├── alpmap ├── sander.repo └── Dockerfile ├── dockerfile ├── sander.repo └── Dockerfile ├── newfile.dummy ├── kubernetes-prometheus ├── README.md ├── prometheus-service.yaml ├── clusterRole.yaml ├── prometheus-deployment.yaml ├── prometheus-ingress.yaml └── config-map.yaml ├── autoscaling ├── Dockerfile ├── index.php └── hpa.yaml ├── rules.yml ├── README.md ├── countdown ├── pvc.yaml ├── firstpipeline ├── pv.yaml ├── pv-pod.yaml ├── prometheus-2.yml ├── prometheus-1.yml ├── pullratelimitpatch.sh ├── pvc-pod.yaml ├── pv-pvc-pod.yaml ├── prometheus-3.yml ├── minikube-docker-setup-old.sh ├── minikube-docker-setup.sh └── storageclass.yaml /alpmap/sander.repo: -------------------------------------------------------------------------------- 1 | hello 2 | -------------------------------------------------------------------------------- /dockerfile/sander.repo: -------------------------------------------------------------------------------- 1 | # repo 2 | -------------------------------------------------------------------------------- /newfile.dummy: -------------------------------------------------------------------------------- 1 | this is a dummy file 2 | -------------------------------------------------------------------------------- /kubernetes-prometheus/README.md: -------------------------------------------------------------------------------- 1 | base Prometheus setup updated to K8s 1.23 2 | -------------------------------------------------------------------------------- /autoscaling/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM php:5-apache 2 | COPY index.php /var/www/html/index.php 3 | RUN chmod a+rx index.php 4 | -------------------------------------------------------------------------------- /rules.yml: -------------------------------------------------------------------------------- 1 | groups: 2 | - name: example 3 | rules: 4 | - alert: InstanceDown 5 | expr: up == 0 6 | for: 1m 7 | -------------------------------------------------------------------------------- /autoscaling/index.php: -------------------------------------------------------------------------------- 1 | 8 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | This Git repository contains supporting files for my KCNA videocourse. It is also used for the live training I'm teaching at https://learning.oreilly.com. See https://sandervanvugt.com for more details. 2 | -------------------------------------------------------------------------------- /countdown: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | COUNTER=$1 4 | COUNTER=$(( COUNTER * 60 )) 5 | 6 | while true 7 | do 8 | echo $COUNTER seconds remaining in break 9 | COUNTER=$(( COUNTER - 1 )) 10 | sleep 1 11 | done 12 | -------------------------------------------------------------------------------- /pvc.yaml: -------------------------------------------------------------------------------- 1 | kind: PersistentVolumeClaim 2 | apiVersion: v1 3 | metadata: 4 | name: pv-claim 5 | spec: 6 | accessModes: 7 | - ReadWriteOnce 8 | resources: 9 | requests: 10 | storage: 1Gi 11 | -------------------------------------------------------------------------------- /firstpipeline: -------------------------------------------------------------------------------- 1 | pipeline { 2 | agent { docker { image 'python:3.5.1' } } 3 | stages { 4 | stage('build') { 5 | steps { 6 | sh 'python --version' 7 | } 8 | } 9 | } 10 | } 11 | -------------------------------------------------------------------------------- /pv.yaml: -------------------------------------------------------------------------------- 1 | kind: PersistentVolume 2 | apiVersion: v1 3 | metadata: 4 | name: pv-volume 5 | labels: 6 | type: local 7 | spec: 