diff --git a/submitted/prometheus-pingmesh-exporter/Chart.yaml b/submitted/prometheus-pingmesh-exporter/Chart.yaml new file mode 100644 index 0000000..220a9a4 --- /dev/null +++ b/submitted/prometheus-pingmesh-exporter/Chart.yaml @@ -0,0 +1,16 @@ +apiVersion: v2 +appVersion: 1.0.1 +description: Prometheus Pingmesh Exporter +home: https://github.com/kubeservice-stack/pingmesh-agent +keywords: +- prometheus +- pimgmesh +- monitoring +maintainers: +- email: dongjiang1989@126.com + name: dongjiang +name: prometheus-pingmesh-exporter +sources: +- https://github.com/kubeservice-stack/pingmesh-agent +type: application +version: 1.0.1 diff --git a/submitted/prometheus-pingmesh-exporter/README.md b/submitted/prometheus-pingmesh-exporter/README.md new file mode 100644 index 0000000..922820f --- /dev/null +++ b/submitted/prometheus-pingmesh-exporter/README.md @@ -0,0 +1,96 @@ +# Prometheus Pingmesh Exporter + +[pingmesh architecture](https://kubeservice.cn/2022/10/21/devops-k8s-pingmesh/) + +An Prometheus exporter that exposes information from ping message. + +This chart creates a [Pingmesh Exporter](https://github.com/kubeservice-stack/pingmesh-agent) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. + +## Prerequisites + +- Kubernetes 1.8+ with Beta APIs enabled + +## Add Helm repository + +```console +helm repo add kubeservice-stack https://kubeservice-stack.github.io/kubservice-charts +helm repo update +``` + +_See [`helm repo`](https://helm.sh/docs/helm/helm_repo/) for command documentation._ + +## Install Chart + +```console +helm install [RELEASE_NAME] prometheus-pingmesh-exporter +``` + +_See [configuration](#configuration) below._ + +_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._ + +## Uninstall Chart + +```console +helm uninstall [RELEASE_NAME] +``` + +This removes all the Kubernetes components associated with the chart and deletes the release. + +_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._ + +## Upgrading Chart + +```console +helm upgrade [RELEASE_NAME] [CHART] --install +``` + +_See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documentation._ + +## From 0.22.0 to 1.0.1 + +```console +helm upgrade [RELEASE_NAME] prometheus-pingmesh-exporter --version 1.0.1 +``` + +## Configuration + +See [Customizing the Chart Before Installing](https://helm.sh/docs/intro/using_helm/#customizing-the-chart-before-installing). To see all configurable options with detailed comments, visit the chart's [values.yaml](./values.yaml), or run these configuration commands: + +```console +# Helm 2 +$ helm inspect values prometheus-pingmesh-exporter + +# Helm 3 +$ helm show values prometheus-pingmesh-exporter +``` + +See [kubeservice-stack/pingmesh-agent/README.md](https://github.com/kubeservice-stack/pingmesh-agent) for further information. + +## pingmesh pinglist configuration + +```console +setting: + # the maximum amount of concurrent to ping, uint + concurrent_limit: 20 + # interval to exec ping in seconds, float + interval: 60.0 + # The maximum delay time to ping in milliseconds, float + delay: 200 + # ping timeout in seconds, float + timeout: 2.0 + # send ip addr + source_ip_addr: 0.0.0.0 + # send ip protocal + ip_protocol: ip6 + +mesh: + add-ping-public: + name: ping-public-demo + type: OtherIP + ips : + - 127.0.0.1 + - 8.8.8.8 + - www.baidu.com + - kubernetes.default.svc.cluster.local +``` \ No newline at end of file diff --git a/submitted/prometheus-pingmesh-exporter/ci/daemonset-values.yml b/submitted/prometheus-pingmesh-exporter/ci/daemonset-values.yml new file mode 100644 index 0000000..7e498f6 --- /dev/null +++ b/submitted/prometheus-pingmesh-exporter/ci/daemonset-values.yml @@ -0,0 +1 @@ +kind: DaemonSet diff --git a/submitted/prometheus-pingmesh-exporter/ci/default-values.yaml b/submitted/prometheus-pingmesh-exporter/ci/default-values.yaml new file mode 100644 index 0000000..e69de29 diff --git a/submitted/prometheus-pingmesh-exporter/ci/extraenv-values.yaml b/submitted/prometheus-pingmesh-exporter/ci/extraenv-values.yaml new file mode 100644 index 0000000..df79f9a --- /dev/null +++ b/submitted/prometheus-pingmesh-exporter/ci/extraenv-values.yaml @@ -0,0 +1,3 @@ +extraEnv: + HTTP_PROXY: "http://superproxy.com:3128" + NO_PROXY: "localhost,127.0.0.1" diff --git a/submitted/prometheus-pingmesh-exporter/ci/hostAliases.yml b/submitted/prometheus-pingmesh-exporter/ci/hostAliases.yml new file mode 100644 index 0000000..3e3c401 --- /dev/null +++ b/submitted/prometheus-pingmesh-exporter/ci/hostAliases.yml @@ -0,0 +1,9 @@ +hostAliases: + - ip: 192.168.1.1 + hostNames: + - test.example.com + - another.example.net + - ip: 192.168.1.2 + hostNames: + - test2.example.com + - another2.example.net \ No newline at end of file diff --git a/submitted/prometheus-pingmesh-exporter/ci/ingress-values.yml b/submitted/prometheus-pingmesh-exporter/ci/ingress-values.yml new file mode 100644 index 0000000..95e57c3 --- /dev/null +++ b/submitted/prometheus-pingmesh-exporter/ci/ingress-values.yml @@ -0,0 +1,2 @@ +ingress: + enabled: true \ No newline at end of file diff --git a/submitted/prometheus-pingmesh-exporter/ci/networkpolicy-values.yaml b/submitted/prometheus-pingmesh-exporter/ci/networkpolicy-values.yaml new file