diff --git a/applicationsets/prometheus-appset.yaml b/applicationsets/prometheus-appset.yaml index ebedad7..091fa69 100644 --- a/applicationsets/prometheus-appset.yaml +++ b/applicationsets/prometheus-appset.yaml @@ -31,8 +31,8 @@ spec: server: https://kubernetes.default.svc namespace: monitoring syncPolicy: - # automated: - # prune: true - # selfHeal: true + automated: + prune: true + selfHeal: true syncOptions: - CreateNamespace=true \ No newline at end of file diff --git a/old/node-exporter-appset.yaml b/old/node-exporter-appset.yaml deleted file mode 100644 index 8e82956..0000000 --- a/old/node-exporter-appset.yaml +++ /dev/null @@ -1,36 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: ApplicationSet -metadata: - name: prometheus-node-exporter-appset - namespace: argocd -spec: - generators: - - list: - elements: - - env: prod - valuesFile: values-prod.yaml - nameSuffix: node-exporter-prod - - env: int - valuesFile: values-int.yaml - nameSuffix: node-exporter-int - template: - metadata: - name: '{{nameSuffix}}' - spec: - project: observability - source: - repoURL: https://git.dvirlabs.com/dvirlabs/observability-stack.git - targetRevision: master - path: charts/prometheus-node-exporter - helm: - valueFiles: - - my-values/{{valuesFile}} - destination: - server: https://kubernetes.default.svc - namespace: monitoring - syncPolicy: - automated: - prune: true - selfHeal: true - syncOptions: - - CreateNamespace=true diff --git a/old/prometheus-node-exporter/.helmignore b/old/prometheus-node-exporter/.helmignore deleted file mode 100644 index 2846d36..0000000 --- a/old/prometheus-node-exporter/.helmignore +++ /dev/null @@ -1,23 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj - -ci/ diff --git a/old/prometheus-node-exporter/Chart.yaml b/old/prometheus-node-exporter/Chart.yaml deleted file mode 100644 index f81cc5b..0000000 --- a/old/prometheus-node-exporter/Chart.yaml +++ /dev/null @@ -1,29 +0,0 @@ -apiVersion: v2 -name: prometheus-node-exporter -description: A Helm chart for prometheus node-exporter -keywords: - - node-exporter - - prometheus - - exporter -type: application -version: 4.46.0 -# renovate: github=prometheus/node_exporter -appVersion: 1.9.1 -home: https://github.com/prometheus/node_exporter/ -sources: - - https://github.com/prometheus/node_exporter/ -maintainers: - - name: gianrubio - email: gianrubio@gmail.com - url: https://github.com/gianrubio - - name: zanhsieh - email: zanhsieh@gmail.com - url: https://github.com/zanhsieh - - name: zeritti - email: rootsandtrees@posteo.de - url: https://github.com/zeritti -annotations: - "artifacthub.io/license": Apache-2.0 - "artifacthub.io/links": | - - name: Chart Source - url: https://github.com/prometheus-community/helm-charts diff --git a/old/prometheus-node-exporter/README.md b/old/prometheus-node-exporter/README.md deleted file mode 100644 index fd83395..0000000 --- a/old/prometheus-node-exporter/README.md +++ /dev/null @@ -1,96 +0,0 @@ -# Prometheus Node Exporter - -Prometheus exporter for hardware and OS metrics exposed by *NIX kernels, written in Go with pluggable metric collectors. - -This chart bootstraps a Prometheus [Node Exporter](http://github.com/prometheus/node_exporter) daemonset on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. - -## Get Repository Info - -```console -helm repo add prometheus-community https://prometheus-community.github.io/helm-charts -helm repo update -``` - -_See [helm repo](https://helm.sh/docs/helm/helm_repo/) for command documentation._ - -## Install Chart - -```console -helm install [RELEASE_NAME] prometheus-community/prometheus-node-exporter -``` - -_See [configuration](#configuring) below._ - -_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._ - -## Uninstall Chart - -```console -helm uninstall [RELEASE_NAME] -``` - -This removes all the Kubernetes components associated with the chart and deletes the release. - -_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._ - -## Upgrading Chart - -```console -helm upgrade [RELEASE_NAME] prometheus-community/prometheus-node-exporter --install -``` - -_See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documentation._ - -### 3.x to 4.x - -Starting from version 4.0.0, the `node exporter` chart is using the [Kubernetes recommended labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/common-labels/). Therefore you have to delete the daemonset before you upgrade. - -```console -kubectl delete daemonset -l app=prometheus-node-exporter -helm upgrade -i prometheus-node-exporter prometheus-community/prometheus-node-exporter -``` - -If you use your own custom [ServiceMonitor](https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api-reference/api.md#servicemonitor) or [PodMonitor](https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api-reference/api.md#podmonitor), please ensure to upgrade their `selector` fields accordingly to the new labels. - -### From 2.x to 3.x - -Change the following: - -```yaml -hostRootFsMount: true -``` - -to: - -```yaml -hostRootFsMount: - enabled: true - mountPropagation: HostToContainer -``` - -## Configuring - -See [Customizing the Chart Before Installing](https://helm.sh/docs/intro/using_helm/#customizing-the-chart-before-installing). To see all configurable options with detailed comments, visit the chart's [values.yaml](./values.yaml), or run these configuration commands: - -```console -helm show values prometheus-community/prometheus-node-exporter -``` - -### kube-rbac-proxy - -You can enable `prometheus-node-exporter` endpoint protection using `kube-rbac-proxy`. By setting `kubeRBACProxy.enabled: true`, this chart will deploy a RBAC proxy container protecting the node-exporter endpoint. -To authorize access, authenticate your requests (via a `ServiceAccount` for example) with a `ClusterRole` attached such as: - -```yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: prometheus-node-exporter-read -rules: - - apiGroups: [ "" ] - resources: ["services/node-exporter-prometheus-node-exporter"] - verbs: - - get -``` - -See [kube-rbac-proxy examples](https://github.com/brancz/kube-rbac-proxy/tree/master/examples/resource-attributes) for more details. diff --git a/old/prometheus-node-exporter/ci/common-labels-values.yaml b/old/prometheus-node-exporter/ci/common-labels-values.yaml deleted file mode 100644 index 719e935..0000000 --- a/old/prometheus-node-exporter/ci/common-labels-values.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- -commonLabels: - foo: bar - baz: '{{ include "prometheus-node-exporter.fullname" . }}' diff --git a/old/prometheus-node-exporter/ci/default-values.yaml b/old/prometheus-node-exporter/ci/default-values.yaml deleted file mode 100644 index 39d98f7..0000000 --- a/old/prometheus-node-exporter/ci/default-values.yaml +++ /dev/null @@ -1 +0,0 @@ -## Default values test case diff --git a/old/prometheus-node-exporter/ci/kube-rbac-proxy-tlssecret-values.yaml b/old/prometheus-node-exporter/ci/kube-rbac-proxy-tlssecret-values.yaml deleted file mode 100644 index a4b042c..0000000 --- a/old/prometheus-node-exporter/ci/kube-rbac-proxy-tlssecret-values.yaml +++ /dev/null @@ -1,25 +0,0 @@ ---- -fullnameOverride: prometheus-node-exporter - -kubeRBACProxy: - enabled: true - tls: - enabled: true - tlsClientAuth: true - -tlsSecret: - enabled: true - caItem: client-ca.crt - secretName: '{{ include "prometheus-node-exporter.fullname" . }}-tls' - volumeName: '{{ include "prometheus-node-exporter.fullname" . }}-tls' - -extraManifests: - - | - apiVersion: v1 - data: - client-ca.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURTekNDQWpPZ0F3SUJBZ0lJY3hXZmlGVnp1WUl3RFFZSktvWklodmNOQVFFTEJRQXdJREVlTUJ3R0ExVUUKQXhNVmJXbHVhV05oSUhKdmIzUWdZMkVnTnpNeE5UbG1NQ0FYRFRJME1EZ3lNekl3TURjMU1Wb1lEekl4TWpRdwpPREl6TWpBd056VXhXakFnTVI0d0hBWURWUVFERXhWdGFXNXBZMkVnY205dmRDQmpZU0EzTXpFMU9XWXdnZ0VpCk1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLQW9JQkFRQy84Q2Y0VVFVaGc3NkpXSGV4c21pc3hYdWQKd2g0UmlJaUJXdFRIdkt0UElTVzdLUEhzRy9pYUppR2VFZ01uZzlCRHBlWmJzbVBzOXBFUkxwRU82bzFRTUYzYwowUnErM1ZIdWN5TWcrVFZ2czB0T1VFYmF3VldNRjdCTjBlbVNBUzBSaFpPaWQ2aEtrRHdiN2JDN3N6U1lwdlZ4Ckk1WGJxZHYrNWdKeEsrSThLRmNkTXJUUmQyUlpQbGlwYmpIbWJQNjhuSHVVbm5rS1kyTDFOR3UwR0xmS2JqRnIKT3hKU1ZMZ29idXZCcW1LTFFQZHZNdkpUTHZYdjBYWFVlRlk3VkVMTVFVSjVwbjU3dlRwU1I4Vzc4MTZnTHQyeApUVWFQcXI1ekpiakQzQllZK3FXQ0JZekNKNkxtbjREUzlJU1FINXlvbjdkREhpcWZKWVZlUy94UUI5cEJBZ01CCkFBR2pnWVl3Z1lNd0RnWURWUjBQQVFIL0JBUURBZ0tFTUIwR0ExVWRKUVFXTUJRR0NDc0dBUVVGQndNQkJnZ3IKQmdFRkJRY0RBakFTQmdOVkhSTUJBZjhFQ0RBR0FRSC9BZ0VBTUIwR0ExVWREZ1FXQkJUN25vTjF6a0R1UFJoOQpWeWtOdlBLeHFRVms4akFmQmdOVkhTTUVHREFXZ0JUN25vTjF6a0R1UFJoOVZ5a052UEt4cVFWazhqQU5CZ2txCmhraUc5dzBCQVFzRkFBT0NBUUVBWFdla3FVcll4Y0h5TWU0ZmUyOXliTDE4cDlqeVB1RDE4Q2x4aXI4V3AzV3UKQm1RUG5qMEdldEo0QnBTazBUOTlVbFZOdUlrT29RcnFBb21VTnpvZWhKcmMrL0dKaHNYTEVKcnZhMFp6TnpiLwpnVHpLSHgxc3YrNnJ4UlJ4ZVlqbVpLZ25kWUgvY1BSVWpvSkJ3azE0Tk5mbG9aN21Id2krN3U3dkM2cW9VMkQ3CjZQemdYSmsvVmNZaHVGMngydFZ2TG1sL05GNlIremxzemJMYXZlMUh2K0ZqbXFMcW0vU2lsdmszdUtWVzlJbGEKTDVJRUVyVkFmVzdXTkdLWWZRZkFVblZ0UTFZTkZoUXNFL3lUQ3JrNXFUZmZuY1VvMmtMNjhOSXB1ZmRMU01zSQpqZUVZdjhEQWJBK2daNEZ2cGt6UjZLZytxcFJvM0JDRmQwbkQ4bDVTUnc9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== - tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURhRENDQWxDZ0F3SUJBZ0lSQUxFTnU3Wit1dC9LZ1NabCs4SjB5ZTB3RFFZSktvWklodmNOQVFFTEJRQXcKSURFZU1Cd0dBMVVFQXhNVmJXbHVhV05oSUhKdmIzUWdZMkVnTnpNeE5UbG1NQ0FYRFRJME1EZ3lOVEV5TlRjMApObG9ZRHpJd056UXdPREV6TVRJMU56UTFXakFqTVNFd0h3WURWUVFERXhod2NtOXRaWFJvWlhWekxXNXZaR1V0ClpYaHdiM0owWlhJd2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUJEd0F3Z2dFS0FvSUJBUURNb1pWL2I3NEEKZURBQ2dCZEdpK29tb1Y5VWxyTG12RHdhOE85TGNRNzVIMURDeHpQbFRpdXA3SDNyMXdSSXlWSmduQTRPdmdVdwpHZ1F4UXUwcTdOcSs5YjJLY3lvZ0xLUEo1aWxTb3JPN3QxSm9SMzN0Q281R28zc0tUdEl5cmwvR3NPQndmb1BjCk9ONkhHMWdRZkNpSFNEQnkyRVZvZkoycytKZWN6N2JEQ2Vvb05ZVms4Wm50cGl6ZGg3elloK291VUZJcStuVjUKN01WN05wd1Jhak9qQ2p4RERseHIyWmVvMXpZRGhaTWNxbFd4RmN6YitTUkw4bFJzNVVoOTF5RWMyWENJUnROWgpnR3MvTmpzVXdNQU9jYTVFLzdFRyt6NHFTeTNOV2ZPTnpoWGQ0VTRDRm1EaHJNdzRZZVlEM25iQXpEMTg5bkdxCkl2Z000RTczUGMzSEFnTUJBQUdqZ1pjd2daUXdEZ1lEVlIwUEFRSC9CQVFEQWdXZ01CMEdBMVVkSlFRV01CUUcKQ0NzR0FRVUZCd01CQmdnckJnRUZCUWNEQWpBZEJnTlZIUTRFRmdRVXJ3SUtRM0IydW1lQndTWnBEZmhMYnZobgpDOU13SHdZRFZSMGpCQmd3Rm9BVSs1NkRkYzVBN2owWWZWY3BEYnp5c2FrRlpQSXdJd1lEVlIwUkJCd3dHb0lZCmNISnZiV1YwYUdWMWN5MXViMlJsTFdWNGNHOXlkR1Z5TUEwR0NTcUdTSWIzRFFFQkN3VUFBNElCQVFBOVpFQmkKVFVrZWNuTElab2hteXNqQVU0WTUxV2VyUm90TTNBTFdNZWlENlpadG16Ym9BVkRDQ0FNaWRqZm1zR2xQelhFRgpxU09vZGMwRjl4QURRcWF3K0ZsVmZwcnJ4b1Juc2NGUDBtS08xTFNlaHp6WVZHTUdjL0ZaOXhJTzE5cjdBY2lICkJCdTVSaHljVmkvdlBVbHpGZVZuaEZWcEYwWk1xd0NUK2hXd29KbWVzYzJHaVh3ZEtrNEVCYWptVFVKdUhUbVUKaDc3YWhTQWp5SWNDdWlVcDFrdVk4cllwbHpWdTJWMnFtTEs1Nm9qN2U0T01nYlR4cmwwOVcwOW5UbmMzL3F3dwovR3V2SmhybFhrOFlzOU5tdEdCVnRkSEVhaXhFKzdTSEdTTCszYnIzZjBPSGdNWk5WT0tTTVYzQXFZdUpOWmhSCkM2VVVyRUl3ZkxRNUtXVmQKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= - tls.key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFb2dJQkFBS0NBUUVBektHVmYyKytBSGd3QW9BWFJvdnFKcUZmVkpheTVydzhHdkR2UzNFTytSOVF3c2N6CjVVNHJxZXg5NjljRVNNbFNZSndPRHI0Rk1Cb0VNVUx0S3V6YXZ2Vzlpbk1xSUN5anllWXBVcUt6dTdkU2FFZDkKN1FxT1JxTjdDazdTTXE1ZnhyRGdjSDZEM0RqZWh4dFlFSHdvaDBnd2N0aEZhSHlkclBpWG5NKzJ3d25xS0RXRgpaUEdaN2FZczNZZTgySWZxTGxCU0t2cDFlZXpGZXphY0VXb3pvd284UXc1Y2E5bVhxTmMyQTRXVEhLcFZzUlhNCjIva2tTL0pVYk9WSWZkY2hITmx3aUViVFdZQnJQelk3Rk1EQURuR3VSUCt4QnZzK0trc3R6Vm56amM0VjNlRk8KQWhaZzRhek1PR0htQTk1MndNdzlmUFp4cWlMNERPQk85ejNOeHdJREFRQUJBb0lCQUJWNmxIV1c1Z3Vva2VtQgpSbkFxT1g2cWk1WVdaMXJld1RSV3U5ZGdXNkQ4ajM2U2FEa1dkbkRVbVBjTFQ3RFFLT3hwRlBTcEwyUTRKdDZBCjF1SWRrR3hnNE85S1hVNlpRT3Z0VThNUHZ1dmlOeTBvNitmWXBzeDFWbkhqaWg2MXZPbmZJUC9OMTh0aTBNQy8KdHdPcjlKa1drN2RLU2liSWhjaGxJNHpiSktUZUVuMFhVZWVPdGZFRXNSd0dESmI4aG9ZaHRPSzJDZ3hhWGw2MwpNMUFnMnl6RHFaUERlS0VYSEJ5SU5UTzNNS05RYUdIUWZSbkxBbE51R1FPb0lsMk9RZzl1enArWGsrTFhXN2hsCkdtSXBkZ2VDVXNFOGo5WjJnTmxZRlFiUW9UbkJIaGFqT2pQSWdIUG44QnRjWHlLcVVSeWZ2TlRKWXk3MExTNy8KUlh5ejhZa0NnWUVBMzRoQnBYVXNZVHJrOUFIUE9mYUx2SVAxRm9yRXo5MkFYQVZaLzF4OGc0Q3lIMUkybFlUYgpaMzhnN1IxVXdaWjV1YStYVlhBcVhKY0J6WUhVVlhIUkZ1TkNBT1VuUmFaeTVRVU5uVFJhZXBScjc0UHlPK2JYCmhPWTk5NjVQQlB6WVFxZTgvQWIvTUNQSEZocmxOMDY4ejVkdW9FdEI2YWUxTFBTYmIwcGFSeDBDZ1lFQTZscUUKWVRBWGZCRWxHZ1NUbTlDMmtXQmRiWTFyUHJ3bThVRDFXOTNTTmxnekx1L1dGbkpNRzdWSzVKdS9KczB4b0NEZQo3aUFsYVZubGlEclpXWXcrQm5ESk1LZXhkR0M1akFxM2F2VDhLa1lZUkt0Rktra3N0OUgwTUhmc21iUFJVc0ZqCk9CUTR0a3BMTzQ1WGFYeWZhT2RRcndBZ2g0emFyYkJQdU8rUHZ6TUNnWUJHLzdCYUxXMTdOSW1rTnk3cTZqUlkKSEZHc1owYzcvczdXYTV5NlQxWDlMdE5rdjJnMjlZdjZ3NVpodWY5QnZkbkw4TW5RaVYvcktNdVp5ckwyc01BSQoxUVlSNHJjbW1FZkdGbVRNbWVSakt1RmRvanMrYTRQbzRuaXNRdUUyWkZrTVV0cmo4aFQ3NVdGRzFDUVovUmhiCmwyMjczQ3VEVzVGZ1JoRll0L1VVd1FLQmdHb1dEYVQ5SXpScmduTVRyVW8wb2VDUFVkdTh6OVozVDkyWVBUbVgKNFlmdVIwVXhGcVhVbWJWVlRSRE5uQ3RSYWV5RjFNVFEwbjZ0VGlWc0ZtWGVBVm5qQm9BNitTNm9kblg1aCt3bgorRnFlbm0rL1pERHZMUW9OUmRBSENaak9lS3hRbEx5WEV0RWFNcEpFTGplM1RXWXNpQzZnRFJtdlhuS1B4SmNBCkF2OVhBb0dBREx1YUtJZEhTY1BQVWludDlYSnJLbC9RQktHajZYWDVkVU5mT04xWG1CSWFEZmRQcGdRTWhXdUgKd3pVVURqNk9YYVo0WHBDQW9lcE50YzFhYU5pd0hWQXJOR1ZwcllEL2E5WXBxNWNkY3laTzBQYXJmSk53MkJ0Sgp1ZHIxY1B4SE04VW40REZnNzBiRnpXQVJwZEVwSnk0TjMwWExyUTZJcWlpdHZwaGQ3QTg9Ci0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg== - kind: Secret - metadata: - name: '{{ include "prometheus-node-exporter.fullname" . }}-tls' diff --git a/old/prometheus-node-exporter/ci/networkpolicy-values.yaml b/old/prometheus-node-exporter/ci/networkpolicy-values.yaml deleted file mode 100644 index bcea8de..0000000 --- a/old/prometheus-node-exporter/ci/networkpolicy-values.yaml +++ /dev/null @@ -1,5 +0,0 @@ -networkPolicy: - enabled: true - ingress: - - ports: - - port: 9100 diff --git a/old/prometheus-node-exporter/ci/pod-labels-values.yaml b/old/prometheus-node-exporter/ci/pod-labels-values.yaml deleted file mode 100644 index 7de36a6..0000000 --- a/old/prometheus-node-exporter/ci/pod-labels-values.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- -podLabels: - foo: bar - baz: '{{ .Chart.AppVersion }}' diff --git a/old/prometheus-node-exporter/ci/port-values.yaml b/old/prometheus-node-exporter/ci/port-values.yaml deleted file mode 100644 index dbfb4b6..0000000 --- a/old/prometheus-node-exporter/ci/port-values.yaml +++ /dev/null @@ -1,3 +0,0 @@ -service: - targetPort: 9102 - port: 9102 diff --git a/old/prometheus-node-exporter/ci/service-labels-values.yaml b/old/prometheus-node-exporter/ci/service-labels-values.yaml deleted file mode 100644 index 9c5e365..0000000 --- a/old/prometheus-node-exporter/ci/service-labels-values.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -service: - labels: - foo: bar - baz: quux diff --git a/old/prometheus-node-exporter/ci/serviceport-values.yaml b/old/prometheus-node-exporter/ci/serviceport-values.yaml deleted file mode 100644 index b0b7be6..0000000 --- a/old/prometheus-node-exporter/ci/serviceport-values.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -service: - servicePort: 80 diff --git a/old/prometheus-node-exporter/my-values/values-int.yaml b/old/prometheus-node-exporter/my-values/values-int.yaml deleted file mode 100644 index 62e3bc8..0000000 --- a/old/prometheus-node-exporter/my-values/values-int.yaml +++ /dev/null @@ -1,16 +0,0 @@ -hostNetwork: false -containerPort: 9110 - -service: - port: 9110 - targetPort: 9110 - annotations: - prometheus.io/scrape: "true" - -prometheus: - monitor: - enabled: true - interval: 30s - scrapeTimeout: 10s - additionalLabels: - release: prometheus-int diff --git a/old/prometheus-node-exporter/my-values/values-prod.yaml b/old/prometheus-node-exporter/my-values/values-prod.yaml deleted file mode 100644 index 5afa725..0000000 --- a/old/prometheus-node-exporter/my-values/values-prod.yaml +++ /dev/null @@ -1,25 +0,0 @@ -hostNetwork: false -containerPort: 9100 - -service: - port: 9100 - targetPort: 9100 - annotations: - prometheus.io/scrape: "true" - prometheus.io/port: "9100" - -resources: - limits: - cpu: 200m - memory: 128Mi - requests: - cpu: 100m - memory: 64Mi - -prometheus: - monitor: - enabled: true - interval: 30s - scrapeTimeout: 10s - additionalLabels: - release: prometheus-prod diff --git a/old/prometheus-node-exporter/templates/NOTES.txt b/old/prometheus-node-exporter/templates/NOTES.txt deleted file mode 100644 index db8584d..0000000 --- a/old/prometheus-node-exporter/templates/NOTES.txt +++ /dev/null @@ -1,29 +0,0 @@ -1. Get the application URL by running these commands: -{{- if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ template "prometheus-node-exporter.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "prometheus-node-exporter.fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ template "prometheus-node-exporter.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ template "prometheus-node-exporter.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ template "prometheus-node-exporter.namespace" . }} {{ template "prometheus-node-exporter.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.port }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ template "prometheus-node-exporter.namespace" . }} -l "app.kubernetes.io/name={{ template "prometheus-node-exporter.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:9100 to use your application" - kubectl port-forward --namespace {{ template "prometheus-node-exporter.namespace" . }} $POD_NAME 9100 -{{- end }} - -{{- if .Values.kubeRBACProxy.enabled}} - -kube-rbac-proxy endpoint protections is enabled: -- Metrics endpoints is now HTTPS -- Ensure that the client authenticates the requests (e.g. via service account) with the following role permissions: -``` -rules: - - apiGroups: [ "" ] - resources: ["services/{{ template "prometheus-node-exporter.fullname" . }}"] - verbs: - - get -``` -{{- end }} \ No newline at end of file diff --git a/old/prometheus-node-exporter/templates/_helpers.tpl b/old/prometheus-node-exporter/templates/_helpers.tpl deleted file mode 100644 index 890c487..0000000 --- a/old/prometheus-node-exporter/templates/_helpers.tpl +++ /dev/null @@ -1,237 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "prometheus-node-exporter.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "prometheus-node-exporter.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "prometheus-node-exporter.