fix: vendor observability charts
This commit is contained in:
@@ -0,0 +1,15 @@
|
||||
***********************************************************************
|
||||
Welcome to Grafana Promtail
|
||||
Chart version: {{ .Chart.Version }}
|
||||
Promtail version: {{ .Values.image.tag | default .Chart.AppVersion }}
|
||||
***********************************************************************
|
||||
|
||||
Verify the application is working by running these commands:
|
||||
|
||||
{{- if .Values.daemonset.enabled }}
|
||||
* kubectl --namespace {{ .Release.Namespace }} port-forward daemonset/{{ include "promtail.fullname" . }} {{ .Values.config.serverPort }}
|
||||
{{- end }}
|
||||
{{- if .Values.deployment.enabled }}
|
||||
* kubectl --namespace {{ .Release.Namespace }} port-forward deployment/{{ include "promtail.fullname" . }} {{ .Values.config.serverPort }}
|
||||
{{- end }}
|
||||
* curl http://127.0.0.1:{{ .Values.config.serverPort }}/metrics
|
||||
@@ -0,0 +1,116 @@
|
||||
{{/*
|
||||
Expand the name of the chart.
|
||||
*/}}
|
||||
{{- define "promtail.name" -}}
|
||||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
If release name contains chart name it will be used as a full name.
|
||||
*/}}
|
||||
{{- define "promtail.fullname" -}}
|
||||
{{- if .Values.fullnameOverride }}
|
||||
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
|
||||
{{- else }}
|
||||
{{- $name := default .Chart.Name .Values.nameOverride }}
|
||||
{{- if contains $name .Release.Name }}
|
||||
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
|
||||
{{- else }}
|
||||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create chart name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "promtail.chart" -}}
|
||||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Common labels
|
||||
*/}}
|
||||
{{- define "promtail.labels" -}}
|
||||
helm.sh/chart: {{ include "promtail.chart" . }}
|
||||
{{ include "promtail.selectorLabels" . }}
|
||||
{{- if or .Chart.AppVersion .Values.image.tag }}
|
||||
app.kubernetes.io/version: {{ mustRegexReplaceAllLiteral "@sha.*" .Values.image.tag "" | default .Chart.AppVersion | quote }}
|
||||
{{- end }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Selector labels
|
||||
*/}}
|
||||
{{- define "promtail.selectorLabels" -}}
|
||||
app.kubernetes.io/name: {{ include "promtail.name" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create the name of the namespace
|
||||
*/}}
|
||||
{{- define "promtail.namespaceName" -}}
|
||||
{{- default .Release.Namespace .Values.namespace }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create the name of the service account
|
||||
*/}}
|
||||
{{- define "promtail.serviceAccountName" -}}
|
||||
{{- if .Values.serviceAccount.create }}
|
||||
{{- default (include "promtail.fullname" .) .Values.serviceAccount.name }}
|
||||
{{- else }}
|
||||
{{- default "default" .Values.serviceAccount.name }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Configure enableServiceLinks in pod
|
||||
*/}}
|
||||
{{- define "promtail.enableServiceLinks" -}}
|
||||
{{- if semverCompare ">=1.13-0" .Capabilities.KubeVersion.GitVersion }}
|
||||
{{- if or (.Values.enableServiceLinks) (eq (.Values.enableServiceLinks | toString) "<nil>") }}
|
||||
{{- printf "enableServiceLinks: true" }}
|
||||
{{- else }}
|
||||
{{- printf "enableServiceLinks: false" }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Return the appropriate apiVersion for ingress.
|
||||
*/}}
|
||||
{{- define "promtail.ingress.apiVersion" -}}
|
||||
{{- if and ($.Capabilities.APIVersions.Has "networking.k8s.io/v1") (semverCompare ">= 1.19-0" .Capabilities.KubeVersion.Version) }}
|
||||
{{- print "networking.k8s.io/v1" }}
|
||||
{{- else if $.Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }}
|
||||
{{- print "networking.k8s.io/v1beta1" }}
|
||||
{{- else }}
|
||||
{{- print "extensions/v1beta1" }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Return if ingress is stable.
