studio/sbbb
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add ServiceMonitors and enable metrics scraping

Browse Source 
- SeaweedFS: enable -metricsPort=9091 on master/volume/filer, add
  service labels, create ServiceMonitor
- Gitea: enable metrics in config, create ServiceMonitor
- Hydra/Kratos: standalone ServiceMonitors (chart templates require
  .Capabilities.APIVersions unavailable in kustomize helm template)
- LiveKit: add prometheus_port=6789, standalone ServiceMonitor
  (disabled in kustomization — host firewall blocks port 6789)
- OpenSearch: revert prometheus-exporter attempt (no plugin for v3.x),
  add service label for future exporter sidecar
This commit is contained in:
Sienna Meridian Satterwhite
2026-03-24 12:21:18 +00:00
parent 3fc54c8851
commit e8c64e6f18
15 changed files with 148 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
base/data/opensearch-deployment.yaml
View File

@@ -24,8 +24,9 @@ spec:
containers: containers:
- name: opensearch - name: opensearch
image: opensearchproject/opensearch:3 image: opensearchproject/opensearch:3
command: ["sh", "-c"] # OpenSearch 3.x has no maintained prometheus-exporter plugin.
args: ["opensearch-plugin install --batch prometheus-exporter || true; /usr/share/opensearch/opensearch-docker-entrypoint.sh"] # Metrics come from /_cluster/stats JSON API (scraped by dashboard queries).
# TODO: add opensearch-exporter sidecar for native Prometheus metrics.
ports: ports:
- name: http - name: http
containerPort: 9200 containerPort: 9200

2
base/data/opensearch-service.yaml
View File

@@ -3,6 +3,8 @@ kind: Service
metadata: metadata:
name: opensearch name: opensearch
namespace: data namespace: data
labels:
app: opensearch
spec: spec:
selector: selector:
app: opensearch app: opensearch

16
base/data/opensearch-servicemonitor.yaml Normal file
View File

@@ -0,0 +1,16 @@
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: opensearch
namespace: data
labels:
app: opensearch
release: kube-prometheus-stack
spec:
selector:
matchLabels:
app: opensearch
endpoints:
- port: http
interval: 30s
path: /_prometheus/metrics

16
base/devtools/gitea-servicemonitor.yaml Normal file
View File

@@ -0,0 +1,16 @@
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: gitea
namespace: devtools
labels:
app: gitea
release: kube-prometheus-stack
spec:
selector:
matchLabels:
app.kubernetes.io/name: gitea
endpoints:
- port: http
interval: 30s
path: /metrics

4
base/devtools/gitea-values.yaml
View File

@@ -69,6 +69,10 @@ gitea:
MINIO_USE_SSL: "false" MINIO_USE_SSL: "false"
# MINIO_ACCESS_KEY_ID / MINIO_SECRET_ACCESS_KEY from gitea-s3-credentials Secret # MINIO_ACCESS_KEY_ID / MINIO_SECRET_ACCESS_KEY from gitea-s3-credentials Secret
metrics:
ENABLED: "true"
TOKEN: ""
additionalConfigFromEnvs: additionalConfigFromEnvs:
- name: GITEA__DATABASE__PASSWD - name: GITEA__DATABASE__PASSWD
valueFrom: valueFrom:

15
base/media/livekit-servicemonitor.yaml Normal file
View File

@@ -0,0 +1,15 @@
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: livekit
namespace: media
labels:
release: kube-prometheus-stack
spec:
selector:
matchLabels:
app.kubernetes.io/name: livekit-server
endpoints:
- port: metrics
interval: 30s
path: /

4
base/media/livekit-values.yaml
View File

@@ -7,6 +7,7 @@ livekit:
# LiveKit server config injected as config.yaml # LiveKit server config injected as config.yaml
port: 7880 port: 7880
log_level: info log_level: info
prometheus_port: 6789
rtc: rtc:
port_range_start: 49152 port_range_start: 49152
@@ -34,6 +35,9 @@ storeKeysInSecret:
enabled: true enabled: true
existingSecret: livekit-api-credentials existingSecret: livekit-api-credentials
# ServiceMonitor created as standalone resource (livekit-servicemonitor.yaml) —
# chart template requires livekit.prometheus_port which conflicts with hostNetwork.
deployment: deployment:
# hostNetwork gives LiveKit direct access to the host network namespace, # hostNetwork gives LiveKit direct access to the host network namespace,
# which is the only practical way to expose the 10k-port TURN relay range # which is the only practical way to expose the 10k-port TURN relay range

16
base/ory/hydra-servicemonitor.yaml Normal file
View File

@@ -0,0 +1,16 @@
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: hydra
namespace: ory
labels:
release: kube-prometheus-stack
spec:
selector:
matchLabels:
app.kubernetes.io/name: hydra
app.kubernetes.io/component: admin
endpoints:
- port: http
interval: 30s
path: /admin/metrics/prometheus

4
base/ory/hydra-values.yaml
View File

@@ -47,6 +47,10 @@ hydra-maester:
- lasuite - lasuite
- matrix - matrix
# ServiceMonitor created as standalone resource (hydra-servicemonitor.yaml) —
# chart's built-in ServiceMonitor requires .Capabilities.APIVersions which
# kustomize helm template doesn't provide.
deployment: deployment:
extraEnv: extraEnv:
- name: DSN - name: DSN

