{{ if .Values.thanos.enabled }} apiVersion: argoproj.io/v1alpha1 kind: Application metadata: name: thanos namespace: argocd finalizers: - resources-finalizer.argocd.argoproj.io spec: destination: namespace: thanos server: 'https://kubernetes.default.svc' source: repoURL: 'https://charts.bitnami.com/bitnami' targetRevision: {{ .Values.thanos.version }} chart: thanos helm: values: | ## Handled by sealed secret now, and uses minio root user #objstoreConfig: |- # type: s3 # config: # bucket: thanos # endpoint: thanos-minio.thanos.svc.cluster.local:9000 # access_key: "thanos" # secret_key: "en to tre fire" # insecure: true ## @param indexCacheConfig The [index cache configuration](https://thanos.io/components/store.md/) ## Specify content for index-cache.yml indexCacheConfig: "" ## @param bucketCacheConfig The [bucket cache configuration](https://thanos.io/components/store.md/) ## Specify content for bucket-cache.yml ## bucketCacheConfig: "" ## @param existingObjstoreSecret Secret with Objstore Configuration ## Note: This will override objstoreConfig ## existingObjstoreSecret: "thanos-objstore-secret" existingObjstoreSecretItems: [] existingServiceAccount: "" query: enabled: true stores: - {{ .Values.prometheus.fullname | default "prometheus-kube-prometheus" }}-prometheus.prometheus.svc:10901 - thanos-envoy:10000 - thanos-envoy:10002 - thanos-envoy:11000 ingress: enabled: true certManager: false hostname: thanos.{{ .Values.cluster_config.domain }} ingressClassName: "nginx" annotations: cert-manager.io/cluster-issuer: {{ .Values.cluster_config.ingress_clusterissuer }} nginx.ingress.kubernetes.io/backend-protocol: HTTP nginx.ingress.kubernetes.io/proxy-body-size: 1024m nginx.ingress.kubernetes.io/ssl-redirect: "true" nginx.ingress.kubernetes.io/whitelist-source-range: 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,172.19.255.0/24 ## extraHosts: ## - name: thanos.local ## path: / ## pathType: ImplementationSpecific ## extraHosts: [] extraTls: - hosts: - thanos.{{ .Values.cluster_config.domain }} secretName: thanos-tls ## @section Thanos Query Frontend parameters queryFrontend: enabled: true ingress: enabled: true certManager: false hostname: thanos-query.{{ .Values.cluster_config.domain }} ingressClassName: "nginx" annotations: cert-manager.io/cluster-issuer: {{ .Values.cluster_config.ingress_clusterissuer }} nginx.ingress.kubernetes.io/backend-protocol: HTTP nginx.ingress.kubernetes.io/proxy-body-size: 1024m nginx.ingress.kubernetes.io/ssl-redirect: "true" nginx.ingress.kubernetes.io/whitelist-source-range: 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,172.19.255.0/24 ## extraHosts: ## - name: thanos.local ## path: / ## pathType: ImplementationSpecific ## extraHosts: [] extraTls: - hosts: - thanos-query.{{ .Values.cluster_config.domain }} secretName: thanos-query-tls ## @section Thanos Bucket Web parameters bucketweb: enabled: true ingress: enabled: true certManager: false hostname: thanos-bucketweb.{{ .Values.cluster_config.domain }} ingressClassName: "nginx" annotations: cert-manager.io/cluster-issuer: {{ .Values.cluster_config.ingress_clusterissuer }} nginx.ingress.kubernetes.io/backend-protocol: HTTP nginx.ingress.kubernetes.io/proxy-body-size: 1024m nginx.ingress.kubernetes.io/ssl-redirect: "true" nginx.ingress.kubernetes.io/whitelist-source-range: 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,172.19.255.0/24 ## extraHosts: ## - name: thanos-bucketweb.local ## path: / ## pathType: ImplementationSpecific ## extraHosts: [] extraTls: - hosts: - thanos-bucketweb.{{ .Values.cluster_config.domain }} secretName: thanos-bucketweb-tls ## @section Thanos Compactor parameters compactor: enabled: true ingress: enabled: true certManager: false hostname: thanos-compactor.{{ .Values.cluster_config.domain }} ingressClassName: "nginx" annotations: cert-manager.io/cluster-issuer: {{ .Values.cluster_config.ingress_clusterissuer }} nginx.ingress.kubernetes.io/backend-protocol: HTTP nginx.ingress.kubernetes.io/proxy-body-size: 1024m nginx.ingress.kubernetes.io/ssl-redirect: "true" nginx.ingress.kubernetes.io/whitelist-source-range: 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,172.19.255.0/24 ## extraHosts: ## - name: thanos.local ## path: / ## pathType: ImplementationSpecific ## extraHosts: [] extraTls: - hosts: - thanos-compactor.{{ .Values.cluster_config.domain }} secretName: thanos-compactor-tls persistence: enabled: true storageClass: "local-storage" accessModes: - ReadWriteOnce size: 8Gi ## @section Thanos Store Gateway parameters storegateway: enabled: true ingress: enabled: true certManager: false hostname: thanos-storage.