From b7a935fcf3145c42ff043972b4f6c242834038a8 Mon Sep 17 00:00:00 2001 From: Mario Trangoni Date: Tue, 4 Jun 2024 14:25:43 +0200 Subject: [PATCH 1/2] ziti-controller: Add prometheus serviceMonitor Signed-off-by: Mario Trangoni --- .../templates/servicemonitor.yaml | 61 +++++++++++++++++++ charts/ziti-controller/values.yaml | 37 ++++++++++- 2 files changed, 97 insertions(+), 1 deletion(-) create mode 100644 charts/ziti-controller/templates/servicemonitor.yaml diff --git a/charts/ziti-controller/templates/servicemonitor.yaml b/charts/ziti-controller/templates/servicemonitor.yaml new file mode 100644 index 00000000..dad35436 --- /dev/null +++ b/charts/ziti-controller/templates/servicemonitor.yaml @@ -0,0 +1,61 @@ +{{- with .Values.prometheus }} +{{- if and .service.enabled .serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "ziti-controller.fullname" $ }} + {{- with .serviceMonitor.namespace }} + namespace: {{ . }} + {{- end }} + {{- with .serviceMonitor.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "ziti-controller.labels" $ | nindent 4 }} + {{- with .serviceMonitor.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- with .serviceMonitor.namespaceSelector }} + namespaceSelector: + {{- toYaml . | nindent 4 }} + {{- end }} + selector: + matchLabels: + {{- include "ziti-controller.selectorLabels" $ | nindent 6 }} + {{- with .service.labels }} + {{- toYaml . | nindent 6 }} + {{- end }} + endpoints: + - port: prometheus + {{- with $.Values.httpPathPrefix }} + path: {{ printf "%s/metrics" . }} + {{- end }} + {{- with .serviceMonitor.interval }} + interval: {{ . }} + {{- end }} + {{- with .serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ . }} + {{- end }} + {{- with .serviceMonitor.relabelings }} + relabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .serviceMonitor.metricRelabelings }} + metricRelabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .serviceMonitor.scheme }} + scheme: {{ . }} + {{- end }} + {{- with .serviceMonitor.tlsConfig }} + tlsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .serviceMonitor.targetLabels }} + targetLabels: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} +{{- end }} diff --git a/charts/ziti-controller/values.yaml b/charts/ziti-controller/values.yaml index 013878d1..3956ae39 100644 --- a/charts/ziti-controller/values.yaml +++ b/charts/ziti-controller/values.yaml @@ -82,9 +82,44 @@ prometheus: enabled: false # -- expose the service as a ClusterIP, NodePort, or LoadBalancer type: ClusterIP - labels: {} + # -- extra labels for matching only this service, ie. serviceMonitor + labels: + app: "prometheus" annotations: {} + # ServiceMonitor configuration + serviceMonitor: + # -- If enabled, and prometheus service is enabled, ServiceMonitor resources for Prometheus Operator are created + enabled: true + # -- Alternative namespace for ServiceMonitor resources + namespace: null + # -- Namespace selector for ServiceMonitor resources + namespaceSelector: {} + # -- ServiceMonitor annotations + annotations: {} + # -- Additional ServiceMonitor labels + labels: {} + # -- ServiceMonitor scrape interval + interval: null + # -- ServiceMonitor scrape timeout in Go duration format (e.g. 15s) + scrapeTimeout: null + # -- ServiceMonitor relabel configs to apply to samples before scraping + # https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig + # (defines `relabel_configs`) + relabelings: [] + # -- ServiceMonitor relabel configs to apply to samples as the last + # step before ingestion + # https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig + # (defines `metric_relabel_configs`) + metricRelabelings: [] + # -- ServiceMonitor will add labels from the service to the Prometheus metric + # https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#servicemonitorspec + targetLabels: [] + # -- ServiceMonitor will use http by default, but you can pick https as well + scheme: https + # -- ServiceMonitor will use these tlsConfig settings to make the health check requests + tlsConfig: null + ca: # Note: The renewBefore and duration fields must be specified using a Go # time.Duration string format, which does not allow the d (days) suffix. From 15fc67322cfc600dc9cc29b07541a5e17ce52bbd Mon Sep 17 00:00:00 2001 From: Mario Trangoni Date: Tue, 4 Jun 2024 16:24:57 +0200 Subject: [PATCH 2/2] ziti-controller: Add Prometheus Monitoring docs and reference Signed-off-by: Mario Trangoni --- charts/ziti-controller/README.md.gotmpl | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/charts/ziti-controller/README.md.gotmpl b/charts/ziti-controller/README.md.gotmpl index 2415b6bd..d7983f44 100644 --- a/charts/ziti-controller/README.md.gotmpl +++ b/charts/ziti-controller/README.md.gotmpl @@ -183,6 +183,15 @@ edgeSignerPki: enabled: true ``` +## Prometheus Monitoring + +This chart provides a default disabled `ziti-controller-prometheus` k8s service for prometheus, +which can be enabled with `prometheus.service.enabled`. Enabling it will create a prometheus ServiceMonitor +for configuring the prometheus endpoint. It is also important that you enable +`fabric.events.enabled` for getting a full set of metrics. + +For more information, please check [here](https://openziti.io/docs/learn/core-concepts/metrics/prometheus/). + ## Values Reference {{ template "chart.valuesTable" . }}