8 | capacity: 9 | storage: 2Gi 10 | accessModes: 11 | - ReadWriteOnce 12 | hostPath: 13 | path: "/mydata" 14 | -------------------------------------------------------------------------------- /alpmap/Dockerfile: -------------------------------------------------------------------------------- 1 | from alpine 2 | MAINTAINER Sander 3 | 4 | # Add repo file 5 | ADD ./sander.repo /etc/yum.repos.d/ 6 | 7 | # Install cool software 8 | RUN apk add bash nmap 9 | 10 | ENTRYPOINT ["/usr/bin/nmap"] 11 | CMD ["-sn", "172.17.0.0/24"] 12 | 13 | -------------------------------------------------------------------------------- /dockerfile/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM centos 2 | MAINTAINER Sander 3 | 4 | # Add repo file 5 | ADD ./sander.repo /etc/yum.repos.d/ 6 | 7 | # Install cool software 8 | RUN yum --assumeyes update && \ 9 | yum --assumeyes install bash nmap iproute && \ 10 | yum clean all 11 | 12 | ENTRYPOINT ["/usr/bin/nmap"] 13 | CMD ["-sn", "172.17.0.0/24"] 14 | -------------------------------------------------------------------------------- /kubernetes-prometheus/prometheus-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: prometheus-service 5 | namespace: monitoring 6 | annotations: 7 | prometheus.io/scrape: 'true' 8 | prometheus.io/port: '9090' 9 | 10 | spec: 11 | selector: 12 | app: prometheus-server 13 | type: NodePort 14 | ports: 15 | - port: 8080 16 | targetPort: 9090 17 | nodePort: 30000 18 | -------------------------------------------------------------------------------- /pv-pod.yaml: -------------------------------------------------------------------------------- 1 | kind: Pod 2 | apiVersion: v1 3 | metadata: 4 | name: pv-pod 5 | spec: 6 | volumes: 7 | - name: pv-storage 8 | persistentVolumeClaim: 9 | claimName: pv-claim 10 | containers: 11 | - name: pv-container 12 | image: nginx 13 | ports: 14 | - containerPort: 80 15 | name: "http-server" 16 | volumeMounts: 17 | - mountPath: "/usr/share/nginx/html" 18 | name: pv-storage 19 | -------------------------------------------------------------------------------- /prometheus-2.yml: -------------------------------------------------------------------------------- 1 | # my global config 2 | global: 3 | scrape_interval: 15s # Set the scrape interval to every 15 seconds. Default is every 1 minute. 4 | evaluation_interval: 15s # Evaluate rules every 15 seconds. The default is every 1 minute. 5 | 6 | scrape_configs: 7 | - job_name: "prometheus" 8 | static_configs: 9 | - targets: ["localhost:9090"] 10 | - job_name: node 11 | static_configs: 12 | - targets: 13 | - localhost:9100 14 | -------------------------------------------------------------------------------- /prometheus-1.yml: -------------------------------------------------------------------------------- 1 | # my global config 2 | global: 3 | scrape_interval: 15s # Set the scrape interval to every 15 seconds. Default is every 1 minute. 4 | evaluation_interval: 15s # Evaluate rules every 15 seconds. The default is every 1 minute. 5 | 6 | # A scrape configuration containing exactly one endpoint to scrape: 7 | # Here it's Prometheus itself. 8 | scrape_configs: 9 | - job_name: "prometheus" 10 | static_configs: 11 | - targets: ["localhost:9090"] 12 | -------------------------------------------------------------------------------- /pullratelimitpatch.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # this scripts creates a secret and sets that as the default for the default service account 4 | # the purpose is to overcome the Docker imagepullratelimit restriction 5 | 6 | echo enter your docker username 7 | read -s DOCKERUSER 8 | echo enter your docker password 9 | read -s DOCKERPASS 10 | 11 | kubectl create secret docker-registry dockercreds \ 12 | --docker-username=$DOCKERUSER \ 13 | --docker-password=$DOCKERPASS \ 14 | 15 | kubectl patch serviceaccount default \ 16 | -p '{"imagePullSecrets": [{"name": "dockercreds"}]}' 17 | 18 | -------------------------------------------------------------------------------- /pvc-pod.