Update argocd/kube-prometheus-stack/Chart.yaml, argocd/kube-prometheus-stack/values.yaml, argocd/kube-prometheus-stack/templates/grafana-secrets.yaml

2022-09-26 17:07:53 +00:00
parent e214d18da1
commit b7e0465295
3 changed files with 228 additions and 0 deletions
--- a/argocd/kube-prometheus-stack/Chart.yaml
+++ b/argocd/kube-prometheus-stack/Chart.yaml
@@ -0,0 +1,12 @@
+apiVersion: v2
+name: kube-prometheus-stack
+description: A Helm chart for Kubernetes
+type: application
+
+version: 0.1.0
+appVersion: "1.16.0"
+
+dependencies:
+- name: kube-prometheus-stack
+  repository: https://prometheus-community.github.io/helm-charts
+  version: 40.1.2
--- a/argocd/kube-prometheus-stack/templates/grafana-secrets.yaml
+++ b/argocd/kube-prometheus-stack/templates/grafana-secrets.yaml
@@ -0,0 +1,16 @@
+apiVersion: bitnami.com/v1alpha1
+kind: SealedSecret
+metadata:
+  creationTimestamp: null
+  name: grafana-admin-credentials
+  namespace: kube-prometheus-stack
+spec:
+  encryptedData:
+    admin-password: AgBJ8Qa8+CHmx8Su56BA/ikKb2nPFyyYkc2LBffuHKwHgeSNI6LfriTIS+UJgaq7fn2q0p/c4RO7jVtNC1q9hCgqNiyqHcHAtr1+j5ByviK1/v8FVjnT4vsdFuadOv9HdFI87sUx18r0n07u9BzH0G1MB6Tuc6M/OQjPGf2GOxW+muLiqO16BzsFu4eQyv3SlYSTH8EtlBhLVIZgF6n0J0da0KLJYwzhMulkMmq89oIg17TtNQTFU1zNgO+s2j2SxbCvS5NhlosMWQe1SdD+WCClsW7hwlqzKNZtYga6wIQjDYtGCGpLlr8X355se2kKzr4toyAnMnigx85dxMBGj9WizgBa28zuTWCR5RuNqFN9S1jvqL4PtXrgeUcic1WxRICYUD4IJ/uxvBTEdoXMlPnTo3qCgFMWVET+haCq27VdqFsa+zdcEBOHfXJffoX/fulit0C4tvyyGaTjRET43VRedICfadSHAOcmLDEe4QGd7Q2EYG4cY9AYPZeA42jCXVN4vOql2Dr2KoJgNmeKdHxiLegUhTeLZQ34YkOZaYvdM7dHesrjV8Eh0cZ72dqXm+uZbfeGlhFcA0lvY96F9R6BlLnuwzyb5HAvAgALymjP4UbDcx6Ux5EAvdZl+vMA6JW9WzwhNMK84WHuKRpFeqIpHL7EJWagcvSCcynRu81B3oWkn3KypAPXJ4jCHg2t5QJ9HurA+piKjJCGfAU=
+    admin-user: AgBq9gHXDVp2f949tDjHC9pBG1YC/YcQcY23HHIKxf7UZRvlwoQwI1Qfc+J1hM8At2UURd8/rsKlp/itaFFpMqxfbNQAtZMzzAUHwpoyhDlOxTUmsX4XSFEZgWbH8tAxy3LeKEnOedx+12hqrPzUgLTMns4GVyEySqQyA6rTAfiohRyqt4MzTdUUs16+L2L3+clDDi5/srt0kfLF9yHSUrMwfGS7KyDBkYk7ppj7TEHHoedxaPI7917L+a15qq4RMLMiBd5cLwGOnncFFT5UiTphc7l9IDa9W6jbTpEt2YS0y/h7RHRU3XDZKaUma1mIloYjHqk96Fr1+2AoDEwlj4gnPX04oeYohnakETMM9yX7wwlBweijMOXdMmT375/k9SkwPFNLmwfXIRAyaBpHIYEsAx1LPFyE2HkUpnawTY3aQ3AYkqDsd/CYWLxbhBymYciPVbjshdUYiluwVn8Prqv8CCC5tjFznKHqZztz65etyhWpkqZDiHkgEmeJySeamvh+LtlkQa0vAxZxO86N3+UDiDCHIhVbjP4kvIxPx3R5jpBkjbwdSdDsHHgyqQons2zCXcXxuq+ie7+iUrXQmbNplK9m8h0SSomYr1Zr0C1FGn1f64iHoVCk+3v9Be5sHDDTUTEiBSa4W01ZDw9oaIfDdPW8KhEm27e/L9DIIEt+jlRSciLGWSvIRU78ZLX4Gl5WkpRgH15u5VL9j+ML
+  template:
+    data: null
+    metadata:
+      creationTimestamp: null
+      name: grafana-admin-credentials
+      namespace: kube-prometheus-stack
--- a/argocd/kube-prometheus-stack/values.yaml
+++ b/argocd/kube-prometheus-stack/values.yaml
@@ -0,0 +1,200 @@
+kube-prometheus-stack: 
+  fullnameOverride: prometheus
+
+  defaultRules:
+    create: true
+    rules:
+      alertmanager: true
+      etcd: true
+      configReloaders: true
+      general: true
+      k8s: true
+      kubeApiserverAvailability: true
+      kubeApiserverBurnrate: true
+      kubeApiserverHistogram: true
+      kubeApiserverSlos: true
+      kubelet: true
+      kubeProxy: true
+      kubePrometheusGeneral: true
+      kubePrometheusNodeRecording: true
+      kubernetesApps: true
+      kubernetesResources: true
+      kubernetesStorage: true
+      kubernetesSystem: true
+      kubeScheduler: true
+      kubeStateMetrics: true
+      network: true
+      node: true
+      nodeExporterAlerting: true
+      nodeExporterRecording: true
+      prometheus: true
+      prometheusOperator: true
+
+  alertmanager:
+    fullnameOverride: alertmanager
+    enabled: true
+    ingress:
+      enabled: true
+      annotations:
+        cert-manager.io/cluster-issuer: letsencrypt-production
+        kubernetes.io/ingress.class: nginx
+        nginx.ingress.kubernetes.io/auth-response-headers: Authorization
+        nginx.ingress.kubernetes.io/auth-url: http://oauth2-proxy.oauth2-proxy.svc.cluster.local/oauth2/auth