mode 100644 index 0000000..12e4a94 --- /dev/null +++ b/submitted/prometheus-pingmesh-exporter/ci/networkpolicy-values.yaml @@ -0,0 +1,2 @@ +networkPolicy: + enabled: true diff --git a/submitted/prometheus-pingmesh-exporter/ci/secret-values.yaml b/submitted/prometheus-pingmesh-exporter/ci/secret-values.yaml new file mode 100644 index 0000000..92664ab --- /dev/null +++ b/submitted/prometheus-pingmesh-exporter/ci/secret-values.yaml @@ -0,0 +1 @@ +secretConfig: true diff --git a/submitted/prometheus-pingmesh-exporter/templates/NOTES.txt b/submitted/prometheus-pingmesh-exporter/templates/NOTES.txt new file mode 100644 index 0000000..26c9e74 --- /dev/null +++ b/submitted/prometheus-pingmesh-exporter/templates/NOTES.txt @@ -0,0 +1,30 @@ +See https://github.com/kubeservice-stack/pingmesh-agent for how to configure Prometheus and the pingmesh Exporter. + +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} + +{{ if and .Values.ingress.className (semverCompare "<=1.18-0" .Capabilities.KubeVersion.GitVersion) }} +You've set ".Values.ingressClassName" but it's not supported by your Kubernetes version! +Therefore the option was not added and the old ingress annotation was set. +{{ end }} + +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ template "prometheus-pingmesh-exporter.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "prometheus-pingmesh-exporter.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ template "prometheus-pingmesh-exporter.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ template "prometheus-pingmesh-exporter.namespace" . }} svc -w {{ include "prometheus-pingmesh-exporter.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ template "prometheus-pingmesh-exporter.namespace" . }} {{ include "prometheus-pingmesh-exporter.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ template "prometheus-pingmesh-exporter.namespace" . }} -l "app.kubernetes.io/name={{ include "prometheus-pingmesh-exporter.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ template "prometheus-pingmesh-exporter.namespace" . }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ template "prometheus-pingmesh-exporter.namespace" . }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/submitted/prometheus-pingmesh-exporter/templates/_helpers.tpl b/submitted/prometheus-pingmesh-exporter/templates/_helpers.tpl new file mode 100644 index 0000000..94fffb6 --- /dev/null +++ b/submitted/prometheus-pingmesh-exporter/templates/_helpers.tpl @@ -0,0 +1,83 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "prometheus-pingmesh-exporter.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "prometheus-pingmesh-exporter.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "prometheus-pingmesh-exporter.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "prometheus-pingmesh-exporter.labels" -}} +helm.sh/chart: {{ include "prometheus-pingmesh-exporter.chart" . }} +release: metrics +{{ include "prometheus-pingmesh-exporter.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "prometheus-pingmesh-exporter.selectorLabels" -}} +app.kubernetes.io/name: {{ include "prometheus-pingmesh-exporter.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "prometheus-pingmesh-exporter.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "prometheus-pingmesh-exporter.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{/* +Return the appropriate apiVersion for rbac. +*/}} +{{- define "rbac.apiVersion" -}} +{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }} +{{- print "rbac.authorization.k8s.io/v1" -}} +{{- else -}} +{{- print "rbac.authorization.k8s.io/v1beta1" -}} +{{- end -}} +{{- end -}} + + +{{- define "prometheus-pingmesh-exporter.namespace" -}} + {{- if .Values.namespaceOverride -}} + {{- .Values.namespaceOverride -}} + {{- else -}} + {{- .Release.Namespace -}} + {{- end -}} +{{- end -}} diff --git a/submitted/prometheus-pingmesh-exporter/templates/configmap.yaml b/submitted/prometheus-pingmesh-exporter/templates/configmap.yaml new file mode 100644 index 0000000..061ffb2 --- /dev/null +++ b/submitted/prometheus-pingmesh-exporter/templates/configmap.yaml @@ -0,0 +1,14 @@ +{{- if and .Values.config (eq .Values.configExistingSecretName "") }} +apiVersion: v1 +kind: {{ if .Values.secretConfig -}} Secret {{- else -}} ConfigMap {{- end }} +metadata: + name: {{ template "prometheus-pingmesh-exporter.fullname" . }} + namespace: {{ template "prometheus-pingmesh-exporter.namespace" . }} + labels: + {{- include "prometheus-pingmesh-exporter.labels" . | nindent 4 }} +{{ if .Values.secretConfig -}} stringData: {{- else -}} data: {{- end }} + pingmesh.yaml: | +{{ toYaml .Values.config | indent 4 }} + pinglist.yaml: | +{{ toYaml .Values.pinglistConfig | indent 4 }} +{{- end }} diff --git a/submitted/prometheus-pingmesh-exporter/templates/daemonset.yaml b/submitted/prometheus-pingmesh-exporter/templates/daemonset.yaml new file mode 100644 index 0000000..b7b4c71 --- /dev/null +++ b/submitted/prometheus-pingmesh-exporter/templates/daemonset.yaml @@ -0,0 +1,154 @@ +{{- if (eq .Values.kind "DaemonSet") }} +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: {{ template "prometheus-pingmesh-exporter.fullname" . }} + namespace: {{ template "prometheus-pingmesh-exporter.namespace" . }} + labels: + {{- include "prometheus-pingmesh-exporter.