Skip to content

Commit

Permalink
add monitoring controller for kserve and istio metrics
Browse files Browse the repository at this point in the history 
Signed-off-by: Vedant Mahabaleshwarkar <vmahabal@redhat.com>
  • Loading branch information
@VedantMahabaleshwarkar
VedantMahabaleshwarkar committed Aug 14, 2023
1 parent 0ee9b65 commit 8ccb4cc
Show file tree
Hide file tree
Showing 11 changed files with 2,178 additions and 241 deletions.
800 changes: 800 additions & 0 deletions config/crd/external/monitoring.coreos.com_podmonitors.yaml
View file

Large diffs are not rendered by default.

98 changes: 98 additions & 0 deletions config/crd/external/security.istio.io_peerauthentications.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,98 @@
kind: CustomResourceDefinition
apiVersion: apiextensions.k8s.io/v1
metadata:
name: peerauthentications.security.istio.io
labels:
app: istio-pilot
chart: istio
heritage: Tiller
istio: security
maistra-version: 2.4.2
release: istio
annotations:
helm.sh/resource-policy: keep
spec:
group: security.istio.io
names:
plural: peerauthentications
singular: peerauthentication
shortNames:
- pa
kind: PeerAuthentication
listKind: PeerAuthenticationList
categories:
- istio-io
- security-istio-io
scope: Namespaced
versions:
- name: v1beta1
served: true
storage: true
schema:
openAPIV3Schema:
type: object
properties:
spec:
description: >-
PeerAuthentication defines how traffic will be tunneled (or not)
to the sidecar.
type: object
properties:
mtls:
description: Mutual TLS settings for workload.
type: object
properties:
mode:
description: Defines the mTLS mode used for peer authentication.
type: string
enum:
- UNSET
- DISABLE
- PERMISSIVE
- STRICT
portLevelMtls:
description: Port specific mutual TLS settings.
type: object
additionalProperties:
type: object
properties:
mode:
description: Defines the mTLS mode used for peer authentication.
type: string
enum:
- UNSET
- DISABLE
- PERMISSIVE
- STRICT
selector:
description: >-
The selector determines the workloads to apply the
ChannelAuthentication on.
type: object
properties:
matchLabels:
type: object
additionalProperties:
type: string
status:
type: object
x-kubernetes-preserve-unknown-fields: true
subresources:
status: {}
additionalPrinterColumns:
- name: Mode
type: string
description: Defines the mTLS mode used for peer authentication.
jsonPath: .spec.mtls.mode
- name: Age
type: date
description: >-
CreationTimestamp is a timestamp representing the server time when
this object was created. It is not guaranteed to be set in
happens-before order across separate operations. Clients may not set
this value. It is represented in RFC3339 form and is in UTC.
Populated by the system. Read-only. Null for lists. More info:
https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
jsonPath: .metadata.creationTimestamp
conversion:
strategy: None
281 changes: 281 additions & 0 deletions config/crd/external/telemetry.istio.io_telemetries.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,281 @@
kind: CustomResourceDefinition
apiVersion: apiextensions.k8s.io/v1
metadata:
name: telemetries.telemetry.istio.io
labels:
app: istio-pilot
chart: istio
heritage: Tiller
istio: telemetry
maistra-version: 2.4.2
release: istio
annotations:
helm.sh/resource-policy: keep
spec:
group: telemetry.istio.io
names:
plural: telemetries
singular: telemetry
shortNames:
- telemetry
kind: Telemetry
listKind: TelemetryList
categories:
- istio-io
- telemetry-istio-io
scope: Namespaced
versions:
- name: v1alpha1
served: true
storage: true
schema:
openAPIV3Schema:
type: object
properties:
spec:
description: >-
Telemetry configuration for workloads. See more details at:
https://istio.io/docs/reference/config/telemetry.html
type: object
properties:
accessLogging:
description: Optional.
type: array
items:
type: object
properties:
disabled:
description: Controls logging.
type: boolean
nullable: true
filter:
description: Optional.
type: object
properties:
expression:
description: >-
CEL expression for selecting when
requests/connections should be logged.
type: string
