github-personal/cozystack
1
0
Fork 0
mirror of https://github.com/outbackdingo/cozystack.git synced 2026-01-27 10:18:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

add metrics agents (#461)

Browse Source 
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

- **New Features**
- Introduced new HelmRelease configurations for cert-manager, monitoring
agents, and Victoria Metrics Operator in Kubernetes.
- Added resource specifications for `vmselect` in the VMCluster
configuration.
- Enhanced resource management for `vmselect` with defined limits and
requests for memory and CPU.

- **Bug Fixes**
	- Adjusted resource limits for Redis failover memory allocation.

- **Documentation**
- Updated README and release notes for various components, enhancing
clarity and usability.

- **Chores**
- Updated image versions across multiple components for consistency and
performance improvements.
- Modified migration scripts to facilitate transitions and manage
resources effectively.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: Andrei Kvapil <kvapss@gmail.com>
This commit is contained in:
klinch0
2024-11-04 21:01:33 +03:00
committed by GitHub
parent f06f653744
commit 3c27a1e9bf
234 changed files with 53133 additions and 1775 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.pre-commit-config.yaml
View File

@@ -10,7 +10,7 @@ repos:
exclude: '^.*templates/.*\.yaml$'
args: [--unsafe]
- repo: https://github.com/igorshubovych/markdownlint-cli
rev: v0.41.0
rev: v0.42.0
hooks:
- id: markdownlint
args: [--fix, --disable, MD013, MD041, --]

4
hack/e2e.sh
View File

@@ -179,7 +179,7 @@ talosctl apply -f controlplane.yaml -n 192.168.123.13 -e 192.168.123.13 -i
timeout 60 sh -c 'until nc -nzv 192.168.123.11 50000 && nc -nzv 192.168.123.12 50000 && nc -nzv 192.168.123.13 50000; do sleep 1; done'
# Bootstrap
talosctl bootstrap -n 192.168.123.11 -e 192.168.123.11
timeout 10 sh -c 'until talosctl bootstrap -n 192.168.123.11 -e 192.168.123.11; do sleep 1; done'
# Wait for etcd
timeout 180 sh -c 'while talosctl etcd members -n 192.168.123.11,192.168.123.12,192.168.123.13 -e 192.168.123.10 2>&1 | grep "rpc error"; do sleep 1; done'
@@ -190,7 +190,7 @@ export KUBECONFIG=$PWD/kubeconfig
# Wait for kubernetes nodes appear
timeout 60 sh -c 'until [ $(kubectl get node -o name | wc -l) = 3 ]; do sleep 1; done'
kubectl create ns cozy-system
kubectl create ns cozy-system -o yaml | kubectl apply -f -
kubectl create -f - <<\EOT
apiVersion: v1
kind: ConfigMap

54
packages/apps/kubernetes/templates/helmreleases/cert-manager-crds.yaml Normal file
View File

@@ -0,0 +1,54 @@
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: {{ .Release.Name }}-cert-manager-crds
labels:
cozystack.io/repository: system
coztstack.io/target-cluster-name: {{ .Release.Name }}
spec:
interval: 5m
releaseName: cert-manager-crds
chart:
spec:
chart: cozy-cert-manager-crds
reconcileStrategy: Revision
sourceRef:
kind: HelmRepository
name: cozystack-system
namespace: cozy-system
kubeConfig:
secretRef:
name: {{ .Release.Name }}-kubeconfig
targetNamespace: cozy-cert-manager-crds
storageNamespace: cozy-cert-manager-crds
install:
createNamespace: true
remediation:
retries: -1
upgrade:
remediation:
retries: -1
{{- if .Values.addons.certManager.valuesOverride }}
valuesFrom:
- kind: Secret
name: {{ .Release.Name }}-cert-manager-crds-values-override
valuesKey: values
{{- end }}
dependsOn:
{{- if lookup "helm.toolkit.fluxcd.io/v2" "HelmRelease" .Release.Namespace .Release.Name }}
- name: {{ .Release.Name }}
namespace: {{ .Release.Namespace }}
{{- end }}
- name: {{ .Release.Name }}-cilium
namespace: {{ .Release.Namespace }}
{{- if .Values.addons.certManager.valuesOverride }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ .Release.Name }}-cert-manager-crds-values-override
stringData:
values: |
{{- toYaml .Values.addons.certManager.valuesOverride | nindent 4 }}
{{- end }}

2
packages/apps/kubernetes/templates/helmreleases/cert-manager.yaml
View File

@@ -43,6 +43,8 @@ spec:
{{- end }}
- name: {{ .Release.Name }}-cilium
namespace: {{ .Release.Namespace }}
- name: {{ .Release.Name }}-cert-manager-crds
namespace: {{ .Release.Namespace }}
{{- end }}
{{- if .Values.addons.certManager.valuesOverride }}
---

105
packages/apps/kubernetes/templates/helmreleases/monitoring-agents.yaml Normal file
View File

