grafana: istio: enabled: false ipBlocks: [] url: "" gateway: istio-system/ingressgateway prometheus: istio: enabled: false url: "" gateway: istio-system/ingressgateway kube-prometheus-stack: defaultRules: create: true coreDns: enabled: true kubeDns: enabled: false kubeApiServer: enabled: true kubeStateMetrics: enabled: true kubeProxy: enabled: true kubeEtcd: enabled: true service: port: 2381 targetPort: 2381 kubeControllerManager: enabled: true service: port: 10257 targetPort: 10257 serviceMonitor: https: true insecureSkipVerify: true kubeScheduler: enabled: true service: port: 10259 targetPort: 10259 serviceMonitor: https: true insecureSkipVerify: true kubelet: enabled: true serviceMonitor: # removed with 1.18, but still required for all container metrics ?? cAdvisor: true prometheusOperator: enabled: true #image: # tag: v0.42.1 #prometheusConfigReloaderImage: # tag: v0.42.1 # Run on controller nodes tolerations: - key: node-role.kubernetes.io/master effect: NoSchedule nodeSelector: node-role.kubernetes.io/master: "" # Argo takes care of CRDs manageCrds: false createCustomResource: true # Operator has TLS support starting 0.39, but chart does not support CAConfig and operator flags yet # see: https://github.com/coreos/prometheus-operator/blob/master/Documentation/user-guides/webhook.md#deploying-the-admission-webhook # Until then we disable them as the patching interferes with Argo anyways tlsProxy: enabled: false admissionWebhooks: enabled: false namespaces: releaseNamespace: true additional: - kube-system - logging nodeExporter: enabled: true serviceMonitor: relabelings: - sourceLabels: [__meta_kubernetes_pod_node_name] separator: ; regex: ^(.*)$ targetLabel: node replacement: $1 action: replace prometheus: enabled: true prometheusSpec: retention: 8d portName: http-prometheus resources: requests: memory: "1Gi" cpu: "500m" limits: memory: "3Gi" cpu: "1000m" storageSpec: volumeClaimTemplate: spec: storageClassName: ebs-sc-gp2-xfs accessModes: ["ReadWriteOnce"] resources: requests: storage: 16Gi # Custom Grafana tweaks # - persistence, plugins, auth grafana: enabled: true persistence: enabled: true size: 4Gi storageClassName: ebs-sc-gp2-xfs plugins: - grafana-piechart-panel service: portName: http-grafana initChownData: enabled: false testFramework: enabled: false # Todo alertmanager: enabled: false # Metrics adapter prometheus-adapter: prometheus: url: http://metrics-kube-prometheus-st-prometheus tolerations: - key: node-role.kubernetes.io/master effect: NoSchedule nodeSelector: node-role.kubernetes.io/master: "" # Basic rules for HPA to work replacing heaptster, taken from kube-prometheus project # https://github.com/coreos/kube-prometheus/blob/master/manifests/prometheus-adapter-configMap.yaml rules: default: false resource: cpu: containerQuery: sum(irate(container_cpu_usage_seconds_total{<<.LabelMatchers>>,container!="POD",container!="",pod!=""}[3m])) by (<<.GroupBy>>) nodeQuery: sum(1 - irate(node_cpu_seconds_total{mode="idle"}[3m]) * on(namespace, pod) group_left(node) node_namespace_pod:kube_pod_info:{<<.LabelMatchers>>}) by (<<.GroupBy>>) resources: overrides: node: resource: node namespace: resource: namespace pod: resource: pod containerLabel: container memory: containerQuery: sum(container_memory_working_set_bytes{<<.LabelMatchers>>,container!="POD",container!="",pod!=""}) by (<<.GroupBy>>) nodeQuery: sum(node_memory_MemTotal_bytes{job="node-exporter",<<.LabelMatchers>>} - node_memory_MemAvailable_bytes{job="node-exporter",<<.LabelMatchers>>}) by (<<.GroupBy>>) resources: overrides: node: resource: node namespace: resource: namespace pod: resource: pod containerLabel: container window: 3m