From 87a45c6a7b55115f63096f72c5e5c3923648f4c8 Mon Sep 17 00:00:00 2001 From: Omar-Ahmed-Dt Date: Thu, 17 Oct 2024 21:01:28 +0300 Subject: [PATCH 01/23] test obervaStack --- .gitignore | 2 -- builder.cue | 25 +++++++++++++++++++++++ stack.cue | 59 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 84 insertions(+), 2 deletions(-) create mode 100644 builder.cue create mode 100644 stack.cue diff --git a/.gitignore b/.gitignore index 9185880..e69de29 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +0,0 @@ -builder.cue -stack.cue diff --git a/builder.cue b/builder.cue new file mode 100644 index 0000000..e1bb3d4 --- /dev/null +++ b/builder.cue @@ -0,0 +1,25 @@ +package main + +import ( + "stakpak.dev/devx/v2alpha1" + "stakpak.dev/devx/v1/transformers/terraform/aws" + "stakpak.dev/devx/v1/transformers/terraform/k8s" + "stakpak.dev/devx/v1/transformers/terraform/helm" +) + +builders: v2alpha1.#Environments & { + prod: { + flows: { + // Pipeline for adding EKS Cluster + "eks/add-cluster": pipeline: [ + aws.#AddKubernetesCluster + ] + + // Helm Configuration and Release Pipeline + "terraform/helm": pipeline: [ + k8s.#AddLocalHelmProvider, + helm.#AddHelmRelease, + ] + } + } +} \ No newline at end of file diff --git a/stack.cue b/stack.cue new file mode 100644 index 0000000..24ab94c --- /dev/null +++ b/stack.cue @@ -0,0 +1,59 @@ +package main + +import ( + "stakpak.dev/devx/v1" + "stakpak.dev/devx/v1/traits" + "stakpak.dev/devx/k8s/stacks" +) + +stack: v1.#Stack & { + components: { + // EKS Cluster Configuration + eksCluster: { + traits.#KubernetesCluster + k8s: { + name: "demo" + version: minor: 26 + } + aws: { + region: "us-east-1" + vpc: { + name: "default" + cidr: "10.0.0.0/16" + subnets: { + private: ["10.0.1.0/24", "10.0.2.0/24"] + public: ["10.0.101.0/24", "10.0.102.0/24"] + } + } + } + eks: { + moduleVersion: "19.21.0" + instanceType: "t3.small" + minSize: 2 + maxSize: 5 + desiredSize: 2 + public: true + } + } + // Kubernetes Basic Stack + stacks.ObservabilityStack.components + loki: { + helm: { + version: "6.16.0" + release: "loki" + } + } + grafana: { + helm: { + version: "8.5.1" + release: "grafana" + } + } + prometheus: { + helm: { + version: "25.26.0" + release: "prometheus" + } + } + } +} \ No newline at end of file From 9f9cc2b5d0856772508d647f3712b998aae48464 Mon Sep 17 00:00:00 2001 From: Omar-Ahmed-Dt Date: Thu, 17 Oct 2024 21:12:24 +0300 Subject: [PATCH 02/23] test obervaStack --- stack.cue | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/stack.cue b/stack.cue index 24ab94c..0021db5 100644 --- a/stack.cue +++ b/stack.cue @@ -37,23 +37,23 @@ stack: v1.#Stack & { } // Kubernetes Basic Stack stacks.ObservabilityStack.components - loki: { - helm: { - version: "6.16.0" - release: "loki" - } - } - grafana: { - helm: { - version: "8.5.1" - release: "grafana" - } - } - prometheus: { - helm: { - version: "25.26.0" - release: "prometheus" - } - } + // loki: { + // helm: { + // version: "6.16.0" + // release: "loki" + // } + // } + // grafana: { + // helm: { + // version: "8.5.1" + // release: "grafana" + // } + // } + // prometheus: { + // helm: { + // version: "25.26.0" + // release: "prometheus" + // } + // } } } \ No newline at end of file From 8bf29d296ce61a4094b8f4f4e0e3a6c52f4064c1 Mon Sep 17 00:00:00 2001 From: Omar-Ahmed-Dt Date: Thu, 17 Oct 2024 21:56:58 +0300 Subject: [PATCH 03/23] test obervaStack --- k8s/services/prometheus/helm-25.26.cue | 4 +-- k8s/services/prometheus/helm.cue | 2 +- stack.cue | 46 ++++++++++++++------------ 3 files changed, 28 insertions(+), 24 deletions(-) diff --git a/k8s/services/prometheus/helm-25.26.cue b/k8s/services/prometheus/helm-25.26.cue index 9ebe013..7ffec5a 100644 --- a/k8s/services/prometheus/helm-25.26.cue +++ b/k8s/services/prometheus/helm-25.26.cue @@ -115,11 +115,11 @@ package prometheus ingress: { enabled: bool | *false annotations: [string]: string - hosts: [string] + hosts: [...string] path: string | *"/" tls: [...{ secretName: string - hosts: [string] + hosts: [...string] }] } persistentVolume: { diff --git a/k8s/services/prometheus/helm.cue b/k8s/services/prometheus/helm.cue index 121f12a..2005659 100644 --- a/k8s/services/prometheus/helm.cue +++ b/k8s/services/prometheus/helm.cue @@ -19,7 +19,7 @@ import ( version: string | *"25.26.0" namespace: string | *"monitoring" - release: string + release: string values: (v1.getMatch & { match: version diff --git a/stack.cue b/stack.cue index 0021db5..ebe8102 100644 --- a/stack.cue +++ b/stack.cue @@ -9,7 +9,7 @@ import ( stack: v1.#Stack & { components: { // EKS Cluster Configuration - eksCluster: { + cluster: { traits.#KubernetesCluster k8s: { name: "demo" @@ -35,25 +35,29 @@ stack: v1.#Stack & { public: true } } - // Kubernetes Basic Stack - stacks.ObservabilityStack.components - // loki: { - // helm: { - // version: "6.16.0" - // release: "loki" - // } - // } - // grafana: { - // helm: { - // version: "8.5.1" - // release: "grafana" - // } - // } - // prometheus: { - // helm: { - // version: "25.26.0" - // release: "prometheus" - // } - // } + // Add Stacks + // stacks.KubernetesBasicStack.components + // certManager: k8s: cluster.k8s + // ingressNginx: k8s: cluster.k8s + // externalSecretsOperator: k8s: cluster.k8s + stacks.ObservabilityStack.components + loki: { + helm: { + version: "6.16.0" + release: "loki" + } + } + grafana: { + helm: { + version: "8.5.1" + release: "grafana" + } + } + prometheus: { + helm: { + version: "25.26.0" + release: "prometheus" + } + } } } \ No newline at end of file From 0f6cb232e8639cab2b7d6ca421b7af64d828efe9 Mon Sep 17 00:00:00 2001 From: Omar-Ahmed-Dt Date: Fri, 18 Oct 2024 17:53:05 +0300 Subject: [PATCH 04/23] modified in prometheus helm chart --- k8s/services/prometheus/helm-25.26.cue | 301 ++++++++++++++----------- 1 file changed, 164 insertions(+), 137 deletions(-) diff --git a/k8s/services/prometheus/helm-25.26.cue b/k8s/services/prometheus/helm-25.26.cue index 7ffec5a..36bb83b 100644 --- a/k8s/services/prometheus/helm-25.26.cue +++ b/k8s/services/prometheus/helm-25.26.cue @@ -1,143 +1,170 @@ package prometheus +import ( + "k8s.io/api/core/v1" +) + #KubeVersion: [=~"^25\\.26\\.0"]: minor: >=21 #Values: [=~"^25\\.26\\.0"]: { - rbac: create: bool | *true - podSecurityPolicy: enabled: bool | *false - imagePullSecrets: [...{ name: string }] - serviceAccounts: { - server: { - create: bool | *true - name: string | *"" - annotations: [string]: string - } - } - commonMetaLabels: [string]: string - configmapReload: { - reloadUrl: string | *"" - env: [...{ - name: string - value: string | *"" - valueFrom: { - secretKeyRef: { - name: string - key: string - optional: bool | *false - } - } - }] - prometheus: { - enabled: bool | *true - name: string | *"configmap-reload" - image: { - repository: string | *"quay.io/prometheus-operator/prometheus-config-reloader" - tag: string | *"latest" - digest: string | *"" - pullPolicy: string | *"IfNotPresent" - } - containerPort: int | *8080 - containerPortName: string | *"metrics" - extraArgs: [string]: string - extraVolumeDirs: [string]: string - extraVolumeMounts: [string]: string - extraConfigmapMounts: [...{ - name: string - mountPath: string - subPath: string - configMap: string - readOnly: bool | *true - }] - containerSecurityContext: [string]: string - livenessProbe: { - httpGet: { - path: string | *"/healthz" - port: int | *8080 - scheme: string | *"HTTP" - } - periodSeconds: int | *10 - initialDelaySeconds: int | *2 - } - readinessProbe: { - httpGet: { - path: string | *"/healthz" - port: int | *8080 - scheme: string | *"HTTP" - } - periodSeconds: int | *10 - } - startupProbe: { - enabled: bool | *false - httpGet: { - path: string | *"/healthz" - port: int | *8080 - scheme: string | *"HTTP" - } - periodSeconds: int | *10 - } - resources: [string]: string - } - } + // RBAC settings + rbac: create: bool | *true + + // Pod Security Policy settings + podSecurityPolicy: enabled: bool | *false + + // Image pull secrets for Prometheus deployment + imagePullSecrets: [...v1.#LocalObjectReference] + + // Service Account configuration + #ServiceAccount: { + // Specifies whether a service account should be created. + create: bool | *true + // Annotations for the service account. + annotations: [string]: string + // Extra labels for the service account. + extraLabels: [string]: string + // Name of the service account to use. + name: string | *"" + } + + // Common meta labels + commonMetaLabels: [string]: string + + // ConfigMap reload settings + configmapReload: { + reloadUrl: string | *"" + env: [...{ + name: string + value: string | *"" + valueFrom: { + secretKeyRef: { + name: string + key: string + optional: bool | *false + } + } + }] + prometheus: { + enabled: bool | *true + name: string | *"configmap-reload" + image: { + repository: string | *"quay.io/prometheus-operator/prometheus-config-reloader" + tag: string | *"latest" + digest: string | *"" + pullPolicy: string | *"IfNotPresent" + } + containerPort: int | *8080 + containerPortName: string | *"metrics" + extraArgs: [string]: string + extraVolumeDirs: [string]: string + extraVolumeMounts: [string]: string + extraConfigmapMounts: [...{ + name: string + mountPath: string + subPath: string + configMap: string + readOnly: bool | *true + }] + containerSecurityContext: v1.#SecurityContext + livenessProbe: { + httpGet: { + path: string | *"/healthz" + port: int | *8080 + scheme: string | *"HTTP" + } + periodSeconds: int | *10 + initialDelaySeconds: int | *2 + } + readinessProbe: { + httpGet: { + path: string | *"/healthz" + port: int | *8080 + scheme: string | *"HTTP" + } + periodSeconds: int | *10 + } + startupProbe: { + enabled: bool | *false + httpGet: { + path: string | *"/healthz" + port: int | *8080 + scheme: string | *"HTTP" + } + periodSeconds: int | *10 + } + resources: v1.#ResourceRequirements + } + } + + // Prometheus server settings + server: { + name: string | *"server" + image: { + repository: string | *"quay.io/prometheus/prometheus" + tag: string | *"" + digest: string | *"" + pullPolicy: string | *"IfNotPresent" + } + global: { + scrape_interval: string | *"1m" + scrape_timeout: string | *"10s" + evaluation_interval: string | *"1m" + } + resources: { + limits: { + cpu: string | *"500m" + memory: string | *"512Mi" + } + requests: { + cpu: string | *"500m" + memory: string | *"512Mi" + } + } + + // Pod security context + podSecurityContext: v1.#PodSecurityContext + + // Service configuration + service: { + enabled: bool | *true + type: string | *"ClusterIP" + servicePort: int | *80 + } + + // Ingress configuration + ingress: { + enabled: bool | *false + annotations: [string]: string + hosts: [...string] + path: string | *"/" + tls: [...{ + secretName: string + hosts: [...string] + }] + } + + // Persistent volume configuration + persistentVolume: { + enabled: bool | *true + size: string | *"8Gi" + storageClass: string | *"" + accessModes: [...string] | *["ReadWriteOnce"] + mountPath: string | *"/data" + } + + // Alertmanager settings + alertmanager: { + enabled: bool | *true + persistence: { + enabled: bool | *true + size: string | *"2Gi" + } + } - server: { - name: string | *"server" - image: { - repository: string | *"quay.io/prometheus/prometheus" - tag: string | *"" - digest: string | *"" - pullPolicy: string | *"IfNotPresent" - } - global: { - scrape_interval: string | *"1m" - scrape_timeout: string | *"10s" - evaluation_interval: string | *"1m" - } - resources: { - limits: { - cpu: string | *"500m" - memory: string | *"512Mi" - } - requests: { - cpu: string | *"500m" - memory: string | *"512Mi" - } - } - podSecurityContext: { - runAsUser: int | *65534 - runAsNonRoot: bool | *true - fsGroup: int | *65534 - } - service: { - enabled: bool | *true - type: string | *"ClusterIP" - servicePort: int | *80 - } - ingress: { - enabled: bool | *false - annotations: [string]: string - hosts: [...string] - path: string | *"/" - tls: [...{ - secretName: string - hosts: [...string] - }] - } - persistentVolume: { - enabled: bool | *true - size: string | *"8Gi" - storageClass: string | *"" - accessModes: [...string] | *["ReadWriteOnce"] - mountPath: string | *"/data" - } - alertmanager: { - enabled: bool | *true - persistence: { - enabled: bool | *true - size: string | *"2Gi" - } - } - kubeStateMetrics: enabled: bool | *true - nodeExporter: enabled: bool | *true - pushGateway: enabled: bool | *true - } -} \ No newline at end of file + // Additional monitoring components + kubeStateMetrics: enabled: bool | *true + nodeExporter: enabled: bool | *true + pushGateway: enabled: bool | *true + } +} From 31b6ba7cc2cff6dab40c030c355fcc1693f6b134 Mon Sep 17 00:00:00 2001 From: Omar-Ahmed-Dt Date: Tue, 22 Oct 2024 20:44:06 +0300 Subject: [PATCH 05/23] modified in prometheus helm chart --- .gitignore | 1 + k8s/services/grafana/helm-8.5.cue | 6 +++--- k8s/services/prometheus/helm-25.26.cue | 6 ++++-- stack.cue | 27 ++++---------------------- 4 files changed, 12 insertions(+), 28 deletions(-) diff --git a/.gitignore b/.gitignore index e69de29..567609b 100644 --- a/.gitignore +++ b/.gitignore @@ -0,0 +1 @@ +build/ diff --git a/k8s/services/grafana/helm-8.5.cue b/k8s/services/grafana/helm-8.5.cue index 22caebc..d64f1f1 100644 --- a/k8s/services/grafana/helm-8.5.cue +++ b/k8s/services/grafana/helm-8.5.cue @@ -2,7 +2,7 @@ package grafana import ( "k8s.io/api/core/v1" - // "stakpak.dev/devx/k8s" + "stakpak.dev/devx/k8s" ) #KubeVersion: [=~"^8\\.5\\.1"]: minor: >=21 @@ -129,7 +129,7 @@ import ( loadBalancerSourceRanges: [...string] | *[] port: int | *80 targetPort: int | *3000 - annotations: {} | *{} + annotations: k8s.#Annotations | *null labels: {} | *{} portName: string | *"service" appProtocol: string | *"" @@ -150,7 +150,7 @@ import ( hostAliases: [...{}] | *[] ingress: { enabled: bool | *false - annotations: {} | *{} + annotations: k8s.#Annotations | *null labels: {} | *{} path: string | *"/" pathType: string | *"Prefix" diff --git a/k8s/services/prometheus/helm-25.26.cue b/k8s/services/prometheus/helm-25.26.cue index 36bb83b..31e3d06 100644 --- a/k8s/services/prometheus/helm-25.26.cue +++ b/k8s/services/prometheus/helm-25.26.cue @@ -2,6 +2,7 @@ package prometheus import ( "k8s.io/api/core/v1" + "stakpak.dev/devx/k8s" ) #KubeVersion: [=~"^25\\.26\\.0"]: minor: >=21 @@ -21,7 +22,7 @@ import ( // Specifies whether a service account should be created. create: bool | *true // Annotations for the service account. - annotations: [string]: string + annotations: k8s.Annotations | *null // Extra labels for the service account. extraLabels: [string]: string // Name of the service account to use. @@ -135,7 +136,8 @@ import ( // Ingress configuration ingress: { enabled: bool | *false - annotations: [string]: string + // annotations: [string]: string + annotations: k8s.Annotations | *null hosts: [...string] path: string | *"/" tls: [...