Add k8s scripts for monitoring and alerting manager

scripts/kubernetes/README.md

@@ -0,0 +1,3 @@
+# K8s deployment scripts for Bassa
+
+This folder container K8s scripts for Bassa deployment on a single node cluster. If you are looking out to use container based deployment infrastructure with K8s orchestration tool, then these configurations will surely help you get started for your own infra.

scripts/kubernetes/manifests/web/ingress.yml → scripts/kubernetes/manifests/ingress/ingress.yml

@@ -1,7 +1,7 @@
 apiVersion: extensions/v1beta1
 kind: Ingress
 metadata:
-  name: web-ingress
+  name: bassa-ingress
   namespace: bassa
 spec:
   rules:
@@ -14,4 +14,12 @@ spec:
       - path: /api/
         backend:
           serviceName: api
-          servicePort: 5000
+          servicePort: 5000
+      - path: /prom
+        backend:
+          serviceName: prometheus
+          servicePort: 8080   
+      - path: /grafana
+        backend:
+          serviceName: grafana
+          servicePort: 3000

scripts/kubernetes/manifests/monitoring/grafana-visualizer/README.md

@@ -0,0 +1,31 @@
+## Installation
+
+We will use Helm to deploy Grafana Dashboard on to our K8s cluster. You need to have both Helm server and client installed on your machine. Please move to helm folder for applying required configurations to our k8s cluster.
+
+We have defined Prometheus as data source for Grafana in `configMap.yaml` file. The file `getDataSources.yaml` overrides the defaults provided by Helm and uses our `configMap.yaml` for data source.
+
+```
+$ helm install stable/grafana \
+    -f monitoring/grafana/values.yml \
+    --namespace bassa-monitoring \ 
+    --name grafana
+```
+
+Once all the required scripts are applied, we shall retrieve the password for Grafana by using the below command
+```
+$ kubectl get secret \
+    --namespace bassa-monitoring \
+    grafana \
+    -o jsonpath="{.data.admin-password}" \
+    | base64 --decode ; echo
+```
+Let's port-forward to access Grafana on our machine.
+
+```
+$ export POD_NAME=$(kubectl get pods --namespace bassa-monitoring -l "app=grafana,release=grafana" -o jsonpath="{.items[0].metadata.name}")
+$ kubectl --namespace bassa-monitoring port-forward $POD_NAME 3000
+```
+Now finally lets add a dashboard to visualize our metrics
+
+Use `1860` as dashboard ID anyways you may use any other dashboard ID.
+Select the data source on dashboard and you should see the metrics

scripts/kubernetes/manifests/monitoring/grafana-visualizer/configMap.yaml

@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: prometheus-grafana-datasource
+  namespace: bassa-monitoring
+  labels:
+    grafana_datasource: '1'
+data:
+  datasource.yaml: |-
+    apiVersion: 1
+    datasources:
+    - name: Prometheus
+      type: prometheus
+      access: proxy
+      orgId: 1
+      url: http://prometheus.bassa-monitoring.svc.cluster.local:8080

scripts/kubernetes/manifests/monitoring/grafana-visualizer/getDataSources.yaml

@@ -0,0 +1,6 @@
+sidecar:
+  image: xuxinkun/k8s-sidecar:0.0.7
+  imagePullPolicy: IfNotPresent
+  datasources:
+    enabled: true
+    label: grafana_datasource

scripts/kubernetes/manifests/monitoring/metric-exporters/kube-state-metrics/cluster-role-binding.yaml

@@ -0,0 +1,15 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  labels:
+    app.kubernetes.io/name: kube-state-metrics
+    app.kubernetes.io/version: 1.9.7
+  name: kube-state-metrics
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: kube-state-metrics
+subjects:
+  - kind: ServiceAccount
+    name: kube-state-metrics
+    namespace: kube-system

scripts/kubernetes/manifests/monitoring/metric-exporters/kube-state-metrics/cluster-role.yaml

@@ -0,0 +1,117 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    app.kubernetes.io/name: kube-state-metrics
+    app.kubernetes.io/version: 1.9.7
+  name: kube-state-metrics
+rules:
+  - apiGroups:
+      - ""
+    resources:
+      - configmaps
+      - secrets
+      - nodes
+      - pods
+      - services
+      - resourcequotas
+      - replicationcontrollers
+      - limitranges
+      - persistentvolumeclaims
+      - persistentvolumes
+      - namespaces
+      - endpoints
+    verbs:
+      - list
+      - watch
+  - apiGroups:
+      - extensions
+    resources:
+      - daemonsets
+      - deployments
+      - replicasets
+      - ingresses
+    verbs:
+      - list
+      - watch
+  - apiGroups:
+      - apps
+    resources:
+      - statefulsets
+      - daemonsets
+      - deployments
+      - replicasets
+    verbs:
+      - list
+      - watch
+  - apiGroups:
+      - batch
+    resources:
+      - cronjobs
+      - jobs
+    verbs:
+      - list
+      - watch
+  - apiGroups:
+      - autoscaling
+    resources:
+      - horizontalpodautoscalers
+    verbs:
+      - list
+      - watch
+  - apiGroups:
+      - authentication.k8s.io
+    resources:
+      - tokenreviews
+    verbs:
+      - create
+  - apiGroups:
+      - authorization.k8s.io
+    resources:
+      - subjectaccessreviews
+    verbs:
+      - create
+  - apiGroups:
+      - policy
+    resources:
+      - poddisruptionbudgets
+    verbs:
+      - list
+      - watch
+  - apiGroups:
+      - certificates.k8s.io
+    resources:
+      - certificatesigningrequests
+    verbs:
+      - list
+      - watch
+  - apiGroups:
+      - storage.k8s.io
+    resources:
+      - storageclasses
+      - volumeattachments
+    verbs:
+      - list
+      - watch
+  - apiGroups:
+      - admissionregistration.k8s.io
+    resources:
+      - mutatingwebhookconfigurations
+      - validatingwebhookconfigurations
+    verbs:
+      - list
+      - watch
+  - apiGroups:
+      - networking.k8s.io
+    resources:
+      - networkpolicies
+    verbs:
+      - list
+      - watch
+  - apiGroups:
+      - coordination.k8s.io
+    resources:
+      - leases
+    verbs:
+      - list
+      - watch

