remoll/k3s-infra
0
0
Fork 0
Code Issues 1 Pull Requests 10 Packages Projects Releases Wiki Activity

auto deploy grafana and co.

Browse Source
This commit is contained in:
Remy Moll 2023-12-18 12:44:34 +01:00
parent 62abc6637f
commit 8de0427f61
11 changed files with 55 additions and 561 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/monitoring/grafana.ingress.yaml
View File

@ -13,5 +13,3 @@ spec:
port: 80 port: 80
tls: tls:
certResolver: default-tls certResolver: default-tls

7
apps/monitoring/grafana.pvc.yaml
View File

@ -1,4 +1,3 @@
---
apiVersion: v1 apiVersion: v1
kind: PersistentVolume kind: PersistentVolume
metadata: metadata:
@ -6,10 +5,8 @@ metadata:
labels: labels:
directory: grafana directory: grafana
spec: spec:
# storageClassName: slow
capacity: capacity:
storage: "1Gi" storage: "1Gi"
# volumeMode: Filesystem
accessModes: accessModes:
- ReadWriteOnce - ReadWriteOnce
nfs: nfs:
@ -21,7 +18,6 @@ kind: PersistentVolumeClaim
metadata: metadata:
name: grafana-nfs name: grafana-nfs
spec: spec:
# storageClassName: slow
accessModes: accessModes:
- ReadWriteOnce - ReadWriteOnce
resources: resources:
@ -30,6 +26,3 @@ spec:
selector: selector:
matchLabels: matchLabels:
directory: grafana directory: grafana

157
apps/monitoring/influxdb-telegraf.values.yaml
View File

@ -1,157 +0,0 @@
## Default values.yaml for Telegraf
## This is a YAML-formatted file.
## ref: https://hub.docker.com/r/library/telegraf/tags/
image:
repo: "telegraf"
tag: "1.22"
pullPolicy: IfNotPresent
## Configure resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
resources:
requests:
memory: 256Mi
cpu: 0.1
limits:
memory: 1Gi
cpu: 1
## Pod annotations
podAnnotations: {}
## Pod labels
podLabels: {}
## Configure args passed to Telegraf containers
args: []
## The name of a secret in the same kubernetes namespace which contains values to
## be added to the environment (must be manually created)
## This can be useful for auth tokens, etc.
# envFromSecret: "telegraf-tokens"
## Environment
env:
# This pulls HOSTNAME from the node, not the pod.
- name: HOSTNAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
# In test clusters where hostnames are resolved in /etc/hosts on each node,
# the HOSTNAME is not resolvable from inside containers
# So inject the host IP as well
- name: HOSTIP
valueFrom:
fieldRef:
fieldPath: status.hostIP
# Mount the host filesystem and set the appropriate env variables.
# ref: https://github.com/influxdata/telegraf/blob/master/docs/FAQ.md
# HOST_PROC is required by the cpu, disk, diskio, kernel and processes input plugins
- name: "HOST_PROC"
value: "/hostfs/proc"
# HOST_SYS is required by the diskio plugin
- name: "HOST_SYS"
value: "/hostfs/sys"
- name: "HOST_MOUNT_PREFIX"
value: "/hostfs"
## Add custom volumes and mounts
# volumes:
# - name: telegraf-output-influxdb2
# configMap:
# name: "telegraf-output-influxdb2"
# mountPoints:
# - name: telegraf-output-influxdb2
# mountPath: /etc/telegraf/conf.d
# subPath: influxdb2.conf
## Tolerations for pod assignment
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
## If the DaemonSet should run on the host's network namespace
## hostNetwork: true
## If using hostNetwork=true, set dnsPolicy to ClusterFirstWithHostNet
## ref: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#
## dnsPolicy: ClusterFirstWithHostNet
## If using dnsPolicy=None, set dnsConfig
## ref: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-dns-config
## dnsConfig:
## nameservers:
## - 1.2.3.4
## searches:
## - ns1.svc.cluster-domain.example
## - my.dns.search.suffix
## options:
## - name: ndots
## value: "2"
## - name: edns0
rbac:
# Specifies whether RBAC resources should be created
create: true
serviceAccount:
# Specifies whether a ServiceAccount should be created
create: true
# The name of the ServiceAccount to use.
# If not set and create is true, a name is generated using the fullname template
# name:
# Annotations for the ServiceAccount
annotations: {}
## Specify priorityClassName
## Ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
# priorityClassName: system-node-critical
# Specify the pod's SecurityContext, including the OS user and group to run the pod
podSecurityContext: {}
override_config:
toml: ~
# Provide a literal TOML config
# toml: |+
# [global_tags]
# foo = "bar"
# [agent]
# interval = "10s"
# [[inputs.mem]]
# [[outputs.influxdb_v2]]
# urls = ["https://us-west-2-1.aws.cloud2.influxdata.com"]
# bucket = "data"
# organization = "OurCompany"
# token = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
## Exposed telegraf configuration
## ref: https://docs.influxdata.com/telegraf/v1.13/administration/configuration/
config:
# global_tags:
# cluster: "mycluster"
agent:
interval: "10s"
round_interval: true
metric_batch_size: 1000
metric_buffer_limit: 10000
collection_jitter: "0s"
flush_interval: "10s"
flush_jitter: "0s"
precision: ""
debug: false
quiet: false
logfile: ""
hostname: "$HOSTNAME"
omit_hostname: false
outputs:
- influxdb_v2:
urls:
- "http://influxdb-influxdb2.monitoring:80"
token: N_jNm1hZTfyhJneTJj2G357mQ7EJdNzdvebjSJX6JkbyaXNup_IAqeYowblMgV8EjLypNvauTl27ewJvI_rbqQ==
organization: "influxdata"
bucket: "kluster"
monitor_self: false
docker_endpoint: "unix:///run/k3s/containerd/containerd.sock"

