feat: more v1.29 module updates

This commit is contained in:
Stefan Reimer 2024-07-19 14:14:43 +00:00
parent af33435d51
commit 243b13892c
128 changed files with 23965 additions and 22207 deletions

View File

@ -25,18 +25,8 @@ control_plane_upgrade kubeadm_upgrade
# shellcheck disable=SC2015 # shellcheck disable=SC2015
#argo_used && kubectl edit app kubezero -n argocd || kubectl edit cm kubezero-values -n kube-system #argo_used && kubectl edit app kubezero -n argocd || kubectl edit cm kubezero-values -n kube-system
### v1.28 ### v1.29
# - remove old argocd app, all resources will be taken over by argo.argo-cd #
argo_used && rc=$? || rc=$?
if [ $rc -eq 0 ]; then
kubectl patch app argocd -n argocd \
--type json \
--patch='[ { "op": "remove", "path": "/metadata/finalizers" } ]' && \
kubectl delete app argocd -n argocd || true
# remove legacy argocd app resources, but NOT kubezero-git-sync nor the appproject
kubectl api-resources --verbs=list --namespaced -o name | grep -ve 'app.*argoproj' | xargs -n 1 kubectl delete --ignore-not-found -l argocd.argoproj.io/instance=argocd -n argocd
fi
# upgrade modules # upgrade modules
control_plane_upgrade "apply_network, apply_addons, apply_storage, apply_operators" control_plane_upgrade "apply_network, apply_addons, apply_storage, apply_operators"
@ -49,9 +39,9 @@ echo "Applying remaining KubeZero modules..."
control_plane_upgrade "apply_cert-manager, apply_istio, apply_istio-ingress, apply_istio-private-ingress, apply_logging, apply_metrics, apply_telemetry, apply_argo" control_plane_upgrade "apply_cert-manager, apply_istio, apply_istio-ingress, apply_istio-private-ingress, apply_logging, apply_metrics, apply_telemetry, apply_argo"
# Trigger backup of upgraded cluster state # Trigger backup of upgraded cluster state
kubectl create job --from=cronjob/kubezero-backup kubezero-backup-$VERSION -n kube-system kubectl create job --from=cronjob/kubezero-backup kubezero-backup-$KUBE_VERSION -n kube-system
while true; do while true; do
kubectl wait --for=condition=complete job/kubezero-backup-$VERSION -n kube-system 2>/dev/null && kubectl delete job kubezero-backup-$VERSION -n kube-system && break kubectl wait --for=condition=complete job/kubezero-backup-$KUBE_VERSION -n kube-system 2>/dev/null && kubectl delete job kubezero-backup-$KUBE_VERSION -n kube-system && break
sleep 1 sleep 1
done done

View File

@ -2,7 +2,7 @@ apiVersion: v2
name: kubezero-cert-manager name: kubezero-cert-manager
description: KubeZero Umbrella Chart for cert-manager description: KubeZero Umbrella Chart for cert-manager
type: application type: application
version: 0.9.7 version: 0.9.8
home: https://kubezero.com home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
keywords: keywords:
@ -16,6 +16,6 @@ dependencies:
version: ">= 0.1.6" version: ">= 0.1.6"
repository: https://cdn.zero-downtime.net/charts/ repository: https://cdn.zero-downtime.net/charts/
- name: cert-manager - name: cert-manager
version: v1.14.4 version: v1.15.1
repository: https://charts.jetstack.io repository: https://charts.jetstack.io
kubeVersion: ">= 1.26.0" kubeVersion: ">= 1.26.0"

View File

@ -1,6 +1,6 @@
# kubezero-cert-manager # kubezero-cert-manager
![Version: 0.9.7](https://img.shields.io/badge/Version-0.9.7-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![Version: 0.9.8](https://img.shields.io/badge/Version-0.9.8-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
KubeZero Umbrella Chart for cert-manager KubeZero Umbrella Chart for cert-manager
@ -19,7 +19,7 @@ Kubernetes: `>= 1.26.0`
| Repository | Name | Version | | Repository | Name | Version |
|------------|------|---------| |------------|------|---------|
| https://cdn.zero-downtime.net/charts/ | kubezero-lib | >= 0.1.6 | | https://cdn.zero-downtime.net/charts/ | kubezero-lib | >= 0.1.6 |
| https://charts.jetstack.io | cert-manager | v1.14.4 | | https://charts.jetstack.io | cert-manager | v1.15.1 |
## AWS - OIDC IAM roles ## AWS - OIDC IAM roles
@ -37,6 +37,7 @@ If your resolvers need additional sercrets like CloudFlare API tokens etc. make
| cert-manager.cainjector.nodeSelector."node-role.kubernetes.io/control-plane" | string | `""` | | | cert-manager.cainjector.nodeSelector."node-role.kubernetes.io/control-plane" | string | `""` | |
| cert-manager.cainjector.tolerations[0].effect | string | `"NoSchedule"` | | | cert-manager.cainjector.tolerations[0].effect | string | `"NoSchedule"` | |
| cert-manager.cainjector.tolerations[0].key | string | `"node-role.kubernetes.io/control-plane"` | | | cert-manager.cainjector.tolerations[0].key | string | `"node-role.kubernetes.io/control-plane"` | |
| cert-manager.crds.enabled | bool | `true` | |
| cert-manager.enableCertificateOwnerRef | bool | `true` | | | cert-manager.enableCertificateOwnerRef | bool | `true` | |
| cert-manager.enabled | bool | `true` | | | cert-manager.enabled | bool | `true` | |
| cert-manager.extraArgs[0] | string | `"--logging-format=json"` | | | cert-manager.extraArgs[0] | string | `"--logging-format=json"` | |

View File

@ -18,8 +18,8 @@
"subdir": "contrib/mixin" "subdir": "contrib/mixin"
} }
}, },
"version": "5a53a708d8ab9ef936ac5b8062ffc66c77a2c18f", "version": "010d462c0ff03a70f5c5fd32efbb76ad4c1e7c81",
"sum": "xuUBd2vqF7asyVDe5CE08uPT/RxAdy8O75EjFJoMXXU=" "sum": "IXI3LQIT9NmTPJAk8WLUJd5+qZfcGpeNCyWIK7oEpws="
}, },
{ {
"source": { "source": {
@ -58,8 +58,8 @@
"subdir": "gen/grafonnet-latest" "subdir": "gen/grafonnet-latest"
} }
}, },
"version": "6ac1593ca787638da223380ff4a3fd0f96e953e1", "version": "5a66b0f6a0f4f7caec754dd39a0e263b56a0f90a",
"sum": "GxEO83uxgsDclLp/fmlUJZDbSGpeUZY6Ap3G2cgdL1g=" "sum": "eyuJ0jOXeA4MrobbNgU4/v5a7ASDHslHZ0eS6hDdWoI="
}, },
{ {
"source": { "source": {
@ -68,18 +68,18 @@
"subdir": "gen/grafonnet-v10.0.0" "subdir": "gen/grafonnet-v10.0.0"
} }
}, },
"version": "6ac1593ca787638da223380ff4a3fd0f96e953e1", "version": "5a66b0f6a0f4f7caec754dd39a0e263b56a0f90a",
"sum": "W7sLuAvMSJPkC7Oo31t45Nz/cUdJV7jzNSJTd3F1daM=" "sum": "xdcrJPJlpkq4+5LpGwN4tPAuheNNLXZjE6tDcyvFjr0="
}, },
{ {
"source": { "source": {
"git": { "git": {
"remote": "https://github.com/grafana/grafonnet.git", "remote": "https://github.com/grafana/grafonnet.git",
"subdir": "gen/grafonnet-v10.4.0" "subdir": "gen/grafonnet-v11.0.0"
} }
}, },
"version": "6ac1593ca787638da223380ff4a3fd0f96e953e1", "version": "5a66b0f6a0f4f7caec754dd39a0e263b56a0f90a",
"sum": "ZSmDT7i/qU9P8ggmuPuJT+jonq1ZEsBRCXycW/H5L/A=" "sum": "Fuo+qTZZzF+sHDBWX/8fkPsUmwW6qhH8hRVz45HznfI="
}, },
{ {
"source": { "source": {
@ -88,8 +88,8 @@
"subdir": "grafana-builder" "subdir": "grafana-builder"
} }
}, },
"version": "7561fd330312538d22b00e0c7caecb4ba66321ea", "version": "1d877bb0651ef92176f651d0be473c06e372a8a0",
"sum": "+z5VY+bPBNqXcmNAV8xbJcbsRA+pro1R3IM7aIY8OlU=" "sum": "udZaafkbKYMGodLqsFhEe+Oy/St2p0edrK7hiMPEey0="
}, },
{ {
"source": { "source": {
@ -98,8 +98,8 @@
"subdir": "" "subdir": ""
} }
}, },
"version": "72a094ff162bbd93921803994241d73900592c9a", "version": "b6a425db5c72b0159e3b8666b373e21bf487df9a",
"sum": "h+YvBTXL5A02165i3yt3SxSAbFftChtXYJ0nYFnOAqo=" "sum": "6KgWSzBFX09sycxfM3mYsY9Ua16ydCVpyFGYS0ZkpIo="
}, },
{ {
"source": { "source": {
@ -118,8 +118,8 @@
"subdir": "" "subdir": ""
} }
}, },
"version": "fc2e57a8839902ed4ba6cab5a99d642500f7102b", "version": "63d430b69a95741061c2f7fc9d84b1a778511d9c",
"sum": "43waffw1QzvpY4rKcWoo3L7Vpee+DCYexwLDd5cPG0M=" "sum": "qiZi3axUSXCVzKUF83zSAxklwrnitMmrDK4XAfjPMdE="
}, },
{ {
"source": { "source": {
@ -128,8 +128,8 @@
"subdir": "" "subdir": ""
} }
}, },
"version": "a1c276d7a46c4b06fa5d8b4a64441939d398efe5", "version": "3dfa72d1d1ab31a686b1f52ec28bbf77c972bd23",
"sum": "b/mEai1MvVnZ22YvZlXEO4jWDZledrtJg8eOS1ZUj0M=" "sum": "7ufhpvzoDqAYLrfAsGkTAIRmu2yWQkmHukTE//jOsJU="
}, },
{ {
"source": { "source": {
@ -138,8 +138,8 @@
"subdir": "jsonnet/kube-state-metrics" "subdir": "jsonnet/kube-state-metrics"
} }
}, },
"version": "9ba1c3702142918e09e8eb5ca530e15198624259", "version": "7104d579e93d672754c018a924d6c3f7ec23874e",
"sum": "msMZyUvcebzRILLzNlTIiSOwa1XgQKtP7jbZTkiqwM0=" "sum": "pvInhJNQVDOcC3NGWRMKRIP954mAvLXCQpTlafIg7fA="
}, },
{ {
"source": { "source": {
@ -148,7 +148,7 @@
"subdir": "jsonnet/kube-state-metrics-mixin" "subdir": "jsonnet/kube-state-metrics-mixin"
} }
}, },
"version": "9ba1c3702142918e09e8eb5ca530e15198624259", "version": "7104d579e93d672754c018a924d6c3f7ec23874e",
"sum": "qclI7LwucTjBef3PkGBkKxF0mfZPbHnn4rlNWKGtR4c=" "sum": "qclI7LwucTjBef3PkGBkKxF0mfZPbHnn4rlNWKGtR4c="
}, },
{ {
@ -158,8 +158,8 @@
"subdir": "jsonnet/kube-prometheus" "subdir": "jsonnet/kube-prometheus"
} }
}, },
"version": "76f2e1ef95be0df752037baa040781c5219e1fb3", "version": "defa2bd1e242519c62a5c2b3b786b1caa6d906d4",
"sum": "IgpAgyyBZ7VT2vr9kSYQP/lkZUNQnbqpGh2sYCtUKs0=" "sum": "INKeZ+QIIPImq+TrfHT8CpYdoRzzxRk0txG07XlOo/Q="
}, },
{ {
"source": { "source": {
@ -168,7 +168,7 @@
"subdir": "jsonnet/mixin" "subdir": "jsonnet/mixin"
} }
}, },
"version": "71d9433ba612f4b826ffa38520b23a7985b50db3", "version": "609424db53853b992277b7a9a0e5cf59f4cc24f3",
"sum": "gi+knjdxs2T715iIQIntrimbHRgHnpM8IFBJDD1gYfs=", "sum": "gi+knjdxs2T715iIQIntrimbHRgHnpM8IFBJDD1gYfs=",
"name": "prometheus-operator-mixin" "name": "prometheus-operator-mixin"
}, },
@ -179,8 +179,8 @@
"subdir": "jsonnet/prometheus-operator" "subdir": "jsonnet/prometheus-operator"
} }
}, },
"version": "71d9433ba612f4b826ffa38520b23a7985b50db3", "version": "609424db53853b992277b7a9a0e5cf59f4cc24f3",
"sum": "S4LFa0h1AzANixqGMowtwVswVP+y6f+fXloxpO7hMes=" "sum": "z2/5LjQpWC7snhT+n/mtQqoy5986uI95sTqcKQziwGU="
}, },
{ {
"source": { "source": {
@ -189,7 +189,7 @@
"subdir": "doc/alertmanager-mixin" "subdir": "doc/alertmanager-mixin"
} }
}, },
"version": "14cbe6301c732658d6fe877ec55ad5b738abcf06", "version": "eb8369ec510d76f63901379a8437c4b55885d6c5",
"sum": "IpF46ZXsm+0wJJAPtAre8+yxTNZA57mBqGpBP/r7/kw=", "sum": "IpF46ZXsm+0wJJAPtAre8+yxTNZA57mBqGpBP/r7/kw=",
"name": "alertmanager" "name": "alertmanager"
}, },
@ -200,8 +200,8 @@
"subdir": "docs/node-mixin" "subdir": "docs/node-mixin"
} }
}, },
"version": "3accd4cf8286e69d70516abdced6bf186274322a", "version": "b9d0932179a0c5b3a8863f3d6cdafe8584cedc8e",
"sum": "vWhHvFqV7+fxrQddTeGVKi1e4EzB3VWtNyD8TjSmevY=" "sum": "rhUvbqviGjQ2mwsRhHKMN0TiS3YvnYpUXHew3XlQ+Wg="
}, },
{ {
"source": { "source": {
@ -210,8 +210,8 @@
"subdir": "documentation/prometheus-mixin" "subdir": "documentation/prometheus-mixin"
} }
}, },
"version": "773170f372e0a57949854b74231ee3e09185f728", "version": "ac85bd47e1cfa0d63520e4c0b4e26900c42c326b",
"sum": "u/Fpz2MPkezy71/q+c7mF0vc3hE9fWt2W/YbvF0LP/8=", "sum": "dYLcLzGH4yF3qB7OGC/7z4nqeTNjv42L7Q3BENU8XJI=",
"name": "prometheus" "name": "prometheus"
}, },
{ {
@ -232,7 +232,7 @@
"subdir": "mixin" "subdir": "mixin"
} }
}, },
"version": "93c79b61825ec00889188e35a58635eee247bc36", "version": "35c0dbec856f97683a846e9c53f83156a3a44ff3",
"sum": "HhSSbGGCNHCMy1ee5jElYDm0yS9Vesa7QB2/SHKdjsY=", "sum": "HhSSbGGCNHCMy1ee5jElYDm0yS9Vesa7QB2/SHKdjsY=",
"name": "thanos-mixin" "name": "thanos-mixin"
} }

View File

@ -19,6 +19,9 @@ localCA:
cert-manager: cert-manager:
enabled: true enabled: true
crds:
enabled: true
global: global:
leaderElection: leaderElection:
namespace: "cert-manager" namespace: "cert-manager"

View File

@ -1,6 +1,6 @@
# kubezero-metrics # kubezero-metrics
![Version: 0.9.8](https://img.shields.io/badge/Version-0.9.8-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![Version: 0.9.9](https://img.shields.io/badge/Version-0.9.9-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
KubeZero Umbrella Chart for Prometheus, Grafana and Alertmanager as well as all Kubernetes integrations. KubeZero Umbrella Chart for Prometheus, Grafana and Alertmanager as well as all Kubernetes integrations.
@ -19,9 +19,9 @@ Kubernetes: `>= 1.26.0`
| Repository | Name | Version | | Repository | Name | Version |
|------------|------|---------| |------------|------|---------|
| https://cdn.zero-downtime.net/charts/ | kubezero-lib | >= 0.1.6 | | https://cdn.zero-downtime.net/charts/ | kubezero-lib | >= 0.1.6 |
| https://prometheus-community.github.io/helm-charts | kube-prometheus-stack | 58.0.0 | | https://prometheus-community.github.io/helm-charts | kube-prometheus-stack | 58.7.2 |
| https://prometheus-community.github.io/helm-charts | prometheus-adapter | 4.10.0 | | https://prometheus-community.github.io/helm-charts | prometheus-adapter | 4.10.0 |
| https://prometheus-community.github.io/helm-charts | prometheus-pushgateway | 2.10.0 | | https://prometheus-community.github.io/helm-charts | prometheus-pushgateway | 2.14.0 |
## Values ## Values

View File

@ -7,7 +7,7 @@ annotations:
url: https://github.com/prometheus-operator/kube-prometheus url: https://github.com/prometheus-operator/kube-prometheus
artifacthub.io/operator: "true" artifacthub.io/operator: "true"
apiVersion: v2 apiVersion: v2
appVersion: v0.73.0 appVersion: v0.73.2
dependencies: dependencies:
- condition: crds.enabled - condition: crds.enabled
name: crds name: crds
@ -16,11 +16,11 @@ dependencies:
- condition: kubeStateMetrics.enabled - condition: kubeStateMetrics.enabled
name: kube-state-metrics name: kube-state-metrics
repository: https://prometheus-community.github.io/helm-charts repository: https://prometheus-community.github.io/helm-charts
version: 5.18.* version: 5.19.*
- condition: nodeExporter.enabled - condition: nodeExporter.enabled
name: prometheus-node-exporter name: prometheus-node-exporter
repository: https://prometheus-community.github.io/helm-charts repository: https://prometheus-community.github.io/helm-charts
version: 4.32.* version: 4.34.*
- condition: grafana.enabled - condition: grafana.enabled
name: grafana name: grafana
repository: https://grafana.github.io/helm-charts repository: https://grafana.github.io/helm-charts
@ -62,4 +62,4 @@ sources:
- https://github.com/prometheus-community/helm-charts - https://github.com/prometheus-community/helm-charts
- https://github.com/prometheus-operator/kube-prometheus - https://github.com/prometheus-operator/kube-prometheus
type: application type: application
version: 58.0.0 version: 58.7.2

View File

@ -1,11 +1,11 @@
# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.73.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml # https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.73.2/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
--- ---
apiVersion: apiextensions.k8s.io/v1 apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.13.0 controller-gen.kubebuilder.io/version: v0.13.0
operator.prometheus.io/version: 0.73.0 operator.prometheus.io/version: 0.73.2
argocd.argoproj.io/sync-options: ServerSideApply=true argocd.argoproj.io/sync-options: ServerSideApply=true
name: alertmanagerconfigs.monitoring.coreos.com name: alertmanagerconfigs.monitoring.coreos.com
spec: spec:

