├── .gitignore ├── README.rst ├── config.yaml ├── create-keystore.py ├── dependencies ├── cassandra │ ├── deployment.yaml │ ├── petset.yaml │ └── service.yaml ├── kairosdb │ ├── deployment-with-petset.yaml │ ├── deployment.yaml │ └── service.yaml ├── postgresql │ └── service.yaml ├── redis │ ├── deployment.yaml │ └── service.yaml └── scylladb │ ├── Dockerfile │ ├── deployment.yaml │ ├── petset.yaml │ ├── service.yaml │ └── start-scylla ├── deployments └── README.rst ├── services ├── zmon-controller-service.yaml ├── zmon-eventlog-service-service.yaml └── zmon-scheduler-service.yaml ├── templates ├── create-dependencies.sh ├── create-zmon-components.sh ├── inject-database.sh ├── postgresql-deployment.yaml ├── zmon-controller.yaml ├── zmon-eventlog-service.yaml ├── zmon-metric-cache.yaml ├── zmon-scheduler.yaml └── zmon-worker.yaml └── zmon-k8s.py /.gitignore: -------------------------------------------------------------------------------- 1 | __pycache__ 2 | *.swp 3 | output 4 | dependencies/postgresql/deployment.yaml 5 | deployments/* 6 | zmon-controller-source 7 | zmon-eventlog-service-source 8 | zmon-controller.zip 9 | zmon-eventlog-service.zip 10 | -------------------------------------------------------------------------------- /README.rst: -------------------------------------------------------------------------------- 1 | ZMON on Kubernetes 2 | ================== 3 | 4 | For demo purposes provide k8s templates. 5 | 6 | Config used is in: 7 | 8 | .. code-block:: bash 9 | 10 | config.yaml 11 | 12 | Prepare K8S definitions: 13 | 14 | .. code-block:: bash 15 | 16 | ./zmon-k8s.py 17 | 18 | Next step is to run the printed commands :) 19 | 20 | Minikube 21 | ======== 22 | 23 | Check that you give your VM enough resources: 24 | 25 | .. code-block:: bash 26 | 27 | minikube start --memory=4000 --cpus=3 28 | 29 | 30 | Note 31 | ==== 32 | 33 | PostgreSQL and Cassandra do not use persistent volumes! 34 | 35 | Deployment 36 | ========== 37 | 38 | Create Namespace 39 | ---------------- 40 | 41 | .. code-block:: bash 42 | 43 | kubectl create namespace zmon 44 | 45 | If you want use the following command to set the default namespace: 46 | 47 | .. code-block:: bash 48 | 49 | kubectl config set-context minikube --namespace=zmon 50 | 51 | Dependencies 52 | ------------ 53 | 54 | .. code-block:: bash 55 | 56 | kubectl create -f dependencies/cassandra/deployment.yaml 57 | kubectl create -f dependencies/cassandra/service.yaml 58 | 59 | kubectl create -f dependencies/kairosdb/deployment.yaml 60 | kubectl create -f dependencies/kairosdb/service.yaml 61 | 62 | kubectl create -f dependencies/redis/deployment.yaml 63 | kubectl create -f dependencies/redis/service.yaml 64 | 65 | kubectl create -f dependencies/postgresql/deployment.yaml 66 | kubectl create -f dependencies/postgresql/service.yaml 67 | 68 | ZMON source download 69 | ==================== 70 | 71 | .. code-block:: bash 72 | 73 | wget https://github.com/zalando-zmon/zmon-controller/archive/master.zip -O zmon-controller.zip 74 | wget https://github.com/zalando-zmon/zmon-eventlog-service/archive/master.zip -O zmon-eventlog-service.zip 75 | 76 | mkdir -p zmon-controller-source 77 | mkdir -p zmon-eventlog-service-source 78 | 79 | unzip zmon-controller.zip -d zmon-controller-source 80 | unzip zmon-eventlog-service.zip -d zmon-eventlog-service-source 81 | 82 | ZMON Database setup 83 | =================== 84 | 85 | .. code-block:: bash 86 | 87 | export POSTGRES_NODE_IP=$(minikube ip) 88 | export POSTGRES_NODE_PORT=31088 89 | export PGPASSWORD={{admin_password}} 90 | 91 | psql -h $POSTGRES_NODE_IP -p $POSTGRES_NODE_PORT -U postgres -c "CREATE DATABASE local_zmon_db;" postgres 92 | psql -h $POSTGRES_NODE_IP -p $POSTGRES_NODE_PORT -U postgres -c 'CREATE EXTENSION IF NOT EXISTS hstore;' local_zmon_db 93 | psql -h $POSTGRES_NODE_IP -p $POSTGRES_NODE_PORT -U postgres -c "CREATE ROLE zmon WITH LOGIN PASSWORD '{{postgresql_password}}';" postgres 94 | psql -h $POSTGRES_NODE_IP -p $POSTGRES_NODE_PORT -U postgres -c "ALTER ROLE zmon WITH PASSWORD '{{postgresql_password}}';" postgres 95 | 96 | find "zmon-controller-source/zmon-controller-master/database/zmon" -name '*.sql' \ 97 | | sort \ 98 | | xargs cat \ 99 | | psql -h $POSTGRES_NODE_IP -p $POSTGRES_NODE_PORT -U postgres -d local_zmon_db 100 | 101 | psql -h $POSTGRES_NODE_IP -p $POSTGRES_NODE_PORT -U postgres -f zmon-eventlog-service-source/zmon-eventlog-service-master/database/eventlog/00_create_schema.sql local_zmon_db 102 | 103 | 104 | ZMON components 105 | =============== 106 | 107 | .. code-block:: bash 