diff --git a/base/data/opensearch-deployment.yaml b/base/data/opensearch-deployment.yaml index 89c7bf6..0a065c1 100644 --- a/base/data/opensearch-deployment.yaml +++ b/base/data/opensearch-deployment.yaml @@ -24,8 +24,9 @@ spec: containers: - name: opensearch image: opensearchproject/opensearch:3 - command: ["sh", "-c"] - args: ["opensearch-plugin install --batch prometheus-exporter || true; /usr/share/opensearch/opensearch-docker-entrypoint.sh"] + # OpenSearch 3.x has no maintained prometheus-exporter plugin. + # Metrics come from /_cluster/stats JSON API (scraped by dashboard queries). + # TODO: add opensearch-exporter sidecar for native Prometheus metrics. ports: - name: http containerPort: 9200 diff --git a/base/data/opensearch-service.yaml b/base/data/opensearch-service.yaml index bc3a18d..62b18a3 100644 --- a/base/data/opensearch-service.yaml +++ b/base/data/opensearch-service.yaml @@ -3,6 +3,8 @@ kind: Service metadata: name: opensearch namespace: data + labels: + app: opensearch spec: selector: app: opensearch diff --git a/base/data/opensearch-servicemonitor.yaml b/base/data/opensearch-servicemonitor.yaml new file mode 100644 index 0000000..d3f982d --- /dev/null +++ b/base/data/opensearch-servicemonitor.yaml @@ -0,0 +1,16 @@ +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: opensearch + namespace: data + labels: + app: opensearch + release: kube-prometheus-stack +spec: + selector: + matchLabels: + app: opensearch + endpoints: + - port: http + interval: 30s + path: /_prometheus/metrics diff --git a/base/devtools/gitea-servicemonitor.yaml b/base/devtools/gitea-servicemonitor.yaml new file mode 100644 index 0000000..eb58c28 --- /dev/null +++ b/base/devtools/gitea-servicemonitor.yaml @@ -0,0 +1,16 @@ +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: gitea + namespace: devtools + labels: + app: gitea + release: kube-prometheus-stack +spec: + selector: + matchLabels: + app.kubernetes.io/name: gitea + endpoints: + - port: http + interval: 30s + path: /metrics diff --git a/base/devtools/gitea-values.yaml b/base/devtools/gitea-values.yaml index dc17032..ed5f1fc 100644 --- a/base/devtools/gitea-values.yaml +++ b/base/devtools/gitea-values.yaml @@ -69,6 +69,10 @@ gitea: MINIO_USE_SSL: "false" # MINIO_ACCESS_KEY_ID / MINIO_SECRET_ACCESS_KEY from gitea-s3-credentials Secret + metrics: + ENABLED: "true" + TOKEN: "" + additionalConfigFromEnvs: - name: GITEA__DATABASE__PASSWD valueFrom: diff --git a/base/media/livekit-servicemonitor.yaml b/base/media/livekit-servicemonitor.yaml new file mode 100644 index 0000000..5a14596 --- /dev/null +++ b/base/media/livekit-servicemonitor.yaml @@ -0,0 +1,15 @@ +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: livekit + namespace: media + labels: + release: kube-prometheus-stack +spec: + selector: + matchLabels: + app.kubernetes.io/name: livekit-server + endpoints: + - port: metrics + interval: 30s + path: / diff --git a/base/media/livekit-values.yaml b/base/media/livekit-values.yaml index 667ca1a..6940c90 100644 --- a/base/media/livekit-values.yaml +++ b/base/media/livekit-values.yaml @@ -7,6 +7,7 @@ livekit: # LiveKit server config injected as config.yaml port: 7880 log_level: info + prometheus_port: 6789 rtc: port_range_start: 49152 @@ -34,6 +35,9 @@ storeKeysInSecret: enabled: true existingSecret: livekit-api-credentials +# ServiceMonitor created as standalone resource (livekit-servicemonitor.yaml) — +# chart template requires livekit.prometheus_port which conflicts with hostNetwork. + deployment: # hostNetwork gives LiveKit direct access to the host network namespace, # which is the only practical way to expose the 10k-port TURN relay range diff --git a/base/ory/hydra-servicemonitor.yaml b/base/ory/hydra-servicemonitor.yaml new file mode 100644 index 0000000..5bdfadf --- /dev/null +++ b/base/ory/hydra-servicemonitor.yaml @@ -0,0 +1,16 @@ +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: hydra + namespace: ory + labels: + release: kube-prometheus-stack +spec: + selector: + matchLabels: + app.kubernetes.io/name: hydra + app.kubernetes.io/component: admin + endpoints: + - port: http + interval: 30s + path: /admin/metrics/prometheus diff --git a/base/ory/hydra-values.yaml b/base/ory/hydra-values.yaml index 6f7c067..46e4930 100644 --- a/base/ory/hydra-values.yaml +++ b/base/ory/hydra-values.yaml @@ -47,6 +47,10 @@ hydra-maester: - lasuite - matrix +# ServiceMonitor created as standalone resource (hydra-servicemonitor.yaml) — +# chart's built-in ServiceMonitor requires .Capabilities.APIVersions which +# kustomize helm template doesn't provide. + deployment: extraEnv: - name: DSN diff --git a/base/ory/kratos-servicemonitor.yaml b/base/ory/kratos-servicemonitor.yaml new file mode 100644 index 0000000..9cb1bc1 --- /dev/null +++ b/base/ory/kratos-servicemonitor.yaml @@ -0,0 +1,16 @@ +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: kratos + namespace: ory + labels: + release: kube-prometheus-stack +spec: + selector: + matchLabels: + app.kubernetes.io/name: kratos + app.kubernetes.io/component: admin + endpoints: + - port: http + interval: 30s + path: /admin/metrics/prometheus diff --git a/base/ory/kratos-values.yaml b/base/ory/kratos-values.yaml index 7305859..85f103e 100644 --- a/base/ory/kratos-values.yaml +++ b/base/ory/kratos-values.yaml @@ -106,6 +106,10 @@ secret: enabled: false nameOverride: kratos-app-secrets +# ServiceMonitor created as standalone resource (kratos-servicemonitor.yaml) — +# chart's built-in ServiceMonitor requires .Capabilities.APIVersions which +# kustomize helm template doesn't provide. + deployment: extraEnv: - name: DSN diff --git a/base/storage/seaweedfs-filer.yaml b/base/storage/seaweedfs-filer.yaml index d2b732d..8bf7af9 100644 --- a/base/storage/seaweedfs-filer.yaml +++ b/base/storage/seaweedfs-filer.yaml @@ -33,6 +33,7 @@ spec: - -s3.port=8333 - -s3.config=/etc/seaweedfs/s3.json - -master=seaweedfs-master.storage.svc.cluster.local:9333 + - -metricsPort=9091 ports: - name: http containerPort: 8888 @@ -43,6 +44,9 @@ spec: - name: grpc containerPort: 18888 protocol: TCP + - name: metrics + containerPort: 9091 + protocol: TCP envFrom: - secretRef: name: seaweedfs-s3-credentials @@ -79,6 +83,8 @@ kind: Service metadata: name: seaweedfs-filer namespace: storage + labels: + app: seaweedfs-filer spec: selector: app: seaweedfs-filer @@ -92,3 +98,6 @@ spec: - name: grpc port: 18888 targetPort: 18888 + - name: metrics + port: 9091 + targetPort: 9091 diff --git a/base/storage/seaweedfs-master.yaml b/base/storage/seaweedfs-master.yaml index 04d8f84..6caeeec 100644 --- a/base/storage/seaweedfs-master.yaml +++ b/base/storage/seaweedfs-master.yaml @@ -23,6 +23,7 @@ spec: - -mdir=/data - -defaultReplication=000 - -volumeSizeLimitMB=1000 + - -metricsPort=9091 ports: - name: http containerPort: 9333 @@ -30,6 +31,9 @@ spec: - name: grpc containerPort: 19333 protocol: TCP + - name: metrics + containerPort: 9091 + protocol: TCP volumeMounts: - name: data mountPath: /data @@ -53,6 +57,8 @@ kind: Service metadata: name: seaweedfs-master namespace: storage + labels: + app: seaweedfs-master spec: selector: app: seaweedfs-master @@ -64,3 +70,6 @@ spec: - name: grpc port: 19333 targetPort: 19333 + - name: metrics + port: 9091 + targetPort: 9091 diff --git a/base/storage/seaweedfs-servicemonitor.yaml b/base/storage/seaweedfs-servicemonitor.yaml new file mode 100644 index 0000000..6b18fa6 --- /dev/null +++ b/base/storage/seaweedfs-servicemonitor.yaml @@ -0,0 +1,21 @@ +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: seaweedfs + namespace: storage + labels: + app: seaweedfs + release: kube-prometheus-stack +spec: + selector: + matchExpressions: + - key: app + operator: In + values: + - seaweedfs-master + - seaweedfs-volume + - seaweedfs-filer + endpoints: + - port: metrics + interval: 30s + path: /metrics diff --git a/base/storage/seaweedfs-volume.yaml b/base/storage/seaweedfs-volume.yaml index 584db6c..0e1d466 100644 --- a/base/storage/seaweedfs-volume.yaml +++ b/base/storage/seaweedfs-volume.yaml @@ -24,6 +24,7 @@ spec: - -mserver=seaweedfs-master.storage.svc.cluster.local:9333 - -dir=/data - -max=50 + - -metricsPort=9091 ports: - name: http containerPort: 8080 @@ -31,6 +32,9 @@ spec: - name: grpc containerPort: 18080 protocol: TCP + - name: metrics + containerPort: 9091 + protocol: TCP volumeMounts: - name: data mountPath: /data @@ -54,6 +58,8 @@ kind: Service metadata: name: seaweedfs-volume namespace: storage + labels: + app: seaweedfs-volume spec: selector: app: seaweedfs-volume @@ -65,3 +71,6 @@ spec: - name: grpc port: 18080 targetPort: 18080 + - name: metrics + port: 9091 + targetPort: 9091