feat(k8s/amour/kube-system): monitor kube-controller-manager and kube-scheduler

uhthomas · uhthomas · commit 7c3e6c03ecdd · 2024-07-30T16:34:42.000+01:00
This also required changing the `bind-address` for both of them in Talos to 0.0.0.0. Fixes: #222
diff --git a/k8s/amour/kube_system/BUILD.bazel b/k8s/amour/kube_system/BUILD.bazel
@@ -5,6 +5,7 @@ cue_library(
     srcs = [
         "list.cue",
         "namespace_list.cue",
+        "service_list.cue",
         "vm_service_scrape_list.cue",
     ],
     importpath = "github.com/uhthomas/automata/k8s/amour/kube_system",
diff --git a/k8s/amour/kube_system/list.cue b/k8s/amour/kube_system/list.cue
@@ -18,5 +18,6 @@ import (
 
 _items: [
 	#NamespaceList.items,
+	#ServiceList.items,
 	#VMServiceScrapeList.items,
 ]
diff --git a/k8s/amour/kube_system/vm_service_scrape_list.cue b/k8s/amour/kube_system/vm_service_scrape_list.cue
@@ -23,4 +23,34 @@ import "k8s.io/api/core/v1"
 		}]
 		selector: matchLabels: "kubernetes.io/name": "CoreDNS"
 	}
+}, {
+	metadata: name: "kube-controller-manager"
+	spec: {
+		jobLabel: "app.kubernetes.io/name"
+		endpoints: [{
+			port:   "metrics"
+			scheme: "https"
+			tlsConfig: {
+				caFile:             "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt"
+				insecureSkipVerify: true
+			}
+			bearerTokenFile: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+		}]
+		selector: matchLabels: "app.kubernetes.io/name": metadata.name
+	}
+}, {
+	metadata: name: "kube-scheduler"
+	spec: {
+		jobLabel: "app.kubernetes.io/name"
+		endpoints: [{
+			port:   "metrics"
+			scheme: "https"
+			tlsConfig: {
+				caFile:             "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt"
+				insecureSkipVerify: true
+			}
+			bearerTokenFile: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+		}]
+		selector: matchLabels: "app.kubernetes.io/name": metadata.name
+	}
 }]
diff --git a/k8s/amour/list.cue b/k8s/amour/list.cue
@@ -67,9 +67,9 @@ _#KindWeight: {
 })
 
 _items: [
-	// amour.#ApplySetList.items,
-	// amour.#ClusterSecretStoreList.items,
-	// amour.#CustomResourceDefinitionList.items,
+	amour.#ApplySetList.items,
+	amour.#ClusterSecretStoreList.items,
+	amour.#CustomResourceDefinitionList.items,
 	backup.#List.items,
 	cert_manager_csi_driver.#List.items,
 	cert_manager.#List.items,

Original file line number	Diff line number	Diff line change
`@@ -18,5 +18,6 @@ import (`
`18`	`18`
`19`	`19`	`_items: [`
`20`	`20`	`#NamespaceList.items,`
	`21`	`+ #ServiceList.items,`
`21`	`22`	`#VMServiceScrapeList.items,`
`22`	`23`	`]`