108 | 109 | kubectl create -f deployments/zmon-eventlog-service.yaml 110 | kubectl create -f services/zmon-eventlog-service-service.yaml 111 | 112 | kubectl create -f deployments/zmon-controller.yaml 113 | kubectl create -f services/zmon-controller-service.yaml 114 | 115 | kubectl create -f deployments/zmon-scheduler.yaml 116 | kubectl create -f services/zmon-scheduler-service.yaml 117 | 118 | kubectl create -f deployments/zmon-worker.yaml 119 | 120 | 121 | Connecting 122 | ========== 123 | 124 | Depending on how you run minikube: 125 | 126 | .. code-block:: bash 127 | 128 | kubectl get pods --namespace zmon 129 | kubectl port-forward 8443:443 --namespace zmon 130 | 131 | GCE LB 132 | ====== 133 | 134 | Add firewall rule to allow traffic and health check from IP range: 130.211.0.0/22 135 | -------------------------------------------------------------------------------- /config.yaml: -------------------------------------------------------------------------------- 1 | zmon-controller: 2 | image_version: "cd453" 3 | env_vars: 4 | "SERVER_PORT": 443 5 | "MANAGEMENT_PORT": 8079 6 | "MANAGEMENT_SECURITY_ENABLED": false 7 | "MEM_JAVA_PERCENT": 25 8 | "POSTGRES_URL": jdbc:postgresql://postgres.zmon:5432/local_zmon_db 9 | "REDIS_HOST": redis.zmon 10 | "REDIS_PORT": 6379 11 | "ZMON_EVENTLOG_URL": http://eventlog-service.zmon:8081/ 12 | "ZMON_KAIROSDB_URL": http://kairosdb.zmon:8083/ 13 | "ZMON_METRICCACHE_URL": http://metric-cache.zmon:8086/ 14 | "ZMON_SCHEDULER_URL": http://scheduler.zmon:8085/ 15 | "SPRING_PROFILES_ACTIVE": github 16 | "ZMON_OAUTH2_SSO_CLIENT_ID": 09e23127316d4764f324 17 | "ZMON_OAUTH2_SSO_CLIENT_SECRET": d7b55e00f9ab7a1fc99f902df53c4baa4a013e25 18 | "ZMON_AUTHORITIES_SIMPLE_ADMINS": "*" 19 | "ZMON_TEAMS_SIMPLE_DEFAULT_TEAM": "ZMON" 20 | # "ZMON_SIGNUP_GITHUB_ALLOWED_USERS": "*" 21 | # "ZMON_SIGNUP_GITHUB_ALLOWED_ORGAS": "*" 22 | 23 | zmon-worker: 24 | image_version: "cd215" 25 | env_vars: 26 | "WORKER_REDIS_SERVERS": redis:6379 27 | "WORKER_KAIROSDB_HOST": kairosdb.zmon 28 | "WORKER_METRICCACHE_URL": http://metric-cache.zmon:8086/api/v1/rest-api-metrics/ 29 | "WORKER_METRICCACHE_CHECK_ID": 9 30 | "WORKER_EVENTLOG_HOST": eventlog-service.zmon 31 | "WORKER_EVENTLOG_PORT": 8081 32 | "WORKER_PLUGIN_SQL_USER": "zmon" 33 | 34 | zmon-scheduler: 35 | image_version: "cd110" 36 | env_vars: 37 | "MEM_JAVA_PERCENT": 20 38 | "SCHEDULER_REDIS_HOST": redis.zmon 39 | "SCHEDULER_URLS_WITHOUT_REST": true 40 | "SCHEDULER_ENTITY_SERVICE_URL": http://controller.zmon:8080/ 41 | "SCHEDULER_OAUTH2_STATIC_TOKEN": "$SCHEDULER_TOKEN" 42 | "SCHEDULER_CONTROLLER_URL": http://controller.zmon:8080/ 43 | 44 | zmon-eventlog-service: 45 | image_version: "cd16" 46 | env_vars: 47 | "SERVER_PORT": 8081 48 | "MEM_JAVA_PERCENT": 10 49 | "POSTGRESQL_HOST": postgres.zmon 50 | "POSTGRESQL_DATABASE": local_zmon_db 51 | "POSTGRESQL_USER": postgres 52 | 53 | postgresql: 54 | image_version: "9.5.3-1" 55 | -------------------------------------------------------------------------------- /create-keystore.py: -------------------------------------------------------------------------------- 1 | import base64 2 | import tempfile 3 | import os 4 | import sys 5 | from subprocess import check_call, call 6 | 7 | def generate_certificate(cluster_name: str): 8 | check = call(["which", "keytool"]) 9 | if check: 10 | print("Keytool is not in searchpath") 11 | return 12 | 13 | d = tempfile.mkdtemp() 14 | try: 15 | keystore = os.path.join(d, 'keystore') 16 | cmd = ["keytool", "-genkeypair", 17 | "-alias", "planb", 18 | "-keyalg", "RSA", 19 | "-validity", "36000", 20 | "-keystore", keystore, 21 | "-dname", "c=DE, st=Berlin, l=Berlin, o=Zalando SE, cn=zalando.net", 22 | "-storepass", cluster_name, 23 | "-keypass", cluster_name] 24 | check_call(cmd) 25 | cert = os.path.join(d, 'cert') 26 | export = ["keytool", "-export", 27 | "-alias", "planb", 28 | "-keystore", keystore, 29 | "-rfc", 30 | "-file", cert, 31 | "-storepass", cluster_name] 32 | check_call(export) 33 | truststore = os.path.join(d, 'truststore') 34 | importcmd = ["keytool", "-import", 35 | "-noprompt", 36 | "-alias", "planb", 37 | "-file", cert, 38 | "-keystore", truststore, 39 | "-storepass", cluster_name] 40 | check_call(importcmd) 41 | 42 | with open(keystore, 'rb') as fd: 43 | keystore_data = fd.read() 44 | with open(truststore, 'rb') as fd: 45 | truststore_data = fd.read() 46 | finally: 47 | pass 48 | return keystore_data, truststore_data 49 | 50 | k, t = generate_certificate("zmon-cassandra-01") 51 | 52 | keystore_base64 = base64.b64encode(k) 53 | truststore_base64 = base64.b64encode(t) 54 | 55 | print (keystore_base64.decode("ascii")) 56 | 57 | print ("") 58 | 59 | print (truststore_base64.decode("ascii")) 60 | -------------------------------------------------------------------------------- /dependencies/cassandra/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Deployment 3 | metadata: 4 | name: cassandra 5 | namespace: zmon 6 | spec: 7 | replicas: 1 8 | template: 9 | metadata: 10 | labels: 11 | app: cassandra 12 | spec: 13 | containers: 14 | - name: cassandra 15 | image: cassandra:3.9 16 | ports: 17 | - containerPort: 9042 18 | name: cql 19 | -------------------------------------------------------------------------------- /dependencies/cassandra/petset.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1alpha1 2 | kind: PetSet 3 | metadata: 4 | name: cassandra 5 | namespace: zmon 6 | spec: 7 | serviceName: cassandra 8 | replicas: 2 9 | template: 10 | metadata: 11 | annotations: 12 | pod.alpha.kubernetes.io/initialized: "true" 13 | labels: 14 | app: cassandra-data 15 | spec: 16 | containers: 17 | - name: cassandra 18 | image: registry.opensource.zalan.do/stups/planb-cassandra-3:cd106 19 | ports: 20 | - containerPort: 9042 21 | name: cql 22 | - containerPort: 7000 23 | name: intra-node 24 | - containerPort: 7199 25 | name: jmx 26 | env: 27 | - name: ADMIN_PASSWORD 28 | value: admin_password 29 | - name: CLUSTER_SIZE 30 | value: "2" 31 | - name: CLUSTER_NAME 32 | value: zmon-cassandra-01 33 | - name: SEEDS 34 | value: cassandra-0.cassandra.zmon.svc.cluster.local,cassandra-1.cassandra.zmon.svc.cluster.local 35 | - name: SNITCH 36 | value: SimpleSnitch 37 | - name: SUBNET_TYPE 38 | value: internal 39 | - name: KEYSTORE 40 | value: |- 41 | /u3+7QAAAAIAAAABAAAAAQAFcGxhbmIAAAFWF/Xj4gAABQAwggT8MA4GCisGAQQBKgIRAQEFAASCBOjDWX/yWJYoXjWWr2WDzNciy94IsYEoLzlaJOdtXOoZWzQwneqj9K7fhAIlPv14DQQVtRGSUhAymyvDz9gdVvuvYxAcBOw7F21yT5yJh7NFZGSUz4/L6JZGmJsVJIZFQIBF9VB9HJiLtbZZc64b4JpEWDRSljsC0sRKWm2q6n7cAljPadhAS8OniqYeRrqxvg/fxZMzKi1IkVAdd3kLPWbt6V6Hw918S3S/0f9E/HkipadP6GWEnFk9pYZc38inUCtt8rNgDLzJsoousyI/tuyNT+vBlHoq0TYkToi0QA0vTpLuvwQ3TT1PLqjIovfbpXPa6wXSdH+NUBg/qEsajKiR0AulaLsA2WpkPpf42RgbAfUudG2qNSZUkVpsEiqUNlMb1uk8bO2dGA6UWu65A9WVfO08Je6qX1SbbQnusj6LqqEn3ca2D+q65MivZTs1C50fVqCtTJmluOGPaitHDc5Mg9hsSdPULQHUmh5pq6njC/ty1kMN649f9HeFBm5PQvUiE2x6IEoE/1kvx5WqwoZ5UZqPb4ts16m4eVSyg0k0AODiOvPTAFhx+/rmJ9RONdVNCg66TANcnSRKx5sbBP5B/gp9EYwAd25uIvsTmwvwQst+BbNs02XBdEplF/2eeZod5Ogjd/HpQdo4MRbN+M0IG4fKNl1uhiUsm3WxywDHDN9llvacZr8ENWp25GTcaqqhCJHRJhzLJAW2SQgADeNqivMCbYh4nEoD1/Lmj2JAqow6A9myZozyOyB4k1hYXpZZoGl10uMxA5IzQQheO4SYJub6azOWk2xbLqlKf6jCs6odjb73a2Osd4KcDvhgIjv7yIv/AQGH5IW+JE8vtPHMyvFJ4OvDjSH+XhOSsAbe8RC6gwp+QFBwxqmMZazV2yFYd9Go72yaLBkpyGAocRznR1dQ/tS9BXJ9xSa9a0+N48qpFHhvK2rYEhoUmUWJq5h53yYFL7IU5MrYoz7Ux6mwaNSgBhqsk1c1mevxkhhBgKwg4svy+J8mujRqfeo2jML6b4lRnbclXDh0sp2iktekPBNGGcvqODbeb/LpuSOaSO+0eYiJuHv0G0g/TTaZRLvuyVVDqMLRjEK7snPL5O5Q3X3hXMX7xw1+T1L5sqFl8e+QdQ2lRO8evy9t/ipmiehp+WyZYRJgsULYfZLvDQtHUm1gDowGd8Kt8uosv8l1onrOEUQ2u4wzdp/1EG5IDuilmdQp+qjjG6i8B2k6KSQZ58nDoN1Bech9PxYG9m2OVZ20QY2omZ3z/Zl0diYda98AkE+SPp3m0MSA1DKX9bHNfO72XZYDrIriPmDgyABa/bbm3V7RB/LMjJ2IL863lItaw6PMWeo7jYdWzxZfXPh7iWvrA9foO5Ofd23cRwOMZPHUDG2eg1WsSKDWJSDmJYXzLuF5aUffs83Txz/h6G+WSLn2ZnW2UdIn4tsoeJBILYx5UQguTdd0vbf5eaVXNdiZ4u++mN052DlZp3rfBiS0A8MZ0eNTnYl38X6u2yW4i9qKWMLwMdOY8aBU/C0xtmmJO/YZcLyvJ7FY8l4U2xjeE+r/PDQM2DYMDTXob95IEmU+I64zBOjAyvZEtJD7+/NlCmPhLYAulIr7W0/OQQyUSjJYYXJFo8Vezd0t/FVgF3WPPvEcGWxLDAfW/n4TIKPJ17pzDHEsgQAAAAEABVguNTA5AAADWTCCA1UwggI9oAMCAQICBHWXyggwDQYJKoZIhvcNAQELBQAwWjEUMBIGA1UEAxMLemFsYW5kby5uZXQxEzARBgNVBAoTClphbGFuZG8gU0UxDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UECBMGQmVybGluMQswCQYDVQQGEwJERTAgFw0xNjA3MjMxMzMzMjVaGA8yMTE1MDIxNTEzMzMyNVowWjEUMBIGA1UEAxMLemFsYW5kby5uZXQxEzARBgNVBAoTClphbGFuZG8gU0UxDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UECBMGQmVybGluMQswCQYDVQQGEwJERTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK6DUDx8SaPtkiMkVbVZdEDWQsyhZheqisyJFkq562eDxcr84SU/c+GRHDHK49C615HBkA+EJRgEthXzUyObW1twfufW7Cem0GDSgSw6f0PqyQa2dpZVwQXnfOujW8fjpRkmyZaHt1+yCeoF2M2CZ5iKjhqCcxToKR5cCQSfewWKsAY+xwvdlO8X2rkPUS6qoBnaDweKVCpPdsYfr0YK8kbZrCdedQNO5gN3jDzvdC9MWSE5jGqAKYEdZ6HoQ9loRgBUEF/LRRKUG0pKCBNKi+yHMeLDogmZoDnfemDHmfa3lzv1o0kaCfZ4OTggrSoSo1OoZi/ewD42lqcO5u/0Z7cCAwEAAaMhMB8wHQYDVR0OBBYEFL+4QbJq2BBv4CAdGNlGW0mLeaeiMA0GCSqGSIb3DQEBCwUAA4IBAQBkcSaS0TgUlsXL4lSCxs4PZ1K9Vqu+0stEeBst/NUzE3PdoLB4s/8z+5D0HPy4XnA5BuHCu15Wtrlcqw4oZAnPLWPlRw9QIkDmJVV/XCAtglxRGuJ7SIqKAEMjVYBhfHsVqrvbozQbVa6JveRpLqdHuGbND9gtOsvgSa6Vk+lsEanOdLqz515strJw3sPXaTyUxz0tivxTmbXVOdOxsdgrOsY0QBrXCrXsynvY3b5FrbRocnj8JJwM0m3gG1OxnXFMR1wjayvuP0G2f17Csm/+XLzKcPALJG2Vkp8LisNQ2mVpprr+LOhbVC882EJsMMiTxaLcD3LrON0MoEN9qdQhwEIX98cygaPeenkIGCVQaq43w/M= 