From 5c15ce0e5a7a7a014189cd2ec6fa0ac5d306029d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=B6ren=20Schneider?= <56670304+soerenschneider@users.noreply.github.com> Date: Tue, 17 Sep 2024 22:13:33 +0200 Subject: [PATCH] add more components to monitoring stack --- .../monitoring/blackbox-exporter/config.yaml | 40 +++++++++++++++++++ .../blackbox-exporter/kustomization.yaml | 14 +++++++ .../kube-state-metrics/kustomization.yaml | 8 ++++ .../monitoring/kustomization.yaml | 33 +++++++++++++++ .../monitoring/namespace.yaml | 7 ++++ .../monitoring/pushgateway/kustomization.yaml | 8 ++++ .../monitoring/vmalert/kustomization.yaml | 20 ++++++++++ 7 files changed, 130 insertions(+) create mode 100644 clusters/dqs.dd.soeren.cloud/monitoring/blackbox-exporter/config.yaml create mode 100644 clusters/dqs.dd.soeren.cloud/monitoring/blackbox-exporter/kustomization.yaml create mode 100644 clusters/dqs.dd.soeren.cloud/monitoring/kube-state-metrics/kustomization.yaml create mode 100644 clusters/dqs.dd.soeren.cloud/monitoring/kustomization.yaml create mode 100644 clusters/dqs.dd.soeren.cloud/monitoring/namespace.yaml create mode 100644 clusters/dqs.dd.soeren.cloud/monitoring/pushgateway/kustomization.yaml create mode 100644 clusters/dqs.dd.soeren.cloud/monitoring/vmalert/kustomization.yaml diff --git a/clusters/dqs.dd.soeren.cloud/monitoring/blackbox-exporter/config.yaml b/clusters/dqs.dd.soeren.cloud/monitoring/blackbox-exporter/config.yaml new file mode 100644 index 0000000..417814f --- /dev/null +++ b/clusters/dqs.dd.soeren.cloud/monitoring/blackbox-exporter/config.yaml @@ -0,0 +1,40 @@ +--- +modules: + dns_soerenschneider: + dns: + query_name: router.ez.soeren.cloud + query_type: A + validate_answer_rrs: + fail_if_not_matches_regexp: + - "router.ez.soeren.cloud.\t.*\tIN\tA\t.*192\\.168\\.2\\.3" + prober: dns + http: + http: + tls_config: + cert_file: /certs/tls.crt + key_file: /certs/tls.key + valid_status_codes: + - 200 + - 204 + - 301 + - 302 + - 403 + - 404 + prober: http + timeout: 5s + http_2xx: + prober: http + timeout: 5s + icmp: + icmp: + preferred_ip_protocol: ip4 + prober: icmp + timeout: 2s + tcp_cert: + prober: tcp + tcp: + tls: true + timeout: 2s + tcp_connect: + prober: tcp + timeout: 2s diff --git a/clusters/dqs.dd.soeren.cloud/monitoring/blackbox-exporter/kustomization.yaml b/clusters/dqs.dd.soeren.cloud/monitoring/blackbox-exporter/kustomization.yaml new file mode 100644 index 0000000..c2d5b75 --- /dev/null +++ b/clusters/dqs.dd.soeren.cloud/monitoring/blackbox-exporter/kustomization.yaml @@ -0,0 +1,14 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: monitoring +resources: + - ../../../../apps/monitoring/blackbox_exporter +components: + - ../../../../apps/monitoring/blackbox_exporter/components/custom-config + - ../../../../apps/monitoring/blackbox_exporter/components/reverse-proxy + - ../../../../apps/monitoring/blackbox_exporter/components/tls-client-cert +configMapGenerator: + - name: blackbox-exporter-config + files: + - config.yaml diff --git a/clusters/dqs.dd.soeren.cloud/monitoring/kube-state-metrics/kustomization.yaml b/clusters/dqs.dd.soeren.cloud/monitoring/kube-state-metrics/kustomization.yaml new file mode 100644 index 0000000..d6fd40e --- /dev/null +++ b/clusters/dqs.dd.soeren.cloud/monitoring/kube-state-metrics/kustomization.yaml @@ -0,0 +1,8 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: monitoring +resources: + - ../../../../apps/monitoring/kube-state-metrics +components: + - ../../../../apps/monitoring/kube-state-metrics/components/rbac diff --git a/clusters/dqs.dd.soeren.cloud/monitoring/kustomization.yaml b/clusters/dqs.dd.soeren.cloud/monitoring/kustomization.yaml new file mode 100644 index 0000000..3f8ce4e --- /dev/null +++ b/clusters/dqs.dd.soeren.cloud/monitoring/kustomization.yaml @@ -0,0 +1,33 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: monitoring +resources: + - namespace.yaml + - alertmanager + - blackbox-exporter + - karma + - kube-state-metrics + - prometheus + - pushgateway + - vmalert +components: + - ../../../apps/monitoring/components/tls-client-cert + - ../../../apps/monitoring/components/reverse-proxy + - ../../../apps/monitoring/components/reverse-proxy-istio +patches: + - target: + kind: VirtualService + name: monitoring-reverse-proxy + patch: |- + - op: "replace" + path: "/spec/hosts" + value: + - "monitoring.dqs.dd.soeren.cloud" + - target: + kind: Issuer + name: vault-issuer + patch: |- + - op: "replace" + path: "/spec/vault/auth/kubernetes/mountPath" + value: "/v1/auth/dqs.dd.soeren.cloud" diff --git a/clusters/dqs.dd.soeren.cloud/monitoring/namespace.yaml b/clusters/dqs.dd.soeren.cloud/monitoring/namespace.yaml new file mode 100644 index 0000000..cb3be8a --- /dev/null +++ b/clusters/dqs.dd.soeren.cloud/monitoring/namespace.yaml @@ -0,0 +1,7 @@ +--- +kind: Namespace +apiVersion: v1 +metadata: + name: monitoring + labels: + name: monitoring diff --git a/clusters/dqs.dd.soeren.cloud/monitoring/pushgateway/kustomization.yaml b/clusters/dqs.dd.soeren.cloud/monitoring/pushgateway/kustomization.yaml new file mode 100644 index 0000000..ded268c --- /dev/null +++ b/clusters/dqs.dd.soeren.cloud/monitoring/pushgateway/kustomization.yaml @@ -0,0 +1,8 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: monitoring +resources: + - ../../../../apps/monitoring/pushgateway +components: + - ../../../../apps/monitoring/pushgateway/components/reverse-proxy diff --git a/clusters/dqs.dd.soeren.cloud/monitoring/vmalert/kustomization.yaml b/clusters/dqs.dd.soeren.cloud/monitoring/vmalert/kustomization.yaml new file mode 100644 index 0000000..5bceaa3 --- /dev/null +++ b/clusters/dqs.dd.soeren.cloud/monitoring/vmalert/kustomization.yaml @@ -0,0 +1,20 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: monitoring +resources: + - ../../../../apps/monitoring/vmalert +components: + - ../../../../apps/monitoring/vmalert/components/tls-client-cert + - ../../../../apps/monitoring/vmalert/components/initcontainer-seed-rules +patches: + - target: + kind: Deployment + name: vmalert + patch: | + - op: add + path: "/spec/template/spec/containers/0/args" + value: + - "-notifier.url=http://alertmanager" + - "-datasource.url=http://prometheus" + - "-rule=/rules/*.rules"