@@ -0,0 +1,105 @@
{{- $myNS := lookup "v1" "Namespace" "" .Release.Namespace }}
{{- $targetTenant := index $myNS.metadata.annotations "namespace.cozystack.io/monitoring" }}
{{- if .Values.addons.monitoringAgents.enabled }}
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: {{ .Release.Name }}-monitoring-agents
labels:
cozystack.io/repository: system
coztstack.io/target-cluster-name: {{ .Release.Name }}
spec:
interval: 5m
releaseName: cozy-monitoring-agents
chart:
spec:
chart: cozy-monitoring-agents
reconcileStrategy: Revision
sourceRef:
kind: HelmRepository
name: cozystack-system
namespace: cozy-system
kubeConfig:
secretRef:
name: {{ .Release.Name }}-kubeconfig
targetNamespace: cozy-monitoring-agents
storageNamespace: cozy-monitoring-agents
install:
createNamespace: true
timeout: "300s"
remediation:
retries: -1
upgrade:
remediation:
retries: -1
dependsOn:
{{- if lookup "helm.toolkit.fluxcd.io/v2" "HelmRelease" .Release.Namespace .Release.Name }}
- name: {{ .Release.Name }}
namespace: {{ .Release.Namespace }}
{{- end }}
- name: {{ .Release.Name }}-cilium
namespace: {{ .Release.Namespace }}
- name: {{ .Release.Name }}-cozy-victoria-metrics-operator
namespace: {{ .Release.Namespace }}
values:
vmagent:
externalLabels:
cluster: {{ .Release.Name }}
tenant: {{ $targetTenant }}
remoteWrite:
url: http://vminsert-shortterm.{{ $targetTenant }}.svc:8480/insert/0/prometheus
fluent-bit:
readinessProbe:
httpGet:
path: /
daemonSetVolumes:
- name: varlog
hostPath:
path: /var/log
- name: varlibdockercontainers
hostPath:
path: /var/lib/docker/containers
daemonSetVolumeMounts:
- name: varlog
mountPath: /var/log
- name: varlibdockercontainers
mountPath: /var/lib/docker/containers
readOnly: true
config:
outputs: |
[OUTPUT]
Name http
Match kube.*
Host vlogs-generic.{{ $targetTenant }}.svc
port 9428
compress gzip
uri /insert/jsonline?_stream_fields=stream,kubernetes_pod_name,kubernetes_container_name,kubernetes_namespace_name&_msg_field=log&_time_field=date
format json_lines
json_date_format iso8601
header AccountID 0
header ProjectID 0
filters: |
[FILTER]
Name kubernetes
Match kube.*
Merge_Log On
Keep_Log On
K8S-Logging.Parser On
K8S-Logging.Exclude On
[FILTER]
Name nest
Match *
Wildcard pod_name
Operation lift
Nested_under kubernetes
Add_prefix kubernetes_
[FILTER]
Name modify
Match *
Add tenant {{ $targetTenant }}
[FILTER]
Name modify
Match *
Add cluster {{ .Release.Name }}
{{- end }}

41
packages/apps/kubernetes/templates/helmreleases/victoria-metrics-operator.yaml Normal file
View File

@@ -0,0 +1,41 @@
{{- if .Values.addons.monitoringAgents.enabled }}
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: {{ .Release.Name }}-cozy-victoria-metrics-operator
labels:
cozystack.io/repository: system
coztstack.io/target-cluster-name: {{ .Release.Name }}
spec:
interval: 5m
releaseName: cozy-victoria-metrics-operator
chart:
spec:
chart: cozy-victoria-metrics-operator
reconcileStrategy: Revision
sourceRef:
kind: HelmRepository
name: cozystack-system
namespace: cozy-system
kubeConfig:
secretRef:
name: {{ .Release.Name }}-kubeconfig
targetNamespace: cozy-victoria-metrics-operator
storageNamespace: cozy-victoria-metrics-operator
install:
createNamespace: true
remediation:
retries: -1
upgrade:
remediation:
retries: -1
dependsOn:
{{- if lookup "helm.toolkit.fluxcd.io/v2" "HelmRelease" .Release.Namespace .Release.Name }}
- name: {{ .Release.Name }}
namespace: {{ .Release.Namespace }}
{{- end }}
- name: {{ .Release.Name }}-cilium
namespace: {{ .Release.Namespace }}
- name: {{ .Release.Name }}-cert-manager-crds
namespace: {{ .Release.Namespace }}
{{- end }}

17
packages/apps/kubernetes/values.schema.json
View File

@@ -75,8 +75,23 @@
"default": {}
}
}
},
"monitoringAgents": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Enables MonitoringAgents (fluentbit, vmagents for sending logs and metrics to storage) if tenant monitoring enabled, send to tenant storage, else to root storage",
"default": false
},
"valuesOverride": {
"type": "object",
"description": "Custom values to override",
"default": {}
}
}
}
}
}
}
}
}

9
packages/apps/kubernetes/values.yaml
View File

@@ -60,3 +60,12 @@ addons:
##
enabled: false
valuesOverride: {}
## MonitoringAgents
##
monitoringAgents:
## @param addons.monitoringAgents.enabled Enables MonitoringAgents (fluentbit, vmagents for sending logs and metrics to storage) if tenant monitoring enabled, send to tenant storage, else to root storage
## @param addons.monitoringAgents.valuesOverride Custom values to override
##
enabled: false
valuesOverride: {}