42 | - name: TRUSTSTORE 43 | value: |- 44 | /u3+7QAAAAIAAAABAAAAAgAFcGxhbmIAAAFWF/XkygAFWC41MDkAAANZMIIDVTCCAj2gAwIBAgIEdZfKCDANBgkqhkiG9w0BAQsFADBaMRQwEgYDVQQDEwt6YWxhbmRvLm5ldDETMBEGA1UEChMKWmFsYW5kbyBTRTEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQIEwZCZXJsaW4xCzAJBgNVBAYTAkRFMCAXDTE2MDcyMzEzMzMyNVoYDzIxMTUwMjE1MTMzMzI1WjBaMRQwEgYDVQQDEwt6YWxhbmRvLm5ldDETMBEGA1UEChMKWmFsYW5kbyBTRTEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQIEwZCZXJsaW4xCzAJBgNVBAYTAkRFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroNQPHxJo+2SIyRVtVl0QNZCzKFmF6qKzIkWSrnrZ4PFyvzhJT9z4ZEcMcrj0LrXkcGQD4QlGAS2FfNTI5tbW3B+59bsJ6bQYNKBLDp/Q+rJBrZ2llXBBed866Nbx+OlGSbJloe3X7IJ6gXYzYJnmIqOGoJzFOgpHlwJBJ97BYqwBj7HC92U7xfauQ9RLqqgGdoPB4pUKk92xh+vRgryRtmsJ151A07mA3eMPO90L0xZITmMaoApgR1noehD2WhGAFQQX8tFEpQbSkoIE0qL7Icx4sOiCZmgOd96YMeZ9reXO/WjSRoJ9ng5OCCtKhKjU6hmL97APjaWpw7m7/RntwIDAQABoyEwHzAdBgNVHQ4EFgQUv7hBsmrYEG/gIB0Y2UZbSYt5p6IwDQYJKoZIhvcNAQELBQADggEBAGRxJpLROBSWxcviVILGzg9nUr1Wq77Sy0R4Gy381TMTc92gsHiz/zP7kPQc/LhecDkG4cK7Xla2uVyrDihkCc8tY+VHD1AiQOYlVX9cIC2CXFEa4ntIiooAQyNVgGF8exWqu9ujNBtVrom95Gkup0e4Zs0P2C06y+BJrpWT6WwRqc50urPnXmy2snDew9dpPJTHPS2K/FOZtdU507Gx2Cs6xjRAGtcKtezKe9jdvkWttGhyePwknAzSbeAbU7GdcUxHXCNrK+4/QbZ/XsKyb/5cvMpw8AskbZWSnwuKw1DaZWmmuv4s6FtULzzYQmwwyJPFotwPcus43QygQ32p1CFnJENsfjzVmvzAH/ymwr1Zac+Nhw== 45 | - name: REGIONS 46 | value: europe-west1 47 | - name: LISTEN_ADDRESS 48 | valueFrom: 49 | fieldRef: 50 | fieldPath: status.podIP 51 | 52 | volumeMounts: 53 | - name: cassandra-data4 54 | mountPath: /var/lib/cassandra 55 | volumeClaimTemplates: 56 | - metadata: 57 | name: cassandra-data4 58 | annotations: 59 | volume.alpha.kubernetes.io/storage-class: anything 60 | spec: 61 | accessModes: [ "ReadWriteOnce" ] 62 | resources: 63 | requests: 64 | storage: 10Gi 65 | -------------------------------------------------------------------------------- /dependencies/cassandra/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: cassandra 5 | namespace: zmon 6 | labels: 7 | app: cassandra 8 | spec: 9 | clusterIP: None 10 | ports: 11 | - port: 9042 12 | targetPort: 9042 13 | selector: 14 | app: cassandra-data 15 | -------------------------------------------------------------------------------- /dependencies/kairosdb/deployment-with-petset.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Deployment 3 | metadata: 4 | name: kairosdb 5 | namespace: zmon 6 | spec: 7 | replicas: 1 8 | template: 9 | metadata: 10 | labels: 11 | app: kairosdb 12 | spec: 13 | containers: 14 | - name: kairosdb 15 | image: registry.opensource.zalan.do/stups/kairosdb:cd101 16 | env: 17 | - name: KAIROSDB_JETTY_PORT 18 | value: "8083" 19 | - name: KAIROSDB_DATASTORE_CASSANDRA_HOST_LIST 20 | value: cassandra-0.cassandra.zmon.svc.cluster.local,cassandra-1.cassandra.zmon.svc.cluster.local 21 | - name: KAIROSDB_DATASTORE_CASSANDRA_USER 22 | value: cassandra 23 | - name: KAIROSDB_DATASTORE_CASSANDRA_PASSWORD 24 | value: admin_password 25 | ports: 26 | - containerPort: 8083 27 | -------------------------------------------------------------------------------- /dependencies/kairosdb/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Deployment 3 | metadata: 4 | name: kairosdb 5 | namespace: zmon 6 | spec: 7 | replicas: 1 8 | template: 9 | metadata: 10 | labels: 11 | app: kairosdb 12 | spec: 13 | containers: 14 | - name: kairosdb 15 | image: registry.opensource.zalan.do/stups/kairosdb:cd101 16 | env: 17 | - name: KAIROSDB_JETTY_PORT 18 | value: "8083" 19 | - name: KAIROSDB_DATASTORE_CASSANDRA_HOST_LIST 20 | value: cassandra.zmon 21 | ports: 22 | - containerPort: 8083 23 | -------------------------------------------------------------------------------- /dependencies/kairosdb/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: kairosdb 5 | namespace: zmon 6 | labels: 7 | app: kairosdb 8 | spec: 9 | type: NodePort 10 | ports: 11 | - port: 8083 12 | targetPort: 8083 13 | nodePort: 31083 14 | selector: 15 | app: kairosdb 16 | -------------------------------------------------------------------------------- /dependencies/postgresql/service.yaml: -------------------------------------------------------------------------------- 1 | 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: postgres 6 | namespace: zmon 7 | labels: 8 | app: postgres 9 | spec: 10 | type: NodePort 11 | ports: 12 | - port: 5432 13 | targetPort: 5432 14 | nodePort: 