Skip to content

Latest commit

 

History

History

AddonPolicyTemplate

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
AddonPolicyMetricsProfile.parameters.json
AddonPolicyMetricsProfile.parameters.json
 
 
AddonPolicyMetricsProfile.rules.json
AddonPolicyMetricsProfile.rules.json
 
 
README.md
README.md
 
 

README.md

You can create the policy definition using a command like :

az policy definition create --name "Prometheus Metrics addon" --display-name "Prometheus Metrics addon" --mode Indexed --metadata version=1.0.0 category=Kubernetes --rules ./AddonPolicyMetricsProfile.rules.json --params ./AddonPolicyMetricsProfile.parameters.json

NOTE

  • Please download all files under AddonPolicyTemplate folder before running the policy template.
  • After creating the policy definition through the above command, go to Azure portal -> Policy -> Definitions and select the definition you just created.
  • Click on 'Assign' and then go to the 'Parameters' tab and fill in the details. Then click 'Review + Create'.
  • Now that the policy is assigned to the subscription, whenever you create a new cluster which does not have Prometheus enabled, the policy will run and deploy the resources. If you want to apply the policy to existing AKS cluster, create a 'Remediation task' for that resource after going to the 'Policy Assignment'.
  • Now you should see metrics flowing in the existing linked Grafana resource(linked with the corresponding Azure Monitor Workspace).
  • You can also create a new Managed Grafana resource from Azure portal and link it with the corresponding Azure Monitor Workspace from the 'Linked Grafana Workspaces' tab under Azure Monitor Workspace. Please assign the role 'Monitoring Data Reader' to the Grafana MSI on the Azure Monitor Workspace resource so that it can read data for displaying the charts.
  • metricAnnotationsAllowList Comma-separated list of Kubernetes annotations keys that will be used in the resource' annotations metric. By default no annotations are collected. To include additional annotations provide a list of resource names in their plural form and Kubernetes annotation keys you would like to allow for them (Example: 'namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...)'. A single '' can be provided per resource instead to allow any annotations, but that has severe performance implications (Example: 'pods=[]')
  • metricLabelsAllowlist is a Comma-separated list of additional Kubernetes label keys that will be used in the resource' labels metric. By default the metric contains only name and namespace labels. To include additional labels provide a list of resource names in their plural form and Kubernetes label keys you would like to allow for them (Example: 'namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...)'. A single '' can be provided per resource instead to allow any labels, but that has severe performance implications (Example: 'pods=[]'). Additionally, an asterisk () can be provided as a key, which will resolve to all resources, i.e., assuming '--resources=deployments,pods', '=[]' will resolve to 'deployments=[],pods=[*]'