feat: add full kube-prometheus-stack helm chart manifests and templates
This commit is contained in:
@@ -0,0 +1,29 @@
|
||||
1. Get the application URL by running these commands:
|
||||
{{- if contains "NodePort" .Values.service.type }}
|
||||
export NODE_PORT=$(kubectl get --namespace {{ template "prometheus-node-exporter.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "prometheus-node-exporter.fullname" . }})
|
||||
export NODE_IP=$(kubectl get nodes --namespace {{ template "prometheus-node-exporter.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
|
||||
echo http://$NODE_IP:$NODE_PORT
|
||||
{{- else if contains "LoadBalancer" .Values.service.type }}
|
||||
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
|
||||
You can watch the status of by running 'kubectl get svc -w {{ template "prometheus-node-exporter.fullname" . }}'
|
||||
export SERVICE_IP=$(kubectl get svc --namespace {{ template "prometheus-node-exporter.namespace" . }} {{ template "prometheus-node-exporter.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
|
||||
echo http://$SERVICE_IP:{{ .Values.service.port }}
|
||||
{{- else if contains "ClusterIP" .Values.service.type }}
|
||||
export POD_NAME=$(kubectl get pods --namespace {{ template "prometheus-node-exporter.namespace" . }} -l "app.kubernetes.io/name={{ template "prometheus-node-exporter.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
|
||||
echo "Visit http://127.0.0.1:9100 to use your application"
|
||||
kubectl port-forward --namespace {{ template "prometheus-node-exporter.namespace" . }} $POD_NAME 9100
|
||||
{{- end }}
|
||||
|
||||
{{- if .Values.kubeRBACProxy.enabled}}
|
||||
|
||||
kube-rbac-proxy endpoint protections is enabled:
|
||||
- Metrics endpoints is now HTTPS
|
||||
- Ensure that the client authenticates the requests (e.g. via service account) with the following role permissions:
|
||||
```
|
||||
rules:
|
||||
- apiGroups: [ "" ]
|
||||
resources: ["services/{{ template "prometheus-node-exporter.fullname" . }}"]
|
||||
verbs:
|
||||
- get
|
||||
```
|
||||
{{- end }}
|
||||
@@ -0,0 +1,237 @@
|
||||
{{/* vim: set filetype=mustache: */}}
|
||||
{{/*
|
||||
Expand the name of the chart.
|
||||
*/}}
|
||||
{{- define "prometheus-node-exporter.name" -}}
|
||||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
If release name contains chart name it will be used as a full name.
|
||||
*/}}
|
||||
{{- define "prometheus-node-exporter.fullname" -}}
|
||||
{{- if .Values.fullnameOverride }}
|
||||
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
|
||||
{{- else }}
|
||||
{{- $name := default .Chart.Name .Values.nameOverride }}
|
||||
{{- if contains $name .Release.Name }}
|
||||
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
|
||||
{{- else }}
|
||||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create chart name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "prometheus-node-exporter.chart" -}}
|
||||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Common labels
|
||||
*/}}
|
||||
{{- define "prometheus-node-exporter.labels" -}}
|
||||
helm.sh/chart: {{ include "prometheus-node-exporter.chart" . }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/component: metrics
|
||||
app.kubernetes.io/part-of: {{ include "prometheus-node-exporter.name" . }}
|
||||
{{ include "prometheus-node-exporter.selectorLabels" . }}
|
||||
{{- with .Chart.AppVersion }}
|
||||
app.kubernetes.io/version: {{ . | quote }}
|
||||
{{- end }}
|
||||
{{- with .Values.commonLabels }}
|
||||
{{ tpl (toYaml .) $ }}
|
||||
{{- end }}
|
||||
{{- if .Values.releaseLabel }}
|
||||
release: {{ .Release.Name }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Selector labels
|
||||
*/}}
|
||||
{{- define "prometheus-node-exporter.selectorLabels" -}}
|
||||
app.kubernetes.io/name: {{ include "prometheus-node-exporter.name" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
{{- end }}
|
||||
|
||||
|
||||
{{/*
|
||||
Create the name of the service account to use
|
||||
*/}}
|
||||
{{- define "prometheus-node-exporter.serviceAccountName" -}}
|
||||
{{- if .Values.serviceAccount.create }}
|
||||
{{- default (include "prometheus-node-exporter.fullname" .) .Values.serviceAccount.name }}
|
||||
{{- else }}
|
||||
{{- default "default" .Values.serviceAccount.name }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
The image to use
|
||||
*/}}
|
||||
{{- define "prometheus-node-exporter.image" -}}
|
||||
{{- if .Values.image.sha }}
|
||||
{{- fail "image.sha forbidden. Use image.digest instead" }}
|
||||
{{- else if .Values.image.digest }}
|
||||
{{- if .Values.global.imageRegistry }}
|
||||
{{- printf "%s/%s:%s@%s" .Values.global.imageRegistry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) .Values.image.digest }}
|
||||
{{- else }}
|
||||
{{- printf "%s/%s:%s@%s" .Values.image.registry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) .Values.image.digest }}