31088 15 | selector: 16 | app: postgres 17 | -------------------------------------------------------------------------------- /dependencies/redis/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Deployment 3 | metadata: 4 | name: redis 5 | namespace: zmon 6 | spec: 7 | replicas: 1 8 | template: 9 | metadata: 10 | labels: 11 | app: redis 12 | spec: 13 | containers: 14 | - name: redis 15 | image: registry.opensource.zalan.do/stups/redis:3.2.0-alpine 16 | ports: 17 | - containerPort: 6379 18 | -------------------------------------------------------------------------------- /dependencies/redis/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: redis 5 | namespace: zmon 6 | labels: 7 | app: redis 8 | spec: 9 | type: NodePort 10 | ports: 11 | - port: 6379 12 | targetPort: 6379 13 | nodePort: 31086 14 | selector: 15 | app: redis 16 | -------------------------------------------------------------------------------- /dependencies/scylladb/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ubuntu:16.04 2 | RUN apt-get update 3 | RUN apt-get install -y wget vim 4 | RUN wget -O /etc/apt/sources.list.d/scylla.list http://downloads.scylladb.com/deb/ubuntu/scylla-1.3-xenial.list 5 | RUN apt-get update && apt-get install -y scylla-server scylla-jmx scylla-tools --force-yes 6 | 7 | USER root 8 | COPY start-scylla /start-scylla 9 | RUN chown -R scylla:scylla /etc/scylla 10 | RUN chown -R scylla:scylla /etc/scylla.d 11 | RUN chown -R scylla:scylla /start-scylla 12 | 13 | USER scylla 14 | EXPOSE 10000 9042 9160 7000 7001 15 | VOLUME /var/lib/scylla 16 | 17 | CMD /start-scylla 18 | -------------------------------------------------------------------------------- /dependencies/scylladb/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Deployment 3 | metadata: 4 | name: cassandra 5 | namespace: zmon 6 | spec: 7 | replicas: 1 8 | template: 9 | metadata: 10 | labels: 11 | app: cassandra 12 | spec: 13 | containers: 14 | - name: cassandra 15 | image: registry.opensource.zalan.do/stups/scylla:1.3.0rc4 16 | ports: 17 | - containerPort: 9042 18 | name: cql 19 | - containerPort: 7000 20 | name: intra-node 21 | - containerPort: 7199 22 | name: jmx 23 | env: 24 | LISTEN_ADDRESS: 25 | valueFrom: 26 | fieldRef: 27 | fieldPath: status.podIP 28 | -------------------------------------------------------------------------------- /dependencies/scylladb/petset.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1alpha1 2 | kind: PetSet 3 | metadata: 4 | name: cassandra 5 | namespace: zmon 6 | spec: 7 | serviceName: cassandra 8 | replicas: 5 9 | template: 10 | metadata: 11 | annotations: 12 | pod.alpha.kubernetes.io/initialized: "true" 13 | labels: 14 | app: cassandra-data 15 | spec: 16 | securityContext: 17 | fsGroup: 111 18 | containers: 19 | - name: cassandra 20 | image: registry.opensource.zalan.do/stups/scylladb:1.3.2-rc6 21 | ports: 22 | - containerPort: 9042 23 | name: cql 24 | - containerPort: 7000 25 | name: intra-node 26 | - containerPort: 7001 27 | name: intra-node-ssl 28 | - containerPort: 7199 29 | name: jmx 30 | env: 31 | - name: SCYLLA_MEMORY 32 | value: "6G" 33 | - name: SCYLLA_SMP 34 | value: "4" 35 | - name: SCYLLA_SEEDS 36 | value: cassandra-0.cassandra.zmon.svc.cluster.local,cassandra-1.cassandra.zmon.svc.cluster.local 37 | - name: LISTEN_ADDRESS 38 | valueFrom: 39 | fieldRef: 40 | fieldPath: status.podIP 41 | 42 | volumeMounts: 43 | - name: cassandra-data96 44 | mountPath: /var/lib/scylla 45 | volumeClaimTemplates: 46 | - metadata: 47 | name: cassandra-data96 48 | annotations: 49 | volume.alpha.kubernetes.io/storage-class: anything 50 | spec: 51 | accessModes: [ "ReadWriteOnce" ] 52 | resources: 53 | requests: 54 | storage: 250Gi 55 | -------------------------------------------------------------------------------- /dependencies/scylladb/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: cassandra 5 | namespace: zmon 6 | labels: 7 | app: cassandra 8 | spec: 9 | clusterIP: None 10 | ports: 11 | - port: 9042 12 | targetPort: 9042 13 | selector: 14 | app: cassandra-data 15 | -------------------------------------------------------------------------------- /dependencies/scylladb/start-scylla: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . /etc/default/scylla-server 4 | 5 | CPUSET="" 6 | if [ x"$SCYLLA_CPU_SET" != "x" ]; then 7 | CPUSET="--cpuset $SCYLLA_CPU_SET" 8 | fi 9 | 10 | if [ "$SCYLLA_PRODUCTION" == "true" ]; then 11 | DEV_MODE="" 12 | if [ ! -f /var/lib/scylla/.io_setup_done ]; then 13 | DATA_DIR=`/usr/lib/scylla/scylla_config_get.py --config $SCYLLA_CONF/scylla.yaml --get data_file_directories | head -n1` 14 | iotune --evaluation-directory $DATA_DIR \ 15 | --format envfile \ 16 | --options-file /var/lib/scylla/io.conf \ 17 | $CPUSET \ 18 | --timeout 600 19 | 20 | if [ $? -ne 0 ]; then 21 | echo "/var/lib/scylla did not pass validation tests, it may not be on XFS and/or has limited disk space." 