--- k8s_prometheus_helm__name: "prometheus" k8s_prometheus_helm__release_namespace: "monitoring" k8s_argocd_helm__name: "argo-cd" k8s_argocd_helm__release_namespace: "argo-cd" # https://github.com/grafana/helm-charts # https://github.com/prometheus-community/helm-charts k8s_prometheus_helm__release_values: prometheus: ingress: enabled: true annotations: cert-manager.io/cluster-issuer: letsencrypt-prod cert-manager.io/issue-temporary-certificate: "true" kubernetes.io/ingress.class: nginx nginx.ingress.kubernetes.io/ssl-redirect: "false" nginx.ingress.kubernetes.io/whitelist-source-range: "{{ ip_whitelist | join(',') }}" hosts: - "{{ stage }}-kube-prometheus.{{ domain }}" tls: - secretName: "{{ stage }}-kube-prometheus-cert" hosts: - "{{ stage }}-kube-prometheus.{{ domain }}" prometheusSpec: # TODO Using PersistentVolumeClaim storageSpec: {} deploymentStrategy: type: Recreate alertmanager: ingress: enabled: true annotations: cert-manager.io/cluster-issuer: letsencrypt-prod cert-manager.io/issue-temporary-certificate: "true" kubernetes.io/ingress.class: nginx nginx.ingress.kubernetes.io/ssl-redirect: "false" nginx.ingress.kubernetes.io/whitelist-source-range: "{{ ip_whitelist | join(',') }}" hosts: - "{{ stage }}-kube-alertmanager.{{ domain }}" tls: - secretName: "{{ stage }}-kube-alertmanager-cert" hosts: - "{{ stage }}-kube-alertmanager.{{ domain }}" deploymentStrategy: type: Recreate grafana: adminUser: "{{ grafana_admin_username }}" adminPassword: "{{ grafana_admin_password }}" ingress: enabled: true annotations: cert-manager.io/cluster-issuer: letsencrypt-prod cert-manager.io/issue-temporary-certificate: "true" kubernetes.io/ingress.class: nginx nginx.ingress.kubernetes.io/ssl-redirect: "false" nginx.ingress.kubernetes.io/whitelist-source-range: "{{ ip_whitelist | join(',') }}" hosts: - "{{ stage }}-kube-grafana.{{ domain }}" tls: - secretName: "{{ stage }}-kube-grafana-cert" hosts: - "{{ stage }}-kube-grafana.{{ domain }}" persistence: enabled: true size: 10Gi deploymentStrategy: type: Recreate kubeControllerManager: service: port: 10257 targetPort: 10257 serviceMonitor: https: true insecureSkipVerify: true # https://github.com/argoproj/argo-helm/tree/master/charts/argo-cd k8s_argocd_helm__release_values: global: hostAliases: - ip: "{{ shared_service_docker_ip }}" hostnames: - "{{ shared_service_docker_registry_hostname }}" - ip: "{{ shared_service_keycloak_ip }}" hostnames: - "{{ shared_service_keycloak_hostname }}" - ip: "{{ shared_service_gitea_ip }}" hostnames: - "{{ shared_service_gitea_hostname }}" controller: metrics: enabled: true serviceMonitor: enabled: true namespace: "{{ k8s_argocd_helm__release_namespace }}" additionalLabels: release: "{{ k8s_prometheus_helm__name }}" repoServer: metrics: enabled: true serviceMonitor: enabled: true namespace: "{{ k8s_argocd_helm__release_namespace }}" additionalLabels: release: "{{ k8s_prometheus_helm__name }}" server: metrics: enabled: true serviceMonitor: enabled: true namespace: "{{ k8s_argocd_helm__release_namespace }}" additionalLabels: release: "{{ k8s_prometheus_helm__name }}" ingress: enabled: true annotations: cert-manager.io/cluster-issuer: letsencrypt-prod cert-manager.io/issue-temporary-certificate: "true" kubernetes.io/ingress.class: nginx nginx.ingress.kubernetes.io/whitelist-source-range: "{{ ip_whitelist | join(',') }}" nginx.ingress.kubernetes.io/force-ssl-redirect: "true" nginx.ingress.kubernetes.io/ssl-passthrough: "true" nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" hosts: - "{{ stage }}-kube-argocd.{{ domain }}" tls: - secretName: "{{ stage }}-kube-argocd-cert" hosts: - "{{ stage }}-kube-argocd.{{ domain }}" dex: metrics: enabled: true serviceMonitor: enabled: true namespace: "{{ k8s_argocd_helm__release_namespace }}" additionalLabels: release: "{{ k8s_prometheus_helm__name }}" redis: metrics: enabled: true serviceMonitor: enabled: true namespace: "{{ k8s_argocd_helm__release_namespace }}" additionalLabels: release: "{{ k8s_prometheus_helm__name }}"