core/oc-k8s
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update K8S to include an auto generator of values template

Browse Source
This commit is contained in:
mr
2025-11-12 13:13:43 +01:00
parent 7ad4bf0b5d
commit 9f9b1849eb
141 changed files with 13168 additions and 211 deletions
Download Patch File Download Diff File Expand all files Collapse all files

118
opencloud/charts/prometheus/templates/NOTES.txt Normal file
View File

@@ -0,0 +1,118 @@
The Prometheus server can be accessed via port {{ .Values.server.service.servicePort }} on the following DNS name from within your cluster:
{{ template "prometheus.server.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local
{{ if .Values.server.ingress.enabled -}}
For access from outside the cluster, the server URL(s) are:
{{- range .Values.server.ingress.hosts }}
http://{{ tpl . $ }}
{{- end }}
{{- else if .Values.server.route.main.enabled }}
For access from outside the cluster, the server URL(s) are:
{{- range .Values.server.route.main.hostnames }}
http://{{ tpl . $ }}
{{- end }}
{{- else }}
Get the Prometheus server URL by running these commands in the same shell:
{{- if contains "NodePort" .Values.server.service.type }}
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "prometheus.server.fullname" . }})
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT
{{- else if contains "LoadBalancer" .Values.server.service.type }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status of by running 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "prometheus.server.fullname" . }}'
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "prometheus.server.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
echo http://$SERVICE_IP:{{ .Values.server.service.servicePort }}
{{- else if contains "ClusterIP" .Values.server.service.type }}
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "prometheus.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME {{ include "prometheus.port" . }}
{{- end }}
{{- if .Values.server.persistentVolume.enabled }}
{{- else }}
#################################################################################
###### WARNING: Persistence is disabled!!! You will lose your data when #####
###### the Server pod is terminated. #####
#################################################################################
{{- end }}
{{- end }}
{{ if .Values.alertmanager.enabled }}
The Prometheus alertmanager can be accessed via port {{ .Values.alertmanager.service.port }} on the following DNS name from within your cluster:
{{ template "prometheus.alertmanager.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local
{{ if .Values.alertmanager.ingress.enabled -}}
From outside the cluster, the alertmanager URL(s) are:
{{- range .Values.alertmanager.ingress.hosts }}
http://{{ . }}
{{- end }}
{{- else }}
Get the Alertmanager URL by running these commands in the same shell:
{{- if contains "NodePort" .Values.alertmanager.service.type }}
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "prometheus.alertmanager.fullname" . }})
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT
{{- else if contains "LoadBalancer" .Values.alertmanager.service.type }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status of by running 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "prometheus.alertmanager.fullname" . }}'
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "prometheus.alertmanager.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
echo http://$SERVICE_IP:{{ .Values.alertmanager.service.servicePort }}
{{- else if contains "ClusterIP" .Values.alertmanager.service.type }}
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "alertmanager.name" .Subcharts.alertmanager }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 9093
{{- end }}
{{- end }}
{{- if .Values.alertmanager.persistence.enabled }}
{{- else }}
#################################################################################
###### WARNING: Persistence is disabled!!! You will lose your data when #####
###### the AlertManager pod is terminated. #####
#################################################################################
{{- end }}
{{- end }}
{{- if (index .Values "prometheus-node-exporter" "enabled") }}
#################################################################################
###### WARNING: Pod Security Policy has been disabled by default since #####
###### it deprecated after k8s 1.25+. use #####
###### (index .Values "prometheus-node-exporter" "rbac" #####
###### . "pspEnabled") with (index .Values #####
###### "prometheus-node-exporter" "rbac" "pspAnnotations") #####
###### in case you still need it. #####
#################################################################################
{{- end }}
{{ if (index .Values "prometheus-pushgateway" "enabled") }}
The Prometheus PushGateway can be accessed via port {{ index .Values "prometheus-pushgateway" "service" "port" }} on the following DNS name from within your cluster:
{{ include "prometheus-pushgateway.fullname" (index .Subcharts "prometheus-pushgateway") }}.{{ .Release.Namespace }}.svc.cluster.local
{{ if (index .Values "prometheus-pushgateway" "ingress" "enabled") -}}
From outside the cluster, the pushgateway URL(s) are:
{{- range (index .Values "prometheus-pushgateway" "ingress" "hosts") }}
http://{{ . }}
{{- end }}
{{- else }}
Get the PushGateway URL by running these commands in the same shell:
{{- $pushgateway_svc_type := index .Values "prometheus-pushgateway" "service" "type" -}}
{{- if contains "NodePort" $pushgateway_svc_type }}
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "prometheus-pushgateway.fullname" (index .Subcharts "prometheus-pushgateway") }})
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT
{{- else if contains "LoadBalancer" $pushgateway_svc_type }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status of by running 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ include "prometheus-pushgateway.fullname" (index .Subcharts "prometheus-pushgateway") }}'
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "prometheus-pushgateway.fullname" (index .Subcharts "prometheus-pushgateway") }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
echo http://$SERVICE_IP:{{ index .Values "prometheus-pushgateway" "service" "port" }}
{{- else if contains "ClusterIP" $pushgateway_svc_type }}
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ include "prometheus.name" (index .Subcharts "prometheus-pushgateway") }},component=pushgateway" -o jsonpath="{.items[0].metadata.name}")
kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 9091
{{- end }}
{{- end }}
{{- end }}
For more information on running Prometheus, visit:
https://prometheus.io/

