theshire/kubernetes/apps/observability/thanos/app/helmrelease.yaml
2024-04-07 09:52:32 -05:00

128 lines
No EOL
3.7 KiB
YAML

---
# yaml-language-server: $schema=https://ks.hsn.dev/helm.toolkit.fluxcd.io/helmrelease_v2beta2.json
apiVersion: helm.toolkit.fluxcd.io/v2beta2
kind: HelmRelease
metadata:
name: thanos
spec:
interval: 30m
timeout: 15m
chart:
spec:
chart: thanos
version: 1.16.3
sourceRef:
kind: HelmRepository
name: stevehipwell
namespace: flux-system
install:
remediation:
retries: 3
upgrade:
cleanupOnFail: true
remediation:
strategy: rollback
retries: 3
dependsOn:
- name: openebs
namespace: openebs-system
- name: dragonfly-operator
namespace: dragonfly-operator-system
- name: rook-ceph-cluster
namespace: rook-ceph
valuesFrom:
- targetPath: objstoreConfig.value.config.bucket
kind: ConfigMap
name: thanos-bucket
valuesKey: BUCKET_NAME
- targetPath: objstoreConfig.value.config.endpoint
kind: ConfigMap
name: thanos-bucket
valuesKey: BUCKET_HOST
- targetPath: objstoreConfig.value.config.region
kind: ConfigMap
name: thanos-bucket
valuesKey: BUCKET_REGION
- targetPath: objstoreConfig.value.config.access_key
kind: Secret
name: thanos-bucket
valuesKey: AWS_ACCESS_KEY_ID
- targetPath: objstoreConfig.value.config.secret_key
kind: Secret
name: thanos-bucket
valuesKey: AWS_SECRET_ACCESS_KEY
values:
objstoreConfig:
value:
type: s3
config:
insecure: true
additionalEndpoints:
- dnssrv+_grpc._tcp.kube-prometheus-stack-thanos-discovery.observability.svc.cluster.local
additionalReplicaLabels: ["__replica__"]
serviceMonitor:
enabled: true
compact:
enabled: true
extraArgs:
- --compact.concurrency=4
- --delete-delay=30m
- --retention.resolution-raw=14d
- --retention.resolution-5m=30d
- --retention.resolution-1h=60d
persistence: &persistence
enabled: true
storageClass: openebs-hostpath
size: 10Gi
query:
replicas: 2
extraArgs: ["--alert.query-url=https://thanos.hsn.dev"]
additionalStores: ["thanos.turbo.ac:10901"]
queryFrontend:
enabled: true
replicas: 2
extraEnv: &extraEnv
- name: THANOS_CACHE_CONFIG
valueFrom:
configMapKeyRef:
name: &configMap thanos-cache-configmap
key: cache.yaml
extraArgs: ["--query-range.response-cache-config=$(THANOS_CACHE_CONFIG)"]
ingress:
enabled: true
ingressClassName: internal-nginx
hosts:
- &host thanos.hsn.dev
tls:
- hosts: [*host]
podAnnotations: &podAnnotations
configmap.reloader.stakater.com/reload: *configMap
rule:
enabled: true
replicas: 2
extraArgs: ["--web.prefix-header=X-Forwarded-Prefix"]
alertmanagersConfig:
value: |-
alertmanagers:
- api_version: v2
static_configs:
- dnssrv+_http-web._tcp.alertmanager-operated.observability.svc.cluster.local
rules:
value: |-
groups:
- name: PrometheusWatcher
rules:
- alert: PrometheusDown
annotations:
summary: A Prometheus has disappeared from Prometheus target discovery
expr: absent(up{job="kube-prometheus-stack-prometheus"})
for: 5m
labels:
severity: critical
persistence: *persistence
storeGateway:
replicas: 2
extraEnv: *extraEnv
extraArgs: ["--index-cache.config=$(THANOS_CACHE_CONFIG)"]
persistence: *persistence
podAnnotations: *podAnnotations