diff --git a/charts/prometheus-grafana/Chart.yaml b/charts/prometheus-grafana/Chart.yaml index dc0018e..ee6c3dc 100644 --- a/charts/prometheus-grafana/Chart.yaml +++ b/charts/prometheus-grafana/Chart.yaml @@ -1,8 +1,15 @@ apiVersion: v2 name: prometheus-grafana-helm +dependencies: + - name: prometheus + repository: https://prometheus-community.github.io/helm-charts + version: 27.5.x + - name: grafana + repository: https://grafana.github.io/helm-charts + version: 8.10.x description: Prometheus and Grafana Helm Chart for Rahti platform Link to the repo https://github.com/CSCfi/helm-charts -version: 1.1.1 +version: 2.0.0 sources: - https://github.com/CSCfi/helm-charts -icon: https://upload.wikimedia.org/wikipedia/commons/thumb/3/3b/Grafana_icon.svg/351px-Grafana_icon.svg.png +icon: https://miro.medium.com/v2/resize:fit:640/format:webp/0*4G5AVIBCAKMU1Ctl.png diff --git a/charts/prometheus-grafana/README.md b/charts/prometheus-grafana/README.md index 31f0f2e..cca13a2 100644 --- a/charts/prometheus-grafana/README.md +++ b/charts/prometheus-grafana/README.md @@ -5,7 +5,7 @@ helm upgrade --install graf-prom . ``` ## Explanations -This Helm Chart helps you to deploy Grafana and Prometheus on CSC Rahti2 (Openshift 4). +This Helm Chart helps you to deploy Grafana and Prometheus on CSC Rahti (Openshift 4). If you want to use it with different values, you can edit `values.yaml` file and then run: ```sh helm upgrade --install graf-prom . -f {custom_values.yaml} @@ -15,33 +15,40 @@ The password to access Grafana WebUI is generated randomly and won't change if y ## Parameters -### HedgeDoc parameters - -| Name | Description | Value | -| ---------------------------------------------------- | ------------------------------------------------------- | --------------------------------- | -| `prometheus.appName` | Name of your app. | `prometheus` | -| `prometheus.image` | Name of the `prometheus` image | `prom/prometheus:v2.50.1` | -| `prometheus.retentionTime` | Define how long data is kept in time-series database | `15d` | -| `prometheus.limits.memory` | Define the maximum of amount of memory | `4Gi` | -| `prometheus.requests.memory` | Define the minimum guaranteed amount of memory | `4Gi` | -| `prometheus.pvc.storageSize` | Define the size of the Persistent Volume Claim | `5Gi` | -| `prometheus.service.type` | Define the service type | `ClusterIP` | - -### Grafana parameters - -| Name | Description | Value | -| ---------------------------------------------------- | ------------------------------------------------------- | ------------------------------------------ | -| `grafana.appName` | Name of your app. | `grafana` | -| `grafana.image` | Name of the `prometheus` image | `grafana/grafana:10.2.4` | -| `grafana.limits.memory` | Define the maximum of amount of memory | `1Gi` | -| `grafana.requests.memory` | Define the minimum guaranteed amount of memory | `1Gi` | -| `grafana.random_pw_secret_key` | Key to store the password | `admin-password` | -| `grafana.secret.admin-username` | Name of the user to connect to prometheus webUI | `admin` | -| `grafana.secret.admin-password` | Function that retrieve the generated password | `'{{- include "random_pw_reusable" . - }}` | -| `grafana.service.type` | Define the service type | `ClusterIP` | -| `grafana.route.tls.termination` | Create an OpenShift route | `edge` | -| `grafana.route.tls.insecureEdgeTerminationPolicy` | Create an OpenShift route | `Redirect` | -| `grafana.pvc.storageSize` | Define the size of the Persistent Volume Claim | `5Gi` | +We created a default `values.yaml` file that is compatible with our platform Rahti. This Helm Chart is using the official from Prometheus and Grafana. +Take a look: + +- [Prometheus Community](https://github.com/prometheus-community/helm-charts/blob/main/charts/prometheus/README.md) +- [Grafana](https://github.com/grafana/helm-charts/blob/main/charts/grafana/README.md) + +There are two mandatory fields that you must