Kustomize
Installing Crunchy Postgres for Kubernetes Monitoring Using Kustomize
This section provides instructions for installing and configuring Crunchy Postgres for Kubernetes Monitoring using Kustomize.
Prerequisites
First, go to GitHub and fork the Postgres Operator examples repository, which contains the Monitoring Kustomize installer.
https://github.com/CrunchyData/postgres-operator-examples/fork
Once you have forked this repo, you can download it to your working environment with a command similar to this:
YOUR_GITHUB_UN="$YOUR_GITHUB_USERNAME"
git clone --depth 1 "git@github.com:${YOUR_GITHUB_UN}/postgres-operator-examples.git"
cd postgres-operator-examples
To add the Crunchy Postgres Exporter sidecar to your cluster, open the kustomize/postgres/postgres.yaml file and add the following YAML to the spec:
monitoring:
pgmonitor:
exporter:
image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres-exporter:ubi8-5.3.7-0
The Monitoring project is located in the kustomize/monitoring directory.
Configuration
While the default Kustomize install should work in most Kubernetes environments, it may be necessary to further customize the project according to your specific needs.
For instance, by default fsGroup is set to 26 for the securityContext defined for the various Deployments comprising the Monitoring stack:
securityContext:
fsGroup: 26
In most Kubernetes environments this setting is needed to ensure processes within the container have the permissions needed to write to any volumes mounted to each of the Pods comprising the Monitoring stack. However, when installing in an OpenShift environment (and more specifically when using the restricted Security Context Constraint), the fsGroup setting should be removed since OpenShift will automatically handle setting the proper fsGroup within the Pod's securityContext.
Additionally, within this same section it may also be necessary to modify the supplementalGroups setting according to your specific storage configuration:
securityContext:
supplementalGroups: 65534
Therefore, the following files (located under kustomize/monitoring) should be modified and/or patched (e.g. using additional overlays) as needed to ensure the securityContext is properly defined for your Kubernetes environment:
deploy-alertmanager.yamldeploy-grafana.yamldeploy-prometheus.yaml
Those files should also be modified to set appropriate constraints on compute resources for the Grafana, Prometheus and/or AlertManager deployments. And to modify the configuration for the various storage resources (i.e. PersistentVolumeClaims) created by the Monitoring installer, the kustomize/monitoring/pvcs.yaml file can also be modified.
Additionally, it is also possible to further customize the configuration for the various components comprising the Monitoring stack (Grafana, Prometheus and/or AlertManager) by modifying the following configuration resources:
alertmanager-config.yamlalertmanager-rules-config.yamlgrafana-datasources.yamlprometheus-config.yaml
Finally, please note that the default username and password for Grafana can be updated by modifying the Grafana Secret in file kustomize/monitoring/grafana-secret.yaml. If not updated, the configured defaults for the username and password will be admin:admin and should be updated immediately.
Install
Once the Kustomize project has been modified according to your specific needs, Monitoring can then be installed using kubectl and Kustomize:
kubectl apply -k kustomize/monitoring
Once installed, a simple way to immediately access the various Monitoring stack components is by using the kubectl port-forward command. For example, to access the Grafana dashboards, you would use a command similar to
kubectl -n postgres-operator port-forward service/crunchy-grafana 3000:3000
and then login via a web browser pointed to localhost:3000.
Uninstall
And similarly, once Monitoring has been installed, it can uninstalled using kubectl and Kustomize:
kubectl delete -k kustomize/monitoring
Further Information
For further information about monitoring features, see our tutorial.