freezer/kissj-gitops
Archived
1
0
Fork 0
Code Activity

Compare commits

base: freezer:ccac1f1b86f353d49ab27fa51deb0982d926ee3b
Branches Tags
freezer:main
..
compare: freezer:f09c1ec86bc3c8cd752f2cd9f1a2e26d931266ee
Branches Tags
freezer:main

10 commits
ccac1f1b86 ... f09c1ec86b

Author SHA1 Message Date
Vojtech Mares
f09c1ec86b
refactor(monitoring): do not monitor cluster components 2022-09-06 17:36:51 +02:00
Vojtech Mares
7734c642e1
feat(quotas): add service.nodeport and separate service.loadbalancer to standalone quota 2022-09-06 11:43:45 +02:00
Vojtech Mares
f16a7aa365
feat(quotas): add storage quotas 2022-09-06 11:41:19 +02:00
Vojtech Mares
4f0927c6bf
feat: add quoats 2022-09-05 21:27:08 +02:00
Vojtech Mares
e7d20864a9
refactor(namespaces): kissj-prod -> kissj-production 2022-09-05 21:03:15 +02:00
Vojtech Mares
b192ffe85d
refactor(namespaces): delete kissj-dev 2022-09-05 21:02:01 +02:00
Vojtech Mares
1b290d7cb2
refactor(monitoring): prefix blackbox exporter with kissj- 2022-09-03 16:58:48 +02:00
Vojtech Mares
43f2caa087
refactor(monitoring): add fullnameOverride for blackbox exporter 2022-09-03 16:54:38 +02:00
Vojtech Mares
4c114a5010
docs: update README.md 2022-09-03 16:08:05 +02:00
Vojtech Mares
ac16fabbd5
feat(monitoring): add blackbox-exporter 2022-09-03 16:06:25 +02:00
16 changed files with 170 additions and 41 deletions
Download patch file Download diff file Expand all files Collapse all files

19
README.md
View file

@ -6,11 +6,28 @@ Underlying Kubernetes cluster components for [KISSJ](https://github.com/skautdev
- namespaces
- `kissj-db`
- `kissj-dev`
- `kissj-prod`
- `kissj-staging`
- `kissj-monitoring`
- PostgreSQL instance
- monitoring
- Prometheus
- AlertManager
- Grafana
- blackbox exporter
## Security
- Users
- ServiceAccounts
- lung
- majkl
## Monitoring
As mentione before in [components](#components), the monitoring consists of:
- [Prometheus](https://prometheus.monitoring.kissj.net)
- [AlertManager](https://alertmanager.monitoring.kissj.net)
- [Grafana](https://grafana.monitoring.kissj.net)
To monitor everything, we also deploy [prometheus/blackbox_exporter](https://github.com/prometheus/blackbox_exporter) to monitor the overall availability of the site.

18
_apps/kissj-production-quotas.yml Normal file
View file

@ -0,0 +1,18 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: kissj-production-quotas
namespace: argocd
spec:
destination:
namespace: kissj-production
server: https://kubernetes.default.svc
project: kissj
source:
path: quotas/production
repoURL: https://gitlab.mareshq.com/gitops/skautdevs/kissj.git
targetRevision: HEAD
syncPolicy:
automated:
prune: true
selfHeal: true

18
_apps/kissj-staging-quotas.yml Normal file
View file

@ -0,0 +1,18 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: kissj-staging-quotas
namespace: argocd
spec:
destination:
namespace: kissj-staging
server: https://kubernetes.default.svc
project: kissj
source:
path: quotas/staging
repoURL: https://gitlab.mareshq.com/gitops/skautdevs/kissj.git
targetRevision: HEAD
syncPolicy:
automated:
prune: true
selfHeal: true

7
monitoring/Chart.lock
View file

@ -2,5 +2,8 @@ dependencies:
- name: kube-prometheus-stack
repository: https://prometheus-community.github.io/helm-charts
version: 39.11.0
digest: sha256:2000f95ea7c9e6ac6ec0cc0ed3f08ee6adebf5e3ad383a0e8d89d80ab61439eb
generated: "2022-09-03T10:54:33.34106+02:00"
- name: prometheus-blackbox-exporter
repository: https://prometheus-community.github.io/helm-charts
version: 7.0.0
digest: sha256:7a9382529ff259e31426aa23cf9eea9a0dc5fe7d6950339133bc78bcb310fa30
generated: "2022-09-03T16:06:15.239791+02:00"