180
opencloud/charts/prometheus/templates/_helpers.tpl Normal file
View File

@@ -0,0 +1,180 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "prometheus.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Return the port for prometheus.
*/}}
{{- define "prometheus.port" -}}
9090
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "prometheus.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create labels for prometheus
*/}}
{{- define "prometheus.common.matchLabels" -}}
app.kubernetes.io/name: {{ include "prometheus.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end -}}
{{/*
Create unified labels for prometheus components
*/}}
{{- define "prometheus.common.metaLabels" -}}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
helm.sh/chart: {{ include "prometheus.chart" . }}
app.kubernetes.io/part-of: {{ include "prometheus.name" . }}
{{- with .Values.commonMetaLabels}}
{{ toYaml . }}
{{- end }}
{{- end -}}
{{- define "prometheus.server.labels" -}}
{{ include "prometheus.server.matchLabels" . }}
{{ include "prometheus.common.metaLabels" . }}
{{- end -}}
{{- define "prometheus.server.matchLabels" -}}
app.kubernetes.io/component: {{ .Values.server.name }}
{{ include "prometheus.common.matchLabels" . }}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "prometheus.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Create a fully qualified ClusterRole name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "prometheus.clusterRoleName" -}}
{{- if .Values.server.clusterRoleNameOverride -}}
{{ .Values.server.clusterRoleNameOverride | trunc 63 | trimSuffix "-" }}
{{- else -}}
{{ include "prometheus.server.fullname" . }}
{{- end -}}
{{- end -}}
{{/*
Create a fully qualified alertmanager name for communicating and check to ensure that `alertmanager` exists before trying to use it with the user via NOTES.txt
*/}}
{{- define "prometheus.alertmanager.fullname" -}}
{{- if .Subcharts.alertmanager -}}
{{- template "alertmanager.fullname" .Subcharts.alertmanager -}}
{{- else -}}
{{- "alertmanager not found" -}}
{{- end -}}
{{- end -}}
{{/*
Create a fully qualified Prometheus server name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "prometheus.server.fullname" -}}
{{- if .Values.server.fullnameOverride -}}
{{- .Values.server.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- printf "%s-%s" .Release.Name .Values.server.name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s-%s" .Release.Name $name .Values.server.name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Get KubeVersion removing pre-release information.
*/}}
{{- define "prometheus.kubeVersion" -}}
{{- default .Capabilities.KubeVersion.Version (regexFind "v[0-9]+\\.[0-9]+\\.[0-9]+" .Capabilities.KubeVersion.Version) -}}
{{- end -}}
{{/*
Return the appropriate apiVersion for networkpolicy.
*/}}
{{- define "prometheus.networkPolicy.apiVersion" -}}
{{- print "networking.k8s.io/v1" -}}
{{- end -}}
{{/*
Create the name of the service account to use for the server component
*/}}
{{- define "prometheus.serviceAccountName.server" -}}
{{- if .Values.serviceAccounts.server.create -}}
{{ default (include "prometheus.server.fullname" .) .Values.serviceAccounts.server.name }}
{{- else -}}
{{ default "default" .Values.serviceAccounts.server.name }}
{{- end -}}
{{- end -}}
{{/*
Define the prometheus.namespace template if set with forceNamespace or .Release.Namespace is set
*/}}
{{- define "prometheus.namespace" -}}
{{- default .Release.Namespace .Values.forceNamespace -}}
{{- end }}
{{/*
Define template prometheus.namespaces producing a list of namespaces to monitor
*/}}
{{- define "prometheus.namespaces" -}}
{{- $namespaces := list }}
{{- if and .Values.rbac.create .Values.server.useExistingClusterRoleName }}
{{- if .Values.server.namespaces -}}
{{- range $ns := join "," .Values.server.namespaces | split "," }}
{{- $namespaces = append $namespaces (tpl $ns $) }}
{{- end -}}
{{- end -}}
{{- if .Values.server.releaseNamespace -}}
{{- $namespaces = append $namespaces (include "prometheus.namespace" .) }}
{{- end -}}
{{- end -}}
{{ mustToJson $namespaces }}
{{- end -}}
{{/*
Define prometheus.server.remoteWrite producing a list of remoteWrite configurations with URL templating
*/}}
{{- define "prometheus.server.remoteWrite" -}}
{{- $remoteWrites := list }}
{{- range $remoteWrite := .Values.server.remoteWrite }}
{{- $remoteWrites = tpl $remoteWrite.url $ | set $remoteWrite "url" | append $remoteWrites }}
{{- end -}}
{{ toYaml $remoteWrites }}
{{- end -}}
{{/*
Define prometheus.server.remoteRead producing a list of remoteRead configurations with URL templating
*/}}
{{- define "prometheus.server.remoteRead" -}}
{{- $remoteReads := list }}
{{- range $remoteRead := .Values.server.remoteRead }}
{{- $remoteReads = tpl $remoteRead.url $ | set $remoteRead "url" | append $remoteReads }}
{{- end -}}
{{ toYaml $remoteReads }}
{{- end -}}

45
opencloud/charts/prometheus/templates/clusterrole.yaml Normal file
View File

@@ -0,0 +1,45 @@
{{- if and .Values.rbac.create (empty .Values.server.useExistingClusterRoleName) -}}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
{{- include "prometheus.server.labels" . | nindent 4 }}
name: {{ include "prometheus.clusterRoleName" . }}
rules:
- apiGroups:
- ""
resources:
- nodes
- nodes/proxy
- nodes/metrics
- services
- endpoints
- pods
- ingresses
- configmaps
verbs:
- get
- list
- watch
- apiGroups:
- "networking.k8s.io"
resources:
- ingresses/status
- ingresses
verbs:
- get
- list
- watch
- apiGroups:
- "discovery.k8s.io"
resources:
- endpointslices
verbs:
- get
- list
- watch
- nonResourceURLs:
- "/metrics"
verbs:
- get
{{- end }}

16
opencloud/charts/prometheus/templates/clusterrolebinding.yaml Normal file
View File

@@ -0,0 +1,16 @@
{{- if and .Values.rbac.create (empty .Values.server.namespaces) (empty .Values.server.useExistingClusterRoleName) -}}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
{{- include "prometheus.server.labels" . | nindent 4 }}
name: {{ include "prometheus.clusterRoleName" . }}
subjects:
- kind: ServiceAccount
name: {{ template "prometheus.serviceAccountName.server" . }}
namespace: {{ include "prometheus.namespace" . }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ include "prometheus.clusterRoleName" . }}
{{- end }}

