diff --git a/contexts/local/blueprint.yaml b/contexts/local/blueprint.yaml index f7096a8b..ba820922 100644 --- a/contexts/local/blueprint.yaml +++ b/contexts/local/blueprint.yaml @@ -98,18 +98,3 @@ kustomize: force: true components: - ingress -- name: telemetry-base - path: telemetry/base - source: core - components: - - prometheus - - prometheus/flux -- name: telemetry-resources - path: telemetry/resources - source: core - dependsOn: - - telemetry-base - components: - - metrics-server - - prometheus - - prometheus/flux diff --git a/contexts/local/terraform/cluster/talos.tfvars b/contexts/local/terraform/cluster/talos.tfvars index 22e94f66..f81ee3d0 100644 --- a/contexts/local/terraform/cluster/talos.tfvars +++ b/contexts/local/terraform/cluster/talos.tfvars @@ -1,5 +1,5 @@ // Managed by Windsor CLI: This file is partially managed by the windsor CLI. Your changes will not be overwritten. -// Module source: github.com/windsorcli/core//terraform/cluster/talos?ref=main +// Module source: github.com/windsorcli/core//terraform/cluster/talos?ref=v0.2.0 // The external controlplane API endpoint of the kubernetes API cluster_endpoint = "https://127.0.0.1:6443" @@ -25,4 +25,4 @@ workers = [{ endpoint = "127.0.0.1:50001" hostname = "worker-1.test" node = "127.0.0.1" -}] +}] \ No newline at end of file diff --git a/kustomize/observability/grafana/flux/kustomization.yaml b/kustomize/observability/grafana/flux/kustomization.yaml new file mode 100644 index 00000000..23eec4af --- /dev/null +++ b/kustomize/observability/grafana/flux/kustomization.yaml @@ -0,0 +1,11 @@ +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component +patches: + - path: patches/helm-release.yaml + - target: + group: helm.toolkit.fluxcd.io + version: v2 + kind: HelmRelease + name: grafana + namespace: system-observability + path: patches/patch.json diff --git a/kustomize/observability/grafana/flux/patches/helm-release.yaml b/kustomize/observability/grafana/flux/patches/helm-release.yaml new file mode 100644 index 00000000..0d6e8f4c --- /dev/null +++ b/kustomize/observability/grafana/flux/patches/helm-release.yaml @@ -0,0 +1,15 @@ +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: grafana + namespace: system-observability +spec: + values: + dashboards: + grafana-dashboards-flux: + control-plane: + url: https://raw.githubusercontent.com/fluxcd/flux2-monitoring-example/b99583d3614af7f69ec04214e813eb0364244cc3/monitoring/configs/dashboards/control-plane.json + token: '' + cluster: + url: https://raw.githubusercontent.com/fluxcd/flux2-monitoring-example/b99583d3614af7f69ec04214e813eb0364244cc3/monitoring/configs/dashboards/cluster.json + token: '' diff --git a/kustomize/observability/grafana/flux/patches/patch.json b/kustomize/observability/grafana/flux/patches/patch.json new file mode 100644 index 00000000..9f801c21 --- /dev/null +++ b/kustomize/observability/grafana/flux/patches/patch.json @@ -0,0 +1,17 @@ +[ + { + "op": "add", + "path": "/spec/values/dashboardProviders/dashboardproviders.yaml/providers/-", + "value": { + "name": "grafana-dashboards-flux", + "orgId": 1, + "folder": "Flux", + "type": "file", + "disableDeletion": true, + "editable": false, + "options": { + "path": "/var/lib/grafana/dashboards/grafana-dashboards-flux" + } + } + } +] diff --git a/kustomize/observability/grafana/helm-release.yaml b/kustomize/observability/grafana/helm-release.yaml new file mode 100644 index 00000000..f5ad487d --- /dev/null +++ b/kustomize/observability/grafana/helm-release.yaml @@ -0,0 +1,29 @@ +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: grafana + namespace: system-observability +spec: + interval: 5m + timeout: 10m + dependsOn: [] + chart: + spec: + chart: grafana + # renovate: datasource=helm depName=grafana package=grafana helmRepo=https://grafana.github.io/helm-charts + version: 8.5.11 + sourceRef: + kind: HelmRepository + name: grafana + namespace: system-gitops + values: + dashboardProviders: + dashboardproviders.yaml: + apiVersion: 1 + providers: [] + dashboards: {} + plugins: [] + datasources: + datasources.yaml: + apiVersion: 1 + datasources: [] diff --git a/kustomize/observability/grafana/helm-repository.yaml b/kustomize/observability/grafana/helm-repository.yaml new file mode 100644 index 00000000..7b8f525d --- /dev/null +++ b/kustomize/observability/grafana/helm-repository.yaml @@ -0,0 +1,9 @@ +apiVersion: source.toolkit.fluxcd.io/v1beta1 +kind: HelmRepository +metadata: + name: grafana + namespace: system-gitops +spec: + interval: 10m + timeout: 5m + url: https://grafana.github.io/helm-charts diff --git a/kustomize/observability/grafana/ingress/ingress.yaml b/kustomize/observability/grafana/ingress/ingress.yaml new file mode 100644 index 00000000..98cade32 --- /dev/null +++ b/kustomize/observability/grafana/ingress/ingress.yaml @@ -0,0 +1,17 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: grafana + namespace: system-observability +spec: + rules: + - host: grafana.${DOMAIN} + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: grafana + port: + number: 80 diff --git a/kustomize/observability/grafana/ingress/kustomization.yaml b/kustomize/observability/grafana/ingress/kustomization.yaml new file mode 100644 index 00000000..fb710323 --- /dev/null +++ b/kustomize/observability/grafana/ingress/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component +resources: + - ingress.yaml diff --git a/kustomize/observability/grafana/kubernetes/kustomization.yaml b/kustomize/observability/grafana/kubernetes/kustomization.yaml new file mode 100644 index 00000000..23eec4af --- /dev/null +++ b/kustomize/observability/grafana/kubernetes/kustomization.yaml @@ -0,0 +1,11 @@ +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component +patches: + - path: patches/helm-release.yaml + - target: + group: helm.toolkit.fluxcd.io + version: v2 + kind: HelmRelease + name: grafana + namespace: system-observability + path: patches/patch.json diff --git a/kustomize/observability/grafana/kubernetes/patches/helm-release.yaml b/kustomize/observability/grafana/kubernetes/patches/helm-release.yaml new file mode 100644 index 00000000..8bdd79ca --- /dev/null +++ b/kustomize/observability/grafana/kubernetes/patches/helm-release.yaml @@ -0,0 +1,27 @@ +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: grafana + namespace: system-observability +spec: + values: + dashboards: + grafana-dashboards-kubernetes: + k8s-system-api-server: + url: https://raw.githubusercontent.com/dotdc/grafana-dashboards-kubernetes/master/dashboards/k8s-system-api-server.json + token: '' + k8s-system-coredns: + url: https://raw.githubusercontent.com/dotdc/grafana-dashboards-kubernetes/master/dashboards/k8s-system-coredns.json + token: '' + k8s-views-global: + url: https://raw.githubusercontent.com/dotdc/grafana-dashboards-kubernetes/master/dashboards/k8s-views-global.json + token: '' + k8s-views-namespaces: + url: https://raw.githubusercontent.com/dotdc/grafana-dashboards-kubernetes/master/dashboards/k8s-views-namespaces.json + token: '' + k8s-views-nodes: + url: https://raw.githubusercontent.com/dotdc/grafana-dashboards-kubernetes/master/dashboards/k8s-views-nodes.json + token: '' + k8s-views-pods: + url: https://raw.githubusercontent.com/dotdc/grafana-dashboards-kubernetes/master/dashboards/k8s-views-pods.json + token: '' diff --git a/kustomize/observability/grafana/kubernetes/patches/patch.json b/kustomize/observability/grafana/kubernetes/patches/patch.json new file mode 100644 index 00000000..7bb42f84 --- /dev/null +++ b/kustomize/observability/grafana/kubernetes/patches/patch.json @@ -0,0 +1,17 @@ +[ + { + "op": "add", + "path": "/spec/values/dashboardProviders/dashboardproviders.yaml/providers/-", + "value": { + "name": "grafana-dashboards-kubernetes", + "orgId": 1, + "folder": "Kubernetes", + "type": "file", + "disableDeletion": true, + "editable": false, + "options": { + "path": "/var/lib/grafana/dashboards/grafana-dashboards-kubernetes" + } + } + } +] diff --git a/kustomize/observability/grafana/kustomization.yaml b/kustomize/observability/grafana/kustomization.yaml new file mode 100644 index 00000000..e768af5d --- /dev/null +++ b/kustomize/observability/grafana/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component +resources: + - helm-repository.yaml + - helm-release.yaml diff --git a/kustomize/observability/grafana/node/kustomization.yaml b/kustomize/observability/grafana/node/kustomization.yaml new file mode 100644 index 00000000..23eec4af --- /dev/null +++ b/kustomize/observability/grafana/node/kustomization.yaml @@ -0,0 +1,11 @@ +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component +patches: + - path: patches/helm-release.yaml + - target: + group: helm.toolkit.fluxcd.io + version: v2 + kind: HelmRelease + name: grafana + namespace: system-observability + path: patches/patch.json diff --git a/kustomize/observability/grafana/node/patches/helm-release.yaml b/kustomize/observability/grafana/node/patches/helm-release.yaml new file mode 100644 index 00000000..6386f271 --- /dev/null +++ b/kustomize/observability/grafana/node/patches/helm-release.yaml @@ -0,0 +1,12 @@ +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: grafana + namespace: system-observability +spec: + values: + dashboards: + grafana-dashboards-node: + node-exporter-full: + url: https://raw.githubusercontent.com/rfmoz/grafana-dashboards/d33a10c268e5081aa5de33ec8ffdfb2741109498/prometheus/node-exporter-full.json + token: '' \ No newline at end of file diff --git a/kustomize/observability/grafana/node/patches/patch.json b/kustomize/observability/grafana/node/patches/patch.json new file mode 100644 index 00000000..cb57866b --- /dev/null +++ b/kustomize/observability/grafana/node/patches/patch.json @@ -0,0 +1,17 @@ +[ + { + "op": "add", + "path": "/spec/values/dashboardProviders/dashboardproviders.yaml/providers/-", + "value": { + "name": "grafana-dashboards-node", + "orgId": 1, + "folder": "Nodes", + "type": "file", + "disableDeletion": true, + "editable": false, + "options": { + "path": "/var/lib/grafana/dashboards/grafana-dashboards-node" + } + } + } +] diff --git a/kustomize/observability/grafana/prometheus/kustomization.yaml b/kustomize/observability/grafana/prometheus/kustomization.yaml new file mode 100644 index 00000000..23eec4af --- /dev/null +++ b/kustomize/observability/grafana/prometheus/kustomization.yaml @@ -0,0 +1,11 @@ +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component +patches: + - path: patches/helm-release.yaml + - target: + group: helm.toolkit.fluxcd.io + version: v2 + kind: HelmRelease + name: grafana + namespace: system-observability + path: patches/patch.json diff --git a/kustomize/observability/grafana/prometheus/patches/helm-release.yaml b/kustomize/observability/grafana/prometheus/patches/helm-release.yaml new file mode 100644 index 00000000..0fc46d4c --- /dev/null +++ b/kustomize/observability/grafana/prometheus/patches/helm-release.yaml @@ -0,0 +1,17 @@ +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: grafana + namespace: system-observability +spec: + dependsOn: + - name: kube-prometheus-stack + namespace: system-telemetry + values: + serviceMonitor: + enabled: true + dashboards: + grafana-dashboards-prometheus: + k8s-addons-prometheus: + url: https://raw.githubusercontent.com/dotdc/grafana-dashboards-kubernetes/2333e8f4fa5277b0afc806b24641e221a659bfe9/dashboards/k8s-addons-prometheus.json + token: '' diff --git a/kustomize/observability/grafana/prometheus/patches/patch.json b/kustomize/observability/grafana/prometheus/patches/patch.json new file mode 100644 index 00000000..4523a318 --- /dev/null +++ b/kustomize/observability/grafana/prometheus/patches/patch.json @@ -0,0 +1,28 @@ +[ + { + "op": "add", + "path": "/spec/values/dashboardProviders/dashboardproviders.yaml/providers/-", + "value": { + "name": "grafana-dashboards-prometheus", + "orgId": 