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: PersistentVolumeClaim 3 | apiVersion: v1 4 | metadata: 5 | name: nginx-pvc 6 | spec: 7 | accessModes: 8 | - ReadWriteMany 9 | resources: 10 | requests: 11 | storage: 2Gi 12 | --- 13 | kind: Pod 14 | apiVersion: v1 15 | metadata: 16 | name: nginx-pvc-pod 17 | spec: 18 | volumes: 19 | - name: site-storage 20 | persistentVolumeClaim: 21 | claimName: nginx-pvc 22 | containers: 23 | - name: pv-container 24 | image: nginx 25 | ports: 26 | - containerPort: 80 27 | name: webserver 28 | volumeMounts: 29 | - mountPath: "/usr/share/nginx/html" 30 | name: site-storage 31 | -------------------------------------------------------------------------------- /autoscaling/hpa.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: php-apache 5 | spec: 6 | selector: 7 | matchLabels: 8 | run: php-apache 9 | replicas: 1 10 | template: 11 | metadata: 12 | labels: 13 | run: php-apache 14 | spec: 15 | containers: 16 | - name: php-apache 17 | image: k8s.gcr.io/hpa-example 18 | ports: 19 | - containerPort: 80 20 | resources: 21 | limits: 22 | cpu: 500m 23 | requests: 24 | cpu: 200m 25 | --- 26 | apiVersion: v1 27 | kind: Service 28 | metadata: 29 | name: php-apache 30 | labels: 31 | run: php-apache 32 | spec: 33 | ports: 34 | - port: 80 35 | selector: 36 | run: php-apache 37 | -------------------------------------------------------------------------------- /kubernetes-prometheus/clusterRole.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | name: prometheus 5 | rules: 6 | - apiGroups: [""] 7 | resources: 8 | - nodes 9 | - nodes/proxy 10 | - services 11 | - endpoints 12 | - pods 13 | verbs: ["get", "list", "watch"] 14 | - apiGroups: 15 | - extensions 16 | resources: 17 | - ingresses 18 | verbs: ["get", "list", "watch"] 19 | - nonResourceURLs: ["/metrics"] 20 | verbs: ["get"] 21 | --- 22 | apiVersion: rbac.authorization.k8s.io/v1 23 | kind: ClusterRoleBinding 24 | metadata: 25 | name: prometheus 26 | roleRef: 27 | apiGroup: rbac.authorization.k8s.io 28 | kind: ClusterRole 29 | name: prometheus 30 | subjects: 31 | - kind: ServiceAccount 32 | name: default 33 | namespace: monitoring 34 | -------------------------------------------------------------------------------- /pv-pvc-pod.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolume 3 | metadata: 4 | name: local-pv-volume 5 | spec: 6 | storageClassName: manual 7 | capacity: 8 | storage: 10Gi 9 | accessModes: 10 | - ReadWriteOnce 11 | hostPath: 12 | path: "/mnt/data" 13 | --- 14 | apiVersion: v1 15 | kind: PersistentVolumeClaim 16 | metadata: 17 | name: local-pv-claim 18 | namespace: myvol 19 | spec: 20 | storageClassName: manual 21 | accessModes: 22 | - ReadWriteOnce 23 | resources: 24 | requests: 25 | storage: 3Gi 26 | --- 27 | apiVersion: v1 28 | kind: Pod 29 | metadata: 30 | name: local-pv-pod 31 | namespace: myvol 32 | spec: 33 | volumes: 34 | - name: local-pv-storage 35 | persistentVolumeClaim: 36 | claimName: local-pv-claim 37 | containers: 38 | - name: local-pv-container 39 | image: nginx 40 | ports: 41 | - containerPort: 80 42 | name: "http-server" 43 | volumeMounts: 44 | - mountPath: "/usr/share/nginx/html" 45 | name: local-pv-storage 46 | -------------------------------------------------------------------------------- /prometheus-3.yml: -------------------------------------------------------------------------------- 1 | # my global config 2 | global: 3 | scrape_interval: 15s # Set the scrape interval to every 15 seconds. Default is every 1 minute. 