{{ .Values.cluster_config.domain }} ingressClassName: "nginx" annotations: cert-manager.io/cluster-issuer: {{ .Values.cluster_config.ingress_clusterissuer }} nginx.ingress.kubernetes.io/backend-protocol: HTTP nginx.ingress.kubernetes.io/proxy-body-size: 1024m nginx.ingress.kubernetes.io/ssl-redirect: "true" nginx.ingress.kubernetes.io/whitelist-source-range: 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,172.19.255.0/24 ## extraHosts: ## - name: thanos.local ## path: / ## pathType: ImplementationSpecific ## extraHosts: [] extraTls: - hosts: - thanos-storage.{{ .Values.cluster_config.domain }} secretName: thanos-storage-tls persistence: enabled: true storageClass: "local-storage" accessModes: - ReadWriteOnce size: 8Gi ## @section Thanos Ruler parameters ruler: enabled: true alertmanagers: - https://alertmanager.k1.itpartner.no - https://alertmanager.k2.itpartner.no - https://alertmanager.k0.itpartner.no config: |- groups: - name: "metamonitoring" rules: - alert: "PrometheusDown" expr: absent(up{container="prometheus",job="prometheus-kube-prometheus-prometheus",namespace="prometheus"}) global: resolve_timeout: 5m route: receiver: pagerduty group_by: - alertname routes: - receiver: snitch match: alertname: Watchdog group_wait: 0s group_interval: 1m repeat_interval: 50s group_wait: 60s group_interval: 15m repeat_interval: 24h receivers: - name: pagerduty pagerduty_configs: - routing_key: e67f3a24f11c450ad060128f20ffa5d1 url: https://events.pagerduty.com/v2/enqueue ingress: enabled: true certManager: false hostname: thanos-ruler.{{ .Values.cluster_config.domain }} ingressClassName: "nginx" annotations: cert-manager.io/cluster-issuer: {{ .Values.cluster_config.ingress_clusterissuer }} nginx.ingress.kubernetes.io/backend-protocol: HTTP nginx.ingress.kubernetes.io/proxy-body-size: 1024m nginx.ingress.kubernetes.io/ssl-redirect: "true" nginx.ingress.kubernetes.io/whitelist-source-range: 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,172.19.255.0/24 ## extraHosts: ## - name: thanos.local ## path: / ## pathType: ImplementationSpecific ## extraHosts: [] extraTls: - hosts: - thanos-ruler.{{ .Values.cluster_config.domain }} secretName: thanos-ruler-tls persistence: enabled: true storageClass: "local-storage" accessModes: - ReadWriteOnce size: 8Gi ## @section Thanos Receive parameters receive: enabled: false mode: standalone replicationFactor: 1 replicaLabel: replica tsdbRetention: 15d config: - endpoints: - "127.0.0.1:10901" ingress: enabled: true certManager: false hostname: thanos-receive.{{ .Values.cluster_config.domain }} ingressClassName: "nginx" annotations: cert-manager.io/cluster-issuer: {{ .Values.cluster_config.ingress_clusterissuer }} nginx.ingress.kubernetes.io/backend-protocol: HTTP nginx.ingress.kubernetes.io/proxy-body-size: 1024m nginx.ingress.kubernetes.io/ssl-redirect: "true" nginx.ingress.kubernetes.io/whitelist-source-range: 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,172.19.255.0/24 ## extraHosts: ## - name: thanos.local ## path: / ## pathType: ImplementationSpecific ## extraHosts: [] extraTls: - hosts: - thanos-receive.{{ .Values.cluster_config.domain }} secretName: thanos-receive-tls persistence: enabled: true storageClass: "local-storage" accessModes: - ReadWriteOnce size: 8Gi ## @section Metrics parameters metrics: enabled: true serviceMonitor: enabled: true ## @section MinIO® chart parameters minio: enabled: true accessKey: password: "thanos" secretKey: password: "en to tre fire" defaultBuckets: thanos ingress: enabled: true certManager: false hostname: thanos-minio.{{ .Values.cluster_config.domain }} ingressClassName: "nginx" annotations: cert-manager.io/cluster-issuer: {{ .Values.cluster_config.ingress_clusterissuer }} nginx.ingress.kubernetes.io/backend-protocol: HTTP nginx.ingress.kubernetes.io/proxy-body-size: 1024m nginx.ingress.kubernetes.io/ssl-redirect: "true" nginx.ingress.kubernetes.io/whitelist-source-range: 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,172.19.255.0/24 ## extraHosts: ## - name: thanos.local ## path: / ## pathType: ImplementationSpecific ## extraHosts: [] extraTls: - hosts: - thanos-minio.{{ .Values.cluster_config.domain }} secretName: thanos-minio-tls project: sys syncPolicy: managedNamespaceMetadata: labels: component: sys syncOptions: - CreateNamespace=true - ApplyOutOfSyncOnly=true {{- if .Values.prometheus.autosync }} automated: prune: true # selfHeal: false {{- end }} {{ end }}