127 lines
3.3 KiB
YAML
127 lines
3.3 KiB
YAML
---
|
|
# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/helmrelease-helm-v2beta1.json
|
|
apiVersion: helm.toolkit.fluxcd.io/v2beta1
|
|
kind: HelmRelease
|
|
metadata:
|
|
name: thanos
|
|
namespace: monitoring
|
|
spec:
|
|
interval: 30m
|
|
timeout: 15m
|
|
chart:
|
|
spec:
|
|
chart: thanos
|
|
version: 12.13.5
|
|
sourceRef:
|
|
kind: HelmRepository
|
|
name: bitnami
|
|
namespace: flux-system
|
|
maxHistory: 2
|
|
install:
|
|
createNamespace: true
|
|
remediation:
|
|
retries: 3
|
|
upgrade:
|
|
cleanupOnFail: true
|
|
remediation:
|
|
retries: 3
|
|
uninstall:
|
|
keepHistory: false
|
|
dependsOn:
|
|
- name: rook-ceph-cluster
|
|
namespace: rook-ceph
|
|
values:
|
|
image:
|
|
registry: quay.io
|
|
repository: thanos/thanos
|
|
tag: v0.32.3
|
|
objstoreConfig:
|
|
type: s3
|
|
config:
|
|
insecure: true
|
|
queryFrontend:
|
|
enabled: true
|
|
replicaCount: 3
|
|
ingress:
|
|
enabled: true
|
|
ingressClassName: nginx
|
|
hostname: &host thanos-query-frontend.valinor.social
|
|
tls: true
|
|
extraTls:
|
|
- hosts:
|
|
- *host
|
|
query:
|
|
enabled: true
|
|
replicaCount: 3
|
|
replicaLabel: ["__replica__"]
|
|
dnsDiscovery:
|
|
sidecarsService: kube-prometheus-stack-thanos-discovery
|
|
sidecarsNamespace: monitoring
|
|
bucketweb:
|
|
enabled: true
|
|
replicaCount: 3
|
|
compactor:
|
|
enabled: true
|
|
extraFlags:
|
|
- --compact.concurrency=4
|
|
- --delete-delay=30m
|
|
retentionResolutionRaw: 14d
|
|
retentionResolution5m: 14d
|
|
retentionResolution1h: 14d
|
|
persistence:
|
|
enabled: true
|
|
storageClass: ceph-block
|
|
size: 100Gi
|
|
storegateway:
|
|
enabled: true
|
|
replicaCount: 3
|
|
persistence:
|
|
enabled: true
|
|
storageClass: ceph-block
|
|
size: 20Gi
|
|
ruler:
|
|
enabled: true
|
|
replicaCount: 3
|
|
replicaLabel: __replica__
|
|
alertmanagers: ["http://kube-prometheus-stack-alertmanager.monitoring.svc.cluster.local:9093"]
|
|
extraFlags: ["--web.prefix-header=X-Forwarded-Prefix"]
|
|
config: |-
|
|
groups:
|
|
- name: PrometheusWatcher
|
|
rules:
|
|
- alert: PrometheusDown
|
|
annotations:
|
|
summary: A Prometheus has disappeared from Prometheus target discovery
|
|
expr: absent(up{job="kube-prometheus-stack-prometheus"})
|
|
for: 5m
|
|
labels:
|
|
severity: critical
|
|
persistence:
|
|
enabled: true
|
|
storageClass: ceph-block
|
|
size: 20Gi
|
|
metrics:
|
|
enabled: true
|
|
serviceMonitor:
|
|
enabled: true
|
|
valuesFrom:
|
|
- targetPath: objstoreConfig.config.bucket
|
|
kind: ConfigMap
|
|
name: thanos-bucket-v1
|
|
valuesKey: BUCKET_NAME
|
|
- targetPath: objstoreConfig.config.endpoint
|
|
kind: ConfigMap
|
|
name: thanos-bucket-v1
|
|
valuesKey: BUCKET_HOST
|
|
- targetPath: objstoreConfig.config.region
|
|
kind: ConfigMap
|
|
name: thanos-bucket-v1
|
|
valuesKey: BUCKET_REGION
|
|
- targetPath: objstoreConfig.config.access_key
|
|
kind: Secret
|
|
name: thanos-bucket-v1
|
|
valuesKey: AWS_ACCESS_KEY_ID
|
|
- targetPath: objstoreConfig.config.secret_key
|
|
kind: Secret
|
|
name: thanos-bucket-v1
|
|
valuesKey: AWS_SECRET_ACCESS_KEY
|