From 1b3dbe36eb56ed5a28d9e83f37abd3dc29f52289 Mon Sep 17 00:00:00 2001 From: Stefan Reimer Date: Mon, 22 Mar 2021 10:23:27 +0100 Subject: [PATCH] Version bump of kube-prometheus stack --- charts/kubezero-metrics/Chart.yaml | 4 +- .../charts/kube-prometheus-stack/Chart.yaml | 8 ++-- .../charts/kube-prometheus-stack/README.md | 17 ++++++++- .../charts/grafana/Chart.yaml | 4 +- .../charts/grafana/README.md | 12 ++++-- .../charts/grafana/templates/_helpers.tpl | 3 ++ .../charts/grafana/templates/_pod.tpl | 7 +++- .../charts/grafana/templates/configmap.yaml | 10 ++++- .../charts/grafana/templates/ingress.yaml | 28 ++++++++++++-- .../charts/grafana/values.yaml | 24 +++++++++++- .../prometheus-node-exporter/Chart.yaml | 4 +- .../templates/daemonset.yaml | 12 +++++- .../prometheus-node-exporter/values.yaml | 18 ++++++++- .../crds/crd-alertmanagerconfigs.yaml | 4 +- .../crds/crd-alertmanagers.yaml | 4 +- .../crds/crd-podmonitors.yaml | 4 +- .../crds/crd-probes.yaml | 35 ++++++++++++++++- .../crds/crd-prometheuses.yaml | 9 ++++- .../crds/crd-prometheusrules.yaml | 2 +- .../crds/crd-servicemonitors.yaml | 4 +- .../crds/crd-thanosrulers.yaml | 6 ++- .../templates/prometheus/_rules.tpl | 38 +++++++++++++++++++ .../templates/prometheus/prometheus.yaml | 13 +++++-- .../prometheus/serviceThanosSIdecar.yaml | 5 ++- .../charts/kube-prometheus-stack/values.yaml | 35 +++++++++++------ charts/kubezero-metrics/update.sh | 2 +- 26 files changed, 261 insertions(+), 51 deletions(-) create mode 100644 charts/kubezero-metrics/charts/kube-prometheus-stack/templates/prometheus/_rules.tpl diff --git a/charts/kubezero-metrics/Chart.yaml b/charts/kubezero-metrics/Chart.yaml index dee19cf3..b7f3ae8e 100644 --- a/charts/kubezero-metrics/Chart.yaml +++ b/charts/kubezero-metrics/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: kubezero-metrics description: KubeZero Umbrella Chart for prometheus-operator type: application -version: 0.3.2 +version: 0.3.3 home: https://kubezero.com icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png keywords: @@ -16,7 +16,7 @@ dependencies: version: ">= 0.1.3" repository: https://zero-down-time.github.io/kubezero/ - name: kube-prometheus-stack - version: 13.13.0 + version: 14.3.0 # Switch back to upstream once all alerts are fixed eg. etcd gpcr # repository: https://prometheus-community.github.io/helm-charts - name: prometheus-adapter diff --git a/charts/kubezero-metrics/charts/kube-prometheus-stack/Chart.yaml b/charts/kubezero-metrics/charts/kube-prometheus-stack/Chart.yaml index a3e49b1c..332b01ec 100644 --- a/charts/kubezero-metrics/charts/kube-prometheus-stack/Chart.yaml +++ b/charts/kubezero-metrics/charts/kube-prometheus-stack/Chart.yaml @@ -6,7 +6,7 @@ annotations: url: https://github.com/prometheus-operator/kube-prometheus artifacthub.io/operator: "true" apiVersion: v2 -appVersion: 0.45.0 +appVersion: 0.46.0 dependencies: - condition: kubeStateMetrics.enabled name: kube-state-metrics @@ -15,11 +15,11 @@ dependencies: - condition: nodeExporter.enabled name: prometheus-node-exporter repository: https://prometheus-community.github.io/helm-charts - version: 1.14.* + version: 1.16.* - condition: grafana.enabled name: grafana repository: https://grafana.github.io/helm-charts - version: 6.4.* + version: 6.6.* description: kube-prometheus-stack collects Kubernetes manifests, Grafana dashboards, and Prometheus rules combined with documentation and scripts to provide easy to operate end-to-end Kubernetes cluster monitoring with Prometheus using the Prometheus Operator. home: https://github.com/prometheus-operator/kube-prometheus icon: https://raw.githubusercontent.com/prometheus/prometheus.github.io/master/assets/prometheus_logo-cb55bb5c346.png @@ -44,4 +44,4 @@ sources: - https://github.com/prometheus-community/helm-charts - https://github.com/prometheus-operator/kube-prometheus type: application -version: 13.13.0 +version: 14.3.0 diff --git a/charts/kubezero-metrics/charts/kube-prometheus-stack/README.md b/charts/kubezero-metrics/charts/kube-prometheus-stack/README.md index 68c1f821..2d19cbba 100644 --- a/charts/kubezero-metrics/charts/kube-prometheus-stack/README.md +++ b/charts/kubezero-metrics/charts/kube-prometheus-stack/README.md @@ -83,13 +83,28 @@ _See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documen A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an incompatible breaking change needing manual actions. +### From 13.x to 14.x + +Version 14 upgrades prometheus-operator from 0.45.x to 0.46.x. Helm does not automatically upgrade or install new CRDs on a chart upgrade, so you have to install the CRDs manually before updating: + +```console +kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.46.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml +kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.46.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml +kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.46.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml +kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.46.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml +kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.46.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml +kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.46.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml +kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.46.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml +``` + ### From 12.x to 13.x -Version 12 upgrades prometheus-operator from 0.44.x to 0.45.x. Helm does not automatically upgrade or install new CRDs on a chart upgrade, so you have to install the CRD manually before updating: +Version 13 upgrades prometheus-operator from 0.44.x to 0.45.x. Helm does not automatically upgrade or install new CRDs on a chart upgrade, so you have to install the CRD manually before updating: ```console kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.45.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.45.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml +kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.45.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml ``` ### From 11.x to 12.x diff --git a/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/grafana/Chart.yaml b/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/grafana/Chart.yaml index bd2ea661..bce2e76f 100644 --- a/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/grafana/Chart.yaml +++ b/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/grafana/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -appVersion: 7.4.2 +appVersion: 7.4.3 description: The leading tool for querying and visualizing time series and metrics. home: https://grafana.net icon: https://raw.githubusercontent.com/grafana/grafana/master/public/img/logo_transparent_400x.png @@ -19,4 +19,4 @@ name: grafana sources: - https://github.com/grafana/grafana type: application -version: 6.4.4 +version: 6.6.3 diff --git a/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/grafana/README.md b/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/grafana/README.md index 815f6fa5..c40b0990 100644 --- a/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/grafana/README.md +++ b/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/grafana/README.md @@ -59,8 +59,8 @@ This version requires Helm >= 3.1.0. | `securityContext` | Deployment securityContext | `{"runAsUser": 472, "runAsGroup": 472, "fsGroup": 472}` | | `priorityClassName` | Name of Priority Class to assign pods | `nil` | | `image.repository` | Image repository | `grafana/grafana` | -| `image.tag` | Image tag (`Must be >= 5.0.0`) | `7.4.2` | -| `image.sha` | Image sha (optional) | `17cbd08b9515fda889ca959e9d72ee6f3327c8f1844a3336dfd952134f38e2fe` | +| `image.tag` | Image tag (`Must be >= 5.0.0`) | `7.4.3` | +| `image.sha` | Image sha (optional) | `16dc29783ec7d4a23fa19207507586344c6797023604347eb3e8ea5ae431e181` | | `image.pullPolicy` | Image pull policy | `IfNotPresent` | | `image.pullSecrets` | Image pull secrets | `{}` | | `service.type` | Kubernetes service type | `ClusterIP` | @@ -80,6 +80,7 @@ This version requires Helm >= 3.1.0. | `ingress.annotations` | Ingress annotations (values are templated) | `{}` | | `ingress.labels` | Custom labels | `{}` | | `ingress.path` | Ingress accepted path | `/` | +| `ingress.pathType` | Ingress type of path | `Prefix` | | `ingress.hosts` | Ingress accepted hostnames | `["chart-example.local"]` | | `ingress.extraPaths` | Ingress extra paths to prepend to every host configuration. Useful when configuring [custom actions with AWS ALB Ingress Controller](https://kubernetes-sigs.github.io/aws-alb-ingress-controller/guide/ingress/annotation/#actions). | `[]` | | `ingress.tls` | Ingress TLS configuration | `[]` | @@ -90,6 +91,7 @@ This version requires Helm >= 3.1.0. | `extraInitContainers` | Init containers to add to the grafana pod | `{}` | | `extraContainers` | Sidecar containers to add to the grafana pod | `{}` | | `extraContainerVolumes` | Volumes that can be mounted in sidecar containers | `[]` | +| `extraLabels` | Custom labels for all manifests | `{}` | | `schedulerName` | Name of the k8s scheduler (other than default) | `nil` | | `persistence.enabled` | Use persistent volume to store data | `false` | | `persistence.type` | Type of persistence (`pvc` or `statefulset`) | `pvc` | @@ -133,7 +135,7 @@ This version requires Helm >= 3.1.0. | `podLabels` | Pod labels | `{}` | | `podPortName` | Name of the grafana port on the pod | `grafana` | | `sidecar.image.repository` | Sidecar image repository | `quay.io/kiwigrid/k8s-sidecar` | -| `sidecar.image.tag` | Sidecar image tag | `1.10.6` | +| `sidecar.image.tag` | Sidecar image tag | `1.10.7` | | `sidecar.image.sha` | Sidecar image sha (optional) | `""` | | `sidecar.imagePullPolicy` | Sidecar image pull policy | `IfNotPresent` | | `sidecar.resources` | Sidecar resources | `{}` | @@ -186,6 +188,7 @@ This version requires Helm >= 3.1.0. | `testFramework.imagePullPolicy` | `test-framework` image pull policy. | `IfNotPresent` | | `testFramework.securityContext` | `test-framework` securityContext | `{}` | | `downloadDashboards.env` | Environment variables to be passed to the `download-dashboards` container | `{}` | +| `downloadDashboards.envFromSecret` | Name of a Kubernetes secret (must be manually created in the same namespace) containing values to be added to the environment. Can be templated | `""` | | `downloadDashboards.resources` | Resources of `download-dashboards` container | `{}` | | `downloadDashboardsImage.repository` | Curl docker image repo | `curlimages/curl` | | `downloadDashboardsImage.tag` | Curl docker image tag | `7.73.0` | @@ -214,6 +217,7 @@ This version requires Helm >= 3.1.0. | `imageRenderer.priorityClassName` | image-renderer deployment priority class | `''` | | `imageRenderer.service.portName` | image-renderer service port name | `'http'` | | `imageRenderer.service.port` | image-renderer service port used by both service and deployment | `8081` | +| `imageRenderer.grafanaSubPath` | Grafana sub path to use for image renderer callback url | `''` | | `imageRenderer.podPortName` | name of the image-renderer port on the pod | `http` | | `imageRenderer.revisionHistoryLimit` | number of image-renderer replica sets to keep | `10` | | `imageRenderer.networkPolicy.limitIngress` | Enable a NetworkPolicy to limit inbound traffic from only the created grafana pods | `true` | @@ -322,7 +326,7 @@ If the parameter `sidecar.datasources.enabled` is set, an init container is depl pod. This container lists all secrets (or configmaps, though not recommended) in the cluster and filters out the ones with a label as defined in `sidecar.datasources.label`. The files defined in those secrets are written to a folder and accessed by grafana on startup. Using these yaml files, -the data sources in grafana can be imported. +the data sources in grafana can be imported. Secrets are recommended over configmaps for this usecase because datasources usually contain private data like usernames and passwords. Secrets are the more appropriate cluster resource to manage those. diff --git a/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/grafana/templates/_helpers.tpl b/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/grafana/templates/_helpers.tpl index 9ce170c4..70e05588 100644 --- a/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/grafana/templates/_helpers.tpl +++ b/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/grafana/templates/_helpers.tpl @@ -71,6 +71,9 @@ helm.sh/chart: {{ include "grafana.chart" . }} app.kubernetes.io/version: {{ .Values.image.tag | default .Chart.AppVersion | quote }} {{- end }} app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- if .Values.extraLabels }} +{{ toYaml .Values.extraLabels }} +{{- end }} {{- end -}} {{/* diff --git a/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/grafana/templates/_pod.tpl b/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/grafana/templates/_pod.tpl index 6b0ef5dd..ece72dbc 100644 --- a/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/grafana/templates/_pod.tpl +++ b/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/grafana/templates/_pod.tpl @@ -55,6 +55,11 @@ initContainers: {{- range $key, $value := .Values.downloadDashboards.env }} - name: "{{ $key }}" value: "{{ $value }}" +{{- end }} +{{- if .Values.downloadDashboards.envFromSecret }} + envFrom: + - secretRef: + name: {{ tpl .Values.downloadDashboards.envFromSecret . }} {{- end }} volumeMounts: - name: config @@ -345,7 +350,7 @@ containers: - name: GF_RENDERING_SERVER_URL value: http://{{ template "grafana.fullname" . }}-image-renderer.{{ template "grafana.namespace" . }}:{{ .Values.imageRenderer.service.port }}/render - name: GF_RENDERING_CALLBACK_URL - value: http://{{ template "grafana.fullname" . }}.{{ template "grafana.namespace" . }}:{{ .Values.service.port }}/ + value: http://{{ template "grafana.fullname" . }}.{{ template "grafana.namespace" . }}:{{ .Values.service.port }}/{{ .Values.imageRenderer.grafanaSubPath }} {{ end }} {{- range $key, $value := .Values.envValueFrom }} - name: {{ $key | quote }} diff --git a/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/grafana/templates/configmap.yaml b/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/grafana/templates/configmap.yaml index 0d2c3e27..de32b7ab 100644 --- a/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/grafana/templates/configmap.yaml +++ b/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/grafana/templates/configmap.yaml @@ -5,6 +5,10 @@ metadata: namespace: {{ template "grafana.namespace" . }} labels: {{- include "grafana.labels" . | nindent 4 }} +{{- with .Values.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} data: {{- if .Values.plugins }} plugins: {{ join "," .Values.plugins }} @@ -13,7 +17,11 @@ data: {{- range $key, $value := index .Values "grafana.ini" }} [{{ $key }}] {{- range $elem, $elemVal := $value }} - {{ $elem }} = {{ $elemVal }} + {{- if kindIs "invalid" $elemVal }} + {{ $elem }} = + {{- else }} + {{ $elem }} = {{ tpl (toYaml $elemVal) $ }} + {{- end }} {{- end }} {{- end }} diff --git a/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/grafana/templates/ingress.yaml b/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/grafana/templates/ingress.yaml index 710b82d3..44ebfc95 100644 --- a/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/grafana/templates/ingress.yaml +++ b/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/grafana/templates/ingress.yaml @@ -2,12 +2,16 @@ {{- $fullName := include "grafana.fullname" . -}} {{- $servicePort := .Values.service.port -}} {{- $ingressPath := .Values.ingress.path -}} +{{- $ingressPathType := .Values.ingress.pathType -}} {{- $extraPaths := .Values.ingress.extraPaths -}} -{{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }} +{{- $newAPI := .Capabilities.APIVersions.Has "networking.k8s.io/v1/Ingress" -}} +{{- if $newAPI -}} +apiVersion: networking.k8s.io/v1 +{{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/Ingress" }} apiVersion: networking.k8s.io/v1beta1 -{{ else }} +{{- else }} apiVersion: extensions/v1beta1 -{{ end -}} +{{- end }} kind: Ingress metadata: name: {{ $fullName }} @@ -41,16 +45,34 @@ spec: {{ toYaml $extraPaths | indent 10 }} {{- end }} - path: {{ $ingressPath }} + {{- if $newAPI }} + pathType: {{ $ingressPathType }} + {{- end }} backend: + {{- if $newAPI }} + service: + name: {{ $fullName }} + port: + number: {{ $servicePort }} + {{- else }} serviceName: {{ $fullName }} servicePort: {{ $servicePort }} + {{- end }} {{- end }} {{- else }} - http: paths: - backend: + {{- if $newAPI }} + service: + name: {{ $fullName }} + port: + number: {{ $servicePort }} + pathType: {{ $ingressPathType }} + {{- else }} serviceName: {{ $fullName }} servicePort: {{ $servicePort }} + {{- end }} {{- if $ingressPath }} path: {{ $ingressPath }} {{- end }} diff --git a/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/grafana/values.yaml b/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/grafana/values.yaml index c4616874..3478fa27 100644 --- a/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/grafana/values.yaml +++ b/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/grafana/values.yaml @@ -53,7 +53,7 @@ livenessProbe: image: repository: grafana/grafana - tag: 7.4.2 + tag: 7.4.3 sha: "" pullPolicy: IfNotPresent @@ -92,6 +92,9 @@ extraEmptyDirMounts: [] # mountPath: /etc/grafana/provisioning/notifiers +# Apply extra labels to common labels. +extraLabels: {} + ## Assign a PriorityClassName to pods if set # priorityClassName: @@ -103,6 +106,7 @@ downloadDashboardsImage: downloadDashboards: env: {} + envFromSecret: "" resources: {} ## Pod Annotations @@ -166,6 +170,10 @@ ingress: # kubernetes.io/tls-acme: "true" labels: {} path: / + + # pathType is only for k8s > 1.19 + pathType: Prefix + hosts: - chart-example.local ## Extra paths to prepend to every host configuration. This is useful when working with annotation based services. @@ -174,6 +182,16 @@ ingress: # backend: # serviceName: ssl-redirect # servicePort: use-annotation + ## Or for k8s > 1.19 + # - path: /* + # pathType: Prefix + # backend: + # service: + # name: ssl-redirect + # port: + # name: service + + tls: [] # - secretName: chart-example-tls # hosts: @@ -564,7 +582,7 @@ smtp: sidecar: image: repository: quay.io/kiwigrid/k8s-sidecar - tag: 1.10.6 + tag: 1.10.7 sha: "" imagePullPolicy: IfNotPresent resources: {} @@ -671,6 +689,8 @@ imageRenderer: # image-renderer service port used by both service and deployment port: 8081 targetPort: 8081 + # In case a sub_path is used this needs to be added to the image renderer callback + grafanaSubPath: "" # name of the image-renderer port on the pod podPortName: http # number of image-renderer replica sets to keep diff --git a/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/prometheus-node-exporter/Chart.yaml b/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/prometheus-node-exporter/Chart.yaml index f35460ba..b4c5e16b 100644 --- a/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/prometheus-node-exporter/Chart.yaml +++ b/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/prometheus-node-exporter/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 1.0.1 +appVersion: 1.1.2 description: A Helm chart for prometheus node-exporter home: https://github.com/prometheus/node_exporter/ keywords: @@ -14,4 +14,4 @@ maintainers: name: prometheus-node-exporter sources: - https://github.com/prometheus/node_exporter/ -version: 1.14.2 +version: 1.16.2 diff --git a/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/prometheus-node-exporter/templates/daemonset.yaml b/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/prometheus-node-exporter/templates/daemonset.yaml index cd6f65f1..53fe3263 100644 --- a/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/prometheus-node-exporter/templates/daemonset.yaml +++ b/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/prometheus-node-exporter/templates/daemonset.yaml @@ -21,9 +21,7 @@ spec: {{- toYaml .Values.podAnnotations | nindent 8 }} {{- end }} spec: -{{- if and .Values.rbac.create .Values.serviceAccount.create }} serviceAccountName: {{ template "prometheus-node-exporter.serviceAccountName" . }} -{{- end }} {{- if .Values.securityContext }} securityContext: {{ toYaml .Values.securityContext | indent 8 }} @@ -38,7 +36,9 @@ spec: args: - --path.procfs=/host/proc - --path.sysfs=/host/sys + {{- if .Values.hostRootFsMount }} - --path.rootfs=/host/root + {{- end }} - --web.listen-address=$(HOST_IP):{{ .Values.service.port }} {{- if .Values.extraArgs }} {{ toYaml .Values.extraArgs | indent 12 }} @@ -77,10 +77,12 @@ spec: - name: sys mountPath: /host/sys readOnly: true + {{- if .Values.hostRootFsMount }} - name: root mountPath: /host/root mountPropagation: HostToContainer readOnly: true + {{- end }} {{- if .Values.extraHostVolumeMounts }} {{- range $_, $mount := .Values.extraHostVolumeMounts }} - name: {{ $mount.name }} @@ -127,6 +129,10 @@ spec: affinity: {{ toYaml .Values.affinity | indent 8 }} {{- end }} +{{- with .Values.dnsConfig }} + dnsConfig: +{{ toYaml . | indent 8 }} +{{- end }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 8 }} @@ -142,9 +148,11 @@ spec: - name: sys hostPath: path: /sys + {{- if .Values.hostRootFsMount }} - name: root hostPath: path: / + {{- end }} {{- if .Values.extraHostVolumeMounts }} {{- range $_, $mount := .Values.extraHostVolumeMounts }} - name: {{ $mount.name }} diff --git a/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/prometheus-node-exporter/values.yaml b/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/prometheus-node-exporter/values.yaml index 4be3f9c2..93f8ef80 100644 --- a/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/prometheus-node-exporter/values.yaml +++ b/charts/kubezero-metrics/charts/kube-prometheus-stack/charts/prometheus-node-exporter/values.yaml @@ -3,7 +3,7 @@ # Declare variables to be passed into your templates. image: repository: quay.io/prometheus/node-exporter - tag: v1.0.1 + tag: v1.1.2 pullPolicy: IfNotPresent service: @@ -80,6 +80,10 @@ endpoints: [] # Expose the service to the host network hostNetwork: true +## If true, node-exporter pods mounts host / at /host/root +## +hostRootFsMount: true + ## Assign a group of affinity scheduling rules ## affinity: {} @@ -100,6 +104,18 @@ podAnnotations: # Extra labels to be added to node exporter pods podLabels: {} +# Custom DNS configuration to be added to prometheus-node-exporter pods +dnsConfig: {} +# nameservers: +# - 1.2.3.4 +# searches: +# - ns1.svc.cluster-domain.example +# - my.dns.search.suffix +# options: +# - name: ndots +# value: "2" +# - name: edns0 + ## Assign a nodeSelector if operating a hybrid cluster ## nodeSelector: {} diff --git a/charts/kubezero-metrics/charts/kube-prometheus-stack/crds/crd-alertmanagerconfigs.yaml b/charts/kubezero-metrics/charts/kube-prometheus-stack/crds/crd-alertmanagerconfigs.yaml index a2792535..b2ed1618 100644 --- a/charts/kubezero-metrics/charts/kube-prometheus-stack/crds/crd-alertmanagerconfigs.yaml +++ b/charts/kubezero-metrics/charts/kube-prometheus-stack/crds/crd-alertmanagerconfigs.yaml @@ -1,4 +1,4 @@ -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.45.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.46.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml --- apiVersion: apiextensions.k8s.io/v1 @@ -11,6 +11,8 @@ metadata: spec: group: monitoring.coreos.com names: + categories: + - prometheus-operator kind: AlertmanagerConfig listKind: AlertmanagerConfigList plural: alertmanagerconfigs diff --git a/charts/kubezero-metrics/charts/kube-prometheus-stack/crds/crd-alertmanagers.yaml b/charts/kubezero-metrics/charts/kube-prometheus-stack/crds/crd-alertmanagers.yaml index 7a4ec17c..724d488b 100644 --- a/charts/kubezero-metrics/charts/kube-prometheus-stack/crds/crd-alertmanagers.yaml +++ b/charts/kubezero-metrics/charts/kube-prometheus-stack/crds/crd-alertmanagers.yaml @@ -1,4 +1,4 @@ -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.45.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.46.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml --- apiVersion: apiextensions.k8s.io/v1 @@ -11,6 +11,8 @@ metadata: spec: group: monitoring.coreos.com names: + categories: + - prometheus-operator kind: Alertmanager listKind: AlertmanagerList plural: alertmanagers diff --git a/charts/kubezero-metrics/charts/kube-prometheus-stack/crds/crd-podmonitors.yaml b/charts/kubezero-metrics/charts/kube-prometheus-stack/crds/crd-podmonitors.yaml index 95fbafb0..d474a0c0 100644 --- a/charts/kubezero-metrics/charts/kube-prometheus-stack/crds/crd-podmonitors.yaml +++ b/charts/kubezero-metrics/charts/kube-prometheus-stack/crds/crd-podmonitors.yaml @@ -1,4 +1,4 @@ -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.45.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.46.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml --- apiVersion: apiextensions.k8s.io/v1 @@ -11,6 +11,8 @@ metadata: spec: group: monitoring.coreos.com names: + categories: + - prometheus-operator kind: PodMonitor listKind: PodMonitorList plural: podmonitors diff --git a/charts/kubezero-metrics/charts/kube-prometheus-stack/crds/crd-probes.yaml b/charts/kubezero-metrics/charts/kube-prometheus-stack/crds/crd-probes.yaml index 5ef8405b..7fd658e1 100644 --- a/charts/kubezero-metrics/charts/kube-prometheus-stack/crds/crd-probes.yaml +++ b/charts/kubezero-metrics/charts/kube-prometheus-stack/crds/crd-probes.yaml @@ -1,4 +1,4 @@ -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.45.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.46.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml --- apiVersion: apiextensions.k8s.io/v1 @@ -11,6 +11,8 @@ metadata: spec: group: monitoring.coreos.com names: + categories: + - prometheus-operator kind: Probe listKind: ProbeList plural: probes @@ -148,6 +150,37 @@ spec: type: string description: Labels assigned to all metrics scraped from the targets. type: object + relabelingConfigs: + description: 'RelabelConfigs to apply to samples before ingestion. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' + items: + description: 'RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. It defines ``-section of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex matching. Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source label values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted value is matched. Default is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace is performed if the regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing labels. Their content is concatenated using the configured separator and matched against the configured regular expression for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written in a replace action. It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array static: description: Targets is a list of URLs to probe using the configured prober. items: diff --git a/charts/kubezero-metrics/charts/kube-prometheus-stack/crds/crd-prometheuses.yaml b/charts/kubezero-metrics/charts/kube-prometheus-stack/crds/crd-prometheuses.yaml index 6a82bc54..c3f13d98 100644 --- a/charts/kubezero-metrics/charts/kube-prometheus-stack/crds/crd-prometheuses.yaml +++ b/charts/kubezero-metrics/charts/kube-prometheus-stack/crds/crd-prometheuses.yaml @@ -1,4 +1,4 @@ -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.45.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.46.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml --- apiVersion: apiextensions.k8s.io/v1 @@ -11,6 +11,8 @@ metadata: spec: group: monitoring.coreos.com names: + categories: + - prometheus-operator kind: Prometheus listKind: PrometheusList plural: prometheuses @@ -2639,6 +2641,11 @@ spec: bearerTokenFile: description: File to read bearer token for remote write. type: string + headers: + additionalProperties: + type: string + description: Custom HTTP headers to be sent along with each remote write request. Be aware that headers that are set by Prometheus itself can't be overwritten. Only valid in Prometheus versions 2.25.0 and newer. + type: object name: description: The name of the remote write queue, must be unique if specified. The name is used in metrics and logging in order to differentiate queues. Only valid in Prometheus versions 2.15.0 and newer. type: string diff --git a/charts/kubezero-metrics/charts/kube-prometheus-stack/crds/crd-prometheusrules.yaml b/charts/kubezero-metrics/charts/kube-prometheus-stack/crds/crd-prometheusrules.yaml index 8c0776c1..07a24df4 100644 --- a/charts/kubezero-metrics/charts/kube-prometheus-stack/crds/crd-prometheusrules.yaml +++ b/charts/kubezero-metrics/charts/kube-prometheus-stack/crds/crd-prometheusrules.yaml @@ -1,4 +1,4 @@ -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.45.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.46.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml --- apiVersion: apiextensions.k8s.io/v1 diff --git a/charts/kubezero-metrics/charts/kube-prometheus-stack/crds/crd-servicemonitors.yaml b/charts/kubezero-metrics/charts/kube-prometheus-stack/crds/crd-servicemonitors.yaml index a65be71b..9dee64ff 100644 --- a/charts/kubezero-metrics/charts/kube-prometheus-stack/crds/crd-servicemonitors.yaml +++ b/charts/kubezero-metrics/charts/kube-prometheus-stack/crds/crd-servicemonitors.yaml @@ -1,4 +1,4 @@ -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.45.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.46.