From c1118ac8fe5efc128f289f86e70ddaa3dc4746ba Mon Sep 17 00:00:00 2001
From: Arshi Aggarwal <arshiagg@users.noreply.github.com>
Date: Thu, 13 Jul 2017 14:12:35 -0700
Subject: [PATCH] Added files needed for prometheus installation

---
 cluster/Vagrantfile                      |  2 +-
 install/k8s/k8s1.6/contiv-prometheus.yml | 90 ++++++++++++++++++++++++
 install/k8s/k8s1.6/contiv.yaml           |  4 ++
 install/k8s/k8s1.6/prometheus.yml        | 28 ++++++++
 4 files changed, 123 insertions(+), 1 deletion(-)
 create mode 100644 install/k8s/k8s1.6/contiv-prometheus.yml
 create mode 100644 install/k8s/k8s1.6/prometheus.yml

diff --git a/cluster/Vagrantfile b/cluster/Vagrantfile
index 2d1f923..2561dd2 100755
--- a/cluster/Vagrantfile
+++ b/cluster/Vagrantfile
@@ -230,7 +230,7 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
       c.vm.network :private_network, ip: node_addr, virtualbox__intnet: 'true', auto_config: false
 
       c.vm.provider 'virtualbox' do |v|
-        v.memory = node_orc == ORC_KUBEADM && master_ips.include?(node_addr) ? 2048 : 512
+         v.memory = node_orc == ORC_KUBEADM && master_ips.include?(node_addr) ? 2048 : 512
         # make all nics 'virtio' to take benefit of builtin vlan tag
         # support, which otherwise needs to be enabled in Intel drivers,
         # which are used by default by virtualbox
diff --git a/install/k8s/k8s1.6/contiv-prometheus.yml b/install/k8s/k8s1.6/contiv-prometheus.yml
new file mode 100644
index 0000000..2570e5f
--- /dev/null
+++ b/install/k8s/k8s1.6/contiv-prometheus.yml
@@ -0,0 +1,90 @@
+# Gives Prometheus permission to share the cluster
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRole
+metadata:
+  name: prometheus
+  namespace: kube-system
+rules:
+- apiGroups: [""]
+  resources:
+  - nodes
+  - nodes/proxy
+  - services
+  - endpoints
+  - pods
+  verbs: ["get", "list", "watch"]
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
+---
+# Prometheus is a process and hence needs service account access
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: prometheus
+  namespace: kube-system
+# Binds Prometheus to the kube-system namespace
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRoleBinding
+metadata:
+  name: prometheus
+  namespace: kube-system
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: prometheus
+subjects:
+- kind: ServiceAccount
+  name: prometheus
+  namespace: kube-system
+# Deploy prometheus as a replicaset with one container
+---
+apiVersion: extensions/v1beta1
+kind: ReplicaSet
+metadata:
+  name: contiv-prometheus
+  namespace: kube-system
+  labels:
+    k8s-app: contiv-prometheus
+spec:
+  replicas: 1
+  template:
+    metadata:
+      name: contiv-prometheus
+      labels:
+        k8s-app: contiv-prometheus
+      annotations:
+        scheduler.alpha.kubernetes.io/critical-pod: ''
+    spec:
+      tolerations:
+      - key: node-role.kubernetes.io/master
+        effect: NoSchedule
+      nodeSelector:
+        node-role.kubernetes.io/master: ""
+      containers:
+        - name: contiv-prometheus
+          image: prom/prometheus
+          volumeMounts:
+            - mountPath: /etc/prometheus
+              name: var-contiv
+      volumes:
+        - name: var-contiv
+          hostPath:
+            path: /var/contiv
+      serviceAccountName: prometheus
+# Expose prometheus as a service
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: prometheus
+  namespace: kube-system
+spec:
+  type: NodePort 
+  selector:
+    k8s-app: contiv-prometheus 
+  ports:
+    - protocol: TCP
+      port: 9090
+      nodePort: 30000
+
diff --git a/install/k8s/k8s1.6/contiv.yaml b/install/k8s/k8s1.6/contiv.yaml
index e44528a..c6ca712 100644
--- a/install/k8s/k8s1.6/contiv.yaml
+++ b/install/k8s/k8s1.6/contiv.yaml
@@ -128,6 +128,8 @@ spec:
       labels:
         k8s-app: contiv-netplugin
       annotations:
+        prometheus.io/scrape: 'true'
+        prometheus.io/port: '4567'
         scheduler.alpha.kubernetes.io/critical-pod: ''
     spec:
       hostNetwork: true
@@ -140,6 +142,8 @@ spec:
         # Runs netplugin container on each Kubernetes node.  This
         # container programs network policy and routes on each
         # host.
+        - name: sinatra-exporter
+          image: arshiagg/sinatra
         - name: contiv-netplugin
           image: contiv/netplugin:__CONTIV_VERSION__
           args:
diff --git a/install/k8s/k8s1.6/prometheus.yml b/install/k8s/k8s1.6/prometheus.yml
new file mode 100644
index 0000000..45ca078
--- /dev/null
+++ b/install/k8s/k8s1.6/prometheus.yml
@@ -0,0 +1,28 @@
+# Prometheus configuration to scrape all netplugin endpoints every 5 seconds
+scrape_configs:
+- job_name: 'kubernetes-pods'
+
+  kubernetes_sd_configs:
+  - role: pod
+
+  relabel_configs:
+  - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_scrape]
+    action: keep
+    regex: true
+  - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_path]
+    action: replace
+    target_label: __metrics_path__
+    regex: (.+)
+  - source_labels: [__address__, __meta_kubernetes_pod_annotation_prometheus_io_port]
+    action: replace
+    regex: ([^:]+)(?::\d+)?;(\d+)
+    replacement: $1:$2
+    target_label: __address__
+  - action: labelmap
+    regex: __meta_kubernetes_pod_label_(.+)
+  - source_labels: [__meta_kubernetes_namespace]
+    action: replace
+    target_label: kubernetes_namespace
+  - source_labels: [__meta_kubernetes_pod_name]
+    action: replace
+    target_label: kubernetes_pod_name