Remove thanos bitnami chart.

This commit is contained in:
Joseph Hanson 2024-04-04 10:47:54 -05:00
parent 3541923467
commit 4268a6fb8d
Signed by: jahanson
SSH key fingerprint: SHA256:vy6dKBECV522aPAwklFM3ReKAVB086rT3oWwiuiFG7o
6 changed files with 134 additions and 122 deletions

View file

@ -1,31 +0,0 @@
---
# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: thanos
namespace: monitoring
spec:
secretStoreRef:
kind: ClusterSecretStore
name: onepassword-connect
target:
name: thanos-s3-secret
creationPolicy: Owner
template:
engineVersion: v2
data:
objstore.yml: |-
type: s3
config:
access_key: {{ .s3_thanos_access_key }}
bucket: {{ .s3_thanos_bucket_name }}
endpoint: {{ .s3_homelab_endpoint }}
secret_key: {{ .s3_thanos_secret_key }}
dataFrom:
- extract:
key: Minio
rewrite:
- regexp:
source: "(.*)"
target: "s3_$1"

View file

@ -10,10 +10,10 @@ spec:
chart:
spec:
chart: thanos
version: 14.0.2
version: 1.16.2
sourceRef:
kind: HelmRepository
name: bitnami
name: stevehipwell
namespace: flux-system
install:
remediation:
@ -21,9 +21,8 @@ spec:
upgrade:
cleanupOnFail: true
remediation:
strategy: rollback
retries: 3
uninstall:
keepHistory: false
dependsOn:
- name: openebs
namespace: openebs-system
@ -31,101 +30,99 @@ spec:
namespace: dragonfly-operator-system
- name: rook-ceph-cluster
namespace: rook-ceph
valuesFrom:
- targetPath: objstoreConfig.value.config.bucket
kind: ConfigMap
name: thanos-bucket
valuesKey: BUCKET_NAME
- targetPath: objstoreConfig.value.config.endpoint
kind: ConfigMap
name: thanos-bucket
valuesKey: BUCKET_HOST
- targetPath: objstoreConfig.value.config.region
kind: ConfigMap
name: thanos-bucket
valuesKey: BUCKET_REGION
- targetPath: objstoreConfig.value.config.access_key
kind: Secret
name: thanos-bucket
valuesKey: AWS_ACCESS_KEY_ID
- targetPath: objstoreConfig.value.config.secret_key
kind: Secret
name: thanos-bucket
valuesKey: AWS_SECRET_ACCESS_KEY
values:
existingObjstoreSecret: thanos-s3-secret
image:
registry: quay.io
repository: thanos/thanos
tag: v0.34.1
objstoreConfig:
type: s3
config:
insecure: true
receive:
enabled: false
networkPolicy:
enabled: false
queryFrontend:
enabled: true
replicaCount: 2
config: &config |-
type: REDIS
value:
type: s3
config:
addr: dragonfly.database.svc.cluster.local:6379
db: 2
ingress:
enabled: true
ingressClassName: internal-nginx
hostname: &host thanos-query-frontend.jahanson.tech
tls: true
extraTls:
- hosts:
- *host
networkPolicy:
enabled: false
query:
insecure: true
additionalEndpoints:
- dnssrv+_grpc._tcp.kube-prometheus-stack-thanos-discovery.observability.svc.cluster.local
additionalReplicaLabels: ["__replica__"]
serviceMonitor:
enabled: true
replicaCount: 2
replicaLabel: ["__replica__"]
dnsDiscovery:
sidecarsService: kube-prometheus-stack-thanos-discovery
sidecarsNamespace: observability
stores: ["thanos.jahanson.tech:10901"]
networkPolicy:
enabled: false
bucketweb:
compact:
enabled: true
replicaCount: 2
networkPolicy:
enabled: false
compactor:
enabled: true
extraFlags:
extraArgs:
- --compact.concurrency=4
- --delete-delay=30m
retentionResolutionRaw: 14d
retentionResolution5m: 30d
retentionResolution1h: 60d
persistence:
- --retention.resolution-raw=14d
- --retention.resolution-5m=30d
- --retention.resolution-1h=60d
persistence: &persistence
enabled: true
storageClass: openebs-hostpath
size: 10Gi
networkPolicy:
enabled: false
storegateway:
query:
replicas: 2
extraArgs: ["--alert.query-url=https://thanos.hsn.dev"]
additionalStores: ["thanos.turbo.ac:10901"]
queryFrontend:
enabled: true
replicaCount: 2
config: *config
persistence:
replicas: 2
extraEnv: &extraEnv
- name: THANOS_CACHE_CONFIG
valueFrom:
configMapKeyRef:
name: &configMap thanos-cache-configmap
key: cache.yaml
extraArgs: ["--query-range.response-cache-config=$(THANOS_CACHE_CONFIG)"]
ingress:
enabled: true
storageClass: openebs-hostpath
size: 10Gi
networkPolicy:
enabled: false
ruler:
ingressClassName: internal
hosts:
- &host thanos.hsn.dev
tls:
- hosts: [*host]
podAnnotations: &podAnnotations
configmap.reloader.stakater.com/reload: *configMap
rule:
enabled: true
replicaCount: 2
replicaLabel: __replica__
alertmanagers: ["http://alertmanager-operated.observability.svc.cluster.local:9093"]
extraFlags: ["--web.prefix-header=X-Forwarded-Prefix"]
config: |-
groups:
- name: PrometheusWatcher
rules:
- alert: PrometheusDown
annotations:
summary: A Prometheus has disappeared from Prometheus target discovery
expr: absent(up{job="kube-prometheus-stack-prometheus"})
for: 5m
labels:
severity: critical
persistence:
enabled: true
storageClass: openebs-hostpath
size: 10Gi
networkPolicy:
enabled: false
metrics:
enabled: true
serviceMonitor:
enabled: true
replicas: 2
extraArgs: ["--web.prefix-header=X-Forwarded-Prefix"]
alertmanagersConfig:
value: |-
alertmanagers:
- api_version: v2
static_configs:
- dnssrv+_http-web._tcp.alertmanager-operated.observability.svc.cluster.local
rules:
value: |-
groups:
- name: PrometheusWatcher
rules:
- alert: PrometheusDown
annotations:
summary: A Prometheus has disappeared from Prometheus target discovery
expr: absent(up{job="kube-prometheus-stack-prometheus"})
for: 5m
labels:
severity: critical
persistence: *persistence
storeGateway:
replicas: 2
extraEnv: *extraEnv
extraArgs: ["--index-cache.config=$(THANOS_CACHE_CONFIG)"]
persistence: *persistence
podAnnotations: *podAnnotations