{ diff --git a/stack.cue b/stack.cue index ebe8102..411be50 100644 --- a/stack.cue +++ b/stack.cue @@ -35,29 +35,10 @@ stack: v1.#Stack & { public: true } } - // Add Stacks - // stacks.KubernetesBasicStack.components - // certManager: k8s: cluster.k8s - // ingressNginx: k8s: cluster.k8s - // externalSecretsOperator: k8s: cluster.k8s + // Add Observability Stack stacks.ObservabilityStack.components - loki: { - helm: { - version: "6.16.0" - release: "loki" - } - } - grafana: { - helm: { - version: "8.5.1" - release: "grafana" - } - } - prometheus: { - helm: { - version: "25.26.0" - release: "prometheus" - } - } + grafana: k8s: cluster.k8s + prometheus: k8s: cluster.k8s + loki: k8s: cluster.k8s } } \ No newline at end of file From 492a23584be269d8062c7fb863addc3e832fa50a Mon Sep 17 00:00:00 2001 From: Omar-Ahmed-Dt Date: Fri, 25 Oct 2024 14:52:23 +0300 Subject: [PATCH 06/23] added pixie --- k8s/services/pixie/helm-2.1.cue | 55 +++++++++++++++++++++++++++++++++ k8s/services/pixie/helm.cue | 29 +++++++++++++++++ k8s/stacks/observ.cue | 8 +++++ stack.cue | 13 ++++++-- 4 files changed, 103 insertions(+), 2 deletions(-) create mode 100644 k8s/services/pixie/helm-2.1.cue create mode 100644 k8s/services/pixie/helm.cue diff --git a/k8s/services/pixie/helm-2.1.cue b/k8s/services/pixie/helm-2.1.cue new file mode 100644 index 0000000..a5de8ca --- /dev/null +++ b/k8s/services/pixie/helm-2.1.cue @@ -0,0 +1,55 @@ +package pixie + +import ( + "k8s.io/api/core/v1" + // "stakpak.dev/devx/k8s" +) + +#KubeVersion: [=~"^2\\.1\\.6"]: minor: >=21 +#Values: [=~"^2\\.1\\.6"]: { + + clusterRegistrationWaitImage: { + repository: "gcr.io/pixie-oss/pixie-dev-public/curl" + tag: "1.0" + pullPolicy: v1.PullPolicy | *"IfNotPresent" + } + + image: { + repository: "newrelic/newrelic-pixie-integration" + tag: string | *"latest" + pullPolicy: v1.PullPolicy | *"IfNotPresent" + pullSecrets: [] + } + + resources: { + limits: { + memory: string | *"250M" + } + requests: { + cpu: string | *"100m" + memory: string | *"250M" + } + } + + podAnnotations: {} + podLabels: {} + + job: { + annotations: {} + labels: {} + } + + proxy: {} + + nodeSelector: {} + + tolerations: [] + + affinity: {} + + customScripts: {} + + excludeNamespacesRegex: "" + excludePodsRegex: "" + +} diff --git a/k8s/services/pixie/helm.cue b/k8s/services/pixie/helm.cue new file mode 100644 index 0000000..c092a9c --- /dev/null +++ b/k8s/services/pixie/helm.cue @@ -0,0 +1,29 @@ +package pixie + +import ( + "stakpak.dev/devx/v1" + "stakpak.dev/devx/v1/traits" +) + +#PixieChart: { + traits.#Helm + k8s: "version": (v1.getMatch & { + match: helm.version + input: #KubeVersion + }).result + helm: { + repoType: "default" + url: "https://helm-charts.newrelic.com" + chart: "pixie" + + version: string | *"2.1.6" + + namespace: string | *"monitoring" + release: string + + values: (v1.getMatch & { + match: version + input: #Values + }).result + } +} \ No newline at end of file diff --git a/k8s/stacks/observ.cue b/k8s/stacks/observ.cue index 499ddd6..aa9b957 100644 --- a/k8s/stacks/observ.cue +++ b/k8s/stacks/observ.cue @@ -5,6 +5,7 @@ import ( "stakpak.dev/devx/k8s/services/loki" "stakpak.dev/devx/k8s/services/grafana" "stakpak.dev/devx/k8s/services/prometheus" + "stakpak.dev/devx/k8s/services/pixie" ) ObservabilityStack: v1.#Stack & { @@ -31,5 +32,12 @@ ObservabilityStack: v1.#Stack & { values: {} } } + "pixie": pixie.#PixieChart & { + helm: { + version: "2.1.6" + release: "pixie" + values: {} + } + } } } \ No newline at end of file diff --git a/stack.cue b/stack.cue index 411be50..108a1ee 100644 --- a/stack.cue +++ b/stack.cue @@ -21,8 +21,16 @@ stack: v1.#Stack & { name: "default" cidr: "10.0.0.0/16" subnets: { - private: ["10.0.1.0/24", "10.0.2.0/24"] - public: ["10.0.101.0/24", "10.0.102.0/24"] + private: [ + "10.0.1.0/24", // Subnet for AZ1 + "10.0.2.0/24", // Subnet for AZ2 + "10.0.3.0/24" // Subnet for AZ3 + ] + public: [ + "10.0.101.0/24", // Subnet for AZ1 + "10.0.102.0/24", // Subnet for AZ2 + "10.0.103.0/24" // Subnet for AZ3 + ] } } } @@ -40,5 +48,6 @@ stack: v1.#Stack & { grafana: k8s: cluster.k8s prometheus: k8s: cluster.k8s loki: k8s: cluster.k8s + pixie: k8s: cluster.k8s } } \ No newline at end of file From 678f1eadf08b71cb46955cf71c9e2f5f94864da7 Mon Sep 17 00:00:00 2001 From: Omar-Ahmed-Dt Date: Wed, 30 Oct 2024 20:02:40 +0300 Subject: [PATCH 07/23] test with observ stack --- builder.cue | 2 +- k8s/services/pixie/helm.cue | 2 +- stack.cue | 25 ++++++++++++------------- 3 files changed, 14 insertions(+), 15 deletions(-) diff --git a/builder.cue b/builder.cue index e1bb3d4..790ac7a 100644 --- a/builder.cue +++ b/builder.cue @@ -22,4 +22,4 @@ builders: v2alpha1.#Environments & { ] } } -} \ No newline at end of file +} diff --git a/k8s/services/pixie/helm.cue b/k8s/services/pixie/helm.cue index c092a9c..a126dcd 100644 --- a/k8s/services/pixie/helm.cue +++ b/k8s/services/pixie/helm.cue @@ -14,7 +14,7 @@ import ( helm: { repoType: "default" url: "https://helm-charts.newrelic.com" - chart: "pixie" + chart: "newrelic-pixie" version: string | *"2.1.6" diff --git a/stack.cue b/stack.cue index 108a1ee..c6339b4 100644 --- a/stack.cue +++ b/stack.cue @@ -11,10 +11,8 @@ stack: v1.#Stack & { // EKS Cluster Configuration cluster: { traits.#KubernetesCluster - k8s: { - name: "demo" - version: minor: 26 - } + k8s: name: "demo" + k8s: version: minor: 27 aws: { region: "us-east-1" vpc: { @@ -22,14 +20,14 @@ stack: v1.#Stack & { cidr: "10.0.0.0/16" subnets: { private: [ - "10.0.1.0/24", // Subnet for AZ1 - "10.0.2.0/24", // Subnet for AZ2 - "10.0.3.0/24" // Subnet for AZ3 + "10.0.1.0/24", + "10.0.2.0/24", + "10.0.3.0/24" ] public: [ - "10.0.101.0/24", // Subnet for AZ1 - "10.0.102.0/24", // Subnet for AZ2 - "10.0.103.0/24" // Subnet for AZ3 + "10.0.101.0/24", + "10.0.102.0/24", + "10.0.103.0/24" ] } } @@ -42,12 +40,13 @@ stack: v1.#Stack & { desiredSize: 2 public: true } - } + } // Add Observability Stack stacks.ObservabilityStack.components grafana: k8s: cluster.k8s prometheus: k8s: cluster.k8s loki: k8s: cluster.k8s - pixie: k8s: cluster.k8s + pixie: k8s: cluster.k8s } -} \ No newline at end of file +} + From bff23f9d4414335840b0fc574ab0deb9bc63b291 Mon Sep 17 00:00:00 2001 From: Omar-Ahmed-Dt Date: Wed, 30 Oct 2024 21:18:51 +0300 Subject: [PATCH 08/23] modified pixie pr --- .gitignore | 3 +- builder.cue | 25 ---------------- k8s/services/pixie/helm-2.1.cue | 10 +++---- stack.cue | 52 --------------------------------- 4 files changed, 7 insertions(+), 83 deletions(-) delete mode 100644 builder.cue delete mode 100644 stack.cue diff --git a/.gitignore b/.gitignore index 567609b..361cbcd 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ -build/ +stack.cue +builder.cue \ No newline at end of file diff --git a/builder.cue b/builder.cue deleted file mode 100644 index 790ac7a..0000000 --- a/builder.cue +++ /dev/null @@ -1,25 +0,0 @@ -package main - -import ( - "stakpak.dev/devx/v2alpha1" - "stakpak.dev/devx/v1/transformers/terraform/aws" - "stakpak.dev/devx/v1/transformers/terraform/k8s" - "stakpak.dev/devx/v1/transformers/terraform/helm" -) - -builders: v2alpha1.#Environments & { - prod: { - flows: { - // Pipeline for adding EKS Cluster - "eks/add-cluster": pipeline: [ - aws.#AddKubernetesCluster - ] - - // Helm Configuration and Release Pipeline - "terraform/helm": pipeline: [ - k8s.#AddLocalHelmProvider, - helm.#AddHelmRelease, - ] - } - } -} diff --git a/k8s/services/pixie/helm-2.1.cue b/k8s/services/pixie/helm-2.1.cue index a5de8ca..a6533b8 100644 --- a/k8s/services/pixie/helm-2.1.cue +++ b/k8s/services/pixie/helm-2.1.cue @@ -31,8 +31,8 @@ import ( } } - podAnnotations: {} - podLabels: {} + podAnnotations: k8s.#Annotations + podLabels: k8s.#Labels job: { annotations: {} @@ -41,11 +41,11 @@ import ( proxy: {} - nodeSelector: {} + nodeSelector: k8s.#Labels - tolerations: [] + tolerations: [...v1.#Toleration] - affinity: {} + affinity: v1.#Affinity customScripts: {} diff --git a/stack.cue b/stack.cue deleted file mode 100644 index c6339b4..0000000 --- a/stack.cue +++ /dev/null @@ -1,52 +0,0 @@ -package main - -import ( - "stakpak.dev/devx/v1" - "stakpak.dev/devx/v1/traits" - "stakpak.dev/devx/k8s/stacks" -) - -stack: v1.#Stack & { - components: { - // EKS Cluster Configuration - cluster: { - traits.#KubernetesCluster - k8s: name: "demo" - k8s: version: minor: 27 - aws: { - region: "us-east-1" - vpc: { - name: "default" - cidr: "10.0.0.0/16" - subnets: { - private: [ - "10.0.1.0/24", - "10.0.2.0/24", - "10.0.3.0/24" - ] - public: [ - "10.0.101.0/24", - "10.0.102.0/24", - "10.0.103.0/24" - ] - } - } - } - eks: { - moduleVersion: "19.21.0" - instanceType: "t3.small" - minSize: 2 - maxSize: 5 - desiredSize: 2 - public: true - } - } - // Add Observability Stack - stacks.ObservabilityStack.components - grafana: k8s: cluster.k8s - prometheus: k8s: cluster.k8s - loki: k8s: cluster.k8s - pixie: k8s: cluster.k8s - } -} - From b621c005723d68bb47994c1776adbfd1624698ac Mon Sep 17 00:00:00 2001 From: Omar-Ahmed-Dt Date: Wed, 30 Oct 2024 21:20:52 +0300 Subject: [PATCH 09/23] added import k8s to pixie --- k8s/services/pixie/helm-2.1.cue | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/services/pixie/helm-2.1.cue b/k8s/services/pixie/helm-2.1.cue index a6533b8..a1f2a6d 100644 --- a/k8s/services/pixie/helm-2.1.cue +++ b/k8s/services/pixie/helm-2.1.cue @@ -2,7 +2,7 @@ package pixie import ( "k8s.io/api/core/v1" - // "stakpak.dev/devx/k8s" + "stakpak.dev/devx/k8s" ) #KubeVersion: [=~"^2\\.1\\.6"]: minor: >=21 From 4e09e269fcaa3ac99326b9bb17fa63b0d2b2ef66 Mon Sep 17 00:00:00 2001 From: Omar-Ahmed-Dt Date: Sat, 9 Nov 2024 16:10:21 +0200 Subject: [PATCH 10/23] fixed Observ Charts --- k8s/services/grafana/helm-8.5.cue | 538 +++++-------------------- k8s/services/grafana/helm.cue | 2 +- k8s/services/loki/helm-2.10.cue | 144 +++++++ k8s/services/loki/helm-6.16.cue | 42 -- k8s/services/loki/helm.cue | 4 +- k8s/services/pixie/helm-0.1.cue | 59 +++ k8s/services/pixie/helm-2.1.cue | 55 --- k8s/services/pixie/helm.cue | 10 +- k8s/services/prometheus/helm-25.26.cue | 6 +- k8s/stacks/observ.cue | 11 +- 10 files changed, 333 insertions(+), 538 deletions(-) create mode 100644 k8s/services/loki/helm-2.10.cue delete mode 100644 k8s/services/loki/helm-6.16.cue create mode 100644 k8s/services/pixie/helm-0.1.cue delete mode 100644 k8s/services/pixie/helm-2.1.cue diff --git a/k8s/services/grafana/helm-8.5.cue b/k8s/services/grafana/helm-8.5.cue index d64f1f1..17c286e 100644 --- a/k8s/services/grafana/helm-8.5.cue +++ b/k8s/services/grafana/helm-8.5.cue @@ -5,433 +5,119 @@ import ( "stakpak.dev/devx/k8s" ) +// Define Helm chart settings #KubeVersion: [=~"^8\\.5\\.1"]: minor: >=21 + #Values: [=~"^8\\.5\\.1"]: { - global: { - imageRegistry: string | *null - imagePullSecrets: [...string] | *[] - } - rbac: { - create: bool | *true - pspEnabled: bool | *false - pspUseAppArmor: bool | *false - namespaced: bool | *false - extraRoleRules: [...{}] | *[] - extraClusterRoleRules: [...{}] | *[] - } - serviceAccount: { - create: bool | *true - name: string | *null - nameTest: string | *null - labels: {} | *{} - automountServiceAccountToken: bool | *false - } - replicas: int | *1 - headlessService: bool | *false - automountServiceAccountToken: bool | *true - autoscaling: { - enabled: bool | *false - minReplicas: int | *1 - maxReplicas: int | *5 - targetCPU: string | *"60" - targetMemory: string | *"" - behavior: {} | *{} - } - podDisruptionBudget: {} | *{} - deploymentStrategy: { - type: string | *"RollingUpdate" - } - readinessProbe: { - httpGet: { - path: string | *"/api/health" - port: int | *3000 - } - } - livenessProbe: { - httpGet: { - path: string | *"/api/health" - port: int | *3000 - } - initialDelaySeconds: int | *60 - timeoutSeconds: int | *30 - failureThreshold: int | *10 - } - image: { - registry: string | *"docker.io" - repository: string | *"grafana/grafana" - tag: string | *"latest" - sha: string | *"" - pullPolicy: v1.PullPolicy | *"IfNotPresent" - pullSecrets: [...string] | *[] - } - testFramework: { - enabled: bool | *true - image: { - registry: string | *"docker.io" - repository: string | *"bats/bats" - tag: string | *"v1.4.1" - } - imagePullPolicy: v1.PullPolicy | *"IfNotPresent" - securityContext: {} | *{} - resources: {} | *{} - } - dnsPolicy: string | *null - dnsConfig: {} | *{} - securityContext: { - runAsNonRoot: bool | *true - runAsUser: int | *472 - runAsGroup: int | *472 - fsGroup: int | *472 - } - containerSecurityContext: { - allowPrivilegeEscalation: bool | *false - capabilities: { - drop: [...string] | *["ALL"] - } - seccompProfile: { - type: string | *"RuntimeDefault" - } - } - createConfigmap: bool | *true - extraConfigmapMounts: [...{}] | *[] - extraEmptyDirMounts: [...{}] | *[] - extraLabels: {} | *{} - downloadDashboardsImage: { - registry: string | *"docker.io" - repository: string | *"curlimages/curl" - tag: string | *"7.85.0" - sha: string | *"" - pullPolicy: v1.PullPolicy | *"IfNotPresent" - } - downloadDashboards: { - env: {} | *{} - envFromSecret: string | *"" - resources: {} | *{} - securityContext: { - allowPrivilegeEscalation: bool | *false - capabilities: { - drop: [...string] | *["ALL"] - } - seccompProfile: { - type: string | *"RuntimeDefault" - } - } - envValueFrom: {} | *{} - } - service: { - enabled: bool | *true - type: string | *"ClusterIP" - ipFamilyPolicy: string | *"" - ipFamilies: [...string] | *[] - loadBalancerIP: string | *"" - loadBalancerClass: string | *"" - loadBalancerSourceRanges: [...string] | *[] - port: int | *80 - targetPort: int | *3000 - annotations: k8s.#Annotations | *null - labels: {} | *{} - portName: string | *"service" - appProtocol: string | *"" - } - serviceMonitor: { - enabled: bool | *false - path: string | *"/metrics" - labels: {} | *{} - interval: string | *"30s" - scheme: string | *"http" - tlsConfig: {} | *{} - scrapeTimeout: string | *"30s" - relabelings: [...{}] | *[] - metricRelabelings: [...{}] | *[] - targetLabels: [...string] | *[] - } - extraExposePorts: [...{}] | *[] - hostAliases: [...{}] | *[] - ingress: { - enabled: bool | *false - annotations: k8s.#Annotations | *null - labels: {} | *{} - path: string | *"/" - pathType: string | *"Prefix" - hosts: [...string] | *["chart-example.local"] - extraPaths: [...{}] | *[] - tls: [...{}] | *[] - } - resources: {} | *{} - nodeSelector: {} | *{} - tolerations: [...{}] | *[] - affinity: {} | *{} - topologySpreadConstraints: [...