From c4b7c64fc4ffe665e53807efbd4b4061996b4554 Mon Sep 17 00:00:00 2001 From: Berk Dehrioglu Date: Mon, 10 Jun 2024 14:15:25 +0300 Subject: [PATCH] add/enable missing apps to sync with vintage (#636) * add/enable missing apps to sync with vintage --- CHANGELOG.md | 8 +++ helm/cluster-aws/Chart.lock | 6 +-- helm/cluster-aws/Chart.yaml | 2 +- helm/cluster-aws/README.md | 30 ++++++++++- ...ws-ebs-csi-driver-servicemonitors-app.yaml | 50 +++++++++++++++++++ .../templates/irsa-servicemonitors-app.yaml | 50 +++++++++++++++++++ helm/cluster-aws/values.schema.json | 30 +++++++++++ helm/cluster-aws/values.yaml | 8 +++ 8 files changed, 179 insertions(+), 5 deletions(-) create mode 100644 helm/cluster-aws/templates/aws-ebs-csi-driver-servicemonitors-app.yaml create mode 100644 helm/cluster-aws/templates/irsa-servicemonitors-app.yaml diff --git a/CHANGELOG.md b/CHANGELOG.md index b19ab55d..c0ea26b6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,14 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [Unreleased] +### Added + +- Add `irsa-servicemonitors` and `aws-ebs-csi-driver-servicemonitors` apps. + +### Changed + +- Set `prometheus-blackbox-exporter` and `k8s-audit-metrics` as enabled. + ## [0.77.0] - 2024-06-07 ### Added diff --git a/helm/cluster-aws/Chart.lock b/helm/cluster-aws/Chart.lock index 24c309d7..60f02606 100644 --- a/helm/cluster-aws/Chart.lock +++ b/helm/cluster-aws/Chart.lock @@ -1,9 +1,9 @@ dependencies: - name: cluster repository: https://giantswarm.github.io/cluster-catalog - version: 0.29.0 + version: 0.30.1 - name: cluster-shared repository: https://giantswarm.github.io/cluster-catalog version: 0.7.1 -digest: sha256:121c9594b0c076cd5a1a0a9ab06a33980d519614e6fb32005406e21bebebe968 -generated: "2024-05-31T09:36:25.099668049Z" +digest: sha256:3f8917e5d334ab5e1453a3b097d8c1223b5d4f9eca2f92e5e69f0c5acbef52c2 +generated: "2024-06-07T12:41:39.329381+03:00" diff --git a/helm/cluster-aws/Chart.yaml b/helm/cluster-aws/Chart.yaml index eff8bc41..5dba4d77 100644 --- a/helm/cluster-aws/Chart.yaml +++ b/helm/cluster-aws/Chart.yaml @@ -16,7 +16,7 @@ restrictions: - capa dependencies: - name: cluster - version: "0.29.0" + version: "0.30.1" repository: https://giantswarm.github.io/cluster-catalog - name: cluster-shared version: "0.7.1" diff --git a/helm/cluster-aws/README.md b/helm/cluster-aws/README.md index 90dcbcbb..cb177edc 100644 --- a/helm/cluster-aws/README.md +++ b/helm/cluster-aws/README.md @@ -47,6 +47,13 @@ Configuration of apps that are part of the cluster. | `global.apps.awsEbsCsiDriver.extraConfigs[*].name` | **Name** - Name of the config map or secret. The object must exist in the same namespace as the cluster App.|**Type:** `string`
| | `global.apps.awsEbsCsiDriver.extraConfigs[*].optional` | **Optional** - Optional marks this ValuesReference as optional. When set, a not found error for the values reference is ignored, but any ValuesKey, TargetPath or transient error will still result in a reconciliation failure.|**Type:** `boolean`
| | `global.apps.awsEbsCsiDriver.values` | **Values** - Values to be passed to the app. Values will have higher priority than values from configmaps.|**Type:** `object`
| +| `global.apps.awsEbsCsiDriverServiceMonitors` | **App resource** - Configuration of a default app that is part of the cluster and is deployed as an App resource.|**Type:** `object`
| +| `global.apps.awsEbsCsiDriverServiceMonitors.extraConfigs` | **Extra config maps or secrets** - Extra config maps or secrets that will be used to customize to the app. The desired values must be under configmap or secret key 'values'. The values are merged in the order given, with the later values overwriting earlier, and then inline values overwriting those. Resources must be in the same namespace as the cluster.|**Type:** `array`