22 | echo "This is a non-supported setup, please bind mount an XFS volume." 23 | exit 1 24 | fi 25 | touch /var/lib/scylla/.io_setup_done 26 | fi 27 | source /var/lib/scylla/io.conf 28 | else 29 | DEV_MODE="--developer-mode true" 30 | fi 31 | 32 | if [ x"$LISTEN_ADDRESS" == "x" ];then 33 | LISTEN_ADDRESS=$(hostname -i) 34 | fi 35 | 36 | if [ x"$SCYLLA_SEEDS" != "x" ];then 37 | SEEDS=$(echo $SCYLLA_SEEDS | tr "," "\n" | xargs getent hosts | awk '{ print $1 }' | tr "\n" "," | head -c -1) 38 | else 39 | SEEDS="$LISTEN_ADDRESS" 40 | fi 41 | 42 | sed -i "s/seeds: \"127.0.0.1\"/seeds: \"$SEEDS\"/g" /etc/scylla/scylla.yaml 43 | sed -i "s/listen_address: localhost/listen_address: $LISTEN_ADDRESS/g" /etc/scylla/scylla.yaml 44 | 45 | if [ x"$SCYLLA_BROADCAST_ADDRESS" != "x" ];then 46 | sed -i "s/.*broadcast_address:.*/broadcast_address: $SCYLLA_BROADCAST_ADDRESS/g" /etc/scylla/scylla.yaml 47 | fi 48 | 49 | if [ x"$SCYLLA_SMP" == "x" ];then 50 | SCYLLA_SMP=1 51 | fi 52 | 53 | if [ x"$SCYLLA_MEMORY" == "x" ];then 54 | SCYLLA_MEMORY="1G" 55 | fi 56 | 57 | /usr/bin/scylla --smp $SCYLLA_SMP \ 58 | --memory $SCYLLA_MEMORY \ 59 | --log-to-syslog 0 \ 60 | --log-to-stdout 1 \ 61 | --default-log-level info \ 62 | --options-file /etc/scylla/scylla.yaml \ 63 | --listen-address $LISTEN_ADDRESS \ 64 | --rpc-address $LISTEN_ADDRESS \ 65 | --network-stack posix \ 66 | $DEV_MODE \ 67 | $SEASTAR_IO \ 68 | $CPU_SET \ 69 | & 70 | 71 | source /etc/default/scylla-jmx 72 | export SCYLLA_HOME SCYLLA_CONF 73 | exec /usr/lib/scylla/jmx/scylla-jmx -l /usr/lib/scylla/jmx & 74 | 75 | # not perfect, also waits for scylla-jmx only, with scylla not running 76 | wait 77 | -------------------------------------------------------------------------------- /deployments/README.rst: -------------------------------------------------------------------------------- 1 | This folder will contain deployment definitions created by "zmon-k8s.py". 2 | 3 | Templates used are in: ``../templates``. 4 | -------------------------------------------------------------------------------- /services/zmon-controller-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: controller 5 | namespace: zmon 6 | spec: 7 | type: ClusterIP 8 | selector: 9 | app: zmon-controller 10 | ports: 11 | - port: 443 12 | targetPort: 443 13 | nodePort: 31443 14 | protocol: TCP 15 | -------------------------------------------------------------------------------- /services/zmon-eventlog-service-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: eventlog-service 5 | namespace: zmon 6 | spec: 7 | selector: 8 | app: zmon-eventlog-service 9 | ports: 10 | - port: 8080 11 | targetPort: 8080 12 | protocol: TCP 13 | -------------------------------------------------------------------------------- /services/zmon-scheduler-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: scheduler 5 | namespace: zmon 6 | spec: 7 | type: ClusterIP 8 | selector: 9 | app: zmon-scheduler 10 | ports: 11 | - port: 8085 12 | targetPort: 8085 13 | protocol: TCP 14 | -------------------------------------------------------------------------------- /templates/create-dependencies.sh: -------------------------------------------------------------------------------- 1 | kubectl create namespace zmon 2 | 3 | kubectl create -f dependencies/cassandra/deployment.yaml 4 | kubectl create -f dependencies/cassandra/service.yaml 5 | 6 | kubectl create -f dependencies/kairosdb/deployment.yaml 7 | kubectl create -f dependencies/kairosdb/service.yaml 8 | 9 | kubectl create -f dependencies/redis/deployment.yaml 10 | kubectl create -f dependencies/redis/service.yaml 11 | 12 | kubectl create -f dependencies/postgresql/deployment.yaml 13 | kubectl create -f dependencies/postgresql/service.yaml 14 | -------------------------------------------------------------------------------- /templates/create-zmon-components.sh: -------------------------------------------------------------------------------- 1 | kubectl create -f deployments/zmon-eventlog-service.yaml 2 | kubectl create -f services/zmon-eventlog-service-service.yaml 3 | 4 | kubectl create -f deployments/zmon-controller.yaml 5 | kubectl create -f services/zmon-controller-service.yaml 6 | 7 | kubectl create -f deployments/zmon-scheduler.yaml 