4 | evaluation_interval: 15s # Evaluate rules every 15 seconds. The default is every 1 minute. 5 | # scrape_timeout is set to the global default (10s). 6 | 7 | # Alertmanager configuration 8 | alerting: 9 | alertmanagers: 10 | - static_configs: 11 | - targets: 12 | - alertmanager:9093 13 | 14 | # Load rules once and periodically evaluate them according to the global 'evaluation_interval'. 15 | rule_files: 16 | - rules.yml 17 | # - "second_rules.yml" 18 | 19 | # A scrape configuration containing exactly one endpoint to scrape: 20 | # Here it's Prometheus itself. 21 | scrape_configs: 22 | # The job name is added as a label `job=` to any timeseries scraped from this config. 23 | - job_name: "prometheus" 24 | 25 | # metrics_path defaults to '/metrics' 26 | # scheme defaults to 'http'. 27 | 28 | static_configs: 29 | - targets: ["localhost:9090"] 30 | - job_name: node 31 | static_configs: 32 | - targets: 33 | - localhost:9100 34 | -------------------------------------------------------------------------------- /kubernetes-prometheus/prometheus-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: prometheus-deployment 5 | namespace: monitoring 6 | labels: 7 | app: prometheus-server 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: prometheus-server 13 | template: 14 | metadata: 15 | labels: 16 | app: prometheus-server 17 | spec: 18 | containers: 19 | - name: prometheus 20 | image: prom/prometheus 21 | args: 22 | - "--config.file=/etc/prometheus/prometheus.yml" 23 | - "--storage.tsdb.path=/prometheus/" 24 | ports: 25 | - containerPort: 9090 26 | volumeMounts: 27 | - name: prometheus-config-volume 28 | mountPath: /etc/prometheus/ 29 | - name: prometheus-storage-volume 30 | mountPath: /prometheus/ 31 | volumes: 32 | - name: prometheus-config-volume 33 | configMap: 34 | defaultMode: 420 35 | name: prometheus-server-conf 36 | 37 | - name: prometheus-storage-volume 38 | emptyDir: {} 39 | -------------------------------------------------------------------------------- /minikube-docker-setup-old.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # last minute patch, added 20 Aug. 2021 3 | # currently only supported on Ubuntu 20.04 LTS 4 | 5 | sudo apt-get update -y 6 | sudo apt-get install apt-transport-https ca-certificates curl gnupg-agent software-properties-common -y 7 | curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - 8 | sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" 9 | sudo apt-get update -y 10 | sudo apt-get install docker-ce docker-ce-cli containerd.io -y 11 | 12 | curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl 13 | chmod +x ./kubectl 14 | sudo mv ./kubectl /usr/local/bin/kubectl 15 | 16 | curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 17 | sudo install minikube-linux-amd64 /usr/local/bin/minikube 18 | #### 19 | echo the script is now ready 20 | echo manually run minikube start --vm-driver=docker to start minikube 21 | 22 | sudo usermod -aG docker $USER 23 | newgrp docker 24 | 25 | minikube start --vm-driver=docker --cni=calico 26 | -------------------------------------------------------------------------------- /minikube-docker-setup.