Undercloud/k8s-apps
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

.

Browse Source
This commit is contained in:
Gitea Root Administrator
2026-03-14 14:49:59 +00:00
parent 4d5163a4b1
commit 608077d74a
3 changed files with 214 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
app-of-apps/kube-state-metrics.yaml Normal file
View File

@@ -0,0 +1,16 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: kube-state-metrics
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
destination:
#namespace: kube-state-metrics
server: https://kubernetes.default.svc
project: default
source:
path: kube-state-metrics
repoURL: http://gitea.gitea.svc.k8s.undercloud.local:3000/Undercloud/k8s-apps.git
targetRevision: HEAD

182
kube-state-metrics/kube-state-metrics.yaml Normal file
View File

@@ -0,0 +1,182 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: kube-state-metrics
namespace: kube-system
labels:
app.kubernetes.io/name: kube-state-metrics
app.kubernetes.io/component: exporter
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: kube-state-metrics
labels:
app.kubernetes.io/name: kube-state-metrics
app.kubernetes.io/component: exporter
rules:
- apiGroups: [""]
resources:
- configmaps
- secrets
- nodes
- pods
- services
- resourcequotas
- replicationcontrollers
- limitranges
- persistentvolumeclaims
- persistentvolumes
- namespaces
- endpoints
verbs: ["list", "watch"]
- apiGroups: ["apps"]
resources:
- statefulsets
- daemonsets
- deployments
- replicasets
verbs: ["list", "watch"]
- apiGroups: ["batch"]
resources:
- cronjobs
- jobs
verbs: ["list", "watch"]
- apiGroups: ["autoscaling"]
resources:
- horizontalpodautoscalers
verbs: ["list", "watch"]
- apiGroups: ["authentication.k8s.io"]
resources:
- tokenreviews
verbs: ["create"]
- apiGroups: ["authorization.k8s.io"]
resources:
- subjectaccessreviews
verbs: ["create"]
- apiGroups: ["policy"]
resources:
- poddisruptionbudgets
verbs: ["list", "watch"]
- apiGroups: ["certificates.k8s.io"]
resources:
- certificatesigningrequests
verbs: ["list", "watch"]
- apiGroups: ["storage.k8s.io"]
resources:
- storageclasses
- volumeattachments
- csinodes
verbs: ["list", "watch"]
- apiGroups: ["admissionregistration.k8s.io"]
resources:
- mutatingwebhookconfigurations
- validatingwebhookconfigurations
verbs: ["list", "watch"]
- apiGroups: ["networking.k8s.io"]
resources:
- networkpolicies
- ingressclasses
- ingresses
verbs: ["list", "watch"]
- apiGroups: ["coordination.k8s.io"]
resources:
- leases
verbs: ["list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: kube-state-metrics
labels:
app.kubernetes.io/name: kube-state-metrics
app.kubernetes.io/component: exporter
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: kube-state-metrics
subjects:
- kind: ServiceAccount
name: kube-state-metrics
namespace: kube-system
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: kube-state-metrics
namespace: kube-system
labels:
app.kubernetes.io/name: kube-state-metrics
app.kubernetes.io/component: exporter
app.kubernetes.io/version: "2.18.0"
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: kube-state-metrics
template:
metadata:
labels:
app.kubernetes.io/name: kube-state-metrics
app.kubernetes.io/component: exporter
app.kubernetes.io/version: "2.18.0"
spec:
serviceAccountName: kube-state-metrics
automountServiceAccountToken: true
nodeSelector:
kubernetes.io/os: linux
containers:
- name: kube-state-metrics
image: registry.k8s.io/kube-state-metrics/kube-state-metrics:v2.18.0
imagePullPolicy: IfNotPresent
ports:
- name: http
containerPort: 8080
- name: telemetry
containerPort: 8081
livenessProbe:
httpGet:
path: /livez
port: http
initialDelaySeconds: 5
timeoutSeconds: 5
readinessProbe:
httpGet:
path: /readyz
port: telemetry
initialDelaySeconds: 5
timeoutSeconds: 5
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop: ["ALL"]
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 65534
seccompProfile:
type: RuntimeDefault
resources:
requests:
cpu: 10m
memory: 32Mi
limits:
memory: 256Mi
---
apiVersion: v1
kind: Service
metadata:
name: kube-state-metrics
namespace: kube-system
labels:
app.kubernetes.io/name: kube-state-metrics
app.kubernetes.io/component: exporter
spec:
selector:
app.kubernetes.io/name: kube-state-metrics
ports:
- name: http
port: 8080
targetPort: http
- name: telemetry
port: 8081
targetPort: telemetry

32
victoria-monitoring/scrape-k8s-control-plane.yaml
View File

@@ -98,19 +98,19 @@ spec:
insecureSkipVerify: true insecureSkipVerify: true
--- ---
apiVersion: operator.victoriametrics.com/v1beta1 #apiVersion: operator.victoriametrics.com/v1beta1
kind: VMStaticScrape #kind: VMStaticScrape
metadata: #metadata:
name: etcd # name: etcd
namespace: vm # namespace: vm
spec: #spec:
jobName: etcd # jobName: etcd
targetEndpoints: # targetEndpoints:
- targets: # - targets:
- "[2001:470:7116:2::91]:2381" # - "[2001:470:7116:2::91]:2381"
- "[2001:470:7116:2::92]:2381" # - "[2001:470:7116:2::92]:2381"
- "[2001:470:7116:2::93]:2381" # - "[2001:470:7116:2::93]:2381"
path: /metrics # path: /metrics
scheme: http # scheme: http
interval: 30s # interval: 30s
scrapeTimeout: 10s # scrapeTimeout: 10s