diff --git a/addons/index.yaml b/addons/index.yaml index 3c5fee53..ef1f050f 100644 --- a/addons/index.yaml +++ b/addons/index.yaml @@ -81,4 +81,7 @@ entries: description: "Transactional Catalog for Data Lakes with Git-like semantics . " lakefs: - version: "1.52" - description: "LakeFS provides version control over the data lake, and uses Git-like semantics to create and access those versions. If you know git, you’ll be right at home with lakeFS. " \ No newline at end of file + description: "LakeFS provides version control over the data lake, and uses Git-like semantics to create and access those versions. If you know git, you’ll be right at home with lakeFS. " + victoriametrics: + - version: "1" + description: "VictoriaMetrics is a fast, cost-effective and scalable monitoring solution and time series database. It is designed to handle large amounts of data with high performance and low resource usage." diff --git a/addons/victoriametrics/1/chart/victoriametrics/.helmignore b/addons/victoriametrics/1/chart/victoriametrics/.helmignore new file mode 100644 index 00000000..207983f3 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/.helmignore @@ -0,0 +1,25 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +# img folder +img/ +# Changelog +CHANGELOG.md diff --git a/addons/victoriametrics/1/chart/victoriametrics/Chart.yaml b/addons/victoriametrics/1/chart/victoriametrics/Chart.yaml new file mode 100644 index 00000000..9ef8fa6b --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/Chart.yaml @@ -0,0 +1,28 @@ +# Copyright Broadcom, Inc. All Rights Reserved. +# SPDX-License-Identifier: APACHE-2.0 + +annotations: + category: Infrastructure + licenses: Apache-2.0 +apiVersion: v2 +appVersion: 1.118.0 +dependencies: +- name: common + repository: oci://registry.drycc.cc/charts + tags: + - drycc-common + version: ~1.1.3 +description: VictoriaMetrics is a fast, cost-effective, and scalable monitoring solution + and time series database, compatible with Prometheus and Graphite +home: https://drycc.com +icon: https://dyltqmyl993wv.cloudfront.net/assets/stacks/victoriametrics/img/victoriametrics-stack-220x234.png +keywords: +- monitoring +- metrics +maintainers: +- name: Broadcom, Inc. All Rights Reserved. + url: https://github.com/drycc/charts +name: victoriametrics +sources: +- https://github.com/drycc/charts/tree/main/drycc/victoriametrics +version: 0.1.13 diff --git a/addons/victoriametrics/1/chart/victoriametrics/README.md b/addons/victoriametrics/1/chart/victoriametrics/README.md new file mode 100644 index 00000000..3d92c67c --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/README.md @@ -0,0 +1,1159 @@ + + +# Drycc package for VictoriaMetrics + +VictoriaMetrics is a fast, cost-effective, and scalable monitoring solution and time series database, compatible with Prometheus and Graphite + +[Overview of VictoriaMetrics](https://victoriametrics.com/) + +Trademarks: This software listing is packaged by Drycc. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement. + +## TL;DR + +```console +helm install my-release oci://registry-1.docker.io/Drycccharts/victoriametrics +``` + +Looking to use VictoriaMetrics in production? Try [VMware Tanzu Application Catalog](https://Drycc.com/enterprise), the commercial edition of the Drycc catalog. + +## Introduction + +This chart bootstraps a [VictoriaMetrics](https://github.com/Drycc/containers/tree/main/Drycc/victoriametrics-vmselect) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. + +## Prerequisites + +- Kubernetes 1.23+ +- Helm 3.8.0+ +- PV provisioner support in the underlying infrastructure + +## Installing the Chart + +To install the chart with the release name `my-release`: + +```console +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/victoriametrics +``` + +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Drycc, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=Drycccharts`. + +The command deploys VictoriaMetrics on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. + +> **Tip**: List all releases using `helm list` + +## Configuration and installation details + +### Available VictoriaMetrics components + +The VictoriaMetrics chart always deploys the `vminsert`, `vmstorage` and `vmselect` components, as part of the basic [open-source VictoriaMetrics cluster installation](https://docs.victoriametrics.com/cluster-victoriametrics/). Additionally, it is possible to deploy the [`vmauth`](https://docs.victoriametrics.com/vmauth/), [`vmalert`](https://docs.victoriametrics.com/vmalert/) or [`vmagent`](https://docs.victoriametrics.com/vmagent/) components by setting `vmauth.enabled=true`, `vmagent.enabled=true` or `vmalert.enabled=true`. + +### Resource requests and limits + +Drycc charts allow setting resource requests and limits for all containers inside the chart deployment. These are inside the `resources` value (check parameter table). Setting requests is essential for production workloads and these should be adapted to your specific use case. + +To make this process easier, the chart contains the `resourcesPreset` values, which automatically sets the `resources` section according to different presets. Check these presets in [the Drycc/common chart](https://github.com/Drycc/charts/blob/main/Drycc/common/templates/_resources.tpl#L15). However, in production workloads using `resourcesPreset` is discouraged as it may not fully adapt to your specific needs. Find more information on container resource management in the [official Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/). + +### [Rolling VS Immutable tags](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html) + +It is strongly recommended to use immutable tags in a production environment. This ensures your deployment does not change automatically if the same tag is updated with a different image. + +Drycc will release a new chart updating its containers if a new version of the main container, significant changes, or critical vulnerabilities exist. + +### Backup and restore + +To back up and restore Helm chart deployments on Kubernetes, you need to back up the persistent volumes from the source deployment and attach them to a new deployment using [Velero](https://velero.io/), a Kubernetes backup/restore tool. Find the instructions for using Velero in [this guide](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-backup-restore-deployments-velero-index.html). + +### Prometheus metrics + +This chart can be integrated with Prometheus by setting `*.metrics.enabled` (under the `vminsert`, `vmselect`, `vmstorage`, `vmagent`, `vmalert` and `vmauth` sections) to `true`. This will expose VictoriaMetrics native Prometheus ports in the containers. Additionally, it will deploy several `metrics` services, which can be configured under the `*.metrics.service` section (under the `vminsert`, `vmselect`, `vmstorage`, `vmagent`, `vmalert` and `vmauth` sections). These `metrics` services will have the necessary annotations to be automatically scraped by Prometheus. + +#### Prometheus requirements + +It is necessary to have a working installation of Prometheus or Prometheus Operator for the integration to work. Install the [Drycc Prometheus helm chart](https://github.com/Drycc/charts/tree/main/Drycc/prometheus) or the [Drycc Kube Prometheus helm chart](https://github.com/Drycc/charts/tree/main/Drycc/kube-prometheus) to easily have a working Prometheus in your cluster. + +#### Integration with Prometheus Operator + +The chart can deploy `ServiceMonitor` objects for integration with Prometheus Operator installations. To do so, set the value `*.metrics.serviceMonitor.enabled=true` (`vminsert`, `vmselect`, `vmstorage`, `vmagent`, `vmalert` and `vmauth`). Ensure that the Prometheus Operator `CustomResourceDefinitions` are installed in the cluster or it will fail with the following error: + +```text +no matches for kind "ServiceMonitor" in version "monitoring.coreos.com/v1" +``` + +Install the [Drycc Kube Prometheus helm chart](https://github.com/Drycc/charts/tree/main/Drycc/kube-prometheus) for having the necessary CRDs and the Prometheus Operator. + +### Ingress + +This chart provides support for Ingress resources. If you have an ingress controller installed on your cluster, such as [nginx-ingress-controller](https://github.com/Drycc/charts/tree/main/Drycc/nginx-ingress-controller) or [contour](https://github.com/Drycc/charts/tree/main/Drycc/contour) you can utilize the ingress controller to serve your application.To enable Ingress integration, set `*.ingress.enabled` (under the `vmselect`, `vmauth` and `vmselect` sections) to `true`. + +The most common scenario is to have one host name mapped to the deployment. In this case, the `*.ingress.hostname` (under the `vmselect`, `vmauth` and `vmselect` sections) property can be used to set the host name. The `*.ingress.tls` parameter can be used to add the TLS configuration for this host. + +However, it is also possible to have more than one host. To facilitate this, the `*.ingress.extraHosts` parameter (if available) can be set with the host names specified as an array. The `*.ingress.extraTLS` (under the `vmselect`, `vmauth` and `vmselect` sections) parameter (if available) can also be used to add the TLS configuration for extra hosts. + +> NOTE: For each host specified in the `*.ingress.extraHosts` (under the `vmselect`, `vmauth` and `vmselect` sections) parameter, it is necessary to set a name, path, and any annotations that the Ingress controller should know about. Not all annotations are supported by all Ingress controllers, but [this annotation reference document](https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md) lists the annotations supported by many popular Ingress controllers. + +Adding the TLS parameter (where available) will cause the chart to generate HTTPS URLs, and the application will be available on port 443. The actual TLS secrets do not have to be generated by this chart. However, if TLS is enabled, the Ingress record will not work until the TLS secret exists. + +[Learn more about Ingress controllers](https://kubernetes.io/docs/concepts/services-networking/ingress-controllers/). + +### Securing traffic using TLS + +This chart facilitates the creation of TLS secrets for use with the Ingress controller (although this is not mandatory). There are several common use cases: + +- Generate certificate secrets based on chart parameters. +- Enable externally generated certificates. +- Manage application certificates via an external service (like [cert-manager](https://github.com/jetstack/cert-manager/)). +- Create self-signed certificates within the chart (if supported). + +In the first two cases, a certificate and a key are needed. Files are expected in `.pem` format. + +Here is an example of a certificate file: + +> NOTE: There may be more than one certificate if there is a certificate chain. + +```text +-----BEGIN CERTIFICATE----- +MIID6TCCAtGgAwIBAgIJAIaCwivkeB5EMA0GCSqGSIb3DQEBCwUAMFYxCzAJBgNV +... +jScrvkiBO65F46KioCL9h5tDvomdU1aqpI/CBzhvZn1c0ZTf87tGQR8NK7v7 +-----END CERTIFICATE----- +``` + +Here is an example of a certificate key: + +```text +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEAvLYcyu8f3skuRyUgeeNpeDvYBCDcgq+LsWap6zbX5f8oLqp4 +... +wrj2wDbCDCFmfqnSJ+dKI3vFLlEz44sAV8jX/kd4Y6ZTQhlLbYc= +-----END RSA PRIVATE KEY----- +``` + +- If using Helm to manage the certificates based on the parameters, copy these values into the `certificate` and `key` values for a given `*.ingress.secrets` (under the `vmselect`, `vmauth` and `vmselect` sections) entry. +- If managing TLS secrets separately, it is necessary to create a TLS secret with name `INGRESS_HOSTNAME-tls` (where INGRESS_HOSTNAME is a placeholder to be replaced with the hostname you set using the `*.ingress.hostname` (under the `vmselect`, `vmauth` and `vmselect` sections) parameter). +- If your cluster has a [cert-manager](https://github.com/jetstack/cert-manager) add-on to automate the management and issuance of TLS certificates, add to `*.ingress.annotations` (under the `vmselect`, `vmauth` and `vmselect` sections) the [corresponding ones](https://cert-manager.io/docs/usage/ingress/#supported-annotations) for cert-manager. +- If using self-signed certificates created by Helm, set both `*.ingress.tls` and `*.ingress.selfSigned` (under the `vmselect`, `vmauth` and `vmselect` sections) to `true`. + +## Parameters + +### Global parameters + +| Name | Description | Value | +| ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- | +| `global.imageRegistry` | Global Docker image registry | `""` | +| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` | +| `global.defaultStorageClass` | Global default StorageClass for Persistent Volume(s) | `""` | +| `global.security.allowInsecureImages` | Allows skipping image verification | `false` | +| `global.compatibility.openshift.adaptSecurityContext` | Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation) | `auto` | + +### Common parameters + +| Name | Description | Value | +| ------------------- | ---------------------------------------------------------- | --------------- | +| `kubeVersion` | Override Kubernetes version | `""` | +| `apiVersions` | Override Kubernetes API versions reported by .Capabilities | `[]` | +| `nameOverride` | String to partially override common.names.name | `""` | +| `fullnameOverride` | String to fully override common.names.fullname | `""` | +| `namespaceOverride` | String to fully override common.names.namespace | `""` | +| `commonLabels` | Labels to add to all deployed objects | `{}` | +| `commonAnnotations` | Annotations to add to all deployed objects | `{}` | +| `clusterDomain` | Kubernetes cluster domain name | `cluster.local` | +| `extraDeploy` | Array of extra objects to deploy with the release | `[]` | + +### VictoriaMetrics common parameters + +| Name | Description | Value | +| --------------- | ----------------------------------- | ------ | +| `envflagEnable` | Enable envflag | `true` | +| `envflagPrefix` | Prefix used for the envflag entries | `VM_` | +| `loggerFormat` | Set format of the logs | `json` | + +### VictoriaMetrics Select Parameters + +| Name | Description | Value | +| ------------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------ | +| `vmselect.image.registry` | VictoriaMetrics Select image registry | `REGISTRY_NAME` | +| `vmselect.image.repository` | VictoriaMetrics Select image repository | `REPOSITORY_NAME/victoriametrics-vmselect` | +| `vmselect.image.digest` | VictoriaMetrics Select image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | +| `vmselect.image.pullPolicy` | VictoriaMetrics Select image pull policy | `IfNotPresent` | +| `vmselect.image.pullSecrets` | VictoriaMetrics Select image pull secrets | `[]` | +| `vmselect.replicaCount` | Number of VictoriaMetrics Select replicas to deploy | `1` | +| `vmselect.containerPorts.http` | VictoriaMetrics Select http container port | `8481` | +| `vmselect.livenessProbe.enabled` | Enable livenessProbe on VictoriaMetrics Select containers | `true` | +| `vmselect.