chemavx/k8s-manifests
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add monitoring/statefulsets.yaml

Browse Source
This commit is contained in:
chemavx 2026-03-26 17:06:30 +00:00
parent 7e1fbfc3f0
commit bb1f390af0
1 changed files with 600 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

600
monitoring/statefulsets.yaml Normal file
View File

@ -0,0 +1,600 @@
apiVersion: apps/v1
kind: StatefulSet
metadata:
annotations:
meta.helm.sh/release-name: kube-prometheus-stack
meta.helm.sh/release-namespace: monitoring
prometheus-operator-input-hash: '14538553773263736579'
labels:
alertmanager: kube-prometheus-stack-alertmanager
app: kube-prometheus-stack-alertmanager
app.kubernetes.io/instance: kube-prometheus-stack-alertmanager
app.kubernetes.io/managed-by: prometheus-operator
app.kubernetes.io/name: alertmanager
app.kubernetes.io/part-of: kube-prometheus-stack
app.kubernetes.io/version: 82.13.5
chart: kube-prometheus-stack-82.13.5
heritage: Helm
managed-by: prometheus-operator
release: kube-prometheus-stack
name: alertmanager-kube-prometheus-stack-alertmanager
namespace: monitoring
ownerReferences:
- apiVersion: monitoring.coreos.com/v1
blockOwnerDeletion: true
controller: true
kind: Alertmanager
name: kube-prometheus-stack-alertmanager
uid: 162620f6-2ae0-4fb4-b0d8-b386f6b7e809
spec:
persistentVolumeClaimRetentionPolicy:
whenDeleted: Retain
whenScaled: Retain
podManagementPolicy: Parallel
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
alertmanager: kube-prometheus-stack-alertmanager
app.kubernetes.io/instance: kube-prometheus-stack-alertmanager
app.kubernetes.io/managed-by: prometheus-operator
app.kubernetes.io/name: alertmanager
serviceName: alertmanager-operated
template:
metadata:
annotations:
kubectl.kubernetes.io/default-container: alertmanager
labels:
alertmanager: kube-prometheus-stack-alertmanager
app.kubernetes.io/instance: kube-prometheus-stack-alertmanager
app.kubernetes.io/managed-by: prometheus-operator
app.kubernetes.io/name: alertmanager
app.kubernetes.io/version: 0.31.1
spec:
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: app.kubernetes.io/name
operator: In
values:
- alertmanager
- key: alertmanager
operator: In
values:
- kube-prometheus-stack-alertmanager
topologyKey: kubernetes.io/hostname
weight: 100
automountServiceAccountToken: true
containers:
- args:
- --config.file=/etc/alertmanager/config_out/alertmanager.env.yaml
- --storage.path=/alertmanager
- --data.retention=120h
- --cluster.listen-address=
- --web.listen-address=:9093
- --web.external-url=http://kube-prometheus-stack-alertmanager.monitoring:9093
- --web.route-prefix=/
- --cluster.label=monitoring/kube-prometheus-stack-alertmanager
- --cluster.peer=alertmanager-kube-prometheus-stack-alertmanager-0.alertmanager-operated:9094
- --cluster.reconnect-timeout=5m
- --web.config.file=/etc/alertmanager/web_config/web-config.yaml
env:
- name: POD_IP
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: status.podIP
image: quay.io/prometheus/alertmanager:v0.31.1
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 10
httpGet:
path: /-/healthy
port: http-web
scheme: HTTP
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 3
name: alertmanager
ports:
- containerPort: 9093
name: http-web
protocol: TCP
- containerPort: 9094
name: mesh-tcp
protocol: TCP
- containerPort: 9094
name: mesh-udp
protocol: UDP
readinessProbe:
failureThreshold: 10
httpGet:
path: /-/ready
port: http-web
scheme: HTTP
initialDelaySeconds: 3
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 3
resources:
requests:
memory: 200Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: FallbackToLogsOnError
volumeMounts:
- mountPath: /etc/alertmanager/config
name: config-volume
- mountPath: /etc/alertmanager/config_out
name: config-out
readOnly: true
- mountPath: /etc/alertmanager/certs
name: tls-assets
readOnly: true
- mountPath: /alertmanager
name: alertmanager-kube-prometheus-stack-alertmanager-db
subPath: alertmanager-db