| +| `global.apps.awsEbsCsiDriverServiceMonitors.extraConfigs[*]` | **Config map or secret**|**Type:** `object`
| +| `global.apps.awsEbsCsiDriverServiceMonitors.extraConfigs[*].kind` | **Kind** - Specifies whether the resource is a config map or a secret.|**Type:** `string`
| +| `global.apps.awsEbsCsiDriverServiceMonitors.extraConfigs[*].name` | **Name** - Name of the config map or secret. The object must exist in the same namespace as the cluster App.|**Type:** `string`
| +| `global.apps.awsEbsCsiDriverServiceMonitors.extraConfigs[*].priority` | **Priority**|**Type:** `integer`
**Default:** `25`| +| `global.apps.awsEbsCsiDriverServiceMonitors.values` | **Config map** - Helm Values to be passed to the app as user config.|**Type:** `object`
| | `global.apps.awsPodIdentityWebhook` | **App resource** - Configuration of a default app that is part of the cluster and is deployed as an App resource.|**Type:** `object`
| | `global.apps.awsPodIdentityWebhook.extraConfigs` | **Extra config maps or secrets** - Extra config maps or secrets that will be used to customize to the app. The desired values must be under configmap or secret key 'values'. The values are merged in the order given, with the later values overwriting earlier, and then inline values overwriting those. Resources must be in the same namespace as the cluster.|**Type:** `array`
| | `global.apps.awsPodIdentityWebhook.extraConfigs[*]` | **Config map or secret**|**Type:** `object`
| @@ -124,6 +131,20 @@ Configuration of apps that are part of the cluster. | `global.apps.externalDns.extraConfigs[*].name` | **Name** - Name of the config map or secret. The object must exist in the same namespace as the cluster App.|**Type:** `string`
| | `global.apps.externalDns.extraConfigs[*].priority` | **Priority**|**Type:** `integer`
**Default:** `25`| | `global.apps.externalDns.values` | **Config map** - Helm Values to be passed to the app as user config.|**Type:** `object`
| +| `global.apps.irsaServiceMonitors` | **App resource** - Configuration of a default app that is part of the cluster and is deployed as an App resource.|**Type:** `object`
| +| `global.apps.irsaServiceMonitors.extraConfigs` | **Extra config maps or secrets** - Extra config maps or secrets that will be used to customize to the app. The desired values must be under configmap or secret key 'values'. The values are merged in the order given, with the later values overwriting earlier, and then inline values overwriting those. Resources must be in the same namespace as the cluster.|**Type:** `array`
| +| `global.apps.irsaServiceMonitors.extraConfigs[*]` | **Config map or secret**|**Type:** `object`
| +| `global.apps.irsaServiceMonitors.extraConfigs[*].kind` | **Kind** - Specifies whether the resource is a config map or a secret.|**Type:** `string`
| +| `global.apps.irsaServiceMonitors.extraConfigs[*].name` | **Name** - Name of the config map or secret. The object must exist in the same namespace as the cluster App.|**Type:** `string`
| +| `global.apps.irsaServiceMonitors.extraConfigs[*].priority` | **Priority**|**Type:** `integer`
**Default:** `25`| +| `global.apps.irsaServiceMonitors.values` | **Config map** - Helm Values to be passed to the app as user config.|**Type:** `object`
| +| `global.apps.k8sAuditMetrics` | **App resource** - Configuration of a default app that is part of the cluster and is deployed as an App resource.|**Type:** `object`
| +| `global.apps.k8sAuditMetrics.extraConfigs` | **Extra config maps or secrets** - Extra config maps or secrets that will be used to customize to the app. The desired values must be under configmap or secret key 'values'. The values are merged in the order given, with the later values overwriting earlier, and then inline values overwriting those. Resources must be in the same namespace as the cluster.|**Type:** `array`