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + {{- include "prometheus-pingmesh-exporter.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "prometheus-pingmesh-exporter.labels" . | nindent 8 }} + {{- if .Values.pod.labels }} +{{ toYaml .Values.pod.labels | indent 8 }} + {{- end }} + annotations: + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + {{- if .Values.podAnnotations }} +{{ toYaml .Values.podAnnotations | indent 8 }} + {{- end }} + spec: + serviceAccountName: {{ template "prometheus-pingmesh-exporter.serviceAccountName" . }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end }} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} + {{- if .Values.tolerations }} + tolerations: +{{ toYaml .Values.tolerations | indent 6 }} + {{- end }} + {{- if .Values.image.pullSecrets }} + imagePullSecrets: + {{- range .Values.image.pullSecrets }} + - name: {{ . }} + {{- end }} + {{- end }} + {{- if .Values.hostAliases }} + hostAliases: + {{- range .Values.hostAliases }} + - ip: {{ .ip }} + hostnames: + {{- range .hostNames }} + - {{ . }} + {{- end }} + {{- end }} + {{- end }} + restartPolicy: {{ .Values.restartPolicy }} + + {{- if .Values.priorityClassName }} + priorityClassName: "{{ .Values.priorityClassName }}" + {{- end }} + {{- if .Values.extraInitContainers }} + initContainers: +{{ toYaml .Values.extraInitContainers | indent 8 }} + {{- end }} + containers: + - name: pingmesh-exporter + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + securityContext: + readOnlyRootFilesystem: {{ .Values.readOnlyRootFilesystem }} + runAsNonRoot: {{ .Values.runAsNonRoot }} + {{- if .Values.runAsUser }} + runAsUser: {{ .Values.runAsUser }} + {{- end }} + env: + {{- range $key, $value := .Values.extraEnv }} + - name: {{ $key }} + value: {{ $value | quote }} + {{- end }} + args: +{{- if (or .Values.config .Values.configExistingSecretName) }} + {{- if .Values.configPath }} + - "--config.file={{ .Values.configPath }}/pingmesh.yaml" + - "--pinglist.file={{ .Values.configPath }}/pinglist.yaml" + - "--log.level=error" + {{- else }} + - "--config.file=/config/pingmesh.yaml" + - "--pinglist.file=/config/pinglist.yaml" + - "--log.level=error" + {{- end }} +{{- else }} + - "--config.file=/etc/pingmesh_exporter/config.yml" + - "--pinglist.file=/etc/pingmesh_exporter/pinglist.yaml" + - "--log.level=error" +{{- end }} + {{- if .Values.extraArgs }} +{{ toYaml .Values.extraArgs | indent 12 }} + {{- end }} + resources: +{{ toYaml .Values.resources | indent 12 }} + ports: + - containerPort: {{ .Values.service.port }} + name: http + livenessProbe: + {{- toYaml .Values.livenessProbe | trim | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | trim | nindent 12 }} + volumeMounts: + - mountPath: /config + name: config + {{- range .Values.extraConfigmapMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath | default "" }} + readOnly: {{ .readOnly }} + {{- end }} + {{- range .Values.extraSecretMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath }} + readOnly: {{ .readOnly }} + {{- end }} +{{- if .Values.dnsPolicy }} + dnsPolicy: {{ .Values.dnsPolicy | toString }} +{{- end }} + hostNetwork: {{ .Values.hostNetwork }} +{{- if .Values.dnsConfig }} + dnsConfig: + {{- toYaml .Values.dnsConfig | nindent 8 }} +{{- end }} + volumes: + - name: config +{{- if .Values.secretConfig }} + secret: + secretName: {{ template "prometheus-pingmesh-exporter.fullname" . }} +{{- else if .Values.configExistingSecretName }} + secret: + secretName: {{ .Values.configExistingSecretName }} +{{- else }} + configMap: + name: {{ template "prometheus-pingmesh-exporter.fullname" . }} +{{- end }} + {{- range .Values.extraConfigmapMounts }} + - name: {{ .name }} + configMap: + name: {{ .configMap }} + defaultMode: {{ .defaultMode }} + {{- end }} + {{- range .Values.extraSecretMounts }} + - name: {{ .name }} + secret: + secretName: {{ .secretName }} + defaultMode: {{ .defaultMode }} + {{- end }} +{{- end }} diff --git a/submitted/prometheus-pingmesh-exporter/templates/deployment.yaml b/submitted/prometheus-pingmesh-exporter/templates/deployment.yaml new file mode 100644 index 0000000..a2b8e61 --- /dev/null +++ b/submitted/prometheus-pingmesh-exporter/templates/deployment.yaml @@ -0,0 +1,165 @@ +{{- if (eq .Values.kind "Deployment") }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "prometheus-pingmesh-exporter.fullname" . }} + namespace: {{ template "prometheus-pingmesh-exporter.namespace" . }} + labels: + {{- include "prometheus-pingmesh-exporter.