fill out: +- `prometheus.serverFiles.prometheus.yml.scrape_configs.1.kubernetes_sd_configs.0.namespaces.names.0` + ```yaml + - job_name: 'kubernetes-service-endpoints' + honor_labels: true + kubernetes_sd_configs: + - role: endpoints + namespaces: + names: + - # Enter the name of your namespace/project here + ``` + +- `prometheus.serverFiles.prometheus.yml.scrape_configs.2.kubernetes_sd_configs.0.namespaces.names.0` + ```yaml + - job_name: 'kubernetes-pods' + honor_labels: true + kubernetes_sd_configs: + - role: pods + namespaces: + names: + - # Enter the name of your namespace/project here + ``` + +In order to have your pods monitored by Prometheus, you need to add these annotations: + +* `prometheus.io/scrape`: Only scrape pods that have a value of `true`, +* `prometheus.io/path`: If the metrics path is not `/metrics` override this. +* `prometheus.io/port`: Scrape the pod on the indicated port instead of the default of `9102`. ## Cleanup To delete all the resources, simply uninstall the Helm Chart: diff --git a/charts/prometheus-grafana/templates/NOTES.txt b/charts/prometheus-grafana/templates/NOTES.txt index f791b65..0647a2f 100644 --- a/charts/prometheus-grafana/templates/NOTES.txt +++ b/charts/prometheus-grafana/templates/NOTES.txt @@ -1,23 +1,32 @@ -======================================= +======================================== CSC Prometheus-Grafana Helm deployed -======================================= +======================================== +=========== + GRAFANA +=========== +Wait a few seconds. Time for the application to be fully deployed. Get the Grafana application URL by running these commands: - export GRAFANA=$(oc get route --namespace={{ .Release.Namespace }} -o yaml | yq '.items[] | select(.metadata.name == "{{ .Values.grafana.appName }}-route") .spec.host' -r) + export GRAFANA=$(oc get route --namespace={{ .Release.Namespace }} -o yaml | yq '.items[] | select(.metadata.name == "grafana") .spec.host' -r) echo "GRAFANA server URL: http://$GRAFANA" The password for the access is generated randomly. To retrieve the information, run these commands: - echo Username: $(oc get secret --namespace={{ .Release.Namespace }} {{ .Values.grafana.appName }} -o jsonpath="{.data.admin-username}" | base64 -d) - echo Password: $(oc get secret --namespace={{ .Release.Namespace }} {{ .Values.grafana.appName }} -o jsonpath="{.data.admin-password}" | base64 -d) + echo Username: $(oc get secret --namespace={{ .Release.Namespace }} {{ .Release.Name }}-grafana -o jsonpath="{.data.admin-user}" | base64 -d) + echo Password: $(oc get secret --namespace={{ .Release.Namespace }} {{ .Release.Name }}-grafana -o jsonpath="{.data.admin-password}" | base64 -d) -The Route to Prometheus is not deployed by default. If you want to access Prometheus, you can type this command: - oc create route edge prometheus-route --service={{ .Values.prometheus.appName }}-service --insecure-policy='Redirect' --port=9090 +======================== + PROMETHEUS (OPTIONAL) +======================== +The Route to Prometheus is not deployed by default. You can change the behaviour by setting `true` in the `values.yaml` +or you can type this command: -And then, you can retrieve the Prometheus URL by running these commands: + oc --namespace {{ .Release.Namespace }} create route edge prometheus --service={{ .Release.Name }}-prometheus-server --insecure-policy='Redirect' --port=9090 - export PROMETHEUS=$(oc get route --namespace={{ .Release.Namespace }} -o yaml | yq '.items[] | select(.metadata.name == "{{ .Values.prometheus.appName }}-route") .spec.host' -r) +You can retrieve the Prometheus URL by running these commands: + + export PROMETHEUS=$(oc get route --namespace={{ .Release.Namespace }} -o yaml | yq '.items[] | select(.metadata.name == "prometheus") .spec.host' -r) echo "PROMETHEUS server URL: http://$PROMETHEUS" \ No newline at end of file diff --git a/charts/prometheus-grafana/templates/_helpers.tpl b/charts/prometheus-grafana/templates/_helpers.tpl deleted file mode 100644 index 61a6671..0000000 --- a/charts/prometheus-grafana/templates/_helpers.tpl +++ /dev/null @@ -1,86 +0,0 @@ -{{/* -Expand the name of the chart. -*/}} -{{- define "prometheus-grafana.