| +| `global.apps.k8sAuditMetrics.extraConfigs[*]` | **Config map or secret**|**Type:** `object`
| +| `global.apps.k8sAuditMetrics.extraConfigs[*].kind` | **Kind** - Specifies whether the resource is a config map or a secret.|**Type:** `string`
| +| `global.apps.k8sAuditMetrics.extraConfigs[*].name` | **Name** - Name of the config map or secret. The object must exist in the same namespace as the cluster App.|**Type:** `string`
| +| `global.apps.k8sAuditMetrics.extraConfigs[*].priority` | **Priority**|**Type:** `integer`
**Default:** `25`| +| `global.apps.k8sAuditMetrics.values` | **Config map** - Helm Values to be passed to the app as user config.|**Type:** `object`
| | `global.apps.k8sDnsNodeCache` | **App resource** - Configuration of a default app that is part of the cluster and is deployed as an App resource.|**Type:** `object`
| | `global.apps.k8sDnsNodeCache.extraConfigs` | **Extra config maps or secrets** - Extra config maps or secrets that will be used to customize to the app. The desired values must be under configmap or secret key 'values'. The values are merged in the order given, with the later values overwriting earlier, and then inline values overwriting those. Resources must be in the same namespace as the cluster.|**Type:** `array`
| | `global.apps.k8sDnsNodeCache.extraConfigs[*]` | **Config map or secret**|**Type:** `object`
| @@ -166,6 +187,13 @@ Configuration of apps that are part of the cluster. | `global.apps.observabilityBundle.extraConfigs[*].name` | **Name** - Name of the config map or secret. The object must exist in the same namespace as the cluster App.|**Type:** `string`
| | `global.apps.observabilityBundle.extraConfigs[*].priority` | **Priority**|**Type:** `integer`
**Default:** `25`| | `global.apps.observabilityBundle.values` | **Config map** - Helm Values to be passed to the app as user config.|**Type:** `object`
| +| `global.apps.prometheusBlackboxExporter` | **App resource** - Configuration of a default app that is part of the cluster and is deployed as an App resource.|**Type:** `object`
| +| `global.apps.prometheusBlackboxExporter.extraConfigs` | **Extra config maps or secrets** - Extra config maps or secrets that will be used to customize to the app. The desired values must be under configmap or secret key 'values'. The values are merged in the order given, with the later values overwriting earlier, and then inline values overwriting those. Resources must be in the same namespace as the cluster.|**Type:** `array`
| +| `global.apps.prometheusBlackboxExporter.extraConfigs[*]` | **Config map or secret**|**Type:** `object`
| +| `global.apps.prometheusBlackboxExporter.extraConfigs[*].kind` | **Kind** - Specifies whether the resource is a config map or a secret.|**Type:** `string`
| +| `global.apps.prometheusBlackboxExporter.extraConfigs[*].name` | **Name** - Name of the config map or secret. The object must exist in the same namespace as the cluster App.|**Type:** `string`
| +| `global.apps.prometheusBlackboxExporter.extraConfigs[*].priority` | **Priority**|**Type:** `integer`
**Default:** `25`| +| `global.apps.prometheusBlackboxExporter.values` | **Config map** - Helm Values to be passed to the app as user config.|**Type:** `object`
| | `global.apps.securityBundle` | **App resource** - Configuration of a default app that is part of the cluster and is deployed as an App resource.|**Type:** `object`
| | `global.apps.securityBundle.extraConfigs` | **Extra config maps or secrets** - Extra config maps or secrets that will be used to customize to the app. The desired values must be under configmap or secret key 'values'. The values are merged in the order given, with the later values overwriting earlier, and then inline values overwriting those. Resources must be in the same namespace as the cluster.|**Type:** `array`
| | `global.apps.securityBundle.extraConfigs[*]` | **Config map or secret**|**Type:** `object`
| @@ -393,7 +421,7 @@ Properties within the `.global.podSecurityStandards` object | **Property** | **Description** | **More Details** | | :----------- | :-------------- | :--------------- | | `baseDomain` | **Base DNS domain**|**Type:** `string`
| -| `cluster` | **Cluster** - Helm values for the provider-independent cluster chart|**Type:** `object`
**Default:** `{"providerIntegration":{"apps":{"capiNodeLabeler":{"enable":true},"certExporter":{"enable":true},"certManager":{"enable":true},"chartOperatorExtensions":{"enable":true},"cilium":{"configTemplateName":"awsCiliumHelmValues","enable":true},"ciliumServiceMonitors":{"enable":true},"clusterAutoscaler":{"configTemplateName":"awsClusterAutoscalerHelmValues","enable":true},"coreDns":{"configTemplateName":"awsCorednsHelmValues","enable":true},"etcdKubernetesResourcesCountExporter":{"enable":true},"externalDns":{"configTemplateName":"awsExternalDnsHelmValues","enable":true},"k8sDnsNodeCache":{"enable":true},"metricsServer":{"enable":true},"netExporter":{"enable":true},"networkPolicies":{"configTemplateName":"awsNetworkPoliciesHelmValues","enable":true},"nodeExporter":{"enable":true},"observabilityBundle":{"enable":true},"securityBundle":{"configTemplateName":"awsSecurityBundleHelmValues","enable":true},"teleportKubeAgent":{"enable":true},"verticalPodAutoscaler":{"enable":true},"verticalPodAutoscalerCrd":{"enable":true}},"clusterAnnotationsTemplateName":"awsConnectivityLabels","components":{"systemd":{"timesyncd":{"ntp":["169.254.169.123"]}}},"connectivity":{"proxy":{"noProxy":{"templateName":"awsNoProxyList","value":["elb.amazonaws.com","169.254.169.254"]}}},"controlPlane":{"kubeadmConfig":{"clusterConfiguration":{"apiServer":{"apiAudiences":{"templateName":"awsApiServerApiAudiences"},"featureGates":[{"enabled":true,"name":"CronJobTimeZone"}],"serviceAccountIssuer":{"templateName":"awsIrsaServiceAccountIssuer"}}},"files":[{"contentFrom":{"secret":{"key":"99-unmanaged-devices.network","name":"provider-specific-files","prependClusterNameAsPrefix":true}},"path":"/etc/systemd/network/99-unmanaged-devices.network","permissions":"0644"}],"ignition":{"containerLinuxConfig":{"additionalConfig":{"storage":{"filesystems":[{"mount":{"device":"/dev/xvdc","format":"xfs","label":"etcd","wipeFilesystem":true},"name":"etcd"},{"mount":{"device":"/dev/xvdd","format":"xfs","label":"lib","wipeFilesystem":true},"name":"lib"},{"mount":{"device":"/dev/xvde","format":"xfs","label":"log","wipeFilesystem":true},"name":"log"}]},"systemd":{"units":[{"contents":{"install":{"wantedBy":["local-fs-pre.target"]},"mount":{"type":"xfs","what":"/dev/disk/by-label/etcd","where":"/var/lib/etcd"},"unit":{"defaultDependencies":false,"description":"etcd volume"}},"enabled":true,"name":"var-lib-etcd.mount"},{"contents":{"install":{"wantedBy":["local-fs-pre.target"]},"mount":{"type":"xfs","what":"/dev/disk/by-label/lib","where":"/var/lib"},"unit":{"defaultDependencies":false,"description":"var lib volume"}},"enabled":true,"name":"var-lib.mount"},{"contents":{"install":{"wantedBy":["local-fs-pre.target"]},"mount":{"type":"xfs","what":"/dev/disk/by-label/log","where":"/var/log"},"unit":{"defaultDependencies":false,"description":"log