3
packages/apps/redis/templates/redisfailover.yaml
View File

@@ -20,7 +20,6 @@ spec:
cpu: 150m
memory: 400Mi
limits:
cpu: 2
memory: 1000Mi
{{- with .Values.size }}
storage:
@@ -37,7 +36,7 @@ spec:
storageClassName: {{ . }}
{{- end }}
{{- end }}
exporter:
exporter:
enabled: true
image: oliver006/redis_exporter:v1.55.0-alpine
args:

14
packages/core/platform/bundles/distro-full.yaml
View File

@@ -31,11 +31,17 @@ releases:
autoDirectNodeRoutes: true
routingMode: native
- name: cert-manager-crds
releaseName: cert-manager-crds
chart: cozy-cert-manager-crds
namespace: cozy-cert-manager
dependsOn: [cilium]
- name: cert-manager
releaseName: cert-manager
chart: cozy-cert-manager
namespace: cozy-cert-manager
dependsOn: [cilium]
dependsOn: [cert-manager-crds]
- name: cert-manager-issuers
releaseName: cert-manager-issuers
@@ -49,9 +55,9 @@ releases:
namespace: cozy-victoria-metrics-operator
dependsOn: [cilium,cert-manager]
- name: monitoring
releaseName: monitoring
chart: cozy-monitoring
- name: monitoring-agents
releaseName: monitoring-agents
chart: cozy-monitoring-agents
namespace: cozy-monitoring
privileged: true
dependsOn: [cilium,victoria-metrics-operator]

16
packages/core/platform/bundles/distro-hosted.yaml
View File

@@ -14,11 +14,17 @@ releases:
namespace: cozy-fluxcd
dependsOn: [fluxcd-operator]
- name: cert-manager-crds
releaseName: cert-manager-crds
chart: cozy-cert-manager-crds
namespace: cozy-cert-manager
dependsOn: []
- name: cert-manager
releaseName: cert-manager
chart: cozy-cert-manager
namespace: cozy-cert-manager
dependsOn: []
dependsOn: [cert-manager-crds]
- name: cert-manager-issuers
releaseName: cert-manager-issuers
@@ -32,9 +38,9 @@ releases:
namespace: cozy-victoria-metrics-operator
dependsOn: [cert-manager]
- name: monitoring
releaseName: monitoring
chart: cozy-monitoring
- name: monitoring-agents
releaseName: monitoring-agents
chart: cozy-monitoring-agents
namespace: cozy-monitoring
privileged: true
dependsOn: [victoria-metrics-operator]
@@ -99,7 +105,7 @@ releases:
chart: cozy-external-dns
namespace: cozy-external-dns
optional: true
dependsOn: []
dependsOn: []
- name: external-secrets-operator
releaseName: external-secrets-operator

16
packages/core/platform/bundles/paas-full.yaml
View File

@@ -41,6 +41,12 @@ releases:
SVC_CIDR: "{{ index $cozyConfig.data "ipv4-svc-cidr" }}"
JOIN_CIDR: "{{ index $cozyConfig.data "ipv4-join-cidr" }}"
- name: cert-manager-crds
releaseName: cert-manager-crds
chart: cozy-cert-manager-crds
namespace: cozy-cert-manager
dependsOn: [cilium, kubeovn]
- name: cozystack-api
releaseName: cozystack-api
chart: cozy-cozystack-api
@@ -51,7 +57,7 @@ releases:
releaseName: cert-manager
chart: cozy-cert-manager
namespace: cozy-cert-manager
dependsOn: [cilium,kubeovn]
dependsOn: [cert-manager-crds]
- name: cert-manager-issuers
releaseName: cert-manager-issuers
@@ -65,9 +71,9 @@ releases:
namespace: cozy-victoria-metrics-operator
dependsOn: [cilium,kubeovn,cert-manager]
- name: monitoring
releaseName: monitoring
chart: cozy-monitoring
- name: monitoring-agents
releaseName: monitoring-agents
chart: cozy-monitoring-agents
namespace: cozy-monitoring
privileged: true
dependsOn: [cilium,kubeovn,victoria-metrics-operator]
@@ -175,7 +181,7 @@ releases:
releaseName: snapshot-controller
chart: cozy-snapshot-controller
namespace: cozy-snapshot-controller
dependsOn: [cilium,kubeovn,cert-manager-issuers]
dependsOn: [cilium,kubeovn,cert-manager-issuers]
- name: objectstorage-controller
releaseName: objectstorage-controller