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | +| `vmselect.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `vmselect.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `vmselect.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `vmselect.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `vmselect.readinessProbe.enabled` | Enable readinessProbe on VictoriaMetrics Select containers | `true` | +| `vmselect.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `vmselect.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `vmselect.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `vmselect.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | +| `vmselect.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `vmselect.startupProbe.enabled` | Enable startupProbe on VictoriaMetrics Select containers | `false` | +| `vmselect.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `vmselect.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `vmselect.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `vmselect.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | +| `vmselect.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `vmselect.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `vmselect.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `vmselect.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `vmselect.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if vmselect.resources is set (vmselect.resources is recommended for production). | `nano` | +| `vmselect.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | +| `vmselect.kind` | Define how to deploy VictoriaMetrics Select (allowed values: deployment or statefulset) | `deployment` | +| `vmselect.podManagementPolicy` | Pod management policy for VictoriaMetrics Storage statefulset | `Parallel` | +| `vmselect.annotations` | Annotations for VictoriaMetrics Select Deployment or StatefulSet | `{}` | +| `vmselect.podSecurityContext.enabled` | Enabled VictoriaMetrics Select pods' Security Context | `true` | +| `vmselect.podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` | +| `vmselect.podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` | +| `vmselect.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` | +| `vmselect.podSecurityContext.fsGroup` | Set VictoriaMetrics Select pod's Security Context fsGroup | `1001` | +| `vmselect.containerSecurityContext.enabled` | Enabled VictoriaMetrics Select containers' Security Context | `true` | +| `vmselect.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` | +| `vmselect.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | +| `vmselect.containerSecurityContext.runAsGroup` | Set containers' Security Context runAsGroup | `1001` | +| `vmselect.containerSecurityContext.runAsNonRoot` | Set VictoriaMetrics Select containers' Security Context runAsNonRoot | `true` | +| `vmselect.containerSecurityContext.privileged` | Set VictoriaMetrics Select containers' Security Context privileged | `false` | +| `vmselect.containerSecurityContext.readOnlyRootFilesystem` | Set VictoriaMetrics Select containers' Security Context runAsNonRoot | `true` | +| `vmselect.containerSecurityContext.allowPrivilegeEscalation` | Set VictoriaMetrics Select container's privilege escalation | `false` | +| `vmselect.containerSecurityContext.capabilities.drop` | Set VictoriaMetrics Select container's Security Context runAsNonRoot | `["ALL"]` | +| `vmselect.containerSecurityContext.seccompProfile.type` | Set VictoriaMetrics Select container's Security Context seccomp profile | `RuntimeDefault` | +| `vmselect.command` | Override default container command (useful when using custom images) | `[]` | +| `vmselect.args` | Override default container args (useful when using custom images) | `[]` | +| `vmselect.extraArgs` | Add extra arguments to the default command | `[]` | +| `vmselect.automountServiceAccountToken` | Mount Service Account token in pod | `false` | +| `vmselect.hostAliases` | VictoriaMetrics Select pods host aliases | `[]` | +| `vmselect.podLabels` | Extra labels for VictoriaMetrics Select pods | `{}` | +| `vmselect.podAnnotations` | Annotations for VictoriaMetrics Select pods | `{}` | +| `vmselect.podAffinityPreset` | Pod affinity preset. Ignored if `vmselect.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `vmselect.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `vmselect.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `vmselect.pdb.create` | Enable/disable a Pod Disruption Budget creation | `true` | +| `vmselect.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `""` | +| `vmselect.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | +| `vmselect.autoscaling.vpa.enabled` | Enable VPA for VictoriaMetrics Select pods | `false` | +| `vmselect.autoscaling.vpa.annotations` | Annotations for VPA resource | `{}` | +| `vmselect.autoscaling.vpa.controlledResources` | VPA List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory | `[]` | +| `vmselect.autoscaling.vpa.maxAllowed` | VPA Max allowed resources for the pod | `{}` | +| `vmselect.autoscaling.vpa.minAllowed` | VPA Min allowed resources for the pod | `{}` | +| `vmselect.autoscaling.vpa.updatePolicy.updateMode` | Autoscaling update policy | `Auto` | +| `vmselect.autoscaling.hpa.enabled` | Enable HPA for VictoriaMetrics Select pods | `false` | +| `vmselect.autoscaling.hpa.minReplicas` | Minimum number of replicas | `""` | +| `vmselect.autoscaling.hpa.maxReplicas` | Maximum number of replicas | `""` | +| `vmselect.autoscaling.hpa.targetCPU` | Target CPU utilization percentage | `""` | +| `vmselect.autoscaling.hpa.targetMemory` | Target Memory utilization percentage | `""` | +| `vmselect.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `vmselect.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `vmselect.nodeAffinityPreset.key` | Node label key to match. Ignored if `vmselect.affinity` is set | `""` | +| `vmselect.nodeAffinityPreset.values` | Node label values to match. Ignored if `vmselect.affinity` is set | `[]` | +| `vmselect.affinity` | Affinity for VictoriaMetrics Select pods assignment | `{}` | +| `vmselect.nodeSelector` | Node labels for VictoriaMetrics Select pods assignment | `{}` | +| `vmselect.tolerations` | Tolerations for VictoriaMetrics Select pods assignment | `[]` | +| `vmselect.updateStrategy.type` | VictoriaMetrics Select statefulset strategy type | `RollingUpdate` | +| `vmselect.priorityClassName` | VictoriaMetrics Select pods' priorityClassName | `""` | +| `vmselect.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `vmselect.schedulerName` | Name of the k8s scheduler (other than default) for VictoriaMetrics Select pods | `""` | +| `vmselect.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | +| `vmselect.lifecycleHooks` | for the VictoriaMetrics Select container(s) to automate configuration before or after startup | `{}` | +| `vmselect.extraEnvVars` | Array with extra environment variables to add to VictoriaMetrics Select nodes | `[]` | +| `vmselect.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for VictoriaMetrics Select nodes | `""` | +| `vmselect.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for VictoriaMetrics Select nodes | `""` | +| `vmselect.extraVolumes` | Optionally specify extra list of additional volumes for the VictoriaMetrics Select pod(s) | `[]` | +| `vmselect.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the VictoriaMetrics Select container(s) | `[]` | +| `vmselect.sidecars` | Add additional sidecar containers to the VictoriaMetrics Select pod(s) | `[]` | +| `vmselect.initContainers` | Add additional init containers to the VictoriaMetrics Select pod(s) | `[]` | + +### VictoriaMetrics Select RBAC Parameters + +| Name | Description | Value | +| ------------------------------------------------------ | ---------------------------------------------------------------- | ------- | +| `vmselect.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | +| `vmselect.serviceAccount.name` | The name of the ServiceAccount to use. | `""` | +| `vmselect.serviceAccount.annotations` | Additional Service Account annotations (evaluated as a template) | `{}` | +| `vmselect.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `false` | + +### VictoriaMetrics Select Traffic Exposure Parameters + +| Name | Description | Value | +| ------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------- | ------------------------ | +| `vmselect.service.type` | VictoriaMetrics Select service type | `ClusterIP` | +| `vmselect.service.ports.http` | VictoriaMetrics Select service http port | `8481` | +| `vmselect.service.nodePorts.http` | Node port for HTTP | `""` | +| `vmselect.service.clusterIP` | VictoriaMetrics Select service Cluster IP | `""` | +| `vmselect.service.loadBalancerIP` | VictoriaMetrics Select service Load Balancer IP | `""` | +| `vmselect.service.loadBalancerSourceRanges` | VictoriaMetrics Select service Load Balancer sources | `[]` | +| `vmselect.service.externalTrafficPolicy` | VictoriaMetrics Select service external traffic policy | `Cluster` | +| `vmselect.service.annotations` | Additional custom annotations for VictoriaMetrics Select service | `{}` | +| `vmselect.service.extraPorts` | Extra ports to expose in VictoriaMetrics Select service (normally used with the `sidecars` value) | `[]` | +| `vmselect.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `vmselect.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `vmselect.service.headless.annotations` | Annotations for the headless service. | `{}` | +| `vmselect.ingress.enabled` | Enable ingress record generation for VictoriaMetrics Select | `false` | +| `vmselect.ingress.pathType` | Ingress path type | `ImplementationSpecific` | +| `vmselect.ingress.apiVersion` | Force Ingress API version (automatically detected if not set) | `""` | +| `vmselect.ingress.hostname` | Default host for the ingress record | `vmselect.local` | +| `vmselect.ingress.ingressClassName` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | `""` | +| `vmselect.ingress.path` | Default path for the ingress record | `/` | +| `vmselect.ingress.annotations` | Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. | `{}` | +| `vmselect.ingress.tls` | Enable TLS configuration for the host defined at `vmselect.ingress.hostname` parameter | `false` | +| `vmselect.ingress.selfSigned` | Create a TLS secret for this ingress record using self-signed certificates generated by Helm | `false` | +| `vmselect.ingress.extraHosts` | An array with additional hostname(s) to be covered with the ingress record | `[]` | +| `vmselect.ingress.extraPaths` | An array with additional arbitrary paths that may need to be added to the ingress under the main host | `[]` | +| `vmselect.ingress.extraTls` | TLS configuration for additional hostname(s) to be covered with this ingress record | `[]` | +| `vmselect.ingress.secrets` | Custom TLS certificates as secrets | `[]` | +| `vmselect.ingress.extraRules` | Additional rules to be covered with this ingress record | `[]` | +| `vmselect.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | +| `vmselect.networkPolicy.allowExternal` | Don't require server label for connections | `true` | +| `vmselect.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | +| `vmselect.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `vmselect.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `vmselect.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | +| `vmselect.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | + +### VictoriaMetrics Select Metrics Parameters + +| Name | Description | Value | +| --------------------------------------------------- | ------------------------------------------------------------------------------------------------------ | ------- | +| `vmselect.metrics.enabled` | Enable the export of Prometheus metrics | `false` | +| `vmselect.metrics.annotations` | Additional custom annotations for the service | `{}` | +| `vmselect.metrics.serviceMonitor.enabled` | if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) | `false` | +| `vmselect.metrics.serviceMonitor.namespace` | Namespace in which Prometheus is running | `""` | +| `vmselect.metrics.serviceMonitor.annotations` | Additional custom annotations for the ServiceMonitor | `{}` | +| `vmselect.metrics.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | +| `vmselect.metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in Prometheus | `""` | +| `vmselect.metrics.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` | +| `vmselect.metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. | `""` | +| `vmselect.metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | +| `vmselect.metrics.serviceMonitor.metricRelabelings` | Specify additional relabeling of metrics | `[]` | +| `vmselect.metrics.serviceMonitor.relabelings` | Specify general relabeling | `[]` | +| `vmselect.metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | + +### VictoriaMetrics Insert Parameters + +| Name | Description | Value | +| ------------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------ | +| `vminsert.image.registry` | VictoriaMetrics Insert image registry | `REGISTRY_NAME` | +| `vminsert.image.repository` | VictoriaMetrics Insert image repository | `REPOSITORY_NAME/victoriametrics-vminsert` | +| `vminsert.image.digest` | VictoriaMetrics Insert image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | +| `vminsert.image.pullPolicy` | VictoriaMetrics Insert image pull policy | `IfNotPresent` | +| `vminsert.image.pullSecrets` | VictoriaMetrics Insert image pull secrets | `[]` | +| `vminsert.replicaCount` | Number of VictoriaMetrics Insert replicas to deploy | `1` | +| `vminsert.containerPorts.http` | VictoriaMetrics Insert http container port | `8480` | +| `vminsert.livenessProbe.enabled` | Enable livenessProbe on VictoriaMetrics Insert containers | `true` | +| `vminsert.