Add the Deployment from opencost-helm-chart

Signed-off-by: Matt Ray <[email protected]>
prometheus-community · Oct 7, 2023 · bfeb215 · bfeb215
1 parent 983331c
commit bfeb215
Show file tree

Hide file tree

Showing 3 changed files with 358 additions and 0 deletions.
diff --git a/charts/prometheus-opencost-exporter/templates/_helpers.tpl b/charts/prometheus-opencost-exporter/templates/_helpers.tpl
@@ -61,3 +61,39 @@ Create the name of the service account to use
     {{ default "default" .Values.serviceAccount.name }}
 {{- end -}}
 {{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+*/}}
+{{- define "prometheus-opencost-exporter.prometheus.secretname" -}}
+  {{- if .Values.opencost.prometheus.secret_name -}}
+    {{- .Values.opencost.prometheus.secret_name -}}
+  {{- else -}}
+    {{- include "prometheus-opencost-exporter.fullname" . -}}
+  {{- end -}}
+{{- end -}}
+
+{{/*
+Create the name of the controller service account to use
+*/}}
+{{- define "prometheus-opencost-exporter.prometheusServerEndpoint" -}}
+  {{- if .Values.opencost.prometheus.external.enabled -}}
+    {{ tpl .Values.opencost.prometheus.external.url . }}
+  {{- else -}}
+    {{- $host := tpl .Values.opencost.prometheus.internal.serviceName . }}
+    {{- $ns := tpl .Values.opencost.prometheus.internal.namespaceName . }}
+    {{- $port := .Values.opencost.prometheus.internal.port | int }}
+    {{- printf "http://%s.%s.svc:%d" $host $ns $port -}}
+  {{- end -}}
+{{- end -}}
+
+
+{{/*
+Check that either prometheus external or internal is defined
+*/}}
+{{- define "isPrometheusConfigValid" -}}
+  {{- if and .Values.opencost.prometheus.external.enabled .Values.opencost.prometheus.internal.enabled -}}
+    {{- fail "Only use one of the prometheus setups, internal or external" -}}
+  {{- end -}}
+{{- end -}}
diff --git a/charts/prometheus-opencost-exporter/templates/deployment.yaml b/charts/prometheus-opencost-exporter/templates/deployment.yaml
@@ -0,0 +1,168 @@
+{{- include  "isPrometheusConfigValid" . }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "prometheus-opencost-exporter.fullname" . }}
+  labels: {{- include "prometheus-opencost-exporter.labels" . | nindent 4 }}
+  {{- with .Values.annotations }}
+  annotations: {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  replicas: {{ .Values.opencost.exporter.replicas }}
+  selector:
+    matchLabels: {{- include "prometheus-opencost-exporter.selectorLabels" . | nindent 6 }}
+  strategy:
+    rollingUpdate:
+      maxSurge: 1
+      maxUnavailable: 1
+    type: RollingUpdate
+  template:
+    metadata:
+      labels:
+        {{- include "prometheus-opencost-exporter.selectorLabels" . | nindent 8 }}
+        {{- with .Values.podLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- with .Values.podAnnotations }}
+      annotations: {{- toYaml . | nindent 8 }}
+      {{- end }}
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets: {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.priorityClassName }}
+      priorityClassName: {{ . }}
+      {{- end }}
+      {{- with .Values.podSecurityContext }}
+      securityContext: {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ template "prometheus-opencost-exporter.serviceAccountName" . }}
+      {{- with .Values.opencost.tolerations }}
+      tolerations: {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.opencost.nodeSelector }}
+      nodeSelector: {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.opencost.affinity }}
+      affinity: {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with.Values.opencost.topologySpreadConstraints }}
+      topologySpreadConstraints: {{- toYaml . | nindent 8 }}
