aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/namespaces/monitoring/alerts/alertmanager
diff options
context:
space:
mode:
authorGravatar Chris Lovering <[email protected]>2023-08-13 20:01:42 +0100
committerGravatar Chris Lovering <[email protected]>2023-08-14 11:44:03 +0100
commit661f49409e69f5cfafbef4cd41411a72ebc5418d (patch)
tree9ddd7f2a2ab09cadc5b716be00628e19d839ad4d /kubernetes/namespaces/monitoring/alerts/alertmanager
parentAllow multiple documents within yaml files (diff)
Copy all files from kubernetes repo into this one
This commit is a like-for-like copy of the [kubernetes repo](https://github.com/python-discord/kubernetes) check that repo for comit history prioir to this commit. Co-authored-by: Amrou Bellalouna <[email protected]> Co-authored-by: Bradley Reynolds <[email protected]> Co-authored-by: Chris <[email protected]> Co-authored-by: Chris Lovering <[email protected]> Co-authored-by: ChrisJL <[email protected]> Co-authored-by: Den4200 <[email protected]> Co-authored-by: GDWR <[email protected]> Co-authored-by: Hassan Abouelela <[email protected]> Co-authored-by: Hassan Abouelela <[email protected]> Co-authored-by: jchristgit <[email protected]> Co-authored-by: Joe Banks <[email protected]> Co-authored-by: Joe Banks <[email protected]> Co-authored-by: Joe Banks <[email protected]> Co-authored-by: Johannes Christ <[email protected]> Co-authored-by: Kieran Siek <[email protected]> Co-authored-by: kosayoda <[email protected]> Co-authored-by: ks129 <[email protected]> Co-authored-by: Leon Sand├©y <[email protected]> Co-authored-by: Leon Sand├©y <[email protected]> Co-authored-by: MarkKoz <[email protected]> Co-authored-by: Matteo Bertucci <[email protected]> Co-authored-by: Sebastiaan Zeeff <[email protected]> Co-authored-by: Sebastiaan Zeeff <[email protected]> Co-authored-by: vcokltfre <[email protected]>
Diffstat (limited to 'kubernetes/namespaces/monitoring/alerts/alertmanager')
-rw-r--r--kubernetes/namespaces/monitoring/alerts/alertmanager/deployment.yaml92
-rw-r--r--kubernetes/namespaces/monitoring/alerts/alertmanager/ingress.yaml24
-rw-r--r--kubernetes/namespaces/monitoring/alerts/alertmanager/initscript.yaml30
-rw-r--r--kubernetes/namespaces/monitoring/alerts/alertmanager/sd-service.yaml16
-rw-r--r--kubernetes/namespaces/monitoring/alerts/alertmanager/secrets.yamlbin0 -> 316 bytes
-rw-r--r--kubernetes/namespaces/monitoring/alerts/alertmanager/service-account.yaml28
-rw-r--r--kubernetes/namespaces/monitoring/alerts/alertmanager/service.yaml14
7 files changed, 204 insertions, 0 deletions
diff --git a/kubernetes/namespaces/monitoring/alerts/alertmanager/deployment.yaml b/kubernetes/namespaces/monitoring/alerts/alertmanager/deployment.yaml
new file mode 100644
index 0000000..4f1c322
--- /dev/null
+++ b/kubernetes/namespaces/monitoring/alerts/alertmanager/deployment.yaml
@@ -0,0 +1,92 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: alertmanager
+ namespace: monitoring
+spec:
+ replicas: 3
+ selector:
+ matchLabels:
+ app: alertmanager
+ template:
+ metadata:
+ labels:
+ app: alertmanager
+ spec:
+ serviceAccountName: prometheus
+ affinity:
+ podAntiAffinity:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ - podAffinityTerm:
+ labelSelector:
+ matchExpressions:
+ - key: app
+ operator: In
+ values:
+ - alertmanager
+ namespaces:
+ - monitoring
+ topologyKey: kubernetes.io/hostname
+ weight: 100
+ initContainers:
+ - image: debian:bullseye-slim
+ imagePullPolicy: Always
+ name: alertmanager-peering-setup
+ command: [
+ '/opt/pydis/alertmanager/init.d/find-pods.sh'
+ ]
+ volumeMounts:
+ - name: alertmanager-init
+ mountPath: /opt/pydis/alertmanager/init.d
+ - name: alertmanager-tmp
+ mountPath: /tmp
+ securityContext:
+ runAsUser: 0
+ containers:
+ - image: prom/alertmanager:latest
+ imagePullPolicy: Always
+ name: alertmanager
+ command:
+ - /bin/sh
+ - -c
+ - |
+ exec /bin/alertmanager \
+ --config.file=/opt/pydis/alertmanager/config.d/alertmanager.yaml \
+ --web.external-url=https://alertmanager.pythondiscord.com \
+ --storage.path=/data/alertmanager \
+ $(cat /tmp/peers)
+ ports:
+ - name: am
+ containerPort: 9093
+ - name: am-peering
+ containerPort: 9094
+ volumeMounts:
+ - name: alertmanager-config
+ mountPath: /opt/pydis/alertmanager/config.d
+ - name: alertmanager-webhooks
+ mountPath: /opt/pydis/alertmanager/webhooks
+ - name: alertmanager-tmp-data
+ mountPath: /data
+ - name: alertmanager-tmp
+ mountPath: /tmp
+ securityContext:
+ readOnlyRootFilesystem: true
+ restartPolicy: Always
+ volumes:
+ - name: alertmanager-config
+ configMap:
+ name: alertmanager-config
+ - name: alertmanager-webhooks
+ secret:
+ secretName: alert-manager-hook
+ - name: alertmanager-tmp-data
+ emptyDir: {}
+ - name: alertmanager-tmp
+ emptyDir: {}
+ - name: alertmanager-init
+ configMap:
+ name: alertmanager-init
+ defaultMode: 0777
+ securityContext:
+ fsGroup: 1000
+ runAsUser: 1000
diff --git a/kubernetes/namespaces/monitoring/alerts/alertmanager/ingress.yaml b/kubernetes/namespaces/monitoring/alerts/alertmanager/ingress.yaml
new file mode 100644
index 0000000..fc99e52
--- /dev/null
+++ b/kubernetes/namespaces/monitoring/alerts/alertmanager/ingress.yaml
@@ -0,0 +1,24 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+ annotations:
+ nginx.ingress.kubernetes.io/auth-tls-verify-client: "on"
+ nginx.ingress.kubernetes.io/auth-tls-secret: "kube-system/mtls-client-crt-bundle"
+ nginx.ingress.kubernetes.io/auth-tls-error-page: "https://www.youtube.com/watch?v=dQw4w9WgXcQ"
+ name: alertmanager
+ namespace: monitoring
+spec:
+ tls:
+ - hosts:
+ - "*.pythondiscord.com"
+ rules:
+ - host: alertmanager.pythondiscord.com
+ http:
+ paths:
+ - path: /
+ pathType: Prefix
+ backend:
+ service:
+ name: alertmanager
+ port:
+ number: 9093
diff --git a/kubernetes/namespaces/monitoring/alerts/alertmanager/initscript.yaml b/kubernetes/namespaces/monitoring/alerts/alertmanager/initscript.yaml
new file mode 100644
index 0000000..f1f36e2
--- /dev/null
+++ b/kubernetes/namespaces/monitoring/alerts/alertmanager/initscript.yaml
@@ -0,0 +1,30 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: alertmanager-init
+ namespace: monitoring
+data:
+ find-pods.sh: |
+ #!/bin/sh
+
+ # Install curl and jq for JSON parsing
+ apt update && apt install -y curl jq
+
+ # Find the template hash
+ echo Finding template hash...
+ TEMPLATE_HASH=$(echo $HOSTNAME | cut -d- -f2)
+
+ # Query kubernetes API for all matching pods
+ echo Querying Kubernetes API for pods...
+ PODS=$(curl \
+ -H "Authorization: Bearer $(cat /var/run/secrets/kubernetes.io/serviceaccount/token)" \
+ https://kubernetes.default/api/v1/namespaces/monitoring/pods\?labelSelector=pod-template-hash=$TEMPLATE_HASH\&pretty=false -sk -o /tmp/peers.json)
+
+ echo Finding Alertmanager IPs...
+ AM_IPS=$(jq '.items[].status.podIP' /tmp/peers.json -r)
+
+ echo Generating CLI flags for Alertmanager...
+ PEER_ARGS=$(echo $AM_IPS | sed 's/ /\n/g' | awk '{ print "--cluster.peer="$1":9094" }')
+
+ echo Writing CLI flags to /tmp/peers...
+ echo $PEER_ARGS > /tmp/peers
diff --git a/kubernetes/namespaces/monitoring/alerts/alertmanager/sd-service.yaml b/kubernetes/namespaces/monitoring/alerts/alertmanager/sd-service.yaml
new file mode 100644
index 0000000..8ec901a
--- /dev/null
+++ b/kubernetes/namespaces/monitoring/alerts/alertmanager/sd-service.yaml
@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: alertmanager-sd
+ namespace: monitoring
+spec:
+ selector:
+ app: alertmanager
+ clusterIP: None
+ ports:
+ - port: 9093
+ targetPort: 9093
+ name: am
+ - port: 9094
+ targetPort: 9094
+ name: am-peering
diff --git a/kubernetes/namespaces/monitoring/alerts/alertmanager/secrets.yaml b/kubernetes/namespaces/monitoring/alerts/alertmanager/secrets.yaml
new file mode 100644
index 0000000..7cc1d95
--- /dev/null
+++ b/kubernetes/namespaces/monitoring/alerts/alertmanager/secrets.yaml
Binary files differ
diff --git a/kubernetes/namespaces/monitoring/alerts/alertmanager/service-account.yaml b/kubernetes/namespaces/monitoring/alerts/alertmanager/service-account.yaml
new file mode 100644
index 0000000..3f26311
--- /dev/null
+++ b/kubernetes/namespaces/monitoring/alerts/alertmanager/service-account.yaml
@@ -0,0 +1,28 @@
+---
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+ name: alertmanager
+rules:
+- apiGroups: [""]
+ resources: ["pods", "endpoints"]
+ verbs: ["get", "list"]
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: alertmanager
+ namespace: monitoring
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: alertmanager
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: alertmanager
+subjects:
+ - kind: ServiceAccount
+ name: alertmanager
+ namespace: monitoring
diff --git a/kubernetes/namespaces/monitoring/alerts/alertmanager/service.yaml b/kubernetes/namespaces/monitoring/alerts/alertmanager/service.yaml
new file mode 100644
index 0000000..145b1e2
--- /dev/null
+++ b/kubernetes/namespaces/monitoring/alerts/alertmanager/service.yaml
@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: alertmanager
+ namespace: monitoring
+ annotations:
+ prometheus.io/scrape: "true"
+ prometheus.io/port: "9093"
+spec:
+ selector:
+ app: alertmanager
+ ports:
+ - port: 9093
+ targetPort: 9093
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-21 01:29:56 +0000