|
||||
{{- end }}
|
||||
{{- else }}
|
||||
{{- if .Values.global.imageRegistry }}
|
||||
{{- printf "%s/%s:%s" .Values.global.imageRegistry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) }}
|
||||
{{- else }}
|
||||
{{- printf "%s/%s:%s" .Values.image.registry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Allow the release namespace to be overridden for multi-namespace deployments in combined charts
|
||||
*/}}
|
||||
{{- define "prometheus-node-exporter.namespace" -}}
|
||||
{{- if .Values.namespaceOverride }}
|
||||
{{- .Values.namespaceOverride }}
|
||||
{{- else }}
|
||||
{{- .Release.Namespace }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create the namespace name of the service monitor
|
||||
*/}}
|
||||
{{- define "prometheus-node-exporter.monitor-namespace" -}}
|
||||
{{- if .Values.namespaceOverride }}
|
||||
{{- .Values.namespaceOverride }}
|
||||
{{- else }}
|
||||
{{- if .Values.prometheus.monitor.namespace }}
|
||||
{{- .Values.prometheus.monitor.namespace }}
|
||||
{{- else }}
|
||||
{{- .Release.Namespace }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/* Sets default scrape limits for servicemonitor */}}
|
||||
{{- define "servicemonitor.scrapeLimits" -}}
|
||||
{{- with .sampleLimit }}
|
||||
sampleLimit: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .targetLimit }}
|
||||
targetLimit: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .labelLimit }}
|
||||
labelLimit: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .labelNameLengthLimit }}
|
||||
labelNameLengthLimit: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .labelValueLengthLimit }}
|
||||
labelValueLengthLimit: {{ . }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Formats imagePullSecrets. Input is (dict "Values" .Values "imagePullSecrets" .{specific imagePullSecrets})
|
||||
*/}}
|
||||
{{- define "prometheus-node-exporter.imagePullSecrets" -}}
|
||||
{{- range (concat .Values.global.imagePullSecrets .imagePullSecrets) }}
|
||||
{{- if eq (typeOf .) "map[string]interface {}" }}
|
||||
- {{ toYaml . | trim }}
|
||||
{{- else }}
|
||||
- name: {{ . }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create the namespace name of the pod monitor
|
||||
*/}}
|
||||
{{- define "prometheus-node-exporter.podmonitor-namespace" -}}
|
||||
{{- if .Values.namespaceOverride }}
|
||||
{{- .Values.namespaceOverride }}
|
||||
{{- else }}
|
||||
{{- if .Values.prometheus.podMonitor.namespace }}
|
||||
{{- .Values.prometheus.podMonitor.namespace }}
|
||||
{{- else }}
|
||||
{{- .Release.Namespace }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/* Sets default scrape limits for podmonitor */}}
|
||||
{{- define "podmonitor.scrapeLimits" -}}
|
||||
{{- with .sampleLimit }}
|
||||
sampleLimit: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .targetLimit }}
|
||||
targetLimit: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .labelLimit }}
|
||||
labelLimit: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .labelNameLengthLimit }}
|
||||
labelNameLengthLimit: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .labelValueLengthLimit }}
|
||||
labelValueLengthLimit: {{ . }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/* Sets sidecar volumeMounts */}}
|
||||
{{- define "prometheus-node-exporter.sidecarVolumeMounts" -}}
|
||||
{{- range $_, $mount := $.Values.sidecarVolumeMount }}
|
||||
- name: {{ $mount.name }}
|
||||
mountPath: {{ $mount.mountPath }}
|
||||
readOnly: {{ $mount.readOnly }}
|
||||
{{- end }}
|
||||
{{- range $_, $mount := $.Values.sidecarHostVolumeMounts }}
|
||||
- name: {{ $mount.name }}
|
||||
mountPath: {{ $mount.mountPath }}
|
||||
readOnly: {{ $mount.readOnly }}
|
||||
{{- if $mount.mountPropagation }}
|
||||
mountPropagation: {{ $mount.mountPropagation }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
The default node affinity to exclude
|
||||
- AWS Fargate
|
||||
- Azure virtual nodes
|
||||
*/}}
|
||||
{{- define "prometheus-node-exporter.defaultAffinity" -}}
|
||||
nodeAffinity:
|
||||
requiredDuringSchedulingIgnoredDuringExecution:
|
||||
nodeSelectorTerms:
|
||||
- matchExpressions:
|
||||
- key: eks.amazonaws.com/compute-type
|
||||
operator: NotIn
|
||||
values:
|
||||
- fargate
|
||||
- key: type
|
||||
operator: NotIn
|
||||
values:
|
||||
- virtual-kubelet
|
||||
{{- end -}}
|
||||
{{- define "prometheus-node-exporter.mergedAffinities" -}}
|
||||
{{- $defaultAffinity := include "prometheus-node-exporter.defaultAffinity" . | fromYaml -}}
|
||||
{{- with .Values.affinity -}}
|
||||
{{- if .nodeAffinity -}}
|
||||
{{- $_ := set $defaultAffinity "nodeAffinity" (mergeOverwrite $defaultAffinity.nodeAffinity .nodeAffinity) -}}
|
||||
{{- end -}}
|
||||
{{- if .podAffinity -}}
|
||||
{{- $_ := set $defaultAffinity "podAffinity" .podAffinity -}}
|
||||
{{- end -}}
|
||||
{{- if .podAntiAffinity -}}
|
||||
{{- $_ := set $defaultAffinity "podAntiAffinity" .podAntiAffinity -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- toYaml $defaultAffinity -}}
|
||||
{{- end -}}
|
||||
@@ -0,0 +1,19 @@
|
||||
{{- if and (eq .Values.rbac.create true) (eq .Values.kubeRBACProxy.enabled true) -}}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: {{ include "prometheus-node-exporter.fullname" . }}
|
||||
labels:
|
||||
{{- include "prometheus-node-exporter.labels" . | nindent 4 }}
|
||||
rules:
|
||||
{{- if $.Values.kubeRBACProxy.enabled }}
|
||||
- apiGroups: [ "authentication.k8s.io" ]
|
||||
resources:
|
||||
- tokenreviews
|
||||
verbs: [ "create" ]
|
||||
- apiGroups: [ "authorization.k8s.io" ]
|
||||
resources:
|
||||
- subjectaccessreviews
|
||||
verbs: [ "create" ]
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
@@ -0,0 +1,20 @@
|
||||
{{- if and (eq .Values.rbac.create true) (eq .Values.kubeRBACProxy.enabled true) -}}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
labels:
|
||||
{{- include "prometheus-node-exporter.labels" . | nindent 4 }}
|
||||
name: {{ template "prometheus-node-exporter.fullname" . }}
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
{{- if .Values.rbac.useExistingRole }}
|
||||
name: {{ .Values.rbac.useExistingRole }}
|
||||
{{- else }}
|
||||
name: {{ template "prometheus-node-exporter.fullname" . }}
|
||||
{{- end }}
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ template "prometheus-node-exporter.serviceAccountName" . }}
|
||||
namespace: {{ template "prometheus-node-exporter.namespace" . }}
|
||||
{{- end -}}
|
||||
@@ -0,0 +1,402 @@
|
||||
apiVersion: apps/v1
|
||||
kind: DaemonSet
|
||||
metadata:
|
||||
name: {{ include "prometheus-node-exporter.fullname" . }}
|
||||
namespace: {{ include "prometheus-node-exporter.namespace" . }}
|
||||
labels:
|
||||
{{- include "prometheus-node-exporter.labels" . | nindent 4 }}
|
||||
{{- with .Values.daemonsetAnnotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
{{- include "prometheus-node-exporter.selectorLabels" . | nindent 6 }}
|
||||
revisionHistoryLimit: {{ .Values.revisionHistoryLimit }}
|
||||
{{- with .Values.updateStrategy }}
|
||||
updateStrategy:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
template:
|
||||
metadata:
|
||||
{{- with .Values.podAnnotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
labels:
|
||||
{{- include "prometheus-node-exporter.labels" . | nindent 8 }}
|
||||
{{- with .Values.podLabels }}
|
||||
{{- tpl (toYaml .) $ | nindent 8 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
automountServiceAccountToken: {{ ternary true false (or .Values.serviceAccount.automountServiceAccountToken .Values.kubeRBACProxy.enabled) }}
|
||||
{{- with .Values.securityContext }}
|
||||
securityContext:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.priorityClassName }}
|
||||
priorityClassName: {{ . }}
|
||||
{{- end }}
|
||||
{{- $fixes := .Values.permissionInitContainer.fixes -}}
|
||||
{{- $fixesEnabled := or $fixes.rapl $fixes.slabinfo (not (empty .Values.permissionInitContainer.extraCommands)) -}}
|
||||
{{- if or .Values.extraInitContainers $fixesEnabled }}
|
||||
initContainers:
|
||||
{{- if .Values.extraInitContainers }}
|
||||
{{- toYaml .Values.extraInitContainers | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if $fixesEnabled }}
|
||||
- name: permission-fix
|
||||
{{- with .Values.permissionInitContainer.image }}
|
||||
{{- if .sha }}
|
||||
image: "{{ $.Values.global.imageRegistry | default .registry}}/{{ .repository }}:{{ .tag }}@sha256:{{ .sha }}"
|
||||
{{- else }}
|
||||
image: "{{ $.Values.global.imageRegistry | default .registry}}/{{ .repository }}:{{ .tag }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
imagePullPolicy: {{ .Values.permissionInitContainer.image.pullPolicy }}
|
||||
securityContext:
|
||||
{{- toYaml .Values.permissionInitContainer.securityContext | nindent 12 }}
|
||||
command:
|
||||
- /bin/sh
|
||||
- -c
|
||||
- |
|
||||
{{- if $fixes.rapl }}
|
||||
powercap_path="/host/sys/devices/virtual/powercap"
|
||||
if [ -d "$powercap_path" ]; then
|
||||
find "$powercap_path" -name energy_uj -exec chown root:{{ .Values.securityContext.runAsGroup }} {} + -exec chmod g+r -R {} +
|
||||
fi
|
||||
{{- end }}
|
||||
{{- if $fixes.slabinfo }}
|
||||
slabinfo_path="/host/proc/slabinfo"
|
||||
if [ -f "$slabinfo_path" ]; then
|
||||
chown root:{{ .Values.securityContext.runAsGroup }} "$slabinfo_path" && chmod g+r "$slabinfo_path"
|
||||
fi
|
||||
{{- end }}
|
||||
{{- range .Values.permissionInitContainer.extraCommands }}
|
||||
{{ . }}
|
||||
{{- end }}
|
||||
volumeMounts:
|
||||
{{- if $fixes.rapl }}
|
||||
- name: sys
|
||||
mountPath: /host/sys
|
||||
readOnly: false
|
||||
{{- end }}
|
||||
{{- if $fixes.slabinfo }}
|
||||
- name: proc
|
||||
mountPath: /host/proc
|
||||
readOnly: false