14
packages/core/platform/bundles/paas-hosted.yaml
View File

@@ -14,6 +14,12 @@ releases:
namespace: cozy-fluxcd
dependsOn: [fluxcd-operator]
- name: cert-manager-crds
releaseName: cert-manager-crds
chart: cozy-cert-manager-crds
namespace: cozy-cert-manager
dependsOn: []
- name: cozystack-api
releaseName: cozystack-api
chart: cozy-cozystack-api
@@ -24,7 +30,7 @@ releases:
releaseName: cert-manager
chart: cozy-cert-manager
namespace: cozy-cert-manager
dependsOn: []
dependsOn: [cert-manager-crds]
- name: cert-manager-issuers
releaseName: cert-manager-issuers
@@ -38,9 +44,9 @@ releases:
namespace: cozy-victoria-metrics-operator
dependsOn: [cert-manager]
- name: monitoring
releaseName: monitoring
chart: cozy-monitoring
- name: monitoring-agents
releaseName: monitoring-agents
chart: cozy-monitoring-agents
namespace: cozy-monitoring
privileged: true
dependsOn: [victoria-metrics-operator]

6
packages/extra/monitoring/templates/vm/vmcluster.yaml
View File

@@ -12,6 +12,12 @@ spec:
resources: {}
vmselect:
replicaCount: 2
resources:
limits:
memory: 1000Mi
requests:
cpu: 100m
memory: 500Mi
extraArgs:
search.maxUniqueTimeseries: "600000"
vmalert.proxyURL: http://vmalert-{{ .name }}.{{ $.Release.Namespace }}.svc:8080

2
packages/system/cert-manager-crds/.helmignore Normal file
View File

@@ -0,0 +1,2 @@
images
hack

2
packages/system/monitoring/Chart.yaml → packages/system/cert-manager-crds/Chart.yaml
View File

@@ -1,3 +1,3 @@
apiVersion: v2
name: cozy-monitoring
name: cozy-cert-manager-crds
version: 0.0.0 # Placeholder, the actual version will be automatically set during the build process

8
packages/system/cert-manager-crds/Makefile Normal file
View File

@@ -0,0 +1,8 @@
include ../../../scripts/package.mk
update:
rm -rf charts
helm repo add jetstack https://charts.jetstack.io
helm repo update jetstack
helm pull jetstack/cert-manager --untar --untardir charts
rm -f -- `find charts/cert-manager/templates -maxdepth 1 -mindepth 1 | grep -v 'crds.yaml\|_helpers.tpl'`

26
packages/system/cert-manager-crds/charts/cert-manager/Chart.yaml Normal file
View File

@@ -0,0 +1,26 @@
annotations:
artifacthub.io/category: security
artifacthub.io/license: Apache-2.0
artifacthub.io/prerelease: "false"
artifacthub.io/signKey: |
fingerprint: 1020CF3C033D4F35BAE1C19E1226061C665DF13E
url: https://cert-manager.io/public-keys/cert-manager-keyring-2021-09-20-1020CF3C033D4F35BAE1C19E1226061C665DF13E.gpg
apiVersion: v2
appVersion: v1.16.1
description: A Helm chart for cert-manager
home: https://cert-manager.io
icon: https://raw.githubusercontent.com/cert-manager/community/4d35a69437d21b76322157e6284be4cd64e6d2b7/logo/logo-small.png
keywords:
- cert-manager
- kube-lego
- letsencrypt
- tls
kubeVersion: '>= 1.22.0-0'
maintainers:
- email: cert-manager-maintainers@googlegroups.com
name: cert-manager-maintainers
url: https://cert-manager.io
name: cert-manager
sources:
- https://github.com/cert-manager/cert-manager
version: v1.16.1

1994
packages/system/cert-manager-crds/charts/cert-manager/README.md Normal file
View File

File diff suppressed because it is too large Load Diff

202
packages/system/cert-manager-crds/charts/cert-manager/templates/_helpers.tpl Normal file
View File