{}] | *[] - extraInitContainers: [...{}] | *[] - extraContainers: string | *"" - extraContainerVolumes: [...{}] | *[] - extraVolumeMounts: [...{}] | *[] - extraVolumes: [...{}] | *[] - persistence: { - type: string | *"pvc" - enabled: bool | *false - accessModes: [...string] | *["ReadWriteOnce"] - size: string | *"10Gi" - finalizers: [...string] | *["kubernetes.io/pvc-protection"] - extraPvcLabels: {} | *{} - disableWarning: bool | *false - inMemory: { - enabled: bool | *false - } - lookupVolumeName: bool | *true - } - initChownData: { - enabled: bool | *true - image: { - registry: string | *"docker.io" - repository: string | *"library/busybox" - tag: string | *"1.31.1" - sha: string | *"" - pullPolicy: v1.PullPolicy | *"IfNotPresent" - } - resources: {} | *{} - securityContext: { - runAsNonRoot: bool | *false - runAsUser: int | *0 - seccompProfile: { - type: string | *"RuntimeDefault" - } - capabilities: { - add: [...string] | *["CHOWN"] - } - } - } - adminUser: string | *"admin" - adminPassword: string | *"admin" - admin: { - existingSecret: string | *"" - userKey: string | *"admin-user" - passwordKey: string | *"admin-password" - } - command: [...string] | *null - args: [...string] | *null - env: {} | *{} - envValueFrom: {} | *{} - envFromSecret: string | *"" - envRenderSecret: {} | *{} - envFromSecrets: [...{}] | *[] - envFromConfigMaps: [...{}] | *[] - enableServiceLinks: bool | *true - extraSecretMounts: [...{}] | *[] - extraVolumeMounts: [...{}] | *[] - extraVolumes: [...{}] | *[] - lifecycleHooks: {} | *{} - plugins: [...string] | *[] - datasources: { - enabled: bool | *false - } - alerting: {} | *{} - notifiers: {} | *{} - dashboardProviders: {} | *{} - dashboards: {} | *{} - dashboardsConfigMaps: {} | *{} - grafana_ini: { - paths: { - data: string | *"/var/lib/grafana/" - logs: string | *"/var/log/grafana" - plugins: string | *"/var/lib/grafana/plugins" - provisioning: string | *"/etc/grafana/provisioning" - } - analytics: { - check_for_updates: bool | *true - } - log: { - mode: string | *"console" - } - grafana_net: { - url: string | *"https://grafana.net" - } - server: { - domain: string | *"" - } - } - ldap: { - enabled: bool | *false - existingSecret: string | *"" - config: string | *"" - } - smtp: { - existingSecret: string | *"" - userKey: string | *"user" - passwordKey: string | *"password" - } - sidecar: { - image: { - registry: string | *"quay.io" - repository: string | *"kiwigrid/k8s-sidecar" - tag: string | *"1.27.4" - sha: string | *"" - pullPolicy: v1.PullPolicy | *"IfNotPresent" - } - resources: {} | *{} - securityContext: { - allowPrivilegeEscalation: bool | *false - capabilities: { - drop: [...string] | *["ALL"] - } - seccompProfile: { - type: string | *"RuntimeDefault" - } - } - alerts: { - enabled: bool | *false - env: {} | *{} - label: string | *"grafana_alert" - labelValue: string | *"" - searchNamespace: string | *null - watchMethod: string | *"WATCH" - resource: string | *"both" - reloadURL: string | *"http://localhost:3000/api/admin/provisioning/alerting/reload" - skipReload: bool | *false - initAlerts: bool | *false - } - dashboards: { - enabled: bool | *false - env: {} | *{} - SCProvider: bool | *true - label: string | *"grafana_dashboard" - labelValue: string | *"" - folder: string | *"/tmp/dashboards" - defaultFolderName: string | *null - searchNamespace: string | *null - watchMethod: string | *"WATCH" - resource: string | *"both" - folderAnnotation: string | *null - reloadURL: string | *"http://localhost:3000/api/admin/provisioning/dashboards/reload" - skipReload: bool | *false - } - datasources: { - enabled: bool | *false - env: {} | *{} - label: string | *"grafana_datasource" - labelValue: string | *"" - searchNamespace: string | *null - watchMethod: string | *"WATCH" - resource: string | *"both" - reloadURL: string | *"http://localhost:3000/api/admin/provisioning/datasources/reload" - skipReload: bool | *false - initDatasources: bool | *false - } - plugins: { - enabled: bool | *false - env: {} | *{} - label: string | *"grafana_plugin" - labelValue: string | *"" - searchNamespace: string | *null - watchMethod: string | *"WATCH" - resource: string | *"both" - reloadURL: string | *"http://localhost:3000/api/admin/provisioning/plugins/reload" - skipReload: bool | *false - initPlugins: bool | *false - } - notifiers: { - enabled: bool | *false - env: {} | *{} - label: string | *"grafana_notifier" - labelValue: string | *"" - searchNamespace: string | *null - watchMethod: string | *"WATCH" - resource: string | *"both" - reloadURL: string | *"http://localhost:3000/api/admin/provisioning/notifications/reload" - skipReload: bool | *false - initNotifiers: bool | *false - } - } - namespaceOverride: string | *"" - revisionHistoryLimit: int | *10 - imageRenderer: { - deploymentStrategy: {} | *{} - enabled: bool | *false - replicas: int | *1 - autoscaling: { - enabled: bool | *false - minReplicas: int | *1 - maxReplicas: int | *5 - targetCPU: string | *"60" - targetMemory: string | *"" - behavior: {} | *{} - } - serverURL: string | *"" - renderingCallbackURL: string | *"" - image: { - registry: string | *"docker.io" - repository: string | *"grafana/grafana-image-renderer" - tag: string | *"latest" - sha: string | *"" - pullPolicy: v1.PullPolicy | *"Always" - } - env: { - HTTP_HOST: string | *"0.0.0.0" - } - envValueFrom: {} | *{} - serviceAccountName: string | *"" - securityContext: {} | *{} - containerSecurityContext: { - seccompProfile: { - type: string | *"RuntimeDefault" - } - capabilities: { - drop: [...string] | *["ALL"] - } - allowPrivilegeEscalation: bool | *false - readOnlyRootFilesystem: bool | *true - } - service: { - enabled: bool | *true - portName: string | *"http" - port: int | *8081 - targetPort: int | *8081 - appProtocol: string | *"" - } - serviceMonitor: { - enabled: bool | *false - path: string | *"/metrics" - labels: {} | *{} - interval: string | *"1m" - scheme: string | *"http" - tlsConfig: {} | *{} - scrapeTimeout: string | *"30s" - relabelings: [...{}] | *[] - targetLabels: [...string] | *[] - } - grafanaProtocol: string | *"http" - grafanaSubPath: string | *"" - podPortName: string | *"http" - revisionHistoryLimit: int | *10 - networkPolicy: { - limitIngress: bool | *true - limitEgress: bool | *false - extraIngressSelectors: [...{}] | *[] - } - resources: {} | *{} - nodeSelector: {} | *{} - tolerations: [...{}] | *[] - affinity: {} | *{} - extraConfigmapMounts: [...{}] | *[] - extraSecretMounts: [...{}] | *[] - extraVolumeMounts: [...{}] | *[] - extraVolumes: [...{}] | *[] - } - networkPolicy: { - enabled: bool | *false - ingress: bool | *true - allowExternal: bool | *true - explicitNamespacesSelector: {} | *{} - egress: { - enabled: bool | *false - blockDNSResolution: bool | *false - ports: [...{}] | *[] - to: [...{}] | *[] - } - } - enableKubeBackwardCompatibility: bool | *false - useStatefulSet: bool | *false - extraObjects: [...{}] | *[] - assertNoLeakedSecrets: bool | *true + global: { + imageRegistry: string | *null + imagePullSecrets: [...string] | *[] + } + + grafana: { + enabled: bool | *true + isDefault: bool | *true + + // Health check probes + readinessProbe: { + httpGet: { + path: string | *"/api/health" + port: int | *3000 + } + } + livenessProbe: { + httpGet: { + path: string | *"/api/health" + port: int | *3000 + } + initialDelaySeconds: int | *60 + timeoutSeconds: int | *30 + failureThreshold: int | *10 + } + + // Service configuration + service: { + enabled: bool | *true + type: string | *"ClusterIP" + port: int | *80 + targetPort: int | *3000 + annotations: k8s.#Annotations + labels: k8s.#Labels + } + + // Image configuration for Grafana + image: { + registry: string | *"docker.io" + repository: string | *"grafana/grafana" + tag: string | *"latest" + pullPolicy: v1.PullPolicy | *"IfNotPresent" + } + + // Resource requests and limits + resources: { + limits: { + cpu: string | *"500m" + memory: string | *"1Gi" + } + requests: { + cpu: string | *"250m" + memory: string | *"512Mi" + } + } + + // Persistence settings + persistence: { + enabled: bool | *false + accessModes: [...string] | *["ReadWriteOnce"] + size: string | *"10Gi" + } + + // Additional configurations for pods + nodeSelector: k8s.#Labels + tolerations: [...v1.#Toleration] + affinity: v1.#Affinity + } + + // Datasources for Grafana + datasources: { + "datasources.yaml": { + apiVersion: 1 + datasources: [ + { + name: "Prometheus" + type: "prometheus" + url: "http://prometheus-server.monitoring.svc.cluster.local:80" + access: "proxy" + isDefault: true + }, + { + name: "Loki" + type: "loki" + url: "http://loki.monitoring.svc.cluster.local:3100" + access: "proxy" + isDefault: false + }, + // { + // name: "AlertManager" + // type: "alertmanager" + // url: "http://prometheus-alertmanager.monitoring.svc.cluster.local:9093" + // access: "proxy" + // isDefault: false + // } + ] + } + } + + // Service account and RBAC + serviceAccount: { + create: bool | *true + name: string | *null + } + rbac: { + create: bool | *true + pspEnabled: bool | *false + extraRoleRules: [...{}] | *[] + extraClusterRoleRules: [...{}] | *[] + } } \ No newline at end of file diff --git a/k8s/services/grafana/helm.cue b/k8s/services/grafana/helm.cue index 6beadd1..be42cdf 100644 --- a/k8s/services/grafana/helm.cue +++ b/k8s/services/grafana/helm.cue @@ -16,7 +16,7 @@ import ( url: "https://grafana.github.io/helm-charts" chart: "grafana" - version: string | *"8.5.1" + version: string | *"8.5.11" namespace: string | *"monitoring" release: string diff --git a/k8s/services/loki/helm-2.10.cue b/k8s/services/loki/helm-2.10.cue new file mode 100644 index 0000000..c1d0f1c --- /dev/null +++ b/k8s/services/loki/helm-2.10.cue @@ -0,0 +1,144 @@ +package loki + +import ( + "k8s.io/api/core/v1" + // "stakpak.dev/devx/k8s" +) + +#KubeVersion: [=~"^2\\.10\\.2"]: minor: >=21 +#Values: [=~"^2\\.10\\.2"]: { +{ + test_pod: { + enabled: true + image: "bats/bats:1.8.2" + pullPolicy: v1.#imagePullPolicy | *"IfNotPresent" + } + + loki: { + enabled: true + isDefault: true + url: "http://{{(include \"loki.serviceName\" .)}}:{{ .Values.loki.service.port }}" + readinessProbe: { + httpGet: { + path: "/ready" + port: "http-metrics" + } + initialDelaySeconds: 45 + } + livenessProbe: { + httpGet: { + path: "/ready" + port: "http-metrics" + } + initialDelaySeconds: 45 + } + datasource: { + jsonData: "{}" + uid: "" + } + } + + promtail: { + enabled: true + config: { + logLevel: "info" + serverPort: 3101 + clients: [{ + url: "http://{{ .Release.Name }}:3100/loki/api/v1/push" + }] + } + } + + fluent_bit: { + enabled: false + } + + grafana: { + enabled: false + sidecar: { + datasources: { + label: "" + labelValue: "" + enabled: true + maxLines: 1000 + } + } + image: { + tag: "10.3.3" + } + } + + prometheus: { + enabled: false + isDefault: false + url: "http://{{ include \"prometheus.fullname\" .}}:{{ .Values.prometheus.server.service.servicePort }}{{ .Values.prometheus.server.prefixURL }}" + datasource: { + jsonData: "{}" + } + } + + filebeat: { + enabled: false + filebeatConfig: { + "filebeat.yml": ''' + # logging.level: debug + filebeat.inputs: + - type: container + paths: + - /var/log/containers/*.log + processors: + - add_kubernetes_metadata: + host: ${NODE_NAME} + matchers: + - logs_path: + logs_path: "/var/log/containers/" + output.logstash: + hosts: ["logstash-loki:5044"] + ''' + } + } + + logstash: { + enabled: false + image: "grafana/logstash-output-loki" + imageTag: "1.0.1" + filters: { + main: ''' + filter { + if [kubernetes] { + mutate { + add_field => { + "container_name" => "%{[kubernetes][container][name]}" + "namespace" => "%{[kubernetes][namespace]}" + "pod" => "%{[kubernetes][pod][name]}" + } + replace => { "host" => "%{[kubernetes][node][name]}" } + } + } + mutate { + remove_field => ["tags"] + } + } + ''' + } + outputs: { + main: ''' + output { + loki { + url => "http://loki:3100/loki/api/v1/push" + #username => "test" + #password => "test" + } + # stdout { codec => rubydebug } + } + ''' + } + } + + proxy: { + http_proxy: "" + https_proxy: "" + no_proxy: "" + } +} +} \ No newline at end of file diff --git a/k8s/services/loki/helm-6.16.cue b/k8s/services/loki/helm-6.16.cue deleted file mode 100644 index f478135..0000000 --- a/k8s/services/loki/helm-6.16.cue +++ /dev/null @@ -1,42 +0,0 @@ -package loki - -#KubeVersion: [=~"^6\\.16\\.0"]: minor: >=21 -#Values: [=~"^6\\.16\\.0"]: { - - // Loki settings - loki: { - enabled: bool | *true - isDefault: bool | *true - // url: string | *"http://{{(include \"loki.serviceName\" .)}}:{{ .Values.loki.service.port }}" - readinessProbe: { - httpGet: { - path: string | *"/ready" - port: string | *"http-metrics" - } - initialDelaySeconds: int | *45 - } - livenessProbe: { - httpGet: { - path: string | *"/ready" - port: string | *"http-metrics" - } - initialDelaySeconds: int | *45 - } - datasource: { - jsonData: string | *"{}" - uid: string | *"" - } - } - - // Promtail settings - promtail: { - enabled: bool | *true - config: { - logLevel: string | *"info" - serverPort: int | *3101 - // clients: [{ - // url: string | *"http://{{ .Release.Name }}:3100/loki/api/v1/push" - // }] - } - } -} \ No newline at end of file diff --git a/k8s/services/loki/helm.cue b/k8s/services/loki/helm.cue index 9203b6c..a3a3a96 100644 --- a/k8s/services/loki/helm.cue +++ b/k8s/services/loki/helm.cue @@ -14,9 +14,9 @@ import ( helm: { repoType: "default" url: "https://grafana.github.io/helm-charts" - chart: "loki" + chart: "loki-stack" - version: string | *"6.16.0" + version: string | *"2.10.2" namespace: string | *"monitoring" release: string diff --git a/k8s/services/pixie/helm-0.1.cue b/k8s/services/pixie/helm-0.1.cue new file mode 100644 index 0000000..bf73a2e --- /dev/null +++ b/k8s/services/pixie/helm-0.1.cue @@ -0,0 +1,59 @@ +package pixie + +import ( + "k8s.io/api/core/v1" + "stakpak.dev/devx/k8s" +) + +#KubeVersion: [=~"^0\\.1\\.6"]: minor: >=21 +#Values: [=~"^0\\.1\\.6"]: { + // OLM configuration + deployOLM: *"" | string // Optional; defaults to whether OLM is present in the cluster. + olmNamespace: *"olm" | string + olmOperatorNamespace: *"px-operator" | string + olmBundleChannel: *"stable" | string + + olmCatalogSource: { + annotations: {} // Optional annotations for CatalogSource pods. + labels: {} // Optional labels for CatalogSource pods. + } + + // Vizier configuration + vizier: { + name: *"pixie" | string // Name of the Vizier instance + clusterName: string // Cluster name for Vizier monitoring + version: *"" | string // Operator deploys the latest version if empty + deployKey: string // Deployment key for Vizier + customDeployKeySecret: *"" | string // Custom deploy key secret in Pixie namespace + + disableAutoUpdate: *false | bool // Disable auto-updates if true + useEtcdOperator: *false | bool // Use etcd for in-memory storage if true + cloudAddr: *"withpixie.ai:443" | string // Pixie cloud instance address + devCloudNamespace: *"" | string // Namespace for dev Pixie cloud, if used + + pemMemoryLimit: *"" | string // PEM pod memory limit (defaults to 2Gi if empty) + pemMemoryRequest: *"" | string // PEM pod memory request (defaults to pemMemoryLimit if empty) + dataAccess: *"Full" | string // Data access level for scripts on cluster + + pod: { + annotations: k8s.