|
||||
*/}}
|
||||
{{- define "promtail.ingress.isStable" -}}
|
||||
{{- eq (include "promtail.ingress.apiVersion" .) "networking.k8s.io/v1" }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Return if ingress supports ingressClassName.
|
||||
*/}}
|
||||
{{- define "promtail.ingress.supportsIngressClassName" -}}
|
||||
{{- or (eq (include "promtail.ingress.isStable" .) "true") (and (eq (include "promtail.ingress.apiVersion" .) "networking.k8s.io/v1beta1") (semverCompare ">= 1.18-0" .Capabilities.KubeVersion.Version)) }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Return if ingress supports pathType.
|
||||
*/}}
|
||||
{{- define "promtail.ingress.supportsPathType" -}}
|
||||
{{- or (eq (include "promtail.ingress.isStable" .) "true") (and (eq (include "promtail.ingress.apiVersion" .) "networking.k8s.io/v1beta1") (semverCompare ">= 1.18-0" .Capabilities.KubeVersion.Version)) }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,172 @@
|
||||
{{/*
|
||||
Pod template used in Daemonset and Deployment
|
||||
*/}}
|
||||
{{- define "promtail.podTemplate" -}}
|
||||
metadata:
|
||||
labels:
|
||||
{{- include "promtail.selectorLabels" . | nindent 4 }}
|
||||
{{- with .Values.podLabels }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
annotations:
|
||||
{{- if not .Values.sidecar.configReloader.enabled }}
|
||||
checksum/config: {{ tpl .Values.config.file . | sha256sum }}
|
||||
{{- end }}
|
||||
{{- with .Values.podAnnotations }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
serviceAccountName: {{ include "promtail.serviceAccountName" . }}
|
||||
automountServiceAccountToken: {{ .Values.automountServiceAccountToken }}
|
||||
{{- include "promtail.enableServiceLinks" . | nindent 2 }}
|
||||
{{- with .Values.hostNetwork }}
|
||||
hostNetwork: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .Values.priorityClassName }}
|
||||
priorityClassName: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .Values.initContainer }}
|
||||
initContainers:
|
||||
{{- tpl (toYaml .) $ | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- with .Values.global.imagePullSecrets | default .Values.imagePullSecrets }}
|
||||
imagePullSecrets:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- with .Values.hostAliases }}
|
||||
hostAliases:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
securityContext:
|
||||
{{- toYaml .Values.podSecurityContext | nindent 4 }}
|
||||
containers:
|
||||
- name: promtail
|
||||
image: "{{ .Values.global.imageRegistry | default .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
|
||||
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
||||
args:
|
||||
- "-config.file=/etc/promtail/promtail.yaml"
|
||||
{{- if .Values.sidecar.configReloader.enabled }}
|
||||
- "-server.enable-runtime-reload"
|
||||
{{- end }}
|
||||
{{- with .Values.extraArgs }}
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
volumeMounts:
|
||||
- name: config
|
||||
mountPath: /etc/promtail
|
||||
{{- with .Values.defaultVolumeMounts }}
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.extraVolumeMounts }}
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
env:
|
||||
- name: HOSTNAME
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: spec.nodeName
|
||||
{{- with .Values.extraEnv }}
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.extraEnvFrom }}
|
||||
envFrom:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
ports:
|
||||
- name: http-metrics
|
||||
containerPort: {{ .Values.config.serverPort }}
|
||||
protocol: TCP
|
||||
{{- range $key, $values := .Values.extraPorts }}
|
||||
- name: {{ .name | default $key }}
|
||||
containerPort: {{ $values.containerPort }}
|
||||
protocol: {{ $values.protocol | default "TCP" }}
|
||||
{{- end }}
|
||||
securityContext:
|
||||
{{- toYaml .Values.containerSecurityContext | nindent 8 }}