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.replicas }} + selector: + matchLabels: + {{- include "prometheus-pingmesh-exporter.selectorLabels" . | nindent 6 }} + strategy: +{{ toYaml .Values.strategy | indent 4 }} + template: + metadata: + labels: + {{- include "prometheus-pingmesh-exporter.labels" . | nindent 8 }} + {{- if .Values.pod.labels }} +{{ toYaml .Values.pod.labels | indent 8 }} + {{- end }} + annotations: + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + {{- if .Values.podAnnotations }} +{{ toYaml .Values.podAnnotations | indent 8 }} + {{- end }} + spec: + automountServiceAccountToken: {{ .Values.automountServiceAccountToken }} + serviceAccountName: {{ template "prometheus-pingmesh-exporter.serviceAccountName" . }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end }} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} + {{- if .Values.tolerations }} + tolerations: +{{ toYaml .Values.tolerations | indent 6 }} + {{- end }} + {{- if .Values.image.pullSecrets }} + imagePullSecrets: + {{- range .Values.image.pullSecrets }} + - name: {{ . }} + {{- end }} + {{- end }} + {{- if .Values.hostAliases }} + hostAliases: + {{- range .Values.hostAliases }} + - ip: {{ .ip }} + hostnames: + {{- range .hostNames }} + - {{ . }} + {{- end }} + {{- end }} + {{- end }} + restartPolicy: {{ .Values.restartPolicy }} + + {{- if .Values.priorityClassName }} + priorityClassName: "{{ .Values.priorityClassName }}" + {{- end }} + securityContext: +{{ toYaml .Values.podSecurityContext | indent 8 }} + {{- if .Values.extraInitContainers }} + initContainers: +{{ toYaml .Values.extraInitContainers | indent 8 }} + {{- end }} + containers: + {{- if .Values.extraContainers }} +{{ toYaml .Values.extraContainers | indent 8 }} + {{- end }} + - name: pingmesh-exporter + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + securityContext: +{{ toYaml .Values.securityContext | indent 12 }} + env: + {{- range $key, $value := .Values.extraEnv }} + - name: {{ $key }} + value: {{ $value | quote }} + {{- end }} + args: +{{- if .Values.config }} + {{- if .Values.configPath }} + - "--config.file={{ .Values.configPath }}/pingmesh.yaml" + - "--pinglist.file={{ .Values.configPath }}/pinglist.yaml" + - "--log.level=error" + {{- else }} + - "--config.file=/config/pingmesh.yaml" + - "--pinglist.file=/config/pinglist.yaml" + - "--log.level=error" + {{- end }} +{{- else }} + - "--config.file=/etc/pingmesh_exporter/config.yml" + - "--pinglist.file=/etc/pingmesh_exporter/pinglist.yaml" + - "--log.level=error" +{{- end }} + {{- if .Values.extraArgs }} +{{ toYaml .Values.extraArgs | indent 12 }} + {{- end }} + resources: +{{ toYaml .Values.resources | indent 12 }} + ports: + - containerPort: {{ .Values.containerPort }} + name: http + livenessProbe: + {{- toYaml .Values.livenessProbe | trim | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | trim | nindent 12 }} + volumeMounts: + - mountPath: /config + name: config + {{- range .Values.extraConfigmapMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath | default "" }} + readOnly: {{ .readOnly }} + {{- end }} + {{- range .Values.extraSecretMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath }} + readOnly: {{ .readOnly }} + {{- end }} + {{- if .Values.extraVolumeMounts }} +{{ toYaml .Values.extraVolumeMounts | indent 12 }} + {{- end }} +{{- if .Values.dnsPolicy }} + dnsPolicy: {{ .Values.dnsPolicy | toString }} +{{- end }} + hostNetwork: {{ .Values.hostNetwork }} +{{- if .Values.dnsConfig }} + dnsConfig: + {{- toYaml .Values.dnsConfig | nindent 8 }} +{{- end }} + volumes: + {{- if .Values.extraVolumes }} +{{ toYaml .Values.extraVolumes | indent 8 }} + {{- end }} + - name: config +{{- if .Values.secretConfig }} + secret: + secretName: {{ template "prometheus-pingmesh-exporter.fullname" . }} +{{- else if .Values.configExistingSecretName }} + secret: + secretName: {{ .Values.configExistingSecretName }} +{{- else }} + configMap: + name: {{ template "prometheus-pingmesh-exporter.fullname" . }} +{{- end }} + {{- range .Values.extraConfigmapMounts }} + - name: {{ .name }} + configMap: + name: {{ .configMap }} + defaultMode: {{ .defaultMode }} + {{- end }} + {{- range .Values.extraSecretMounts }} + - name: {{ .name }} + secret: + secretName: {{ .secretName }} + defaultMode: {{ .defaultMode }} + {{- end }} +{{- end }} diff --git a/submitted/prometheus-pingmesh-exporter/templates/ingress.yaml b/submitted/prometheus-pingmesh-exporter/templates/ingress.yaml new file mode 100644 index 0000000..2f26f53 --- /dev/null +++ b/submitted/prometheus-pingmesh-exporter/templates/ingress.yaml @@ -0,0 +1,65 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "prometheus-pingmesh-exporter.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + namespace: {{ template "prometheus-pingmesh-exporter.namespace" . }} + labels: + {{- include "prometheus-pingmesh-exporter.labels" . | nindent 4 }} + {{- if .Values.ingress.labels }} +{{ toYaml .Values.ingress.labels | indent 4 }} + {{- end}} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/submitted/prometheus-pingmesh-exporter/templates/networkpolicy.yaml b/submitted/prometheus-pingmesh-exporter/templates/networkpolicy.yaml new file mode 100644 index 0000000..1b483ec --- /dev/null +++ b/submitted/prometheus-pingmesh-exporter/templates/networkpolicy.yaml @@ -0,0 +1,28 @@ +{{- if .Values.networkPolicy.enabled }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ template "prometheus-pingmesh-exporter.fullname" . }} + namespace: {{ template "prometheus-pingmesh-exporter.namespace" . }} + labels: + {{- include "prometheus-pingmesh-exporter.labels" . | nindent 4 }} +spec: + podSelector: + matchLabels: + {{- include "prometheus-pingmesh-exporter.selectorLabels" . | nindent 6 }} + ingress: +{{- if .Values.networkPolicy.allowMonitoringNamespace }} + - from: + - namespaceSelector: + matchLabels: + name: monitoring + ports: + - port: {{ .Values.service.port }} + protocol: TCP +{{- else }} + - {} +{{- end }} + policyTypes: + - Ingress +{{- end }} + diff --git a/submitted/prometheus-pingmesh-exporter/templates/poddisruptionbudget.yaml b/submitted/prometheus-pingmesh-exporter/templates/poddisruptionbudget.yaml new file mode 100644 index 0000000..1c54303 --- /dev/null +++ b/submitted/prometheus-pingmesh-exporter/templates/poddisruptionbudget.yaml @@ -0,0 +1,18 @@ +{{- if .Values.podDisruptionBudget -}} +{{ if $.Capabilities.APIVersions.Has "policy/v1/PodDisruptionBudget" -}} +apiVersion: policy/v1 +{{- else -}} +apiVersion: policy/v1beta1 +{{- end }} +kind: PodDisruptionBudget +metadata: + name: {{ template "prometheus-pingmesh-exporter.fullname" . }} + namespace: {{ template "prometheus-pingmesh-exporter.namespace" . }} + labels: + {{- include "prometheus-pingmesh-exporter.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + {{- include "prometheus-pingmesh-exporter.selectorLabels" . | nindent 6 }} +{{ toYaml .Values.podDisruptionBudget | indent 2 }} +{{- end }} diff --git a/submitted/prometheus-pingmesh-exporter/templates/podsecuritypolicy.yaml b/submitted/prometheus-pingmesh-exporter/templates/podsecuritypolicy.yaml new file mode 100644 index 0000000..d6cf9fd --- /dev/null +++ b/submitted/prometheus-pingmesh-exporter/templates/podsecuritypolicy.yaml @@ -0,0 +1,41 @@ +{{- if and .Values.pspEnabled (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }} +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: {{ template "prometheus-pingmesh-exporter.fullname" . }}-psp + namespace: {{ template "prometheus-pingmesh-exporter.namespace" . }} + labels: + {{- include "prometheus-pingmesh-exporter.labels" . | nindent 4 }} +spec: + # Prevents running in privileged mode + privileged: false + # Required to prevent escalations to root. + allowPrivilegeEscalation: false + volumes: + - configMap + - secret + hostNetwork: false + hostIPC: false + hostPID: false + runAsUser: + rule: RunAsAny + seLinux: + rule: RunAsAny + supplementalGroups: + rule: 'MustRunAs' + ranges: + # Forbid adding the root group. + - min: 1 + max: 65535 + fsGroup: + rule: 'MustRunAs' + ranges: + # Forbid adding the root group. + - min: 1 + max: 65535 + readOnlyRootFilesystem: {{ .Values.readOnlyRootFilesystem }} + {{- if has "NET_RAW" .Values.securityContext.capabilities.add }} + allowedCapabilities: + - NET_RAW + {{- end }} +{{- end }} diff --git a/submitted/prometheus-pingmesh-exporter/templates/prometheusrule.yaml b/submitted/prometheus-pingmesh-exporter/templates/prometheusrule.yaml new file mode 100644 index 0000000..d38455c --- /dev/null +++ b/submitted/prometheus-pingmesh-exporter/templates/prometheusrule.yaml @@ -0,0 +1,20 @@ +{{- if .Values.prometheusRule.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: PrometheusRule +metadata: + name: {{ template "prometheus-pingmesh-exporter.fullname" . }} + {{- with .Values.prometheusRule.namespace }} + namespace: {{ . }} + {{- end }} + labels: + {{- include "prometheus-pingmesh-exporter.labels" . | nindent 4 }} + {{- with .Values.prometheusRule.additionalLabels -}} +{{- toYaml . | nindent 4 -}} + {{- end }} +spec: + {{- with .Values.prometheusRule.rules }} + groups: + - name: {{ template "prometheus-pingmesh-exporter.name" $ }} + rules: {{ toYaml . | nindent 8 }} + {{- end }} +{{- end }} diff --git a/submitted/prometheus-pingmesh-exporter/templates/role.yaml b/submitted/prometheus-pingmesh-exporter/templates/role.yaml new file mode 100644 index 0000000..52ee13b --- /dev/null +++ b/submitted/prometheus-pingmesh-exporter/templates/role.yaml @@ -0,0 +1,18 @@ +{{- if .Values.pspEnabled }} +apiVersion: {{ template "rbac.apiVersion" . }} +kind: Role +metadata: + labels: + {{- include "prometheus-pingmesh-exporter.labels" . | nindent 4 }} + name: {{ template "prometheus-pingmesh-exporter.fullname" . }} + namespace: {{ template "prometheus-pingmesh-exporter.namespace" . }} +rules: + - apiGroups: + - policy + resources: + - podsecuritypolicies + resourceNames: + - {{ template "prometheus-pingmesh-exporter.fullname" . }}-psp + verbs: + - use +{{- end -}} diff --git a/submitted/prometheus-pingmesh-exporter/templates/rolebinding.yaml b/submitted/prometheus-pingmesh-exporter/templates/rolebinding.yaml new file mode 100644 index 0000000..edd1fdb --- /dev/null +++ b/submitted/prometheus-pingmesh-exporter/templates/rolebinding.yaml @@ -0,0 +1,16 @@ +{{- if .Values.pspEnabled }} +apiVersion: {{ template "rbac.apiVersion" . }} +kind: RoleBinding +metadata: + labels: + {{- include "prometheus-pingmesh-exporter.labels" . | nindent 4 }} + name: {{ template "prometheus-pingmesh-exporter.fullname" . }} + namespace: {{ template "prometheus-pingmesh-exporter.namespace" . }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ template "prometheus-pingmesh-exporter.fullname" . }} +subjects: + - kind: ServiceAccount + name: {{ template "prometheus-pingmesh-exporter.serviceAccountName" . }} +{{- end -}} diff --git a/submitted/prometheus-pingmesh-exporter/templates/selfservicemonitor.yaml b/submitted/prometheus-pingmesh-exporter/templates/selfservicemonitor.yaml new file mode 100644 index 