-
Notifications
You must be signed in to change notification settings - Fork 0
/
opencost.yaml
179 lines (172 loc) · 3.64 KB
/
opencost.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
# <https://www.opencost.io/docs/>
---
# The namespace opencost will run in
apiVersion: v1
kind: Namespace
metadata:
name: nirmata-opencost
---
# Service account for permissions
apiVersion: v1
kind: ServiceAccount
metadata:
name: opencost
---
# Cluster role giving opencost to get, list, watch required recources
# No write permissions are required
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: opencost
rules:
- apiGroups:
- ''
resources:
- configmaps
- deployments
- nodes
- pods
- services
- resourcequotas
- replicationcontrollers
- limitranges
- persistentvolumeclaims
- persistentvolumes
- namespaces
- endpoints
verbs:
- get
- list
- watch
- apiGroups:
- extensions
resources:
- daemonsets
- deployments
- replicasets
verbs:
- get
- list
- watch
- apiGroups:
- apps
resources:
- statefulsets
- deployments
- daemonsets
- replicasets
verbs:
- list
- watch
- apiGroups:
- batch
resources:
- cronjobs
- jobs
verbs:
- get
- list
- watch
- apiGroups:
- autoscaling
resources:
- horizontalpodautoscalers
verbs:
- get
- list
- watch
- apiGroups:
- policy
resources:
- poddisruptionbudgets
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- storageclasses
verbs:
- get
- list
- watch
---
# Bind the role to the service account
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: opencost
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: opencost
subjects:
- kind: ServiceAccount
name: opencost
namespace: nirmata-opencost
---
# Create a deployment for a single cost model pod
#
# See environment variables if you would like to add a Prometheus for
# cost model to read from for full functionality.
apiVersion: apps/v1
kind: Deployment
metadata:
name: opencost
labels:
app: opencost
spec:
replicas: 1
selector:
matchLabels:
app: opencost
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 1
type: RollingUpdate
template:
metadata:
labels:
app: opencost
spec:
restartPolicy: Always
serviceAccountName: opencost
containers:
- image: quay.io/kubecost1/kubecost-cost-model:latest
name: opencost
resources:
requests:
cpu: "10m"
memory: "55M"
limits:
cpu: "999m"
memory: "1G"
env:
- name: PROMETHEUS_SERVER_ENDPOINT
value: "http://my-prometheus-server.prometheus.svc" # The endpoint should have the form http://<service-name>.<namespace-name>.svc
- name: CLOUD_PROVIDER_API_KEY
value: "AIzaSyD29bGxmHAVEOBYtgd8sYM2gM2ekfxQX4U" # The GCP Pricing API requires a key. This is supplied just for evaluation.
- name: CLUSTER_ID
value: "cluster-one" # Default cluster ID to use if cluster_id is not set in Prometheus metrics.
imagePullPolicy: Always
---
# Expose the cost model with a service
#
# Without a Prometheus endpoint configured in the deployment,
# only opencost/metrics will have useful data as it is intended
# to be used as just an exporter.
kind: Service
apiVersion: v1
metadata:
name: opencost
spec:
selector:
app: opencost
type: ClusterIP
ports:
- name: opencost
port: 9003
targetPort: 9003
---