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "prometheus-grafana.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "prometheus-grafana.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Common labels -*/}} -{{- define "prometheus-grafana.labels" -}} -helm.sh/chart: {{ include "prometheus-grafana.chart" . }} -{{ include "prometheus-grafana.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "prometheus-grafana.selectorLabels" -}} -app.kubernetes.io/name: {{ include "prometheus-grafana.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} - -{{/* -Define a function that generate static password -*/}} -{{- define "generate_static_password" -}} -{{- /* Create "tmp_vars" dict inside ".Release" to store various stuff. */ -}} -{{- if not (index .Release "tmp_vars") -}} -{{- $_ := set .Release "tmp_vars" dict -}} -{{- end -}} -{{- /* Some random ID of this password, in case there will be other random values alongside this instance. */ -}} -{{- $key := printf "%s_%s" .Release.Name "password" -}} -{{- /* If $key does not yet exist in .Release.tmp_vars, then... */ -}} -{{- if not (index .Release.tmp_vars $key) -}} -{{- /* ... store random password under the $key */ -}} -{{- $_ := set .Release.tmp_vars $key (randAlphaNum 20) -}} -{{- end -}} -{{- /* Retrieve previously generated value. */ -}} -{{- index .Release.tmp_vars $key -}} -{{- end -}} - -{{/* -Define a function that lookup the secret on upgrade. If install, it requires the name of secret to create and the key to store the password. -*/}} -{{- define "random_pw_reusable" -}} - {{- if .Release.IsUpgrade -}} - {{- $data := default dict (lookup "v1" "Secret" .Release.Namespace .Values.grafana.appName).data -}} - {{- if $data -}} - {{- index $data .Values.grafana.random_pw_secret_key | b64dec -}} - {{- end -}} - {{- else -}} - {{- if and (required "You must pass .Values.grafana.appName (the name of a secret to retrieve password from on upgrade)" .Values.grafana.appName) (required "You must pass .Values.grafana.random_pw_secret_key (the name of the key in the secret to retrieve password from on upgrade)" .Values.grafana.random_pw_secret_key) -}} - {{- (include "generate_static_password" .) -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/prometheus-grafana/templates/grafana/configmap.yaml b/charts/prometheus-grafana/templates/grafana/configmap.yaml deleted file mode 100644 index 295947d..0000000 --- a/charts/prometheus-grafana/templates/grafana/configmap.yaml +++ /dev/null @@ -1,29 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Values.grafana.appName }}-config -data: - grafana.ini: | - [paths] - data = /var/lib/grafana - plugins = /var/lib/grafana/plugins - provisioning = /usr/share/grafana/conf/provisioning - - [log] - mode = console - - [security] - admin_user = ${ADMIN_USER} - admin_password = ${ADMIN_PASSWORD} - - datasource.yaml: | - apiVersion: 1 - datasources: - - name: prometheus - type: prometheus - access: proxy - org_id: 1 - url: http://prometheus-service:9090 - is_default: true - version: 1 - editable: true diff --git a/charts/prometheus-grafana/templates/grafana/deployment.yaml b/charts/prometheus-grafana/templates/grafana/deployment.yaml deleted file mode 100644 index 18e12c4..0000000 --- a/charts/prometheus-grafana/templates/grafana/deployment.yaml +++ /dev/null @@ -1,61 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ .Values.grafana.appName }} - labels: - app: {{ .Values.grafana.appName }} -spec: - selector: - matchLabels: - app: {{ .Values.grafana.appName }} - strategy: - type: RollingUpdate - template: - metadata: - labels: - app: {{ .Values.grafana.appName }} - spec: - containers: - - name: {{ .Values.grafana.appName }} - image: {{ .Values.grafana.image }} - imagePullPolicy: IfNotPresent - ports: - - containerPort: 3000 - env: - - name: ADMIN_USER - valueFrom: - secretKeyRef: - key: admin-username - name: {{ .Values.grafana.appName }} - - name: ADMIN_PASSWORD - valueFrom: - secretKeyRef: - key: admin-password - name: {{ .Values.grafana.appName }} - args: - - '--homepath=/usr/share/grafana' - - '--config=/etc/grafana/grafana.ini' - resources: - limits: - memory: {{ .Values.grafana.limits.memory }} - requests: - memory: {{ .Values.grafana.requests.memory }} - volumeMounts: - - mountPath: /etc/grafana - name: {{ .Values.grafana.appName }}-config - - mountPath: /var/lib/grafana - name: {{ .Values.grafana.appName }}-data - restartPolicy: Always - volumes: - - name: {{ .Values.grafana.appName }}-config - configMap: - defaultMode: 420 - name: {{ .Values.grafana.appName }}-config - items: - - key: grafana.ini - path: grafana.ini - - key: datasource.yaml - path: provisioning/datasources/datasource.yaml - - name: {{ .Values.grafana.appName }}-data - persistentVolumeClaim: - claimName: {{ .Values.grafana.appName }}-data \ No newline at end of file diff --git a/charts/prometheus-grafana/templates/grafana/pvc.yaml b/charts/prometheus-grafana/templates/grafana/pvc.yaml deleted file mode 100644 index a1d9d68..0000000 --- a/charts/prometheus-grafana/templates/grafana/pvc.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ .Values.grafana.appName }}-data -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: {{ .Values.grafana.pvc.storageSize }} \ No newline at end of file diff --git a/charts/prometheus-grafana/templates/grafana/route.yaml b/charts/prometheus-grafana/templates/grafana/route.yaml deleted file mode 100644 index 851e836..0000000 --- a/charts/prometheus-grafana/templates/grafana/route.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: route.openshift.io/v1 -kind: Route -metadata: - name: {{ .Values.grafana.appName }}-route -spec: - port: - targetPort: 3000 - tls: - termination: {{ .Values.grafana.route.tls.termination }} - insecureEdgeTerminationPolicy: {{ .Values.grafana.route.tls.insecureEdgeTerminationPolicy }} - to: - kind: Service - name: {{ .Values.grafana.appName }}-service \ No newline at end of file diff --git a/charts/prometheus-grafana/templates/grafana/secret.yaml b/charts/prometheus-grafana/templates/grafana/secret.yaml deleted file mode 100644 index 5b23d60..0000000 --- a/charts/prometheus-grafana/templates/grafana/secret.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: {{ .Values.grafana.appName }} -type: Opaque -{{- if .Values.grafana.secret}} -data: - {{- range $key, $val := .Values.grafana.secret }} - "{{ $key }}": "{{ tpl $val $ | b64enc }}" - {{- end }} -{{- end }} \ No newline at end of file diff --git a/charts/prometheus-grafana/templates/grafana/service.yaml b/charts/prometheus-grafana/templates/grafana/service.yaml deleted file mode 100644 index 889a812..0000000 --- a/charts/prometheus-grafana/templates/grafana/service.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ .Values.grafana.appName }}-service -spec: - ports: - - name: {{ .Values.grafana.appName }} - port: 3000 - targetPort: 3000 - selector: - app: {{ .Values.grafana.appName }} - type: {{ .Values.grafana.service.type }} \ No newline at end of file diff --git a/charts/prometheus-grafana/templates/prometheus/configmap-prometheus.yaml b/charts/prometheus-grafana/templates/prometheus/configmap-prometheus.yaml deleted file mode 100644 index d9bc972..0000000 --- a/charts/prometheus-grafana/templates/prometheus/configmap-prometheus.yaml +++ /dev/null @@ -1,42 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Values.prometheus.appName }}-config -data: - prometheus.yml: | - global: - external_labels: - monitor: prometheus - scrape_configs: - - job_name: 'prometheus' - static_configs: - - targets: ['localhost:9090'] - labels: - group: 'prometheus' - - job_name: 'openshift-pods' - kubernetes_sd_configs: - - role: pod - namespaces: - names: - - {{ .Release.Namespace }} - relabel_configs: - - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_scrape] - action: keep - regex: true - - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_path] - action: replace - target_label: __metrics_path__ - regex: (.