volume"}},"enabled":true,"name":"var-log.mount"}]}}}}},"resources":{"infrastructureMachineTemplate":{"group":"infrastructure.cluster.x-k8s.io","kind":"AWSMachineTemplate","version":"v1beta2"},"infrastructureMachineTemplateSpecTemplateName":"controlplane-awsmachinetemplate-spec"}},"environmentVariables":{"hostName":"COREOS_EC2_HOSTNAME","ipv4":"COREOS_EC2_IPV4_LOCAL"},"pauseProperties":{"global.connectivity.vpcMode":"private"},"provider":"aws","registry":{"templateName":"awsContainerImageRegistry"},"resourcesApi":{"bastionResourceEnabled":false,"cleanupHelmReleaseResourcesEnabled":true,"clusterResourceEnabled":true,"controlPlaneResourceEnabled":true,"helmRepositoryResourcesEnabled":true,"infrastructureCluster":{"group":"infrastructure.cluster.x-k8s.io","kind":"AWSCluster","version":"v1beta2"},"infrastructureMachinePool":{"group":"infrastructure.cluster.x-k8s.io","kind":"AWSMachinePool","version":"v1beta2"},"machineHealthCheckResourceEnabled":true,"machinePoolResourcesEnabled":true,"nodePoolKind":"MachinePool"},"workers":{"defaultNodePools":{"def00":{"customNodeLabels":["label=default"],"instanceType":"r6i.xlarge","instanceWarmup":600,"maxSize":3,"minHealthyPercentage":90,"minSize":3}},"kubeadmConfig":{"files":[{"contentFrom":{"secret":{"key":"99-unmanaged-devices.network","name":"provider-specific-files","prependClusterNameAsPrefix":true}},"path":"/etc/systemd/network/99-unmanaged-devices.network","permissions":"0644"}],"ignition":{"containerLinuxConfig":{"additionalConfig":{"storage":{"filesystems":[{"mount":{"device":"/dev/xvdd","format":"xfs","label":"lib","wipeFilesystem":true},"name":"lib"},{"mount":{"device":"/dev/xvde","format":"xfs","label":"log","wipeFilesystem":true},"name":"log"}]},"systemd":{"units":[{"contents":{"install":{"wantedBy":["local-fs-pre.target"]},"mount":{"type":"xfs","what":"/dev/disk/by-label/lib","where":"/var/lib"},"unit":{"defaultDependencies":false,"description":"lib volume"}},"enabled":true,"name":"var-lib.mount"},{"contents":{"install":{"wantedBy":["local-fs-pre.target"]},"mount":{"type":"xfs","what":"/dev/disk/by-label/log","where":"/var/log"},"unit":{"defaultDependencies":false,"description":"log volume"}},"enabled":true,"name":"var-log.mount"}]}}}}}}}}`| +| `cluster` | **Cluster** - Helm values for the provider-independent cluster chart|**Type:** `object`
**Default:** `{"providerIntegration":{"apps":{"capiNodeLabeler":{"enable":true},"certExporter":{"enable":true},"certManager":{"enable":true},"chartOperatorExtensions":{"enable":true},"cilium":{"configTemplateName":"awsCiliumHelmValues","enable":true},"ciliumServiceMonitors":{"enable":true},"clusterAutoscaler":{"configTemplateName":"awsClusterAutoscalerHelmValues","enable":true},"coreDns":{"configTemplateName":"awsCorednsHelmValues","enable":true},"etcdKubernetesResourcesCountExporter":{"enable":true},"externalDns":{"configTemplateName":"awsExternalDnsHelmValues","enable":true},"k8sAuditMetrics":{"enable":true},"k8sDnsNodeCache":{"enable":true},"metricsServer":{"enable":true},"netExporter":{"enable":true},"networkPolicies":{"configTemplateName":"awsNetworkPoliciesHelmValues","enable":true},"nodeExporter":{"enable":true},"observabilityBundle":{"enable":true},"prometheusBlackboxExporter":{"enable":true},"securityBundle":{"configTemplateName":"awsSecurityBundleHelmValues","enable":true},"teleportKubeAgent":{"enable":true},"verticalPodAutoscaler":{"enable":true},"verticalPodAutoscalerCrd":{"enable":true}},"clusterAnnotationsTemplateName":"awsConnectivityLabels","components":{"systemd":{"timesyncd":{"ntp":["169.254.169.123"]}}},"connectivity":{"proxy":{"noProxy":{"templateName":"awsNoProxyList","value":["elb.amazonaws.com","169.254.169.254"]}}},"controlPlane":{"kubeadmConfig":{"clusterConfiguration":{"apiServer":{"apiAudiences":{"templateName":"awsApiServerApiAudiences"},"featureGates":[{"enabled":true,"name":"CronJobTimeZone"}],"serviceAccountIssuer":{"templateName":"awsIrsaServiceAccountIssuer"}}},"files":[{"contentFrom":{"secret":{"key":"99-unmanaged-devices.network","name":"provider-specific-files","prependClusterNameAsPrefix":true}},"path":"/etc/systemd/network/99-unmanaged-devices.network","permissions":"0644"}],"ignition":{"containerLinuxConfig":{"additionalConfig":{"storage":{"filesystems":[{"mount":{"device":"/dev/xvdc","format":"xfs","label":"etcd","wipeFilesystem":true},"name":"etcd"},{"mount":{"device":"/dev/xvdd","format":"xfs","label":"lib","wipeFilesystem":true},"name":"lib"},{"mount":{"device":"/dev/xvde","format":"xfs","label":"log","wipeFilesystem":true},"name":"log"}]},"systemd":{"units":[{"contents":{"install":{"wantedBy":["local-fs-pre.target"]},"mount":{"type":"xfs","what":"/dev/disk/by-label/etcd","where":"/var/lib/etcd"},"unit":{"defaultDependencies":false,"description":"etcd volume"}},"enabled":true,"name":"var-lib-etcd.mount"},{"contents":{"install":{"wantedBy":["local-fs-pre.target"]},"mount":{"type":"xfs","what":"/dev/disk/by-label/lib","where":"/var/lib"},"unit":{"defaultDependencies":false,"description":"var lib volume"}},"enabled":true,"name":"var-lib.mount"},{"contents":{"install":{"wantedBy":["local-fs-pre.target"]},"mount":{"type":"xfs","what":"/dev/disk/by-label/log","where":"/var/log"},"unit":{"defaultDependencies":false,"description":"log volume"}},"enabled":true,"name":"var-log.mount"}]}}}}},"resources":{"infrastructureMachineTemplate":{"group":"infrastructure.cluster.x-k8s.io","kind":"AWSMachineTemplate","version":"v1beta2"},"infrastructureMachineTemplateSpecTemplateName":"controlplane-awsmachinetemplate-spec"}},"environmentVariables":{"hostName":"COREOS_EC2_HOSTNAME","ipv4":"COREOS_EC2_IPV4_LOCAL"},"pauseProperties":{"global.connectivity.vpcMode":"private"},"provider":"aws","registry":{"templateName":"awsContainerImageRegistry"},"resourcesApi":{"bastionResourceEnabled":false,"cleanupHelmReleaseResourcesEnabled":true,"clusterResourceEnabled":true,"controlPlaneResourceEnabled":true,"helmRepositoryResourcesEnabled":true,"infrastructureCluster":{"group":"infrastructure.cluster.x-k8s.io","kind":"AWSCluster","version":"v1beta2"},"infrastructureMachinePool":{"group":"infrastructure.cluster.x-k8s.io","kind":"AWSMachinePool","version":"v1beta2"},"machineHealthCheckResourceEnabled":true,"machinePoolResourcesEnabled":true,"nodePoolKind":"MachinePool"},"workers":{"defaultNodePools":{"def00":{"customNodeLabels":["label=default"],"instanceType":"r6i.xlarge","instanceWarmup":600,"maxSize":3,"minHealthyPercentage":90,"minSize":3}},"kubeadmConfig":{"files":[{"contentFrom":{"secret":{"key":"99-unmanaged-devices.network","name":"provider-specific-files","prependClusterNameAsPrefix":true}},"path":"/etc/systemd/network/99-unmanaged-devices.network","permissions":"0644"}],"ignition":{"containerLinuxConfig":{"additionalConfig":{"storage":{"filesystems":[{"mount":{"device":"/dev/xvdd","format":"xfs","label":"lib","wipeFilesystem":true},"name":"lib"},{"mount":{"device":"/dev/xvde","format":"xfs","label":"log","wipeFilesystem":true},"name":"log"}]},"systemd":{"units":[{"contents":{"install":{"wantedBy":["local-fs-pre.target"]},"mount":{"type":"xfs","what":"/dev/disk/by-label/lib","where":"/var/lib"},"unit":{"defaultDependencies":false,"description":"lib volume"}},"enabled":true,"name":"var-lib.mount"},{"contents":{"install":{"wantedBy":["local-fs-pre.target"]},"mount":{"type":"xfs","what":"/dev/disk/by-label/log","where":"/var/log"},"unit":{"defaultDependencies":false,"description":"log volume"}},"enabled":true,"name":"var-log.mount"}]}}}}}}}}`| | `cluster-shared` | **Library chart**|**Type:** `object`
| | `managementCluster` | **Management cluster** - Name of the Cluster API cluster managing this workload cluster.|**Type:** `string`
