[stable/kong] Options to install Prometheus plugin with ServiceMonitor

[decayofmind]

What this PR does / why we need it:

This PR provides an option to install kong-prometheus plugin as KongPlugin custom resource.
Prometheus-operator ServiceMonitor could be installed as well.

As a side-effect of this PR, Kong CRDs are not being deleted with the release anymore. It prevents from losing Kong declarative configuration while uninstalling Kong.

The proposed change was inspired by Prometheus-operator and Velero charts.

Checklist

• DCO signed
• Chart Version bumped
• Variables are documented in the README.md
• Title of the PR starts with chart name (e.g. [stable/chart])

[k8s-ci-robot]

Hi @decayofmind. Thanks for your PR.

I'm waiting for a helm member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[decayofmind]

/assign @hbagdi

[decayofmind]

/assign @shashiranjan84

[decayofmind]

@hbagdi any luck this will be useful?

[hbagdi]

@decayofmind Sorry for the delayed responses on this. Have been very busy with multiple things flying around. I'll try to get to this soon.

[hbagdi]

We will keep this PR around for now.
There is a feature that needs to land in this Helm chart which exposes a metrics port on all Kong deployments, based on a ConfigMap, similar to how we do it here.

Once that get's in, this PR can be simplified quite a bit:

• please do not over-complicate the logic of how installation is done for CRDs, let's keep it simple.
• While automatically enabling Prometheus plugin when ServiceMonitor is enabled, it is going a bit too far IMHO of providing a magical button for everything. It is okay to document thing and ask users to enable the plugin by themselves, depending on how they are running Kong (with or without Ingress Controller, with or without DB)

[hbagdi]

Since #15079 is merged in. We can work on this PR.
Please see my comment above.

Also, it probably might be more accurate to provide serviceMonitor.enabled, rather than metrics.serviceMonitor.enabled as a config value. Please refer to other stable charts in this repository.

[decayofmind]

@hbagdi serviceMonitor.enabled is under metrics., because if metrics itself are disabled it has no sense. I can imagine a case, where someone will leave metrics.enabled: false, but serviceMonitor.enabled: true.

But, if you think it's better, I have no objections to change the variable name as you said :)

[decayofmind]

• please do not over-complicate the logic of how installation is done for CRDs, let's keep it simple.

For installation of CRDs I've used a built-in Helm feature/hook (https://github.com/helm/helm/blob/master/docs/charts_hooks.md#the-available-hooks) to install CRDs before any other template. If something else is over-complicated, let me now, I'll remove it from PR.

• While automatically enabling Prometheus plugin when ServiceMonitor is enabled, it is going a bit too far IMHO of providing a magical button for everything. It is okay to document thing and ask users to enable the plugin by themselves, depending on how they are running Kong (with or without Ingress Controller, with or without DB)

A ServiceMonitor will be installed only if metrics.serviceMonitor.create set to true.

[hbagdi]

Please rebase this PR on latest master.

[decayofmind]

@hbagdi I've done some changes you requested, could you please take a look at my PR one more time.

[hbagdi]

As I said in a review before, let's remove this.
The user can create an additional KongPlugin resource if the need be after the Kong Ingress Controller is installed.

[hbagdi]

Do note that Kong will expose some basic observability stats even if this plugin is not enabled.

[decayofmind]

OK, let it be as you're suggesting, I've got the point :)

[hbagdi]

Why is this changed?

[decayofmind]

It may not be the matter of this PR, but in general, all objects in a chart should be addressing {{ template "<chartname.fullname>" }} in its names.

It allows a user to override objects naming for the whole installation, by taking into account .Values.nameOverride and .Values.fullNameOverride (not yet in Kong chart) variables passed to the chart.

[hbagdi]

I believe these changes can go away once KongPlugin resource is removed.

[hbagdi]

I think these changes to CRDs can be removed since the Prometheus plugin is not being automatically created.

Another problem that I see here:
If multiple Kong Ingress Controllers are being installed one after the other, then this will incorrectly delete the CRD first, and then re-install the CRD. This will lead to deletion of all the custom resources that were present in the cluster before the installation.

[hbagdi]

@decayofmind Could you address this comment?
Thanks!

[hbagdi]

@decayofmind Left one comment and other than that, this PR looks good.
#16293 will be merged before this so please rebase again.

[hbagdi]

/ok-to-test

[hbagdi]

Please rebase on master. This is real close and almost ready to merge.

[hbagdi]

@decayofmind Please address the one outstanding comment and fix the lint failure.

Once that's done, we are good to merge.

[decayofmind]

@hbagdi It seems like everything is finally fixed

[hbagdi]

/lgtm

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: decayofmind, hbagdi

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• stable/kong/OWNERS [hbagdi]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[hbagdi]

@decayofmind Thank you for your contribution!