From 47edb11ea1d6b527f5102df21f430402deb3e34c Mon Sep 17 00:00:00 2001 From: Christopher Hase Date: Wed, 21 May 2025 15:34:42 +0200 Subject: [PATCH] Initial upload --- otc/ABC/edfbuilder.yaml | 4 +- otc/ABC/registry/core.yaml | 4 +- otc/ABC/registry/local-backup.yaml | 4 +- .../registry/{otc.yaml => monitoring.yaml} | 6 +- otc/ABC/registry/ref-implementation.yaml | 4 +- ...observability.yaml => second-cluster.yaml} | 6 +- otc/ABC/stacks/core/argocd-sso.yaml | 29 + .../argocd-forgejo-access-token.yaml | 29 + .../stacks/core/argocd-sso/argocd-secret.yaml | 24 + .../core/argocd-sso/argocd-sso-config.yaml | 54 + otc/ABC/stacks/core/argocd.yaml | 6 +- otc/ABC/stacks/core/forgejo-runner.yaml | 6 +- otc/ABC/stacks/core/forgejo-sso.yaml | 29 + .../forgejo-sso/forgejo-access-token.yaml | 26 + .../core/forgejo-sso/forgejo-secret.yaml | 26 + .../core/forgejo-sso/forgejo-sso-config.yaml | 76 + otc/ABC/stacks/core/forgejo.yaml | 6 +- otc/ABC/stacks/core/ingress-apps.yaml | 6 +- otc/ABC/stacks/core/ingress-apps/alloy.yaml | 18 + .../core/ingress-apps/argocd-server.yaml | 1 - .../core/ingress-apps/fibonacci-service.yaml | 18 + otc/ABC/stacks/core/ingress-apps/forgejo.yaml | 1 - .../core/ingress-apps/minio-console.yaml | 19 + .../stacks/{otc => core}/ingress-nginx.yaml | 6 +- otc/ABC/stacks/core/ingress-nginx/values.yaml | 49 + otc/ABC/stacks/core/vector.yaml | 29 - otc/ABC/stacks/core/vector/values.yaml | 54 - otc/ABC/stacks/local-backup/minio.yaml | 10 +- otc/ABC/stacks/local-backup/velero.yaml | 6 +- otc/ABC/stacks/monitoring/alloy.yaml | 29 + otc/ABC/stacks/monitoring/alloy/values.yaml | 78 + .../stacks/monitoring/grafana-dashboards.yaml | 25 + .../monitoring/kube-prometheus-sso.yaml | 29 + .../kube-prometheus-sso/secret-grafana.yaml | 21 + .../stacks/monitoring/kube-prometheus.yaml | 36 + .../dashboards/dashboard_loki_apps.yaml | 268 +++ .../dashboards/dashboard_loki_components.yaml | 845 +++++++++ .../dashboards/dashboard_loki_container.yaml | 537 ++++++ .../dashboards/dashboard_nginx-ingress.yaml | 1577 +++++++++++++++++ .../monitoring/kube-prometheus/values.yaml | 71 + otc/ABC/stacks/monitoring/loki.yaml | 34 + otc/ABC/stacks/monitoring/loki/values.yaml | 7 + .../observability/victoria-k8s-stack.yaml | 31 - .../victoria-k8s-stack/manifests/vlogs.yaml | 21 - .../victoria-k8s-stack/values.yaml | 1278 ------------- .../cert-manager/manifests/clusterissuer.yaml | 14 - otc/ABC/stacks/otc/cert-manager/values.yaml | 4 - otc/ABC/stacks/otc/cert-manger.yaml | 33 - otc/ABC/stacks/otc/ingress-nginx/values.yaml | 31 - .../stacks/otc/storageclass/storageclass.yaml | 18 - .../ref-implementation/argo-workflows.yaml | 4 +- .../backstage-templates.yaml | 6 +- .../stacks/ref-implementation/backstage.yaml | 4 +- .../backstage/manifests/install.yaml | 2 +- .../ref-implementation/external-secrets.yaml | 4 +- .../fibonacci-app.yaml} | 22 +- .../fibonacci-app/deployment.yaml | 20 + .../fibonacci-app/service.yaml | 13 + .../stacks/ref-implementation/keycloak.yaml | 4 +- .../stacks/ref-implementation/mailhog.yaml | 4 +- .../stacks/ref-implementation/openbao.yaml | 17 +- .../openbao/manifests/role.yaml | 9 - .../openbao/manifests/rolebinding.yaml | 13 - .../ref-implementation/openbao/values.yaml | 17 - .../create-new-cluster-guestbook.yaml | 23 + .../argocluster.yaml | 16 + .../guestbook.yaml | 26 + .../kindcluster.yaml | 26 + 68 files changed, 4142 insertions(+), 1631 deletions(-) rename otc/ABC/registry/{otc.yaml => monitoring.yaml} (74%) rename otc/ABC/registry/{observability.yaml => second-cluster.yaml} (71%) create mode 100644 otc/ABC/stacks/core/argocd-sso.yaml create mode 100644 otc/ABC/stacks/core/argocd-sso/argocd-forgejo-access-token.yaml create mode 100644 otc/ABC/stacks/core/argocd-sso/argocd-secret.yaml create mode 100644 otc/ABC/stacks/core/argocd-sso/argocd-sso-config.yaml create mode 100644 otc/ABC/stacks/core/forgejo-sso.yaml create mode 100644 otc/ABC/stacks/core/forgejo-sso/forgejo-access-token.yaml create mode 100644 otc/ABC/stacks/core/forgejo-sso/forgejo-secret.yaml create mode 100644 otc/ABC/stacks/core/forgejo-sso/forgejo-sso-config.yaml create mode 100644 otc/ABC/stacks/core/ingress-apps/alloy.yaml create mode 100644 otc/ABC/stacks/core/ingress-apps/fibonacci-service.yaml create mode 100644 otc/ABC/stacks/core/ingress-apps/minio-console.yaml rename otc/ABC/stacks/{otc => core}/ingress-nginx.yaml (75%) create mode 100644 otc/ABC/stacks/core/ingress-nginx/values.yaml delete mode 100644 otc/ABC/stacks/core/vector.yaml delete mode 100644 otc/ABC/stacks/core/vector/values.yaml create mode 100644 otc/ABC/stacks/monitoring/alloy.yaml create mode 100644 otc/ABC/stacks/monitoring/alloy/values.yaml create mode 100644 otc/ABC/stacks/monitoring/grafana-dashboards.yaml create mode 100644 otc/ABC/stacks/monitoring/kube-prometheus-sso.yaml create mode 100644 otc/ABC/stacks/monitoring/kube-prometheus-sso/secret-grafana.yaml create mode 100644 otc/ABC/stacks/monitoring/kube-prometheus.yaml create mode 100644 otc/ABC/stacks/monitoring/kube-prometheus/dashboards/dashboard_loki_apps.yaml create mode 100644 otc/ABC/stacks/monitoring/kube-prometheus/dashboards/dashboard_loki_components.yaml create mode 100644 otc/ABC/stacks/monitoring/kube-prometheus/dashboards/dashboard_loki_container.yaml create mode 100644 otc/ABC/stacks/monitoring/kube-prometheus/dashboards/dashboard_nginx-ingress.yaml create mode 100644 otc/ABC/stacks/monitoring/kube-prometheus/values.yaml create mode 100644 otc/ABC/stacks/monitoring/loki.yaml create mode 100644 otc/ABC/stacks/monitoring/loki/values.yaml delete mode 100644 otc/ABC/stacks/observability/victoria-k8s-stack.yaml delete mode 100644 otc/ABC/stacks/observability/victoria-k8s-stack/manifests/vlogs.yaml delete mode 100644 otc/ABC/stacks/observability/victoria-k8s-stack/values.yaml delete mode 100644 otc/ABC/stacks/otc/cert-manager/manifests/clusterissuer.yaml delete mode 100644 otc/ABC/stacks/otc/cert-manager/values.yaml delete mode 100644 otc/ABC/stacks/otc/cert-manger.yaml delete mode 100644 otc/ABC/stacks/otc/ingress-nginx/values.yaml delete mode 100644 otc/ABC/stacks/otc/storageclass/storageclass.yaml rename otc/ABC/stacks/{otc/storageclass.yaml => ref-implementation/fibonacci-app.yaml} (66%) create mode 100644 otc/ABC/stacks/ref-implementation/fibonacci-app/deployment.yaml create mode 100644 otc/ABC/stacks/ref-implementation/fibonacci-app/service.yaml delete mode 100644 otc/ABC/stacks/ref-implementation/openbao/manifests/role.yaml delete mode 100644 otc/ABC/stacks/ref-implementation/openbao/manifests/rolebinding.yaml create mode 100644 otc/ABC/stacks/second-cluster/create-new-cluster-guestbook.yaml create mode 100644 otc/ABC/stacks/second-cluster/create-new-cluster-guestbook/argocluster.yaml create mode 100644 otc/ABC/stacks/second-cluster/create-new-cluster-guestbook/guestbook.yaml create mode 100644 otc/ABC/stacks/second-cluster/create-new-cluster-guestbook/kindcluster.yaml diff --git a/otc/ABC/edfbuilder.yaml b/otc/ABC/edfbuilder.yaml index 3b07fcd..f9ad2ec 100644 --- a/otc/ABC/edfbuilder.yaml +++ b/otc/ABC/edfbuilder.yaml @@ -12,8 +12,8 @@ spec: name: in-cluster namespace: argocd source: - path: "otc/ABC/registry" - repoURL: "https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances" + path: registry + repoURL: 'https://gitea.ABC/giteaAdmin/edfbuilder' targetRevision: HEAD project: default syncPolicy: diff --git a/otc/ABC/registry/core.yaml b/otc/ABC/registry/core.yaml index c9792f4..bf06db6 100644 --- a/otc/ABC/registry/core.yaml +++ b/otc/ABC/registry/core.yaml @@ -12,8 +12,8 @@ spec: name: in-cluster namespace: argocd source: - path: "otc/ABC/stacks/core" - repoURL: "https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances" + path: stacks/core + repoURL: 'https://gitea.ABC/giteaAdmin/edfbuilder' targetRevision: HEAD project: default syncPolicy: diff --git a/otc/ABC/registry/local-backup.yaml b/otc/ABC/registry/local-backup.yaml index fe2c6f5..202dabd 100644 --- a/otc/ABC/registry/local-backup.yaml +++ b/otc/ABC/registry/local-backup.yaml @@ -12,8 +12,8 @@ spec: name: in-cluster namespace: argocd source: - path: "otc/ABC/stacks/local-backup" - repoURL: "https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances" + path: stacks/local-backup + repoURL: 'https://gitea.ABC/giteaAdmin/edfbuilder' targetRevision: HEAD project: default syncPolicy: diff --git a/otc/ABC/registry/otc.yaml b/otc/ABC/registry/monitoring.yaml similarity index 74% rename from otc/ABC/registry/otc.yaml rename to otc/ABC/registry/monitoring.yaml index e973273..cdbc52a 100644 --- a/otc/ABC/registry/otc.yaml +++ b/otc/ABC/registry/monitoring.yaml @@ -1,7 +1,7 @@ apiVersion: argoproj.io/v1alpha1 kind: Application metadata: - name: otc + name: monitoring namespace: argocd labels: env: dev @@ -12,8 +12,8 @@ spec: name: in-cluster namespace: argocd source: - path: "otc/ABC/stacks/otc" - repoURL: "https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances" + path: stacks/monitoring + repoURL: 'https://gitea.ABC/giteaAdmin/edfbuilder' targetRevision: HEAD project: default syncPolicy: diff --git a/otc/ABC/registry/ref-implementation.yaml b/otc/ABC/registry/ref-implementation.yaml index b6c072c..5231998 100644 --- a/otc/ABC/registry/ref-implementation.yaml +++ b/otc/ABC/registry/ref-implementation.yaml @@ -12,8 +12,8 @@ spec: name: in-cluster namespace: argocd source: - path: "otc/ABC/stacks/ref-implementation" - repoURL: "https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances" + path: stacks/ref-implementation + repoURL: 'https://gitea.ABC/giteaAdmin/edfbuilder' targetRevision: HEAD project: default syncPolicy: diff --git a/otc/ABC/registry/observability.yaml b/otc/ABC/registry/second-cluster.yaml similarity index 71% rename from otc/ABC/registry/observability.yaml rename to otc/ABC/registry/second-cluster.yaml index 3c4d4c3..2fe7f27 100644 --- a/otc/ABC/registry/observability.yaml +++ b/otc/ABC/registry/second-cluster.yaml @@ -1,7 +1,7 @@ apiVersion: argoproj.io/v1alpha1 kind: Application metadata: - name: observability + name: second-cluster namespace: argocd labels: env: dev @@ -12,8 +12,8 @@ spec: name: in-cluster namespace: argocd source: - path: "otc/ABC/stacks/observability" - repoURL: "https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances" + path: stacks/second-cluster + repoURL: 'https://gitea.ABC/giteaAdmin/edfbuilder' targetRevision: HEAD project: default syncPolicy: diff --git a/otc/ABC/stacks/core/argocd-sso.yaml b/otc/ABC/stacks/core/argocd-sso.yaml new file mode 100644 index 0000000..97638e8 --- /dev/null +++ b/otc/ABC/stacks/core/argocd-sso.yaml @@ -0,0 +1,29 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: argocd-sso + namespace: argocd + labels: + env: dev + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: default + source: + repoURL: https://gitea.ABC/giteaAdmin/edfbuilder + targetRevision: HEAD + path: "stacks/core/argocd-sso" + destination: + server: "https://kubernetes.default.svc" + namespace: argocd + syncPolicy: + syncOptions: + - CreateNamespace=true + automated: + selfHeal: true + retry: + limit: -1 + backoff: + duration: 15s + factor: 1 + maxDuration: 15s \ No newline at end of file diff --git a/otc/ABC/stacks/core/argocd-sso/argocd-forgejo-access-token.yaml b/otc/ABC/stacks/core/argocd-sso/argocd-forgejo-access-token.yaml new file mode 100644 index 0000000..8003a1f --- /dev/null +++ b/otc/ABC/stacks/core/argocd-sso/argocd-forgejo-access-token.yaml @@ -0,0 +1,29 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: forgejo-access-token + namespace: argocd +spec: + secretStoreRef: + name: gitea + kind: ClusterSecretStore + refreshInterval: "0" + target: + name: forgejo-access-token + template: + engineVersion: v2 + data: + forgejo_username: "{{.FORGEJO_ACCESS_USERNAME}}" + forgejo_token: "{{.FORGEJO_ACCESS_TOKEN}}" + metadata: + labels: + app.kubernetes.io/part-of: argocd + data: + - secretKey: FORGEJO_ACCESS_USERNAME + remoteRef: + key: forgejo-access-token + property: username + - secretKey: FORGEJO_ACCESS_TOKEN + remoteRef: + key: forgejo-access-token + property: token diff --git a/otc/ABC/stacks/core/argocd-sso/argocd-secret.yaml b/otc/ABC/stacks/core/argocd-sso/argocd-secret.yaml new file mode 100644 index 0000000..105bdf4 --- /dev/null +++ b/otc/ABC/stacks/core/argocd-sso/argocd-secret.yaml @@ -0,0 +1,24 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: auth-generic-oauth-secret + namespace: argocd +spec: + secretStoreRef: + name: keycloak + kind: ClusterSecretStore + refreshInterval: "0" + target: + name: auth-generic-oauth-secret + template: + engineVersion: v2 + data: + client_secret: "{{.ARGOCD_CLIENT_SECRET}}" + metadata: + labels: + app.kubernetes.io/part-of: argocd + data: + - secretKey: ARGOCD_CLIENT_SECRET + remoteRef: + key: keycloak-clients + property: ARGOCD_CLIENT_SECRET \ No newline at end of file diff --git a/otc/ABC/stacks/core/argocd-sso/argocd-sso-config.yaml b/otc/ABC/stacks/core/argocd-sso/argocd-sso-config.yaml new file mode 100644 index 0000000..28439bf --- /dev/null +++ b/otc/ABC/stacks/core/argocd-sso/argocd-sso-config.yaml @@ -0,0 +1,54 @@ +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: argocd-config + namespace: argocd +spec: + template: + metadata: + generateName: argocd-config- + spec: + restartPolicy: OnFailure + containers: + - name: push + image: docker.io/library/ubuntu:22.04 + env: + - name: FORGEJO_USER + valueFrom: + secretKeyRef: + name: forgejo-access-token + key: forgejo_username + - name: FORGEJO_TOKEN + valueFrom: + secretKeyRef: + name: forgejo-access-token + key: forgejo_token + command: ["/bin/bash", "-c"] + args: + - | + #! /bin/bash + + apt -qq update + apt -qq install git wget -y + if [[ "$(uname -m)" == "x86_64" ]]; then + wget https://github.com/mikefarah/yq/releases/download/v4.44.3/yq_linux_amd64 + install yq_linux_amd64 /usr/local/bin/yq + rm yq_linux_amd64 + else + wget https://github.com/mikefarah/yq/releases/download/v4.44.3/yq_linux_arm64 + install yq_linux_arm64 /usr/local/bin/yq + rm yq_linux_arm64 + fi + + git config --global user.email "bot@bots.de" + git config --global user.name "bot" + + git clone https://${FORGEJO_USER}:${FORGEJO_TOKEN}@gitea.ABC/giteaAdmin/edfbuilder.git + cd edfbuilder + yq eval '.configs.cm."oidc.config" = "name: Keycloak\nissuer: https://ABC/keycloak/realms/cnoe\nclientID: argocd\nclientSecret: $auth-generic-oauth-secret:client_secret\nrequestedScopes: [\"openid\", \"profile\", \"email\", \"groups\"]"' -i stacks/core/argocd/values.yaml + + git add stacks/core/argocd/values.yaml + git commit -m "adds Forgejo SSO config" + git push + backoffLimit: 99 \ No newline at end of file diff --git a/otc/ABC/stacks/core/argocd.yaml b/otc/ABC/stacks/core/argocd.yaml index ca7b05c..6556e4d 100644 --- a/otc/ABC/stacks/core/argocd.yaml +++ b/otc/ABC/stacks/core/argocd.yaml @@ -12,8 +12,6 @@ spec: selfHeal: true syncOptions: - CreateNamespace=true - retry: - limit: -1 destination: name: in-cluster namespace: argocd @@ -26,7 +24,7 @@ spec: targetRevision: argo-cd-7.8.14-depends helm: valueFiles: - - $values/otc/ABC/stacks/core/argocd/values.yaml - - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances + - $values/stacks/core/argocd/values.yaml + - repoURL: https://gitea.ABC/giteaAdmin/edfbuilder targetRevision: HEAD ref: values diff --git a/otc/ABC/stacks/core/forgejo-runner.yaml b/otc/ABC/stacks/core/forgejo-runner.yaml index 9498391..32a4da2 100644 --- a/otc/ABC/stacks/core/forgejo-runner.yaml +++ b/otc/ABC/stacks/core/forgejo-runner.yaml @@ -14,11 +14,9 @@ spec: selfHeal: true syncOptions: - CreateNamespace=true - retry: - limit: -1 destination: server: "https://kubernetes.default.svc" source: - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances + repoURL: https://gitea.ABC/giteaAdmin/edfbuilder targetRevision: HEAD - path: "otc/ABC/stacks/core/forgejo-runner" + path: "stacks/core/forgejo-runner" diff --git a/otc/ABC/stacks/core/forgejo-sso.yaml b/otc/ABC/stacks/core/forgejo-sso.yaml new file mode 100644 index 0000000..25bf75d --- /dev/null +++ b/otc/ABC/stacks/core/forgejo-sso.yaml @@ -0,0 +1,29 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: forgejo-sso + namespace: argocd + labels: + env: dev + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: default + source: + repoURL: https://gitea.ABC/giteaAdmin/edfbuilder + targetRevision: HEAD + path: "stacks/core/forgejo-sso" + destination: + server: "https://kubernetes.default.svc" + namespace: gitea + syncPolicy: + syncOptions: + - CreateNamespace=true + automated: + selfHeal: true + retry: + limit: -1 + backoff: + duration: 15s + factor: 1 + maxDuration: 15s \ No newline at end of file diff --git a/otc/ABC/stacks/core/forgejo-sso/forgejo-access-token.yaml b/otc/ABC/stacks/core/forgejo-sso/forgejo-access-token.yaml new file mode 100644 index 0000000..215af67 --- /dev/null +++ b/otc/ABC/stacks/core/forgejo-sso/forgejo-access-token.yaml @@ -0,0 +1,26 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: forgejo-access-token + namespace: gitea +spec: + secretStoreRef: + name: gitea + kind: ClusterSecretStore + refreshInterval: "0" + target: + name: forgejo-access-token + template: + engineVersion: v2 + data: + forgejo_username: "{{.FORGEJO_ACCESS_USERNAME}}" + forgejo_token: "{{.FORGEJO_ACCESS_TOKEN}}" + data: + - secretKey: FORGEJO_ACCESS_USERNAME + remoteRef: + key: forgejo-access-token + property: username + - secretKey: FORGEJO_ACCESS_TOKEN + remoteRef: + key: forgejo-access-token + property: token diff --git a/otc/ABC/stacks/core/forgejo-sso/forgejo-secret.yaml b/otc/ABC/stacks/core/forgejo-sso/forgejo-secret.yaml new file mode 100644 index 0000000..d449c24 --- /dev/null +++ b/otc/ABC/stacks/core/forgejo-sso/forgejo-secret.yaml @@ -0,0 +1,26 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: auth-generic-oauth-secret + namespace: gitea +spec: + secretStoreRef: + name: keycloak + kind: ClusterSecretStore + refreshInterval: "0" + target: + name: auth-generic-oauth-secret + template: + engineVersion: v2 + data: + key: "{{.FORGEJO_CLIENT_ID}}" + secret: "{{.FORGEJO_CLIENT_SECRET}}" + data: + - secretKey: FORGEJO_CLIENT_ID + remoteRef: + key: keycloak-clients + property: FORGEJO_CLIENT_ID + - secretKey: FORGEJO_CLIENT_SECRET + remoteRef: + key: keycloak-clients + property: FORGEJO_CLIENT_SECRET diff --git a/otc/ABC/stacks/core/forgejo-sso/forgejo-sso-config.yaml b/otc/ABC/stacks/core/forgejo-sso/forgejo-sso-config.yaml new file mode 100644 index 0000000..b15b61a --- /dev/null +++ b/otc/ABC/stacks/core/forgejo-sso/forgejo-sso-config.yaml @@ -0,0 +1,76 @@ +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: forgejo-config + namespace: gitea +spec: + template: + metadata: + generateName: forgejo-config- + spec: + restartPolicy: OnFailure + containers: + - name: push + image: docker.io/library/ubuntu:22.04 + env: + - name: FORGEJO_USER + valueFrom: + secretKeyRef: + name: forgejo-access-token + key: forgejo_username + - name: FORGEJO_TOKEN + valueFrom: + secretKeyRef: + name: forgejo-access-token + key: forgejo_token + command: ["/bin/bash", "-c"] + args: + - | + #! /bin/bash + + apt -qq update + apt -qq install git wget -y + if [[ "$(uname -m)" == "x86_64" ]]; then + wget https://github.com/mikefarah/yq/releases/download/v4.44.3/yq_linux_amd64 + install yq_linux_amd64 /usr/local/bin/yq + rm yq_linux_amd64 + else + wget https://github.com/mikefarah/yq/releases/download/v4.44.3/yq_linux_arm64 + install yq_linux_arm64 /usr/local/bin/yq + rm yq_linux_arm64 + fi + + git config --global user.email "bot@bots.de" + git config --global user.name "giteaAdmin" + + git clone https://${FORGEJO_USER}:${FORGEJO_TOKEN}@gitea.ABC/giteaAdmin/edfbuilder.git + cd edfbuilder + yq eval ".gitea.oauth = [ + { + \"name\": \"Keycloak\", + \"provider\": \"openidConnect\", + \"existingSecret\": \"auth-generic-oauth-secret\", + \"autoDiscoverUrl\": \"https://ABC/keycloak/realms/cnoe/.well-known/openid-configuration\" + } + ] | + (.gitea.oauth[] | .name) |= (. style=\"single\") + | + (.gitea.oauth[] | .provider) |= (. style=\"single\") + | + (.gitea.oauth[] | .existingSecret) |= (. style=\"single\") + | + (.gitea.oauth[] | .autoDiscoverUrl) |= (. style=\"single\") + " -i stacks/core/forgejo/values.yaml + + yq eval '.gitea.config.oauth2_client = + { + "ENABLE_AUTO_REGISTRATION" : true, + "ACCOUNT_LINKING" : "auto" + } + ' -i stacks/core/forgejo/values.yaml + + git add stacks/core/forgejo/values.yaml + git commit -m "adds Forgejo SSO config" + git push + backoffLimit: 99 \ No newline at end of file diff --git a/otc/ABC/stacks/core/forgejo.yaml b/otc/ABC/stacks/core/forgejo.yaml index fda7cb3..a212e12 100644 --- a/otc/ABC/stacks/core/forgejo.yaml +++ b/otc/ABC/stacks/core/forgejo.yaml @@ -12,8 +12,6 @@ spec: selfHeal: true syncOptions: - CreateNamespace=true - retry: - limit: -1 destination: name: in-cluster namespace: gitea @@ -23,7 +21,7 @@ spec: targetRevision: v12.0.0-depends helm: valueFiles: - - $values/otc/ABC/stacks/core/forgejo/values.yaml - - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances + - $values/stacks/core/forgejo/values.yaml + - repoURL: https://gitea.ABC/giteaAdmin/edfbuilder targetRevision: HEAD ref: values diff --git a/otc/ABC/stacks/core/ingress-apps.yaml b/otc/ABC/stacks/core/ingress-apps.yaml index a12ba3c..7f1de0b 100644 --- a/otc/ABC/stacks/core/ingress-apps.yaml +++ b/otc/ABC/stacks/core/ingress-apps.yaml @@ -11,14 +11,12 @@ spec: destination: server: "https://kubernetes.default.svc" source: - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances + repoURL: https://gitea.ABC/giteaAdmin/edfbuilder targetRevision: HEAD - path: "otc/ABC/stacks/core/ingress-apps" + path: "stacks/core/ingress-apps" project: default syncPolicy: automated: selfHeal: true syncOptions: - CreateNamespace=true - retry: - limit: -1 diff --git a/otc/ABC/stacks/core/ingress-apps/alloy.yaml b/otc/ABC/stacks/core/ingress-apps/alloy.yaml new file mode 100644 index 0000000..02972be --- /dev/null +++ b/otc/ABC/stacks/core/ingress-apps/alloy.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: alloy + namespace: monitoring +spec: + ingressClassName: nginx + rules: + - host: ABC + http: + paths: + - backend: + service: + name: alloy + port: + number: 12345 + path: /alloy + pathType: Prefix diff --git a/otc/ABC/stacks/core/ingress-apps/argocd-server.yaml b/otc/ABC/stacks/core/ingress-apps/argocd-server.yaml index 5eeb08f..f529f91 100644 --- a/otc/ABC/stacks/core/ingress-apps/argocd-server.yaml +++ b/otc/ABC/stacks/core/ingress-apps/argocd-server.yaml @@ -4,7 +4,6 @@ metadata: annotations: nginx.ingress.kubernetes.io/backend-protocol: HTTP nginx.ingress.kubernetes.io/force-ssl-redirect: "true" - cert-manager.io/cluster-issuer: main name: argocd-server namespace: argocd diff --git a/otc/ABC/stacks/core/ingress-apps/fibonacci-service.yaml b/otc/ABC/stacks/core/ingress-apps/fibonacci-service.yaml new file mode 100644 index 0000000..60f5c00 --- /dev/null +++ b/otc/ABC/stacks/core/ingress-apps/fibonacci-service.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: fibonacci-service + namespace: fibonacci-app +spec: + ingressClassName: nginx + rules: + - host: ABC + http: + paths: + - backend: + service: + name: fibonacci-service + port: + number: 9090 + path: /fibonacci + pathType: Prefix diff --git a/otc/ABC/stacks/core/ingress-apps/forgejo.yaml b/otc/ABC/stacks/core/ingress-apps/forgejo.yaml index b1d6e13..172acb4 100644 --- a/otc/ABC/stacks/core/ingress-apps/forgejo.yaml +++ b/otc/ABC/stacks/core/ingress-apps/forgejo.yaml @@ -4,7 +4,6 @@ metadata: annotations: nginx.ingress.kubernetes.io/force-ssl-redirect: "true" nginx.ingress.kubernetes.io/proxy-body-size: 512m - cert-manager.io/cluster-issuer: main name: forgejo namespace: gitea diff --git a/otc/ABC/stacks/core/ingress-apps/minio-console.yaml b/otc/ABC/stacks/core/ingress-apps/minio-console.yaml new file mode 100644 index 0000000..0786e5d --- /dev/null +++ b/otc/ABC/stacks/core/ingress-apps/minio-console.yaml @@ -0,0 +1,19 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: minio-console + namespace: minio-backup + +spec: + ingressClassName: nginx + rules: + - host: minio-backup.ABC + http: + paths: + - backend: + service: + name: minio-console + port: + number: 9001 + path: / + pathType: Prefix diff --git a/otc/ABC/stacks/otc/ingress-nginx.yaml b/otc/ABC/stacks/core/ingress-nginx.yaml similarity index 75% rename from otc/ABC/stacks/otc/ingress-nginx.yaml rename to otc/ABC/stacks/core/ingress-nginx.yaml index 7e61239..1fe04d2 100644 --- a/otc/ABC/stacks/otc/ingress-nginx.yaml +++ b/otc/ABC/stacks/core/ingress-nginx.yaml @@ -12,8 +12,6 @@ spec: selfHeal: true syncOptions: - CreateNamespace=true - retry: - limit: -1 destination: name: in-cluster namespace: ingress-nginx @@ -23,7 +21,7 @@ spec: targetRevision: helm-chart-4.12.1-depends helm: valueFiles: - - $values/otc/ABC/stacks/otc/ingress-nginx/values.yaml - - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances + - $values/stacks/core/ingress-nginx/values.yaml + - repoURL: https://gitea.ABC/giteaAdmin/edfbuilder targetRevision: HEAD ref: values diff --git a/otc/ABC/stacks/core/ingress-nginx/values.yaml b/otc/ABC/stacks/core/ingress-nginx/values.yaml new file mode 100644 index 0000000..3f07db8 --- /dev/null +++ b/otc/ABC/stacks/core/ingress-nginx/values.yaml @@ -0,0 +1,49 @@ +controller: + updateStrategy: + type: RollingUpdate + rollingUpdate: + maxUnavailable: 1 + + ingressClassResource: + name: nginx + + # added for idpbuilder + allowSnippetAnnotations: true + + # added for idpbuilder + config: + proxy-buffer-size: 32k + use-forwarded-headers: "true" + + # monitoring nginx + metrics: + enabled: true + serviceMonitor: + additionalLabels: + release: "ingress-nginx" + enabled: true + + + hostPort: + enabled: true + terminationGracePeriodSeconds: 0 + service: + type: NodePort + + nodeSelector: + ingress-ready: "true" + tolerations: + - key: "node-role.kubernetes.io/master" + operator: "Equal" + effect: "NoSchedule" + - key: "node-role.kubernetes.io/control-plane" + operator: "Equal" + effect: "NoSchedule" + + publishService: + enabled: false + extraArgs: + publish-status-address: localhost + # added for idpbuilder + enable-ssl-passthrough: "" + diff --git a/otc/ABC/stacks/core/vector.yaml b/otc/ABC/stacks/core/vector.yaml deleted file mode 100644 index 1c0411e..0000000 --- a/otc/ABC/stacks/core/vector.yaml +++ /dev/null @@ -1,29 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: argocd - namespace: argocd - labels: - env: dev -spec: - project: default - syncPolicy: - automated: - selfHeal: true - syncOptions: - - CreateNamespace=true - retry: - limit: -1 - destination: - name: in-cluster - namespace: observability - sources: - - chart: vector - repoURL: https://helm.vector.dev - targetRevision: 0.43.0 - helm: - valueFiles: - - $values/otc/ABC/stacks/core/vector/values.yaml - - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances - targetRevision: HEAD - ref: values diff --git a/otc/ABC/stacks/core/vector/values.yaml b/otc/ABC/stacks/core/vector/values.yaml deleted file mode 100644 index 7638071..0000000 --- a/otc/ABC/stacks/core/vector/values.yaml +++ /dev/null @@ -1,54 +0,0 @@ -# -- Enable deployment of vector -role: Agent -dataDir: /vector-data-dir -resources: {} -args: - - -w - - --config-dir - - /etc/vector/ -containerPorts: - - name: prom-exporter - containerPort: 9090 - protocol: TCP -service: - enabled: false -customConfig: - data_dir: /vector-data-dir - api: - enabled: false - address: 0.0.0.0:8686 - playground: true - sources: - k8s: - type: kubernetes_logs - internal_metrics: - type: internal_metrics - transforms: - parser: - type: remap - inputs: [k8s] - source: | - .log = parse_json(.message) ?? .message - del(.message) - sinks: - exporter: - type: prometheus_exporter - address: 0.0.0.0:9090 - inputs: [internal_metrics] - vlogs: - type: elasticsearch - inputs: [parser] - endpoints: - - http://vlogs-victorialogs:9428/insert/elasticsearch/ - mode: bulk - api_version: v8 - compression: gzip - healthcheck: - enabled: false - request: - headers: - VL-Time-Field: timestamp - VL-Stream-Fields: stream,kubernetes.pod_name,kubernetes.container_name,kubernetes.pod_namespace - VL-Msg-Field: message,msg,_msg,log.msg,log.message,log - AccountID: "0" - ProjectID: "0" \ No newline at end of file diff --git a/otc/ABC/stacks/local-backup/minio.yaml b/otc/ABC/stacks/local-backup/minio.yaml index 22cda96..00e4ad8 100644 --- a/otc/ABC/stacks/local-backup/minio.yaml +++ b/otc/ABC/stacks/local-backup/minio.yaml @@ -10,19 +10,19 @@ metadata: spec: project: default sources: - - repoURL: "https://charts.min.io" + - repoURL: 'https://charts.min.io' targetRevision: 5.0.15 helm: releaseName: minio valueFiles: - - $values/otc/ABC/stacks/local-backup/minio/helm/values.yaml + - $values/stacks/local-backup/minio/helm/values.yaml chart: minio - - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances + - repoURL: https://gitea.ABC/giteaAdmin/edfbuilder targetRevision: HEAD ref: values - - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances + - repoURL: https://gitea.ABC/giteaAdmin/edfbuilder targetRevision: HEAD - path: "otc/ABC/stacks/local-backup/minio/manifests" + path: "stacks/local-backup/minio/manifests" destination: server: "https://kubernetes.default.svc" namespace: minio-backup diff --git a/otc/ABC/stacks/local-backup/velero.yaml b/otc/ABC/stacks/local-backup/velero.yaml index 0c81ff1..5429a0f 100644 --- a/otc/ABC/stacks/local-backup/velero.yaml +++ b/otc/ABC/stacks/local-backup/velero.yaml @@ -10,14 +10,14 @@ metadata: spec: project: default sources: - - repoURL: "https://vmware-tanzu.github.io/helm-charts" + - repoURL: 'https://vmware-tanzu.github.io/helm-charts' targetRevision: 8.0.0 helm: releaseName: velero valueFiles: - - $values/otc/ABC/stacks/local-backup/velero/helm/values.yaml + - $values/stacks/local-backup/velero/helm/values.yaml chart: velero - - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances + - repoURL: https://gitea.ABC/giteaAdmin/edfbuilder targetRevision: HEAD ref: values destination: diff --git a/otc/ABC/stacks/monitoring/alloy.yaml b/otc/ABC/stacks/monitoring/alloy.yaml new file mode 100644 index 0000000..f0ab470 --- /dev/null +++ b/otc/ABC/stacks/monitoring/alloy.yaml @@ -0,0 +1,29 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: alloy + namespace: argocd + labels: + env: dev + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true + destination: + name: in-cluster + namespace: monitoring + sources: + - repoURL: https://github.com/grafana/alloy.git + path: operations/helm/charts/alloy + targetRevision: HEAD + helm: + valueFiles: + - $values/stacks/monitoring/alloy/values.yaml + - repoURL: https://gitea.ABC/giteaAdmin/edfbuilder + targetRevision: HEAD + ref: values \ No newline at end of file diff --git a/otc/ABC/stacks/monitoring/alloy/values.yaml b/otc/ABC/stacks/monitoring/alloy/values.yaml new file mode 100644 index 