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | +| `vminsert.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `vminsert.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `vminsert.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `vminsert.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `vminsert.readinessProbe.enabled` | Enable readinessProbe on VictoriaMetrics Insert containers | `true` | +| `vminsert.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `vminsert.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `vminsert.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `vminsert.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | +| `vminsert.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `vminsert.startupProbe.enabled` | Enable startupProbe on VictoriaMetrics Insert containers | `false` | +| `vminsert.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `vminsert.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `vminsert.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `vminsert.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | +| `vminsert.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `vminsert.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `vminsert.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `vminsert.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `vminsert.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if vminsert.resources is set (vminsert.resources is recommended for production). | `nano` | +| `vminsert.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | +| `vminsert.deploymentAnnotations` | Annotations for VictoriaMetrics Insert Deployment | `{}` | +| `vminsert.podSecurityContext.enabled` | Enabled VictoriaMetrics Insert pods' Security Context | `true` | +| `vminsert.podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` | +| `vminsert.podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` | +| `vminsert.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` | +| `vminsert.podSecurityContext.fsGroup` | Set VictoriaMetrics Insert pod's Security Context fsGroup | `1001` | +| `vminsert.containerSecurityContext.enabled` | Enabled VictoriaMetrics Insert containers' Security Context | `true` | +| `vminsert.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` | +| `vminsert.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | +| `vminsert.containerSecurityContext.runAsGroup` | Set containers' Security Context runAsGroup | `1001` | +| `vminsert.containerSecurityContext.runAsNonRoot` | Set VictoriaMetrics Insert containers' Security Context runAsNonRoot | `true` | +| `vminsert.containerSecurityContext.privileged` | Set VictoriaMetrics Insert containers' Security Context privileged | `false` | +| `vminsert.containerSecurityContext.readOnlyRootFilesystem` | Set VictoriaMetrics Insert containers' Security Context runAsNonRoot | `true` | +| `vminsert.containerSecurityContext.allowPrivilegeEscalation` | Set VictoriaMetrics Insert container's privilege escalation | `false` | +| `vminsert.containerSecurityContext.capabilities.drop` | Set VictoriaMetrics Insert container's Security Context runAsNonRoot | `["ALL"]` | +| `vminsert.containerSecurityContext.seccompProfile.type` | Set VictoriaMetrics Insert container's Security Context seccomp profile | `RuntimeDefault` | +| `vminsert.command` | Override default container command (useful when using custom images) | `[]` | +| `vminsert.args` | Override default container args (useful when using custom images) | `[]` | +| `vminsert.extraArgs` | Add extra arguments to the default command | `[]` | +| `vminsert.automountServiceAccountToken` | Mount Service Account token in pod | `false` | +| `vminsert.hostAliases` | VictoriaMetrics Insert pods host aliases | `[]` | +| `vminsert.podLabels` | Extra labels for VictoriaMetrics Insert pods | `{}` | +| `vminsert.podAnnotations` | Annotations for VictoriaMetrics Insert pods | `{}` | +| `vminsert.podAffinityPreset` | Pod affinity preset. Ignored if `vminsert.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `vminsert.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `vminsert.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `vminsert.pdb.create` | Enable/disable a Pod Disruption Budget creation | `true` | +| `vminsert.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `""` | +| `vminsert.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | +| `vminsert.autoscaling.vpa.enabled` | Enable VPA for VictoriaMetrics Insert pods | `false` | +| `vminsert.autoscaling.vpa.annotations` | Annotations for VPA resource | `{}` | +| `vminsert.autoscaling.vpa.controlledResources` | VPA List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory | `[]` | +| `vminsert.autoscaling.vpa.maxAllowed` | VPA Max allowed resources for the pod | `{}` | +| `vminsert.autoscaling.vpa.minAllowed` | VPA Min allowed resources for the pod | `{}` | +| `vminsert.autoscaling.vpa.updatePolicy.updateMode` | Autoscaling update policy | `Auto` | +| `vminsert.autoscaling.hpa.enabled` | Enable HPA for VictoriaMetrics Insert pods | `false` | +| `vminsert.autoscaling.hpa.minReplicas` | Minimum number of replicas | `""` | +| `vminsert.autoscaling.hpa.maxReplicas` | Maximum number of replicas | `""` | +| `vminsert.autoscaling.hpa.targetCPU` | Target CPU utilization percentage | `""` | +| `vminsert.autoscaling.hpa.targetMemory` | Target Memory utilization percentage | `""` | +| `vminsert.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `vminsert.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `vminsert.nodeAffinityPreset.key` | Node label key to match. Ignored if `vminsert.affinity` is set | `""` | +| `vminsert.nodeAffinityPreset.values` | Node label values to match. Ignored if `vminsert.affinity` is set | `[]` | +| `vminsert.affinity` | Affinity for VictoriaMetrics Insert pods assignment | `{}` | +| `vminsert.nodeSelector` | Node labels for VictoriaMetrics Insert pods assignment | `{}` | +| `vminsert.tolerations` | Tolerations for VictoriaMetrics Insert pods assignment | `[]` | +| `vminsert.updateStrategy.type` | VictoriaMetrics Insert statefulset strategy type | `RollingUpdate` | +| `vminsert.priorityClassName` | VictoriaMetrics Insert pods' priorityClassName | `""` | +| `vminsert.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `vminsert.schedulerName` | Name of the k8s scheduler (other than default) for VictoriaMetrics Insert pods | `""` | +| `vminsert.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | +| `vminsert.lifecycleHooks` | for the VictoriaMetrics Insert container(s) to automate configuration before or after startup | `{}` | +| `vminsert.extraEnvVars` | Array with extra environment variables to add to VictoriaMetrics Insert nodes | `[]` | +| `vminsert.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for VictoriaMetrics Insert nodes | `""` | +| `vminsert.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for VictoriaMetrics Insert nodes | `""` | +| `vminsert.extraVolumes` | Optionally specify extra list of additional volumes for the VictoriaMetrics Insert pod(s) | `[]` | +| `vminsert.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the VictoriaMetrics Insert container(s) | `[]` | +| `vminsert.sidecars` | Add additional sidecar containers to the VictoriaMetrics Insert pod(s) | `[]` | +| `vminsert.initContainers` | Add additional init containers to the VictoriaMetrics Insert pod(s) | `[]` | +| `vminsert.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | +| `vminsert.serviceAccount.name` | The name of the ServiceAccount to use. | `""` | +| `vminsert.serviceAccount.annotations` | Additional Service Account annotations (evaluated as a template) | `{}` | +| `vminsert.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `false` | + +### VictoriaMetrics Insert Traffic Exposure Parameters + +| Name | Description | Value | +| ------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------- | ------------------------ | +| `vminsert.service.type` | VictoriaMetrics Insert service type | `ClusterIP` | +| `vminsert.service.ports.http` | VictoriaMetrics Insert service http port | `8480` | +| `vminsert.service.nodePorts.http` | Node port for HTTP | `""` | +| `vminsert.service.clusterIP` | VictoriaMetrics Insert service Cluster IP | `""` | +| `vminsert.service.loadBalancerIP` | VictoriaMetrics Insert service Load Balancer IP | `""` | +| `vminsert.service.loadBalancerSourceRanges` | VictoriaMetrics Insert service Load Balancer sources | `[]` | +| `vminsert.service.externalTrafficPolicy` | VictoriaMetrics Insert service external traffic policy | `Cluster` | +| `vminsert.service.annotations` | Additional custom annotations for VictoriaMetrics Insert service | `{}` | +| `vminsert.service.extraPorts` | Extra ports to expose in VictoriaMetrics Insert service (normally used with the `sidecars` value) | `[]` | +| `vminsert.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `vminsert.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `vminsert.ingress.enabled` | Enable ingress record generation for VictoriaMetrics Insert | `false` | +| `vminsert.ingress.pathType` | Ingress path type | `ImplementationSpecific` | +| `vminsert.ingress.apiVersion` | Force Ingress API version (automatically detected if not set) | `""` | +| `vminsert.ingress.hostname` | Default host for the ingress record | `vminsert.local` | +| `vminsert.ingress.ingressClassName` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | `""` | +| `vminsert.ingress.path` | Default path for the ingress record | `/` | +| `vminsert.ingress.annotations` | Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. | `{}` | +| `vminsert.ingress.tls` | Enable TLS configuration for the host defined at `vminsert.ingress.hostname` parameter | `false` | +| `vminsert.ingress.selfSigned` | Create a TLS secret for this ingress record using self-signed certificates generated by Helm | `false` | +| `vminsert.ingress.extraHosts` | An array with additional hostname(s) to be covered with the ingress record | `[]` | +| `vminsert.ingress.extraPaths` | An array with additional arbitrary paths that may need to be added to the ingress under the main host | `[]` | +| `vminsert.ingress.extraTls` | TLS configuration for additional hostname(s) to be covered with this ingress record | `[]` | +| `vminsert.ingress.secrets` | Custom TLS certificates as secrets | `[]` | +| `vminsert.ingress.extraRules` | Additional rules to be covered with this ingress record | `[]` | +| `vminsert.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | +| `vminsert.networkPolicy.allowExternal` | Don't require server label for connections | `true` | +| `vminsert.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | +| `vminsert.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `vminsert.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `vminsert.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | +| `vminsert.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | + +### VictoriaMetrics Insert Metrics Parameters + +| Name | Description | Value | +| --------------------------------------------------- | ------------------------------------------------------------------------------------------------------ | ------- | +| `vminsert.metrics.enabled` | Enable the export of Prometheus metrics | `false` | +| `vminsert.metrics.annotations` | Additional custom annotations for the service | `{}` | +| `vminsert.metrics.serviceMonitor.enabled` | if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) | `false` | +| `vminsert.metrics.serviceMonitor.namespace` | Namespace in which Prometheus is running | `""` | +| `vminsert.metrics.serviceMonitor.annotations` | Additional custom annotations for the ServiceMonitor | `{}` | +| `vminsert.metrics.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | +| `vminsert.metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in Prometheus | `""` | +| `vminsert.metrics.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` | +| `vminsert.metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. | `""` | +| `vminsert.metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | +| `vminsert.metrics.serviceMonitor.metricRelabelings` | Specify additional relabeling of metrics | `[]` | +| `vminsert.metrics.serviceMonitor.relabelings` | Specify general relabeling | `[]` | +| `vminsert.metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | + +### VictoriaMetrics Storage Parameters + +| Name | Description | Value | +| ------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------- | +| `vmstorage.image.registry` | VictoriaMetrics Storage image registry | `REGISTRY_NAME` | +| `vmstorage.image.repository` | VictoriaMetrics Storage image repository | `REPOSITORY_NAME/victoriametrics-vmstorage` | +| `vmstorage.image.digest` | VictoriaMetrics Storage image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | +| `vmstorage.image.pullPolicy` | VictoriaMetrics Storage image pull policy | `IfNotPresent` | +| `vmstorage.image.pullSecrets` | VictoriaMetrics Storage image pull secrets | `[]` | +| `vmstorage.replicaCount` | Number of VictoriaMetrics Storage replicas to deploy | `1` | +| `vmstorage.containerPorts.http` | VictoriaMetrics Storage http container port | `8482` | +| `vmstorage.containerPorts.vmselect` | VictoriaMetrics Storage vmselect container port | `8401` | +| `vmstorage.containerPorts.vminsert` | VictoriaMetrics Storage vminsert container port | `8400` | +| `vmstorage.livenessProbe.enabled` | Enable livenessProbe on VictoriaMetrics Storage containers | `true` | +| `vmstorage.