View File

@ -1,11 +1,11 @@
# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.73.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml # https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.73.2/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
--- ---
apiVersion: apiextensions.k8s.io/v1 apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.13.0 controller-gen.kubebuilder.io/version: v0.13.0
operator.prometheus.io/version: 0.73.0 operator.prometheus.io/version: 0.73.2
argocd.argoproj.io/sync-options: ServerSideApply=true argocd.argoproj.io/sync-options: ServerSideApply=true
name: alertmanagers.monitoring.coreos.com name: alertmanagers.monitoring.coreos.com
spec: spec:

View File

@ -1,11 +1,11 @@
# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.73.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml # https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.73.2/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
--- ---
apiVersion: apiextensions.k8s.io/v1 apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.13.0 controller-gen.kubebuilder.io/version: v0.13.0
operator.prometheus.io/version: 0.73.0 operator.prometheus.io/version: 0.73.2
argocd.argoproj.io/sync-options: ServerSideApply=true argocd.argoproj.io/sync-options: ServerSideApply=true
name: podmonitors.monitoring.coreos.com name: podmonitors.monitoring.coreos.com
spec: spec:

View File

@ -1,11 +1,11 @@
# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.73.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml # https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.73.2/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
--- ---
apiVersion: apiextensions.k8s.io/v1 apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.13.0 controller-gen.kubebuilder.io/version: v0.13.0
operator.prometheus.io/version: 0.73.0 operator.prometheus.io/version: 0.73.2
argocd.argoproj.io/sync-options: ServerSideApply=true argocd.argoproj.io/sync-options: ServerSideApply=true
name: probes.monitoring.coreos.com name: probes.monitoring.coreos.com
spec: spec:

View File

@ -1,11 +1,11 @@
# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.73.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml # https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.73.2/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml
--- ---
apiVersion: apiextensions.k8s.io/v1 apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.13.0 controller-gen.kubebuilder.io/version: v0.13.0
operator.prometheus.io/version: 0.73.0 operator.prometheus.io/version: 0.73.2
argocd.argoproj.io/sync-options: ServerSideApply=true argocd.argoproj.io/sync-options: ServerSideApply=true
name: prometheusagents.monitoring.coreos.com name: prometheusagents.monitoring.coreos.com
spec: spec:

View File

@ -1,11 +1,11 @@
# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.73.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml # https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.73.2/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
--- ---
apiVersion: apiextensions.k8s.io/v1 apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.13.0 controller-gen.kubebuilder.io/version: v0.13.0
operator.prometheus.io/version: 0.73.0 operator.prometheus.io/version: 0.73.2
argocd.argoproj.io/sync-options: ServerSideApply=true argocd.argoproj.io/sync-options: ServerSideApply=true
name: prometheuses.monitoring.coreos.com name: prometheuses.monitoring.coreos.com
spec: spec:

View File

@ -1,11 +1,11 @@
# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.73.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml # https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.73.2/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
--- ---
apiVersion: apiextensions.k8s.io/v1 apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.13.0 controller-gen.kubebuilder.io/version: v0.13.0
operator.prometheus.io/version: 0.73.0 operator.prometheus.io/version: 0.73.2
argocd.argoproj.io/sync-options: ServerSideApply=true argocd.argoproj.io/sync-options: ServerSideApply=true
name: prometheusrules.monitoring.coreos.com name: prometheusrules.monitoring.coreos.com
spec: spec:

View File

@ -1,11 +1,11 @@
# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.73.0/example/prometheus-operator-crd/monitoring.coreos.com_scrapeconfigs.yaml # https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.73.2/example/prometheus-operator-crd/monitoring.coreos.com_scrapeconfigs.yaml
--- ---
apiVersion: apiextensions.k8s.io/v1 apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.13.0 controller-gen.kubebuilder.io/version: v0.13.0
operator.prometheus.io/version: 0.73.0 operator.prometheus.io/version: 0.73.2
argocd.argoproj.io/sync-options: ServerSideApply=true argocd.argoproj.io/sync-options: ServerSideApply=true
name: scrapeconfigs.monitoring.coreos.com name: scrapeconfigs.monitoring.coreos.com
spec: spec:

View File

@ -1,11 +1,11 @@
# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.73.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml # https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.73.2/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
--- ---
apiVersion: apiextensions.k8s.io/v1 apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.13.0 controller-gen.kubebuilder.io/version: v0.13.0
operator.prometheus.io/version: 0.73.0 operator.prometheus.io/version: 0.73.2
argocd.argoproj.io/sync-options: ServerSideApply=true argocd.argoproj.io/sync-options: ServerSideApply=true
name: servicemonitors.monitoring.coreos.com name: servicemonitors.monitoring.coreos.com
spec: spec:

View File

@ -1,11 +1,11 @@
# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.73.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml # https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.73.2/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
--- ---
apiVersion: apiextensions.k8s.io/v1 apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.13.0 controller-gen.kubebuilder.io/version: v0.13.0
operator.prometheus.io/version: 0.73.0 operator.prometheus.io/version: 0.73.2
argocd.argoproj.io/sync-options: ServerSideApply=true argocd.argoproj.io/sync-options: ServerSideApply=true
name: thanosrulers.monitoring.coreos.com name: thanosrulers.monitoring.coreos.com
spec: spec:

View File

@ -6,7 +6,7 @@ annotations:
- name: Upstream Project - name: Upstream Project
url: https://github.com/grafana/grafana url: https://github.com/grafana/grafana
apiVersion: v2 apiVersion: v2
appVersion: 10.4.0 appVersion: 10.4.1
description: The leading tool for querying and visualizing time series and metrics. description: The leading tool for querying and visualizing time series and metrics.
home: https://grafana.com home: https://grafana.com
icon: https://artifacthub.io/image/b4fed1a7-6c8f-4945-b99d-096efa3e4116 icon: https://artifacthub.io/image/b4fed1a7-6c8f-4945-b99d-096efa3e4116
@ -30,4 +30,4 @@ sources:
- https://github.com/grafana/grafana - https://github.com/grafana/grafana
- https://github.com/grafana/helm-charts - https://github.com/grafana/helm-charts
type: application type: application
version: 7.3.7 version: 7.3.11

View File

@ -145,13 +145,11 @@ Return the appropriate apiVersion for ingress.
Return the appropriate apiVersion for Horizontal Pod Autoscaler. Return the appropriate apiVersion for Horizontal Pod Autoscaler.
*/}} */}}
{{- define "grafana.hpa.apiVersion" -}} {{- define "grafana.hpa.apiVersion" -}}
{{- if $.Capabilities.APIVersions.Has "autoscaling/v2/HorizontalPodAutoscaler" }} {{- if .Capabilities.APIVersions.Has "autoscaling/v2" }}
{{- print "autoscaling/v2" }} {{- print "autoscaling/v2" }}
{{- else if $.Capabilities.APIVersions.Has "autoscaling/v2beta2/HorizontalPodAutoscaler" }} {{- else }}
{{- print "autoscaling/v2beta2" }} {{- print "autoscaling/v2beta2" }}
{{- else }} {{- end }}
{{- print "autoscaling/v2beta1" }}
{{- end }}
{{- end }} {{- end }}
{{/* {{/*

View File

@ -25,6 +25,9 @@ spec:
resources: resources:
requests: requests:
storage: {{ .Values.persistence.size | quote }} storage: {{ .Values.persistence.size | quote }}
{{- if (lookup "v1" "PersistentVolumeClaim" (include "grafana.namespace" .) (include "grafana.fullname" .)) }}
volumeName: {{ (lookup "v1" "PersistentVolumeClaim" (include "grafana.namespace" .) (include "grafana.fullname" .)).spec.volumeName }}
{{- end }}
{{- with .Values.persistence.storageClassName }} {{- with .Values.persistence.storageClassName }}
storageClassName: {{ . }} storageClassName: {{ . }}
{{- end }} {{- end }}

View File

@ -41,6 +41,10 @@ spec:
- mountPath: /tests - mountPath: /tests
name: tests name: tests
readOnly: true readOnly: true
{{- with .Values.testFramework.resources }}
resources:
{{- toYaml . | nindent 8 }}
{{- end }}
volumes: volumes:
- name: tests - name: tests
configMap: configMap:

View File

@ -121,6 +121,13 @@ testFramework:
tag: "v1.4.1" tag: "v1.4.1"
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
securityContext: {} securityContext: {}
resources: {}
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
# dns configuration for pod # dns configuration for pod
dnsPolicy: ~ dnsPolicy: ~

View File

@ -23,4 +23,4 @@ name: kube-state-metrics
sources: sources:
- https://github.com/kubernetes/kube-state-metrics/ - https://github.com/kubernetes/kube-state-metrics/
type: application type: application
version: 5.18.1 version: 5.19.0

View File

@ -14,6 +14,10 @@ metadata:
{{- end }} {{- end }}
spec: spec:
type: "{{ .Values.service.type }}" type: "{{ .Values.service.type }}"
{{- if .Values.service.ipDualStack.enabled }}
ipFamilies: {{ toYaml .Values.service.ipDualStack.ipFamilies | nindent 4 }}
ipFamilyPolicy: {{ .Values.service.ipDualStack.ipFamilyPolicy }}
{{- end }}
ports: ports:
- name: "http" - name: "http"
protocol: TCP protocol: TCP

View File

@ -56,6 +56,10 @@ service:
port: 8080 port: 8080
# Default to clusterIP for backward compatibility # Default to clusterIP for backward compatibility
type: ClusterIP type: ClusterIP
ipDualStack:
enabled: false
ipFamilies: ["IPv6", "IPv4"]
ipFamilyPolicy: "PreferDualStack"
nodePort: 0 nodePort: 0
loadBalancerIP: "" loadBalancerIP: ""
# Only allow access to the loadBalancerIP from these IPs # Only allow access to the loadBalancerIP from these IPs

View File

@ -4,7 +4,7 @@ annotations:
- name: Chart Source - name: Chart Source
url: https://github.com/prometheus-community/helm-charts url: https://github.com/prometheus-community/helm-charts
apiVersion: v2 apiVersion: v2
appVersion: 1.7.0 appVersion: 1.8.0
description: A Helm chart for prometheus node-exporter description: A Helm chart for prometheus node-exporter
home: https://github.com/prometheus/node_exporter/ home: https://github.com/prometheus/node_exporter/
keywords: keywords:
@ -22,4 +22,4 @@ name: prometheus-node-exporter
sources: sources:
- https://github.com/prometheus/node_exporter/ - https://github.com/prometheus/node_exporter/
type: application type: application
version: 4.32.0 version: 4.34.0

View File

@ -14,6 +14,9 @@ spec:
{{- if .Values.service.ipDualStack.enabled }} {{- if .Values.service.ipDualStack.enabled }}
ipFamilies: {{ toYaml .Values.service.ipDualStack.ipFamilies | nindent 4 }} ipFamilies: {{ toYaml .Values.service.ipDualStack.ipFamilies | nindent 4 }}
ipFamilyPolicy: {{ .Values.service.ipDualStack.ipFamilyPolicy }} ipFamilyPolicy: {{ .Values.service.ipDualStack.ipFamilyPolicy }}
{{- end }}
{{- if .Values.service.externalTrafficPolicy }}
externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy }}
{{- end }} {{- end }}
type: {{ .Values.service.type }} type: {{ .Values.service.type }}
ports: ports:

View File

@ -98,6 +98,7 @@ service:
enabled: false enabled: false
ipFamilies: ["IPv6", "IPv4"] ipFamilies: ["IPv6", "IPv4"]
ipFamilyPolicy: "PreferDualStack" ipFamilyPolicy: "PreferDualStack"
externalTrafficPolicy: ""
# Set a NetworkPolicy with: # Set a NetworkPolicy with:
# ingress only on service.port # ingress only on service.port

View File

@ -57,9 +57,14 @@ The longest name that gets created adds and extra 37 characters, so truncation s
{{- end }} {{- end }}
{{- end }} {{- end }}
{{/* Fullname suffixed with thanos-ruler */}} {{/* ThanosRuler custom resource instance name */}}
{{- define "kube-prometheus-stack.thanosRuler.fullname" -}} {{/* Subtracting 1 from 26 truncation of kube-prometheus-stack.fullname */}}
{{- printf "%s-thanos-ruler" (include "kube-prometheus-stack.fullname" .) -}} {{- define "kube-prometheus-stack.thanosRuler.crname" -}}
{{- if .Values.cleanPrometheusOperatorObjectNames }}
{{- include "kube-prometheus-stack.fullname" . }}
{{- else }}
{{- print (include "kube-prometheus-stack.fullname" . | trunc 25 | trimSuffix "-") "-thanos-ruler" -}}
{{- end }}
{{- end }} {{- end }}
{{/* Shortened name suffixed with thanos-ruler */}} {{/* Shortened name suffixed with thanos-ruler */}}

View File

@ -23,7 +23,7 @@ spec:
{{- else }} {{- else }}
image: "{{ $registry }}/{{ .Values.alertmanager.alertmanagerSpec.image.repository }}" image: "{{ $registry }}/{{ .Values.alertmanager.alertmanagerSpec.image.repository }}"
{{- end }} {{- end }}
version: {{ .Values.alertmanager.alertmanagerSpec.image.tag }} version: {{ default .Values.alertmanager.alertmanagerSpec.image.tag .Values.alertmanager.alertmanagerSpec.version }}
{{- if .Values.alertmanager.alertmanagerSpec.image.sha }} {{- if .Values.alertmanager.alertmanagerSpec.image.sha }}
sha: {{ .Values.alertmanager.alertmanagerSpec.image.sha }} sha: {{ .Values.alertmanager.alertmanagerSpec.image.sha }}
{{- end }} {{- end }}

View File

@ -65,4 +65,8 @@ spec:
timeoutSeconds: {{ .Values.alertmanager.service.sessionAffinityConfig.clientIP.timeoutSeconds }} timeoutSeconds: {{ .Values.alertmanager.service.sessionAffinityConfig.clientIP.timeoutSeconds }}
{{- end }} {{- end }}
type: "{{ .Values.alertmanager.service.type }}" type: "{{ .Values.alertmanager.service.type }}"
{{- if .Values.alertmanager.service.ipDualStack.enabled }}
ipFamilies: {{ toYaml .Values.alertmanager.service.ipDualStack.ipFamilies | nindent 4 }}
ipFamilyPolicy: {{ .Values.alertmanager.service.ipDualStack.ipFamilyPolicy }}
{{- end }} {{- end }}
{{- end }}

View File

@ -10,6 +10,10 @@ metadata:
namespace: kube-system namespace: kube-system
spec: spec:
clusterIP: None clusterIP: None
{{- if .Values.coreDns.service.ipDualStack.enabled }}
ipFamilies: {{ toYaml .Values.coreDns.service.ipDualStack.ipFamilies | nindent 4 }}
ipFamilyPolicy: {{ .Values.coreDns.service.ipDualStack.ipFamilyPolicy }}
{{- end }}
ports: ports:
- name: {{ .Values.coreDns.serviceMonitor.port }} - name: {{ .Values.coreDns.serviceMonitor.port }}
port: {{ .Values.coreDns.service.port }} port: {{ .Values.coreDns.service.port }}

View File

@ -10,6 +10,10 @@ metadata:
namespace: kube-system namespace: kube-system
spec: spec:
clusterIP: None clusterIP: None
{{- if .Values.kubeControllerManager.service.ipDualStack.enabled }}
ipFamilies: {{ toYaml .Values.kubeControllerManager.service.ipDualStack.ipFamilies | nindent 4 }}
ipFamilyPolicy: {{ .Values.kubeControllerManager.service.ipDualStack.ipFamilyPolicy }}
{{- end }}
ports: ports:
- name: {{ .Values.kubeControllerManager.serviceMonitor.port }} - name: {{ .Values.kubeControllerManager.serviceMonitor.port }}
{{- $kubeControllerManagerDefaultInsecurePort := 10252 }} {{- $kubeControllerManagerDefaultInsecurePort := 10252 }}

View File

@ -10,6 +10,10 @@ metadata:
namespace: kube-system namespace: kube-system
spec: spec:
clusterIP: None clusterIP: None
{{- if .Values.kubeDns.service.ipDualStack.enabled }}
ipFamilies: {{ toYaml .Values.kubeDns.service.ipDualStack.ipFamilies | nindent 4 }}
ipFamilyPolicy: {{ .Values.kubeDns.service.ipDualStack.ipFamilyPolicy }}
{{- end }}
ports: ports:
- name: http-metrics-dnsmasq - name: http-metrics-dnsmasq
port: {{ .Values.kubeDns.service.dnsmasq.port }} port: {{ .Values.kubeDns.service.dnsmasq.port }}

View File

@ -10,6 +10,10 @@ metadata:
namespace: kube-system namespace: kube-system
spec: spec:
clusterIP: None clusterIP: None
{{- if .Values.kubeEtcd.service.ipDualStack.enabled }}
ipFamilies: {{ toYaml .Values.kubeEtcd.service.ipDualStack.ipFamilies | nindent 4 }}
ipFamilyPolicy: {{ .Values.kubeEtcd.service.ipDualStack.ipFamilyPolicy }}
{{- end }}
ports: ports:
- name: {{ .Values.kubeEtcd.serviceMonitor.port }} - name: {{ .Values.kubeEtcd.serviceMonitor.port }}
port: {{ .Values.kubeEtcd.service.port }} port: {{ .Values.kubeEtcd.service.port }}

View File

@ -10,6 +10,10 @@ metadata:
namespace: kube-system namespace: kube-system
spec: spec:
clusterIP: None clusterIP: None
{{- if .Values.kubeProxy.service.ipDualStack.enabled }}
ipFamilies: {{ toYaml .Values.kubeProxy.service.ipDualStack.ipFamilies | nindent 4 }}
ipFamilyPolicy: {{ .Values.kubeProxy.service.ipDualStack.ipFamilyPolicy }}
{{- end }}
ports: ports:
- name: {{ .Values.kubeProxy.serviceMonitor.port }} - name: {{ .Values.kubeProxy.serviceMonitor.port }}
port: {{ .Values.kubeProxy.service.port }} port: {{ .Values.kubeProxy.service.port }}

View File

@ -10,6 +10,10 @@ metadata:
namespace: kube-system namespace: kube-system
spec: spec:
clusterIP: None clusterIP: None
{{- if .Values.kubeScheduler.service.ipDualStack.enabled }}
ipFamilies: {{ toYaml .Values.kubeScheduler.service.ipDualStack.ipFamilies | nindent 4 }}
ipFamilyPolicy: {{ .Values.kubeScheduler.service.ipDualStack.ipFamilyPolicy }}
{{- end }}
ports: ports:
- name: {{ .Values.kubeScheduler.serviceMonitor.port }} - name: {{ .Values.kubeScheduler.serviceMonitor.port }}
{{- $kubeSchedulerDefaultInsecurePort := 10251 }} {{- $kubeSchedulerDefaultInsecurePort := 10251 }}

View File

@ -35,7 +35,7 @@ spec:
{{- end }} {{- end }}
tlsConfig: tlsConfig:
caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
insecureSkipVerify: true insecureSkipVerify: {{ .Values.kubelet.serviceMonitor.insecureSkipVerify }}
bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
honorLabels: {{ .Values.kubelet.serviceMonitor.honorLabels }} honorLabels: {{ .Values.kubelet.serviceMonitor.honorLabels }}
honorTimestamps: {{ .Values.kubelet.serviceMonitor.honorTimestamps }} honorTimestamps: {{ .Values.kubelet.serviceMonitor.honorTimestamps }}