0000000..a2ac67d --- /dev/null +++ b/otc/ABC/stacks/monitoring/alloy/values.yaml @@ -0,0 +1,78 @@ +alloy: + create: false + name: alloy-config + key: config.alloy + + uiPathPrefix: "/alloy" + + configMap: + content: |- + + logging { + level = "info" + format = "logfmt" + } + + loki.write "local_loki" { + endpoint { + url = "http://loki-loki-distributed-gateway/loki/api/v1/push" + } + } + + discovery.kubernetes "pod" { + role = "pod" + } + + discovery.kubernetes "nodes" { + role = "node" + } + + discovery.kubernetes "services" { + role = "service" + } + + discovery.kubernetes "endpoints" { + role = "endpoints" + } + + discovery.kubernetes "endpointslices" { + role = "endpointslice" + } + + discovery.kubernetes "ingresses" { + role = "ingress" + } + + discovery.relabel "pod_logs" { + targets = discovery.kubernetes.pod.targets + + rule { + source_labels = ["__meta_kubernetes_namespace"] + action = "replace" + target_label = "namespace" + } + + rule { + source_labels = ["__meta_kubernetes_pod_name"] + action = "replace" + target_label = "pod" + } + + rule { + source_labels = ["__meta_kubernetes_pod_node_name"] + action = "replace" + target_label = "node" + } + + rule { + source_labels = ["__meta_kubernetes_pod_container_name"] + action = "replace" + target_label = "container" + } + + } + + loki.source.kubernetes "all_pod_logs" { + targets = discovery.relabel.pod_logs.output + forward_to = [loki.write.local_loki.receiver] + } diff --git a/otc/ABC/stacks/monitoring/grafana-dashboards.yaml b/otc/ABC/stacks/monitoring/grafana-dashboards.yaml new file mode 100644 index 0000000..8607eaa --- /dev/null +++ b/otc/ABC/stacks/monitoring/grafana-dashboards.yaml @@ -0,0 +1,25 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: grafana-dashboards + namespace: argocd + labels: + env: dev + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: default + source: + repoURL: https://gitea.ABC/giteaAdmin/edfbuilder + targetRevision: HEAD + path: "stacks/monitoring/kube-prometheus/dashboards" + destination: + server: "https://kubernetes.default.svc" + namespace: monitoring + syncPolicy: + syncOptions: + - CreateNamespace=true + automated: + selfHeal: true + retry: + limit: -1 \ No newline at end of file diff --git a/otc/ABC/stacks/monitoring/kube-prometheus-sso.yaml b/otc/ABC/stacks/monitoring/kube-prometheus-sso.yaml new file mode 100644 index 0000000..2d042e2 --- /dev/null +++ b/otc/ABC/stacks/monitoring/kube-prometheus-sso.yaml @@ -0,0 +1,29 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: kube-prometheus-sso + namespace: argocd + labels: + env: dev + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: default + source: + repoURL: https://gitea.ABC/giteaAdmin/edfbuilder + targetRevision: HEAD + path: "stacks/monitoring/kube-prometheus-sso" + destination: + server: "https://kubernetes.default.svc" + namespace: monitoring + syncPolicy: + syncOptions: + - CreateNamespace=true + automated: + selfHeal: true + retry: + limit: -1 + backoff: + duration: 15s + factor: 1 + maxDuration: 15s diff --git a/otc/ABC/stacks/monitoring/kube-prometheus-sso/secret-grafana.yaml b/otc/ABC/stacks/monitoring/kube-prometheus-sso/secret-grafana.yaml new file mode 100644 index 0000000..896ec1b --- /dev/null +++ b/otc/ABC/stacks/monitoring/kube-prometheus-sso/secret-grafana.yaml @@ -0,0 +1,21 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: auth-generic-oauth-secret + namespace: monitoring +spec: + secretStoreRef: + name: keycloak + kind: ClusterSecretStore + refreshInterval: "0" + target: + name: auth-generic-oauth-secret + template: + engineVersion: v2 + data: + client_secret: "{{.GRAFANA_CLIENT_SECRET}}" + data: + - secretKey: GRAFANA_CLIENT_SECRET + remoteRef: + key: keycloak-clients + property: GRAFANA_CLIENT_SECRET diff --git a/otc/ABC/stacks/monitoring/kube-prometheus.yaml b/otc/ABC/stacks/monitoring/kube-prometheus.yaml new file mode 100644 index 0000000..24e9939 --- /dev/null +++ b/otc/ABC/stacks/monitoring/kube-prometheus.yaml @@ -0,0 +1,36 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: kube-prometheus-stack + namespace: argocd + labels: + env: dev + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true + - ServerSideApply=true # do not copy metdata, since (because of its large size) it can lead to sync failure + retry: + limit: -1 + backoff: + duration: 15s + factor: 1 + maxDuration: 15s + destination: + name: in-cluster + namespace: monitoring + sources: + - repoURL: https://github.com/prometheus-community/helm-charts + path: charts/kube-prometheus-stack + targetRevision: HEAD + helm: + valueFiles: + - $values/stacks/monitoring/kube-prometheus/values.yaml + - repoURL: https://gitea.ABC/giteaAdmin/edfbuilder + targetRevision: HEAD + ref: values diff --git a/otc/ABC/stacks/monitoring/kube-prometheus/dashboards/dashboard_loki_apps.yaml b/otc/ABC/stacks/monitoring/kube-prometheus/dashboards/dashboard_loki_apps.yaml new file mode 100644 index 0000000..9e84526 --- /dev/null +++ b/otc/ABC/stacks/monitoring/kube-prometheus/dashboards/dashboard_loki_apps.yaml @@ -0,0 +1,268 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: grafana-dashboard-1 + labels: + grafana_dashboard: "1" +data: + k8s-dashboard-01.json: | + { + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "grafana", + "uid": "-- Grafana --" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "type": "dashboard" + } + ] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "id": 1, + "links": [ + ], + "panels": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "fieldConfig": { + "defaults": { + }, + "overrides": [ + ] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 0 + }, + "id": 5, + "options": { + "dedupStrategy": "none", + "enableLogDetails": true, + "prettifyLogMessage": false, + "showCommonLabels": false, + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "expr": "{app=\"crossplane\"}", + "queryType": "range", + "refId": "A" + } + ], + "title": "Logs: App crossplane", + "type": "logs" + }, + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "fieldConfig": { + "defaults": { + }, + "overrides": [ + ] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 8 + }, + "id": 4, + "options": { + "dedupStrategy": "none", + "enableLogDetails": true, + "prettifyLogMessage": false, + "showCommonLabels": false, + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "expr": "{app=\"argo-server\"}", + "queryType": "range", + "refId": "A" + } + ], + "title": "Logs: App argo-server", + "type": "logs" + }, + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "fieldConfig": { + "defaults": { + }, + "overrides": [ + ] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 16 + }, + "id": 3, + "options": { + "dedupStrategy": "none", + "enableLogDetails": true, + "prettifyLogMessage": false, + "showCommonLabels": false, + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "expr": "{app=\"forgejo\"}", + "queryType": "range", + "refId": "A" + } + ], + "title": "Logs: App forgejo", + "type": "logs" + }, + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "fieldConfig": { + "defaults": { + }, + "overrides": [ + ] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 24 + }, + "id": 2, + "options": { + "dedupStrategy": "none", + "enableLogDetails": true, + "prettifyLogMessage": false, + "showCommonLabels": false, + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "expr": "{app=\"backstage\"}", + "queryType": "range", + "refId": "A" + } + ], + "title": "Logs: App backstage", + "type": "logs" + }, + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "fieldConfig": { + "defaults": { + }, + "overrides": [ + ] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 32 + }, + "id": 1, + "options": { + "dedupStrategy": "none", + "enableLogDetails": true, + "prettifyLogMessage": false, + "showCommonLabels": false, + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "expr": "{app=\"shoot-control-plane\"}", + "queryType": "range", + "refId": "A" + } + ], + "title": "Logs: App shoot-control-plane", + "type": "logs" + } + ], + "preload": false, + "schemaVersion": 40, + "tags": [ + ], + "templating": { + "list": [ + ] + }, + "time": { + "from": "now-6h", + "to": "now" + }, + "timepicker": { + }, + "timezone": "browser", + "title": "Loki Logs: Apps", + "uid": "ee4iuluru756of", + "version": 2, + "weekStart": "" + } \ No newline at end of file diff --git a/otc/ABC/stacks/monitoring/kube-prometheus/dashboards/dashboard_loki_components.yaml b/otc/ABC/stacks/monitoring/kube-prometheus/dashboards/dashboard_loki_components.yaml new file mode 100644 index 0000000..b35ed60 --- /dev/null +++ b/otc/ABC/stacks/monitoring/kube-prometheus/dashboards/dashboard_loki_components.yaml @@ -0,0 +1,845 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: grafana-dashboard-2 + labels: + grafana_dashboard: "1" +data: + k8s-dashboard-02.json: | + { + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "grafana", + "uid": "-- Grafana --" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "type": "dashboard" + } + ] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "id": 30, + "links": [ + ], + "panels": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "fieldConfig": { + "defaults": { + }, + "overrides": [ + ] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 0 + }, + "id": 19, + "options": { + "dedupStrategy": "none", + "enableLogDetails": true, + "prettifyLogMessage": false, + "showCommonLabels": false, + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "editorMode": "builder", + "expr": "{component=\"server\"} |= ``", + "queryType": "range", + "refId": "A" + } + ], + "title": "Logs: Component server", + "type": "logs" + }, + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "fieldConfig": { + "defaults": { + }, + "overrides": [ + ] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 8 + }, + "id": 17, + "options": { + "dedupStrategy": "none", + "enableLogDetails": true, + "prettifyLogMessage": false, + "showCommonLabels": false, + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "editorMode": "builder", + "expr": "{component=\"repo-server\"} |= ``", + "queryType": "range", + "refId": "A" + } + ], + "title": "Logs: Component repo-server", + "type": "logs" + }, + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "fieldConfig": { + "defaults": { + }, + "overrides": [ + ] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 16 + }, + "id": 16, + "options": { + "dedupStrategy": "none", + "enableLogDetails": true, + "prettifyLogMessage": false, + "showCommonLabels": false, + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "editorMode": "builder", + "expr": "{component=\"redis\"} |= ``", + "queryType": "range", + "refId": "A" + } + ], + "title": "Logs: Component redis", + "type": "logs" + }, + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "fieldConfig": { + "defaults": { + }, + "overrides": [ + ] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 24 + }, + "id": 15, + "options": { + "dedupStrategy": "none", + "enableLogDetails": true, + "prettifyLogMessage": false, + "showCommonLabels": false, + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "editorMode": "builder", + "expr": "{component=\"query-frontend\"} |= ``", + "queryType": "range", + "refId": "A" + } + ], + "title": "Logs: Component query-frontend", + "type": "logs" + }, + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "fieldConfig": { + "defaults": { + }, + "overrides": [ + ] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 32 + }, + "id": 14, + "options": { + "dedupStrategy": "none", + "enableLogDetails": true, + "prettifyLogMessage": false, + "showCommonLabels": false, + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "editorMode": "builder", + "expr": "{component=\"querier\"} |= ``", + "queryType": "range", + "refId": "A" + } + ], + "title": "Logs: Component querier", + "type": "logs" + }, + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "fieldConfig": { + "defaults": { + }, + "overrides": [ + ] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 40 + }, + "id": 13, + "options": { + "dedupStrategy": "none", + "enableLogDetails": true, + "prettifyLogMessage": false, + "showCommonLabels": false, + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "editorMode": "builder", + "expr": "{component=\"prometheus-operator-webhook\"} |= ``", + "queryType": "range", + "refId": "A" + } + ], + "title": "Logs: Component prometheus-operator-webhook", + "type": "logs" + }, + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "fieldConfig": { + "defaults": { + }, + "overrides": [ + ] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 48 + }, + "id": 12, + "options": { + "dedupStrategy": "none", + "enableLogDetails": true, + "prettifyLogMessage": false, + "showCommonLabels": false, + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "editorMode": "builder", + "expr": "{component=\"prometheus-operator\"} |= ``", + "queryType": "range", + "refId": "A" + } + ], + "title": "Logs: Component prometheus-operator", + "type": "logs" + }, + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "fieldConfig": { + "defaults": { + }, + "overrides": [ + ] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 56 + }, + "id": 11, + "options": { + "dedupStrategy": "none", + "enableLogDetails": true, + "prettifyLogMessage": false, + "showCommonLabels": false, + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "editorMode": "builder", + "expr": "{component=\"metrics\"} |= ``", + "queryType": "range", + "refId": "A" + } + ], + "title": "Logs: Component metrics", + "type": "logs" + }, + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "fieldConfig": { + "defaults": { + }, + "overrides": [ + ] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 64 + }, + "id": 10, + "options": { + "dedupStrategy": "none", + "enableLogDetails": true, + "prettifyLogMessage": false, + "showCommonLabels": false, + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "editorMode": "builder", + "expr": "{component=\"kube-scheduler\"} |= ``", + "queryType": "range", + "refId": "A" + } + ], + "title": "Logs: Component kube-scheduler", + "type": "logs" + }, + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "fieldConfig": { + "defaults": { + }, + "overrides": [ + ] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 72 + }, + "id": 9, + "options": { + "dedupStrategy": "none", + "enableLogDetails": true, + "prettifyLogMessage": false, + "showCommonLabels": false, + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "editorMode": "builder", + "expr": "{component=\"kube-controller-manager\"} |= ``", + "queryType": "range", + "refId": "A" + } + ], + "title": "Logs: Component kube-controller-manager", + "type": "logs" + }, + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "fieldConfig": { + "defaults": { + }, + "overrides": [ + ] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 80 + }, + "id": 8, + "options": { + "dedupStrategy": "none", + "enableLogDetails": true, + "prettifyLogMessage": false, + "showCommonLabels": false, + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "editorMode": "builder", + "expr": "{component=\"kube-apiserver\"} |= ``", + "queryType": "range", + "refId": "A" + } + ], + "title": "Logs: Component kube-apiserver", + "type": "logs" + }, + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "fieldConfig": { + "defaults": { + }, + "overrides": [ + ] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 88 + }, + "id": 