107
opencloud/charts/prometheus/templates/cm.yaml Normal file
View File

@@ -0,0 +1,107 @@
{{- if and (empty .Values.server.configMapOverrideName) (empty .Values.server.configFromSecret) -}}
apiVersion: v1
kind: ConfigMap
metadata:
{{- with .Values.server.configMapAnnotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
labels:
{{- include "prometheus.server.labels" . | nindent 4 }}
{{- with .Values.server.extraConfigmapLabels }}
{{- toYaml . | nindent 4 }}
{{- end }}
name: {{ template "prometheus.server.fullname" . }}
namespace: {{ include "prometheus.namespace" . }}
data:
allow-snippet-annotations: "false"
{{- $root := . -}}
{{- range $key, $value := .Values.ruleFiles }}
{{ $key }}: {{- toYaml $value | indent 2 }}
{{- end }}
{{- range $key, $value := .Values.serverFiles }}
{{ $key }}: |
{{- if eq $key "prometheus.yml" }}
global:
{{ $root.Values.server.global | toYaml | trimSuffix "\n" | indent 6 }}
{{- if $root.Values.server.remoteWrite }}
remote_write:
{{- include "prometheus.server.remoteWrite" $root | nindent 4 }}
{{- end }}
{{- if $root.Values.server.remoteRead }}
remote_read:
{{- include "prometheus.server.remoteRead" $root | nindent 4 }}
{{- end }}
{{- if or $root.Values.server.tsdb $root.Values.server.exemplars }}
storage:
{{- if $root.Values.server.tsdb }}
tsdb:
{{ $root.Values.server.tsdb | toYaml | indent 8 }}
{{- end }}
{{- if $root.Values.server.exemplars }}
exemplars:
{{ $root.Values.server.exemplars | toYaml | indent 8 }}
{{- end }}
{{- end }}
{{- if $root.Values.server.otlp }}
otlp:
{{ $root.Values.server.otlp | toYaml | indent 8 }}
{{- end }}
{{- if $root.Values.scrapeConfigFiles }}
scrape_config_files:
{{ toYaml $root.Values.scrapeConfigFiles | indent 4 }}
{{- end }}
{{- end }}
{{- if eq $key "alerts" }}
{{- if and (not (empty $value)) (empty $value.groups) }}
groups:
{{- range $ruleKey, $ruleValue := $value }}
- name: {{ $ruleKey -}}.rules
rules:
{{ $ruleValue | toYaml | trimSuffix "\n" | indent 6 }}
{{- end }}
{{- else }}
{{ toYaml $value | indent 4 }}
{{- end }}
{{- else }}
{{ toYaml $value | default "{}" | indent 4 }}
{{- end }}
{{- if eq $key "prometheus.yml" -}}
{{- if $root.Values.extraScrapeConfigs }}
{{ tpl $root.Values.extraScrapeConfigs $root | indent 4 }}
{{- end -}}
{{- if or ($root.Values.alertmanager.enabled) ($root.Values.server.alertmanagers) }}
alerting:
{{- if $root.Values.alertRelabelConfigs }}
{{ $root.Values.alertRelabelConfigs | toYaml | trimSuffix "\n" | indent 6 }}
{{- end }}
alertmanagers:
{{- if $root.Values.server.alertmanagers }}
{{ toYaml $root.Values.server.alertmanagers | indent 8 }}
{{- else }}
- kubernetes_sd_configs:
- role: pod
tls_config:
ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
{{- if $root.Values.alertmanager.prefixURL }}
path_prefix: {{ $root.Values.alertmanager.prefixURL }}
{{- end }}
relabel_configs:
- source_labels: [__meta_kubernetes_namespace]
regex: {{ $root.Release.Namespace }}
action: keep
- source_labels: [__meta_kubernetes_pod_label_app_kubernetes_io_instance]
regex: {{ $root.Release.Name }}
action: keep
- source_labels: [__meta_kubernetes_pod_label_app_kubernetes_io_name]
regex: {{ default "alertmanager" $root.Values.alertmanager.nameOverride | trunc 63 | trimSuffix "-" }}
action: keep
- source_labels: [__meta_kubernetes_pod_container_port_number]
regex: "9093"
action: keep
{{- end -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{- end -}}

