124 lines
3.4 KiB
YAML
124 lines
3.4 KiB
YAML
namespaceOverride: monitoring
|
||
|
||
prometheus:
|
||
prometheusSpec:
|
||
serviceMonitorSelectorNilUsesHelmValues: false
|
||
podMonitorSelectorNilUsesHelmValues: false
|
||
retention: 10d
|
||
resources:
|
||
requests:
|
||
memory: 400Mi
|
||
cpu: 200m
|
||
storageSpec:
|
||
volumeClaimTemplate:
|
||
spec:
|
||
accessModes: ["ReadWriteOnce"]
|
||
storageClassName: nfs-client
|
||
resources:
|
||
requests:
|
||
storage: 50Gi
|
||
additionalScrapeConfigsSecret:
|
||
enabled: true
|
||
name: prometheus-additional-scrape-configs
|
||
key: additional-scrape-configs.yaml
|
||
# מבטיח שה-ServiceMonitor של פרומתאוס לא יוצר null
|
||
serviceMonitor:
|
||
metricRelabelings: []
|
||
|
||
grafana:
|
||
persistence:
|
||
enabled: true
|
||
storageClassName: nfs-client
|
||
accessModes: ["ReadWriteOnce"]
|
||
size: 2Gi
|
||
|
||
ingress:
|
||
enabled: true
|
||
hosts:
|
||
- grafana.dvirlabs.com
|
||
annotations:
|
||
cert-manager.io/cluster-issuer: letsencrypt
|
||
tls:
|
||
- hosts:
|
||
- grafana.dvirlabs.com
|
||
secretName: tls-grafana
|
||
|
||
envFromSecret: grafana-oidc-secret
|
||
|
||
grafana.ini:
|
||
server:
|
||
root_url: https://grafana.dvirlabs.com
|
||
auth:
|
||
disable_login_form: true
|
||
disable_signout_menu: false
|
||
auth.generic_oauth:
|
||
enabled: true
|
||
name: Keycloak
|
||
allow_sign_up: true
|
||
client_id: grafana
|
||
client_secret: ${client_secret}
|
||
scopes: openid profile email
|
||
auth_url: https://keycloak.dvirlabs.com/realms/lab/protocol/openid-connect/auth
|
||
token_url: https://keycloak.dvirlabs.com/realms/lab/protocol/openid-connect/token
|
||
api_url: https://keycloak.dvirlabs.com/realms/lab/protocol/openid-connect/userinfo
|
||
role_attribute_path: contains(groups[*], 'grafana-admins') && 'Admin' || 'Viewer'
|
||
allow_assign_grafana_admin: true
|
||
|
||
# מבטיח שה-ServiceMonitor של גרפנה לא ייצור null
|
||
serviceMonitor:
|
||
enabled: true
|
||
metricRelabelings: []
|
||
|
||
alertmanager:
|
||
# ServiceMonitor של אלרטמאנגר
|
||
serviceMonitor:
|
||
metricRelabelings: []
|
||
|
||
prometheusOperator:
|
||
# ServiceMonitor של האופרייטור (rancher-monitoring-*-operator)
|
||
serviceMonitor:
|
||
metricRelabelings: []
|
||
|
||
prometheus-node-exporter:
|
||
# ServiceMonitor של הנוד אקספורטר
|
||
serviceMonitor:
|
||
metricRelabelings: []
|
||
|
||
# CoreDNS עשוי להיקרא chart-wise kubeDns או coreDns—מרפדים את שניהם.
|
||
kubeDns:
|
||
serviceMonitor:
|
||
metricRelabelings: []
|
||
coreDns:
|
||
serviceMonitor:
|
||
metricRelabelings: []
|
||
|
||
# רכיבי קוברנטיס נוספים (אם פעילים אצלך—לא מזיק להגדיר [])
|
||
kubeControllerManager:
|
||
serviceMonitor:
|
||
metricRelabelings: []
|
||
kubeScheduler:
|
||
serviceMonitor:
|
||
metricRelabelings: []
|
||
kubeEtcd:
|
||
serviceMonitor:
|
||
metricRelabelings: []
|
||
kubeProxy:
|
||
serviceMonitor:
|
||
metricRelabelings: []
|
||
|
||
# בקרי Rancher אופייניים (Fleet/GitOps) — שמות עשויים להשתנות בין גרסאות;
|
||
# הערכים כאן בטוחים: אם התבניות מתייחסות אליהם, יילקחו [], ואם לא—ייבלעו.
|
||
fleetController:
|
||
serviceMonitor:
|
||
enabled: true
|
||
metricRelabelings: []
|
||
gitopsController:
|
||
serviceMonitor:
|
||
enabled: true
|
||
metricRelabelings: []
|
||
|
||
# לעיתים ה-chart מכיל ServiceMonitors נוספים; ערך גלובלי נפוץ
|
||
# שחלק מהתבניות קוראות ממנו:
|
||
serviceMonitor:
|
||
metricRelabelings: []
|