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml --- apiVersion: apiextensions.k8s.io/v1 @@ -11,6 +11,8 @@ metadata: spec: group: monitoring.coreos.com names: + categories: + - prometheus-operator kind: ServiceMonitor listKind: ServiceMonitorList plural: servicemonitors diff --git a/charts/kubezero-metrics/charts/kube-prometheus-stack/crds/crd-thanosrulers.yaml b/charts/kubezero-metrics/charts/kube-prometheus-stack/crds/crd-thanosrulers.yaml index 8fe6e81a..a470d4b9 100644 --- a/charts/kubezero-metrics/charts/kube-prometheus-stack/crds/crd-thanosrulers.yaml +++ b/charts/kubezero-metrics/charts/kube-prometheus-stack/crds/crd-thanosrulers.yaml @@ -1,4 +1,4 @@ -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.45.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.46.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml --- apiVersion: apiextensions.k8s.io/v1 @@ -11,6 +11,8 @@ metadata: spec: group: monitoring.coreos.com names: + categories: + - prometheus-operator kind: ThanosRuler listKind: ThanosRulerList plural: thanosrulers @@ -3337,4 +3339,4 @@ status: kind: "" plural: "" conditions: [] - storedVersions: [] + storedVersions: [] \ No newline at end of file diff --git a/charts/kubezero-metrics/charts/kube-prometheus-stack/templates/prometheus/_rules.tpl b/charts/kubezero-metrics/charts/kube-prometheus-stack/templates/prometheus/_rules.tpl new file mode 100644 index 00000000..83245c08 --- /dev/null +++ b/charts/kubezero-metrics/charts/kube-prometheus-stack/templates/prometheus/_rules.tpl @@ -0,0 +1,38 @@ +{{- /* +Generated file. Do not change in-place! In order to change this file first read following link: +https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack +*/ -}} +{{- define "rules.names" }} +rules: + - "alertmanager.rules" + - "general.rules" + - "k8s.rules" + - "kube-apiserver.rules" + - "kube-apiserver-availability.rules" + - "kube-apiserver-error" + - "kube-apiserver-slos" + - "kube-prometheus-general.rules" + - "kube-prometheus-node-alerting.rules" + - "kube-prometheus-node-recording.rules" + - "kube-scheduler.rules" + - "kube-state-metrics" + - "kubelet.rules" + - "kubernetes-absent" + - "kubernetes-resources" + - "kubernetes-storage" + - "kubernetes-system" + - "kubernetes-system-apiserver" + - "kubernetes-system-kubelet" + - "kubernetes-system-controller-manager" + - "kubernetes-system-scheduler" + - "node-exporter.rules" + - "node-exporter" + - "node.rules" + - "node-network" + - "node-time" + - "prometheus-operator" + - "prometheus.rules" + - "prometheus" + - "kubernetes-apps" + - "etcd" +{{- end }} diff --git a/charts/kubezero-metrics/charts/kube-prometheus-stack/templates/prometheus/prometheus.yaml b/charts/kubezero-metrics/charts/kube-prometheus-stack/templates/prometheus/prometheus.yaml index eb561e63..f069a859 100644 --- a/charts/kubezero-metrics/charts/kube-prometheus-stack/templates/prometheus/prometheus.yaml +++ b/charts/kubezero-metrics/charts/kube-prometheus-stack/templates/prometheus/prometheus.yaml @@ -268,9 +268,6 @@ spec: {{- end }} portName: {{ .Values.prometheus.prometheusSpec.portName }} {{- end }} -{{- if .Values.prometheus.prometheusSpec.enforcedNamespaceLabel }} - enforcedNamespaceLabel: {{ .Values.prometheus.prometheusSpec.enforcedNamespaceLabel }} -{{- end }} {{- if .Values.prometheus.prometheusSpec.volumes }} volumes: {{ toYaml .Values.prometheus.prometheusSpec.volumes | indent 4 }} @@ -292,10 +289,18 @@ spec: {{- if .Values.prometheus.prometheusSpec.ignoreNamespaceSelectors }} ignoreNamespaceSelectors: {{ .Values.prometheus.prometheusSpec.ignoreNamespaceSelectors }} {{- end }} -{{- if .Values.prometheus.prometheusSpec.prometheusRulesExcludedFromEnforce }} +{{- if .Values.prometheus.prometheusSpec.enforcedNamespaceLabel }} + enforcedNamespaceLabel: {{ .Values.prometheus.prometheusSpec.enforcedNamespaceLabel }} +{{- $prometheusDefaultRulesExcludedFromEnforce := (include "rules.names" .) | fromYaml }} prometheusRulesExcludedFromEnforce: +{{- range $prometheusDefaultRulesExcludedFromEnforce.rules }} + - ruleNamespace: "{{ template "kube-prometheus-stack.namespace" $ }}" + ruleName: "{{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) . | trunc 63 | trimSuffix "-" }}" +{{- end }} +{{- if .Values.prometheus.prometheusSpec.prometheusRulesExcludedFromEnforce }} {{ toYaml .Values.prometheus.prometheusSpec.prometheusRulesExcludedFromEnforce | indent 4 }} {{- end }} +{{- end }} {{- if .Values.prometheus.prometheusSpec.queryLogFile }} queryLogFile: {{ .Values.prometheus.prometheusSpec.queryLogFile }} {{- end }} diff --git a/charts/kubezero-metrics/charts/kube-prometheus-stack/templates/prometheus/serviceThanosSIdecar.yaml b/charts/kubezero-metrics/charts/kube-prometheus-stack/templates/prometheus/serviceThanosSIdecar.yaml index 6ae1b14d..ee97d492 100644 --- a/charts/kubezero-metrics/charts/kube-prometheus-stack/templates/prometheus/serviceThanosSIdecar.yaml +++ b/charts/kubezero-metrics/charts/kube-prometheus-stack/templates/prometheus/serviceThanosSIdecar.yaml @@ -15,12 +15,15 @@ metadata: {{ toYaml .Values.prometheus.thanosService.annotations | indent 4 }} {{- end }} spec: - type: ClusterIP + type: {{ .Values.prometheus.thanosService.type }} clusterIP: None ports: - name: {{ .Values.prometheus.thanosService.portName }} port: {{ .Values.prometheus.thanosService.port }} targetPort: {{ .Values.prometheus.thanosService.targetPort }} + {{- if eq .Values.prometheus.thanosService.type "NodePort" }} + nodePort: {{ .Values.prometheus.thanosService.nodePort }} + {{- end }} selector: app: prometheus prometheus: {{ template "kube-prometheus-stack.fullname" . }}-prometheus diff --git a/charts/kubezero-metrics/charts/kube-prometheus-stack/values.yaml b/charts/kubezero-metrics/charts/kube-prometheus-stack/values.yaml index 66114e2e..5848603d 100644 --- a/charts/kubezero-metrics/charts/kube-prometheus-stack/values.yaml +++ b/charts/kubezero-metrics/charts/kube-prometheus-stack/values.yaml @@ -331,7 +331,7 @@ alertmanager: nodePort: 30904 ## Loadbalancer source IP ranges - ## Only used if servicePerReplica.type is "loadbalancer" + ## Only used if servicePerReplica.type is "LoadBalancer" loadBalancerSourceRanges: [] ## Service type ## @@ -1351,13 +1351,13 @@ prometheusOperator: additionalPorts: [] ## Loadbalancer IP - ## Only use if service.type is "loadbalancer" + ## Only use if service.type is "LoadBalancer" ## loadBalancerIP: "" loadBalancerSourceRanges: [] ## Service type - ## NodePort, ClusterIP, loadbalancer + ## NodePort, ClusterIP, LoadBalancer ## type: ClusterIP @@ -1480,7 +1480,7 @@ prometheusOperator: ## image: repository: quay.io/prometheus-operator/prometheus-operator - tag: v0.45.0 + tag: v0.46.0 sha: "" pullPolicy: IfNotPresent @@ -1496,7 +1496,7 @@ prometheusOperator: ## prometheusConfigReloaderImage: repository: quay.io/prometheus-operator/prometheus-config-reloader - tag: v0.45.0 + tag: v0.46.0 sha: "" ## Set the prometheus config reloader side-car CPU limit @@ -1541,6 +1541,14 @@ prometheus: port: 10901 targetPort: "grpc" + ## Service type + ## + type: ClusterIP + + ## Port to expose on each node + ## + nodePort: 30901 + ## Configuration for Prometheus service ## service: @@ -1566,7 +1574,7 @@ prometheus: nodePort: 30090 ## Loadbalancer IP - ## Only use if service.type is "loadbalancer" + ## Only use if service.type is "LoadBalancer" loadBalancerIP: "" loadBalancerSourceRanges: [] ## Service type @@ -1594,7 +1602,7 @@ prometheus: nodePort: 30091 ## Loadbalancer source IP ranges - ## Only used if servicePerReplica.type is "loadbalancer" + ## Only used if servicePerReplica.type is "LoadBalancer" loadBalancerSourceRanges: [] ## Service type ## @@ -1903,10 +1911,10 @@ prometheus: ruleSelectorNilUsesHelmValues: true ## PrometheusRules to be selected for target discovery. - ## If {}, select all ServiceMonitors + ## If {}, select all PrometheusRules ## ruleSelector: {} - ## Example which select all prometheusrules resources + ## Example which select all PrometheusRules resources ## with label "prometheus" with values any of "example-rules" or "example-rules-2" # ruleSelector: # matchExpressions: @@ -1916,7 +1924,7 @@ prometheus: # - example-rules # - example-rules-2 # - ## Example which select all prometheusrules resources with label "role" set to "example-rules" + ## Example which select all PrometheusRules resources with label "role" set to "example-rules" # ruleSelector: # matchLabels: # role: example-rules @@ -2234,9 +2242,14 @@ prometheus: ## configs, and they will only discover endpoints within their current namespace. Defaults to false. ignoreNamespaceSelectors: false + ## EnforcedNamespaceLabel enforces adding a namespace label of origin for each alert and metric that is user created. + ## The label value will always be the namespace of the object that is being created. + ## Disabled by default + enforcedNamespaceLabel: "" + ## PrometheusRulesExcludedFromEnforce - list of prometheus rules to be excluded from enforcing of adding namespace labels. ## Works only if enforcedNamespaceLabel set to true. Make sure both ruleNamespace and ruleName are set for each pair - prometheusRulesExcludedFromEnforce: false + prometheusRulesExcludedFromEnforce: [] ## QueryLogFile specifies the file to which PromQL queries are logged. Note that this location must be writable, ## and can be persisted using an attached volume. Alternatively, the location can be set to a stdout location such diff --git a/charts/kubezero-metrics/update.sh b/charts/kubezero-metrics/update.sh index 4be6f0f9..55549b84 100755 --- a/charts/kubezero-metrics/update.sh +++ b/charts/kubezero-metrics/update.sh @@ -1,6 +1,6 @@ #!/bin/bash -VERSION=13.13.0 +VERSION=14.3.0 rm -rf charts/kube-prometheus-stack curl -L -s -o - https://github.com/prometheus-community/helm-charts/releases/download/kube-prometheus-stack-${VERSION}/kube-prometheus-stack-${VERSION}.tgz | tar xfz - -C charts