@@ -0,0 +1,202 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "cert-manager.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "cert-manager.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Create the name of the service account to use
*/}}
{{- define "cert-manager.serviceAccountName" -}}
{{- if .Values.serviceAccount.create -}}
{{ default (include "cert-manager.fullname" .) .Values.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.serviceAccount.name }}
{{- end -}}
{{- end -}}
{{/*
Webhook templates
*/}}
{{/*
Expand the name of the chart.
Manually fix the 'app' and 'name' labels to 'webhook' to maintain
compatibility with the v0.9 deployment selector.
*/}}
{{- define "webhook.name" -}}
{{- printf "webhook" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "webhook.fullname" -}}
{{- $trimmedName := printf "%s" (include "cert-manager.fullname" .) | trunc 55 | trimSuffix "-" -}}
{{- printf "%s-webhook" $trimmedName | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- define "webhook.caRef" -}}
{{- template "cert-manager.namespace" }}/{{ template "webhook.fullname" . }}-ca
{{- end -}}
{{/*
Create the name of the service account to use
*/}}
{{- define "webhook.serviceAccountName" -}}
{{- if .Values.webhook.serviceAccount.create -}}
{{ default (include "webhook.fullname" .) .Values.webhook.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.webhook.serviceAccount.name }}
{{- end -}}
{{- end -}}
{{/*
cainjector templates
*/}}
{{/*
Expand the name of the chart.
Manually fix the 'app' and 'name' labels to 'cainjector' to maintain
compatibility with the v0.9 deployment selector.
*/}}
{{- define "cainjector.name" -}}
{{- printf "cainjector" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "cainjector.fullname" -}}
{{- $trimmedName := printf "%s" (include "cert-manager.fullname" .) | trunc 52 | trimSuffix "-" -}}
{{- printf "%s-cainjector" $trimmedName | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create the name of the service account to use
*/}}
{{- define "cainjector.serviceAccountName" -}}
{{- if .Values.cainjector.serviceAccount.create -}}
{{ default (include "cainjector.fullname" .) .Values.cainjector.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.cainjector.serviceAccount.name }}
{{- end -}}
{{- end -}}
{{/*
startupapicheck templates
*/}}
{{/*
Expand the name of the chart.
Manually fix the 'app' and 'name' labels to 'startupapicheck' to maintain
compatibility with the v0.9 deployment selector.
*/}}
{{- define "startupapicheck.name" -}}
{{- printf "startupapicheck" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "startupapicheck.fullname" -}}
{{- $trimmedName := printf "%s" (include "cert-manager.fullname" .) | trunc 52 | trimSuffix "-" -}}
{{- printf "%s-startupapicheck" $trimmedName | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create the name of the service account to use
*/}}
{{- define "startupapicheck.serviceAccountName" -}}
{{- if .Values.startupapicheck.serviceAccount.create -}}
{{ default (include "startupapicheck.fullname" .) .Values.startupapicheck.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.startupapicheck.serviceAccount.name }}
{{- end -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "chartName" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Labels that should be added on each resource
*/}}
{{- define "labels" -}}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- if eq .Values.creator "helm" }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
helm.sh/chart: {{ include "chartName" . }}
{{- end -}}
{{- if .Values.global.commonLabels}}
{{ toYaml .Values.global.commonLabels }}
{{- end }}
{{- end -}}
{{/*
Namespace for all resources to be installed into
If not defined in values file then the helm release namespace is used
By default this is not set so the helm release namespace will be used
This gets around an problem within helm discussed here
https://github.com/helm/helm/issues/5358
*/}}
{{- define "cert-manager.namespace" -}}
{{ .Values.namespace | default .Release.Namespace }}
{{- end -}}
{{/*
Util function for generating the image URL based on the provided options.
IMPORTANT: This function is standardized across all charts in the cert-manager GH organization.
Any changes to this function should also be made in cert-manager, trust-manager, approver-policy, ...
See https://github.com/cert-manager/cert-manager/issues/6329 for a list of linked PRs.
*/}}
{{- define "image" -}}
{{- $defaultTag := index . 1 -}}
{{- with index . 0 -}}
{{- if .registry -}}{{ printf "%s/%s" .registry .repository }}{{- else -}}{{- .repository -}}{{- end -}}
{{- if .digest -}}{{ printf "@%s" .digest }}{{- else -}}{{ printf ":%s" (default $defaultTag .tag) }}{{- end -}}
{{- end }}
{{- end }}
{{/*
Check that the user has not set both .installCRDs and .crds.enabled or
set .installCRDs and disabled .crds.keep.
.installCRDs is deprecated and users should use .crds.enabled and .crds.keep instead.
*/}}
{{- define "cert-manager.crd-check" -}}
{{- if and (.Values.installCRDs) (.Values.crds.enabled) }}
{{- fail "ERROR: the deprecated .installCRDs option cannot be enabled at the same time as its replacement .crds.enabled" }}
{{- end }}
{{- if and (.Values.installCRDs) (not .Values.crds.keep) }}
{{- fail "ERROR: .crds.keep is not compatible with .installCRDs, please use .crds.enabled and .crds.keep instead" }}
{{- end }}
{{- end -}}

12013
packages/system/cert-manager-crds/charts/cert-manager/templates/crds.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

2135
packages/system/cert-manager-crds/charts/cert-manager/values.schema.json Normal file
View File

File diff suppressed because it is too large Load Diff

1455
packages/system/cert-manager-crds/charts/cert-manager/values.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

2
packages/system/cert-manager-crds/values.yaml Normal file
View File

@@ -0,0 +1,2 @@
cert-manager:
installCRDs: true

2
packages/system/cert-manager/values.yaml
View File

@@ -1,2 +1,2 @@
cert-manager:
installCRDs: true
installCRDs: false

0
packages/system/monitoring/.helmignore → packages/system/monitoring-agents/.helmignore
View File

3
packages/system/monitoring-agents/Chart.yaml Normal file
View File

@@ -0,0 +1,3 @@
apiVersion: v2
name: cozy-monitoring-agents
version: 0.0.0 # Placeholder, the actual version will be automatically set during the build process

4
packages/system/monitoring/Makefile → packages/system/monitoring-agents/Makefile
View File

@@ -1,5 +1,5 @@
export NAME=monitoring
export NAMESPACE=cozy-$(NAME)
export NAME=monitoring-agents
export NAMESPACE=cozy-monitoring
include ../../../scripts/package.mk

0
packages/system/monitoring/alerts/etcd.yaml → packages/system/monitoring-agents/alerts/etcd.yaml
View File

2
packages/system/monitoring/alerts/flux.yaml → packages/system/monitoring-agents/alerts/flux.yaml
View File

