diff --git a/deployment/grafana/cm.yml b/deployment/grafana/cm.yml index 839f5e6..dc4a97b 100644 --- a/deployment/grafana/cm.yml +++ b/deployment/grafana/cm.yml @@ -102,6 +102,8 @@ data: datasourceUid: Loki tracesToLogsV2: datasourceUid: Loki + tracesToProfiles: + datasourceUid: Pyroscope tracesToMetrics: datasourceUid: Prometheus serviceMap: diff --git a/deployment/mimir/statefulset.yml b/deployment/mimir/statefulset.yml index 95eadcb..fe40c32 100644 --- a/deployment/mimir/statefulset.yml +++ b/deployment/mimir/statefulset.yml @@ -52,7 +52,7 @@ spec: - '-store-gateway.sharding-ring.replication-factor=1' - '-ingester.out-of-order-time-window=5m' - '-blocks-storage.bucket-store.ignore-blocks-within=0s' - image: grafana/mimir:2.14.0 + image: grafana/mimir:2.14.1 imagePullPolicy: IfNotPresent name: mimir ports: diff --git a/deployment/prometheus/deployment.yml b/deployment/prometheus/deployment.yml index d1a1465..1529de9 100644 --- a/deployment/prometheus/deployment.yml +++ b/deployment/prometheus/deployment.yml @@ -25,7 +25,7 @@ spec: runAsNonRoot: true containers: - name: prometheus - image: docker.io/prom/prometheus:v2.55.0 + image: docker.io/prom/prometheus:v2.55.1 imagePullPolicy: IfNotPresent args: - '--storage.tsdb.retention.time=15d' diff --git a/deployment/pyroscope/account.yml b/deployment/pyroscope/account.yml new file mode 100644 index 0000000..e018a26 --- /dev/null +++ b/deployment/pyroscope/account.yml @@ -0,0 +1,8 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pyroscope + labels: + app.kubernetes.io/name: pyroscope + annotations: {} diff --git a/deployment/pyroscope/cm.yml b/deployment/pyroscope/cm.yml new file mode 100644 index 0000000..f2484c5 --- /dev/null +++ b/deployment/pyroscope/cm.yml @@ -0,0 +1,804 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: config + labels: + app.kubernetes.io/name: pyroscope +data: + config.river: | + logging { + level = "info" + format = "logfmt" + } + + discovery.kubernetes "pyroscope_kubernetes" { + role = "pod" + } + + // The default scrape config allows to define annotations based scraping. + // + // For example the following annotations: + // + // ``` + // profiles.grafana.com/memory.scrape: "true" + // profiles.grafana.com/memory.port: "8080" + // profiles.grafana.com/cpu.scrape: "true" + // profiles.grafana.com/cpu.port: "8080" + // profiles.grafana.com/goroutine.scrape: "true" + // profiles.grafana.com/goroutine.port: "8080" + // ``` + // + // will scrape the `memory`, `cpu` and `goroutine` profiles from the `8080` port of the pod. + // + // For more information see https://grafana.com/docs/pyroscope/latest/deploy-kubernetes/helm/#optional-scrape-your-own-workloads-profiles + discovery.relabel "kubernetes_pods" { + targets = concat(discovery.kubernetes.pyroscope_kubernetes.targets) + + rule { + action = "drop" + source_labels = ["__meta_kubernetes_pod_phase"] + regex = "Pending|Succeeded|Failed|Completed" + } + + rule { + action = "labelmap" + regex = "__meta_kubernetes_pod_label_(.+)" + } + + rule { + action = "replace" + source_labels = ["__meta_kubernetes_namespace"] + target_label = "namespace" + } + + rule { + action = "replace" + source_labels = ["__meta_kubernetes_pod_name"] + target_label = "pod" + } + + rule { + action = "replace" + source_labels = ["__meta_kubernetes_pod_container_name"] + target_label = "container" + } + } + + discovery.relabel "kubernetes_pods_memory_default_name" { + targets = concat(discovery.relabel.kubernetes_pods.output) + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_memory_scrape"] + action = "keep" + regex = "true" + } + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_memory_port_name"] + action = "keep" + regex = "" + } + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_memory_scheme"] + action = "replace" + regex = "(https?)" + target_label = "__scheme__" + replacement = "$1" + } + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_memory_path"] + action = "replace" + regex = "(.+)" + target_label = "__profile_path__" + replacement = "$1" + } + + rule { + source_labels = ["__address__", "__meta_kubernetes_pod_annotation_profiles_grafana_com_memory_port"] + action = "replace" + regex = "(.+?)