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Common labels -*/}} -{{- define "prometheus-node-exporter.labels" -}} -helm.sh/chart: {{ include "prometheus-node-exporter.chart" . }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -app.kubernetes.io/component: metrics -app.kubernetes.io/part-of: {{ include "prometheus-node-exporter.name" . }} -{{ include "prometheus-node-exporter.selectorLabels" . }} -{{- with .Chart.AppVersion }} -app.kubernetes.io/version: {{ . | quote }} -{{- end }} -{{- with .Values.commonLabels }} -{{ tpl (toYaml .) $ }} -{{- end }} -{{- if .Values.releaseLabel }} -release: {{ .Release.Name }} -{{- end }} -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "prometheus-node-exporter.selectorLabels" -}} -app.kubernetes.io/name: {{ include "prometheus-node-exporter.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} - - -{{/* -Create the name of the service account to use -*/}} -{{- define "prometheus-node-exporter.serviceAccountName" -}} -{{- if .Values.serviceAccount.create }} -{{- default (include "prometheus-node-exporter.fullname" .) .Values.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.serviceAccount.name }} -{{- end }} -{{- end }} - -{{/* -The image to use -*/}} -{{- define "prometheus-node-exporter.image" -}} -{{- if .Values.image.sha }} -{{- fail "image.sha forbidden. Use image.digest instead" }} -{{- else if .Values.image.digest }} -{{- if .Values.global.imageRegistry }} -{{- printf "%s/%s:%s@%s" .Values.global.imageRegistry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) .Values.image.digest }} -{{- else }} -{{- printf "%s/%s:%s@%s" .Values.image.registry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) .Values.image.digest }} -{{- end }} -{{- else }} -{{- if .Values.global.imageRegistry }} -{{- printf "%s/%s:%s" .Values.global.imageRegistry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) }} -{{- else }} -{{- printf "%s/%s:%s" .Values.image.registry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) }} -{{- end }} -{{- end }} -{{- end }} - -{{/* -Allow the release namespace to be overridden for multi-namespace deployments in combined charts -*/}} -{{- define "prometheus-node-exporter.namespace" -}} -{{- if .Values.namespaceOverride }} -{{- .Values.namespaceOverride }} -{{- else }} -{{- .Release.Namespace }} -{{- end }} -{{- end }} - -{{/* -Create the namespace name of the service monitor -*/}} -{{- define "prometheus-node-exporter.monitor-namespace" -}} -{{- if .Values.namespaceOverride }} -{{- .Values.namespaceOverride }} -{{- else }} -{{- if .Values.prometheus.monitor.namespace }} -{{- .Values.prometheus.monitor.namespace }} -{{- else }} -{{- .Release.Namespace }} -{{- end }} -{{- end }} -{{- end }} - -{{/* Sets default scrape limits for servicemonitor */}} -{{- define "servicemonitor.scrapeLimits" -}} -{{- with .sampleLimit }} -sampleLimit: {{ . }} -{{- end }} -{{- with .targetLimit }} -targetLimit: {{ . }} -{{- end }} -{{- with .labelLimit }} -labelLimit: {{ . }} -{{- end }} -{{- with .labelNameLengthLimit }} -labelNameLengthLimit: {{ . }} -{{- end }} -{{- with .labelValueLengthLimit }} -labelValueLengthLimit: {{ . }} -{{- end }} -{{- end }} - -{{/* -Formats imagePullSecrets. Input is (dict "Values" .Values "imagePullSecrets" .{specific imagePullSecrets}) -*/}} -{{- define "prometheus-node-exporter.imagePullSecrets" -}} -{{- range (concat .Values.global.imagePullSecrets .imagePullSecrets) }} - {{- if eq (typeOf .) "map[string]interface {}" }} -- {{ toYaml . | trim }} - {{- else }} -- name: {{ . }} - {{- end }} -{{- end }} -{{- end -}} - -{{/* -Create the namespace name of the pod monitor -*/}} -{{- define "prometheus-node-exporter.podmonitor-namespace" -}} -{{- if .Values.namespaceOverride }} -{{- .Values.namespaceOverride }} -{{- else }} -{{- if .Values.prometheus.podMonitor.namespace }} -{{- .Values.prometheus.podMonitor.namespace }} -{{- else }} -{{- .Release.Namespace }} -{{- end }} -{{- end }} -{{- end }} - -{{/* Sets default scrape limits for podmonitor */}} -{{- define "podmonitor.scrapeLimits" -}} -{{- with .sampleLimit }} -sampleLimit: {{ . }} -{{- end }} -{{- with .targetLimit }} -targetLimit: {{ . }} -{{- end }} -{{- with .labelLimit }} -labelLimit: {{ . }} -{{- end }} -{{- with .labelNameLengthLimit }} -labelNameLengthLimit: {{ . }} -{{- end }} -{{- with .labelValueLengthLimit }} -labelValueLengthLimit: {{ . }} -{{- end }} -{{- end }} - -{{/* Sets sidecar volumeMounts */}} -{{- define "prometheus-node-exporter.sidecarVolumeMounts" -}} -{{- range $_, $mount := $.Values.sidecarVolumeMount }} -- name: {{ $mount.name }} - mountPath: {{ $mount.mountPath }} - readOnly: {{ $mount.readOnly }} -{{- end }} -{{- range $_, $mount := $.Values.sidecarHostVolumeMounts }} -- name: {{ $mount.name }} - mountPath: {{ $mount.mountPath }} - readOnly: {{ $mount.readOnly }} -{{- if $mount.mountPropagation }} - mountPropagation: {{ $mount.mountPropagation }} -{{- end }} -{{- end }} -{{- end }} - -{{/* -The default node affinity to exclude -- AWS Fargate -- Azure virtual nodes -*/}} -{{- define "prometheus-node-exporter.defaultAffinity" -}} -nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: eks.amazonaws.com/compute-type - operator: NotIn - values: - - fargate - - key: type - operator: NotIn - values: - - virtual-kubelet -{{- end -}} -{{- define "prometheus-node-exporter.mergedAffinities" -}} -{{- $defaultAffinity := include "prometheus-node-exporter.defaultAffinity" . | fromYaml -}} -{{- with .Values.affinity -}} - {{- if .nodeAffinity -}} - {{- $_ := set $defaultAffinity "nodeAffinity" (mergeOverwrite $defaultAffinity.nodeAffinity .nodeAffinity) -}} - {{- end -}} - {{- if .podAffinity -}} - {{- $_ := set $defaultAffinity "podAffinity" .podAffinity -}} - {{- end -}} - {{- if .podAntiAffinity -}} - {{- $_ := set $defaultAffinity "podAntiAffinity" .podAntiAffinity -}} - {{- end -}} -{{- end -}} -{{- toYaml $defaultAffinity -}} -{{- end -}} diff --git a/old/prometheus-node-exporter/templates/clusterrole.yaml b/old/prometheus-node-exporter/templates/clusterrole.yaml deleted file mode 100644 index c256dba..0000000 --- a/old/prometheus-node-exporter/templates/clusterrole.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{- if and (eq .Values.rbac.create true) (eq .Values.kubeRBACProxy.enabled true) -}} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ include "prometheus-node-exporter.fullname" . }} - labels: - {{- include "prometheus-node-exporter.labels" . | nindent 4 }} -rules: - {{- if $.Values.kubeRBACProxy.enabled }} - - apiGroups: [ "authentication.k8s.io" ] - resources: - - tokenreviews - verbs: [ "create" ] - - apiGroups: [ "authorization.k8s.io" ] - resources: - - subjectaccessreviews - verbs: [ "create" ] - {{- end }} -{{- end -}} diff --git a/old/prometheus-node-exporter/templates/clusterrolebinding.yaml b/old/prometheus-node-exporter/templates/clusterrolebinding.yaml deleted file mode 100644 index 653305a..0000000 --- a/old/prometheus-node-exporter/templates/clusterrolebinding.yaml +++ /dev/null @@ -1,20 +0,0 @@ -{{- if and (eq .Values.rbac.create true) (eq .Values.kubeRBACProxy.enabled true) -}} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - {{- include "prometheus-node-exporter.labels" . | nindent 4 }} - name: {{ template "prometheus-node-exporter.fullname" . }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole -{{- if .Values.rbac.useExistingRole }} - name: {{ .Values.rbac.useExistingRole }} -{{- else }} - name: {{ template "prometheus-node-exporter.fullname" . }} -{{- end }} -subjects: -- kind: ServiceAccount - name: {{ template "prometheus-node-exporter.serviceAccountName" . }} - namespace: {{ template "prometheus-node-exporter.namespace" . }} -{{- end -}} diff --git a/old/prometheus-node-exporter/templates/daemonset.yaml b/old/prometheus-node-exporter/templates/daemonset.yaml deleted file mode 100644 index e3ac2f1..0000000 --- a/old/prometheus-node-exporter/templates/daemonset.yaml +++ /dev/null @@ -1,348 +0,0 @@ -apiVersion: apps/v1 -kind: DaemonSet -metadata: - name: {{ include "prometheus-node-exporter.fullname" . }} - namespace: {{ include "prometheus-node-exporter.namespace" . }} - labels: - {{- include "prometheus-node-exporter.labels" . | nindent 4 }} - {{- with .Values.daemonsetAnnotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - selector: - matchLabels: - {{- include "prometheus-node-exporter.selectorLabels" . | nindent 6 }} - revisionHistoryLimit: {{ .Values.revisionHistoryLimit }} - {{- with .Values.updateStrategy }} - updateStrategy: - {{- toYaml . | nindent 4 }} - {{- end }} - template: - metadata: - {{- with .Values.podAnnotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} - labels: - {{- include "prometheus-node-exporter.labels" . | nindent 8 }} - {{- with .Values.podLabels }} - {{- tpl (toYaml .) $ | nindent 8 }} - {{- end }} - spec: - automountServiceAccountToken: {{ ternary true false (or .Values.serviceAccount.automountServiceAccountToken .Values.kubeRBACProxy.enabled) }} - {{- with .Values.securityContext }} - securityContext: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.priorityClassName }} - priorityClassName: {{ . }} - {{- end }} - {{- with .Values.extraInitContainers }} - initContainers: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "prometheus-node-exporter.serviceAccountName" . }} - {{- with .Values.terminationGracePeriodSeconds }} - terminationGracePeriodSeconds: {{ . }} - {{- end }} - containers: - {{- $servicePort := ternary .Values.kubeRBACProxy.port .Values.service.port .Values.kubeRBACProxy.enabled }} - - name: node-exporter - image: {{ include "prometheus-node-exporter.image" . }} - imagePullPolicy: {{ .Values.image.pullPolicy }} - args: - - --path.procfs=/host/proc - - --path.sysfs=/host/sys - {{- if .Values.hostRootFsMount.enabled }} - - --path.rootfs=/host/root - {{- if semverCompare ">=1.4.0-0" (coalesce .Values.version .Values.image.tag .Chart.AppVersion) }} - - --path.udev.data=/host/root/run/udev/data - {{- end }} - {{- end }} - - --web.listen-address=[$(HOST_IP)]:{{ $servicePort }} - {{- with .Values.extraArgs }} - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - env: - - name: HOST_IP - {{- if .Values.kubeRBACProxy.enabled }} - value: 127.0.0.1 - {{- else if .Values.service.listenOnAllInterfaces }} - value: 0.0.0.0 - {{- else }} - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.hostIP - {{- end }} - {{- range $key, $value := .Values.env }} - - name: {{ $key }} - value: {{ $value | quote }} - {{- end }} - {{- if eq .Values.kubeRBACProxy.enabled false }} - ports: - - name: {{ .Values.service.portName }} - containerPort: {{ .Values.service.port }} - protocol: TCP - {{- end }} - livenessProbe: - failureThreshold: {{ .Values.livenessProbe.failureThreshold }} - httpGet: - {{- if .Values.kubeRBACProxy.enabled }} - host: 127.0.0.1 - {{- end }} - httpHeaders: - {{- range $_, $header := .Values.livenessProbe.httpGet.httpHeaders }} - - name: {{ $header.name }} - value: {{ $header.value }} - {{- end }} - path: / - port: {{ $servicePort }} - scheme: {{ upper .Values.livenessProbe.httpGet.scheme }} - initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.livenessProbe.periodSeconds }} - successThreshold: {{ .Values.livenessProbe.successThreshold }} - timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} - readinessProbe: - failureThreshold: {{ .Values.readinessProbe.failureThreshold }} - httpGet: - {{- if .Values.kubeRBACProxy.enabled }} - host: 127.0.0.1 - {{- end }} - httpHeaders: - {{- range $_, $header := .Values.readinessProbe.httpGet.httpHeaders }} - - name: {{ $header.name }} - value: {{ $header.value }} - {{- end }} - path: / - port: {{ $servicePort }} - scheme: {{ upper .Values.readinessProbe.httpGet.scheme }} - initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.readinessProbe.periodSeconds }} - successThreshold: {{ .Values.readinessProbe.successThreshold }} - timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} - {{- with .Values.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- if .Values.terminationMessageParams.enabled }} - {{- with .Values.terminationMessageParams }} - terminationMessagePath: {{ .terminationMessagePath }} - terminationMessagePolicy: {{ .terminationMessagePolicy }} - {{- end }} - {{- end }} - volumeMounts: - - name: proc - mountPath: /host/proc - {{- with .Values.hostProcFsMount.mountPropagation }} - mountPropagation: {{ . }} - {{- end }} - readOnly: true - - name: sys - mountPath: /host/sys - {{- with .Values.hostSysFsMount.mountPropagation }} - mountPropagation: {{ . }} - {{- end }} - readOnly: true - {{- if .Values.hostRootFsMount.enabled }} - - name: root - mountPath: /host/root - {{- with .Values.hostRootFsMount.mountPropagation }} - mountPropagation: {{ . }} - {{- end }} - readOnly: true - {{- end }} - {{- range $_, $mount := .Values.extraHostVolumeMounts }} - - name: {{ $mount.name }} - mountPath: {{ $mount.mountPath }} - readOnly: {{ $mount.readOnly }} - {{- with $mount.mountPropagation }} - mountPropagation: {{ . }} - {{- end }} - {{- end }} - {{- range $_, $mount := .Values.sidecarVolumeMount }} - - name: {{ $mount.name }} - mountPath: {{ $mount.mountPath }} - readOnly: true - {{- end }} - {{- range $_, $mount := .Values.configmaps }} - - name: {{ $mount.name }} - mountPath: {{ $mount.mountPath }} - {{- end }} - {{- range $_, $mount := .Values.secrets }} - - name: {{ .name }} - mountPath: {{ .mountPath }} - {{- end }} - {{- with .Values.extraVolumeMounts }} - {{- toYaml . | nindent 12 }} - {{- end }} - {{- range .Values.sidecars }} - {{- $overwrites := dict "volumeMounts" (concat (include "prometheus-node-exporter.sidecarVolumeMounts" $ | fromYamlArray) (.volumeMounts | default list) | default list) }} - {{- $defaults := dict "image" (include "prometheus-node-exporter.image" $) "securityContext" $.Values.containerSecurityContext "imagePullPolicy" $.Values.image.pullPolicy }} - - {{- toYaml (merge $overwrites . $defaults) | nindent 10 }} - {{- end }} - {{- if .Values.kubeRBACProxy.enabled }} - - name: kube-rbac-proxy - args: - {{- if .Values.kubeRBACProxy.extraArgs }} - {{- .Values.kubeRBACProxy.extraArgs | toYaml | nindent 12 }} - {{- end }} - - --secure-listen-address=:{{ .Values.service.port}} - - --upstream=http://127.0.0.1:{{ $servicePort }}/ - - --proxy-endpoints-port={{ .Values.kubeRBACProxy.proxyEndpointsPort }} - - --config-file=/etc/kube-rbac-proxy-config/config-file.yaml - {{- if and .Values.kubeRBACProxy.tls.enabled .Values.tlsSecret.enabled }} - - --tls-cert-file=/tls/private/{{ .Values.tlsSecret.certItem }} - - --tls-private-key-file=/tls/private/{{ .Values.tlsSecret.keyItem }} - {{- if and .Values.kubeRBACProxy.tls.tlsClientAuth .Values.tlsSecret.caItem }} - - --client-ca-file=/tls/private/{{ .Values.tlsSecret.caItem }} - {{- end }} - {{- end }} - volumeMounts: - - name: kube-rbac-proxy-config - mountPath: /etc/kube-rbac-proxy-config - {{- if and .Values.kubeRBACProxy.tls.enabled .Values.tlsSecret.enabled }} - - name: {{ tpl .Values.tlsSecret.volumeName . | quote }} - mountPath: /tls/private - readOnly: true - {{- end }} - {{- with .Values.kubeRBACProxy.extraVolumeMounts }} - {{- toYaml . | nindent 12 }} - {{- end }} - imagePullPolicy: {{ .Values.kubeRBACProxy.image.pullPolicy }} - {{- if .Values.kubeRBACProxy.image.sha }} - image: "{{ .Values.global.imageRegistry | default .Values.kubeRBACProxy.image.registry}}/{{ .Values.kubeRBACProxy.image.repository }}:{{ .Values.kubeRBACProxy.image.tag }}@sha256:{{ .Values.kubeRBACProxy.image.sha }}" - {{- else }} - image: "{{ .Values.global.imageRegistry | default .Values.kubeRBACProxy.image.registry}}/{{ .Values.kubeRBACProxy.image.repository }}:{{ .Values.kubeRBACProxy.image.tag }}" - {{- end }} - ports: - - containerPort: {{ .Values.service.port}} - name: {{ .Values.kubeRBACProxy.portName }} - {{- if .Values.kubeRBACProxy.enableHostPort }} - hostPort: {{ .Values.service.port }} - {{- end }} - - containerPort: {{ .Values.kubeRBACProxy.proxyEndpointsPort }} - {{- if .Values.kubeRBACProxy.enableProxyEndpointsHostPort }} - hostPort: {{ .Values.kubeRBACProxy.proxyEndpointsPort }} - {{- end }} - name: "http-healthz" - readinessProbe: - httpGet: - scheme: HTTPS - port: {{ .Values.kubeRBACProxy.proxyEndpointsPort }} - path: healthz - initialDelaySeconds: 5 - timeoutSeconds: 5 - {{- if .Values.kubeRBACProxy.resources }} - resources: - {{- toYaml .Values.kubeRBACProxy.resources | nindent 12 }} - {{- end }} - {{- if .Values.terminationMessageParams.enabled }} - {{- with .Values.terminationMessageParams }} - terminationMessagePath: {{ .terminationMessagePath }} - terminationMessagePolicy: {{ .terminationMessagePolicy }} - {{- end }} - {{- end }} - {{- with .Values.kubeRBACProxy.env }} - env: - {{- range $key, $value := $.Values.kubeRBACProxy.env }} - - name: {{ $key }} - value: {{ $value | quote }} - {{- end }} - {{- end }} - {{- if .Values.kubeRBACProxy.containerSecurityContext }} - securityContext: - {{ toYaml .Values.kubeRBACProxy.containerSecurityContext | nindent 12 }} - {{- end }} - {{- end }} - {{- if or .Values.imagePullSecrets .Values.global.imagePullSecrets }} - imagePullSecrets: - {{- include "prometheus-node-exporter.imagePullSecrets" (dict "Values" .Values "imagePullSecrets" .Values.imagePullSecrets) | indent 8 }} - {{- end }} - hostNetwork: {{ .Values.hostNetwork }} - hostPID: {{ .Values.hostPID }} - hostIPC: {{ .Values.hostIPC }} - affinity: - {{- include "prometheus-node-exporter.mergedAffinities" . | nindent 8 }} - {{- with .Values.dnsConfig }} - dnsConfig: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.restartPolicy }} - restartPolicy: {{ . }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - volumes: - - name: proc - hostPath: - path: /proc - - name: sys - hostPath: - path: /sys - {{- if .Values.hostRootFsMount.enabled }} - - name: root - hostPath: - path: / - {{- end }} - {{- range $_, $mount := .Values.extraHostVolumeMounts }} - - name: {{ $mount.name }} - hostPath: - path: {{ $mount.hostPath }} - {{- with $mount.type }} - type: {{ . }} - {{- end }} - {{- end }} - {{- range $_, $mount := .Values.sidecarVolumeMount }} - - name: {{ $mount.name }} - emptyDir: - medium: Memory - {{- end }} - {{- range $_, $mount := .Values.sidecarHostVolumeMounts }} - - name: {{ $mount.name }} - hostPath: - path: {{ $mount.hostPath }} - {{- end }} - {{- range $_, $mount := .Values.configmaps }} - - name: {{ $mount.name }} - configMap: - name: {{ $mount.name }} - {{- end }} - {{- range $_, $mount := .Values.secrets }} - - name: {{ $mount.name }} - secret: - secretName: {{ $mount.name }} - {{- end }} - {{- if .Values.kubeRBACProxy.enabled }} - - name: kube-rbac-proxy-config - configMap: - name: {{ template "prometheus-node-exporter.fullname" . }}-rbac-config - {{- end }} - {{- if .Values.tlsSecret.enabled }} - - name: {{ tpl .Values.tlsSecret.volumeName . | quote }} - secret: - secretName: {{ tpl .Values.tlsSecret.secretName . | quote }} - items: - - key: {{ required "Value tlsSecret.certItem must be set." .Values.tlsSecret.certItem | quote }} - path: {{ .Values.tlsSecret.certItem | quote }} - - key: {{ required "Value tlsSecret.keyItem must be set." .Values.tlsSecret.keyItem | quote }} - path: {{ .Values.tlsSecret.keyItem | quote }} - {{- if .Values.tlsSecret.caItem }} - - key: {{ .Values.tlsSecret.caItem | quote }} - path: {{ .Values.tlsSecret.caItem | quote }} - {{- end }} - {{- end }} - {{- with .Values.extraVolumes }} - {{- toYaml . | nindent 8 }} - {{- end }} diff --git a/old/prometheus-node-exporter/templates/endpoints.yaml b/old/prometheus-node-exporter/templates/endpoints.yaml deleted file mode 100644 index 45eeb8d..0000000 --- a/old/prometheus-node-exporter/templates/endpoints.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- if .Values.endpoints }} -apiVersion: v1 -kind: Endpoints -metadata: - name: {{ include "prometheus-node-exporter.fullname" . }} - namespace: {{ include "prometheus-node-exporter.namespace" . }} - labels: - {{- include "prometheus-node-exporter.labels" . | nindent 4 }} -subsets: - - addresses: - {{- range .Values.endpoints }} - - ip: {{ . }} - {{- end }} - ports: - - name: {{ .Values.service.portName }} - port: 9100 - protocol: TCP -{{- end }} diff --git a/old/prometheus-node-exporter/templates/extra-manifests.yaml b/old/prometheus-node-exporter/templates/extra-manifests.yaml deleted file mode 100644 index 2b21b71..0000000 --- a/old/prometheus-node-exporter/templates/extra-manifests.yaml +++ /dev/null @@ -1,4 +0,0 @@ -{{ range .Values.extraManifests }} ---- -{{ tpl . $ }} -{{ end }} diff --git a/old/prometheus-node-exporter/templates/networkpolicy.yaml b/old/prometheus-node-exporter/templates/networkpolicy.yaml deleted file mode 100644 index ee40902..0000000 --- a/old/prometheus-node-exporter/templates/networkpolicy.yaml +++ /dev/null @@ -1,27 +0,0 @@ -{{- if .Values.networkPolicy.enabled }} -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: {{ include "prometheus-node-exporter.fullname" . }} - namespace: {{ include "prometheus-node-exporter.namespace" . }} - labels: - {{- include "prometheus-node-exporter.labels" $ | nindent 4 }} - {{- with .Values.service.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - ingress: - {{- if .Values.networkPolicy.ingress }} - {{- toYaml .Values.networkPolicy.ingress | nindent 4 }} - {{- else }} - - ports: - - port: {{ .Values.service.port }} - {{- end }} - policyTypes: - - Egress - - Ingress - podSelector: - matchLabels: - {{- include "prometheus-node-exporter.selectorLabels" . | nindent 6 }} -{{- end }} diff --git a/old/prometheus-node-exporter/templates/podmonitor.yaml b/old/prometheus-node-exporter/templates/podmonitor.yaml deleted file mode 100644 index f88da6a..0000000 --- a/old/prometheus-node-exporter/templates/podmonitor.yaml +++ /dev/null @@ -1,91 +0,0 @@ -{{- if .Values.prometheus.podMonitor.enabled }} -apiVersion: {{ .Values.prometheus.podMonitor.apiVersion | default "monitoring.coreos.com/v1" }} -kind: PodMonitor -metadata: - name: {{ include "prometheus-node-exporter.fullname" . }} - namespace: {{ include "prometheus-node-exporter.podmonitor-namespace" . }} - labels: - {{- include "prometheus-node-exporter.labels" . | nindent 4 }} - {{- with .Values.prometheus.podMonitor.additionalLabels }} - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - jobLabel: {{ default "app.kubernetes.io/name" .Values.prometheus.podMonitor.jobLabel }} - {{- include "podmonitor.scrapeLimits" .Values.prometheus.podMonitor | nindent 2 }} - selector: - matchLabels: - {{- with .Values.prometheus.podMonitor.selectorOverride }} - {{- toYaml . | nindent 6 }} - {{- else }} - {{- include "prometheus-node-exporter.selectorLabels" . | nindent 6 }} - {{- end }} - namespaceSelector: - matchNames: - - {{ include "prometheus-node-exporter.namespace" . }} - {{- with .Values.prometheus.podMonitor.attachMetadata }} - attachMetadata: - {{- toYaml . | nindent 4 }} - {{- end }} - {{- with .Values.prometheus.podMonitor.podTargetLabels }} - podTargetLabels: - {{- toYaml . | nindent 4 }} - {{- end }} - podMetricsEndpoints: - - port: {{ .Values.service.portName }} - {{- with .Values.prometheus.podMonitor.scheme }} - scheme: {{ . }} - {{- end }} - {{- with .Values.prometheus.podMonitor.path }} - path: {{ . }} - {{- end }} - {{- with .Values.prometheus.podMonitor.basicAuth }} - basicAuth: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.prometheus.podMonitor.bearerTokenSecret }} - bearerTokenSecret: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.prometheus.podMonitor.tlsConfig }} - tlsConfig: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.prometheus.podMonitor.authorization }} - authorization: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.prometheus.podMonitor.oauth2 }} - oauth2: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.prometheus.podMonitor.proxyUrl }} - proxyUrl: {{ . }} - {{- end }} - {{- with .Values.prometheus.podMonitor.interval }} - interval: {{ . }} - {{- end }} - {{- with .Values.prometheus.podMonitor.honorTimestamps }} - honorTimestamps: {{ . }} - {{- end }} - {{- with .Values.prometheus.podMonitor.honorLabels }} - honorLabels: {{ . }} - {{- end }} - {{- with .Values.prometheus.podMonitor.scrapeTimeout }} - scrapeTimeout: {{ . }} - {{- end }} - {{- with .Values.prometheus.podMonitor.relabelings }} - relabelings: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.prometheus.podMonitor.metricRelabelings }} - metricRelabelings: - {{- toYaml . | nindent 8 }} - {{- end }} - enableHttp2: {{ default false .Values.prometheus.podMonitor.enableHttp2 }} - filterRunning: {{ default true .Values.prometheus.podMonitor.filterRunning }} - followRedirects: {{ default false .Values.prometheus.podMonitor.followRedirects }} - {{- with .Values.prometheus.podMonitor.params }} - params: - {{- toYaml . | nindent 8 }} - {{- end }} -{{- end }} diff --git a/old/prometheus-node-exporter/templates/psp-clusterrole.yaml b/old/prometheus-node-exporter/templates/psp-clusterrole.yaml deleted file mode 100644 index 8957317..0000000 --- a/old/prometheus-node-exporter/templates/psp-clusterrole.yaml +++ /dev/null @@ -1,14 +0,0 @@ -{{- if and .Values.rbac.create .Values.rbac.pspEnabled (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }} -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: psp-{{ include "prometheus-node-exporter.fullname" . }} - labels: - {{- include "prometheus-node-exporter.labels" . | nindent 4 }} -rules: -- apiGroups: ['extensions'] - resources: ['podsecuritypolicies'] - verbs: ['use'] - resourceNames: - - {{ include "prometheus-node-exporter.fullname" . }} -{{- end }} diff --git a/old/prometheus-node-exporter/templates/psp-clusterrolebinding.yaml b/old/prometheus-node-exporter/templates/psp-clusterrolebinding.yaml deleted file mode 100644 index 3333701..0000000 --- a/old/prometheus-node-exporter/templates/psp-clusterrolebinding.yaml +++ /dev/null @@ -1,16 +0,0 @@ -{{- if and .Values.rbac.create .Values.rbac.pspEnabled (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: psp-{{ include "prometheus-node-exporter.fullname" . }} - labels: - {{- include "prometheus-node-exporter.labels" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: psp-{{ include "prometheus-node-exporter.fullname" . }} -subjects: - - kind: ServiceAccount - name: {{ include "prometheus-node-exporter.fullname" . }} - namespace: {{ include "prometheus-node-exporter.namespace" . }} -{{- end }} diff --git a/old/prometheus-node-exporter/templates/psp.yaml b/old/prometheus-node-exporter/templates/psp.yaml deleted file mode 100644 index 4896c84..0000000 --- a/old/prometheus-node-exporter/templates/psp.yaml +++ /dev/null @@ -1,49 +0,0 @@ -{{- if and .Values.rbac.create .Values.rbac.pspEnabled (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }} -apiVersion: policy/v1beta1 -kind: PodSecurityPolicy -metadata: - name: {{ include "prometheus-node-exporter.fullname" . }} - namespace: {{ include "prometheus-node-exporter.namespace" . }} - labels: - {{- include "prometheus-node-exporter.labels" . | nindent 4 }} - {{- with .Values.rbac.pspAnnotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - privileged: false - # Allow core volume types. - volumes: - - 'configMap' - - 'emptyDir' - - 'projected' - - 'secret' - - 'downwardAPI' - - 'persistentVolumeClaim' - - 'hostPath' - hostNetwork: true - hostIPC: false - hostPID: true - hostPorts: - - min: 0 - max: 65535 - runAsUser: - # Permits the container to run with root