From 510db216454677a95632bd2873f17972616b99d1 Mon Sep 17 00:00:00 2001 From: Rob Shelly Date: Mon, 1 Jul 2024 16:58:46 +0100 Subject: [PATCH 1/3] Added page with monitoring instuctions --- content/en/docs/concepts/monitoring.md | 127 +++++++++++++++++++++++++ 1 file changed, 127 insertions(+) create mode 100644 content/en/docs/concepts/monitoring.md diff --git a/content/en/docs/concepts/monitoring.md b/content/en/docs/concepts/monitoring.md new file mode 100644 index 0000000..fd85c3d --- /dev/null +++ b/content/en/docs/concepts/monitoring.md @@ -0,0 +1,127 @@ +--- +title: "Monitoring" +draft: false +images: [] +weight: 750 +--- + +Package Operator exports metrics on the `/metrics` endpoint which can be used +to monitor PKO and packages. In order to monitor PKO monitoring stack including +[Prometheus](https://prometheus.io/) is required. This example will assume you +have Prometheus installed. + +## RBAC + +In order for the Prometheus instance to discover the PKO target it requires the +appropriate RBAC role to discover pods, services and endpoints within the PKO +namespace. The following is an example role with the necessary permissions: + +```yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: prometheus + namespace: package-operator-system +rules: +- apiGroups: + - "" + resources: + - services + - endpoints + - pods + verbs: + - get + - list + - watch +--- +# other YAML document +``` + +The following is an example rolebinding to add this role to the service account +for your Prometheus instance: + +```yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: prometheus + namespace: package-operator-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: prometheus +subjects: +- kind: ServiceAccount + name: + namespace: + +``` + +## Service and Pod Discovery + +Ensure your Prometheus instance is able to select service monitors and/or pod +monitors from the PKO namespace. For example, using the namespace selector +and the labels on the PKO service and pods: + +```yaml +podMonitorSelector: + matchLabels: + app.kubernetes.io/name: package-operator +podMonitorNamespaceSelector: + matchLabels: + kubernetes.io/metadata.name: package-operator-system +serviceMonitorSelector: + matchLabels: + app.kubernetes.io/name: package-operator +serviceMonitorNamespaceSelector: + matchLabels: + kubernetes.io/metadata.name: package-operator-system +``` + +### Service Monitopr + +Use the following service monitor to scrape metrics from PKO: + +```yaml +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + labels: + app.kubernetes.io/name: package-operator + name: package-operator + namespace: package-operator-system +spec: + endpoints: + - port: metrics + path: /metrics + namespaceSelector: + matchNames: + - package-operator-system + selector: + matchLabels: + app.kubernetes.io/name: package-operator +``` + +## Pod Monitor + +Alternatively, use a pod monitor to scrape metrics: + +```yaml +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + labels: + app.kubernetes.io/name: package-operator + name: package-operator + namespace: package-operator-system +spec: + selector: + matchLabels: + app.kubernetes.io/name: package-operator + namespaceSelector: + matchNames: + - package-operator-system + podMetricsEndpoints: + - port: metrics + path: /metrics +``` From 03592fb067857cf924ddbfa7070e6ffa0a4c92f0 Mon Sep 17 00:00:00 2001 From: Rob Shelly Date: Wed, 10 Jul 2024 16:44:25 +0100 Subject: [PATCH 2/3] Made changes suggested in PR --- content/en/docs/concepts/monitoring.md | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/content/en/docs/concepts/monitoring.md b/content/en/docs/concepts/monitoring.md index fd85c3d..7223b84 100644 --- a/content/en/docs/concepts/monitoring.md +++ b/content/en/docs/concepts/monitoring.md @@ -6,9 +6,11 @@ weight: 750 --- Package Operator exports metrics on the `/metrics` endpoint which can be used -to monitor PKO and packages. In order to monitor PKO monitoring stack including -[Prometheus](https://prometheus.io/) is required. This example will assume you -have Prometheus installed. +to monitor PKO and packages. These are exported by the +`package-operator-manager` pod. In order to monitor PKO a monitoring +stack including [Prometheus Operator]( +) +is required. This example will assume you have Prometheus installed. ## RBAC @@ -57,6 +59,9 @@ subjects: ``` +Prometheus must also be able to reach the `package-operator-manager` pod, +e.g. no NetworkPolicies blocking traffic. + ## Service and Pod Discovery Ensure your Prometheus instance is able to select service monitors and/or pod From 8bc55cd2fe542b143964d04ab4fe72c348deab0c Mon Sep 17 00:00:00 2001 From: Josh Gwosdz Date: Thu, 17 Apr 2025 18:31:11 +0200 Subject: [PATCH 3/3] Update content/en/docs/concepts/monitoring.md --- content/en/docs/concepts/monitoring.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/content/en/docs/concepts/monitoring.md b/content/en/docs/concepts/monitoring.md index 7223b84..521010e 100644 --- a/content/en/docs/concepts/monitoring.md +++ b/content/en/docs/concepts/monitoring.md @@ -8,9 +8,8 @@ weight: 750 Package Operator exports metrics on the `/metrics` endpoint which can be used to monitor PKO and packages. These are exported by the `package-operator-manager` pod. In order to monitor PKO a monitoring -stack including [Prometheus Operator]( -) -is required. This example will assume you have Prometheus installed. +stack including Prometheus is required. +This example will assume you have [Prometheus Operator]() installed. ## RBAC