diff --git a/charts/aoi-helm/Chart.yaml b/charts/aoi-helm/Chart.yaml deleted file mode 100644 index 5c74c60..0000000 --- a/charts/aoi-helm/Chart.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v2 -name: aoi -description: A Helm chart for Netic application operations infrastructure -type: application -version: 0.1.1 -dependencies: - - name: grafana - version: 7.0.9 - repository: https://grafana.github.io/helm-charts - condition: grafana.enabled - - name: victoria-metrics-single - alias: victoria-metrics-single-1 - version: 0.9.12 - repository: https://victoriametrics.github.io/helm-charts/ - - name: victoria-metrics-single - alias: victoria-metrics-single-2 - version: 0.9.12 - repository: https://victoriametrics.github.io/helm-charts/ - condition: global.tsdb.high_availability.enabled diff --git a/charts/aoi-helm/README.md b/charts/aoi-helm/README.md deleted file mode 100644 index 5a3a2a3..0000000 --- a/charts/aoi-helm/README.md +++ /dev/null @@ -1,172 +0,0 @@ -# aoi - -![Version: 0.1.4](https://img.shields.io/badge/Version-0.1.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) - -A Helm chart for Netic application operations infrastructure - -## Requirements - -| Repository | Name | Version | -|------------|------|---------| -| https://grafana.github.io/helm-charts | grafana | 7.0.9 | -| https://victoriametrics.github.io/helm-charts/ | victoria-metrics-single-1(victoria-metrics-single) | 0.9.12 | -| https://victoriametrics.github.io/helm-charts/ | victoria-metrics-single-2(victoria-metrics-single) | 0.9.12 | - -## Values - -| Key | Type | Default | Description | -|-----|------|---------|-------------| -| authProxy.affinity | list | `[]` | | -| authProxy.annotations | object | `{}` | | -| authProxy.enabled | bool | `true` | | -| authProxy.extraArgs | list | `[]` | | -| authProxy.extraEnv | list | `[]` | | -| authProxy.extraEnvFrom | list | `[]` | | -| authProxy.image.registry | string | `"registry.netic.dk"` | | -| authProxy.image.repository | string | `"netic-oaas/cortex-proxy"` | | -| authProxy.image.tag | string | `"v1.0.4"` | | -| authProxy.nodeSelector | object | `{}` | | -| authProxy.podAnnotations | object | `{}` | | -| authProxy.podLabels | object | `{}` | | -| authProxy.podManagementPolicy | string | `"Parallel"` | | -| authProxy.podSecurityContext.fsGroup | int | `2000` | | -| authProxy.podSecurityContext.runAsGroup | int | `3000` | | -| authProxy.podSecurityContext.runAsNonRoot | bool | `true` | | -| authProxy.podSecurityContext.runAsUser | int | `1000` | | -| authProxy.priorityClassName | string | `nil` | | -| authProxy.replicas | int | `1` | | -| authProxy.resources.limits.memory | string | `"64Mi"` | | -| authProxy.resources.requests.cpu | string | `"100m"` | | -| authProxy.resources.requests.memory | string | `"64Mi"` | | -| authProxy.selectorLabels | object | `{}` | | -| authProxy.service.annotations | object | `{}` | | -| authProxy.service.labels | object | `{}` | | -| authProxy.terminationGracePeriodSeconds | int | `30` | | -| authProxy.tolerations | list | `[]` | | -| authProxy.topologySpauthProxyConstraints | list | `[]` | | -| dashboards.bootstrapConfig.externalSecretsStore | object | `{}` | | -| dashboards.bootstrapConfig.git.github.secretRef | string | `"tcs-github-auth"` | | -| dashboards.bootstrapConfig.git.github.template.adminTeam | string | `"oaas-team"` | | -| dashboards.bootstrapConfig.git.github.template.owner | string | `"neticdk-k8s"` | | -| dashboards.bootstrapConfig.git.github.template.repo | string | `"tenant-grafana-template"` | | -| dashboards.bootstrapConfig.vault | object | `{}` | | -| dashboards.projectBootstrap.git | object | `{}` | | -| externalSecret.vaultDataFromKey | string | `nil` | | -| externalSecret.vaultMountPath | string | `nil` | | -| externalSecret.vaultPath | string | `nil` | | -| externalSecret.vaultServer | string | `nil` | | -| global.annotations | object | `{}` | | -| global.clusterDomain | string | `"cluster.local"` | | -| global.containerSecurityContext.allowPrivilegeEscalation | bool | `false` | | -| global.containerSecurityContext.capabilities.drop[0] | string | `"all"` | | -| global.image.pullPolicy | string | `"Always"` | | -| global.imagePullSecrets | list | `[]` | | -| global.podAnnotations | object | `{}` | | -| global.podLabels | object | `{}` | | -| global.priorityClassName | string | `nil` | | -| global.revisionHistoryLimit | int | `5` | | -| global.serviceAnnotations | object | `{}` | | -| global.serviceLabels | object | `{}` | | -| global.tsdb.high_availability.enabled | bool | `false` | | -| grafana.enabled | bool | `true` | | -| grafana.image.pullPolicy | string | `"Always"` | | -| grafana.ingress.enabled | bool | `false` | | -| grafana.ingress.fqdn | string | `nil` | | -| grafana.podPortName | string | `"http"` | | -| grafana.priorityClassName | string | `"secure-cloud-stack-tenant-namespace-application-critical"` | | -| grafana.resources.limits.memory | string | `"256Mi"` | | -| grafana.resources.requests.cpu | string | `"100m"` | | -| grafana.resources.requests.memory | string | `"256Mi"` | | -| grafana.sidecar.dashboards.enabled | bool | `true` | | -| grafana.sidecar.dashboards.folderAnnotation | string | `"grafana_dashboard_folder"` | | -| grafana.sidecar.dashboards.label | string | `"aoi_dashboard"` | | -| grafana.sidecar.dashboards.provider.disableDelete | bool | `true` | | -| grafana.sidecar.dashboards.provider.foldersFromFilesStructure | bool | `true` | | -| grafana.sidecar.dashboards.searchNamespace[0] | string | `"application-operations-dashboards"` | | -| grafana.sidecar.datasources.enabled | bool | `true` | | -| grafana.sidecar.datasources.label | string | `"aoi_grafana_datasource"` | | -| grafana.sidecar.image.pullPolicy | string | `"Always"` | | -| grafana.testFramework.enabled | bool | `false` | | -| prometheus.configReloader.resources.limits.memory | string | `"25Mi"` | | -| prometheus.configReloader.resources.requests.cpu | string | `"10m"` | | -| prometheus.configReloader.resources.requests.memory | string | `"25Mi"` | | -| prometheus.image.registry | string | `"docker.io"` | | -| prometheus.image.repository | string | `"victoriametrics/vmagent"` | | -| prometheus.image.tag | string | `"v1.91.2"` | | -| prometheus.persistence.size | string | `"60Gi"` | | -| prometheus.podSecurityContext.fsGroup | int | `2000` | | -| prometheus.podSecurityContext.runAsGroup | int | `3000` | | -| prometheus.podSecurityContext.runAsNonRoot | bool | `true` | | -| prometheus.podSecurityContext.runAsUser | int | `1000` | | -| prometheus.priorityClassName | string | `nil` | | -| prometheus.relabelConfig | string | `"- source_labels: [cluster_id, namespace]\n separator: _\n regex: (.*)\n target_label: namespace_id\n replacement: $1\n action: replace\n"` | | -| prometheus.resources.limits.memory | string | `"768Mi"` | | -| prometheus.resources.requests.cpu | string | `"100m"` | | -| prometheus.resources.requests.memory | string | `"256Mi"` | | -| promxy.affinity | list | `[]` | | -| promxy.annotations | object | `{}` | | -| promxy.config | string | `"##\n### Promxy configuration\n##\npromxy:\n server_groups:\n - static_configs:\n - targets:\n - victoria-metrics-single-1-server.{{ .Release.Namespace }}.svc.{{ .Values.global.clusterDomain }}:8428\n labels:\n replica: 1\n http_client:\n dial_timeout: 1s\n ignore_error: true\n remote_read: true\n remote_read_path: /api/v1\n - static_configs:\n - targets:\n - victoria-metrics-single-2-server.{{ .Release.Namespace }}.svc.{{ .Values.global.clusterDomain }}:8428\n labels:\n replica: 2\n http_client:\n dial_timeout: 1s\n ignore_error: true\n remote_read: true\n remote_read_path: /api/v1\n"` | | -| promxy.extraArgs | list | `[]` | | -| promxy.extraEnv | list | `[]` | | -| promxy.extraEnvFrom | list | `[]` | | -| promxy.image.registry | string | `"quay.io"` | | -| promxy.image.repository | string | `"jacksontj/promxy"` | | -| promxy.image.tag | string | `"v0.0.84"` | | -| promxy.nodeSelector | object | `{}` | | -| promxy.podAnnotations | object | `{}` | | -| promxy.podLabels | object | `{}` | | -| promxy.podManagementPolicy | string | `"Parallel"` | | -| promxy.podSecurityContext.fsGroup | int | `2000` | | -| promxy.podSecurityContext.runAsGroup | int | `3000` | | -| promxy.podSecurityContext.runAsNonRoot | bool | `true` | | -| promxy.podSecurityContext.runAsUser | int | `1000` | | -| promxy.priorityClassName | string | `nil` | | -| promxy.replicas | int | `1` | | -| promxy.resources.limits.memory | string | `"64Mi"` | | -| promxy.resources.requests.cpu | string | `"50m"` | | -| promxy.resources.requests.memory | string | `"64Mi"` | | -| promxy.selectorLabels | object | `{}` | | -| promxy.service.annotations | object | `{}` | | -| promxy.service.labels | object | `{}` | | -| promxy.terminationGracePeriodSeconds | int | `30` | | -| promxy.tolerations | list | `[]` | | -| promxy.topologySpauthProxyConstraints | list | `[]` | | -| victoria-metrics-single-1.rbac.create | bool | `false` | | -| victoria-metrics-single-1.server.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[0].labelSelector.matchExpressions[0].key | string | `"app.kubernetes.io/name"` | | -| victoria-metrics-single-1.server.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[0].labelSelector.matchExpressions[0].operator | string | `"In"` | | -| victoria-metrics-single-1.server.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[0].labelSelector.matchExpressions[0].values[0] | string | `"victoria-metrics-single-2"` | | -| victoria-metrics-single-1.server.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[0].topologyKey | string | `"topology.kubernetes.io/zone"` | | -| victoria-metrics-single-1.server.image.pullPolicy | string | `"Always"` | | -| victoria-metrics-single-1.server.image.retentionPeriod | string | `"90d"` | | -| victoria-metrics-single-1.server.persistentVolume.size | string | `"100Gi"` | | -| victoria-metrics-single-1.server.podSecurityContext.fsGroup | int | `2000` | | -| victoria-metrics-single-1.server.podSecurityContext.runAsGroup | int | `3000` | | -| victoria-metrics-single-1.server.podSecurityContext.runAsUser | int | `1000` | | -| victoria-metrics-single-1.server.resources.limits.memory | string | `"1024Mi"` | | -| victoria-metrics-single-1.server.resources.requests.cpu | string | `"200m"` | | -| victoria-metrics-single-1.server.resources.requests.memory | string | `"1024Mi"` | | -| victoria-metrics-single-1.server.securityContext.allowPrivilegeEscalation | bool | `false` | | -| victoria-metrics-single-1.server.securityContext.capabilities.drop[0] | string | `"all"` | | -| victoria-metrics-single-1.server.serviceMonitor.enabled | bool | `true` | | -| victoria-metrics-single-1.server.serviceMonitor.extraLabels."netic.dk/monitoring" | string | `"true"` | | -| victoria-metrics-single-2.rbac.create | bool | `false` | | -| victoria-metrics-single-2.server.