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | +| `vmstorage.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `vmstorage.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `vmstorage.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `vmstorage.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `vmstorage.readinessProbe.enabled` | Enable readinessProbe on VictoriaMetrics Storage containers | `true` | +| `vmstorage.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `vmstorage.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `vmstorage.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `vmstorage.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | +| `vmstorage.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `vmstorage.startupProbe.enabled` | Enable startupProbe on VictoriaMetrics Storage containers | `false` | +| `vmstorage.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `vmstorage.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `vmstorage.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `vmstorage.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | +| `vmstorage.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `vmstorage.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `vmstorage.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `vmstorage.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `vmstorage.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if vmstorage.resources is set (vmstorage.resources is recommended for production). | `small` | +| `vmstorage.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | +| `vmstorage.retentionPeriod` | Data retention period | `1` | +| `vmstorage.statefulsetAnnotations` | Annotations for VictoriaMetrics Storage statefulset | `{}` | +| `vmstorage.podSecurityContext.enabled` | Enabled VictoriaMetrics Storage pods' Security Context | `true` | +| `vmstorage.podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` | +| `vmstorage.podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` | +| `vmstorage.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` | +| `vmstorage.podSecurityContext.fsGroup` | Set VictoriaMetrics Storage pod's Security Context fsGroup | `1001` | +| `vmstorage.containerSecurityContext.enabled` | Enabled VictoriaMetrics Storage containers' Security Context | `true` | +| `vmstorage.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` | +| `vmstorage.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | +| `vmstorage.containerSecurityContext.runAsGroup` | Set containers' Security Context runAsGroup | `1001` | +| `vmstorage.containerSecurityContext.runAsNonRoot` | Set VictoriaMetrics Storage containers' Security Context runAsNonRoot | `true` | +| `vmstorage.containerSecurityContext.privileged` | Set VictoriaMetrics Storage containers' Security Context privileged | `false` | +| `vmstorage.containerSecurityContext.readOnlyRootFilesystem` | Set VictoriaMetrics Storage containers' Security Context runAsNonRoot | `true` | +| `vmstorage.containerSecurityContext.allowPrivilegeEscalation` | Set VictoriaMetrics Storage container's privilege escalation | `false` | +| `vmstorage.containerSecurityContext.capabilities.drop` | Set VictoriaMetrics Storage container's Security Context runAsNonRoot | `["ALL"]` | +| `vmstorage.containerSecurityContext.seccompProfile.type` | Set VictoriaMetrics Storage container's Security Context seccomp profile | `RuntimeDefault` | +| `vmstorage.command` | Override default container command (useful when using custom images) | `[]` | +| `vmstorage.args` | Override default container args (useful when using custom images) | `[]` | +| `vmstorage.extraArgs` | Add extra arguments to the default command | `[]` | +| `vmstorage.automountServiceAccountToken` | Mount Service Account token in pod | `false` | +| `vmstorage.hostAliases` | VictoriaMetrics Storage pods host aliases | `[]` | +| `vmstorage.podLabels` | Extra labels for VictoriaMetrics Storage pods | `{}` | +| `vmstorage.podAnnotations` | Annotations for VictoriaMetrics Storage pods | `{}` | +| `vmstorage.podAffinityPreset` | Pod affinity preset. Ignored if `vmstorage.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `vmstorage.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `vmstorage.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `vmstorage.pdb.create` | Enable/disable a Pod Disruption Budget creation | `true` | +| `vmstorage.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `""` | +| `vmstorage.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | +| `vmstorage.autoscaling.vpa.enabled` | Enable VPA for VictoriaMetrics Storage pods | `false` | +| `vmstorage.autoscaling.vpa.annotations` | Annotations for VPA resource | `{}` | +| `vmstorage.autoscaling.vpa.controlledResources` | VPA List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory | `[]` | +| `vmstorage.autoscaling.vpa.maxAllowed` | VPA Max allowed resources for the pod | `{}` | +| `vmstorage.autoscaling.vpa.minAllowed` | VPA Min allowed resources for the pod | `{}` | +| `vmstorage.autoscaling.vpa.updatePolicy.updateMode` | Autoscaling update policy | `Auto` | +| `vmstorage.autoscaling.hpa.enabled` | Enable HPA for VictoriaMetrics Storage pods | `false` | +| `vmstorage.autoscaling.hpa.minReplicas` | Minimum number of replicas | `""` | +| `vmstorage.autoscaling.hpa.maxReplicas` | Maximum number of replicas | `""` | +| `vmstorage.autoscaling.hpa.targetCPU` | Target CPU utilization percentage | `""` | +| `vmstorage.autoscaling.hpa.targetMemory` | Target Memory utilization percentage | `""` | +| `vmstorage.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `vmstorage.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `vmstorage.nodeAffinityPreset.key` | Node label key to match. Ignored if `vmstorage.affinity` is set | `""` | +| `vmstorage.nodeAffinityPreset.values` | Node label values to match. Ignored if `vmstorage.affinity` is set | `[]` | +| `vmstorage.affinity` | Affinity for VictoriaMetrics Storage pods assignment | `{}` | +| `vmstorage.nodeSelector` | Node labels for VictoriaMetrics Storage pods assignment | `{}` | +| `vmstorage.podManagementPolicy` | Pod management policy for VictoriaMetrics Storage statefulset | `Parallel` | +| `vmstorage.tolerations` | Tolerations for VictoriaMetrics Storage pods assignment | `[]` | +| `vmstorage.updateStrategy.type` | VictoriaMetrics Storage statefulset strategy type | `RollingUpdate` | +| `vmstorage.priorityClassName` | VictoriaMetrics Storage pods' priorityClassName | `""` | +| `vmstorage.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `vmstorage.schedulerName` | Name of the k8s scheduler (other than default) for VictoriaMetrics Storage pods | `""` | +| `vmstorage.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | +| `vmstorage.lifecycleHooks` | for the VictoriaMetrics Storage container(s) to automate configuration before or after startup | `{}` | +| `vmstorage.extraEnvVars` | Array with extra environment variables to add to VictoriaMetrics Storage nodes | `[]` | +| `vmstorage.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for VictoriaMetrics Storage nodes | `""` | +| `vmstorage.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for VictoriaMetrics Storage nodes | `""` | +| `vmstorage.extraVolumes` | Optionally specify extra list of additional volumes for the VictoriaMetrics Storage pod(s) | `[]` | +| `vmstorage.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the VictoriaMetrics Storage container(s) | `[]` | +| `vmstorage.sidecars` | Add additional sidecar containers to the VictoriaMetrics Storage pod(s) | `[]` | +| `vmstorage.initContainers` | Add additional init containers to the VictoriaMetrics Storage pod(s) | `[]` | +| `vmstorage.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | +| `vmstorage.serviceAccount.name` | The name of the ServiceAccount to use. | `""` | +| `vmstorage.serviceAccount.annotations` | Additional Service Account annotations (evaluated as a template) | `{}` | +| `vmstorage.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `false` | + +### VictoriaMetrics Storage Traffic Exposure Parameters + +| Name | Description | Value | +| ------------------------------------------------- | -------------------------------------------------------------------------------------------------- | ----------- | +| `vmstorage.service.type` | VictoriaMetrics Storage service type | `ClusterIP` | +| `vmstorage.service.ports.http` | VictoriaMetrics Storage service http port | `80` | +| `vmstorage.service.nodePorts.http` | Node port for HTTP | `""` | +| `vmstorage.service.clusterIP` | VictoriaMetrics Storage service Cluster IP | `""` | +| `vmstorage.service.loadBalancerIP` | VictoriaMetrics Storage service Load Balancer IP | `""` | +| `vmstorage.service.loadBalancerSourceRanges` | VictoriaMetrics Storage service Load Balancer sources | `[]` | +| `vmstorage.service.externalTrafficPolicy` | VictoriaMetrics Storage service external traffic policy | `Cluster` | +| `vmstorage.service.annotations` | Additional custom annotations for VictoriaMetrics Storage service | `{}` | +| `vmstorage.service.extraPorts` | Extra ports to expose in VictoriaMetrics Storage service (normally used with the `sidecars` value) | `[]` | +| `vmstorage.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `vmstorage.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `vmstorage.service.headless.annotations` | Annotations for the headless service. | `{}` | +| `vmstorage.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | +| `vmstorage.networkPolicy.allowExternal` | Don't require server label for connections | `true` | +| `vmstorage.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | +| `vmstorage.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `vmstorage.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `vmstorage.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | +| `vmstorage.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | + +### VictoriaMetrics Storage Persistence Parameters + +| Name | Description | Value | +| ------------------------------------------------- | --------------------------------------------------------------------------------------- | ------- | +| `vmstorage.persistence.enabled` | Enable persistence using Persistent Volume Claims | `true` | +| `vmstorage.persistence.mountPath` | Persistent Volume mount root path | `/data` | +| `vmstorage.persistence.storageClass` | Persistent Volume storage class | `""` | +| `vmstorage.persistence.accessModes` | Persistent Volume access modes | `[]` | +| `vmstorage.persistence.size` | Persistent Volume size | `10Gi` | +| `vmstorage.persistence.dataSource` | Custom PVC data source | `{}` | +| `vmstorage.persistence.annotations` | Annotations for the PVC | `{}` | +| `vmstorage.persistence.selector` | Selector to match an existing Persistent Volume (this value is evaluated as a template) | `{}` | +| `vmstorage.persistence.existingClaim` | The name of an existing PVC to use for persistence | `""` | +| `vmstorage.persistence.extraVolumeClaimTemplates` | Add additional VolumeClaimTemplates for enabling any plugins or any other purpose | `[]` | + +### VictoriaMetrics Storage Metrics Parameters + +| Name | Description | Value | +| ---------------------------------------------------- | ------------------------------------------------------------------------------------------------------ | ------- | +| `vmstorage.metrics.enabled` | Enable the export of Prometheus metrics | `false` | +| `vmstorage.metrics.annotations` | Additional custom annotations for the service | `{}` | +| `vmstorage.metrics.serviceMonitor.enabled` | if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) | `false` | +| `vmstorage.metrics.serviceMonitor.namespace` | Namespace in which Prometheus is running | `""` | +| `vmstorage.metrics.serviceMonitor.annotations` | Additional custom annotations for the ServiceMonitor | `{}` | +| `vmstorage.metrics.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | +| `vmstorage.metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in Prometheus | `""` | +| `vmstorage.metrics.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` | +| `vmstorage.metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. | `""` | +| `vmstorage.metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | +| `vmstorage.metrics.serviceMonitor.metricRelabelings` | Specify additional relabeling of metrics | `[]` | +| `vmstorage.metrics.serviceMonitor.relabelings` | Specify general relabeling | `[]` | +| `vmstorage.metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | + +### VictoriaMetrics Auth Parameters + +| Name | Description | Value | +| ---------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------- | +| `vmauth.enabled` | Enable VictoriaMetrics Auth | `true` | +| `vmauth.image.registry` | VictoriaMetrics Auth image registry | `REGISTRY_NAME` | +| `vmauth.image.repository` | VictoriaMetrics Auth image repository | `REPOSITORY_NAME/victoriametrics-vmauth` | +| `vmauth.image.digest` | VictoriaMetrics Auth image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | +| `vmauth.image.pullPolicy` | VictoriaMetrics Auth image pull policy | `IfNotPresent` | +| `vmauth.image.pullSecrets` | VictoriaMetrics Auth image pull secrets | `[]` | +| `vmauth.replicaCount` | Number of VictoriaMetrics Auth replicas to deploy | `1` | +| `vmauth.containerPorts.http` | VictoriaMetrics Auth http container port | `8427` | +| `vmauth.livenessProbe.enabled` | Enable livenessProbe on VictoriaMetrics Auth containers | `true` | +| `vmauth.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | +| `vmauth.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `vmauth.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `vmauth.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `vmauth.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `vmauth.readinessProbe.enabled` | Enable readinessProbe on VictoriaMetrics Auth containers | `true` | +| `vmauth.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `vmauth.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `vmauth.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `vmauth.