0000000..2b1361d --- /dev/null +++ b/submitted/prometheus-pingmesh-exporter/templates/selfservicemonitor.yaml @@ -0,0 +1,31 @@ +{{- if .Values.serviceMonitor.selfMonitor.enabled }} +--- +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "prometheus-pingmesh-exporter.fullname" $ }} + namespace: {{ template "prometheus-pingmesh-exporter.namespace" $ }} + labels: + {{- include "prometheus-pingmesh-exporter.labels" $ | nindent 4 }} + {{- if .Values.serviceMonitor.selfMonitor.labels }} + {{- toYaml (.Values.serviceMonitor.selfMonitor.labels) | nindent 4 }} + {{- end }} +spec: + endpoints: + - path: /metrics + interval: {{ .Values.serviceMonitor.selfMonitor.interval }} + scrapeTimeout: {{ .Values.serviceMonitor.selfMonitor.scrapeTimeout }} + scheme: http + +{{- if .Values.serviceMonitor.selfMonitor.additionalRelabeling }} + relabelings: +{{ toYaml .Values.serviceMonitor.selfMonitor.additionalRelabeling | indent 6 }} +{{- end }} + jobLabel: "{{ .Release.Name }}" + selector: + matchLabels: + {{- include "prometheus-pingmesh-exporter.selectorLabels" $ | nindent 6 }} + namespaceSelector: + matchNames: + - {{ template "prometheus-pingmesh-exporter.namespace" $ }} +{{- end }} diff --git a/submitted/prometheus-pingmesh-exporter/templates/service.yaml b/submitted/prometheus-pingmesh-exporter/templates/service.yaml new file mode 100644 index 0000000..745e905 --- /dev/null +++ b/submitted/prometheus-pingmesh-exporter/templates/service.yaml @@ -0,0 +1,27 @@ +apiVersion: v1 +kind: Service +metadata: +{{- if .Values.service.annotations }} + annotations: + {{- toYaml .Values.service.annotations | nindent 4 }} +{{- end }} + name: {{ include "prometheus-pingmesh-exporter.fullname" . }} + namespace: {{ template "prometheus-pingmesh-exporter.namespace" . }} + labels: + {{- include "prometheus-pingmesh-exporter.labels" . | nindent 4 }} +{{- if .Values.service.labels }} +{{ toYaml .Values.service.labels | indent 4 }} +{{- end }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http +{{- if .Values.service.externalIPs }} + externalIPs: +{{ toYaml .Values.service.externalIPs | indent 4 }} +{{- end }} + selector: + {{- include "prometheus-pingmesh-exporter.selectorLabels" . | nindent 4 }} diff --git a/submitted/prometheus-pingmesh-exporter/templates/serviceaccount.yaml b/submitted/prometheus-pingmesh-exporter/templates/serviceaccount.yaml new file mode 100644 index 0000000..ca9e3f6 --- /dev/null +++ b/submitted/prometheus-pingmesh-exporter/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "prometheus-pingmesh-exporter.serviceAccountName" . }} + namespace: {{ template "prometheus-pingmesh-exporter.namespace" . }} + labels: + {{- include "prometheus-pingmesh-exporter.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/submitted/prometheus-pingmesh-exporter/templates/servicemonitor.yaml b/submitted/prometheus-pingmesh-exporter/templates/servicemonitor.yaml new file mode 100644 index 0000000..ac7ec34 --- /dev/null +++ b/submitted/prometheus-pingmesh-exporter/templates/servicemonitor.yaml @@ -0,0 +1,55 @@ +{{- if .Values.serviceMonitor.enabled }} +{{- range .Values.serviceMonitor.targets }} +--- +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "prometheus-pingmesh-exporter.fullname" $ }}-{{ .name }} + namespace: {{ template "prometheus-pingmesh-exporter.namespace" $ }} + labels: + {{- include "prometheus-pingmesh-exporter.labels" $ | nindent 4 }} + {{- if or $.Values.serviceMonitor.defaults.labels .labels }} + {{- toYaml (.labels | default $.Values.serviceMonitor.defaults.labels) | nindent 4 }} + {{- end }} +spec: + endpoints: + - port: http + scheme: {{ $.Values.serviceMonitor.scheme }} + {{- if $.Values.serviceMonitor.bearerTokenFile }} + bearerTokenFile: {{ $.Values.serviceMonitor.bearerTokenFile }} + {{- end }} + {{- if $.Values.serviceMonitor.tlsConfig }} + tlsConfig: {{ toYaml $.Values.serviceMonitor.tlsConfig | nindent 6 }} + {{- end }} + path: "/probe" + interval: {{ .interval | default $.Values.serviceMonitor.defaults.interval }} + scrapeTimeout: {{ .scrapeTimeout | default $.Values.serviceMonitor.defaults.scrapeTimeout }} + params: + module: + - {{ .module | default $.Values.serviceMonitor.defaults.module }} + target: + - {{ .url }} + metricRelabelings: + - sourceLabels: [instance] + targetLabel: instance + replacement: {{ .url }} + - sourceLabels: [target] + targetLabel: target + replacement: {{ .name }} + {{- range $targetLabel, $replacement := .additionalMetricsRelabels | default $.Values.serviceMonitor.defaults.additionalMetricsRelabels }} + - targetLabel: {{ $targetLabel | quote }} + replacement: {{ $replacement | quote }} + {{- end }} +{{- if concat (.additionalRelabeling | default list) $.Values.serviceMonitor.defaults.additionalRelabeling }} + relabelings: +{{ toYaml (concat (.additionalRelabeling | default list) $.Values.serviceMonitor.defaults.additionalRelabeling) | indent 6 }} +{{- end }} + jobLabel: "{{ $.Release.Name }}" + selector: + matchLabels: + {{- include "prometheus-pingmesh-exporter.selectorLabels" $ | nindent 6 }} + namespaceSelector: + matchNames: + - {{ template "prometheus-pingmesh-exporter.namespace" $ }} +{{- end }} +{{- end }} diff --git a/submitted/prometheus-pingmesh-exporter/values.yaml