8 | kubectl create -f services/zmon-scheduler-service.yaml 9 | 10 | kubectl create -f deployments/zmon-worker.yaml 11 | -------------------------------------------------------------------------------- /templates/inject-database.sh: -------------------------------------------------------------------------------- 1 | wget https://github.com/zalando-zmon/zmon-controller/archive/master.zip -O zmon-controller.zip 2 | wget https://github.com/zalando-zmon/zmon-eventlog-service/archive/master.zip -O zmon-eventlog-service.zip 3 | 4 | mkdir -p zmon-controller-source 5 | mkdir -p zmon-eventlog-service-source 6 | 7 | unzip zmon-controller.zip -d zmon-controller-source 8 | unzip zmon-eventlog-service.zip -d zmon-eventlog-service-source 9 | 10 | export POSTGRES_NODE_IP=$(minikube ip) 11 | export POSTGRES_NODE_PORT=31088 12 | export PGPASSWORD={{admin_password}} 13 | 14 | psql -h $POSTGRES_NODE_IP -p $POSTGRES_NODE_PORT -U postgres -c "CREATE DATABASE local_zmon_db;" postgres 15 | psql -h $POSTGRES_NODE_IP -p $POSTGRES_NODE_PORT -U postgres -c 'CREATE EXTENSION IF NOT EXISTS hstore;' local_zmon_db 16 | psql -h $POSTGRES_NODE_IP -p $POSTGRES_NODE_PORT -U postgres -c "CREATE ROLE zmon WITH LOGIN PASSWORD '{{postgresql_password}}';" postgres 17 | psql -h $POSTGRES_NODE_IP -p $POSTGRES_NODE_PORT -U postgres -c "ALTER ROLE zmon WITH PASSWORD '{{postgresql_password}}';" postgres 18 | 19 | find "zmon-controller-source/zmon-controller-master/database/zmon" -name '*.sql' \ 20 | | sort \ 21 | | xargs cat \ 22 | | psql -h $POSTGRES_NODE_IP -p $POSTGRES_NODE_PORT -U postgres -d local_zmon_db 23 | 24 | psql -h $POSTGRES_NODE_IP -p $POSTGRES_NODE_PORT -U postgres -f zmon-eventlog-service-source/zmon-eventlog-service-master/database/eventlog/00_create_schema.sql local_zmon_db 25 | -------------------------------------------------------------------------------- /templates/postgresql-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Deployment 3 | metadata: 4 | name: postgres 5 | namespace: zmon 6 | spec: 7 | replicas: 1 8 | template: 9 | metadata: 10 | labels: 11 | app: postgres 12 | spec: 13 | containers: 14 | - name: postgres 15 | image: registry.opensource.zalan.do/stups/postgres:{{image_version}} 16 | env: 17 | - name: POSTGRES_USER 18 | value: postgres 19 | - name: POSTGRES_PASSWORD 20 | value: {{postgresql_password}} 21 | - name: PGDATA 22 | value: /var/lib/postgresql/data 23 | ports: 24 | - containerPort: 5432 25 | -------------------------------------------------------------------------------- /templates/zmon-controller.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Deployment 3 | metadata: 4 | name: controller-deployment 5 | namespace: zmon 6 | spec: # specification of the pod's contents 7 | replicas: 1 8 | template: 9 | metadata: 10 | labels: 11 | app: zmon-controller 12 | version: {{image_version}} 13 | spec: 14 | containers: 15 | - name: zmon-controller 16 | image: "registry.opensource.zalan.do/stups/zmon-controller:{{image_version}}" 17 | env: {% for k,v in env_vars.items() %} 18 | - name: "{{ k }}" 19 | value: |- 20 | {{ v }}{% endfor %} 21 | ports: 22 | - containerPort: 443 23 | -------------------------------------------------------------------------------- /templates/zmon-eventlog-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Deployment 3 | metadata: 4 | name: eventlog-service-deployment 5 | namespace: zmon 6 | spec: # specification of the pod's contents 7 | replicas: 1 8 | template: 9 | metadata: 10 | labels: 11 | app: zmon-eventlog-service 12 | version: {{image_version}} 13 | spec: 14 | containers: 15 | - name: zmon-eventlog-service 16 | image: "registry.opensource.zalan.do/stups/zmon-eventlog-service:{{image_version}}" 17 | env: {% for k,v in env_vars.items() %} 18 | - name: "{{ k }}" 19 | value: |- 20 | {{ v }}{% endfor %} 21 | ports: 22 | - containerPort: 8080 23 | -------------------------------------------------------------------------------- /templates/zmon-metric-cache.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zalando-zmon/zmon-kubernetes/8f882f26baf77056ff0fde9725f5346e467d4911/templates/zmon-metric-cache.yaml -------------------------------------------------------------------------------- /templates/zmon-scheduler.