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | +| `vmauth.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `vmauth.startupProbe.enabled` | Enable startupProbe on VictoriaMetrics Auth containers | `false` | +| `vmauth.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `vmauth.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `vmauth.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `vmauth.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | +| `vmauth.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `vmauth.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `vmauth.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `vmauth.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `vmauth.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if vmauth.resources is set (vmauth.resources is recommended for production). | `nano` | +| `vmauth.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | +| `vmauth.kind` | Define how to deploy VictoriaMetrics Auth (allowed values: deployment or daemonset) | `deployment` | +| `vmauth.annotations` | Annotations for VictoriaMetrics Auth Deployment or StatefulSet | `{}` | +| `vmauth.podSecurityContext.enabled` | Enabled VictoriaMetrics Auth pods' Security Context | `true` | +| `vmauth.podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` | +| `vmauth.podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` | +| `vmauth.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` | +| `vmauth.podSecurityContext.fsGroup` | Set VictoriaMetrics Auth pod's Security Context fsGroup | `1001` | +| `vmauth.containerSecurityContext.enabled` | Enabled VictoriaMetrics Auth containers' Security Context | `true` | +| `vmauth.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` | +| `vmauth.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | +| `vmauth.containerSecurityContext.runAsGroup` | Set containers' Security Context runAsGroup | `1001` | +| `vmauth.containerSecurityContext.runAsNonRoot` | Set VictoriaMetrics Auth containers' Security Context runAsNonRoot | `true` | +| `vmauth.containerSecurityContext.privileged` | Set VictoriaMetrics Auth containers' Security Context privileged | `false` | +| `vmauth.containerSecurityContext.readOnlyRootFilesystem` | Set VictoriaMetrics Auth containers' Security Context runAsNonRoot | `true` | +| `vmauth.containerSecurityContext.allowPrivilegeEscalation` | Set VictoriaMetrics Auth container's privilege escalation | `false` | +| `vmauth.containerSecurityContext.capabilities.drop` | Set VictoriaMetrics Auth container's Security Context runAsNonRoot | `["ALL"]` | +| `vmauth.containerSecurityContext.seccompProfile.type` | Set VictoriaMetrics Auth container's Security Context seccomp profile | `RuntimeDefault` | +| `vmauth.command` | Override default container command (useful when using custom images) | `[]` | +| `vmauth.args` | Override default container args (useful when using custom images) | `[]` | +| `vmauth.extraArgs` | Add extra arguments to the default command | `[]` | +| `vmauth.automountServiceAccountToken` | Mount Service Account token in pod | `false` | +| `vmauth.hostAliases` | VictoriaMetrics Auth pods host aliases | `[]` | +| `vmauth.podLabels` | Extra labels for VictoriaMetrics Auth pods | `{}` | +| `vmauth.podAnnotations` | Annotations for VictoriaMetrics Auth pods | `{}` | +| `vmauth.podAffinityPreset` | Pod affinity preset. Ignored if `vmauth.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `vmauth.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `vmauth.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `vmauth.pdb.create` | Enable/disable a Pod Disruption Budget creation | `true` | +| `vmauth.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `""` | +| `vmauth.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | +| `vmauth.configOverrides` | Overwrite or add extra configuration options to the chart default | `{}` | +| `vmauth.existingSecret` | The name of an existing Secret with configuration | `""` | +| `vmauth.autoscaling.vpa.enabled` | Enable VPA for VictoriaMetrics Auth pods | `false` | +| `vmauth.autoscaling.vpa.annotations` | Annotations for VPA resource | `{}` | +| `vmauth.autoscaling.vpa.controlledResources` | VPA List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory | `[]` | +| `vmauth.autoscaling.vpa.maxAllowed` | VPA Max allowed resources for the pod | `{}` | +| `vmauth.autoscaling.vpa.minAllowed` | VPA Min allowed resources for the pod | `{}` | +| `vmauth.autoscaling.vpa.updatePolicy.updateMode` | Autoscaling update policy | `Auto` | +| `vmauth.autoscaling.hpa.enabled` | Enable HPA for VictoriaMetrics Auth pods | `false` | +| `vmauth.autoscaling.hpa.minReplicas` | Minimum number of replicas | `""` | +| `vmauth.autoscaling.hpa.maxReplicas` | Maximum number of replicas | `""` | +| `vmauth.autoscaling.hpa.targetCPU` | Target CPU utilization percentage | `""` | +| `vmauth.autoscaling.hpa.targetMemory` | Target Memory utilization percentage | `""` | +| `vmauth.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `vmauth.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `vmauth.nodeAffinityPreset.key` | Node label key to match. Ignored if `vmauth.affinity` is set | `""` | +| `vmauth.nodeAffinityPreset.values` | Node label values to match. Ignored if `vmauth.affinity` is set | `[]` | +| `vmauth.affinity` | Affinity for VictoriaMetrics Auth pods assignment | `{}` | +| `vmauth.nodeSelector` | Node labels for VictoriaMetrics Auth pods assignment | `{}` | +| `vmauth.tolerations` | Tolerations for VictoriaMetrics Auth pods assignment | `[]` | +| `vmauth.updateStrategy.type` | VictoriaMetrics Auth statefulset strategy type | `RollingUpdate` | +| `vmauth.priorityClassName` | VictoriaMetrics Auth pods' priorityClassName | `""` | +| `vmauth.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `vmauth.schedulerName` | Name of the k8s scheduler (other than default) for VictoriaMetrics Auth pods | `""` | +| `vmauth.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | +| `vmauth.lifecycleHooks` | for the VictoriaMetrics Auth container(s) to automate configuration before or after startup | `{}` | +| `vmauth.extraEnvVars` | Array with extra environment variables to add to VictoriaMetrics Auth nodes | `[]` | +| `vmauth.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for VictoriaMetrics Auth nodes | `""` | +| `vmauth.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for VictoriaMetrics Auth nodes | `""` | +| `vmauth.extraVolumes` | Optionally specify extra list of additional volumes for the VictoriaMetrics Auth pod(s) | `[]` | +| `vmauth.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the VictoriaMetrics Auth container(s) | `[]` | +| `vmauth.sidecars` | Add additional sidecar containers to the VictoriaMetrics Auth pod(s) | `[]` | +| `vmauth.initContainers` | Add additional init containers to the VictoriaMetrics Auth pod(s) | `[]` | + +### VictoriaMetrics Auth RBAC Parameters + +| Name | Description | Value | +| ---------------------------------------------------- | ---------------------------------------------------------------- | ------- | +| `vmauth.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | +| `vmauth.serviceAccount.name` | The name of the ServiceAccount to use. | `""` | +| `vmauth.serviceAccount.annotations` | Additional Service Account annotations (evaluated as a template) | `{}` | +| `vmauth.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `false` | + +### VictoriaMetrics Auth Traffic Exposure Parameters + +| Name | Description | Value | +| ---------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------- | ------------------------ | +| `vmauth.service.type` | VictoriaMetrics Auth service type | `ClusterIP` | +| `vmauth.service.ports.http` | VictoriaMetrics Auth service http port | `8427` | +| `vmauth.service.nodePorts.http` | Node port for HTTP | `""` | +| `vmauth.service.clusterIP` | VictoriaMetrics Auth service Cluster IP | `""` | +| `vmauth.service.loadBalancerIP` | VictoriaMetrics Auth service Load Balancer IP | `""` | +| `vmauth.service.loadBalancerSourceRanges` | VictoriaMetrics Auth service Load Balancer sources | `[]` | +| `vmauth.service.externalTrafficPolicy` | VictoriaMetrics Auth service external traffic policy | `Cluster` | +| `vmauth.service.annotations` | Additional custom annotations for VictoriaMetrics Auth service | `{}` | +| `vmauth.service.extraPorts` | Extra ports to expose in VictoriaMetrics Auth service (normally used with the `sidecars` value) | `[]` | +| `vmauth.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `vmauth.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `vmauth.ingress.enabled` | Enable ingress record generation for VictoriaMetrics Auth | `false` | +| `vmauth.ingress.pathType` | Ingress path type | `ImplementationSpecific` | +| `vmauth.ingress.apiVersion` | Force Ingress API version (automatically detected if not set) | `""` | +| `vmauth.ingress.hostname` | Default host for the ingress record | `vmauth.local` | +| `vmauth.ingress.ingressClassName` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | `""` | +| `vmauth.ingress.path` | Default path for the ingress record | `/` | +| `vmauth.ingress.annotations` | Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. | `{}` | +| `vmauth.ingress.tls` | Enable TLS configuration for the host defined at `vmauth.ingress.hostname` parameter | `false` | +| `vmauth.ingress.selfSigned` | Create a TLS secret for this ingress record using self-signed certificates generated by Helm | `false` | +| `vmauth.ingress.extraHosts` | An array with additional hostname(s) to be covered with the ingress record | `[]` | +| `vmauth.ingress.extraPaths` | An array with additional arbitrary paths that may need to be added to the ingress under the main host | `[]` | +| `vmauth.ingress.extraTls` | TLS configuration for additional hostname(s) to be covered with this ingress record | `[]` | +| `vmauth.ingress.secrets` | Custom TLS certificates as secrets | `[]` | +| `vmauth.ingress.extraRules` | Additional rules to be covered with this ingress record | `[]` | +| `vmauth.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | +| `vmauth.networkPolicy.allowExternal` | Don't require server label for connections | `true` | +| `vmauth.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | +| `vmauth.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `vmauth.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `vmauth.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | +| `vmauth.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | + +### VictoriaMetrics Auth Metrics Parameters + +| Name | Description | Value | +| ------------------------------------------------- | ------------------------------------------------------------------------------------------------------ | ------- | +| `vmauth.metrics.enabled` | Enable the export of Prometheus metrics | `false` | +| `vmauth.metrics.annotations` | Additional custom annotations for the service | `{}` | +| `vmauth.metrics.serviceMonitor.enabled` | if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) | `false` | +| `vmauth.metrics.serviceMonitor.namespace` | Namespace in which Prometheus is running | `""` | +| `vmauth.metrics.serviceMonitor.annotations` | Additional custom annotations for the ServiceMonitor | `{}` | +| `vmauth.metrics.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | +| `vmauth.metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in Prometheus | `""` | +| `vmauth.metrics.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` | +| `vmauth.metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. | `""` | +| `vmauth.metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | +| `vmauth.metrics.serviceMonitor.metricRelabelings` | Specify additional relabeling of metrics | `[]` | +| `vmauth.metrics.serviceMonitor.relabelings` | Specify general relabeling | `[]` | +| `vmauth.metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | + +### VictoriaMetrics Agent Parameters + +| Name | Description | Value | +| ----------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------- | +| `vmagent.enabled` | Enable VictoriaMetrics Agent | `true` | +| `vmagent.image.registry` | VictoriaMetrics Agent image registry | `REGISTRY_NAME` | +| `vmagent.image.repository` | VictoriaMetrics Agent image repository | `REPOSITORY_NAME/victoriametrics-vmagent` | +| `vmagent.image.digest` | VictoriaMetrics Agent image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | +| `vmagent.image.pullPolicy` | VictoriaMetrics Agent image pull policy | `IfNotPresent` | +| `vmagent.image.pullSecrets` | VictoriaMetrics Agent image pull secrets | `[]` | +| `vmagent.replicaCount` | Number of VictoriaMetrics Agent replicas to deploy | `1` | +| `vmagent.containerPorts.http` | VictoriaMetrics Agent http container port | `8429` | +| `vmagent.containerPorts.graphite` | VictoriaMetrics Agent graphite container port | `2003` | +| `vmagent.containerPorts.opentsdb` | VictoriaMetrics Agent opentsdb container port | `4242` | +| `vmagent.containerPorts.influxdb` | VictoriaMetrics Agent influxdb container port | `8089` | +| `vmagent.livenessProbe.enabled` | Enable livenessProbe on VictoriaMetrics Agent containers | `true` | +| `vmagent.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | +| `vmagent.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `vmagent.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `vmagent.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `vmagent.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `vmagent.readinessProbe.enabled` | Enable readinessProbe on VictoriaMetrics Agent containers | `true` | +| `vmagent.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `vmagent.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `vmagent.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `vmagent.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | +| `vmagent.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `vmagent.startupProbe.enabled` | Enable startupProbe on VictoriaMetrics Agent containers | `false` | +| `vmagent.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `vmagent.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `vmagent.