privileges as well. - rule: 'RunAsAny' - seLinux: - # This policy assumes the nodes are using AppArmor rather than SELinux. - rule: 'RunAsAny' - supplementalGroups: - rule: 'MustRunAs' - ranges: - # Allow adding the root group. - - min: 0 - max: 65535 - fsGroup: - rule: 'MustRunAs' - ranges: - # Allow adding the root group. - - min: 0 - max: 65535 - readOnlyRootFilesystem: false -{{- end }} diff --git a/old/prometheus-node-exporter/templates/rbac-configmap.yaml b/old/prometheus-node-exporter/templates/rbac-configmap.yaml deleted file mode 100644 index 814e110..0000000 --- a/old/prometheus-node-exporter/templates/rbac-configmap.yaml +++ /dev/null @@ -1,16 +0,0 @@ -{{- if .Values.kubeRBACProxy.enabled}} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "prometheus-node-exporter.fullname" . }}-rbac-config - namespace: {{ include "prometheus-node-exporter.namespace" . }} -data: - config-file.yaml: |+ - authorization: - resourceAttributes: - namespace: {{ template "prometheus-node-exporter.namespace" . }} - apiVersion: v1 - resource: services - subresource: {{ template "prometheus-node-exporter.fullname" . }} - name: {{ template "prometheus-node-exporter.fullname" . }} -{{- end }} \ No newline at end of file diff --git a/old/prometheus-node-exporter/templates/service.yaml b/old/prometheus-node-exporter/templates/service.yaml deleted file mode 100644 index 9807c66..0000000 --- a/old/prometheus-node-exporter/templates/service.yaml +++ /dev/null @@ -1,41 +0,0 @@ -{{- if .Values.service.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "prometheus-node-exporter.fullname" . }} - namespace: {{ include "prometheus-node-exporter.namespace" . }} - labels: - {{- include "prometheus-node-exporter.labels" $ | nindent 4 }} - {{- with .Values.service.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} - {{- with .Values.service.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: -{{- if .Values.service.ipDualStack.enabled }} - ipFamilies: {{ toYaml .Values.service.ipDualStack.ipFamilies | nindent 4 }} - ipFamilyPolicy: {{ .Values.service.ipDualStack.ipFamilyPolicy }} -{{- end }} -{{- if .Values.service.externalTrafficPolicy }} - externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy }} -{{- end }} -{{- if .Values.service.internalTrafficPolicy }} - internalTrafficPolicy: {{ .Values.service.internalTrafficPolicy }} -{{- end }} - type: {{ .Values.service.type }} -{{- if and (eq .Values.service.type "ClusterIP") .Values.service.clusterIP }} - clusterIP: "{{ .Values.service.clusterIP }}" -{{- end }} - ports: - - port: {{ .Values.service.servicePort | default .Values.service.port }} - {{- if ( and (eq .Values.service.type "NodePort" ) (not (empty .Values.service.nodePort)) ) }} - nodePort: {{ .Values.service.nodePort }} - {{- end }} - targetPort: {{ .Values.service.targetPort }} - protocol: TCP - name: {{ .Values.service.portName }} - selector: - {{- include "prometheus-node-exporter.selectorLabels" . | nindent 4 }} -{{- end }} diff --git a/old/prometheus-node-exporter/templates/serviceaccount.yaml b/old/prometheus-node-exporter/templates/serviceaccount.yaml deleted file mode 100644 index 462b0cd..0000000 --- a/old/prometheus-node-exporter/templates/serviceaccount.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- if and .Values.rbac.create .Values.serviceAccount.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "prometheus-node-exporter.serviceAccountName" . }} - namespace: {{ include "prometheus-node-exporter.namespace" . }} - labels: - {{- include "prometheus-node-exporter.labels" . | nindent 4 }} - {{- with .Values.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }} -{{- if or .Values.serviceAccount.imagePullSecrets .Values.global.imagePullSecrets }} -imagePullSecrets: - {{- include "prometheus-node-exporter.imagePullSecrets" (dict "Values" .Values "imagePullSecrets" .Values.serviceAccount.imagePullSecrets) | indent 2 }} -{{- end }} -{{- end -}} diff --git a/old/prometheus-node-exporter/templates/servicemonitor.yaml b/old/prometheus-node-exporter/templates/servicemonitor.yaml deleted file mode 100644 index 96ec1af..0000000 --- a/old/prometheus-node-exporter/templates/servicemonitor.yaml +++ /dev/null @@ -1,65 +0,0 @@ -{{- if .Values.prometheus.monitor.enabled }} -apiVersion: {{ .Values.prometheus.monitor.apiVersion | default "monitoring.coreos.com/v1" }} -kind: ServiceMonitor -metadata: - name: {{ include "prometheus-node-exporter.fullname" . }} - namespace: {{ include "prometheus-node-exporter.monitor-namespace" . }} - labels: - {{- include "prometheus-node-exporter.labels" . | nindent 4 }} - {{- with .Values.prometheus.monitor.additionalLabels }} - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - jobLabel: {{ default "app.kubernetes.io/name" .Values.prometheus.monitor.jobLabel }} - {{- include "servicemonitor.scrapeLimits" .Values.prometheus.monitor | nindent 2 }} - {{- with .Values.prometheus.monitor.podTargetLabels }} - podTargetLabels: - {{- toYaml . | nindent 4 }} - {{- end }} - {{- with .Values.prometheus.monitor.targetLabels }} - targetLabels: - {{- toYaml . | nindent 4 }} - {{- end }} - selector: - matchLabels: - {{- with .Values.prometheus.monitor.selectorOverride }} - {{- toYaml . | nindent 6 }} - {{- else }} - {{- include "prometheus-node-exporter.selectorLabels" . | nindent 6 }} - {{- end }} - {{- with .Values.prometheus.monitor.attachMetadata }} - attachMetadata: - {{- toYaml . | nindent 4 }} - {{- end }} - endpoints: - - port: {{ .Values.service.portName }} - scheme: {{ .Values.prometheus.monitor.scheme }} - {{- with .Values.prometheus.monitor.basicAuth }} - basicAuth: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.prometheus.monitor.bearerTokenFile }} - bearerTokenFile: {{ . }} - {{- end }} - {{- with .Values.prometheus.monitor.tlsConfig }} - tlsConfig: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.prometheus.monitor.proxyUrl }} - proxyUrl: {{ . }} - {{- end }} - {{- with .Values.prometheus.monitor.interval }} - interval: {{ . }} - {{- end }} - {{- with .Values.prometheus.monitor.scrapeTimeout }} - scrapeTimeout: {{ . }} - {{- end }} - {{- with .Values.prometheus.monitor.relabelings }} - relabelings: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.prometheus.monitor.metricRelabelings }} - metricRelabelings: - {{- toYaml . | nindent 8 }} - {{- end }} -{{- end }} diff --git a/old/prometheus-node-exporter/templates/verticalpodautoscaler.yaml b/old/prometheus-node-exporter/templates/verticalpodautoscaler.yaml deleted file mode 100644 index 2c2705f..0000000 --- a/old/prometheus-node-exporter/templates/verticalpodautoscaler.yaml +++ /dev/null @@ -1,40 +0,0 @@ -{{- if and (.Capabilities.APIVersions.Has "autoscaling.k8s.io/v1") (.Values.verticalPodAutoscaler.enabled) }} -apiVersion: autoscaling.k8s.io/v1 -kind: VerticalPodAutoscaler -metadata: - name: {{ include "prometheus-node-exporter.fullname" . }} - namespace: {{ include "prometheus-node-exporter.namespace" . }} - labels: - {{- include "prometheus-node-exporter.labels" . | nindent 4 }} -spec: - {{- with .Values.verticalPodAutoscaler.recommenders }} - recommenders: - {{- toYaml . | nindent 4 }} - {{- end }} - resourcePolicy: - containerPolicies: - - containerName: node-exporter - {{- with .Values.verticalPodAutoscaler.controlledResources }} - controlledResources: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.verticalPodAutoscaler.controlledValues }} - controlledValues: {{ . }} - {{- end }} - {{- with .Values.verticalPodAutoscaler.maxAllowed }} - maxAllowed: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.verticalPodAutoscaler.minAllowed }} - minAllowed: - {{- toYaml . | nindent 8 }} - {{- end }} - targetRef: - apiVersion: apps/v1 - kind: DaemonSet - name: {{ include "prometheus-node-exporter.fullname" . }} - {{- with .Values.verticalPodAutoscaler.updatePolicy }} - updatePolicy: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end }} diff --git a/old/prometheus-node-exporter/values.yaml b/old/prometheus-node-exporter/values.yaml deleted file mode 100644 index 05c2d5c..0000000 --- a/old/prometheus-node-exporter/values.yaml +++ /dev/null @@ -1,620 +0,0 @@ -# Default values for prometheus-node-exporter. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. -image: - registry: quay.io - repository: prometheus/node-exporter - # Overrides the image tag whose default is {{ printf "v%s" .Chart.AppVersion }} - tag: "" - pullPolicy: IfNotPresent - digest: "" - -imagePullSecrets: [] -# - name: "image-pull-secret" -nameOverride: "" -fullnameOverride: "" - -# Number of old history to retain to allow rollback -# Default Kubernetes value is set to 10 -revisionHistoryLimit: 10 - -global: - # To help compatibility with other charts which use global.imagePullSecrets. - # Allow either an array of {name: pullSecret} maps (k8s-style), or an array of strings (more common helm-style). - # global: - # imagePullSecrets: - # - name: pullSecret1 - # - name: pullSecret2 - # or - # global: - # imagePullSecrets: - # - pullSecret1 - # - pullSecret2 - imagePullSecrets: [] - # - # Allow parent charts to override registry hostname - imageRegistry: "" - -# Configure kube-rbac-proxy. When enabled, creates a kube-rbac-proxy to protect the node-exporter http endpoint. -# The requests are served through the same service but requests are HTTPS. -kubeRBACProxy: - enabled: false - ## Set environment variables as name/value pairs - env: {} - # VARIABLE: value - image: - registry: quay.io - repository: brancz/kube-rbac-proxy - tag: v0.19.1 - sha: "" - pullPolicy: IfNotPresent - - # List of additional cli arguments to configure kube-rbac-proxy - # for example: --tls-cipher-suites, --log-file, etc. - # all the possible args can be found here: https://github.com/brancz/kube-rbac-proxy#usage - extraArgs: [] - - ## Specify security settings for a Container - ## Allows overrides and additional options compared to (Pod) securityContext - ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container - containerSecurityContext: {} - - # Specify the port used for the Node exporter container (upstream port) - port: 8100 - # Specify the name of the container port - portName: http - # Configure a hostPort. If true, hostPort will be enabled in the container and set to service.port. - enableHostPort: false - - # Configure Proxy Endpoints Port - # This is the port being probed for readiness - proxyEndpointsPort: 8888 - # Configure a hostPort. If true, hostPort will be enabled in the container and set to proxyEndpointsPort. - enableProxyEndpointsHostPort: false - - resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 64Mi - # requests: - # cpu: 10m - # memory: 32Mi - - ## Additional volume mounts in the kube-rbac-proxy container - ## See extraVolumes below - extraVolumeMounts: [] - # - name: extra-volume - # mountPath: /extra - # readOnly: true - - ## tls enables using TLS resources from a volume on secret referred to in tlsSecret below. - ## When enabling tlsClientAuth, client CA certificate must be set in tlsSecret.caItem. - ## Ref. https://github.com/brancz/kube-rbac-proxy/issues/187 - tls: - enabled: false - tlsClientAuth: false - -## tlsSecret refers to an existing secret holding TLS items: client CA certificate, private key and certificate. -## secretName and volumeName can be templated. -## If enabled, volume volumeName gets created on secret secretName. -## The volume's resources will be used by kube-rbac-proxy if kubeRBACProxy.tls.enabled is set. -tlsSecret: - enabled: false - ## Key with client CA certificate (optional) - caItem: "" - ## Key with certificate - certItem: tls.crt - ## Key with private key - keyItem: tls.key - ## Name of an existing secret - secretName: prometheus-node-exporter-tls - ## Name of the volume to be created - volumeName: prometheus-node-exporter-tls - -## Service configuration -service: - ## Creating a service is enabled by default - enabled: true - - ## Service type - type: ClusterIP - ## IP address for type ClusterIP - clusterIP: "" - ## Default service port. Sets the port of the exposed container as well (NE or kubeRBACProxy). - ## Use "servicePort" below if changing the service port only is desired. - port: 9100 - ## Service port. Use this field if you wish to set a different service port - ## without changing the container port ("port" above). - servicePort: "" - ## Targeted port in the pod. Must refer to an open container port ("port" or "portName"). - ## (IntOrString) - targetPort: 9100 - ## Name of the service port. Sets the port name of the main container (NE) as well. - portName: metrics - ## Port number for service type NodePort - nodePort: null - - ## If true, node exporter will listen on all interfaces - listenOnAllInterfaces: true - - ## Additional annotations and labels for the service - annotations: - prometheus.io/scrape: "true" - labels: {} - - ## Dual stack settings for the service - ## https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services - ipDualStack: - enabled: false - ipFamilies: ["IPv6", "IPv4"] - ipFamilyPolicy: "PreferDualStack" - - ## External/Internal traffic policy setting (Cluster, Local) - ## https://kubernetes.io/docs/reference/networking/virtual-ips/#traffic-policies - externalTrafficPolicy: "" - internalTrafficPolicy: "" - -# Set a NetworkPolicy with: -# ingress only on service.port or custom policy -# no egress permitted -networkPolicy: - enabled: false - - # ingress: - # - {} - -# Additional environment variables that will be passed to the daemonset -env: {} -## env: -## VARIABLE: value - -prometheus: - monitor: - enabled: false - additionalLabels: {} - namespace: "" - - jobLabel: "" - - # List of pod labels to add to node exporter metrics - # https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api-reference/api.md#servicemonitor - podTargetLabels: [] - - # List of target labels to add to node exporter metrics - # https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api-reference/api.md#servicemonitor - targetLabels: [] - - scheme: http - basicAuth: {} - bearerTokenFile: - tlsConfig: {} - - ## proxyUrl: URL of a proxy that should be used for scraping. - ## - proxyUrl: "" - - ## Override serviceMonitor selector - ## - selectorOverride: {} - - ## Attach node metadata to discovered targets. Requires Prometheus v2.35.0 and above. - ## - attachMetadata: - node: false - - relabelings: [] - metricRelabelings: [] - interval: "" - scrapeTimeout: 10s - ## prometheus.monitor.apiVersion ApiVersion for the serviceMonitor Resource(defaults to "monitoring.coreos.com/v1") - apiVersion: "" - - ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted. - ## - sampleLimit: 0 - - ## TargetLimit defines a limit on the number of scraped targets that will be accepted. - ## - targetLimit: 0 - - ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. - ## - labelLimit: 0 - - ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. - ## - labelNameLengthLimit: 0 - - ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. - ## - labelValueLengthLimit: 0 - - # PodMonitor defines monitoring for a set of pods. - # ref. https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api-reference/api.md#podmonitor - # Using a PodMonitor may be preferred in some environments where there is very large number - # of Node Exporter endpoints (1000+) behind a single service. - # The PodMonitor is disabled by default. When switching from ServiceMonitor to PodMonitor, - # the time series resulting from the configuration through PodMonitor may have different labels. - # For instance, there will not be the service label any longer which might - # affect PromQL queries selecting that label. - podMonitor: - enabled: false - # Namespace in which to deploy the pod monitor. Defaults to the release namespace. - namespace: "" - # Additional labels, e.g. setting a label for pod monitor selector as set in prometheus - additionalLabels: {} - # release: kube-prometheus-stack - # PodTargetLabels transfers labels of the Kubernetes Pod onto the target. - podTargetLabels: [] - # apiVersion defaults to monitoring.coreos.com/v1. - apiVersion: "" - # Override pod selector to select pod objects. - selectorOverride: {} - # Attach node metadata to discovered targets. Requires Prometheus v2.35.0 and above. - attachMetadata: - node: false - # The label to use to retrieve the job name from. Defaults to label app.kubernetes.io/name. - jobLabel: "" - - # Scheme/protocol to use for scraping. - scheme: "http" - # Path to scrape metrics at. - path: "/metrics" - - # BasicAuth allow an endpoint to authenticate over basic authentication. - # More info: https://prometheus.io/docs/operating/configuration/#endpoint - basicAuth: {} - # Secret to mount to read bearer token for scraping targets. - # The secret needs to be in the same namespace as the pod monitor and accessible by the Prometheus Operator. - # https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#secretkeyselector-v1-core - bearerTokenSecret: {} - # TLS configuration to use when scraping the endpoint. - tlsConfig: {} - # Authorization section for this endpoint. - # https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api-reference/api.md#safeauthorization - authorization: {} - # OAuth2 for the URL. Only valid in Prometheus versions 2.27.0 and newer. - # https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api-reference/api.md#oauth2 - oauth2: {} - - # ProxyURL eg http://proxyserver:2195. Directs scrapes through proxy to this endpoint. - proxyUrl: "" - # Interval at which endpoints should be scraped. If not specified Prometheus’ global scrape interval is used. - interval: "" - # Timeout after which the scrape is ended. If not specified, the Prometheus global scrape interval is used. - scrapeTimeout: "" - # HonorTimestamps controls whether Prometheus respects the timestamps present in scraped data. - honorTimestamps: true - # HonorLabels chooses the metric’s labels on collisions with target labels. - honorLabels: true - # Whether to enable HTTP2. Default false. - enableHttp2: "" - # Drop pods that are not running. (Failed, Succeeded). - # Enabled by default. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase - filterRunning: "" - # FollowRedirects configures whether scrape requests follow HTTP 3xx redirects. Default false. - followRedirects: "" - # Optional HTTP URL parameters - params: {} - - # RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds - # relabelings for a few standard Kubernetes fields. The original scrape job’s name - # is available via the __tmp_prometheus_job_name label. - # More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config - relabelings: [] - # MetricRelabelConfigs to apply to samples before ingestion. - metricRelabelings: [] - - # SampleLimit defines per-scrape limit on number of scraped samples that will be accepted. - sampleLimit: 0 - # TargetLimit defines a limit on the number of scraped targets that will be accepted. - targetLimit: 0 - # Per-scrape limit on number of labels that will be accepted for a sample. - # Only valid in Prometheus versions 2.27.0 and newer. - labelLimit: 0 - # Per-scrape limit on length of labels name that will be accepted for a sample. - # Only valid in Prometheus versions 2.27.0 and newer. - labelNameLengthLimit: 0 - # Per-scrape limit on length of labels value that will be accepted for a sample. - # Only valid in Prometheus versions 2.27.0 and newer. - labelValueLengthLimit: 0 - -## Customize the updateStrategy if set -updateStrategy: - type: RollingUpdate - rollingUpdate: - maxUnavailable: 1 - -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 200m - # memory: 50Mi - # requests: - # cpu: 100m - # memory: 30Mi - -# Specify the container restart policy passed to the Node Export container -# Possible Values: Always (default)|OnFailure|Never -restartPolicy: null - -serviceAccount: - # Specifies whether a ServiceAccount should be created - create: true - # The name of the ServiceAccount to use. - # If not set and create is true, a name is generated using the fullname template - name: - annotations: {} - imagePullSecrets: [] - automountServiceAccountToken: false - -securityContext: - fsGroup: 65534 - runAsGroup: 65534 - runAsNonRoot: true - runAsUser: 65534 - -containerSecurityContext: - readOnlyRootFilesystem: true - # capabilities: - # add: - # - SYS_TIME - -rbac: - ## If true, create & use RBAC resources - ## - create: true - ## If true, create & use Pod Security Policy resources - ## https://kubernetes.io/docs/concepts/policy/pod-security-policy/ - pspEnabled: true - pspAnnotations: {} - -# for deployments that have node_exporter deployed outside of the cluster, list -# their addresses here -endpoints: [] - -# Expose the service to the host network -hostNetwork: true - -# Share the host process ID namespace -hostPID: true - -# Share the host ipc namespace -hostIPC: false - -# Mount the node's root file system (/) at /host/root in the container -hostRootFsMount: - enabled: true - # Defines how new mounts in existing mounts on the node or in the container - # are propagated to the container or node, respectively. Possible values are - # None, HostToContainer, and Bidirectional. If this field is omitted, then - # None is used. More information on: - # https://kubernetes.io/docs/concepts/storage/volumes/#mount-propagation - mountPropagation: HostToContainer - -# Mount the node's proc file system (/proc) at /host/proc in the container -hostProcFsMount: - # Possible values are None, HostToContainer, and Bidirectional - mountPropagation: "" - -# Mount the node's sys file system (/sys) at /host/sys in the container -hostSysFsMount: - # Possible values are None, HostToContainer, and Bidirectional - mountPropagation: "" - -## Assign a group of affinity scheduling rules -## The default nodeAffinity excludes Fargate nodes and virtual kubelets from scheduling -## unless overriden by hard node affinity set in the field. -affinity: {} -# nodeAffinity: -# requiredDuringSchedulingIgnoredDuringExecution: -# nodeSelectorTerms: -# - matchFields: -# - key: metadata.name -# operator: In -# values: -# - target-host-name - -# Annotations to be added to node exporter pods -podAnnotations: - # Fix for very slow GKE cluster upgrades - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - -# Extra labels to add to node exporter pods (can be templated) -podLabels: {} - -## Extra labels to attach to all resources (can be templated) -commonLabels: {} - -# Annotations to be added to node exporter daemonset -daemonsetAnnotations: {} - -## set to true to add the release label so scraping of the servicemonitor with kube-prometheus-stack works out of the box -releaseLabel: false - -# Custom DNS configuration to be added to prometheus-node-exporter pods -dnsConfig: {} -# nameservers: -# - 1.2.3.4 -# searches: -# - ns1.svc.cluster-domain.example -# - my.dns.search.suffix -# options: -# - name: ndots -# value: "2" -# - name: edns0 - -## Assign a nodeSelector if operating a hybrid cluster -## -nodeSelector: - kubernetes.io/os: linux - # kubernetes.io/arch: amd64 - -# Specify grace period for graceful termination of pods. Defaults to 30 if null or not specified -terminationGracePeriodSeconds: null - -tolerations: - - effect: NoSchedule - operator: Exists - -# Enable or disable container termination message settings -# https://kubernetes.io/docs/tasks/debug/debug-application/determine-reason-pod-failure/ -terminationMessageParams: - enabled: false - # If enabled, specify the path for termination messages - terminationMessagePath: /dev/termination-log - # If enabled, specify the policy for termination messages - terminationMessagePolicy: File - - -## Assign a PriorityClassName to pods if set -# priorityClassName: "" - -## Additional container arguments -## -extraArgs: [] -# - --collector.diskstats.ignored-devices=^(ram|loop|fd|(h|s|v)d[a-z]|nvme\\d+n\\d+p)\\d+$ -# - --collector.textfile.directory=/run/prometheus - -## Additional mounts from the host to node-exporter container -## -extraHostVolumeMounts: [] -# - name: -# hostPath: -# https://kubernetes.io/docs/concepts/storage/volumes/#hostpath-volume-types -# type: "" (Default)|DirectoryOrCreate|Directory|FileOrCreate|File|Socket|CharDevice|BlockDevice -# mountPath: -# readOnly: true|false -# mountPropagation: None|HostToContainer|Bidirectional - -## Additional configmaps to be mounted. -## -configmaps: [] -# - name: -# mountPath: - -secrets: [] -# - name: -# mountPath: - -## Override the deployment namespace -## -namespaceOverride: "" - -## Additional containers for export metrics to text file; fields image,imagePullPolicy,securityContext take default value from main container -## -sidecars: [] -# - name: nvidia-dcgm-exporter -# image: nvidia/dcgm-exporter:1.4.3 -# volumeMounts: -# - name: tmp -# mountPath: /tmp - -## Volume for sidecar containers -## -sidecarVolumeMount: [] -# - name: collector-textfiles -# mountPath: /run/prometheus -# readOnly: false - -## Additional mounts from the host to sidecar containers -## -sidecarHostVolumeMounts: [] -# - name: -# hostPath: -# mountPath: -# readOnly: true|false -# mountPropagation: None|HostToContainer|Bidirectional - -## Additional InitContainers to initialize the pod -## -extraInitContainers: [] - -## Liveness probe -## -livenessProbe: - failureThreshold: 3 - httpGet: - httpHeaders: [] - scheme: http - initialDelaySeconds: 0 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - -## Readiness probe -## -readinessProbe: - failureThreshold: 3 - httpGet: - httpHeaders: [] - scheme: http - initialDelaySeconds: 0 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - -# Enable vertical pod autoscaler support for prometheus-node-exporter -verticalPodAutoscaler: - enabled: false - - # Recommender responsible for generating recommendation for the object. - # List should be empty (then the default recommender will generate the recommendation) - # or contain exactly one recommender. - # recommenders: - # - name: custom-recommender-performance - - # List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory - controlledResources: [] - # Specifies which resource values should be controlled: RequestsOnly or RequestsAndLimits. - # controlledValues: RequestsAndLimits - - # Define the max allowed resources for the pod - maxAllowed: {} - # cpu: 200m - # memory: 100Mi - # Define the min allowed resources for the pod - minAllowed: {} - # cpu: 200m - # memory: 100Mi - - # updatePolicy: - # Specifies minimal number of replicas which need to be alive for VPA Updater to attempt pod eviction - # minReplicas: 1 - # Specifies whether recommended updates are applied when a Pod is started and whether recommended updates - # are applied during the life of a Pod. Possible values are "Off", "Initial", "Recreate", and "Auto". - # updateMode: Auto - -# Extra manifests to deploy as an array -extraManifests: [] - # - | - # apiVersion: v1 - # kind: ConfigMap - # metadata: - # name: prometheus-extra - # data: - # extra-data: "value" - -## Extra volumes to become available in the pod -extraVolumes: [] - # - name: extra-volume - # secret: - # defaultMode: 420 - # optional: false - # secretName: node-exporter-secret - -## Extra volume mounts in the node-exporter container -extraVolumeMounts: [] - # - name: extra-volume - # mountPath: /extra - # readOnly: true - -# Override version of app, required if image.tag is defined and does not follow semver -version: ""