+      {{- end }}
+      containers:
+        - name: {{ include "prometheus-opencost-exporter.fullname" . }}
+          image: "{{ .Values.opencost.exporter.image.registry }}/{{ .Values.opencost.exporter.image.repository }}:{{ .Values.opencost.exporter.image.tag | default (printf "prod-%s" .Chart.AppVersion) }}"
+          imagePullPolicy: {{ .Values.opencost.exporter.image.pullPolicy }}
+          ports:
+            - containerPort: 9003
+              name: http
+          resources: {{- toYaml .Values.opencost.exporter.resources | nindent 12 }}
+          {{- if .Values.opencost.exporter.livenessProbe.enabled }}
+          livenessProbe:
+            httpGet:
+              path: /healthz
+              port: 9003
+            initialDelaySeconds: {{ .Values.opencost.exporter.livenessProbe.initialDelaySeconds }}
+            periodSeconds: {{ .Values.opencost.exporter.livenessProbe.periodSeconds }}
+            failureThreshold: {{ .Values.opencost.exporter.livenessProbe.failureThreshold }}
+          {{- end }}
+          {{- if .Values.opencost.exporter.readinessProbe.enabled }}
+          readinessProbe:
+            httpGet:
+              path: /healthz
+              port: 9003
+            initialDelaySeconds: {{ .Values.opencost.exporter.readinessProbe.initialDelaySeconds }}
+            periodSeconds: {{ .Values.opencost.exporter.readinessProbe.periodSeconds }}
+            failureThreshold: {{ .Values.opencost.exporter.readinessProbe.failureThreshold }}
+          {{- end }}
+          {{- with .Values.opencost.exporter.securityContext }}
+          securityContext: {{- toYaml . | nindent 12 }}
+          {{- end }}
+          env:
+            - name: PROMETHEUS_SERVER_ENDPOINT
+              value: {{ include "prometheus-opencost-exporter.prometheusServerEndpoint" . | quote }}
+            {{- if .Values.opencost.exporter.cloudProviderApiKey }}
+            - name: CLOUD_PROVIDER_API_KEY
+              value: {{ .Values.opencost.exporter.cloudProviderApiKey | quote }}
+            {{- end }}
+            - name: CLUSTER_ID
+              value: {{ .Values.opencost.exporter.defaultClusterId | quote }}
+            {{- if .Values.opencost.exporter.aws.access_key_id }}
+            - name: AWS_ACCESS_KEY_ID
+              valueFrom:
+                secretKeyRef:
+                  name: {{ include "prometheus-opencost-exporter.prometheus.secretname" . }}
+                  key: AWS_ACCESS_KEY_ID
+            {{- end }}
+            {{- if .Values.opencost.exporter.aws.secret_access_key }}
+            - name: AWS_SECRET_ACCESS_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: {{ include "prometheus-opencost-exporter.prometheus.secretname" . }}
+                  key: AWS_SECRET_ACCESS_KEY
+            {{- end }}
+            # If username, password or bearer_token are defined, pull from secrets
+            {{- if or .Values.opencost.prometheus.username (and .Values.opencost.prometheus.secret_name .Values.opencost.prometheus.username_key) }}
+            - name: DB_BASIC_AUTH_USERNAME
+              valueFrom:
+                secretKeyRef:
+                  name: {{ include "prometheus-opencost-exporter.prometheus.secretname" . }}
+                  key: {{ .Values.opencost.prometheus.username_key }}
+            {{- end }}
+            {{- if or .Values.opencost.prometheus.password (and .Values.opencost.prometheus.secret_name .Values.opencost.prometheus.password_key) }}
+            - name: DB_BASIC_AUTH_PW
+              valueFrom:
+                secretKeyRef:
+                  name: {{ include "prometheus-opencost-exporter.prometheus.secretname" . }}