+) - - source_labels: [__address__, __meta_kubernetes_pod_annotation_prometheus_io_port] - action: replace - regex: (.+):(?:\d+);(\d+) - replacement: ${1}:${2} - target_label: __address__ - - action: labelmap - regex: __meta_kubernetes_pod_label_(.+) - - source_labels: [__meta_kubernetes_namespace] - action: replace - target_label: kubernetes_namespace - - source_labels: [__meta_kubernetes_pod_name] - action: replace - target_label: kubernetes_pod_name \ No newline at end of file diff --git a/charts/prometheus-grafana/templates/prometheus/deployment.yaml b/charts/prometheus-grafana/templates/prometheus/deployment.yaml deleted file mode 100644 index f61914d..0000000 --- a/charts/prometheus-grafana/templates/prometheus/deployment.yaml +++ /dev/null @@ -1,51 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ .Values.prometheus.appName }} - labels: - app: {{ .Values.prometheus.appName }} -spec: - selector: - matchLabels: - app: {{ .Values.prometheus.appName }} - strategy: - type: Recreate - template: - metadata: - labels: - app: {{ .Values.prometheus.appName }} - spec: - serviceAccount: {{ .Values.prometheus.appName }}-sa - serviceAccountName: {{ .Values.prometheus.appName }}-sa - containers: - - name: {{ .Values.prometheus.appName }} - args: - - '--storage.tsdb.path=/data' - - '--config.file=/etc/prometheus/prometheus.yml' - - '--storage.tsdb.retention.time={{ .Values.prometheus.retentionTime }}' - image: {{ .Values.prometheus.image }} - imagePullPolicy: IfNotPresent - ports: - - containerPort: 9090 - resources: - limits: - memory: {{ .Values.prometheus.limits.memory }} - cpu: 1 - requests: - memory: {{ .Values.prometheus.requests.memory }} - cpu: 1 - volumeMounts: - - mountPath: /etc/prometheus - name: {{ .Values.prometheus.appName }}-config - - mountPath: /data - name: {{ .Values.prometheus.appName }}-data - restartPolicy: Always - volumes: - - name: {{ .Values.prometheus.appName }}-config - configMap: - defaultMode: 420 - name: {{ .Values.prometheus.appName }}-config - - name: {{ .Values.prometheus.appName }}-data - persistentVolumeClaim: - claimName: {{ .Values.prometheus.appName }}-data - \ No newline at end of file diff --git a/charts/prometheus-grafana/templates/prometheus/pvc.yaml b/charts/prometheus-grafana/templates/prometheus/pvc.yaml deleted file mode 100644 index eb2e8f5..0000000 --- a/charts/prometheus-grafana/templates/prometheus/pvc.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - labels: - app: {{ .Values.prometheus.appName }} - name: {{ .Values.prometheus.appName }}-data -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: {{ .Values.prometheus.pvc.storageSize }} \ No newline at end of file diff --git a/charts/prometheus-grafana/templates/prometheus/rolebinding.yaml b/charts/prometheus-grafana/templates/prometheus/rolebinding.yaml deleted file mode 100644 index 630d597..0000000 --- a/charts/prometheus-grafana/templates/prometheus/rolebinding.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: authorization.openshift.io/v1 -kind: RoleBinding -metadata: - name: {{ .Values.prometheus.appName }}-role -roleRef: - name: view -subjects: -- kind: ServiceAccount - name: {{ .Values.prometheus.appName }}-sa \ No newline at end of file diff --git a/charts/prometheus-grafana/templates/prometheus/service-account.yaml b/charts/prometheus-grafana/templates/prometheus/service-account.yaml deleted file mode 100644 index 10c6e1c..0000000 --- a/charts/prometheus-grafana/templates/prometheus/service-account.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ .Values.prometheus.appName }}-sa \ No newline at end of file diff --git a/charts/prometheus-grafana/templates/prometheus/service.yaml b/charts/prometheus-grafana/templates/prometheus/service.yaml deleted file mode 100644 index bba3efe..0000000 --- a/charts/prometheus-grafana/templates/prometheus/service.