View File

@ -22,7 +22,7 @@ data:
datasources: datasources:
{{- $scrapeInterval := .Values.grafana.sidecar.datasources.defaultDatasourceScrapeInterval | default .Values.prometheus.prometheusSpec.scrapeInterval | default "30s" }} {{- $scrapeInterval := .Values.grafana.sidecar.datasources.defaultDatasourceScrapeInterval | default .Values.prometheus.prometheusSpec.scrapeInterval | default "30s" }}
{{- if .Values.grafana.sidecar.datasources.defaultDatasourceEnabled }} {{- if .Values.grafana.sidecar.datasources.defaultDatasourceEnabled }}
- name: Prometheus - name: {{ .Values.grafana.sidecar.datasources.name }}
type: prometheus type: prometheus
uid: {{ .Values.grafana.sidecar.datasources.uid }} uid: {{ .Values.grafana.sidecar.datasources.uid }}
{{- if .Values.grafana.sidecar.datasources.url }} {{- if .Values.grafana.sidecar.datasources.url }}
@ -45,7 +45,7 @@ data:
{{- end }} {{- end }}
{{- if .Values.grafana.sidecar.datasources.createPrometheusReplicasDatasources }} {{- if .Values.grafana.sidecar.datasources.createPrometheusReplicasDatasources }}
{{- range until (int .Values.prometheus.prometheusSpec.replicas) }} {{- range until (int .Values.prometheus.prometheusSpec.replicas) }}
- name: Prometheus-{{ . }} - name: {{ .Values.grafana.sidecar.datasources.name }}-{{ . }}
type: prometheus type: prometheus
uid: {{ $.Values.grafana.sidecar.datasources.uid }}-replica-{{ . }} uid: {{ $.Values.grafana.sidecar.datasources.uid }}-replica-{{ . }}
url: http://prometheus-{{ template "kube-prometheus-stack.prometheus.crname" $ }}-{{ . }}.prometheus-operated:9090/{{ trimPrefix "/" $.Values.prometheus.prometheusSpec.routePrefix }} url: http://prometheus-{{ template "kube-prometheus-stack.prometheus.crname" $ }}-{{ . }}.prometheus-operated:9090/{{ trimPrefix "/" $.Values.prometheus.prometheusSpec.routePrefix }}
@ -61,7 +61,7 @@ data:
{{- end }} {{- end }}
{{- end }} {{- end }}
{{- if .Values.grafana.sidecar.datasources.alertmanager.enabled }} {{- if .Values.grafana.sidecar.datasources.alertmanager.enabled }}
- name: Alertmanager - name: {{ .Values.grafana.sidecar.datasources.alertmanager.name }}
type: alertmanager type: alertmanager
uid: {{ .Values.grafana.sidecar.datasources.alertmanager.uid }} uid: {{ .Values.grafana.sidecar.datasources.alertmanager.uid }}
{{- if .Values.grafana.sidecar.datasources.alertmanager.url }} {{- if .Values.grafana.sidecar.datasources.alertmanager.url }}

View File

@ -1,5 +1,5 @@
{{- if .Values.prometheusOperator.admissionWebhooks.deployment.podDisruptionBudget -}} {{- if .Values.prometheusOperator.admissionWebhooks.deployment.podDisruptionBudget -}}
apiVersion: policy/v1{{ ternary "" "beta1" ($.Capabilities.APIVersions.Has "policy/v1/PodDisruptionBudget") }} apiVersion: {{ include "kube-prometheus-stack.pdb.apiVersion" . }}
kind: PodDisruptionBudget kind: PodDisruptionBudget
metadata: metadata:
name: {{ template "kube-prometheus-stack.operator.fullname" . }}-webhook name: {{ template "kube-prometheus-stack.operator.fullname" . }}-webhook

View File

@ -18,6 +18,10 @@ spec:
{{- if .Values.prometheusOperator.admissionWebhooks.deployment.service.clusterIP }} {{- if .Values.prometheusOperator.admissionWebhooks.deployment.service.clusterIP }}
clusterIP: {{ .Values.prometheusOperator.admissionWebhooks.deployment.service.clusterIP }} clusterIP: {{ .Values.prometheusOperator.admissionWebhooks.deployment.service.clusterIP }}
{{- end }} {{- end }}
{{- if .Values.prometheusOperator.admissionWebhooks.deployment.service.ipDualStack.enabled }}
ipFamilies: {{ toYaml .Values.prometheusOperator.admissionWebhooks.deployment.service.ipDualStack.ipFamilies | nindent 4 }}
ipFamilyPolicy: {{ .Values.prometheusOperator.admissionWebhooks.deployment.service.ipDualStack.ipFamilyPolicy }}
{{- end }}
{{- if .Values.prometheusOperator.admissionWebhooks.deployment.service.externalIPs }} {{- if .Values.prometheusOperator.admissionWebhooks.deployment.service.externalIPs }}
externalIPs: externalIPs:
{{ toYaml .Values.prometheusOperator.admissionWebhooks.deployment.service.externalIPs | indent 4 }} {{ toYaml .Values.prometheusOperator.admissionWebhooks.deployment.service.externalIPs | indent 4 }}

View File

@ -14,10 +14,7 @@ metadata:
app: {{ template "kube-prometheus-stack.name" $ }}-admission-create app: {{ template "kube-prometheus-stack.name" $ }}-admission-create
{{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 4 }} {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 4 }}
spec: spec:
{{- if .Capabilities.APIVersions.Has "batch/v1alpha1" }} ttlSecondsAfterFinished: {{ .Values.prometheusOperator.admissionWebhooks.patch.ttlSecondsAfterFinished }}
# Alpha feature since k8s 1.12
ttlSecondsAfterFinished: 0
{{- end }}
template: template:
metadata: metadata:
name: {{ template "kube-prometheus-stack.fullname" . }}-admission-create name: {{ template "kube-prometheus-stack.fullname" . }}-admission-create

View File

@ -14,10 +14,7 @@ metadata:
app: {{ template "kube-prometheus-stack.name" $ }}-admission-patch app: {{ template "kube-prometheus-stack.name" $ }}-admission-patch
{{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 4 }} {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 4 }}
spec: spec:
{{- if .Capabilities.APIVersions.Has "batch/v1alpha1" }} ttlSecondsAfterFinished: {{ .Values.prometheusOperator.admissionWebhooks.patch.ttlSecondsAfterFinished }}
# Alpha feature since k8s 1.12
ttlSecondsAfterFinished: 0
{{- end }}
template: template:
metadata: metadata:
name: {{ template "kube-prometheus-stack.fullname" . }}-admission-patch name: {{ template "kube-prometheus-stack.fullname" . }}-admission-patch

View File

@ -1,4 +1,4 @@
{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.admissionWebhooks.enabled .Values.prometheusOperator.admissionWebhooks.patch.enabled .Values.global.rbac.create (not .Values.prometheusOperator.admissionWebhooks.certManager.enabled) }} {{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.admissionWebhooks.enabled .Values.prometheusOperator.admissionWebhooks.patch.enabled .Values.prometheusOperator.admissionWebhooks.patch.serviceAccount.create (not .Values.prometheusOperator.admissionWebhooks.certManager.enabled) }}
apiVersion: v1 apiVersion: v1
kind: ServiceAccount kind: ServiceAccount
metadata: metadata:
@ -10,6 +10,7 @@ metadata:
labels: labels:
app: {{ template "kube-prometheus-stack.name" $ }}-admission app: {{ template "kube-prometheus-stack.name" $ }}-admission
{{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 4 }} {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 4 }}
automountServiceAccountToken: {{ .Values.prometheusOperator.admissionWebhooks.patch.serviceAccount.automountServiceAccountToken }}
{{- if .Values.global.imagePullSecrets }} {{- if .Values.global.imagePullSecrets }}
imagePullSecrets: imagePullSecrets:
{{ include "kube-prometheus-stack.imagePullSecrets" . | trim | indent 2 }} {{ include "kube-prometheus-stack.imagePullSecrets" . | trim | indent 2 }}

View File

@ -74,4 +74,8 @@ webhooks:
{{- end }} {{- end }}
{{- end }} {{- end }}
{{- end }} {{- end }}
{{- with .Values.prometheusOperator.admissionWebhooks.objectSelector }}
objectSelector:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- end }} {{- end }}

View File

@ -74,4 +74,8 @@ webhooks:
{{- end }} {{- end }}
{{- end }} {{- end }}
{{- end }} {{- end }}
{{- with .Values.prometheusOperator.admissionWebhooks.objectSelector }}
objectSelector:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- end }} {{- end }}

View File

@ -59,6 +59,9 @@ spec:
args: args:
{{- if .Values.prometheusOperator.kubeletService.enabled }} {{- if .Values.prometheusOperator.kubeletService.enabled }}
- --kubelet-service={{ .Values.prometheusOperator.kubeletService.namespace }}/{{ default $defaultKubeletSvcName .Values.prometheusOperator.kubeletService.name }} - --kubelet-service={{ .Values.prometheusOperator.kubeletService.namespace }}/{{ default $defaultKubeletSvcName .Values.prometheusOperator.kubeletService.name }}
{{- if .Values.prometheusOperator.kubeletService.selector }}
- --kubelet-selector={{ .Values.prometheusOperator.kubeletService.selector }}
{{- end }}
{{- end }} {{- end }}
{{- if .Values.prometheusOperator.logFormat }} {{- if .Values.prometheusOperator.logFormat }}
- --log-format={{ .Values.prometheusOperator.logFormat }} - --log-format={{ .Values.prometheusOperator.logFormat }}

View File

@ -17,6 +17,10 @@ spec:
{{- if .Values.prometheusOperator.service.clusterIP }} {{- if .Values.prometheusOperator.service.clusterIP }}
clusterIP: {{ .Values.prometheusOperator.service.clusterIP }} clusterIP: {{ .Values.prometheusOperator.service.clusterIP }}
{{- end }} {{- end }}
{{- if .Values.prometheusOperator.service.ipDualStack.enabled }}
ipFamilies: {{ toYaml .Values.prometheusOperator.service.ipDualStack.ipFamilies | nindent 4 }}
ipFamilyPolicy: {{ .Values.prometheusOperator.service.ipDualStack.ipFamilyPolicy }}
{{- end }}
{{- if .Values.prometheusOperator.service.externalIPs }} {{- if .Values.prometheusOperator.service.externalIPs }}
externalIPs: externalIPs:
{{ toYaml .Values.prometheusOperator.service.externalIPs | indent 4 }} {{ toYaml .Values.prometheusOperator.service.externalIPs | indent 4 }}

View File

@ -103,7 +103,7 @@ spec:
{{- end }} {{- end }}
{{- if and (not .Values.prometheus.agentMode) .Values.prometheus.prometheusSpec.exemplars }} {{- if and (not .Values.prometheus.agentMode) .Values.prometheus.prometheusSpec.exemplars }}
exemplars: exemplars:
{{ toYaml .Values.prometheus.prometheusSpec.exemplars | indent 4 }} {{- toYaml .Values.prometheus.prometheusSpec.exemplars | nindent 4 }}
{{- end }} {{- end }}
{{- if .Values.prometheus.prometheusSpec.enableFeatures }} {{- if .Values.prometheus.prometheusSpec.enableFeatures }}
enableFeatures: enableFeatures:

View File

@ -20,6 +20,10 @@ spec:
{{- if .Values.prometheus.service.clusterIP }} {{- if .Values.prometheus.service.clusterIP }}
clusterIP: {{ .Values.prometheus.service.clusterIP }} clusterIP: {{ .Values.prometheus.service.clusterIP }}
{{- end }} {{- end }}
{{- if .Values.prometheus.service.ipDualStack.enabled }}
ipFamilies: {{ toYaml .Values.prometheus.service.ipDualStack.ipFamilies | nindent 4 }}
ipFamilyPolicy: {{ .Values.prometheus.service.ipDualStack.ipFamilyPolicy }}
{{- end }}
{{- if .Values.prometheus.service.externalIPs }} {{- if .Values.prometheus.service.externalIPs }}
externalIPs: externalIPs:
{{ toYaml .Values.prometheus.service.externalIPs | indent 4 }} {{ toYaml .Values.prometheus.service.externalIPs | indent 4 }}

View File

@ -17,6 +17,10 @@ metadata:
spec: spec:
type: {{ .Values.prometheus.thanosService.type }} type: {{ .Values.prometheus.thanosService.type }}
clusterIP: {{ .Values.prometheus.thanosService.clusterIP }} clusterIP: {{ .Values.prometheus.thanosService.clusterIP }}
{{- if .Values.prometheus.thanosService.ipDualStack.enabled }}
ipFamilies: {{ toYaml .Values.prometheus.thanosService.ipDualStack.ipFamilies | nindent 4 }}
ipFamilyPolicy: {{ .Values.prometheus.thanosService.ipDualStack.ipFamilyPolicy }}
{{- end }}
{{- if ne .Values.prometheus.thanosService.type "ClusterIP" }} {{- if ne .Values.prometheus.thanosService.type "ClusterIP" }}
externalTrafficPolicy: {{ .Values.prometheus.thanosService.externalTrafficPolicy }} externalTrafficPolicy: {{ .Values.prometheus.thanosService.externalTrafficPolicy }}
{{- end }} {{- end }}

View File

@ -24,6 +24,10 @@ items:
{{- if $serviceValues.clusterIP }} {{- if $serviceValues.clusterIP }}
clusterIP: {{ $serviceValues.clusterIP }} clusterIP: {{ $serviceValues.clusterIP }}
{{- end }} {{- end }}
{{- if $serviceValues.ipDualStack.enabled }}
ipFamilies: {{ toYaml $serviceValues.ipDualStack.ipFamilies | nindent 4 }}
ipFamilyPolicy: {{ $serviceValues.ipDualStack.ipFamilyPolicy }}
{{- end }}
{{- if $serviceValues.loadBalancerSourceRanges }} {{- if $serviceValues.loadBalancerSourceRanges }}
loadBalancerSourceRanges: loadBalancerSourceRanges:
{{- range $cidr := $serviceValues.loadBalancerSourceRanges }} {{- range $cidr := $serviceValues.loadBalancerSourceRanges }}

View File

@ -17,5 +17,5 @@ spec:
selector: selector:
matchLabels: matchLabels:
app.kubernetes.io/name: thanos-ruler app.kubernetes.io/name: thanos-ruler
thanos-ruler: {{ template "kube-prometheus-stack.thanosRuler.name" . }} thanos-ruler: {{ template "kube-prometheus-stack.thanosRuler.crname" . }}
{{- end }} {{- end }}

View File

@ -2,7 +2,7 @@
apiVersion: monitoring.coreos.com/v1 apiVersion: monitoring.coreos.com/v1
kind: ThanosRuler kind: ThanosRuler
metadata: metadata:
name: {{ template "kube-prometheus-stack.thanosRuler.name" . }} name: {{ template "kube-prometheus-stack.thanosRuler.crname" . }}
namespace: {{ template "kube-prometheus-stack.namespace" . }} namespace: {{ template "kube-prometheus-stack.namespace" . }}
labels: labels:
app: {{ include "kube-prometheus-stack.thanosRuler.name" . }} app: {{ include "kube-prometheus-stack.thanosRuler.name" . }}
@ -34,12 +34,12 @@ spec:
externalPrefix: "{{ tpl .Values.thanosRuler.thanosRulerSpec.externalPrefix . }}" externalPrefix: "{{ tpl .Values.thanosRuler.thanosRulerSpec.externalPrefix . }}"
{{- else if and .Values.thanosRuler.ingress.enabled .Values.thanosRuler.ingress.hosts }} {{- else if and .Values.thanosRuler.ingress.enabled .Values.thanosRuler.ingress.hosts }}
externalPrefix: "http://{{ tpl (index .Values.thanosRuler.ingress.hosts 0) . }}{{ .Values.thanosRuler.thanosRulerSpec.routePrefix }}" externalPrefix: "http://{{ tpl (index .Values.thanosRuler.ingress.hosts 0) . }}{{ .Values.thanosRuler.thanosRulerSpec.routePrefix }}"
{{- else }} {{- else if .Values.thanosRuler.thanosRulerSpec.externalPrefixNilUsesHelmValues }}
externalPrefix: http://{{ template "kube-prometheus-stack.thanosRuler.name" . }}.{{ template "kube-prometheus-stack.namespace" . }}:{{ .Values.thanosRuler.service.port }} externalPrefix: "http://{{ template "kube-prometheus-stack.thanosRuler.name" . }}.{{ template "kube-prometheus-stack.namespace" . }}:{{ .Values.thanosRuler.service.port }}"
{{- end }} {{- end }}
{{- if .Values.thanosRuler.thanosRulerSpec.additionalArgs }} {{- if .Values.thanosRuler.thanosRulerSpec.additionalArgs }}
additionalArgs: additionalArgs:
{{ toYaml .Values.thanosRuler.thanosRulerSpec.additionalArgs | indent 4 }} {{ tpl (toYaml .Values.thanosRuler.thanosRulerSpec.additionalArgs) $ | indent 4 }}
{{- end }} {{- end }}
{{- if .Values.thanosRuler.thanosRulerSpec.nodeSelector }} {{- if .Values.thanosRuler.thanosRulerSpec.nodeSelector }}
nodeSelector: nodeSelector:
@ -123,7 +123,7 @@ spec:
{{- end }} {{- end }}
{{- if .Values.thanosRuler.thanosRulerSpec.labels }} {{- if .Values.thanosRuler.thanosRulerSpec.labels }}
labels: labels:
{{ toYaml .Values.thanosRuler.thanosRulerSpec.labels | indent 4 }} {{ tpl (toYaml .Values.thanosRuler.thanosRulerSpec.labels) $ | indent 4 }}
{{- end }} {{- end }}
{{- if .Values.thanosRuler.thanosRulerSpec.podMetadata }} {{- if .Values.thanosRuler.thanosRulerSpec.podMetadata }}
podMetadata: podMetadata:
@ -142,7 +142,7 @@ spec:
labelSelector: labelSelector:
matchExpressions: matchExpressions:
- {key: app.kubernetes.io/name, operator: In, values: [thanos-ruler]} - {key: app.kubernetes.io/name, operator: In, values: [thanos-ruler]}
- {key: thanos-ruler, operator: In, values: [{{ template "kube-prometheus-stack.thanosRuler.name" . }}]} - {key: thanos-ruler, operator: In, values: [{{ template "kube-prometheus-stack.thanosRuler.crname" . }}]}
{{- else if eq .Values.thanosRuler.thanosRulerSpec.podAntiAffinity "soft" }} {{- else if eq .Values.thanosRuler.thanosRulerSpec.podAntiAffinity "soft" }}
podAntiAffinity: podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution: preferredDuringSchedulingIgnoredDuringExecution:
@ -152,7 +152,7 @@ spec:
labelSelector: labelSelector:
matchExpressions: matchExpressions:
- {key: app.kubernetes.io/name, operator: In, values: [thanos-ruler]} - {key: app.kubernetes.io/name, operator: In, values: [thanos-ruler]}
- {key: thanos-ruler, operator: In, values: [{{ template "kube-prometheus-stack.thanosRuler.name" . }}]} - {key: thanos-ruler, operator: In, values: [{{ template "kube-prometheus-stack.thanosRuler.crname" . }}]}
{{- end }} {{- end }}
{{- if .Values.thanosRuler.thanosRulerSpec.tolerations }} {{- if .Values.thanosRuler.thanosRulerSpec.tolerations }}
tolerations: tolerations:
@ -185,5 +185,15 @@ spec:
volumeMounts: volumeMounts:
{{ toYaml .Values.thanosRuler.thanosRulerSpec.volumeMounts | indent 4 }} {{ toYaml .Values.thanosRuler.thanosRulerSpec.volumeMounts | indent 4 }}
{{- end }} {{- end }}
portName: {{ .Values.thanosRuler.thanosRulerSpec.portName }} {{- if .Values.thanosRuler.thanosRulerSpec.alertDropLabels }}
alertDropLabels:
{{ toYaml .Values.thanosRuler.thanosRulerSpec.alertDropLabels | indent 4 }}
{{- end }}
portName: {{ .Values.thanosRuler.thanosRulerSpec.portName }}
{{- with .Values.thanosRuler.thanosRulerSpec.additionalConfig }}
{{- tpl (toYaml .) $ | nindent 2 }}
{{- end }}
{{- with .Values.thanosRuler.thanosRulerSpec.additionalConfigString }}
{{- tpl . $ | nindent 2 }}
{{- end }}
{{- end }} {{- end }}

