Fix/rancher performance (#34)

* chore: use release name for label Signed-off-by: Bruno Bressi <[email protected]> * chore: bumped to latest prom crds * chore: removed uneeded instruction in make chart The dependencies are already updated, no need to run the command again. * fix: removed pinned images The pinning of the images practically blocked the update of most components. * chore: removed unused value Signed-off-by: Bruno Bressi <[email protected]> * feat: added rancher-monitoring RBAC & smon This commit adds the necessary templates to be able to parse the rancher deployments metrics. The resources were copied from the official rancher-monitoring chart. The default behavior should be not to activate this monitoring, because the chart is typically deployed in downstream clusters, which don't have any rancher deployments. * chore: rc0 for 1.0.0 Signed-off-by: Bruno Bressi <[email protected]> * chore: rc1 for 1.0.0 Signed-off-by: Bruno Bressi <[email protected]> --------- Signed-off-by: Bruno Bressi <[email protected]>
caas-team · Jan 23, 2025 · 6859fa7 · 6859fa7
1 parent f065017
commit 6859fa7
Show file tree

Hide file tree

Showing 4 changed files with 64 additions and 3 deletions.
diff --git a/Chart.yaml b/Chart.yaml
@@ -3,7 +3,7 @@ annotations:
   catalog.cattle.io/display-name: CaaS Cluster Monitoring V3
 name: caas-cluster-monitoring
 description: A Helm chart for Rancher Cluster Monitoring V3
-version: "1.0.0-rc0"
+version: "1.0.0-rc1"
 appVersion: "68.1.1"
 icon: https://raw.githubusercontent.com/caas-team/caas-project-monitoring/main/logo.png
 keywords:

diff --git a/README.md b/README.md
@@ -59,13 +59,14 @@ The installation can be configured using the various parameters defined in the `
 | `caas.grafana.dashboards.rancherHome` | bool | `true` | whether to deploy the rancher home dashboard |
 | `caas.grafana.dashboards.rancherK8sComponents` | bool | `true` | whether to deploy the rancher k8s components dashboard |
 | `caas.grafana.dashboards.rancherNodes` | bool | `true` | whether to deploy the rancher nodes dashboard |
-| `caas.grafana.dashboards.rancherPerformance` | bool | `true` | whether to deploy the rancher performance dashboard |
+| `caas.grafana.dashboards.rancherPerformance` | bool | `false` | whether to deploy the rancher performance dashboard |
 | `caas.grafana.dashboards.rancherPods` | bool | `true` | whether to deploy the rancher pods dashboard |
 | `caas.grafana.dashboards.rancherWorkloads` | bool | `true` | whether to deploy the rancher workloads dashboard |
 | `caas.longhorn` | bool | `true` | whether a longhorn network egress policy is needed for longhorn monitoring |
 | `caas.nameOverride` | string | `""` |  |
 | `caas.namespaceOverride` | string | `""` | overrides the default namespace for caas related resources |
 | `caas.prometheusAuth` | bool | `true` | whether the cluster has Prometheus-Auth  installed |
+| `caas.rancherMonitoring.enabled` | bool | `false` |  |
 | `caas.rbac.enabled` | bool | `true` | create a namespaces ServiceAccount |
 | `caas.rbac.serviceAccount.create` | bool | `true` |  |
 | `caas.rbac.serviceAccount.name` | string | `"rancher-monitoring"` |  |

diff --git a/templates/exporters/rancher-monitoring.yaml b/templates/exporters/rancher-monitoring.yaml
@@ -0,0 +1,57 @@
+{{- if .Values.caas.rancherMonitoring.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: rancher
+  namespace: cattle-system
+  labels:
+    release: {{ .Release.Name }}
+spec:
+  endpoints:
+  - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
+    port: http
+    tlsConfig:
+      caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+      insecureSkipVerify: true
+      serverName: rancher
+    metricRelabelings:
+    {{ if .Values.global.cattle.clusterId }}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_id
+        replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName}}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_name
+        replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+  jobLabel: rancher
+  selector:
+    matchLabels:
+      app: rancher
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: rancher-metrics
+rules:
+- apiGroups:
+  - management.cattle.io
+  resources:
+  - ranchermetrics
+  verbs:
+  - get
+---
+apiVersion: rbac.authorization.k8s.io/v1   
+kind: ClusterRoleBinding                                                                                                                       
+metadata:                                                                                                                                      
+  name: rancher-metrics
+roleRef:                                         
+  apiGroup: rbac.authorization.k8s.io          
+  kind: ClusterRole                           
+  name: rancher-metrics
+subjects:
+  - kind: ServiceAccount
+    name: {{ .Release.Name }}
+    namespace: {{ .Release.Namespace }}
+{{- end }}
diff --git a/values.yaml b/values.yaml
@@ -17,6 +17,9 @@ caas:
   namespaceOverride: ""
   # -- whether the cluster has Prometheus-Auth  installed
   prometheusAuth: true
+  rancherMonitoring:
+    ## -- whether to monitor the rancher pod and fleet components metrics
+    enabled: false
   rbac:
     # -- create a namespaces ServiceAccount
     enabled: true
@@ -36,7 +39,7 @@ caas:
       # -- whether to deploy the rancher nodes dashboard
       rancherNodes: true
       # -- whether to deploy the rancher performance dashboard
-      rancherPerformance: true
+      rancherPerformance: false
       # -- whether to deploy the rancher pods dashboard
       rancherPods: true
       # -- whether to deploy the rancher workloads dashboard