7, + "options": { + "dedupStrategy": "none", + "enableLogDetails": true, + "prettifyLogMessage": false, + "showCommonLabels": false, + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "editorMode": "builder", + "expr": "{component=\"ingester\"} |= ``", + "queryType": "range", + "refId": "A" + } + ], + "title": "Logs: Component ingester", + "type": "logs" + }, + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "fieldConfig": { + "defaults": { + }, + "overrides": [ + ] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 96 + }, + "id": 6, + "options": { + "dedupStrategy": "none", + "enableLogDetails": true, + "prettifyLogMessage": false, + "showCommonLabels": false, + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "editorMode": "builder", + "expr": "{component=\"gateway\"} |= ``", + "queryType": "range", + "refId": "A" + } + ], + "title": "Logs: Component gateway", + "type": "logs" + }, + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "fieldConfig": { + "defaults": { + }, + "overrides": [ + ] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 104 + }, + "id": 5, + "options": { + "dedupStrategy": "none", + "enableLogDetails": true, + "prettifyLogMessage": false, + "showCommonLabels": false, + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "editorMode": "builder", + "expr": "{component=\"etcd\"} |= ``", + "queryType": "range", + "refId": "A" + } + ], + "title": "Logs: Component etcd", + "type": "logs" + }, + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "fieldConfig": { + "defaults": { + }, + "overrides": [ + ] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 112 + }, + "id": 4, + "options": { + "dedupStrategy": "none", + "enableLogDetails": true, + "prettifyLogMessage": false, + "showCommonLabels": false, + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "editorMode": "builder", + "expr": "{component=\"distributor\"} |= ``", + "queryType": "range", + "refId": "A" + } + ], + "title": "Logs: Component distributor", + "type": "logs" + }, + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "fieldConfig": { + "defaults": { + }, + "overrides": [ + ] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 120 + }, + "id": 3, + "options": { + "dedupStrategy": "none", + "enableLogDetails": true, + "prettifyLogMessage": false, + "showCommonLabels": false, + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "editorMode": "builder", + "expr": "{component=\"controller\"} |= ``", + "queryType": "range", + "refId": "A" + } + ], + "title": "Logs: Component controller", + "type": "logs" + }, + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "fieldConfig": { + "defaults": { + }, + "overrides": [ + ] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 128 + }, + "id": 2, + "options": { + "dedupStrategy": "none", + "enableLogDetails": true, + "prettifyLogMessage": false, + "showCommonLabels": false, + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "editorMode": "builder", + "expr": "{component=\"cloud-infrastructure-controller\"} |= ``", + "queryType": "range", + "refId": "A" + } + ], + "title": "Logs: Component cloud-infrastructure-controller", + "type": "logs" + }, + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "fieldConfig": { + "defaults": { + }, + "overrides": [ + ] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 136 + }, + "id": 1, + "options": { + "dedupStrategy": "none", + "enableLogDetails": true, + "prettifyLogMessage": false, + "showCommonLabels": false, + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "editorMode": "builder", + "expr": "{component=\"applicationset-controller\"} |= ``", + "queryType": "range", + "refId": "A" + } + ], + "title": "Logs: Component application-controller", + "type": "logs" + } + ], + "preload": false, + "schemaVersion": 40, + "tags": [ + ], + "templating": { + "list": [ + ] + }, + "time": { + "from": "now-6h", + "to": "now" + }, + "timepicker": { + }, + "timezone": "browser", + "title": "Loki Logs: Components", + "uid": "ae4zuyp1kui9sc", + "version": 2, + "weekStart": "" + } \ No newline at end of file diff --git a/otc/ABC/stacks/monitoring/kube-prometheus/dashboards/dashboard_loki_container.yaml b/otc/ABC/stacks/monitoring/kube-prometheus/dashboards/dashboard_loki_container.yaml new file mode 100644 index 0000000..e38896e --- /dev/null +++ b/otc/ABC/stacks/monitoring/kube-prometheus/dashboards/dashboard_loki_container.yaml @@ -0,0 +1,537 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: grafana-dashboard-3 + labels: + grafana_dashboard: "1" +data: + k8s-dashboard-03.json: | + { + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "grafana", + "uid": "-- Grafana --" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "type": "dashboard" + } + ] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "id": 31, + "links": [ + ], + "panels": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "fieldConfig": { + "defaults": { + }, + "overrides": [ + ] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 0 + }, + "id": 11, + "options": { + "dedupStrategy": "none", + "enableLogDetails": true, + "prettifyLogMessage": false, + "showCommonLabels": false, + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "editorMode": "builder", + "expr": "{container=\"repo-server\"} |= ``", + "queryType": "range", + "refId": "A" + } + ], + "title": "Logs: Container repo-server", + "type": "logs" + }, + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "fieldConfig": { + "defaults": { + }, + "overrides": [ + ] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 8 + }, + "id": 10, + "options": { + "dedupStrategy": "none", + "enableLogDetails": true, + "prettifyLogMessage": false, + "showCommonLabels": false, + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "editorMode": "builder", + "expr": "{container=\"alloy\"} |= ``", + "queryType": "range", + "refId": "A" + } + ], + "title": "Logs: Container alloy", + "type": "logs" + }, + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "fieldConfig": { + "defaults": { + }, + "overrides": [ + ] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 16 + }, + "id": 9, + "options": { + "dedupStrategy": "none", + "enableLogDetails": true, + "prettifyLogMessage": false, + "showCommonLabels": false, + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "editorMode": "builder", + "expr": "{container=\"prometheus\"} |= ``", + "queryType": "range", + "refId": "A" + } + ], + "title": "Logs: Container prometheus", + "type": "logs" + }, + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "fieldConfig": { + "defaults": { + }, + "overrides": [ + ] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 24 + }, + "id": 8, + "options": { + "dedupStrategy": "none", + "enableLogDetails": true, + "prettifyLogMessage": false, + "showCommonLabels": false, + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "editorMode": "builder", + "expr": "{container=\"postgres\"} |= ``", + "queryType": "range", + "refId": "A" + } + ], + "title": "Logs: Container postgres", + "type": "logs" + }, + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "fieldConfig": { + "defaults": { + }, + "overrides": [ + ] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 32 + }, + "id": 7, + "options": { + "dedupStrategy": "none", + "enableLogDetails": true, + "prettifyLogMessage": false, + "showCommonLabels": false, + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "editorMode": "builder", + "expr": "{container=\"kube-prometheus-stack\"} |= ``", + "queryType": "range", + "refId": "A" + } + ], + "title": "Logs: Container kube-prometheus-stack", + "type": "logs" + }, + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "fieldConfig": { + "defaults": { + }, + "overrides": [ + ] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 40 + }, + "id": 6, + "options": { + "dedupStrategy": "none", + "enableLogDetails": true, + "prettifyLogMessage": false, + "showCommonLabels": false, + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "editorMode": "builder", + "expr": "{container=\"keycloak\"} |= ``", + "queryType": "range", + "refId": "A" + } + ], + "title": "Logs: Container keycloak", + "type": "logs" + }, + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "fieldConfig": { + "defaults": { + }, + "overrides": [ + ] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 48 + }, + "id": 5, + "options": { + "dedupStrategy": "none", + "enableLogDetails": true, + "prettifyLogMessage": false, + "showCommonLabels": false, + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "editorMode": "builder", + "expr": "{container=\"grafana\"} |= ``", + "queryType": "range", + "refId": "A" + } + ], + "title": "Logs: Container grafana", + "type": "logs" + }, + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "fieldConfig": { + "defaults": { + }, + "overrides": [ + ] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 56 + }, + "id": 4, + "options": { + "dedupStrategy": "none", + "enableLogDetails": true, + "prettifyLogMessage": false, + "showCommonLabels": false, + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "editorMode": "builder", + "expr": "{container=\"forgejo\"} |= ``", + "queryType": "range", + "refId": "A" + } + ], + "title": "Logs: Container forgejo", + "type": "logs" + }, + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "fieldConfig": { + "defaults": { + }, + "overrides": [ + ] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 64 + }, + "id": 3, + "options": { + "dedupStrategy": "none", + "enableLogDetails": true, + "prettifyLogMessage": false, + "showCommonLabels": false, + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "editorMode": "builder", + "expr": "{container=\"crossplane\"} |= ``", + "queryType": "range", + "refId": "A" + } + ], + "title": "Logs: Container crossplane", + "type": "logs" + }, + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "fieldConfig": { + "defaults": { + }, + "overrides": [ + ] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 72 + }, + "id": 2, + "options": { + "dedupStrategy": "none", + "enableLogDetails": true, + "prettifyLogMessage": false, + "showCommonLabels": false, + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "editorMode": "builder", + "expr": "{container=\"backstage\"} |= ``", + "queryType": "range", + "refId": "A" + } + ], + "title": "Logs: Container backstage", + "type": "logs" + }, + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "fieldConfig": { + "defaults": { + }, + "overrides": [ + ] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 80 + }, + "id": 1, + "options": { + "dedupStrategy": "none", + "enableLogDetails": true, + "prettifyLogMessage": false, + "showCommonLabels": false, + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "P8E80F9AEF21F6940" + }, + "editorMode": "builder", + "expr": "{container=\"argo-server\"} |= ``", + "queryType": "range", + "refId": "A" + } + ], + "title": "Logs: Container argo-server", + "type": "logs" + } + ], + "preload": false, + "schemaVersion": 40, + "tags": [ + ], + "templating": { + "list": [ + ] + }, + "time": { + "from": "now-6h", + "to": "now" + }, + "timepicker": { + }, + "timezone": "browser", + "title": "Loki Logs: Container", + "uid": "ee50bcaehmv40e", + "version": 2, + "weekStart": "" + } \ No newline at end of file diff --git a/otc/ABC/stacks/monitoring/kube-prometheus/dashboards/dashboard_nginx-ingress.yaml b/otc/ABC/stacks/monitoring/kube-prometheus/dashboards/dashboard_nginx-ingress.yaml new file mode 100644 index 0000000..8436c8c --- /dev/null +++ b/otc/ABC/stacks/monitoring/kube-prometheus/dashboards/dashboard_nginx-ingress.yaml @@ -0,0 +1,1577 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: grafana-dashboard-4 + labels: + grafana_dashboard: "1" +data: + k8s-dashboard-04.json: | + { + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "grafana", + "uid": "-- Grafana --" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "type": "dashboard" + } + ] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "id": 32, + "links": [], + "panels": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 0 + }, + "id": 16, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "disableTextWrap": false, + "editorMode": "builder", + "expr": "nginx_ingress_controller_response_size_sum", + "fullMetaSearch": false, + "includeNullMetadata": true, + "legendFormat": "__auto", + "range": true, + "refId": "A", + "useBackend": false + } + ], + "title": "nginx ingress controller response size sum", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 8 + }, + "id": 15, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "disableTextWrap": false, + "editorMode": "builder", + "expr": "nginx_ingress_controller_response_duration_seconds_sum", + "fullMetaSearch": false, + "includeNullMetadata": true, + "legendFormat": "__auto", + "range": true, + "refId": "A", + "useBackend": false + } + ], + "title": "nginx ingress controller response duration seconds sum", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 16 + }, + "id": 14, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "disableTextWrap": false, + "editorMode": "builder", + "expr": "nginx_ingress_controller_request_size_sum", + "fullMetaSearch": false, + "includeNullMetadata": true, + "legendFormat": "__auto", + "range": true, + "refId": "A", + "useBackend": false + } + ], + "title": "nginx ingress controller request size sum", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 24 + }, + "id": 13, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "disableTextWrap": false, + "editorMode": "builder", + "expr": "nginx_ingress_controller_request_duration_seconds_sum", + "fullMetaSearch": false, + "includeNullMetadata": true, + "legendFormat": "__auto", + "range": true, + "refId": "A", + "useBackend": false + } + ], + "title": "nginx ingress controller request duration seconds sum", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 32 + }, + "id": 12, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "disableTextWrap": false, + "editorMode": "builder", + "expr": "nginx_ingress_controller_orphan_ingress", + "fullMetaSearch": false, + "includeNullMetadata": true, + "legendFormat": "__auto", + "range": true, + "refId": "A", + "useBackend": false + } + ], + "title": "nginx ingress controller orphan ingress", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 40 + }, + "id": 11, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "disableTextWrap": false, + "editorMode": "builder", + "expr": "nginx_ingress_controller_nginx_process_requests_total", + "fullMetaSearch": false, + "includeNullMetadata": true, + "legendFormat": "__auto", + "range": true, + "refId": "A", + "useBackend": false + } + ], + "title": "nginx ingress controller nginx process requests total", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 48 + }, + "id": 10, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "disableTextWrap": false, + "editorMode": "builder", + "expr": "nginx_ingress_controller_nginx_process_read_bytes_total", + "fullMetaSearch": false, + "includeNullMetadata": true, + "legendFormat": "__auto", + "range": true, + "refId": "A", + "useBackend": false + } + ], + "title": "nginx ingress controller nginx process read bytes total", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 56 + }, + "id": 9, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "disableTextWrap": false, + "editorMode": "builder", + "expr": "nginx_ingress_controller_nginx_process_connections_total", + "fullMetaSearch": false, + "includeNullMetadata": true, + "legendFormat": "__auto", + "range": true, + "refId": "A", + "useBackend": false + } + ], + "title": "nginx ingress controller nginx process connections total", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 64 + }, + "id": 8, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "disableTextWrap": false, + "editorMode": "builder", + "expr": "nginx_ingress_controller_ingress_upstream_latency_seconds_sum", + "fullMetaSearch": false, + "includeNullMetadata": true, + "legendFormat": "__auto", + "range": true, + "refId": "A", + "useBackend": false + } + ], + "title": "nginx ingress controller ingress upstream latency seconds sum", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 72 + }, + "id": 7, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "disableTextWrap": false, + "editorMode": "builder", + "expr": "nginx_ingress_controller_header_duration_seconds_sum", + "fullMetaSearch": false, + "includeNullMetadata": true, + "legendFormat": "__auto", + "range": true, + "refId": "A", + "useBackend": false + } + ], + "title": "nginx ingress controller header duration seconds sum", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 80 + }, + "id": 6, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "disableTextWrap": false, + "editorMode": "builder", + "expr": "nginx_ingress_controller_connect_duration_seconds_sum", + "fullMetaSearch": false, + "includeNullMetadata": true, + "legendFormat": "__auto", + "range": true, + "refId": "A", + "useBackend": false + } + ], + "title": "nginx ingress controller connect duration seconds sum", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 88 + }, + "id": 5, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "disableTextWrap": false, + "editorMode": "builder", + "expr": "nginx_ingress_controller_config_last_reload_successful_timestamp_seconds", + "fullMetaSearch": false, + "includeNullMetadata": true, + "legendFormat": "__auto", + "range": true, + "refId": "A", + "useBackend": false + } + ], + "title": "nginx ingress controller config last reload successful timestamp seconds", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 96 + }, + "id": 4, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "disableTextWrap": false, + "editorMode": "builder", + "expr": "nginx_ingress_controller_bytes_sent_sum", + "fullMetaSearch": false, + "includeNullMetadata": true, + "legendFormat": "__auto", + "range": true, + "refId": "A", + "useBackend": false + } + ], + "title": "nginx ingress controller bytes sent sum", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 104 + }, + "id": 3, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "disableTextWrap": false, + "editorMode": "builder", + "expr": "nginx_ingress_controller_admission_roundtrip_duration", + "fullMetaSearch": false, + "includeNullMetadata": true, + "legendFormat": "__auto", + "range": true, + "refId": "A", + "useBackend": false + } + ], + "title": "nginx ingress controller admission roundtrip duration", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 112 + }, + "id": 2, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "disableTextWrap": false, + "editorMode": "builder", + "expr": "nginx_ingress_controller_admission_render_ingresses", + "fullMetaSearch": false, + "includeNullMetadata": true, + "legendFormat": "__auto", + "range": true, + "refId": "A", + "useBackend": false + } + ], + "title": "nginx ingress controller admission render ingresses", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 120 + }, + "id": 1, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.3.1", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "disableTextWrap": false, + "editorMode": "builder", + "expr": "nginx_ingress_controller_admission_render_duration", + "fullMetaSearch": false, + "includeNullMetadata": true, + "legendFormat": "__auto", + "range": true, + "refId": "A", + "useBackend": false + } + ], + "title": "nginx ingress controller admission render duration", + "type": "timeseries" + } + ], + "preload": false, + "schemaVersion": 40, + "tags": [], + "templating": { + "list": [] + }, + "time": { + "from": "now-6h", + "to": "now" + }, + "timepicker": {}, + "timezone": "browser", + "title": "Nginx Ingress Controller", + "uid": "ae6eoqdik5n28e", + "version": 1, + "weekStart": "" + } \ No newline at end of file diff --git a/otc/ABC/stacks/monitoring/kube-prometheus/values.yaml b/otc/ABC/stacks/monitoring/kube-prometheus/values.yaml new file mode 100644 index 0000000..4e4b67f --- /dev/null +++ b/otc/ABC/stacks/monitoring/kube-prometheus/values.yaml @@ -0,0 +1,71 @@ +grafana: + namespaceOverride: "monitoring" + + admin: + existingSecret: "kube-prometheus-stack-grafana-admin-password" + userKey: admin-user + passwordKey: admin-password + + defaultDashboardsTimezone: Europe/Berlin + + additionalDataSources: + - name: Loki + type: loki + url: http://loki-loki-distributed-gateway.monitoring:80 + + # syncPolicy: + # syncOptions: + # - ServerSideApply=true + + sidecar: + dashboards: + enabled: true + label: grafana_dashboard + folder: /tmp/dashboards + updateIntervalSeconds: 10 + folderAnnotation: grafana_folder + provider: + allowUiUpdates: true + foldersFromFilesStructure: true + + grafana.ini: + server: + domain: ABC + root_url: "%(protocol)s://%(domain)s/grafana" + serve_from_sub_path: true + auth: + disable_login: true + disable_login_form: true + auth.generic_oauth: + enabled: true + name: Keycloak-OAuth + allow_sign_up: true + use_refresh_token: true + client_id: grafana + client_secret: $__file{/etc/secrets/auth_generic_oauth/client_secret} + scopes: openid email profile offline_access roles + email_attribute_path: email + login_attribute_path: username + name_attribute_path: full_name + auth_url: https://ABC/keycloak/realms/cnoe/protocol/openid-connect/auth + token_url: https://ABC/keycloak/realms/cnoe/protocol/openid-connect/token + api_url: https://ABC/keycloak/realms/cnoe/protocol/openid-connect/userinfo + redirect_uri: http://ABC/grafana/login/generic_oauth + role_attribute_path: "contains(groups[*], 'admin') && 'Admin' || contains(groups[*], 'editor') && 'Editor' || 'Viewer'" + + extraSecretMounts: + - name: auth-generic-oauth-secret-mount + secretName: auth-generic-oauth-secret + defaultMode: 0440 + mountPath: /etc/secrets/auth_generic_oauth + readOnly: true + + serviceMonitor: + # If true, a ServiceMonitor CRD is created for a prometheus operator https://github.com/coreos/prometheus-operator + enabled: true + +#monitoring nginx +prometheus: + prometheusSpec: + podMonitorSelectorNilUsesHelmValues: false + serviceMonitorSelectorNilUsesHelmValues: false diff --git a/otc/ABC/stacks/monitoring/loki.yaml b/otc/ABC/stacks/monitoring/loki.yaml new file mode 100644 index 0000000..fb9b953 --- /dev/null +++ b/otc/ABC/stacks/monitoring/loki.yaml @@ -0,0 +1,34 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: loki + namespace: argocd + labels: + env: dev + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true + destination: + name: in-cluster + namespace: monitoring + sources: + - repoURL: https://github.com/grafana/helm-charts + path: charts/loki-distributed + targetRevision: HEAD + helm: + valueFiles: + - $values/stacks/monitoring/loki/values.yaml + - repoURL: https://gitea.ABC/giteaAdmin/edfbuilder + targetRevision: HEAD + ref: values + + ## consider using the following version, if it works again + #- repoURL: https://github.com/grafana/loki + # path: production/helm/loki + diff --git a/otc/ABC/stacks/monitoring/loki/values.yaml b/otc/ABC/stacks/monitoring/loki/values.yaml new file mode 100644 index 0000000..5cc5c1f --- /dev/null +++ b/otc/ABC/stacks/monitoring/loki/values.yaml @@ -0,0 +1,7 @@ +loki: + commonConfig: + replication_factor: 1 + auth_enabled: false + +# storageConfig: +# filesystem: null diff --git a/otc/ABC/stacks/observability/victoria-k8s-stack.yaml b/otc/ABC/stacks/observability/victoria-k8s-stack.yaml deleted file mode 100644 index 31f065d..0000000 --- a/otc/ABC/stacks/observability/victoria-k8s-stack.yaml +++ /dev/null @@ -1,31 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: victoria-k8s-stack - namespace: argocd - labels: - env: dev -spec: - project: default - syncPolicy: - automated: - selfHeal: true - syncOptions: - - CreateNamespace=true - destination: - name: in-cluster - namespace: observability - sources: - - chart: victoria-metrics-k8s-stack - repoURL: https://victoriametrics.github.io/helm-charts/ - targetRevision: 0.48.1 - releaseName: victoria - helm: - valueFiles: - - $values/otc/ABC/stacks/observability/victoria-k8s-stack/values.yaml - - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances - targetRevision: HEAD - ref: values - - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances - targetRevision: HEAD - path: "otc/ABC/stacks/observability/victoria-k8s-stack/manifests" diff --git a/otc/ABC/stacks/observability/victoria-k8s-stack/manifests/vlogs.yaml b/otc/ABC/stacks/observability/victoria-k8s-stack/manifests/vlogs.yaml deleted file mode 100644 index b74e71a..0000000 --- a/otc/ABC/stacks/observability/victoria-k8s-stack/manifests/vlogs.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: operator.victoriametrics.com/v1beta1 -kind: VLogs -metadata: - name: victorialogs - namespace: observability -spec: - retentionPeriod: "12" - removePvcAfterDelete: true - storage: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 50Gi - resources: - requests: - memory: 500Mi - cpu: 500m - limits: - memory: 10Gi - cpu: 2 \ No newline at end of file diff --git a/otc/ABC/stacks/observability/victoria-k8s-stack/values.yaml b/otc/ABC/stacks/observability/victoria-k8s-stack/values.yaml deleted file mode 100644 index 145ef52..0000000 --- a/otc/ABC/stacks/observability/victoria-k8s-stack/values.yaml +++ /dev/null @@ -1,1278 +0,0 @@ -global: - # -- Cluster label to use for dashboards and rules - clusterLabel: cluster - # -- Global license configuration - license: - key: "" - keyRef: {} - # name: secret-license - # key: license - cluster: - # -- K8s cluster domain suffix, uses for building storage pods' FQDN. Details are [here](https://kubernetes.io/docs/tasks/administer-cluster/dns-custom-nameservers/) - dnsDomain: cluster.local. - -# -- Override chart name -nameOverride: "" -# -- Resource full name override -fullnameOverride: "" -# -- Tenant to use for Grafana datasources and remote write -tenant: "0" -# -- If this chart is used in "Argocd" with "releaseName" field then -# VMServiceScrapes couldn't select the proper services. -# For correct working need set value 'argocdReleaseOverride=$ARGOCD_APP_NAME' -argocdReleaseOverride: "" - -# -- VictoriaMetrics Operator dependency chart configuration. More values can be found [here](https://docs.victoriametrics.com/helm/victoriametrics-operator#parameters). Also checkout [here](https://docs.victoriametrics.com/operator/vars) possible ENV variables to configure operator behaviour -victoria-metrics-operator: - enabled: true - crds: - plain: true - cleanup: - enabled: true - image: - repository: bitnami/kubectl - pullPolicy: IfNotPresent - serviceMonitor: - enabled: true - operator: - # -- By default, operator converts prometheus-operator objects. - disable_prometheus_converter: false - # group pinguin added the admissionWebhooks value according to https://docs.victoriametrics.com/helm/victoriametrics-k8s-stack/#argocd-issues - admissionWebhooks: - certManager: - enabled: true - -defaultDashboards: - # -- Enable custom dashboards installation - enabled: true - defaultTimezone: utc - labels: {} - annotations: {} - grafanaOperator: - # -- Create dashboards as CRDs (requires grafana-operator to be installed) - enabled: false - spec: - instanceSelector: - matchLabels: - dashboards: grafana - allowCrossNamespaceImport: false - # -- Create dashboards as ConfigMap despite dependency it requires is not installed - dashboards: - victoriametrics-vmalert: - enabled: true - victoriametrics-operator: - enabled: true - # -- In ArgoCD using client-side apply this dashboard reaches annotations size limit and causes k8s issues without server side apply - # See [this issue](https://github.com/VictoriaMetrics/helm-charts/tree/master/charts/victoria-metrics-k8s-stack#metadataannotations-too-long-must-have-at-most-262144-bytes-on-dashboards) - node-exporter-full: - enabled: true - -# -- Create default rules for monitoring the cluster -defaultRules: - # -- Labels, which are used for grouping results of the queries. Note that these labels are joined with `.Values.global.clusterLabel` - additionalGroupByLabels: [] - create: true - - # -- Common properties for VMRule groups - group: - spec: - # -- Optional HTTP URL parameters added to each rule request - params: {} - - # -- Common properties for all VMRules - rule: - spec: - # -- Additional labels for all VMRules - labels: {} - # -- Additional annotations for all VMRules - annotations: {} - - # -- Common properties for VMRules alerts - alerting: - spec: - # -- Additional labels for VMRule alerts - labels: {} - # -- Additional annotations for VMRule alerts - annotations: {} - - # -- Common properties for VMRules recording rules - recording: - spec: - # -- Additional labels for VMRule recording rules - labels: {} - # -- Additional annotations for VMRule recording rules - annotations: {} - - # -- Per rule properties - rules: {} - # CPUThrottlingHigh: - # create: true - # spec: - # for: 15m - # labels: - # severity: critical - # -- Rule group properties - groups: - etcd: - create: true - # -- Common properties for all rules in a group - rules: {} - # spec: - # annotations: - # dashboard: https://example.com/dashboard/1 - general: - create: true - rules: {} - k8sContainerCpuLimits: - create: true - rules: {} - k8sContainerCpuRequests: - create: true - rules: {} - k8sContainerCpuUsageSecondsTotal: - create: true - rules: {} - k8sContainerMemoryLimits: - create: true - rules: {} - k8sContainerMemoryRequests: - create: true - rules: {} - k8sContainerMemoryRss: - create: true - rules: {} - k8sContainerMemoryCache: - create: true - rules: {} - k8sContainerMemoryWorkingSetBytes: - create: true - rules: {} - k8sContainerMemorySwap: - create: true - rules: {} - k8sPodOwner: - create: true - rules: {} - k8sContainerResource: - create: true - rules: {} - kubeApiserver: - create: true - rules: {} - kubeApiserverAvailability: - create: true - rules: {} - kubeApiserverBurnrate: - create: true - rules: {} - kubeApiserverHistogram: - create: true - rules: {} - kubeApiserverSlos: - create: true - rules: {} - kubelet: - create: true - rules: {} - kubePrometheusGeneral: - create: true - rules: {} - kubePrometheusNodeRecording: - create: true - rules: {} - kubernetesApps: - create: true - rules: {} - targetNamespace: ".*" - kubernetesResources: - create: true - rules: {} - kubernetesStorage: - create: true - rules: {} - targetNamespace: ".