#Annotations + labels: k8s.#Labels + resources: { + + limits: { + cpu: "500m" | string + memory: "2Gi" | string + } + requests: { + cpu: "100m" | string + memory: "1Gi" | string + } + } + + nodeSelector: k8s.#Labels + tolerations: [...v1.#Toleration] + } + + } + +} \ No newline at end of file diff --git a/k8s/services/pixie/helm-2.1.cue b/k8s/services/pixie/helm-2.1.cue deleted file mode 100644 index a1f2a6d..0000000 --- a/k8s/services/pixie/helm-2.1.cue +++ /dev/null @@ -1,55 +0,0 @@ -package pixie - -import ( - "k8s.io/api/core/v1" - "stakpak.dev/devx/k8s" -) - -#KubeVersion: [=~"^2\\.1\\.6"]: minor: >=21 -#Values: [=~"^2\\.1\\.6"]: { - - clusterRegistrationWaitImage: { - repository: "gcr.io/pixie-oss/pixie-dev-public/curl" - tag: "1.0" - pullPolicy: v1.PullPolicy | *"IfNotPresent" - } - - image: { - repository: "newrelic/newrelic-pixie-integration" - tag: string | *"latest" - pullPolicy: v1.PullPolicy | *"IfNotPresent" - pullSecrets: [] - } - - resources: { - limits: { - memory: string | *"250M" - } - requests: { - cpu: string | *"100m" - memory: string | *"250M" - } - } - - podAnnotations: k8s.#Annotations - podLabels: k8s.#Labels - - job: { - annotations: {} - labels: {} - } - - proxy: {} - - nodeSelector: k8s.#Labels - - tolerations: [...v1.#Toleration] - - affinity: v1.#Affinity - - customScripts: {} - - excludeNamespacesRegex: "" - excludePodsRegex: "" - -} diff --git a/k8s/services/pixie/helm.cue b/k8s/services/pixie/helm.cue index a126dcd..4539702 100644 --- a/k8s/services/pixie/helm.cue +++ b/k8s/services/pixie/helm.cue @@ -13,13 +13,13 @@ import ( }).result helm: { repoType: "default" - url: "https://helm-charts.newrelic.com" - chart: "newrelic-pixie" + url: "https://pixie-operator-charts.storage.googleapis.com" + chart: "pixie-operator-chart" - version: string | *"2.1.6" + version: string | *"0.1.6" - namespace: string | *"monitoring" - release: string + namespace: "pl" + release: string | *"pixie" values: (v1.getMatch & { match: version diff --git a/k8s/services/prometheus/helm-25.26.cue b/k8s/services/prometheus/helm-25.26.cue index 31e3d06..817a982 100644 --- a/k8s/services/prometheus/helm-25.26.cue +++ b/k8s/services/prometheus/helm-25.26.cue @@ -51,15 +51,15 @@ import ( name: string | *"configmap-reload" image: { repository: string | *"quay.io/prometheus-operator/prometheus-config-reloader" - tag: string | *"latest" + tag: string | *"v0.77.2" digest: string | *"" pullPolicy: string | *"IfNotPresent" } containerPort: int | *8080 containerPortName: string | *"metrics" extraArgs: [string]: string - extraVolumeDirs: [string]: string - extraVolumeMounts: [string]: string + extraVolumeDirs: [] + extraVolumeMounts: [] extraConfigmapMounts: [...{ name: string mountPath: string diff --git a/k8s/stacks/observ.cue b/k8s/stacks/observ.cue index aa9b957..ef29a13 100644 --- a/k8s/stacks/observ.cue +++ b/k8s/stacks/observ.cue @@ -13,14 +13,14 @@ ObservabilityStack: v1.#Stack & { components: { "loki": loki.#LokiChart & { helm: { - version: "6.16.0" + version: "2.10.2" release: "loki" values: {} } } "grafana": grafana.#GrafanaChart & { helm: { - version: "8.5.1" + version: "8.5.11" release: "grafana" values: {} } @@ -34,9 +34,12 @@ ObservabilityStack: v1.#Stack & { } "pixie": pixie.#PixieChart & { helm: { - version: "2.1.6" + version: "0.1.6" release: "pixie" - values: {} + values: { + clusterName: "ObservTest" + deployKey: "px-dep-7f20ab42-b199-418f-872b-f5a84378152f" + } } } } From 27e36b6c369771cd13d1bd55203dc54f2cba42ba Mon Sep 17 00:00:00 2001 From: Omar-Ahmed-Dt Date: Tue, 12 Nov 2024 16:25:40 +0200 Subject: [PATCH 11/23] add s3bucket storage to Loki --- k8s/services/loki/helm-2.10.cue | 175 +++++++++----------------------- k8s/services/pixie/helm-0.1.cue | 16 ++- 2 files changed, 57 insertions(+), 134 deletions(-) diff --git a/k8s/services/loki/helm-2.10.cue b/k8s/services/loki/helm-2.10.cue index c1d0f1c..26f88ef 100644 --- a/k8s/services/loki/helm-2.10.cue +++ b/k8s/services/loki/helm-2.10.cue @@ -1,144 +1,69 @@ package loki -import ( - "k8s.io/api/core/v1" - // "stakpak.dev/devx/k8s" -) - #KubeVersion: [=~"^2\\.10\\.2"]: minor: >=21 #Values: [=~"^2\\.10\\.2"]: { -{ - test_pod: { - enabled: true - image: "bats/bats:1.8.2" - pullPolicy: v1.#imagePullPolicy | *"IfNotPresent" - } loki: { - enabled: true - isDefault: true - url: "http://{{(include \"loki.serviceName\" .)}}:{{ .Values.loki.service.port }}" - readinessProbe: { - httpGet: { - path: "/ready" - port: "http-metrics" - } - initialDelaySeconds: 45 - } - livenessProbe: { - httpGet: { - path: "/ready" - port: "http-metrics" + env: [ + { + name: "AWS_ACCESS_KEY_ID" + valueFrom: { + secretKeyRef: { + name: *"iam-loki-s3" | string + key: *"AWS_ACCESS_KEY_ID" | string + } + } + }, + { + name: "AWS_SECRET_ACCESS_KEY" + valueFrom: { + secretKeyRef: { + name: *"iam-loki-s3" | string + key: *"AWS_SECRET_ACCESS_KEY" | string + } + } } - initialDelaySeconds: 45 - } - datasource: { - jsonData: "{}" - uid: "" - } - } + ] - promtail: { - enabled: true config: { - logLevel: "info" - serverPort: 3101 - clients: [{ - url: "http://{{ .Release.Name }}:3100/loki/api/v1/push" - }] - } - } - - fluent_bit: { - enabled: false - } - - grafana: { - enabled: false - sidecar: { - datasources: { - label: "" - labelValue: "" - enabled: true - maxLines: 1000 + schema_config: { + configs: [{ + from: *"2021-05-12" | string + store: *"boltdb-shipper" | string + object_store: *"s3" | string + schema: *"v11" | string + index: { + prefix: *"loki_index_" | string + period: *"24h" | string + } + }] } - } - image: { - tag: "10.3.3" - } - } - prometheus: { - enabled: false - isDefault: false - url: "http://{{ include \"prometheus.fullname\" .}}:{{ .Values.prometheus.server.service.servicePort }}{{ .Values.prometheus.server.prefixURL }}" - datasource: { - jsonData: "{}" + storage_config: { + aws: { + s3: *"s3://us-east-1/observtest" | string + s3forcepathstyle: *true | bool + bucketnames: *"observtest" | string + region: *"us-east-1" | string + insecure: *false | bool + sse_encryption: *false | bool + } + boltdb_shipper: { + shared_store: *"s3" | string + cache_ttl: *"24h" | string + } + } } } - filebeat: { - enabled: false - filebeatConfig: { - "filebeat.yml": ''' - # logging.level: debug - filebeat.inputs: - - type: container - paths: - - /var/log/containers/*.log - processors: - - add_kubernetes_metadata: - host: ${NODE_NAME} - matchers: - - logs_path: - logs_path: "/var/log/containers/" - output.logstash: - hosts: ["logstash-loki:5044"] - ''' - } - } - logstash: { - enabled: false - image: "grafana/logstash-output-loki" - imageTag: "1.0.1" - filters: { - main: ''' - filter { - if [kubernetes] { - mutate { - add_field => { - "container_name" => "%{[kubernetes][container][name]}" - "namespace" => "%{[kubernetes][namespace]}" - "pod" => "%{[kubernetes][pod][name]}" - } - replace => { "host" => "%{[kubernetes][node][name]}" } - } - } - mutate { - remove_field => ["tags"] - } - } - ''' - } - outputs: { - main: ''' - output { - loki { - url => "http://loki:3100/loki/api/v1/push" - #username => "test" - #password => "test" - } - # stdout { codec => rubydebug } - } - ''' + promtail: { + enabled: *true | bool + config: { + clients: [{ + url: *"http://loki.monitoring.svc.cluster.local:3100/loki/api/v1/push" | string + }] } } - proxy: { - http_proxy: "" - https_proxy: "" - no_proxy: "" - } } -} \ No newline at end of file diff --git a/k8s/services/pixie/helm-0.1.cue b/k8s/services/pixie/helm-0.1.cue index bf73a2e..3cb6179 100644 --- a/k8s/services/pixie/helm-0.1.cue +++ b/k8s/services/pixie/helm-0.1.cue @@ -21,15 +21,13 @@ import ( // Vizier configuration vizier: { name: *"pixie" | string // Name of the Vizier instance - clusterName: string // Cluster name for Vizier monitoring + clusterName: string | *"ObservTest" // Cluster name for Vizier monitoring version: *"" | string // Operator deploys the latest version if empty - deployKey: string // Deployment key for Vizier - customDeployKeySecret: *"" | string // Custom deploy key secret in Pixie namespace - + deployKey: string | *"px-dep-7f20ab42-b199-418f-872b-f5a84378152f" // Deployment key for Vizier disableAutoUpdate: *false | bool // Disable auto-updates if true useEtcdOperator: *false | bool // Use etcd for in-memory storage if true cloudAddr: *"withpixie.ai:443" | string // Pixie cloud instance address - devCloudNamespace: *"" | string // Namespace for dev Pixie cloud, if used + devCloudNamespace: *"plc" | string // Namespace for dev Pixie cloud, if used pemMemoryLimit: *"" | string // PEM pod memory limit (defaults to 2Gi if empty) pemMemoryRequest: *"" | string // PEM pod memory request (defaults to pemMemoryLimit if empty) @@ -41,12 +39,12 @@ import ( resources: { limits: { - cpu: "500m" | string - memory: "2Gi" | string + cpu: *"500m" | string + memory: *"2Gi" | string } requests: { - cpu: "100m" | string - memory: "1Gi" | string + cpu: *"100m" | string + memory: *"1Gi" | string } } From dcd4d65ffdab3fa510f7c7ce379023f15cbf6b56 Mon Sep 17 00:00:00 2001 From: Omar-Ahmed-Dt Date: Sun, 17 Nov 2024 00:32:22 +0200 Subject: [PATCH 12/23] pixie left the observ stack --- build/prod/terraform/generated.tf.json | 112 +++++++++++++++++++++++++ k8s/stacks/observ.cue | 21 +++-- k8s/stacks/pixie.cue | 21 +++++ 3 files changed, 143 insertions(+), 11 deletions(-) create mode 100755 build/prod/terraform/generated.tf.json create mode 100644 k8s/stacks/pixie.cue diff --git a/build/prod/terraform/generated.tf.json b/build/prod/terraform/generated.tf.json new file mode 100755 index 0000000..2339f48 --- /dev/null +++ b/build/prod/terraform/generated.tf.json @@ -0,0 +1,112 @@ +{ + "data": { + "azurerm_kubernetes_service_versions": { + "ObservTest": { + "version_prefix": "1.29.", + "location": "East US" + } + } + }, + "provider": { + "azurerm": { + "features": {} + }, + "helm": { + "kubernetes": { + "config_path": "~/.kube/config" + } + } + }, + "terraform": { + "required_providers": { + "azurerm": { + "source": "hashicorp/azurerm", + "version": "3.106.1" + } + } + }, + "resource": { + "azurerm_resource_group": { + "ObservTest-resource-group": { + "name": "k8s-rg", + "location": "East US" + } + }, + "azurerm_kubernetes_cluster": { + "ObservTest": { + "name": "ObservTest", + "location": "East US", + "resource_group_name": "${azurerm_resource_group.ObservTest-resource-group.name}", + "kubernetes_version": "${data.azurerm_kubernetes_service_versions.ObservTest.latest_version}", + "identity": { + "type": "SystemAssigned" + }, + "dns_prefix": "ObservTest", + "default_node_pool": { + "name": "workerpool1", + "vm_size": "Standard_DS2_v2", + "orchestrator_version": "${data.azurerm_kubernetes_service_versions.ObservTest.latest_version}", + "enable_auto_scaling": true, + "tags": { + "name": "workerpool1", + "source": "terraform" + }, + "min_count": 1, + "temporary_name_for_rotation": "temppool1", + "max_count": 3 + } + } + }, + "helm_release": { + "prometheus": { + "name": "prometheus", + "namespace": "monitoring", + "repository": "https://prometheus-community.github.io/helm-charts", + "chart": "prometheus", + "version": "25.26.0", + "timeout": 600, + "atomic": true, + "create_namespace": true, + "values": [ + "rbac:\n create: true\npodSecurityPolicy:\n enabled: false\nimagePullSecrets: []\ncommonMetaLabels: {}\nconfigmapReload:\n reloadUrl: \"\"\n env: []\n prometheus:\n enabled: true\n name: configmap-reload\n image:\n repository: quay.io/prometheus-operator/prometheus-config-reloader\n tag: v0.77.2\n digest: \"\"\n pullPolicy: IfNotPresent\n containerPort: 8080\n containerPortName: metrics\n extraArgs: {}\n extraVolumeDirs: []\n extraVolumeMounts: []\n extraConfigmapMounts: []\n containerSecurityContext: {}\n livenessProbe:\n httpGet:\n path: /healthz\n port: 8080\n scheme: HTTP\n periodSeconds: 10\n initialDelaySeconds: 2\n readinessProbe:\n httpGet:\n path: /healthz\n port: 8080\n scheme: HTTP\n periodSeconds: 10\n startupProbe:\n enabled: false\n httpGet:\n path: /healthz\n port: 8080\n scheme: HTTP\n periodSeconds: 10\n resources: {}\nserver:\n name: server\n image:\n repository: quay.io/prometheus/prometheus\n tag: \"\"\n digest: \"\"\n pullPolicy: IfNotPresent\n global:\n scrape_interval: 1m\n scrape_timeout: 10s\n evaluation_interval: 1m\n resources:\n limits:\n cpu: 500m\n memory: 512Mi\n requests:\n cpu: 500m\n memory: 512Mi\n podSecurityContext: {}\n service:\n enabled: true\n type: ClusterIP\n servicePort: 80\n ingress:\n enabled: false\n annotations: null\n hosts: []\n path: /\n tls: []\n persistentVolume:\n enabled: true\n size: 8Gi\n storageClass: \"\"\n accessModes:\n - ReadWriteOnce\n mountPath: /data\n alertmanager:\n enabled: true\n persistence:\n enabled: true\n size: 2Gi\n kubeStateMetrics:\n enabled: true\n nodeExporter:\n enabled: true\n pushGateway:\n enabled: true\n" + ], + "depends_on": [] + }, + "loki": { + "name": "loki", + "namespace": "monitoring", + "repository": "https://grafana.github.io/helm-charts", + "chart": "loki-stack", + "version": "2.10.2", + "timeout": 600, + "atomic": true, + "create_namespace": true, + "values": [ + "loki:\n env:\n - name: AWS_ACCESS_KEY_ID\n valueFrom:\n secretKeyRef:\n name: iam-loki-s3\n key: AWS_ACCESS_KEY_ID\n - name: AWS_SECRET_ACCESS_KEY\n valueFrom:\n secretKeyRef:\n name: iam-loki-s3\n key: AWS_SECRET_ACCESS_KEY\n config:\n schema_config:\n configs:\n - from: \"2021-05-12\"\n store: boltdb-shipper\n object_store: s3\n schema: v11\n index:\n prefix: loki_index_\n period: 24h\n storage_config:\n aws:\n s3: s3://us-east-1/observtest\n s3forcepathstyle: true\n bucketnames: observtest\n region: us-east-1\n insecure: false\n sse_encryption: false\n boltdb_shipper:\n shared_store: s3\n cache_ttl: 24h\npromtail:\n enabled: true\n config:\n clients:\n - url: http://loki.monitoring.svc.cluster.local:3100/loki/api/v1/push\n" + ], + "depends_on": [] + }, + "grafana": { + "name": "grafana", + "namespace": "monitoring", + "repository": "https://grafana.github.io/helm-charts", + "chart": "grafana", + "version": "8.5.11", + "timeout": 600, + "atomic": true, + "create_namespace": true, + "values": [ + "global:\n imageRegistry: null\n imagePullSecrets: []\ngrafana:\n enabled: true\n isDefault: true\n readinessProbe:\n httpGet:\n path: /api/health\n port: 3000\n livenessProbe:\n httpGet:\n path: /api/health\n port: 3000\n initialDelaySeconds: 60\n timeoutSeconds: 30\n failureThreshold: 10\n service:\n enabled: true\n type: ClusterIP\n port: 80\n targetPort: 3000\n annotations: {}\n labels: {}\n image:\n registry: docker.io\n repository: grafana/grafana\n tag: latest\n pullPolicy: IfNotPresent\n resources:\n limits:\n cpu: 500m\n memory: 1Gi\n requests:\n cpu: 250m\n memory: 512Mi\n persistence:\n enabled: false\n accessModes:\n - ReadWriteOnce\n size: 10Gi\n nodeSelector: {}\n tolerations: []\n affinity: {}\ndatasources:\n datasources.yaml:\n apiVersion: 1\n datasources:\n - name: Prometheus\n type: prometheus\n url: http://prometheus-server.monitoring.svc.cluster.local:80\n access: proxy\n isDefault: true\n - name: Loki\n type: loki\n url: http://loki.monitoring.svc.cluster.local:3100\n access: proxy\n isDefault: false\nserviceAccount:\n create: true\n name: null\nrbac:\n create: true\n pspEnabled: false\n extraRoleRules: []\n extraClusterRoleRules: []\n" + ], + "depends_on": [] + } + }, + "azurerm_route_table": { + "ObservTest_aks_route_table": { + "name": "ObservTest-aks-route-table", + "location": "East US", + "resource_group_name": "k8s-rg" + } + } + } +} \ No newline at end of file diff --git a/k8s/stacks/observ.cue b/k8s/stacks/observ.cue index ef29a13..1037e07 100644 --- a/k8s/stacks/observ.cue +++ b/k8s/stacks/observ.cue @@ -5,7 +5,6 @@ import ( "stakpak.dev/devx/k8s/services/loki" "stakpak.dev/devx/k8s/services/grafana" "stakpak.dev/devx/k8s/services/prometheus" - "stakpak.dev/devx/k8s/services/pixie" ) ObservabilityStack: v1.