- mountPath: /etc/alertmanager/web_config/web-config.yaml
name: web-config
readOnly: true
subPath: web-config.yaml
- mountPath: /etc/alertmanager/cluster_tls_config/cluster-tls-config.yaml
name: cluster-tls-config
readOnly: true
subPath: cluster-tls-config.yaml
- args:
- --listen-address=:8080
- --web-config-file=/etc/alertmanager/web_config/web-config.yaml
- --reload-url=http://127.0.0.1:9093/-/reload
- --config-file=/etc/alertmanager/config/alertmanager.yaml.gz
- --config-envsubst-file=/etc/alertmanager/config_out/alertmanager.env.yaml
- --watched-dir=/etc/alertmanager/config
command:
- /bin/prometheus-config-reloader
env:
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: SHARD
value: '-1'
image: quay.io/prometheus-operator/prometheus-config-reloader:v0.89.0
imagePullPolicy: IfNotPresent
name: config-reloader
ports:
- containerPort: 8080
name: reloader-web
protocol: TCP
resources: {}
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: FallbackToLogsOnError
volumeMounts:
- mountPath: /etc/alertmanager/config
name: config-volume
readOnly: true
- mountPath: /etc/alertmanager/config_out
name: config-out
- mountPath: /etc/alertmanager/web_config/web-config.yaml
name: web-config
readOnly: true
subPath: web-config.yaml
dnsPolicy: ClusterFirst
initContainers:
- args:
- --watch-interval=0
- --listen-address=:8081
- --config-file=/etc/alertmanager/config/alertmanager.yaml.gz
- --config-envsubst-file=/etc/alertmanager/config_out/alertmanager.env.yaml
- --watched-dir=/etc/alertmanager/config
command:
- /bin/prometheus-config-reloader
env:
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: SHARD
value: '-1'
image: quay.io/prometheus-operator/prometheus-config-reloader:v0.89.0
imagePullPolicy: IfNotPresent
name: init-config-reloader
ports:
- containerPort: 8081
name: reloader-init
protocol: TCP
resources: {}
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: FallbackToLogsOnError
volumeMounts:
- mountPath: /etc/alertmanager/config
name: config-volume
readOnly: true
- mountPath: /etc/alertmanager/config_out
name: config-out
- mountPath: /etc/alertmanager/web_config/web-config.yaml
name: web-config
readOnly: true
subPath: web-config.yaml
restartPolicy: Always
schedulerName: default-scheduler
securityContext:
fsGroup: 2000
runAsGroup: 2000
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
serviceAccount: kube-prometheus-stack-alertmanager
serviceAccountName: kube-prometheus-stack-alertmanager
terminationGracePeriodSeconds: 120
volumes:
- name: config-volume
secret:
defaultMode: 420
secretName: alertmanager-kube-prometheus-stack-alertmanager-generated
- name: tls-assets
projected:
defaultMode: 420
sources:
- secret:
name: alertmanager-kube-prometheus-stack-alertmanager-tls-assets-0
- emptyDir:
medium: Memory
name: config-out
- name: web-config
secret:
defaultMode: 420
secretName: alertmanager-kube-prometheus-stack-alertmanager-web-config
- name: cluster-tls-config
secret:
defaultMode: 420
secretName: alertmanager-kube-prometheus-stack-alertmanager-cluster-tls-config
updateStrategy:
type: RollingUpdate
volumeClaimTemplates:
- apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: alertmanager-kube-prometheus-stack-alertmanager-db
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 2Gi
storageClassName: local-path
volumeMode: Filesystem
status:
phase: Pending
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
annotations:
meta.helm.sh/release-name: kube-prometheus-stack
meta.helm.sh/release-namespace: monitoring
prometheus-operator-input-hash: '11828693200364279105'
labels:
app: kube-prometheus-stack-prometheus
app.kubernetes.io/instance: kube-prometheus-stack-prometheus
app.kubernetes.io/managed-by: prometheus-operator
app.kubernetes.io/name: prometheus
app.kubernetes.io/part-of: kube-prometheus-stack
app.kubernetes.io/version: 82.13.5
chart: kube-prometheus-stack-82.13.5
heritage: Helm
managed-by: prometheus-operator
operator.prometheus.io/mode: server
operator.prometheus.io/name: kube-prometheus-stack-prometheus