|
||||
{{- with .Values.livenessProbe }}
|
||||
livenessProbe:
|
||||
{{- tpl (toYaml .) $ | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.readinessProbe }}
|
||||
readinessProbe:
|
||||
{{- tpl (toYaml .) $ | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.resources }}
|
||||
resources:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.sidecar.configReloader.enabled }}
|
||||
- name: config-reloader
|
||||
image: "{{ .Values.sidecar.configReloader.image.registry }}/{{ .Values.sidecar.configReloader.image.repository }}:{{ .Values.sidecar.configReloader.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.sidecar.configReloader.image.pullPolicy }}
|
||||
args:
|
||||
- '-web.listen-address=:{{ .Values.sidecar.configReloader.config.serverPort }}'
|
||||
- '-volume-dir=/etc/promtail/'
|
||||
- '-webhook-method=GET'
|
||||
- '-webhook-url=http://127.0.0.1:{{ .Values.config.serverPort }}/reload'
|
||||
{{- range .Values.sidecar.configReloader.extraArgs }}
|
||||
- {{ . }}
|
||||
{{- end }}
|
||||
ports:
|
||||
- name: reloader
|
||||
containerPort: {{ .Values.sidecar.configReloader.config.serverPort }}
|
||||
protocol: TCP
|
||||
{{- with .Values.sidecar.configReloader.extraEnv }}
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.sidecar.configReloader.extraEnvFrom }}
|
||||
envFrom:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
securityContext:
|
||||
{{- toYaml .Values.sidecar.configReloader.containerSecurityContext | nindent 8 }}
|
||||
{{- with .Values.sidecar.configReloader.livenessProbe }}
|
||||
livenessProbe:
|
||||
{{- tpl (toYaml .) $ | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.sidecar.configReloader.readinessProbe }}
|
||||
readinessProbe:
|
||||
{{- tpl (toYaml .) $ | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.sidecar.configReloader.resources }}
|
||||
resources:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
volumeMounts:
|
||||
- name: config
|
||||
mountPath: /etc/promtail
|
||||
{{- end }}
|
||||
{{- if .Values.extraContainers }}
|
||||
{{- range $name, $values := .Values.extraContainers }}
|
||||
- name: {{ $name }}
|
||||
{{ toYaml $values | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- with .Values.affinity }}
|
||||
affinity:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- with .Values.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- with .Values.tolerations }}
|
||||
tolerations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
volumes:
|
||||
- name: config
|
||||
{{- if .Values.configmap.enabled }}
|
||||
configMap:
|
||||
name: {{ include "promtail.fullname" . }}
|
||||
{{- else }}
|
||||
secret:
|
||||
secretName: {{ include "promtail.fullname" . }}
|
||||
{{- end }}
|
||||
{{- with .Values.defaultVolumes }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- with .Values.extraVolumes }}
|
||||
{{- tpl (toYaml .) $ | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,21 @@
|
||||
{{- if .Values.rbac.create }}
|
||||
kind: ClusterRole
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: {{ include "promtail.fullname" . }}
|
||||
labels:
|
||||
{{- include "promtail.labels" . | nindent 4 }}
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- nodes
|
||||
- nodes/proxy
|
||||
- services
|
||||
- endpoints
|
||||
- pods
|
||||
verbs:
|
||||
- get
|
||||
- watch
|
||||
- list
|
||||
{{- end }}
|
||||
@@ -0,0 +1,16 @@
|
||||
{{- if .Values.rbac.create }}
|
||||
kind: ClusterRoleBinding
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: {{ include "promtail.fullname" . }}
|
||||
labels:
|
||||
{{- include "promtail.labels" . | nindent 4 }}
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ include "promtail.serviceAccountName" . }}
|
||||
namespace: {{ include "promtail.namespaceName" . }}
|
||||
roleRef:
|
||||
kind: ClusterRole
|
||||
name: {{ include "promtail.fullname" . }}