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ .Values.prometheus.appName }}-service -spec: - ports: - - port: 9090 - targetPort: 9090 - selector: - app: {{ .Values.prometheus.appName }} - type: {{ .Values.prometheus.service.type }} \ No newline at end of file diff --git a/charts/prometheus-grafana/templates/route.yaml b/charts/prometheus-grafana/templates/route.yaml new file mode 100644 index 0000000..ac0a1f6 --- /dev/null +++ b/charts/prometheus-grafana/templates/route.yaml @@ -0,0 +1,42 @@ +{{- if .Values.route.grafana.enabled }} +apiVersion: route.openshift.io/v1 +kind: Route +metadata: + labels: + app: grafana + name: grafana +spec: + host: grafana-{{ .Release.Namespace }}.rahtiapp.fi + port: + targetPort: "3000" + tls: + insecureEdgeTerminationPolicy: {{ .Values.route.insecureEdgeTerminationPolicy }} + termination: {{ .Values.route.termination }} + to: + kind: Service + name: {{ .Release.Name }}-grafana + weight: 100 + wildcardPolicy: None +{{- end }} + +--- +{{- if .Values.route.prometheus.enabled }} +apiVersion: route.openshift.io/v1 +kind: Route +metadata: + labels: + app: prometheus + name: prometheus +spec: + host: prometheus-{{ .Release.Namespace }}.rahtiapp.fi + port: + targetPort: "9090" + tls: + insecureEdgeTerminationPolicy: {{ .Values.route.insecureEdgeTerminationPolicy }} + termination: {{ .Values.route.termination }} + to: + kind: Service + name: {{ .Release.Name }}-prometheus-server + weight: 100 + wildcardPolicy: None +{{- end }} \ No newline at end of file diff --git a/charts/prometheus-grafana/values.schema.json b/charts/prometheus-grafana/values.schema.json index 08113e8..014f2ff 100644 --- a/charts/prometheus-grafana/values.schema.json +++ b/charts/prometheus-grafana/values.schema.json @@ -3,116 +3,226 @@ "properties": { "grafana": { "properties": { - "appName": { - "type": "string" - }, - "image": { - "type": "string" - }, - "limits": { + "datasources": { "properties": { - "memory": { - "type": "string" + "datasources.yaml": { + "properties": { + "apiVersion": { + "type": "integer" + }, + "datasources": { + "items": { + "properties": { + "access": { + "type": "string" + }, + "isDefault": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "type": { + "type": "string" + }, + "url": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" } }, "type": "object" }, - "pvc": { + "rbac": { "properties": { - "storageSize": { + "create": { + "type": "boolean" + }, + "namespaced": { + "type": "boolean" + }, + "useExistingClusterRole": { "type": "string" } }, "type": "object" }, - "random_pw_secret_key": { - "type": "string" + "securityContext": { + "properties": { + "fsGroup": { + "type": "null" + }, + "runAsGroup": { + "type": "null" + }, + "runAsUser": { + "type": "null" + } + }, + "type": "object" }, - "requests": { + "serviceAccount": { "properties": { - "memory": { + "create": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "nameTest": { "type": "string" } }, "type": "object" - }, - "route": { + } + }, + "type": "object" + }, + "prometheus": { + "properties": { + "alertmanager": { "properties": { - "tls": { - "properties": { - "insecureEdgeTerminationPolicy": { - "type": "string" - }, - "termination": { - "type": "string" - } - }, - "type": "object" + "enabled": { + "type": "boolean" } }, "type": "object" }, - "secret": { + "kube-state-metrics": { "properties": { - "admin-password": { - "type": "string" - }, - "admin-username": { - "type": "string" + "enabled": { + "type": "boolean" } }, "type": "object" }, - "service": { + "podSecurityPolicy": { "properties": { - "type": { - "type": "string" + "enabled": { + "type": "boolean" } }, "type": "object" - } - }, - "type": "object" - }, - "prometheus": { - "properties": { - "appName": { - "type": "string" }, - "image": { - "type": "string" + "prometheus-node-exporter