@@ -60,7 +60,7 @@ spec:
annotations:
summary: "ImageRepository {{ $labels.name }} in namespace {{ $labels.exported_namespace }} sync failed"
description: "ImageRepository {{ $labels.name }} in namespace {{ $labels.exported_namespace }} has not been successfully synced for more than 15 minutes."
- alert: HelmChartFailed
expr: gotk_resource_info{customresource_kind="HelmChart", ready!="True"} > 0
for: 5m

0
packages/system/monitoring/alerts/general.rules.yaml → packages/system/monitoring-agents/alerts/general.rules.yaml
View File

0
packages/system/monitoring/alerts/k8s.rules.container_cpu_usage_seconds_total.yaml → packages/system/monitoring-agents/alerts/k8s.rules.container_cpu_usage_seconds_total.yaml
View File

0
packages/system/monitoring/alerts/k8s.rules.container_memory_cache.yaml → packages/system/monitoring-agents/alerts/k8s.rules.container_memory_cache.yaml
View File

0
packages/system/monitoring/alerts/k8s.rules.container_memory_rss.yaml → packages/system/monitoring-agents/alerts/k8s.rules.container_memory_rss.yaml
View File

0
packages/system/monitoring/alerts/k8s.rules.container_memory_swap.yaml → packages/system/monitoring-agents/alerts/k8s.rules.container_memory_swap.yaml
View File

0
packages/system/monitoring/alerts/k8s.rules.container_memory_working_set_bytes.yaml → packages/system/monitoring-agents/alerts/k8s.rules.container_memory_working_set_bytes.yaml
View File

0
packages/system/monitoring/alerts/k8s.rules.container_resource.yaml → packages/system/monitoring-agents/alerts/k8s.rules.container_resource.yaml
View File

0
packages/system/monitoring/alerts/k8s.rules.pod_owner.yaml → packages/system/monitoring-agents/alerts/k8s.rules.pod_owner.yaml
View File

0
packages/system/monitoring/alerts/kube-apiserver-availability.rules.yaml → packages/system/monitoring-agents/alerts/kube-apiserver-availability.rules.yaml
View File

0
packages/system/monitoring/alerts/kube-apiserver-burnrate.rules.yaml → packages/system/monitoring-agents/alerts/kube-apiserver-burnrate.rules.yaml
View File

0
packages/system/monitoring/alerts/kube-apiserver-histogram.rules.yaml → packages/system/monitoring-agents/alerts/kube-apiserver-histogram.rules.yaml
View File

0
packages/system/monitoring/alerts/kube-apiserver-slos.yaml → packages/system/monitoring-agents/alerts/kube-apiserver-slos.yaml
View File

0
packages/system/monitoring/alerts/kube-prometheus-general.rules.yaml → packages/system/monitoring-agents/alerts/kube-prometheus-general.rules.yaml
View File

0
packages/system/monitoring/alerts/kube-prometheus-node-recording.rules.yaml → packages/system/monitoring-agents/alerts/kube-prometheus-node-recording.rules.yaml
View File

0
packages/system/monitoring/alerts/kube-scheduler.rules.yaml → packages/system/monitoring-agents/alerts/kube-scheduler.rules.yaml
View File

0
packages/system/monitoring/alerts/kube-state-metrics.yaml → packages/system/monitoring-agents/alerts/kube-state-metrics.yaml
View File

0
packages/system/monitoring/alerts/kubelet.rules.yaml → packages/system/monitoring-agents/alerts/kubelet.rules.yaml
View File

0
packages/system/monitoring/alerts/kubernetes-apps.yaml → packages/system/monitoring-agents/alerts/kubernetes-apps.yaml
View File

0
packages/system/monitoring/alerts/kubernetes-resources.yaml → packages/system/monitoring-agents/alerts/kubernetes-resources.yaml
View File

0
packages/system/monitoring/alerts/kubernetes-storage.yaml → packages/system/monitoring-agents/alerts/kubernetes-storage.yaml
View File

0
packages/system/monitoring/alerts/kubernetes-system-apiserver.yaml → packages/system/monitoring-agents/alerts/kubernetes-system-apiserver.yaml
View File

0
packages/system/monitoring/alerts/kubernetes-system-controller-manager.yaml → packages/system/monitoring-agents/alerts/kubernetes-system-controller-manager.yaml
View File

0
packages/system/monitoring/alerts/kubernetes-system-kubelet.yaml → packages/system/monitoring-agents/alerts/kubernetes-system-kubelet.yaml
View File

0
packages/system/monitoring/alerts/kubernetes-system-scheduler.yaml → packages/system/monitoring-agents/alerts/kubernetes-system-scheduler.yaml
View File

0
packages/system/monitoring/alerts/kubernetes-system.yaml → packages/system/monitoring-agents/alerts/kubernetes-system.yaml
View File

0
packages/system/monitoring/alerts/node-exporter.rules.yaml → packages/system/monitoring-agents/alerts/node-exporter.rules.yaml
View File

0
packages/system/monitoring/alerts/node-exporter.yaml → packages/system/monitoring-agents/alerts/node-exporter.yaml
View File

0
packages/system/monitoring/alerts/node-network.yaml → packages/system/monitoring-agents/alerts/node-network.yaml
View File