View File

@ -19,6 +19,10 @@ spec:
{{- if .Values.thanosRuler.service.clusterIP }} {{- if .Values.thanosRuler.service.clusterIP }}
clusterIP: {{ .Values.thanosRuler.service.clusterIP }} clusterIP: {{ .Values.thanosRuler.service.clusterIP }}
{{- end }} {{- end }}
{{- if .Values.thanosRuler.service.ipDualStack.enabled }}
ipFamilies: {{ toYaml .Values.thanosRuler.service.ipDualStack.ipFamilies | nindent 4 }}
ipFamilyPolicy: {{ .Values.thanosRuler.service.ipDualStack.ipFamilyPolicy }}
{{- end }}
{{- if .Values.thanosRuler.service.externalIPs }} {{- if .Values.thanosRuler.service.externalIPs }}
externalIPs: externalIPs:
{{ toYaml .Values.thanosRuler.service.externalIPs | indent 4 }} {{ toYaml .Values.thanosRuler.service.externalIPs | indent 4 }}
@ -48,6 +52,6 @@ spec:
{{- end }} {{- end }}
selector: selector:
app.kubernetes.io/name: thanos-ruler app.kubernetes.io/name: thanos-ruler
thanos-ruler: {{ template "kube-prometheus-stack.thanosRuler.name" . }} thanos-ruler: {{ template "kube-prometheus-stack.thanosRuler.crname" . }}
type: "{{ .Values.thanosRuler.service.type }}" type: "{{ .Values.thanosRuler.service.type }}"
{{- end }} {{- end }}

View File

@ -476,6 +476,10 @@ alertmanager:
annotations: {} annotations: {}
labels: {} labels: {}
clusterIP: "" clusterIP: ""
ipDualStack:
enabled: false
ipFamilies: ["IPv6", "IPv4"]
ipFamilyPolicy: "PreferDualStack"
## Port for Alertmanager Service to listen on ## Port for Alertmanager Service to listen on
## ##
@ -1052,6 +1056,7 @@ grafana:
defaultDatasourceEnabled: true defaultDatasourceEnabled: true
isDefaultDatasource: true isDefaultDatasource: true
name: Prometheus
uid: prometheus uid: prometheus
## URL of prometheus datasource ## URL of prometheus datasource
@ -1086,6 +1091,7 @@ grafana:
# traceIdLabelName: trace_id # traceIdLabelName: trace_id
alertmanager: alertmanager:
enabled: true enabled: true
name: Alertmanager
uid: alertmanager uid: alertmanager
handleGrafanaManagedAlerts: false handleGrafanaManagedAlerts: false
implementation: prometheus implementation: prometheus
@ -1286,6 +1292,12 @@ kubelet:
## ##
https: true https: true
## Skip TLS certificate validation when scraping.
## This is enabled by default because kubelet serving certificate deployed by kubeadm is by default self-signed
## ref: https://kubernetes.io/docs/tasks/administer-cluster/kubeadm/kubeadm-certs/#kubelet-serving-certs
##
insecureSkipVerify: true
## Enable scraping /metrics/cadvisor from kubelet's service ## Enable scraping /metrics/cadvisor from kubelet's service
## ##
cAdvisor: true cAdvisor: true
@ -1454,6 +1466,10 @@ kubeControllerManager:
## ##
port: null port: null
targetPort: null targetPort: null
ipDualStack:
enabled: false
ipFamilies: ["IPv6", "IPv4"]
ipFamilyPolicy: "PreferDualStack"
# selector: # selector:
# component: kube-controller-manager # component: kube-controller-manager
@ -1540,6 +1556,11 @@ coreDns:
enabled: true enabled: true
port: 9153 port: 9153
targetPort: 9153 targetPort: 9153
ipDualStack:
enabled: false
ipFamilies: ["IPv6", "IPv4"]
ipFamilyPolicy: "PreferDualStack"
# selector: # selector:
# k8s-app: kube-dns # k8s-app: kube-dns
serviceMonitor: serviceMonitor:
@ -1616,6 +1637,10 @@ kubeDns:
skydns: skydns:
port: 10055 port: 10055
targetPort: 10055 targetPort: 10055
ipDualStack:
enabled: false
ipFamilies: ["IPv6", "IPv4"]
ipFamilyPolicy: "PreferDualStack"
# selector: # selector:
# k8s-app: kube-dns # k8s-app: kube-dns
serviceMonitor: serviceMonitor:
@ -1713,6 +1738,10 @@ kubeEtcd:
enabled: true enabled: true
port: 2381 port: 2381
targetPort: 2381 targetPort: 2381
ipDualStack:
enabled: false
ipFamilies: ["IPv6", "IPv4"]
ipFamilyPolicy: "PreferDualStack"
# selector: # selector:
# component: etcd # component: etcd
@ -1817,6 +1846,10 @@ kubeScheduler:
## ##
port: null port: null
targetPort: null targetPort: null
ipDualStack:
enabled: false
ipFamilies: ["IPv6", "IPv4"]
ipFamilyPolicy: "PreferDualStack"
# selector: # selector:
# component: kube-scheduler # component: kube-scheduler
@ -1910,6 +1943,10 @@ kubeProxy:
enabled: true enabled: true
port: 10249 port: 10249
targetPort: 10249 targetPort: 10249
ipDualStack:
enabled: false
ipFamilies: ["IPv6", "IPv4"]
ipFamilyPolicy: "PreferDualStack"
# selector: # selector:
# k8s-app: kube-proxy # k8s-app: kube-proxy
@ -2080,6 +2117,10 @@ prometheus-node-exporter:
- --collector.filesystem.fs-types-exclude=^(autofs|binfmt_misc|bpf|cgroup2?|configfs|debugfs|devpts|devtmpfs|fusectl|hugetlbfs|iso9660|mqueue|nsfs|overlay|proc|procfs|pstore|rpc_pipefs|securityfs|selinuxfs|squashfs|sysfs|tracefs)$ - --collector.filesystem.fs-types-exclude=^(autofs|binfmt_misc|bpf|cgroup2?|configfs|debugfs|devpts|devtmpfs|fusectl|hugetlbfs|iso9660|mqueue|nsfs|overlay|proc|procfs|pstore|rpc_pipefs|securityfs|selinuxfs|squashfs|sysfs|tracefs)$
service: service:
portName: http-metrics portName: http-metrics
ipDualStack:
enabled: false
ipFamilies: ["IPv6", "IPv4"]
ipFamilyPolicy: "PreferDualStack"
prometheus: prometheus:
monitor: monitor:
enabled: true enabled: true
@ -2189,6 +2230,8 @@ prometheusOperator:
# argocd.argoproj.io/hook-delete-policy: HookSucceeded # argocd.argoproj.io/hook-delete-policy: HookSucceeded
namespaceSelector: {} namespaceSelector: {}
objectSelector: {}
deployment: deployment:
enabled: false enabled: false
@ -2233,6 +2276,10 @@ prometheusOperator:
annotations: {} annotations: {}
labels: {} labels: {}
clusterIP: "" clusterIP: ""
ipDualStack:
enabled: false
ipFamilies: ["IPv6", "IPv4"]
ipFamilyPolicy: "PreferDualStack"
## Port to expose on each node ## Port to expose on each node
## Only used if service.type is 'NodePort' ## Only used if service.type is 'NodePort'
@ -2416,6 +2463,7 @@ prometheusOperator:
## Provide a priority class name to the webhook patching job ## Provide a priority class name to the webhook patching job
## ##
priorityClassName: "" priorityClassName: ""
ttlSecondsAfterFinished: 60
annotations: {} annotations: {}
# argocd.argoproj.io/hook: PreSync # argocd.argoproj.io/hook: PreSync
# argocd.argoproj.io/hook-delete-policy: HookSucceeded # argocd.argoproj.io/hook-delete-policy: HookSucceeded
@ -2434,6 +2482,12 @@ prometheusOperator:
runAsUser: 2000 runAsUser: 2000
seccompProfile: seccompProfile:
type: RuntimeDefault type: RuntimeDefault
## Service account for Prometheus Operator Webhook Job Patch to use.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
##
serviceAccount:
create: true
automountServiceAccountToken: true
# Security context for create job container # Security context for create job container
createSecretJob: createSecretJob:
@ -2521,6 +2575,10 @@ prometheusOperator:
annotations: {} annotations: {}
labels: {} labels: {}
clusterIP: "" clusterIP: ""
ipDualStack:
enabled: false
ipFamilies: ["IPv6", "IPv4"]
ipFamilyPolicy: "PreferDualStack"
## Port to expose on each node ## Port to expose on each node
## Only used if service.type is 'NodePort' ## Only used if service.type is 'NodePort'
@ -2586,6 +2644,7 @@ prometheusOperator:
## ##
enabled: true enabled: true
namespace: kube-system namespace: kube-system
selector: ""
## Use '{{ template "kube-prometheus-stack.fullname" . }}-kubelet' by default ## Use '{{ template "kube-prometheus-stack.fullname" . }}-kubelet' by default
name: "" name: ""
@ -2803,7 +2862,7 @@ prometheusOperator:
thanosImage: thanosImage:
registry: quay.io registry: quay.io
repository: thanos/thanos repository: thanos/thanos
tag: v0.34.1 tag: v0.35.0
sha: "" sha: ""
## Set a Label Selector to filter watched prometheus and prometheusAgent ## Set a Label Selector to filter watched prometheus and prometheusAgent
@ -2898,6 +2957,13 @@ prometheus:
## ##
type: ClusterIP type: ClusterIP
## Service dual stack
##
ipDualStack:
enabled: false
ipFamilies: ["IPv6", "IPv4"]
ipFamilyPolicy: "PreferDualStack"
## gRPC port config ## gRPC port config
portName: grpc portName: grpc
port: 10901 port: 10901
@ -2980,6 +3046,10 @@ prometheus:
annotations: {} annotations: {}
labels: {} labels: {}
clusterIP: "" clusterIP: ""
ipDualStack:
enabled: false
ipFamilies: ["IPv6", "IPv4"]
ipFamilyPolicy: "PreferDualStack"
## Port for Prometheus Service to listen on ## Port for Prometheus Service to listen on
## ##
@ -3072,6 +3142,13 @@ prometheus:
## ##
type: ClusterIP type: ClusterIP
## Service dual stack
##
ipDualStack:
enabled: false
ipFamilies: ["IPv6", "IPv4"]
ipFamilyPolicy: "PreferDualStack"
## Configure pod disruption budgets for Prometheus ## Configure pod disruption budgets for Prometheus
## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget
## ##
@ -3350,7 +3427,7 @@ prometheus:
image: image:
registry: quay.io registry: quay.io
repository: prometheus/prometheus repository: prometheus/prometheus
tag: v2.51.1 tag: v2.52.0
sha: "" sha: ""
## Tolerations for use with node taints ## Tolerations for use with node taints
@ -4217,6 +4294,10 @@ thanosRuler:
annotations: {} annotations: {}
labels: {} labels: {}
clusterIP: "" clusterIP: ""
ipDualStack:
enabled: false
ipFamilies: ["IPv6", "IPv4"]
ipFamilyPolicy: "PreferDualStack"
## Port for ThanosRuler Service to listen on ## Port for ThanosRuler Service to listen on
## ##
@ -4334,7 +4415,7 @@ thanosRuler:
image: image:
registry: quay.io registry: quay.io
repository: thanos/thanos repository: thanos/thanos
tag: v0.34.1 tag: v0.35.0
sha: "" sha: ""
## Namespaces to be selected for PrometheusRules discovery. ## Namespaces to be selected for PrometheusRules discovery.
@ -4431,6 +4512,10 @@ thanosRuler:
## ##
externalPrefix: externalPrefix:
## If true, http://{{ template "kube-prometheus-stack.thanosRuler.name" . }}.{{ template "kube-prometheus-stack.namespace" . }}:{{ .Values.thanosRuler.service.port }}
## will be used as value for externalPrefix
externalPrefixNilUsesHelmValues: true
## The route prefix ThanosRuler registers HTTP handlers for. This is useful, if using ExternalURL and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true, ## The route prefix ThanosRuler registers HTTP handlers for. This is useful, if using ExternalURL and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true,
## but the server serves requests under a different route prefix. For example for use with kubectl proxy. ## but the server serves requests under a different route prefix. For example for use with kubectl proxy.
## ##
@ -4453,6 +4538,10 @@ thanosRuler:
# access_key: "" # access_key: ""
# secret_key: "" # secret_key: ""
## Labels by name to drop before sending to alertmanager
## Maps to the --alert.label-drop flag of thanos ruler.
alertDropLabels: []
## QueryEndpoints defines Thanos querier endpoints from which to query metrics. ## QueryEndpoints defines Thanos querier endpoints from which to query metrics.
## Maps to the --query flag of thanos ruler. ## Maps to the --query flag of thanos ruler.
queryEndpoints: [] queryEndpoints: []
@ -4593,6 +4682,13 @@ thanosRuler:
## ##
portName: "web" portName: "web"
## Additional configuration which is not covered by the properties above. (passed through tpl)
additionalConfig: {}
## Additional configuration which is not covered by the properties above.
## Useful, if you need advanced templating
additionalConfigString: ""
## ExtraSecret can be used to store various data in an extra secret ## ExtraSecret can be used to store various data in an extra secret
## (use it for example to store hashed basic auth credentials) ## (use it for example to store hashed basic auth credentials)
extraSecret: extraSecret:

View File

@ -17,7 +17,7 @@
"options": { "options": {
"content": "The SLO (service level objective) and other metrics displayed on this dashboard are for informational purposes only." "content": "The SLO (service level objective) and other metrics displayed on this dashboard are for informational purposes only."
}, },
"pluginVersion": "v10.4.0", "pluginVersion": "v11.0.0",
"title": "Notice", "title": "Notice",
"type": "text" "type": "text"
}, },
@ -41,7 +41,7 @@
}, },
"id": 2, "id": 2,
"interval": "1m", "interval": "1m",
"pluginVersion": "v10.4.0", "pluginVersion": "v11.0.0",
"targets": [ "targets": [
{ {
"datasource": { "datasource": {
@ -87,7 +87,7 @@
"mode": "single" "mode": "single"
} }
}, },
"pluginVersion": "v10.4.0", "pluginVersion": "v11.0.0",
"targets": [ "targets": [
{ {
"datasource": { "datasource": {
@ -121,7 +121,7 @@
}, },
"id": 4, "id": 4,
"interval": "1m", "interval": "1m",
"pluginVersion": "v10.4.0", "pluginVersion": "v11.0.0",
"targets": [ "targets": [
{ {
"datasource": { "datasource": {
@ -219,7 +219,7 @@
"mode": "single" "mode": "single"
} }
}, },
"pluginVersion": "v10.4.0", "pluginVersion": "v11.0.0",
"targets": [ "targets": [
{ {
"datasource": { "datasource": {
@ -263,7 +263,7 @@
"mode": "single" "mode": "single"
} }
}, },
"pluginVersion": "v10.4.0", "pluginVersion": "v11.0.0",
"targets": [ "targets": [
{ {
"datasource": { "datasource": {
@ -306,7 +306,7 @@
"mode": "single" "mode": "single"
} }
}, },
"pluginVersion": "v10.4.0", "pluginVersion": "v11.0.0",
"targets": [ "targets": [
{ {
"datasource": { "datasource": {
@ -340,7 +340,7 @@
}, },
"id": 8, "id": 8,
"interval": "1m", "interval": "1m",
"pluginVersion": "v10.4.0", "pluginVersion": "v11.0.0",
"targets": [ "targets": [
{ {
"datasource": { "datasource": {
@ -438,7 +438,7 @@
"mode": "single" "mode": "single"
} }
}, },
"pluginVersion": "v10.4.0", "pluginVersion": "v11.0.0",
"targets": [ "targets": [
{ {
"datasource": { "datasource": {
@ -482,7 +482,7 @@
"mode": "single" "mode": "single"
} }
}, },
"pluginVersion": "v10.4.0", "pluginVersion": "v11.0.0",
"targets": [ "targets": [
{ {
"datasource": { "datasource": {
@ -525,7 +525,7 @@
"mode": "single" "mode": "single"
} }
}, },
"pluginVersion": "v10.4.0", "pluginVersion": "v11.0.0",
"targets": [ "targets": [
{ {
"datasource": { "datasource": {
@ -568,7 +568,7 @@
"mode": "single" "mode": "single"
} }
}, },
"pluginVersion": "v10.4.0", "pluginVersion": "v11.0.0",
"targets": [ "targets": [
{ {
"datasource": { "datasource": {
@ -611,7 +611,7 @@
"mode": "single" "mode": "single"
} }
}, },
"pluginVersion": "v10.4.0", "pluginVersion": "v11.0.0",
"targets": [ "targets": [
{ {
"datasource": { "datasource": {
@ -657,7 +657,7 @@
"mode": "single" "mode": "single"
} }
}, },
"pluginVersion": "v10.4.0", "pluginVersion": "v11.0.0",
"targets": [ "targets": [
{ {
"datasource": { "datasource": {
@ -699,7 +699,7 @@
"mode": "single" "mode": "single"
} }
}, },
"pluginVersion": "v10.4.0", "pluginVersion": "v11.0.0",
"targets": [ "targets": [
{ {
"datasource": { "datasource": {
@ -742,7 +742,7 @@
"mode": "single" "mode": "single"
} }
}, },
"pluginVersion": "v10.4.0", "pluginVersion": "v11.0.0",
"targets": [ "targets": [
{ {
"datasource": { "datasource": {
@ -784,7 +784,7 @@
"mode": "single" "mode": "single"
} }
}, },
"pluginVersion": "v10.4.0", "pluginVersion": "v11.0.0",
"targets": [ "targets": [
{ {
"datasource": { "datasource": {
@ -800,7 +800,7 @@
} }
], ],
"refresh": "10s", "refresh": "10s",
"schemaVersion": 36, "schemaVersion": 39,
"tags": [ "tags": [
"kubernetes" "kubernetes"
], ],

