Remove thanos bitnami chart.
This commit is contained in:
parent
3541923467
commit
4268a6fb8d
6 changed files with 134 additions and 122 deletions
|
@ -1,31 +0,0 @@
|
|||
---
|
||||
# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json
|
||||
apiVersion: external-secrets.io/v1beta1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: thanos
|
||||
namespace: monitoring
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: onepassword-connect
|
||||
target:
|
||||
name: thanos-s3-secret
|
||||
creationPolicy: Owner
|
||||
template:
|
||||
engineVersion: v2
|
||||
data:
|
||||
objstore.yml: |-
|
||||
type: s3
|
||||
config:
|
||||
access_key: {{ .s3_thanos_access_key }}
|
||||
bucket: {{ .s3_thanos_bucket_name }}
|
||||
endpoint: {{ .s3_homelab_endpoint }}
|
||||
secret_key: {{ .s3_thanos_secret_key }}
|
||||
dataFrom:
|
||||
- extract:
|
||||
key: Minio
|
||||
rewrite:
|
||||
- regexp:
|
||||
source: "(.*)"
|
||||
target: "s3_$1"
|
|
@ -10,10 +10,10 @@ spec:
|
|||
chart:
|
||||
spec:
|
||||
chart: thanos
|
||||
version: 14.0.2
|
||||
version: 1.16.2
|
||||
sourceRef:
|
||||
kind: HelmRepository
|
||||
name: bitnami
|
||||
name: stevehipwell
|
||||
namespace: flux-system
|
||||
install:
|
||||
remediation:
|
||||
|
@ -21,9 +21,8 @@ spec:
|
|||
upgrade:
|
||||
cleanupOnFail: true
|
||||
remediation:
|
||||
strategy: rollback
|
||||
retries: 3
|
||||
uninstall:
|
||||
keepHistory: false
|
||||
dependsOn:
|
||||
- name: openebs
|
||||
namespace: openebs-system
|
||||
|
@ -31,101 +30,99 @@ spec:
|
|||
namespace: dragonfly-operator-system
|
||||
- name: rook-ceph-cluster
|
||||
namespace: rook-ceph
|
||||
valuesFrom:
|
||||
- targetPath: objstoreConfig.value.config.bucket
|
||||
kind: ConfigMap
|
||||
name: thanos-bucket
|
||||
valuesKey: BUCKET_NAME
|
||||
- targetPath: objstoreConfig.value.config.endpoint
|
||||
kind: ConfigMap
|
||||
name: thanos-bucket
|
||||
valuesKey: BUCKET_HOST
|
||||
- targetPath: objstoreConfig.value.config.region
|
||||
kind: ConfigMap
|
||||
name: thanos-bucket
|
||||
valuesKey: BUCKET_REGION
|
||||
- targetPath: objstoreConfig.value.config.access_key
|
||||
kind: Secret
|
||||
name: thanos-bucket
|
||||
valuesKey: AWS_ACCESS_KEY_ID
|
||||
- targetPath: objstoreConfig.value.config.secret_key
|
||||
kind: Secret
|
||||
name: thanos-bucket
|
||||
valuesKey: AWS_SECRET_ACCESS_KEY
|
||||
values:
|
||||
existingObjstoreSecret: thanos-s3-secret
|
||||
image:
|
||||
registry: quay.io
|
||||
repository: thanos/thanos
|
||||
tag: v0.34.1
|
||||
objstoreConfig:
|
||||
type: s3
|
||||
config:
|
||||
insecure: true
|
||||
receive:
|
||||
enabled: false
|
||||
networkPolicy:
|
||||
enabled: false
|
||||
queryFrontend:
|
||||
enabled: true
|
||||
replicaCount: 2
|
||||
config: &config |-
|
||||
type: REDIS
|
||||
value:
|
||||
type: s3
|
||||
config:
|
||||
addr: dragonfly.database.svc.cluster.local:6379
|
