232 lines
6.3 KiB
YAML
232 lines
6.3 KiB
YAML
apiVersion: argoproj.io/v1alpha1
|
|
kind: Application
|
|
metadata:
|
|
name: cherry-kube-prometheus-stack
|
|
namespace: argocd
|
|
finalizers:
|
|
- resources-finalizer.argocd.argoproj.io
|
|
spec:
|
|
project: monitoring
|
|
syncPolicy:
|
|
automated:
|
|
prune: true
|
|
selfHeal: true
|
|
syncOptions:
|
|
- CreateNamespace=true
|
|
- ServerSideApply=true
|
|
destination:
|
|
server: https://kubernetes.default.svc
|
|
namespace: monitoring
|
|
source:
|
|
chart: kube-prometheus-stack
|
|
repoURL: https://prometheus-community.github.io/helm-charts
|
|
targetRevision: 51.2.0
|
|
helm:
|
|
releaseName: monitoring
|
|
values: |
|
|
cleanPrometheusOperatorObjectNames: true
|
|
fullnameOverride: "monitoring"
|
|
|
|
defaultRules:
|
|
create: true
|
|
rules:
|
|
alertmanager: true
|
|
etcd: false
|
|
configReloaders: true
|
|
general: true
|
|
k8s: true
|
|
kubeApiserverAvailability: true
|
|
kubeApiserverBurnrate: true
|
|
kubeApiserverHistogram: true
|
|
kubeApiserverSlos: true
|
|
kubeControllerManager: true
|
|
kubelet: true
|
|
kubeProxy: false
|
|
kubePrometheusGeneral: true
|
|
kubePrometheusNodeRecording: true
|
|
kubernetesApps: true
|
|
kubernetesResources: true
|
|
kubernetesStorage: true
|
|
kubernetesSystem: true
|
|
kubeSchedulerAlerting: true
|
|
kubeSchedulerRecording: true
|
|
kubeStateMetrics: true
|
|
network: true
|
|
node: true
|
|
nodeExporterAlerting: true
|
|
nodeExporterRecording: true
|
|
prometheus: true
|
|
prometheusOperator: true
|
|
windows: false
|
|
|
|
prometheus:
|
|
fullnameOverride: prometheus
|
|
|
|
ingress:
|
|
enabled: true
|
|
ingressClassName: nginx
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: letsencrypt-prod
|
|
hosts:
|
|
- prometheus.ops.mareshq.com
|
|
paths:
|
|
- /
|
|
pathType: Prefix
|
|
tls:
|
|
- hosts:
|
|
- prometheus.ops.mareshq.com
|
|
secretName: prometheus-ingress-tls
|
|
|
|
podDisruptionBudget:
|
|
enabled: true
|
|
minAvailable: 1
|
|
|
|
prometheusSpec:
|
|
serviceMonitorSelectorNilUsesHelmValues: false
|
|
podMonitorSelectorNilUsesHelmValues: false
|
|
ruleSelectorNilUsesHelmValues: false
|
|
|
|
replicas: 2
|
|
|
|
retention: 45d
|
|
|
|
resources:
|
|
limits:
|
|
cpu: 1000m
|
|
memory: 2Gi
|
|
requests:
|
|
cpu: 500m
|
|
memory: 2Gi
|
|
|
|
storageSpec:
|
|
volumeClaimTemplate:
|
|
spec:
|
|
storageClassName: hcloud-volumes
|
|
accessModes: ["ReadWriteOnce"]
|
|
resources:
|
|
requests:
|
|
storage: 50Gi
|
|
|
|
additionalScrapeConfigs:
|
|
- job_name: "node-exporter"
|
|
metrics_path: "/metrics"
|
|
static_configs:
|
|
- targets:
|
|
- 172.16.1.1:9100
|
|
- 172.16.1.2:9100
|
|
- maple.vxm.cz:9100
|
|
- alder.vxm.cz:9100
|
|
|
|
# See: https://developers.mattermost.com/blog/cloud-monitoring/
|
|
- job_name: "federate"
|
|
scrape_interval: 15s
|
|
|
|
honor_labels: true
|
|
metrics_path: "/federate"
|
|
|
|
params:
|
|
'match[]':
|
|
- '{job="prometheus"}'
|
|
- '{__name__=~"job:.*"}'
|
|
|
|
static_configs:
|
|
- targets:
|
|
- prometheus.lychee.k8s.vxm.cz.
|
|
labels:
|
|
clusterID: lychee
|
|
|
|
serviceMonitor:
|
|
selfMonitor: true
|
|
|
|
alertmanager:
|
|
enabled: true
|
|
ingress:
|
|
enabled: true
|
|
ingressClassName: nginx
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: letsencrypt-prod
|
|
hosts:
|
|
- alertmanager.ops.mareshq.com
|
|
paths:
|
|
- /
|
|
pathType: Prefix
|
|
tls:
|
|
- hosts:
|
|
- alertmanager.ops.mareshq.com
|
|
secretName: alertmanager-ingress-tls
|
|
|
|
podDisruptionBudget:
|
|
enabled: true
|
|
minAvailable: 1
|
|
|
|
alertmanagerSpec:
|
|
replicas: 2
|
|
resources:
|
|
limits:
|
|
cpu: 250m
|
|
memory: 256Mi
|
|
requests:
|
|
cpu: 100m
|
|
memory: 256Mi
|
|
|
|
storage:
|
|
volumeClaimTemplate:
|
|
spec:
|
|
storageClassName: hcloud-volumes
|
|
resources:
|
|
requests:
|
|
storage: 10Gi
|
|
|
|
grafana:
|
|
enabled: true
|
|
defaultDashboardsEnabled: true
|
|
|
|
adminPassword: zud!edy7WER5uqg7gjq
|
|
|
|
ingress:
|
|
enabled: true
|
|
ingressClassName: nginx
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: letsencrypt-prod
|
|
hosts:
|
|
- grafana.ops.mareshq.com
|
|
paths:
|
|
- /
|
|
pathType: Prefix
|
|
tls:
|
|
- hosts:
|
|
- grafana.ops.mareshq.com
|
|
secretName: grafana-ingress-tls
|
|
|
|
serviceMonitor:
|
|
selfMonitor: true
|
|
|
|
grafana.ini:
|
|
server:
|
|
root_url: https://grafana.ops.mareshq.com
|
|
# auth.gitlab:
|
|
# enabled: true
|
|
# allow_sign_up: true
|
|
# client_id: old
|
|
# client_secret: old
|
|
# scopes: read_api
|
|
# auth_url: https://gitlab.mareshq.com/oauth/authorize
|
|
# token_url: https://gitlab.mareshq.com/oauth/token
|
|
# api_url: https://gitlab.mareshq.com/api/v4
|
|
# allowed_groups: mareshq
|
|
auth.basic:
|
|
enabled: true
|
|
auth:
|
|
disable_login_form: false
|
|
|
|
kubeProxy:
|
|
enabled: false
|
|
|
|
kubeEtcd:
|
|
enabled: false
|
|
|
|
prometheus-node-exporter:
|
|
fullnameOverride: node-exporter
|
|
|
|
kube-state-metrics:
|
|
fullnameOverride: kube-state-metrics
|