": { + "properties": { + "enabled": { + "type": "boolean" + } + }, + "type": "object" }, - "limits": { + "prometheus-pushgateway": { "properties": { - "memory": { - "type": "string" + "enabled": { + "type": "boolean" } }, "type": "object" }, - "pvc": { + "rbac": { "properties": { - "storageSize": { - "type": "string" + "create": { + "type": "boolean" } }, "type": "object" }, - "requests": { + "server": { "properties": { - "memory": { + "namespaces": { + "items": { + "properties": { + "": { + "type": "null" + } + }, + "type": "string" + }, + "type": "array" + }, + "securityContext": { + "properties": { + "fsGroup": { + "type": "null" + }, + "runAsGroup": { + "type": "null" + }, + "runAsUser": { + "type": "null" + } + }, + "type": "object" + }, + "useExistingClusterRoleName": { "type": "string" } }, "type": "object" }, - "retentionTime": { - "type": "string" - }, - "service": { + "serverFiles": { "properties": { - "type": { - "type": "string" + "prometheus.yml": { + "properties": { + "scrape_configs": { + "items": { + "properties": { + "honor_labels": { + "type": "boolean" + }, + "job_name": { + "type": "string" + }, + "kubernetes_sd_configs": { + "items": { + "properties": { + "namespaces": { + "properties": { + "names": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "role": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "static_configs": { + "items": { + "properties": { + "targets": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" } }, "type": "object" @@ -122,4 +232,4 @@ } }, "type": "object" -} \ No newline at end of file +} diff --git a/charts/prometheus-grafana/values.yaml b/charts/prometheus-grafana/values.yaml index 7d3ca6b..ff391df 100644 --- a/charts/prometheus-grafana/values.yaml +++ b/charts/prometheus-grafana/values.yaml @@ -1,40 +1,187 @@ +## OpenShift Routes +# Enable OpenShift Routes for grafana and/or prometheus +route: + grafana: + enabled: true + prometheus: + enabled: false + insecureEdgeTerminationPolicy: Redirect + termination: edge + +##################### +# Prometheus values # +##################### + prometheus: - appName: prometheus - image: prom/prometheus:v2.50.1 - retentionTime: 15d + rbac: + create: true + podSecurityPolicy: + enabled: true + server: + securityContext: + runAsUser: + runAsGroup: + fsGroup: + useExistingClusterRoleName: admin + namespaces: + - '{{ tpl .Release.Namespace . }}' + serverFiles: + prometheus.yml: + scrape_configs: + - job_name: prometheus + static_configs: + - targets: + - localhost:9090 + + # Scrape config for service endpoints. + # + # The relabeling allows the actual service scrape endpoint to be configured + # via the following annotations: + # + # * `prometheus.io/scrape`: Only scrape services that have a value of + # `true`, except if `prometheus.io/scrape-slow` is set to `true` as well. + # * `prometheus.io/scheme`: If the metrics endpoint is secured then you will need + # to set this to `https` & most likely set the `tls_config` of the scrape config. + # * `prometheus.io/path`: If the metrics path is not `/metrics` override this. + # * `prometheus.io/port`: If the metrics are exposed on a different port to the + # service then set this appropriately. + # * `prometheus.io/param_`: If the metrics endpoint uses parameters + # then you can set any parameter + - job_name: 'kubernetes-service-endpoints' + honor_labels: true + kubernetes_sd_configs: + - role: endpoints + namespaces: + names: + - graf # Enter the name of your namespace/project here + relabel_configs: + - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scrape_slow] + action: keep + regex: true + - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scheme] + action: replace + target_label: __scheme__ + regex: (https?) + - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_path] + action: replace + target_label: __metrics_path__ + regex: (.+) + - source_labels: [__address__, __meta_kubernetes_service_annotation_prometheus_io_port] + action: replace + target_label: __address__ + regex: (.