diff --git a/scripts/update-templates.sh b/scripts/update-templates.sh index 4780a44..e1c7e01 100755 --- a/scripts/update-templates.sh +++ b/scripts/update-templates.sh @@ -1,23 +1,23 @@ #!/usr/bin/env bash -PROMETHEUS_FILE="$(dirname $0)/../vars/prometheus_files_list.yml" -GRAFANA_FILE="$(dirname $0)/../vars/grafana_files_list.yml" -PROMETHEUS_REP="$(dirname $0)/../templates/prometheus" -GRAFANA_REP="$(dirname $0)/../templates/grafana" +PROMETHEUS_FILE="vars/prometheus_files_list.yml" +GRAFANA_FILE="vars/grafana_files_list.yml" +PROMETHEUS_REP="templates/prometheus" +GRAFANA_REP="templates/grafana" echo -e "---\nprometheus_files:" > "${PROMETHEUS_FILE}" echo -e "---\ngrafana_files:" > "${GRAFANA_FILE}" -git clone https://github.com/poseidon/typhoon.git $(dirname $0)/typhoon +git clone https://github.com/poseidon/typhoon.git typhoon -cp -fr $(dirname $0)/typhoon/addons/prometheus/* "${PROMETHEUS_REP}/" +cp -fr typhoon/addons/prometheus/* "${PROMETHEUS_REP}/" for i in $(ls "${PROMETHEUS_REP}"/rbac/*.yaml) $(ls "${PROMETHEUS_REP}"/*.yaml) $(ls "${PROMETHEUS_REP}"/discovery/*.yaml) $(ls "${PROMETHEUS_REP}"/exporters/*/*.yaml); do echo " - prometheus/${i#*prometheus/}" done >> "${PROMETHEUS_FILE}" sed '/0-namespace.yaml/ s/^\(.*\)$/#\1/' -i "${PROMETHEUS_FILE}" -cp -fr $(dirname $0)/typhoon/addons/grafana/* "${GRAFANA_REP}/" +cp -fr typhoon/addons/grafana/* "${GRAFANA_REP}/" for i in $(ls "${GRAFANA_REP}"/*.yaml); do echo " - grafana/${i#*grafana/}" done >> "${GRAFANA_FILE}" -rm -fr $(dirname $0)/typhoon \ No newline at end of file +rm -fr typhoon \ No newline at end of file diff --git a/templates/grafana/deployment.yaml b/templates/grafana/deployment.yaml index 57a0a24..5002481 100644 --- a/templates/grafana/deployment.yaml +++ b/templates/grafana/deployment.yaml @@ -23,7 +23,7 @@ spec: spec: containers: - name: grafana - image: docker.io/grafana/grafana:6.7.2 + image: docker.io/grafana/grafana:7.0.0-beta3 env: - name: GF_PATHS_CONFIG value: "/etc/grafana/custom.ini" diff --git a/templates/prometheus/deployment.yaml b/templates/prometheus/deployment.yaml index 35569e8..59fd276 100644 --- a/templates/prometheus/deployment.yaml +++ b/templates/prometheus/deployment.yaml @@ -20,7 +20,7 @@ spec: serviceAccountName: prometheus containers: - name: prometheus - image: quay.io/prometheus/prometheus:v2.17.1 + image: quay.io/prometheus/prometheus:v2.18.1 args: - --web.listen-address=0.0.0.0:9090 - --config.file=/etc/prometheus/prometheus.yaml diff --git a/templates/prometheus/exporters/kube-state-metrics/deployment.yaml b/templates/prometheus/exporters/kube-state-metrics/deployment.yaml index bf9274f..d05f811 100644 --- a/templates/prometheus/exporters/kube-state-metrics/deployment.yaml +++ b/templates/prometheus/exporters/kube-state-metrics/deployment.yaml @@ -24,7 +24,7 @@ spec: serviceAccountName: kube-state-metrics containers: - name: kube-state-metrics - image: quay.io/coreos/kube-state-metrics:v1.9.5 + image: quay.io/coreos/kube-state-metrics:v1.9.6 ports: - name: metrics containerPort: 8080 diff --git a/templates/prometheus/exporters/node-exporter/daemonset.yaml b/templates/prometheus/exporters/node-exporter/daemonset.yaml index da3f723..3b4199f 100644 --- a/templates/prometheus/exporters/node-exporter/daemonset.yaml +++ b/templates/prometheus/exporters/node-exporter/daemonset.yaml @@ -28,7 +28,7 @@ spec: hostPID: true containers: - name: node-exporter - image: quay.io/prometheus/node-exporter:v1.0.0-rc.0 + image: quay.io/prometheus/node-exporter:v1.0.0-rc.1 args: - --path.procfs=/host/proc - --path.sysfs=/host/sys diff --git a/templates/prometheus/rules.yaml b/templates/prometheus/rules.yaml index 69026c1..359cad7 100644 --- a/templates/prometheus/rules.yaml +++ b/templates/prometheus/rules.yaml @@ -882,10 +882,10 @@ data: { "alert": "KubeClientCertificateExpiration", "annotations": { - "message": "A client certificate used to authenticate to the apiserver is expiring in less than 7.0 days.", + "message": "A client certificate used to authenticate to the apiserver is expiring in less than 1.0 hours.", "runbook_url": "https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubeclientcertificateexpiration" }, - "expr": "apiserver_client_certificate_expiration_seconds_count{job=\"apiserver\"} > 0 and on(job) histogram_quantile(0.01, sum by (job, le) (rate(apiserver_client_certificate_expiration_seconds_bucket{job=\"apiserver\"}[5m]))) < 604800\n", + "expr": "apiserver_client_certificate_expiration_seconds_count{job=\"apiserver\"} > 0 and on(job) histogram_quantile(0.01, sum by (job, le) (rate(apiserver_client_certificate_expiration_seconds_bucket{job=\"apiserver\"}[5m]))) < 3600\n", "labels": { "severity": "warning" } @@ -893,10 +893,10 @@ data: { "alert": "KubeClientCertificateExpiration", "annotations": { - "message": "A client certificate used to authenticate to the apiserver is expiring in less than 24.0 hours.", + "message": "A client certificate used to authenticate to the apiserver is expiring in less than 0.1 hours.", "runbook_url": "https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubeclientcertificateexpiration" }, - "expr": "apiserver_client_certificate_expiration_seconds_count{job=\"apiserver\"} > 0 and on(job) histogram_quantile(0.01, sum by (job, le) (rate(apiserver_client_certificate_expiration_seconds_bucket{job=\"apiserver\"}[5m]))) < 86400\n", + "expr": "apiserver_client_certificate_expiration_seconds_count{job=\"apiserver\"} > 0 and on(job) histogram_quantile(0.01, sum by (job, le) (rate(apiserver_client_certificate_expiration_seconds_bucket{job=\"apiserver\"}[5m]))) < 300\n", "labels": { "severity": "critical" } diff --git a/vars/grafana_files_list.yml b/vars/grafana_files_list.yml index 47e339a..45237c2 100644 --- a/vars/grafana_files_list.yml +++ b/vars/grafana_files_list.yml @@ -3,10 +3,10 @@ grafana_files: - grafana/config.yaml - grafana/dashboards-coredns.yaml - grafana/dashboards-etcd.yaml + - grafana/dashboards-k8s.yaml - grafana/dashboards-k8s-nodes.yaml - grafana/dashboards-k8s-resources-1.yaml - grafana/dashboards-k8s-resources-2.yaml - - grafana/dashboards-k8s.yaml - grafana/dashboards-nginx-ingress.yaml - grafana/dashboards-node-exporter.yaml - grafana/dashboards-prom.yaml diff --git a/vars/prometheus_files_list.yml b/vars/prometheus_files_list.yml index dfe0d00..37c3039 100644 --- a/vars/prometheus_files_list.yml +++ b/vars/prometheus_files_list.yml @@ -1,22 +1,22 @@ --- prometheus_files: - - prometheus/rbac/cluster-role-binding.yaml - prometheus/rbac/cluster-role.yaml + - prometheus/rbac/cluster-role-binding.yaml # - prometheus/0-namespace.yaml - prometheus/config.yaml - prometheus/deployment.yaml - prometheus/network-policy.yaml - prometheus/rules.yaml - - prometheus/service-account.yaml - prometheus/service.yaml + - prometheus/service-account.yaml - prometheus/discovery/kube-controller-manager.yaml - prometheus/discovery/kube-proxy.yaml - prometheus/discovery/kube-scheduler.yaml - - prometheus/exporters/kube-state-metrics/cluster-role-binding.yaml - prometheus/exporters/kube-state-metrics/cluster-role.yaml + - prometheus/exporters/kube-state-metrics/cluster-role-binding.yaml - prometheus/exporters/kube-state-metrics/deployment.yaml - - prometheus/exporters/kube-state-metrics/service-account.yaml - prometheus/exporters/kube-state-metrics/service.yaml + - prometheus/exporters/kube-state-metrics/service-account.yaml - prometheus/exporters/node-exporter/daemonset.yaml - - prometheus/exporters/node-exporter/service-account.yaml - prometheus/exporters/node-exporter/service.yaml + - prometheus/exporters/node-exporter/service-account.yaml