+                  key: {{ .Values.opencost.prometheus.password_key }}
+            {{- else if or .Values.opencost.prometheus.bearer_token (and .Values.opencost.prometheus.secret_name .Values.opencost.prometheus.bearer_token_key) }}
+            - name: DB_BEARER_TOKEN
+              valueFrom:
+                secretKeyRef:
+                  name: {{ include "prometheus-opencost-exporter.prometheus.secretname" . }}
+                  key: {{ .Values.opencost.prometheus.bearer_token_key }}
+            {{- end }}
+            {{- with .Values.opencost.exporter.env }}
+              {{- toYaml . | nindent 12 }}
+            {{- end }}
+            {{- if .Values.opencost.customPricing.enabled }}
+            - name: CONFIG_PATH
+              value: {{ .Values.opencost.customPricing.configPath | quote }}
+            {{- end }}
+            # Add any additional provided variables
+            {{- range $key, $value := .Values.opencost.exporter.extraEnv }}
+            - name: {{ $key }}
+              value: {{ $value | quote }}
+            {{- end }}
+          {{- if or .Values.opencost.exporter.persistence.enabled .Values.opencost.exporter.extraVolumeMounts .Values.opencost.customPricing.enabled}}
+          volumeMounts:
+            {{- if .Values.opencost.exporter.persistence.enabled }}
+            - mountPath: /mnt/export
+              name: opencost-export
+              readOnly: false
+            {{- end }}
+            {{- if .Values.opencost.customPricing.enabled }}
+            - mountPath: {{ .Values.opencost.customPricing.configPath }}
+              name: custom-configs
+              readOnly: true
+            {{- end }}
+            {{- with .Values.opencost.exporter.extraVolumeMounts }}
+              {{- toYaml . | nindent 12 }}
+            {{- end }}
+          {{- end }}
+      {{- if or .Values.opencost.exporter.persistence.enabled .Values.extraVolumes .Values.opencost.customPricing.enabled}}
+      volumes:
+        {{- if .Values.opencost.customPricing.enabled }}
+        - name: custom-configs
+          configMap:
+            name: {{ .Values.opencost.customPricing.configmapName }}
+        {{- end }}
+        {{- if .Values.opencost.exporter.persistence.enabled }}
+        - name: opencost-export
+          persistentVolumeClaim:
+            claimName: {{ include "prometheus-opencost-exporter.fullname" . }}-pvc
+        {{- end }}
+        {{- with .Values.extraVolumes }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
diff --git a/charts/prometheus-opencost-exporter/values.yaml b/charts/prometheus-opencost-exporter/values.yaml
@@ -17,6 +17,160 @@ serviceAccount:
   # -- Whether pods running as this service account should have an API token automatically mounted
   automountServiceAccountToken: true
 
+# --  Annotations to add to the all the resources
+annotations: {}
+# --  Annotations to add to the OpenCost Pod
+podAnnotations: {}
+# --  Annotations to add to the Secret
+secretAnnotations: {}
+# --  Labels to add to the OpenCost Pod
+podLabels: {}
+# --  Pod priority
+priorityClassName: ~
+
+# -- Holds pod-level security attributes and common container settings
+podSecurityContext: {}
+  # fsGroup: 2000
+
+service:
+  enabled: true
+  # --  Annotations to add to the service
+  annotations: {}
+  # --  Labels to add to the service account
+  labels: {}
+  # --  Kubernetes Service type
+  type: ClusterIP
+
 # Create cluster role policies
 rbac:
   enabled: true
+
+opencost:
+  exporter:
+    # -- The GCP Pricing API requires a key. This is supplied just for evaluation.
+    cloudProviderApiKey: ""
+    # -- Default cluster ID to use if cluster_id is not set in Prometheus metrics.
+    defaultClusterId: 'default-cluster'
+    image:
+      # -- Exporter container image registry
+      registry: quay.io
+      # -- Exporter container image name
+      repository: kubecost1/kubecost-cost-model
+      # -- Exporter container image tag
+      # @default -- `""` (use appVersion in Chart.yaml)
+      tag: ""
+      # -- Exporter container image pull policy
+      pullPolicy: IfNotPresent
+    # -- Number of OpenCost replicas to run
+    replicas: 1
+    resources:
+      # -- CPU/Memory resource requests
+      requests:
+        cpu: '10m'
+        memory: '55Mi'
+      # -- CPU/Memory resource limits
+      limits:
+        cpu: '999m'
+        memory: '1Gi'
+    # Liveness probe configuration
+    livenessProbe:
+      # -- Whether probe is enabled
+      enabled: true
+      # -- Number of seconds before probe is initiated
+      initialDelaySeconds: 120
+      # -- Probe frequency in seconds
+      periodSeconds: 10
+      # -- Number of failures for probe to be considered failed
+      failureThreshold: 3
+    # Readiness probe configuration
+    readinessProbe:
+      # -- Whether probe is enabled
+      enabled: true
+      # -- Number of seconds before probe is initiated
+      initialDelaySeconds: 120
+      # -- Probe frequency in seconds
+      periodSeconds: 10
+      # -- Number of failures for probe to be considered failed
+      failureThreshold: 3
+    # -- The security options the container should be run with
+    securityContext: {}
+      # capabilities:
+      #   drop:
+      #   - ALL
+      # readOnlyRootFilesystem: true
+      # runAsNonRoot: true
+      # runAsUser: 1000
+
+    # Persistent volume claim for storing the data. eg: csv file
+    persistence:
+      enabled: false
+      # -- Annotations for persistent volume
+      annotations: {}
+      # -- Access mode for persistent volume
+      accessMode: ""
+      # -- Storage class for persistent volume
+      storageClass: ""
+      # -- Size for persistent volume
+      size: ""
+
+    aws:
+      # -- AWS secret access key
+      secret_access_key: ""
+      # -- AWS secret key id
+      access_key_id: ""
+    # -- A list of volume mounts to be added to the pod
+    extraVolumeMounts: []
+    # -- List of additional environment variables to set in the container
+    env: []
+    # -- Any extra environment variables you would like to pass on to the pod
+    extraEnv: {}
+      # FOO: BAR
+  customPricing:
+    # -- Enables custom pricing for on-premise setup.
+    enabled: false
+    configmapName: custom-pricing-model
+    # -- Path for the pricing configuration.
+    configPath: /tmp/custom-config
+    # -- Configures the pricing model provided in the values file.
+    createConfigmap: true
+    # -- More information about these values here: https://www.opencost.io/docs/configuration/on-prem#custom-pricing-using-the-opencost-helm-chart
+    costModel:
+      description: Modified prices based on your internal pricing
+      CPU: 1.25
+      spotCPU: 0.006655
+      RAM: 0.50
+      spotRAM: 0.000892
+      GPU: 0.95
+      storage: 0.25
+      zoneNetworkEgress: 0.01
+      regionNetworkEgress: 0.01
+      internetNetworkEgress: 0.12
+
+  prometheus:
+    # -- Secret name that contains credentials for Prometheus
+    secret_name: ~
+    # -- Prometheus Basic auth username
+    username: ""
+    # -- Key in the secret that references the username
+    username_key: DB_BASIC_AUTH_USERNAME
+    # -- Prometheus Basic auth password
+    password: ""
+    # -- Key in the secret that references the password
+    password_key: DB_BASIC_AUTH_PW
+    # -- Prometheus Bearer token
+    bearer_token: ""
+    bearer_token_key: DB_BEARER_TOKEN
+    external:
+      # -- Use external Prometheus (eg. Grafana Cloud)
+      enabled: false
+      # -- External Prometheus url
+      url: "https://prometheus.example.com/prometheus"
+    internal:
+      # -- Use in-cluster Prometheus
+      enabled: true
+      # -- Service name of in-cluster Prometheus
+      serviceName: my-prometheus
+      # -- Namespace of in-cluster Prometheus
+      namespaceName: opencost
+      # -- Service port of in-cluster Prometheus
+      port: 9090