From fea3185ba62984d17aba2a16033e3e8abd6f61e4 Mon Sep 17 00:00:00 2001 From: JJGadgets Date: Wed, 14 Aug 2024 16:53:54 +0800 Subject: [PATCH] feat: add VictoriaLogs --- kube/deploy/core/monitoring/victoria/ks.yaml | 46 ++++++++++++- .../core/monitoring/victoria/logs/hr.yaml | 69 +++++++++++++++++++ 2 files changed, 114 insertions(+), 1 deletion(-) create mode 100644 kube/deploy/core/monitoring/victoria/logs/hr.yaml diff --git a/kube/deploy/core/monitoring/victoria/ks.yaml b/kube/deploy/core/monitoring/victoria/ks.yaml index 182ca904..419439cd 100644 --- a/kube/deploy/core/monitoring/victoria/ks.yaml +++ b/kube/deploy/core/monitoring/victoria/ks.yaml @@ -53,4 +53,48 @@ spec: ACCESSMODE: "ReadWriteOnce" RUID: "1000" RGID: "1000" - RFSG: "1000" \ No newline at end of file + RFSG: "1000" +--- +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: 1-core-monitoring-victoria-logs + namespace: flux-system + labels: &l + app.kubernetes.io/name: "victoria" + app.kubernetes.io/instance: "logs" +spec: + commonMetadata: + labels: *l + path: ./kube/deploy/core/monitoring/victoria/logs + targetNamespace: "monitoring" + dependsOn: + - name: 1-core-monitoring-victoria-app + - name: 1-core-monitoring-victoria-logs-pvc +--- +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: 1-core-monitoring-victoria-logs-pvc + namespace: flux-system + labels: &l + app.kubernetes.io/name: "victoria" + app.kubernetes.io/instance: "logs" +spec: + commonMetadata: + labels: *l + path: ./kube/deploy/core/storage/volsync/template + targetNamespace: "monitoring" + dependsOn: + - name: 1-core-storage-volsync-app + - name: 1-core-storage-rook-ceph-cluster + postBuild: + substitute: + PVC: "victoria-logs-data" + SIZE: "20Gi" + SC: &sc "file" + SNAP: *sc + ACCESSMODE: "ReadWriteMany" + RUID: "1000" + RGID: "2000" + RFSG: "1000" diff --git a/kube/deploy/core/monitoring/victoria/logs/hr.yaml b/kube/deploy/core/monitoring/victoria/logs/hr.yaml new file mode 100644 index 00000000..25e82366 --- /dev/null +++ b/kube/deploy/core/monitoring/victoria/logs/hr.yaml @@ -0,0 +1,69 @@ +apiVersion: helm.toolkit.fluxcd.io/v2beta2 +kind: HelmRelease +metadata: + name: &app victoria-logs + namespace: monitoring +spec: + interval: 5m + chart: + spec: + chart: victoria-logs-single + version: 0.5.4 + sourceRef: + name: victoria + kind: HelmRepository + namespace: flux-system + values: + server: + enabled: true + podLabels: {} + image: + repository: docker.io/victoriametrics/victoria-logs + tag: "v0.28.0-victorialogs@sha256:dd1685ffb6ce0be3729b27e197e864be1bd9c274e097406d4005a83360846ff1" + pullPolicy: IfNotPresent + retentionPeriod: 1 # months + persistentVolume: + enabled: true + existingClaim: victoria-logs-data + subPath: data + ingress: + enabled: true + annotations: + nginx.ingress.kubernetes.io/whitelist-source-range: | + ${IP_JJ_V4} + ingressClassName: nginx-internal + pathType: Prefix + hosts: + - name: &host "${APP_DNS_VICTORIA_LOGS}" + path: / + port: http + tls: + - hosts: [*host] + resources: # TODO: tune + requests: + cpu: 10m + memory: 512Mi + limits: + cpu: 3000m + memory: 4Gi + securityContext: + enabled: true + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + capabilities: { drop: [ALL] } + podSecurityContext: + enabled: true + runAsNonRoot: true + runAsUser: &uid ${APP_UID_VICTORIA_LOGS:=1000} + runAsGroup: *uid + fsGroup: *uid + fsGroupChangePolicy: Always + seccompProfile: { type: "RuntimeDefault" } + statefulSet: + enabled: false + serviceMonitor: + enabled: true + affinity: {} # TODO: add fuck-off + fluent-bit: + enabled: false # TODO: explore this + extraObjects: []