#Stack & { @@ -32,15 +31,15 @@ ObservabilityStack: v1.#Stack & { values: {} } } - "pixie": pixie.#PixieChart & { - helm: { - version: "0.1.6" - release: "pixie" - values: { - clusterName: "ObservTest" - deployKey: "px-dep-7f20ab42-b199-418f-872b-f5a84378152f" - } - } - } + // "pixie": pixie.#PixieChart & { + // helm: { + // version: "0.1.6" + // release: "pixie" + // values: { + // clusterName: "ObservTest" + // deployKey: "px-dep-7f20ab42-b199-418f-872b-f5a84378152f" + // } + // } + // } } } \ No newline at end of file diff --git a/k8s/stacks/pixie.cue b/k8s/stacks/pixie.cue new file mode 100644 index 0000000..5acc623 --- /dev/null +++ b/k8s/stacks/pixie.cue @@ -0,0 +1,21 @@ +package stacks + +import ( + "stakpak.dev/devx/v1" + "stakpak.dev/devx/k8s/services/pixie" +) +Pixie: v1.#Stack & { + $metadata: stack: "Pixie" + components: { + "pixie": pixie.#PixieChart & { + helm: { + version: "0.1.6" + release: "pixie" + values: { + clusterName: "ObservTest" + deployKey: "px-dep-7f20ab42-b199-418f-872b-f5a84378152f" + } + } + } + } +} \ No newline at end of file From 6ae41d73eebcfcdbe227dc26b822a125567a366a Mon Sep 17 00:00:00 2001 From: Omar-Ahmed-Dt Date: Sun, 17 Nov 2024 20:57:58 +0200 Subject: [PATCH 13/23] remove hc deploykey --- build/prod/terraform/generated.tf.json | 14 ++++++++++++++ k8s/services/grafana/helm-8.5.cue | 7 ------- k8s/services/pixie/helm-0.1.cue | 3 ++- k8s/stacks/observ.cue | 10 ---------- k8s/stacks/pixie.cue | 6 ------ 5 files changed, 16 insertions(+), 24 deletions(-) diff --git a/build/prod/terraform/generated.tf.json b/build/prod/terraform/generated.tf.json index 2339f48..ba6ff17 100755 --- a/build/prod/terraform/generated.tf.json +++ b/build/prod/terraform/generated.tf.json @@ -72,6 +72,20 @@ ], "depends_on": [] }, + "pixie": { + "name": "pixie", + "namespace": "pl", + "repository": "https://pixie-operator-charts.storage.googleapis.com", + "chart": "pixie-operator-chart", + "version": "0.1.6", + "timeout": 600, + "atomic": true, + "create_namespace": true, + "values": [ + "deployOLM: \"\"\nclusterName: ObservTest\nolmNamespace: olm\nolmOperatorNamespace: px-operator\nolmBundleChannel: stable\nolmCatalogSource:\n annotations: {}\n labels: {}\nvizier:\n name: pixie\n clusterName: ObservTest\n version: \"\"\n deployKey: px-dep-7f20ab42-b199-418f-872b-f5a84378152f\n disableAutoUpdate: false\n useEtcdOperator: false\n cloudAddr: withpixie.ai:443\n devCloudNamespace: plc\n pemMemoryLimit: \"\"\n pemMemoryRequest: \"\"\n dataAccess: Full\n pod:\n annotations: {}\n labels: {}\n resources:\n limits:\n cpu: 500m\n memory: 2Gi\n requests:\n cpu: 100m\n memory: 1Gi\n nodeSelector: {}\n tolerations: []\n" + ], + "depends_on": [] + }, "loki": { "name": "loki", "namespace": "monitoring", diff --git a/k8s/services/grafana/helm-8.5.cue b/k8s/services/grafana/helm-8.5.cue index 17c286e..4af62aa 100644 --- a/k8s/services/grafana/helm-8.5.cue +++ b/k8s/services/grafana/helm-8.5.cue @@ -98,13 +98,6 @@ import ( access: "proxy" isDefault: false }, - // { - // name: "AlertManager" - // type: "alertmanager" - // url: "http://prometheus-alertmanager.monitoring.svc.cluster.local:9093" - // access: "proxy" - // isDefault: false - // } ] } } diff --git a/k8s/services/pixie/helm-0.1.cue b/k8s/services/pixie/helm-0.1.cue index 3cb6179..5a16f78 100644 --- a/k8s/services/pixie/helm-0.1.cue +++ b/k8s/services/pixie/helm-0.1.cue @@ -23,7 +23,8 @@ import ( name: *"pixie" | string // Name of the Vizier instance clusterName: string | *"ObservTest" // Cluster name for Vizier monitoring version: *"" | string // Operator deploys the latest version if empty - deployKey: string | *"px-dep-7f20ab42-b199-418f-872b-f5a84378152f" // Deployment key for Vizier + // deployKey: string | *"px-dep-7f20ab42-b199-418f-872b-f5a84378152f" // Deployment key for Vizier + deployKey: string // Deployment key for Vizier disableAutoUpdate: *false | bool // Disable auto-updates if true useEtcdOperator: *false | bool // Use etcd for in-memory storage if true cloudAddr: *"withpixie.ai:443" | string // Pixie cloud instance address diff --git a/k8s/stacks/observ.cue b/k8s/stacks/observ.cue index 1037e07..bba3c4c 100644 --- a/k8s/stacks/observ.cue +++ b/k8s/stacks/observ.cue @@ -31,15 +31,5 @@ ObservabilityStack: v1.#Stack & { values: {} } } - // "pixie": pixie.#PixieChart & { - // helm: { - // version: "0.1.6" - // release: "pixie" - // values: { - // clusterName: "ObservTest" - // deployKey: "px-dep-7f20ab42-b199-418f-872b-f5a84378152f" - // } - // } - // } } } \ No newline at end of file diff --git a/k8s/stacks/pixie.cue b/k8s/stacks/pixie.cue index 5acc623..beded64 100644 --- a/k8s/stacks/pixie.cue +++ b/k8s/stacks/pixie.cue @@ -9,12 +9,6 @@ Pixie: v1.#Stack & { components: { "pixie": pixie.#PixieChart & { helm: { - version: "0.1.6" - release: "pixie" - values: { - clusterName: "ObservTest" - deployKey: "px-dep-7f20ab42-b199-418f-872b-f5a84378152f" - } } } } From b9f5680db16c80b13f8fd12c20527a2a869f6948 Mon Sep 17 00:00:00 2001 From: Omar-Ahmed-Dt Date: Sun, 17 Nov 2024 21:33:22 +0200 Subject: [PATCH 14/23] Allow overriding the default values of the charts --- build/prod/terraform/generated.tf.json | 126 ------------------------- k8s/services/grafana/helm-8.5.cue | 4 +- k8s/services/loki/helm-2.10.cue | 4 +- k8s/services/pixie/helm-0.1.cue | 4 +- k8s/stacks/pixie.cue | 3 + 5 files changed, 9 insertions(+), 132 deletions(-) delete mode 100755 build/prod/terraform/generated.tf.json diff --git a/build/prod/terraform/generated.tf.json b/build/prod/terraform/generated.tf.json deleted file mode 100755 index ba6ff17..0000000 --- a/build/prod/terraform/generated.tf.json +++ /dev/null @@ -1,126 +0,0 @@ -{ - "data": { - "azurerm_kubernetes_service_versions": { - "ObservTest": { - "version_prefix": "1.29.", - "location": "East US" - } - } - }, - "provider": { - "azurerm": { - "features": {} - }, - "helm": { - "kubernetes": { - "config_path": "~/.kube/config" - } - } - }, - "terraform": { - "required_providers": { - "azurerm": { - "source": "hashicorp/azurerm", - "version": "3.106.1" - } - } - }, - "resource": { - "azurerm_resource_group": { - "ObservTest-resource-group": { - "name": "k8s-rg", - "location": "East US" - } - }, - "azurerm_kubernetes_cluster": { - "ObservTest": { - "name": "ObservTest", - "location": "East US", - "resource_group_name": "${azurerm_resource_group.ObservTest-resource-group.name}", - "kubernetes_version": "${data.azurerm_kubernetes_service_versions.ObservTest.latest_version}", - "identity": { - "type": "SystemAssigned" - }, - "dns_prefix": "ObservTest", - "default_node_pool": { - "name": "workerpool1", - "vm_size": "Standard_DS2_v2", - "orchestrator_version": "${data.azurerm_kubernetes_service_versions.ObservTest.latest_version}", - "enable_auto_scaling": true, - "tags": { - "name": "workerpool1", - "source": "terraform" - }, - "min_count": 1, - "temporary_name_for_rotation": "temppool1", - "max_count": 3 - } - } - }, - "helm_release": { - "prometheus": { - "name": "prometheus", - "namespace": "monitoring", - "repository": "https://prometheus-community.github.io/helm-charts", - "chart": "prometheus", - "version": "25.26.0", - "timeout": 600, - "atomic": true, - "create_namespace": true, - "values": [ - "rbac:\n create: true\npodSecurityPolicy:\n enabled: false\nimagePullSecrets: []\ncommonMetaLabels: {}\nconfigmapReload:\n reloadUrl: \"\"\n env: []\n prometheus:\n enabled: true\n name: configmap-reload\n image:\n repository: quay.io/prometheus-operator/prometheus-config-reloader\n tag: v0.77.2\n digest: \"\"\n pullPolicy: IfNotPresent\n containerPort: 8080\n containerPortName: metrics\n extraArgs: {}\n extraVolumeDirs: []\n extraVolumeMounts: []\n extraConfigmapMounts: []\n containerSecurityContext: {}\n livenessProbe:\n httpGet:\n path: /healthz\n port: 8080\n scheme: HTTP\n periodSeconds: 10\n initialDelaySeconds: 2\n readinessProbe:\n httpGet:\n path: /healthz\n port: 8080\n scheme: HTTP\n periodSeconds: 10\n startupProbe:\n enabled: false\n httpGet:\n path: /healthz\n port: 8080\n scheme: HTTP\n periodSeconds: 10\n resources: {}\nserver:\n name: server\n image:\n repository: quay.io/prometheus/prometheus\n tag: \"\"\n digest: \"\"\n pullPolicy: IfNotPresent\n global:\n scrape_interval: 1m\n scrape_timeout: 10s\n evaluation_interval: 1m\n resources:\n limits:\n cpu: 500m\n memory: 512Mi\n requests:\n cpu: 500m\n memory: 512Mi\n podSecurityContext: {}\n service:\n enabled: true\n type: ClusterIP\n servicePort: 80\n ingress:\n enabled: false\n annotations: null\n hosts: []\n path: /\n tls: []\n persistentVolume:\n enabled: true\n size: 8Gi\n storageClass: \"\"\n accessModes:\n - ReadWriteOnce\n mountPath: /data\n alertmanager:\n enabled: true\n persistence:\n enabled: true\n size: 2Gi\n kubeStateMetrics:\n enabled: true\n nodeExporter:\n enabled: true\n pushGateway:\n enabled: true\n" - ], - "depends_on": [] - }, - "pixie": { - "name": "pixie", - "namespace": "pl", - "repository": "https://pixie-operator-charts.storage.googleapis.com", - "chart": "pixie-operator-chart", - "version": "0.1.6", - "timeout": 600, - "atomic": true, - "create_namespace": true, - "values": [ - "deployOLM: \"\"\nclusterName: ObservTest\nolmNamespace: olm\nolmOperatorNamespace: px-operator\nolmBundleChannel: stable\nolmCatalogSource:\n annotations: {}\n labels: {}\nvizier:\n name: pixie\n clusterName: ObservTest\n version: \"\"\n deployKey: px-dep-7f20ab42-b199-418f-872b-f5a84378152f\n disableAutoUpdate: false\n useEtcdOperator: false\n cloudAddr: withpixie.ai:443\n devCloudNamespace: plc\n pemMemoryLimit: \"\"\n pemMemoryRequest: \"\"\n dataAccess: Full\n pod:\n annotations: {}\n labels: {}\n resources:\n limits:\n cpu: 500m\n memory: 2Gi\n requests:\n cpu: 100m\n memory: 1Gi\n nodeSelector: {}\n tolerations: []\n" - ], - "depends_on": [] - }, - "loki": { - "name": "loki", - "namespace": "monitoring", - "repository": "https://grafana.github.io/helm-charts", - "chart": "loki-stack", - "version": "2.10.2", - "timeout": 600, - "atomic": true, - "create_namespace": true, - "values": [ - "loki:\n env:\n - name: AWS_ACCESS_KEY_ID\n valueFrom:\n secretKeyRef:\n name: iam-loki-s3\n key: AWS_ACCESS_KEY_ID\n - name: AWS_SECRET_ACCESS_KEY\n valueFrom:\n secretKeyRef:\n name: iam-loki-s3\n key: AWS_SECRET_ACCESS_KEY\n config:\n schema_config:\n configs:\n - from: \"2021-05-12\"\n store: boltdb-shipper\n object_store: s3\n schema: v11\n index:\n prefix: loki_index_\n period: 24h\n storage_config:\n aws:\n s3: s3://us-east-1/observtest\n s3forcepathstyle: true\n bucketnames: observtest\n region: us-east-1\n insecure: false\n sse_encryption: false\n boltdb_shipper:\n shared_store: s3\n cache_ttl: 24h\npromtail:\n enabled: true\n config:\n clients:\n - url: http://loki.monitoring.svc.cluster.local:3100/loki/api/v1/push\n" - ], - "depends_on": [] - }, - "grafana": { - "name": "grafana", - "namespace": "monitoring", - "repository": "https://grafana.github.io/helm-charts", - "chart": "grafana", - "version": "8.5.11", - "timeout": 600, - "atomic": true, - "create_namespace": true, - "values": [ - "global:\n imageRegistry: null\n imagePullSecrets: []\ngrafana:\n enabled: true\n isDefault: true\n readinessProbe:\n httpGet:\n path: /api/health\n port: 3000\n livenessProbe:\n httpGet:\n path: /api/health\n port: 3000\n initialDelaySeconds: 60\n timeoutSeconds: 30\n failureThreshold: 10\n service:\n enabled: true\n type: ClusterIP\n port: 80\n targetPort: 3000\n annotations: {}\n labels: {}\n image:\n registry: docker.io\n repository: grafana/grafana\n tag: latest\n pullPolicy: IfNotPresent\n resources:\n limits:\n cpu: 500m\n memory: 1Gi\n requests:\n cpu: 250m\n memory: 512Mi\n persistence:\n enabled: false\n accessModes:\n - ReadWriteOnce\n size: 10Gi\n nodeSelector: {}\n tolerations: []\n affinity: {}\ndatasources:\n datasources.yaml:\n apiVersion: 1\n datasources:\n - name: Prometheus\n type: prometheus\n url: http://prometheus-server.monitoring.svc.cluster.local:80\n access: proxy\n isDefault: true\n - name: Loki\n type: loki\n url: http://loki.monitoring.svc.cluster.local:3100\n access: proxy\n isDefault: false\nserviceAccount:\n create: true\n name: null\nrbac:\n create: true\n pspEnabled: false\n extraRoleRules: []\n extraClusterRoleRules: []\n" - ], - "depends_on": [] - } - }, - "azurerm_route_table": { - "ObservTest_aks_route_table": { - "name": "ObservTest-aks-route-table", - "location": "East US", - "resource_group_name": "k8s-rg" - } - } - } -} \ No newline at end of file diff --git a/k8s/services/grafana/helm-8.5.cue b/k8s/services/grafana/helm-8.5.cue index 4af62aa..14399d7 100644 --- a/k8s/services/grafana/helm-8.5.cue +++ b/k8s/services/grafana/helm-8.5.cue @@ -6,9 +6,9 @@ import ( ) // Define Helm chart settings -#KubeVersion: [=~"^8\\.5\\.1"]: minor: >=21 +#KubeVersion: [=~"^8\\.5\\.0"]: minor: >=21 -#Values: [=~"^8\\.5\\.1"]: { +#Values: [=~"^8\\.5\\.0"]: { global: { imageRegistry: string | *null diff --git a/k8s/services/loki/helm-2.10.cue b/k8s/services/loki/helm-2.10.cue index 26f88ef..500fae1 100644 --- a/k8s/services/loki/helm-2.10.cue +++ b/k8s/services/loki/helm-2.10.cue @@ -1,7 +1,7 @@ package loki -#KubeVersion: [=~"^2\\.10\\.2"]: minor: >=21 -#Values: [=~"^2\\.10\\.2"]: { +#KubeVersion: [=~"^2\\.10\\.0"]: minor: >=21 +#Values: [=~"^2\\.10\\.0"]: { loki: { env: [ diff --git a/k8s/services/pixie/helm-0.1.cue b/k8s/services/pixie/helm-0.1.cue index 5a16f78..b3ed434 100644 --- a/k8s/services/pixie/helm-0.1.cue +++ b/k8s/services/pixie/helm-0.1.cue @@ -5,8 +5,8 @@ import ( "stakpak.dev/devx/k8s" ) -#KubeVersion: [=~"^0\\.1\\.6"]: minor: >=21 -#Values: [=~"^0\\.1\\.6"]: { +#KubeVersion: [=~"^0\\.1\\."]: minor: >=21 +#Values: [=~"^0\\.1\\."]: { // OLM configuration deployOLM: *"" | string // Optional; defaults to whether OLM is present in the cluster. olmNamespace: *"olm" | string diff --git a/k8s/stacks/pixie.cue b/k8s/stacks/pixie.cue index beded64..7b34a04 100644 --- a/k8s/stacks/pixie.cue +++ b/k8s/stacks/pixie.cue @@ -9,6 +9,9 @@ Pixie: v1.