operator.prometheus.io/shard: '0'
prometheus: kube-prometheus-stack-prometheus
release: kube-prometheus-stack
name: prometheus-kube-prometheus-stack-prometheus
namespace: monitoring
ownerReferences:
- apiVersion: monitoring.coreos.com/v1
blockOwnerDeletion: true
controller: true
kind: Prometheus
name: kube-prometheus-stack-prometheus
uid: 8152f0d6-a644-48fb-a14b-f68ea1e1ab9f
spec:
persistentVolumeClaimRetentionPolicy:
whenDeleted: Retain
whenScaled: Retain
podManagementPolicy: Parallel
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/instance: kube-prometheus-stack-prometheus
app.kubernetes.io/managed-by: prometheus-operator
app.kubernetes.io/name: prometheus
operator.prometheus.io/name: kube-prometheus-stack-prometheus
operator.prometheus.io/shard: '0'
prometheus: kube-prometheus-stack-prometheus
serviceName: prometheus-operated
template:
metadata:
annotations:
kubectl.kubernetes.io/default-container: prometheus
labels:
app.kubernetes.io/instance: kube-prometheus-stack-prometheus
app.kubernetes.io/managed-by: prometheus-operator
app.kubernetes.io/name: prometheus
app.kubernetes.io/version: 3.10.0
operator.prometheus.io/name: kube-prometheus-stack-prometheus
operator.prometheus.io/shard: '0'
prometheus: kube-prometheus-stack-prometheus
spec:
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: app.kubernetes.io/name
operator: In
values:
- prometheus
- key: app.kubernetes.io/instance
operator: In
values:
- kube-prometheus-stack-prometheus
topologyKey: kubernetes.io/hostname
weight: 100
automountServiceAccountToken: true
containers:
- args:
- --config.file=/etc/prometheus/config_out/prometheus.env.yaml
- --web.enable-lifecycle
- --web.external-url=http://kube-prometheus-stack-prometheus.monitoring:9090
- --web.route-prefix=/
- --storage.tsdb.retention.time=15d
- --storage.tsdb.path=/prometheus
- --storage.tsdb.wal-compression
- --web.config.file=/etc/prometheus/web_config/web-config.yaml
image: quay.io/prometheus/prometheus:v3.10.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
httpGet:
path: /-/healthy
port: http-web
scheme: HTTP
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 3
name: prometheus
ports:
- containerPort: 9090
name: http-web
protocol: TCP
readinessProbe:
failureThreshold: 3
httpGet:
path: /-/ready
port: http-web
scheme: HTTP
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 3
resources: {}
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
startupProbe:
failureThreshold: 60
httpGet:
path: /-/ready
port: http-web
scheme: HTTP
periodSeconds: 15
successThreshold: 1
timeoutSeconds: 3
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: FallbackToLogsOnError
volumeMounts:
- mountPath: /etc/prometheus/config_out
name: config-out
readOnly: true
- mountPath: /etc/prometheus/certs
name: tls-assets
readOnly: true
- mountPath: /prometheus
name: prometheus-kube-prometheus-stack-prometheus-db
subPath: prometheus-db
- mountPath: /etc/prometheus/rules/prometheus-kube-prometheus-stack-prometheus-rulefiles-0
name: prometheus-kube-prometheus-stack-prometheus-rulefiles-0
readOnly: true
- mountPath: /etc/prometheus/rules/prometheus-kube-prometheus-stack-prometheus-rulefiles-1
name: prometheus-kube-prometheus-stack-prometheus-rulefiles-1
readOnly: true
- mountPath: /etc/prometheus/rules/prometheus-kube-prometheus-stack-prometheus-rulefiles-2
name: prometheus-kube-prometheus-stack-prometheus-rulefiles-2
readOnly: true
- mountPath: /etc/prometheus/web_config/web-config.yaml
name: web-config
readOnly: true
subPath: web-config.yaml
- args:
- --listen-address=:8080
- --reload-url=http://127.0.0.1:9090/-/reload
- --config-file=/etc/prometheus/config/prometheus.yaml.gz
- --config-envsubst-file=/etc/prometheus/config_out/prometheus.env.yaml
- --watched-dir=/etc/prometheus/rules/prometheus-kube-prometheus-stack-prometheus-rulefiles-0
- --watched-dir=/etc/prometheus/rules/prometheus-kube-prometheus-stack-prometheus-rulefiles-1
- --watched-dir=/etc/prometheus/rules/prometheus-kube-prometheus-stack-prometheus-rulefiles-2
