修改部署

ToQuery · ToQuery · commit b0e5ccb85e94 · 2022-03-19T20:34:15.000+08:00
diff --git a/README.md b/README.md
@@ -1 +1,6 @@
 - https://gongzhao1.github.io/Kubernetes%E9%9B%86%E7%BE%A4%E6%97%A5%E5%BF%97%E6%94%B6%E9%9B%86-Filebeat-ELK/
+
+
+```shell
+kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.1.1/deploy/static/provider/cloud/deploy.yaml
+```
diff --git a/apps/grafana/grafana.yaml b/apps/grafana/grafana.yaml
@@ -2,23 +2,25 @@
 apiVersion: storage.k8s.io/v1
 kind: StorageClass
 metadata:
-  name: example-kubernetes-app-grafana-storage
+  name: grafana-storage
+  namespace: monitoring
 provisioner: kubernetes.io/no-provisioner
 volumeBindingMode: WaitForFirstConsumer
 
 ---
 apiVersion: v1
 kind: PersistentVolume
 metadata:
-  name: example-kubernetes-app-grafana-pv
+  name: grafana-pv
+  namespace: monitoring
 spec:
   capacity:
     storage: 2Gi
   volumeMode: Filesystem  # Filesystem（文件系统） Block（块）
   accessModes:
     - ReadWriteOnce       # 卷可以被一个节点以读写方式挂载
   persistentVolumeReclaimPolicy: Delete
-  storageClassName: example-kubernetes-app-grafana-storage
+  storageClassName: grafana-storage
   local:
     path: /Users/toquery/data/grafana-data
   nodeAffinity:
@@ -36,10 +38,11 @@ apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
   name: grafana-pvc
+  namespace: monitoring
 spec:
   accessModes:
     - ReadWriteOnce
-  storageClassName: example-kubernetes-app-grafana-storage
+  storageClassName: grafana-storage
   resources:
     requests:
       storage: 1Gi
@@ -50,6 +53,7 @@ metadata:
   labels:
     app: grafana
   name: grafana
+  namespace: monitoring
 spec:
   selector:
     matchLabels:
@@ -71,28 +75,6 @@ spec:
             - containerPort: 3000
               name: http-grafana
               protocol: TCP
-#          readinessProbe:
-#            failureThreshold: 3
-#            httpGet:
-#              path: /robots.txt
-#              port: 3000
-#              scheme: HTTP
-#            initialDelaySeconds: 10
-#            periodSeconds: 30
-#            successThreshold: 1
-#            timeoutSeconds: 2
-#          livenessProbe:
-#            failureThreshold: 3
-#            initialDelaySeconds: 30
-#            periodSeconds: 10
-#            successThreshold: 1
-#            tcpSocket:
-#              port: 3000
-#            timeoutSeconds: 1
-          resources:
-            requests:
-              cpu: 250m
-              memory: 750Mi
           volumeMounts:
             - mountPath: /var/lib/grafana
               name: grafana-pv
@@ -104,7 +86,8 @@ spec:
 apiVersion: v1
 kind: Service
 metadata:
-  name: grafana
+  name: grafana-service
+  namespace: monitoring
 spec:
   ports:
     - port: 3000
@@ -113,4 +96,27 @@ spec:
   selector:
     app: grafana
   sessionAffinity: None
-  type: NodePort
+  type: ClusterIP
+---
+## Nginx Ingress
+## Follow https://devopscube.com/setup-ingress-kubernetes-nginx-controller/
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: grafana-ui
+  namespace: monitoring
+  annotations:
+    kubernetes.io/ingress.class: nginx
+spec:
+  rules:
+    # Use the host you used in your kubernetes Ingress Configurations
+    - host: grafana.example-kubernetes.com
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: grafana-service
+                port:
+                  number: 3000
diff --git a/apps/ingress-controller-nginx/apple.yaml b/apps/ingress-controller-nginx/apple.yaml
@@ -2,7 +2,7 @@ kind: Pod
 apiVersion: v1
 metadata:
   name: apple-app
-  namespace: example-kubernetes
+  # namespace: example-kubernetes
   labels:
     app: apple
 spec:
@@ -18,7 +18,7 @@ kind: Service
 apiVersion: v1
 metadata:
   name: apple-service
-  namespace: example-kubernetes
+  # namespace: example-kubernetes
 spec:
   selector:
     app: apple
diff --git a/apps/ingress-controller-nginx/banana.yaml b/apps/ingress-controller-nginx/banana.yaml
@@ -2,7 +2,7 @@ kind: Pod
 apiVersion: v1
 metadata:
   name: banana-app
-  namespace: example-kubernetes
+  # namespace: example-kubernetes
   labels:
     app: banana
 spec:
@@ -18,7 +18,7 @@ kind: Service
 apiVersion: v1
 metadata:
   name: banana-service
-  namespace: example-kubernetes
+  # namespace: example-kubernetes
 spec:
   selector:
     app: banana
diff --git a/apps/ingress-controller-nginx/ingress.yaml b/apps/ingress-controller-nginx/ingress.yaml
@@ -2,7 +2,7 @@ apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
   name: example-ingress
-  namespace: example-kubernetes
+# namespace: example-kubernetes
 #  annotations:ingress-controller-kong
 #    kubernetes.io/ingress.class: "kong" # 控制器使用nginx
 spec:
diff --git a/apps/prometheus/01.prometheus-ns.yaml b/apps/prometheus/01.prometheus-ns.yaml
@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: monitoring
diff --git a/apps/prometheus/02.prometheus-rbac.yaml b/apps/prometheus/02.prometheus-rbac.yaml
@@ -0,0 +1,45 @@
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: prometheus
+  namespace: monitoring
+rules:
+  - apiGroups: [""]
+    resources:
+      - nodes
+      - nodes/proxy
+      - services
+      - endpoints
+      - pods
+    verbs:
+      - get
+      - list
+      - watch
+  - apiGroups:
+      - extensions
+    resources:
+      - ingresses
+    verbs:
+      - get
+      - list
+      - watch
+  - nonResourceURLs:
+      - "/metrics"
+    verbs:
+      - get
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: prometheus
+  namespace: monitoring
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: prometheus