*" - kubernetesSystem: - create: true - rules: {} - kubernetesSystemKubelet: - create: true - rules: {} - kubernetesSystemApiserver: - create: true - rules: {} - kubernetesSystemControllerManager: - create: true - rules: {} - kubeScheduler: - create: true - rules: {} - kubernetesSystemScheduler: - create: true - rules: {} - kubeStateMetrics: - create: true - rules: {} - nodeNetwork: - create: true - rules: {} - node: - create: true - rules: {} - vmagent: - create: true - rules: {} - vmsingle: - create: true - rules: {} - vmcluster: - create: true - rules: {} - vmHealth: - create: true - rules: {} - vmoperator: - create: true - rules: {} - alertmanager: - create: true - rules: {} - - # -- Runbook url prefix for default rules - runbookUrl: https://runbooks.prometheus-operator.dev/runbooks - - # -- Labels for default rules - labels: {} - # -- Annotations for default rules - annotations: {} - -# -- Provide custom recording or alerting rules to be deployed into the cluster. -additionalVictoriaMetricsMap: -# rule-name: -# groups: -# - name: my_group -# rules: -# - record: my_record -# expr: 100 * my_record - -external: - grafana: - # -- External Grafana host - host: "" - # -- External Grafana datasource name - datasource: VictoriaMetrics - # -- External VM read and write URLs - vm: - read: - url: "" - # bearerTokenSecret: - # name: dbaas-read-access-token - # key: bearerToken - write: - url: "" - # bearerTokenSecret: - # name: dbaas-read-access-token - # key: bearerToken - -# Configures vmsingle params -vmsingle: - # -- VMSingle annotations - annotations: {} - # -- Create VMSingle CR - enabled: true - # -- Full spec for VMSingle CRD. Allowed values describe [here](https://docs.victoriametrics.com/operator/api#vmsinglespec) - spec: - port: "8429" - # -- Data retention period. Possible units character: h(ours), d(ays), w(eeks), y(ears), if no unit character specified - month. The minimum retention period is 24h. See these [docs](https://docs.victoriametrics.com/single-server-victoriametrics/#retention) - retentionPeriod: "1" - replicaCount: 1 - extraArgs: {} - storage: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 20Gi - ingress: - # -- Enable deployment of ingress for server component - enabled: false - # -- Ingress annotations - annotations: - {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - # -- Ingress extra labels - labels: {} - # -- Ingress default path - path: "" - # -- Ingress path type - pathType: Prefix - # -- Ingress controller class name - ingressClassName: "" - - # -- Array of host objects - hosts: [] - # - vmsingle.domain.com - # -- Extra paths to prepend to every host configuration. This is useful when working with annotation based services. - extraPaths: [] - # - path: /* - # pathType: Prefix - # backend: - # service: - # name: ssl-redirect - # port: - # name: service - - # -- Array of TLS objects - tls: [] - # - secretName: vmsingle-ingress-tls - # hosts: - # - vmsingle.domain.com - -vmcluster: - # -- Create VMCluster CR - enabled: false - # -- VMCluster annotations - annotations: {} - # -- Full spec for VMCluster CRD. Allowed values described [here](https://docs.victoriametrics.com/operator/api#vmclusterspec) - spec: - # -- Data retention period. Possible units character: h(ours), d(ays), w(eeks), y(ears), if no unit character specified - month. The minimum retention period is 24h. See these [docs](https://docs.victoriametrics.com/single-server-victoriametrics/#retention) - retentionPeriod: "1" - replicationFactor: 2 - vmstorage: - replicaCount: 2 - storageDataPath: /vm-data - storage: - volumeClaimTemplate: - spec: - resources: - requests: - storage: 10Gi - resources: - {} - # limits: - # cpu: "1" - # memory: 1500Mi - vmselect: - # -- Set this value to false to disable VMSelect - enabled: true - port: "8481" - replicaCount: 2 - cacheMountPath: /select-cache - extraArgs: {} - storage: - volumeClaimTemplate: - spec: - resources: - requests: - storage: 2Gi - resources: - {} - # limits: - # cpu: "1" - # memory: "1000Mi" - # requests: - # cpu: "0.5" - # memory: "500Mi" - vminsert: - # -- Set this value to false to disable VMInsert - enabled: true - port: "8480" - replicaCount: 2 - extraArgs: {} - resources: - {} - # limits: - # cpu: "1" - # memory: 1000Mi - # requests: - # cpu: "0.5" - # memory: "500Mi" - - ingress: - storage: - # -- Enable deployment of ingress for server component - enabled: false - - # -- Ingress annotations - annotations: {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - - # -- Ingress extra labels - labels: {} - - # -- Ingress controller class name - ingressClassName: "" - - # -- Ingress path type - pathType: Prefix - - # -- Ingress default path - path: "" - - # -- Array of host objects - hosts: [] - # - vmstorage.domain.com - - # -- Extra paths to prepend to every host configuration. This is useful when working with annotation based services. - extraPaths: [] - # - path: /* - # pathType: Prefix - # backend: - # service: - # name: ssl-redirect - # port: - # name: service - - # -- Array of TLS objects - tls: [] - # - secretName: vmstorage-ingress-tls - # hosts: - # - vmstorage.domain.com - select: - # -- Enable deployment of ingress for server component - enabled: false - - # -- Ingress annotations - annotations: {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - - # -- Ingress extra labels - labels: {} - - # -- Ingress controller class name - ingressClassName: "" - - # -- Ingress path type - pathType: Prefix - - # -- Ingress default path - path: '{{ dig "extraArgs" "http.pathPrefix" "/" .Values.vmcluster.spec.vmselect }}' - - # -- Array of host objects - hosts: [] - # - vmselect.domain.com - # -- Extra paths to prepend to every host configuration. This is useful when working with annotation based services. - extraPaths: [] - # - path: /* - # pathType: Prefix - # backend: - # service: - # name: ssl-redirect - # port: - # name: service - - # -- Array of TLS objects - tls: [] - # - secretName: vmselect-ingress-tls - # hosts: - # - vmselect.domain.com - insert: - # -- Enable deployment of ingress for server component - enabled: false - - # -- Ingress annotations - annotations: - {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - - # -- Ingress extra labels - labels: {} - - # -- Ingress controller class name - ingressClassName: "" - - # -- Ingress path type - pathType: Prefix - - # -- Ingress default path - path: '{{ dig "extraArgs" "http.pathPrefix" "/" .Values.vmcluster.spec.vminsert }}' - - # -- Array of host objects - hosts: [] - # - vminsert.domain.com - # -- Extra paths to prepend to every host configuration. This is useful when working with annotation based services. - extraPaths: [] - # - path: /* - # pathType: Prefix - # backend: - # service: - # name: ssl-redirect - # port: - # name: service - - # -- Array of TLS objects - tls: [] - # - secretName: vminsert-ingress-tls - # hosts: - # - vminsert.domain.com - -alertmanager: - # -- Create VMAlertmanager CR - enabled: true - # -- Alertmanager annotations - annotations: {} - # -- (object) Full spec for VMAlertmanager CRD. Allowed values described [here](https://docs.victoriametrics.com/operator/api#vmalertmanagerspec) - spec: - replicaCount: 1 - port: "9093" - selectAllByDefault: true - image: - tag: v0.28.1 - externalURL: "" - routePrefix: / - - # -- (string) If this one defined, it will be used for alertmanager configuration and config parameter will be ignored - configSecret: "" - # -- - # @raw - # enable storing .Values.alertmanager.config in VMAlertmanagerConfig instead of k8s Secret. - # Note: VMAlertmanagerConfig and plain Alertmanager config structures are not equal. - # If you're migrating existing config, please make sure that `.Values.alertmanager.config`: - # - with `useManagedConfig: false` has structure described [here](https://prometheus.io/docs/alerting/latest/configuration/). - # - with `useManagedConfig: true` has structure described [here](https://docs.victoriametrics.com/operator/api/#vmalertmanagerconfig). - useManagedConfig: false - # -- (object) Alertmanager configuration - config: - route: - receiver: "blackhole" - # group_by: ["alertgroup", "job"] - # group_wait: 30s - # group_interval: 5m - # repeat_interval: 12h - # routes: - # - # # Duplicate code_owner routes to teams - # # These will send alerts to team channels but continue - # # processing through the rest of the tree to handled by on-call - # - matchers: - # - code_owner_channel!="" - # - severity=~"info|warning|critical" - # group_by: ["code_owner_channel", "alertgroup", "job"] - # receiver: slack-code-owners - # - # # Standard on-call routes - # - matchers: - # - severity=~"info|warning|critical" - # receiver: slack-monitoring - # continue: true - # - # inhibit_rules: - # - target_matchers: - # - severity=~"warning|info" - # source_matchers: - # - severity=critical - # equal: - # - cluster - # - namespace - # - alertname - # - target_matchers: - # - severity=info - # source_matchers: - # - severity=warning - # equal: - # - cluster - # - namespace - # - alertname - # - target_matchers: - # - severity=info - # source_matchers: - # - alertname=InfoInhibitor - # equal: - # - cluster - # - namespace - - receivers: - - name: blackhole - # - name: "slack-monitoring" - # slack_configs: - # - channel: "#channel" - # send_resolved: true - # title: '{{ template "slack.monzo.title" . }}' - # icon_emoji: '{{ template "slack.monzo.icon_emoji" . }}' - # color: '{{ template "slack.monzo.color" . }}' - # text: '{{ template "slack.monzo.text" . }}' - # actions: - # - type: button - # text: "Runbook :green_book:" - # url: "{{ (index .Alerts 0).Annotations.runbook_url }}" - # - type: button - # text: "Query :mag:" - # url: "{{ (index .Alerts 0).GeneratorURL }}" - # - type: button - # text: "Dashboard :grafana:" - # url: "{{ (index .Alerts 0).Annotations.dashboard }}" - # - type: button - # text: "Silence :no_bell:" - # url: '{{ template "__alert_silence_link" . }}' - # - type: button - # text: '{{ template "slack.monzo.link_button_text" . }}' - # url: "{{ .CommonAnnotations.link_url }}" - # - name: slack-code-owners - # slack_configs: - # - channel: "#{{ .CommonLabels.code_owner_channel }}" - # send_resolved: true - # title: '{{ template "slack.monzo.title" . }}' - # icon_emoji: '{{ template "slack.monzo.icon_emoji" . }}' - # color: '{{ template "slack.monzo.color" . }}' - # text: '{{ template "slack.monzo.text" . }}' - # actions: - # - type: button - # text: "Runbook :green_book:" - # url: "{{ (index .Alerts 0).Annotations.runbook }}" - # - type: button - # text: "Query :mag:" - # url: "{{ (index .Alerts 0).GeneratorURL }}" - # - type: button - # text: "Dashboard :grafana:" - # url: "{{ (index .Alerts 0).Annotations.dashboard }}" - # - type: button - # text: "Silence :no_bell:" - # url: '{{ template "__alert_silence_link" . }}' - # - type: button - # text: '{{ template "slack.monzo.link_button_text" . }}' - # url: "{{ .CommonAnnotations.link_url }}" - # - # -- Better alert templates for [slack source](https://gist.github.com/milesbxf/e2744fc90e9c41b47aa47925f8ff6512) - monzoTemplate: - enabled: true - - # -- (object) Extra alert templates - templateFiles: - {} - # template_1.tmpl: |- - # {{ define "hello" -}} - # hello, Victoria! - # {{- end }} - # template_2.tmpl: "" - - # -- (object) Alertmanager ingress configuration - ingress: - enabled: false - # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName - # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress - # ingressClassName: nginx - # Values can be templated - annotations: - {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - labels: {} - path: '{{ .Values.alertmanager.spec.routePrefix | default "/" }}' - pathType: Prefix - - hosts: - - alertmanager.domain.com - # -- Extra paths to prepend to every host configuration. This is useful when working with annotation based services. - extraPaths: [] - # - path: /* - # pathType: Prefix - # backend: - # service: - # name: ssl-redirect - # port: - # name: service - tls: [] - # - secretName: alertmanager-ingress-tls - # hosts: - # - alertmanager.domain.com - -vmalert: - # -- VMAlert annotations - annotations: {} - # -- Create VMAlert CR - enabled: true - - # -- Controls whether VMAlert should use VMAgent or VMInsert as a target for remotewrite - remoteWriteVMAgent: false - # -- (object) Full spec for VMAlert CRD. Allowed values described [here](https://docs.victoriametrics.com/operator/api#vmalertspec) - spec: - port: "8080" - selectAllByDefault: true - evaluationInterval: 20s - extraArgs: - http.pathPrefix: "/" - - # External labels to add to all generated recording rules and alerts - externalLabels: {} - - # -- (object) Extra VMAlert annotation templates - templateFiles: - {} - # template_1.tmpl: |- - # {{ define "hello" -}} - # hello, Victoria! - # {{- end }} - # template_2.tmpl: "" - - # -- Allows to configure static notifiers, discover notifiers via Consul and DNS, - # see specification [here](https://docs.victoriametrics.com/vmalert/#notifier-configuration-file). - # This configuration will be created as separate secret and mounted to VMAlert pod. - additionalNotifierConfigs: {} - # dns_sd_configs: - # - names: - # - my.domain.com - # type: 'A' - # port: 9093 - # -- (object) VMAlert ingress config - ingress: - enabled: false - # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName - # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress - # ingressClassName: nginx - # Values can be templated - annotations: - {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - labels: {} - path: "" - pathType: Prefix - - hosts: - - vmalert.domain.com - # -- Extra paths to prepend to every host configuration. This is useful when working with annotation based services. - extraPaths: [] - # - path: /* - # pathType: Prefix - # backend: - # service: - # name: ssl-redirect - # port: - # name: service - tls: [] - # - secretName: vmalert-ingress-tls - # hosts: - # - vmalert.domain.com - -vmauth: - # -- Enable VMAuth CR - enabled: false - # -- VMAuth annotations - annotations: {} - # -- (object) Full spec for VMAuth CRD. Allowed values described [here](https://docs.victoriametrics.com/operator/api#vmauthspec) - # It's possible to use given below predefined variables in spec: - # * `{{ .vm.read }}` - parsed vmselect, vmsingle or external.vm.read URL - # * `{{ .vm.write }}` - parsed vminsert, vmsingle or external.vm.write URL - spec: - port: "8427" - unauthorizedUserAccessSpec: - # -- Flag, that allows to disable default VMAuth unauthorized user access config - disabled: false - discover_backend_ips: true - url_map: - - src_paths: - - '{{ .vm.read.path }}/.*' - url_prefix: - - '{{ urlJoin (omit .vm.read "path") }}/' - - src_paths: - - '{{ .vm.write.path }}/.