Skip to content

Commit

Permalink
[kube-prometheus-stack] Chore: Improve kubelet ServiceMonitor
Browse files Browse the repository at this point in the history
Refactor the Kubelet ServiceMonitor with a helper template for handling
http/https schema. This will reduce the chance of copy-pasta mistakes
when updating the different kubelet monitoring endpoints.
* Define `kube-prometheus-stack.kubelet.scheme` for the port/schema.
* Define `kube-prometheus-stack.kubelet.authConfig` for TLS access controls.

Signed-off-by: SuperQ <[email protected]>
  • Loading branch information
SuperQ committed Dec 15, 2024
1 parent c8d410d commit f810522
Show file tree
Hide file tree
Showing 2 changed files with 25 additions and 119 deletions.
13 changes: 13 additions & 0 deletions charts/kube-prometheus-stack/templates/_helpers.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -318,3 +318,16 @@ global:
{{ $fullname }}-webhook.{{ $namespace }}.svc
{{- end }}
{{- end }}

{{/* To help configure the kubelet servicemonitor for http or https. */}}
{{- define "kube-prometheus-stack.kubelet.scheme" }}
{{- if .Values.kubelet.serviceMonitor.https }}https{{ else }}http{{ end }}
{{- end }}
{{- define "kube-prometheus-stack.kubelet.authConfig" }}
{{- if .Values.kubelet.serviceMonitor.https -}}
tlsConfig:
caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
insecureSkipVerify: {{ .Values.kubelet.serviceMonitor.insecureSkipVerify }}
bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
{{- end -}}
{{- end }}
Original file line number Diff line number Diff line change
Expand Up @@ -21,9 +21,8 @@ spec:
{{- toYaml . | nindent 4 }}
{{- end }}
endpoints:
{{- if .Values.kubelet.serviceMonitor.https }}
- port: https-metrics
scheme: https
- port: {{ template "kube-prometheus-stack.kubelet.scheme" . }}-metrics
scheme: {{ template "kube-prometheus-stack.kubelet.scheme" . }}
{{- if .Values.kubelet.serviceMonitor.interval }}
interval: {{ .Values.kubelet.serviceMonitor.interval }}
{{- end }}
Expand All @@ -33,10 +32,7 @@ spec:
{{- if .Values.kubelet.serviceMonitor.scrapeTimeout }}
scrapeTimeout: {{ .Values.kubelet.serviceMonitor.scrapeTimeout }}
{{- end }}
tlsConfig:
caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
insecureSkipVerify: {{ .Values.kubelet.serviceMonitor.insecureSkipVerify }}
bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
{{- include "kube-prometheus-stack.kubelet.authConfig" . | indent 4}}
honorLabels: {{ .Values.kubelet.serviceMonitor.honorLabels }}
honorTimestamps: {{ .Values.kubelet.serviceMonitor.honorTimestamps }}
{{- if .Values.kubelet.serviceMonitor.metricRelabelings }}
Expand All @@ -48,8 +44,8 @@ spec:
{{ tpl (toYaml .Values.kubelet.serviceMonitor.relabelings | indent 4) . }}
{{- end }}
{{- if .Values.kubelet.serviceMonitor.cAdvisor }}
- port: https-metrics
scheme: https
- port: {{ template "kube-prometheus-stack.kubelet.scheme" . }}-metrics
scheme: {{ template "kube-prometheus-stack.kubelet.scheme" . }}
path: /metrics/cadvisor
{{- if .Values.kubelet.serviceMonitor.interval }}
interval: {{ .Values.kubelet.serviceMonitor.interval }}
Expand All @@ -63,10 +59,7 @@ spec:
honorLabels: {{ .Values.kubelet.serviceMonitor.honorLabels }}
honorTimestamps: {{ .Values.kubelet.serviceMonitor.honorTimestamps }}
trackTimestampsStaleness: {{ .Values.kubelet.serviceMonitor.trackTimestampsStaleness }}
tlsConfig:
caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
insecureSkipVerify: true
bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
{{- include "kube-prometheus-stack.kubelet.authConfig" . | indent 4 }}
{{- if .Values.kubelet.serviceMonitor.cAdvisorMetricRelabelings }}
metricRelabelings:
{{ tpl (toYaml .Values.kubelet.serviceMonitor.cAdvisorMetricRelabelings | indent 4) . }}
Expand All @@ -77,8 +70,8 @@ spec:
{{- end }}
{{- end }}
{{- if .Values.kubelet.serviceMonitor.probes }}
- port: https-metrics
scheme: https
- port: {{ template "kube-prometheus-stack.kubelet.scheme" . }}-metrics
scheme: {{ template "kube-prometheus-stack.kubelet.scheme" . }}
path: /metrics/probes
{{- if .Values.kubelet.serviceMonitor.interval }}
interval: {{ .Values.kubelet.serviceMonitor.interval }}
Expand All @@ -91,10 +84,7 @@ spec:
{{- end }}
honorLabels: {{ .Values.kubelet.serviceMonitor.honorLabels }}
honorTimestamps: {{ .Values.kubelet.serviceMonitor.honorTimestamps }}
tlsConfig:
caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
insecureSkipVerify: true
bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
{{- include "kube-prometheus-stack.kubelet.authConfig" . | indent 4}}
{{- if .Values.kubelet.serviceMonitor.probesMetricRelabelings }}
metricRelabelings:
{{ tpl (toYaml .Values.kubelet.serviceMonitor.probesMetricRelabelings | indent 4) . }}
Expand All @@ -105,8 +95,8 @@ spec:
{{- end }}
{{- end }}
{{- if .Values.kubelet.serviceMonitor.resource }}
- port: https-metrics
scheme: https
- port: {{ template "kube-prometheus-stack.kubelet.scheme" . }}-metrics
scheme: {{ template "kube-prometheus-stack.kubelet.scheme" . }}
path: {{ .Values.kubelet.serviceMonitor.resourcePath }}
{{- if .Values.kubelet.serviceMonitor.interval }}
interval: {{ .Values.kubelet.serviceMonitor.interval }}
Expand All @@ -120,10 +110,7 @@ spec:
honorLabels: {{ .Values.kubelet.serviceMonitor.honorLabels }}
honorTimestamps: {{ .Values.kubelet.serviceMonitor.honorTimestamps }}
trackTimestampsStaleness: {{ .Values.kubelet.serviceMonitor.trackTimestampsStaleness }}
tlsConfig:
caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
insecureSkipVerify: true
bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
{{- include "kube-prometheus-stack.kubelet.authConfig" . | indent 4 }}
{{- if .Values.kubelet.serviceMonitor.resourceMetricRelabelings }}
metricRelabelings:
{{ tpl (toYaml .Values.kubelet.serviceMonitor.resourceMetricRelabelings | indent 4) . }}
Expand All @@ -133,100 +120,6 @@ spec:
{{ tpl (toYaml .Values.kubelet.serviceMonitor.resourceRelabelings | indent 4) . }}
{{- end }}
{{- end }}
{{- else }}
- port: http-metrics
{{- if .Values.kubelet.serviceMonitor.interval }}
interval: {{ .Values.kubelet.serviceMonitor.interval }}
{{- end }}
{{- if .Values.kubelet.serviceMonitor.proxyUrl }}
proxyUrl: {{ .Values.kubelet.serviceMonitor.proxyUrl }}
{{- end }}
{{- if .Values.kubelet.serviceMonitor.scrapeTimeout }}
scrapeTimeout: {{ .Values.kubelet.serviceMonitor.scrapeTimeout }}
{{- end }}
honorLabels: {{ .Values.kubelet.serviceMonitor.honorLabels }}
honorTimestamps: {{ .Values.kubelet.serviceMonitor.honorTimestamps }}
trackTimestampsStaleness: {{ .Values.kubelet.serviceMonitor.trackTimestampsStaleness }}
{{- if .Values.kubelet.serviceMonitor.metricRelabelings }}
metricRelabelings:
{{ tpl (toYaml .Values.kubelet.serviceMonitor.metricRelabelings | indent 4) . }}
{{- end }}