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[0].labelSelector.matchExpressions[0].key | string | `"app.kubernetes.io/name"` | | -| victoria-metrics-single-2.server.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[0].labelSelector.matchExpressions[0].operator | string | `"In"` | | -| victoria-metrics-single-2.server.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[0].labelSelector.matchExpressions[0].values[0] | string | `"victoria-metrics-single-1"` | | -| victoria-metrics-single-2.server.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[0].topologyKey | string | `"topology.kubernetes.io/zone"` | | -| victoria-metrics-single-2.server.image.pullPolicy | string | `"Always"` | | -| victoria-metrics-single-2.server.image.retentionPeriod | string | `"90d"` | | -| victoria-metrics-single-2.server.persistentVolume.size | string | `"100Gi"` | | -| victoria-metrics-single-2.server.podSecurityContext.fsGroup | int | `2000` | | -| victoria-metrics-single-2.server.podSecurityContext.runAsGroup | int | `3000` | | -| victoria-metrics-single-2.server.podSecurityContext.runAsUser | int | `1000` | | -| victoria-metrics-single-2.server.resources.limits.memory | string | `"1024Mi"` | | -| victoria-metrics-single-2.server.resources.requests.cpu | string | `"200m"` | | -| victoria-metrics-single-2.server.resources.requests.memory | string | `"1024Mi"` | | -| victoria-metrics-single-2.server.securityContext.allowPrivilegeEscalation | bool | `false` | | -| victoria-metrics-single-2.server.securityContext.capabilities.drop[0] | string | `"all"` | | -| victoria-metrics-single-2.server.serviceMonitor.enabled | bool | `true` | | -| victoria-metrics-single-2.server.serviceMonitor.extraLabels."netic.dk/monitoring" | string | `"true"` | | - ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.12.0](https://github.com/norwoodj/helm-docs/releases/v1.12.0) diff --git a/charts/aoi-helm/charts/grafana-7.0.9.tgz b/charts/aoi-helm/charts/grafana-7.0.9.tgz deleted file mode 100644 index 4a8e013..0000000 Binary files a/charts/aoi-helm/charts/grafana-7.0.9.tgz and /dev/null differ diff --git a/charts/aoi-helm/charts/victoria-metrics-single-0.9.12.tgz b/charts/aoi-helm/charts/victoria-metrics-single-0.9.12.tgz deleted file mode 100644 index 9b07207..0000000 Binary files a/charts/aoi-helm/charts/victoria-metrics-single-0.9.12.tgz and /dev/null differ diff --git a/charts/aoi-helm/templates/_helpers.tpl b/charts/aoi-helm/templates/_helpers.tpl deleted file mode 100644 index 4857653..0000000 --- a/charts/aoi-helm/templates/_helpers.tpl +++ /dev/null @@ -1,95 +0,0 @@ -{{/* -Expand the name of the chart. -*/}} -{{- define "aoi.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "aoi.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "aoi.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Common labels -*/}} -{{- define "aoi.labels" -}} -helm.sh/chart: {{ include "aoi.chart" . }} -{{ include "aoi.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "aoi.selectorLabels" -}} -app.kubernetes.io/name: {{ include "aoi.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} - -{{/* -Create the name of the service account to use -*/}} -{{- define "aoi.serviceAccountName" -}} -{{- if .Values.serviceAccount.create }} -{{- default (include "aoi.fullname" .) .Values.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.serviceAccount.name }} -{{- end }} -{{- end }} - -{{/* -Create the hostname for the read path to tsdb. -*/}} -{{- define "aoi.readHost" -}} -{{- if .Values.global.tsdb.high_availability.enabled }} -{{- printf "promxy" }} -{{- else }} -{{- printf "victoria-metrics-single-1-server" }} -{{- end }} -{{- end }} - -{{/* -Create the port for the read path to tsdb. -*/}} -{{- define "aoi.readPort" -}} -{{- if .Values.global.tsdb.high_availability.enabled }} -{{- printf "8082" }} -{{- else }} -{{- printf "8428" }} -{{- end }} -{{- end }} - -{{/* -Grafana read url -*/}} -{{- define "aoi.grafanaReadUrl" -}} -{{- if .Values.authProxy.enabled }} -{{- printf "http://%s-auth-proxy.%s.svc.%s:8080" (include "aoi.name" . ) .Release.Namespace .Values.global.clusterDomain }} -{{- else }} -{{- printf "http://%s-%s.%s.svc.%s:8082" (include "aoi.name" . ) (include "aoi.readHost" . ) .Release.Namespace .Values.global.clusterDomain (include "aoi.readPort" . ) }} -{{- end }} -{{- end }} diff --git a/charts/aoi-helm/templates/application-operations-dashboards/bootstrapconfig.yaml b/charts/aoi-helm/templates/application-operations-dashboards/bootstrapconfig.yaml deleted file mode 100644 index 5c47768..0000000 --- a/charts/aoi-helm/templates/application-operations-dashboards/bootstrapconfig.yaml +++ /dev/null @@ -1,43 +0,0 @@ ---- -apiVersion: project.tcs.trifork.com/v1alpha1 -kind: BootstrapConfig -metadata: - name: application-operations-dashboards - namespace: netic-gitops-system -spec: - sizes: - application-operations-dashboards: - limitRange: - limits: - - type: Container - default: - cpu: "1m" - memory: 1Mi - defaultRequest: - cpu: "1m" - memory: 1Mi - resourceQuota: - hard: - requests.cpu: "0" - requests.memory: "0Gi" - requests.storage: "0Gi" - limits.cpu: "0" - limits.memory: "0Gi" - persistentvolumeclaims: "0" - count/deployments.apps: "0" - - rules: # Role rules for deployment user - - apiGroups: [""] - resources: ["configmaps"] - verbs: ["*"] - - labels: - netic.dk/enforce-policies: "true" - git: - {{- toYaml .Values.dashboards.bootstrapConfig.git | nindent 4 }} - - vault: - {{- toYaml .Values.dashboards.bootstrapConfig.vault | nindent 4 }} - - externalSecretsStore: - {{- toYaml .Values.dashboards.bootstrapConfig.externalSecretsStore | nindent 4 }} \ No newline at end of file diff --git a/charts/aoi-helm/templates/application-operations-dashboards/projectbootstrap.yaml b/charts/aoi-helm/templates/application-operations-dashboards/projectbootstrap.yaml deleted file mode 100644 index e1f9a1e..0000000 --- a/charts/aoi-helm/templates/application-operations-dashboards/projectbootstrap.yaml +++ /dev/null @@ -1,14 +0,0 @@ ---- -apiVersion: project.tcs.trifork.com/v1alpha1 -kind: ProjectBootstrap -metadata: - name: application-operations-dashboards - namespace: netic-gitops-system -spec: - namespace: application-operations-dashboards - config: - ref: application-operations-dashboards - size: application-operations-dashboards - git: - {{- toYaml .Values.dashboards.projectBootstrap.git | nindent 4 }} - metadata: {} diff --git a/charts/aoi-helm/templates/auth-proxy/_helpers-authProxy.tpl b/charts/aoi-helm/templates/auth-proxy/_helpers-authProxy.tpl deleted file mode 100644 index 7e7c2ac..0000000 --- a/charts/aoi-helm/templates/auth-proxy/_helpers-authProxy.tpl +++ /dev/null @@ -1,39 +0,0 @@ -{{/* -authProxy fullname -*/}} -{{- define "aoi.authProxyFullname" -}} -{{ include "aoi.name" . }}-auth-proxy -{{- end }} - -{{/* -authProxy common labels -*/}} -{{- define "aoi.authProxyLabels" -}} -{{ include "aoi.labels" . }} -app.kubernetes.io/component: auth-proxy -{{- end }} - -{{/* -authProxy selector labels -*/}} -{{- define "aoi.authProxySelectorLabels" -}} -{{ include "aoi.selectorLabels" . }} -app.kubernetes.io/component: auth-proxy -{{- end }} - -{{/* -authProxy priority class name -*/}} -{{- define "aoi.authProxyPriorityClassName" -}} -{{- $pcn := coalesce .Values.global.priorityClassName .Values.authProxy.priorityClassName -}} -{{- if $pcn }} -priorityClassName: {{ $pcn }} -{{- end }} -{{- end }} - -{{/* -authProxy upstreamUrl -*/}} -{{- define "aoi.upstreamUrl" -}} -{{- printf "http://%s.%s.svc.%s:%s" (include "aoi.readHost" . ) .Release.Namespace .Values.global.clusterDomain (include "aoi.readPort" . ) }} -{{- end }} \ No newline at end of file diff --git a/charts/aoi-helm/templates/auth-proxy/deployment-auth-proxy.yaml b/charts/aoi-helm/templates/auth-proxy/deployment-auth-proxy.yaml deleted file mode 100644 index 47fa674..0000000 --- a/charts/aoi-helm/templates/auth-proxy/deployment-auth-proxy.yaml +++ /dev/null @@ -1,93 +0,0 @@ -{{- if .Values.authProxy.enabled }} ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "aoi.authProxyFullname" . }} - namespace: {{ $.Release.Namespace }} - labels: - {{- include "aoi.authProxyLabels" . | nindent 4 }} - annotations: - {{- with .Values.global.annotations }} - {{- toYaml . | nindent 4 }} - {{- end }} - {{- with .Values.authProxy.annotations }} - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - replicas: {{ .Values.authProxy.replicas }} - strategy: - rollingUpdate: - maxSurge: 0 - maxUnavailable: 1 - revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} - selector: - matchLabels: - {{- include "aoi.authProxySelectorLabels" . | nindent 6 }} - template: - metadata: - annotations: - {{- with .Values.global.podAnnotations }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.authProxy.podAnnotations }} - {{- toYaml . | nindent 8 }} - {{- end }} - labels: - {{- include "aoi.authProxySelectorLabels" . | nindent 8 }} - {{- with .Values.global.podLabels }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.authProxy.podLabels }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.authProxy.selectorLabels }} - {{- tpl (toYaml .) $ | nindent 8 }} - {{- end }} - spec: - {{- with .Values.global.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- include "aoi.authProxyPriorityClassName" . | nindent 6 }} - securityContext: - {{- toYaml .Values.authProxy.podSecurityContext | nindent 8 }} - terminationGracePeriodSeconds: {{ .Values.authProxy.terminationGracePeriodSeconds }} - containers: - - name: proxy - image: "{{ .Values.authProxy.image.registry }}/{{ .Values.authProxy.image.repository }}:{{ .Values.authProxy.image.tag }}" - imagePullPolicy: {{ .Values.global.image.pullPolicy }} - args: - - --upstream={{ include "aoi.upstreamUrl" . }} - {{- with .Values.authProxy.extraArgs }} - {{- toYaml . | nindent 12 }} - {{- end }} - ports: - - name: http - containerPort: 8080 - protocol: TCP - {{- with .Values.authProxy.extraEnv }} - env: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.authProxy.extraEnvFrom }} - envFrom: - {{- toYaml . | nindent 12 }} - {{- end }} - securityContext: - {{- toYaml .Values.global.containerSecurityContext | nindent 12 }} - resources: - {{- toYaml .Values.authProxy.resources | nindent 12 }} - {{- with .Values.authProxy.affinity }} - affinity: - {{- tpl . $ | nindent 8 }} - {{- end }} - {{- with .Values.authProxy.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.authProxy.