(?::\\d+)?;(\\d+)" + target_label = "__address__" + replacement = "$1:$2" + } + } + + discovery.relabel "kubernetes_pods_memory_custom_name" { + targets = concat(discovery.relabel.kubernetes_pods.output) + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_memory_scrape"] + action = "keep" + regex = "true" + } + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_memory_port_name"] + action = "drop" + regex = "" + } + + rule { + source_labels = ["__meta_kubernetes_pod_container_port_name"] + target_label = "__meta_kubernetes_pod_annotation_profiles_grafana_com_memory_port_name" + action = "keepequal" + } + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_memory_scheme"] + action = "replace" + regex = "(https?)" + target_label = "__scheme__" + replacement = "$1" + } + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_memory_path"] + action = "replace" + regex = "(.+)" + target_label = "__profile_path__" + replacement = "$1" + } + + rule { + source_labels = ["__address__", "__meta_kubernetes_pod_annotation_profiles_grafana_com_memory_port"] + action = "replace" + regex = "(.+?)(?::\\d+)?;(\\d+)" + target_label = "__address__" + replacement = "$1:$2" + } + } + + pyroscope.scrape "pyroscope_scrape_memory" { + clustering { + enabled = true + } + + targets = concat(discovery.relabel.kubernetes_pods_memory_default_name.output, discovery.relabel.kubernetes_pods_memory_custom_name.output) + forward_to = [pyroscope.write.pyroscope_write.receiver] + + profiling_config { + profile.memory { + enabled = true + } + + profile.process_cpu { + enabled = false + } + + profile.goroutine { + enabled = false + } + + profile.block { + enabled = false + } + + profile.mutex { + enabled = false + } + + profile.fgprof { + enabled = false + } + } + } + + discovery.relabel "kubernetes_pods_cpu_default_name" { + targets = concat(discovery.relabel.kubernetes_pods.output) + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_cpu_scrape"] + action = "keep" + regex = "true" + } + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_cpu_port_name"] + action = "keep" + regex = "" + } + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_cpu_scheme"] + action = "replace" + regex = "(https?)" + target_label = "__scheme__" + replacement = "$1" + } + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_cpu_path"] + action = "replace" + regex = "(.+)" + target_label = "__profile_path__" + replacement = "$1" + } + + rule { + source_labels = ["__address__", "__meta_kubernetes_pod_annotation_profiles_grafana_com_cpu_port"] + action = "replace" + regex = "(.+?)(?::\\d+)?;(\\d+)" + target_label = "__address__" + replacement = "$1:$2" + } + } + + discovery.relabel "kubernetes_pods_cpu_custom_name" { + targets = concat(discovery.relabel.kubernetes_pods.output) + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_cpu_scrape"] + action = "keep" + regex = "true" + } + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_cpu_port_name"] + action = "drop" + regex = "" + } + + rule { + source_labels = ["__meta_kubernetes_pod_container_port_name"] + target_label = "__meta_kubernetes_pod_annotation_profiles_grafana_com_cpu_port_name" + action = "keepequal" + } + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_cpu_scheme"] + action = "replace" + regex = "(https?)" + target_label = "__scheme__" + replacement = "$1" + } + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_cpu_path"] + action = "replace" + regex = "(.+)" + target_label = "__profile_path__" + replacement = "$1" + } + + rule { + source_labels = ["__address__", "__meta_kubernetes_pod_annotation_profiles_grafana_com_cpu_port"] + action = "replace" + regex = "(.+?)(?::\\d+)?;(\\d+)" + target_label = "__address__" + replacement = "$1:$2" + } + } + + pyroscope.scrape "pyroscope_scrape_cpu" { + clustering { + enabled = true + } + + targets = concat(discovery.relabel.kubernetes_pods_cpu_default_name.output, discovery.relabel.kubernetes_pods_cpu_custom_name.output) + forward_to = [pyroscope.write.pyroscope_write.receiver] + + profiling_config { + profile.memory { + enabled = false + } + + profile.process_cpu { + enabled = true + } + + profile.goroutine { + enabled = false + } + + profile.block { + enabled = false + } + + profile.mutex { + enabled = false + } + + profile.fgprof { + enabled = false + } + } + } + + discovery.relabel "kubernetes_pods_goroutine_default_name" { + targets = concat(discovery.relabel.kubernetes_pods.output) + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_goroutine_scrape"] + action = "keep" + regex = "true" + } + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_goroutine_port_name"] + action = "keep" + regex = "" + } + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_goroutine_scheme"] + action = "replace" + regex = "(https?)" + target_label = "__scheme__" + replacement = "$1" + } + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_goroutine_path"] + action = "replace" + regex = "(.+)" + target_label = "__profile_path__" + replacement = "$1" + } + + rule { + source_labels = ["__address__", "__meta_kubernetes_pod_annotation_profiles_grafana_com_goroutine_port"] + action = "replace" + regex = "(.