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
{{- end }}
|
||||
@@ -0,0 +1,12 @@
|
||||
{{- if and .Values.config.enabled .Values.configmap.enabled }}
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ include "promtail.fullname" . }}
|
||||
namespace: {{ include "promtail.namespaceName" . }}
|
||||
labels:
|
||||
{{- include "promtail.labels" . | nindent 4 }}
|
||||
data:
|
||||
promtail.yaml: |
|
||||
{{- tpl .Values.config.file . | nindent 4 }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,24 @@
|
||||
{{- if .Values.daemonset.enabled }}
|
||||
apiVersion: apps/v1
|
||||
kind: DaemonSet
|
||||
metadata:
|
||||
name: {{ include "promtail.fullname" . }}
|
||||
namespace: {{ include "promtail.namespaceName" . }}
|
||||
labels:
|
||||
{{- include "promtail.labels" . | nindent 4 }}
|
||||
{{- with .Values.annotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- if .Values.revisionHistoryLimit }}
|
||||
revisionHistoryLimit: {{ .Values.revisionHistoryLimit }}
|
||||
{{- end }}
|
||||
selector:
|
||||
matchLabels:
|
||||
{{- include "promtail.selectorLabels" . | nindent 6 }}
|
||||
updateStrategy:
|
||||
{{- toYaml .Values.updateStrategy | nindent 4 }}
|
||||
template:
|
||||
{{- include "promtail.podTemplate" . | nindent 4 }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,29 @@
|
||||
{{- if .Values.deployment.enabled }}
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ include "promtail.fullname" . }}
|
||||
namespace: {{ include "promtail.namespaceName" . }}
|
||||
labels:
|
||||
{{- include "promtail.labels" . | nindent 4 }}
|
||||
{{- with .Values.annotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- if not .Values.deployment.autoscaling.enabled }}
|
||||
replicas: {{ .Values.deployment.replicaCount }}
|
||||
{{- end }}
|
||||
{{- if .Values.revisionHistoryLimit }}
|
||||
revisionHistoryLimit: {{ .Values.revisionHistoryLimit }}
|
||||
{{- end }}
|
||||
{{- with .Values.deployment.strategy }}
|
||||
strategy:
|
||||
{{- toYaml . | trim | nindent 4 }}
|
||||
{{- end }}
|
||||
selector:
|
||||
matchLabels:
|
||||
{{- include "promtail.selectorLabels" . | nindent 6 }}
|
||||
template:
|
||||
{{- include "promtail.podTemplate" . | nindent 4 }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,4 @@
|
||||
{{ range .Values.extraObjects }}
|
||||
---
|
||||
{{ tpl (toYaml .) $ }}
|
||||
{{ end }}
|
||||
@@ -0,0 +1,43 @@
|
||||
{{- if and .Values.deployment.enabled .Values.deployment.autoscaling.enabled }}
|
||||
apiVersion: {{ if or (.Capabilities.APIVersions.Has "autoscaling/v2/HorizontalPodAutoscaler") (semverCompare ">=1.23" .Capabilities.KubeVersion.Version) -}}
|
||||
autoscaling/v2
|
||||
{{- else -}}
|
||||
autoscaling/v2beta2
|
||||
{{- end }}
|
||||
kind: HorizontalPodAutoscaler
|
||||
metadata:
|
||||
name: {{ include "promtail.fullname" . }}
|
||||
namespace: {{ include "promtail.namespaceName" . }}
|
||||
labels:
|
||||
{{- include "promtail.labels" . | nindent 4 }}
|
||||
spec:
|
||||
scaleTargetRef:
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
name: {{ include "promtail.fullname" . }}
|
||||
{{- with .Values.deployment.autoscaling }}
|
||||
minReplicas: {{ .minReplicas }}
|
||||
maxReplicas: {{ .maxReplicas }}
|
||||
metrics:
|
||||
{{- with .targetCPUUtilizationPercentage }}
|
||||
- type: Resource
|
||||
resource:
|
||||
name: cpu
|
||||
target:
|
||||
type: Utilization
|
||||
averageUtilization: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .targetMemoryUtilizationPercentage }}
|
||||
- type: Resource
|
||||
resource:
|
||||
name: memory
|
||||
target:
|
||||
type: Utilization
|
||||
averageUtilization: {{ . }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- with .Values.deployment.autoscaling.behavior }}
|
||||
behavior:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,62 @@