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
serviceAccountName: {{ include "prometheus-node-exporter.serviceAccountName" . }}
|
||||
{{- with .Values.terminationGracePeriodSeconds }}
|
||||
terminationGracePeriodSeconds: {{ . }}
|
||||
{{- end }}
|
||||
containers:
|
||||
{{- $servicePort := ternary .Values.kubeRBACProxy.port .Values.service.port .Values.kubeRBACProxy.enabled }}
|
||||
{{- $servicePortReference := ternary .Values.kubeRBACProxy.port .Values.service.portName .Values.kubeRBACProxy.enabled }}
|
||||
- name: node-exporter
|
||||
image: {{ include "prometheus-node-exporter.image" . }}
|
||||
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
||||
args:
|
||||
- --path.procfs=/host/proc
|
||||
- --path.sysfs=/host/sys
|
||||
{{- if .Values.hostRootFsMount.enabled }}
|
||||
- --path.rootfs=/host/root
|
||||
{{- if semverCompare ">=1.4.0-0" (coalesce .Values.version .Values.image.tag .Chart.AppVersion) }}
|
||||
- --path.udev.data=/host/root/run/udev/data
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
- --web.listen-address=[$(HOST_IP)]:{{ $servicePort }}
|
||||
{{- with .Values.extraArgs }}
|
||||
{{- toYaml . | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- with .Values.containerSecurityContext }}
|
||||
securityContext:
|
||||
{{- toYaml . | nindent 12 }}
|
||||
{{- end }}
|
||||
env:
|
||||
- name: HOST_IP
|
||||
{{- if .Values.kubeRBACProxy.enabled }}
|
||||
value: 127.0.0.1
|
||||
{{- else if .Values.service.listenOnAllInterfaces }}
|
||||
value: 0.0.0.0
|
||||
{{- else }}
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
apiVersion: v1
|
||||
fieldPath: status.hostIP
|
||||
{{- end }}
|
||||
{{- range $key, $value := .Values.env }}
|
||||
- name: {{ $key }}
|
||||
value: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- if eq .Values.kubeRBACProxy.enabled false }}
|
||||
ports:
|
||||
- name: {{ .Values.service.portName }}
|
||||
containerPort: {{ .Values.service.port }}
|
||||
protocol: TCP
|
||||
{{- end }}
|
||||
livenessProbe:
|
||||
failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
|
||||
httpGet:
|
||||
{{- if .Values.kubeRBACProxy.enabled }}
|
||||
host: 127.0.0.1
|
||||
{{- end }}
|
||||
httpHeaders:
|
||||
{{- range $_, $header := .Values.livenessProbe.httpGet.httpHeaders }}
|
||||
- name: {{ $header.name }}
|
||||
value: {{ $header.value }}
|
||||
{{- end }}
|
||||
path: /
|
||||
port: {{ $servicePortReference }}
|
||||
scheme: {{ upper .Values.livenessProbe.httpGet.scheme }}
|
||||
initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
|
||||
periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
|
||||
successThreshold: {{ .Values.livenessProbe.successThreshold }}
|
||||
timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
|
||||
readinessProbe:
|
||||
failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
|
||||
httpGet:
|
||||
{{- if .Values.kubeRBACProxy.enabled }}
|
||||
host: 127.0.0.1
|
||||
{{- end }}
|
||||
httpHeaders:
|
||||
{{- range $_, $header := .Values.readinessProbe.httpGet.httpHeaders }}
|
||||
- name: {{ $header.name }}
|
||||
value: {{ $header.value }}
|
||||
{{- end }}
|
||||
path: /
|
||||
port: {{ $servicePortReference }}
|
||||
scheme: {{ upper .Values.readinessProbe.httpGet.scheme }}
|
||||
initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
|
||||
periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
|
||||
successThreshold: {{ .Values.readinessProbe.successThreshold }}
|
||||
timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
|
||||
{{- with .Values.resources }}
|
||||
resources:
|
||||
{{- toYaml . | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.terminationMessageParams.enabled }}
|
||||
{{- with .Values.terminationMessageParams }}
|
||||
terminationMessagePath: {{ .terminationMessagePath }}
|
||||
terminationMessagePolicy: {{ .terminationMessagePolicy }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
volumeMounts:
|
||||
- name: proc
|
||||
mountPath: /host/proc
|
||||
{{- with .Values.hostProcFsMount.mountPropagation }}
|
||||
mountPropagation: {{ . }}
|
||||
{{- end }}
|
||||
readOnly: true
|
||||
- name: sys
|
||||
mountPath: /host/sys
|
||||
{{- with .Values.hostSysFsMount.mountPropagation }}
|
||||
mountPropagation: {{ . }}
|
||||
{{- end }}
|
||||
readOnly: true
|
||||
{{- if .Values.hostRootFsMount.enabled }}
|
||||
- name: root
|
||||
mountPath: /host/root
|
||||
{{- with .Values.hostRootFsMount.mountPropagation }}
|
||||
mountPropagation: {{ . }}
|
||||
{{- end }}
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
{{- range $_, $mount := .Values.extraHostVolumeMounts }}
|
||||
- name: {{ $mount.name }}
|
||||
mountPath: {{ $mount.mountPath }}
|
||||
readOnly: {{ $mount.readOnly }}
|
||||
{{- with $mount.mountPropagation }}
|
||||
mountPropagation: {{ . }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- range $_, $mount := .Values.sidecarVolumeMount }}