+?)(?::\\d+)?;(\\d+)" + target_label = "__address__" + replacement = "$1:$2" + } + } + + discovery.relabel "kubernetes_pods_goroutine_custom_name" { + targets = concat(discovery.relabel.kubernetes_pods.output) + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_goroutine_scrape"] + action = "keep" + regex = "true" + } + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_goroutine_port_name"] + action = "drop" + regex = "" + } + + rule { + source_labels = ["__meta_kubernetes_pod_container_port_name"] + target_label = "__meta_kubernetes_pod_annotation_profiles_grafana_com_goroutine_port_name" + action = "keepequal" + } + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_goroutine_scheme"] + action = "replace" + regex = "(https?)" + target_label = "__scheme__" + replacement = "$1" + } + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_goroutine_path"] + action = "replace" + regex = "(.+)" + target_label = "__profile_path__" + replacement = "$1" + } + + rule { + source_labels = ["__address__", "__meta_kubernetes_pod_annotation_profiles_grafana_com_goroutine_port"] + action = "replace" + regex = "(.+?)(?::\\d+)?;(\\d+)" + target_label = "__address__" + replacement = "$1:$2" + } + } + + pyroscope.scrape "pyroscope_scrape_goroutine" { + clustering { + enabled = true + } + + targets = concat(discovery.relabel.kubernetes_pods_goroutine_default_name.output, discovery.relabel.kubernetes_pods_goroutine_custom_name.output) + forward_to = [pyroscope.write.pyroscope_write.receiver] + + profiling_config { + profile.memory { + enabled = false + } + + profile.process_cpu { + enabled = false + } + + profile.goroutine { + enabled = true + } + + profile.block { + enabled = false + } + + profile.mutex { + enabled = false + } + + profile.fgprof { + enabled = false + } + } + } + + discovery.relabel "kubernetes_pods_block_default_name" { + targets = concat(discovery.relabel.kubernetes_pods.output) + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_block_scrape"] + action = "keep" + regex = "true" + } + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_block_port_name"] + action = "keep" + regex = "" + } + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_block_scheme"] + action = "replace" + regex = "(https?)" + target_label = "__scheme__" + replacement = "$1" + } + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_block_path"] + action = "replace" + regex = "(.+)" + target_label = "__profile_path__" + replacement = "$1" + } + + rule { + source_labels = ["__address__", "__meta_kubernetes_pod_annotation_profiles_grafana_com_block_port"] + action = "replace" + regex = "(.+?)(?::\\d+)?;(\\d+)" + target_label = "__address__" + replacement = "$1:$2" + } + } + + discovery.relabel "kubernetes_pods_block_custom_name" { + targets = concat(discovery.relabel.kubernetes_pods.output) + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_block_scrape"] + action = "keep" + regex = "true" + } + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_block_port_name"] + action = "drop" + regex = "" + } + + rule { + source_labels = ["__meta_kubernetes_pod_container_port_name"] + target_label = "__meta_kubernetes_pod_annotation_profiles_grafana_com_block_port_name" + action = "keepequal" + } + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_block_scheme"] + action = "replace" + regex = "(https?)" + target_label = "__scheme__" + replacement = "$1" + } + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_block_path"] + action = "replace" + regex = "(.+)" + target_label = "__profile_path__" + replacement = "$1" + } + + rule { + source_labels = ["__address__", "__meta_kubernetes_pod_annotation_profiles_grafana_com_block_port"] + action = "replace" + regex = "(.+?)(?::\\d+)?;(\\d+)" + target_label = "__address__" + replacement = "$1:$2" + } + } + + pyroscope.scrape "pyroscope_scrape_block" { + clustering { + enabled = true + } + + targets = concat(discovery.relabel.kubernetes_pods_block_default_name.output, discovery.relabel.kubernetes_pods_block_custom_name.output) + forward_to = [pyroscope.write.pyroscope_write.receiver] + + profiling_config { + profile.memory { + enabled = false + } + + profile.process_cpu { + enabled = false + } + + profile.goroutine { + enabled = false + } + + profile.block { + enabled = true + } + + profile.mutex { + enabled = false + } + + profile.fgprof { + enabled = false + } + } + } + + discovery.relabel "kubernetes_pods_mutex_default_name" { + targets = concat(discovery.relabel.kubernetes_pods.output) + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_mutex_scrape"] + action = "keep" + regex = "true" + } + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_mutex_port_name"] + action = "keep" + regex = "" + } + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_mutex_scheme"] + action = "replace" + regex = "(https?)" + target_label = "__scheme__" + replacement = "$1" + } + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_mutex_path"] + action = "replace" + regex = "(.