*' - url_prefix: - - '{{ urlJoin (omit .vm.write "path") }}/' - -vmagent: - # -- Create VMAgent CR - enabled: true - # -- VMAgent annotations - annotations: {} - # -- Remote write configuration of VMAgent, allowed parameters defined in a [spec](https://docs.victoriametrics.com/operator/api#vmagentremotewritespec) - additionalRemoteWrites: - [] - #- url: http://some-remote-write/api/v1/write - # -- (object) Full spec for VMAgent CRD. Allowed values described [here](https://docs.victoriametrics.com/operator/api#vmagentspec) - spec: - port: "8429" - selectAllByDefault: true - scrapeInterval: 20s - externalLabels: {} - # For multi-cluster setups it is useful to use "cluster" label to identify the metrics source. - # For example: - # cluster: cluster-name - extraArgs: - promscrape.streamParse: "true" - # Do not store original labels in vmagent's memory by default. This reduces the amount of memory used by vmagent - # but makes vmagent debugging UI less informative. See: https://docs.victoriametrics.com/vmagent/#relabel-debug - promscrape.dropOriginalLabels: "true" - # -- (object) VMAgent ingress configuration - ingress: - enabled: false - # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName - # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress - # ingressClassName: nginx - # Values can be templated - annotations: - {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - labels: {} - path: "" - pathType: Prefix - - hosts: - - vmagent.domain.com - extraPaths: [] - # - path: /* - # pathType: Prefix - # backend: - # service: - # name: ssl-redirect - # port: - # name: service - tls: [] - # - secretName: vmagent-ingress-tls - # hosts: - # - vmagent.domain.com - -defaultDatasources: - grafanaOperator: - # -- Create datasources as CRDs (requires grafana-operator to be installed) - enabled: false - annotations: {} - spec: - instanceSelector: - matchLabels: - dashboards: grafana - allowCrossNamespaceImport: false - victoriametrics: - # -- Create per replica prometheus compatible datasource - perReplica: false - # -- List of prometheus compatible datasource configurations. - # VM `url` will be added to each of them in templates. - datasources: - - name: VictoriaMetrics - type: prometheus - access: proxy - isDefault: true - - name: VictoriaMetrics (DS) - isDefault: false - access: proxy - type: victoriametrics-metrics-datasource - version: "0.15.1" - # -- List of alertmanager datasources. - # Alertmanager generated `url` will be added to each datasource in template if alertmanager is enabled - alertmanager: - # -- Create per replica alertmanager compatible datasource - perReplica: false - datasources: - - name: Alertmanager - access: proxy - jsonData: - implementation: prometheus - # -- Configure additional grafana datasources (passed through tpl). - # Check [here](http://docs.grafana.org/administration/provisioning/#datasources) for details - extra: - - name: victoria-logs - access: proxy - type: VictoriaLogs - url: http://vlogs-victorialogs:9428 - version: 1 - -# -- Grafana dependency chart configuration. For possible values refer [here](https://github.com/grafana/helm-charts/tree/main/charts/grafana#configuration) -grafana: - enabled: true - # all values for grafana helm chart can be specified here - sidecar: - datasources: - enabled: true - initDatasources: true - label: grafana_datasource - dashboards: - provider: - name: default - orgid: 1 - folder: /var/lib/grafana/dashboards - defaultFolderName: default - enabled: true - multicluster: false - - # -- Create datasource configmap even if grafana deployment has been disabled - forceDeployDatasource: false - - # Uncomment the block below, if you want to enable VictoriaMetrics Datasource in Grafana: - # Note that Grafana will need internet access to install the datasource plugin. - # - # plugins: - # - victoriametrics-metrics-datasource - - ingress: - enabled: false - # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName - # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress - # ingressClassName: nginx - # Values can be templated - annotations: - {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - labels: {} - path: / - pathType: Prefix - - hosts: - - grafana.domain.com - # -- Extra paths to prepend to every host configuration. This is useful when working with annotation based services. - extraPaths: [] - # - path: /* - # pathType: Prefix - # backend: - # service: - # name: ssl-redirect - # port: - # name: service - tls: [] - # - secretName: grafana-ingress-tls - # hosts: - # - grafana.domain.com - - # -- Grafana VM scrape config - vmScrape: - # whether we should create a service scrape resource for grafana - enabled: true - - # -- [Scrape configuration](https://docs.victoriametrics.com/operator/api#vmservicescrapespec) for Grafana - spec: - selector: - matchLabels: - app.kubernetes.io/name: '{{ include "grafana.name" .Subcharts.grafana }}' - endpoints: - - port: '{{ .Values.grafana.service.portName }}' - -# -- prometheus-node-exporter dependency chart configuration. For possible values check [here](https://github.com/prometheus-community/helm-charts/blob/main/charts/prometheus-node-exporter/values.yaml) -prometheus-node-exporter: - enabled: true - - # all values for prometheus-node-exporter helm chart can be specified here - service: - # Add the 'node-exporter' label to be used by serviceMonitor to match standard common usage in rules and grafana dashboards - # - labels: - jobLabel: node-exporter - extraArgs: - - --collector.filesystem.ignored-mount-points=^/(dev|proc|sys|var/lib/docker/.+|var/lib/kubelet/.+)($|/) - - --collector.filesystem.ignored-fs-types=^(autofs|binfmt_misc|bpf|cgroup2?|configfs|debugfs|devpts|devtmpfs|fusectl|hugetlbfs|iso9660|mqueue|nsfs|overlay|proc|procfs|pstore|rpc_pipefs|securityfs|selinuxfs|squashfs|erofs|sysfs|tracefs)$ - # -- Node Exporter VM scrape config - vmScrape: - # whether we should create a service scrape resource for node-exporter - enabled: true - - # -- [Scrape configuration](https://docs.victoriametrics.com/operator/api#vmservicescrapespec) for Node Exporter - spec: - jobLabel: jobLabel - selector: - matchLabels: - app.kubernetes.io/name: '{{ include "prometheus-node-exporter.name" (index .Subcharts "prometheus-node-exporter") }}' - endpoints: - - port: metrics - metricRelabelConfigs: - - action: drop - source_labels: [mountpoint] - regex: "/var/lib/kubelet/pods.+" -# -- kube-state-metrics dependency chart configuration. For possible values check [here](https://github.com/prometheus-community/helm-charts/blob/main/charts/kube-state-metrics/values.yaml) -kube-state-metrics: - enabled: true - # -- [Scrape configuration](https://docs.victoriametrics.com/operator/api#vmservicescrapespec) for Kube State Metrics - vmScrape: - enabled: true - spec: - selector: - matchLabels: - app.kubernetes.io/name: '{{ include "kube-state-metrics.name" (index .Subcharts "kube-state-metrics") }}' - app.kubernetes.io/instance: '{{ include "vm.release" . }}' - endpoints: - - port: http - honorLabels: true - metricRelabelConfigs: - - action: labeldrop - regex: (uid|container_id|image_id) - jobLabel: app.kubernetes.io/name - -# -- Component scraping the kubelets -kubelet: - enabled: true - vmScrapes: - # -- Enable scraping /metrics/cadvisor from kubelet's service - cadvisor: - enabled: true - spec: - path: /metrics/cadvisor - # -- Enable scraping /metrics/probes from kubelet's service - probes: - enabled: true - spec: - path: /metrics/probes - # -- Enabled scraping /metrics/resource from kubelet's service - resources: - enabled: true - spec: - path: /metrics/resource - kubelet: - spec: {} - # -- Spec for VMNodeScrape CRD is [here](https://docs.victoriametrics.com/operator/api.html#vmnodescrapespec) - vmScrape: - kind: VMNodeScrape - spec: - scheme: "https" - honorLabels: true - interval: "30s" - scrapeTimeout: "5s" - tlsConfig: - insecureSkipVerify: true - caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token - # drop high cardinality label and useless metrics for cadvisor and kubelet - metricRelabelConfigs: - - action: labeldrop - regex: (uid) - - action: labeldrop - regex: (id|name) - - action: drop - source_labels: [__name__] - regex: (rest_client_request_duration_seconds_bucket|rest_client_request_duration_seconds_sum|rest_client_request_duration_seconds_count) - relabelConfigs: - - action: labelmap - regex: __meta_kubernetes_node_label_(.+) - - sourceLabels: [__metrics_path__] - targetLabel: metrics_path - - targetLabel: job - replacement: kubelet - # ignore timestamps of cadvisor's metrics by default - # more info here https://github.com/VictoriaMetrics/VictoriaMetrics/issues/4697#issuecomment-1656540535 - honorTimestamps: false -# Component scraping the kube api server -kubeApiServer: - # -- Enable Kube Api Server metrics scraping - enabled: true - # -- Spec for VMServiceScrape CRD is [here](https://docs.victoriametrics.com/operator/api.html#vmservicescrapespec) - vmScrape: - spec: - endpoints: - - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token - # bearerTokenSecret: - # key: "" - port: https - scheme: https - tlsConfig: - caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - serverName: kubernetes - jobLabel: component - namespaceSelector: - matchNames: - - default - selector: - matchLabels: - component: apiserver - provider: kubernetes - -# Component scraping the kube controller manager -kubeControllerManager: - # -- Enable kube controller manager metrics scraping - enabled: true - - # -- If your kube controller manager is not deployed as a pod, specify IPs it can be found on - endpoints: [] - # - 10.141.4.22 - # - 10.141.4.23 - # - 10.141.4.24 - - # If using kubeControllerManager.endpoints only the port and targetPort are used - service: - # -- Create service for kube controller manager metrics scraping - enabled: true - # -- Kube controller manager service port - port: 10257 - # -- Kube controller manager service target port - targetPort: 10257 - # -- Kube controller manager service pod selector - selector: - component: kube-controller-manager - - # -- Spec for VMServiceScrape CRD is [here](https://docs.victoriametrics.com/operator/api.html#vmservicescrapespec) - vmScrape: - spec: - jobLabel: jobLabel - namespaceSelector: - matchNames: - - kube-system - endpoints: - - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token - # bearerTokenSecret: - # key: "" - port: http-metrics - scheme: https - tlsConfig: - caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - serverName: kubernetes - -# Component scraping kubeDns. Use either this or coreDns -kubeDns: - # -- Enabled KubeDNS metrics scraping - enabled: false - service: - # -- Create Service for KubeDNS metrics - enabled: false - # -- KubeDNS service ports - ports: - dnsmasq: - port: 10054 - targetPort: 10054 - skydns: - port: 10055 - targetPort: 10055 - # -- KubeDNS service pods selector - selector: - k8s-app: kube-dns - # -- Spec for VMServiceScrape CRD is [here](https://docs.victoriametrics.com/operator/api.html#vmservicescrapespec) - vmScrape: - spec: - jobLabel: jobLabel - namespaceSelector: - matchNames: [kube-system] - endpoints: - - port: http-metrics-dnsmasq - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token - - port: http-metrics-skydns - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token - -# Component scraping coreDns. Use either this or kubeDns -coreDns: - # -- Enabled CoreDNS metrics scraping - enabled: true - service: - # -- Create service for CoreDNS metrics - enabled: true - # -- CoreDNS service port - port: 9153 - # -- CoreDNS service target port - targetPort: 9153 - # -- CoreDNS service pod selector - selector: - k8s-app: kube-dns - - # -- Spec for VMServiceScrape CRD is [here](https://docs.victoriametrics.com/operator/api.html#vmservicescrapespec) - vmScrape: - spec: - jobLabel: jobLabel - namespaceSelector: - matchNames: [kube-system] - endpoints: - - port: http-metrics - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token - -# Component scraping etcd -kubeEtcd: - # -- Enabled KubeETCD metrics scraping - enabled: true - - # -- If your etcd is not deployed as a pod, specify IPs it can be found on - endpoints: [] - # - 10.141.4.22 - # - 10.141.4.23 - # - 10.141.4.24 - - # Etcd service. If using kubeEtcd.endpoints only the port and targetPort are used - service: - # -- Enable service for ETCD metrics scraping - enabled: true - # -- ETCD service port - port: 2379 - # -- ETCD service target port - targetPort: 2379 - # -- ETCD service pods selector - selector: - component: etcd - - # -- Spec for VMServiceScrape CRD is [here](https://docs.victoriametrics.com/operator/api.html#vmservicescrapespec) - vmScrape: - spec: - jobLabel: jobLabel - namespaceSelector: - matchNames: [kube-system] - endpoints: - - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token - # bearerTokenSecret: - # key: "" - port: http-metrics - scheme: https - tlsConfig: - caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - -# Component scraping kube scheduler -kubeScheduler: - # -- Enable KubeScheduler metrics scraping - enabled: true - - # -- If your kube scheduler is not deployed as a pod, specify IPs it can be found on - endpoints: [] - # - 10.141.4.22 - # - 10.141.4.23 - # - 10.141.4.24 - - # If using kubeScheduler.endpoints only the port and targetPort are used - service: - # -- Enable service for KubeScheduler metrics scrape - enabled: true - # -- KubeScheduler service port - port: 10259 - # -- KubeScheduler service target port - targetPort: 10259 - # -- KubeScheduler service pod selector - selector: - component: kube-scheduler - - # -- Spec for VMServiceScrape CRD is [here](https://docs.victoriametrics.com/operator/api.html#vmservicescrapespec) - vmScrape: - spec: - jobLabel: jobLabel - namespaceSelector: - matchNames: [kube-system] - endpoints: - - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token - # bearerTokenSecret: - # key: "" - port: http-metrics - scheme: https - tlsConfig: - caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - -# Component scraping kube proxy -kubeProxy: - # -- Enable kube proxy metrics scraping - enabled: false - - # -- If your kube proxy is not deployed as a pod, specify IPs it can be found on - endpoints: [] - # - 10.141.4.22 - # - 10.141.4.23 - # - 10.141.4.24 - - service: - # -- Enable service for kube proxy metrics scraping - enabled: true - # -- Kube proxy service port - port: 10249 - # -- Kube proxy service target port - targetPort: 10249 - # -- Kube proxy service pod selector - selector: - k8s-app: kube-proxy - - # -- Spec for VMServiceScrape CRD is [here](https://docs.victoriametrics.com/operator/api.html#vmservicescrapespec) - vmScrape: - spec: - jobLabel: jobLabel - namespaceSelector: - matchNames: [kube-system] - endpoints: - - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token - # bearerTokenSecret: - # key: "" - port: http-metrics - scheme: https - tlsConfig: - caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - -# -- Add extra objects dynamically to this chart -extraObjects: [] - diff --git a/otc/ABC/stacks/otc/cert-manager/manifests/clusterissuer.yaml b/otc/ABC/stacks/otc/cert-manager/manifests/clusterissuer.yaml deleted file mode 100644 index 73d0b7f..0000000 --- a/otc/ABC/stacks/otc/cert-manager/manifests/clusterissuer.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: cert-manager.io/v1 -kind: ClusterIssuer -metadata: - name: main -spec: - acme: - email: admin@think-ahead.tech - server: https://acme-v02.api.letsencrypt.org/directory - privateKeySecretRef: - name: cluster-issuer-account-key - solvers: - - http01: - ingress: - ingressClassName: nginx diff --git a/otc/ABC/stacks/otc/cert-manager/values.yaml b/otc/ABC/stacks/otc/cert-manager/values.yaml deleted file mode 100644 index a0b2211..0000000 --- a/otc/ABC/stacks/otc/cert-manager/values.yaml +++ /dev/null @@ -1,4 +0,0 @@ -crds: - enabled: true - -replicaCount: 1 diff --git a/otc/ABC/stacks/otc/cert-manger.yaml b/otc/ABC/stacks/otc/cert-manger.yaml deleted file mode 100644 index 32d5f9b..0000000 --- a/otc/ABC/stacks/otc/cert-manger.yaml +++ /dev/null @@ -1,33 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: cert-manager - namespace: argocd - labels: - env: dev -spec: - project: default - syncPolicy: - automated: - selfHeal: true - syncOptions: - - CreateNamespace=true - retry: - limit: -1 - destination: - name: in-cluster - namespace: cert-manager - sources: - - chart: cert-manager - repoURL: https://charts.jetstack.io - targetRevision: v1.17.2 - releaseName: cert-manager - helm: - valueFiles: - - $values/otc/ABC/stacks/otc/cert-manager/values.yaml - - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances - targetRevision: HEAD - ref: values - - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances - targetRevision: HEAD - path: "otc/ABC/stacks/otc/cert-manager/manifests" diff --git a/otc/ABC/stacks/otc/ingress-nginx/values.yaml b/otc/ABC/stacks/otc/ingress-nginx/values.yaml deleted file mode 100644 index 530e54b..0000000 --- a/otc/ABC/stacks/otc/ingress-nginx/values.yaml +++ /dev/null @@ -1,31 +0,0 @@ -controller: - updateStrategy: - type: RollingUpdate - rollingUpdate: - maxUnavailable: 1 - - service: - annotations: - kubernetes.io/elb.class: union - kubernetes.io/elb.port: '80' - kubernetes.io/elb.id: ABC - kubernetes.io/elb.ip: ABC - - ingressClassResource: - name: nginx - - # added for idpbuilder - allowSnippetAnnotations: true - - # added for idpbuilder - config: - proxy-buffer-size: 32k - use-forwarded-headers: "true" - - # monitoring nginx - metrics: - enabled: true - serviceMonitor: - additionalLabels: - release: "ingress-nginx" - enabled: true diff --git a/otc/ABC/stacks/otc/storageclass/storageclass.yaml b/otc/ABC/stacks/otc/storageclass/storageclass.yaml deleted file mode 100644 index 038bf24..0000000 --- a/otc/ABC/stacks/otc/storageclass/storageclass.