0
packages/system/monitoring/alerts/node.rules.yaml → packages/system/monitoring-agents/alerts/node.rules.yaml
View File

0
packages/system/monitoring/charts/fluent-bit/.helmignore → packages/system/monitoring-agents/charts/fluent-bit/.helmignore
View File

6
packages/system/monitoring/charts/fluent-bit/Chart.yaml → packages/system/monitoring-agents/charts/fluent-bit/Chart.yaml
View File

@@ -1,9 +1,9 @@
annotations:
artifacthub.io/changes: |
- kind: changed
description: "Updated Fluent Bit OCI image to v3.1.6."
description: "Updated Fluent Bit OCI image to v3.1.9"
apiVersion: v1
appVersion: 3.1.6
appVersion: 3.1.9
description: Fast and lightweight log processor and forwarder or Linux, OSX and BSD
family operating systems.
home: https://fluentbit.io/
@@ -24,4 +24,4 @@ maintainers:
name: fluent-bit
sources:
- https://github.com/fluent/fluent-bit/
version: 0.47.7
version: 0.47.10

0
packages/system/monitoring/charts/fluent-bit/README.md → packages/system/monitoring-agents/charts/fluent-bit/README.md
View File

1
packages/system/monitoring/charts/fluent-bit/ci/ci-values.yaml → packages/system/monitoring-agents/charts/fluent-bit/ci/ci-values.yaml
View File

@@ -5,3 +5,4 @@ logLevel: debug
dashboards:
enabled: true
deterministicUid: true

2
packages/system/monitoring/charts/fluent-bit/dashboards/fluent-bit.json → packages/system/monitoring-agents/charts/fluent-bit/dashboards/fluent-bit.json
View File

@@ -1559,7 +1559,7 @@
},
"timezone": "",
"title": "{{ include "fluent-bit.fullname" . }}",
"uid": null,
"uid": {{ ternary (printf "\"%s\"" (sha1sum (printf "%s-%s" .Release.Namespace (include "fluent-bit.fullname" .)))) "null" .Values.dashboards.deterministicUid }},
"version": 7,
"weekStart": ""
}

3
packages/system/monitoring/charts/fluent-bit/templates/NOTES.txt → packages/system/monitoring-agents/charts/fluent-bit/templates/NOTES.txt
View File

@@ -2,5 +2,4 @@ Get Fluent Bit build information by running these commands:
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "fluent-bit.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 2020:2020
curl http://127.0.0.1:2020
curl http://127.0.0.1:2020

0
packages/system/monitoring/charts/fluent-bit/templates/_helpers.tpl → packages/system/monitoring-agents/charts/fluent-bit/templates/_helpers.tpl
View File

0
packages/system/monitoring/charts/fluent-bit/templates/_pod.tpl → packages/system/monitoring-agents/charts/fluent-bit/templates/_pod.tpl
View File

0
packages/system/monitoring/charts/fluent-bit/templates/clusterrole.yaml → packages/system/monitoring-agents/charts/fluent-bit/templates/clusterrole.yaml
View File

0
packages/system/monitoring/charts/fluent-bit/templates/clusterrolebinding.yaml → packages/system/monitoring-agents/charts/fluent-bit/templates/clusterrolebinding.yaml
View File

0
packages/system/monitoring/charts/fluent-bit/templates/configmap-dashboards.yaml → packages/system/monitoring-agents/charts/fluent-bit/templates/configmap-dashboards.yaml
View File

0
packages/system/monitoring/charts/fluent-bit/templates/configmap-luascripts.yaml → packages/system/monitoring-agents/charts/fluent-bit/templates/configmap-luascripts.yaml
View File

0
packages/system/monitoring/charts/fluent-bit/templates/configmap.yaml → packages/system/monitoring-agents/charts/fluent-bit/templates/configmap.yaml
View File

0
packages/system/monitoring/charts/fluent-bit/templates/daemonset.yaml → packages/system/monitoring-agents/charts/fluent-bit/templates/daemonset.yaml
View File

0
packages/system/monitoring/charts/fluent-bit/templates/deployment.yaml → packages/system/monitoring-agents/charts/fluent-bit/templates/deployment.yaml
View File

0
packages/system/monitoring/charts/fluent-bit/templates/hpa.yaml → packages/system/monitoring-agents/charts/fluent-bit/templates/hpa.yaml
View File

0
packages/system/monitoring/charts/fluent-bit/templates/ingress.yaml → packages/system/monitoring-agents/charts/fluent-bit/templates/ingress.yaml
View File

0
packages/system/monitoring/charts/fluent-bit/templates/networkpolicy.yaml → packages/system/monitoring-agents/charts/fluent-bit/templates/networkpolicy.yaml
View File

0
packages/system/monitoring/charts/fluent-bit/templates/pdb.yaml → packages/system/monitoring-agents/charts/fluent-bit/templates/pdb.yaml
View File

0
packages/system/monitoring/charts/fluent-bit/templates/prometheusrule.yaml → packages/system/monitoring-agents/charts/fluent-bit/templates/prometheusrule.yaml
View File

