diff --git a/apps/monitoring/grafana.ingress.yaml b/apps/monitoring/grafana.ingress.yaml index 3c416dd..980f5ce 100644 --- a/apps/monitoring/grafana.ingress.yaml +++ b/apps/monitoring/grafana.ingress.yaml @@ -13,5 +13,3 @@ spec: port: 80 tls: certResolver: default-tls - - diff --git a/apps/monitoring/grafana.pvc.yaml b/apps/monitoring/grafana.pvc.yaml index 3f7f8d5..1a06d25 100644 --- a/apps/monitoring/grafana.pvc.yaml +++ b/apps/monitoring/grafana.pvc.yaml @@ -1,4 +1,3 @@ ---- apiVersion: v1 kind: PersistentVolume metadata: @@ -6,10 +5,8 @@ metadata: labels: directory: grafana spec: - # storageClassName: slow capacity: storage: "1Gi" - # volumeMode: Filesystem accessModes: - ReadWriteOnce nfs: @@ -21,7 +18,6 @@ kind: PersistentVolumeClaim metadata: name: grafana-nfs spec: - # storageClassName: slow accessModes: - ReadWriteOnce resources: @@ -30,6 +26,3 @@ spec: selector: matchLabels: directory: grafana - - - diff --git a/apps/monitoring/influxdb-telegraf.values.yaml b/apps/monitoring/influxdb-telegraf.values.yaml deleted file mode 100644 index 65488e0..0000000 --- a/apps/monitoring/influxdb-telegraf.values.yaml +++ /dev/null @@ -1,157 +0,0 @@ -## Default values.yaml for Telegraf -## This is a YAML-formatted file. -## ref: https://hub.docker.com/r/library/telegraf/tags/ - -image: - repo: "telegraf" - tag: "1.22" - pullPolicy: IfNotPresent - -## Configure resource requests and limits -## ref: http://kubernetes.io/docs/user-guide/compute-resources/ -resources: - requests: - memory: 256Mi - cpu: 0.1 - limits: - memory: 1Gi - cpu: 1 - -## Pod annotations -podAnnotations: {} - -## Pod labels -podLabels: {} - -## Configure args passed to Telegraf containers -args: [] - -## The name of a secret in the same kubernetes namespace which contains values to -## be added to the environment (must be manually created) -## This can be useful for auth tokens, etc. -# envFromSecret: "telegraf-tokens" - -## Environment -env: - # This pulls HOSTNAME from the node, not the pod. - - name: HOSTNAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - # In test clusters where hostnames are resolved in /etc/hosts on each node, - # the HOSTNAME is not resolvable from inside containers - # So inject the host IP as well - - name: HOSTIP - valueFrom: - fieldRef: - fieldPath: status.hostIP - # Mount the host filesystem and set the appropriate env variables. - # ref: https://github.com/influxdata/telegraf/blob/master/docs/FAQ.md - # HOST_PROC is required by the cpu, disk, diskio, kernel and processes input plugins - - name: "HOST_PROC" - value: "/hostfs/proc" - # HOST_SYS is required by the diskio plugin - - name: "HOST_SYS" - value: "/hostfs/sys" - - name: "HOST_MOUNT_PREFIX" - value: "/hostfs" - -## Add custom volumes and mounts -# volumes: -# - name: telegraf-output-influxdb2 -# configMap: -# name: "telegraf-output-influxdb2" -# mountPoints: -# - name: telegraf-output-influxdb2 -# mountPath: /etc/telegraf/conf.d -# subPath: influxdb2.conf - -## Tolerations for pod assignment -## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ -## -tolerations: [] - -## If the DaemonSet should run on the host's network namespace -## hostNetwork: true - -## If using hostNetwork=true, set dnsPolicy to ClusterFirstWithHostNet -## ref: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/# -## dnsPolicy: ClusterFirstWithHostNet - -## If using dnsPolicy=None, set dnsConfig -## ref: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-dns-config -## dnsConfig: -## nameservers: -## - 1.2.3.4 -## searches: -## - ns1.svc.cluster-domain.example -## - my.dns.search.suffix -## options: -## - name: ndots -## value: "2" -## - name: edns0 - -rbac: - # Specifies whether RBAC resources