488
opencloud/charts/prometheus/templates/deploy.yaml Normal file
View File

@@ -0,0 +1,488 @@
apiVersion: apps/v1
{{- if .Values.server.statefulSet.enabled }}
kind: StatefulSet
metadata:
{{- if .Values.server.deploymentAnnotations }}
annotations:
{{ toYaml .Values.server.deploymentAnnotations | nindent 4 }}
{{- end }}
labels:
{{- include "prometheus.server.labels" . | nindent 4 }}
{{- with .Values.server.statefulSet.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- else if .Values.server.daemonSet.enabled }}
kind: DaemonSet
metadata:
labels:
{{- include "prometheus.server.labels" . | nindent 4 }}
{{- with .Values.server.daemonSet.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- else }}
kind: Deployment
metadata:
labels:
{{- include "prometheus.server.labels" . | nindent 4 }}
{{- with .Values.server.deploymentAnnotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}
name: {{ template "prometheus.server.fullname" . }}
namespace: {{ include "prometheus.namespace" . }}
spec:
{{- if .Values.server.statefulSet.enabled }}
{{- if semverCompare ">= 1.27.x" (include "prometheus.kubeVersion" .) }}
persistentVolumeClaimRetentionPolicy:
whenDeleted: {{ ternary "Delete" "Retain" .Values.server.statefulSet.pvcDeleteOnStsDelete }}
whenScaled: {{ ternary "Delete" "Retain" .Values.server.statefulSet.pvcDeleteOnStsScale }}
{{- end }}
podManagementPolicy: {{ .Values.server.statefulSet.podManagementPolicy }}
serviceName: {{ template "prometheus.server.fullname" . }}-headless
{{- with .Values.server.statefulSet.updateStrategy }}
updateStrategy:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- else if .Values.server.daemonSet.enabled }}
{{- with .Values.server.daemonSet.updateStrategy }}
updateStrategy:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- else }}
{{- with .Values.server.strategy }}
strategy:
{{- toYaml . | nindent 4 }}
{{ if eq .type "Recreate" }}rollingUpdate: null{{ end }}
{{- end }}
{{- end }}
selector:
matchLabels:
{{- include "prometheus.server.matchLabels" . | nindent 6 }}
{{- if not .Values.server.daemonSet.enabled }}
replicas: {{ .Values.server.replicaCount }}
{{- end }}
revisionHistoryLimit: {{ .Values.server.revisionHistoryLimit }}
template:
metadata:
{{- if .Values.server.podAnnotations }}
annotations:
{{ toYaml .Values.server.podAnnotations | nindent 8 }}
{{- end }}
labels:
{{- include "prometheus.server.labels" . | nindent 8 }}
{{- if .Values.server.podLabels}}
{{ toYaml .Values.server.podLabels | nindent 8 }}
{{- end}}
spec:
{{- if .Values.server.priorityClassName }}
priorityClassName: "{{ .Values.server.priorityClassName }}"
{{- end }}
{{- if .Values.server.runtimeClassName }}
runtimeClassName: "{{ .Values.server.runtimeClassName }}"
{{- end }}
{{- if .Values.server.schedulerName }}
schedulerName: "{{ .Values.server.schedulerName }}"
{{- end }}
{{- if semverCompare ">=1.13-0" .Capabilities.KubeVersion.GitVersion }}
{{- if or (.Values.server.enableServiceLinks) (eq (.Values.server.enableServiceLinks | toString) "<nil>") }}
enableServiceLinks: true
{{- else }}
enableServiceLinks: false
{{- end }}
{{- end }}
serviceAccountName: {{ template "prometheus.serviceAccountName.server" . }}
{{- if kindIs "bool" .Values.server.automountServiceAccountToken }}
automountServiceAccountToken: {{ .Values.server.automountServiceAccountToken }}
{{- end }}
{{- if .Values.server.extraInitContainers }}
initContainers:
{{ toYaml .Values.server.extraInitContainers | indent 8 }}
{{- end }}
containers:
{{- if .Values.configmapReload.prometheus.enabled }}
- name: {{ template "prometheus.name" . }}-{{ .Values.server.name }}-{{ .Values.configmapReload.prometheus.name }}
{{- if .Values.configmapReload.prometheus.image.digest }}
image: "{{ tpl .Values.configmapReload.prometheus.image.repository . }}@{{ tpl .Values.configmapReload.prometheus.image.digest . }}"
{{- else }}
image: "{{ tpl .Values.configmapReload.prometheus.image.repository . }}:{{ tpl .Values.configmapReload.prometheus.image.tag . }}"
{{- end }}
imagePullPolicy: "{{ .Values.configmapReload.prometheus.image.pullPolicy }}"
{{- with .Values.configmapReload.prometheus.containerSecurityContext }}
securityContext:
{{- toYaml . | nindent 12 }}
{{- end }}
args:
- --watched-dir=/etc/config
{{- $default_url := (printf "http://127.0.0.1:%s/-/reload" (include "prometheus.port" .)) }}
{{- with .Values.server.prefixURL }}
{{- $default_url = printf "http://127.0.0.1:%s%s/-/reload" (include "prometheus.port" .) . }}
{{- end }}
{{- if .Values.configmapReload.prometheus.containerPort }}
- --listen-address=0.0.0.0:{{ .Values.configmapReload.prometheus.containerPort }}
{{- end }}
- --reload-url={{ default $default_url .Values.configmapReload.reloadUrl }}
{{- range $key, $value := .Values.configmapReload.prometheus.extraArgs }}
{{- if $value }}
- --{{ $key }}={{ $value }}
{{- else }}
- --{{ $key }}
{{- end }}
{{- end }}
{{- range .Values.configmapReload.prometheus.extraVolumeDirs }}
- --watched-dir={{ . }}
{{- end }}
{{- with .Values.configmapReload.env }}
env:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- if .Values.configmapReload.prometheus.containerPort }}
ports:
- containerPort: {{ .Values.configmapReload.prometheus.containerPort }}
{{- if .Values.configmapReload.prometheus.containerPortName }}
name: {{ .Values.configmapReload.prometheus.containerPortName }}
{{- end }}
{{- end }}
{{- with .Values.configmapReload.prometheus.livenessProbe }}
livenessProbe:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.configmapReload.prometheus.readinessProbe }}
readinessProbe:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- if .Values.configmapReload.prometheus.startupProbe.enabled }}
{{- $startupProbe := omit .Values.configmapReload.prometheus.startupProbe "enabled" }}
startupProbe:
{{- toYaml $startupProbe | nindent 12 }}
{{- end }}
{{- with .Values.configmapReload.prometheus.resources }}
resources:
{{- toYaml . | nindent 12 }}
{{- end }}
volumeMounts:
- name: config-volume
mountPath: /etc/config
readOnly: true
{{- range .Values.configmapReload.prometheus.extraConfigmapMounts }}
- name: {{ $.Values.configmapReload.prometheus.name }}-{{ .name }}
mountPath: {{ .mountPath }}
subPath: {{ .subPath }}
readOnly: {{ .readOnly }}
{{- end }}
{{- with .Values.configmapReload.prometheus.extraVolumeMounts }}
{{ toYaml . | nindent 12 }}
{{- end }}
{{- end }}
- name: {{ template "prometheus.name" . }}-{{ .Values.server.name }}
{{- if .Values.server.image.digest }}
image: "{{ tpl .Values.server.image.repository . }}@{{ tpl .Values.server.image.digest . }}"
{{- else }}
image: "{{ tpl .Values.server.image.repository . }}:{{ tpl .Values.server.image.tag . | default .Chart.AppVersion}}"
{{- end }}
imagePullPolicy: "{{ .Values.server.image.pullPolicy }}"
{{- with .Values.server.command }}
command:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- if .Values.server.env }}
env:
{{ toYaml .Values.server.env | indent 12}}
{{- end }}
args:
{{- if .Values.server.defaultFlagsOverride }}
{{ toYaml .Values.server.defaultFlagsOverride | nindent 12}}
{{- else }}
{{- if .Values.server.retention }}
- --storage.tsdb.retention.time={{ .Values.server.retention }}
{{- end }}
{{- if .Values.server.retentionSize }}
- --storage.tsdb.retention.size={{ .Values.server.retentionSize }}
{{- end }}
- --config.file={{ .Values.server.configPath }}
{{- if .Values.server.storagePath }}
- --storage.tsdb.path={{ .Values.server.storagePath }}
{{- else }}
- --storage.tsdb.path={{ .Values.server.persistentVolume.mountPath }}
{{- end }}
- --web.console.libraries=/etc/prometheus/console_libraries
- --web.console.templates=/etc/prometheus/consoles
{{- range .Values.server.extraFlags }}
- --{{ . }}
{{- end }}
{{- range $key, $value := .Values.server.extraArgs }}
{{- if $value }}
- --{{ $key }}={{ $value }}
{{- else }}
- --{{ $key }}
{{- end }}
{{- end }}
{{- if .Values.server.prefixURL }}
- --web.route-prefix={{ .Values.server.prefixURL }}
{{- end }}
{{- if .Values.server.baseURL }}
- --web.external-url={{ .Values.server.baseURL }}
{{- end }}
{{- end }}
ports:
- containerPort: {{ include "prometheus.port" . }}
{{- if .Values.server.portName }}
name: {{ .Values.server.portName }}
{{- end }}
{{- if .Values.server.hostPort }}
hostPort: {{ .Values.server.hostPort }}
{{- end }}
readinessProbe:
{{- if not .Values.server.tcpSocketProbeEnabled }}
httpGet:
path: {{ .Values.server.prefixURL }}/-/ready