| | `provider` | **Cluster API provider name**|**Type:** `string`
| diff --git a/helm/cluster-aws/templates/aws-ebs-csi-driver-servicemonitors-app.yaml b/helm/cluster-aws/templates/aws-ebs-csi-driver-servicemonitors-app.yaml new file mode 100644 index 00000000..e8851ade --- /dev/null +++ b/helm/cluster-aws/templates/aws-ebs-csi-driver-servicemonitors-app.yaml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "resource.default.name" . }}-aws-ebs-csi-driver-servicemonitors-user-values + namespace: {{ .Release.Namespace }} + labels: + {{- include "labels.common" . | nindent 4 }} +--- +apiVersion: application.giantswarm.io/v1alpha1 +kind: App +metadata: + name: {{ include "resource.default.name" . }}-aws-ebs-csi-driver-smons + namespace: {{ .Release.Namespace }} + labels: + {{- include "labels.common" . | nindent 4 }} + giantswarm.io/managed-by: {{ .Chart.Name }} + annotations: + app-operator.giantswarm.io/depends-on: {{ include "resource.default.name" . }}-cert-manager +spec: + catalog: default + name: aws-ebs-csi-driver-servicemonitors + # repo: giantswarm/aws-ebs-csi-driver-servicemonitors + version: 0.1.0 + namespace: kube-system + config: + configMap: + name: {{ include "resource.default.name" . }}-cluster-values + namespace: {{ .Release.Namespace }} + {{- if .Values.global.apps.irsaServiceMonitors.values }} + userConfig: + configMap: + name: {{ include "resource.default.name" . }}-aws-ebs-csi-driver-servicemonitors-user-values + namespace: {{ .Release.Namespace }} + {{- end }} + {{- if .Values.global.apps.awsEbsCsiDriverServiceMonitors.extraConfigs }} + extraConfigs: + {{- range .Values.global.apps.awsEbsCsiDriverServiceMonitors.extraConfigs }} + - kind: {{ .kind }} + name: {{ .name }} + namespace: {{ .namespace | default $.Release.Namespace }} + priority: {{ .priority }} + {{- end }} + {{- end }} + kubeConfig: + inCluster: false + secret: + name: {{ include "resource.default.name" . }}-kubeconfig + namespace: {{ .Release.Namespace }} + context: + name: {{ include "resource.default.name" . }}-admin@{{ include "resource.default.name" . }} diff --git a/helm/cluster-aws/templates/irsa-servicemonitors-app.yaml b/helm/cluster-aws/templates/irsa-servicemonitors-app.yaml new file mode 100644 index 00000000..bf7bad2b --- /dev/null +++ b/helm/cluster-aws/templates/irsa-servicemonitors-app.yaml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "resource.default.name" . }}-irsa-servicemonitors-user-values + namespace: {{ .Release.Namespace }} + labels: + {{- include "labels.common" . | nindent 4 }} +--- +apiVersion: application.giantswarm.io/v1alpha1 +kind: App +metadata: + name: {{ include "resource.default.name" . }}-irsa-servicemonitors + namespace: {{ .Release.Namespace }} + labels: + {{- include "labels.common" . | nindent 4 }} + giantswarm.io/managed-by: {{ .Chart.Name }} + annotations: + app-operator.giantswarm.io/depends-on: {{ include "resource.default.name" . }}-cert-manager +spec: + catalog: default + name: irsa-servicemonitors + # repo: giantswarm/irsa-servicemonitors + version: 0.0.1 + namespace: kube-system + config: + configMap: + name: {{ include "resource.default.name" . }}-cluster-values + namespace: {{ .Release.Namespace }} + {{- if .Values.global.apps.irsaServiceMonitors.values }} + userConfig: + configMap: + name: {{ include "resource.default.name" . }}-irsa-servicemonitors-user-values + namespace: {{ .Release.Namespace }} + {{- end }} + {{- if .Values.global.apps.irsaServiceMonitors.extraConfigs }} + extraConfigs: + {{- range .Values.global.apps.irsaServiceMonitors.extraConfigs }} + - kind: {{ .kind }} + name: {{ .name }} + namespace: {{ .namespace | default $.Release.Namespace }} + priority: {{ .priority }} + {{- end }} + {{- end }} + kubeConfig: + inCluster: false + secret: + name: {{ include "resource.default.name" . }}-kubeconfig + namespace: {{ .Release.Namespace }} + context: + name: {{ include "resource.default.name" . }}-admin@{{ include "resource.default.name" . }} diff --git a/helm/cluster-aws/values.schema.json b/helm/cluster-aws/values.schema.json index d63b4c35..c7e6cd69 100644 --- a/helm/cluster-aws/values.schema.json +++ b/helm/cluster-aws/values.schema.json @@ -292,6 +292,9 @@ "configTemplateName": "awsExternalDnsHelmValues", "enable": true }, + "k8sAuditMetrics": { + "enable": true + }, "k8sDnsNodeCache": { "enable": true }, @@ -311,6 +314,9 @@ "observabilityBundle": { "enable": true }, + "prometheusBlackboxExporter": { + "enable": true + }, "securityBundle": { "configTemplateName": "awsSecurityBundleHelmValues", "enable": true @@ -654,6 +660,12 @@ "title": "AWS EBS CSI driver", "description": "Configuration of aws-ebs-csi-driver-app. For all available values see https://github.com/giantswarm/aws-ebs-csi-driver-app." }, + "awsEbsCsiDriverServiceMonitors": { + "$ref": "#/$defs/app", + "type": "object", + "title": "AWS EBS CSI driver service monitors", + "description": "Configuration of aws-ebs-csi-driver-servicemonitors. For all available values see https://github.com/giantswarm/aws-ebs-csi-driver-servicemonitors-app." + }, "awsPodIdentityWebhook": { "$ref": "#/$defs/app", "type": "object", @@ -720,6 +732,18 @@ "title": "external-dns", "description": "Configuration of external-dns. For all available values see https://github.com/giantswarm/external-dns-app." }, + "irsaServiceMonitors": { + "$ref": "#/$defs/app", + "type": "object", + "title": "irsa-servicemonitors", + "description": "Configuration of irsa-service-monitor. For all available values see https://github.com/giantswarm/irsa-servicemonitors-app." + }, + "k8sAuditMetrics": { + "$ref": "#/$defs/app", + "type": "object", + "title": "k8s-audit-metrics", + "description": "Configuration of k8s-audit-metrics. For all available values see https://github.com/giantswarm/k8s-audit-metrics." + }, "k8sDnsNodeCache": { "$ref": "#/$defs/app", "type": "object", @@ -756,6 +780,12 @@ "title": "observability-bundle", "description": "Configuration of observability-bundle. For all available values see https://github.com/giantswarm/observability-bundle." }, + "prometheusBlackboxExporter": { + "$ref": "#/$defs/app", + "type": "object", + "title": "prometheus-blackbox-exporter", + "description": "Configuration of prometheus-blackbox-exporter. For all available values see https://github.com/giantswarm/prometheus-blackbox-exporter-app." + }, "securityBundle": { "$ref": "#/$defs/app", "type": "object", diff --git a/helm/cluster-aws/values.yaml b/helm/cluster-aws/values.yaml index 53a262dd..72eb2da6 100644 --- a/helm/cluster-aws/values.yaml +++ b/helm/cluster-aws/values.yaml @@ -27,6 +27,8 @@ cluster: externalDns: configTemplateName: awsExternalDnsHelmValues enable: true + k8sAuditMetrics: + enable: true k8sDnsNodeCache: enable: true metricsServer: @@ -40,6 +42,8 @@ cluster: enable: true observabilityBundle: enable: true + prometheusBlackboxExporter: + enable: true securityBundle: configTemplateName: awsSecurityBundleHelmValues enable: true @@ -244,6 +248,7 @@ global: apps: awsCloudControllerManager: {} awsEbsCsiDriver: {} + awsEbsCsiDriverServiceMonitors: {} awsPodIdentityWebhook: {} capiNodeLabeler: {} certExporter: {} @@ -255,12 +260,15 @@ global: coreDns: {} etcdKubernetesResourcesCountExporter: {} externalDns: {} + irsaServiceMonitors: {} + k8sAuditMetrics: {} k8sDnsNodeCache: {} metricsServer: {} netExporter: {} networkPolicies: {} nodeExporter: {} observabilityBundle: {} + prometheusBlackboxExporter: {} securityBundle: {} teleportKubeAgent: {} verticalPodAutoscaler: {}