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} -{{- end }} diff --git a/charts/aoi-helm/templates/auth-proxy/service-auth-proxy.yaml b/charts/aoi-helm/templates/auth-proxy/service-auth-proxy.yaml deleted file mode 100644 index a559ee0..0000000 --- a/charts/aoi-helm/templates/auth-proxy/service-auth-proxy.yaml +++ /dev/null @@ -1,32 +0,0 @@ -{{- if .Values.authProxy.enabled }} ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ include "aoi.authProxyFullname" . }} - namespace: {{ $.Release.Namespace }} - labels: - {{- include "aoi.authProxyLabels" . | nindent 4 }} - {{- with .Values.global.serviceLabels }} - {{- toYaml . | nindent 4}} - {{- end }} - {{- with .Values.authProxy.service.labels }} - {{- toYaml . | nindent 4}} - {{- end }} - annotations: - {{- with .Values.global.serviceAnnotations }} - {{- toYaml . | nindent 4}} - {{- end }} - {{- with .Values.authProxy.service.annotations }} - {{- toYaml . | nindent 4}} - {{- end }} -spec: - type: ClusterIP - ports: - - name: http - port: 8080 - targetPort: http - protocol: TCP - selector: - {{- include "aoi.authProxySelectorLabels" . | nindent 4 }} -{{- end }} \ No newline at end of file diff --git a/charts/aoi-helm/templates/externalsecrets.yaml b/charts/aoi-helm/templates/externalsecrets.yaml deleted file mode 100644 index 1a36f64..0000000 --- a/charts/aoi-helm/templates/externalsecrets.yaml +++ /dev/null @@ -1,51 +0,0 @@ ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: external-secrets - namespace: {{ .Release.Namespace }} -secrets: - - name: external-secrets-token ---- -apiVersion: v1 -kind: Secret -metadata: - name: external-secrets-token - namespace: {{ .Release.Namespace }} - annotations: - kubernetes.io/service-account.name: external-secrets -type: kubernetes.io/service-account-token ---- -apiVersion: external-secrets.io/v1beta1 -kind: SecretStore -metadata: - name: vault - namespace: {{ .Release.Namespace }} -spec: - provider: - vault: - server: {{ .Values.externalSecret.vaultServer }} - path: {{ .Values.externalSecret.vaultPath }} - version: "v2" - auth: - kubernetes: - mountPath: {{ .Values.externalSecret.vaultMountPath }} - role: "external-secrets" - serviceAccountRef: - name: "external-secrets" ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: aoi-grafana-oidc - namespace: {{ .Release.Namespace }} -spec: - refreshInterval: "60s" - secretStoreRef: - name: vault - kind: SecretStore - target: - name: aoi-grafana-oidc - dataFrom: - - extract: - key: {{ .Values.externalSecret.vaultDataFromKey }} diff --git a/charts/aoi-helm/templates/grafana-datasource.yaml b/charts/aoi-helm/templates/grafana-datasource.yaml deleted file mode 100644 index a9b35c1..0000000 --- a/charts/aoi-helm/templates/grafana-datasource.yaml +++ /dev/null @@ -1,20 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: aoi-grafana-datasources - namespace: {{ .Release.Namespace }} - labels: - aoi_grafana_datasource: "1" -data: - datasource.yaml: | - apiVersion: 1 - datasources: - - name: VictoriaMetrics - uid: victoriametrics - type: prometheus - url: {{ include "aoi.grafanaReadUrl" . }} - access: proxy - isDefault: true - jsonData: - oauthPassThru: true diff --git a/charts/aoi-helm/templates/ingress.yaml b/charts/aoi-helm/templates/ingress.yaml deleted file mode 100644 index 8ac5149..0000000 --- a/charts/aoi-helm/templates/ingress.yaml +++ /dev/null @@ -1,28 +0,0 @@ -{{- if .Values.grafana.ingress.enabled }} ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - annotations: - cert-manager.io/cluster-issuer: letsencrypt - kubernetes.io/tls-acme: "true" - name: {{ include "aoi.name" . }}-grafana-ingress - namespace: {{ $.Release.Namespace }} -spec: - rules: - - host: {{ include ".Values.grafana.ingress.fqdn" . }} - http: - paths: - - backend: - service: - name: {{ include "aoi.name" . }}-grafana - port: - name: service - path: / - pathType: Prefix - tls: - - hosts: - - {{ include ".Values.grafana.ingress.fqdn" . }} - secretName: {{ include "aoi.name" . }}-grafana-ingress-tls - -{{- end }} diff --git a/charts/aoi-helm/templates/prometheus/_helpers-prometheus.tpl b/charts/aoi-helm/templates/prometheus/_helpers-prometheus.tpl deleted file mode 100644 index 13689ec..0000000 --- a/charts/aoi-helm/templates/prometheus/_helpers-prometheus.tpl +++ /dev/null @@ -1,58 +0,0 @@ -{{/* -prometheus fullname -*/}} -{{- define "aoi.prometheusFullname" -}} -{{ include "aoi.name" . }}-prometheus -{{- end }} - -{{/* -prometheus common labels -*/}} -{{- define "aoi.prometheusLabels" -}} -{{ include "aoi.labels" . }} -app.kubernetes.io/component: prometheus -{{- end }} - -{{/* -prometheus selector labels -*/}} -{{- define "aoi.prometheusSelectorLabels" -}} -{{ include "aoi.selectorLabels" . }} -app.kubernetes.io/component: prometheus -{{- end }} - -{{/* -prometheus priority class name -*/}} -{{- define "aoi.prometheusPriorityClassName" -}} -{{- $pcn := coalesce .Values.global.priorityClassName .Values.prometheus.priorityClassName -}} -{{- if $pcn }} -priorityClassName: {{ $pcn }} -{{- end }} -{{- end }} - - -{{/* -Create remotewrite url for tsdb. -*/}} -{{- define "aoi.prometheusWriteUrl" -}} -{{- if .Values.global.tsdb.high_availability.enabled }} -{{- printf "http://victoria-metrics-single-1-server:8428/api/v1/write,http://victoria-metrics-single-2-server:8428/api/v1/write" }} -{{- else }} -{{- printf "http://victoria-metrics-single-1-server:8428/api/v1/write" }} -{{- end }} -{{- end }} - -{{/* -Create remotewrite.MaxDiskUsagePerURL for vmagent. -*/}} -{{- define "aoi.prometheusMaxDiskUsagePerURL" -}} -{{- $diskSize := trimSuffix "Gi" .Values.prometheus.persistence.size | int64 }} -{{- if .Values.global.tsdb.high_availability.enabled }} -{{- $ModifiedDiskSize := div (sub $diskSize 10) 2 | toString}} -{{- printf "%sGB,%sGB" $ModifiedDiskSize $ModifiedDiskSize }} -{{- else }} -{{- $ModifiedDiskSize := sub $diskSize 10 | toString}} -{{- printf "%sGB" $ModifiedDiskSize }} -{{- end }} -{{- end }} \ No newline at end of file diff --git a/charts/aoi-helm/templates/prometheus/clusterrole.yaml b/charts/aoi-helm/templates/prometheus/clusterrole.yaml deleted file mode 100644 index 4a2d065..0000000 --- a/charts/aoi-helm/templates/prometheus/clusterrole.yaml +++ /dev/null @@ -1,32 +0,0 @@ ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ include "aoi.prometheusFullname" . }} -rules: - - apiGroups: - - "" - resources: - - nodes - - nodes/metrics - - services - - endpoints - - pods - verbs: - - get - - list - - watch - - apiGroups: - - extensions - - networking.k8s.io - resources: - - ingresses - verbs: - - get - - list - - watch - - nonResourceURLs: - - /metrics - - /metrics/cadvisor - verbs: - - get diff --git a/charts/aoi-helm/templates/prometheus/clusterrolebinding.yaml b/charts/aoi-helm/templates/prometheus/clusterrolebinding.yaml deleted file mode 100644 index be07c05..0000000 --- a/charts/aoi-helm/templates/prometheus/clusterrolebinding.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ include "aoi.prometheusFullname" . }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ include "aoi.prometheusFullname" . }} -subjects: - - kind: ServiceAccount - name: prometheus - namespace: {{ .Release.Namespace }} diff --git a/charts/aoi-helm/templates/prometheus/prometheus-relabel.yaml b/charts/aoi-helm/templates/prometheus/prometheus-relabel.yaml deleted file mode 100644 index 9b796f1..0000000 --- a/charts/aoi-helm/templates/prometheus/prometheus-relabel.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: remote-write-relabel - namespace: {{ .Release.Namespace }} -data: - relabel_config.yaml: | - {{- tpl .Values.prometheus.relabelConfig . | nindent 4 }} \ No newline at end of file diff --git a/charts/aoi-helm/templates/prometheus/prometheus.yaml b/charts/aoi-helm/templates/prometheus/prometheus.yaml deleted file mode 100644 index fafd9e5..0000000 --- a/charts/aoi-helm/templates/prometheus/prometheus.yaml +++ /dev/null @@ -1,70 +0,0 @@ ---- -apiVersion: monitoring.coreos.com/v1 -kind: Prometheus -metadata: - name: {{ include "aoi.prometheusFullname" . }} - namespace: {{ .Release.Namespace }} -spec: - configMaps: - - remote-write-relabel - containers: - - name: prometheus - args: - - -httpListenAddr=:9090 - - -promscrape.config=/etc/prometheus/config_out/prometheus.env.yaml - - -promscrape.config.strictParse=false - - -remoteWrite.url={{- include "aoi.prometheusWriteUrl" . }} - - -remoteWrite.urlRelabelConfig=/etc/prometheus/configmaps/remote-write-relabel/relabel_config.yaml - - -remoteWrite.tmpDataPath=/prometheus - - -remoteWrite.maxDiskUsagePerURL={{- include "aoi.prometheusMaxDiskUsagePerURL" . }} - image: "{{ .Values.prometheus.image.registry }}/{{ .Values.prometheus.image.repository }}:{{ .Values.prometheus.image.tag }}" - - name: config-reloader - resources: - {{- toYaml .Values.prometheus.configReloader.resources | nindent 8 }} - evaluationInterval: 30s - externalLabels: - cluster_id: "${cluster_provider}_${cluster_name}" - cluster: ${cluster_name} - cluster_type: "${cluster_type}" - prometheus_cluster: ${cluster_name}/aoi-prometheus - provider: "${cluster_provider}" - podMetadata: - labels: - {{- include "aoi.prometheusSelectorLabels" . | nindent 6 }} - {{- with .Values.global.podLabels }} - {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.prometheus.podLabels }} - {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.prometheus.selectorLabels }} - {{- tpl (toYaml .) $ | nindent 6 }} - {{- end }} - podMonitorNamespaceSelector: - matchLabels: {} - podMonitorSelector: - matchLabels: {} - ruleNamespaceSelector: - matchLabels: {} - ruleSelector: - matchLabels: {} - serviceMonitorNamespaceSelector: - matchLabels: {} - serviceMonitorSelector: - matchLabels: {} - portName: web - {{- include "aoi.prometheusPriorityClassName" . | nindent 2 }} - replicas: 1 - resources: - {{- toYaml .Values.prometheus.resources | nindent 4 }} - storage: - volumeClaimTemplate: - spec: - resources: - requests: - storage: {{ .Values.prometheus.persistence.size }} - scrapeInterval: 30s - securityContext: - {{- toYaml .Values.prometheus.podSecurityContext | nindent 4 }} - serviceAccountName: prometheus - version: v2.39.0 diff --git a/charts/aoi-helm/templates/prometheus/sa.yaml b/charts/aoi-helm/templates/prometheus/sa.yaml deleted file mode 100644 index d96879d..0000000 --- a/charts/aoi-helm/templates/prometheus/sa.yaml +++ /dev/null @@ -1,6 +0,0 @@ ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: prometheus - namespace: {{ .Release.Namespace }} \ No newline at end of file diff --git a/charts/aoi-helm/templates/promxy/_helpers-promxy.tpl b/charts/aoi-helm/templates/promxy/_helpers-promxy.tpl deleted file mode 100644 index 7a3038b..0000000 --- a/charts/aoi-helm/templates/promxy/_helpers-promxy.tpl +++ /dev/null @@ -1,32 +0,0 @@ -{{/* -promxy fullname -*/}} -{{- define "aoi.promxyFullname" -}} -{{ include "aoi.name" . }}-promxy -{{- end }} - -{{/* -promxy common labels -*/}} -{{- define "aoi.promxyLabels" -}} -{{ include "aoi.labels" . }} -app.kubernetes.io/component: promxy -{{- end }} - -{{/* -promxy