|
||||
- name: {{ $mount.name }}
|
||||
mountPath: {{ $mount.mountPath }}
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
{{- range $_, $mount := .Values.configmaps }}
|
||||
- name: {{ $mount.name }}
|
||||
mountPath: {{ $mount.mountPath }}
|
||||
{{- end }}
|
||||
{{- range $_, $mount := .Values.secrets }}
|
||||
- name: {{ .name }}
|
||||
mountPath: {{ .mountPath }}
|
||||
{{- end }}
|
||||
{{- with .Values.extraVolumeMounts }}
|
||||
{{- toYaml . | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- range .Values.sidecars }}
|
||||
{{- $overwrites := dict "volumeMounts" (concat (include "prometheus-node-exporter.sidecarVolumeMounts" $ | fromYamlArray) (.volumeMounts | default list) | default list) }}
|
||||
{{- $defaults := dict "image" (include "prometheus-node-exporter.image" $) "securityContext" $.Values.containerSecurityContext "imagePullPolicy" $.Values.image.pullPolicy }}
|
||||
- {{- toYaml (merge $overwrites . $defaults) | nindent 10 }}
|
||||
{{- end }}
|
||||
{{- if .Values.kubeRBACProxy.enabled }}
|
||||
- name: kube-rbac-proxy
|
||||
args:
|
||||
{{- if .Values.kubeRBACProxy.extraArgs }}
|
||||
{{- .Values.kubeRBACProxy.extraArgs | toYaml | nindent 12 }}
|
||||
{{- end }}
|
||||
- --secure-listen-address=:{{ .Values.service.port}}
|
||||
- --upstream=http://127.0.0.1:{{ $servicePort }}/
|
||||
- --proxy-endpoints-port={{ .Values.kubeRBACProxy.proxyEndpointsPort }}
|
||||
- --config-file=/etc/kube-rbac-proxy-config/config-file.yaml
|
||||
{{- if and .Values.kubeRBACProxy.tls.enabled .Values.tlsSecret.enabled }}
|
||||
- --tls-cert-file=/tls/private/{{ .Values.tlsSecret.certItem }}
|
||||
- --tls-private-key-file=/tls/private/{{ .Values.tlsSecret.keyItem }}
|
||||
{{- if and .Values.kubeRBACProxy.tls.tlsClientAuth .Values.tlsSecret.caItem }}
|
||||
- --client-ca-file=/tls/private/{{ .Values.tlsSecret.caItem }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
volumeMounts:
|
||||
- name: kube-rbac-proxy-config
|
||||
mountPath: /etc/kube-rbac-proxy-config
|
||||
{{- if and .Values.kubeRBACProxy.tls.enabled .Values.tlsSecret.enabled }}
|
||||
- name: {{ tpl .Values.tlsSecret.volumeName . | quote }}
|
||||
mountPath: /tls/private
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
{{- with .Values.kubeRBACProxy.extraVolumeMounts }}
|
||||
{{- toYaml . | nindent 12 }}
|
||||
{{- end }}
|
||||
imagePullPolicy: {{ .Values.kubeRBACProxy.image.pullPolicy }}
|
||||
{{- if .Values.kubeRBACProxy.image.sha }}
|
||||
image: "{{ .Values.global.imageRegistry | default .Values.kubeRBACProxy.image.registry}}/{{ .Values.kubeRBACProxy.image.repository }}:{{ .Values.kubeRBACProxy.image.tag }}@sha256:{{ .Values.kubeRBACProxy.image.sha }}"
|
||||
{{- else }}
|
||||
image: "{{ .Values.global.imageRegistry | default .Values.kubeRBACProxy.image.registry}}/{{ .Values.kubeRBACProxy.image.repository }}:{{ .Values.kubeRBACProxy.image.tag }}"
|
||||
{{- end }}
|
||||
ports:
|
||||
- containerPort: {{ .Values.service.port}}
|
||||
name: {{ .Values.kubeRBACProxy.portName }}
|
||||
{{- if .Values.kubeRBACProxy.enableHostPort }}
|
||||
hostPort: {{ .Values.service.port }}
|
||||
{{- end }}
|
||||
- containerPort: {{ .Values.kubeRBACProxy.proxyEndpointsPort }}
|
||||
{{- if .Values.kubeRBACProxy.enableProxyEndpointsHostPort }}
|
||||
hostPort: {{ .Values.kubeRBACProxy.proxyEndpointsPort }}
|
||||
{{- end }}
|
||||
name: "http-healthz"
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
scheme: HTTPS
|
||||
port: {{ .Values.kubeRBACProxy.proxyEndpointsPort }}
|
||||
path: healthz
|
||||
initialDelaySeconds: 5
|
||||
timeoutSeconds: 5
|
||||
{{- if .Values.kubeRBACProxy.resources }}
|
||||
resources:
|
||||
{{- toYaml .Values.kubeRBACProxy.resources | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.terminationMessageParams.enabled }}
|
||||
{{- with .Values.terminationMessageParams }}
|
||||
terminationMessagePath: {{ .terminationMessagePath }}
|
||||
terminationMessagePolicy: {{ .terminationMessagePolicy }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- with .Values.kubeRBACProxy.env }}
|
||||
env:
|
||||
{{- range $key, $value := $.Values.kubeRBACProxy.env }}
|
||||
- name: {{ $key }}
|
||||
value: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.kubeRBACProxy.containerSecurityContext }}
|
||||
securityContext:
|
||||
{{ toYaml .Values.kubeRBACProxy.containerSecurityContext | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if or .Values.imagePullSecrets .Values.global.imagePullSecrets }}
|
||||
imagePullSecrets:
|
||||
{{- include "prometheus-node-exporter.imagePullSecrets" (dict "Values" .Values "imagePullSecrets" .Values.imagePullSecrets) | indent 8 }}
|
||||
{{- end }}
|
||||
hostNetwork: {{ .Values.hostNetwork }}
|
||||
{{- if kindIs "bool" .Values.hostUsers }}
|
||||
hostUsers: {{ .Values.hostUsers }}
|
||||
{{- end }}
|
||||