1
apps/monitoring/influxdb.pvc.yaml
View File

@ -1,4 +1,3 @@
---
apiVersion: v1 apiVersion: v1
kind: PersistentVolume kind: PersistentVolume
metadata: metadata:

169
apps/monitoring/influxdb.values.yaml
View File

@ -1,92 +1,3 @@
image:
repository: influxdb
tag: 2.3.0-alpine
pullPolicy: IfNotPresent
## Annotations to be added to InfluxDB pods
##
podAnnotations: {}
## Labels to be added to InfluxDB pods
##
podLabels: {}
nameOverride: ""
fullnameOverride: ""
## Configure resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
## Node labels for pod assignment
## ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
## Tolerations for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
## Affinity for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
##
affinity: {}
securityContext: {}
## Customize liveness, readiness and startup probes
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/
##
livenessProbe: {}
# path: "/health"
# scheme: "HTTP"
# initialDelaySeconds: 0
# periodSeconds: 10
# timeoutSeconds: 1
# failureThreshold: 3
readinessProbe: {}
# path: "/health"
# scheme: "HTTP"
# initialDelaySeconds: 0
# periodSeconds: 10
# timeoutSeconds: 1
# successThreshold: 1
# failureThreshold: 3
startupProbe:
enabled: false
# path: "/health"
# scheme: "HTTP"
# initialDelaySeconds: 30
# periodSeconds: 5
# timeoutSeconds: 1
# failureThreshold: 6
## Extra environment variables to configure influxdb
## e.g.
# env:
# - name: FOO
# value: BAR
# - name: BAZ
# valueFrom:
# secretKeyRef:
# name: my-secret
# key: my-key
env: {}
## Create default user through docker entrypoint ## Create default user through docker entrypoint
## Defaults indicated below ## Defaults indicated below
## ##
@ -100,10 +11,6 @@ adminUser:
password: "" password: ""
token: "" token: ""
## The password and token are obtained from an existing secret. The expected
## keys are `admin-password` and `admin-token`.
## If set, the password and token values above are ignored.
# existingSecret: influxdb-auth
## Persist data to a persistent volume ## Persist data to a persistent volume
## ##
@ -113,83 +20,7 @@ persistence:
useExisting: true useExisting: true
## Name of existing PVC to be used in the influx deployment ## Name of existing PVC to be used in the influx deployment
name: influxdb-nfs name: influxdb-nfs
## influxdb data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# storageClass: "-"
accessMode: ReadWriteOnce
size: 10Gi
mountPath: /var/lib/influxdb2
subPath: ""
## Add custom volume and volumeMounts
##
# volumes:
# - name: influxdb2-templates
# hostPath:
# path: /data/influxdb2-templates
# type: Directory
# mountPoints:
# - name: influxdb2-templates
# mountPath: /influxdb2-templates
# readOnly: true
## Allow executing custom init scripts
## If the container finds any files with the .sh extension inside of the
## /docker-entrypoint-initdb.d folder, it will execute them.
## When multiple scripts are present, they will be executed in lexical sort order by name.
## For more details see Custom Initialization Scripts in https://hub.docker.com/_/influxdb
initScripts:
enabled: false
scripts:
init.sh: |+
#!/bin/bash
influx apply --force yes -u https://raw.githubusercontent.com/influxdata/community-templates/master/influxdb2_operational_monitoring/influxdb2_operational_monitoring.yml
## Specify a service type
## ref: http://kubernetes.io/docs/user-guide/services/
##
service:
type: LoadBalancer
loadBalancerIP: 192.168.3.4
port: 80
targetPort: 8086
annotations: {}
labels: {}
portName: http
serviceAccount:
# Specifies whether a ServiceAccount should be created
create: true
# The name of the ServiceAccount to use.
# If not set and create is true, a name is generated using the fullname template
name:
# Annotations for the ServiceAccount
annotations: {}
ingress: ingress:
enabled: false enabled: false
# For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName
# See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress
# className: nginx
tls: false
# secretName: my-tls-cert # only needed if tls above is true or default certificate is not configured for Nginx
hostname: influxdb.foobar.com
annotations: {}
# kubernetes.io/ingress.class: "nginx"
# kubernetes.io/tls-acme: "true"
path: /
## Pod disruption budget configuration
##
pdb:
## Specifies whether a Pod disruption budget should be created
##
create: true
minAvailable: 1
# maxUnavailable: 1