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `vmagent.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | +| `vmagent.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `vmagent.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `vmagent.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `vmagent.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `vmagent.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if vmagent.resources is set (vmagent.resources is recommended for production). | `nano` | +| `vmagent.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | +| `vmagent.kind` | Define how to deploy VictoriaMetrics Agent (allowed values: deployment or daemonset) | `deployment` | +| `vmagent.annotations` | Annotations for VictoriaMetrics Agent Deployment or StatefulSet | `{}` | +| `vmagent.podSecurityContext.enabled` | Enabled VictoriaMetrics Agent pods' Security Context | `true` | +| `vmagent.podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` | +| `vmagent.podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` | +| `vmagent.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` | +| `vmagent.podSecurityContext.fsGroup` | Set VictoriaMetrics Agent pod's Security Context fsGroup | `1001` | +| `vmagent.containerSecurityContext.enabled` | Enabled VictoriaMetrics Agent containers' Security Context | `true` | +| `vmagent.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` | +| `vmagent.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | +| `vmagent.containerSecurityContext.runAsGroup` | Set containers' Security Context runAsGroup | `1001` | +| `vmagent.containerSecurityContext.runAsNonRoot` | Set VictoriaMetrics Agent containers' Security Context runAsNonRoot | `true` | +| `vmagent.containerSecurityContext.privileged` | Set VictoriaMetrics Agent containers' Security Context privileged | `false` | +| `vmagent.containerSecurityContext.readOnlyRootFilesystem` | Set VictoriaMetrics Agent containers' Security Context runAsNonRoot | `true` | +| `vmagent.containerSecurityContext.allowPrivilegeEscalation` | Set VictoriaMetrics Agent container's privilege escalation | `false` | +| `vmagent.containerSecurityContext.capabilities.drop` | Set VictoriaMetrics Agent container's Security Context runAsNonRoot | `["ALL"]` | +| `vmagent.containerSecurityContext.seccompProfile.type` | Set VictoriaMetrics Agent container's Security Context seccomp profile | `RuntimeDefault` | +| `vmagent.command` | Override default container command (useful when using custom images) | `[]` | +| `vmagent.args` | Override default container args (useful when using custom images) | `[]` | +| `vmagent.extraArgs` | Add extra arguments to the default command | `[]` | +| `vmagent.automountServiceAccountToken` | Mount Service Account token in pod | `true` | +| `vmagent.hostAliases` | VictoriaMetrics Agent pods host aliases | `[]` | +| `vmagent.podLabels` | Extra labels for VictoriaMetrics Agent pods | `{}` | +| `vmagent.podAnnotations` | Annotations for VictoriaMetrics Agent pods | `{}` | +| `vmagent.podAffinityPreset` | Pod affinity preset. Ignored if `vmagent.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `vmagent.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `vmagent.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `vmagent.pdb.create` | Enable/disable a Pod Disruption Budget creation | `true` | +| `vmagent.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `""` | +| `vmagent.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | +| `vmagent.scrapeConfigOverrides` | Overwrite or add extra scraping configuration options to the chart default | `{}` | +| `vmagent.enableListeners.influxdb` | Enable influxdb listener | `false` | +| `vmagent.enableListeners.opentsdb` | Enable graphite listener | `false` | +| `vmagent.enableListeners.graphite` | Enable opentsdb listener | `false` | +| `vmagent.existingScrapeConfigMap` | The name of an existing ConfigMap with the scrape configuration | `""` | +| `vmagent.namespaced` | Only scrape in the deployed namespace | `false` | +| `vmagent.allowedMetricsEndpoints` | Allowed metrics endpoints to scrape (when not namespaced) | `[]` | +| `vmagent.autoscaling.vpa.enabled` | Enable VPA for VictoriaMetrics Agent pods | `false` | +| `vmagent.autoscaling.vpa.annotations` | Annotations for VPA resource | `{}` | +| `vmagent.autoscaling.vpa.controlledResources` | VPA List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory | `[]` | +| `vmagent.autoscaling.vpa.maxAllowed` | VPA Max allowed resources for the pod | `{}` | +| `vmagent.autoscaling.vpa.minAllowed` | VPA Min allowed resources for the pod | `{}` | +| `vmagent.autoscaling.vpa.updatePolicy.updateMode` | Autoscaling update policy | `Auto` | +| `vmagent.autoscaling.hpa.enabled` | Enable HPA for VictoriaMetrics Agent pods | `false` | +| `vmagent.autoscaling.hpa.minReplicas` | Minimum number of replicas | `""` | +| `vmagent.autoscaling.hpa.maxReplicas` | Maximum number of replicas | `""` | +| `vmagent.autoscaling.hpa.targetCPU` | Target CPU utilization percentage | `""` | +| `vmagent.autoscaling.hpa.targetMemory` | Target Memory utilization percentage | `""` | +| `vmagent.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `vmagent.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `vmagent.nodeAffinityPreset.key` | Node label key to match. Ignored if `vmagent.affinity` is set | `""` | +| `vmagent.nodeAffinityPreset.values` | Node label values to match. Ignored if `vmagent.affinity` is set | `[]` | +| `vmagent.affinity` | Affinity for VictoriaMetrics Agent pods assignment | `{}` | +| `vmagent.nodeSelector` | Node labels for VictoriaMetrics Agent pods assignment | `{}` | +| `vmagent.tolerations` | Tolerations for VictoriaMetrics Agent pods assignment | `[]` | +| `vmagent.updateStrategy.type` | VictoriaMetrics Agent statefulset strategy type | `RollingUpdate` | +| `vmagent.priorityClassName` | VictoriaMetrics Agent pods' priorityClassName | `""` | +| `vmagent.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `vmagent.schedulerName` | Name of the k8s scheduler (other than default) for VictoriaMetrics Agent pods | `""` | +| `vmagent.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | +| `vmagent.lifecycleHooks` | for the VictoriaMetrics Agent container(s) to automate configuration before or after startup | `{}` | +| `vmagent.extraEnvVars` | Array with extra environment variables to add to VictoriaMetrics Agent nodes | `[]` | +| `vmagent.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for VictoriaMetrics Agent nodes | `""` | +| `vmagent.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for VictoriaMetrics Agent nodes | `""` | +| `vmagent.extraVolumes` | Optionally specify extra list of additional volumes for the VictoriaMetrics Agent pod(s) | `[]` | +| `vmagent.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the VictoriaMetrics Agent container(s) | `[]` | +| `vmagent.sidecars` | Add additional sidecar containers to the VictoriaMetrics Agent pod(s) | `[]` | +| `vmagent.initContainers` | Add additional init containers to the VictoriaMetrics Agent pod(s) | `[]` | + +### VictoriaMetrics Agent RBAC Parameters + +| Name | Description | Value | +| ----------------------------------------------------- | ---------------------------------------------------------------- | ------- | +| `vmagent.rbac.create` | Specifies whether RBAC resources should be created | `true` | +| `vmagent.rbac.rules` | Custom RBAC rules to set | `[]` | +| `vmagent.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | +| `vmagent.serviceAccount.name` | The name of the ServiceAccount to use. | `""` | +| `vmagent.serviceAccount.annotations` | Additional Service Account annotations (evaluated as a template) | `{}` | +| `vmagent.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `false` | + +### VictoriaMetrics Agent Traffic Exposure Parameters + +| Name | Description | Value | +| ----------------------------------------------- | ------------------------------------------------------------------------------------------------ | ----------- | +| `vmagent.service.type` | VictoriaMetrics Agent service type | `ClusterIP` | +| `vmagent.service.ports.http` | VictoriaMetrics Agent service http port | `8429` | +| `vmagent.service.ports.graphite` | VictoriaMetrics Agent service graphite port | `2003` | +| `vmagent.service.ports.opentsdb` | VictoriaMetrics Agent service opentsdb port | `4242` | +| `vmagent.service.ports.influxdb` | VictoriaMetrics Agent service influxdb port | `8089` | +| `vmagent.service.nodePorts.http` | Node port for HTTP | `""` | +| `vmagent.service.nodePorts.graphite` | Node port for graphite | `""` | +| `vmagent.service.nodePorts.opentsdb` | Node port for opentsdb | `""` | +| `vmagent.service.nodePorts.influxdb` | Node port for influxdb | `""` | +| `vmagent.service.clusterIP` | VictoriaMetrics Agent service Cluster IP | `""` | +| `vmagent.service.loadBalancerIP` | VictoriaMetrics Agent service Load Balancer IP | `""` | +| `vmagent.service.loadBalancerSourceRanges` | VictoriaMetrics Agent service Load Balancer sources | `[]` | +| `vmagent.service.externalTrafficPolicy` | VictoriaMetrics Agent service external traffic policy | `Cluster` | +| `vmagent.service.annotations` | Additional custom annotations for VictoriaMetrics Agent service | `{}` | +| `vmagent.service.extraPorts` | Extra ports to expose in VictoriaMetrics Agent service (normally used with the `sidecars` value) | `[]` | +| `vmagent.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `vmagent.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `vmagent.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | +| `vmagent.networkPolicy.allowExternal` | Don't require server label for connections | `true` | +| `vmagent.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | +| `vmagent.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `vmagent.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `vmagent.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | +| `vmagent.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | + +### VictoriaMetrics Agent Metrics Parameters + +| Name | Description | Value | +| -------------------------------------------------- | ------------------------------------------------------------------------------------------------------ | ------- | +| `vmagent.metrics.enabled` | Enable the export of Prometheus metrics | `false` | +| `vmagent.metrics.annotations` | Additional custom annotations for the service | `{}` | +| `vmagent.metrics.serviceMonitor.enabled` | if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) | `false` | +| `vmagent.metrics.serviceMonitor.namespace` | Namespace in which Prometheus is running | `""` | +| `vmagent.metrics.serviceMonitor.annotations` | Additional custom annotations for the ServiceMonitor | `{}` | +| `vmagent.metrics.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | +| `vmagent.metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in Prometheus | `""` | +| `vmagent.metrics.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` | +| `vmagent.metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. | `""` | +| `vmagent.metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | +| `vmagent.metrics.serviceMonitor.metricRelabelings` | Specify additional relabeling of metrics | `[]` | +| `vmagent.metrics.serviceMonitor.relabelings` | Specify general relabeling | `[]` | +| `vmagent.metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | + +### VictoriaMetrics Alert Parameters + +| Name | Description | Value | +| ----------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------- | +| `vmalert.enabled` | Enable VictoriaMetrics Alert | `false` | +| `vmalert.image.registry` | VictoriaMetrics Alert image registry | `REGISTRY_NAME` | +| `vmalert.image.repository` | VictoriaMetrics Alert image repository | `REPOSITORY_NAME/victoriametrics-vmalert` | +| `vmalert.image.digest` | VictoriaMetrics Alert image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | +| `vmalert.image.pullPolicy` | VictoriaMetrics Alert image pull policy | `IfNotPresent` | +| `vmalert.image.pullSecrets` | VictoriaMetrics Alert image pull secrets | `[]` | +| `vmalert.replicaCount` | Number of VictoriaMetrics Alert replicas to deploy | `1` | +| `vmalert.containerPorts.http` | VictoriaMetrics Alert http container port | `8429` | +| `vmalert.livenessProbe.enabled` | Enable livenessProbe on VictoriaMetrics Alert containers | `true` | +| `vmalert.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | +| `vmalert.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `vmalert.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `vmalert.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `vmalert.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `vmalert.readinessProbe.enabled` | Enable readinessProbe on VictoriaMetrics Alert containers | `true` | +| `vmalert.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `vmalert.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `vmalert.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `vmalert.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | +| `vmalert.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `vmalert.startupProbe.enabled` | Enable startupProbe on VictoriaMetrics Alert containers | `false` | +| `vmalert.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `vmalert.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `vmalert.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `vmalert.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | +| `vmalert.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `vmalert.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `vmalert.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `vmalert.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `vmalert.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if vmalert.resources is set (vmalert.resources is recommended for production). | `nano` | +| `vmalert.