.Service }}
release: {{ .Release.Name }} release: {{ .Release.Name }}
component: nginx
data: data:
nginx.conf: |- run-sh.tmpl: |-
#!/bin/sh
set -e
srcpath="/nginx/nginx-conf.tmpl"
dstpath="/var/run/nginx.conf"
if ![ -f $srcpath ]; then
exit 1
fi
token=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)
sed "s/REPLACE_PARAM_AUTHORIZATION/Bearer ${token}/g" $srcpath | sed "s/REPLACE_PARAM_IP/${POD_IP}/g" > $dstpath
nginx -g "daemon off;" -c /var/run/nginx.conf
nginx-conf.tmpl: |-
user nginx; user nginx;
worker_processes auto; worker_processes auto;
error_log /dev/null warn; error_log /dev/stdout warn;
pid /var/run/nginx.pid; pid /var/run/nginx.pid;
events { events {
...@@ -57,7 +72,7 @@ data: ...@@ -57,7 +72,7 @@ data:
add_header X-Proxy-Cache $upstream_cache_status; add_header X-Proxy-Cache $upstream_cache_status;
add_header Cache-Control "public"; add_header Cache-Control "public";
proxy_pass http://prometheus-operated:9090/; proxy_pass http://REPLACE_PARAM_IP:9090/;
sub_filter_types text/html; sub_filter_types text/html;
sub_filter_once off; sub_filter_once off;
......
charts/rancher-monitoring/v0.0.2/charts/prometheus/templates/nginx-deployment.yaml deleted 100644 → 0
apiVersion: {{ template "deployment_api_version" . }}
kind: Deployment
metadata:
name: {{ template "app.nginx.fullname" . }}
labels:
app: {{ template "app.name" . }}
chart: {{ template "app.version" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
component: nginx
spec:
replicas: 1
selector:
matchLabels:
app: {{ template "app.name" . }}
chart: {{ template "app.version" . }}
release: {{ .Release.Name }}
component: nginx
template:
metadata:
labels:
app: {{ template "app.name" . }}
chart: {{ template "app.version" . }}
release: {{ .Release.Name }}
component: nginx
spec:
initContainers:
- name: nginx-init-auth-add
image: {{ template "system_default_registry" . }}{{ .Values.image.proxy.repository }}:{{ .Values.image.proxy.tag }}
command:
- /usr/bin/replace-config-by-auth.sh
volumeMounts:
- name: prometheus-static-hooks
mountPath: /usr/bin/replace-config-by-auth.sh
subPath: replace-config-by-auth.sh
- name: prometheus-static-contents
mountPath: /host
- name: prometheus-nginx-template
mountPath: /template
{{- if and .Values.resources .Values.resources.inits }}
resources:
{{ toYaml .Values.resources.inits | indent 10 }}
{{- end }}
containers:
- name: prometheus-proxy
image: {{ template "system_default_registry" . }}{{ .Values.image.proxy.repository }}:{{ .Values.image.proxy.tag }}
args:
- nginx
- -g
- daemon off;
- -c
- /nginx/nginx.conf
volumeMounts:
- mountPath: /nginx
name: prometheus-static-contents
{{- if and .Values.resources .Values.resources.proxy }}
resources:
{{ toYaml .Values.resources.proxy | indent 10 }}
{{- end }}
ports:
- name: http
containerPort: 80
{{- if .Values.enabledRBAC }}
serviceAccountName: {{ default (default (include "app.fullname" .) .Values.serviceAccountName) .Values.serviceAccountNameOverride }}
{{- end }}
{{- if .Values.tolerations }}
tolerations:
{{ toYaml .Values.tolerations | indent 8 }}
{{- end }}
nodeSelector:
beta.kubernetes.io/os: linux
{{- range .Values.nodeSelectors }}
{{- $pair := regexSplit "=" . 2 }}
{{- if eq 2 (len $pair) }}
{{ (index $pair 0) }}: {{ (index $pair 1) }}
{{- else }}
{{ (index $pair 0) }}: ""
{{- end }}
{{- end }}
volumes:
- name: prometheus-static-hooks
configMap:
name: {{ template "app.hooks.fullname" . }}
defaultMode: 0777
- name: prometheus-static-contents
emptyDir: {}
- name: prometheus-nginx-template
configMap:
name: {{ template "app.nginx.fullname" . }}
defaultMode: 438
items:
- key: nginx.conf
mode: 438
path: nginx.conf
charts/rancher-monitoring/v0.0.2/charts/prometheus/templates/prometheus.yaml
...@@ -12,9 +12,33 @@ spec: ...@@ -12,9 +12,33 @@ spec:
securityContext: securityContext:
{{ toYaml .Values.securityContext | indent 4 }} {{ toYaml .Values.securityContext | indent 4 }}
{{- end }} {{- end }}
{{- if eq .Values.level "cluster" }}
listenLocal: true
containers: containers:
- name: prometheus-proxy
command:
- /bin/sh
- -c
- cp /nginx/run-sh.tmpl /var/run/nginx-start.sh; chmod +x /var/run/nginx-start.sh; /var/run/nginx-start.sh
env:
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
image: {{ template "system_default_registry" . }}{{ .Values.image.proxy.repository }}:{{ .Values.image.proxy.tag }}
ports:
- containerPort: 80
name: http
protocol: TCP
{{- if and .Values.resources .Values.resources.proxy }}
resources:
{{ toYaml .Values.resources.proxy | indent 6 }}
{{- end }}
securityContext:
runAsNonRoot: false
runAsUser: 0
volumeMounts:
- mountPath: /nginx
name: configmap-{{ template "app.nginx.fullname" . }}
{{- if eq .Values.level "cluster" }}