hostPID: {{ .Values.hostPID }}
|
||||
hostIPC: {{ .Values.hostIPC }}
|
||||
affinity:
|
||||
{{- include "prometheus-node-exporter.mergedAffinities" . | nindent 8 }}
|
||||
{{- with .Values.dnsPolicy }}
|
||||
dnsPolicy: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .Values.dnsConfig }}
|
||||
dnsConfig:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.restartPolicy }}
|
||||
restartPolicy: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .Values.tolerations }}
|
||||
tolerations:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
volumes:
|
||||
- name: proc
|
||||
hostPath:
|
||||
path: /proc
|
||||
- name: sys
|
||||
hostPath:
|
||||
path: /sys
|
||||
{{- if .Values.hostRootFsMount.enabled }}
|
||||
- name: root
|
||||
hostPath:
|
||||
path: /
|
||||
{{- end }}
|
||||
{{- range $_, $mount := .Values.extraHostVolumeMounts }}
|
||||
- name: {{ $mount.name }}
|
||||
hostPath:
|
||||
path: {{ $mount.hostPath }}
|
||||
{{- with $mount.type }}
|
||||
type: {{ . }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- range $_, $mount := .Values.sidecarVolumeMount }}
|
||||
- name: {{ $mount.name }}
|
||||
emptyDir:
|
||||
medium: Memory
|
||||
{{- end }}
|
||||
{{- range $_, $mount := .Values.sidecarHostVolumeMounts }}
|
||||
- name: {{ $mount.name }}
|
||||
hostPath:
|
||||
path: {{ $mount.hostPath }}
|
||||
{{- end }}
|
||||
{{- range $_, $mount := .Values.configmaps }}
|
||||
- name: {{ $mount.name }}
|
||||
configMap:
|
||||
name: {{ $mount.name }}
|
||||
{{- end }}
|
||||
{{- range $_, $mount := .Values.secrets }}
|
||||
- name: {{ $mount.name }}
|
||||
secret:
|
||||
secretName: {{ $mount.name }}
|
||||
{{- end }}
|
||||
{{- if .Values.kubeRBACProxy.enabled }}
|
||||
- name: kube-rbac-proxy-config
|
||||
configMap:
|
||||
name: {{ template "prometheus-node-exporter.fullname" . }}-rbac-config
|
||||
{{- end }}
|
||||
{{- if .Values.tlsSecret.enabled }}
|
||||
- name: {{ tpl .Values.tlsSecret.volumeName . | quote }}
|
||||
secret:
|
||||
secretName: {{ tpl .Values.tlsSecret.secretName . | quote }}
|
||||
items:
|
||||
- key: {{ required "Value tlsSecret.certItem must be set." .Values.tlsSecret.certItem | quote }}
|
||||
path: {{ .Values.tlsSecret.certItem | quote }}
|
||||
- key: {{ required "Value tlsSecret.keyItem must be set." .Values.tlsSecret.keyItem | quote }}
|
||||
path: {{ .Values.tlsSecret.keyItem | quote }}
|
||||
{{- if .Values.tlsSecret.caItem }}
|
||||
- key: {{ .Values.tlsSecret.caItem | quote }}
|
||||
path: {{ .Values.tlsSecret.caItem | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- with .Values.extraVolumes }}
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,18 @@
|
||||
{{- if .Values.endpoints }}
|
||||
apiVersion: v1
|
||||
kind: Endpoints
|
||||
metadata:
|
||||
name: {{ include "prometheus-node-exporter.fullname" . }}
|
||||
namespace: {{ include "prometheus-node-exporter.namespace" . }}
|
||||
labels:
|
||||
{{- include "prometheus-node-exporter.labels" . | nindent 4 }}
|
||||
subsets:
|
||||
- addresses:
|
||||
{{- range .Values.endpoints }}
|
||||
- ip: {{ . }}
|
||||
{{- end }}
|
||||
ports:
|
||||
- name: {{ .Values.service.portName }}
|
||||
port: 9100
|
||||
protocol: TCP
|
||||
{{- end }}
|
||||
@@ -0,0 +1,4 @@
|
||||
{{ range .Values.extraManifests }}
|
||||
---
|
||||
{{ tpl . $ }}
|
||||
{{ end }}
|
||||
@@ -0,0 +1,27 @@
|
||||
{{- if .Values.networkPolicy.enabled }}
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: NetworkPolicy
|
||||
metadata:
|
||||
name: {{ include "prometheus-node-exporter.fullname" . }}
|
||||
namespace: {{ include "prometheus-node-exporter.namespace" . }}
|
||||
labels:
|
||||
{{- include "prometheus-node-exporter.labels" $ | nindent 4 }}
|
||||
{{- with .Values.service.annotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
ingress:
|
||||
{{- if .Values.networkPolicy.ingress }}
|
||||
{{- toYaml .Values.networkPolicy.ingress | nindent 4 }}
|
||||
{{- else }}
|
||||
- ports:
|
||||
- port: {{ .Values.service.port }}
|
||||
{{- end }}
|
||||
policyTypes:
|
||||
- Egress
|
||||
- Ingress
|
||||
podSelector:
|
||||
matchLabels:
|
||||
{{- include "prometheus-node-exporter.selectorLabels" . | nindent 6 }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,91 @@
|
||||
{{- if .Values.prometheus.podMonitor.enabled }}
|
||||
apiVersion: {{ .Values.prometheus.podMonitor.apiVersion | default "monitoring.coreos.com/v1" }}
|
||||
kind: PodMonitor
|
||||
metadata:
|
||||
name: {{ include "prometheus-node-exporter.fullname" . }}
|
||||
namespace: {{ include "prometheus-node-exporter.podmonitor-namespace" . }}
|
||||
labels:
|
||||
{{- include "prometheus-node-exporter.labels" . | nindent 4 }}
|
||||
{{- with .Values.prometheus.podMonitor.additionalLabels }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
jobLabel: {{ default "app.kubernetes.io/name" .Values.prometheus.podMonitor.jobLabel }}
|
||||