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

View File

@ -1,376 +1,233 @@
{ {
"__inputs": [ ],
"__requires": [ ],
"annotations": {
"list": [ ]
},
"editable": false, "editable": false,
"gnetId": null, "panels": [
"graphTooltip": 0,
"hideControls": false,
"id": null,
"links": [ ],
"refresh": "10s",
"rows": [
{ {
"collapse": false, "datasource": {
"collapsed": false, "type": "datasource",
"panels": [ "uid": "-- Mixed --"
{ },
"aliasColors": { }, "fieldConfig": {
"bars": false, "defaults": {
"dashLength": 10, "custom": {
"dashes": false, "fillOpacity": 10,
"datasource": "$datasource", "showPoints": "never",
"fill": 1, "spanNulls": true
"fillGradient": 0,
"gridPos": { },
"id": 2,
"legend": {
"alignAsTable": true,
"avg": true,
"current": true,
"max": true,
"min": true,
"rightSide": false,
"show": true,
"sideWidth": null,
"total": false,
"values": true
}, },
"lines": true, "unit": "bytes"
"linewidth": 1, }
"links": [ ], },
"nullPointMode": "null", "gridPos": {
"percentage": false, "h": 7,
"pointradius": 5, "w": 18,
"points": false, "y": 0
"renderer": "flot", },
"repeat": null, "id": 1,
"seriesOverrides": [ ], "interval": "1m",
"spaceLength": 10, "options": {
"span": 9, "legend": {
"stack": true, "asTable": true,
"steppedLine": false, "calcs": [
"targets": [ "lastNotNull"
{
"expr": "(\n sum without(instance, node) (topk(1, (kubelet_volume_stats_capacity_bytes{cluster=\"$cluster\", job=\"kubelet\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})))\n -\n sum without(instance, node) (topk(1, (kubelet_volume_stats_available_bytes{cluster=\"$cluster\", job=\"kubelet\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})))\n)\n",
"format": "time_series",
"intervalFactor": 1,
"legendFormat": "Used Space",
"refId": "A"
},
{
"expr": "sum without(instance, node) (topk(1, (kubelet_volume_stats_available_bytes{cluster=\"$cluster\", job=\"kubelet\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})))\n",
"format": "time_series",
"intervalFactor": 1,
"legendFormat": "Free Space",
"refId": "B"
}
], ],
"thresholds": [ ], "displayMode": "table",
"timeFrom": null, "placement": "right",
"timeShift": null, "showLegend": true
"title": "Volume Space Usage", },
"tooltip": { "tooltip": {
"shared": true, "mode": "single"
"sort": 0, }
"value_type": "individual" },
"pluginVersion": "v11.0.0",
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "${datasource}"
}, },
"type": "graph", "expr": "(\n sum without(instance, node) (topk(1, (kubelet_volume_stats_capacity_bytes{cluster=\"$cluster\", job=\"kubelet\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})))\n -\n sum without(instance, node) (topk(1, (kubelet_volume_stats_available_bytes{cluster=\"$cluster\", job=\"kubelet\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})))\n)\n",
"xaxis": { "legendFormat": "Used Space"
"buckets": null,
"mode": "time",
"name": null,
"show": true,
"values": [ ]
},
"yaxes": [
{
"format": "bytes",
"label": null,
"logBase": 1,
"max": null,
"min": 0,
"show": true
},
{
"format": "bytes",
"label": null,
"logBase": 1,
"max": null,
"min": 0,
"show": true
}
]
}, },
{ {
"cacheTimeout": null, "datasource": {
"colorBackground": false, "type": "prometheus",
"colorValue": false, "uid": "${datasource}"
"colors": [
"rgba(50, 172, 45, 0.97)",
"rgba(237, 129, 40, 0.89)",
"rgba(245, 54, 54, 0.9)"
],
"datasource": "$datasource",
"format": "percent",
"gauge": {
"maxValue": 100,
"minValue": 0,
"show": true,
"thresholdLabels": false,
"thresholdMarkers": true
}, },
"gridPos": { }, "expr": "sum without(instance, node) (topk(1, (kubelet_volume_stats_available_bytes{cluster=\"$cluster\", job=\"kubelet\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})))\n",
"id": 3, "legendFormat": "Free Space"
"interval": null,
"links": [ ],
"mappingType": 1,
"mappingTypes": [
{
"name": "value to text",
"value": 1
},
{
"name": "range to text",
"value": 2
}
],
"maxDataPoints": 100,
"nullPointMode": "connected",
"nullText": null,
"postfix": "",
"postfixFontSize": "50%",
"prefix": "",
"prefixFontSize": "50%",
"rangeMaps": [
{
"from": "null",
"text": "N/A",
"to": "null"
}
],
"span": 3,
"sparkline": {
"fillColor": "rgba(31, 118, 189, 0.18)",
"full": false,
"lineColor": "rgb(31, 120, 193)",
"show": false
},
"tableColumn": "",
"targets": [
{
"expr": "max without(instance,node) (\n(\n topk(1, kubelet_volume_stats_capacity_bytes{cluster=\"$cluster\", job=\"kubelet\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})\n -\n topk(1, kubelet_volume_stats_available_bytes{cluster=\"$cluster\", job=\"kubelet\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})\n)\n/\ntopk(1, kubelet_volume_stats_capacity_bytes{cluster=\"$cluster\", job=\"kubelet\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})\n* 100)\n",
"format": "time_series",
"intervalFactor": 2,
"legendFormat": "",
"refId": "A"
}
],
"thresholds": "80, 90",
"title": "Volume Space Usage",
"type": "singlestat",
"valueFontSize": "80%",
"valueMaps": [
{
"op": "=",
"text": "N/A",
"value": "null"
}
],
"valueName": "current"
} }
], ],
"repeat": null, "title": "Volume Space Usage",
"repeatIteration": null, "type": "timeseries"
"repeatRowId": null,
"showTitle": false,
"title": "Dashboard Row",
"titleSize": "h6",
"type": "row"
}, },
{ {
"collapse": false, "datasource": {
"collapsed": false, "type": "datasource",
"panels": [ "uid": "-- Mixed --"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"max": 100,
"min": 0,
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": 0
},
{
"color": "orange",
"value": 80
},
{
"color": "red",
"value": 90
}
]
},
"unit": "percent"
}
},
"gridPos": {
"h": 7,
"w": 6,
"x": 18,
"y": 0
},
"id": 2,
"interval": "1m",
"pluginVersion": "v11.0.0",
"targets": [
{ {
"aliasColors": { }, "datasource": {
"bars": false, "type": "prometheus",
"dashLength": 10, "uid": "${datasource}"
"dashes": false,
"datasource": "$datasource",
"fill": 1,
"fillGradient": 0,
"gridPos": { },
"id": 4,
"legend": {
"alignAsTable": true,
"avg": true,
"current": true,
"max": true,
"min": true,
"rightSide": false,
"show": true,
"sideWidth": null,
"total": false,
"values": true
}, },
"lines": true, "expr": "max without(instance,node) (\n(\n topk(1, kubelet_volume_stats_capacity_bytes{cluster=\"$cluster\", job=\"kubelet\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})\n -\n topk(1, kubelet_volume_stats_available_bytes{cluster=\"$cluster\", job=\"kubelet\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})\n)\n/\ntopk(1, kubelet_volume_stats_capacity_bytes{cluster=\"$cluster\", job=\"kubelet\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})\n* 100)\n",
"linewidth": 1, "instant": true
"links": [ ],
"nullPointMode": "null",
"percentage": false,
"pointradius": 5,
"points": false,
"renderer": "flot",
"repeat": null,
"seriesOverrides": [ ],
"spaceLength": 10,
"span": 9,
"stack": true,
"steppedLine": false,
"targets": [
{
"expr": "sum without(instance, node) (topk(1, (kubelet_volume_stats_inodes_used{cluster=\"$cluster\", job=\"kubelet\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})))\n",
"format": "time_series",
"intervalFactor": 1,
"legendFormat": "Used inodes",
"refId": "A"
},
{
"expr": "(\n sum without(instance, node) (topk(1, (kubelet_volume_stats_inodes{cluster=\"$cluster\", job=\"kubelet\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})))\n -\n sum without(instance, node) (topk(1, (kubelet_volume_stats_inodes_used{cluster=\"$cluster\", job=\"kubelet\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})))\n)\n",
"format": "time_series",
"intervalFactor": 1,
"legendFormat": " Free inodes",
"refId": "B"
}
],
"thresholds": [ ],
"timeFrom": null,
"timeShift": null,
"title": "Volume inodes Usage",
"tooltip": {
"shared": true,
"sort": 0,
"value_type": "individual"
},
"type": "graph",
"xaxis": {
"buckets": null,
"mode": "time",
"name": null,
"show": true,
"values": [ ]
},
"yaxes": [
{
"format": "none",
"label": null,
"logBase": 1,
"max": null,
"min": 0,
"show": true
},
{
"format": "none",
"label": null,
"logBase": 1,
"max": null,
"min": 0,
"show": true
}
]
},
{
"cacheTimeout": null,
"colorBackground": false,
"colorValue": false,
"colors": [
"rgba(50, 172, 45, 0.97)",
"rgba(237, 129, 40, 0.89)",
"rgba(245, 54, 54, 0.9)"
],
"datasource": "$datasource",
"format": "percent",
"gauge": {
"maxValue": 100,
"minValue": 0,
"show": true,
"thresholdLabels": false,
"thresholdMarkers": true
},
"gridPos": { },
"id": 5,
"interval": null,
"links": [ ],
"mappingType": 1,
"mappingTypes": [
{
"name": "value to text",
"value": 1
},
{
"name": "range to text",
"value": 2
}
],
"maxDataPoints": 100,
"nullPointMode": "connected",
"nullText": null,
"postfix": "",
"postfixFontSize": "50%",
"prefix": "",
"prefixFontSize": "50%",
"rangeMaps": [
{
"from": "null",
"text": "N/A",
"to": "null"
}
],
"span": 3,
"sparkline": {
"fillColor": "rgba(31, 118, 189, 0.18)",
"full": false,
"lineColor": "rgb(31, 120, 193)",
"show": false
},
"tableColumn": "",
"targets": [
{
"expr": "max without(instance,node) (\ntopk(1, kubelet_volume_stats_inodes_used{cluster=\"$cluster\", job=\"kubelet\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})\n/\ntopk(1, kubelet_volume_stats_inodes{cluster=\"$cluster\", job=\"kubelet\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})\n* 100)\n",
"format": "time_series",
"intervalFactor": 2,
"legendFormat": "",
"refId": "A"
}
],
"thresholds": "80, 90",
"title": "Volume inodes Usage",
"type": "singlestat",
"valueFontSize": "80%",
"valueMaps": [
{
"op": "=",
"text": "N/A",
"value": "null"
}
],
"valueName": "current"
} }
], ],
"repeat": null, "title": "Volume Space Usage",
"repeatIteration": null, "type": "gauge"
"repeatRowId": null, },
"showTitle": false, {
"title": "Dashboard Row", "datasource": {
"titleSize": "h6", "type": "datasource",
"type": "row" "uid": "-- Mixed --"
},
"fieldConfig": {
"defaults": {
"custom": {
"fillOpacity": 10,
"showPoints": "never",
"spanNulls": true
},
"unit": "none"
}
},
"gridPos": {
"h": 7,
"w": 18,
"y": 7
},
"id": 3,
"interval": "1m",
"options": {
"legend": {
"asTable": true,
"calcs": [
"lastNotNull"
],
"displayMode": "table",
"placement": "right",
"showLegend": true
},
"tooltip": {
"mode": "single"
}
},
"pluginVersion": "v11.0.0",
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "${datasource}"
},
"expr": "sum without(instance, node) (topk(1, (kubelet_volume_stats_inodes_used{cluster=\"$cluster\", job=\"kubelet\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})))",
"legendFormat": "Used inodes"
},
{
"datasource": {
"type": "prometheus",
"uid": "${datasource}"
},
"expr": "(\n sum without(instance, node) (topk(1, (kubelet_volume_stats_inodes{cluster=\"$cluster\", job=\"kubelet\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})))\n -\n sum without(instance, node) (topk(1, (kubelet_volume_stats_inodes_used{cluster=\"$cluster\", job=\"kubelet\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})))\n)\n",
"legendFormat": "Free inodes"
}
],
"title": "Volume inodes Usage",
"type": "timeseries"
},
{
"datasource": {
"type": "datasource",
"uid": "-- Mixed --"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"max": 100,
"min": 0,
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": 0
},
{
"color": "orange",
"value": 80
},
{
"color": "red",
"value": 90
}
]
},
"unit": "percent"
}
},
"gridPos": {
"h": 7,
"w": 6,
"x": 18,
"y": 7
},
"id": 4,
"interval": "1m",
"pluginVersion": "v11.0.0",
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "${datasource}"
},
"expr": "max without(instance,node) (\ntopk(1, kubelet_volume_stats_inodes_used{cluster=\"$cluster\", job=\"kubelet\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})\n/\ntopk(1, kubelet_volume_stats_inodes{cluster=\"$cluster\", job=\"kubelet\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})\n* 100)\n",
"instant": true
}
],
"title": "Volume inodes Usage",
"type": "gauge"
} }
], ],
"schemaVersion": 14, "refresh": "10s",
"style": "dark", "schemaVersion": 39,
"tags": [ "tags": [
"kubernetes" "kubernetes"
], ],
@ -385,105 +242,56 @@
"hide": 0, "hide": 0,
"label": "Data source", "label": "Data source",
"name": "datasource", "name": "datasource",
"options": [ ],
"query": "prometheus", "query": "prometheus",
"refresh": 1,
"regex": "", "regex": "",
"type": "datasource" "type": "datasource"
}, },
{ {
"allValue": null, "datasource": {
"current": { }, "type": "prometheus",
"datasource": "$datasource", "uid": "${datasource}"
},
"hide": 2, "hide": 2,
"includeAll": false,
"label": "cluster", "label": "cluster",
"multi": false,
"name": "cluster", "name": "cluster",
"options": [ ],
"query": "label_values(kubelet_volume_stats_capacity_bytes{job=\"kubelet\"}, cluster)", "query": "label_values(kubelet_volume_stats_capacity_bytes{job=\"kubelet\"}, cluster)",
"refresh": 2, "refresh": 2,
"regex": "",
"sort": 1, "sort": 1,
"tagValuesQuery": "", "type": "query"
"tags": [ ],
"tagsQuery": "",
"type": "query",
"useTags": false
}, },
{ {
"allValue": null, "datasource": {
"current": { }, "type": "prometheus",
"datasource": "$datasource", "uid": "${datasource}"
},
"hide": 0, "hide": 0,
"includeAll": false,
"label": "Namespace", "label": "Namespace",
"multi": false,
"name": "namespace", "name": "namespace",
"options": [ ],
"query": "label_values(kubelet_volume_stats_capacity_bytes{cluster=\"$cluster\", job=\"kubelet\"}, namespace)", "query": "label_values(kubelet_volume_stats_capacity_bytes{cluster=\"$cluster\", job=\"kubelet\"}, namespace)",
"refresh": 2, "refresh": 2,
"regex": "",
"sort": 1, "sort": 1,
"tagValuesQuery": "", "type": "query"
"tags": [ ],
"tagsQuery": "",
"type": "query",
"useTags": false
}, },
{ {
"allValue": null, "datasource": {
"current": { }, "type": "prometheus",
"datasource": "$datasource", "uid": "${datasource}"
},
"hide": 0, "hide": 0,
"includeAll": false,
"label": "PersistentVolumeClaim", "label": "PersistentVolumeClaim",
"multi": false,
"name": "volume", "name": "volume",
"options": [ ],
"query": "label_values(kubelet_volume_stats_capacity_bytes{cluster=\"$cluster\", job=\"kubelet\", namespace=\"$namespace\"}, persistentvolumeclaim)", "query": "label_values(kubelet_volume_stats_capacity_bytes{cluster=\"$cluster\", job=\"kubelet\", namespace=\"$namespace\"}, persistentvolumeclaim)",
"refresh": 2, "refresh": 2,
"regex": "",
"sort": 1, "sort": 1,
"tagValuesQuery": "", "type": "query"
"tags": [ ],
"tagsQuery": "",
"type": "query",
"useTags": false
} }
] ]
}, },
"time": { "time": {
"from": "now-7d", "from": "now-1h",
"to": "now" "to": "now"
}, },
"timepicker": {
"refresh_intervals": [
"5s",
"10s",
"30s",
"1m",
"5m",
"15m",
"30m",
"1h",
"2h",
"1d"
],
"time_options": [
"5m",
"15m",
"1h",
"6h",
"12h",
"24h",
"2d",
"7d",
"30d"
]
},
"timezone": "UTC", "timezone": "UTC",
"title": "Persistent Volumes", "title": "Persistent Volumes",
"uid": "919b92a8e8041bd567af9edab12c840c", "uid": "919b92a8e8041bd567af9edab12c840c"
"version": 0
} }

