diff --git a/aks/main.tf b/aks/main.tf index f0598628..35d76771 100644 --- a/aks/main.tf +++ b/aks/main.tf @@ -42,6 +42,8 @@ module "kube-prometheus-stack" { app_autosync = var.app_autosync dependency_ids = var.dependency_ids + resources = var.resources + prometheus = var.prometheus alertmanager = var.alertmanager grafana = var.grafana diff --git a/eks/main.tf b/eks/main.tf index cdfe109e..8655e1f7 100644 --- a/eks/main.tf +++ b/eks/main.tf @@ -13,6 +13,8 @@ module "kube-prometheus-stack" { app_autosync = var.app_autosync dependency_ids = var.dependency_ids + resources = var.resources + prometheus = var.prometheus alertmanager = var.alertmanager grafana = var.grafana diff --git a/kind/main.tf b/kind/main.tf index cdfe109e..8655e1f7 100644 --- a/kind/main.tf +++ b/kind/main.tf @@ -13,6 +13,8 @@ module "kube-prometheus-stack" { app_autosync = var.app_autosync dependency_ids = var.dependency_ids + resources = var.resources + prometheus = var.prometheus alertmanager = var.alertmanager grafana = var.grafana diff --git a/locals.tf b/locals.tf index f87122dc..57abf437 100644 --- a/locals.tf +++ b/locals.tf @@ -1,6 +1,6 @@ locals { oauth2_proxy_image = "quay.io/oauth2-proxy/oauth2-proxy:v7.5.0" - curl_wait_for_oidc_image = "curlimages/curl:8.3.0" + curl_wait_for_oidc_image = "curlimages/curl:8.6.0" domain = trimprefix("${var.subdomain}.${var.base_domain}", ".") domain_full = trimprefix("${var.subdomain}.${var.cluster_name}.${var.base_domain}", ".") @@ -10,6 +10,16 @@ locals { "traefik.ingress.kubernetes.io/router.tls" = "true" } + oidc_proxy_resources = { + requests = { + cpu = "20m" + memory = "64M" + } + limits = { + memory = "128M" + } + } + grafana_defaults = { enabled = true additional_data_sources = false @@ -126,8 +136,9 @@ locals { ] containers = [ { - image = local.oauth2_proxy_image - name = "alertmanager-proxy" + image = local.oauth2_proxy_image + name = "alertmanager-proxy" + resources = local.oidc_proxy_resources ports = [ { name = "proxy" @@ -148,6 +159,10 @@ locals { ], local.alertmanager.oidc.oauth2_proxy_extra_args) }, ] + resources = { + requests = { for k, v in var.resources.alertmanager.requests : k => v if v != null } + limits = { for k, v in var.resources.alertmanager.limits : k => v if v != null } + } } ingress = { enabled = true @@ -207,7 +222,7 @@ locals { } server = { domain = "${local.grafana.domain}" - root_url = "https://%(domain)s" # TODO check this + root_url = "https://%(domain)s" } dataproxy = { timeout = var.dataproxy_timeout @@ -252,6 +267,10 @@ locals { }, ] } + resources = { + requests = { for k, v in var.resources.grafana.requests : k => v if v != null } + limits = { for k, v in var.resources.grafana.limits : k => v if v != null } + } } : null, merge((!local.grafana.enabled && local.grafana.additional_data_sources) ? { forceDeployDashboards = true @@ -333,8 +352,9 @@ locals { "--email-domain=*", "--redirect-url=https://${local.prometheus.domain}/oauth2/callback", ], local.prometheus.oidc.oauth2_proxy_extra_args) - image = local.oauth2_proxy_image - name = "prometheus-proxy" + image = local.oauth2_proxy_image + name = "prometheus-proxy" + resources = local.oidc_proxy_resources ports = [ { containerPort = 9091 @@ -353,6 +373,10 @@ locals { externalLabels = { prometheus = "prometheus-${var.cluster_name}" } + resources = { + requests = { for k, v in var.resources.prometheus.requests : k => v if v != null } + limits = { for k, v in var.resources.prometheus.limits : k => v if v != null } + } }, var.metrics_storage_main != null ? { thanos = { objectStorageConfig = { @@ -361,6 +385,10 @@ locals { key = "thanos.yaml" } } + resources = { + requests = { for k, v in var.resources.thanos_sidecar.requests : k => v if v != null } + limits = { for k, v in var.resources.thanos_sidecar.limits : k => v if v != null } + } } } : null) service = { @@ -382,6 +410,24 @@ locals { } } ) + prometheusOperator = { + resources = { + requests = { for k, v in var.resources.prometheus_operator.requests : k => v if v != null } + limits = { for k, v in var.resources.prometheus_operator.limits : k => v if v != null } + } + } + kube-state-metrics = { + resources = { + requests = { for k, v in var.resources.kube_state_metrics.requests : k => v if v != null } + limits = { for k, v in var.resources.kube_state_metrics.limits : k => v if v != null } + } + } + prometheus-node-exporter = { + resources = { + requests = { for k, v in var.resources.node_exporter.requests : k => v if v != null } + limits = { for k, v in var.resources.node_exporter.limits : k => v if v != null } + } + } } }] } diff --git a/sks/main.tf b/sks/main.tf index cdfe109e..8655e1f7 100644 --- a/sks/main.tf +++ b/sks/main.tf @@ -13,6 +13,8 @@ module "kube-prometheus-stack" { app_autosync = var.app_autosync dependency_ids = var.dependency_ids + resources = var.resources + prometheus = var.prometheus alertmanager = var.alertmanager grafana = var.grafana diff --git a/variables.tf b/variables.tf index 4b89f5f9..f869b543 100644 --- a/variables.tf +++ b/variables.tf @@ -84,6 +84,95 @@ variable "dependency_ids" { ## Module variables ####################### +variable "resources" { + description = <<-EOT + Resource limits and requests for kube-prometheus-stack's components. Follow the style on https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/[official documentation] to understand the format of the values. + + IMPORTANT: These are not production values. You should always adjust them to your needs. + EOT + type = object({ + + prometheus = optional(object({ + requests = optional(object({ + cpu = optional(string, "250m") + memory = optional(string, "512Mi") + }), {}) + limits = optional(object({ + cpu = optional(string) + memory = optional(string, "1024Mi") + }), {}) + }), {}) + + prometheus_operator = optional(object({ + requests = optional(object({ + cpu = optional(string, "50m") + memory = optional(string, "128Mi") + }), {}) + limits = optional(object({ + cpu = optional(string) + memory = optional(string, "128Mi") + }), {}) + }), {}) + + thanos_sidecar = optional(object({ + requests = optional(object({ + cpu = optional(string, "100m") + memory = optional(string, "256Mi") + }), {}) + limits = optional(object({ + cpu = optional(string) + memory = optional(string, "512Mi") + }), {}) + }), {}) + + alertmanager = optional(object({ + requests = optional(object({ + cpu = optional(string, "50m") + memory = optional(string, "128Mi") + }), {}) + limits = optional(object({ + cpu = optional(string) + memory = optional(string, "256Mi") + }), {}) + }), {}) + + kube_state_metrics = optional(object({ + requests = optional(object({ + cpu = optional(string, "50m") + memory = optional(string, "128Mi") + }), {}) + limits = optional(object({ + cpu = optional(string) + memory = optional(string, "128Mi") + }), {}) + }), {}) + + grafana = optional(object({ + requests = optional(object({ + cpu = optional(string, "250m") + memory = optional(string, "512Mi") + }), {}) + limits = optional(object({ + cpu = optional(string) + memory = optional(string, "512Mi") + }), {}) + }), {}) + + node_exporter = optional(object({ + requests = optional(object({ + cpu = optional(string, "50m") + memory = optional(string, "128Mi") + }), {}) + limits = optional(object({ + cpu = optional(string) + memory = optional(string, "128Mi") + }), {}) + }), {}) + + }) + default = {} +} + variable "grafana" { description = "Grafana settings" type = any @@ -116,7 +205,7 @@ variable "alertmanager" { } variable "metrics_storage_main" { - description = "Storage settings for the Thanos sidecar. Needs to be of type `any` because the structure is different depending on the provider used." + description = "Storage settings for the Thanos sidecar. Needs to be of type `any` because the structure is different depending on the variant used." type = any default = {} }