From 7d8813708479cd77afc66e0c10a4fd9eac46c2db Mon Sep 17 00:00:00 2001 From: Jose Henrique Date: Tue, 21 Oct 2025 15:53:48 -0300 Subject: [PATCH] adding monitoring --- monitoring/grafana.yaml | 105 +++++++++++++++++++++++ monitoring/kube-state-metrics.yaml | 109 ++++++++++++++++++++++++ monitoring/nodeexporter.yaml | 56 +++++++++++++ monitoring/prometheus.yaml | 130 +++++++++++++++++++++++++++++ 4 files changed, 400 insertions(+) create mode 100644 monitoring/grafana.yaml create mode 100644 monitoring/kube-state-metrics.yaml create mode 100644 monitoring/nodeexporter.yaml create mode 100644 monitoring/prometheus.yaml diff --git a/monitoring/grafana.yaml b/monitoring/grafana.yaml new file mode 100644 index 0000000..97b68b5 --- /dev/null +++ b/monitoring/grafana.yaml @@ -0,0 +1,105 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: grafana + name: grafana + namespace: monitoring +spec: + selector: + matchLabels: + app: grafana + template: + metadata: + labels: + app: grafana + spec: + securityContext: + fsGroup: 472 + supplementalGroups: + - 0 + containers: + - name: grafana + image: grafana/grafana:latest + imagePullPolicy: Always + ports: + - containerPort: 3000 + name: http-grafana + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /robots.txt + port: 3000 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 30 + successThreshold: 1 + timeoutSeconds: 2 + livenessProbe: + failureThreshold: 3 + initialDelaySeconds: 30 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: 3000 + timeoutSeconds: 1 + resources: + requests: + cpu: 250m + memory: 750Mi + volumeMounts: + - mountPath: /var/lib/grafana + name: grafana-pv + volumes: + - name: grafana-pv + persistentVolumeClaim: + claimName: grafana-pvc +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: grafana-pvc + namespace: monitoring + annotations: + nfs.io/storage-path: "grafana-data" +spec: + storageClassName: "nfs-client" + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi +--- +apiVersion: v1 +kind: Service +metadata: + namespace: monitoring + name: grafana +spec: + ports: + - port: 3000 + protocol: TCP + targetPort: http-grafana + selector: + app: grafana + type: ClusterIP +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + namespace: monitoring + name: grafana +spec: + ingressClassName: nginx + rules: + - host: grafana.haven + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: grafana + port: + number: 3000 \ No newline at end of file diff --git a/monitoring/kube-state-metrics.yaml b/monitoring/kube-state-metrics.yaml new file mode 100644 index 0000000..fba535b --- /dev/null +++ b/monitoring/kube-state-metrics.yaml @@ -0,0 +1,109 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: kube-state-metrics + namespace: monitoring +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: kube-state-metrics +rules: + - apiGroups: [""] + resources: + - nodes + - pods + - services + - endpoints + - namespaces + - replicationcontrollers + verbs: ["list", "watch"] + - apiGroups: ["extensions", "apps"] + resources: + - daemonsets + - deployments + - replicasets + - statefulsets + verbs: ["list", "watch"] + - apiGroups: ["batch"] + resources: + - cronjobs + - jobs + verbs: ["list", "watch"] + - apiGroups: ["autoscaling"] + resources: + - horizontalpodautoscalers + verbs: ["list", "watch"] + - apiGroups: ["policy"] + resources: + - poddisruptionbudgets + verbs: ["list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: + - storageclasses + - volumeattachments + verbs: ["list", "watch"] + - apiGroups: ["apps"] + resources: + - replicasets + verbs: ["list", "watch"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: kube-state-metrics +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: kube-state-metrics +subjects: + - kind: ServiceAccount + name: kube-state-metrics + namespace: monitoring +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: kube-state-metrics + namespace: monitoring + labels: + app: kube-state-metrics +spec: + replicas: 1 + selector: + matchLabels: + app: kube-state-metrics + template: + metadata: + labels: + app: kube-state-metrics + spec: + serviceAccountName: kube-state-metrics + containers: + - name: kube-state-metrics + image: registry.k8s.io/kube-state-metrics/kube-state-metrics:v2.13.0 + ports: + - name: http-metrics + containerPort: 8080 + resources: + requests: + cpu: 50m + memory: 64Mi + limits: + cpu: 200m + memory: 256Mi +--- +apiVersion: v1 +kind: Service +metadata: + name: kube-state-metrics + namespace: monitoring + labels: + app: kube-state-metrics +spec: + ports: + - name: http-metrics + port: 8080 + targetPort: http-metrics + selector: + app: kube-state-metrics diff --git a/monitoring/nodeexporter.yaml b/monitoring/nodeexporter.yaml new file mode 100644 index 0000000..bac150b --- /dev/null +++ b/monitoring/nodeexporter.yaml @@ -0,0 +1,56 @@ +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: node-exporter + namespace: monitoring + labels: + app: node-exporter +spec: + selector: + matchLabels: + app: node-exporter + template: + metadata: + labels: + app: node-exporter + spec: + hostNetwork: true + containers: + - name: node-exporter + image: prom/node-exporter:latest + imagePullPolicy: Always + args: + - "--path.rootfs=/host" + ports: + - containerPort: 9100 + hostPort: 9100 + name: metrics + protocol: TCP + resources: + requests: + memory: "50Mi" + cpu: "100m" + limits: + memory: "100Mi" + cpu: "200m" + volumeMounts: + - name: host + mountPath: /host + readOnly: true + volumes: + - name: host + hostPath: + path: / +--- +apiVersion: v1 +kind: Service +metadata: + name: node-exporter + namespace: monitoring +spec: + selector: + app: node-exporter + ports: + - name: metrics + port: 9100 + targetPort: metrics diff --git a/monitoring/prometheus.yaml b/monitoring/prometheus.yaml new file mode 100644 index 0000000..560e207 --- /dev/null +++ b/monitoring/prometheus.yaml @@ -0,0 +1,130 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: prometheus + namespace: monitoring + labels: + app: prometheus +spec: + replicas: 1 + selector: + matchLabels: + app: prometheus + template: + metadata: + labels: + app: prometheus + spec: + serviceAccountName: prometheus + containers: + - name: prometheus + image: prom/prometheus:latest + args: + - "--config.file=/etc/prometheus/prometheus.yml" + - "--storage.tsdb.path=/prometheus" + - "--storage.tsdb.retention.time=3d" + - "--web.enable-lifecycle" + ports: + - containerPort: 9090 + name: web + volumeMounts: + - name: prometheus-config-volume + mountPath: /etc/prometheus + - name: prometheus-storage + mountPath: /prometheus + resources: + requests: + memory: "500Mi" + cpu: "200m" + limits: + memory: "1Gi" + cpu: "500m" + volumes: + - name: prometheus-config-volume + persistentVolumeClaim: + claimName: prometheus-pvc + - name: prometheus-storage + emptyDir: + medium: Memory + sizeLimit: 256Mi +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: prometheus-pvc + namespace: monitoring + annotations: + nfs.io/storage-path: "prometheus-config" +spec: + storageClassName: "nfs-client" + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi +--- +# Service URL - http://prometheus.monitoring.svc.cluster.local:9090 +apiVersion: v1 +kind: Service +metadata: + name: prometheus + namespace: monitoring + labels: + app: prometheus +spec: + ports: + - name: web + port: 9090 + targetPort: web + selector: + app: prometheus + type: ClusterIP +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: prometheus + namespace: monitoring + labels: + app: prometheus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: prometheus + namespace: monitoring + labels: + app: prometheus +rules: +- apiGroups: [""] + resources: + - nodes + - nodes/proxy + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] +- apiGroups: ["extensions"] + resources: + - ingresses + verbs: ["get", "list", "watch"] +- apiGroups: ["networking.k8s.io"] + resources: + - ingresses + verbs: ["get", "list", "watch"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: prometheus + namespace: monitoring + labels: + app: prometheus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: prometheus +subjects: +- kind: ServiceAccount + name: prometheus + namespace: monitoring \ No newline at end of file