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ARCH=$(arch) 4 | 5 | ### installing Docker 6 | sudo apt-get update -y 7 | sudo apt-get install ca-certificates curl gnupg lsb-release -y 8 | sudo mkdir -p /etc/apt/keyrings 9 | curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg 10 | echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null 11 | sudo apt-get update -y 12 | sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin -y 13 | 14 | if [ $ARCH = "x86_64" ] 15 | then 16 | echo executing on $ARCH 17 | #sudo apt-get install apt-transport-https ca-certificates curl gnupg-agent software-properties-common -y 18 | #curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - 19 | #sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" 20 | #sudo apt-get update -y 21 | #sudo apt-get install docker-ce docker-ce-cli containerd.io -y 22 | 23 | curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl 24 | chmod +x ./kubectl 25 | sudo mv ./kubectl /usr/local/bin/kubectl 26 | 27 | curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 28 | sudo install minikube-linux-amd64 /usr/local/bin/minikube 29 | fi 30 | 31 | if [ $ARCH = "aarch64" ] 32 | then 33 | curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube-linux-arm64 34 | sudo install minikube-linux-arm64 /usr/local/bin/minikube 35 | sudo snap install kubectl --classic 36 | fi 37 | 38 | echo the script is now ready 39 | echo manually run minikube start --vm-driver=docker --memory=6G --cni=calico to start minikube 40 | 41 | sudo usermod -aG docker $USER 42 | newgrp docker 43 | -------------------------------------------------------------------------------- /storageclass.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ceph.rook.io/v1 2 | kind: CephBlockPool 3 | metadata: 4 | name: replicapool 5 | namespace: rook-ceph 6 | spec: 7 | failureDomain: host 8 | replicated: 9 | size: 3 10 | --- 11 | apiVersion: storage.k8s.io/v1 12 | kind: StorageClass 13 | metadata: 14 | name: rook-ceph-block 15 | # Change "rook-ceph" provisioner prefix to match the operator namespace if needed 16 | provisioner: rook-ceph.rbd.csi.ceph.com 17 | parameters: 18 | # clusterID is the namespace where the rook cluster is running 19 | clusterID: rook-ceph 20 | # Ceph pool into which the RBD image shall be created 21 | pool: replicapool 22 | 23 | # (optional) mapOptions is a comma-separated list of map options. 24 | # For krbd options refer 25 | # https://docs.ceph.com/docs/master/man/8/rbd/#kernel-rbd-krbd-options 26 | # For nbd options refer 27 | # https://docs.ceph.com/docs/master/man/8/rbd-nbd/#options 28 | # mapOptions: lock_on_read,queue_depth=1024 29 | 30 | # (optional) unmapOptions is a comma-separated list of unmap options. 31 | # For krbd options refer 32 | # https://docs.ceph.com/docs/master/man/8/rbd/#kernel-rbd-krbd-options 33 | # For nbd options refer 34 | # https://docs.ceph.com/docs/master/man/8/rbd-nbd/#options 35 | # unmapOptions: force 36 | 37 | # RBD image format. Defaults to "2". 38 | imageFormat: "2" 39 | 40 | # RBD image features. Available for imageFormat: "2". CSI RBD currently supports only `layering` feature. 41 | imageFeatures: layering 42 | 43 | # The secrets contain Ceph admin credentials. 44 | csi.storage.k8s.io/provisioner-secret-name: rook-csi-rbd-provisioner 45 | csi.storage.k8s.io/provisioner-secret-namespace: rook-ceph 46 | csi.storage.k8s.io/controller-expand-secret-name: rook-csi-rbd-provisioner 47 | csi.storage.k8s.io/controller-expand-secret-namespace: rook-ceph 48 | csi.storage.k8s.io/node-stage-secret-name: rook-csi-rbd-node 49 | csi.storage.k8s.io/node-stage-secret-namespace: rook-ceph 50 | 51 | # Specify the filesystem type of the volume. If not specified, csi-provisioner 52 | # will set default as `ext4`. Note that `xfs` is not recommended due to potential deadlock 53 | # in hyperconverged settings where the volume is mounted on the same node as the osds. 54 | csi.storage.k8s.io/fstype: ext4 55 | 56 | # Delete the rbd volume when a PVC is deleted 57 | reclaimPolicy: Delete 58 | 59 | # Optional, if you want to add dynamic resize for PVC. Works for Kubernetes 1.14+ 60 | # For now only ext3, ext4, xfs resize support provided, like in Kubernetes itself. 