From 11ff5664a1ebbddf2725f03e109ff5086e84e3fc Mon Sep 17 00:00:00 2001 From: Markos Chandras Date: Tue, 16 Jun 2020 11:28:10 +0100 Subject: [PATCH] [bitnami/kube-state-metrics] Add missing validatingwebhookconfigurations collector (#2794) * [bitnami/kube-state-metrics] Add missing validatingwebhookconfigurations collector Commit 93a4afed8cd("[bitnami/kube-state-metrics] Add missing collectors") added more collectors but it missed the `validatingwebhookconfigurations` one. So lets add it to the list to achieve parity with the upstream capabilities. * [bitnami/kube-state-metrics] Update components versions Signed-off-by: Bitnami Containers Co-authored-by: Bitnami Containers --- bitnami/kube-state-metrics/Chart.yaml | 2 +- bitnami/kube-state-metrics/README.md | 179 +++++++++--------- .../templates/clusterrole.yaml | 6 + .../templates/deployment.yaml | 3 + .../kube-state-metrics/values-production.yaml | 3 +- bitnami/kube-state-metrics/values.yaml | 3 +- 6 files changed, 104 insertions(+), 92 deletions(-) diff --git a/bitnami/kube-state-metrics/Chart.yaml b/bitnami/kube-state-metrics/Chart.yaml index e2eb9feaff..c9764deb82 100644 --- a/bitnami/kube-state-metrics/Chart.yaml +++ b/bitnami/kube-state-metrics/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: 1.9.7 description: kube-state-metrics is a simple service that listens to the Kubernetes API server and generates metrics about the state of the objects. name: kube-state-metrics -version: 0.3.2 +version: 0.4.0 keywords: - prometheus - kube-state-metrics diff --git a/bitnami/kube-state-metrics/README.md b/bitnami/kube-state-metrics/README.md index dbe81309ac..687371669b 100644 --- a/bitnami/kube-state-metrics/README.md +++ b/bitnami/kube-state-metrics/README.md @@ -50,95 +50,96 @@ The command removes all the Kubernetes components associated with the chart and The following table lists the configurable parameters of the kube-state-metrics chart and their default values. -| Parameter | Description | Default | -|--------------------------------------------|---------------------------------------------------------------------------------------------------------------|------------------------------------------------------------| -| `global.imageRegistry` | Global Docker image registry | `nil` | -| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | -| `global.storageClass` | Global storage class for dynamic provisioning | `nil` | -| `global.labels` | Additional labels to apply to all resources | `{}` | -| `nameOverride` | String to partially override `kube-state-metrics.name` template with a string (will prepend the release name) | `nil` | -| `fullnameOverride` | String to fully override `kube-state-metrics.fullname` template with a string | `nil` | -| `rbac.create` | Whether to create & use RBAC resources or not | `true` | -| `rbac.apiVersion` | Version of the RBAC API | `v1beta1` | -| `rbac.pspEnabled` | PodSecurityPolicy | `true` | -| `serviceAccount.create` | Specify whether to create a ServiceAccount for kube-state-metrics | `true` | -| `serviceAccount.name` | The name of the ServiceAccount to create | Generated using the `kube-state-metrics.fullname` template | -| `image.registry` | kube-state-metrics image registry | `docker.io` | -| `image.repository` | kube-state-metrics Image name | `bitnami/kube-state-metrics` | -| `image.tag` | kube-state-metrics Image tag | `{TAG_NAME}` | -| `image.pullPolicy` | kube-state-metrics image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | -| `extraArgs` | Additional command line arguments to pass to kube-state-metrics | `{}` | -| `namespace` | Comma-separated list of namespaces to be enabled. Defaults to all namespaces | `` | -| `collectors.certificatesigningrequests` | Enable the `certificatesigningrequests` collector | `true` | -| `collectors.configmaps` | Enable the `configmaps` collector | `true` | -| `collectors.cronjobs` | Enable the `cronjobs` collector | `true` | -| `collectors.daemonsets` | Enable the `daemonsets` collector | `true` | -| `collectors.deployments` | Enable the `deployments` collector | `true` | -| `collectors.endpoints` | Enable the `endpoints` collector | `true` | -| `collectors.horizontalpodautoscalers` | Enable the `horizontalpodautoscalers` collector | `true` | -| `collectors.ingresses` | Enable the `ingresses` collector | `true` | -| `collectors.jobs` | Enable the `jobs` collector | `true` | -| `collectors.limitranges` | Enable the `limitranges` collector | `true` | -| `collectors.mutatingwebhookconfigurations` | Enable the `mutatingwebhookconfigurations` collector | `true` | -| `collectors.namespaces` | Enable the `namespaces` collector | `true` | -| `collectors.networkpolicies` | Enable the `networkpolicies` collector | `true` | -| `collectors.nodes` | Enable the `nodes` collector | `true` | -| `collectors.persistentvolumeclaims` | Enable the `persistentvolumeclaims` collector | `true` | -| `collectors.persistentvolumes` | Enable the `persistentvolumes` collector | `true` | -| `collectors.poddisruptionbudgets` | Enable the `poddisruptionbudgets` collector | `true` | -| `collectors.pods` | Enable the `pods` collector | `true` | -| `collectors.replicasets` | Enable the `replicasets` collector | `true` | -| `collectors.replicationcontrollers` | Enable the `replicationcontrollers` collector | `true` | -| `collectors.resourcequotas` | Enable the `resourcequotas` collector | `true` | -| `collectors.secrets` | Enable the `secrets` collector | `true` | -| `collectors.services` | Enable the `services` collector | `true` | -| `collectors.statefulsets` | Enable the `statefulsets` collector | `true` | -| `collectors.storageclasses` | Enable the `storageclasses` collector | `true` | -| `collectors.verticalpodautoscalers` | Enable the `verticalpodautoscalers` collector | `false` | -| `collectors.volumeattachments` | Enable the `volumeattachments` collector | `true` | -| `securityContext.enabled` | Enable security context | `true` | -| `securityContext.runAsUser` | User ID for the container | `1001` | -| `securityContext.fsGroup` | Group ID for the container filesystem | `1001` | -| `service.type` | Kubernetes service type | `ClusterIP` | -| `service.port` | kube-state-metrics service port | `8080` | -| `service.clusterIP` | Specific cluster IP when service type is cluster IP. Use `None` for headless service | `nil` | -| `service.nodePort` | Kubernetes Service nodePort | `nil` | -| `service.loadBalancerIP` | `loadBalancerIP` if service type is `LoadBalancer` | `nil` | -| `service.loadBalancerSourceRanges` | Address that are allowed when svc is `LoadBalancer` | `[]` | -| `service.annotations` | Additional annotations for kube-state-metrics service | `{}` | -| `service.labels` | Additional labels for kube-state-metrics service | `{}` | -| `hostNetwork` | Expose the service to the host network | `true` | -| `priorityClassName` | Priority class assigned to the Pods | `nil` | -| `resources` | Resource requests/limit | `{}` | -| `replicaCount` | Desired number of controller pods | `1` | -| `podLabels` | Pod labels | `{}` | -| `podAnnotations` | Pod annotations | `{}` | -| `updateStrategy` | Allows setting of `RollingUpdate` strategy | `{}` | -| `minReadySeconds` | How many seconds a pod needs to be ready before killing the next, during update | `0` | -| `affinity` | Map of node/pod affinities | `{} (The value is evaluated as a template)` | -| `nodeSelector` | Node labels for pod assignment (this value is evaluated as a template) | `{} (The value is evaluated as a template)` | -| `tolerations` | List of node taints to tolerate (this value is evaluated as a template) | `[] (The value is evaluated as a template)` | -| `livenessProbe.enabled` | Turn on