#Stack & { components: { "pixie": pixie.#PixieChart & { helm: { + version: string | *"0.1.6" + release: "pixie" + values: {} } } } From 6c9025b0ba5370348177c7b999b6c01958748ee2 Mon Sep 17 00:00:00 2001 From: Omar-Ahmed-Dt Date: Sun, 17 Nov 2024 21:36:07 +0200 Subject: [PATCH 15/23] Allow overriding the default values of the charts --- k8s/services/grafana/helm-8.5.cue | 4 ++-- k8s/services/loki/helm-2.10.cue | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/k8s/services/grafana/helm-8.5.cue b/k8s/services/grafana/helm-8.5.cue index 14399d7..541de16 100644 --- a/k8s/services/grafana/helm-8.5.cue +++ b/k8s/services/grafana/helm-8.5.cue @@ -6,9 +6,9 @@ import ( ) // Define Helm chart settings -#KubeVersion: [=~"^8\\.5\\.0"]: minor: >=21 +#KubeVersion: [=~"^8\\.5\\."]: minor: >=21 -#Values: [=~"^8\\.5\\.0"]: { +#Values: [=~"^8\\.5\\."]: { global: { imageRegistry: string | *null diff --git a/k8s/services/loki/helm-2.10.cue b/k8s/services/loki/helm-2.10.cue index 500fae1..4f3d69a 100644 --- a/k8s/services/loki/helm-2.10.cue +++ b/k8s/services/loki/helm-2.10.cue @@ -1,7 +1,7 @@ package loki -#KubeVersion: [=~"^2\\.10\\.0"]: minor: >=21 -#Values: [=~"^2\\.10\\.0"]: { +#KubeVersion: [=~"^2\\.10\\."]: minor: >=21 +#Values: [=~"^2\\.10\\."]: { loki: { env: [ From a8bac83928767df4392b553fbd7f1fe1d137d511 Mon Sep 17 00:00:00 2001 From: Omar-Ahmed-Dt Date: Sun, 17 Nov 2024 21:49:28 +0200 Subject: [PATCH 16/23] Create Observ Stack with pixie and another one without pixie and Allow overriding the default values of the charts --- build/prod/terraform/generated.tf.json | 126 +++++++++++++++++++++++++ k8s/stacks/fullobserv.cue | 43 +++++++++ k8s/stacks/observ.cue | 6 +- k8s/stacks/pixie.cue | 18 ---- 4 files changed, 172 insertions(+), 21 deletions(-) create mode 100755 build/prod/terraform/generated.tf.json create mode 100644 k8s/stacks/fullobserv.cue delete mode 100644 k8s/stacks/pixie.cue diff --git a/build/prod/terraform/generated.tf.json b/build/prod/terraform/generated.tf.json new file mode 100755 index 0000000..78e7710 --- /dev/null +++ b/build/prod/terraform/generated.tf.json @@ -0,0 +1,126 @@ +{ + "data": { + "azurerm_kubernetes_service_versions": { + "ObservTest": { + "version_prefix": "1.29.", + "location": "East US" + } + } + }, + "provider": { + "azurerm": { + "features": {} + }, + "helm": { + "kubernetes": { + "config_path": "~/.kube/config" + } + } + }, + "terraform": { + "required_providers": { + "azurerm": { + "source": "hashicorp/azurerm", + "version": "3.106.1" + } + } + }, + "resource": { + "azurerm_resource_group": { + "ObservTest-resource-group": { + "name": "k8s-rg", + "location": "East US" + } + }, + "azurerm_kubernetes_cluster": { + "ObservTest": { + "name": "ObservTest", + "location": "East US", + "resource_group_name": "${azurerm_resource_group.ObservTest-resource-group.name}", + "kubernetes_version": "${data.azurerm_kubernetes_service_versions.ObservTest.latest_version}", + "identity": { + "type": "SystemAssigned" + }, + "dns_prefix": "ObservTest", + "default_node_pool": { + "name": "workerpool1", + "vm_size": "Standard_DS2_v2", + "orchestrator_version": "${data.azurerm_kubernetes_service_versions.ObservTest.latest_version}", + "enable_auto_scaling": true, + "tags": { + "name": "workerpool1", + "source": "terraform" + }, + "min_count": 1, + "temporary_name_for_rotation": "temppool1", + "max_count": 3 + } + } + }, + "helm_release": { + "prometheus": { + "name": "prometheus", + "namespace": "monitoring", + "repository": "https://prometheus-community.github.io/helm-charts", + "chart": "prometheus", + "version": "25.26.0", + "timeout": 600, + "atomic": true, + "create_namespace": true, + "values": [ + "rbac:\n create: true\npodSecurityPolicy:\n enabled: false\nimagePullSecrets: []\ncommonMetaLabels: {}\nconfigmapReload:\n reloadUrl: \"\"\n env: []\n prometheus:\n enabled: true\n name: configmap-reload\n image:\n repository: quay.io/prometheus-operator/prometheus-config-reloader\n tag: v0.77.2\n digest: \"\"\n pullPolicy: IfNotPresent\n containerPort: 8080\n containerPortName: metrics\n extraArgs: {}\n extraVolumeDirs: []\n extraVolumeMounts: []\n extraConfigmapMounts: []\n containerSecurityContext: {}\n livenessProbe:\n httpGet:\n path: /healthz\n port: 8080\n scheme: HTTP\n periodSeconds: 10\n initialDelaySeconds: 2\n readinessProbe:\n httpGet:\n path: /healthz\n port: 8080\n scheme: HTTP\n periodSeconds: 10\n startupProbe:\n enabled: false\n httpGet:\n path: /healthz\n port: 8080\n scheme: HTTP\n periodSeconds: 10\n resources: {}\nserver:\n name: server\n image:\n repository: quay.io/prometheus/prometheus\n tag: \"\"\n digest: \"\"\n pullPolicy: IfNotPresent\n global:\n scrape_interval: 1m\n scrape_timeout: 10s\n evaluation_interval: 1m\n resources:\n limits:\n cpu: 500m\n memory: 512Mi\n requests:\n cpu: 500m\n memory: 512Mi\n podSecurityContext: {}\n service:\n enabled: true\n type: ClusterIP\n servicePort: 80\n ingress:\n enabled: false\n annotations: null\n hosts: []\n path: /\n tls: []\n persistentVolume:\n enabled: true\n size: 8Gi\n storageClass: \"\"\n accessModes:\n - ReadWriteOnce\n mountPath: /data\n alertmanager:\n enabled: true\n persistence:\n enabled: true\n size: 2Gi\n kubeStateMetrics:\n enabled: true\n nodeExporter:\n enabled: true\n pushGateway:\n enabled: true\n" + ], + "depends_on": [] + }, + "pixie": { + "name": "pixie", + "namespace": "pl", + "repository": "https://pixie-operator-charts.storage.googleapis.com", + "chart": "pixie-operator-chart", + "version": "0.1.2", + "timeout": 600, + "atomic": true, + "create_namespace": true, + "values": [ + "deployOLM: \"\"\nclusterName: ObservTest\nolmNamespace: olm\nolmOperatorNamespace: px-operator\nolmBundleChannel: stable\nolmCatalogSource:\n annotations: {}\n labels: {}\nvizier:\n name: pixie\n clusterName: ObservTest\n version: \"\"\n deployKey: px-dep-7f20ab42-b199-418f-872b-f5a84378152f\n disableAutoUpdate: false\n useEtcdOperator: false\n cloudAddr: withpixie.ai:443\n devCloudNamespace: plc\n pemMemoryLimit: \"\"\n pemMemoryRequest: \"\"\n dataAccess: Full\n pod:\n annotations: {}\n labels: {}\n resources:\n limits:\n cpu: 500m\n memory: 2Gi\n requests:\n cpu: 100m\n memory: 1Gi\n nodeSelector: {}\n tolerations: []\n" + ], + "depends_on": [] + }, + "loki": { + "name": "loki", + "namespace": "monitoring", + "repository": "https://grafana.github.io/helm-charts", + "chart": "loki-stack", + "version": "2.10.2", + "timeout": 600, + "atomic": true, + "create_namespace": true, + "values": [ + "loki:\n env:\n - name: AWS_ACCESS_KEY_ID\n valueFrom:\n secretKeyRef:\n name: iam-loki-s3\n key: AWS_ACCESS_KEY_ID\n - name: AWS_SECRET_ACCESS_KEY\n valueFrom:\n secretKeyRef:\n name: iam-loki-s3\n key: AWS_SECRET_ACCESS_KEY\n config:\n schema_config:\n configs:\n - from: \"2021-05-12\"\n store: boltdb-shipper\n object_store: s3\n schema: v11\n index:\n prefix: loki_index_\n period: 24h\n storage_config:\n aws:\n s3: s3://us-east-1/observtest\n s3forcepathstyle: true\n bucketnames: observtest\n region: us-east-1\n insecure: false\n sse_encryption: false\n boltdb_shipper:\n shared_store: s3\n cache_ttl: 24h\npromtail:\n enabled: true\n config:\n clients:\n - url: http://loki.monitoring.svc.cluster.local:3100/loki/api/v1/push\n" + ], + "depends_on": [] + }, + "grafana": { + "name": "grafana", + "namespace": "monitoring", + "repository": "https://grafana.github.io/helm-charts", + "chart": "grafana", + "version": "8.5.11", + "timeout": 600, + "atomic": true, + "create_namespace": true, + "values": [ + "global:\n imageRegistry: null\n imagePullSecrets: []\ngrafana:\n enabled: true\n isDefault: true\n readinessProbe:\n httpGet:\n path: /api/health\n port: 3000\n livenessProbe:\n httpGet:\n path: /api/health\n port: 3000\n initialDelaySeconds: 60\n timeoutSeconds: 30\n failureThreshold: 10\n service:\n enabled: true\n type: ClusterIP\n port: 80\n targetPort: 3000\n annotations: {}\n labels: {}\n image:\n registry: docker.io\n repository: grafana/grafana\n tag: latest\n pullPolicy: IfNotPresent\n resources:\n limits:\n cpu: 500m\n memory: 1Gi\n requests:\n cpu: 250m\n memory: 512Mi\n persistence:\n enabled: false\n accessModes:\n - ReadWriteOnce\n size: 10Gi\n nodeSelector: {}\n tolerations: []\n affinity: {}\ndatasources:\n datasources.yaml:\n apiVersion: 1\n datasources:\n - name: Prometheus\n type: prometheus\n url: http://prometheus-server.monitoring.svc.cluster.local:80\n access: proxy\n isDefault: true\n - name: Loki\n type: loki\n url: http://loki.monitoring.svc.cluster.local:3100\n access: proxy\n isDefault: false\nserviceAccount:\n create: true\n name: null\nrbac:\n create: true\n pspEnabled: false\n extraRoleRules: []\n extraClusterRoleRules: []\n" + ], + "depends_on": [] + } + }, + "azurerm_route_table": { + "ObservTest_aks_route_table": { + "name": "ObservTest-aks-route-table", + "location": "East US", + "resource_group_name": "k8s-rg" + } + } + } +} \ No newline at end of file diff --git a/k8s/stacks/fullobserv.cue b/k8s/stacks/fullobserv.cue new file mode 100644 index 0000000..7d19a38 --- /dev/null +++ b/k8s/stacks/fullobserv.cue @@ -0,0 +1,43 @@ +package stacks + +import ( + "stakpak.dev/devx/v1" + "stakpak.dev/devx/k8s/services/loki" + "stakpak.dev/devx/k8s/services/grafana" + "stakpak.dev/devx/k8s/services/prometheus" + "stakpak.dev/devx/k8s/services/pixie" +) + +FullObservabilityStack: v1.#Stack & { + $metadata: stack: "FullObservabilityStack" + components: { + "loki": loki.#LokiChart & { + helm: { + version: string | *"2.10.2" + release: "loki" + values: {} + } + } + "grafana": grafana.#GrafanaChart & { + helm: { + version: string | *"8.5.11" + release: "grafana" + values: {} + } + } + "prometheus": prometheus.#PrometheusChart & { + helm: { + version: string | *"25.26.0" + release: "prometheus" + values: {} + } + } + "pixie": pixie.#PixieChart & { + helm: { + version: string | *"0.1.6" + release: "pixie" + values: {} + } + } + } +} \ No newline at end of file diff --git a/k8s/stacks/observ.cue b/k8s/stacks/observ.cue index bba3c4c..570e8e7 100644 --- a/k8s/stacks/observ.cue +++ b/k8s/stacks/observ.cue @@ -12,21 +12,21 @@ ObservabilityStack: v1.#Stack & { components: { "loki": loki.#LokiChart & { helm: { - version: "2.10.2" + version: string | *"2.10.2" release: "loki" values: {} } } "grafana": grafana.#GrafanaChart & { helm: { - version: "8.5.11" + version: string | *"8.5.11" release: "grafana" values: {} } } "prometheus": prometheus.#PrometheusChart & { helm: { - version: "25.26.0" + version: string | *"25.26.0" release: "prometheus" values: {} } diff --git a/k8s/stacks/pixie.cue b/k8s/stacks/pixie.cue deleted file mode 100644 index 7b34a04..0000000 --- a/k8s/stacks/pixie.cue +++ /dev/null @@ -1,18 +0,0 @@ -package stacks - -import ( - "stakpak.dev/devx/v1" - "stakpak.dev/devx/k8s/services/pixie" -) -Pixie: v1.#Stack & { - $metadata: stack: "Pixie" - components: { - "pixie": pixie.#PixieChart & { - helm: { - version: string | *"0.1.6" - release: "pixie" - values: {} - } - } - } -} \ No newline at end of file From 3ab6fb07ed5cbf00da0451bc6460f6dad4600c24 Mon Sep 17 00:00:00 2001 From: Omar-Ahmed-Dt Date: Sun, 17 Nov 2024 21:49:50 +0200 Subject: [PATCH 17/23] Create Observ Stack with pixie and another one without pixie and Allow overriding the default values of the charts --- build/prod/terraform/generated.tf.json | 126 ------------------------- 1 file changed, 126 deletions(-) delete mode 100755 build/prod/terraform/generated.tf.json diff --git a/build/prod/terraform/generated.tf.json b/build/prod/terraform/generated.tf.json deleted file mode 100755 index 78e7710..0000000 --- a/build/prod/terraform/generated.tf.json +++ /dev/null @@ -1,126 +0,0 @@ -{ - "data": { - "azurerm_kubernetes_service_versions": { - "ObservTest": { - "version_prefix": "1.29.", - "location": "East US" - } - } - }, - "provider": { - "azurerm": { - "features": {} - }, - "helm": { - "kubernetes": { - "config_path": "~/.kube/config" - } - } - }, - "terraform": { - "required_providers": { - "azurerm": { - "source": "hashicorp/azurerm", - "version": "3.106.1" - } - } - }, - "resource": { - "azurerm_resource_group": { - "ObservTest-resource-group": { - "name": "k8s-rg", - "location": "East US" - } - }, - "azurerm_kubernetes_cluster": { - "ObservTest": { - "name": "ObservTest", - "location": "East US", - "resource_group_name": "${azurerm_resource_group.ObservTest-resource-group.name}", - "kubernetes_version": "${data.azurerm_kubernetes_service_versions.ObservTest.latest_version}", - "identity": { - "type": "SystemAssigned" - }, - "dns_prefix": "ObservTest", - "default_node_pool": { - "name": "workerpool1", - "vm_size": "Standard_DS2_v2", - "orchestrator_version": "${data.azurerm_kubernetes_service_versions.ObservTest.latest_version}", - "enable_auto_scaling": true, - "tags": { - "name": "workerpool1", - "source": "terraform" - }, - "min_count": 1, - "temporary_name_for_rotation": "temppool1", - "max_count": 3 - } - } - }, - "helm_release": { - "prometheus": { - "name": "prometheus", - "namespace": "monitoring", - "repository": "https://prometheus-community.github.io/helm-charts", - "chart": "prometheus", - "version": "25.26.0", - "timeout": 600, - "atomic": true, - "create_namespace": true, - "values": [ - "rbac:\n create: true\npodSecurityPolicy:\n enabled: false\nimagePullSecrets: []\ncommonMetaLabels: {}\nconfigmapReload:\n reloadUrl: \"\"\n env: []\n prometheus:\n enabled: true\n name: configmap-reload\n image:\n repository: quay.io/prometheus-operator/prometheus-config-reloader\n tag: v0.77.2\n digest: \"\"\n pullPolicy: IfNotPresent\n containerPort: 8080\n containerPortName: metrics\n extraArgs: {}\n extraVolumeDirs: []\n extraVolumeMounts: []\n extraConfigmapMounts: []\n containerSecurityContext: {}\n livenessProbe:\n httpGet:\n path: /healthz\n port: 8080\n scheme: HTTP\n periodSeconds: 10\n initialDelaySeconds: 2\n readinessProbe:\n httpGet:\n path: /healthz\n port: 8080\n scheme: HTTP\n periodSeconds: 10\n startupProbe:\n enabled: false\n httpGet:\n path: /healthz\n port: 8080\n scheme: HTTP\n periodSeconds: 10\n resources: {}\nserver:\n name: server\n image:\n repository: quay.io/prometheus/prometheus\n tag: \"\"\n digest: \"\"\n pullPolicy: IfNotPresent\n global:\n scrape_interval: 1m\n scrape_timeout: 10s\n evaluation_interval: 1m\n resources:\n limits:\n cpu: 500m\n memory: 512Mi\n requests:\n cpu: 500m\n memory: 512Mi\n podSecurityContext: {}\n service:\n enabled: true\n type: ClusterIP\n servicePort: 80\n ingress:\n enabled: false\n annotations: null\n hosts: []\n path: /\n tls: []\n persistentVolume:\n enabled: true\n size: 8Gi\n storageClass: \"\"\n accessModes:\n - ReadWriteOnce\n mountPath: /data\n alertmanager:\n enabled: true\n persistence:\n enabled: true\n size: 2Gi\n kubeStateMetrics:\n enabled: true\n nodeExporter:\n enabled: true\n pushGateway:\n enabled: true\n" - ], - "depends_on": [] - }, - "pixie": { - "name": "pixie", - "namespace": "pl", - "repository": "https://pixie-operator-charts.storage.googleapis.com", - "chart": "pixie-operator-chart", - "version": "0.1.2", - "timeout": 600, - "atomic": true, - "create_namespace": true, - "values": [ - "deployOLM: \"\"\nclusterName: ObservTest\nolmNamespace: olm\nolmOperatorNamespace: px-operator\nolmBundleChannel: stable\nolmCatalogSource:\n annotations: {}\n labels: {}\nvizier:\n name: pixie\n clusterName: ObservTest\n version: \"\"\n deployKey: px-dep-7f20ab42-b199-418f-872b-f5a84378152f\n disableAutoUpdate: false\n useEtcdOperator: false\n cloudAddr: withpixie.ai:443\n devCloudNamespace: plc\n pemMemoryLimit: \"\"\n pemMemoryRequest: \"\"\n dataAccess: Full\n pod:\n annotations: {}\n labels: {}\n resources:\n limits:\n cpu: 500m\n memory: 2Gi\n requests:\n cpu: 100m\n memory: 1Gi\n nodeSelector: {}\n tolerations: []\n" - ], - "depends_on": [] - }, - "loki": { - "name": "loki", - "namespace": "monitoring", - "repository": "https://grafana.github.io/helm-charts", - "chart": "loki-stack", - "version": "2.10.2", - "timeout": 600, - "atomic": true, - "create_namespace": true, - "values": [ - "loki:\n env:\n - name: AWS_ACCESS_KEY_ID\n valueFrom:\n secretKeyRef:\n name: iam-loki-s3\n key: AWS_ACCESS_KEY_ID\n - name: AWS_SECRET_ACCESS_KEY\n valueFrom:\n secretKeyRef:\n name: iam-loki-s3\n key: AWS_SECRET_ACCESS_KEY\n config:\n schema_config:\n configs:\n - from: \"2021-05-12\"\n store: boltdb-shipper\n object_store: s3\n schema: v11\n index:\n prefix: loki_index_\n period: 24h\n storage_config:\n aws:\n s3: s3://us-east-1/observtest\n s3forcepathstyle: true\n bucketnames: observtest\n region: us-east-1\n insecure: false\n sse_encryption: false\n boltdb_shipper:\n shared_store: s3\n cache_ttl: 24h\npromtail:\n enabled: true\n config:\n clients:\n - url: http://loki.monitoring.svc.cluster.local:3100/loki/api/v1/push\n" - ], - "depends_on": [] - }, - "grafana": { - "name": "grafana", - "namespace": "monitoring", - "repository": "https://grafana.github.io/helm-charts", - "chart": "grafana", - "version": "8.5.11", - "timeout": 600, - "atomic": true, - "create_namespace": true, - "values": [ - "global:\n imageRegistry: null\n imagePullSecrets: []\ngrafana:\n enabled: true\n isDefault: true\n readinessProbe:\n httpGet:\n path: /api/health\n port: 3000\n livenessProbe:\n httpGet:\n path: /api/health\n port: 3000\n initialDelaySeconds: 60\n timeoutSeconds: 30\n failureThreshold: 10\n service:\n enabled: true\n type: ClusterIP\n port: 80\n targetPort: 3000\n annotations: {}\n labels: {}\n image:\n registry: docker.io\n repository: grafana/grafana\n tag: latest\n pullPolicy: IfNotPresent\n resources:\n limits:\n cpu: 500m\n memory: 1Gi\n requests:\n cpu: 250m\n memory: 512Mi\n persistence:\n enabled: false\n accessModes:\n - ReadWriteOnce\n size: 10Gi\n nodeSelector: {}\n tolerations: []\n affinity: {}\ndatasources:\n datasources.yaml:\n apiVersion: 1\n datasources:\n - name: Prometheus\n type: prometheus\n url: http://prometheus-server.monitoring.svc.cluster.local:80\n access: proxy\n isDefault: true\n - name: Loki\n type: loki\n url: http://loki.monitoring.svc.cluster.local:3100\n access: proxy\n isDefault: false\nserviceAccount:\n create: true\n name: null\nrbac:\n create: true\n pspEnabled: false\n extraRoleRules: []\n extraClusterRoleRules: []\n" - ], - "depends_on": [] - } - }, - "azurerm_route_table": { - "ObservTest_aks_route_table": { - "name": "ObservTest-aks-route-table", - "location": "East US", - "resource_group_name": "k8s-rg" - } - } - } -} \ No newline at end of file From b42cc524c8df87830e163426f33951fb6f9b5eca Mon Sep 17 00:00:00 2001 From: Omar-Ahmed-Dt Date: Sun, 17 Nov 2024 21:56:48 +0200 Subject: [PATCH 18/23] Create Observ Stack with pixie and another one without pixie and Allow overriding the default values of the charts --- k8s/services/prometheus/helm-25.26.cue | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/k8s/services/prometheus/helm-25.26.cue b/k8s/services/prometheus/helm-25.26.cue index 817a982..fcf7012 100644 --- a/k8s/services/prometheus/helm-25.26.cue +++ b/k8s/services/prometheus/helm-25.26.cue @@ -5,8 +5,8 @@ import ( "stakpak.dev/devx/k8s" ) -#KubeVersion: [=~"^25\\.26\\.0"]: minor: >=21 -#Values: [=~"^25\\.26\\.0"]: { +#KubeVersion: [=~"^25\\.26\\."]: minor: >=21 +#Values: [=~"^25\\.26\\."]: { // RBAC settings rbac: create: bool | *true From 8fdeb07ba3f24bbb8bd27425d7a803331c0d3de7 Mon Sep 17 00:00:00 2001 From: Omar-Ahmed-Dt Date: Sun, 17 Nov 2024 22:01:21 +0200 Subject: [PATCH 19/23] Create Observ Stack with pixie and another one without pixie and Allow overriding the default values of the charts --- build/prod/terraform/generated.tf.json | 126 +++++++++++++++++++++++++ k8s/stacks/fullobserv.cue | 4 - k8s/stacks/observ.cue | 3 - 3 files changed, 126 insertions(+), 7 deletions(-) create mode 100755 build/prod/terraform/generated.tf.json diff --git a/build/prod/terraform/generated.tf.json b/build/prod/terraform/generated.tf.json new file mode 100755 index 0000000..78e7710 --- /dev/null +++ b/build/prod/terraform/generated.tf.json @@ -0,0 +1,126 @@ +{ + "data": { + "azurerm_kubernetes_service_versions": { + "ObservTest": { + "version_prefix": "1.29.", + "location": "East US" + } + } + }, + "provider": { + "azurerm": { + "features": {} + }, + "helm": { + "kubernetes": { + "config_path": "~/.kube/config" + } + } + }, + "terraform": { + "required_providers": { + "azurerm": { + "source": "hashicorp/azurerm", + "version": "3.106.1" + } + } + }, + "resource": { + "azurerm_resource_group": { + "ObservTest-resource-group": { + "name": "k8s-rg", + "location": "East US" + } + }, + "azurerm_kubernetes_cluster": { + "ObservTest": { + "name": "ObservTest", + "location": "East US", + "resource_group_name": "${azurerm_resource_group.ObservTest-resource-group.name}", + "kubernetes_version": "${data.azurerm_kubernetes_service_versions.ObservTest.latest_version}", + "identity": { + "type": "SystemAssigned" + }, + "dns_prefix": "ObservTest", + "default_node_pool": { + "name": "workerpool1", + "vm_size": "Standard_DS2_v2", + "orchestrator_version": "${data.azurerm_kubernetes_service_versions.ObservTest.latest_version}", + "enable_auto_scaling": true, + "tags": { + "name": "workerpool1", + "source": "terraform" + }, + "min_count": 1, + "temporary_name_for_rotation": "temppool1", + "max_count": 3 + } + } + }, + "helm_release": { + "prometheus": { + "name": "prometheus", + "namespace": "monitoring", + "repository": "https://prometheus-community.github.io/helm-charts", + "chart": "prometheus", + "version": "25.26.0", + "timeout": 600, + "atomic": true, + "create_namespace": true, + "values": [ + "rbac:\n create: true\npodSecurityPolicy:\n enabled: false\nimagePullSecrets: []\ncommonMetaLabels: {}\nconfigmapReload:\n reloadUrl: \"\"\n env: []\n prometheus:\n enabled: true\n name: configmap-reload\n image:\n repository: quay.io/prometheus-operator/prometheus-config-reloader\n tag: v0.77.2\n digest: \"\"\n pullPolicy: IfNotPresent\n containerPort: 8080\n containerPortName: metrics\n extraArgs: {}\n extraVolumeDirs: []\n extraVolumeMounts: []\n extraConfigmapMounts: []\n containerSecurityContext: {}\n livenessProbe:\n httpGet:\n path: /healthz\n port: 8080\n scheme: HTTP\n periodSeconds: 10\n initialDelaySeconds: 2\n readinessProbe:\n httpGet:\n path: /healthz\n port: 8080\n scheme: HTTP\n periodSeconds: 10\n startupProbe:\n enabled: false\n httpGet:\n path: /healthz\n port: 8080\n scheme: HTTP\n periodSeconds: 10\n resources: {}\nserver:\n name: server\n image:\n repository: quay.io/prometheus/prometheus\n tag: \"\"\n digest: \"\"\n pullPolicy: IfNotPresent\n global:\n scrape_interval: 1m\n scrape_timeout: 10s\n evaluation_interval: 1m\n resources:\n limits:\n cpu: 500m\n memory: 512Mi\n requests:\n cpu: 500m\n memory: 512Mi\n podSecurityContext: {}\n service:\n enabled: true\n type: ClusterIP\n servicePort: 80\n ingress:\n enabled: false\n annotations: null\n hosts: []\n path: /\n tls: []\n persistentVolume:\n enabled: true\n size: 8Gi\n storageClass: \"\"\n accessModes:\n - ReadWriteOnce\n mountPath: /data\n alertmanager:\n enabled: true\n persistence:\n enabled: true\n size: 2Gi\n kubeStateMetrics:\n enabled: true\n nodeExporter:\n enabled: true\n pushGateway:\n enabled: true\n" + ], + "depends_on": [] + }, + "pixie": { + "name": "pixie", + "namespace": "pl", + "repository": "https://pixie-operator-charts.storage.googleapis.com", + "chart": "pixie-operator-chart", + "version": "0.1.2", + "timeout": 600, + "atomic": true, + "create_namespace": true, + "values": [ + "deployOLM: \"\"\nclusterName: ObservTest\nolmNamespace: olm\nolmOperatorNamespace: px-operator\nolmBundleChannel: stable\nolmCatalogSource:\n annotations: {}\n labels: {}\nvizier:\n name: pixie\n clusterName: ObservTest\n version: \"\"\n deployKey: px-dep-7f20ab42-b199-418f-872b-f5a84378152f\n disableAutoUpdate: false\n useEtcdOperator: false\n cloudAddr: withpixie.ai:443\n devCloudNamespace: plc\n pemMemoryLimit: \"\"\n pemMemoryRequest: \"\"\n dataAccess: Full\n pod:\n annotations: {}\n labels: {}\n resources:\n limits:\n cpu: 500m\n memory: 2Gi\n requests:\n cpu: 100m\n memory: 1Gi\n nodeSelector: {}\n tolerations: []\n" + ], + "depends_on": [] + }, + "loki": { + "name": "loki", + "namespace": "monitoring", + "repository": "https://grafana.github.io/helm-charts", + "chart": "loki-stack", + "version": "2.10.2", + "timeout": 600, + "atomic": true, + "create_namespace": true, + "values": [ + "loki:\n env:\n - name: AWS_ACCESS_KEY_ID\n valueFrom:\n secretKeyRef:\n name: iam-loki-s3\n key: AWS_ACCESS_KEY_ID\n - name: AWS_SECRET_ACCESS_KEY\n valueFrom:\n secretKeyRef:\n name: iam-loki-s3\n key: AWS_SECRET_ACCESS_KEY\n config:\n schema_config:\n configs:\n - from: \"2021-05-12\"\n store: boltdb-shipper\n object_store: s3\n schema: v11\n index:\n prefix: loki_index_\n period: 24h\n storage_config:\n aws:\n s3: s3://us-east-1/observtest\n s3forcepathstyle: true\n bucketnames: observtest\n region: us-east-1\n insecure: false\n sse_encryption: false\n boltdb_shipper:\n shared_store: s3\n cache_ttl: 24h\npromtail:\n enabled: true\n config:\n clients:\n - url: http://loki.monitoring.svc.cluster.local:3100/loki/api/v1/push\n" + ], + "depends_on": [] + }, + "grafana": { + "name": "grafana", + "namespace": "monitoring", + "repository": "https://grafana.github.io/helm-charts", + "chart": "grafana", + "version": "8.5.11", + "timeout": 600, + "atomic": true, + "create_namespace": true, + "values": [ + "global:\n imageRegistry: null\n imagePullSecrets: []\ngrafana:\n enabled: true\n isDefault: true\n readinessProbe:\n httpGet:\n path: /api/health\n port: 3000\n livenessProbe:\n httpGet:\n path: /api/health\n port: 3000\n initialDelaySeconds: 60\n timeoutSeconds: 30\n failureThreshold: 10\n service:\n enabled: true\n type: ClusterIP\n port: 80\n targetPort: 3000\n annotations: {}\n labels: {}\n image:\n registry: docker.io\n repository: grafana/grafana\n tag: latest\n pullPolicy: IfNotPresent\n resources:\n limits:\n cpu: 500m\n memory: 1Gi\n requests:\n cpu: 250m\n memory: 512Mi\n persistence:\n enabled: false\n accessModes:\n - ReadWriteOnce\n size: 10Gi\n nodeSelector: {}\n tolerations: []\n affinity: {}\ndatasources:\n datasources.yaml:\n apiVersion: 1\n datasources:\n - name: Prometheus\n type: prometheus\n url: http://prometheus-server.monitoring.svc.cluster.local:80\n access: proxy\n isDefault: true\n - name: Loki\n type: loki\n url: http://loki.monitoring.svc.cluster.local:3100\n access: proxy\n isDefault: false\nserviceAccount:\n create: true\n name: null\nrbac:\n create: true\n pspEnabled: false\n extraRoleRules: []\n extraClusterRoleRules: []\n" + ], + "depends_on": [] + } + }, + "azurerm_route_table": { + "ObservTest_aks_route_table": { + "name": "ObservTest-aks-route-table", + "location": "East US", + "resource_group_name": "k8s-rg" + } + } + } +} \ No newline at end of file diff --git a/k8s/stacks/fullobserv.cue b/k8s/stacks/fullobserv.cue index 7d19a38..8bd514a 100644 --- a/k8s/stacks/fullobserv.cue +++ b/k8s/stacks/fullobserv.cue @@ -13,28 +13,24 @@ FullObservabilityStack: v1.#Stack & { components: { "loki": loki.#LokiChart & { helm: { - version: string | *"2.10.2" release: "loki" values: {} } } "grafana": grafana.#GrafanaChart & { helm: { - version: string | *"8.5.11" release: "grafana" values: {} } } "prometheus": prometheus.#PrometheusChart & { helm: { - version: string | *"25.26.0" release: "prometheus" values: {} } } "pixie": pixie.#PixieChart & { helm: { - version: string | *"0.1.6" release: "pixie" values: {} } diff --git a/k8s/stacks/observ.cue b/k8s/stacks/observ.cue index 570e8e7..02cab68 100644 --- a/k8s/stacks/observ.cue +++ b/k8s/stacks/observ.cue @@ -12,21 +12,18 @@ ObservabilityStack: v1.#Stack & { components: { "loki": loki.#LokiChart & { helm: { - version: string | *"2.10.2" release: "loki" values: {} } } "grafana": grafana.#GrafanaChart & { helm: { - version: string | *"8.5.11" release: "grafana" values: {} } } "prometheus": prometheus.