|
@@ -0,0 +1,147 @@
|
|
|
+
|
|
|
+---
|
|
|
+###################################################
|
|
|
+# kube-state-metrics Roles
|
|
|
+###################################################
|
|
|
+apiVersion: rbac.authorization.k8s.io/v1
|
|
|
+kind: Role
|
|
|
+metadata:
|
|
|
+ namespace: monitoring
|
|
|
+ name: kube-state-metrics
|
|
|
+rules:
|
|
|
+- apiGroups: [""]
|
|
|
+ resources:
|
|
|
+ - pods
|
|
|
+ verbs: ["get"]
|
|
|
+- apiGroups: ["extensions"]
|
|
|
+ resources:
|
|
|
+ - deployments
|
|
|
+ resourceNames: ["kube-state-metrics"]
|
|
|
+ verbs: ["get", "update"]
|
|
|
+---
|
|
|
+
|
|
|
+apiVersion: rbac.authorization.k8s.io/v1
|
|
|
+kind: RoleBinding
|
|
|
+metadata:
|
|
|
+ name: kube-state-metrics
|
|
|
+ namespace: monitoring
|
|
|
+roleRef:
|
|
|
+ apiGroup: rbac.authorization.k8s.io
|
|
|
+ kind: Role
|
|
|
+ name: kube-state-metrics
|
|
|
+subjects:
|
|
|
+- kind: ServiceAccount
|
|
|
+ name: kube-state-metrics
|
|
|
+ namespace: monitoring
|
|
|
+---
|
|
|
+
|
|
|
+apiVersion: rbac.authorization.k8s.io/v1
|
|
|
+kind: ClusterRole
|
|
|
+metadata:
|
|
|
+ name: kube-state-metrics
|
|
|
+ namespace: monitoring
|
|
|
+rules:
|
|
|
+- apiGroups: [""]
|
|
|
+ resources:
|
|
|
+ - nodes
|
|
|
+ - pods
|
|
|
+ - services
|
|
|
+ - resourcequotas
|
|
|
+ - replicationcontrollers
|
|
|
+ - limitranges
|
|
|
+ - persistentvolumeclaims
|
|
|
+ - persistentvolumes
|
|
|
+ - namespaces
|
|
|
+ - endpoints
|
|
|
+ verbs: ["list", "watch"]
|
|
|
+- apiGroups: ["extensions"]
|
|
|
+ resources:
|
|
|
+ - daemonsets
|
|
|
+ - deployments
|
|
|
+ - replicasets
|
|
|
+ verbs: ["list", "watch"]
|
|
|
+- apiGroups: ["apps"]
|
|
|
+ resources:
|
|
|
+ - statefulsets
|
|
|
+ verbs: ["list", "watch"]
|
|
|
+- apiGroups: ["batch"]
|
|
|
+ resources:
|
|
|
+ - cronjobs
|
|
|
+ - jobs
|
|
|
+ verbs: ["list", "watch"]
|
|
|
+- apiGroups: ["autoscaling"]
|
|
|
+ resources:
|
|
|
+ - horizontalpodautoscalers
|
|
|
+ verbs: ["list", "watch"]
|
|
|
+- apiGroups: ["policy"]
|
|
|
+ resources:
|
|
|
+ - poddisruptionbudgets
|
|
|
+ verbs: ["list", "watch"]
|
|
|
+---
|
|
|
+
|
|
|
+apiVersion: rbac.authorization.k8s.io/v1
|
|
|
+kind: ClusterRoleBinding
|
|
|
+metadata:
|
|
|
+ name: kube-state-metrics
|
|
|
+ namespace: monitoring
|
|
|
+roleRef:
|
|
|
+ apiGroup: rbac.authorization.k8s.io
|
|
|
+ kind: ClusterRole
|
|
|
+ name: kube-state-metrics
|
|
|
+subjects:
|
|
|
+- kind: ServiceAccount
|
|
|
+ name: kube-state-metrics
|
|
|
+ namespace: monitoring
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+---
|
|
|
+###################################################
|
|
|
+# kube-state-metrics ServiceAccount
|
|
|
+###################################################
|
|
|
+apiVersion: v1
|
|
|
+kind: ServiceAccount
|
|
|
+metadata:
|
|
|
+ name: kube-state-metrics
|
|
|
+ namespace: monitoring
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+---
|
|
|
+###################################################
|
|
|
+# kube-state-metrics Deployment
|
|
|
+###################################################
|
|
|
+apiVersion: apps/v1
|
|
|
+kind: Deployment
|
|
|
+metadata:
|
|
|
+ name: kube-state-metrics
|
|
|
+ namespace: monitoring
|
|
|
+spec:
|
|
|
+ selector:
|
|
|
+ matchLabels:
|
|
|
+ app: kube-state-metrics
|
|
|
+ grafanak8sapp: "true"
|
|
|
+ replicas: 1
|
|
|
+ template:
|
|
|
+ metadata:
|
|
|
+ labels:
|
|
|
+ app: kube-state-metrics
|
|
|
+ grafanak8sapp: "true"
|
|
|
+ spec:
|
|
|
+ serviceAccountName: kube-state-metrics
|
|
|
+ containers:
|
|
|
+ - name: kube-state-metrics
|
|
|
+ image: quay.io/coreos/kube-state-metrics:v1.1.0
|
|
|
+ ports:
|
|
|
+ - name: http-metrics
|
|
|
+ containerPort: 8080
|
|
|
+ readinessProbe:
|
|
|
+ httpGet:
|
|
|
+ path: /healthz
|
|
|
+ port: 8080
|
|
|
+ initialDelaySeconds: 5
|
|
|
+ timeoutSeconds: 5
|
|
|
+
|