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | +| `vmalert.datasourceUrl` | URL to an external datasource (uses VictoriaMetrics Insert if not set) | `""` | +| `vmalert.notifierUrl` | URL to a notifier like AlertManager (necessary when alert rules are set) | `""` | +| `vmalert.deploymentAnnotations` | Annotations for VictoriaMetrics Alert Deployment | `{}` | +| `vmalert.podSecurityContext.enabled` | Enabled VictoriaMetrics Alert pods' Security Context | `true` | +| `vmalert.podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` | +| `vmalert.podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` | +| `vmalert.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` | +| `vmalert.podSecurityContext.fsGroup` | Set VictoriaMetrics Alert pod's Security Context fsGroup | `1001` | +| `vmalert.containerSecurityContext.enabled` | Enabled VictoriaMetrics Alert containers' Security Context | `true` | +| `vmalert.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` | +| `vmalert.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | +| `vmalert.containerSecurityContext.runAsGroup` | Set containers' Security Context runAsGroup | `1001` | +| `vmalert.containerSecurityContext.runAsNonRoot` | Set VictoriaMetrics Alert containers' Security Context runAsNonRoot | `true` | +| `vmalert.containerSecurityContext.privileged` | Set VictoriaMetrics Alert containers' Security Context privileged | `false` | +| `vmalert.containerSecurityContext.readOnlyRootFilesystem` | Set VictoriaMetrics Alert containers' Security Context runAsNonRoot | `true` | +| `vmalert.containerSecurityContext.allowPrivilegeEscalation` | Set VictoriaMetrics Alert container's privilege escalation | `false` | +| `vmalert.containerSecurityContext.capabilities.drop` | Set VictoriaMetrics Alert container's Security Context runAsNonRoot | `["ALL"]` | +| `vmalert.containerSecurityContext.seccompProfile.type` | Set VictoriaMetrics Alert container's Security Context seccomp profile | `RuntimeDefault` | +| `vmalert.command` | Override default container command (useful when using custom images) | `[]` | +| `vmalert.args` | Override default container args (useful when using custom images) | `[]` | +| `vmalert.extraArgs` | Add extra arguments to the default command | `[]` | +| `vmalert.automountServiceAccountToken` | Mount Service Account token in pod | `true` | +| `vmalert.hostAliases` | VictoriaMetrics Alert pods host aliases | `[]` | +| `vmalert.podLabels` | Extra labels for VictoriaMetrics Alert pods | `{}` | +| `vmalert.podAnnotations` | Annotations for VictoriaMetrics Alert pods | `{}` | +| `vmalert.podAffinityPreset` | Pod affinity preset. Ignored if `vmalert.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `vmalert.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `vmalert.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `vmalert.pdb.create` | Enable/disable a Pod Disruption Budget creation | `true` | +| `vmalert.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `""` | +| `vmalert.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | +| `vmalert.rulesConfigOverrides` | Overwrite or add extra rules configuration options to the chart default | `{}` | +| `vmalert.existingRulesConfigMap` | The name of an existing ConfigMap with the rules configuration | `""` | +| `vmalert.autoscaling.vpa.enabled` | Enable VPA for VictoriaMetrics Alert pods | `false` | +| `vmalert.autoscaling.vpa.annotations` | Annotations for VPA resource | `{}` | +| `vmalert.autoscaling.vpa.controlledResources` | VPA List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory | `[]` | +| `vmalert.autoscaling.vpa.maxAllowed` | VPA Max allowed resources for the pod | `{}` | +| `vmalert.autoscaling.vpa.minAllowed` | VPA Min allowed resources for the pod | `{}` | +| `vmalert.autoscaling.vpa.updatePolicy.updateMode` | Autoscaling update policy | `Auto` | +| `vmalert.autoscaling.hpa.enabled` | Enable HPA for VictoriaMetrics Alert pods | `false` | +| `vmalert.autoscaling.hpa.minReplicas` | Minimum number of replicas | `""` | +| `vmalert.autoscaling.hpa.maxReplicas` | Maximum number of replicas | `""` | +| `vmalert.autoscaling.hpa.targetCPU` | Target CPU utilization percentage | `""` | +| `vmalert.autoscaling.hpa.targetMemory` | Target Memory utilization percentage | `""` | +| `vmalert.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `vmalert.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `vmalert.nodeAffinityPreset.key` | Node label key to match. Ignored if `vmalert.affinity` is set | `""` | +| `vmalert.nodeAffinityPreset.values` | Node label values to match. Ignored if `vmalert.affinity` is set | `[]` | +| `vmalert.affinity` | Affinity for VictoriaMetrics Alert pods assignment | `{}` | +| `vmalert.nodeSelector` | Node labels for VictoriaMetrics Alert pods assignment | `{}` | +| `vmalert.tolerations` | Tolerations for VictoriaMetrics Alert pods assignment | `[]` | +| `vmalert.updateStrategy.type` | VictoriaMetrics Alert statefulset strategy type | `RollingUpdate` | +| `vmalert.priorityClassName` | VictoriaMetrics Alert pods' priorityClassName | `""` | +| `vmalert.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `vmalert.schedulerName` | Name of the k8s scheduler (other than default) for VictoriaMetrics Alert pods | `""` | +| `vmalert.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | +| `vmalert.lifecycleHooks` | for the VictoriaMetrics Alert container(s) to automate configuration before or after startup | `{}` | +| `vmalert.extraEnvVars` | Array with extra environment variables to add to VictoriaMetrics Alert nodes | `[]` | +| `vmalert.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for VictoriaMetrics Alert nodes | `""` | +| `vmalert.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for VictoriaMetrics Alert nodes | `""` | +| `vmalert.extraVolumes` | Optionally specify extra list of additional volumes for the VictoriaMetrics Alert pod(s) | `[]` | +| `vmalert.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the VictoriaMetrics Alert container(s) | `[]` | +| `vmalert.sidecars` | Add additional sidecar containers to the VictoriaMetrics Alert pod(s) | `[]` | +| `vmalert.initContainers` | Add additional init containers to the VictoriaMetrics Alert pod(s) | `[]` | +| `vmalert.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | +| `vmalert.serviceAccount.name` | The name of the ServiceAccount to use. | `""` | +| `vmalert.serviceAccount.annotations` | Additional Service Account annotations (evaluated as a template) | `{}` | +| `vmalert.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `false` | + +### VictoriaMetrics Alert Traffic Exposure Parameters + +| Name | Description | Value | +| ----------------------------------------------- | ------------------------------------------------------------------------------------------------ | ----------- | +| `vmalert.service.type` | VictoriaMetrics Alert service type | `ClusterIP` | +| `vmalert.service.ports.http` | VictoriaMetrics Alert service http port | `8429` | +| `vmalert.service.nodePorts.http` | Node port for HTTP | `""` | +| `vmalert.service.clusterIP` | VictoriaMetrics Alert service Cluster IP | `""` | +| `vmalert.service.loadBalancerIP` | VictoriaMetrics Alert service Load Balancer IP | `""` | +| `vmalert.service.loadBalancerSourceRanges` | VictoriaMetrics Alert service Load Balancer sources | `[]` | +| `vmalert.service.externalTrafficPolicy` | VictoriaMetrics Alert service external traffic policy | `Cluster` | +| `vmalert.service.annotations` | Additional custom annotations for VictoriaMetrics Alert service | `{}` | +| `vmalert.service.extraPorts` | Extra ports to expose in VictoriaMetrics Alert service (normally used with the `sidecars` value) | `[]` | +| `vmalert.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `vmalert.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `vmalert.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | +| `vmalert.networkPolicy.allowExternal` | Don't require server label for connections | `true` | +| `vmalert.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | +| `vmalert.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `vmalert.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `vmalert.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | +| `vmalert.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | + +### VictoriaMetrics Alert Metrics Parameters + +| Name | Description | Value | +| -------------------------------------------------- | ------------------------------------------------------------------------------------------------------ | ------- | +| `vmalert.metrics.enabled` | Enable the export of Prometheus metrics | `false` | +| `vmalert.metrics.annotations` | Additional custom annotations for the service | `{}` | +| `vmalert.metrics.serviceMonitor.enabled` | if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) | `false` | +| `vmalert.metrics.serviceMonitor.namespace` | Namespace in which Prometheus is running | `""` | +| `vmalert.metrics.serviceMonitor.annotations` | Additional custom annotations for the ServiceMonitor | `{}` | +| `vmalert.metrics.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | +| `vmalert.metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in Prometheus | `""` | +| `vmalert.metrics.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` | +| `vmalert.metrics.serviceMonitor.interval` | Interval at which metrics should be rulesd. | `""` | +| `vmalert.metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | +| `vmalert.metrics.serviceMonitor.metricRelabelings` | Specify additional relabeling of metrics | `[]` | +| `vmalert.metrics.serviceMonitor.relabelings` | Specify general relabeling | `[]` | +| `vmalert.metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | + +### Default Init Containers Parameters + +| Name | Description | Value | +| --------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `defaultInitContainers.volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | +| `defaultInitContainers.volumePermissions.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` | +| `defaultInitContainers.volumePermissions.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` | +| `defaultInitContainers.volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `defaultInitContainers.volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | +| `defaultInitContainers.volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | +| `defaultInitContainers.volumePermissions.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if volumePermissions.resources is set (volumePermissions.resources is recommended for production). | `nano` | +| `defaultInitContainers.volumePermissions.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | +| `defaultInitContainers.volumePermissions.containerSecurityContext.enabled` | Enable securityContext in the init container | `true` | +| `defaultInitContainers.volumePermissions.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` | +| `defaultInitContainers.volumePermissions.containerSecurityContext.runAsUser` | User ID for the init container | `0` | + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, + +```console +helm install my-release --set vmagent.enableListeners.influxdb=true oci://REGISTRY_NAME/REPOSITORY_NAME/victoriametrics +``` + +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Drycc, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=Drycccharts`. + +The above command install VictoriaMetrics chart with the InfluxDB listener enabled in the `vmagent` component. + +Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, + +```console +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/victoriametrics +``` + +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Drycc, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=Drycccharts`. +> **Tip**: You can use the default [values.yaml](https://github.com/Drycc/charts/tree/main/Drycc/victoriametrics/values.yaml) + +## Troubleshooting + +Find more information about how to deal with common errors related to Drycc's Helm charts in [this troubleshooting guide](https://docs.Drycc.com/general/how-to/troubleshoot-helm-chart-issues). + +## License + +Copyright © 2025 Broadcom. The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. \ No newline at end of file diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/NOTES.txt b/addons/victoriametrics/1/chart/victoriametrics/templates/NOTES.txt new file mode 100644 index 00000000..f555e028 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/NOTES.txt @@ -0,0 +1,168 @@ +CHART NAME: {{ .Chart.Name }} +CHART VERSION: {{ .Chart.Version }} +APP VERSION: {{ .Chart.AppVersion }} + +Did you know there are enterprise versions of the Drycc catalog? For enhanced secure software supply chain features, unlimited pulls from Docker, LTS support, or application customization, see Drycc Premium or Tanzu Application Catalog. See https://www.arrow.com/globalecs/na/vendors/drycc for more information. + +** Please be patient while the chart is being deployed ** + +The following controllers have been deployed: + + - vmselect + - vminsert + - vmstorage + {{- if .Values.vmauth.enabled }} + - vmauth + {{- end }} + {{- if .Values.vmagent.enabled }} + - vmagent + {{- end }} + {{- if .Values.vmalert.enabled }} + - vmalert + {{- end }} + +Check the status of the pods by running this command: + + kubectl get pods --namespace {{ include "common.names.namespace" . | quote }} -l app.kubernetes.io/instance={{ .Release.Name }} + +{{- if .Values.vmauth.enabled }} +Your VictoriaMetrics site can be accessed through the following DNS name from within your cluster: + + {{ include "victoriametrics.vmauth.fullname" . }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }} (port {{ .Values.vmauth.service.ports.http }}) + +To access your VictoriaMetrics site from outside the cluster follow the steps below: + +{{- if .Values.vmauth.ingress.enabled }} + +Get the VictoriaMetrics URL and associate VictoriaMetrics hostname to your cluster external IP: + + export CLUSTER_IP=$(minikube ip) # On Minikube. Use: `kubectl cluster-info` on others K8s clusters + echo "VictoriaMetrics Select URL: http{{ if .Values.vmauth.ingress.tls }}s{{ end }}://{{ .Values.vmauth.ingress.hostname }}/select" + echo "VictoriaMetrics Insert URL: http{{ if .Values.vmauth.ingress.tls }}s{{ end }}://{{ .Values.vmauth.ingress.hostname }}/insert" + echo "$CLUSTER_IP {{ .Values.vmauth.ingress.hostname }}" | sudo tee -a /etc/hosts + +{{- else }} +{{- $port := .Values.vmauth.service.ports.http | toString }} + +Get the VictoriaMetrics URL by running these commands: + +{{- if contains "NodePort" .Values.vmauth.service.type }} + + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "victoriametrics.vmauth.