command:
- /bin/prometheus-config-reloader
env:
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: SHARD
value: '0'
image: quay.io/prometheus-operator/prometheus-config-reloader:v0.89.0
imagePullPolicy: IfNotPresent
name: config-reloader
ports:
- containerPort: 8080
name: reloader-web
protocol: TCP
resources: {}
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: FallbackToLogsOnError
volumeMounts:
- mountPath: /etc/prometheus/config
name: config
- mountPath: /etc/prometheus/config_out
name: config-out
- mountPath: /etc/prometheus/rules/prometheus-kube-prometheus-stack-prometheus-rulefiles-0
name: prometheus-kube-prometheus-stack-prometheus-rulefiles-0
- mountPath: /etc/prometheus/rules/prometheus-kube-prometheus-stack-prometheus-rulefiles-1
name: prometheus-kube-prometheus-stack-prometheus-rulefiles-1
- mountPath: /etc/prometheus/rules/prometheus-kube-prometheus-stack-prometheus-rulefiles-2
name: prometheus-kube-prometheus-stack-prometheus-rulefiles-2
dnsPolicy: ClusterFirst
initContainers:
- args:
- --watch-interval=0
- --listen-address=:8081
- --config-file=/etc/prometheus/config/prometheus.yaml.gz
- --config-envsubst-file=/etc/prometheus/config_out/prometheus.env.yaml
- --watched-dir=/etc/prometheus/rules/prometheus-kube-prometheus-stack-prometheus-rulefiles-0
- --watched-dir=/etc/prometheus/rules/prometheus-kube-prometheus-stack-prometheus-rulefiles-1
- --watched-dir=/etc/prometheus/rules/prometheus-kube-prometheus-stack-prometheus-rulefiles-2
command:
- /bin/prometheus-config-reloader
env:
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: SHARD
value: '0'
image: quay.io/prometheus-operator/prometheus-config-reloader:v0.89.0
imagePullPolicy: IfNotPresent
name: init-config-reloader
ports:
- containerPort: 8081
name: reloader-init
protocol: TCP
resources: {}
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: FallbackToLogsOnError
volumeMounts:
- mountPath: /etc/prometheus/config
name: config
- mountPath: /etc/prometheus/config_out
name: config-out
- mountPath: /etc/prometheus/rules/prometheus-kube-prometheus-stack-prometheus-rulefiles-0
name: prometheus-kube-prometheus-stack-prometheus-rulefiles-0
- mountPath: /etc/prometheus/rules/prometheus-kube-prometheus-stack-prometheus-rulefiles-1
name: prometheus-kube-prometheus-stack-prometheus-rulefiles-1
- mountPath: /etc/prometheus/rules/prometheus-kube-prometheus-stack-prometheus-rulefiles-2
name: prometheus-kube-prometheus-stack-prometheus-rulefiles-2
restartPolicy: Always
schedulerName: default-scheduler
securityContext:
fsGroup: 2000
runAsGroup: 2000
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
serviceAccount: kube-prometheus-stack-prometheus
serviceAccountName: kube-prometheus-stack-prometheus
shareProcessNamespace: false
terminationGracePeriodSeconds: 600
volumes:
- name: config
secret:
defaultMode: 420
secretName: prometheus-kube-prometheus-stack-prometheus
- name: tls-assets
projected:
defaultMode: 420
sources:
- secret:
name: prometheus-kube-prometheus-stack-prometheus-tls-assets-0
- emptyDir:
medium: Memory
name: config-out
- configMap:
defaultMode: 420
name: prometheus-kube-prometheus-stack-prometheus-rulefiles-0
optional: true
name: prometheus-kube-prometheus-stack-prometheus-rulefiles-0
- configMap:
defaultMode: 420
name: prometheus-kube-prometheus-stack-prometheus-rulefiles-1
optional: true
name: prometheus-kube-prometheus-stack-prometheus-rulefiles-1
- configMap:
defaultMode: 420
name: prometheus-kube-prometheus-stack-prometheus-rulefiles-2
optional: true
name: prometheus-kube-prometheus-stack-prometheus-rulefiles-2
- name: web-config
secret:
defaultMode: 420
secretName: prometheus-kube-prometheus-stack-prometheus-web-config
updateStrategy:
type: RollingUpdate
volumeClaimTemplates:
- apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: prometheus-kube-prometheus-stack-prometheus-db
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
storageClassName: local-path
volumeMode: Filesystem
status:
phase: Pending