{{- include "podmonitor.scrapeLimits" .Values.prometheus.podMonitor | nindent 2 }}
|
||||
selector:
|
||||
matchLabels:
|
||||
{{- with .Values.prometheus.podMonitor.selectorOverride }}
|
||||
{{- toYaml . | nindent 6 }}
|
||||
{{- else }}
|
||||
{{- include "prometheus-node-exporter.selectorLabels" . | nindent 6 }}
|
||||
{{- end }}
|
||||
namespaceSelector:
|
||||
matchNames:
|
||||
- {{ include "prometheus-node-exporter.namespace" . }}
|
||||
{{- with .Values.prometheus.podMonitor.attachMetadata }}
|
||||
attachMetadata:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- with .Values.prometheus.podMonitor.podTargetLabels }}
|
||||
podTargetLabels:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
podMetricsEndpoints:
|
||||
- port: {{ .Values.service.portName }}
|
||||
{{- with .Values.prometheus.podMonitor.scheme }}
|
||||
scheme: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .Values.prometheus.podMonitor.path }}
|
||||
path: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .Values.prometheus.podMonitor.basicAuth }}
|
||||
basicAuth:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.prometheus.podMonitor.bearerTokenSecret }}
|
||||
bearerTokenSecret:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.prometheus.podMonitor.tlsConfig }}
|
||||
tlsConfig:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.prometheus.podMonitor.authorization }}
|
||||
authorization:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.prometheus.podMonitor.oauth2 }}
|
||||
oauth2:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.prometheus.podMonitor.proxyUrl }}
|
||||
proxyUrl: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .Values.prometheus.podMonitor.interval }}
|
||||
interval: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .Values.prometheus.podMonitor.honorTimestamps }}
|
||||
honorTimestamps: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .Values.prometheus.podMonitor.honorLabels }}
|
||||
honorLabels: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .Values.prometheus.podMonitor.scrapeTimeout }}
|
||||
scrapeTimeout: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .Values.prometheus.podMonitor.relabelings }}
|
||||
relabelings:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.prometheus.podMonitor.metricRelabelings }}
|
||||
metricRelabelings:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
enableHttp2: {{ default false .Values.prometheus.podMonitor.enableHttp2 }}
|
||||
filterRunning: {{ default true .Values.prometheus.podMonitor.filterRunning }}
|
||||
followRedirects: {{ default false .Values.prometheus.podMonitor.followRedirects }}
|
||||
{{- with .Values.prometheus.podMonitor.params }}
|
||||
params:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,16 @@
|
||||
{{- if .Values.kubeRBACProxy.enabled}}
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ template "prometheus-node-exporter.fullname" . }}-rbac-config
|
||||
namespace: {{ include "prometheus-node-exporter.namespace" . }}
|
||||
data:
|
||||
config-file.yaml: |+
|
||||
authorization:
|
||||
resourceAttributes:
|
||||
namespace: {{ template "prometheus-node-exporter.namespace" . }}
|
||||
apiVersion: v1
|
||||
resource: services
|
||||
subresource: {{ template "prometheus-node-exporter.fullname" . }}
|
||||
name: {{ template "prometheus-node-exporter.fullname" . }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,41 @@
|
||||
{{- if .Values.service.enabled }}
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ include "prometheus-node-exporter.fullname" . }}
|
||||
namespace: {{ include "prometheus-node-exporter.namespace" . }}
|
||||
labels:
|
||||
{{- include "prometheus-node-exporter.labels" $ | nindent 4 }}
|
||||
{{- with .Values.service.labels }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- with .Values.service.annotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- if .Values.service.ipDualStack.enabled }}
|
||||
ipFamilies: {{ toYaml .Values.service.ipDualStack.ipFamilies | nindent 4 }}
|
||||
ipFamilyPolicy: {{ .Values.service.ipDualStack.ipFamilyPolicy }}
|
||||
{{- end }}
|
||||
{{- if .Values.service.externalTrafficPolicy }}
|
||||
externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy }}
|
||||
{{- end }}
|
||||
{{- if .Values.service.internalTrafficPolicy }}
|
||||
internalTrafficPolicy: {{ .Values.service.internalTrafficPolicy }}
|
||||
{{- end }}
|
||||
type: {{ .Values.service.type }}
|
||||
{{- if and (eq .Values.service.type "ClusterIP") .Values.service.clusterIP }}
|
||||
clusterIP: "{{ .Values.service.clusterIP }}"
|
||||
{{- end }}
|
||||
ports:
|
||||
- port: {{ .Values.service.servicePort | default .Values.service.port }}
|
||||
{{- if ( and (eq .Values.service.type "NodePort" ) (not (empty .Values.service.nodePort)) ) }}
|
||||
nodePort: {{ .Values.service.nodePort }}
|
||||
{{- end }}
|
||||
targetPort: {{ .Values.service.targetPort }}
