fix: move argocd to bootstrap and improve stuff
This commit is contained in:
@@ -0,0 +1,24 @@
|
||||
{{- if .Values.jaeger-operator.enabled }}
|
||||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: jaeger
|
||||
namespace: argocd
|
||||
spec:
|
||||
project: atlantis
|
||||
destination:
|
||||
server: https://kubernetes.default.svc
|
||||
namespace: jaeger
|
||||
sources:
|
||||
- repoURL: https://jaegertracing.github.io/helm-charts
|
||||
targetRevision: 2.54.0
|
||||
chart: jaeger-operator
|
||||
helm:
|
||||
valueFiles:
|
||||
- $values/values/jaeger/values.yaml
|
||||
- repoURL: https://gitlab.com/oceanbox/manifests.git
|
||||
targetRevision: main
|
||||
# path: values/jaeger/manifests
|
||||
ref: values
|
||||
|
||||
{{- end }}
|
||||
@@ -0,0 +1,152 @@
|
||||
{{- if .Values.loki.enabled }}
|
||||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: loki
|
||||
namespace: argocd
|
||||
annotations:
|
||||
argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
destination:
|
||||
namespace: loki
|
||||
server: 'https://kubernetes.default.svc'
|
||||
project: aux
|
||||
ignoreDifferences:
|
||||
- group: apps
|
||||
kind: StatefulSet
|
||||
jsonPointers:
|
||||
- /spec/persistentVolumeClaimRetentionPolicy
|
||||
syncPolicy:
|
||||
managedNamespaceMetadata:
|
||||
labels:
|
||||
component: aux
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
- ApplyOutOfSyncOnly=true
|
||||
automated:
|
||||
prune: true
|
||||
selfHeal: true
|
||||
sources:
|
||||
- repoURL: https://gitlab.com/oceanbox/manifests.git
|
||||
path: policies/oceanbox/network/loki
|
||||
targetRevision: HEAD
|
||||
- repoURL: 'https://grafana.github.io/helm-charts'
|
||||
targetRevision: 6.12.0
|
||||
chart: loki
|
||||
helm:
|
||||
values: |
|
||||
loki:
|
||||
auth_enabled: false
|
||||
storage:
|
||||
bucketNames:
|
||||
chunks: loki-chunks
|
||||
ruler: loki-chunks
|
||||
admin: loki-chunks
|
||||
s3:
|
||||
endpoint: http://10.255.241.30:30080
|
||||
region: tos
|
||||
accessKeyId: ${S3KEY}
|
||||
secretAccessKey: ${S3SECRET}
|
||||
s3ForcePathStyle: true
|
||||
http_config:
|
||||
insecure_skip_verify: true
|
||||
schemaConfig:
|
||||
configs:
|
||||
- from: "2024-04-01"
|
||||
index:
|
||||
period: 24h
|
||||
prefix: loki_index_
|
||||
object_store: s3
|
||||
schema: v13
|
||||
store: tsdb
|
||||
compactor:
|
||||
compaction_interval: 10m
|
||||
working_directory: /tmp/loki/compactor
|
||||
retention_enabled: true
|
||||
retention_delete_delay: 2h
|
||||
retention_delete_worker_count: 150
|
||||
delete_request_store: s3
|
||||
limits_config:
|
||||
retention_period: 744h
|
||||
write:
|
||||
extraArgs:
|
||||
- -config.expand-env=true
|
||||
extraEnv:
|
||||
- name: S3KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: loki-s3
|
||||
key: AWS_ACCESS_KEY_ID
|
||||
- name: S3SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: loki-s3
|
||||
key: AWS_ACCESS_KEY_SECRET
|
||||
tolerations:
|
||||
- effect: "NoSchedule"
|
||||
operator: "Equal"
|
||||
key: "unschedulable"
|
||||
value: "true"
|
||||
read:
|
||||
extraArgs:
|
||||
- -config.expand-env=true
|
||||
extraEnv:
|
||||
- name: S3KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: loki-s3
|
||||
key: AWS_ACCESS_KEY_ID
|
||||
- name: S3SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: loki-s3
|
||||
key: AWS_ACCESS_KEY_SECRET
|
||||
tolerations:
|
||||
- effect: "NoSchedule"
|
||||
operator: "Equal"
|
||||
key: "unschedulable"
|
||||
value: "true"
|
||||
ingress:
|
||||
enabled: true
|
||||
ingressClassName: nginx
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt-staging
|
||||
nginx.ingress.kubernetes.io/ssl-redirect: "true"
|
||||
oceanbox.io/expose: internal
|
||||
hosts:
|
||||
- loki.adm.oceanbox.io
|
||||
tls:
|
||||
- hosts:
|
||||
- loki.adm.oceanbox.io
|
||||
secretName: loki-distributed-tls
|
||||
compactor:
|
||||
extraArgs:
|
||||
- -config.expand-env=true
|
||||
extraEnv:
|
||||
- name: S3KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: loki-s3
|
||||
key: AWS_ACCESS_KEY_ID
|
||||
- name: S3SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: loki-s3
|
||||
key: AWS_ACCESS_KEY_SECRET
|
||||
backend:
|
||||
extraArgs:
|
||||
- -config.expand-env=true
|
||||
extraEnv:
|
||||
- name: S3KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: loki-s3
|
||||
key: AWS_ACCESS_KEY_ID
|
||||
- name: S3SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: loki-s3
|
||||
key: AWS_ACCESS_KEY_SECRET
|
||||
{{- end }}
|
||||
@@ -0,0 +1,111 @@
|
||||
{{- if .Values.opentelemetry-collector.enabled }}
|
||||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: opentelemetry-collector
|
||||
namespace: argocd
|
||||
annotations:
|
||||
argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
destination:
|
||||
namespace: otel
|
||||
server: 'https://kubernetes.default.svc'
|
||||
project: aux
|
||||
syncPolicy:
|
||||
# managedNamespaceMetadata:
|
||||
# labels:
|
||||
# component: aux
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
- ApplyOutOfSyncOnly=true
|
||||
automated:
|
||||
prune: true
|
||||
selfHeal: true
|
||||
sources:
|
||||
- repoURL: 'https://open-telemetry.github.io/opentelemetry-helm-charts'
|
||||
targetRevision: 0.107.0
|
||||
chart: opentelemetry-collector
|
||||
helm:
|
||||
values: |
|
||||
mode: deployment
|
||||
image:
|
||||
repository: otel/opentelemetry-collector-k8s
|
||||
service:
|
||||
type: LoadBalancer
|
||||
loadBalancerIP: 10.255.241.12
|
||||
config:
|
||||
receivers:
|
||||
prometheus/collector:
|
||||
config:
|
||||
scrape_configs:
|
||||
- job_name: 'opentelemetry-collector'
|
||||
static_configs:
|
||||
- targets:
|
||||
- ${env:MY_POD_IP}:8888
|
||||
zipkin:
|
||||
endpoint: ${env:MY_POD_IP}:9411
|
||||
exporters:
|
||||
otlp:
|
||||
endpoint: "tempo.tempo.svc:4317"
|
||||
tls:
|
||||
insecure: true
|
||||
otlphttp/metrics:
|
||||
endpoint: http://prom-prometheus.prometheus:9090/api/v1/otlp
|
||||
tls:
|
||||
insecure: true
|
||||
otlphttp/logs:
|
||||
endpoint: http://loki-write-headless.loki:3100/otlp
|
||||
tls:
|
||||
insecure: true
|
||||
debug/metrics:
|
||||
verbosity: detailed
|
||||
debug/traces:
|
||||
verbosity: detailed
|
||||
debug/logs:
|
||||
verbosity: detailed
|
||||
service:
|
||||