||||
db: 2
|
||||
ingress:
|
||||
enabled: true
|
||||
ingressClassName: internal-nginx
|
||||
hostname: &host thanos-query-frontend.jahanson.tech
|
||||
tls: true
|
||||
extraTls:
|
||||
- hosts:
|
||||
- *host
|
||||
networkPolicy:
|
||||
enabled: false
|
||||
query:
|
||||
insecure: true
|
||||
additionalEndpoints:
|
||||
- dnssrv+_grpc._tcp.kube-prometheus-stack-thanos-discovery.observability.svc.cluster.local
|
||||
additionalReplicaLabels: ["__replica__"]
|
||||
serviceMonitor:
|
||||
enabled: true
|
||||
replicaCount: 2
|
||||
replicaLabel: ["__replica__"]
|
||||
dnsDiscovery:
|
||||
sidecarsService: kube-prometheus-stack-thanos-discovery
|
||||
sidecarsNamespace: observability
|
||||
stores: ["thanos.jahanson.tech:10901"]
|
||||
networkPolicy:
|
||||
enabled: false
|
||||
bucketweb:
|
||||
compact:
|
||||
enabled: true
|
||||
replicaCount: 2
|
||||
networkPolicy:
|
||||
enabled: false
|
||||
compactor:
|
||||
enabled: true
|
||||
extraFlags:
|
||||
extraArgs:
|
||||
- --compact.concurrency=4
|
||||
- --delete-delay=30m
|
||||
retentionResolutionRaw: 14d
|
||||
retentionResolution5m: 30d
|
||||
retentionResolution1h: 60d
|
||||
persistence:
|
||||
- --retention.resolution-raw=14d
|
||||
- --retention.resolution-5m=30d
|
||||
- --retention.resolution-1h=60d
|
||||
persistence: &persistence
|
||||
enabled: true
|
||||
storageClass: openebs-hostpath
|
||||
size: 10Gi
|
||||
networkPolicy:
|
||||
enabled: false
|
||||
storegateway:
|
||||
query:
|
||||
replicas: 2
|
||||
extraArgs: ["--alert.query-url=https://thanos.hsn.dev"]
|
||||
additionalStores: ["thanos.turbo.ac:10901"]
|
||||
queryFrontend:
|
||||
enabled: true
|
||||
replicaCount: 2
|
||||
config: *config
|
||||
persistence:
|
||||
replicas: 2
|
||||
extraEnv: &extraEnv
|
||||
- name: THANOS_CACHE_CONFIG
|
||||
valueFrom:
|
||||
configMapKeyRef:
|
||||
name: &configMap thanos-cache-configmap
|
||||
key: cache.yaml
|
||||
extraArgs: ["--query-range.response-cache-config=$(THANOS_CACHE_CONFIG)"]
|
||||
ingress:
|
||||
enabled: true
|
||||
storageClass: openebs-hostpath
|
||||
size: 10Gi
|
||||
networkPolicy:
|
||||
enabled: false
|
||||
ruler:
|
||||
ingressClassName: internal
|
||||
hosts:
|
||||
- &host thanos.hsn.dev
|
||||
tls:
|
||||
- hosts: [*host]
|
||||
podAnnotations: &podAnnotations
|
||||
configmap.reloader.stakater.com/reload: *configMap
|
||||
rule:
|
||||
enabled: true
|
||||
replicaCount: 2
|
||||
replicaLabel: __replica__
|
||||
alertmanagers: ["http://alertmanager-operated.observability.svc.cluster.local:9093"]
|
||||
extraFlags: ["--web.prefix-header=X-Forwarded-Prefix"]
|
||||
config: |-
|
||||
groups:
|
||||
- name: PrometheusWatcher
|
||||
rules:
|
||||
- alert: PrometheusDown
|
||||
annotations:
|
||||
summary: A Prometheus has disappeared from Prometheus target discovery
|
||||
expr: absent(up{job="kube-prometheus-stack-prometheus"})
|
||||