|
||||
protocol: TCP
|
||||
name: {{ .Values.service.portName }}
|
||||
selector:
|
||||
{{- include "prometheus-node-exporter.selectorLabels" . | nindent 4 }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,18 @@
|
||||
{{- if and .Values.rbac.create .Values.serviceAccount.create -}}
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ include "prometheus-node-exporter.serviceAccountName" . }}
|
||||
namespace: {{ include "prometheus-node-exporter.namespace" . }}
|
||||
labels:
|
||||
{{- include "prometheus-node-exporter.labels" . | nindent 4 }}
|
||||
{{- with .Values.serviceAccount.annotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }}
|
||||
{{- if or .Values.serviceAccount.imagePullSecrets .Values.global.imagePullSecrets }}
|
||||
imagePullSecrets:
|
||||
{{- include "prometheus-node-exporter.imagePullSecrets" (dict "Values" .Values "imagePullSecrets" .Values.serviceAccount.imagePullSecrets) | indent 2 }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
@@ -0,0 +1,65 @@
|
||||
{{- if .Values.prometheus.monitor.enabled }}
|
||||
apiVersion: {{ .Values.prometheus.monitor.apiVersion | default "monitoring.coreos.com/v1" }}
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: {{ include "prometheus-node-exporter.fullname" . }}
|
||||
namespace: {{ include "prometheus-node-exporter.monitor-namespace" . }}
|
||||
labels:
|
||||
{{- include "prometheus-node-exporter.labels" . | nindent 4 }}
|
||||
{{- with .Values.prometheus.monitor.additionalLabels }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
jobLabel: {{ default "app.kubernetes.io/name" .Values.prometheus.monitor.jobLabel }}
|
||||
{{- include "servicemonitor.scrapeLimits" .Values.prometheus.monitor | nindent 2 }}
|
||||
{{- with .Values.prometheus.monitor.podTargetLabels }}
|
||||
podTargetLabels:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- with .Values.prometheus.monitor.targetLabels }}
|
||||
targetLabels:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
selector:
|
||||
matchLabels:
|
||||
{{- with .Values.prometheus.monitor.selectorOverride }}
|
||||
{{- toYaml . | nindent 6 }}
|
||||
{{- else }}
|
||||
{{- include "prometheus-node-exporter.selectorLabels" . | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- with .Values.prometheus.monitor.attachMetadata }}
|
||||
attachMetadata:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
endpoints:
|
||||
- port: {{ .Values.service.portName }}
|
||||
scheme: {{ .Values.prometheus.monitor.scheme }}
|
||||
{{- with .Values.prometheus.monitor.basicAuth }}
|
||||
basicAuth:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.prometheus.monitor.bearerTokenFile }}
|
||||
bearerTokenFile: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .Values.prometheus.monitor.tlsConfig }}
|
||||
tlsConfig:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.prometheus.monitor.proxyUrl }}
|
||||
proxyUrl: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .Values.prometheus.monitor.interval }}
|
||||
interval: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .Values.prometheus.monitor.scrapeTimeout }}
|
||||
scrapeTimeout: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .Values.prometheus.monitor.relabelings }}
|
||||
relabelings:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.prometheus.monitor.metricRelabelings }}
|
||||
metricRelabelings:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,40 @@
|
||||
{{- if and (.Capabilities.APIVersions.Has "autoscaling.k8s.io/v1") (.Values.verticalPodAutoscaler.enabled) }}
|
||||
apiVersion: autoscaling.k8s.io/v1
|
||||
kind: VerticalPodAutoscaler
|
||||
metadata:
|
||||
name: {{ include "prometheus-node-exporter.fullname" . }}
|
||||
namespace: {{ include "prometheus-node-exporter.namespace" . }}
|
||||
labels:
|
||||
{{- include "prometheus-node-exporter.labels" . | nindent 4 }}
|
||||
spec:
|
||||
{{- with .Values.verticalPodAutoscaler.recommenders }}
|
||||
recommenders:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
resourcePolicy:
|
||||
containerPolicies:
|
||||
- containerName: node-exporter
|
||||
{{- with .Values.verticalPodAutoscaler.controlledResources }}
|
||||
controlledResources:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.verticalPodAutoscaler.controlledValues }}
|
||||
controlledValues: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .Values.verticalPodAutoscaler.maxAllowed }}
|
||||
maxAllowed:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.verticalPodAutoscaler.minAllowed }}
|
||||
minAllowed:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
targetRef:
|
||||
apiVersion: apps/v1
|
||||
kind: DaemonSet
|
||||
name: {{ include "prometheus-node-exporter.fullname" . }}
|
||||
{{- with .Values.verticalPodAutoscaler.updatePolicy }}
|
||||
updatePolicy:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
Reference in New Issue
Block a user