Undercloud/k8s-apps
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3df180b18a7fc6579d1c48358f528c9bc00a8c99
k8s-apps/monitoring/kube-state-metrics.yaml
Sebastian 4cc5779655 snapshots
2025-08-20 13:13:46 +02:00

160 lines
4.5 KiB
YAML
Raw Blame History

apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/name: kube-state-metrics
name: kube-state-metrics
namespace: monitoring
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: kube-state-metrics
template:
metadata:
#nnotations:
# kubectl.kubernetes.io/default-container: kube-state-metrics
labels:
app.kubernetes.io/name: kube-state-metrics
spec:
automountServiceAccountToken: true
containers:
- args:
#- --host=127.0.0.1
#- --port=8081
#- --telemetry-host=127.0.0.1
#- --telemetry-port=8082
image: registry.k8s.io/kube-state-metrics/kube-state-metrics:v2.8.2
name: kube-state-metrics
resources:
limits:
cpu: 100m
memory: 250Mi
requests:
cpu: 10m
#memory: 190Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsUser: 65534
# - args:
# - --logtostderr
# #- --secure-listen-address=:8443
# #- --tls-cipher-suites=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
# #- --upstream=http://127.0.0.1:8081/
# image: quay.io/brancz/kube-rbac-proxy:v0.14.0
# name: kube-rbac-proxy-main
# ports:
# - containerPort: 8443
# name: https-main
# resources:
# limits:
# cpu: 40m
# memory: 40Mi
# requests:
# cpu: 20m
# memory: 20Mi
# securityContext:
# allowPrivilegeEscalation: false
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsGroup: 65532
# runAsNonRoot: true
# runAsUser: 65532
# - args:
# - --logtostderr
# #- --secure-listen-address=:9443
# #- --tls-cipher-suites=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
# #- --upstream=http://127.0.0.1:8082/
# image: quay.io/brancz/kube-rbac-proxy:v0.14.0
# name: kube-rbac-proxy-self
# ports:
# - containerPort: 9443
# name: https-self
# resources:
# limits:
# cpu: 20m
# memory: 40Mi
# requests:
# cpu: 10m
# memory: 20Mi
# securityContext:
# allowPrivilegeEscalation: false
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsGroup: 65532
# runAsNonRoot: true
# runAsUser: 65532
nodeSelector:
# kubernetes.io/os: linux
serviceAccountName: kube-state-metrics
---
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/name: kube-state-metrics
name: kube-state-metrics
namespace: monitoring
spec:
type: ClusterIP
ipFamilies:
- IPv6
- IPv4
ipFamilyPolicy: PreferDualStack
ports:
#- name: https-main
# port: 8443
# targetPort: https-main
- name: http-main
port: 8080
targetPort: 8080
#- name: https-self
# port: 9443
# targetPort: https-self
selector:
app.kubernetes.io/name: kube-state-metrics
---
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
labels:
# app.kubernetes.io/name: kube-state-metrics
team: undercloud
name: kube-state-metrics
namespace: monitoring
spec:
endpoints:
#- bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
# honorLabels: true
# interval: 30s
# metricRelabelings:
# - action: drop
# regex: kube_endpoint_address_not_ready|kube_endpoint_address_available
# sourceLabels:
# - __name__
- port: http-main
relabelings:
- action: labeldrop
regex: (pod|service|endpoint|namespace)
scheme: http
scrapeTimeout: 30s
tlsConfig:
insecureSkipVerify: true
#- bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
# interval: 30s
# port: https-self
# scheme: https
# tlsConfig:
# insecureSkipVerify: true
jobLabel: app.kubernetes.io/name
selector:
matchLabels:
app.kubernetes.io/name: kube-state-metrics
Reference in New Issue View Git Blame Copy Permalink