|
||||
{{ range $key, $values := .Values.extraPorts }}
|
||||
{{ if .ingress }}
|
||||
{{ $ingressApiIsStable := eq (include "promtail.ingress.isStable" $ ) "true" }}
|
||||
{{ $ingressSupportsIngressClassName := eq (include "promtail.ingress.supportsIngressClassName" $ ) "true" }}
|
||||
{{ $ingressSupportsPathType := eq (include "promtail.ingress.supportsPathType" $ ) "true" }}
|
||||
---
|
||||
apiVersion: {{ include "promtail.ingress.apiVersion" $ }}
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: {{ include "promtail.fullname" $ }}-{{ $key | lower }}
|
||||
labels:
|
||||
{{- include "promtail.labels" $ | nindent 4 }}
|
||||
{{- with .ingress.annotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- if and $ingressSupportsIngressClassName .ingress.ingressClassName }}
|
||||
ingressClassName: {{ .ingress.ingressClassName }}
|
||||
{{- end -}}
|
||||
{{- if .ingress.tls }}
|
||||
tls:
|
||||
{{- range .ingress.tls }}
|
||||
- hosts:
|
||||
{{- range .hosts }}
|
||||
- {{ . | quote }}
|
||||
{{- end }}
|
||||
{{- with .secretName }}
|
||||
secretName: {{ . }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
rules:
|
||||
{{- range .ingress.hosts }}
|
||||
- host: {{ . | quote }}
|
||||
http:
|
||||
paths:
|
||||
- path: {{ $values.ingress.path | default "/" }}
|
||||
{{- if $ingressSupportsPathType }}
|
||||
pathType: Prefix
|
||||
{{- end }}
|
||||
backend:
|
||||
{{- if $ingressApiIsStable }}
|
||||
service:
|
||||
name: {{ include "promtail.fullname" $ }}-{{ $key | lower }}
|
||||
port:
|
||||
{{- if $values.service }}
|
||||
number: {{ $values.service.port }}
|
||||
{{ else }}
|
||||
number: {{ $values.containerPort }}
|
||||
{{ end }}
|
||||
{{- else }}
|
||||
serviceName: {{ include "promtail.fullname" $ }}-{{ $key | lower }}
|
||||
{{- if $values.service }}
|
||||
servicePort: {{ $values.service.port }}
|
||||
{{ else }}
|
||||
number: {{ $values.containerPort }}
|
||||
{{ end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,123 @@
|
||||
{{- if .Values.networkPolicy.enabled }}
|
||||
---
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: NetworkPolicy
|
||||
metadata:
|
||||
name: {{ template "promtail.name" . }}-namespace-only
|
||||
namespace: {{ include "promtail.namespaceName" . }}
|
||||
labels:
|
||||
{{- include "promtail.labels" . | nindent 4 }}
|
||||
spec:
|
||||
podSelector: {}
|
||||
policyTypes:
|
||||
- Ingress
|
||||
- Egress
|
||||
egress:
|
||||
- to:
|
||||
- podSelector: {}
|
||||
ingress:
|
||||
- from:
|
||||
- podSelector: {}
|
||||
---
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: NetworkPolicy
|
||||
metadata:
|
||||
name: {{ template "promtail.name" . }}-egress-dns
|
||||
namespace: {{ include "promtail.namespaceName" . }}
|
||||
labels:
|
||||
{{- include "promtail.labels" . | nindent 4 }}
|
||||
spec:
|
||||
podSelector:
|
||||
matchLabels:
|
||||
{{- include "promtail.selectorLabels" . | nindent 6 }}
|
||||
policyTypes:
|
||||
- Egress
|
||||
egress:
|
||||
- ports:
|
||||
- port: 53
|
||||
protocol: UDP
|
||||
to:
|
||||
- namespaceSelector: {}
|
||||
---
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: NetworkPolicy
|
||||
metadata:
|
||||
name: {{ template "promtail.name" . }}-egress-k8s-api
|
||||
namespace: {{ include "promtail.namespaceName" . }}
|
||||
labels:
|
||||
{{- include "promtail.labels" . | nindent 4 }}
|
||||
spec:
|
||||
podSelector:
|
||||
matchLabels:
|
||||
{{- include "promtail.selectorLabels" . | nindent 6 }}
|
||||
policyTypes:
|
||||
- Egress
|
||||
egress:
|
||||
- ports:
|
||||
- port: {{ .Values.networkPolicy.k8sApi.port }}
|
||||
protocol: TCP
|
||||
{{- if len .Values.networkPolicy.k8sApi.cidrs }}
|
||||
to:
|
||||
{{- range $cidr := .Values.networkPolicy.k8sApi.cidrs }}
|
||||
- ipBlock:
|
||||
cidr: {{ $cidr }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