29
apps/monitoring/kustomization.yaml Normal file
View File

@ -0,0 +1,29 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: monitoring
resources:
- namespace.yaml
- grafana.pvc.yaml
- influxdb.pvc.yaml
- grafana.ingress.yaml
helmCharts:
- releaseName: grafana
name: grafana
repo: https://grafana.github.io/helm-charts
version: 6.56.2
valuesFile: grafana.values.yaml
- releaseName: influxdb
name: influxdb2
repo: https://helm.influxdata.com/
version: 2.1.1
valuesFile: influxdb.values.yaml
- releaseName: telegraf-speedtest
name: telegraf
repo: https://helm.influxdata.com/
version: 1.8.27
valuesFile: telegraf-speedtest.values.yaml

4
apps/monitoring/namespace.yaml Normal file
View File

@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: placeholder

167
apps/monitoring/telegraf-adguard.values.yaml
View File

@ -1,167 +0,0 @@
## Default values.yaml for Telegraf
## This is a YAML-formatted file.
## ref: https://hub.docker.com/r/library/telegraf/tags/
replicaCount: 1
image:
repo: "telegraf"
tag: "1.25"
pullPolicy: IfNotPresent
podAnnotations: {}
podLabels: {}
imagePullSecrets: []
## Configure args passed to Telegraf containers
args: []
# The name of a secret in the same kubernetes namespace which contains values to
# be added to the environment (must be manually created)
# This can be useful for auth tokens, etc.
# envFromSecret: "telegraf-tokens"
env:
- name: HOSTNAME
value: "telegraf-polling-service"
# An older "volumeMounts" key was previously added which will likely
# NOT WORK as you expect. Please use this newer configuration.
# volumes:
# - name: telegraf-output-influxdb2
# configMap:
# name: "telegraf-output-influxdb2"
# mountPoints:
# - name: telegraf-output-influxdb2
# mountPath: /etc/telegraf/conf.d
# subPath: influxdb2.conf
## Configure resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
resources: {}
# requests:
# memory: 128Mi
# cpu: 100m
# limits:
# memory: 128Mi
# cpu: 100m
## Node labels for pod assignment
## ref: https://kubernetes.io/docs/user-guide/node-selection/
nodeSelector: {}
## Affinity for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
##
affinity: {}
## Tolerations for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
# - key: "key"
# operator: "Equal|Exists"
# value: "value"
# effect: "NoSchedule|PreferNoSchedule|NoExecute(1.6 only)"
service:
enabled: false
type: ClusterIP
annotations: {}
rbac:
# Specifies whether RBAC resources should be created
create: true
# Create only for the release namespace or cluster wide (Role vs ClusterRole)
clusterWide: false
# Rules for the created rule
rules: []
# When using the prometheus input to scrape all pods you need extra rules set to the ClusterRole to be
# able to scan the pods for scraping labels. The following rules have been taken from:
# https://github.com/helm/charts/blob/master/stable/prometheus/templates/server-clusterrole.yaml#L8-L46
# - apiGroups:
# - ""
# resources:
# - nodes
# - nodes/proxy
# - nodes/metrics
# - services
# - endpoints
# - pods
# - ingresses
# - configmaps
# verbs:
# - get
# - list
# - watch
# - apiGroups:
# - "extensions"
# resources:
# - ingresses/status
# - ingresses
# verbs:
# - get
# - list
# - watch
# - nonResourceURLs:
# - "/metrics"
# verbs:
# - get
serviceAccount:
# Specifies whether a ServiceAccount should be created
create: false
## Exposed telegraf configuration
## For full list of possible values see `/docs/all-config-values.yaml` and `/docs/all-config-values.toml`
## ref: https://docs.influxdata.com/telegraf/v1.1/administration/configuration/
config:
agent:
interval: "2m"
round_interval: true
metric_batch_size: 1000
metric_buffer_limit: 10000
collection_jitter: "0s"
flush_interval: "10s"
flush_jitter: "0s"
precision: ""
debug: false
quiet: false
logfile: ""
hostname: "$HOSTNAME"
omit_hostname: false
processors:
- enum:
mapping:
field: "status"
dest: "status_code"
value_mappings:
healthy: 1
problem: 2
critical: 3
outputs:
- influxdb_v2:
urls:
- "http://influxdb-influxdb2.monitoring:80"
token: We64mk4L4bqYCL77x3fAUSYfOse9Kktyf2eBLyrryG9c3-y8PQFiKPIh9EvSWuq78QSQz6hUcsm7XSFR2Zj1MA==
organization: "influxdata"
bucket: "homeassistant"
inputs:
- http:
urls:
- "http://adguard-home.adguard:3000/control/stats"
data_format: "json"
metrics:
health:
enabled: false
service_address: "http://:8888"
threshold: 5000.0
internal:
enabled: true
collect_memstats: false
# Lifecycle hooks
# hooks:
# postStart: ["/bin/sh", "-c", "echo Telegraf started"]
# preStop: ["/bin/sh", "-c", "sleep 60"]
## Pod disruption budget configuration
##
pdb:
## Specifies whether a Pod disruption budget should be created
##
create: true
minAvailable: 1
# maxUnavailable: 1