telemetry:
|
||||
logs:
|
||||
level: "info"
|
||||
pipelines:
|
||||
traces:
|
||||
receivers: [otlp,zipkin]
|
||||
processors: [batch]
|
||||
exporters: [otlp]
|
||||
# exporters: [otlphttp/traces,debug/traces]
|
||||
metrics:
|
||||
receivers: [otlp,prometheus/collector]
|
||||
processors: [batch]
|
||||
exporters: [otlphttp/metrics]
|
||||
# exporters: [otlphttp/metrics,debug/metrics]
|
||||
logs:
|
||||
receivers: [otlp]
|
||||
processors: [batch]
|
||||
exporters: [otlphttp/logs]
|
||||
# exporters: [otlphttp/logs,debug/logs]
|
||||
ports:
|
||||
metrics:
|
||||
enabled: true
|
||||
# presets:
|
||||
# logsCollection:
|
||||
# enabled: true
|
||||
ingress:
|
||||
enabled: false
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt-production
|
||||
nginx.ingress.kubernetes.io/ssl-redirect: "true"
|
||||
oceanbox.io/expose: internal
|
||||
ingressClassName: nginx
|
||||
hosts:
|
||||
- host: opentelemetry-collector.adm.oceanbox.io
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
port: 4318
|
||||
tls:
|
||||
- secretName: collector-tls
|
||||
hosts:
|
||||
- opentelemetry-collector.adm.oceanbox.io
|
||||
{{- end }}
|
||||
@@ -0,0 +1,78 @@
|
||||
{{- if .Values.tempo.enabled }}
|
||||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: tempo
|
||||
namespace: argocd
|
||||
annotations:
|
||||
argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
destination:
|
||||
namespace: tempo
|
||||
server: 'https://kubernetes.default.svc'
|
||||
project: aux
|
||||
syncPolicy:
|
||||
# managedNamespaceMetadata:
|
||||
# labels:
|
||||
# component: aux
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
- ApplyOutOfSyncOnly=true
|
||||
automated:
|
||||
prune: true
|
||||
selfHeal: true
|
||||
sources:
|
||||
- repoURL: 'https://grafana.github.io/helm-charts'
|
||||
targetRevision: 1.10.3
|
||||
chart: tempo
|
||||
helm:
|
||||
values: |
|
||||
tempo:
|
||||
storage:
|
||||
trace:
|
||||
backend: s3
|
||||
s3:
|
||||
bucket: tempo-traces
|
||||
endpoint: 10.255.241.30:30080
|
||||
access_key: ${S3KEY}
|
||||
secret_key: ${S3SECRET}
|
||||
forcepathstyle: true
|
||||
insecure: true
|
||||
local:
|
||||
path: /var/tempo/traces
|
||||
wal:
|
||||
path: /var/tempo/wal
|
||||
metricsGenerator:
|
||||
enabled: true
|
||||
remoteWriteUrl: "http://prom-prometheus.prometheus:9090/api/v1/write"
|
||||
extraArgs: { config.expand-env=true }
|
||||
extraEnv:
|
||||
- name: S3KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: tempo-s3
|
||||
key: AWS_ACCESS_KEY_ID
|
||||
- name: S3SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: tempo-s3
|
||||
key: AWS_ACCESS_KEY_SECRET
|
||||
tempoQuery:
|
||||
ingress:
|
||||
enabled: true
|
||||
ingressClassName: nginx
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt-staging
|
||||
nginx.ingress.kubernetes.io/ssl-redirect: "true"
|
||||
oceanbox.io/expose: internal
|
||||
path: /
|
||||
pathType: Prefix
|
||||
hosts:
|
||||
- query.tempo.adm.oceanbox.io
|
||||
tls:
|
||||
- secretName: tempo-query-tls
|
||||
hosts:
|
||||
- query.tempo.adm.oceanbox.io
|
||||
{{- end }}
|
||||
Reference in New Issue
Block a user