16
base/ory/kratos-servicemonitor.yaml Normal file
View File

@@ -0,0 +1,16 @@
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: kratos
namespace: ory
labels:
release: kube-prometheus-stack
spec:
selector:
matchLabels:
app.kubernetes.io/name: kratos
app.kubernetes.io/component: admin
endpoints:
- port: http
interval: 30s
path: /admin/metrics/prometheus

4
base/ory/kratos-values.yaml
View File

@@ -106,6 +106,10 @@ secret:
enabled: false enabled: false
nameOverride: kratos-app-secrets nameOverride: kratos-app-secrets
# ServiceMonitor created as standalone resource (kratos-servicemonitor.yaml) —
# chart's built-in ServiceMonitor requires .Capabilities.APIVersions which
# kustomize helm template doesn't provide.
deployment: deployment:
extraEnv: extraEnv:
- name: DSN - name: DSN

9
base/storage/seaweedfs-filer.yaml
View File

@@ -33,6 +33,7 @@ spec:
- -s3.port=8333 - -s3.port=8333
- -s3.config=/etc/seaweedfs/s3.json - -s3.config=/etc/seaweedfs/s3.json
- -master=seaweedfs-master.storage.svc.cluster.local:9333 - -master=seaweedfs-master.storage.svc.cluster.local:9333
- -metricsPort=9091
ports: ports:
- name: http - name: http
containerPort: 8888 containerPort: 8888
@@ -43,6 +44,9 @@ spec:
- name: grpc - name: grpc
containerPort: 18888 containerPort: 18888
protocol: TCP protocol: TCP
- name: metrics
containerPort: 9091
protocol: TCP
envFrom: envFrom:
- secretRef: - secretRef:
name: seaweedfs-s3-credentials name: seaweedfs-s3-credentials
@@ -79,6 +83,8 @@ kind: Service
metadata: metadata:
name: seaweedfs-filer name: seaweedfs-filer
namespace: storage namespace: storage
labels:
app: seaweedfs-filer
spec: spec:
selector: selector:
app: seaweedfs-filer app: seaweedfs-filer
@@ -92,3 +98,6 @@ spec:
- name: grpc - name: grpc
port: 18888 port: 18888
targetPort: 18888 targetPort: 18888
- name: metrics
port: 9091
targetPort: 9091

9
base/storage/seaweedfs-master.yaml
View File

@@ -23,6 +23,7 @@ spec:
- -mdir=/data - -mdir=/data
- -defaultReplication=000 - -defaultReplication=000
- -volumeSizeLimitMB=1000 - -volumeSizeLimitMB=1000
- -metricsPort=9091
ports: ports:
- name: http - name: http
containerPort: 9333 containerPort: 9333
@@ -30,6 +31,9 @@ spec:
- name: grpc - name: grpc
containerPort: 19333 containerPort: 19333
protocol: TCP protocol: TCP
- name: metrics
containerPort: 9091
protocol: TCP
volumeMounts: volumeMounts:
- name: data - name: data
mountPath: /data mountPath: /data
@@ -53,6 +57,8 @@ kind: Service
metadata: metadata:
name: seaweedfs-master name: seaweedfs-master
namespace: storage namespace: storage
labels:
app: seaweedfs-master
spec: spec:
selector: selector:
app: seaweedfs-master app: seaweedfs-master
@@ -64,3 +70,6 @@ spec:
- name: grpc - name: grpc
port: 19333 port: 19333
targetPort: 19333 targetPort: 19333
- name: metrics
port: 9091
targetPort: 9091

21
base/storage/seaweedfs-servicemonitor.yaml Normal file
View File

@@ -0,0 +1,21 @@
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: seaweedfs
namespace: storage
labels:
app: seaweedfs
release: kube-prometheus-stack
spec:
selector:
matchExpressions:
- key: app
operator: In
values:
- seaweedfs-master
- seaweedfs-volume
- seaweedfs-filer
endpoints:
- port: metrics
interval: 30s
path: /metrics

9
base/storage/seaweedfs-volume.yaml
View File

@@ -24,6 +24,7 @@ spec:
- -mserver=seaweedfs-master.storage.svc.cluster.local:9333 - -mserver=seaweedfs-master.storage.svc.cluster.local:9333
- -dir=/data - -dir=/data
- -max=50 - -max=50
- -metricsPort=9091
ports: ports:
- name: http - name: http
containerPort: 8080 containerPort: 8080
@@ -31,6 +32,9 @@ spec:
- name: grpc - name: grpc
containerPort: 18080 containerPort: 18080
protocol: TCP protocol: TCP
- name: metrics
containerPort: 9091
protocol: TCP
volumeMounts: volumeMounts:
- name: data - name: data
mountPath: /data mountPath: /data
@@ -54,6 +58,8 @@ kind: Service
metadata: metadata:
name: seaweedfs-volume name: seaweedfs-volume
namespace: storage namespace: storage
labels:
app: seaweedfs-volume
spec: spec:
selector: selector:
app: seaweedfs-volume app: seaweedfs-volume
@@ -65,3 +71,6 @@ spec:
- name: grpc - name: grpc
port: 18080 port: 18080
targetPort: 18080 targetPort: 18080
- name: metrics
port: 9091
targetPort: 9091