scripts/kubernetes/manifests/monitoring/metric-exporters/kube-state-metrics/deployment.yaml

@@ -0,0 +1,44 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app.kubernetes.io/name: kube-state-metrics
+    app.kubernetes.io/version: 1.9.7
+  name: kube-state-metrics
+  namespace: kube-system
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: kube-state-metrics
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: kube-state-metrics
+        app.kubernetes.io/version: 1.9.7
+    spec:
+      containers:
+        - image: quay.io/coreos/kube-state-metrics:v1.9.7
+          livenessProbe:
+            httpGet:
+              path: /healthz
+              port: 8080
+            initialDelaySeconds: 5
+            timeoutSeconds: 5
+          name: kube-state-metrics
+          ports:
+            - containerPort: 8080
+              name: http-metrics
+            - containerPort: 8081
+              name: telemetry
+          readinessProbe:
+            httpGet:
+              path: /
+              port: 8081
+            initialDelaySeconds: 5
+            timeoutSeconds: 5
+          securityContext:
+            runAsUser: 65534
+      nodeSelector:
+        kubernetes.io/os: linux
+      serviceAccountName: kube-state-metrics

scripts/kubernetes/manifests/monitoring/metric-exporters/kube-state-metrics/service-account.yaml

@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  labels:
+    app.kubernetes.io/name: kube-state-metrics
+    app.kubernetes.io/version: 1.9.7
+  name: kube-state-metrics
+  namespace: kube-system

scripts/kubernetes/manifests/monitoring/metric-exporters/kube-state-metrics/service.yaml

@@ -0,0 +1,19 @@
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app.kubernetes.io/name: kube-state-metrics
+    app.kubernetes.io/version: 1.9.7
+  name: kube-state-metrics
+  namespace: kube-system
+spec:
+  clusterIP: None
+  ports:
+    - name: http-metrics
+      port: 8080
+      targetPort: http-metrics
+    - name: telemetry
+      port: 8081
+      targetPort: telemetry
+  selector:
+    app.kubernetes.io/name: kube-state-metrics

scripts/kubernetes/manifests/monitoring/metric-exporters/node-exporter/config.yaml

@@ -0,0 +1,61 @@
+---
+apiVersion: extensions/v1beta1
+kind: DaemonSet
+metadata:
+  name: node-exporter
+  labels:
+    name: node-exporter
+  namespace: bassa-monitoring
+spec:
+  template:
+    metadata:
+      labels:
+        name: node-exporter
+        app: node-exporter
+      annotations:
+         prometheus.io/scrape: "true"
+    spec:
+      hostPID: true
+      hostIPC: true
+      hostNetwork: true
+      containers:
+        - ports:
+            - containerPort: 9100
+              protocol: TCP
+          resources:
+            requests:
+              cpu: 0.15
+          securityContext:
+            privileged: true
+          image: prom/node-exporter
+          args:
+            - --path.procfs
+            - /host/proc
+            - --path.sysfs
+            - /host/sys
+            - --collector.filesystem.ignored-mount-points
+            - '"^/(sys|proc|dev|host|etc)($|/)"'
+          name: node-exporter
+          volumeMounts:
+            - name: dev
+              mountPath: /host/dev
+            - name: proc
+              mountPath: /host/proc
+            - name: sys
+              mountPath: /host/sys
+            - name: rootfs
+              mountPath: /rootfs
+      volumes:
+        - name: proc
+          hostPath:
+            path: /proc
+        - name: dev
+          hostPath:
+            path: /dev
+        - name: sys
+          hostPath:
+            path: /sys
+        - name: rootfs
+          hostPath:
+            path: /
+---

scripts/kubernetes/manifests/monitoring/metric-exporters/node-exporter/service.yaml

@@ -0,0 +1,13 @@
+kind: Service
+apiVersion: v1
+metadata:
+  name: node-exporter
+  namespace: bassa-monitoring
+spec:
+  selector:
+    app: node-exporter
+  ports:
+  - name: node-exporter
+    protocol: TCP
+    port: 9100
+    targetPort: 9100