for: 5m
|
||||
labels:
|
||||
severity: critical
|
||||
persistence:
|
||||
enabled: true
|
||||
storageClass: openebs-hostpath
|
||||
size: 10Gi
|
||||
networkPolicy:
|
||||
enabled: false
|
||||
metrics:
|
||||
enabled: true
|
||||
serviceMonitor:
|
||||
enabled: true
|
||||
replicas: 2
|
||||
extraArgs: ["--web.prefix-header=X-Forwarded-Prefix"]
|
||||
alertmanagersConfig:
|
||||
value: |-
|
||||
alertmanagers:
|
||||
- api_version: v2
|
||||
static_configs:
|
||||
- dnssrv+_http-web._tcp.alertmanager-operated.observability.svc.cluster.local
|
||||
rules:
|
||||
value: |-
|
||||
groups:
|
||||
- name: PrometheusWatcher
|
||||
rules:
|
||||
- alert: PrometheusDown
|
||||
annotations:
|
||||
summary: A Prometheus has disappeared from Prometheus target discovery
|
||||
expr: absent(up{job="kube-prometheus-stack-prometheus"})
|
||||
for: 5m
|
||||
labels:
|
||||
severity: critical
|
||||
persistence: *persistence
|
||||
storeGateway:
|
||||
replicas: 2
|
||||
extraEnv: *extraEnv
|
||||
extraArgs: ["--index-cache.config=$(THANOS_CACHE_CONFIG)"]
|
||||
persistence: *persistence
|
||||
podAnnotations: *podAnnotations
|
|
@ -3,5 +3,12 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- ./externalsecret.yaml
|
||||
- ./helmrelease.yaml
|
||||
- ./objectbucketclaim.yaml
|
||||
- ./helmrelease.yaml
|
||||
- ./pushsecret.yaml
|
||||
configMapGenerator:
|
||||
- name: thanos-cache-configmap
|
||||
files:
|
||||
- cache.yaml=./resources/cache.yml
|
||||
generatorOptions:
|
||||
disableNameSuffixHash: true
|
|
@ -0,0 +1,9 @@
|
|||
---
|
||||
# yaml-language-server: $schema=https://ks.hsn.dev/objectbucket.io/objectbucketclaim_v1alpha1.json
|
||||
apiVersion: objectbucket.io/v1alpha1
|
||||
kind: ObjectBucketClaim
|
||||
metadata:
|
||||
name: thanos-bucket
|
||||
spec:
|
||||
bucketName: thanos
|
||||
storageClassName: ceph-bucket
|
25
kubernetes/apps/observability/thanos/app/pushsecret.yaml
Normal file
25
kubernetes/apps/observability/thanos/app/pushsecret.yaml
Normal file
|
@ -0,0 +1,25 @@
|
|||
---
|
||||
# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/pushsecret_v1alpha1.json
|
||||
apiVersion: external-secrets.io/v1alpha1
|
||||
kind: PushSecret
|
||||
metadata:
|
||||
name: thanos
|
||||
spec:
|
||||
refreshInterval: 1h
|
||||
secretStoreRefs:
|
||||
- name: onepassword-connect
|
||||
kind: ClusterSecretStore
|
||||
selector:
|
||||
secret:
|
||||
name: thanos-bucket
|
||||
data:
|
||||
- match:
|
||||
secretKey: &key AWS_ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
remoteKey: thanos
|
||||
property: *key
|
||||
- match:
|
||||
secretKey: &key AWS_SECRET_ACCESS_KEY
|
||||
remoteRef:
|
||||
remoteKey: thanos
|
||||
property: *key
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
type: REDIS
|
||||
config:
|
||||
addr: dragonfly.database.svc.cluster.local:6379
|
||||
db: 1
|
Loading…
Reference in a new issue