Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ( KubeRBACProxyPortNumber = 9339 PrometheusServingCertSecretName = "prometheus-serving-cert-secret" PrometheusKubeRBACPoxyConfigMapName = "prometheus-kube-rbac-proxy-config" )
View Source
var AlertmanagerConfigTemplate = promv1a1.AlertmanagerConfig{ Spec: promv1a1.AlertmanagerConfigSpec{ Route: &promv1a1.Route{ Receiver: "null", Routes: []apiextensionsv1.JSON{ convertToAPIExtV1JSON(promv1a1.Route{ GroupBy: []string{"alertname"}, GroupWait: "30s", GroupInterval: "5m", RepeatInterval: "12h", Matchers: []promv1a1.Matcher{ { Name: "alertname", Value: getRegexMatcher(smtpAlerts), MatchType: promv1a1.MatchRegexp, }, }, Receiver: "SendGrid", }, ), convertToAPIExtV1JSON(promv1a1.Route{ GroupBy: []string{"alertname"}, GroupWait: "30s", GroupInterval: "5m", RepeatInterval: "12h", Matchers: []promv1a1.Matcher{ { Name: "alertname", Value: getRegexMatcher(pagerdutyAlerts), MatchType: promv1a1.MatchRegexp, }, }, Receiver: "pagerduty", }, ), convertToAPIExtV1JSON(promv1a1.Route{ GroupBy: []string{"alertname"}, GroupWait: "30s", GroupInterval: "5m", RepeatInterval: "5m", Matchers: []promv1a1.Matcher{ { Name: "alertname", Value: "DeadMansSnitch", MatchType: promv1a1.MatchEqual, }, }, Receiver: "DeadMansSnitch", }, ), }, }, Receivers: []promv1a1.Receiver{ { Name: "null", }, { Name: "pagerduty", PagerDutyConfigs: []promv1a1.PagerDutyConfig{{ ServiceKey: &corev1.SecretKeySelector{Key: "", LocalObjectReference: corev1.LocalObjectReference{Name: ""}}, Details: []promv1a1.KeyValue{{Key: "", Value: ""}}, }}, }, { Name: "DeadMansSnitch", WebhookConfigs: []promv1a1.WebhookConfig{{}}, }, { Name: "SendGrid", EmailConfigs: []promv1a1.EmailConfig{ { SendResolved: &_false, Smarthost: "", From: "", To: "", AuthUsername: "", AuthPassword: &corev1.SecretKeySelector{Key: "", LocalObjectReference: corev1.LocalObjectReference{Name: ""}}, Headers: []promv1a1.KeyValue{{ Key: "subject", Value: "OpenShift Data Foundation Managed Service notification, " + "Action required on your managed OpenShift cluster!", }}, }, }, }, }, }, }
View Source
var AlertmanagerTemplate = promv1.Alertmanager{ Spec: promv1.AlertmanagerSpec{ Replicas: &_1, Resources: utils.GetResourceRequirements("alertmanager"), TopologySpreadConstraints: []v1.TopologySpreadConstraint{ { MaxSkew: 1, LabelSelector: &metav1.LabelSelector{ MatchLabels: map[string]string{ "app": "alertmanager", }, }, WhenUnsatisfiable: v1.ScheduleAnyway, TopologyKey: "kubernetes.io/hostname", }, }, }, }
View Source
var DMSPrometheusRuleTemplate = promv1.PrometheusRule{ Spec: promv1.PrometheusRuleSpec{ Groups: []promv1.RuleGroup{ { Name: "snitch-alert", Rules: []promv1.Rule{ { Alert: "DeadMansSnitch", Expr: intstr.IntOrString{ Type: intstr.String, StrVal: "vector(1)", }, Labels: map[string]string{ "alertname": "DeadMansSnitch", "severity": "warning", }, Annotations: map[string]string{ "severity_level": "warning", "storage_type": "NooBaa", }, }, }, }, }, }, }
DMSPrometheusRuleTemplate This prometheus rule ensures that a DMS alert occurs during every prometheus scrape.