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

View File

@ -18,8 +18,8 @@
"subdir": "contrib/mixin" "subdir": "contrib/mixin"
} }
}, },
"version": "65ac859a1b613a3b1b509cd80400f9fcbeae97d6", "version": "010d462c0ff03a70f5c5fd32efbb76ad4c1e7c81",
"sum": "xuUBd2vqF7asyVDe5CE08uPT/RxAdy8O75EjFJoMXXU=" "sum": "IXI3LQIT9NmTPJAk8WLUJd5+qZfcGpeNCyWIK7oEpws="
}, },
{ {
"source": { "source": {
@ -58,8 +58,8 @@
"subdir": "gen/grafonnet-latest" "subdir": "gen/grafonnet-latest"
} }
}, },
"version": "6ac1593ca787638da223380ff4a3fd0f96e953e1", "version": "5a66b0f6a0f4f7caec754dd39a0e263b56a0f90a",
"sum": "GxEO83uxgsDclLp/fmlUJZDbSGpeUZY6Ap3G2cgdL1g=" "sum": "eyuJ0jOXeA4MrobbNgU4/v5a7ASDHslHZ0eS6hDdWoI="
}, },
{ {
"source": { "source": {
@ -68,18 +68,18 @@
"subdir": "gen/grafonnet-v10.0.0" "subdir": "gen/grafonnet-v10.0.0"
} }
}, },
"version": "6ac1593ca787638da223380ff4a3fd0f96e953e1", "version": "5a66b0f6a0f4f7caec754dd39a0e263b56a0f90a",
"sum": "W7sLuAvMSJPkC7Oo31t45Nz/cUdJV7jzNSJTd3F1daM=" "sum": "xdcrJPJlpkq4+5LpGwN4tPAuheNNLXZjE6tDcyvFjr0="
}, },
{ {
"source": { "source": {
"git": { "git": {
"remote": "https://github.com/grafana/grafonnet.git", "remote": "https://github.com/grafana/grafonnet.git",
"subdir": "gen/grafonnet-v10.4.0" "subdir": "gen/grafonnet-v11.0.0"
} }
}, },
"version": "6ac1593ca787638da223380ff4a3fd0f96e953e1", "version": "5a66b0f6a0f4f7caec754dd39a0e263b56a0f90a",
"sum": "ZSmDT7i/qU9P8ggmuPuJT+jonq1ZEsBRCXycW/H5L/A=" "sum": "Fuo+qTZZzF+sHDBWX/8fkPsUmwW6qhH8hRVz45HznfI="
}, },
{ {
"source": { "source": {
@ -88,8 +88,8 @@
"subdir": "grafana-builder" "subdir": "grafana-builder"
} }
}, },
"version": "b5e3f0ecb726452a92f68c5eeb983c9d972cb051", "version": "1d877bb0651ef92176f651d0be473c06e372a8a0",
"sum": "+z5VY+bPBNqXcmNAV8xbJcbsRA+pro1R3IM7aIY8OlU=" "sum": "udZaafkbKYMGodLqsFhEe+Oy/St2p0edrK7hiMPEey0="
}, },
{ {
"source": { "source": {
@ -118,8 +118,8 @@
"subdir": "" "subdir": ""
} }
}, },
"version": "b247371d1780f530587a8d9dd04ccb19ea970ba0", "version": "3dfa72d1d1ab31a686b1f52ec28bbf77c972bd23",
"sum": "7M2QHK3WhOc1xT7T7KhL9iKsCYTfsIXpmcItffAcbL0=" "sum": "7ufhpvzoDqAYLrfAsGkTAIRmu2yWQkmHukTE//jOsJU="
}, },
{ {
"source": { "source": {
@ -128,8 +128,8 @@
"subdir": "jsonnet/kube-state-metrics" "subdir": "jsonnet/kube-state-metrics"
} }
}, },
"version": "9e855147a20f2539b0b8c3ea1aa7cd761c104797", "version": "7104d579e93d672754c018a924d6c3f7ec23874e",
"sum": "msMZyUvcebzRILLzNlTIiSOwa1XgQKtP7jbZTkiqwM0=" "sum": "pvInhJNQVDOcC3NGWRMKRIP954mAvLXCQpTlafIg7fA="
}, },
{ {
"source": { "source": {
@ -138,7 +138,7 @@
"subdir": "jsonnet/kube-state-metrics-mixin" "subdir": "jsonnet/kube-state-metrics-mixin"
} }
}, },
"version": "9e855147a20f2539b0b8c3ea1aa7cd761c104797", "version": "7104d579e93d672754c018a924d6c3f7ec23874e",
"sum": "qclI7LwucTjBef3PkGBkKxF0mfZPbHnn4rlNWKGtR4c=" "sum": "qclI7LwucTjBef3PkGBkKxF0mfZPbHnn4rlNWKGtR4c="
}, },
{ {
@ -148,8 +148,8 @@
"subdir": "jsonnet/kube-prometheus" "subdir": "jsonnet/kube-prometheus"
} }
}, },
"version": "76f2e1ef95be0df752037baa040781c5219e1fb3", "version": "defa2bd1e242519c62a5c2b3b786b1caa6d906d4",
"sum": "IgpAgyyBZ7VT2vr9kSYQP/lkZUNQnbqpGh2sYCtUKs0=" "sum": "INKeZ+QIIPImq+TrfHT8CpYdoRzzxRk0txG07XlOo/Q="
}, },
{ {
"source": { "source": {
@ -158,7 +158,7 @@
"subdir": "jsonnet/mixin" "subdir": "jsonnet/mixin"
} }
}, },
"version": "06bdd34e7691d13b560cf1694561c5777216472b", "version": "609424db53853b992277b7a9a0e5cf59f4cc24f3",
"sum": "gi+knjdxs2T715iIQIntrimbHRgHnpM8IFBJDD1gYfs=", "sum": "gi+knjdxs2T715iIQIntrimbHRgHnpM8IFBJDD1gYfs=",
"name": "prometheus-operator-mixin" "name": "prometheus-operator-mixin"
}, },
@ -169,8 +169,8 @@
"subdir": "jsonnet/prometheus-operator" "subdir": "jsonnet/prometheus-operator"
} }
}, },
"version": "06bdd34e7691d13b560cf1694561c5777216472b", "version": "609424db53853b992277b7a9a0e5cf59f4cc24f3",
"sum": "uZ0NldrHp01uGnOYEKB+Nq8W97bkf4EfMP9ePWIG+wk=" "sum": "z2/5LjQpWC7snhT+n/mtQqoy5986uI95sTqcKQziwGU="
}, },
{ {
"source": { "source": {
@ -179,7 +179,7 @@
"subdir": "doc/alertmanager-mixin" "subdir": "doc/alertmanager-mixin"
} }
}, },
"version": "14cbe6301c732658d6fe877ec55ad5b738abcf06", "version": "eb8369ec510d76f63901379a8437c4b55885d6c5",
"sum": "IpF46ZXsm+0wJJAPtAre8+yxTNZA57mBqGpBP/r7/kw=", "sum": "IpF46ZXsm+0wJJAPtAre8+yxTNZA57mBqGpBP/r7/kw=",
"name": "alertmanager" "name": "alertmanager"
}, },
@ -190,8 +190,8 @@
"subdir": "docs/node-mixin" "subdir": "docs/node-mixin"
} }
}, },
"version": "b6227af54b20d147463e1672a3e8bfca47fa10ee", "version": "b9d0932179a0c5b3a8863f3d6cdafe8584cedc8e",
"sum": "vWhHvFqV7+fxrQddTeGVKi1e4EzB3VWtNyD8TjSmevY=" "sum": "rhUvbqviGjQ2mwsRhHKMN0TiS3YvnYpUXHew3XlQ+Wg="
}, },
{ {
"source": { "source": {
@ -200,8 +200,8 @@
"subdir": "documentation/prometheus-mixin" "subdir": "documentation/prometheus-mixin"
} }
}, },
"version": "633224886a1c975dd3a8a8308a0b1d630048a21c", "version": "ac85bd47e1cfa0d63520e4c0b4e26900c42c326b",
"sum": "u/Fpz2MPkezy71/q+c7mF0vc3hE9fWt2W/YbvF0LP/8=", "sum": "dYLcLzGH4yF3qB7OGC/7z4nqeTNjv42L7Q3BENU8XJI=",
"name": "prometheus" "name": "prometheus"
}, },
{ {
@ -222,7 +222,7 @@
"subdir": "mixin" "subdir": "mixin"
} }
}, },
"version": "f7853dd12cc228960e24c78c10154099a9aeaec8", "version": "35c0dbec856f97683a846e9c53f83156a3a44ff3",
"sum": "HhSSbGGCNHCMy1ee5jElYDm0yS9Vesa7QB2/SHKdjsY=", "sum": "HhSSbGGCNHCMy1ee5jElYDm0yS9Vesa7QB2/SHKdjsY=",
"name": "thanos-mixin" "name": "thanos-mixin"
} }

View File

@ -6,7 +6,7 @@
"app.kubernetes.io/component": "exporter", "app.kubernetes.io/component": "exporter",
"app.kubernetes.io/name": "kube-state-metrics", "app.kubernetes.io/name": "kube-state-metrics",
"app.kubernetes.io/part-of": "kube-prometheus", "app.kubernetes.io/part-of": "kube-prometheus",
"app.kubernetes.io/version": "2.11.0", "app.kubernetes.io/version": "2.12.0",
"prometheus": "k8s", "prometheus": "k8s",
"role": "alert-rules" "role": "alert-rules"
}, },

View File

@ -114,7 +114,7 @@
"runbook_url": "https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubestatefulsetupdatenotrolledout", "runbook_url": "https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubestatefulsetupdatenotrolledout",
"summary": "StatefulSet update has not been rolled out." "summary": "StatefulSet update has not been rolled out."
}, },
"expr": "(\n max without (revision) (\n kube_statefulset_status_current_revision{job=\"kube-state-metrics\"}\n unless\n kube_statefulset_status_update_revision{job=\"kube-state-metrics\"}\n )\n *\n (\n kube_statefulset_replicas{job=\"kube-state-metrics\"}\n !=\n kube_statefulset_status_replicas_updated{job=\"kube-state-metrics\"}\n )\n) and (\n changes(kube_statefulset_status_replicas_updated{job=\"kube-state-metrics\"}[5m])\n ==\n 0\n)\n", "expr": "(\n max by(namespace, statefulset) (\n kube_statefulset_status_current_revision{job=\"kube-state-metrics\"}\n unless\n kube_statefulset_status_update_revision{job=\"kube-state-metrics\"}\n )\n *\n (\n kube_statefulset_replicas{job=\"kube-state-metrics\"}\n !=\n kube_statefulset_status_replicas_updated{job=\"kube-state-metrics\"}\n )\n) and (\n changes(kube_statefulset_status_replicas_updated{job=\"kube-state-metrics\"}[5m])\n ==\n 0\n)\n",
"for": "15m", "for": "15m",
"labels": { "labels": {
"severity": "warning" "severity": "warning"
@ -235,7 +235,7 @@
"runbook_url": "https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubecpuovercommit", "runbook_url": "https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubecpuovercommit",
"summary": "Cluster has overcommitted CPU resource requests." "summary": "Cluster has overcommitted CPU resource requests."
}, },
"expr": "sum(namespace_cpu:kube_pod_container_resource_requests:sum{job=\"kube-state-metrics\",}) by (cluster) - (sum(kube_node_status_allocatable{job=\"kube-state-metrics\",resource=\"cpu\"}) by (cluster) - max(kube_node_status_allocatable{job=\"kube-state-metrics\",resource=\"cpu\"}) by (cluster)) > 0\nand\n(sum(kube_node_status_allocatable{job=\"kube-state-metrics\",resource=\"cpu\"}) by (cluster) - max(kube_node_status_allocatable{job=\"kube-state-metrics\",resource=\"cpu\"}) by (cluster)) > 0\n", "expr": "sum(namespace_cpu:kube_pod_container_resource_requests:sum{}) by (cluster) - (sum(kube_node_status_allocatable{job=\"kube-state-metrics\",resource=\"cpu\"}) by (cluster) - max(kube_node_status_allocatable{job=\"kube-state-metrics\",resource=\"cpu\"}) by (cluster)) > 0\nand\n(sum(kube_node_status_allocatable{job=\"kube-state-metrics\",resource=\"cpu\"}) by (cluster) - max(kube_node_status_allocatable{job=\"kube-state-metrics\",resource=\"cpu\"}) by (cluster)) > 0\n",
"for": "10m", "for": "10m",
"labels": { "labels": {
"severity": "warning" "severity": "warning"

View File

@ -6,7 +6,7 @@
"app.kubernetes.io/component": "exporter", "app.kubernetes.io/component": "exporter",
"app.kubernetes.io/name": "node-exporter", "app.kubernetes.io/name": "node-exporter",
"app.kubernetes.io/part-of": "kube-prometheus", "app.kubernetes.io/part-of": "kube-prometheus",
"app.kubernetes.io/version": "1.7.0", "app.kubernetes.io/version": "1.8.1",
"prometheus": "k8s", "prometheus": "k8s",
"role": "alert-rules" "role": "alert-rules"
}, },

View File

@ -6,7 +6,7 @@
"app.kubernetes.io/component": "controller", "app.kubernetes.io/component": "controller",
"app.kubernetes.io/name": "prometheus-operator", "app.kubernetes.io/name": "prometheus-operator",
"app.kubernetes.io/part-of": "kube-prometheus", "app.kubernetes.io/part-of": "kube-prometheus",
"app.kubernetes.io/version": "0.72.0", "app.kubernetes.io/version": "0.75.1",
"prometheus": "k8s", "prometheus": "k8s",
"role": "alert-rules" "role": "alert-rules"
}, },

View File

@ -7,7 +7,7 @@
"app.kubernetes.io/instance": "k8s", "app.kubernetes.io/instance": "k8s",
"app.kubernetes.io/name": "prometheus", "app.kubernetes.io/name": "prometheus",
"app.kubernetes.io/part-of": "kube-prometheus", "app.kubernetes.io/part-of": "kube-prometheus",
"app.kubernetes.io/version": "2.50.1", "app.kubernetes.io/version": "2.53.0",
"prometheus": "k8s", "prometheus": "k8s",
"role": "alert-rules" "role": "alert-rules"
}, },
@ -45,6 +45,19 @@
"severity": "warning" "severity": "warning"
} }
}, },
{
"alert": "PrometheusKubernetesListWatchFailures",
"annotations": {
"description": "Kubernetes service discovery of Prometheus {{$labels.namespace}}/{{$labels.pod}} is experiencing {{ printf \"%.0f\" $value }} failures with LIST/WATCH requests to the Kubernetes API in the last 5 minutes.",
"runbook_url": "https://runbooks.prometheus-operator.dev/runbooks/prometheus/prometheuskuberneteslistwatchfailures",
"summary": "Requests in Kubernetes SD are failing."
},
"expr": "increase(prometheus_sd_kubernetes_failures_total{job=\"prometheus-k8s\",namespace=\"monitoring\"}[5m]) > 0\n",
"for": "15m",
"labels": {
"severity": "warning"
}
},
{ {
"alert": "PrometheusNotificationQueueRunningFull", "alert": "PrometheusNotificationQueueRunningFull",
"annotations": { "annotations": {

File diff suppressed because one or more lines are too long

View File

@ -83,7 +83,7 @@ spec:
description: StatefulSet {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.statefulset {{`}}`}} update has not been rolled out. description: StatefulSet {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.statefulset {{`}}`}} update has not been rolled out.
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubestatefulsetupdatenotrolledout runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubestatefulsetupdatenotrolledout
summary: StatefulSet update has not been rolled out. summary: StatefulSet update has not been rolled out.
expr: "(\n max without (revision) (\n kube_statefulset_status_current_revision{job=\"kube-state-metrics\"}\n unless\n kube_statefulset_status_update_revision{job=\"kube-state-metrics\"}\n )\n *\n (\n kube_statefulset_replicas{job=\"kube-state-metrics\"}\n !=\n kube_statefulset_status_replicas_updated{job=\"kube-state-metrics\"}\n )\n) and (\n changes(kube_statefulset_status_replicas_updated{job=\"kube-state-metrics\"}[5m])\n ==\n 0\n)\n" expr: "(\n max by(namespace, statefulset) (\n kube_statefulset_status_current_revision{job=\"kube-state-metrics\"}\n unless\n kube_statefulset_status_update_revision{job=\"kube-state-metrics\"}\n )\n *\n (\n kube_statefulset_replicas{job=\"kube-state-metrics\"}\n !=\n kube_statefulset_status_replicas_updated{job=\"kube-state-metrics\"}\n )\n) and (\n changes(kube_statefulset_status_replicas_updated{job=\"kube-state-metrics\"}[5m])\n ==\n 0\n)\n"
for: 15m for: 15m
labels: labels:
severity: warning severity: warning
@ -171,7 +171,7 @@ spec:
description: Cluster {{`{{`}} $labels.cluster {{`}}`}} has overcommitted CPU resource requests for Pods by {{`{{`}} $value {{`}}`}} CPU shares and cannot tolerate node failure. description: Cluster {{`{{`}} $labels.cluster {{`}}`}} has overcommitted CPU resource requests for Pods by {{`{{`}} $value {{`}}`}} CPU shares and cannot tolerate node failure.
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubecpuovercommit runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubecpuovercommit
summary: Cluster has overcommitted CPU resource requests. summary: Cluster has overcommitted CPU resource requests.
expr: 'sum(namespace_cpu:kube_pod_container_resource_requests:sum{job="kube-state-metrics",}) by (cluster) - (sum(kube_node_status_allocatable{job="kube-state-metrics",resource="cpu"}) by (cluster) - max(kube_node_status_allocatable{job="kube-state-metrics",resource="cpu"}) by (cluster)) > 0 expr: 'sum(namespace_cpu:kube_pod_container_resource_requests:sum{}) by (cluster) - (sum(kube_node_status_allocatable{job="kube-state-metrics",resource="cpu"}) by (cluster) - max(kube_node_status_allocatable{job="kube-state-metrics",resource="cpu"}) by (cluster)) > 0
and and

View File

@ -35,6 +35,17 @@ spec:
for: 20m for: 20m
labels: labels:
severity: warning severity: warning
- alert: PrometheusKubernetesListWatchFailures
annotations:
description: Kubernetes service discovery of Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} is experiencing {{`{{`}} printf "%.0f" $value {{`}}`}} failures with LIST/WATCH requests to the Kubernetes API in the last 5 minutes.
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/prometheus/prometheuskuberneteslistwatchfailures
summary: Requests in Kubernetes SD are failing.
expr: 'increase(prometheus_sd_kubernetes_failures_total{job="prometheus-k8s",namespace="monitoring"}[5m]) > 0
'
for: 15m
labels:
severity: warning
- alert: PrometheusNotificationQueueRunningFull - alert: PrometheusNotificationQueueRunningFull
annotations: annotations:
description: Alert notification queue of Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} is running full. description: Alert notification queue of Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} is running full.