---
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: NetworkPolicy
|
||||
metadata:
|
||||
name: {{ template "promtail.name" . }}-ingress-metrics
|
||||
namespace: {{ include "promtail.namespaceName" . }}
|
||||
labels:
|
||||
{{- include "promtail.labels" . | nindent 4 }}
|
||||
spec:
|
||||
podSelector:
|
||||
matchLabels:
|
||||
{{- include "promtail.selectorLabels" . | nindent 6 }}
|
||||
policyTypes:
|
||||
- Ingress
|
||||
ingress:
|
||||
- ports:
|
||||
- port: http-metrics
|
||||
protocol: TCP
|
||||
{{- if len .Values.networkPolicy.metrics.cidrs }}
|
||||
from:
|
||||
{{- range $cidr := .Values.networkPolicy.metrics.cidrs }}
|
||||
- ipBlock:
|
||||
cidr: {{ $cidr }}
|
||||
{{- end }}
|
||||
{{- if .Values.networkPolicy.metrics.namespaceSelector }}
|
||||
- namespaceSelector:
|
||||
{{- toYaml .Values.networkPolicy.metrics.namespaceSelector | nindent 12 }}
|
||||
{{- if .Values.networkPolicy.metrics.podSelector }}
|
||||
podSelector:
|
||||
{{- toYaml .Values.networkPolicy.metrics.podSelector | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{- if .Values.extraPorts }}
|
||||
---
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: NetworkPolicy
|
||||
metadata:
|
||||
name: {{ template "promtail.name" . }}-egress-extra-ports
|
||||
namespace: {{ include "promtail.namespaceName" . }}
|
||||
labels:
|
||||
{{- include "promtail.labels" . | nindent 4 }}
|
||||
spec:
|
||||
podSelector:
|
||||
matchLabels:
|
||||
{{- include "promtail.selectorLabels" . | nindent 6 }}
|
||||
policyTypes:
|
||||
- Egress
|
||||
egress:
|
||||
- ports:
|
||||
{{- range $extraPortConfig := .Values.extraPorts }}
|
||||
- port: {{ $extraPortConfig.containerPort }}
|
||||
protocol: {{ $extraPortConfig.protocol }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,10 @@
|
||||
{{- if and (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") .Values.rbac.create .Values.rbac.pspEnabled }}
|
||||
apiVersion: policy/v1beta1
|
||||
kind: PodSecurityPolicy
|
||||
metadata:
|
||||
name: {{ include "promtail.fullname" . }}
|
||||
labels:
|
||||
{{- include "promtail.labels" . | nindent 4 }}
|
||||
spec:
|
||||
{{- toYaml .Values.podSecurityPolicy | nindent 2 }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,21 @@
|
||||
{{- if and .Values.serviceMonitor.enabled .Values.serviceMonitor.prometheusRule.enabled -}}
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: PrometheusRule
|
||||
metadata:
|
||||
name: {{ include "promtail.fullname" . }}
|
||||
{{- with .Values.serviceMonitor.prometheusRule.namespace }}
|
||||
namespace: {{ . | quote }}
|
||||
{{- end }}
|
||||
labels:
|
||||
{{- include "promtail.labels" . | nindent 4 }}
|
||||
{{- with .Values.serviceMonitor.prometheusRule.additionalLabels }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- if .Values.serviceMonitor.prometheusRule.rules }}
|
||||
groups:
|
||||
- name: {{ template "promtail.fullname" . }}
|
||||
rules:
|
||||
{{- toYaml .Values.serviceMonitor.prometheusRule.rules | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,18 @@
|
||||
{{- if and (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") .Values.rbac.create .Values.rbac.pspEnabled }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: Role
|
||||
metadata:
|
||||
name: {{ include "promtail.fullname" . }}-psp
|
||||
namespace: {{ include "promtail.namespaceName" . }}
|
||||
labels:
|
||||
{{- include "promtail.labels" . | nindent 4 }}
|
||||
rules:
|
||||
- apiGroups:
|
||||
- policy
|
||||
resources:
|
||||
- podsecuritypolicies
|
||||
verbs:
|
||||
- use
|
||||
resourceNames:
|
||||
- {{ include "promtail.fullname" . }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,16 @@
|
||||
{{- if and (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") .Values.rbac.create .Values.rbac.pspEnabled }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
