From 8dd920c9b29ead8610352569ea3739631777cb72 Mon Sep 17 00:00:00 2001 From: Adam Saleh Date: Mon, 15 Mar 2021 15:06:35 +0100 Subject: [PATCH] Added cluster-roles crd, maybe that would help with application-monitoring --- .../openshift-apps/application-monitoring.yml | 3 + .../files/prometheus-operator/.editorconfig | 14 --- .../monitoring.coreos.com_alertmanagers.yaml | 36 +++++++- .../monitoring.coreos.com_prometheuses.yaml | 40 ++++++++- .../monitoring.coreos.com_thanosrulers.yaml | 36 +++++++- ...prometheus-operator-crd-cluster-roles.yaml | 24 +++++ ...metheus-operator-cluster-role-binding.yaml | 16 ++++ .../prometheus-operator-cluster-role.yaml | 89 +++++++++++++++++++ .../prometheus-operator-deployment.yaml | 48 ++++++++++ .../prometheus-operator-service-account.yaml | 9 ++ .../prometheus-operator-service-monitor.yaml | 18 ++++ .../prometheus-operator-service.yaml | 18 ++++ .../prometheus-cluster-role-binding.yaml | 12 +++ .../prometheus/prometheus-cluster-role.yaml | 18 ++++ .../prometheus-service-account.yaml | 4 + .../example/rbac/prometheus/prometheus.yaml | 17 ++++ 16 files changed, 384 insertions(+), 18 deletions(-) delete mode 100644 roles/openshift-apps/application-monitoring/files/prometheus-operator/.editorconfig create mode 100644 roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator-crd/prometheus-operator-crd-cluster-roles.yaml create mode 100644 roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-cluster-role-binding.yaml create mode 100644 roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-cluster-role.yaml create mode 100644 roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-deployment.yaml create mode 100644 roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-service-account.yaml create mode 100644 roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-service-monitor.yaml create mode 100644 roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-service.yaml create mode 100644 roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus/prometheus-cluster-role-binding.yaml create mode 100644 roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus/prometheus-cluster-role.yaml create mode 100644 roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus/prometheus-service-account.yaml create mode 100644 roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus/prometheus.yaml diff --git a/playbooks/openshift-apps/application-monitoring.yml b/playbooks/openshift-apps/application-monitoring.yml index d48fc3da7c..7cbdd54318 100644 --- a/playbooks/openshift-apps/application-monitoring.yml +++ b/playbooks/openshift-apps/application-monitoring.yml @@ -54,6 +54,9 @@ - name: Grafana CRDs - GrafanaDataSource.yml command: oc -n application-monitoring apply -f /etc/openshift_apps/application-monitoring/grafana-operator/deploy/crds/GrafanaDataSource.yaml + - name: Prometheus CRDs - monitoring.coreos.com_podmonitors.yaml + command: oc -n application-monitoring apply -f /etc/openshift_apps/application-monitoring/prometheus-operator/example/rbac/prometheus-operator-crd/prometheus-operator-cluster-roles.yaml + - name: Prometheus CRDs - monitoring.coreos.com_podmonitors.yaml command: oc -n application-monitoring apply -f /etc/openshift_apps/application-monitoring/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml diff --git a/roles/openshift-apps/application-monitoring/files/prometheus-operator/.editorconfig b/roles/openshift-apps/application-monitoring/files/prometheus-operator/.editorconfig deleted file mode 100644 index a5ac569625..0000000000 --- a/roles/openshift-apps/application-monitoring/files/prometheus-operator/.editorconfig +++ /dev/null @@ -1,14 +0,0 @@ -root = true - -[*.py] -indent_style = space -end_of_line = lf -insert_final_newline = true -max_line_length = 100 -trim_trailing_whitespace = true -indent_size = 4 - -[*.yaml] -indent_style = space -indent_size = 2 -trim_trailing_whitespace = true diff --git a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml index fe2a153d3c..be293b2163 100644 --- a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml +++ b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml @@ -2786,6 +2786,13 @@ spec: selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' type: object + name: + description: 'Name must be unique within a namespace. Is required + when creating resources, although some resources may allow a client + to request the generation of an appropriate name automatically. + Name is primarily intended for creation idempotence and configuration + definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string type: object portName: description: Port name used for the pods and governing service. This @@ -3005,7 +3012,34 @@ spec: More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + description: EmbeddedMetadata contains metadata relevant to + an EmbeddedResource. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is + required when creating resources, although some resources + may allow a client to request the generation of an appropriate + name automatically. Name is primarily intended for creation + idempotence and configuration definition. Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string type: object spec: description: 'Spec defines the desired characteristics of a diff --git a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml index 3b93a22758..1b9d12633b 100644 --- a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml +++ b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml @@ -3269,6 +3269,13 @@ spec: selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' type: object + name: + description: 'Name must be unique within a namespace. Is required + when creating resources, although some resources may allow a client + to request the generation of an appropriate name automatically. + Name is primarily intended for creation idempotence and configuration + definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string type: object podMonitorNamespaceSelector: description: Namespaces to be selected for PodMonitor discovery. If @@ -4204,7 +4211,9 @@ spec: type: object type: object serviceMonitorSelector: - description: ServiceMonitors to be selected for target discovery. + description: ServiceMonitors to be selected for target discovery. *Deprecated:* + if neither this nor podMonitorSelector are specified, configuration + is unmanaged. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. @@ -4291,7 +4300,34 @@ spec: More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + description: EmbeddedMetadata contains metadata relevant to + an EmbeddedResource. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is + required when creating resources, although some resources + may allow a client to request the generation of an appropriate + name automatically. Name is primarily intended for creation + idempotence and configuration definition. Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string type: object spec: description: 'Spec defines the desired characteristics of a diff --git a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml index 384f1d21d7..a3449a0c4b 100644 --- a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml +++ b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml @@ -2944,6 +2944,13 @@ spec: selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' type: object + name: + description: 'Name must be unique within a namespace. Is required + when creating resources, although some resources may allow a client + to request the generation of an appropriate name automatically. + Name is primarily intended for creation idempotence and configuration + definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string type: object portName: description: Port name used for the pods and governing service. This @@ -3259,7 +3266,34 @@ spec: More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + description: EmbeddedMetadata contains metadata relevant to + an EmbeddedResource. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is + required when creating resources, although some resources + may allow a client to request the generation of an appropriate + name automatically. Name is primarily intended for creation + idempotence and configuration definition. Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string type: object spec: description: 'Spec defines the desired characteristics of a diff --git a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator-crd/prometheus-operator-crd-cluster-roles.yaml b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator-crd/prometheus-operator-crd-cluster-roles.yaml new file mode 100644 index 0000000000..e7a065787e --- /dev/null +++ b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator-crd/prometheus-operator-crd-cluster-roles.yaml @@ -0,0 +1,24 @@ +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: prometheus-crd-view + labels: + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" + rbac.authorization.k8s.io/aggregate-to-view: "true" +rules: +- apiGroups: ["monitoring.coreos.com"] + resources: ["alertmanagers", "prometheuses", "prometheusrules", "servicemonitors", "podmonitors"] + verbs: ["get", "list", "watch"] +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: prometheus-crd-edit + labels: + rbac.authorization.k8s.io/aggregate-to-edit: "true" + rbac.authorization.k8s.io/aggregate-to-admin: "true" +rules: +- apiGroups: ["monitoring.coreos.com"] + resources: ["alertmanagers", "prometheuses", "prometheusrules", "servicemonitors", "podmonitors"] + verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] diff --git a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-cluster-role-binding.yaml b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-cluster-role-binding.yaml new file mode 100644 index 0000000000..d1eba1879b --- /dev/null +++ b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-cluster-role-binding.yaml @@ -0,0 +1,16 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/name: prometheus-operator + app.kubernetes.io/version: v0.38.3 + name: prometheus-operator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: prometheus-operator +subjects: +- kind: ServiceAccount + name: prometheus-operator + namespace: default diff --git a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-cluster-role.yaml b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-cluster-role.yaml new file mode 100644 index 0000000000..e78eac8796 --- /dev/null +++ b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-cluster-role.yaml @@ -0,0 +1,89 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/name: prometheus-operator + app.kubernetes.io/version: v0.38.3 + name: prometheus-operator +rules: +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - create +- apiGroups: + - apiextensions.k8s.io + resourceNames: + - alertmanagers.monitoring.coreos.com + - podmonitors.monitoring.coreos.com + - prometheuses.monitoring.coreos.com + - prometheusrules.monitoring.coreos.com + - servicemonitors.monitoring.coreos.com + - thanosrulers.monitoring.coreos.com + resources: + - customresourcedefinitions + verbs: + - get + - update +- apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - alertmanagers/finalizers + - prometheuses + - prometheuses/finalizers + - thanosrulers + - thanosrulers/finalizers + - servicemonitors + - podmonitors + - prometheusrules + verbs: + - '*' +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - '*' +- apiGroups: + - "" + resources: + - pods + verbs: + - list + - delete +- apiGroups: + - "" + resources: + - services + - services/finalizers + - endpoints + verbs: + - get + - create + - update + - delete +- apiGroups: + - "" + resources: + - nodes + verbs: + - list + - watch +- apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - list + - watch diff --git a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-deployment.yaml b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-deployment.yaml new file mode 100644 index 0000000000..443d311f49 --- /dev/null +++ b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-deployment.yaml @@ -0,0 +1,48 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/name: prometheus-operator + app.kubernetes.io/version: v0.38.3 + name: prometheus-operator + namespace: default +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/component: controller + app.kubernetes.io/name: prometheus-operator + template: + metadata: + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/name: prometheus-operator + app.kubernetes.io/version: v0.38.3 + spec: + containers: + - args: + - --kubelet-service=kube-system/kubelet + - --logtostderr=true + - --config-reloader-image=jimmidyson/configmap-reload:v0.3.0 + - --prometheus-config-reloader=quay.io/prometheus-operator/prometheus-config-reloader:v0.38.3 + image: quay.io/prometheus-operator/prometheus-operator:v0.38.3 + name: prometheus-operator + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 200Mi + requests: + cpu: 100m + memory: 100Mi + securityContext: + allowPrivilegeEscalation: false + nodeSelector: + beta.kubernetes.io/os: linux + securityContext: + runAsNonRoot: true + runAsUser: 65534 + serviceAccountName: prometheus-operator diff --git a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-service-account.yaml b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-service-account.yaml new file mode 100644 index 0000000000..bf94658197 --- /dev/null +++ b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-service-account.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/name: prometheus-operator + app.kubernetes.io/version: v0.38.3 + name: prometheus-operator + namespace: default diff --git a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-service-monitor.yaml b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-service-monitor.yaml new file mode 100644 index 0000000000..23b7f68ac0 --- /dev/null +++ b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-service-monitor.yaml @@ -0,0 +1,18 @@ +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/name: prometheus-operator + app.kubernetes.io/version: v0.38.3 + name: prometheus-operator + namespace: default +spec: + endpoints: + - honorLabels: true + port: http + selector: + matchLabels: + app.kubernetes.io/component: controller + app.kubernetes.io/name: prometheus-operator + app.kubernetes.io/version: v0.38.3 diff --git a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-service.yaml b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-service.yaml new file mode 100644 index 0000000000..f4b329e47b --- /dev/null +++ b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-service.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/name: prometheus-operator + app.kubernetes.io/version: v0.38.3 + name: prometheus-operator + namespace: default +spec: + clusterIP: None + ports: + - name: http + port: 8080 + targetPort: http + selector: + app.kubernetes.io/component: controller + app.kubernetes.io/name: prometheus-operator diff --git a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus/prometheus-cluster-role-binding.yaml b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus/prometheus-cluster-role-binding.yaml new file mode 100644 index 0000000000..e255bcea38 --- /dev/null +++ b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus/prometheus-cluster-role-binding.yaml @@ -0,0 +1,12 @@ +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: prometheus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: prometheus +subjects: +- kind: ServiceAccount + name: prometheus + namespace: default diff --git a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus/prometheus-cluster-role.yaml b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus/prometheus-cluster-role.yaml new file mode 100644 index 0000000000..a85422ecfa --- /dev/null +++ b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus/prometheus-cluster-role.yaml @@ -0,0 +1,18 @@ +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + name: prometheus +rules: +- apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] +- apiGroups: [""] + resources: + - configmaps + verbs: ["get"] +- nonResourceURLs: ["/metrics"] + verbs: ["get"] diff --git a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus/prometheus-service-account.yaml b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus/prometheus-service-account.yaml new file mode 100644 index 0000000000..f3fb283ca0 --- /dev/null +++ b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus/prometheus-service-account.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: prometheus diff --git a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus/prometheus.yaml b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus/prometheus.yaml new file mode 100644 index 0000000000..2adaef137f --- /dev/null +++ b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus/prometheus.yaml @@ -0,0 +1,17 @@ +apiVersion: monitoring.coreos.com/v1 +kind: Prometheus +metadata: + name: prometheus + labels: + prometheus: prometheus +spec: + replicas: 2 + serviceAccountName: prometheus + serviceMonitorSelector: + matchLabels: + team: frontend + alerting: + alertmanagers: + - namespace: default + name: alertmanager + port: web