port: {{ default (include "prometheus.port" .) .Values.server.portName }}
scheme: {{ .Values.server.probeScheme }}
{{- with .Values.server.probeHeaders }}
httpHeaders:
{{- toYaml . | nindent 14 }}
{{- end }}
{{- else }}
tcpSocket:
port: {{ default (include "prometheus.port" .) .Values.server.portName }}
{{- end }}
initialDelaySeconds: {{ .Values.server.readinessProbeInitialDelay }}
periodSeconds: {{ .Values.server.readinessProbePeriodSeconds }}
timeoutSeconds: {{ .Values.server.readinessProbeTimeout }}
failureThreshold: {{ .Values.server.readinessProbeFailureThreshold }}
successThreshold: {{ .Values.server.readinessProbeSuccessThreshold }}
livenessProbe:
{{- if not .Values.server.tcpSocketProbeEnabled }}
httpGet:
path: {{ .Values.server.prefixURL }}/-/healthy
port: {{ default (include "prometheus.port" .) .Values.server.portName }}
scheme: {{ .Values.server.probeScheme }}
{{- with .Values.server.probeHeaders }}
httpHeaders:
{{- toYaml . | nindent 14 }}
{{- end }}
{{- else }}
tcpSocket:
port: {{ default (include "prometheus.port" .) .Values.server.portName }}
{{- end }}
initialDelaySeconds: {{ .Values.server.livenessProbeInitialDelay }}
periodSeconds: {{ .Values.server.livenessProbePeriodSeconds }}
timeoutSeconds: {{ .Values.server.livenessProbeTimeout }}
failureThreshold: {{ .Values.server.livenessProbeFailureThreshold }}
successThreshold: {{ .Values.server.livenessProbeSuccessThreshold }}
{{- if .Values.server.startupProbe.enabled }}
startupProbe:
{{- if not .Values.server.tcpSocketProbeEnabled }}
httpGet:
path: {{ .Values.server.prefixURL }}/-/healthy
port: {{ default (include "prometheus.port" .) .Values.server.portName }}
scheme: {{ .Values.server.probeScheme }}
{{- if .Values.server.probeHeaders }}
httpHeaders:
{{- range .Values.server.probeHeaders}}
- name: {{ .name }}
value: {{ .value }}
{{- end }}
{{- end }}
{{- else }}
tcpSocket:
port: {{ default (include "prometheus.port" .) .Values.server.portName }}
{{- end }}
failureThreshold: {{ .Values.server.startupProbe.failureThreshold }}
periodSeconds: {{ .Values.server.startupProbe.periodSeconds }}
timeoutSeconds: {{ .Values.server.startupProbe.timeoutSeconds }}
{{- end }}
{{- with .Values.server.resources }}
resources:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- $storageVolumeName := ternary .Values.server.persistentVolume.statefulSetNameOverride "storage-volume" (and .Values.server.persistentVolume.enabled .Values.server.statefulSet.enabled (not (empty .Values.server.persistentVolume.statefulSetNameOverride))) }}
volumeMounts:
- name: config-volume
mountPath: /etc/config
- name: {{ $storageVolumeName }}
mountPath: {{ .Values.server.persistentVolume.mountPath }}
subPath: "{{ .Values.server.persistentVolume.subPath }}"
{{- range .Values.server.extraHostPathMounts }}
- name: {{ .name }}
mountPath: {{ .mountPath }}
subPath: {{ .subPath }}
readOnly: {{ .readOnly }}
{{- end }}
{{- range .Values.server.extraConfigmapMounts }}
- name: {{ $.Values.server.name }}-{{ .name }}
mountPath: {{ .mountPath }}
subPath: {{ .subPath }}
readOnly: {{ .readOnly }}
{{- end }}
{{- range .Values.server.extraSecretMounts }}
- name: {{ .name }}
mountPath: {{ .mountPath }}
subPath: {{ .subPath }}
readOnly: {{ .readOnly }}
{{- end }}
{{- if .Values.server.extraVolumeMounts }}
{{ toYaml .Values.server.extraVolumeMounts | nindent 12 }}
{{- end }}
{{- with .Values.server.containerSecurityContext }}
securityContext:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- if .Values.server.sidecarContainers }}
{{- range $name, $spec := .Values.server.sidecarContainers }}
- name: {{ $name }}
{{- if kindIs "string" $spec }}
{{- tpl $spec $ | nindent 10 }}
{{- else }}
{{- toYaml $spec | nindent 10 }}
{{- end }}
{{- end }}
{{- end }}
{{- if .Values.server.hostNetwork }}
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
{{- else }}
dnsPolicy: {{ .Values.server.dnsPolicy }}
{{- end }}
{{- if .Values.imagePullSecrets }}
imagePullSecrets:
{{ toYaml .Values.imagePullSecrets | indent 8 }}
{{- end }}
{{- if .Values.server.nodeSelector }}
nodeSelector:
{{ toYaml .Values.server.nodeSelector | indent 8 }}
{{- end }}
{{- if .Values.server.hostAliases }}
hostAliases:
{{ toYaml .Values.server.hostAliases | indent 8 }}
{{- end }}
{{- if .Values.server.dnsConfig }}
dnsConfig:
{{ toYaml .Values.server.dnsConfig | indent 8 }}
{{- end }}
{{- with .Values.server.securityContext }}
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if .Values.server.tolerations }}
tolerations:
{{ toYaml .Values.server.tolerations | indent 8 }}
{{- end }}
{{- if or .Values.server.affinity .Values.server.podAntiAffinity }}
affinity:
{{- end }}
{{- with .Values.server.affinity }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if eq .Values.server.podAntiAffinity "hard" }}
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- topologyKey: {{ .Values.server.podAntiAffinityTopologyKey }}
labelSelector:
matchExpressions:
- {key: app.kubernetes.io/name, operator: In, values: [{{ template "prometheus.name" . }}]}
{{- else if eq .Values.server.podAntiAffinity "soft" }}
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
topologyKey: {{ .Values.server.podAntiAffinityTopologyKey }}
labelSelector:
matchExpressions:
- {key: app.kubernetes.io/name, operator: In, values: [{{ template "prometheus.name" . }}]}
{{- end }}
{{- with .Values.server.topologySpreadConstraints }}
topologySpreadConstraints:
{{- toYaml . | nindent 8 }}
{{- end }}
terminationGracePeriodSeconds: {{ .Values.server.terminationGracePeriodSeconds }}
volumes:
- name: config-volume
{{- if empty .Values.server.configFromSecret }}
configMap:
name: {{ if .Values.server.configMapOverrideName }}{{ .Release.Name }}-{{ .Values.server.configMapOverrideName }}{{- else }}{{ template "prometheus.server.fullname" . }}{{- end }}
{{- else }}
secret:
secretName: {{ .Values.server.configFromSecret }}
{{- end }}
{{- range .Values.server.extraHostPathMounts }}
- name: {{ .name }}
hostPath:
path: {{ .hostPath }}
{{- end }}
{{- range .Values.configmapReload.prometheus.extraConfigmapMounts }}
- name: {{ $.Values.configmapReload.prometheus.name }}-{{ .name }}
configMap:
name: {{ .configMap }}
{{- end }}
{{- range .Values.server.extraConfigmapMounts }}
- name: {{ $.Values.server.name }}-{{ .name }}
configMap:
name: {{ .configMap }}
{{- end }}
{{- range .Values.server.extraSecretMounts }}
- name: {{ .name }}
secret:
secretName: {{ .secretName }}
{{- with .optional }}
optional: {{ . }}
{{- end }}
{{- end }}
{{- range .Values.configmapReload.prometheus.extraConfigmapMounts }}
- name: {{ .name }}
configMap:
name: {{ .configMap }}
{{- with .optional }}
optional: {{ . }}
{{- end }}
{{- end }}
{{- if .Values.server.extraVolumes }}
{{ toYaml .Values.server.extraVolumes | indent 8}}
{{- end }}
{{- if and .Values.server.persistentVolume.enabled (not .Values.server.statefulSet.enabled) }}
- name: {{ $storageVolumeName }}
persistentVolumeClaim:
claimName: {{ if .Values.server.persistentVolume.existingClaim }}{{ .Values.server.persistentVolume.existingClaim }}{{- else }}{{ template "prometheus.server.fullname" . }}{{- end }}
{{- else if not .Values.server.persistentVolume.enabled }}
- name: {{ $storageVolumeName }}
emptyDir:
{{- if or .Values.server.emptyDir.sizeLimit .Values.server.emptyDir.medium }}
{{- if .Values.server.emptyDir.medium }}
medium: {{ .Values.server.emptyDir.medium }}
{{- end }}
{{- if .Values.server.emptyDir.sizeLimit }}
sizeLimit: {{ .Values.server.emptyDir.sizeLimit }}
{{- end }}
{{- else }}
{}
{{- end -}}
{{- end -}}
{{- if and .Values.server.statefulSet.enabled .Values.server.persistentVolume.enabled }}
volumeClaimTemplates:
- apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: {{ $storageVolumeName }}
{{- with .Values.server.persistentVolume.annotations }}
annotations:
{{- toYaml . | nindent 10 }}
{{- end }}
{{- with .Values.server.persistentVolume.labels }}
labels:
{{- toYaml . | nindent 10 }}
{{- end }}
spec:
accessModes:
{{- toYaml .Values.server.persistentVolume.accessModes | nindent 10 }}
resources:
requests:
storage: "{{ .Values.server.persistentVolume.size }}"
{{- if .Values.server.persistentVolume.storageClass }}
{{- if (eq "-" .Values.server.persistentVolume.storageClass) }}
storageClassName: ""
{{- else }}
storageClassName: "{{ .Values.server.persistentVolume.storageClass }}"
{{- end }}
{{- end }}
{{- end }}