name: {{ include "promtail.fullname" . }}-psp
|
||||
namespace: {{ include "promtail.namespaceName" . }}
|
||||
labels:
|
||||
{{- include "promtail.labels" . | nindent 4 }}
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: Role
|
||||
name: {{ include "promtail.fullname" . }}-psp
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ include "promtail.serviceAccountName" . }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,19 @@
|
||||
{{- if not .Values.configmap.enabled }}
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ include "promtail.fullname" . }}
|
||||
namespace: {{ include "promtail.namespaceName" . }}
|
||||
labels:
|
||||
{{- include "promtail.labels" . | nindent 4 }}
|
||||
{{- with .Values.secret.labels }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- with .Values.secret.annotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
stringData:
|
||||
promtail.yaml: |
|
||||
{{- tpl .Values.config.file . | nindent 4 }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,52 @@
|
||||
{{- range $key, $values := .Values.extraPorts }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ include "promtail.fullname" $ }}-{{ $key | lower }}
|
||||
namespace: {{ include "promtail.namespaceName" $ }}
|
||||
labels:
|
||||
{{- include "promtail.labels" $ | nindent 4 }}
|
||||
{{- with $values.labels }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- with .annotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- with $values.service }}
|
||||
type: {{ .type | default "ClusterIP" }}
|
||||
{{- with .clusterIP }}
|
||||
clusterIP: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .loadBalancerIP }}
|
||||
loadBalancerIP: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .loadBalancerSourceRanges }}
|
||||
loadBalancerSourceRanges:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- with .externalIPs }}
|
||||
externalIPs:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- with .externalTrafficPolicy }}
|
||||
externalTrafficPolicy: {{ . }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
ports:
|
||||
- name: {{ .name | default $key }}
|
||||
targetPort: {{ .name | default $key }}
|
||||
protocol: {{ $values.protocol | default "TCP" }}
|
||||
{{- if $values.service }}
|
||||
port: {{ $values.service.port | default $values.containerPort }}
|
||||
{{- if $values.service.nodePort }}
|
||||
nodePort: {{ $values.service.nodePort }}
|
||||
{{- end }}
|
||||
{{- else }}
|
||||
port: {{ $values.containerPort }}
|
||||
{{- end }}
|
||||
selector:
|
||||
{{- include "promtail.selectorLabels" $ | nindent 4 }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,25 @@
|
||||
{{- if or .Values.serviceMonitor.enabled .Values.service.enabled }}
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ include "promtail.fullname" . }}-metrics
|
||||
namespace: {{ include "promtail.namespaceName" . }}
|
||||
labels:
|
||||
{{- include "promtail.labels" . | nindent 4 }}
|
||||
{{- with .Values.service.labels }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- with .Values.service.annotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
clusterIP: None
|
||||
ports:
|
||||
- name: http-metrics
|
||||
port: {{ .Values.config.serverPort }}
|
||||
targetPort: http-metrics
|
||||
protocol: TCP
|
||||
selector:
|
||||
{{- include "promtail.selectorLabels" . | nindent 4 }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,18 @@
|
||||
{{- if .Values.serviceAccount.create }}
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ include "promtail.serviceAccountName" . }}
|
||||
namespace: {{ include "promtail.namespaceName" . }}
|
||||
labels:
|
||||
{{- include "promtail.labels" . | nindent 4 }}
|
||||
{{- with .Values.serviceAccount.annotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }}
|
||||
{{- with .Values.serviceAccount.imagePullSecrets }}