match:
description: >-
Allows tailoring of logging behavior to specific
conditions.
type: object
properties:
mode:
type: string
enum:
- CLIENT_AND_SERVER
- CLIENT
- SERVER
providers:
description: Optional.
type: array
items:
type: object
properties:
name:
description: Required.
type: string
metrics:
description: Optional.
type: array
items:
type: object
properties:
overrides:
description: Optional.
type: array
items:
type: object
properties:
disabled:
description: Optional.
type: boolean
nullable: true
match:
description: Match allows provides the scope of the override.
type: object
oneOf:
- not:
anyOf:
- required:
- metric
- required:
- customMetric
- required:
- metric
- required:
- customMetric
properties:
customMetric:
description: Allows free-form specification of a metric.
type: string
metric:
description: >-
One of the well-known Istio Standard
Metrics.
type: string
enum:
- ALL_METRICS
- REQUEST_COUNT
- REQUEST_DURATION
- REQUEST_SIZE
- RESPONSE_SIZE
- TCP_OPENED_CONNECTIONS
- TCP_CLOSED_CONNECTIONS
- TCP_SENT_BYTES
- TCP_RECEIVED_BYTES
- GRPC_REQUEST_MESSAGES
- GRPC_RESPONSE_MESSAGES
mode:
type: string
enum:
- CLIENT_AND_SERVER
- CLIENT
- SERVER
tagOverrides:
description: Optional.
type: object
additionalProperties:
type: object
properties:
operation:
description: >-
Operation controls whether or not to
update/add a tag, or to remove it.
type: string
enum:
- UPSERT
- REMOVE
value:
description: >-
Value is only considered if the operation
is `UPSERT`.
type: string
providers:
description: Optional.
type: array
items:
type: object
properties:
name:
description: Required.
type: string
selector:
description: Optional.
type: object
properties:
matchLabels:
type: object
additionalProperties:
type: string
tracing:
description: Optional.
type: array
items:
type: object
properties:
customTags:
description: Optional.
type: object
additionalProperties:
type: object
oneOf:
- not:
anyOf:
- required:
- literal
- required:
- environment
- required:
- header
- required:
- literal
- required:
- environment
- required:
- header
properties:
environment:
description: >-
Environment adds the value of an environment
variable to each span.
type: object
properties:
defaultValue:
description: Optional.
type: string
name:
description: >-
Name of the environment variable from which
to extract the tag value.
type: string
header:
type: object
properties:
defaultValue:
description: Optional.
type: string
name:
description: >-
Name of the header from which to extract the
tag value.
type: string
literal:
description: >-
Literal adds the same, hard-coded value to each
span.
type: object
properties:
value:
description: The tag value to use.
type: string
disableSpanReporting:
description: Controls span reporting.
type: boolean
nullable: true
match:
description: Allows tailoring of behavior to specific conditions.
type: object
properties:
mode:
type: string
enum:
- CLIENT_AND_SERVER
- CLIENT
- SERVER
providers:
description: Optional.
type: array
items:
type: object
properties:
name:
description: Required.
type: string
randomSamplingPercentage:
type: number
nullable: true
useRequestIdForTraceSampling:
type: boolean
nullable: true
status:
type: object
x-kubernetes-preserve-unknown-fields: true
subresources:
status: {}
additionalPrinterColumns:
- name: Age
type: date
description: >-
CreationTimestamp is a timestamp representing the server time when
this object was created. It is not guaranteed to be set in
happens-before order across separate operations. Clients may not set
this value. It is represented in RFC3339 form and is in UTC.
Populated by the system. Read-only. Null for lists. More info:
https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
jsonPath: .metadata.creationTimestamp
conversion:
strategy: None
15 changes: 15 additions & 0 deletions config/rbac/kserve_prometheus_clusterrole.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: kserve-prometheus-k8s
rules:
- apiGroups:
- ""
resources:
- services
- endpoints
- pods
verbs:
- get
- list
- watch
Loading

0 comments on commit 8ccb4cc

Please sign in to comment.