View Source
var KubeRBACProxyConfigMap = corev1.ConfigMap{ Data: map[string]string{ "config-file.json": (func() string { config := struct { Authorization struct { Static [2]struct { Path string `json:"path"` ResourceRequest bool `json:"resourceRequest"` Verb string `json:"verb"` } `json:"static"` } `json:"authorization"` }{} item := &config.Authorization.Static[0] item.Verb = "get" item.Path = "/metrics" item.ResourceRequest = false item = &config.Authorization.Static[1] item.Verb = "get" item.Path = "/federate" item.ResourceRequest = false raw, _ := json.Marshal(config) return string(raw) })(), }, }
View Source
var NetworkPolicyTemplate = netv1.NetworkPolicy{ Spec: netv1.NetworkPolicySpec{ Ingress: []netv1.NetworkPolicyIngressRule{ { From: []netv1.NetworkPolicyPeer{ { PodSelector: &metav1.LabelSelector{}, }, { NamespaceSelector: &metav1.LabelSelector{}, }, }, }, }, PolicyTypes: []netv1.PolicyType{ netv1.PolicyTypeIngress, }, PodSelector: metav1.LabelSelector{}, }, }
View Source
var NoobaaTemplate = &noobaa.NooBaa{ Spec: noobaa.NooBaaSpec{ DefaultBackingStoreSpec: &noobaa.BackingStoreSpec{ PVPool: &noobaa.PVPoolSpec{ StorageClass: "gp2", NumVolumes: 1, VolumeResources: &v1.ResourceRequirements{ Requests: v1.ResourceList{ v1.ResourceStorage: resource.MustParse("32Gi"), }, Limits: v1.ResourceList{ v1.ResourceStorage: resource.MustParse("32Gi"), }, }, }, Type: noobaa.StoreTypePVPool, }, Endpoints: &noobaa.EndpointsSpec{ MinCount: 1, MaxCount: 2, Resources: &v1.ResourceRequirements{ Limits: v1.ResourceList{ v1.ResourceCPU: resource.MustParse("1"), v1.ResourceMemory: resource.MustParse("2Gi"), }, Requests: v1.ResourceList{ v1.ResourceCPU: resource.MustParse("1"), v1.ResourceMemory: resource.MustParse("2Gi"), }, }, }, CleanupPolicy: noobaa.CleanupPolicySpec{ AllowNoobaaDeletion: true, Confirmation: "confirmed", }, }, }
View Source
var PrometheusProxyNetworkPolicyTemplate = netv1.NetworkPolicy{ Spec: netv1.NetworkPolicySpec{ Ingress: []netv1.NetworkPolicyIngressRule{ { Ports: []netv1.NetworkPolicyPort{ { Port: &prometheusProxyPort, Protocol: &prometheusProxyProtocol, }, }, }, }, PolicyTypes: []netv1.PolicyType{ netv1.PolicyTypeIngress, }, PodSelector: metav1.LabelSelector{ MatchExpressions: []metav1.LabelSelectorRequirement{ { Key: "prometheus", Operator: metav1.LabelSelectorOpIn, Values: []string{ "managed-mcg-prometheus", }, }, }, }, }, }
View Source
var PrometheusTemplate = promv1.Prometheus{ Spec: promv1.PrometheusSpec{ CommonPrometheusFields: promv1.CommonPrometheusFields{ ServiceMonitorSelector: &resourceSelector, PodMonitorSelector: &resourceSelector, Volumes: []corev1.Volume{ { Name: "serving-cert", VolumeSource: corev1.VolumeSource{ Secret: &corev1.SecretVolumeSource{ SecretName: PrometheusServingCertSecretName, }, }, }, { Name: "kube-rbac-config", VolumeSource: corev1.VolumeSource{ ConfigMap: &corev1.ConfigMapVolumeSource{ LocalObjectReference: corev1.LocalObjectReference{ Name: PrometheusKubeRBACPoxyConfigMapName, }, }, }, }, }, Resources: utils.GetResourceRequirements("prometheus"), ServiceAccountName: "prometheus-k8s", ListenLocal: true, Containers: []corev1.Container{{ Name: "kube-rbac-proxy", Args: []string{ fmt.Sprintf("--secure-listen-address=0.0.0.0:%d", KubeRBACProxyPortNumber), "--upstream=http://127.0.0.1:9090/", "--logtostderr=true", "--v=10", "--tls-cert-file=/etc/tls-secret/tls.crt", "--tls-private-key-file=/etc/tls-secret/tls.key", "--client-ca-file=/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt", "--config-file=/etc/kube-rbac-config/config-file.json", }, Ports: []corev1.ContainerPort{{ Name: "https", ContainerPort: int32(KubeRBACProxyPortNumber), }}, VolumeMounts: []corev1.VolumeMount{ { Name: "serving-cert", MountPath: "/etc/tls-secret", }, { Name: "kube-rbac-config", MountPath: "/etc/kube-rbac-config", }, }, Resources: utils.GetResourceRequirements("kube-rbac-proxy"), }}, RemoteWrite: []promv1.RemoteWriteSpec{ { OAuth2: &promv1.OAuth2{ ClientSecret: corev1.SecretKeySelector{ LocalObjectReference: corev1.LocalObjectReference{}, }, ClientID: promv1.SecretOrConfigMap{ Secret: &corev1.SecretKeySelector{ LocalObjectReference: corev1.LocalObjectReference{}, }, }, EndpointParams: map[string]string{}, }, WriteRelabelConfigs: []promv1.RelabelConfig{ { SourceLabels: []promv1.LabelName{"__name__", "alertname"}, Regex: getRelabelRegex(alerts, metrics), Action: "keep", }, }, }, }, }, RuleSelector: &resourceSelector, Alerting: &promv1.AlertingSpec{ Alertmanagers: []promv1.AlertmanagerEndpoints{ { Namespace: "", Name: "alertmanager-operated", Port: intstr.FromString("web"), }, }, }, }, }
Functions ¶
This section is empty.
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.