selector labels -*/}} -{{- define "aoi.promxySelectorLabels" -}} -{{ include "aoi.selectorLabels" . }} -app.kubernetes.io/component: promxy -{{- end }} - -{{/* -promxy priority class name -*/}} -{{- define "aoi.promxyPriorityClassName" -}} -{{- $pcn := coalesce .Values.global.priorityClassName .Values.promxy.priorityClassName -}} -{{- if $pcn }} -priorityClassName: {{ $pcn }} -{{- end }} -{{- end }} diff --git a/charts/aoi-helm/templates/promxy/configmap-promxy.yaml b/charts/aoi-helm/templates/promxy/configmap-promxy.yaml deleted file mode 100644 index b444029..0000000 --- a/charts/aoi-helm/templates/promxy/configmap-promxy.yaml +++ /dev/null @@ -1,13 +0,0 @@ -{{- if .Values.global.tsdb.high_availability.enabled }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "aoi.promxyFullname" . }}-config - namespace: {{ .Release.Namespace }} - labels: - {{- include "aoi.promxyLabels" . | nindent 4 }} -data: - config.yaml: | - {{- tpl .Values.promxy.config . | nindent 4 }} -{{- end }} \ No newline at end of file diff --git a/charts/aoi-helm/templates/promxy/deployment-promxy.yaml b/charts/aoi-helm/templates/promxy/deployment-promxy.yaml deleted file mode 100644 index ae55ef7..0000000 --- a/charts/aoi-helm/templates/promxy/deployment-promxy.yaml +++ /dev/null @@ -1,122 +0,0 @@ -{{- if .Values.global.tsdb.high_availability.enabled }} ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "aoi.promxyFullname" . }} - namespace: {{ $.Release.Namespace }} - labels: - {{- include "aoi.promxyLabels" . | nindent 4 }} - annotations: - {{- with .Values.global.annotations }} - {{- toYaml . | nindent 4 }} - {{- end }} - {{- with .Values.promxy.annotations }} - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - replicas: {{ .Values.promxy.replicas }} - strategy: - rollingUpdate: - maxSurge: 0 - maxUnavailable: 1 - revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} - selector: - matchLabels: - {{- include "aoi.promxySelectorLabels" . | nindent 6 }} - template: - metadata: - annotations: - {{- with .Values.global.podAnnotations }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.promxy.podAnnotations }} - {{- toYaml . | nindent 8 }} - {{- end }} - labels: - {{- include "aoi.promxySelectorLabels" . | nindent 8 }} - {{- with .Values.global.podLabels }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.promxy.podLabels }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.promxy.selectorLabels }} - {{- tpl (toYaml .) $ | nindent 8 }} - {{- end }} - spec: - {{- with .Values.global.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- include "aoi.promxyPriorityClassName" . | nindent 6 }} - securityContext: - {{- toYaml .Values.promxy.podSecurityContext | nindent 8 }} - terminationGracePeriodSeconds: {{ .Values.promxy.terminationGracePeriodSeconds }} - containers: - - name: proxy - image: "{{ .Values.promxy.image.registry }}/{{ .Values.promxy.image.repository }}:{{ .Values.promxy.image.tag }}" - imagePullPolicy: {{ .Values.global.image.pullPolicy }} - args: - - --config=/etc/promxy/config.yaml - - --log-level=info - {{- with .Values.promxy.extraArgs }} - {{- toYaml . | nindent 12 }} - {{- end }} - command: - - /bin/promxy - livenessProbe: - failureThreshold: 6 - httpGet: - path: /-/healthy - port: http - scheme: HTTP - periodSeconds: 5 - successThreshold: 1 - timeoutSeconds: 3 - readinessProbe: - failureThreshold: 120 - httpGet: - path: /-/ready - port: http - scheme: HTTP - periodSeconds: 5 - successThreshold: 1 - timeoutSeconds: 3 - ports: - - name: http - containerPort: 8082 - protocol: TCP - volumeMounts: - - mountPath: "/etc/promxy/" - name: aoi-promxy-config - readOnly: true - {{- with .Values.promxy.extraEnv }} - env: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.promxy.extraEnvFrom }} - envFrom: - {{- toYaml . | nindent 12 }} - {{- end }} - securityContext: - {{- toYaml .Values.global.containerSecurityContext | nindent 12 }} - resources: - {{- toYaml .Values.promxy.resources | nindent 12 }} - {{- with .Values.promxy.affinity }} - affinity: - {{- tpl . $ | nindent 8 }} - {{- end }} - {{- with .Values.promxy.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.promxy.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - volumes: - - configMap: - name: aoi-promxy-config - name: aoi-promxy-config -{{- end }} diff --git a/charts/aoi-helm/templates/promxy/service-auth-promxy.yaml b/charts/aoi-helm/templates/promxy/service-auth-promxy.yaml deleted file mode 100644 index 0ad2fbe..0000000 --- a/charts/aoi-helm/templates/promxy/service-auth-promxy.yaml +++ /dev/null @@ -1,32 +0,0 @@ -{{- if .Values.global.tsdb.high_availability.enabled }} ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ include "aoi.promxyFullname" . }} - namespace: {{ $.Release.Namespace }} - labels: - {{- include "aoi.promxyLabels" . | nindent 4 }} - {{- with .Values.global.serviceLabels }} - {{- toYaml . | nindent 4}} - {{- end }} - {{- with .Values.promxy.service.labels }} - {{- toYaml . | nindent 4}} - {{- end }} - annotations: - {{- with .Values.global.serviceAnnotations }} - {{- toYaml . | nindent 4}} - {{- end }} - {{- with .Values.promxy.service.annotations }} - {{- toYaml . | nindent 4}} - {{- end }} -spec: - type: ClusterIP - ports: - - name: http - port: 8082 - targetPort: http - protocol: TCP - selector: - {{- include "aoi.promxySelectorLabels" . | nindent 4 }} -{{- end }} \ No newline at end of file diff --git a/charts/aoi-helm/values.yaml b/charts/aoi-helm/values.yaml deleted file mode 100644 index a5a499a..0000000 --- a/charts/aoi-helm/values.yaml +++ /dev/null @@ -1,285 +0,0 @@ -global: - clusterDomain: "cluster.local" - tsdb: - high_availability: - enabled: false - priorityClassName: null - serviceLabels: {} - serviceAnnotations: {} - image: - pullPolicy: Always - revisionHistoryLimit: 5 - annotations: {} - podAnnotations: {} - podLabels: {} - imagePullSecrets: [] - containerSecurityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - all - -dashboards: - bootstrapConfig: - git: - github: - secretRef: tcs-github-auth - template: - adminTeam: oaas-team - owner: neticdk-k8s - repo: tenant-grafana-template - vault: {} - externalSecretsStore: {} - projectBootstrap: - git: {} - -authProxy: - enabled: true - replicas: 1 - image: - registry: registry.netic.dk - repository: netic-oaas/cortex-proxy - tag: v1.0.4 - priorityClassName: null - annotations: {} - podAnnotations: {} - podLabels: {} - selectorLabels: {} - podSecurityContext: - runAsUser: 1000 - runAsGroup: 3000 - fsGroup: 2000 - runAsNonRoot: true - service: - annotations: {} - labels: {} - extraArgs: [] - extraEnv: [] - extraEnvFrom: [] - resources: - limits: - memory: 64Mi - requests: - cpu: 100m - memory: 64Mi - terminationGracePeriodSeconds: 30 - affinity: [] - nodeSelector: {} - topologySpauthProxyConstraints: [] - tolerations: [] - podManagementPolicy: "Parallel" - - -prometheus: - image: - registry: docker.io - repository: victoriametrics/vmagent - tag: v1.91.2 - resources: - limits: - memory: 768Mi - requests: - cpu: 100m - memory: 256Mi - priorityClassName: null - podSecurityContext: - runAsUser: 1000 - runAsGroup: 3000 - fsGroup: 2000 - runAsNonRoot: true - relabelConfig: | - - source_labels: [cluster_id, namespace] - separator: _ - regex: (.*) - target_label: namespace_id - replacement: $1 - action: replace - persistence: - size: 60Gi - configReloader: - resources: - limits: - memory: 25Mi - requests: - cpu: 10m - memory: 25Mi - -promxy: - replicas: 1 - image: - registry: quay.io - repository: jacksontj/promxy - tag: v0.0.84 - priorityClassName: null - annotations: {} - podAnnotations: {} - podLabels: {} - selectorLabels: {} - podSecurityContext: - runAsUser: 1000 - runAsGroup: 3000 - fsGroup: 2000 - runAsNonRoot: true - service: - annotations: {} - labels: {} - extraArgs: [] - extraEnv: [] - extraEnvFrom: [] - resources: - limits: - memory: 64Mi - requests: - cpu: 50m - memory: 64Mi - terminationGracePeriodSeconds: 30 - affinity: [] - nodeSelector: {} - topologySpauthProxyConstraints: [] - tolerations: [] - podManagementPolicy: "Parallel" - config: | - ## - ### Promxy configuration - ## - promxy: - server_groups: - - static_configs: - - targets: - - victoria-metrics-single-1-server.{{ .Release.Namespace }}.svc.{{ .Values.global.clusterDomain }}:8428 - labels: - replica: 1 - http_client: - dial_timeout: 1s - ignore_error: true - remote_read: true - remote_read_path: /api/v1 - - static_configs: - - targets: - - victoria-metrics-single-2-server.{{ .Release.Namespace }}.svc.{{ .Values.global.clusterDomain }}:8428 - labels: - replica: 2 - http_client: - dial_timeout: 1s - ignore_error: true - remote_read: true - remote_read_path: /api/v1 - - -externalSecret: - vaultServer: null - vaultPath: null - vaultMountPath: null - vaultDataFromKey: null - -grafana: - enabled: true - image: - pullPolicy: Always - testFramework: - enabled: false - priorityClassName: "secure-cloud-stack-tenant-namespace-application-critical" - resources: - limits: - memory: 256Mi - requests: - cpu: 100m - memory: 256Mi - podPortName: http - sidecar: - image: - pullPolicy: Always - dashboards: - enabled: true - label: aoi_dashboard - searchNamespace: - - application-operations-dashboards - folderAnnotation: grafana_dashboard_folder - provider: - disableDelete: true - foldersFromFilesStructure: true - datasources: - enabled: true - label: aoi_grafana_datasource - ingress: - enabled: false - fqdn: null - - -victoria-metrics-single-1: - rbac: - create: false - server: - image: - pullPolicy: Always - retentionPeriod: 90d - affinity: - podAntiAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - - labelSelector: - matchExpressions: - - key: app.kubernetes.io/name - operator: In - values: - - victoria-metrics-single-2 - topologyKey: topology.kubernetes.io/zone - persistentVolume: - size: 100Gi - resources: - limits: - memory: 1024Mi - requests: - cpu: 200m - memory: 1024Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - all - podSecurityContext: - runAsUser: 1000 - runAsGroup: 3000 - fsGroup: 2000 - serviceMonitor: - enabled: true - extraLabels: - netic.dk/monitoring: "true" - -victoria-metrics-single-2: - rbac: - create: false - server: - image: - pullPolicy: Always - retentionPeriod: 90d - affinity: - podAntiAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - - labelSelector: - matchExpressions: - - key: app.kubernetes.io/name - operator: In - values: - - victoria-metrics-single-1 - topologyKey: topology.kubernetes.io/zone - persistentVolume: - size: 100Gi - resources: - limits: - memory: 1024Mi - requests: - cpu: 200m - memory: 1024Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - all - podSecurityContext: - runAsUser: 1000 - runAsGroup: 3000 - fsGroup: 2000 - serviceMonitor: - enabled: true - extraLabels: - netic.dk/monitoring: "true"