+)" + target_label = "__profile_path__" + replacement = "$1" + } + + rule { + source_labels = ["__address__", "__meta_kubernetes_pod_annotation_profiles_grafana_com_mutex_port"] + action = "replace" + regex = "(.+?)(?::\\d+)?;(\\d+)" + target_label = "__address__" + replacement = "$1:$2" + } + } + + discovery.relabel "kubernetes_pods_mutex_custom_name" { + targets = concat(discovery.relabel.kubernetes_pods.output) + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_mutex_scrape"] + action = "keep" + regex = "true" + } + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_mutex_port_name"] + action = "drop" + regex = "" + } + + rule { + source_labels = ["__meta_kubernetes_pod_container_port_name"] + target_label = "__meta_kubernetes_pod_annotation_profiles_grafana_com_mutex_port_name" + action = "keepequal" + } + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_mutex_scheme"] + action = "replace" + regex = "(https?)" + target_label = "__scheme__" + replacement = "$1" + } + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_mutex_path"] + action = "replace" + regex = "(.+)" + target_label = "__profile_path__" + replacement = "$1" + } + + rule { + source_labels = ["__address__", "__meta_kubernetes_pod_annotation_profiles_grafana_com_mutex_port"] + action = "replace" + regex = "(.+?)(?::\\d+)?;(\\d+)" + target_label = "__address__" + replacement = "$1:$2" + } + } + + pyroscope.scrape "pyroscope_scrape_mutex" { + clustering { + enabled = true + } + + targets = concat(discovery.relabel.kubernetes_pods_mutex_default_name.output, discovery.relabel.kubernetes_pods_mutex_custom_name.output) + forward_to = [pyroscope.write.pyroscope_write.receiver] + + profiling_config { + profile.memory { + enabled = false + } + + profile.process_cpu { + enabled = false + } + + profile.goroutine { + enabled = false + } + + profile.block { + enabled = false + } + + profile.mutex { + enabled = true + } + + profile.fgprof { + enabled = false + } + } + } + + discovery.relabel "kubernetes_pods_fgprof_default_name" { + targets = concat(discovery.relabel.kubernetes_pods.output) + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_fgprof_scrape"] + action = "keep" + regex = "true" + } + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_fgprof_port_name"] + action = "keep" + regex = "" + } + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_fgprof_scheme"] + action = "replace" + regex = "(https?)" + target_label = "__scheme__" + replacement = "$1" + } + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_fgprof_path"] + action = "replace" + regex = "(.+)" + target_label = "__profile_path__" + replacement = "$1" + } + + rule { + source_labels = ["__address__", "__meta_kubernetes_pod_annotation_profiles_grafana_com_fgprof_port"] + action = "replace" + regex = "(.+?)(?::\\d+)?;(\\d+)" + target_label = "__address__" + replacement = "$1:$2" + } + } + + discovery.relabel "kubernetes_pods_fgprof_custom_name" { + targets = concat(discovery.relabel.kubernetes_pods.output) + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_fgprof_scrape"] + action = "keep" + regex = "true" + } + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_fgprof_port_name"] + action = "drop" + regex = "" + } + + rule { + source_labels = ["__meta_kubernetes_pod_container_port_name"] + target_label = "__meta_kubernetes_pod_annotation_profiles_grafana_com_fgprof_port_name" + action = "keepequal" + } + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_fgprof_scheme"] + action = "replace" + regex = "(https?)" + target_label = "__scheme__" + replacement = "$1" + } + + rule { + source_labels = ["__meta_kubernetes_pod_annotation_profiles_grafana_com_fgprof_path"] + action = "replace" + regex = "(.+)" + target_label = "__profile_path__" + replacement = "$1" + } + + rule { + source_labels = ["__address__", "__meta_kubernetes_pod_annotation_profiles_grafana_com_fgprof_port"] + action = "replace" + regex = "(.+?)