gitea-admin
/
hetzner-ansible
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
prodnso
main
qa
feature/DEV-655
feature/SC-124
feature/SC-55
feature/DEV-470_2nd
feature/DEV-380_2nd
feature/DEV-380
master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '123d1dd917'
${ noResults }
hetzner-ansible/roles/kubernetes/apps/defaults/main.yml

148 lines
4.8 KiB
YAML
Raw Blame History

---
k8s_prometheus_helm__name: "prometheus"
k8s_prometheus_helm__release_namespace: "monitoring"
k8s_argocd_helm__name: "argo-cd"
k8s_argocd_helm__release_namespace: "argo-cd"
# https://github.com/grafana/helm-charts
# https://github.com/prometheus-community/helm-charts
k8s_prometheus_helm__release_values:
prometheus:
ingress:
enabled: true
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
cert-manager.io/issue-temporary-certificate: "true"
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/ssl-redirect: "false"
nginx.ingress.kubernetes.io/whitelist-source-range: "{{ ip_whitelist | join(',') }}"
hosts:
- "{{ stage }}-kube-prometheus.{{ domain }}"
tls:
- secretName: "{{ stage }}-kube-prometheus-cert"
hosts:
- "{{ stage }}-kube-prometheus.{{ domain }}"
prometheusSpec:
# TODO Using PersistentVolumeClaim
storageSpec: {}
deploymentStrategy:
type: Recreate
alertmanager:
ingress:
enabled: true
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
cert-manager.io/issue-temporary-certificate: "true"
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/ssl-redirect: "false"
nginx.ingress.kubernetes.io/whitelist-source-range: "{{ ip_whitelist | join(',') }}"
hosts:
- "{{ stage }}-kube-alertmanager.{{ domain }}"
tls:
- secretName: "{{ stage }}-kube-alertmanager-cert"
hosts:
- "{{ stage }}-kube-alertmanager.{{ domain }}"
deploymentStrategy:
type: Recreate
grafana:
adminUser: "{{ grafana_admin_username }}"
adminPassword: "{{ grafana_admin_password }}"
ingress:
enabled: true
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
cert-manager.io/issue-temporary-certificate: "true"
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/ssl-redirect: "false"
nginx.ingress.kubernetes.io/whitelist-source-range: "{{ ip_whitelist | join(',') }}"
hosts:
- "{{ stage }}-kube-grafana.{{ domain }}"
tls:
- secretName: "{{ stage }}-kube-grafana-cert"
hosts:
- "{{ stage }}-kube-grafana.{{ domain }}"
persistence:
enabled: true
size: 10Gi
deploymentStrategy:
type: Recreate
kubeControllerManager:
service:
port: 10257
targetPort: 10257
serviceMonitor:
https: true
insecureSkipVerify: true
# https://github.com/argoproj/argo-helm/tree/master/charts/argo-cd
k8s_argocd_helm__release_values:
global:
hostAliases:
- ip: "{{ shared_service_docker_ip }}"
hostnames:
- "{{ shared_service_docker_registry_hostname }}"
- ip: "{{ shared_service_keycloak_ip }}"
hostnames:
- "{{ shared_service_keycloak_hostname }}"
- ip: "{{ shared_service_gitea_ip }}"
hostnames:
- "{{ shared_service_gitea_hostname }}"
controller:
metrics:
enabled: true
serviceMonitor:
enabled: true
namespace: "{{ k8s_argocd_helm__release_namespace }}"
additionalLabels:
release: "{{ k8s_prometheus_helm__name }}"
repoServer:
metrics:
enabled: true
serviceMonitor:
enabled: true
namespace: "{{ k8s_argocd_helm__release_namespace }}"
additionalLabels:
release: "{{ k8s_prometheus_helm__name }}"
server:
metrics:
enabled: true
serviceMonitor:
enabled: true
namespace: "{{ k8s_argocd_helm__release_namespace }}"
additionalLabels:
release: "{{ k8s_prometheus_helm__name }}"
ingress:
enabled: true
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
cert-manager.io/issue-temporary-certificate: "true"
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/whitelist-source-range: "{{ ip_whitelist | join(',') }}"
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/ssl-passthrough: "true"
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
hosts:
- "{{ stage }}-kube-argocd.{{ domain }}"
tls:
- secretName: "{{ stage }}-kube-argocd-cert"
hosts:
- "{{ stage }}-kube-argocd.{{ domain }}"
dex:
metrics:
enabled: true
serviceMonitor:
enabled: true
namespace: "{{ k8s_argocd_helm__release_namespace }}"
additionalLabels:
release: "{{ k8s_prometheus_helm__name }}"
redis:
metrics:
enabled: true
serviceMonitor:
enabled: true
namespace: "{{ k8s_argocd_helm__release_namespace }}"
additionalLabels:
release: "{{ k8s_prometheus_helm__name }}"
Reference in New Issue View Git Blame Copy Permalink