+        nginx.ingress.kubernetes.io/auth-signin: https://oauth.durp.info/oauth2/start?rd=https://$host$request_uri$is_args$args        
+      hosts:
+        - alertmanager.durp.info
+      paths: 
+        - /
+      tls: 
+      - secretName: alertmanager-tls
+        hosts:
+        - alertmanager.durp.info
+  grafana:
+    enabled: true
+    fullnameOverride: grafana
+    forceDeployDatasources: false
+    forceDeployDashboards: false
+    defaultDashboardsEnabled: true
+    defaultDashboardsTimezone: utc
+    serviceMonitor:
+      enabled: true
+    admin:
+      existingSecret: grafana-admin-credentials
+      userKey: admin-user
+      passwordKey: admin-password
+    ingress:
+      enabled: true
+      annotations:
+        cert-manager.io/cluster-issuer: letsencrypt-production
+        kubernetes.io/ingress.class: nginx
+      hosts:
+        - grafana.durp.info
+      paths: 
+        - /
+      tls: 
+      - secretName: grafana-tls
+        hosts:
+        - grafana.durp.info      
+
+  kubeApiServer:
+    enabled: true
+
+  kubelet:
+    enabled: true
+    serviceMonitor:
+      metricRelabelings:
+        - action: replace
+          sourceLabels:
+            - node
+          targetLabel: instance
+
+  kubeControllerManager:
+    enabled: true
+    endpoints: # ips of servers 
+
+
+  coreDns:
+    enabled: true
+
+  kubeDns:
+    enabled: false
+
+  kubeEtcd:
+    enabled: false
+    endpoints: # ips of servers
+
+    service:
+      enabled: true
+      port: 2381
+      targetPort: 2381
+
+  kubeScheduler:
+    enabled: false
+    endpoints: # ips of servers
+
+
+  kubeProxy:
+    enabled: false
+    endpoints: # ips of servers
+
+
+  kubeStateMetrics:
+    enabled: true
+
+  kube-state-metrics:
+    fullnameOverride: kube-state-metrics
+    selfMonitor:
+      enabled: true
+    prometheus:
+      monitor:
+        enabled: true
+        relabelings:
+          - action: replace
+            regex: (.*)
+            replacement: $1
+            sourceLabels:
+              - __meta_kubernetes_pod_node_name
+            targetLabel: kubernetes_node
+
+  nodeExporter:
+    enabled: true
+    serviceMonitor:
+      relabelings:
+        - action: replace
+          regex: (.*)
+          replacement: $1
+          sourceLabels:
+            - __meta_kubernetes_pod_node_name
+          targetLabel: kubernetes_node
+
+  prometheus-node-exporter:
+    fullnameOverride: node-exporter
+    podLabels:
+      jobLabel: node-exporter
+    extraArgs:
+      - --collector.filesystem.mount-points-exclude=^/(dev|proc|sys|var/lib/docker/.+|var/lib/kubelet/.+)($|/)
+      - --collector.filesystem.fs-types-exclude=^(autofs|binfmt_misc|bpf|cgroup2?|configfs|debugfs|devpts|devtmpfs|fusectl|hugetlbfs|iso9660|mqueue|nsfs|overlay|proc|procfs|pstore|rpc_pipefs|securityfs|selinuxfs|squashfs|sysfs|tracefs)$
+    service:
+      portName: http-metrics
+    prometheus:
+      monitor:
+        enabled: true
+        relabelings:
+          - action: replace
+            regex: (.*)
+            replacement: $1
+            sourceLabels:
+              - __meta_kubernetes_pod_node_name
+            targetLabel: kubernetes_node
+    resources:
+      requests:
+        memory: 512Mi
+        cpu: 250m
+      limits:
+        memory: 2048Mi
+
+  prometheusOperator:
+    enabled: true
+    prometheusConfigReloader:
+      resources:
+        requests:
+          cpu: 200m
+          memory: 50Mi
+        limits:
+          memory: 100Mi
+
+  prometheus:
+    enabled: true
+    prometheusSpec:
+      replicas: 1
+      replicaExternalLabelName: "replica"
+      ruleSelectorNilUsesHelmValues: false
+      serviceMonitorSelectorNilUsesHelmValues: false
+      podMonitorSelectorNilUsesHelmValues: false
+      probeSelectorNilUsesHelmValues: false
+      retention: 6h
+      enableAdminAPI: true
+      walCompression: true
+
+  thanosRuler:
+    enabled: false