UNCLASSIFIED - NO CUI

Skip to content
Snippets Groups Projects
Commit a8c7db58 authored by joshwolf's avatar joshwolf
Browse files

Merge branch 'monitoring' into 'master'

refactor `kube-prometheus-stack` into `monitoring` chart

* refactor to `monitoring` chart
* point monitoring to `master`
* remove flimsy conditional check for IPS and just _always_ set IPS, rely on IPS graceful fallbacks (to system creds) if not present
* lint

See merge request platform-one/big-bang/umbrella!29
parents 2c2fac96 7d8b0620
No related branches found
No related tags found
1 merge request!29refactor `kube-prometheus-stack` into `monitoring` chart
Pipeline #73958 passed
Showing with 30 additions and 59 deletions
......@@ -14,6 +14,7 @@ spec:
kind: GitRepository
name: cluster-auditor
namespace: {{ .Release.Namespace }}
{{- with .Values.flux }}
interval: {{ .interval }}
test:
......@@ -30,15 +31,16 @@ spec:
timeout: {{ .rollback.timeout }}
cleanupOnFail: {{ .rollback.cleanupOnFail }}
{{- end }}
valuesFrom:
- name: values
kind: Secret
valuesKey: "clusterauditor.yaml"
values:
#conversion from umbrella values to package values
{{- if and (ne .Values.registryCredentials.username "") (ne .Values.registryCredentials.password "") }}
imagePullSecrets: [ private-registry ]
{{- end }}
valuesFrom:
- name: values
kind: Secret
valuesKey: "clusterauditor.yaml"
dependsOn:
- name: ek
namespace: {{ .Release.Namespace }}
......
......@@ -31,10 +31,12 @@ spec:
timeout: {{ .rollback.timeout }}
cleanupOnFail: {{ .rollback.cleanupOnFail }}
{{- end }}
valuesFrom:
- name: values
kind: Secret
valuesKey: "clusterauditor.yaml"
{{- if .Values.gatekeeper.enabled }}
dependsOn:
- name: gatekeeper
......
......@@ -43,7 +43,6 @@ spec:
release: v3.1.2
disableValidatingWebhook: true
createNamespace: false
{{- if and (ne .Values.registryCredentials.username "") (ne .Values.registryCredentials.password "") }}
imagePullSecrets: [ private-registry ]
{{- end }}
imagePullSecrets:
- name: private-registry
{{- end }}
\ No newline at end of file
......@@ -36,12 +36,12 @@ spec:
- name: values
kind: Secret
valuesKey: "istio.yaml"
values:
hostname: {{ .Values.hostname }}
{{- if and (ne .Values.registryCredentials.username "") (ne .Values.registryCredentials.password "") }}
imagePullSecrets: [ private-registry ]
{{- end }}
imagePullSecrets:
- private-registry
dependsOn:
- name: istio-operator
......
......@@ -37,9 +37,8 @@ spec:
tag: 1.7.3
createNamespace: false
{{- if and (ne .Values.registryCredentials.username "") (ne .Values.registryCredentials.password "") }}
imagePullSecrets: [ private-registry ]
{{- end }}
imagePullSecrets:
- name: private-registry
{{- if .Values.gatekeeper.enabled }}
dependsOn:
......
......@@ -43,18 +43,14 @@ spec:
kibana:
version: 7.9.2
{{- if and (ne .Values.registryCredentials.username "") (ne .Values.registryCredentials.password "") }}
imagePullSecrets:
- name: private-registry
{{- end }}
elasticsearch:
version: 7.9.2
{{- if and (ne .Values.registryCredentials.username "") (ne .Values.registryCredentials.password "") }}
imagePullSecrets:
- name: private-registry
{{- end }}
{{/* ECK and Logging _always_ depend on .Values.logging being enabled, so can assume they exist here */}}
dependsOn:
......
......@@ -38,10 +38,8 @@ spec:
password:
secret: "logging-ek-es-elastic-user"
{{- if and (ne .Values.registryCredentials.username "") (ne .Values.registryCredentials.password "") }}
imagePullSecrets:
- name: private-registry
{{- end }}
{{/* ECK and Logging _always_ depend on .Values.logging being enabled, so can assume they exist here */}}
dependsOn:
......
......@@ -8,7 +8,7 @@ spec:
targetNamespace: monitoring
chart:
spec:
chart: charts/kube-prometheus-stack
chart: chart
interval: 5m
sourceRef:
kind: GitRepository
......@@ -38,50 +38,29 @@ spec:
valuesKey: "monitoring.yaml"
values:
fullnameOverride: monitoring
global:
imagePullSecrets:
- name: private-registry
alertmanager:
alertmanagerSpec:
image:
repository: registry1.dsop.io/ironbank/opensource/prometheus/alertmanager
tag: v0.21.0
enabled: true
grafana:
# https://github.com/grafana/helm-charts/blob/main/charts/grafana/templates/_pod.tpl#L148-L151
image:
repository: registry1.dsop.io/ironbank/opensource/grafana/grafana
tag: 7.1.3-1
pullSecrets:
- private-registry
enabled: true
prometheus:
enabled: true
prometheusSpec:
# service port naming conventions
portName: http-web
prometheusOperator:
image:
repository: registry1.dsop.io/ironbank/opensource/coreos/prometheus-operator
tag: v0.42.1
configmapReloadImage:
repository: registry1.dsop.io/ironbank/opensource/jimmidyson/configmap-reload
tag: v0.4.0
createCustomResource: true
enabled: true
manageCrds: true
# TODO: DRY this up
{{- if .Values.gatekeeper.enabled }}
{{- if or .Values.gatekeeper.enabled .Values.istio.enabled }}
dependsOn:
{{- if .Values.istio.enabled }}
- name: istio
namespace: {{ .Release.Namespace }}
{{- end }}
{{- if .Values.gatekeeper.enabled }}
- name: gatekeeper
namespace: {{ .Release.Namespace }}
{{- end }}
{{- end }}
{{- end }}
\ No newline at end of file
......@@ -62,7 +62,7 @@ monitoring:
enabled: true
git:
repo: https://repo1.dsop.io/platform-one/big-bang/apps/core/monitoring.git
branch: release-v0.2.x
branch: master
# commit: ""
# tag: ""
values: {}
......
......@@ -8,11 +8,3 @@ resources:
patchesStrategicMerge:
- patch-bigbang.yaml
- |-
apiVersion: source.toolkit.fluxcd.io/v1beta1
kind: GitRepository
metadata:
name: bigbang
spec:
ref:
branch: valuesfrom
\ No newline at end of file
......@@ -14,6 +14,10 @@ spec:
rollback:
cleanupOnFail: false
# clusterAuditor:
# monitoring:
logging:
# Directly modify chart values for dev workloads
values:
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment