Prometheus Openstack Exporter: tidy chart and add ks user
This PS adds keystone user management to the prometheus-openstack-exporter chart, and also performs some spring cleaning. Change-Id: I69e40c523867f751ecd8c63169aefdfdf4eb5cd2
This commit is contained in:
portdirect
parent
217385a0dd
commit
9b40b8656d
@ -20,10 +20,12 @@ limitations under the License.
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: openstack-exporter-bin
|
||||
name: prometheus-openstack-exporter-bin
|
||||
data:
|
||||
image-repo-sync.sh: |+
|
||||
{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }}
|
||||
openstack-exporter.sh: |
|
||||
{{ tuple "bin/_openstack-exporter.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||
ks-user.sh: |+
|
||||
{{- include "helm-toolkit.scripts.keystone_user" . | indent 4 }}
|
||||
prometheus-openstack-exporter.sh: |
|
||||
{{ tuple "bin/_prometheus-openstack-exporter.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||
{{- end }}
|
||||
|
||||
@ -18,9 +18,9 @@ limitations under the License.
|
||||
{{- $envAll := . }}
|
||||
{{- $ksUserSecret := .Values.secrets.identity.user }}
|
||||
{{- if .Values.images.local_registry.active -}}
|
||||
{{- $_ := set .Values "pod_dependency" (merge .Values.dependencies.openstack_metrics_exporter .Values.conditional_dependencies.local_image_registry) -}}
|
||||
{{- $_ := set .Values "pod_dependency" (merge .Values.dependencies.prometheus_openstack_exporter .Values.conditional_dependencies.local_image_registry) -}}
|
||||
{{- else -}}
|
||||
{{- $_ := set .Values "pod_dependency" .Values.dependencies.openstack_metrics_exporter -}}
|
||||
{{- $_ := set .Values "pod_dependency" .Values.dependencies.prometheus_openstack_exporter -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- $serviceAccountName := "prometheus-openstack-exporter" }}
|
||||
@ -29,51 +29,52 @@ limitations under the License.
|
||||
apiVersion: extensions/v1beta1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: openstack-exporter
|
||||
name: prometheus-openstack-exporter
|
||||
spec:
|
||||
replicas: {{ .Values.pod.replicas.openstack_metrics_exporter }}
|
||||
replicas: {{ .Values.pod.replicas.prometheus_openstack_exporter }}
|
||||
{{ tuple $envAll | include "helm-toolkit.snippets.kubernetes_upgrades_deployment" | indent 2 }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
{{ tuple $envAll "openstack-exporter" "exporter" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
||||
{{ tuple $envAll "prometheus-openstack-exporter" "exporter" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
||||
spec:
|
||||
serviceAccountName: {{ $serviceAccountName }}
|
||||
nodeSelector:
|
||||
{{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }}
|
||||
terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.openstack_metrics_exporter.timeout | default "30" }}
|
||||
terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.prometheus_openstack_exporter.timeout | default "30" }}
|
||||
initContainers:
|
||||
{{ tuple $envAll .Values.pod_dependency list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||
containers:
|
||||
- name: openstack-metrics-exporter
|
||||
{{ tuple $envAll "openstack_metrics_exporter" | include "helm-toolkit.snippets.image" | indent 10 }}
|
||||
{{ tuple $envAll $envAll.Values.pod.resources.openstack_metrics_exporter | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||
{{ tuple $envAll "prometheus_openstack_exporter" | include "helm-toolkit.snippets.image" | indent 10 }}
|
||||
{{ tuple $envAll $envAll.Values.pod.resources.prometheus_openstack_exporter | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||
command:
|
||||
- /tmp/openstack-exporter.sh
|
||||
- /tmp/prometheus-openstack-exporter.sh
|
||||
- start
|
||||
lifecycle:
|
||||
preStop:
|
||||
exec:
|
||||
command:
|
||||
- /tmp/prometheus-openstack-exporter.sh
|
||||
- stop
|
||||