{{- if .Values.kubelet.serviceMonitor.relabelings }}
relabelings:
{{ tpl (toYaml .Values.kubelet.serviceMonitor.relabelings | indent 4) . }}
{{- end }}
{{- if .Values.kubelet.serviceMonitor.cAdvisor }}
- port: http-metrics
path: /metrics/cadvisor
{{- if .Values.kubelet.serviceMonitor.interval }}
interval: {{ .Values.kubelet.serviceMonitor.interval }}
{{- end }}
{{- if .Values.kubelet.serviceMonitor.proxyUrl }}
proxyUrl: {{ .Values.kubelet.serviceMonitor.proxyUrl }}
{{- end }}
{{- if .Values.kubelet.serviceMonitor.scrapeTimeout }}
scrapeTimeout: {{ .Values.kubelet.serviceMonitor.scrapeTimeout }}
{{- end }}
honorLabels: {{ .Values.kubelet.serviceMonitor.honorLabels }}
honorTimestamps: {{ .Values.kubelet.serviceMonitor.honorTimestamps }}
trackTimestampsStaleness: {{ .Values.kubelet.serviceMonitor.trackTimestampsStaleness }}
{{- if .Values.kubelet.serviceMonitor.cAdvisorMetricRelabelings }}
metricRelabelings:
{{ tpl (toYaml .Values.kubelet.serviceMonitor.cAdvisorMetricRelabelings | indent 4) . }}
{{- end }}
{{- if .Values.kubelet.serviceMonitor.cAdvisorRelabelings }}
relabelings:
{{ tpl (toYaml .Values.kubelet.serviceMonitor.cAdvisorRelabelings | indent 4) . }}
{{- end }}
{{- if .Values.kubelet.serviceMonitor.probes }}
- port: http-metrics
path: /metrics/probes
{{- if .Values.kubelet.serviceMonitor.interval }}
interval: {{ .Values.kubelet.serviceMonitor.interval }}
{{- end }}
{{- if .Values.kubelet.serviceMonitor.proxyUrl }}
proxyUrl: {{ .Values.kubelet.serviceMonitor.proxyUrl }}
{{- end }}
{{- if .Values.kubelet.serviceMonitor.scrapeTimeout }}
scrapeTimeout: {{ .Values.kubelet.serviceMonitor.scrapeTimeout }}
{{- end }}
honorLabels: {{ .Values.kubelet.serviceMonitor.honorLabels }}
honorTimestamps: {{ .Values.kubelet.serviceMonitor.honorTimestamps }}
{{- if .Values.kubelet.serviceMonitor.probesMetricRelabelings }}
metricRelabelings:
{{ tpl (toYaml .Values.kubelet.serviceMonitor.probesMetricRelabelings | indent 4) . }}
{{- end }}
{{- if .Values.kubelet.serviceMonitor.probesRelabelings }}
relabelings:
{{ tpl (toYaml .Values.kubelet.serviceMonitor.probesRelabelings | indent 4) . }}
{{- end }}
{{- end }}
{{- if .Values.kubelet.serviceMonitor.resource }}
- port: http-metrics
path: {{ .Values.kubelet.serviceMonitor.resourcePath }}
{{- if .Values.kubelet.serviceMonitor.interval }}
interval: {{ .Values.kubelet.serviceMonitor.interval }}
{{- end }}
{{- if .Values.kubelet.serviceMonitor.proxyUrl }}
proxyUrl: {{ .Values.kubelet.serviceMonitor.proxyUrl }}
{{- end }}
{{- if .Values.kubelet.serviceMonitor.scrapeTimeout }}
scrapeTimeout: {{ .Values.kubelet.serviceMonitor.scrapeTimeout }}
{{- end }}
honorLabels: {{ .Values.kubelet.serviceMonitor.honorLabels }}
honorTimestamps: {{ .Values.kubelet.serviceMonitor.honorTimestamps }}
trackTimestampsStaleness: {{ .Values.kubelet.serviceMonitor.trackTimestampsStaleness }}
{{- if .Values.kubelet.serviceMonitor.resourceMetricRelabelings }}
metricRelabelings:
{{ tpl (toYaml .Values.kubelet.serviceMonitor.resourceMetricRelabelings | indent 4) . }}
{{- end }}
{{- if .Values.kubelet.serviceMonitor.resourceRelabelings }}
relabelings:
{{ tpl (toYaml .Values.kubelet.serviceMonitor.resourceRelabelings | indent 4) . }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
jobLabel: k8s-app
{{- with .Values.kubelet.serviceMonitor.targetLabels }}
targetLabels:
Expand Down

0 comments on commit f810522

Please sign in to comment.