View File

@ -28,7 +28,7 @@ dependencies:
condition: aws-ebs-csi-driver.enabled condition: aws-ebs-csi-driver.enabled
repository: https://kubernetes-sigs.github.io/aws-ebs-csi-driver repository: https://kubernetes-sigs.github.io/aws-ebs-csi-driver
- name: aws-efs-csi-driver - name: aws-efs-csi-driver
version: 2.5.7 version: 3.0.6
condition: aws-efs-csi-driver.enabled condition: aws-efs-csi-driver.enabled
repository: https://kubernetes-sigs.github.io/aws-efs-csi-driver repository: https://kubernetes-sigs.github.io/aws-efs-csi-driver
- name: gemini - name: gemini

View File

@ -1,32 +0,0 @@
diff -rtuN charts/aws-efs-csi-driver.orig/templates/controller-deployment.yaml charts/aws-efs-csi-driver/templates/controller-deployment.yaml
--- charts/aws-efs-csi-driver.orig/templates/controller-deployment.yaml 2023-08-23 11:32:48.964952023 +0000
+++ charts/aws-efs-csi-driver/templates/controller-deployment.yaml 2023-08-23 11:32:48.968285371 +0000
@@ -76,9 +76,14 @@
- name: AWS_USE_FIPS_ENDPOINT
value: "true"
{{- end }}
+ {{- if .Values.controller.extraEnv }}
+ {{- toYaml .Values.controller.extraEnv | nindent 12 }}
+ {{- end }}
volumeMounts:
- name: socket-dir
mountPath: /var/lib/csi/sockets/pluginproxy/
+ - name: aws-token
+ mountPath: /var/run/secrets/sts.amazonaws.com/serviceaccount/
ports:
- name: healthz
containerPort: {{ .Values.controller.healthPort }}
@@ -137,6 +142,13 @@
volumes:
- name: socket-dir
emptyDir: {}
+ - name: aws-token
+ projected:
+ sources:
+ - serviceAccountToken:
+ path: token
+ expirationSeconds: 86400
+ audience: "sts.amazonaws.com"
{{- with .Values.controller.affinity }}
affinity: {{- toYaml . | nindent 8 }}
{{- end }}

View File

@ -1,7 +1,29 @@
# Helm chart # Helm chart
## v2.32.0
* Bump driver version to `v1.32.0`
* Bump CSI sidecar container versions
* Add `patch` permission to `PV` to `external-provisioner` role (required by v5 and later)
* Add terminationGracePeriodSeconds as a helm parameter ([#2060](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/2060), [@ElijahQuinones](https://github.com/ElijahQuinones))
* Use release namespace in ClusterRoleBinding subject namespace ([#2059](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/2059), [@etutuit](https://github.com/etutuit))
* Add parameter to override node DaemonSet namespace ([#2052](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/2052), [@RuStyC0der](https://github.com/RuStyC0der))
* Set RuntimeDefault as default seccompProfile in securityContext ([#2061](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/2061), [@torredil](https://github.com/torredil))
* Increase default provisioner, resizer, snapshotter `retry-interval-max` ([#2057](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/2057), [@AndrewSirenko](https://github.com/AndrewSirenko))
## v2.31.0
* Bump driver version to `v1.31.0`
* Expose dnsConfig in Helm Chart for Custom DNS Configuration ([#2034](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/2045), [@omerap12](https://github.com/omerap12))
* Make scrape interval configurable ([#2035](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/2035), [@omerap12](https://github.com/omerap12))
* Add defaultStorageClass parameter ([#2039](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/2039), [@torredil](https://github.com/torredil))
* Upgrade sidecar containers ([#2041](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/2041), [@torredil](https://github.com/torredil))
## v2.30.0
* Bump driver version to `v1.30.0`
* Update voluemessnapshotcontents/status RBAC ([#1991](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/1991), [@AndrewSirenko](https://github.com/AndrewSirenko))
* Upgrade dependencies ([#2016](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/2016), [@torredil](https://github.com/torredil))
## v2.29.1 ## v2.29.1
* Bump driver version to `v1.29.1` * Bump driver version to `v1.29.1`
* Remove `--reuse-values` deprecation warning * Remove `--reuse-values` deprecation warning
## v2.29.0 ## v2.29.0
### Urgent Upgrade Notes ### Urgent Upgrade Notes

View File

@ -1,5 +1,5 @@
apiVersion: v2 apiVersion: v2
appVersion: 1.29.1 appVersion: 1.32.0
description: A Helm chart for AWS EBS CSI Driver description: A Helm chart for AWS EBS CSI Driver
home: https://github.com/kubernetes-sigs/aws-ebs-csi-driver home: https://github.com/kubernetes-sigs/aws-ebs-csi-driver
keywords: keywords:
@ -13,4 +13,4 @@ maintainers:
name: aws-ebs-csi-driver name: aws-ebs-csi-driver
sources: sources:
- https://github.com/kubernetes-sigs/aws-ebs-csi-driver - https://github.com/kubernetes-sigs/aws-ebs-csi-driver
version: 2.29.1 version: 2.32.0

View File

@ -5,7 +5,7 @@ kind: DaemonSet
apiVersion: apps/v1 apiVersion: apps/v1
metadata: metadata:
name: {{ printf "%s-windows" .NodeName }} name: {{ printf "%s-windows" .NodeName }}
namespace: {{ .Release.Namespace }} namespace: {{ .Values.node.namespaceOverride | default .Release.Namespace }}
labels: labels:
{{- include "aws-ebs-csi-driver.labels" . | nindent 4 }} {{- include "aws-ebs-csi-driver.labels" . | nindent 4 }}
spec: spec:
@ -40,6 +40,7 @@ spec:
{{- toYaml . | nindent 8 }} {{- toYaml . | nindent 8 }}
{{- end }} {{- end }}
serviceAccountName: {{ .Values.node.serviceAccount.name }} serviceAccountName: {{ .Values.node.serviceAccount.name }}
terminationGracePeriodSeconds: {{ .Values.node.terminationGracePeriodSeconds }}
priorityClassName: {{ .Values.node.priorityClassName | default "system-node-critical" }} priorityClassName: {{ .Values.node.priorityClassName | default "system-node-critical" }}
tolerations: tolerations:
{{- if .Values.node.tolerateAllTaints }} {{- if .Values.node.tolerateAllTaints }}
@ -49,10 +50,21 @@ spec:
{{- toYaml . | nindent 8 }} {{- toYaml . | nindent 8 }}
{{- end }} {{- end }}
{{- end }} {{- end }}
{{- if .Values.node.windowsHostProcess }}
securityContext:
windowsOptions:
hostProcess: true
runAsUserName: "NT AUTHORITY\\SYSTEM"
hostNetwork: true
{{- end }}
containers: containers:
- name: ebs-plugin - name: ebs-plugin
image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.image.repository (default (printf "v%s" .Chart.AppVersion) (toString .Values.image.tag)) }} image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.image.repository (default (printf "v%s" .Chart.AppVersion) (toString .Values.image.tag)) }}
imagePullPolicy: {{ .Values.image.pullPolicy }} imagePullPolicy: {{ .Values.image.pullPolicy }}
{{- if .Values.node.windowsHostProcess }}
command:
- "aws-ebs-csi-driver.exe"
{{- end }}
args: args:
- node - node
- --endpoint=$(CSI_ENDPOINT) - --endpoint=$(CSI_ENDPOINT)
@ -66,9 +78,16 @@ spec:
{{- if .Values.node.otelTracing }} {{- if .Values.node.otelTracing }}
- --enable-otel-tracing=true - --enable-otel-tracing=true
{{- end}} {{- end}}
{{- if .Values.node.windowsHostProcess }}
- --windows-host-process=true
{{- end }}
env: env:
- name: CSI_ENDPOINT - name: CSI_ENDPOINT
{{- if .Values.node.windowsHostProcess }}
value: unix://C:\\var\\lib\\kubelet\\plugins\\ebs.csi.aws.com\\csi.sock
{{- else }}
value: unix:/csi/csi.sock value: unix:/csi/csi.sock
{{- end }}
- name: CSI_NODE_NAME - name: CSI_NODE_NAME
valueFrom: valueFrom:
fieldRef: fieldRef:
@ -91,12 +110,14 @@ spec:
mountPropagation: "None" mountPropagation: "None"
- name: plugin-dir - name: plugin-dir
mountPath: C:\csi mountPath: C:\csi
{{- if not .Values.node.windowsHostProcess }}
- name: csi-proxy-disk-pipe - name: csi-proxy-disk-pipe
mountPath: \\.\pipe\csi-proxy-disk-v1 mountPath: \\.\pipe\csi-proxy-disk-v1
- name: csi-proxy-volume-pipe - name: csi-proxy-volume-pipe
mountPath: \\.\pipe\csi-proxy-volume-v1 mountPath: \\.\pipe\csi-proxy-volume-v1
- name: csi-proxy-filesystem-pipe - name: csi-proxy-filesystem-pipe
mountPath: \\.\pipe\csi-proxy-filesystem-v1 mountPath: \\.\pipe\csi-proxy-filesystem-v1
{{- end }}
ports: ports:
- name: healthz - name: healthz
containerPort: 9808 containerPort: 9808
@ -113,9 +134,11 @@ spec:
resources: resources:
{{- toYaml . | nindent 12 }} {{- toYaml . | nindent 12 }}
{{- end }} {{- end }}
{{- if not .Values.node.windowsHostProcess }}
securityContext: securityContext:
windowsOptions: windowsOptions:
runAsUserName: "ContainerAdministrator" runAsUserName: "ContainerAdministrator"
{{- end }}
lifecycle: lifecycle:
preStop: preStop:
exec: exec:
@ -123,15 +146,34 @@ spec:
- name: node-driver-registrar - name: node-driver-registrar
image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.sidecars.nodeDriverRegistrar.image.repository .Values.sidecars.nodeDriverRegistrar.image.tag }} image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.sidecars.nodeDriverRegistrar.image.repository .Values.sidecars.nodeDriverRegistrar.image.tag }}
imagePullPolicy: {{ default .Values.image.pullPolicy .Values.sidecars.nodeDriverRegistrar.image.pullPolicy }} imagePullPolicy: {{ default .Values.image.pullPolicy .Values.sidecars.nodeDriverRegistrar.image.pullPolicy }}
{{- if .Values.node.windowsHostProcess }}
command:
- "csi-node-driver-registrar.exe"
{{- end }}
args: args:
- --csi-address=$(ADDRESS) - --csi-address=$(ADDRESS)
- --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)
{{- if .Values.node.windowsHostProcess }}
- --plugin-registration-path=$(PLUGIN_REG_DIR)
{{- end }}
- --v={{ .Values.sidecars.nodeDriverRegistrar.logLevel }} - --v={{ .Values.sidecars.nodeDriverRegistrar.logLevel }}
env: env:
- name: ADDRESS - name: ADDRESS
{{- if .Values.node.windowsHostProcess }}
value: unix://C:\\var\\lib\\kubelet\\plugins\\ebs.csi.aws.com\\csi.sock
{{- else }}
value: unix:/csi/csi.sock value: unix:/csi/csi.sock
{{- end }}
- name: DRIVER_REG_SOCK_PATH - name: DRIVER_REG_SOCK_PATH
{{- if .Values.node.windowsHostProcess }}
value: C:\\var\\lib\\kubelet\\plugins\\ebs.csi.aws.com\\csi.sock
{{- else }}
value: C:\var\lib\kubelet\plugins\ebs.csi.aws.com\csi.sock value: C:\var\lib\kubelet\plugins\ebs.csi.aws.com\csi.sock
{{- end }}
{{- if .Values.node.windowsHostProcess }}
- name: PLUGIN_REG_DIR
value: C:\\var\\lib\\kubelet\\plugins_registry\\
{{- end }}
{{- if .Values.proxy.http_proxy }} {{- if .Values.proxy.http_proxy }}
{{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }} {{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }}
{{- end }} {{- end }}
@ -161,8 +203,16 @@ spec:
- name: liveness-probe - name: liveness-probe
image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.sidecars.livenessProbe.image.repository .Values.sidecars.livenessProbe.image.tag }} image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.sidecars.livenessProbe.image.repository .Values.sidecars.livenessProbe.image.tag }}
imagePullPolicy: {{ default .Values.image.pullPolicy .Values.sidecars.livenessProbe.image.pullPolicy }} imagePullPolicy: {{ default .Values.image.pullPolicy .Values.sidecars.livenessProbe.image.pullPolicy }}
{{- if .Values.node.windowsHostProcess }}
command:
- "livenessprobe.exe"
{{- end }}
args: args:
{{- if .Values.node.windowsHostProcess }}
- --csi-address=unix://C:\\var\\lib\\kubelet\\plugins\\ebs.csi.aws.com\\csi.sock
{{- else }}
- --csi-address=unix:/csi/csi.sock - --csi-address=unix:/csi/csi.sock
{{- end }}
volumeMounts: volumeMounts:
- name: plugin-dir - name: plugin-dir
mountPath: C:\csi mountPath: C:\csi
@ -189,6 +239,7 @@ spec:
hostPath: hostPath:
path: C:\var\lib\kubelet\plugins_registry path: C:\var\lib\kubelet\plugins_registry
type: Directory type: Directory
{{- if not .Values.node.windowsHostProcess }}
- name: csi-proxy-disk-pipe - name: csi-proxy-disk-pipe
hostPath: hostPath:
path: \\.\pipe\csi-proxy-disk-v1 path: \\.\pipe\csi-proxy-disk-v1
@ -201,6 +252,7 @@ spec:
hostPath: hostPath:
path: \\.\pipe\csi-proxy-filesystem-v1 path: \\.\pipe\csi-proxy-filesystem-v1
type: "" type: ""
{{- end }}
- name: probe-dir - name: probe-dir
{{- if .Values.node.probeDirVolume }} {{- if .Values.node.probeDirVolume }}
{{- toYaml .Values.node.probeDirVolume | nindent 10 }} {{- toYaml .Values.node.probeDirVolume | nindent 10 }}

View File

@ -5,7 +5,7 @@ kind: DaemonSet
apiVersion: apps/v1 apiVersion: apps/v1
metadata: metadata:
name: {{ .NodeName }} name: {{ .NodeName }}
namespace: {{ .Release.Namespace }} namespace: {{ .Values.node.namespaceOverride | default .Release.Namespace }}
labels: labels:
{{- include "aws-ebs-csi-driver.labels" . | nindent 4 }} {{- include "aws-ebs-csi-driver.labels" . | nindent 4 }}
{{- with .Values.node.daemonSetAnnotations }} {{- with .Values.node.daemonSetAnnotations }}
@ -44,6 +44,7 @@ spec:
{{- toYaml . | nindent 8 }} {{- toYaml . | nindent 8 }}
{{- end }} {{- end }}
serviceAccountName: {{ .Values.node.serviceAccount.name }} serviceAccountName: {{ .Values.node.serviceAccount.name }}
terminationGracePeriodSeconds: {{ .Values.node.terminationGracePeriodSeconds }}
priorityClassName: {{ .Values.node.priorityClassName | default "system-node-critical" }} priorityClassName: {{ .Values.node.priorityClassName | default "system-node-critical" }}
tolerations: tolerations:
{{- if .Values.node.tolerateAllTaints }} {{- if .Values.node.tolerateAllTaints }}

View File

@ -8,7 +8,7 @@ metadata:
rules: rules:
- apiGroups: [ "" ] - apiGroups: [ "" ]
resources: [ "persistentvolumes" ] resources: [ "persistentvolumes" ]
verbs: [ "get", "list", "watch", "create", "delete" ] verbs: [ "get", "list", "watch", "create", "patch", "delete" ]
- apiGroups: [ "" ] - apiGroups: [ "" ]
resources: [ "persistentvolumeclaims" ] resources: [ "persistentvolumeclaims" ]
verbs: [ "get", "list", "watch", "update" ] verbs: [ "get", "list", "watch", "update" ]

View File

@ -24,7 +24,7 @@ rules:
verbs: [ "create", "get", "list", "watch", "update", "delete", "patch" ] verbs: [ "create", "get", "list", "watch", "update", "delete", "patch" ]
- apiGroups: [ "snapshot.storage.k8s.io" ] - apiGroups: [ "snapshot.storage.k8s.io" ]
resources: [ "volumesnapshotcontents/status" ] resources: [ "volumesnapshotcontents/status" ]
verbs: [ "update" ] verbs: [ "update", "patch" ]
{{- with .Values.sidecars.snapshotter.additionalClusterRoleRules }} {{- with .Values.sidecars.snapshotter.additionalClusterRoleRules }}
{{- . | toYaml | nindent 2 }} {{- . | toYaml | nindent 2 }}
{{- end }} {{- end }}

View File

@ -8,7 +8,7 @@ metadata:
subjects: subjects:
- kind: ServiceAccount - kind: ServiceAccount
name: {{ .Values.node.serviceAccount.name }} name: {{ .Values.node.serviceAccount.name }}
namespace: {{ .Release.Namespace }} namespace: {{ .Values.node.namespaceOverride | default .Release.Namespace }}
roleRef: roleRef:
kind: ClusterRole kind: ClusterRole
name: ebs-csi-node-role name: ebs-csi-node-role

View File

@ -227,6 +227,9 @@ spec:
- --kube-api-burst=100 - --kube-api-burst=100
- --worker-threads=100 - --worker-threads=100
{{- end }} {{- end }}
{{- if not (regexMatch "(-retry-interval-max)" (join " " .Values.sidecars.provisioner.additionalArgs)) }}
- --retry-interval-max=30m
{{- end }}
{{- range .Values.sidecars.provisioner.additionalArgs }} {{- range .Values.sidecars.provisioner.additionalArgs }}
- {{ . }} - {{ . }}
{{- end }} {{- end }}
@ -280,6 +283,9 @@ spec:
- --kube-api-burst=100 - --kube-api-burst=100
- --worker-threads=100 - --worker-threads=100
{{- end }} {{- end }}
{{- if not (regexMatch "(-retry-interval-max)" (join " " .Values.sidecars.attacher.additionalArgs)) }}
- --retry-interval-max=5m
{{- end }}
{{- range .Values.sidecars.attacher.additionalArgs }} {{- range .Values.sidecars.attacher.additionalArgs }}
- {{ . }} - {{ . }}
{{- end }} {{- end }}
@ -322,6 +328,9 @@ spec:
- --kube-api-burst=100 - --kube-api-burst=100
- --worker-threads=100 - --worker-threads=100
{{- end }} {{- end }}
{{- if not (regexMatch "(-retry-interval-max)" (join " " .Values.sidecars.snapshotter.additionalArgs)) }}
- --retry-interval-max=30m
{{- end }}
{{- range .Values.sidecars.snapshotter.additionalArgs }} {{- range .Values.sidecars.snapshotter.additionalArgs }}
- {{ . }} - {{ . }}
{{- end }} {{- end }}
@ -435,6 +444,9 @@ spec:
- --kube-api-burst=100 - --kube-api-burst=100
- --workers=100 - --workers=100
{{- end }} {{- end }}
{{- if not (regexMatch "(-retry-interval-max)" (join " " .Values.sidecars.resizer.additionalArgs)) }}
- --retry-interval-max=30m
{{- end }}
{{- range .Values.sidecars.resizer.additionalArgs }} {{- range .Values.sidecars.resizer.additionalArgs }}
- {{ . }} - {{ . }}
{{- end }} {{- end }}
@ -501,3 +513,7 @@ spec:
{{- with .Values.controller.volumes }} {{- with .Values.controller.volumes }}
{{- toYaml . | nindent 8 }} {{- toYaml . | nindent 8 }}
{{- end }} {{- end }}
{{- if .Values.controller.dnsConfig }}
dnsConfig:
{{- toYaml .Values.controller.dnsConfig | nindent 4 }}
{{- end }}

View File

@ -0,0 +1,11 @@
{{- if .Values.defaultStorageClass.enabled }}
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: ebs-csi-default-sc
annotations:
storageclass.kubernetes.io/is-default-class: "true"
provisioner: ebs.csi.aws.com
volumeBindingMode: WaitForFirstConsumer
allowVolumeExpansion: true
{{- end }}

View File

@ -37,6 +37,6 @@ spec:
endpoints: endpoints:
- targetPort: 3301 - targetPort: 3301
path: /metrics path: /metrics
interval: 15s interval: {{ .Values.controller.serviceMonitor.interval | default "15s"}}
{{- end }} {{- end }}
{{- end }} {{- end }}

View File

@ -3,7 +3,7 @@ apiVersion: v1
kind: ServiceAccount kind: ServiceAccount
metadata: metadata:
name: {{ .Values.node.serviceAccount.name }} name: {{ .Values.node.serviceAccount.name }}
namespace: {{ .Release.Namespace }} namespace: {{ .Values.node.namespaceOverride | default .Release.Namespace }}
labels: labels:
{{- include "aws-ebs-csi-driver.labels" . | nindent 4 }} {{- include "aws-ebs-csi-driver.labels" . | nindent 4 }}
{{- with .Values.node.serviceAccount.annotations }} {{- with .Values.node.serviceAccount.annotations }}