should be created - create: true - -serviceAccount: - # Specifies whether a ServiceAccount should be created - create: true - # The name of the ServiceAccount to use. - # If not set and create is true, a name is generated using the fullname template - # name: - # Annotations for the ServiceAccount - annotations: {} - -## Specify priorityClassName -## Ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ -# priorityClassName: system-node-critical - -# Specify the pod's SecurityContext, including the OS user and group to run the pod -podSecurityContext: {} - -override_config: - toml: ~ - # Provide a literal TOML config - # toml: |+ - # [global_tags] - # foo = "bar" - # [agent] - # interval = "10s" - # [[inputs.mem]] - # [[outputs.influxdb_v2]] - # urls = ["https://us-west-2-1.aws.cloud2.influxdata.com"] - # bucket = "data" - # organization = "OurCompany" - # token = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" - -## Exposed telegraf configuration -## ref: https://docs.influxdata.com/telegraf/v1.13/administration/configuration/ -config: - # global_tags: - # cluster: "mycluster" - agent: - interval: "10s" - round_interval: true - metric_batch_size: 1000 - metric_buffer_limit: 10000 - collection_jitter: "0s" - flush_interval: "10s" - flush_jitter: "0s" - precision: "" - debug: false - quiet: false - logfile: "" - hostname: "$HOSTNAME" - omit_hostname: false - outputs: - - influxdb_v2: - urls: - - "http://influxdb-influxdb2.monitoring:80" - token: N_jNm1hZTfyhJneTJj2G357mQ7EJdNzdvebjSJX6JkbyaXNup_IAqeYowblMgV8EjLypNvauTl27ewJvI_rbqQ== - organization: "influxdata" - bucket: "kluster" - monitor_self: false - docker_endpoint: "unix:///run/k3s/containerd/containerd.sock" - diff --git a/apps/monitoring/influxdb.pvc.yaml b/apps/monitoring/influxdb.pvc.yaml index cdca475..efbe44f 100644 --- a/apps/monitoring/influxdb.pvc.yaml +++ b/apps/monitoring/influxdb.pvc.yaml @@ -1,4 +1,3 @@ ---- apiVersion: v1 kind: PersistentVolume metadata: diff --git a/apps/monitoring/influxdb.values.yaml b/apps/monitoring/influxdb.values.yaml index 66e4515..e9bc49f 100644 --- a/apps/monitoring/influxdb.values.yaml +++ b/apps/monitoring/influxdb.values.yaml @@ -1,92 +1,3 @@ -image: - repository: influxdb - tag: 2.3.0-alpine - pullPolicy: IfNotPresent - -## Annotations to be added to InfluxDB pods -## -podAnnotations: {} - -## Labels to be added to InfluxDB pods -## -podLabels: {} - -nameOverride: "" -fullnameOverride: "" - -## Configure resource requests and limits -## ref: http://kubernetes.io/docs/user-guide/compute-resources/ -## -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - -## Node labels for pod assignment -## ref: https://kubernetes.io/docs/user-guide/node-selection/ -## -nodeSelector: {} - -## Tolerations for pod assignment -## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ -## -tolerations: [] - -## Affinity for pod assignment -## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity -## -affinity: {} - -securityContext: {} - -## Customize liveness, readiness and startup probes -## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ -## -livenessProbe: {} - # path: "/health" - # scheme: "HTTP" - # initialDelaySeconds: 0 - # periodSeconds: 10 - # timeoutSeconds: 1 - # failureThreshold: 3 - -readinessProbe: {} - # path: "/health" - # scheme: "HTTP" - # initialDelaySeconds: 0 - # periodSeconds: 10 - # timeoutSeconds: 1 - # successThreshold: 1 - # failureThreshold: 3 - -startupProbe: - enabled: false - # path: "/health" - # scheme: "HTTP" - # initialDelaySeconds: 30 - # periodSeconds: 5 - # timeoutSeconds: 1 - # failureThreshold: 6 - -## Extra environment variables to configure influxdb -## e.g. -# env: -# - name: FOO -# value: BAR -# - name: BAZ -# valueFrom: -# secretKeyRef: -# name: my-secret -# key: my-key -env: {} - ## Create default user through docker entrypoint ## Defaults indicated below ## @@ -100,10 +11,6 @@ adminUser: password: "" token: "" - ## The password and token are obtained from an existing secret. The expected - ## keys are `admin-password` and `admin-token`. - ## If set, the password and token values above are ignored. - # existingSecret: influxdb-auth ## Persist data to a persistent volume ## @@ -113,83 +20,7 @@ persistence: useExisting: true ## Name of existing PVC to be used in the influx deployment name: influxdb-nfs - ## influxdb data Persistent Volume Storage Class - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - # storageClass: "-" - accessMode: ReadWriteOnce - size: 10Gi - mountPath: /var/lib/influxdb2 - subPath: "" -## Add custom volume and volumeMounts -## -# volumes: -# - name: influxdb2-templates -# hostPath: -# path: /data/influxdb2-templates -# type: Directory -# mountPoints: -# - name: influxdb2-templates -# mountPath: /influxdb2-templates -# readOnly: true - -## Allow executing custom init scripts -## If the container finds any files with the .sh extension inside of the -## /docker-entrypoint-initdb.d folder, it will execute them. -## When multiple scripts are present, they will be executed in lexical sort order by name. -## For more details see Custom Initialization Scripts in https://hub.docker.com/_/influxdb -initScripts: - enabled: false - scripts: - init.sh: |+ - #!/bin/bash - influx apply --force yes -u https://raw.githubusercontent.com/influxdata/community-templates/master/influxdb2_operational_monitoring/influxdb2_operational_monitoring.yml - -## Specify a service type -## ref: http://kubernetes.io/docs/user-guide/services/ -## -service: - type: LoadBalancer - loadBalancerIP: 192.168.3.4 - port: 80 - targetPort: 8086 - annotations: {} - labels: {} - portName: http - -serviceAccount: - # Specifies whether a ServiceAccount should be created - create: true - # The name of the ServiceAccount to use. - # If not set and create is true, a name is generated using the fullname template - name: - # Annotations for the ServiceAccount - annotations: {} ingress: enabled: false - # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName - # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress - # className: nginx - tls: false - # secretName: my-tls-cert # only needed if tls above is true or default certificate is not configured for Nginx - hostname: influxdb.foobar.com - annotations: {} - # kubernetes.io/ingress.class: "nginx" - # kubernetes.io/tls-acme: "true" - path: / - -## Pod disruption budget configuration -## -pdb: - ## Specifies whether a Pod disruption budget should be created - ## - create: true - minAvailable: 1 - # maxUnavailable: 1 - diff --git a/apps/monitoring/kustomization.yaml b/apps/monitoring/kustomization.yaml new file mode 100644 index 0000000..08fc464 --- /dev/null +++ b/apps/monitoring/kustomization.yaml @@ -0,0 +1,29 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: monitoring + +resources: + - namespace.yaml + - grafana.pvc.yaml + - influxdb.pvc.yaml + - grafana.ingress.yaml + +helmCharts: + - releaseName: grafana + name: grafana + repo: https://grafana.github.io/helm-charts + version: 6.56.2 + valuesFile: grafana.values.yaml + + - releaseName: influxdb + name: influxdb2 + repo: https://helm.influxdata.com/ + version: 2.1.1 + valuesFile: influxdb.values.yaml + + - releaseName: telegraf-speedtest + name: telegraf + repo: https://helm.influxdata.com/ + version: 1.8.27 + valuesFile: telegraf-speedtest.values.yaml diff --git a/apps/monitoring/namespace.yaml b/apps/monitoring/namespace.yaml