# Copyright 2023 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # https://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. apiVersion: apps/v1 kind: StatefulSet metadata: labels: app.kubernetes.io/name: kube-state-metrics app.kubernetes.io/version: 2.3.0 namespace: gmp-public name: kube-state-metrics spec: replicas: 1 selector: matchLabels: app.kubernetes.io/name: kube-state-metrics serviceName: kube-state-metrics template: metadata: labels: app.kubernetes.io/name: kube-state-metrics app.kubernetes.io/version: 2.3.0 spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: kubernetes.io/arch operator: In values: - arm64 - amd64 - key: kubernetes.io/os operator: In values: - linux containers: - name: kube-state-metric image: k8s.gcr.io/kube-state-metrics/kube-state-metrics:v2.3.0 env: - name: POD_NAME valueFrom: fieldRef: fieldPath: metadata.name - name: POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace args: - --pod=$(POD_NAME) - --pod-namespace=$(POD_NAMESPACE) - --port=8080 - --telemetry-port=8081 ports: - name: metrics containerPort: 8080 - name: metrics-self containerPort: 8081 resources: requests: cpu: 250m memory: 500Mi limits: memory: 500Mi securityContext: allowPrivilegeEscalation: false privileged: false capabilities: drop: - all runAsUser: 1000 runAsGroup: 1000 livenessProbe: httpGet: path: /healthz port: 8080 initialDelaySeconds: 5 timeoutSeconds: 5 readinessProbe: httpGet: path: / port: 8081 initialDelaySeconds: 5 timeoutSeconds: 5 serviceAccountName: kube-state-metrics --- apiVersion: v1 kind: Service metadata: labels: app.kubernetes.io/name: kube-state-metrics app.kubernetes.io/version: 2.3.0 namespace: gmp-public name: kube-state-metrics spec: clusterIP: None ports: - name: metrics port: 8080 targetPort: metrics - name: metrics-self port: 8081 targetPort: metrics-self selector: app.kubernetes.io/name: kube-state-metrics --- apiVersion: v1 kind: ServiceAccount metadata: namespace: gmp-public name: kube-state-metrics labels: app.kubernetes.io/name: kube-state-metrics app.kubernetes.io/version: 2.3.0 --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: gmp-public:kube-state-metrics labels: app.kubernetes.io/name: kube-state-metrics app.kubernetes.io/version: 2.3.0 roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: gmp-public:kube-state-metrics subjects: - kind: ServiceAccount namespace: gmp-public name: kube-state-metrics --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: gmp-public:kube-state-metrics labels: app.kubernetes.io/name: kube-state-metrics app.kubernetes.io/version: 2.3.0 rules: - apiGroups: - "" resources: - configmaps - secrets - nodes - pods - services - resourcequotas - replicationcontrollers - limitranges - persistentvolumeclaims - persistentvolumes - namespaces - endpoints verbs: - list - watch - apiGroups: - "" resources: - pods verbs: - get - apiGroups: - extensions resources: - daemonsets - deployments - replicasets - ingresses verbs: - list - watch - apiGroups: - apps resources: - statefulsets - daemonsets - deployments - replicasets verbs: - list - watch - apiGroups: - apps resources: - statefulsets verbs: - get - apiGroups: - batch resources: - cronjobs - jobs verbs: - list - watch - apiGroups: - autoscaling resources: - horizontalpodautoscalers verbs: - list - watch - apiGroups: - authentication.k8s.io resources: - tokenreviews verbs: - create - apiGroups: - authorization.k8s.io resources: - subjectaccessreviews verbs: - create - apiGroups: - policy resources: - poddisruptionbudgets verbs: - list - watch - apiGroups: - certificates.k8s.io resources: - certificatesigningrequests verbs: - list - watch - apiGroups: - storage.k8s.io resources: - storageclasses - volumeattachments verbs: - list - watch - apiGroups: - admissionregistration.k8s.io resources: - mutatingwebhookconfigurations - validatingwebhookconfigurations verbs: - list - watch - apiGroups: - networking.k8s.io resources: - networkpolicies - ingresses verbs: - list - watch - apiGroups: - coordination.k8s.io resources: - leases verbs: - list - watch --- # TODO(pintohutch): bump to autoscaling/v2 when 1.23 is the default in the GKE # stable release channel. apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: name: kube-state-metrics namespace: gmp-public spec: maxReplicas: 10 minReplicas: 1 scaleTargetRef: apiVersion: apps/v1 kind: StatefulSet name: kube-state-metrics metrics: - type: Resource resource: name: memory target: type: Utilization averageUtilization: 60 behavior: scaleDown: policies: - type: Pods value: 1 # Under-utilization needs to persist for `periodSeconds` before any action can be taken. # Current supported max from https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/horizontal-pod-autoscaler-v2beta2/. periodSeconds: 1800 # Current supported max from https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/horizontal-pod-autoscaler-v2beta2/. stabilizationWindowSeconds: 3600 --- apiVersion: monitoring.googleapis.com/v1 kind: ClusterPodMonitoring metadata: name: kube-state-metrics labels: app.kubernetes.io/name: kube-state-metrics app.kubernetes.io/part-of: google-cloud-managed-prometheus spec: selector: matchLabels: app.kubernetes.io/name: kube-state-metrics endpoints: - port: metrics interval: 30s metricRelabeling: - action: keep regex: kube_(daemonset|deployment|pod|namespace|node|statefulset)_.+ sourceLabels: [__name__] targetLabels: metadata: [] # explicitly empty so the metric labels are respected --- apiVersion: monitoring.googleapis.com/v1 kind: PodMonitoring metadata: namespace: gmp-public name: kube-state-metrics labels: app.kubernetes.io/name: kube-state-metrics app.kubernetes.io/part-of: google-cloud-managed-prometheus spec: selector: matchLabels: app.kubernetes.io/name: kube-state-metrics endpoints: - port: metrics-self interval: 30s