#PrometheusChart & { helm: { - version: string | *"25.26.0" release: "prometheus" values: {} } From e9d8795956e0eceaa44476859d23dd3d7efed2a9 Mon Sep 17 00:00:00 2001 From: Omar-Ahmed-Dt Date: Sun, 17 Nov 2024 22:01:34 +0200 Subject: [PATCH 20/23] Create Observ Stack with pixie and another one without pixie and Allow overriding the default values of the charts --- build/prod/terraform/generated.tf.json | 126 ------------------------- 1 file changed, 126 deletions(-) delete mode 100755 build/prod/terraform/generated.tf.json diff --git a/build/prod/terraform/generated.tf.json b/build/prod/terraform/generated.tf.json deleted file mode 100755 index 78e7710..0000000 --- a/build/prod/terraform/generated.tf.json +++ /dev/null @@ -1,126 +0,0 @@ -{ - "data": { - "azurerm_kubernetes_service_versions": { - "ObservTest": { - "version_prefix": "1.29.", - "location": "East US" - } - } - }, - "provider": { - "azurerm": { - "features": {} - }, - "helm": { - "kubernetes": { - "config_path": "~/.kube/config" - } - } - }, - "terraform": { - "required_providers": { - "azurerm": { - "source": "hashicorp/azurerm", - "version": "3.106.1" - } - } - }, - "resource": { - "azurerm_resource_group": { - "ObservTest-resource-group": { - "name": "k8s-rg", - "location": "East US" - } - }, - "azurerm_kubernetes_cluster": { - "ObservTest": { - "name": "ObservTest", - "location": "East US", - "resource_group_name": "${azurerm_resource_group.ObservTest-resource-group.name}", - "kubernetes_version": "${data.azurerm_kubernetes_service_versions.ObservTest.latest_version}", - "identity": { - "type": "SystemAssigned" - }, - "dns_prefix": "ObservTest", - "default_node_pool": { - "name": "workerpool1", - "vm_size": "Standard_DS2_v2", - "orchestrator_version": "${data.azurerm_kubernetes_service_versions.ObservTest.latest_version}", - "enable_auto_scaling": true, - "tags": { - "name": "workerpool1", - "source": "terraform" - }, - "min_count": 1, - "temporary_name_for_rotation": "temppool1", - "max_count": 3 - } - } - }, - "helm_release": { - "prometheus": { - "name": "prometheus", - "namespace": "monitoring", - "repository": "https://prometheus-community.github.io/helm-charts", - "chart": "prometheus", - "version": "25.26.0", - "timeout": 600, - "atomic": true, - "create_namespace": true, - "values": [ - "rbac:\n create: true\npodSecurityPolicy:\n enabled: false\nimagePullSecrets: []\ncommonMetaLabels: {}\nconfigmapReload:\n reloadUrl: \"\"\n env: []\n prometheus:\n enabled: true\n name: configmap-reload\n image:\n repository: quay.io/prometheus-operator/prometheus-config-reloader\n tag: v0.77.2\n digest: \"\"\n pullPolicy: IfNotPresent\n containerPort: 8080\n containerPortName: metrics\n extraArgs: {}\n extraVolumeDirs: []\n extraVolumeMounts: []\n extraConfigmapMounts: []\n containerSecurityContext: {}\n livenessProbe:\n httpGet:\n path: /healthz\n port: 8080\n scheme: HTTP\n periodSeconds: 10\n initialDelaySeconds: 2\n readinessProbe:\n httpGet:\n path: /healthz\n port: 8080\n scheme: HTTP\n periodSeconds: 10\n startupProbe:\n enabled: false\n httpGet:\n path: /healthz\n port: 8080\n scheme: HTTP\n periodSeconds: 10\n resources: {}\nserver:\n name: server\n image:\n repository: quay.io/prometheus/prometheus\n tag: \"\"\n digest: \"\"\n pullPolicy: IfNotPresent\n global:\n scrape_interval: 1m\n scrape_timeout: 10s\n evaluation_interval: 1m\n resources:\n limits:\n cpu: 500m\n memory: 512Mi\n requests:\n cpu: 500m\n memory: 512Mi\n podSecurityContext: {}\n service:\n enabled: true\n type: ClusterIP\n servicePort: 80\n ingress:\n enabled: false\n annotations: null\n hosts: []\n path: /\n tls: []\n persistentVolume:\n enabled: true\n size: 8Gi\n storageClass: \"\"\n accessModes:\n - ReadWriteOnce\n mountPath: /data\n alertmanager:\n enabled: true\n persistence:\n enabled: true\n size: 2Gi\n kubeStateMetrics:\n enabled: true\n nodeExporter:\n enabled: true\n pushGateway:\n enabled: true\n" - ], - "depends_on": [] - }, - "pixie": { - "name": "pixie", - "namespace": "pl", - "repository": "https://pixie-operator-charts.storage.googleapis.com", - "chart": "pixie-operator-chart", - "version": "0.1.2", - "timeout": 600, - "atomic": true, - "create_namespace": true, - "values": [ - "deployOLM: \"\"\nclusterName: ObservTest\nolmNamespace: olm\nolmOperatorNamespace: px-operator\nolmBundleChannel: stable\nolmCatalogSource:\n annotations: {}\n labels: {}\nvizier:\n name: pixie\n clusterName: ObservTest\n version: \"\"\n deployKey: px-dep-7f20ab42-b199-418f-872b-f5a84378152f\n disableAutoUpdate: false\n useEtcdOperator: false\n cloudAddr: withpixie.ai:443\n devCloudNamespace: plc\n pemMemoryLimit: \"\"\n pemMemoryRequest: \"\"\n dataAccess: Full\n pod:\n annotations: {}\n labels: {}\n resources:\n limits:\n cpu: 500m\n memory: 2Gi\n requests:\n cpu: 100m\n memory: 1Gi\n nodeSelector: {}\n tolerations: []\n" - ], - "depends_on": [] - }, - "loki": { - "name": "loki", - "namespace": "monitoring", - "repository": "https://grafana.github.io/helm-charts", - "chart": "loki-stack", - "version": "2.10.2", - "timeout": 600, - "atomic": true, - "create_namespace": true, - "values": [ - "loki:\n env:\n - name: AWS_ACCESS_KEY_ID\n valueFrom:\n secretKeyRef:\n name: iam-loki-s3\n key: AWS_ACCESS_KEY_ID\n - name: AWS_SECRET_ACCESS_KEY\n valueFrom:\n secretKeyRef:\n name: iam-loki-s3\n key: AWS_SECRET_ACCESS_KEY\n config:\n schema_config:\n configs:\n - from: \"2021-05-12\"\n store: boltdb-shipper\n object_store: s3\n schema: v11\n index:\n prefix: loki_index_\n period: 24h\n storage_config:\n aws:\n s3: s3://us-east-1/observtest\n s3forcepathstyle: true\n bucketnames: observtest\n region: us-east-1\n insecure: false\n sse_encryption: false\n boltdb_shipper:\n shared_store: s3\n cache_ttl: 24h\npromtail:\n enabled: true\n config:\n clients:\n - url: http://loki.monitoring.svc.cluster.local:3100/loki/api/v1/push\n" - ], - "depends_on": [] - }, - "grafana": { - "name": "grafana", - "namespace": "monitoring", - "repository": "https://grafana.github.io/helm-charts", - "chart": "grafana", - "version": "8.5.11", - "timeout": 600, - "atomic": true, - "create_namespace": true, - "values": [ - "global:\n imageRegistry: null\n imagePullSecrets: []\ngrafana:\n enabled: true\n isDefault: true\n readinessProbe:\n httpGet:\n path: /api/health\n port: 3000\n livenessProbe:\n httpGet:\n path: /api/health\n port: 3000\n initialDelaySeconds: 60\n timeoutSeconds: 30\n failureThreshold: 10\n service:\n enabled: true\n type: ClusterIP\n port: 80\n targetPort: 3000\n annotations: {}\n labels: {}\n image:\n registry: docker.io\n repository: grafana/grafana\n tag: latest\n pullPolicy: IfNotPresent\n resources:\n limits:\n cpu: 500m\n memory: 1Gi\n requests:\n cpu: 250m\n memory: 512Mi\n persistence:\n enabled: false\n accessModes:\n - ReadWriteOnce\n size: 10Gi\n nodeSelector: {}\n tolerations: []\n affinity: {}\ndatasources:\n datasources.yaml:\n apiVersion: 1\n datasources:\n - name: Prometheus\n type: prometheus\n url: http://prometheus-server.monitoring.svc.cluster.local:80\n access: proxy\n isDefault: true\n - name: Loki\n type: loki\n url: http://loki.monitoring.svc.cluster.local:3100\n access: proxy\n isDefault: false\nserviceAccount:\n create: true\n name: null\nrbac:\n create: true\n pspEnabled: false\n extraRoleRules: []\n extraClusterRoleRules: []\n" - ], - "depends_on": [] - } - }, - "azurerm_route_table": { - "ObservTest_aks_route_table": { - "name": "ObservTest-aks-route-table", - "location": "East US", - "resource_group_name": "k8s-rg" - } - } - } -} \ No newline at end of file From 17dd8568f8bfa6d1d0347406b9539c4cd69ff90a Mon Sep 17 00:00:00 2001 From: Omar-Ahmed-Dt Date: Sun, 17 Nov 2024 22:39:36 +0200 Subject: [PATCH 21/23] remove grafana values --- k8s/services/grafana/helm-8.5.cue | 42 +++++++++++++++---------------- k8s/services/prometheus/helm.cue | 2 +- k8s/stacks/fullobserv.cue | 4 ++- 3 files changed, 25 insertions(+), 23 deletions(-) diff --git a/k8s/services/grafana/helm-8.5.cue b/k8s/services/grafana/helm-8.5.cue index 541de16..79e6e69 100644 --- a/k8s/services/grafana/helm-8.5.cue +++ b/k8s/services/grafana/helm-8.5.cue @@ -80,27 +80,27 @@ import ( } // Datasources for Grafana - datasources: { - "datasources.yaml": { - apiVersion: 1 - datasources: [ - { - name: "Prometheus" - type: "prometheus" - url: "http://prometheus-server.monitoring.svc.cluster.local:80" - access: "proxy" - isDefault: true - }, - { - name: "Loki" - type: "loki" - url: "http://loki.monitoring.svc.cluster.local:3100" - access: "proxy" - isDefault: false - }, - ] - } - } + // datasources: { + // "datasources.yaml": { + // apiVersion: 1 + // datasources: [ + // { + // name: "Prometheus" + // type: "prometheus" + // url: string | *"http://prometheus-server.monitoring.svc.cluster.local:80" + // access: "proxy" + // isDefault: true + // }, + // { + // name: "Loki" + // type: "loki" + // url: string | *"http://loki.monitoring.svc.cluster.local:3100" + // access: "proxy" + // isDefault: false + // }, + // ] + // } + // } // Service account and RBAC serviceAccount: { diff --git a/k8s/services/prometheus/helm.cue b/k8s/services/prometheus/helm.cue index 2005659..121f12a 100644 --- a/k8s/services/prometheus/helm.cue +++ b/k8s/services/prometheus/helm.cue @@ -19,7 +19,7 @@ import ( version: string | *"25.26.0" namespace: string | *"monitoring" - release: string + release: string values: (v1.getMatch & { match: version diff --git a/k8s/stacks/fullobserv.cue b/k8s/stacks/fullobserv.cue index 8bd514a..729e8ee 100644 --- a/k8s/stacks/fullobserv.cue +++ b/k8s/stacks/fullobserv.cue @@ -20,12 +20,14 @@ FullObservabilityStack: v1.#Stack & { "grafana": grafana.#GrafanaChart & { helm: { release: "grafana" - values: {} + values: { + } } } "prometheus": prometheus.#PrometheusChart & { helm: { release: "prometheus" + namespace: "monitoring" values: {} } } From bad1deca154bb007b5b4f576caf6e6b1b54d9518 Mon Sep 17 00:00:00 2001 From: Omar-Ahmed-Dt Date: Tue, 19 Nov 2024 21:46:54 +0200 Subject: [PATCH 22/23] add schema for grafana --- k8s/services/grafana/helm-8.5.cue | 2 -- k8s/services/grafana/resources/resources.cue | 14 ++++++++++++++ 2 files changed, 14 insertions(+), 2 deletions(-) create mode 100644 k8s/services/grafana/resources/resources.cue diff --git a/k8s/services/grafana/helm-8.5.cue b/k8s/services/grafana/helm-8.5.cue index 79e6e69..f12f745 100644 --- a/k8s/services/grafana/helm-8.5.cue +++ b/k8s/services/grafana/helm-8.5.cue @@ -78,7 +78,6 @@ import ( tolerations: [...v1.#Toleration] affinity: v1.#Affinity } - // Datasources for Grafana // datasources: { // "datasources.yaml": { @@ -101,7 +100,6 @@ import ( // ] // } // } - // Service account and RBAC serviceAccount: { create: bool | *true diff --git a/k8s/services/grafana/resources/resources.cue b/k8s/services/grafana/resources/resources.cue new file mode 100644 index 0000000..4660682 --- /dev/null +++ b/k8s/services/grafana/resources/resources.cue @@ -0,0 +1,14 @@ +package resources + +#GrafanaDataSource: { + "datasources.yaml": { + apiVersion: 1 + datasources: [...{ + name: string + type: string + url: string + access: "proxy" + isDefault: bool | *false + }] + } +} \ No newline at end of file From 721165fb5d83b41dcac6b27c047bc53f27d32c25 Mon Sep 17 00:00:00 2001 From: Omar-Ahmed-Dt Date: Wed, 20 Nov 2024 21:44:48 +0200 Subject: [PATCH 23/23] add schema for loki --- k8s/services/grafana/helm-8.5.cue | 22 ------------- k8s/services/loki/helm-2.10.cue | 32 +----------------- k8s/services/loki/resources/resources.cue | 40 +++++++++++++++++++++++ k8s/stacks/fullobserv.cue | 4 +-- 4 files changed, 42 insertions(+), 56 deletions(-) create mode 100644 k8s/services/loki/resources/resources.cue diff --git a/k8s/services/grafana/helm-8.5.cue b/k8s/services/grafana/helm-8.5.cue index f12f745..9e933b5 100644 --- a/k8s/services/grafana/helm-8.5.cue +++ b/k8s/services/grafana/helm-8.5.cue @@ -78,28 +78,6 @@ import ( tolerations: [...v1.#Toleration] affinity: v1.#Affinity } - // Datasources for Grafana - // datasources: { - // "datasources.yaml": { - // apiVersion: 1 - // datasources: [ - // { - // name: "Prometheus" - // type: "prometheus" - // url: string | *"http://prometheus-server.monitoring.svc.cluster.local:80" - // access: "proxy" - // isDefault: true - // }, - // { - // name: "Loki" - // type: "loki" - // url: string | *"http://loki.monitoring.svc.cluster.local:3100" - // access: "proxy" - // isDefault: false - // }, - // ] - // } - // } // Service account and RBAC serviceAccount: { create: bool | *true diff --git a/k8s/services/loki/helm-2.10.cue b/k8s/services/loki/helm-2.10.cue index 4f3d69a..89bd755 100644 --- a/k8s/services/loki/helm-2.10.cue +++ b/k8s/services/loki/helm-2.10.cue @@ -24,39 +24,9 @@ package loki } } ] - - config: { - schema_config: { - configs: [{ - from: *"2021-05-12" | string - store: *"boltdb-shipper" | string - object_store: *"s3" | string - schema: *"v11" | string - index: { - prefix: *"loki_index_" | string - period: *"24h" | string - } - }] - } - - storage_config: { - aws: { - s3: *"s3://us-east-1/observtest" | string - s3forcepathstyle: *true | bool - bucketnames: *"observtest" | string - region: *"us-east-1" | string - insecure: *false | bool - sse_encryption: *false | bool - } - boltdb_shipper: { - shared_store: *"s3" | string - cache_ttl: *"24h" | string - } - } - } + ... } - promtail: { enabled: *true | bool config: { diff --git a/k8s/services/loki/resources/resources.cue b/k8s/services/loki/resources/resources.cue new file mode 100644 index 0000000..281f1ea --- /dev/null +++ b/k8s/services/loki/resources/resources.cue @@ -0,0 +1,40 @@ +package resources + +#LokiStorageConfig: { + schema_config: { + configs: [{ + from: *"2021-05-12" | string + store: *"boltdb-shipper" | string + object_store: *"s3" | string + schema: *"v11" | string + index: { + prefix: *"loki_index_" | string + period: *"24h" | string + } + }] + } + + storage_config: { + aws: { + s3: *"s3://us-east-1/observtest" | string + s3forcepathstyle: *true | bool + bucketnames: *"observtest" | string + region: *"us-east-1" | string + insecure: *false | bool + sse_encryption: *false | bool + } + boltdb_shipper: { + shared_store: *"s3" | string + cache_ttl: *"24h" | string + } + } + } + +#Promtail: { + enabled: *true | bool + config: { + clients: [{ + url: *"http://loki.monitoring.svc.cluster.local:3100/loki/api/v1/push" | string + }] + } +} \ No newline at end of file diff --git a/k8s/stacks/fullobserv.cue b/k8s/stacks/fullobserv.cue index 729e8ee..8bd514a 100644 --- a/k8s/stacks/fullobserv.cue +++ b/k8s/stacks/fullobserv.cue @@ -20,14 +20,12 @@ FullObservabilityStack: v1.#Stack & { "grafana": grafana.#GrafanaChart & { helm: { release: "grafana" - values: { - } + values: {} } } "prometheus": prometheus.#PrometheusChart & { helm: { release: "prometheus" - namespace: "monitoring" values: {} } }