Container Infrastructure Management Service for OpenStack
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 

209 lines
5.7 KiB

  1. #!/bin/bash
  2. . /etc/sysconfig/heat-params
  3. set -ex
  4. step="prometheus-operator"
  5. printf "Starting to run ${step}\n"
  6. ### Configuration
  7. ###############################################################################
  8. CHART_NAME="prometheus-operator"
  9. CHART_VERSION=${PROMETHEUS_OPERATOR_CHART_VERSION:-5.12.3}
  10. if [ "$(echo ${MONITORING_ENABLED} | tr '[:upper:]' '[:lower:]')" = "true" ]; then
  11. # Calculate resources needed to run the Prometheus Monitoring Solution
  12. # MAX_NODE_COUNT so we can have metrics even if cluster scales
  13. PROMETHEUS_SERVER_CPU=$(expr 128 + 7 \* ${MAX_NODE_COUNT} )
  14. PROMETHEUS_SERVER_RAM=$(expr 256 + 40 \* ${MAX_NODE_COUNT})
  15. # Validate if communication node <-> master is secure or insecure
  16. PROTOCOL="https"
  17. INSECURE_SKIP_VERIFY="False"
  18. if [ "$TLS_DISABLED" = "True" ]; then
  19. PROTOCOL="http"
  20. INSECURE_SKIP_VERIFY="True"
  21. fi
  22. if [ "$(echo ${VERIFY_CA} | tr '[:upper:]' '[:lower:]')" == "false" ]; then
  23. INSECURE_SKIP_VERIFY="True"
  24. fi
  25. HELM_MODULE_CONFIG_FILE="/srv/magnum/kubernetes/helm/${CHART_NAME}.yaml"
  26. [ -f ${HELM_MODULE_CONFIG_FILE} ] || {
  27. echo "Writing File: ${HELM_MODULE_CONFIG_FILE}"
  28. mkdir -p $(dirname ${HELM_MODULE_CONFIG_FILE})
  29. cat << EOF > ${HELM_MODULE_CONFIG_FILE}
  30. ---
  31. kind: ConfigMap
  32. apiVersion: v1
  33. metadata:
  34. name: ${CHART_NAME}-config
  35. namespace: magnum-tiller
  36. labels:
  37. app: helm
  38. data:
  39. install-${CHART_NAME}.sh: |
  40. #!/bin/bash
  41. set -ex
  42. mkdir -p \${HELM_HOME}
  43. cp /etc/helm/* \${HELM_HOME}
  44. # HACK - Force wait because of bug https://github.com/helm/helm/issues/5170
  45. until helm init --client-only --wait
  46. do
  47. sleep 5s
  48. done
  49. helm repo update
  50. if [[ \$(helm history ${CHART_NAME} | grep ${CHART_NAME}) ]]; then
  51. echo "${CHART_NAME} already installed on server. Continue..."