View file

@ -3,5 +3,12 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./externalsecret.yaml
- ./helmrelease.yaml
- ./objectbucketclaim.yaml
- ./helmrelease.yaml
- ./pushsecret.yaml
configMapGenerator:
- name: thanos-cache-configmap
files:
- cache.yaml=./resources/cache.yml
generatorOptions:
disableNameSuffixHash: true

View file

@ -0,0 +1,9 @@
---
# yaml-language-server: $schema=https://ks.hsn.dev/objectbucket.io/objectbucketclaim_v1alpha1.json
apiVersion: objectbucket.io/v1alpha1
kind: ObjectBucketClaim
metadata:
name: thanos-bucket
spec:
bucketName: thanos
storageClassName: ceph-bucket

View file

@ -0,0 +1,25 @@
---
# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/pushsecret_v1alpha1.json
apiVersion: external-secrets.io/v1alpha1
kind: PushSecret
metadata:
name: thanos
spec:
refreshInterval: 1h
secretStoreRefs:
- name: onepassword-connect
kind: ClusterSecretStore
selector:
secret:
name: thanos-bucket
data:
- match:
secretKey: &key AWS_ACCESS_KEY_ID
remoteRef:
remoteKey: thanos
property: *key
- match:
secretKey: &key AWS_SECRET_ACCESS_KEY
remoteRef:
remoteKey: thanos
property: *key

View file

@ -0,0 +1,5 @@
---
type: REDIS
config:
addr: dragonfly.database.svc.cluster.local:6379
db: 1