Playbooks for installing Prometheus and Grafana on Kubernetes

Prerequisites

Before you run the playbook to install Prometheus and Grafana on Kubernetes, you need to ensure that you have already downloaded and installed kubectl and set up your client bundle. Two convenience playbooks have been provided to make this process easier.

The playbook playbooks/install-kubectl.yml installs a specific version of kubectl based on the settings in your group_vars/all/vars file.

The playbook playbooks/kube-prometheus.yml is used to deploy the Prometheus/Grafana stack on Kubernetes. It is a wrapper for a number of separate playbooks outlined below.

  • playbooks/kube-prometheus/operator.yml
  • playbooks/kube-prometheus/kube-state-metrics.yml
  • playbooks/kube-prometheus/node-exporter.yml
  • playbooks/kube-prometheus/monitors.yml
  • playbooks/kube-prometheus/prometheus.yml
  • playbooks/kube-prometheus/grafana.yml

You can choose not to install certain components by commenting out the appropriate line in the wrapper playbook.

Prometheus Operator

For more information on Prometheus Operator, see https://coreos.com/operators/prometheus/docs/latest/user-guides/getting-started.html.

The playbook playbooks/kube-prometheus/operator.yml installs the operator itself.

Kube state metrics

kube-state-metrics is a simple service that listens to the Kubernetes API server and generates metrics about the state of the objects. It is not focused on the health of the individual Kubernetes components, but rather on the health of the various objects inside, such as deployments, nodes and pods. For more information on kube-state-metrics, see https://github.com/kubernetes/kube-state-metrics.

The playbook playbooks/kube-prometheus/kube-state-metrics.yml installs kube-state-metrics on all UCP, DTR and Kubernetes worker nodes.

Node exporter

The node-exporter provides an overview of cluster node resources including CPU, memory and disk utilization and more. For more information on node-exporter, see https://github.com/prometheus/node_exporter.

The playbook playbooks/kube-prometheus/node-exporter.yml installs node-exporter as a set of Docker containers on all UCP, DTR and Kubernetes worker nodes. Port 9100 is opened in the firewall on each node where it is installed.

Monitors

While all the other Kubernetes components run on top of Kubernetes itself, kubelet and apiserver do not, and so they just need service monitors to access these metrics.

The playbook playbooks/kube-prometheus/monitors.yml installs Service Monitors for kubelet and apiserver.

cAdvisor

Support for cAdvisor is built-in to Kubernetes, so cAdvisor metrics will automatically be available within Prometheus, without any other configuration required.

Note: Because Docker EE provides a hosted version of Kubernetes, it is not possible to access metrics for kube-scheduler and kube-controller-manager.

Prometheus

For convenience, the playbook sets up a NodePort so that the Prometheus UI can be accessed on port 33090, as shown in the following code extract:

# kubectl -n monitoring patch svc prometheus-k8s --type='json' -p '[{"op":"replace","path":"/spec/type","value":"NodePort"}]'

# kubectl -n monitoring patch svc prometheus-k8s --type='json' -p '[{"op": "add", "path":"/spec/ports/0/nodePort", "value":33090}]'

On a production system, it is likely that you will want to remove this NodePort. The following code segment shows how you can use the patch command to remove the NodePort.

# kubectl -n monitoring patch svc prometheus-k8s --type='json' -p '[{"op": "remove", "path":"/spec/ports/0/nodePort"}]'

# kubectl -n monitoring patch svc prometheus-k8s --type='json' -p '[{"op": "remove", "path":"/spec/type"}]'

Grafana

For convenience, the playbook sets up a NodePort so that the Grafana UI can be access on the port 33030, as shown in the following code extract:

# kubectl -n monitoring patch svc grafana --type='json' -p '[{"op":"replace","path":"/spec/type", "value":"NodePort"}]'

# kubectl -n monitoring patch svc grafana --type='json' -p '[{"op": "add", "path":"/spec/ports/0/nodePort", "value":33030}]'

On a production system, it is likely that you will want to remove this NodePort. The following code segment shows how you can use the patch command to remove the NodePort.

# kubectl -n monitoring patch svc grafana --type='json' -p '[{"op": "remove", "path":"/spec/ports/0/nodePort"}]'

# kubectl -n monitoring patch svc grafana --type='json' -p '[{"op": "remove", "path":"/spec/type"}]'

Teardown

The playbook playbooks/kube-prometheus-teardown.yml removes the installed Prometheus\Grafana stack.