61 | allowVolumeExpansion: true 62 | -------------------------------------------------------------------------------- /kubernetes-prometheus/prometheus-ingress.yaml: -------------------------------------------------------------------------------- 1 | ## Nginx Ingress 2 | ## Follow https://devopscube.com/setup-ingress-kubernetes-nginx-controller/ 3 | 4 | apiVersion: networking.k8s.io/v1 5 | kind: Ingress 6 | metadata: 7 | name: prometheus-ui 8 | namespace: monitoring 9 | annotations: 10 | kubernetes.io/ingress.class: nginx 11 | spec: 12 | rules: 13 | # Use the host you used in your kubernetes Ingress Configurations 14 | - host: prometheus.example.com 15 | http: 16 | paths: 17 | - path: / 18 | pathType: Prefix 19 | backend: 20 | service: 21 | name: prometheus-service 22 | port: 23 | number: 8080 24 | tls: 25 | - hosts: 26 | - prometheus.apps.shaker242.lab 27 | secretName: prometheus-secret 28 | --- 29 | apiVersion: v1 30 | kind: Secret 31 | metadata: 32 | name: prometheus-secret 33 | namespace: monitoring 34 | data: 35 | # USe base64 in the certs 36 | tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUZpVENDQkhHZ0F3SUJBZ0lCQVRBTkJna3Foa2lHOXcwQkFRc0ZBRENCd0RFak1DRUdBMVVFQXhNYWFXNTAKWlhKdFpXUnBZWFJsTG5Ob1lXdGxjakkwTWk1c1lXSXhDekFKQmdOVkJBWVRBbFZUTVJFd0R3WURWUVFJRXdoVwphWEpuYVc1cFlURVFNQTRHQTFVRUJ4TUhRbkpwYzNSdmR6RXNNQ29HQTFVRUNoTWpVMGhCUzBWU01qUXlJRXhoCllpQkRaWEowYVdacFkyRjBaU0JCZFhSb2IzSnBkSGt4T1RBM0JnTlZCQXNUTUZOSVFVdEZVakkwTWlCTVlXSWcKU1c1MFpYSnRaV1JwWVhSbElFTmxjblJwWm1sallYUmxJRUYxZEdodmNtbDBlVEFlRncweE9URXdNVGN4TmpFMgpNekZhRncweU1URXdNVFl4TmpFMk16RmFNSUdBTVIwd0d3WURWUVFERkJRcUxtRndjSE11YzJoaGEyVnlNalF5CkxteGhZakVMTUFrR0ExVUVCaE1DVlZNeEVUQVBCZ05WQkFnVENGWnBjbWRwYm1saE1SQXdEZ1lEVlFRSEV3ZEMKY21semRHOTNNUll3RkFZRFZRUUtFdzFUU0VGTFJWSXlORElnVEdGaU1SVXdFd1lEVlFRTEV3eE1ZV0lnVjJWaQpjMmwwWlhNd2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUJEd0F3Z2dFS0FvSUJBUURsRm16QVd0U09JcXZNCkpCV3Vuc0VIUmxraXozUmpSK0p1NTV0K0hCUG95YnZwVkJJeXMxZ3prby9INlkxa2Zxa1JCUzZZYVFHM2lYRFcKaDgzNlNWc3pNVUNVS3BtNXlZQXJRNzB4YlpPTXRJcjc1VEcrejFaRGJaeFUzbnh6RXdHdDN3U3c5OVJ0bjhWbgo5dEpTVXI0MHBHUytNemMzcnZOUFZRMjJoYTlhQTdGL2NVcGxtZUpkUnZEVnJ3Q012UklEcndXVEZjZkU3bUtxCjFSUkRxVDhETnlydlJmeUlubytmSkUxTmRuVEVMY0dTYVZlajhZVVFONHY0WFRnLzJncmxIN1pFT1VXNy9oYm8KUXh6NVllejVSam1wOWVPVUpvdVdmWk5FNEJBbGRZeVYxd2NPRXhRTmswck5BOU45ZXBjNWtUVVZQR3pOTWRucgovVXQxOWMweEFnTUJBQUdqZ2dIS01JSUJ4akFKQmdOVkhSTUVBakFBTUJFR0NXQ0dTQUdHK0VJQkFRUUVBd0lHClFEQUxCZ05WSFE4RUJBTUNCYUF3TXdZSllJWklBWWI0UWdFTkJDWVdKRTl3Wlc1VFUwd2dSMlZ1WlhKaGRHVmsKSUZObGNuWmxjaUJEWlhKMGFXWnBZMkYwWlRBZEJnTlZIUTRFRmdRVWRhYy94MTR6dXl3RVZPSi9vTjdQeU82bApDZ2N3Z2RzR0ExVWRJd1NCMHpDQjBJQVVzZFM1WWxuWEpWTk5mRVpkTEQvL2RyNE5mV3FoZ2JTa2diRXdnYTR4CkdUQVhCZ05WQkFNVEVHTmhMbk5vWVd0bGNqSTBNaTVzWVdJeEN6QUpCZ05WQkFZVEFsVlRNUkV3RHdZRFZRUUkKRXdoV2FYSm5hVzVwWVRFUU1BNEdBMVVFQnhNSFFuSnBjM1J2ZHpFc01Db0dBMVVFQ2hNalUwaEJTMFZTTWpReQpJRXhoWWlCRFpYSjBhV1pwWTJGMFpTQkJkWFJvYjNKcGRIa3hNVEF2QmdOVkJBc1RLRk5JUVV0RlVqSTBNaUJNCllXSWdVbTl2ZENCRFpYSjBhV1pwWTJGMFpTQkJkWFJvYjNKcGRIbUNBUUV3SFFZRFZSMGxCQll3RkFZSUt3WUIKQlFVSEF3RUdDQ3NHQVFVRkNBSUNNRWdHQTFVZEVRUkJNRCtDRFhOb1lXdGxjakkwTWk1c1lXS0NFbUZ3Y0hNdQpjMmhoYTJWeU1qUXlMbXhoWW9JVUtpNWhjSEJ6TG5Ob1lXdGxjakkwTWk1c1lXS0hCTUNvQ3hBd0RRWUpLb1pJCmh2Y05BUUVMQlFBRGdnRUJBRzA3ZHFNdFZYdVQrckduQlN4SkVTNjNSa2pHaWd0c3ZtNTk4NSsrbjZjRW5kSDIKb2hjaGdmRUo5V0UxYUFWSDR4QlJSdVRIUFVJOFcvd3N1OFBxQ1o4NHpRQ2U2elAyeThEcmEwbjFzK2lIeHFwRAorS3BwZS91NkNLVTFEL0VWRU9MakpZd3pRYlFLSUlPL2Y1Q0JVbUpGWjBuZ1VIUEtvUDNyTXordTlBOWFvRkVrCnF3dDBadHFHcWpjMkh3Q09UOTlOVmFsZ29ISXljOElxQXJXdjNSWklraUlyaW9kSUdDMS94MVQ2dHhKcEUyRisKQzZ0Tzk0U0FVSUJwc2VORjNFbGNLNUsyTW44YVAzR3NnNFRHeElPN2Q1eUIvb3YwNGhOV2Q1S2QwWGorL1BvQgpLOU43cFQ1SVU2citLekNoeGlSdmRvZlAzV0VYN1ZkNEtLWG94K0U9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K 