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: storage.k8s.io/v1 -kind: StorageClass -metadata: - annotations: - storageclass.beta.kubernetes.io/is-default-class: "true" - labels: - kubernetes.io/cluster-service: "true" - name: default -parameters: - kubernetes.io/description: "" - kubernetes.io/hw:passthrough: "true" - kubernetes.io/storagetype: BS - kubernetes.io/volumetype: SATA - kubernetes.io/zone: eu-de-02 -provisioner: flexvolume-huawei.com/fuxivol -reclaimPolicy: Delete -volumeBindingMode: Immediate -allowVolumeExpansion: true \ No newline at end of file diff --git a/otc/ABC/stacks/ref-implementation/argo-workflows.yaml b/otc/ABC/stacks/ref-implementation/argo-workflows.yaml index b6b98e6..85bc7b6 100644 --- a/otc/ABC/stacks/ref-implementation/argo-workflows.yaml +++ b/otc/ABC/stacks/ref-implementation/argo-workflows.yaml @@ -10,9 +10,9 @@ metadata: spec: project: default source: - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances + repoURL: https://gitea.ABC/giteaAdmin/edfbuilder targetRevision: HEAD - path: "otc/ABC/stacks/ref-implementation/argo-workflows/manifests/dev" + path: "stacks/ref-implementation/argo-workflows/manifests/dev" destination: server: "https://kubernetes.default.svc" namespace: argo diff --git a/otc/ABC/stacks/ref-implementation/backstage-templates.yaml b/otc/ABC/stacks/ref-implementation/backstage-templates.yaml index f26be52..6e9f173 100644 --- a/otc/ABC/stacks/ref-implementation/backstage-templates.yaml +++ b/otc/ABC/stacks/ref-implementation/backstage-templates.yaml @@ -10,11 +10,11 @@ metadata: spec: project: default source: - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances + repoURL: https://gitea.ABC/giteaAdmin/edfbuilder targetRevision: HEAD - path: "otc/ABC/stacks/ref-implementation/backstage-templates/entities" + path: "stacks/ref-implementation/backstage-templates/entities" directory: - exclude: "catalog-info.yaml" + exclude: 'catalog-info.yaml' destination: server: "https://kubernetes.default.svc" namespace: backstage diff --git a/otc/ABC/stacks/ref-implementation/backstage.yaml b/otc/ABC/stacks/ref-implementation/backstage.yaml index 7898e37..c1dcddb 100644 --- a/otc/ABC/stacks/ref-implementation/backstage.yaml +++ b/otc/ABC/stacks/ref-implementation/backstage.yaml @@ -10,9 +10,9 @@ metadata: spec: project: default source: - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances + repoURL: https://gitea.ABC/giteaAdmin/edfbuilder targetRevision: HEAD - path: "otc/ABC/stacks/ref-implementation/backstage/manifests" + path: "stacks/ref-implementation/backstage/manifests" destination: server: "https://kubernetes.default.svc" namespace: backstage diff --git a/otc/ABC/stacks/ref-implementation/backstage/manifests/install.yaml b/otc/ABC/stacks/ref-implementation/backstage/manifests/install.yaml index 1417816..5edc2dd 100644 --- a/otc/ABC/stacks/ref-implementation/backstage/manifests/install.yaml +++ b/otc/ABC/stacks/ref-implementation/backstage/manifests/install.yaml @@ -167,7 +167,7 @@ data: locations: # Examples from a public GitHub repository. - type: url - target: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live:443/DevFW-CICD/stacks-instances/raw/branch/main/otc/ABC/stacks/ref-implementation/backstage-templates/entities/catalog-info.yaml + target: https://gitea.ABC:443/giteaAdmin/edfbuilder/raw/branch/main/stacks/ref-implementation/backstage-templates/entities/catalog-info.yaml rules: - allow: [Component, System, API, Resource, Location, Template, User, Group] kubernetes: diff --git a/otc/ABC/stacks/ref-implementation/external-secrets.yaml b/otc/ABC/stacks/ref-implementation/external-secrets.yaml index 82e2cc0..afa0197 100644 --- a/otc/ABC/stacks/ref-implementation/external-secrets.yaml +++ b/otc/ABC/stacks/ref-implementation/external-secrets.yaml @@ -12,9 +12,9 @@ spec: namespace: external-secrets server: "https://kubernetes.default.svc" source: - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances + repoURL: https://gitea.ABC/giteaAdmin/edfbuilder targetRevision: HEAD - path: "otc/ABC/stacks/ref-implementation/external-secrets/manifests" + path: "stacks/ref-implementation/external-secrets/manifests" project: default syncPolicy: automated: diff --git a/otc/ABC/stacks/otc/storageclass.yaml b/otc/ABC/stacks/ref-implementation/fibonacci-app.yaml similarity index 66% rename from otc/ABC/stacks/otc/storageclass.yaml rename to otc/ABC/stacks/ref-implementation/fibonacci-app.yaml index 98769a4..1971f09 100644 --- a/otc/ABC/stacks/otc/storageclass.yaml +++ b/otc/ABC/stacks/ref-implementation/fibonacci-app.yaml @@ -1,25 +1,25 @@ apiVersion: argoproj.io/v1alpha1 kind: Application metadata: - name: storageclass + name: fibonacci-app namespace: argocd labels: - example: otc + env: dev finalizers: - resources-finalizer.argocd.argoproj.io spec: - destination: - namespace: default - server: "https://kubernetes.default.svc" - source: - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances - targetRevision: HEAD - path: "otc/ABC/stacks/otc/storageclass" project: default + source: + repoURL: https://gitea.ABC/giteaAdmin/edfbuilder + targetRevision: HEAD + path: "stacks/ref-implementation/fibonacci-app" + destination: + server: "https://kubernetes.default.svc" + namespace: fibonacci-app syncPolicy: - automated: - selfHeal: true syncOptions: - CreateNamespace=true + automated: + selfHeal: true retry: limit: -1 diff --git a/otc/ABC/stacks/ref-implementation/fibonacci-app/deployment.yaml b/otc/ABC/stacks/ref-implementation/fibonacci-app/deployment.yaml new file mode 100644 index 0000000..16f42e8 --- /dev/null +++ b/otc/ABC/stacks/ref-implementation/fibonacci-app/deployment.yaml @@ -0,0 +1,20 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: fibonacci-deployment + namespace: fibonacci-app +spec: + replicas: 1 + selector: + matchLabels: + app: fibonacci-go + template: + metadata: + labels: + app: fibonacci-go + spec: + containers: + - name: fibonacci-go + image: forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/christopher.hase/fibonacci_http_go:1.0.0 + ports: + - containerPort: 9090 \ No newline at end of file diff --git a/otc/ABC/stacks/ref-implementation/fibonacci-app/service.yaml b/otc/ABC/stacks/ref-implementation/fibonacci-app/service.yaml new file mode 100644 index 0000000..6458fa4 --- /dev/null +++ b/otc/ABC/stacks/ref-implementation/fibonacci-app/service.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Service +metadata: + name: fibonacci-service + namespace: fibonacci-app +spec: + selector: + app: fibonacci-go + ports: + - protocol: TCP + port: 9090 + targetPort: 9090 + type: ClusterIP \ No newline at end of file diff --git a/otc/ABC/stacks/ref-implementation/keycloak.yaml b/otc/ABC/stacks/ref-implementation/keycloak.yaml index b7cf594..e8c7774 100644 --- a/otc/ABC/stacks/ref-implementation/keycloak.yaml +++ b/otc/ABC/stacks/ref-implementation/keycloak.yaml @@ -12,9 +12,9 @@ spec: namespace: keycloak server: "https://kubernetes.default.svc" source: - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances + repoURL: https://gitea.ABC/giteaAdmin/edfbuilder targetRevision: HEAD - path: "otc/ABC/stacks/ref-implementation/keycloak/manifests" + path: "stacks/ref-implementation/keycloak/manifests" project: default syncPolicy: automated: diff --git a/otc/ABC/stacks/ref-implementation/mailhog.yaml b/otc/ABC/stacks/ref-implementation/mailhog.yaml index 6c25d9d..68251fc 100644 --- a/otc/ABC/stacks/ref-implementation/mailhog.yaml +++ b/otc/ABC/stacks/ref-implementation/mailhog.yaml @@ -10,9 +10,9 @@ metadata: spec: project: default source: - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances + repoURL: https://gitea.ABC/giteaAdmin/edfbuilder targetRevision: HEAD - path: "otc/ABC/stacks/ref-implementation/mailhog" + path: "stacks/ref-implementation/mailhog" destination: server: "https://kubernetes.default.svc" namespace: mailhog diff --git a/otc/ABC/stacks/ref-implementation/openbao.yaml b/otc/ABC/stacks/ref-implementation/openbao.yaml index 1b4561a..59a103d 100644 --- a/otc/ABC/stacks/ref-implementation/openbao.yaml +++ b/otc/ABC/stacks/ref-implementation/openbao.yaml @@ -11,7 +11,7 @@ spec: project: default syncPolicy: automated: - selfHeal: false + selfHeal: false syncOptions: - CreateNamespace=true destination: @@ -23,15 +23,12 @@ spec: targetRevision: HEAD helm: valueFiles: - - $values/otc/ABC/stacks/ref-implementation/openbao/values.yaml - - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances + - $values/stacks/ref-implementation/openbao/values.yaml + - repoURL: https://gitea.ABC/giteaAdmin/edfbuilder targetRevision: HEAD ref: values - - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances - targetRevision: HEAD - path: "otc/ABC/stacks/ref-implementation/openbao/manifests" ignoreDifferences: - - group: admissionregistration.k8s.io - kind: MutatingWebhookConfiguration - jqPathExpressions: - - .webhooks[]?.clientConfig.caBundle + - group: admissionregistration.k8s.io + kind: MutatingWebhookConfiguration + jqPathExpressions: + - .webhooks[]?.clientConfig.caBundle diff --git a/otc/ABC/stacks/ref-implementation/openbao/manifests/role.yaml b/otc/ABC/stacks/ref-implementation/openbao/manifests/role.yaml deleted file mode 100644 index d2f66a9..0000000 --- a/otc/ABC/stacks/ref-implementation/openbao/manifests/role.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: vault-token-role - namespace: openbao -rules: - - apiGroups: [""] # "" indicates the core API group - resources: ["secrets"] - verbs: ["create"] diff --git a/otc/ABC/stacks/ref-implementation/openbao/manifests/rolebinding.yaml b/otc/ABC/stacks/ref-implementation/openbao/manifests/rolebinding.yaml deleted file mode 100644 index 625acd8..0000000 --- a/otc/ABC/stacks/ref-implementation/openbao/manifests/rolebinding.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: vault-token-rolebinding - namespace: openbao -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: vault-token-role -subjects: - - kind: ServiceAccount - name: openbao - namespace: openbao diff --git a/otc/ABC/stacks/ref-implementation/openbao/values.yaml b/otc/ABC/stacks/ref-implementation/openbao/values.yaml index d409931..0ff72cf 100644 --- a/otc/ABC/stacks/ref-implementation/openbao/values.yaml +++ b/otc/ABC/stacks/ref-implementation/openbao/values.yaml @@ -3,8 +3,6 @@ server: - sh - -c - | - echo --- unseal workaround - sleep 10 bao operator init >> /tmp/init.txt cat /tmp/init.txt | grep "Key " | awk '{print $NF}' | xargs -I{} bao operator unseal {} @@ -15,20 +13,5 @@ server: echo $(grep "Unseal Key 4:" /tmp/init.txt | awk '{print $NF}')| cat > /openbao/data/unseal_key4.txt echo $(grep "Unseal Key 5:" /tmp/init.txt | awk '{print $NF}')| cat > /openbao/data/unseal_key5.txt rm /tmp/init.txt - - - echo --- provide OpenBAO secret to ESO - - if [[ "$(uname -m)" == "x86_64" ]]; then - wget "https://dl.k8s.io/release/$(wget https://dl.k8s.io/release/stable.txt -q -O -)/bin/linux/amd64/kubectl" -O /tmp/kubectl_eso - else - wget "https://dl.k8s.io/release/$(wget https://dl.k8s.io/release/stable.txt -q -O -)/bin/linux/arm64/kubectl" -O /tmp/kubectl_eso - fi - chmod +x /tmp/kubectl_eso - - /tmp/kubectl_eso create secret generic vault-token --from-literal=token="$(cat /openbao/data/initial_token.txt)" -n openbao - - rm /tmp/kubectl_eso - ui: enabled: true diff --git a/otc/ABC/stacks/second-cluster/create-new-cluster-guestbook.yaml b/otc/ABC/stacks/second-cluster/create-new-cluster-guestbook.yaml new file mode 100644 index 0000000..2a59a31 --- /dev/null +++ b/otc/ABC/stacks/second-cluster/create-new-cluster-guestbook.yaml @@ -0,0 +1,23 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: create-new-cluster-guestbook + namespace: argocd + labels: + env: dev + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true + destination: + name: in-cluster + namespace: crossplane-system + source: + path: stacks/second-cluster/create-new-cluster-guestbook + repoURL: https://gitea.ABC/giteaAdmin/edfbuilder + targetRevision: HEAD diff --git a/otc/ABC/stacks/second-cluster/create-new-cluster-guestbook/argocluster.yaml b/otc/ABC/stacks/second-cluster/create-new-cluster-guestbook/argocluster.yaml new file mode 100644 index 0000000..22aa6be --- /dev/null +++ b/otc/ABC/stacks/second-cluster/create-new-cluster-guestbook/argocluster.yaml @@ -0,0 +1,16 @@ +apiVersion: cluster.argocd.crossplane.io/v1alpha1 +kind: Cluster +metadata: + name: argo-app-test + labels: + purpose: dev +spec: + forProvider: + config: + kubeconfigSecretRef: + key: kubeconfig + namespace: crossplane-system + name: argo-app-test-kubeconf + name: argo-app-test-cluster + providerConfigRef: + name: argocd-provider diff --git a/otc/ABC/stacks/second-cluster/create-new-cluster-guestbook/guestbook.yaml b/otc/ABC/stacks/second-cluster/create-new-cluster-guestbook/guestbook.yaml new file mode 100644 index 0000000..ed9881c --- /dev/null +++ b/otc/ABC/stacks/second-cluster/create-new-cluster-guestbook/guestbook.yaml @@ -0,0 +1,26 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: argo-second-cluster-demo + namespace: argocd +spec: + destination: + namespace: guestbook + name: argo-app-test-cluster + project: default + source: + path: guestbook + repoURL: https://github.com/argoproj/argocd-example-apps.git + targetRevision: HEAD + syncPolicy: + automated: + prune: true + selfHeal: true + syncOptions: + - CreateNamespace=true + retry: + limit: -1 + backoff: + duration: 5s + factor: 2 + maxDuration: 1m diff --git a/otc/ABC/stacks/second-cluster/create-new-cluster-guestbook/kindcluster.yaml b/otc/ABC/stacks/second-cluster/create-new-cluster-guestbook/kindcluster.yaml new file mode 100644 index 0000000..3abe324 --- /dev/null +++ b/otc/ABC/stacks/second-cluster/create-new-cluster-guestbook/kindcluster.yaml @@ -0,0 +1,26 @@ +apiVersion: container.kind.crossplane.io/v1alpha1 +kind: KindCluster +metadata: + name: argo-app-test +spec: + forProvider: + kindConfig: | + kind: Cluster + apiVersion: kind.x-k8s.io/v1alpha4 + nodes: + - role: control-plane + kubeadmConfigPatches: + - | + kind: InitConfiguration + nodeRegistration: + kubeletExtraArgs: + node-labels: "ingress-ready=true" + # TODO: RIRE used maybe for velero backup + # extraMounts: + # - hostPath: /tmp/backup # replace with your own path + # containerPath: /backup + providerConfigRef: + name: kind-provider + writeConnectionSecretToRef: + namespace: crossplane-system + name: argo-app-test-kubeconf