diff --git a/kubernetes/main/apps/monitoring/thanos/app/helmrelease.yaml b/kubernetes/main/apps/monitoring/thanos/app/helmrelease.yaml index 7bbc6bdc1..6839fc1cb 100644 --- a/kubernetes/main/apps/monitoring/thanos/app/helmrelease.yaml +++ b/kubernetes/main/apps/monitoring/thanos/app/helmrelease.yaml @@ -4,135 +4,120 @@ apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: thanos + namespace: monitoring spec: - interval: 30m + interval: 15m chart: spec: chart: thanos version: 13.2.2 sourceRef: kind: HelmRepository - name: bitnami + name: bitnami-charts namespace: flux-system - interval: 30m + install: + createNamespace: true + remediation: + retries: 5 + upgrade: + remediation: + retries: 5 values: + image: + registry: quay.io + repository: thanos/thanos + tag: v0.34.1 objstoreConfig: type: s3 config: insecure: true - - query: - enabled: true - dnsDiscovery: - sidecarsService: kube-prometheus-stack-thanos-discovery - sidecarsNamespace: monitoring - stores: - - synology.home.econline.nl:10901 - replicaLabels: - - "__replica__" # must match with kube-prometheus-stack value `.prometheus.prometheusSpec.replicaExternalLabelName` - resources: - requests: - cpu: 15m - memory: 64M - # limits: - # memory: 99M - queryFrontend: enabled: true + replicaCount: 1 ingress: enabled: true - hostname: "thanos.econline.nl" - ingressClassName: "internal-nginx" + annotations: + hajimari.io/enable: "false" + ingressClassName: internal + hostname: &host "thanos.econline.nl" tls: true - + extraTls: + - hosts: + - *host + query: + enabled: true + replicaCount: 1 + replicaLabel: ["__replica__"] + dnsDiscovery: + sidecarsService: kube-prometheus-stack-thanos-discovery + sidecarsNamespace: monitoring bucketweb: enabled: true - resources: - requests: - cpu: 15m - memory: 64M - # limits: - # memory: 64M - + replicaCount: 1 compactor: enabled: true extraFlags: - - "--compact.concurrency=4" + - --compact.concurrency=4 - --delete-delay=30m retentionResolutionRaw: 14d - retentionResolution5m: 30d - retentionResolution1h: 90d - resources: - requests: - cpu: 15m - memory: 204M - # limits: - # memory: 270M + retentionResolution5m: 14d + retentionResolution1h: 14d persistence: enabled: true - storageClass: "ceph-filesystem" - size: 15Gi - + storageClass: "ceph-block" + size: 20Gi storegateway: enabled: true - resources: - requests: - cpu: 23m - memory: 204M - # limits: - # memory: 226M + replicaCount: 1 persistence: enabled: true - storageClass: "ceph-filesystem" - size: 1Gi - + storageClass: "ceph-block" + size: 20Gi ruler: enabled: true - alertmanagers: - - http://alertmanager.monitoring.svc.cluster.local:9093 - clusterName: ${CLUSTER_NAME} # must match with kube-prometheus-stack value `.prometheus.prometheusSpec.externalLabels.cluster` + replicaCount: 1 + replicaLabel: __replica__ + alertmanagers: ["http://kube-prometheus-stack-alertmanager.monitoring.svc.cluster.local:9093"] + extraFlags: ["--web.prefix-header=X-Forwarded-Prefix"] config: |- groups: - - name: "PrometheusWatcher" + - name: PrometheusWatcher rules: - - alert: "PrometheusDown" + - alert: PrometheusDown + annotations: + summary: A Prometheus has disappeared from Prometheus target discovery expr: absent(up{job="kube-prometheus-stack-prometheus"}) + for: 5m + labels: + severity: critical dnsDiscovery: enabled: true persistence: enabled: true - storageClass: "ceph-filesystem" - size: 512Mi - resources: - requests: - cpu: 23m - memory: 128M - limits: - memory: 256M - + storageClass: "ceph-block" + size: 20Gi metrics: enabled: true serviceMonitor: enabled: true - valuesFrom: - targetPath: objstoreConfig.config.bucket - kind: Secret - name: thanos-secret - valuesKey: S3_BUCKET + kind: ConfigMap + name: thanos-bucket-v1 + valuesKey: BUCKET_NAME - targetPath: objstoreConfig.config.endpoint - kind: Secret - name: thanos-secret - valuesKey: S3_HOST + kind: ConfigMap + name: thanos-bucket-v1 + valuesKey: BUCKET_HOST - targetPath: objstoreConfig.config.region - kind: Secret - name: thanos-secret - valuesKey: S3_REGION + kind: ConfigMap + name: thanos-bucket-v1 + valuesKey: BUCKET_REGION - targetPath: objstoreConfig.config.access_key kind: Secret - name: thanos-secret - valuesKey: S3_ACCESS_KEY + name: thanos-bucket-v1 + valuesKey: AWS_ACCESS_KEY_ID - targetPath: objstoreConfig.config.secret_key kind: Secret - name: thanos-secret - valuesKey: S3_SECRET_KEY \ No newline at end of file + name: thanos-bucket-v1 + valuesKey: AWS_SECRET_ACCESS_KEY \ No newline at end of file diff --git a/kubernetes/main/apps/monitoring/thanos/app/kustomization.yaml b/kubernetes/main/apps/monitoring/thanos/app/kustomization.yaml index 2708f09ee..33284fba6 100644 --- a/kubernetes/main/apps/monitoring/thanos/app/kustomization.yaml +++ b/kubernetes/main/apps/monitoring/thanos/app/kustomization.yaml @@ -1,6 +1,42 @@ --- +# yaml-language-server: $schema=https://json.schemastore.org/kustomization apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +namespace: monitoring resources: - - ./externalsecret.yaml + - ./objectbucketclaim.yaml - ./helmrelease.yaml +configMapGenerator: + - name: thanos-bucket-replicate-dashboard + files: + - thanos-bucket-replicate-dashboard.json=https://raw.githubusercontent.com/monitoring-mixins/website/master/assets/thanos/dashboards/bucket-replicate.json + - name: thanos-compact-dashboard + files: + - thanos-compact-dashboard.json=https://raw.githubusercontent.com/monitoring-mixins/website/master/assets/thanos/dashboards/compact.json + - name: thanos-overview-dashboard + files: + - thanos-overview-dashboard.json=https://raw.githubusercontent.com/monitoring-mixins/website/master/assets/thanos/dashboards/overview.json + - name: thanos-query-dashboard + files: + - thanos-query-dashboard.json=https://raw.githubusercontent.com/monitoring-mixins/website/master/assets/thanos/dashboards/query.json + - name: thanos-query-frontend-dashboard + files: + - thanos-query-frontend-dashboard.json=https://raw.githubusercontent.com/monitoring-mixins/website/master/assets/thanos/dashboards/query-frontend.json + - name: thanos-receive-dashboard + files: + - thanos-receive-dashboard.json=https://raw.githubusercontent.com/monitoring-mixins/website/master/assets/thanos/dashboards/receive.json + - name: thanos-rule-dashboard + files: + - thanos-rule-dashboard.json=https://raw.githubusercontent.com/monitoring-mixins/website/master/assets/thanos/dashboards/rule.json + - name: thanos-sidecar-dashboard + files: + - thanos-sidecar-dashboard.json=https://raw.githubusercontent.com/monitoring-mixins/website/master/assets/thanos/dashboards/sidecar.json + - name: thanos-store-dashboard + files: + - thanos-store-dashboard.json=https://raw.githubusercontent.com/monitoring-mixins/website/master/assets/thanos/dashboards/store.json +generatorOptions: + disableNameSuffixHash: true + annotations: + kustomize.toolkit.fluxcd.io/substitute: disabled + labels: + grafana_dashboard: "true" \ No newline at end of file diff --git a/kubernetes/main/apps/monitoring/thanos/app/objectbucketclaim.yaml b/kubernetes/main/apps/monitoring/thanos/app/objectbucketclaim.yaml new file mode 100644 index 000000000..07bf21127 --- /dev/null +++ b/kubernetes/main/apps/monitoring/thanos/app/objectbucketclaim.yaml @@ -0,0 +1,9 @@ +--- +apiVersion: objectbucket.io/v1alpha1 +kind: ObjectBucketClaim +metadata: + name: thanos-bucket-v1 + namespace: monitoring +spec: + bucketName: thanos-v1 + storageClassName: ceph-bucket \ No newline at end of file