+subjects:
+  - kind: ServiceAccount
+    namespace: default
+    name: default
diff --git a/apps/prometheus/03.prometheus-cm.yaml b/apps/prometheus/03.prometheus-cm.yaml
@@ -0,0 +1,159 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: prometheus-server-conf
+  namespace: monitoring
+  labels:
+    name: prometheus-server-conf
+data:
+  prometheus.rules: |-
+    groups:
+    - name: devopscube demo alert
+      rules:
+      - alert: High Pod Memory
+        expr: sum(container_memory_usage_bytes) > 1
+        for: 1m
+        labels:
+          severity: slack
+        annotations:
+          summary: High Memory Usage
+  prometheus.yml: |-
+    global:
+      scrape_interval: 5s
+      evaluation_interval: 5s
+    rule_files:
+      - /etc/prometheus/prometheus.rules
+    alerting:
+      alertmanagers:
+        - scheme: http
+          static_configs:
+            - targets:
+                - "alertmanager.monitoring.svc:9093"
+
+    scrape_configs:
+      - job_name: 'node-exporter'
+        kubernetes_sd_configs:
+          - role: endpoints
+        relabel_configs:
+          - source_labels: [__meta_kubernetes_endpoints_name]
+            regex: 'node-exporter'
+            action: keep
+      
+      - job_name: 'kubernetes-apiservers'
+
+        kubernetes_sd_configs:
+          - role: endpoints
+        scheme: https
+
+        tls_config:
+          ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
+
+        relabel_configs:
+          - source_labels: [__meta_kubernetes_namespace, __meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name]
+            action: keep
+            regex: default;kubernetes;https
+
+      - job_name: 'kubernetes-nodes'
+
+        scheme: https
+
+        tls_config:
+          ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
+
+        kubernetes_sd_configs:
+          - role: node
+
+        relabel_configs:
+          - action: labelmap
+            regex: __meta_kubernetes_node_label_(.+)
+          - target_label: __address__
+            replacement: kubernetes.default.svc:443
+          - source_labels: [__meta_kubernetes_node_name]
+            regex: (.+)
+            target_label: __metrics_path__
+            replacement: /api/v1/nodes/${1}/proxy/metrics
+      
+      - job_name: 'kubernetes-pods'
+
+        kubernetes_sd_configs:
+          - role: pod
+
+        relabel_configs:
+          - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_scrape]
+            action: keep
+            regex: true
+          - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_path]
+            action: replace
+            target_label: __metrics_path__
+            regex: (.+)
+          - source_labels: [__address__, __meta_kubernetes_pod_annotation_prometheus_io_port]
+            action: replace
+            regex: ([^:]+)(?::\d+)?;(\d+)
+            replacement: $1:$2
+            target_label: __address__
+          - action: labelmap
+            regex: __meta_kubernetes_pod_label_(.+)
+          - source_labels: [__meta_kubernetes_namespace]
+            action: replace
+            target_label: kubernetes_namespace
+          - source_labels: [__meta_kubernetes_pod_name]
+            action: replace
+            target_label: kubernetes_pod_name
+      
+      - job_name: 'kube-state-metrics'
+        static_configs:
+          - targets: ['kube-state-metrics.kube-system.svc.cluster.local:8080']
+
+      - job_name: 'kubernetes-cadvisor'
+
+        scheme: https
+
+        tls_config:
+          ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
+
+        kubernetes_sd_configs:
+          - role: node
+
+        relabel_configs:
+          - action: labelmap
+            regex: __meta_kubernetes_node_label_(.+)
+          - target_label: __address__
+            replacement: kubernetes.default.svc:443
+          - source_labels: [__meta_kubernetes_node_name]
+            regex: (.+)
+            target_label: __metrics_path__
+            replacement: /api/v1/nodes/${1}/proxy/metrics/cadvisor
+      
+      - job_name: 'kubernetes-service-endpoints'
+
+        kubernetes_sd_configs:
+          - role: endpoints
+
+        relabel_configs:
+          - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scrape]
+            action: keep
+            regex: true
+          - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scheme]
+            action: replace
+            target_label: __scheme__
+            regex: (https?)
+          - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_path]
+            action: replace
+            target_label: __metrics_path__
+            regex: (.+)
+          - source_labels: [__address__, __meta_kubernetes_service_annotation_prometheus_io_port]
+            action: replace
+            target_label: __address__
+            regex: ([^:]+)(?::\d+)?;(\d+)
+            replacement: $1:$2
+          - action: labelmap
+            regex: __meta_kubernetes_service_label_(.+)
+          - source_labels: [__meta_kubernetes_namespace]
+            action: replace
+            target_label: kubernetes_namespace
+          - source_labels: [__meta_kubernetes_service_name]
+            action: replace
+            target_label: kubernetes_name
diff --git a/apps/prometheus/04.prometheus-ingress.yaml b/apps/prometheus/04.prometheus-ingress.yaml
diff --git a/apps/rancher/README.md b/apps/rancher/README.md
diff --git a/example-kubernetes-helm.md b/example-kubernetes-helm.md