58
apps/monitoring/telegraf-speedtest.values.yaml
View File

@ -1,51 +1,7 @@
## Default values.yaml for Telegraf
## This is a YAML-formatted file.
## ref: https://hub.docker.com/r/library/telegraf/tags/
replicaCount: 1
image:
repo: "telegraf"
tag: "1.25"
pullPolicy: IfNotPresent
podAnnotations: {}
podLabels: {}
imagePullSecrets: []
## Configure args passed to Telegraf containers
args: []
# The name of a secret in the same kubernetes namespace which contains values to
# be added to the environment (must be manually created)
# This can be useful for auth tokens, etc.
# envFromSecret: "telegraf-tokens"
env: env:
- name: HOSTNAME - name: HOSTNAME
value: "telegraf-speedtest" value: "telegraf-speedtest"
## Configure resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
resources: {}
# requests:
# memory: 128Mi
# cpu: 100m
# limits:
# memory: 128Mi
# cpu: 100m
## Node labels for pod assignment
## ref: https://kubernetes.io/docs/user-guide/node-selection/
nodeSelector: {}
## Affinity for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
##
affinity: {}
## Tolerations for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
# - key: "key"
# operator: "Equal|Exists"
# value: "value"
# effect: "NoSchedule|PreferNoSchedule|NoExecute(1.6 only)"
service: service:
enabled: false enabled: false
rbac: rbac:
@ -94,17 +50,3 @@ config:
inputs: inputs:
- internet_speed: - internet_speed:
enable_file_download: false enable_file_download: false
# Lifecycle hooks
# hooks:
# postStart: ["/bin/sh", "-c", "echo Telegraf started"]
# preStop: ["/bin/sh", "-c", "sleep 60"]
## Pod disruption budget configuration
##
pdb:
## Specifies whether a Pod disruption budget should be created
##
create: true
minAvailable: 1
# maxUnavailable: 1

18
kluster-deployments/monitoring/application.yaml Normal file
View File

@ -0,0 +1,18 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: monitoring-application
namespace: argocd
spec:
project: apps
source:
repoURL: ssh://git@git.kluster.moll.re:2222/remoll/k3s-infra.git
targetRevision: main
path: apps/monitoring
destination:
server: https://kubernetes.default.svc
namespace: monitoring
syncPolicy:
automated:
prune: true
selfHeal: true

4
kluster-deployments/monitoring/kustomization.yaml Normal file
View File

@ -0,0 +1,4 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- application.yaml