From 77cacd44cf3c93b499eeb60cb5b66b4592ac599e Mon Sep 17 00:00:00 2001 From: Richard Tief Date: Fri, 25 Oct 2024 11:38:22 +0200 Subject: [PATCH] feat(gh-ccloud): add support for compute clusters --- system/greenhouse-ccloud/Chart.yaml | 2 +- .../kube-monitoring-compute-pluginpreset.yaml | 61 --------------- ...yaml => kube-monitoring-pluginpreset.yaml} | 76 ++++++++++++------- system/greenhouse-ccloud/values.yaml | 18 ++++- 4 files changed, 62 insertions(+), 95 deletions(-) delete mode 100644 system/greenhouse-ccloud/templates/kube-monitoring-compute-pluginpreset.yaml rename system/greenhouse-ccloud/templates/{kube-monitoring-storage-pluginpreset.yaml => kube-monitoring-pluginpreset.yaml} (74%) diff --git a/system/greenhouse-ccloud/Chart.yaml b/system/greenhouse-ccloud/Chart.yaml index 6b7c1b9c57..42e5821a72 100644 --- a/system/greenhouse-ccloud/Chart.yaml +++ b/system/greenhouse-ccloud/Chart.yaml @@ -2,4 +2,4 @@ apiVersion: v2 name: ccloud description: A Helm chart for the CCloud organization in Greenhouse. type: application -version: 1.9.2 +version: 1.9.3 diff --git a/system/greenhouse-ccloud/templates/kube-monitoring-compute-pluginpreset.yaml b/system/greenhouse-ccloud/templates/kube-monitoring-compute-pluginpreset.yaml deleted file mode 100644 index 7dbf33e01b..0000000000 --- a/system/greenhouse-ccloud/templates/kube-monitoring-compute-pluginpreset.yaml +++ /dev/null @@ -1,61 +0,0 @@ -{{- if .Values.kubeMonitoring.enabled -}} - -apiVersion: v1 -kind: Secret -metadata: - name: {{ .Chart.Name }}-prometheus-sso-cert - namespace: {{ .Release.Namespace }} -data: - tls.crt: {{ required ".Values.kubeMonitoring.ssoCert missing" .Values.kubeMonitoring.ssoCert | b64enc }} - tls.key: {{ required ".Values.kubeMonitoring.ssoKey missing" .Values.kubeMonitoring.ssoKey | b64enc }} - ---- -apiVersion: greenhouse.sap/v1alpha1 -kind: PluginPreset -metadata: - name: kube-monitoring - namespace: {{ .Release.Namespace }} -spec: - clusterSelector: - matchLabels: - greenhouse.sap/pluginpreset: "true" - cluster-type: "compute" - plugin: - disabled: false - optionValues: - - name: global.commonLabels - value: - service: kvm - - name: alerts.alertmanagers.hosts - value: - - alertmanager-internal.scaleout.eu-de-1.cloud.sap - - alertmanager-internal.scaleout.eu-nl-1.cloud.sap - - name: alerts.alertmanagers.tlsConfig.cert - valueFrom: - secret: - key: tls.crt - name: {{ .Chart.Name }}-prometheus-sso-cert - - name: alerts.alertmanagers.tlsConfig.key - valueFrom: - secret: - key: tls.key - name: {{ .Chart.Name }}-prometheus-sso-cert - - name: alerts.enabled - value: true - - name: kubeMonitoring.defaultRules.create - value: false - - name: kubeMonitoring.prometheus.ingress.enabled - value: false - - name: kubeMonitoring.prometheus.prometheusSpec.externalLabels - value: - cluster: '{{ "{{ .Values.global.greenhouse.clusterName }}" }}' - cluster_type: compute - organization: ccloud - region: '{{ "{{ .Values.global.greenhouse.clusterName | trunc -7 }}" }}' - - name: kubeMonitoring.prometheus.prometheusSpec.retention - value: 30d - - name: kubeMonitoring.prometheus.prometheusSpec.storageSpec.volumeClaimTemplate.spec.resources.requests.storage - value: 100Gi - pluginDefinition: kube-monitoring - releaseNamespace: kube-monitoring -{{- end -}} diff --git a/system/greenhouse-ccloud/templates/kube-monitoring-storage-pluginpreset.yaml b/system/greenhouse-ccloud/templates/kube-monitoring-pluginpreset.yaml similarity index 74% rename from system/greenhouse-ccloud/templates/kube-monitoring-storage-pluginpreset.yaml rename to system/greenhouse-ccloud/templates/kube-monitoring-pluginpreset.yaml index 1d4cdd1319..834febb735 100644 --- a/system/greenhouse-ccloud/templates/kube-monitoring-storage-pluginpreset.yaml +++ b/system/greenhouse-ccloud/templates/kube-monitoring-pluginpreset.yaml @@ -17,33 +17,69 @@ metadata: namespace: {{ .Release.Namespace }} spec: clusterOptionOverrides: - {{- range $thanosCluster := .Values.kubeMonitoring.thanosClusters }} - - clusterName: {{ $thanosCluster }} + {{- range $cluster, $thanos := .Values.kubeMonitoring.cephClusters }} + - clusterName: {{ $cluster }} overrides: + - name: global.commonLabels + value: + service: ceph + support_group: storage + - name: kubeMonitoring.prometheus.prometheusSpec.externalLabels + value: + cluster: '{{ "{{ .Values.global.greenhouse.clusterName }}" }}' + cluster_type: storage + organization: ccloud + region: '{{ "{{ .Values.global.greenhouse.clusterName | trunc -7 }}" }}' + - name: kubeMonitoring.prometheus.prometheusSpec.externalUrl + value: '{{ "https://prometheus.st1.