new file mode 100644 index 0000000..0a074bd --- /dev/null +++ b/apps/monitoring/namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: placeholder diff --git a/apps/monitoring/telegraf-adguard.values.yaml b/apps/monitoring/telegraf-adguard.values.yaml deleted file mode 100644 index de7290a..0000000 --- a/apps/monitoring/telegraf-adguard.values.yaml +++ /dev/null @@ -1,167 +0,0 @@ -## Default values.yaml for Telegraf -## This is a YAML-formatted file. -## ref: https://hub.docker.com/r/library/telegraf/tags/ - -replicaCount: 1 -image: - repo: "telegraf" - tag: "1.25" - pullPolicy: IfNotPresent -podAnnotations: {} -podLabels: {} -imagePullSecrets: [] -## Configure args passed to Telegraf containers -args: [] -# The name of a secret in the same kubernetes namespace which contains values to -# be added to the environment (must be manually created) -# This can be useful for auth tokens, etc. - -# envFromSecret: "telegraf-tokens" -env: - - name: HOSTNAME - value: "telegraf-polling-service" -# An older "volumeMounts" key was previously added which will likely -# NOT WORK as you expect. Please use this newer configuration. - -# volumes: -# - name: telegraf-output-influxdb2 -# configMap: -# name: "telegraf-output-influxdb2" -# mountPoints: -# - name: telegraf-output-influxdb2 -# mountPath: /etc/telegraf/conf.d -# subPath: influxdb2.conf - -## Configure resource requests and limits -## ref: http://kubernetes.io/docs/user-guide/compute-resources/ -resources: {} -# requests: -# memory: 128Mi -# cpu: 100m -# limits: -# memory: 128Mi -# cpu: 100m - -## Node labels for pod assignment -## ref: https://kubernetes.io/docs/user-guide/node-selection/ -nodeSelector: {} -## Affinity for pod assignment -## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity -## -affinity: {} -## Tolerations for pod assignment -## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ -## -tolerations: [] -# - key: "key" -# operator: "Equal|Exists" -# value: "value" -# effect: "NoSchedule|PreferNoSchedule|NoExecute(1.6 only)" - -service: - enabled: false - type: ClusterIP - annotations: {} -rbac: - # Specifies whether RBAC resources should be created - create: true - # Create only for the release namespace or cluster wide (Role vs ClusterRole) - clusterWide: false - # Rules for the created rule - rules: [] -# When using the prometheus input to scrape all pods you need extra rules set to the ClusterRole to be -# able to scan the pods for scraping labels. The following rules have been taken from: -# https://github.com/helm/charts/blob/master/stable/prometheus/templates/server-clusterrole.yaml#L8-L46 -# - apiGroups: -# - "" -# resources: -# - nodes -# - nodes/proxy -# - nodes/metrics -# - services -# - endpoints -# - pods -# - ingresses -# - configmaps -# verbs: -# - get -# - list -# - watch -# - apiGroups: -# - "extensions" -# resources: -# - ingresses/status -# - ingresses -# verbs: -# - get -# - list -# - watch -# - nonResourceURLs: -# - "/metrics" -# verbs: -# - get - -serviceAccount: - # Specifies whether a ServiceAccount should be created - create: false -## Exposed telegraf configuration -## For full list of possible values see `/docs/all-config-values.yaml` and `/docs/all-config-values.toml` -## ref: https://docs.influxdata.com/telegraf/v1.1/administration/configuration/ -config: - agent: - interval: "2m" - round_interval: true - metric_batch_size: 1000 - metric_buffer_limit: 10000 - collection_jitter: "0s" - flush_interval: "10s" - flush_jitter: "0s" - precision: "" - debug: false - quiet: false - logfile: "" - hostname: "$HOSTNAME" - omit_hostname: false - processors: - - enum: - mapping: - field: "status" - dest: "status_code" - value_mappings: - healthy: 1 - problem: 2 - critical: 3 - outputs: - - influxdb_v2: - urls: - - "http://influxdb-influxdb2.monitoring:80" - token: We64mk4L4bqYCL77x3fAUSYfOse9Kktyf2eBLyrryG9c3-y8PQFiKPIh9EvSWuq78QSQz6hUcsm7XSFR2Zj1MA== - organization: "influxdata" - bucket: "homeassistant" - inputs: - - http: - urls: - - "http://adguard-home.adguard:3000/control/stats" - data_format: "json" -metrics: - health: - enabled: false - service_address: "http://:8888" - threshold: 5000.0 - internal: - enabled: true - collect_memstats: false -# Lifecycle hooks -# hooks: -# postStart: ["/bin/sh", "-c", "echo Telegraf started"] -# preStop: ["/bin/sh", "-c", "sleep 60"] - -## Pod disruption budget configuration -## -pdb: - ## Specifies whether a Pod disruption budget should be created - ## - create: true - minAvailable: 1 - # maxUnavailable: 1 - diff --git a/apps/monitoring/telegraf-speedtest.values.yaml b/apps/monitoring/telegraf-speedtest.values.yaml index 69345bc..a3e3d82 100644 --- a/apps/monitoring/telegraf-speedtest.values.yaml +++ b/apps/monitoring/telegraf-speedtest.values.yaml @@ -1,51 +1,7 @@ -## Default values.yaml for Telegraf -## This is a YAML-formatted file. -## ref: https://hub.docker.com/r/library/telegraf/tags/ - -replicaCount: 1 -image: - repo: "telegraf" - tag: "1.25" - pullPolicy: IfNotPresent -podAnnotations: {} -podLabels: {} -imagePullSecrets: [] -## Configure args passed to Telegraf containers -args: [] -# The name of a secret in the same kubernetes namespace which contains values to -# be added to the environment (must be manually created) -# This can be useful for auth tokens, etc. - -# envFromSecret: "telegraf-tokens" env: - name: HOSTNAME value: "telegraf-speedtest" -## Configure resource requests and limits -## ref: http://kubernetes.io/docs/user-guide/compute-resources/ -resources: {} -# requests: -# memory: 128Mi -# cpu: 100m -# limits: -# memory: 128Mi -# cpu: 100m - -## Node labels for pod assignment -## ref: https://kubernetes.io/docs/user-guide/node-selection/ -nodeSelector: {} -## Affinity for pod assignment -## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity -## -affinity: {} -## Tolerations for pod assignment -## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ -## -tolerations: [] -# - key: "key" -# operator: "Equal|Exists" -# value: "value" -# effect: "NoSchedule|PreferNoSchedule|NoExecute(1.6 only)" service: enabled: false rbac: @@ -94,17 +50,3 @@ config: inputs: - internet_speed: enable_file_download: false - -# Lifecycle hooks -# hooks: -# postStart: ["/bin/sh", "-c", "echo Telegraf started"] -# preStop: ["/bin/sh", "-c", "sleep 60"] - -## Pod disruption budget configuration -## -pdb: - ## Specifies whether a Pod disruption budget should be created - ## - create: true - minAvailable: 1 - # maxUnavailable: 1 diff --git a/kluster-deployments/monitoring/application.yaml b/kluster-deployments/monitoring/application.yaml new file mode 100644 index 0000000..36deee1 --- /dev/null +++ b/kluster-deployments/monitoring/application.yaml @@ -0,0 +1,18 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: monitoring-application + namespace: argocd +spec: + project: apps + source: + repoURL: ssh://git@git.kluster.moll.re:2222/remoll/k3s-infra.git + targetRevision: main + path: apps/monitoring + destination: + server: https://kubernetes.default.svc + namespace: monitoring + syncPolicy: + automated: + prune: true + selfHeal: true diff --git a/kluster-deployments/monitoring/kustomization.yaml b/kluster-deployments/monitoring/kustomization.yaml new file mode 100644 index 0000000..977dcfe --- /dev/null +++ b/kluster-deployments/monitoring/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - application.yaml