From d4e45cd242ed5b773be751fa045a42ded712c509 Mon Sep 17 00:00:00 2001 From: jsirianni Date: Thu, 15 Feb 2024 13:25:17 -0500 Subject: [PATCH 1/4] bump minor version --- charts/bindplane/Chart.yaml | 2 +- charts/bindplane/README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/bindplane/Chart.yaml b/charts/bindplane/Chart.yaml index 25d416d8..6fa8aad4 100644 --- a/charts/bindplane/Chart.yaml +++ b/charts/bindplane/Chart.yaml @@ -3,7 +3,7 @@ name: bindplane description: BindPlane OP is an open source observability pipeline. type: application # The chart's version -version: 1.1.10 +version: 1.2.0 # The BindPlane OP tagged release. If the user does not # set the `image.tag` values option, this version is used. appVersion: 1.45.0 diff --git a/charts/bindplane/README.md b/charts/bindplane/README.md index b192dbe4..e544b0a2 100644 --- a/charts/bindplane/README.md +++ b/charts/bindplane/README.md @@ -1,6 +1,6 @@ # bindplane -![Version: 1.1.10](https://img.shields.io/badge/Version-1.1.10-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.45.0](https://img.shields.io/badge/AppVersion-1.45.0-informational?style=flat-square) +![Version: 1.2.0](https://img.shields.io/badge/Version-1.2.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.45.0](https://img.shields.io/badge/AppVersion-1.45.0-informational?style=flat-square) BindPlane OP is an open source observability pipeline. From 154eadcb01e5119a03748e06e37e0f889a2fc9c6 Mon Sep 17 00:00:00 2001 From: jsirianni Date: Thu, 15 Feb 2024 14:24:58 -0500 Subject: [PATCH 2/4] run on all PRs --- .github/workflows/ci.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 76f5d45b..ce94f190 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,8 +1,6 @@ name: CI on: pull_request: - branches: - - main jobs: helm: From d1ca4f9c55b51baba753c0c94bc103f3c9ebd8c7 Mon Sep 17 00:00:00 2001 From: Joseph Sirianni Date: Fri, 16 Feb 2024 10:42:01 -0500 Subject: [PATCH 3/4] feat(prometheus): Use bindplane-prometheus container image (#87) * use bindplane prometheus image and remove configmap * remove args, they are set in the container image already. updaste volume mount to use /prometheus, the correct path for the bindplane-prometheus image * pin sidecar test version --- charts/bindplane/templates/bindplane.yaml | 29 ++----------------- .../templates/prometheus_config.yaml | 27 ----------------- test/cases/prometheus_sidecar/values.yaml | 4 +++ 3 files changed, 6 insertions(+), 54 deletions(-) delete mode 100644 charts/bindplane/templates/prometheus_config.yaml diff --git a/charts/bindplane/templates/bindplane.yaml b/charts/bindplane/templates/bindplane.yaml index 47c8a08c..6a059169 100644 --- a/charts/bindplane/templates/bindplane.yaml +++ b/charts/bindplane/templates/bindplane.yaml @@ -368,19 +368,10 @@ spec: {{- if eq (include "bindplane.deployment_type" .) "StatefulSet" }} {{- if and (.Values.prometheus.enable) (.Values.prometheus.enableSideCar) }} - name: prometheus - image: prom/prometheus:v2.47.2 + image: ghcr.io/observiq/bindplane-prometheus:{{ include "bindplane.tag" . }} ports: - containerPort: 9090 name: http - args: - - --config.file=/etc/prometheus/prometheus.yml - - --web.config.file=/etc/prometheus/web.yml - - --storage.tsdb.retention.time=2d - - --web.enable-remote-write-receiver - - --web.listen-address={{ .Values.prometheus.host }}:{{ .Values.prometheus.port }} - - --storage.tsdb.path=/var/lib/prometheus/tsdb - - --web.console.templates=/etc/prometheus/consoles - - --web.console.libraries=/etc/prometheus/console_libraries {{- with .Values.prometheus.sidecar.resources }} resources: {{- toYaml . | nindent 12 }} @@ -392,17 +383,8 @@ spec: capabilities: drop: ["ALL"] volumeMounts: - - name: {{ include "bindplane.fullname" . }}-prometheus-config - mountPath: /etc/prometheus/prometheus.yml - subPath: prometheus.yml - - name: {{ include "bindplane.fullname" . }}-prometheus-config - mountPath: /etc/prometheus/rules.yml - subPath: rules.yml - - name: {{ include "bindplane.fullname" . }}-prometheus-config - mountPath: /etc/prometheus/web.yml - subPath: web.yml - name: {{ include "bindplane.fullname" . }}-prometheus-data - mountPath: /var/lib/prometheus/tsdb + mountPath: /prometheus {{- end }} {{- end }} terminationGracePeriodSeconds: 60 @@ -439,13 +421,6 @@ spec: secretName: {{ .Values.prometheus.tls.secret.name }} {{- end }} {{- end }} - {{- if eq (include "bindplane.deployment_type" .) "StatefulSet" }} - {{- if and (.Values.prometheus.enable) (.Values.prometheus.enableSideCar) }} - - name: {{ include "bindplane.fullname" . }}-prometheus-config - configMap: - name: {{ include "bindplane.fullname" . }}-prometheus-config - {{- end }} - {{- end }} {{- if eq (include "bindplane.deployment_type" .) "StatefulSet" }} volumeClaimTemplates: {{- if eq .Values.backend.type "bbolt" }} diff --git a/charts/bindplane/templates/prometheus_config.yaml b/charts/bindplane/templates/prometheus_config.yaml deleted file mode 100644 index 9372959c..00000000 --- a/charts/bindplane/templates/prometheus_config.yaml +++ /dev/null @@ -1,27 +0,0 @@ -{{- if eq (include "bindplane.deployment_type" .) "StatefulSet" }} -{{- if and (.Values.prometheus.enable) (.Values.prometheus.enableSideCar) }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "bindplane.fullname" . }}-prometheus-config - labels: - app.kubernetes.io/name: {{ include "bindplane.name" . }} - app.kubernetes.io/stack: bindplane - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} -data: - prometheus.yml: | - scrape_configs: [] - rule_files: [/etc/prometheus/rules.yml] - rules.yml: | - groups: - - name: configuration-rollups - interval: 1m - rules: - - record: bindplane_agent_measurements:rollup:rate:1m - expr: sum without (agent) (rate(bindplane_agent_measurements{}[1m9s999ms] offset 10s)) - web.yml: | - # web.yml is empty but must be present for Prometheus to start -{{- end }} -{{- end }} - diff --git a/test/cases/prometheus_sidecar/values.yaml b/test/cases/prometheus_sidecar/values.yaml index 697c0431..44496592 100644 --- a/test/cases/prometheus_sidecar/values.yaml +++ b/test/cases/prometheus_sidecar/values.yaml @@ -7,3 +7,7 @@ config: prometheus: enable: true enableSideCar: true + +# TODO(jsirianni): Can be removed after 1.45 release. +image: + tag: 1.43.0 From 59b7267d0d681a696ec83ec37dfcebbaf000f012 Mon Sep 17 00:00:00 2001 From: Joseph Sirianni Date: Mon, 26 Feb 2024 14:19:24 -0500 Subject: [PATCH 4/4] feat(prometheus): Deploy Prometheus StatefulSet by default (#89) * remove sidecar * rename dev prometheus config * add prometheus statefulset * true up securityContext * add remote option * regen docs * remove prom enable from templates * use generated service name when host is not set * fix svc name * re-add sideCar option * revert size change * use localhost when sidecar * Regen docs * resolve test issues by using newer image * use ee image * Remove all test case as it requires a license * skip if dev prometheus is enabled * fix condition * add fsgroup for gke --- .github/workflows/ci.yml | 2 - charts/bindplane/README.md | 16 +-- charts/bindplane/templates/bindplane.yaml | 46 ++++--- .../templates/prometheus.deprecated.yaml | 129 ++++++++++++++++++ charts/bindplane/templates/prometheus.yaml | 128 +++++++---------- charts/bindplane/values.yaml | 37 ++--- test/cases/all/values.yaml | 4 +- test/cases/image/values.yaml | 4 +- test/cases/prometheus_sidecar/values.yaml | 13 -- 9 files changed, 235 insertions(+), 144 deletions(-) create mode 100644 charts/bindplane/templates/prometheus.deprecated.yaml delete mode 100644 test/cases/prometheus_sidecar/values.yaml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ce94f190..129ee62e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -24,10 +24,8 @@ jobs: matrix: case: - "default" - - "all" - "image" - "ingress" - - "prometheus_sidecar" k8s_version: - v1.25.0 - v1.27.0 diff --git a/charts/bindplane/README.md b/charts/bindplane/README.md index e544b0a2..598994d7 100644 --- a/charts/bindplane/README.md +++ b/charts/bindplane/README.md @@ -105,19 +105,19 @@ BindPlane OP is an open source observability pipeline. | prometheus.auth.password | string | `""` | Prometheus basic authentication password. | | prometheus.auth.type | string | `"none"` | Prometheus authentication. Supported options include `none` and `basic`. | | prometheus.auth.username | string | `""` | Prometheus basic authentication username. | -| prometheus.enable | bool | `false` | when enabled, Prometheus will be used as the measurements backend. Prometheus is the recommended backend for production deployments. | -| prometheus.enableSideCar | bool | `false` | When enabled, the Prometheus measurements backend will be deployed as a sidecar container. This option is only valid when BindPlane is running as a single node statefulset. When using this option, leave all other Prometheus options unset and at their default values. | -| prometheus.host | string | `"127.0.0.1"` | The Prometheus hostname or IP address used for querying and writing metrics. | +| prometheus.enableSideCar | bool | `false` | When enabled, the Prometheus measurements backend will be deployed as a sidecar container. This option is only valid when BindPlane is running as a single node statefulset. | +| prometheus.host | string | `""` | The Prometheus hostname or IP address used for querying and writing metrics. Defaults to the service name of the Prometheus StatefulSet deployed by this chart. | | prometheus.port | int | `9090` | The Prometheus TCP port used for querying and writing metrics. | | prometheus.queryPathPrefix | string | `""` | Optional Prometheus query path prefix. Useful when overriding the query endpoints when using systems such as Mimir. | +| prometheus.remote | bool | `false` | When true, the chart will not deploy Prometheus. Instead, the user should provide a Prometheus instance to use. | | prometheus.remoteWrite.host | string | `""` | Optional hostname or IP address of the remote write endpoint. This value overrides the `prometheus.host` for remote write. | | prometheus.remoteWrite.path | string | `"/api/v1/write"` | Path of the remote write endpoint. This value should default to `/api/v1/write`. | | prometheus.remoteWrite.port | int | `9090` | Optional TCP port of the remote write endpoint. This value overrides the `prometheus.port` for remote write. | -| prometheus.sidecar.resources.limits.memory | string | `"500Mi"` | Memory limit. | -| prometheus.sidecar.resources.requests.cpu | string | `"250m"` | CPU request. | -| prometheus.sidecar.resources.requests.memory | string | `"250Mi"` | Memory request. | -| prometheus.sidecar.storageClass | string | `""` | The Kubernetes storage class to use for the volumeClaimTemplate. If unset, the volume claim will use the cluster's default storage class. | -| prometheus.sidecar.volumeSize | string | `"10Gi"` | Persistent volume size. | +| prometheus.resources.limits.memory | string | `"500Mi"` | Memory limit. | +| prometheus.resources.requests.cpu | string | `"250m"` | CPU request. | +| prometheus.resources.requests.memory | string | `"500Mi"` | Memory request. | +| prometheus.storage.storageClass | string | `""` | The Kubernetes storage class to use for the volumeClaimTemplate. If unset, the volume claim will use the cluster's default storage class. | +| prometheus.storage.volumeSize | string | `"10Gi"` | Persistent volume size. | | prometheus.tls.enable | bool | `false` | Whether or not to use TLS when connecting to Prometheus. | | prometheus.tls.insecure | bool | `false` | Whether or not to skip verification of the Prometheus server's certificate. | | prometheus.tls.secret.caSubPath | string | `""` | The secret's subPath which contains the certificate authority. | diff --git a/charts/bindplane/templates/bindplane.yaml b/charts/bindplane/templates/bindplane.yaml index 6a059169..6eefacf7 100644 --- a/charts/bindplane/templates/bindplane.yaml +++ b/charts/bindplane/templates/bindplane.yaml @@ -240,13 +240,18 @@ spec: {{- end }} - name: BINDPLANE_PORT value: "3001" - {{- if .Values.prometheus.enable }} - name: BINDPLANE_PROMETHEUS_ENABLE value: "true" - name: BINDPLANE_PROMETHEUS_ENABLE_REMOTE value: "true" - name: BINDPLANE_PROMETHEUS_HOST + {{- if .Values.prometheus.enableSideCar }} + value: localhost + {{- else if .Values.prometheus.remote }} value: {{ .Values.prometheus.host }} + {{- else }} + value: {{ include "bindplane.fullname" . }}-prometheus + {{- end }} - name: BINDPLANE_PROMETHEUS_PORT value: "{{ .Values.prometheus.port }}" {{- if .Values.prometheus.queryPathPrefix }} @@ -287,7 +292,6 @@ spec: value: /prometheus-client.key {{- end }} {{- end }} - {{- end }} {{- with .Values.resources }} resources: {{- toYaml . | nindent 12 }} @@ -344,7 +348,7 @@ spec: subPath: {{ .Values.eventbus.kafka.tls.secret.keySubPath }} {{- end }} {{- end }} - {{- if and (.Values.prometheus.enable) (.Values.prometheus.tls.enable) }} + {{- if .Values.prometheus.tls.enable }} {{- if .Values.prometheus.tls.secret.caSubPath }} - mountPath: /prometheus-ca.crt name: {{ .Values.prometheus.tls.secret.name }} @@ -366,25 +370,27 @@ spec: exec: command: ["sh", "-c", "sleep 5",] {{- if eq (include "bindplane.deployment_type" .) "StatefulSet" }} - {{- if and (.Values.prometheus.enable) (.Values.prometheus.enableSideCar) }} + {{- if and (.Values.prometheus.enableSideCar) (eq .Values.prometheus.remote false)}} - name: prometheus image: ghcr.io/observiq/bindplane-prometheus:{{ include "bindplane.tag" . }} - ports: - - containerPort: 9090 - name: http - {{- with .Values.prometheus.sidecar.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} + imagePullPolicy: IfNotPresent securityContext: runAsNonRoot: true readOnlyRootFilesystem: true runAsUser: 65534 capabilities: drop: ["ALL"] + ports: + - name: http + containerPort: 9090 + protocol: TCP + {{- with .Values.prometheus.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} volumeMounts: - - name: {{ include "bindplane.fullname" . }}-prometheus-data - mountPath: /prometheus + - mountPath: /prometheus + name: {{ include "bindplane.fullname" . }}-prometheus-data {{- end }} {{- end }} terminationGracePeriodSeconds: 60 @@ -413,7 +419,7 @@ spec: secretName: {{ .Values.eventbus.kafka.tls.secret.name }} {{- end }} {{- end }} - {{- if and (.Values.prometheus.enable) (.Values.prometheus.tls.enable) }} + {{- if .Values.prometheus.tls.enable }} {{- if .Values.prometheus.tls.secret.name }} - name: {{ .Values.prometheus.tls.secret.name }} secret: @@ -442,8 +448,7 @@ spec: storageClassName: {{ .Values.backend.bbolt.storageClass }} {{- end }} {{- end }} - {{- if eq (include "bindplane.deployment_type" .) "StatefulSet" }} - {{- if and (.Values.prometheus.enable) (.Values.prometheus.enableSideCar) }} + {{- if and (.Values.prometheus.enableSideCar) (eq .Values.prometheus.remote false)}} - metadata: name: {{ include "bindplane.fullname" . }}-prometheus-data labels: @@ -457,10 +462,9 @@ spec: - ReadWriteOnce resources: requests: - storage: {{ .Values.prometheus.sidecar.volumeSize }} - {{- if .Values.prometheus.sidecar.storageClass }} - storageClassName: {{ .Values.prometheus.sidecar.storageClass }} + storage: {{ .Values.prometheus.storage.volumeSize }} + {{- if .Values.prometheus.storage.storageClass }} + storageClassName: {{ .Values.prometheus.storage.storageClass }} {{- end }} - {{- end }} - {{- end }} + {{- end }} {{- end }} diff --git a/charts/bindplane/templates/prometheus.deprecated.yaml b/charts/bindplane/templates/prometheus.deprecated.yaml new file mode 100644 index 00000000..bcb348f3 --- /dev/null +++ b/charts/bindplane/templates/prometheus.deprecated.yaml @@ -0,0 +1,129 @@ +{{- if .Values.dev.prometheus.create }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "bindplane.fullname" . }}-prometheus +data: + # Both of these should be empty, but might contain + # configuration in the future. + prometheus.yml: | + scrape_configs: [] + rule_files: [/etc/prometheus/rules.yml] + web.yml: | + # This is an empty config. + rules.yml: | + groups: + - name: configuration-rollups + interval: 1m + rules: + - record: bindplane_agent_measurements:rollup:rate:1m + expr: sum without (agent) (rate(bindplane_agent_measurements{}[1m9s999ms] offset 10s)) +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: {{ include "bindplane.fullname" . }}-prometheus + labels: + app.kubernetes.io/name: test-prometheus +spec: + replicas: 1 + serviceName: bindplane-test-prometheus + selector: + matchLabels: + app.kubernetes.io/name: test-prometheus + template: + metadata: + labels: + app.kubernetes.io/name: test-prometheus + spec: + initContainers: + # Set permissions on /prometheus volume. + - name: setup-volumes + image: {{ .Values.dev.prometheus.image.name }}:{{ .Values.dev.prometheus.image.tag }} + securityContext: + runAsUser: 0 + command: + - "chown" + - "65534:" + - "/prometheus" + volumeMounts: + - mountPath: /prometheus + name: tsdb + containers: + - name: opentelemetry-container + image: {{ .Values.dev.prometheus.image.name }}:{{ .Values.dev.prometheus.image.tag }} + imagePullPolicy: IfNotPresent + command: + - /bin/prometheus + - --web.listen-address=:9090 + - --config.file=/etc/prometheus/prometheus.yml + - --web.config.file=/etc/prometheus/web.yml + - --web.console.libraries=/usr/share/prometheus/console_libraries + - --web.console.templates=/usr/share/prometheus/consoles + - --web.enable-remote-write-receiver + - --storage.tsdb.path=/prometheus + - --storage.tsdb.retention.time=2d + securityContext: + readOnlyRootFilesystem: true + ports: + - name: http + containerPort: 9090 + protocol: TCP + resources: + requests: + memory: 300Mi + cpu: 100m + limits: + memory: 300Mi + volumeMounts: + # prometheus and web configuration + # from configmap. + - mountPath: /etc/prometheus/prometheus.yml + subPath: prometheus.yml + name: config + - mountPath: /etc/prometheus/web.yml + subPath: web.yml + name: config + - mountPath: /etc/prometheus/rules.yml + subPath: rules.yml + name: config + # time series database persistent volume. + - mountPath: /prometheus + name: tsdb + volumes: + - name: config + configMap: + name: {{ include "bindplane.fullname" . }}-prometheus + # Delete persistent volumes when the statefulset is deleted. + persistentVolumeClaimRetentionPolicy: + whenDeleted: Retain + whenScaled: Retain + volumeClaimTemplates: + - metadata: + name: tsdb + labels: + app.kubernetes.io/name: test-prometheus + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 60Gi +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "bindplane.fullname" . }}-prometheus + labels: + app.kubernetes.io/name: test-prometheus +spec: + ports: + - port: 9090 + protocol: TCP + targetPort: http + name: http + selector: + app.kubernetes.io/name: test-prometheus + sessionAffinity: None + type: ClusterIP +{{- end }} diff --git a/charts/bindplane/templates/prometheus.yaml b/charts/bindplane/templates/prometheus.yaml index bcb348f3..43b4f67c 100644 --- a/charts/bindplane/templates/prometheus.yaml +++ b/charts/bindplane/templates/prometheus.yaml @@ -1,121 +1,88 @@ -{{- if .Values.dev.prometheus.create }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "bindplane.fullname" . }}-prometheus -data: - # Both of these should be empty, but might contain - # configuration in the future. - prometheus.yml: | - scrape_configs: [] - rule_files: [/etc/prometheus/rules.yml] - web.yml: | - # This is an empty config. - rules.yml: | - groups: - - name: configuration-rollups - interval: 1m - rules: - - record: bindplane_agent_measurements:rollup:rate:1m - expr: sum without (agent) (rate(bindplane_agent_measurements{}[1m9s999ms] offset 10s)) ---- +{{- if not .Values.prometheus.remote }} +{{- if not .Values.prometheus.enableSideCar }} +{{- if not .Values.dev.prometheus.create }} apiVersion: apps/v1 kind: StatefulSet metadata: name: {{ include "bindplane.fullname" . }}-prometheus labels: - app.kubernetes.io/name: test-prometheus + app.kubernetes.io/name: {{ include "bindplane.name" . }} + app.kubernetes.io/stack: bindplane + app.kubernetes.io/component: prometheus + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} spec: replicas: 1 - serviceName: bindplane-test-prometheus + serviceName: {{ include "bindplane.fullname" . }}-prometheus selector: matchLabels: - app.kubernetes.io/name: test-prometheus + app.kubernetes.io/name: {{ include "bindplane.name" . }} + app.kubernetes.io/stack: bindplane + app.kubernetes.io/component: prometheus + app.kubernetes.io/instance: {{ .Release.Name }} template: metadata: labels: - app.kubernetes.io/name: test-prometheus + app.kubernetes.io/name: {{ include "bindplane.name" . }} + app.kubernetes.io/stack: bindplane + app.kubernetes.io/component: prometheus + app.kubernetes.io/instance: {{ .Release.Name }} spec: - initContainers: - # Set permissions on /prometheus volume. - - name: setup-volumes - image: {{ .Values.dev.prometheus.image.name }}:{{ .Values.dev.prometheus.image.tag }} - securityContext: - runAsUser: 0 - command: - - "chown" - - "65534:" - - "/prometheus" - volumeMounts: - - mountPath: /prometheus - name: tsdb + securityContext: + fsGroup: 65534 containers: - - name: opentelemetry-container - image: {{ .Values.dev.prometheus.image.name }}:{{ .Values.dev.prometheus.image.tag }} + - name: prometheus + image: ghcr.io/observiq/bindplane-prometheus:{{ include "bindplane.tag" . }} imagePullPolicy: IfNotPresent - command: - - /bin/prometheus - - --web.listen-address=:9090 - - --config.file=/etc/prometheus/prometheus.yml - - --web.config.file=/etc/prometheus/web.yml - - --web.console.libraries=/usr/share/prometheus/console_libraries - - --web.console.templates=/usr/share/prometheus/consoles - - --web.enable-remote-write-receiver - - --storage.tsdb.path=/prometheus - - --storage.tsdb.retention.time=2d securityContext: + runAsNonRoot: true readOnlyRootFilesystem: true + runAsUser: 65534 + capabilities: + drop: ["ALL"] ports: - name: http containerPort: 9090 protocol: TCP + {{- with .Values.prometheus.resources }} resources: - requests: - memory: 300Mi - cpu: 100m - limits: - memory: 300Mi + {{- toYaml . | nindent 12 }} + {{- end }} volumeMounts: - # prometheus and web configuration - # from configmap. - - mountPath: /etc/prometheus/prometheus.yml - subPath: prometheus.yml - name: config - - mountPath: /etc/prometheus/web.yml - subPath: web.yml - name: config - - mountPath: /etc/prometheus/rules.yml - subPath: rules.yml - name: config - # time series database persistent volume. - mountPath: /prometheus - name: tsdb - volumes: - - name: config - configMap: - name: {{ include "bindplane.fullname" . }}-prometheus - # Delete persistent volumes when the statefulset is deleted. + name: {{ include "bindplane.fullname" . }}-prometheus-data persistentVolumeClaimRetentionPolicy: whenDeleted: Retain whenScaled: Retain volumeClaimTemplates: - metadata: - name: tsdb + name: {{ include "bindplane.fullname" . }}-prometheus-data labels: - app.kubernetes.io/name: test-prometheus + app.kubernetes.io/name: {{ include "bindplane.name" . }} + app.kubernetes.io/stack: bindplane + app.kubernetes.io/component: prometheus + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} spec: accessModes: - ReadWriteOnce resources: requests: - storage: 60Gi + storage: {{ .Values.prometheus.storage.volumeSize }} + {{- if .Values.prometheus.storage.storageClass }} + storageClassName: {{ .Values.prometheus.storage.storageClass }} + {{- end }} --- apiVersion: v1 kind: Service metadata: name: {{ include "bindplane.fullname" . }}-prometheus labels: - app.kubernetes.io/name: test-prometheus + app.kubernetes.io/name: {{ include "bindplane.name" . }} + app.kubernetes.io/stack: bindplane + app.kubernetes.io/component: prometheus + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} spec: ports: - port: 9090 @@ -123,7 +90,12 @@ spec: targetPort: http name: http selector: - app.kubernetes.io/name: test-prometheus + app.kubernetes.io/name: {{ include "bindplane.name" . }} + app.kubernetes.io/stack: bindplane + app.kubernetes.io/component: prometheus + app.kubernetes.io/instance: {{ .Release.Name }} sessionAffinity: None type: ClusterIP {{- end }} +{{- end }} +{{- end }} diff --git a/charts/bindplane/values.yaml b/charts/bindplane/values.yaml index a40f302f..b4eae501 100644 --- a/charts/bindplane/values.yaml +++ b/charts/bindplane/values.yaml @@ -30,10 +30,12 @@ backend: # TODO(jsirianni): Support authentication and TLS. # This is undocumented for now, as Prometheus support has not been released. prometheus: - # -- when enabled, Prometheus will be used as the measurements backend. Prometheus is the recommended backend for production deployments. - enable: false - # -- The Prometheus hostname or IP address used for querying and writing metrics. - host: "127.0.0.1" + # -- When true, the chart will not deploy Prometheus. Instead, the user should provide a Prometheus instance to use. + remote: false + # -- When enabled, the Prometheus measurements backend will be deployed as a sidecar container. This option is only valid when BindPlane is running as a single node statefulset. + enableSideCar: false + # -- The Prometheus hostname or IP address used for querying and writing metrics. Defaults to the service name of the Prometheus StatefulSet deployed by this chart. + host: "" # -- The Prometheus TCP port used for querying and writing metrics. port: 9090 # -- Optional Prometheus query path prefix. Useful when overriding the query endpoints when using systems such as Mimir. @@ -78,20 +80,18 @@ prometheus: crtSubPath: "" # -- The secret's subPath which contains the client private key, required for mutual TLS. keySubPath: "" - # -- When enabled, the Prometheus measurements backend will be deployed as a sidecar container. This option is only valid when BindPlane is running as a single node statefulset. When using this option, leave all other Prometheus options unset and at their default values. - enableSideCar: false - sidecar: - resources: - requests: - # -- Memory request. - memory: 250Mi - # -- CPU request. - cpu: 250m - limits: - # -- Memory limit. - memory: 500Mi - # Disable cpu limit by default, for burstable qos class - # cpu: 500m + resources: + requests: + # -- Memory request. + memory: 500Mi + # -- CPU request. + cpu: 250m + limits: + # -- Memory limit. + memory: 500Mi + # Disable cpu limit by default, for burstable qos class + # cpu: 500m + storage: # -- Persistent volume size. volumeSize: 10Gi # -- The Kubernetes storage class to use for the volumeClaimTemplate. If unset, the volume claim will use the cluster's default storage class. @@ -390,6 +390,7 @@ dev: tag: latest labels: "configuration=test" + # DEPRECATED: Use the `prometheus` top level section instead. # Manages a prometheus deployment for development purposes. Production # deployments should use a proper prometheus backend deployed outside # of this chart. diff --git a/test/cases/all/values.yaml b/test/cases/all/values.yaml index 3845ad94..dea71ca9 100644 --- a/test/cases/all/values.yaml +++ b/test/cases/all/values.yaml @@ -29,8 +29,8 @@ auth: tls: insecure: true image: - name: ghcr.io/observiq/bindplane - tag: 1.24.0 + name: ghcr.io/observiq/bindplane-ee + tag: 1.44.0 resources: requests: memory: 100Mi diff --git a/test/cases/image/values.yaml b/test/cases/image/values.yaml index 1c12853c..1f61a875 100644 --- a/test/cases/image/values.yaml +++ b/test/cases/image/values.yaml @@ -7,5 +7,5 @@ config: # Image image: - name: ghcr.io/observiq/bindplane - tag: 1.24.0 + name: ghcr.io/observiq/bindplane-ee + tag: 1.43.0 diff --git a/test/cases/prometheus_sidecar/values.yaml b/test/cases/prometheus_sidecar/values.yaml deleted file mode 100644 index 44496592..00000000 --- a/test/cases/prometheus_sidecar/values.yaml +++ /dev/null @@ -1,13 +0,0 @@ -# Required options -config: - username: bpuser - password: bppass - secret_key: 12D8FB6E-1532-4A4C-97AF-95A430BE5E6E - sessions_secret: 4484766F-5016-4077-B8E0-0DE1D637854B -prometheus: - enable: true - enableSideCar: true - -# TODO(jsirianni): Can be removed after 1.45 release. -image: - tag: 1.43.0