b/submitted/prometheus-pingmesh-exporter/values.yaml new file mode 100644 index 0000000..782e224 --- /dev/null +++ b/submitted/prometheus-pingmesh-exporter/values.yaml @@ -0,0 +1,396 @@ +restartPolicy: Always + +kind: DaemonSet + +## Override the namespace +## +namespaceOverride: "monitoring" + +podDisruptionBudget: {} + # maxUnavailable: 0 + +## Allow automount the serviceaccount token for sidecar container (eg: oauthproxy) +automountServiceAccountToken: false + +## Additional pingmesh-exporter container environment variables +## For instance to add a http_proxy +## +## extraEnv: +## HTTP_PROXY: "http://superproxy.com:3128" +## NO_PROXY: "localhost,127.0.0.1" +extraEnv: {} + +extraVolumes: [] + # - name: secret-pingmesh-oauth-htpasswd + # secret: + # defaultMode: 420 + # secretName: pingmesh-oauth-htpasswd + # - name: storage-volume + # persistentVolumeClaim: + # claimName: example + +## Additional volumes that will be attached to the pingmesh-exporter container +extraVolumeMounts: + # - name: ca-certs + # mountPath: /etc/ssl/certs/ca-certificates.crt + +## Additional InitContainers to initialize the pod +## +extraInitContainers: [] + +extraContainers: [] + # - name: oAuth2-proxy + # args: + # - -https-address=:9116 + # - -upstream=http://localhost:9115 + # - -skip-auth-regex=^/metrics + # - -openshift-delegate-urls={"/":{"group":"monitoring.coreos.com","resource":"prometheuses","verb":"get"}} + # image: openshift/oauth-proxy:v1.1.0 + # ports: + # - containerPort: 9116 + # name: proxy + # resources: + # limits: + # memory: 16Mi + # requests: + # memory: 4Mi + # cpu: 20m + # volumeMounts: + # - mountPath: /etc/prometheus/secrets/pingmesh-tls + # name: secret-pingmesh-tls + +## Enable pod security policy +pspEnabled: true + +hostNetwork: false + +strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 0 + type: RollingUpdate + +image: + repository: dongjiang1989/pingmesh-agent + tag: latest + pullPolicy: Always + + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## + # pullSecrets: + # - myRegistrKeySecretName + +podSecurityContext: {} +# fsGroup: 1000 + +## User and Group to run pingmesh-exporter container as +securityContext: + runAsUser: 1000 + runAsGroup: 1000 + readOnlyRootFilesystem: true + runAsNonRoot: true + allowPrivilegeEscalation: false + capabilities: + drop: ["ALL"] +# Add NET_RAW to enable ICMP +# add: ["NET_RAW"] + +livenessProbe: + httpGet: + path: /health + port: http + +readinessProbe: + httpGet: + path: /health + port: http + +nodeSelector: {} +tolerations: + - operator: Exists + effect: NoSchedule + - key: CriticalAddonsOnly + operator: Exists + - operator: Exists + effect: NoExecute + - key: node.kubernetes.io/not-ready + operator: Exists + effect: NoExecute + - key: node.kubernetes.io/unreachable + operator: Exists + effect: NoExecute + - key: node.kubernetes.io/disk-pressure + operator: Exists + effect: NoSchedule + - key: node.kubernetes.io/memory-pressure + operator: Exists + effect: NoSchedule + - key: node.kubernetes.io/pid-pressure + operator: Exists + effect: NoSchedule + - key: node.kubernetes.io/unschedulable + operator: Exists + effect: NoSchedule + +affinity: {} + +# if the configuration is managed as secret outside the chart, using SealedSecret for example, +# provide the name of the secret here. If secretConfig is set to true, configExistingSecretName will be ignored +# in favor of the config value. +configExistingSecretName: "" +# Store the configuration as a `Secret` instead of a `ConfigMap`, useful in case it contains sensitive data +secretConfig: false +config: + modules: + http_2xx: + prober: http + timeout: 10s + http: + valid_http_versions: ["HTTP/1.1", "HTTP/2"] + valid_status_codes: [200,201,204,304,312] + method: GET + preferred_ip_protocol: "ip4" + http_2xx_ipv6: + prober: http + timeout: 10s + http: + valid_http_versions: ["HTTP/1.1", "HTTP/2"] + valid_status_codes: [200,201,204,304,312] + method: GET + preferred_ip_protocol: "ip6" + http_post_2xx: + prober: http + timeout: 10s + http: + valid_http_versions: ["HTTP/1.1", "HTTP/2"] + valid_status_codes: [200,201,204,304,312] + method: POST + preferred_ip_protocol: "ip4" + http_post_2xx_ipv6: + prober: http + timeout: 10s + http: + valid_http_versions: ["HTTP/1.1", "HTTP/2"] + valid_status_codes: [200,201,204,304,312] + method: POST + preferred_ip_protocol: "ip6" + tcp_connect: + prober: tcp + timeout: 2s + ping: + prober: icmp + timeout: 5s + icmp: + preferred_ip_protocol: "ip4" + ping_ipv6: + prober: icmp + timeout: 5s + icmp: + preferred_ip_protocol: "ip6" + dns: + prober: dns + dns: + transport_protocol: "tcp" + preferred_ip_protocol: "ip4" + query_name: "kubernetes.defalut.svc.cluster.local" + dns_ipv6: + prober: dns + dns: + transport_protocol: "tcp" + preferred_ip_protocol: "ip6" + query_name: "kubernetes.defalut.svc.cluster.local" + +pinglistConfig: + setting: + concurrent_limit: 20 + interval: 60.0 + delay: 200 + timeout: 2.0 + source_ip_addr: 0.0.0.0 + ip_protocol: ip6 + mesh: + add-ping-public: + name: ping-public-demo + type: OtherIP + ips : + - 127.0.0.1 + - 8.8.8.8 + - 114.114.114.114 + - www.baidu.com + - kubernetes.default.svc.cluster.local + +# Set custom config path, other than default /config/pingmesh.yaml. If let empty, path will be "/config/pingmesh.yaml" +# configPath: "/foo/bar" + +extraConfigmapMounts: [] + # - name: certs-configmap + # mountPath: /etc/secrets/ssl/ + # subPath: certificates.crt # (optional) + # configMap: certs-configmap + # readOnly: true + # defaultMode: 420 + +## Additional secret mounts +# Defines additional mounts with secrets. Secrets must be manually created in the namespace. +extraSecretMounts: [] + # - name: secret-files + # mountPath: /etc/secrets + # secretName: pingmesh-secret-files + # readOnly: true + # defaultMode: 420 + +resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 200m + memory: 256Mi + # limits: + # memory: 300Mi + # requests: + # memory: 50Mi + +priorityClassName: "" + +service: + annotations: {} + labels: {} + type: ClusterIP + port: 9115 + +# Only changes container port. Application port can be changed with extraArgs (--web.listen-address=:9115) +# https://github.com/prometheus/pingmesh_exporter/blob/998037b5b40c1de5fee348ffdea8820509d85171/main.go#L55 +containerPort: 9115 + +serviceAccount: + # Specifies whether a ServiceAccount should be created + create: true + # The name of the ServiceAccount to use. + # If not set and create is true, a name is generated using the fullname template + name: + annotations: {} + +## An Ingress resource can provide name-based virtual hosting and TLS +## termination among other things for CouchDB deployments which are accessed +## from outside the Kubernetes cluster. +## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/ +ingress: + enabled: false + className: "" + labels: {} + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +podAnnotations: {} + +# Hostaliases allow to add additional DNS entries to be injected directly into pods. +# This will take precedence over your implemented DNS solution +hostAliases: [] +# - ip: 192.168.1.1 +# hostNames: +# - test.example.com +# - another.example.net + +pod: + labels: {} + +extraArgs: [] + # - --history.limit=1000 + +replicas: 1 + +serviceMonitor: + ## If true, a ServiceMonitor CRD is created for a prometheus operator + ## https://github.com/coreos/prometheus-operator for pingmesh-exporter itself + ## + selfMonitor: + enabled: true + additionalMetricsRelabels: {} + additionalRelabeling: [] + labels: {} + interval: 30s + scrapeTimeout: 30s + + ## If true, a ServiceMonitor CRD is created for a prometheus operator + ## https://github.com/coreos/prometheus-operator for each target + ## + enabled: true + + # Default values that will be used for all ServiceMonitors created by `targets` + defaults: + additionalMetricsRelabels: {} + additionalRelabeling: [] + labels: {} + interval: 30s + scrapeTimeout: 30s + module: dns + ## scheme: HTTP scheme to use for scraping. Can be used with `tlsConfig` for example if using istio mTLS. + scheme: http + ## tlsConfig: TLS configuration to use when scraping the endpoint. For example if using istio mTLS. + ## Of type: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#tlsconfig + tlsConfig: {} + bearerTokenFile: + + targets: + - name: baidu.com # Human readable URL that will appear in Prometheus / AlertManager + url: https://www.baidu.com # The URL that pingmesh will scrape + labels: {} # Map of labels for ServiceMonitor. Overrides value set in `defaults` + interval: 60s # Scraping interval. Overrides value set in `defaults` + scrapeTimeout: 60s # Scrape timeout. Overrides value set in `defaults` + module: http_2xx # Module used for scraping. Overrides value set in `defaults` + additionalMetricsRelabels: {} # Map of metric labels and values to add + additionalRelabeling: [] # List of metric relabeling actions to run + - name: docker.io # Human readable URL that will appear in Prometheus / AlertManager + url: https://docker.io # The URL that pingmesh will scrape + labels: {} # Map of labels for ServiceMonitor. Overrides value set in `defaults` + interval: 60s # Scraping interval. Overrides value set in `defaults` + scrapeTimeout: 60s # Scrape timeout. Overrides value set in `defaults` + module: http_2xx # Module used for scraping. Overrides value set in `defaults` + additionalMetricsRelabels: {} # Map of metric labels and values to add + additionalRelabeling: [] # List of metric relabeling actions to run + +## Custom PrometheusRules to be defined +## ref: https://github.com/coreos/prometheus-operator#customresourcedefinitions +prometheusRule: + enabled: false + additionalLabels: {} + namespace: "" + rules: + - alert: 站点可用性 + expr: probe_success == 0 + for: 1m + labels: + alertype: domain + severity: critical + annotations: + description: "站点无法访问: {{ $labels.instance }}" + +## Network policy for chart +networkPolicy: + # Enable network policy and allow access from anywhere + enabled: false + # Limit access only from monitoring namespace + # Before setting this value to true, you must add the name=monitoring label to the monitoring namespace + # Network Policy uses label filtering + allowMonitoringNamespace: false + +## dnsPolicy and dnsConfig for Deployments and Daemonsets if you want non-default settings. +## These will be passed directly to the PodSpec of same. +dnsPolicy: ClusterFirst +dnsConfig: + options: + - name: ndots + value: '3'