freezer/mareshq-gitops-legacy
Archived
1
0
Fork 0
Code Activity

feat(cherry): add kube-prometheus-stack

Browse source
This commit is contained in:
Vojtěch Mareš 2023-10-03 15:49:30 +02:00
parent 41ce9a4fa0
commit 1ed3171954
Signed by: vojtech.mares
GPG key ID: C6827B976F17240D
1 changed files with 204 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

204
clusters/cherry/apps/kube-prometheus-stack.yaml Normal file
View file

@ -0,0 +1,204 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: cherry-kube-prometheus-stack
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: monitoring
syncPolicy:
automated:
prune: true
selfHeal: true
syncOptions:
- CreateNamespace=true
- ServerSideApply=true
destination:
server: https://kubernetes.default.svc
namespace: monitoring
source:
chart: kube-prometheus-stack
repoURL: https://prometheus-community.github.io/helm-charts
targetRevision: 51.2.0
helm:
releaseName: monitoring
values: |
cleanPrometheusOperatorObjectNames: true
fullnameOverride: "monitoring"
defaultRules:
create: true
rules:
alertmanager: true
etcd: false
configReloaders: true
general: true
k8s: true
kubeApiserverAvailability: true
kubeApiserverBurnrate: true
kubeApiserverHistogram: true
kubeApiserverSlos: true
kubeControllerManager: true
kubelet: true
kubeProxy: false
kubePrometheusGeneral: true
kubePrometheusNodeRecording: true
kubernetesApps: true
kubernetesResources: true
kubernetesStorage: true
kubernetesSystem: true
kubeSchedulerAlerting: true
kubeSchedulerRecording: true
kubeStateMetrics: true
network: true
node: true
nodeExporterAlerting: true
nodeExporterRecording: true
prometheus: true
prometheusOperator: true
windows: false
prometheus:
fullnameOverride: prometheus
ingress:
enabled: true
ingressClassName: nginx
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
hosts:
- prometheus.ops.mareshq.com
paths:
- /
pathType: Prefix
tls:
- hosts:
- prometheus.ops.mareshq.com
secretName: prometheus-ingress-tls
podDisruptionBudget:
enabled: true
minAvailable: 1
prometheusSpec:
serviceMonitorSelectorNilUsesHelmValues: false
podMonitorSelectorNilUsesHelmValues: false
ruleSelectorNilUsesHelmValues: false
replicas: 2
retention: 45d
resources:
limits:
cpu: 1000m
memory: 2Gi
requests:
cpu: 500m
memory: 2Gi
storageSpec:
volumeClaimTemplate:
spec:
storageClassName: hcloud-volumes
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 50Gi
serviceMonitor:
selfMonitor: true
alertmanager:
enabled: true
ingress:
enabled: true
ingressClassName: nginx
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
hosts:
- alertmanager.ops.mareshq.com
paths:
- /
pathType: Prefix
tls:
- hosts:
- alertmanager.ops.mareshq.com
secretName: alertmanager-ingress-tls
podDisruptionBudget:
enabled: true
minAvailable: 1
alertmanagerSpec:
replicas: 2
resources:
limits:
cpu: 250m
memory: 256Mi
requests:
cpu: 100m
memory: 256Mi
storage:
volumeClaimTemplate:
spec:
storageClassName: hcloud-volumes
resources:
requests:
storage: 10Gi
grafana:
enabled: true
defaultDashboardsEnabled: true
adminPassword: zud!edy7WER5uqg7gjq
ingress:
enabled: true
ingressClassName: nginx
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
hosts:
- grafana.ops.mareshq.com
paths:
- /
pathType: Prefix
tls:
- hosts:
- grafana.ops.mareshq.com
secretName: grafana-ingress-tls
serviceMonitor:
selfMonitor: true
grafana.ini:
server:
root_url: https://grafana.ops.mareshq.com
# auth.gitlab:
# enabled: true
# allow_sign_up: true
# client_id: old
# client_secret: old
# scopes: read_api
# auth_url: https://gitlab.mareshq.com/oauth/authorize
# token_url: https://gitlab.mareshq.com/oauth/token
# api_url: https://gitlab.mareshq.com/api/v4
# allowed_groups: mareshq
auth.basic:
enabled: true
auth:
disable_login_form: false
kubeProxy:
enabled: false
kubeEtcd:
enabled: false
prometheus-node-exporter:
fullnameOverride: node-exporter
kube-state-metrics:
fullnameOverride: kube-state-metrics