|
||||
imagePullSecrets:
|
||||
{{- toYaml . | nindent 2 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,83 @@
|
||||
{{- with .Values.serviceMonitor }}
|
||||
{{- if .enabled }}
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: {{ include "promtail.fullname" $ }}
|
||||
{{- with .namespace }}
|
||||
namespace: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .annotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
labels:
|
||||
{{- include "promtail.labels" $ | nindent 4 }}
|
||||
{{- with .labels }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- with .namespaceSelector }}
|
||||
namespaceSelector:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
selector:
|
||||
matchLabels:
|
||||
{{- include "promtail.selectorLabels" $ | nindent 6 }}
|
||||
endpoints:
|
||||
- port: http-metrics
|
||||
{{- with $.Values.httpPathPrefix }}
|
||||
path: {{ printf "%s/metrics" . }}
|
||||
{{- end }}
|
||||
{{- with .interval }}
|
||||
interval: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .scrapeTimeout }}
|
||||
scrapeTimeout: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .relabelings }}
|
||||
relabelings:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .metricRelabelings }}
|
||||
metricRelabelings:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .scheme }}
|
||||
scheme: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .tlsConfig }}
|
||||
tlsConfig:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if and $.Values.sidecar.configReloader.enabled $.Values.sidecar.configReloader.serviceMonitor.enabled }}
|
||||
- port: reloader
|
||||
path: "/metrics"
|
||||
{{- with .interval }}
|
||||
interval: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .scrapeTimeout }}
|
||||
scrapeTimeout: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .relabelings }}
|
||||
relabelings:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .metricRelabelings }}
|
||||
metricRelabelings:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .scheme }}
|
||||
scheme: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .tlsConfig }}
|
||||
tlsConfig:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- with .targetLabels }}
|
||||
targetLabels:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,40 @@
|
||||
{{- if and (.Capabilities.APIVersions.Has "autoscaling.k8s.io/v1") .Values.daemonset.enabled .Values.daemonset.autoscaling.enabled }}
|
||||
apiVersion: autoscaling.k8s.io/v1
|
||||
kind: VerticalPodAutoscaler
|
||||
metadata:
|
||||
name: {{ include "promtail.fullname" . }}
|
||||
namespace: {{ include "promtail.namespaceName" . }}
|
||||
labels:
|
||||
{{- include "promtail.labels" . | nindent 4 }}
|
||||
spec:
|
||||
{{- with .Values.daemonset.autoscaling.recommenders }}
|
||||
recommenders:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
resourcePolicy:
|
||||
containerPolicies:
|
||||
- containerName: promtail
|
||||
{{- with .Values.daemonset.autoscaling.controlledResources }}
|
||||
controlledResources:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.daemonset.autoscaling.controlledValues }}
|
||||
controlledValues: {{ .Values.daemonset.autoscaling.controlledValues }}
|
||||
{{- end }}
|
||||
{{- if .Values.daemonset.autoscaling.maxAllowed }}
|
||||
maxAllowed:
|
||||
{{ toYaml .Values.daemonset.autoscaling.maxAllowed | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.daemonset.autoscaling.minAllowed }}
|
||||
minAllowed:
|
||||
{{ toYaml .Values.daemonset.autoscaling.minAllowed | nindent 8 }}
|
||||
{{- end }}
|
||||
targetRef:
|
||||
apiVersion: apps/v1
|
||||
kind: DaemonSet
|
||||
name: {{ include "promtail.fullname" . }}
|
||||
{{- with .Values.daemonset.autoscaling.updatePolicy }}
|
||||
updatePolicy:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
Reference in New Issue
Block a user