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Deployment 3 | metadata: 4 | name: scheduler-deployment 5 | namespace: zmon 6 | spec: # specification of the pod's contents 7 | replicas: 1 8 | template: 9 | metadata: 10 | labels: 11 | app: zmon-scheduler 12 | version: {{image_version}} 13 | spec: 14 | containers: 15 | - name: zmon-scheduler 16 | image: "registry.opensource.zalan.do/stups/zmon-scheduler:{{image_version}}" 17 | env: {% for k,v in env_vars.items() %} 18 | - name: "{{ k }}" 19 | value: |- 20 | {{ v }}{% endfor %} 21 | ports: 22 | - containerPort: 8085 23 | -------------------------------------------------------------------------------- /templates/zmon-worker.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Deployment 3 | metadata: 4 | name: worker-deployment 5 | namespace: zmon 6 | spec: # specification of the pod's contents 7 | replicas: 2 8 | template: 9 | metadata: 10 | labels: 11 | app: zmon-worker 12 | version: {{image_version}} 13 | spec: 14 | containers: 15 | - name: zmon-worker 16 | image: "registry.opensource.zalan.do/stups/zmon-worker:{{image_version}}" 17 | env: {% for k,v in env_vars.items() %} 18 | - name: "{{ k }}" 19 | value: |- 20 | {{ v }}{% endfor %} 21 | -------------------------------------------------------------------------------- /zmon-k8s.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | 3 | import jinja2 4 | import json 5 | import yaml 6 | from collections import defaultdict 7 | from collections import OrderedDict 8 | 9 | import uuid 10 | 11 | from jinja2 import Environment, PackageLoader 12 | env = Environment(loader=PackageLoader('zmon-k8s', 'templates')) 13 | 14 | stream = open('config.yaml', 'r') 15 | __CONFIG = yaml.load(stream) 16 | 17 | 18 | def render_template(file_name, config={}): 19 | template = env.get_template(file_name) 20 | return template.render(config) 21 | 22 | def auto_fill(application, file_name=None, config=None): 23 | if not file_name: 24 | file_name = application + ".yaml" 25 | 26 | if not config: 27 | config = __CONFIG.get(application, None) 28 | 29 | if not config: 30 | pprint ("Config not found") 31 | exit(-1) 32 | 33 | return render_template(file_name, config) 34 | 35 | def main(): 36 | 37 | token_scheduler = str(uuid.uuid4()).replace("-","").upper() 38 | token_boot_strap = str(uuid.uuid4()).replace("-","").upper() 39 | 40 | postgresql_password = str(uuid.uuid4()) 41 | postgresql_admin_password = str(uuid.uuid4()) 42 | 43 | print("Scheduler Token: {}".format(token_scheduler)); 44 | print("Bootstrap Token: {}".format(token_boot_strap)); 45 | print("PostgreSQL admin user password: {}".format(postgresql_admin_password)); 46 | print("PostgreSQL zmon user password: {}".format(postgresql_password)); 47 | 48 | env_add = defaultdict(dict) 49 | env_add["zmon-controller"]["PRESHARED_TOKENS_" +token_scheduler+"_UID"] = "zmon-scheduler" 50 | env_add["zmon-controller"]["PRESHARED_TOKENS_" +token_scheduler+"_EXPIRES_AT"] = 1758021422 51 | 52 | env_add["zmon-controller"]["POSTGRES_USERNAME"] = "postgres" 53 | env_add["zmon-controller"]["POSTGRES_PASSWORD"] = postgresql_admin_password 54 | 55 | # set unprivileged user for zmon worker accese as example 56 | env_add["zmon-worker"]["WORKER_PLUGIN_SQL_PASS"] = postgresql_password 57 | 58 | env_add["zmon-eventlog-service"]["POSTGRESQL_PASSWORD"] = postgresql_admin_password 59 | 60 | env_add["zmon-scheduler"]["SCHEDULER_OAUTH2_STATIC_TOKEN"] = token_scheduler 61 | 62 | print("updating config variables") 63 | 64 | for k in __CONFIG: 65 | if not "env_vars" in __CONFIG[k]: 66 | continue 67 | 68 | __CONFIG[k]["env_vars"].update(env_add.get(k, {})) 69 | 70 | 71 | for k in __CONFIG: 72 | if not "env_vars" in __CONFIG[k]: 73 | continue 74 | 75 | __CONFIG[k]["env_vars"] = OrderedDict(sorted(__CONFIG[k].get("env_vars", {}).items())) 76 | 77 | print("generating postgrsql deployment") 78 | postgresql_config = __CONFIG.get('postgresql') 79 | postgresql_config.update({"postgresql_password": postgresql_admin_password}) 80 | 81 | f = open("dependencies/postgresql/deployment.yaml", "w") 82 | f.write(render_template("postgresql-deployment.yaml", postgresql_config)) 83 | f.close() 84 | 85 | print("generating templates for zmon components...") 86 | for k in __CONFIG: 87 | if not k.startswith("zmon-"): 88 | continue 89 | 90 | print("\t for {}".format(k)) 91 | f = open("deployments/" + k + ".yaml", 'w') 92 | f.write(auto_fill(k)) 93 | f.close() 94 | 95 | print("") 96 | 97 | print(render_template("create-dependencies.sh")) 98 | 99 | print("") 100 | 101 | print(render_template("inject-database.sh", {"admin_password": postgresql_admin_password, "postgresql_password": postgresql_password})) 102 | 103 | print("") 104 | 105 | print(render_template("create-zmon-components.sh")) 106 | 107 | if __name__ == '__main__': 108 | main() 109 | --------------------------------------------------------------------------------