- name: prometheus-agent - name: prometheus-agent
command: command:
- prometheus-auth - prometheus-auth
...@@ -31,9 +55,6 @@ spec: ...@@ -31,9 +55,6 @@ spec:
- containerPort: 9090 - containerPort: 9090
name: web name: web
protocol: TCP protocol: TCP
- containerPort: 9190
name: profile
protocol: TCP
livenessProbe: livenessProbe:
failureThreshold: 6 failureThreshold: 6
httpGet: httpGet:
...@@ -56,14 +77,7 @@ spec: ...@@ -56,14 +77,7 @@ spec:
resources: resources:
{{ toYaml .Values.resources.auth | indent 6 }} {{ toYaml .Values.resources.auth | indent 6 }}
{{- end }} {{- end }}
{{- if .Values.sidecarsSpec }} listenLocal: true
{{ toYaml .Values.sidecarsSpec | indent 2 }}
{{- end }}
{{- else }}
{{- if .Values.sidecarsSpec }}
containers:
{{ toYaml .Values.sidecarsSpec | indent 2 }}
{{- end }}
{{- end }} {{- end }}
podMetadata: podMetadata:
labels: labels:
...@@ -104,9 +118,11 @@ spec: ...@@ -104,9 +118,11 @@ spec:
{{ toYaml .Values.resources.core | indent 4 }} {{ toYaml .Values.resources.core | indent 4 }}
{{- end }} {{- end }}
retention: "{{ .Values.retention }}" retention: "{{ .Values.retention }}"
configMaps:
- {{ template "app.nginx.fullname" . }}
{{- if .Values.secrets }} {{- if .Values.secrets }}
secrets: secrets:
{{ toYaml .Values.secrets | indent 4 }} {{ toYaml .Values.secrets | indent 2 }}
{{- end }} {{- end }}
{{- if .Values.enabledRBAC }} {{- if .Values.enabledRBAC }}
serviceAccountName: {{ default (default (include "app.fullname" .) .Values.serviceAccountName) .Values.serviceAccountNameOverride }} serviceAccountName: {{ default (default (include "app.fullname" .) .Values.serviceAccountName) .Values.serviceAccountNameOverride }}
......
charts/rancher-monitoring/v0.0.2/charts/prometheus/templates/secrets.yaml
...@@ -8,7 +8,7 @@ metadata: ...@@ -8,7 +8,7 @@ metadata:
heritage: {{ .Release.Service }} heritage: {{ .Release.Service }}
release: {{ .Release.Name }} release: {{ .Release.Name }}
name: {{ template "app.fullname" . }}-additional-scrape-configs name: {{ template "app.fullname" . }}-additional-scrape-configs
data: stringData:
additional-scrape-configs.yaml: {{ template "additional-scrape-configs.yaml" . }} additional-scrape-configs.yaml: {{ template "additional-scrape-configs.yaml" . }}
{{- end }} {{- end }}
...@@ -23,6 +23,6 @@ metadata: ...@@ -23,6 +23,6 @@ metadata:
heritage: {{ .Release.Service }} heritage: {{ .Release.Service }}
release: {{ .Release.Name }} release: {{ .Release.Name }}
name: {{ template "app.fullname" . }}-additional-alertmanager-configs name: {{ template "app.fullname" . }}-additional-alertmanager-configs
data: stringData:
additional-alertmanager-configs.yaml: {{ template "additional-alertmanager-configs.yaml" . }} additional-alertmanager-configs.yaml: {{ template "additional-alertmanager-configs.yaml" . }}
{{- end }} {{- end }}
\ No newline at end of file
charts/rancher-monitoring/v0.0.2/charts/prometheus/templates/service.yaml
...@@ -10,11 +10,11 @@ metadata: ...@@ -10,11 +10,11 @@ metadata:
kubernetes.io/cluster-service: "true" kubernetes.io/cluster-service: "true"
spec: spec:
type: ClusterIP type: ClusterIP
sessionAffinity: ClientIP
selector: selector:
app: {{ template "app.name" . }} app: {{ template "app.name" . }}
chart: {{ template "app.version" . }} chart: {{ template "app.version" . }}
release: {{ .Release.Name }} release: {{ .Release.Name }}
component: nginx
ports: ports:
- name: http - name: http
port: 80 port: 80
......
charts/rancher-monitoring/v0.0.2/charts/prometheus/values.yaml
...@@ -68,7 +68,3 @@ additionalAlertManagerConfigs: [] ...@@ -68,7 +68,3 @@ additionalAlertManagerConfigs: []
# - static_configs: # - static_configs:
# - targets: # - targets:
# - "localhost:9093" # - "localhost:9093"
sidecarsSpec: []
# - name: sidecar
# image: registry/name:tag
charts/rancher-monitoring/v0.0.2/values.yaml
...@@ -283,14 +283,10 @@ prometheus: ...@@ -283,14 +283,10 @@ prometheus:
level: cluster level: cluster
auth: auth:
args: args:
- --proxy-url - --proxy-url=http://localhost:9090
- http://localhost:9090 - --listen-address=$(POD_IP):9090
- --listen-address - --filter-reader-labels=prometheus
- $(POD_IP):9090 - --filter-reader-labels=prometheus_replica
- --filter-reader-labels
- prometheus
- --filter-reader-labels
- prometheus_replica
env: env:
- name: POD_IP - name: POD_IP
valueFrom: valueFrom:
...@@ -308,13 +304,6 @@ prometheus: ...@@ -308,13 +304,6 @@ prometheus:
tag: 1.15.8-alpine tag: 1.15.8-alpine
nodeSelectors: [] nodeSelectors: []
resources: resources:
inits:
limits:
memory: 50Mi
cpu: 50m
requests:
memory: 50Mi
cpu: 50m
core: core:
limits: limits:
memory: 500Mi memory: 500Mi
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment