diff options
Diffstat (limited to 'roles/openshift_prometheus')
-rw-r--r-- | roles/openshift_prometheus/README.md | 35 | ||||
-rw-r--r-- | roles/openshift_prometheus/defaults/main.yaml | 24 | ||||
-rw-r--r-- | roles/openshift_prometheus/tasks/install_prometheus.yaml | 15 | ||||
-rw-r--r-- | roles/openshift_prometheus/templates/prometheus.j2 (renamed from roles/openshift_prometheus/templates/prometheus_deployment.j2) | 23 |
4 files changed, 68 insertions, 29 deletions
diff --git a/roles/openshift_prometheus/README.md b/roles/openshift_prometheus/README.md index c5a44bffb..92f74928c 100644 --- a/roles/openshift_prometheus/README.md +++ b/roles/openshift_prometheus/README.md @@ -17,16 +17,16 @@ For default values, see [`defaults/main.yaml`](defaults/main.yaml). - `openshift_prometheus_namespace`: project (i.e. namespace) where the components will be deployed. -- `openshift_prometheus_replicas`: The number of replicas for prometheus deployment. - - `openshift_prometheus_node_selector`: Selector for the nodes prometheus will be deployed on. -- `openshift_prometheus_image_<COMPONENT>`: specify image for the component +- `openshift_prometheus_<COMPONENT>_image_prefix`: specify image prefix for the component + +- `openshift_prometheus_<COMPONENT>_image_version`: specify image version for the component -## Storage related variables -Each prometheus component (prometheus, alertmanager, alert-buffer, oauth-proxy) can set pv claim by setting corresponding role variable: +## PVC related variables +Each prometheus component (prometheus, alertmanager, alertbuffer) can set pv claim by setting corresponding role variable: ``` -openshift_prometheus_<COMPONENT>_storage_type: <VALUE> +openshift_prometheus_<COMPONENT>_storage_type: <VALUE> (pvc, emptydir) openshift_prometheus_<COMPONENT>_pvc_(name|size|access_modes|pv_selector): <VALUE> ``` e.g @@ -37,6 +37,29 @@ openshift_prometheus_alertbuffer_pvc_size: 10G openshift_prometheus_pvc_access_modes: [ReadWriteOnce] ``` +## NFS PV Storage variables +Each prometheus component (prometheus, alertmanager, alertbuffer) can set nfs pv by setting corresponding variable: +``` +openshift_prometheus_<COMPONENT>_storage_kind=<VALUE> +openshift_prometheus_<COMPONENT>_storage_(access_modes|host|labels)=<VALUE> +openshift_prometheus_<COMPONENT>_storage_volume_(name|size)=<VALUE> +openshift_prometheus_<COMPONENT>_storage_nfs_(directory|options)=<VALUE> +``` +e.g +``` +openshift_prometheus_storage_kind=nfs +openshift_prometheus_storage_access_modes=['ReadWriteOnce'] +openshift_prometheus_storage_host=nfs.example.com #for external host +openshift_prometheus_storage_nfs_directory=/exports +openshift_prometheus_storage_alertmanager_nfs_options='*(rw,root_squash)' +openshift_prometheus_storage_volume_name=prometheus +openshift_prometheus_storage_alertbuffer_volume_size=10Gi +openshift_prometheus_storage_labels={'storage': 'prometheus'} +``` + +NOTE: Setting `openshift_prometheus_<COMPONENT>_storage_labels` overrides `openshift_prometheus_<COMPONENT>_pvc_pv_selector` + + ## Additional Alert Rules file variable An external file with alert rules can be added by setting path to additional rules variable: ``` diff --git a/roles/openshift_prometheus/defaults/main.yaml b/roles/openshift_prometheus/defaults/main.yaml index c08bec4cb..00995eee6 100644 --- a/roles/openshift_prometheus/defaults/main.yaml +++ b/roles/openshift_prometheus/defaults/main.yaml @@ -4,32 +4,38 @@ openshift_prometheus_state: present openshift_prometheus_namespace: prometheus -openshift_prometheus_replicas: 1 openshift_prometheus_node_selector: {"region":"infra"} -# images -openshift_prometheus_image_proxy: "openshift/oauth-proxy:v1.0.0" -openshift_prometheus_image_prometheus: "openshift/prometheus:v2.0.0-dev" -openshift_prometheus_image_alertmanager: "openshift/prometheus-alertmanager:v0.9.1" -openshift_prometheus_image_alertbuffer: "openshift/prometheus-alert-buffer:v0.0.1" +# image defaults +openshift_prometheus_image_prefix: "openshift/" +openshift_prometheus_image_version: "v2.0.0-dev.3" +openshift_prometheus_proxy_image_prefix: "openshift/" +openshift_prometheus_proxy_image_version: "v1.0.0" +openshift_prometheus_alertmanager_image_prefix: "openshift/" +openshift_prometheus_alertmanager_image_version: "v0.9.1" +openshift_prometheus_alertbuffer_image_prefix: "openshift/" +openshift_prometheus_alertbuffer_image_version: "v0.0.2" # additional prometheus rules file openshift_prometheus_additional_rules_file: null # storage -openshift_prometheus_storage_type: pvc +# One of ['emptydir', 'pvc'] +openshift_prometheus_storage_type: "emptydir" openshift_prometheus_pvc_name: prometheus openshift_prometheus_pvc_size: "{{ openshift_prometheus_storage_volume_size | default('10Gi') }}" openshift_prometheus_pvc_access_modes: [ReadWriteOnce] openshift_prometheus_pvc_pv_selector: "{{ openshift_prometheus_storage_labels | default({}) }}" -openshift_prometheus_alertmanager_storage_type: pvc +# One of ['emptydir', 'pvc'] +openshift_prometheus_alertmanager_storage_type: "emptydir" openshift_prometheus_alertmanager_pvc_name: prometheus-alertmanager openshift_prometheus_alertmanager_pvc_size: "{{ openshift_prometheus_alertmanager_storage_volume_size | default('10Gi') }}" openshift_prometheus_alertmanager_pvc_access_modes: [ReadWriteOnce] openshift_prometheus_alertmanager_pvc_pv_selector: "{{ openshift_prometheus_alertmanager_storage_labels | default({}) }}" -openshift_prometheus_alertbuffer_storage_type: pvc +# One of ['emptydir', 'pvc'] +openshift_prometheus_alertbuffer_storage_type: "emptydir" openshift_prometheus_alertbuffer_pvc_name: prometheus-alertbuffer openshift_prometheus_alertbuffer_pvc_size: "{{ openshift_prometheus_alertbuffer_storage_volume_size | default('10Gi') }}" openshift_prometheus_alertbuffer_pvc_access_modes: [ReadWriteOnce] diff --git a/roles/openshift_prometheus/tasks/install_prometheus.yaml b/roles/openshift_prometheus/tasks/install_prometheus.yaml index cb75eedca..00c3c1987 100644 --- a/roles/openshift_prometheus/tasks/install_prometheus.yaml +++ b/roles/openshift_prometheus/tasks/install_prometheus.yaml @@ -128,6 +128,7 @@ access_modes: "{{ openshift_prometheus_pvc_access_modes }}" volume_capacity: "{{ openshift_prometheus_pvc_size }}" selector: "{{ openshift_prometheus_pvc_pv_selector }}" + when: openshift_prometheus_storage_type == 'pvc' - name: create alertmanager pvc oc_pvc: @@ -136,6 +137,7 @@ access_modes: "{{ openshift_prometheus_alertmanager_pvc_access_modes }}" volume_capacity: "{{ openshift_prometheus_alertmanager_pvc_size }}" selector: "{{ openshift_prometheus_alertmanager_pvc_pv_selector }}" + when: openshift_prometheus_alertmanager_storage_type == 'pvc' - name: create alertbuffer pvc oc_pvc: @@ -144,22 +146,23 @@ access_modes: "{{ openshift_prometheus_alertbuffer_pvc_access_modes }}" volume_capacity: "{{ openshift_prometheus_alertbuffer_pvc_size }}" selector: "{{ openshift_prometheus_alertbuffer_pvc_pv_selector }}" + when: openshift_prometheus_alertbuffer_storage_type == 'pvc' -# create prometheus deployment -- name: Set prometheus deployment template +# create prometheus stateful set +- name: Set prometheus template template: - src: prometheus_deployment.j2 + src: prometheus.j2 dest: "{{ tempdir }}/templates/prometheus.yaml" vars: namespace: "{{ openshift_prometheus_namespace }}" - prom_replicas: "{{ openshift_prometheus_replicas }}" +# prom_replicas: "{{ openshift_prometheus_replicas }}" -- name: Set prometheus deployment +- name: Set prometheus stateful set oc_obj: state: "{{ state }}" name: "prometheus" namespace: "{{ openshift_prometheus_namespace }}" - kind: deployment + kind: statefulset files: - "{{ tempdir }}/templates/prometheus.yaml" delete_after: true diff --git a/roles/openshift_prometheus/templates/prometheus_deployment.j2 b/roles/openshift_prometheus/templates/prometheus.j2 index 66eab6df4..916c57aa2 100644 --- a/roles/openshift_prometheus/templates/prometheus_deployment.j2 +++ b/roles/openshift_prometheus/templates/prometheus.j2 @@ -1,12 +1,14 @@ -apiVersion: extensions/v1beta1 -kind: Deployment +apiVersion: apps/v1beta1 +kind: StatefulSet metadata: name: prometheus namespace: {{ namespace }} labels: app: prometheus spec: - replicas: {{ prom_replicas|default(1) }} + updateStrategy: + type: RollingUpdate + podManagementPolicy: Parallel selector: provider: openshift matchLabels: @@ -27,7 +29,7 @@ spec: containers: # Deploy Prometheus behind an oauth proxy - name: prom-proxy - image: "{{ openshift_prometheus_image_proxy }}" + image: "{{openshift_prometheus_proxy_image_prefix}}oauth-proxy:{{openshift_prometheus_proxy_image_version}}" imagePullPolicy: IfNotPresent resources: requests: @@ -60,6 +62,8 @@ spec: - -tls-key=/etc/tls/private/tls.key - -client-secret-file=/var/run/secrets/kubernetes.io/serviceaccount/token - -cookie-secret-file=/etc/proxy/secrets/session_secret + - -openshift-ca=/etc/pki/tls/cert.pem + - -openshift-ca=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt - -skip-auth-regex=^/metrics volumeMounts: - mountPath: /etc/tls/private @@ -72,9 +76,10 @@ spec: - name: prometheus args: - --storage.tsdb.retention=6h + - --storage.tsdb.min-block-duration=2m - --config.file=/etc/prometheus/prometheus.yml - --web.listen-address=localhost:9090 - image: "{{ openshift_prometheus_image_prometheus }}" + image: "{{openshift_prometheus_image_prefix}}prometheus:{{openshift_prometheus_image_version}}" imagePullPolicy: IfNotPresent resources: requests: @@ -100,7 +105,7 @@ spec: # Deploy alertmanager behind prometheus-alert-buffer behind an oauth proxy - name: alerts-proxy - image: "{{ openshift_prometheus_image_proxy }}" + image: "{{openshift_prometheus_proxy_image_prefix}}oauth-proxy:{{openshift_prometheus_proxy_image_version}}" imagePullPolicy: IfNotPresent resources: requests: @@ -133,6 +138,8 @@ spec: - -tls-key=/etc/tls/private/tls.key - -client-secret-file=/var/run/secrets/kubernetes.io/serviceaccount/token - -cookie-secret-file=/etc/proxy/secrets/session_secret + - -openshift-ca=/etc/pki/tls/cert.pem + - -openshift-ca=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt volumeMounts: - mountPath: /etc/tls/private name: alerts-tls @@ -142,7 +149,7 @@ spec: - name: alert-buffer args: - --storage-path=/alert-buffer/messages.db - image: "{{ openshift_prometheus_image_alertbuffer }}" + image: "{{openshift_prometheus_alertbuffer_image_prefix}}prometheus-alert-buffer:{{openshift_prometheus_alertbuffer_image_version}}" imagePullPolicy: IfNotPresent resources: requests: @@ -169,7 +176,7 @@ spec: - name: alertmanager args: - -config.file=/etc/alertmanager/alertmanager.yml - image: "{{ openshift_prometheus_image_alertmanager }}" + image: "{{openshift_prometheus_alertmanager_image_prefix}}prometheus-alertmanager:{{openshift_prometheus_alertmanager_image_version}}" imagePullPolicy: IfNotPresent resources: requests: |