4
opencloud/charts/prometheus/templates/extra-manifests.yaml Normal file
View File

@@ -0,0 +1,4 @@
{{ range .Values.extraManifests }}
---
{{ tpl . $ }}
{{ end }}

32
opencloud/charts/prometheus/templates/headless-svc.yaml Normal file
View File

@@ -0,0 +1,32 @@
{{- if .Values.server.statefulSet.enabled -}}
apiVersion: v1
kind: Service
metadata:
{{- if .Values.server.statefulSet.headless.annotations }}
annotations:
{{ toYaml .Values.server.statefulSet.headless.annotations | indent 4 }}
{{- end }}
labels:
{{- include "prometheus.server.labels" . | nindent 4 }}
{{- if .Values.server.statefulSet.headless.labels }}
{{ toYaml .Values.server.statefulSet.headless.labels | indent 4 }}
{{- end }}
name: {{ template "prometheus.server.fullname" . }}-headless
namespace: {{ include "prometheus.namespace" . }}
spec:
clusterIP: None
ports:
- name: http
port: {{ .Values.server.statefulSet.headless.servicePort }}
protocol: TCP
targetPort: {{ default (include "prometheus.port" .) .Values.server.portName }}
{{- if .Values.server.statefulSet.headless.gRPC.enabled }}
- name: grpc
port: {{ .Values.server.statefulSet.headless.gRPC.servicePort }}
protocol: TCP
targetPort: 10901
{{- end }}
selector:
{{- include "prometheus.server.matchLabels" . | nindent 4 }}
{{- end -}}