(?::\\d+)?;(\\d+)" + target_label = "__address__" + replacement = "$1:$2" + } + } + + pyroscope.scrape "pyroscope_scrape_fgprof" { + clustering { + enabled = true + } + + targets = concat(discovery.relabel.kubernetes_pods_fgprof_default_name.output, discovery.relabel.kubernetes_pods_fgprof_custom_name.output) + forward_to = [pyroscope.write.pyroscope_write.receiver] + + profiling_config { + profile.memory { + enabled = false + } + + profile.process_cpu { + enabled = false + } + + profile.goroutine { + enabled = false + } + + profile.block { + enabled = false + } + + profile.mutex { + enabled = false + } + + profile.fgprof { + enabled = true + } + } + } + + pyroscope.write "pyroscope_write" { + endpoint { + url = "http://pyroscope.pyroscope-test.svc.cluster.local.:4040" + } + } + overrides.yaml: | + overrides: + {} + config.yaml: | + analytics: + reporting_enabled: false diff --git a/deployment/pyroscope/deployment.yml b/deployment/pyroscope/deployment.yml new file mode 100644 index 0000000..9b8797d --- /dev/null +++ b/deployment/pyroscope/deployment.yml @@ -0,0 +1,87 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: pyroscope + labels: + app.kubernetes.io/name: pyroscope + annotations: + prometheus.io/port: http + prometheus.io/scrape: "true" +spec: + revisionHistoryLimit: 1 + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: pyroscope + template: + metadata: + labels: + app.kubernetes.io/name: pyroscope + annotations: + prometheus.io/scrape: "true" + prometheus.io/port: http + spec: + automountServiceAccountToken: false + serviceAccountName: pyroscope + securityContext: + runAsNonRoot: true + runAsGroup: 10001 + runAsUser: 10001 + containers: + - name: pyroscope + image: docker.io/grafana/pyroscope:1.10.0 + imagePullPolicy: IfNotPresent + args: + - "-target=all" + - "-self-profiling.disable-push=true" + - "-server.http-listen-port=4040" + - "-memberlist.cluster-label=pyroscope" + - "-memberlist.join=dns+pyroscope:7946" + - "-config.file=/etc/pyroscope/config.yaml" + - "-runtime-config.file=/etc/pyroscope/overrides/overrides.yaml" + - "-log.level=info" + ports: + - name: http + containerPort: 4040 + protocol: TCP + - name: memberlist + containerPort: 7946 + protocol: TCP + resources: + requests: + cpu: 100m + memory: "512Mi" + limits: + cpu: 200m + memory: "1Gi" + volumeMounts: + - name: config + mountPath: /etc/pyroscope/config.yaml + subPath: config.yaml + - name: config + mountPath: /etc/pyroscope/overrides/ + - name: storage + mountPath: /data + - name: storage + mountPath: /data-compactor + subPath: data-compactor + - name: storage + mountPath: /data-shared + subPath: data-shared + securityContext: + allowPrivilegeEscalation: false + privileged: false + readOnlyRootFilesystem: true + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL + volumes: + - name: config + configMap: + name: config + - name: storage + emptyDir: + sizeLimit: "2Gi" diff --git a/deployment/pyroscope/kustomization.yml b/deployment/pyroscope/kustomization.yml new file mode 100644 index 0000000..cab7e9f --- /dev/null +++ b/deployment/pyroscope/kustomization.yml @@ -0,0 +1,15 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: +- account.yml +- rbac.yml +- cm.yml +- deployment.yml +- service.yml + +labels: +- includeSelectors: true + pairs: + app.kubernetes.io/created-by: kustomizer + app.kubernetes.io/name: pyroscope diff --git a/deployment/pyroscope/rbac.yml b/deployment/pyroscope/rbac.yml new file mode 100644 index 0000000..41dd710 --- /dev/null +++ b/deployment/pyroscope/rbac.yml @@ -0,0 +1,36 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: pyroscope + labels: + app.kubernetes.io/name: pyroscope +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - list + - watch +- apiGroups: + - "" + resources: + - nodes + verbs: + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: pyroscope + labels: + app.kubernetes.io/name: pyroscope +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: pyroscope +subjects: + - kind: ServiceAccount + name: pyroscope + namespace: monitoring \ No newline at end of file diff --git a/deployment/pyroscope/service.yml b/deployment/pyroscope/service.yml new file mode 100644 index 0000000..e2fecb4 --- /dev/null +++ b/deployment/pyroscope/service.yml @@ -0,0 +1,17 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: pyroscope + labels: + app.kubernetes.io/name: pyroscope +spec: + ports: + - name: pyroscope + port: 4040 + targetPort: http + - name: memberlist + port: 7946 + targetPort: memberlist + selector: + app.kubernetes.io/name: pyroscope diff --git a/deployment/tempo/cm.yml b/deployment/tempo/cm.yml index 2a42c55..0bf5990 100644 --- a/deployment/tempo/cm.yml +++ b/deployment/tempo/cm.yml @@ -7,7 +7,6 @@ metadata: data: tempo.yaml: | target: all - autocomplete_filtering_enabled: true multitenancy_enabled: false usage_report: reporting_enabled: true