{{ .Values.global.greenhouse.clusterName | trunc -7 }}.cloud.sap" }}' + # NFS volumes need more permissions to work + - name: kubeMonitoring.prometheus.prometheusSpec.securityContext + value: + fsGroup: 0 + runAsNonRoot: false + runAsUser: 0 + {{- if index $thanos "thanos" }} - name: kubeMonitoring.prometheus.prometheusSpec.thanos.objectStorageConfig.existingSecret.name - value: thanos-{{ $thanosCluster }}-metrics-objectstore + value: thanos-{{ $cluster }}-metrics-objectstore - name: kubeMonitoring.prometheus.prometheusSpec.thanos.objectStorageConfig.existingSecret.key value: thanos.yaml - name: kubeMonitoring.kube-state-metrics.prometheus.monitor.http.metricRelabelings value: - action: replace regex: .* - replacement: {{ $thanosCluster }} + replacement: {{ $cluster }} sourceLabels: - __name__ targetLabel: cluster {{- end }} + {{- end }} + {{- range $cluster, $thanos := .Values.kubeMonitoring.computeClusters }} + - clusterName: {{ $cluster }} + overrides: + - name: global.commonLabels + value: + service: kvm + - name: kubeMonitoring.prometheus.prometheusSpec.externalLabels + value: + cluster: '{{ "{{ .Values.global.greenhouse.clusterName }}" }}' + cluster_type: compute + organization: ccloud + region: '{{ "{{ .Values.global.greenhouse.clusterName | trunc -7 }}" }}' + {{- end }} clusterSelector: - matchLabels: - greenhouse.sap/pluginpreset: "true" - cluster-type: "storage" + matchExpressions: + - key: greenhouse.sap/pluginpreset + operator: In + values: + - "true" + - key: cluster-type + operator: In + values: + - "storage" + - "compute" plugin: disabled: false optionValues: - - name: global.commonLabels - value: - service: ceph - support_group: storage - name: alerts.alertmanagers.hosts value: - alertmanager-internal.scaleout.eu-de-1.cloud.sap @@ -62,28 +98,10 @@ spec: value: true - name: kubeMonitoring.defaultRules.create value: false - - name: kubeMonitoring.additionalPrometheusRulesMap - value: {} - - name: kubeMonitoring.prometheus.ingress.enabled - value: false - - name: kubeMonitoring.prometheus.prometheusSpec.externalLabels - value: - cluster: '{{ "{{ .Values.global.greenhouse.clusterName }}" }}' - cluster_type: storage - organization: ccloud - region: '{{ "{{ .Values.global.greenhouse.clusterName | trunc -7 }}" }}' - - name: kubeMonitoring.prometheus.prometheusSpec.externalUrl - value: '{{ "https://prometheus.st1.{{ .Values.global.greenhouse.clusterName | trunc -7 }}.cloud.sap" }}' - name: kubeMonitoring.prometheus.prometheusSpec.retention value: 30d - name: kubeMonitoring.prometheus.prometheusSpec.storageSpec.volumeClaimTemplate.spec.resources.requests.storage value: 100Gi - # NFS volumes need more permissions to work - - name: kubeMonitoring.prometheus.prometheusSpec.securityContext - value: - fsGroup: 0 - runAsNonRoot: false - runAsUser: 0 pluginDefinition: kube-monitoring releaseNamespace: kube-monitoring {{- end -}} diff --git a/system/greenhouse-ccloud/values.yaml b/system/greenhouse-ccloud/values.yaml index 350416e2e0..b7fa842ab2 100644 --- a/system/greenhouse-ccloud/values.yaml +++ b/system/greenhouse-ccloud/values.yaml @@ -104,10 +104,20 @@ kubeMonitoring: enabled: false ssoCert: ssoKey: - thanosClusters: - - st1-qa-de-1 - - st1-eu-de-2 - - st1-na-us-2 + cephClusters: + st1-qa-de-1: + thanos: true + st1-eu-de-2: + thanos: true + st1-na-us-2: + thanos: true + computeClusters: + cc273-qa-de-1: + thanos: false + cc274-qa-de-1: + thanos: false + cc275-qa-de-1: + thanos: false openTelemetry: enabled: false