1, + "folder": "Prometheus", + "type": "file", + "disableDeletion": true, + "editable": false, + "options": { + "path": "/var/lib/grafana/dashboards/grafana-dashboards-prometheus" + } + } + }, + { + "op": "add", + "path": "/spec/values/datasources/datasources.yaml/datasources/-", + "value": { + "name": "Prometheus", + "type": "prometheus", + "url": "http://kube-prometheus-stack-prometheus.system-telemetry.svc.cluster.local:9090", + "access": "proxy", + "isDefault": true + } + } +] diff --git a/kustomize/observability/kustomization.yaml b/kustomize/observability/kustomization.yaml new file mode 100644 index 00000000..736967b1 --- /dev/null +++ b/kustomize/observability/kustomization.yaml @@ -0,0 +1,2 @@ +resources: + - namespace.yaml diff --git a/kustomize/observability/namespace.yaml b/kustomize/observability/namespace.yaml new file mode 100644 index 00000000..5544d5b6 --- /dev/null +++ b/kustomize/observability/namespace.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: system-observability + labels: + pod-security.kubernetes.io/enforce: baseline + pod-security.kubernetes.io/audit: baseline + pod-security.kubernetes.io/warn: baseline + use-custom-ca: "true" diff --git a/terraform/gitops/flux/.terraform.lock.hcl b/terraform/gitops/flux/.terraform.lock.hcl index f8111438..d9cd3632 100644 --- a/terraform/gitops/flux/.terraform.lock.hcl +++ b/terraform/gitops/flux/.terraform.lock.hcl @@ -2,25 +2,24 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/aws" { - version = "5.92.0" + version = "5.93.0" hashes = [ - "h1:Hm5w8euRSm6tZyc60+nVPQheCikB7P0NhFI/dSFK0IM=", - "h1:KS0bRFXK4N1Do9Y6olKtu4cMhcHvgGYYRHpN+VNfsnM=", - "zh:1d3a0b40831360e8e988aee74a9ff3d69d95cb541c2eae5cb843c64303a091ba", - "zh:3d29cbced6c708be2041a708d25c7c0fc22d09e4d0b174360ed113bfae786137", - "zh:4341a203cf5820a0ca18bb514ae10a6c113bc6a728fb432acbf817d232e8eff4", - "zh:4a49e2d91e4d92b6b93ccbcbdcfa2d67935ce62e33b939656766bb81b3fd9a2c", - "zh:54c7189358b37fd895dedbabf84e509c1980a8c404a1ee5b29b06e40497b8655", - "zh:5d8bb1ff089c37cb65c83b4647f1981fded993e87d8132915d92d79f29e2fcd8", - "zh:618f2eb87cd65b245aefba03991ad714a51ff3b841016ef68e2da2b85d0b2325", - "zh:7bce07bc542d0588ca42bac5098dd4f8af715417cd30166b4fb97cedd44ab109", - "zh:81419eab2d8810beb114b1ff5cbb592d21edc21b809dc12bb066e4b88fdd184a", + "h1:SbzGotY1leY5nnLo/PJOcwIlNTHdZpAErxJSrfr2tTg=", + "zh:00e1b15e6f02cdc788fe855232b63ccce6652930080eac3ba4b8a2e35db02b23", + "zh:3a77ee12e4f5ab2e7b320a0f507389c9171ab82c50d39ae7caa5a1fb2bd95cb3", + "zh:3e32d58e139d098d867eef37914fef01fffb08504d828e0f384c2ffc18d71f80", + "zh:41cf69a525f0fbe0fdb71d26be7ff5e20bb90ccdf5af32c83ed53f0ca2f071b5", + "zh:43055bdd0786855cf7242638a74b579f74f4f1a8e7c7e5e0e50230c8f6b908cb", + "zh:4ac4c29aa0de842ad91145c5a5fba21338531ffca13a510927d445e007a24938", + "zh:57e510498b3aeb6d6155c10fa195e1d5502e763899251057e59e73f653d1e262", + "zh:8f749645b27dba1a07d06aaf9d5596fc4213123f12f3808d68539e78ab16996e", "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", - "zh:9dea39d4748eeeebe2e76ca59bca4ccd161c2687050878c47289a98407a23372", - "zh:d692fc33b67ac89e916c8f9233d39eacab8c438fe10172990ee9d94fba5ca372", - "zh:d9075c7da48947c029ba47d5985e1e8e3bf92367bfee8ca1ff0e747765e779a1", - "zh:e81c62db317f3b640b2e04eba0ada8aa606bcbae0152c09f6242e86b86ef5889", - "zh:f68562e073722c378d2f3529eb80ad463f12c44aa5523d558ae3b69f4de5ca1f", + "zh:aaca5934ac6273d48922ad7685c5fc2aa7ef5275346a9e70366b7a180a788d41", + "zh:b7585b720a97467302f2e29f0688a5a746778f7b73c30eb085c25831decba1e1", + "zh:c16ae0a46d796858c49a89dd90e5ca92f793e646474fadeafaf701def4a4aa83", + "zh:d66bdc9cd5108452d9dba44082e504ff5e3a3001c8f853bbcaff850cb2127a21", + "zh:ee1aec6c44b117a6c8b7159ee7dc82f1ddac6ba434b4e6c493717738326f0a99", + "zh:f0da48692e00ecacea72d7104714d9721f6be40ba094490c442bb3e68d2e2604", ] } diff --git a/windsor.yaml b/windsor.yaml index 6b9b0a53..c189add8 100644 --- a/windsor.yaml +++ b/windsor.yaml @@ -54,4 +54,4 @@ contexts: cidr_block: 10.5.0.0/16 dns: enabled: false - domain: test + domain: test \ No newline at end of file