45
opencloud/charts/prometheus/templates/httproute.yaml Normal file
View File

@@ -0,0 +1,45 @@
{{- range $name, $route := .Values.server.route }}
{{- if $route.enabled }}
---
apiVersion: {{ $route.apiVersion | default "gateway.networking.k8s.io/v1" }}
kind: {{ $route.kind | default "HTTPRoute" }}
metadata:
{{- with $route.annotations }}
annotations: {{ toYaml . | nindent 4 }}
{{- end }}
name: {{ include "prometheus.server.fullname" $ }}
namespace: {{ include "prometheus.namespace" $ }}
labels: {{ include "prometheus.server.labels" $ | nindent 4 }}
{{- with $route.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- with $route.parentRefs }}
parentRefs: {{ toYaml . | nindent 4 }}
{{- end }}
{{- with $route.hostnames }}
hostnames: {{ tpl (toYaml .) $ | nindent 4 }}
{{- end }}
rules:
{{- with $route.additionalRules }}
{{- tpl (toYaml .) $ | nindent 4 }}
{{- end }}
{{- if $route.httpsRedirect }}
- filters:
- type: RequestRedirect
requestRedirect:
scheme: https
statusCode: 301
{{- else }}
- backendRefs:
- name: {{ include "prometheus.server.fullname" $ }}
port: {{ $.Values.server.service.servicePort }}
{{- with $route.filters }}
filters: {{ toYaml . | nindent 8 }}
{{- end }}
{{- with $route.matches }}
matches: {{ toYaml . | nindent 8 }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}

47
opencloud/charts/prometheus/templates/ingress.yaml Normal file
View File

@@ -0,0 +1,47 @@
{{- if .Values.server.ingress.enabled -}}
{{- $releaseName := .Release.Name -}}
{{- $serviceName := include "prometheus.server.fullname" . }}
{{- $servicePort := .Values.server.ingress.servicePort | default .Values.server.service.servicePort -}}
{{- $ingressPath := .Values.server.ingress.path -}}
{{- $ingressPathType := .Values.server.ingress.pathType -}}
{{- $extraPaths := .Values.server.ingress.extraPaths -}}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
{{- if .Values.server.ingress.annotations }}
annotations:
{{ toYaml .Values.server.ingress.annotations | indent 4 }}
{{- end }}
labels:
{{- include "prometheus.server.labels" . | nindent 4 }}
{{- range $key, $value := .Values.server.ingress.extraLabels }}
{{ $key }}: {{ $value }}
{{- end }}
name: {{ template "prometheus.server.fullname" . }}
namespace: {{ include "prometheus.namespace" . }}
spec:
{{- if .Values.server.ingress.ingressClassName }}
ingressClassName: {{ .Values.server.ingress.ingressClassName }}
{{- end }}
rules:
{{- range .Values.server.ingress.hosts }}
{{- $url := splitList "/" . }}
- host: {{ tpl (first $url) $ }}
http:
paths:
{{ if $extraPaths }}
{{ tpl (toYaml $extraPaths | indent 10) $ }}
{{- end }}
- path: {{ tpl ($ingressPath) $ }}
pathType: {{ $ingressPathType }}
backend:
service:
name: {{ $serviceName }}
port:
number: {{ $servicePort }}
{{- end -}}
{{- if .Values.server.ingress.tls }}
tls:
{{ tpl (toYaml .Values.server.ingress.tls | indent 4) $ }}
{{- end -}}
{{- end -}}

16
opencloud/charts/prometheus/templates/network-policy.yaml Normal file
View File

@@ -0,0 +1,16 @@
{{- if .Values.networkPolicy.enabled }}
apiVersion: {{ template "prometheus.networkPolicy.apiVersion" . }}
kind: NetworkPolicy
metadata:
name: {{ template "prometheus.server.fullname" . }}
namespace: {{ include "prometheus.namespace" . }}
labels:
{{- include "prometheus.server.labels" . | nindent 4 }}
spec:
podSelector:
matchLabels:
{{- include "prometheus.server.matchLabels" . | nindent 6 }}
ingress:
- ports:
- port: {{ default (include "prometheus.port" .) .Values.server.portName }}
{{- end }}

26
opencloud/charts/prometheus/templates/pdb.yaml Normal file
View File

@@ -0,0 +1,26 @@
{{- if .Values.server.podDisruptionBudget.enabled }}
{{- $pdbSpec := omit .Values.server.podDisruptionBudget "enabled" }}
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ template "prometheus.server.fullname" . }}
namespace: {{ include "prometheus.namespace" . }}
labels:
{{- include "prometheus.server.labels" . | nindent 4 }}
spec:
selector:
matchLabels:
{{- include "prometheus.server.matchLabels" . | nindent 6 }}
{{- if not (or (hasKey $pdbSpec "minAvailable") (hasKey $pdbSpec "maxUnavailable")) }}
maxUnavailable: 1
{{- end }}
{{- if hasKey $pdbSpec "minAvailable" }}
minAvailable: {{ $pdbSpec.minAvailable }}
{{- end }}
{{- if hasKey $pdbSpec "maxUnavailable" }}
maxUnavailable: {{ $pdbSpec.maxUnavailable }}
{{- end }}
{{- if hasKey $pdbSpec "unhealthyPodEvictionPolicy" }}
unhealthyPodEvictionPolicy: {{ $pdbSpec.unhealthyPodEvictionPolicy }}
{{- end }}
{{- end }}

40
opencloud/charts/prometheus/templates/pvc.yaml Normal file
View File

@@ -0,0 +1,40 @@
{{- if not .Values.server.statefulSet.enabled -}}
{{- if .Values.server.persistentVolume.enabled -}}
{{- if not .Values.server.persistentVolume.existingClaim -}}
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
{{- if .Values.server.persistentVolume.annotations }}
annotations:
{{ toYaml .Values.server.persistentVolume.annotations | indent 4 }}
{{- end }}
labels:
{{- include "prometheus.server.labels" . | nindent 4 }}
{{- with .Values.server.persistentVolume.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
name: {{ template "prometheus.server.fullname" . }}
namespace: {{ include "prometheus.namespace" . }}
spec:
accessModes:
{{ toYaml .Values.server.persistentVolume.accessModes | indent 4 }}
{{- if .Values.server.persistentVolume.storageClass }}
{{- if (eq "-" .Values.server.persistentVolume.storageClass) }}
storageClassName: ""
{{- else }}
storageClassName: "{{ .Values.server.persistentVolume.storageClass }}"
{{- end }}
{{- end }}
resources:
requests:
storage: "{{ .Values.server.persistentVolume.size }}"
{{- if .Values.server.persistentVolume.selector }}
selector:
{{- toYaml .Values.server.persistentVolume.selector | nindent 4 }}
{{- end -}}
{{- if .Values.server.persistentVolume.volumeName }}
volumeName: "{{ .Values.server.persistentVolume.volumeName }}"
{{- end -}}
{{- end -}}
{{- end -}}
{{- end -}}

