120 lines
2.9 KiB
YAML
120 lines
2.9 KiB
YAML
apiVersion: helm.toolkit.fluxcd.io/v2beta1
|
|
kind: HelmRelease
|
|
metadata:
|
|
name: kube-prometheus-stack
|
|
namespace: monitoring
|
|
spec:
|
|
interval: 5m
|
|
chart:
|
|
spec:
|
|
chart: kube-prometheus-stack
|
|
version: "46.8.0"
|
|
sourceRef:
|
|
kind: HelmRepository
|
|
name: prometheus-community-charts
|
|
namespace: flux-system
|
|
|
|
values:
|
|
namespaceOverride: "monitoring"
|
|
|
|
alertmanager:
|
|
ingress:
|
|
enabled: true
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: letsencrypt-production
|
|
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
|
traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd
|
|
hosts:
|
|
- &alertmanager-host alertmanager.${SECRET_NEW_DOMAIN}
|
|
paths:
|
|
- "/"
|
|
tls:
|
|
- hosts:
|
|
- *alertmanager-host
|
|
secretName: wildcard-main-tls
|
|
|
|
alertmanagerSpec:
|
|
alertmanagerConfiguration:
|
|
name: alertmanager-config
|
|
|
|
grafana:
|
|
enabled: false
|
|
# enabled dashboards even with grafana being disabled
|
|
forceDeployDashboards: true
|
|
defaultDashboardsTimezone: America/New_York
|
|
|
|
prometheus:
|
|
ingress:
|
|
enabled: true
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: letsencrypt-production
|
|
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
|
traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd
|
|
hosts:
|
|
- &prometheus-host metrics.${SECRET_NEW_DOMAIN}
|
|
paths:
|
|
- "/"
|
|
tls:
|
|
- hosts:
|
|
- *prometheus-host
|
|
secretName: wildcard-main-tls
|
|
|
|
prometheusSpec:
|
|
enableAdminAPI: false
|
|
|
|
retention: 1d
|
|
|
|
remoteWrite:
|
|
- url: http://victoria-metrics-server.monitoring.svc:8428/api/v1/write
|
|
|
|
storageSpec:
|
|
volumeClaimTemplate:
|
|
spec:
|
|
storageClassName: hostpath
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: kube-prometheus-stack-pv
|
|
resources:
|
|
requests:
|
|
storage: 30Gi
|
|
|
|
kubeControllerManager:
|
|
enabled: true
|
|
endpoints:
|
|
- 192.168.87.250
|
|
service:
|
|
enabled: true
|
|
port: 10257
|
|
targetPort: 10257
|
|
serviceMonitor:
|
|
enabled: true
|
|
https: true
|
|
insecureSkipVerify: true
|
|
|
|
kubeScheduler:
|
|
enabled: true
|
|
endpoints:
|
|
- 192.168.87.250
|
|
service:
|
|
enabled: true
|
|
port: 10259
|
|
targetPort: 10259
|
|
serviceMonitor:
|
|
enabled: true
|
|
https: true
|
|
insecureSkipVerify: true
|
|
|
|
kubeProxy:
|
|
enabled: true
|
|
endpoints:
|
|
- 192.168.87.250
|
|
service:
|
|
enabled: true
|
|
port: 10249
|
|
targetPort: 10249
|
|
serviceMonitor:
|
|
enabled: true
|
|
https: false
|
|
|
|
kubeEtcd:
|
|
enabled: false
|