3
monitoring/Chart.yaml
View file

@ -9,3 +9,6 @@ dependencies:
- name: kube-prometheus-stack
version: 39.11.0
repository: https://prometheus-community.github.io/helm-charts
- name: prometheus-blackbox-exporter
version: 7.0.0
repository: https://prometheus-community.github.io/helm-charts

54
monitoring/values.yaml
View file

@ -13,6 +13,27 @@ kube-prometheus-stack:
kubeStateMetrics:
enabled: false
kubeApiServer:
enabled: false
kubelet:
enabled: false
kubeControllerManager:
enabled: false
coreDns:
enabled: false
kubeScheduler:
enabled: false
kubeProxy:
enabled: false
defaultRules:
create: false
prometheus:
prometheusSpec:
serviceMonitorSelectorNilUsesHelmValues: false
@ -96,34 +117,5 @@ kube-prometheus-stack:
serviceMonitor:
selfMonitor: true
# This AM is for KISSJ, cluster components are monitored by different instance
kubeApiServer:
enabled: false
kubelet:
enabled: false
kubeControllerManager:
enabled: false
coreDns:
enabled: false
kubeScheduler:
enabled: false
kubeProxy:
enabled: false
kubeStateMetrics:
enabled: false
nodeExporter:
enabled: false
prometheusOperator:
serviceMonitor:
selfMonitor: false
defaultRules:
create: false
prometheus-blackbox-exporter:
fullnameOverride: kissj-blackbox-exporter

6
namespaces/kissj-prod.yml
View file

@ -1,6 +0,0 @@
apiVersion: v1
kind: Namespace
metadata:
name: kissj-prod
labels:
prometheus: kissj

2
namespaces/kissj-dev.yml → namespaces/kissj-production.yml
View file

@ -1,6 +1,6 @@
apiVersion: v1
kind: Namespace
metadata:
name: kissj-dev
name: kissj-production
labels:
prometheus: kissj

10
quotas/production/compute-resources.yml Normal file
View file

@ -0,0 +1,10 @@
apiVersion: v1
kind: ResourceQuota
metadata:
name: compute-resources
spec:
hard:
requests.cpu: 6000m
requests.memory: 16384Mi
limits.cpu: 8000m
limits.memory: 20480Mi

13
quotas/production/kube-objects.yml Normal file
View file

@ -0,0 +1,13 @@
apiVersion: v1
kind: ResourceQuota
metadata:
name: kube-objects
spec:
hard:
count/deployments.apps: "5"
count/statefulsets.apps: "0"
count/cronjobs.batch: "0"
count/jobs.batch: "5"
count/pods: "50"
count/persistentvolumeclaims: "1"

9
quotas/production/network.yml Normal file
View file

@ -0,0 +1,9 @@
apiVersion: v1
kind: ResourceQuota
metadata:
name: network
spec:
hard:
services.loadbalancers: "0"
services.nodeports: "0"

10
quotas/production/storage.yml Normal file
View file

@ -0,0 +1,10 @@
apiVersion: v1
kind: ResourceQuota
metadata:
name: storage
spec:
hard:
requests.storage: 1Gi
persistentvolumeclaims: "3"
local-path.storageclass.storage.k8s.io/requests.storage: 0Mi
local-path.storageclass.storage.k8s.io/persistentvolumeclaims: "0"

10
quotas/staging/compute-resources.yml Normal file
View file

@ -0,0 +1,10 @@
apiVersion: v1
kind: ResourceQuota
metadata:
name: compute-resources
spec:
hard:
requests.cpu: 800m
requests.memory: 1536Mi
limits.cpu: 1200m
limits.memory: 2048Mi

13
quotas/staging/kube-objects.yml Normal file
View file

@ -0,0 +1,13 @@
apiVersion: v1
kind: ResourceQuota
metadata:
name: kube-objects
spec:
hard:
count/deployments.apps: "5"
count/statefulsets.apps: "0"
count/cronjobs.batch: "0"
count/jobs.batch: "5"
count/pods: "20"
count/persistentvolumeclaims: "1"

9
quotas/staging/network.yml Normal file
View file

@ -0,0 +1,9 @@
apiVersion: v1
kind: ResourceQuota
metadata:
name: network
spec:
hard:
services.loadbalancers: "0"
services.nodeports: "0"

10
quotas/staging/storage.yml Normal file
View file

@ -0,0 +1,10 @@
apiVersion: v1
kind: ResourceQuota
metadata:
name: storage
spec:
hard:
requests.storage: 1Gi
persistentvolumeclaims: "3"
local-path.storageclass.storage.k8s.io/requests.storage: 0Mi
local-path.storageclass.storage.k8s.io/persistentvolumeclaims: "0"