37 | tls.key: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2d0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktrd2dnU2xBZ0VBQW9JQkFRRGxGbXpBV3RTT0lxdk0KSkJXdW5zRUhSbGtpejNSalIrSnU1NXQrSEJQb3lidnBWQkl5czFnemtvL0g2WTFrZnFrUkJTNllhUUczaVhEVwpoODM2U1Zzek1VQ1VLcG01eVlBclE3MHhiWk9NdElyNzVURyt6MVpEYlp4VTNueHpFd0d0M3dTdzk5UnRuOFZuCjl0SlNVcjQwcEdTK016YzNydk5QVlEyMmhhOWFBN0YvY1VwbG1lSmRSdkRWcndDTXZSSURyd1dURmNmRTdtS3EKMVJSRHFUOEROeXJ2UmZ5SW5vK2ZKRTFOZG5URUxjR1NhVmVqOFlVUU40djRYVGcvMmdybEg3WkVPVVc3L2hibwpReHo1WWV6NVJqbXA5ZU9VSm91V2ZaTkU0QkFsZFl5VjF3Y09FeFFOazByTkE5TjllcGM1a1RVVlBHek5NZG5yCi9VdDE5YzB4QWdNQkFBRUNnZ0VCQU5zOHRjRDBiQnpHZzRFdk8yek0wMUJoKzZYN3daZk4wSjV3bW5kNjZYYkwKc1VEZ1N6WW9PbzNJZ2o5QWZTY2lyQ3YwdUozMVNFWmNpeGRVQ2tTdjlVNnRvTzdyUWdqeUZPM1N1dm5Wc3ZKaQpTZXc5Y0hqNk5jVDczak8rWkgxQVFFZ2tlWG5mQTNZU0JEcTFsSnhpUVZOaHpHUFY0Yzh4Wi9xUkhEbUVBTWR6CmwyaTB6dHJtcWRqSng4aTQxOXpGL1pVektoa2JtcVZVb3JjZ1lNdEt5QVloSENMYms2RFZtQ1FhbDlndEUrNjUKTmFTOEwxUW9yVWNVS0FoSTNKT2Q2TTRwbWRPaExITjZpZ0VwWFdVWGxBZjRITUZicHd5M1oxejNqZzVqTE9ragp6SWNDSVRaai9CYVZvSVc4QzJUb0pieUJKWkN6UDVjUVJTdkJOOGV4aUFFQ2dZRUEvV0Nxb2xVUWtOQkQrSnlPCklXOUJIRVlPS3oxRFZxNWxHRFhoNFMyTStpOU1pck5nUlcvL0NFRGhRUVVMZmtBTDgxMERPQmxsMXRRRUpGK3cKb1V6dWt6U1lkK1hTSnhicTM5YTF1ZGJldTNZU1ljeC8wTEEweGFQOW1sN1l1NXUraUZ4NGhwcnYyL2UrVklZQQpzTWV4WkZSODA3Q3M5YXN5MkdFT1l2aEdKb0VDZ1lFQTUzVm1weFlQbDFOYTVTMElJbEpuYm40dTl0RHpwYm5TCnpsMjBVQ3Q0d0N4STR6YjY1S1o4V1VaYlFzVTVaZ0VqTmxJWURXUisrd3kwVXh2SmNxUG5nS0xuOEdoSzhvOVEKeVJuR2dSYXAxWmNuUEdsbGdCeHQzM0s5TDNWMmJzMXBPcGJKMGlpOVdySWM4MU1wUVFpQjZ1RDRSZ216M0ZWSQpnUk5Ec2ZHS0xyRUNnWUVBbWY5ZXRqc3RUbGJHZVJ2dDVyUlB4bmR0dFNvTysyZ1RXWnVtSmM0aG1RMldYOWFWCjlKNFZTMWJqa1RrWHV5d0NGMis0dlNmeWxaZFd6U1M3bmMyOFV3dnNmekxYZjVxV05tV3hIYnBTdFcwVnp3c1QKeENyVWFDczd2ODlWdXZEMTVMc1BKZ0NWT0FSalVjd0FMM0d2aDJNeVd4ZE9pQ0g5VFRYd0lJYjFYQUVDZ1lBMwp4ZUptZ0xwaERJVHFsRjlSWmVubWhpRnErQTY5OEhrTG9TakI2TGZBRnV1NVZKWkFZcDIwSlcvNE51NE4xbGhWCnpwSmRKOG94Vkc1ZldHTENiUnhyc3RXUTZKQ213a0lGTTJEUjJsUXlVNm53dExUd21la2YzdFlYaVlad1RLNysKbnpjaW5RNkR2RWVkbW54bVgxWnU4cWJndVpYTmtmOVdtdjNFOHg4SkFRS0JnUUNNeDFWNHJIcUpwVXJMdkRVVQo4RzhXVGNrT2VFM2o2anhlcHMwcnExdEd1cE9XWW5saFlNYyt5VkMzMDZUc2dXUmJ5R1Y4YWNaRkF4WS9Ub2N5CmxpcXlUS1NGNUloYXhZQVpRTzVkOU1oTmN0bTRReDNaOUtTekZ5ZG01QlZVL0grMFFmUnRwM29TeFVneXRZNXkKV3ZDTFZ5bmNGZlZpL0VkaTdaZHM2aW82QVE9PQotLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tCg== 38 | -------------------------------------------------------------------------------- /kubernetes-prometheus/config-map.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: prometheus-server-conf 5 | labels: 6 | name: prometheus-server-conf 7 | namespace: monitoring 8 | data: 9 | prometheus.rules: |- 10 | groups: 11 | - name: devopscube demo alert 12 | rules: 13 | - alert: High Pod Memory 14 | expr: sum(container_memory_usage_bytes) > 1 15 | for: 1m 16 | labels: 17 | severity: slack 18 | annotations: 19 | summary: High Memory Usage 20 | prometheus.yml: |- 21 | global: 22 | scrape_interval: 5s 23 | evaluation_interval: 5s 24 | rule_files: 25 | - /etc/prometheus/prometheus.rules 26 | alerting: 27 | alertmanagers: 28 | - scheme: http 29 | static_configs: 30 | - targets: 31 | - "alertmanager.monitoring.svc:9093" 32 | 33 | scrape_configs: 34 | - job_name: 'node-exporter' 35 | kubernetes_sd_configs: 36 | - role: endpoints 37 | relabel_configs: 38 | - source_labels: [__meta_kubernetes_endpoints_name] 39 | regex: 'node-exporter' 40 | action: keep 41 | 42 | - job_name: 'kubernetes-apiservers' 43 | 44 | kubernetes_sd_configs: 45 | - role: endpoints 46 | scheme: https 47 | 48 | tls_config: 49 | ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt 50 | bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token 51 | 52 | relabel_configs: 53 | - source_labels: [__meta_kubernetes_namespace, __meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name] 54 | action: keep 55 | regex: default;kubernetes;https 56 | 57 | - job_name: 'kubernetes-nodes' 58 | 59 | scheme: https 60 | 61 | tls_config: 62 | ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt 63 | bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token 64 | 65 | kubernetes_sd_configs: 66 | - role: node 67 | 68 | relabel_configs: 69 | - action: labelmap 70 | regex: __meta_kubernetes_node_label_(.+) 71 | - target_label: __address__ 72 | replacement: kubernetes.default.svc:443 73 | - source_labels: [__meta_kubernetes_node_name] 74 | regex: (.+) 75 | target_label: __metrics_path__ 76 | replacement: /api/v1/nodes/${1}/proxy/metrics 77 | 78 | - job_name: 'kubernetes-pods' 79 | 80 | kubernetes_sd_configs: 81 | - role: pod 82 | 83 | relabel_configs: 84 | - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_scrape] 85 | action: keep 86 | regex: true 87 | - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_path] 88 | action: replace 89 | target_label: __metrics_path__ 90 | regex: (.+) 91 | - source_labels: [__address__, __meta_kubernetes_pod_annotation_prometheus_io_port] 92 | action: replace 93 | regex: ([^:]+)(?::\d+)?;(\d+) 94 | replacement: $1:$2 95 | target_label: __address__ 96 | - action: labelmap 97 | regex: __meta_kubernetes_pod_label_(.+) 98 | - source_labels: [__meta_kubernetes_namespace] 99 | action: replace 100 | target_label: kubernetes_namespace 101 | - source_labels: [__meta_kubernetes_pod_name] 102 | action: replace 103 | target_label: kubernetes_pod_name 104 | 105 | - job_name: 'kube-state-metrics' 106 | static_configs: 107 | - targets: ['kube-state-metrics.kube-system.svc.cluster.local:8080'] 108 | 109 | - job_name: 'kubernetes-cadvisor' 110 | 111 | scheme: https 112 | 113 | tls_config: 114 | ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt 115 | bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token 116 | 117 | kubernetes_sd_configs: 118 | - role: node 119 | 120 | relabel_configs: 121 | - action: labelmap 122 | regex: __meta_kubernetes_node_label_(.+) 123 | - target_label: __address__ 124 | replacement: kubernetes.default.svc:443 125 | - source_labels: [__meta_kubernetes_node_name] 126 | regex: (.+) 127 | target_label: __metrics_path__ 128 | replacement: /api/v1/nodes/${1}/proxy/metrics/cadvisor 129 | 130 | - job_name: 'kubernetes-service-endpoints' 131 | 132 | kubernetes_sd_configs: 133 | - role: endpoints 134 | 135 | relabel_configs: 136 | - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scrape] 137 | action: keep 138 | regex: true 139 | - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scheme] 140 | action: replace 141 | target_label: __scheme__ 142 | regex: (https?) 143 | - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_path] 144 | action: replace 145 | target_label: __metrics_path__ 146 | regex: (.+) 147 | - source_labels: [__address__, __meta_kubernetes_service_annotation_prometheus_io_port] 148 | action: replace 149 | target_label: __address__ 150 | regex: ([^:]+)(?::\d+)?;(\d+) 151 | replacement: $1:$2 152 | - action: labelmap 153 | regex: __meta_kubernetes_service_label_(.+) 154 | - source_labels: [__meta_kubernetes_namespace] 155 | action: replace 156 | target_label: kubernetes_namespace 157 | - source_labels: [__meta_kubernetes_service_name] 158 | action: replace 159 | target_label: kubernetes_name 160 | --------------------------------------------------------------------------------