  52. exit 0
  53. else
  54. # TODO: Set namespace to monitoring. This is needed as the Kubernetes default priorityClass can only be used in NS kube-system
  55. helm install stable/${CHART_NAME} --namespace kube-system --name ${CHART_NAME} --version v${CHART_VERSION} --values /opt/magnum/install-${CHART_NAME}-values.yaml
  56. fi
  57. install-${CHART_NAME}-values.yaml: |
  58. nameOverride: prometheus
  59. fullnameOverride: prometheus
  60. alertmanager:
  61. alertmanagerSpec:
  62. image:
  63. repository: ${CONTAINER_INFRA_PREFIX:-quay.io/}prometheus/alertmanager
  64. # # Needs testing
  65. # resources:
  66. # requests:
  67. # cpu: 100m
  68. # memory: 256Mi
  69. priorityClassName: "system-cluster-critical"
  70. # Dashboard
  71. grafana:
  72. #enabled: ${ENABLE_GRAFANA}
  73. resources:
  74. requests:
  75. cpu: 100m
  76. memory: 128Mi
  77. adminPassword: ${ADMIN_PASSWD}
  78. kubeApiServer:
  79. tlsConfig:
  80. insecureSkipVerify: ${INSECURE_SKIP_VERIFY}
  81. kubelet:
  82. serviceMonitor:
  83. https: ${PROTOCOL}
  84. coreDns:
  85. enabled: true
  86. service:
  87. port: 9153
  88. targetPort: 9153
  89. selector:
  90. k8s-app: coredns
  91. kubeEtcd:
  92. endpoints:
  93. - ${KUBE_MASTER_IP}
  94. serviceMonitor:
  95. scheme: ${PROTOCOL}
  96. insecureSkipVerify: true
  97. serverName: ${KUBE_MASTER_IP}
  98. ## If Protocol is http this files should be neglected
  99. caFile: /etc/prometheus/secrets/etcd-certificates/ca.crt
  100. certFile: /etc/prometheus/secrets/etcd-certificates/kubelet.crt
  101. keyFile: /etc/prometheus/secrets/etcd-certificates/kubelet.key
  102. kube-state-metrics:
  103. priorityClassName: "system-cluster-critical"
  104. resources:
  105. #Guaranteed
  106. limits:
  107. cpu: 50m
  108. memory: 64M
  109. prometheus-node-exporter:
  110. priorityClassName: "system-node-critical"
  111. resources:
  112. #Guaranteed
  113. limits:
  114. cpu: 20m
  115. memory: 20M
  116. prometheusOperator:
  117. priorityClassName: "system-cluster-critical"
  118. image:
  119. repository: ${CONTAINER_INFRA_PREFIX:-quay.io/}coreos/prometheus-operator
  120. configmapReloadImage:
  121. repository: ${CONTAINER_INFRA_PREFIX:-quay.io/}coreos/configmap-reload
  122. prometheusConfigReloaderImage:
  123. repository: ${CONTAINER_INFRA_PREFIX:-quay.io/}coreos/prometheus-config-reloader
  124. hyperkubeImage:
  125. repository: ${CONTAINER_INFRA_PREFIX:-gcr.io/google-containers/}hyperkube
  126. prometheus:
  127. prometheusSpec:
  128. scrapeInterval: 1m
  129. evaluationInterval: 1m
  130. image:
  131. repository: ${CONTAINER_INFRA_PREFIX:-quay.io/}prometheus/prometheus
  132. retention: 14d
  133. resources:
  134. requests:
  135. cpu: ${PROMETHEUS_SERVER_CPU}m
  136. memory: ${PROMETHEUS_SERVER_RAM}M
  137. # secrets:
  138. # - etcd-certificates
  139. priorityClassName: "system-cluster-critical"
  140. ---
  141. apiVersion: batch/v1
  142. kind: Job
  143. metadata:
  144. name: install-${CHART_NAME}-job
  145. namespace: magnum-tiller
  146. spec:
  147. backoffLimit: 5
  148. template:
  149. spec:
  150. serviceAccountName: tiller
  151. containers:
  152. - name: config-helm
  153. image: ${CONTAINER_INFRA_PREFIX:-docker.io/openstackmagnum/}helm-client:dev
  154. command:
  155. - bash
  156. args:
  157. - /opt/magnum/install-${CHART_NAME}.sh
  158. env:
  159. - name: HELM_HOME
  160. value: /helm_home
  161. - name: TILLER_NAMESPACE
  162. value: magnum-tiller
  163. - name: HELM_TLS_ENABLE
  164. value: "true"
  165. volumeMounts:
  166. - name: install-${CHART_NAME}-config
  167. mountPath: /opt/magnum/
  168. - mountPath: /etc/helm
  169. name: helm-client-certs
  170. restartPolicy: Never
  171. volumes:
  172. - name: install-${CHART_NAME}-config
  173. configMap:
  174. name: ${CHART_NAME}-config
  175. - name: helm-client-certs
  176. secret:
  177. secretName: helm-client-secret
  178. EOF
  179. }
  180. fi
  181. printf "Finished running ${step}\n"