0
packages/system/monitoring/charts/fluent-bit/templates/psp.yaml → packages/system/monitoring-agents/charts/fluent-bit/templates/psp.yaml
View File

0
packages/system/monitoring/charts/fluent-bit/templates/scc.yaml → packages/system/monitoring-agents/charts/fluent-bit/templates/scc.yaml
View File

0
packages/system/monitoring/charts/fluent-bit/templates/service.yaml → packages/system/monitoring-agents/charts/fluent-bit/templates/service.yaml
View File

0
packages/system/monitoring/charts/fluent-bit/templates/serviceaccount.yaml → packages/system/monitoring-agents/charts/fluent-bit/templates/serviceaccount.yaml
View File

0
packages/system/monitoring/charts/fluent-bit/templates/servicemonitor.yaml → packages/system/monitoring-agents/charts/fluent-bit/templates/servicemonitor.yaml
View File

0
packages/system/monitoring/charts/fluent-bit/templates/tests/test-connection.yaml → packages/system/monitoring-agents/charts/fluent-bit/templates/tests/test-connection.yaml
View File

2
packages/system/monitoring/charts/fluent-bit/templates/vpa.yaml → packages/system/monitoring-agents/charts/fluent-bit/templates/vpa.yaml
View File

@@ -15,7 +15,7 @@ spec:
containerPolicies:
- containerName: {{ .Chart.Name }}
{{- with .Values.autoscaling.vpa.controlledResources }}
controlledResources:
controlledResources:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.autoscaling.vpa.maxAllowed }}

1
packages/system/monitoring/charts/fluent-bit/values.yaml → packages/system/monitoring-agents/charts/fluent-bit/values.yaml
View File

@@ -182,6 +182,7 @@ dashboards:
labelValue: 1
annotations: {}
namespace: ""
deterministicUid: false
lifecycle: {}
# preStop:

0
packages/system/monitoring/charts/kube-state-metrics/.helmignore → packages/system/monitoring-agents/charts/kube-state-metrics/.helmignore
View File

2
packages/system/monitoring/charts/kube-state-metrics/Chart.yaml → packages/system/monitoring-agents/charts/kube-state-metrics/Chart.yaml
View File

@@ -23,4 +23,4 @@ name: kube-state-metrics
sources:
- https://github.com/kubernetes/kube-state-metrics/
type: application
version: 5.25.1
version: 5.26.0

0
packages/system/monitoring/charts/kube-state-metrics/README.md → packages/system/monitoring-agents/charts/kube-state-metrics/README.md
View File

0
packages/system/monitoring/charts/kube-state-metrics/templates/NOTES.txt → packages/system/monitoring-agents/charts/kube-state-metrics/templates/NOTES.txt
View File

0
packages/system/monitoring/charts/kube-state-metrics/templates/_helpers.tpl → packages/system/monitoring-agents/charts/kube-state-metrics/templates/_helpers.tpl
View File

0
packages/system/monitoring/charts/kube-state-metrics/templates/ciliumnetworkpolicy.yaml → packages/system/monitoring-agents/charts/kube-state-metrics/templates/ciliumnetworkpolicy.yaml
View File

0
packages/system/monitoring/charts/kube-state-metrics/templates/clusterrolebinding.yaml → packages/system/monitoring-agents/charts/kube-state-metrics/templates/clusterrolebinding.yaml
View File

0
packages/system/monitoring/charts/kube-state-metrics/templates/crs-configmap.yaml → packages/system/monitoring-agents/charts/kube-state-metrics/templates/crs-configmap.yaml
View File

8
packages/system/monitoring/charts/kube-state-metrics/templates/deployment.yaml → packages/system/monitoring-agents/charts/kube-state-metrics/templates/deployment.yaml
View File

@@ -301,13 +301,13 @@ spec:
affinity:
{{ toYaml .Values.affinity | indent 8 }}
{{- end }}
{{- if .Values.nodeSelector }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 8 }}
{{ tpl (toYaml .) $ | indent 8 }}
{{- end }}
{{- if .Values.tolerations }}
{{- with .Values.tolerations }}
tolerations:
{{ toYaml .Values.tolerations | indent 8 }}
{{ tpl (toYaml .) $ | indent 8 }}
{{- end }}
{{- if .Values.topologySpreadConstraints }}
topologySpreadConstraints:

0
packages/system/monitoring/charts/kube-state-metrics/templates/extra-manifests.yaml → packages/system/monitoring-agents/charts/kube-state-metrics/templates/extra-manifests.yaml
View File

0
packages/system/monitoring/charts/kube-state-metrics/templates/kubeconfig-secret.yaml → packages/system/monitoring-agents/charts/kube-state-metrics/templates/kubeconfig-secret.yaml
View File

0
packages/system/monitoring/charts/kube-state-metrics/templates/networkpolicy.yaml → packages/system/monitoring-agents/charts/kube-state-metrics/templates/networkpolicy.yaml
View File

0
packages/system/monitoring/charts/kube-state-metrics/templates/pdb.yaml → packages/system/monitoring-agents/charts/kube-state-metrics/templates/pdb.yaml
View File

Some files were not shown because too many files have changed in this diff Show More