and off liveness probe | `true` | -| `livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `120` | -| `livenessProbe.periodSeconds` | How often to perform the probe | `10` | -| `livenessProbe.timeoutSeconds` | When the probe times out | `5` | -| `livenessProbe.failureThreshold` | Minimum consecutive failures for the probe | `6` | -| `livenessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | -| `readinessProbe.enabled` | Turn on and off readiness probe | `true` | -| `readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` | -| `readinessProbe.periodSeconds` | How often to perform the probe | `10` | -| `readinessProbe.timeoutSeconds` | When the probe times out | `5` | -| `readinessProbe.failureThreshold` | Minimum consecutive failures for the probe | `6` | -| `readinessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | -| `serviceMonitor.enabled` | Creates a ServiceMonitor to monitor kube-state-metrics | `false` | -| `serviceMonitor.namespace` | Namespace in which Prometheus is running | `nil` | -| `serviceMonitor.interval` | Scrape interval (use by default, falling back to Prometheus' default) | `nil` | -| `serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `nil` | -| `serviceMonitor.selector` | ServiceMonitor selector labels | `[]` | -| `serviceMonitor.honorLabels` | Honor metrics labels | `false` | -| `serviceMonitor.relabelings` | ServiceMonitor relabelings | `[]` | -| `serviceMonitor.metricRelabelings` | ServiceMonitor metricRelabelings | `[]` | +| Parameter | Description | Default | +|----------------------------------------------|---------------------------------------------------------------------------------------------------------------|------------------------------------------------------------| +| `global.imageRegistry` | Global Docker image registry | `nil` | +| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | +| `global.storageClass` | Global storage class for dynamic provisioning | `nil` | +| `global.labels` | Additional labels to apply to all resources | `{}` | +| `nameOverride` | String to partially override `kube-state-metrics.name` template with a string (will prepend the release name) | `nil` | +| `fullnameOverride` | String to fully override `kube-state-metrics.fullname` template with a string | `nil` | +| `rbac.create` | Whether to create & use RBAC resources or not | `true` | +| `rbac.apiVersion` | Version of the RBAC API | `v1beta1` | +| `rbac.pspEnabled` | PodSecurityPolicy | `true` | +| `serviceAccount.create` | Specify whether to create a ServiceAccount for kube-state-metrics | `true` | +| `serviceAccount.name` | The name of the ServiceAccount to create | Generated using the `kube-state-metrics.fullname` template | +| `image.registry` | kube-state-metrics image registry | `docker.io` | +| `image.repository` | kube-state-metrics Image name | `bitnami/kube-state-metrics` | +| `image.tag` | kube-state-metrics Image tag | `{TAG_NAME}` | +| `image.pullPolicy` | kube-state-metrics image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | +| `extraArgs` | Additional command line arguments to pass to kube-state-metrics | `{}` | +| `namespace` | Comma-separated list of namespaces to be enabled. Defaults to all namespaces | `` | +| `collectors.certificatesigningrequests` | Enable the `certificatesigningrequests` collector | `true` | +| `collectors.configmaps` | Enable the `configmaps` collector | `true` | +| `collectors.cronjobs` | Enable the `cronjobs` collector | `true` | +| `collectors.daemonsets` | Enable the `daemonsets` collector | `true` | +| `collectors.deployments` | Enable the `deployments` collector | `true` | +| `collectors.endpoints` | Enable the `endpoints` collector | `true` | +| `collectors.horizontalpodautoscalers` | Enable the `horizontalpodautoscalers` collector | `true` | +| `collectors.ingresses` | Enable the `ingresses` collector | `true` | +| `collectors.jobs` | Enable the `jobs` collector | `true` | +| `collectors.limitranges` | Enable the `limitranges` collector | `true` | +| `collectors.mutatingwebhookconfigurations` | Enable the `mutatingwebhookconfigurations` collector | `true` | +| `collectors.namespaces` | Enable the `namespaces` collector | `true` | +| `collectors.networkpolicies` | Enable the `networkpolicies` collector | `true` | +| `collectors.nodes` | Enable the `nodes` collector | `true` | +| `collectors.persistentvolumeclaims` | Enable the `persistentvolumeclaims` collector | `true` | +| `collectors.persistentvolumes` | Enable the `persistentvolumes` collector | `true` | +| `collectors.poddisruptionbudgets` | Enable the `poddisruptionbudgets` collector | `true` | +| `collectors.pods` | Enable the `pods` collector | `true` | +| `collectors.replicasets` | Enable the `replicasets` collector | `true` | +| `collectors.replicationcontrollers` | Enable the `replicationcontrollers` collector | `true` | +| `collectors.resourcequotas` | Enable the `resourcequotas` collector | `true` | +| `collectors.secrets` | Enable the `secrets` collector | `true` | +| `collectors.services` | Enable the `services` collector | `true` | +| `collectors.statefulsets` | Enable the `statefulsets` collector | `true` | +| `collectors.storageclasses` | Enable the `storageclasses` collector | `true` | +| `collectors.verticalpodautoscalers` | Enable the `verticalpodautoscalers` collector | `false` | +| `collectors.validatingwebhookconfigurations` | Enable the `validatingwebhookconfigurations` collector | `false` | +| `collectors.volumeattachments` | Enable the `volumeattachments` collector | `true` | +| `securityContext.enabled` | Enable security context | `true` | +| `securityContext.runAsUser` | User ID for the container | `1001` | +| `securityContext.fsGroup` | Group ID for the container filesystem | `1001` | +| `service.type` | Kubernetes service type | `ClusterIP` | +| `service.port` | kube-state-metrics service port | `8080` | +| `service.clusterIP` | Specific cluster IP when service type is cluster IP. Use `None` for headless service | `nil` | +| `service.nodePort` | Kubernetes Service nodePort | `nil` | +| `service.loadBalancerIP` | `loadBalancerIP` if service type is `LoadBalancer` | `nil` | +| `service.loadBalancerSourceRanges` | Address that are allowed when svc is `LoadBalancer` | `[]` | +| `service.annotations` | Additional annotations for kube-state-metrics service | `{}` | +| `service.labels` | Additional labels for kube-state-metrics service | `{}` | +| `hostNetwork` | Expose the service to the host network | `true` | +| `priorityClassName` | Priority class assigned to the Pods | `nil` | +| `resources` | Resource requests/limit | `{}` | +| `replicaCount` | Desired number of controller pods | `1` | +| `podLabels` | Pod labels | `{}` | +| `podAnnotations` | Pod annotations | `{}` | +| `updateStrategy` | Allows setting of `RollingUpdate` strategy | `{}` | +| `minReadySeconds` | How many seconds a pod needs to be ready before killing the next, during update | `0` | +| `affinity` | Map of node/pod affinities | `{} (The value is evaluated as a template)` | +| `nodeSelector` | Node labels for pod assignment (this value is evaluated as a template) | `{} (The value is evaluated as a template)` | +| `tolerations` | List of node taints to tolerate (this value is evaluated as a template) | `[] (The value is evaluated as a template)` | +| `livenessProbe.enabled` | Turn on and off liveness probe | `true` | +| `livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `120` | +| `livenessProbe.periodSeconds` | How often to perform the probe | `10` | +| `livenessProbe.timeoutSeconds` | When the probe times out | `5` | +| `livenessProbe.failureThreshold` | Minimum consecutive failures for the probe | `6` | +| `livenessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | +| `readinessProbe.enabled` | Turn on and off readiness probe | `true` | +| `readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` | +| `readinessProbe.periodSeconds` | How often to perform the probe | `10` | +| `readinessProbe.timeoutSeconds` | When the probe times out | `5` | +| `readinessProbe.failureThreshold` | Minimum consecutive failures for the probe | `6` | +| `readinessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | +| `serviceMonitor.enabled` | Creates a ServiceMonitor to monitor kube-state-metrics | `false` | +| `serviceMonitor.namespace` | Namespace in which Prometheus is running | `nil` | +| `serviceMonitor.interval` | Scrape interval (use by default, falling back to Prometheus' default) | `nil` | +| `serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `nil` | +| `serviceMonitor.selector` | ServiceMonitor selector labels | `[]` | +| `serviceMonitor.honorLabels` | Honor metrics labels | `false` | +| `serviceMonitor.relabelings` | ServiceMonitor relabelings | `[]` | +| `serviceMonitor.metricRelabelings` | ServiceMonitor metricRelabelings | `[]` | Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example the following command sets the `replicas` of the kube-state-metrics Pods to `2`. diff --git a/bitnami/kube-state-metrics/templates/clusterrole.yaml b/bitnami/kube-state-metrics/templates/clusterrole.yaml index ade82b1286..3b18475cc6 100644 --- a/bitnami/kube-state-metrics/templates/clusterrole.yaml +++ b/bitnami/kube-state-metrics/templates/clusterrole.yaml @@ -161,6 +161,12 @@ rules: - verticalpodautoscalers verbs: ["list", "watch"] {{- end }} + {{- if .Values.collectors.validatingwebhookconfigurations }} + - apiGroups: ["admissionregistration.k8s.io"] + resources: + - validatingwebhookconfigurations + verbs: ["list", "watch"] + {{- end }} {{- if .Values.collectors.volumeattachments }} - apiGroups: ["storage.k8s.io"] resources: diff --git a/bitnami/kube-state-metrics/templates/deployment.yaml b/bitnami/kube-state-metrics/templates/deployment.yaml index 2a9a8e381b..c974661dc3 100644 --- a/bitnami/kube-state-metrics/templates/deployment.yaml +++ b/bitnami/kube-state-metrics/templates/deployment.yaml @@ -113,6 +113,9 @@ spec: {{- if .Values.collectors.verticalpodautoscalers }} - --collectors=verticalpodautoscalers {{- end }} + {{- if .Values.collectors.validatingwebhookconfigurations }} + - --collectors=validatingwebhookconfigurations + {{- end }} {{- if .Values.collectors.volumeattachments }} - --collectors=volumeattachments {{- end }} diff --git a/bitnami/kube-state-metrics/values-production.yaml b/bitnami/kube-state-metrics/values-production.yaml index 64e836f4cd..7cd600f242 100644 --- a/bitnami/kube-state-metrics/values-production.yaml +++ b/bitnami/kube-state-metrics/values-production.yaml @@ -51,7 +51,7 @@ serviceAccount: image: registry: docker.io repository: bitnami/kube-state-metrics - tag: 1.9.7-debian-10-r7 + tag: 1.9.7-debian-10-r13 ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -99,6 +99,7 @@ collectors: statefulsets: true storageclasses: true verticalpodautoscalers: false + validatingwebhookconfigurations: false volumeattachments: true ## SecurityContext configuration diff --git a/bitnami/kube-state-metrics/values.yaml b/bitnami/kube-state-metrics/values.yaml index 404096da7a..ed9da57268 100644 --- a/bitnami/kube-state-metrics/values.yaml +++ b/bitnami/kube-state-metrics/values.yaml @@ -51,7 +51,7 @@ serviceAccount: image: registry: docker.io repository: bitnami/kube-state-metrics - tag: 1.9.7-debian-10-r7 + tag: 1.9.7-debian-10-r13 ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -99,6 +99,7 @@ collectors: statefulsets: true storageclasses: true verticalpodautoscalers: false + validatingwebhookconfigurations: false volumeattachments: true ## SecurityContext configuration