ports:
|
||||
- name: metrics
|
||||
containerPort: {{ .Values.network.openstack_metrics_exporter.port }}
|
||||
containerPort: {{ tuple "prometheus_openstack_exporter" "internal" "exporter" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
env:
|
||||
- name: TIMEOUT_SECONDS
|
||||
value: "{{ .Values.conf.openstack_metrics_exporter.timeout_seconds }}"
|
||||
- name: OS_POLLING_INTERVAL
|
||||
value: "{{ .Values.conf.openstack_metrics_exporter.polling_interval_seconds }}"
|
||||
- name: OS_RETRIES
|
||||
value: "{{ .Values.conf.openstack_metrics_exporter.retries }}"
|
||||
- name: LISTEN_PORT
|
||||
value: "{{ .Values.network.openstack_metrics_exporter.port }}"
|
||||
value: {{ tuple "prometheus_openstack_exporter" "internal" "exporter" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | quote }}
|
||||
{{ include "helm-toolkit.utils.to_k8s_env_vars" .Values.conf.prometheus_openstack_exporter | indent 12 }}
|
||||
{{- with $env := dict "ksUserSecret" $ksUserSecret }}
|
||||
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
|
||||
{{- end }}
|
||||
volumeMounts:
|
||||
- name: openstack-exporter-bin
|
||||
mountPath: /tmp/openstack-exporter.sh
|
||||
subPath: openstack-exporter.sh
|
||||
- name: prometheus-openstack-exporter-bin
|
||||
mountPath: /tmp/prometheus-openstack-exporter.sh
|
||||
subPath: prometheus-openstack-exporter.sh
|
||||
readOnly: true
|
||||
volumes:
|
||||
- name: openstack-exporter-bin
|
||||
- name: prometheus-openstack-exporter-bin
|
||||
configMap:
|
||||
name: openstack-exporter-bin
|
||||
name: prometheus-openstack-exporter-bin
|
||||
defaultMode: 0555
|
||||
{{- end }}
|
||||
|
||||
@ -19,14 +19,14 @@ limitations under the License.
|
||||
{{- if .Values.images.local_registry.active -}}
|
||||
{{- $_ := set .Values "pod_dependency" .Values.dependencies.image_repo_sync -}}
|
||||
|
||||
{{- $serviceAccountName := "openstack-exporter-image-repo-sync"}}
|
||||
{{- $serviceAccountName := "prometheus-openstack-exporter-image-repo-sync"}}
|
||||
{{ tuple $envAll $envAll.Values.pod_dependency $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
||||
|
||||
---
|
||||
apiVersion: batch/v1
|
||||
kind: Job
|
||||
metadata:
|
||||
name: openstack-metrics-exporter-image-repo-sync
|
||||
name: prometheus-openstack-exporter-image-repo-sync
|
||||
spec:
|
||||
template:
|
||||
metadata:
|
||||
@ -51,16 +51,16 @@ spec:
|
||||
command:
|
||||
- /tmp/image-repo-sync.sh
|
||||
volumeMounts:
|
||||
- name: openstack-exporter-bin
|
||||
- name: prometheus-openstack-exporter-bin
|
||||
mountPath: /tmp/image-repo-sync.sh
|
||||
subPath: image-repo-sync.sh
|
||||
readOnly: true
|
||||
- name: docker-socket
|
||||
mountPath: /var/run/docker.sock
|
||||
volumes:
|
||||
- name: openstack-exporter-bin
|
||||
- name: prometheus-openstack-exporter-bin
|
||||
configMap:
|
||||
name: openstack-exporter-bin
|
||||
name: prometheus-openstack-exporter-bin
|
||||
defaultMode: 0555
|
||||
- name: docker-socket
|
||||
hostPath:
|
||||
|
||||
67
prometheus-openstack-exporter/templates/job-ks-user.yaml
Normal file
67
prometheus-openstack-exporter/templates/job-ks-user.yaml
Normal file
@ -0,0 +1,67 @@
|
||||
{{/*
|
||||
Copyright 2017 The Openstack-Helm Authors.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if .Values.manifests.job_ks_user }}
|
||||
{{- $envAll := . }}
|
||||
{{- $dependencies := .Values.dependencies.ks_user }}
|
||||
|
||||
{{- $serviceAccountName := "prometheus-openstack-exporter-ks-user" }}
|
||||
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
||||
---
|
||||
apiVersion: batch/v1
|
||||
kind: Job
|
||||
metadata:
|
||||
name: prometheus-openstack-exporter-ks-user
|
||||
spec:
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
{{ tuple $envAll "prometheus-openstack-exporter" "ks-user" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
||||
spec:
|
||||
serviceAccountName: {{ $serviceAccountName }}
|
||||
restartPolicy: OnFailure
|
||||
nodeSelector:
|
||||
{{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }}
|
||||
initContainers:
|
||||
{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||
containers:
|
||||
- name: prometheus-openstack-exporter-ks-user
|
||||
{{ tuple $envAll "ks_user" | include "helm-toolkit.snippets.image" | indent 10 }}
|
||||
{{ tuple $envAll $envAll.Values.pod.resources.jobs.ks_user | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||
command:
|
||||
- /tmp/ks-user.sh
|
||||
volumeMounts:
|
||||
- name: ks-user-sh
|
||||
mountPath: /tmp/ks-user.sh
|
||||
subPath: ks-user.sh
|
||||
readOnly: true
|
||||
env:
|
||||
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin }}
|
||||
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
|
||||
{{- end }}
|
||||
- name: SERVICE_OS_SERVICE_NAME
|
||||
value: "prometheus-openstack-exporter"
|
||||
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.user }}
|
||||
{{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }}
|
||||
{{- end }}
|
||||
- name: SERVICE_OS_ROLE
|
||||
value: {{ .Values.endpoints.identity.auth.user.role | quote }}
|
||||
volumes:
|
||||
- name: ks-user-sh
|
||||
configMap:
|
||||
name: prometheus-openstack-exporter-bin
|
||||
defaultMode: 0555
|
||||
{{- end }}
|
||||
@ -14,16 +14,17 @@ See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if .Values.manifests.openstack_metrics_user }}
|
||||
{{- if .Values.manifests.secret_keystone }}
|
||||
{{- $envAll := . }}
|
||||
{{- $secretName := index $envAll.Values.secrets.identity.user }}
|
||||
{{- range $key1, $userClass := tuple "admin" "user" }}
|
||||
{{- $secretName := index $envAll.Values.secrets.identity $userClass }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ $secretName }}
|
||||
namespace: {{ $envAll.Values.endpoints.openstack_metrics_exporter.namespace }}
|
||||
type: Opaque
|
||||
data:
|
||||
{{- tuple "user" "internal" $envAll | include "helm-toolkit.snippets.keystone_secret_openrc" | indent 2 -}}
|
||||
{{- tuple $userClass "internal" $envAll | include "helm-toolkit.snippets.keystone_secret_openrc" | indent 2 -}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@ -14,23 +14,23 @@ See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if .Values.manifests.service_openstack_metrics_exporter }}
|
||||
{{- if .Values.manifests.service }}
|
||||
{{- $envAll := . }}
|
||||
{{- $endpoint := $envAll.Values.endpoints.openstack_metrics_exporter }}
|
||||
{{- $endpoint := $envAll.Values.endpoints.prometheus_openstack_exporter }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ tuple "openstack_metrics_exporter" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
|
||||
name: {{ tuple "prometheus_openstack_exporter" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
|
||||
labels:
|
||||
{{ tuple $envAll "openstack-exporter" "metrics" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
||||
{{ tuple $envAll "prometheus-openstack-exporter" "metrics" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
||||
annotations:
|
||||
{{ tuple $endpoint | include "helm-toolkit.snippets.prometheus_service_annotations" | indent 4 }}
|
||||
spec:
|
||||
ports:
|
||||
- name: http
|
||||
port: {{ .Values.network.openstack_metrics_exporter.port }}
|
||||
targetPort: {{ .Values.network.openstack_metrics_exporter.port }}
|
||||
port: {{ tuple "prometheus_openstack_exporter" "internal" "exporter" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
targetPort: {{ tuple "prometheus_openstack_exporter" "internal" "exporter" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
selector:
|
||||
{{ tuple $envAll "openstack-exporter" "exporter" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
||||
{{ tuple $envAll "prometheus-openstack-exporter" "exporter" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
||||
{{- end }}
|
||||
|
||||
@ -12,17 +12,17 @@
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
# Default values for kube-state-metrics.
|
||||
# Default values for prometheus-openstack-exporter.
|
||||
# This is a YAML-formatted file.
|
||||
# Declare variables to be passed into your templates.
|
||||
|
||||
images:
|
||||
tags:
|
||||
openstack_metrics_exporter: docker.io/rakeshpatnaik/prometheus-openstack-exporter:v0.1
|
||||
prometheus_openstack_exporter: docker.io/rakeshpatnaik/prometheus-openstack-exporter:v0.1
|
||||
helm_tests: docker.io/kolla/ubuntu-source-kolla-toolbox:3.0.3
|
||||
pull_policy: IfNotPresent
|
||||
dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.2.1
|
||||
image_repo_sync: docker.io/docker:17.07.0
|
||||
ks_user: docker.io/kolla/ubuntu-source-heat-engine:3.0.3
|
||||
pull_policy: IfNotPresent
|
||||
local_registry:
|
||||
active: false
|
||||
@ -36,17 +36,17 @@ labels:
|
||||
|
||||
pod:
|
||||
affinity:
|
||||
anti:
|
||||
type:
|
||||
default: preferredDuringSchedulingIgnoredDuringExecution
|
||||
topologyKey:
|
||||
default: kubernetes.io/hostname
|
||||
anti:
|
||||
type:
|
||||
default: preferredDuringSchedulingIgnoredDuringExecution
|
||||
topologyKey:
|
||||
default: kubernetes.io/hostname
|
||||
mounts:
|
||||
openstack_metrics_exporter:
|
||||
openstack_metrics_exporter:
|
||||
prometheus_openstack_exporter:
|
||||
prometheus_openstack_exporter:
|
||||
init_container: null
|
||||
replicas:
|
||||
openstack_metrics_exporter: 1
|
||||
prometheus_openstack_exporter: 1
|
||||
lifecycle:
|
||||
upgrades:
|
||||
revision_history: 3
|
||||
@ -55,7 +55,7 @@ pod:
|
||||
max_unavailable: 1
|
||||
max_surge: 3
|
||||
termination_grace_period:
|
||||
openstack_metrics_exporter:
|
||||
prometheus_openstack_exporter:
|
||||
timeout: 30
|
||||
resources:
|
||||
enabled: false
|
||||
@ -74,12 +74,25 @@ pod:
|
||||
limits:
|
||||
memory: "1024Mi"
|
||||
cpu: "2000m"
|
||||
|
||||
secrets:
|
||||
identity:
|
||||
user: openstack-metrics-user
|
||||
ks_user:
|
||||
requests:
|
||||
memory: "128Mi"
|
||||
cpu: "100m"
|
||||
limits:
|
||||
memory: "1024Mi"
|
||||
cpu: "2000m"
|
||||
|
||||
dependencies:
|
||||
ks_user:
|
||||
services:
|
||||
- service: identity
|
||||
endpoint: internal
|
||||
prometheus_openstack_exporter:
|
||||
jobs:
|
||||
- prometheus-openstack-exporter-ks-user
|
||||
services:
|
||||
- service: identity
|
||||
endpoint: internal
|
||||
image_repo_sync:
|
||||
services:
|
||||
- service: local_image_registry
|
||||
@ -88,18 +101,21 @@ dependencies:
|
||||
conditional_dependencies:
|
||||
local_image_registry:
|
||||
jobs:
|
||||
- openstack-metrics-exporter-image-repo-sync
|
||||
- prometheus-openstack-exporter-image-repo-sync
|
||||
services:
|
||||
- service: local_image_registry
|
||||
endpoint: node
|
||||
|
||||
conf:
|
||||
openstack_metrics_exporter:
|
||||
polling_interval_seconds: 30
|
||||
timeout_seconds: 20
|
||||
retries: 1
|
||||
os_cpu_oc_ratio: 1.5
|
||||
os_ram_oc_ratio: 1.0
|
||||
prometheus_openstack_exporter:
|
||||
OS_POLLING_INTERVAL: 30
|
||||
TIMEOUT_SECONDS: 20
|
||||
OS_RETRIES: 1
|
||||
|
||||
secrets:
|
||||
identity:
|
||||
admin: prometheus-openstack-exporter-keystone-admin
|
||||
user: prometheus-openstack-exporter-keystone-user
|
||||
|
||||
endpoints:
|
||||
cluster_domain_suffix: cluster.local
|
||||
@ -115,7 +131,7 @@ endpoints:
|
||||
port:
|
||||
registry:
|
||||
node: 5000
|
||||
openstack_metrics_exporter:
|
||||
prometheus_openstack_exporter:
|
||||
namespace: null
|
||||
hosts:
|
||||
default: openstack-metrics
|
||||
@ -125,14 +141,24 @@ endpoints:
|
||||
default: null
|
||||
scheme:
|
||||
default: 'http'
|
||||
port:
|
||||
exporter:
|
||||
default: 9103
|
||||
scrape: true
|
||||
identity:
|
||||
name: keystone
|
||||
auth:
|
||||
admin:
|
||||
region_name: RegionOne
|
||||
username: admin
|
||||
password: password
|
||||
project_name: admin
|
||||
user_domain_name: default
|
||||
project_domain_name: default
|
||||
user:
|
||||
role: admin
|
||||
region_name: RegionOne
|
||||
username: nova
|
||||
username: prometheus-openstack-exporter
|
||||
password: password
|
||||
project_name: service
|
||||
user_domain_name: default
|
||||
@ -152,17 +178,10 @@ endpoints:
|
||||
api:
|
||||
default: 80
|
||||
|
||||
network:
|
||||
openstack_metrics_exporter:
|
||||
port: 9103
|
||||
|
||||
manifests:
|
||||
configmap_bin: true
|
||||
clusterrole: true
|
||||
clusterrolebinding: true
|
||||
deployment: true
|
||||
job_image_repo_sync: true
|
||||
rbac_entrypoint: true
|
||||
service_openstack_metrics_exporter: true
|
||||
serviceaccount: true
|
||||
openstack_metrics_user: true
|
||||
job_ks_user: true
|
||||
secret_keystone: true
|
||||
service: true
|
||||
|
||||
@ -145,6 +145,15 @@ charts:
|
||||
enabled: false
|
||||
timeout: 300
|
||||
output: false
|
||||
values:
|
||||
# NOTE(portdirect): Keystone Management is disabled here, as keystone is
|
||||
# not deployed in the OSH infra gates.
|
||||
manifests:
|
||||
job_ks_user: false
|
||||
dependencies:
|
||||
prometheus_openstack_exporter:
|
||||
jobs: null
|
||||
services: null
|
||||
|
||||
grafana:
|
||||
chart_name: grafana
|
||||
|
||||
Loading…
Reference in New Issue
Block a user