18
opencloud/charts/prometheus/templates/rolebinding.yaml Normal file
View File

@@ -0,0 +1,18 @@
{{- range include "prometheus.namespaces" . | fromJsonArray }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
labels:
{{- include "prometheus.server.labels" $ | nindent 4 }}
name: {{ template "prometheus.server.fullname" $ }}
namespace: {{ . }}
subjects:
- kind: ServiceAccount
name: {{ template "prometheus.serviceAccountName.server" $ }}
namespace: {{ include "prometheus.namespace" $ }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ $.Values.server.useExistingClusterRoleName }}
{{ end -}}

66
opencloud/charts/prometheus/templates/service.yaml Normal file
View File

@@ -0,0 +1,66 @@
{{- if .Values.server.service.enabled -}}
apiVersion: v1
kind: Service
metadata:
{{- if .Values.server.service.annotations }}
annotations:
{{ toYaml .Values.server.service.annotations | indent 4 }}
{{- end }}
labels:
{{- include "prometheus.server.labels" . | nindent 4 }}
{{- if .Values.server.service.labels }}
{{ toYaml .Values.server.service.labels | indent 4 }}
{{- end }}
name: {{ template "prometheus.server.fullname" . }}
namespace: {{ include "prometheus.namespace" . }}
spec:
{{- if .Values.server.service.clusterIP }}
clusterIP: {{ .Values.server.service.clusterIP }}
{{- end }}
{{- if .Values.server.service.externalIPs }}
externalIPs:
{{ toYaml .Values.server.service.externalIPs | indent 4 }}
{{- end }}
{{- if .Values.server.service.loadBalancerIP }}
loadBalancerIP: {{ .Values.server.service.loadBalancerIP }}
{{- end }}
{{- if .Values.server.service.loadBalancerSourceRanges }}
loadBalancerSourceRanges:
{{- range $cidr := .Values.server.service.loadBalancerSourceRanges }}
- {{ $cidr }}
{{- end }}
{{- end }}
{{- if .Values.server.service.externalTrafficPolicy }}
externalTrafficPolicy: {{ .Values.server.service.externalTrafficPolicy }}
{{- end }}
ports:
- name: http
port: {{ .Values.server.service.servicePort }}
protocol: TCP
targetPort: {{ default (include "prometheus.port" .) .Values.server.portName }}
{{- if ( and (eq .Values.server.service.type "NodePort" ) (not (empty .Values.server.service.nodePort)) ) }}
nodePort: {{ .Values.server.service.nodePort }}
{{- end }}
{{- if .Values.server.service.gRPC.enabled }}
- name: grpc
port: {{ .Values.server.service.gRPC.servicePort }}
protocol: TCP
targetPort: 10901
{{- if ( and (eq .Values.server.service.gRPC.type "NodePort" ) (not (empty .Values.server.service.gRPC.nodePort)) ) }}
nodePort: {{ .Values.server.service.gRPC.nodePort }}
{{- end }}
{{- end }}
{{- if .Values.server.service.additionalPorts }}
{{ toYaml .Values.server.service.additionalPorts | indent 4 }}
{{- end }}
selector:
{{- if and .Values.server.statefulSet.enabled .Values.server.service.statefulsetReplica.enabled }}
statefulset.kubernetes.io/pod-name: {{ template "prometheus.server.fullname" . }}-{{ .Values.server.service.statefulsetReplica.replica }}
{{- else -}}
{{- include "prometheus.server.matchLabels" . | nindent 4 }}
{{- if .Values.server.service.sessionAffinity }}
sessionAffinity: {{ .Values.server.service.sessionAffinity }}
{{- end }}
{{- end }}
type: "{{ .Values.server.service.type }}"
{{- end -}}

16
opencloud/charts/prometheus/templates/serviceaccount.yaml Normal file
View File

@@ -0,0 +1,16 @@
{{- if .Values.serviceAccounts.server.create }}
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
{{- include "prometheus.server.labels" . | nindent 4 }}
name: {{ template "prometheus.serviceAccountName.server" . }}
namespace: {{ include "prometheus.namespace" . }}
annotations:
{{ toYaml .Values.serviceAccounts.server.annotations | indent 4 }}
{{- if kindIs "bool" .Values.server.automountServiceAccountToken }}
automountServiceAccountToken: {{ .Values.server.automountServiceAccountToken }}
{{- else if kindIs "bool" .Values.serviceAccounts.server.automountServiceAccountToken }}
automountServiceAccountToken: {{ .Values.serviceAccounts.server.automountServiceAccountToken }}
{{- end }}
{{- end }}

22
opencloud/charts/prometheus/templates/vpa.yaml Normal file
View File

@@ -0,0 +1,22 @@
{{- if .Values.server.verticalAutoscaler.enabled -}}
apiVersion: autoscaling.k8s.io/v1
kind: VerticalPodAutoscaler
metadata:
name: {{ template "prometheus.server.fullname" . }}-vpa
namespace: {{ include "prometheus.namespace" . }}
labels:
{{- include "prometheus.server.labels" . | nindent 4 }}
spec:
targetRef:
apiVersion: "apps/v1"
{{- if .Values.server.statefulSet.enabled }}
kind: StatefulSet
{{- else }}
kind: Deployment
{{- end }}
name: {{ template "prometheus.server.fullname" . }}
updatePolicy:
updateMode: {{ .Values.server.verticalAutoscaler.updateMode | default "Off" | quote }}
resourcePolicy:
containerPolicies: {{ .Values.server.verticalAutoscaler.containerPolicies | default list | toYaml | trim | nindent 4 }}
{{- end -}}