View File

@ -136,7 +136,7 @@ metadata:
subjects: subjects:
- kind: ServiceAccount - kind: ServiceAccount
name: ebs-csi-driver-test name: ebs-csi-driver-test
namespace: kube-system namespace: {{ .Release.Namespace }}
roleRef: roleRef:
kind: ClusterRole kind: ClusterRole
name: ebs-csi-driver-test name: ebs-csi-driver-test
@ -214,11 +214,14 @@ spec:
kubectl config set-context kubetest2 --cluster=cluster kubectl config set-context kubetest2 --cluster=cluster
kubectl config set-credentials sa --token=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token) kubectl config set-credentials sa --token=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)
kubectl config set-context kubetest2 --user=sa && kubectl config use-context kubetest2 kubectl config set-context kubetest2 --user=sa && kubectl config use-context kubetest2
export FOCUS_REGEX='\bebs.csi.aws.com\b.+(validate content|resize volume|offline PVC|AllowedTopologies|store data$SNAPSHOTS)' export FOCUS_REGEX='\bebs.csi.aws.com\b.+(validate content|resize volume|offline PVC|AllowedTopologies|store data'
if kubectl get crd volumesnapshots.snapshot.storage.k8s.io; then if kubectl get crd volumesnapshots.snapshot.storage.k8s.io; then
FORCUS_REGEX="${FOCUS_REGEX}|snapshot fields" FOCUS_REGEX="${FOCUS_REGEX}|snapshot fields)"
else
FOCUS_REGEX="${FOCUS_REGEX})"
fi fi
kubetest2 noop --run-id='e2e-kubernetes' --test=ginkgo -- --test-package-version="$(curl -L https://dl.k8s.io/release/stable-1.29.txt)" --skip-regex='[Disruptive]|[Serial]' --focus-regex="$FOCUS_REGEX" --parallel=25 --test-args='-storage.testdriver=/etc/config/manifests.yaml' export KUBE_VERSION=$(kubectl version --output json | jq -r '.serverVersion.major + "." + .serverVersion.minor')
kubetest2 noop --run-id='e2e-kubernetes' --test=ginkgo -- --test-package-version="$(curl -L https://dl.k8s.io/release/stable-${KUBE_VERSION}.txt)" --skip-regex='[Disruptive]|[Serial]' --focus-regex="$FOCUS_REGEX" --parallel=25 --test-args='-storage.testdriver=/etc/config/manifests.yaml'
volumeMounts: volumeMounts:
- name: config-vol - name: config-vol
mountPath: /etc/config mountPath: /etc/config

View File

@ -7,11 +7,9 @@ image:
# Overrides the image tag whose default is v{{ .Chart.AppVersion }} # Overrides the image tag whose default is v{{ .Chart.AppVersion }}
tag: "" tag: ""
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
# -- Custom labels to add into metadata # -- Custom labels to add into metadata
customLabels: customLabels: {}
{} # k8s-app: aws-ebs-csi-driver
# k8s-app: aws-ebs-csi-driver
sidecars: sidecars:
provisioner: provisioner:
@ -19,7 +17,7 @@ sidecars:
image: image:
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
repository: public.ecr.aws/eks-distro/kubernetes-csi/external-provisioner repository: public.ecr.aws/eks-distro/kubernetes-csi/external-provisioner
tag: "v4.0.0-eks-1-29-7" tag: "v5.0.1-eks-1-30-8"
logLevel: 2 logLevel: 2
# Additional parameters provided by external-provisioner. # Additional parameters provided by external-provisioner.
additionalArgs: [] additionalArgs: []
@ -37,6 +35,8 @@ sidecars:
# renewDeadline: "10s" # renewDeadline: "10s"
# retryPeriod: "5s" # retryPeriod: "5s"
securityContext: securityContext:
seccompProfile:
type: RuntimeDefault
readOnlyRootFilesystem: true readOnlyRootFilesystem: true
allowPrivilegeEscalation: false allowPrivilegeEscalation: false
attacher: attacher:
@ -44,7 +44,7 @@ sidecars:
image: image:
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
repository: public.ecr.aws/eks-distro/kubernetes-csi/external-attacher repository: public.ecr.aws/eks-distro/kubernetes-csi/external-attacher
tag: "v4.5.0-eks-1-29-7" tag: "v4.6.1-eks-1-30-8"
# Tune leader lease election for csi-attacher. # Tune leader lease election for csi-attacher.
# Leader election is on by default. # Leader election is on by default.
leaderElection: leaderElection:
@ -62,6 +62,8 @@ sidecars:
additionalClusterRoleRules: [] additionalClusterRoleRules: []
resources: {} resources: {}
securityContext: securityContext:
seccompProfile:
type: RuntimeDefault
readOnlyRootFilesystem: true readOnlyRootFilesystem: true
allowPrivilegeEscalation: false allowPrivilegeEscalation: false
snapshotter: snapshotter:
@ -71,7 +73,7 @@ sidecars:
image: image:
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
repository: public.ecr.aws/eks-distro/kubernetes-csi/external-snapshotter/csi-snapshotter repository: public.ecr.aws/eks-distro/kubernetes-csi/external-snapshotter/csi-snapshotter
tag: "v7.0.1-eks-1-29-7" tag: "v8.0.1-eks-1-30-8"
logLevel: 2 logLevel: 2
# Additional parameters provided by csi-snapshotter. # Additional parameters provided by csi-snapshotter.
additionalArgs: [] additionalArgs: []
@ -79,13 +81,15 @@ sidecars:
additionalClusterRoleRules: [] additionalClusterRoleRules: []
resources: {} resources: {}
securityContext: securityContext:
seccompProfile:
type: RuntimeDefault
readOnlyRootFilesystem: true readOnlyRootFilesystem: true
allowPrivilegeEscalation: false allowPrivilegeEscalation: false
livenessProbe: livenessProbe:
image: image:
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
repository: public.ecr.aws/eks-distro/kubernetes-csi/livenessprobe repository: public.ecr.aws/eks-distro/kubernetes-csi/livenessprobe
tag: "v2.12.0-eks-1-29-7" tag: "v2.13.0-eks-1-30-8"
# Additional parameters provided by livenessprobe. # Additional parameters provided by livenessprobe.
additionalArgs: [] additionalArgs: []
resources: {} resources: {}
@ -97,7 +101,7 @@ sidecars:
image: image:
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
repository: public.ecr.aws/eks-distro/kubernetes-csi/external-resizer repository: public.ecr.aws/eks-distro/kubernetes-csi/external-resizer
tag: "v1.10.0-eks-1-29-7" tag: "v1.11.1-eks-1-30-8"
# Tune leader lease election for csi-resizer. # Tune leader lease election for csi-resizer.
# Leader election is on by default. # Leader election is on by default.
leaderElection: leaderElection:
@ -115,6 +119,8 @@ sidecars:
additionalClusterRoleRules: [] additionalClusterRoleRules: []
resources: {} resources: {}
securityContext: securityContext:
seccompProfile:
type: RuntimeDefault
readOnlyRootFilesystem: true readOnlyRootFilesystem: true
allowPrivilegeEscalation: false allowPrivilegeEscalation: false
nodeDriverRegistrar: nodeDriverRegistrar:
@ -122,7 +128,7 @@ sidecars:
image: image:
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
repository: public.ecr.aws/eks-distro/kubernetes-csi/node-driver-registrar repository: public.ecr.aws/eks-distro/kubernetes-csi/node-driver-registrar
tag: "v2.10.0-eks-1-29-7" tag: "v2.11.0-eks-1-30-8"
logLevel: 2 logLevel: 2
# Additional parameters provided by node-driver-registrar. # Additional parameters provided by node-driver-registrar.
additionalArgs: [] additionalArgs: []
@ -133,9 +139,9 @@ sidecars:
livenessProbe: livenessProbe:
exec: exec:
command: command:
- /csi-node-driver-registrar - /csi-node-driver-registrar
- --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)
- --mode=kubelet-registration-probe - --mode=kubelet-registration-probe
initialDelaySeconds: 30 initialDelaySeconds: 30
periodSeconds: 90 periodSeconds: 90
timeoutSeconds: 15 timeoutSeconds: 15
@ -144,7 +150,7 @@ sidecars:
image: image:
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
repository: public.ecr.aws/ebs-csi-driver/volume-modifier-for-k8s repository: public.ecr.aws/ebs-csi-driver/volume-modifier-for-k8s
tag: "v0.2.1" tag: "v0.3.0"
leaderElection: leaderElection:
enabled: true enabled: true
# Optional values to tune lease behavior. # Optional values to tune lease behavior.
@ -158,22 +164,20 @@ sidecars:
additionalArgs: [] additionalArgs: []
resources: {} resources: {}
securityContext: securityContext:
seccompProfile:
type: RuntimeDefault
readOnlyRootFilesystem: true readOnlyRootFilesystem: true
allowPrivilegeEscalation: false allowPrivilegeEscalation: false
proxy: proxy:
http_proxy: http_proxy:
no_proxy: no_proxy:
imagePullSecrets: [] imagePullSecrets: []
nameOverride: nameOverride:
fullnameOverride: fullnameOverride:
awsAccessSecret: awsAccessSecret:
name: aws-secret name: aws-secret
keyId: key_id keyId: key_id
accessKey: access_key accessKey: access_key
controller: controller:
batching: true batching: true
volumeModificationFeature: volumeModificationFeature:
@ -185,24 +189,24 @@ controller:
affinity: affinity:
nodeAffinity: nodeAffinity:
preferredDuringSchedulingIgnoredDuringExecution: preferredDuringSchedulingIgnoredDuringExecution:
- weight: 1 - weight: 1
preference: preference:
matchExpressions: matchExpressions:
- key: eks.amazonaws.com/compute-type - key: eks.amazonaws.com/compute-type
operator: NotIn operator: NotIn
values: values:
- fargate - fargate
podAntiAffinity: podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution: preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm: - podAffinityTerm:
labelSelector: labelSelector:
matchExpressions: matchExpressions:
- key: app - key: app
operator: In operator: In
values: values:
- ebs-csi-controller - ebs-csi-controller
topologyKey: kubernetes.io/hostname topologyKey: kubernetes.io/hostname
weight: 100 weight: 100
# The default filesystem type of the volume to provision when fstype is unspecified in the StorageClass. # The default filesystem type of the volume to provision when fstype is unspecified in the StorageClass.
# If the default is not set and fstype is unset in the StorageClass, then no fstype will be set # If the default is not set and fstype is unset in the StorageClass, then no fstype will be set
defaultFsType: ext4 defaultFsType: ext4
@ -229,6 +233,7 @@ controller:
# Additional labels for ServiceMonitor object # Additional labels for ServiceMonitor object
labels: labels:
release: prometheus release: prometheus
interval: "15s"
# If set to true, AWS API call metrics will be exported to the following # If set to true, AWS API call metrics will be exported to the following
# TCP endpoint: "0.0.0.0:3301" # TCP endpoint: "0.0.0.0:3301"
# --- # ---
@ -265,7 +270,7 @@ controller:
limits: limits:
memory: 256Mi memory: 256Mi
serviceAccount: serviceAccount:
# A service account will be created for you if set to true. Set to false if you want to use your own. # A service account will be created for you if set to true. Set to false if you want to use your own.
create: true create: true
name: ebs-csi-controller-sa name: ebs-csi-controller-sa
annotations: {} annotations: {}
@ -310,6 +315,8 @@ controller:
# --- # ---
# securityContext on the controller container (see sidecars for securityContext on sidecar containers) # securityContext on the controller container (see sidecars for securityContext on sidecar containers)
containerSecurityContext: containerSecurityContext:
seccompProfile:
type: RuntimeDefault
readOnlyRootFilesystem: true readOnlyRootFilesystem: true
allowPrivilegeEscalation: false allowPrivilegeEscalation: false
initContainers: [] initContainers: []
@ -325,6 +332,8 @@ controller:
# otelServiceName: ebs-csi-controller # otelServiceName: ebs-csi-controller
# otelExporterEndpoint: "http://localhost:4317" # otelExporterEndpoint: "http://localhost:4317"
# Enable dnsConfig for the controller and node pods
dnsConfig: {}
node: node:
env: [] env: []
envFrom: [] envFrom: []
@ -337,28 +346,29 @@ node:
nodeAffinity: nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution: requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms: nodeSelectorTerms:
- matchExpressions: - matchExpressions:
- key: eks.amazonaws.com/compute-type - key: eks.amazonaws.com/compute-type
operator: NotIn operator: NotIn
values: values:
- fargate - fargate
- key: node.kubernetes.io/instance-type - key: node.kubernetes.io/instance-type
operator: NotIn operator: NotIn
values: values:
- a1.medium - a1.medium
- a1.large - a1.large
- a1.xlarge - a1.xlarge
- a1.2xlarge - a1.2xlarge
- a1.4xlarge - a1.4xlarge
nodeSelector: {} nodeSelector: {}
daemonSetAnnotations: {} daemonSetAnnotations: {}
podAnnotations: {} podAnnotations: {}
podLabels: {} podLabels: {}
terminationGracePeriodSeconds: 30
tolerateAllTaints: true tolerateAllTaints: true
tolerations: tolerations:
- operator: Exists - operator: Exists
effect: NoExecute effect: NoExecute
tolerationSeconds: 300 tolerationSeconds: 300
resources: resources:
requests: requests:
cpu: 10m cpu: 10m
@ -397,6 +407,8 @@ node:
runAsUser: 0 runAsUser: 0
runAsGroup: 0 runAsGroup: 0
fsGroup: 0 fsGroup: 0
# allows you to deploy aws-ebs-csi-node daemonset to separate namespace (make sure namespace exists before deploy)
namespaceOverride: ""
# Add additional volume mounts on the node pods with node.volumes and node.volumeMounts # Add additional volume mounts on the node pods with node.volumes and node.volumeMounts
volumes: [] volumes: []
# Add additional volumes to be mounted onto the node pods: # Add additional volumes to be mounted onto the node pods:
@ -410,6 +422,7 @@ node:
# mountPath: /mount/path # mountPath: /mount/path
# --- # ---
# securityContext on the node container (see sidecars for securityContext on sidecar containers) # securityContext on the node container (see sidecars for securityContext on sidecar containers)
# Privileged containers always run as `Unconfined`, which means that they are not restricted by a seccomp profile.
containerSecurityContext: containerSecurityContext:
readOnlyRootFilesystem: true readOnlyRootFilesystem: true
privileged: true privileged: true
@ -417,19 +430,17 @@ node:
otelTracing: {} otelTracing: {}
# otelServiceName: ebs-csi-node # otelServiceName: ebs-csi-node
# otelExporterEndpoint: "http://localhost:4317" # otelExporterEndpoint: "http://localhost:4317"
additionalDaemonSets: additionalDaemonSets:
# Additional node DaemonSets, using the node config structure # Additional node DaemonSets, using the node config structure
# See docs/additional-daemonsets.md for more information # See docs/additional-daemonsets.md for more information
# #
# example: # example:
# nodeSelector: # nodeSelector:
# node.kubernetes.io/instance-type: c5.large # node.kubernetes.io/instance-type: c5.large
# volumeAttachLimit: 15 # volumeAttachLimit: 15
# Enable compatibility for the A1 instance family via use of an AL2-based image in a separate DaemonSet # Enable compatibility for the A1 instance family via use of an AL2-based image in a separate DaemonSet
# a1CompatibilityDaemonSet: true # a1CompatibilityDaemonSet: true
storageClasses: [] storageClasses: []
# Add StorageClass resources like: # Add StorageClass resources like:
# - name: ebs-sc # - name: ebs-sc
@ -446,6 +457,8 @@ storageClasses: []
# parameters: # parameters:
# encrypted: "true" # encrypted: "true"
defaultStorageClass:
enabled: false
volumeSnapshotClasses: [] volumeSnapshotClasses: []
# Add VolumeSnapshotClass resources like: # Add VolumeSnapshotClass resources like:
# - name: ebs-vsc # - name: ebs-vsc
@ -463,8 +476,7 @@ volumeSnapshotClasses: []
# Intended for use with older clusters that cannot easily replace the CSIDriver object # Intended for use with older clusters that cannot easily replace the CSIDriver object
# This parameter should always be false for new installations # This parameter should always be false for new installations
useOldCSIDriver: false useOldCSIDriver: false
helmTester: helmTester:
enabled: true enabled: true
# Supply a custom image to the ebs-csi-driver-test pod in helm-tester.yaml # Supply a custom image to the ebs-csi-driver-test pod in helm-tester.yaml
image: "gcr.io/k8s-staging-test-infra/kubekins-e2e:v20240311-b09cdeb92c-master" image: "gcr.io/k8s-staging-test-infra/kubekins-e2e:v20240611-597c402033-master"

View File

@ -1,4 +1,18 @@
# Helm chart # Helm chart
# v3.0.6
* Bump app/driver version to `v2.0.5`
# v3.0.5
* Bump app/driver version to `v2.0.4`
# v3.0.4
* Bump app/driver version to `v2.0.3`
# v3.0.3
* Bump app/driver version to `v2.0.2`
# v3.0.2
* Update Helm to use the image from Public ECR rather than DockerHub
# v3.0.1
* Bump app/driver version to `v2.0.1`
# v3.0.0
* Bump app/driver version to `v2.0.0`
# v2.5.7 # v2.5.7
* Bump app/driver version to `v1.7.7` * Bump app/driver version to `v1.7.7`
# v2.5.6 # v2.5.6

View File

@ -1,5 +1,5 @@
apiVersion: v2 apiVersion: v2
appVersion: 1.7.7 appVersion: 2.0.5
description: A Helm chart for AWS EFS CSI Driver description: A Helm chart for AWS EFS CSI Driver
home: https://github.com/kubernetes-sigs/aws-efs-csi-driver home: https://github.com/kubernetes-sigs/aws-efs-csi-driver
keywords: keywords:
@ -15,4 +15,4 @@ maintainers:
name: aws-efs-csi-driver name: aws-efs-csi-driver
sources: sources:
- https://github.com/kubernetes-sigs/aws-efs-csi-driver - https://github.com/kubernetes-sigs/aws-efs-csi-driver
version: 2.5.7 version: 3.0.6

View File

@ -93,14 +93,15 @@ spec:
- name: AWS_USE_FIPS_ENDPOINT - name: AWS_USE_FIPS_ENDPOINT
value: "true" value: "true"
{{- end }} {{- end }}
{{- if .Values.controller.extraEnv }} {{- with .Values.controller.env }}
{{- toYaml .Values.controller.extraEnv | nindent 12 }} {{- toYaml . | nindent 12 }}
{{- end }} {{- end }}
volumeMounts: volumeMounts:
- name: socket-dir - name: socket-dir
mountPath: /var/lib/csi/sockets/pluginproxy/ mountPath: /var/lib/csi/sockets/pluginproxy/
- name: aws-token {{- with .Values.controller.volumeMounts }}
mountPath: /var/run/secrets/sts.amazonaws.com/serviceaccount/ {{- toYaml . | nindent 12 }}
{{- end }}
ports: ports:
- name: healthz - name: healthz
containerPort: {{ .Values.controller.healthPort }} containerPort: {{ .Values.controller.healthPort }}
@ -155,6 +156,9 @@ spec:
volumeMounts: volumeMounts:
- name: socket-dir - name: socket-dir
mountPath: /csi mountPath: /csi
{{- with .Values.controller.volumeMounts }}
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.sidecars.livenessProbe.resources }} {{- with .Values.sidecars.livenessProbe.resources }}
resources: {{ toYaml . | nindent 12 }} resources: {{ toYaml . | nindent 12 }}
{{- end }} {{- end }}
@ -165,13 +169,9 @@ spec:
volumes: volumes:
- name: socket-dir - name: socket-dir
emptyDir: {} emptyDir: {}
- name: aws-token {{- with .Values.controller.volumes }}
projected: {{- toYaml . | nindent 8 }}
sources: {{- end }}
- serviceAccountToken:
path: token
expirationSeconds: 86400
audience: "sts.amazonaws.com"
{{- with .Values.controller.affinity }} {{- with .Values.controller.affinity }}
affinity: {{- toYaml . | nindent 8 }} affinity: {{- toYaml . | nindent 8 }}
{{- end }} {{- end }}

Some files were not shown because too many files have changed in this diff Show More