+?)(?::\d+)?;(\d+) + replacement: $1:$2 + - action: labelmap + regex: __meta_kubernetes_service_annotation_prometheus_io_param_(.+) + replacement: __param_$1 + - action: labelmap + regex: __meta_kubernetes_service_label_(.+) + - source_labels: [__meta_kubernetes_namespace] + action: replace + target_label: namespace + - source_labels: [__meta_kubernetes_service_name] + action: replace + target_label: service + - source_labels: [__meta_kubernetes_pod_node_name] + action: replace + target_label: node - limits: - memory: 4Gi - requests: - memory: 4Gi + # Example scrape config for pods + # + # The relabeling allows the actual pod scrape endpoint to be configured via the + # following annotations: + # + # * `prometheus.io/scrape`: Only scrape pods that have a value of `true`, + # except if `prometheus.io/scrape-slow` is set to `true` as well. + # * `prometheus.io/scheme`: If the metrics endpoint is secured then you will need + # to set this to `https` & most likely set the `tls_config` of the scrape config. + # * `prometheus.io/path`: If the metrics path is not `/metrics` override this. + # * `prometheus.io/port`: Scrape the pod on the indicated port instead of the default of `9102`. + - job_name: 'kubernetes-pods' + honor_labels: true + kubernetes_sd_configs: + - role: pod + namespaces: + names: + - graf # Enter the name of your namespace/project here + relabel_configs: + - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_scrape] + action: keep + regex: true + - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_scrape_slow] + action: drop + regex: true + - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_scheme] + action: replace + regex: (https?) + target_label: __scheme__ + - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_path] + action: replace + target_label: __metrics_path__ + regex: (.+) + - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_port, __meta_kubernetes_pod_ip] + action: replace + regex: (\d+);(([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}) + replacement: '[$2]:$1' + target_label: __address__ + - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_port, __meta_kubernetes_pod_ip] + action: replace + regex: (\d+);((([0-9]+?)(\.|$)){4}) + replacement: $2:$1 + target_label: __address__ + - action: labelmap + regex: __meta_kubernetes_pod_annotation_prometheus_io_param_(.+) + replacement: __param_$1 + - action: labelmap + regex: __meta_kubernetes_pod_label_(.+) + - source_labels: [__meta_kubernetes_namespace] + action: replace + target_label: namespace + - source_labels: [__meta_kubernetes_pod_name] + action: replace + target_label: pod + - source_labels: [__meta_kubernetes_pod_phase] + regex: Pending|Succeeded|Failed|Completed + action: drop + - source_labels: [__meta_kubernetes_pod_node_name] + action: replace + target_label: node - pvc: - storageSize: 5Gi + alertmanager: + enabled: false + kube-state-metrics: + enabled: false + prometheus-node-exporter: + enabled: false + prometheus-pushgateway: + enabled: false - service: - type: ClusterIP +################## +# Grafana values # +################## grafana: - appName: grafana - image: grafana/grafana:10.2.4 - - limits: - memory: 1Gi - requests: - memory: 1Gi - - random_pw_secret_key: admin-password - secret: - admin-username: admin - admin-password: '{{- include "random_pw_reusable" . -}}' - - pvc: - storageSize: 5Gi - - service: - type: ClusterIP - - route: - tls: - termination: edge - insecureEdgeTerminationPolicy: Redirect \ No newline at end of file + rbac: + create: true + useExistingClusterRole: admin + namespaced: true + + serviceAccount: + create: true + name: grafana + nameTest: grafTest + + securityContext: + runAsUser: + runAsGroup: + fsGroup: + + datasources: + datasources.yaml: + apiVersion: 1 + datasources: + - name: Prometheus + type: prometheus + url: http://{{ .Release.Name }}-prometheus-server + access: proxy + isDefault: true