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo "VictoriaMetrics Select URL: http://$NODE_IP:$NODE_PORT/select" + echo "VictoriaMetrics Insert URL: http://$NODE_IP:$NODE_PORT/insert" + +{{- else if contains "LoadBalancer" .Values.vmauth.service.type }} + + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ include "victoriametrics.vmauth.fullname" . }}' + + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "victoriametrics.vmauth.fullname" . }} --template "{{ "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}" }}") + echo "VictoriaMetrics Select URL: http://$SERVICE_IP{{- if ne $port "80" }}:{{ .Values.vmauth.service.ports.http }}{{ end }}/select" + echo "VictoriaMetrics Insert URL: http://$SERVICE_IP{{- if ne $port "80" }}:{{ .Values.vmauth.service.ports.http }}{{ end }}/select" + +{{- else if contains "ClusterIP" .Values.vmauth.service.type }} + + kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ include "victoriametrics.vmauth.fullname" . }} {{ .Values.vmauth.service.ports.http }}:{{ .Values.vmauth.service.ports.http }} & + echo "VictoriaMetrics Select URL: http://127.0.0.1{{- if ne $port "80" }}:{{ .Values.vmauth.service.ports.http }}{{ end }}/select" + echo "VictoriaMetrics Insert URL: http://127.0.0.1{{- if ne $port "80" }}:{{ .Values.vmauth.service.ports.http }}{{ end }}/insert" + +{{- end }} +{{- end }} +{{- else }} + +Your VictoriaMetrics Select site can be accessed through the following DNS name from within your cluster: + + {{ include "victoriametrics.vmselect.fullname" . }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }} (port {{ .Values.vmselect.service.ports.http }}) + +To access your VictoriaMetrics site from outside the cluster follow the steps below: + +{{- if .Values.vmselect.ingress.enabled }} + +Get the VictoriaMetrics URL and associate VictoriaMetrics hostname to your cluster external IP: + + export CLUSTER_IP=$(minikube ip) # On Minikube. Use: `kubectl cluster-info` on others K8s clusters + echo "VictoriaMetrics Select URL: http{{ if .Values.vmselect.ingress.tls }}s{{ end }}://{{ .Values.vmselect.ingress.hostname }}/select" + echo "$CLUSTER_IP {{ .Values.vmselect.ingress.hostname }}" | sudo tee -a /etc/hosts + +{{- else }} +{{- $port := .Values.vmselect.service.ports.http | toString }} + +Get the VictoriaMetrics URL by running these commands: + +{{- if contains "NodePort" .Values.vmselect.service.type }} + + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "victoriametrics.vmselect.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo "VictoriaMetrics Select URL: http://$NODE_IP:$NODE_PORT/select" + +{{- else if contains "LoadBalancer" .Values.vmselect.service.type }} + + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ include "victoriametrics.vmselect.fullname" . }}' + + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "victoriametrics.vmselect.fullname" . }} --template "{{ "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}" }}") + echo "VictoriaMetrics Select URL: http://$SERVICE_IP{{- if ne $port "80" }}:{{ .Values.vmselect.service.ports.http }}{{ end }}/select" + +{{- else if contains "ClusterIP" .Values.vmselect.service.type }} + + kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ include "victoriametrics.vmselect.fullname" . }} {{ .Values.vmselect.service.ports.http }}:{{ .Values.vmselect.service.ports.http }} & + echo "VictoriaMetrics Select URL: http://127.0.0.1{{- if ne $port "80" }}:{{ .Values.vmselect.service.ports.http }}{{ end }}/select" + +{{- end }} +{{- end }} + +Your VictoriaMetrics Insert site can be accessed through the following DNS name from within your cluster: + + {{ include "victoriametrics.vminsert.fullname" . }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }} (port {{ .Values.vminsert.service.ports.http }}) + +To access your VictoriaMetrics site from outside the cluster follow the steps below: + +{{- if .Values.vminsert.ingress.enabled }} + +Get the VictoriaMetrics URL and associate VictoriaMetrics hostname to your cluster external IP: + + export CLUSTER_IP=$(minikube ip) # On Minikube. Use: `kubectl cluster-info` on others K8s clusters + echo "VictoriaMetrics Insert URL: http{{ if .Values.vminsert.ingress.tls }}s{{ end }}://{{ .Values.vminsert.ingress.hostname }}/insert" + echo "$CLUSTER_IP {{ .Values.vminsert.ingress.hostname }}" | sudo tee -a /etc/hosts + +{{- else }} +{{- $port := .Values.vminsert.service.ports.http | toString }} + +Get the VictoriaMetrics URL by running these commands: + +{{- if contains "NodePort" .Values.vminsert.service.type }} + + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "victoriametrics.vminsert.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo "VictoriaMetrics Insert URL: http://$NODE_IP:$NODE_PORT/insert" + +{{- else if contains "LoadBalancer" .Values.vminsert.service.type }} + + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ include "victoriametrics.vminsert.fullname" . }}' + + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "victoriametrics.vminsert.fullname" . }} --template "{{ "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}" }}") + echo "VictoriaMetrics Insert URL: http://$SERVICE_IP{{- if ne $port "80" }}:{{ .Values.vminsert.service.ports.http }}{{ end }}/insert" + +{{- else if contains "ClusterIP" .Values.vminsert.service.type }} + + kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ include "victoriametrics.vminsert.fullname" . }} {{ .Values.vminsert.service.ports.http }}:{{ .Values.vminsert.service.ports.http }} & + echo "VictoriaMetrics Insert URL: http://127.0.0.1{{- if ne $port "80" }}:{{ .Values.vminsert.service.ports.http }}{{ end }}/insert" + +{{- end }} +{{- end }} + +{{- end }} + +{{- include "common.warnings.rollingTag" .Values.vmselect.image }} +{{- include "common.warnings.rollingTag" .Values.vminsert.image }} +{{- include "common.warnings.rollingTag" .Values.vmstorage.image }} +{{- include "common.warnings.rollingTag" .Values.vmauth.image }} +{{- include "common.warnings.rollingTag" .Values.vmagent.image }} +{{- include "common.warnings.rollingTag" .Values.vmalert.image }} +{{- include "victoriametrics.validateValues" . }} +{{- include "common.warnings.resources" (dict "sections" (list "vmselect" "vmstorage" "vminsert" "vmauth" "vmagent" "vmalert" "defaultInitContainers.volumePermissions") "context" $) }} +{{- include "common.warnings.modifiedImages" (dict "images" (list .Values.vmselect.image .Values.vminsert.image .Values.vmstorage.image .Values.vmauth.image .Values.vmagent.image .Values.vmalert.image .Values.defaultInitContainers.volumePermissions.image) "context" $) }} +{{- include "common.errors.insecureImages" (dict "images" (list .Values.vmselect.image .Values.vminsert.image .Values.vmstorage.image .Values.vmauth.image .Values.vmagent.image .Values.vmalert.image .Values.defaultInitContainers.volumePermissions.image) "context" $) }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/_helpers.tpl b/addons/victoriametrics/1/chart/victoriametrics/templates/_helpers.tpl new file mode 100644 index 00000000..c2b9873a --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/_helpers.tpl @@ -0,0 +1,283 @@ +{{/* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{/* +Return the proper Docker Image Registry Secret Names +*/}} +{{- define "victoriametrics.imagePullSecrets" -}} +{{- include "common.images.pullSecrets" (dict "images" (list .Values.vmselect.image .Values.vminsert.image .Values.vmstorage.image .Values.vmauth.image .Values.vmagent.image .Values.defaultInitContainers.volumePermissions.image) "global" .Values.global) -}} +{{- end -}} + +{{/* +Return the proper victoriametrics.vmselect.fullname +*/}} +{{- define "victoriametrics.vmselect.fullname" -}} +{{- printf "%s-%s" (include "common.names.fullname" .) "vmselect" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Return the proper VictoriaMetrics Select image name +*/}} +{{- define "victoriametrics.vmselect.image" -}} +{{ include "common.images.image" (dict "imageRoot" .Values.vmselect.image "global" .Values.global) }} +{{- end -}} + +{{/* +Create the name of the service account to use (VictoriaMetrics Select) +*/}} +{{- define "victoriametrics.vmselect.serviceAccountName" -}} +{{- if .Values.vmselect.serviceAccount.create -}} + {{ default (include "victoriametrics.vmselect.fullname" .) .Values.vmselect.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.vmselect.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Return the proper VictoriaMetrics Insert fullname +*/}} +{{- define "victoriametrics.vminsert.fullname" -}} +{{- printf "%s-%s" (include "common.names.fullname" .) "vminsert" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Return the proper VictoriaMetrics Insert image name +*/}} +{{- define "victoriametrics.vminsert.image" -}} +{{ include "common.images.image" (dict "imageRoot" .Values.vminsert.image "global" .Values.global) }} +{{- end -}} + +{{/* +Create the name of the service account to use (VictoriaMetrics Insert) +*/}} +{{- define "victoriametrics.vminsert.serviceAccountName" -}} +{{- if .Values.vminsert.serviceAccount.create -}} + {{ default (include "victoriametrics.vminsert.fullname" .) .Values.vminsert.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.vminsert.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Return the proper VictoriaMetrics Storage fullname +*/}} +{{- define "victoriametrics.vmstorage.fullname" -}} +{{- printf "%s-%s" (include "common.names.fullname" .) "vmstorage" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Return the proper VictoriaMetrics Storage image name +*/}} +{{- define "victoriametrics.vmstorage.image" -}} +{{ include "common.images.image" (dict "imageRoot" .Values.vmstorage.image "global" .Values.global) }} +{{- end -}} + +{{/* +Create the name of the service account to use (VictoriaMetrics Storage) +*/}} +{{- define "victoriametrics.vmstorage.serviceAccountName" -}} +{{- if .Values.vmstorage.serviceAccount.create -}} + {{ default (include "victoriametrics.vmstorage.fullname" .) .Values.vmstorage.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.vmstorage.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Return the proper VictoriaMetrics Auth fullname +*/}} +{{- define "victoriametrics.vmauth.fullname" -}} +{{- printf "%s-%s" (include "common.names.fullname" .) "vmauth" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Return the proper VictoriaMetrics Auth image name +*/}} +{{- define "victoriametrics.vmauth.image" -}} +{{ include "common.images.image" (dict "imageRoot" .Values.vmauth.image "global" .Values.global) }} +{{- end -}} + +{{/* +Create the name of the service account to use (VictoriaMetrics Auth) +*/}} +{{- define "victoriametrics.vmauth.serviceAccountName" -}} +{{- if .Values.vmauth.serviceAccount.create -}} + {{ default (include "victoriametrics.vmauth.fullname" .) .Values.vmauth.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.vmauth.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Name of the VictoriaMetrics Auth Secret +*/}} +{{- define "victoriametrics.vmauth.secretName" -}} +{{- if .Values.vmauth.existingSecret -}} + {{- include "common.tplvalues.render" (dict "value" .Values.vmauth.existingSecret "context" $) -}} +{{- else -}} + {{- include "victoriametrics.vmauth.fullname" . -}} +{{- end -}} +{{- end -}} + +{{/* +Return the proper VictoriaMetrics Agent fullname +*/}} +{{- define "victoriametrics.vmagent.fullname" -}} +{{- printf "%s-%s" (include "common.names.fullname" .) "vmagent" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Return the proper VictoriaMetrics Agent image name +*/}} +{{- define "victoriametrics.vmagent.image" -}} +{{ include "common.images.image" (dict "imageRoot" .Values.vmagent.image "global" .Values.global) }} +{{- end -}} + +{{/* +Create the name of the service account to use (VictoriaMetrics Agent) +*/}} +{{- define "victoriametrics.vmagent.serviceAccountName" -}} +{{- if .Values.vmagent.serviceAccount.create -}} + {{ default (include "victoriametrics.vmagent.fullname" .) .Values.vmagent.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.vmagent.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Name of the VictoriaMetrics Agent Secret +*/}} +{{- define "victoriametrics.vmagent.scrapeConfigMapName" -}} +{{- if .Values.vmagent.existingScrapeConfigMap -}} + {{- include "common.tplvalues.render" (dict "value" .Values.vmagent.existingScrapeConfigMap "context" $) -}} +{{- else -}} + {{- include "victoriametrics.vmagent.fullname" . -}} +{{- end -}} +{{- end -}} + +{{/* +Return the proper VictoriaMetrics Alert fullname +*/}} +{{- define "victoriametrics.vmalert.fullname" -}} +{{- printf "%s-%s" (include "common.names.fullname" .) "vmalert" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Return the proper VictoriaMetrics Alert image name +*/}} +{{- define "victoriametrics.vmalert.image" -}} +{{ include "common.images.image" (dict "imageRoot" .Values.vmalert.image "global" .Values.global) }} +{{- end -}} + +{{/* +Create the name of the service account to use (VictoriaMetrics Alert) +*/}} +{{- define "victoriametrics.vmalert.serviceAccountName" -}} +{{- if .Values.vmalert.serviceAccount.create -}} + {{ default (include "victoriametrics.vmalert.fullname" .) .Values.vmalert.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.vmalert.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Name of the VictoriaMetrics Alert Secret +*/}} +{{- define "victoriametrics.vmalert.rulesConfigMapName" -}} +{{- if .Values.vmalert.existingRulesConfigMap -}} + {{- include "common.tplvalues.render" (dict "value" .Values.vmalert.existingRulesConfigMap "context" $) -}} +{{- else -}} + {{- include "victoriametrics.vmalert.fullname" . -}} +{{- end -}} +{{- end -}} + +{{/* +Return the proper image name (for the init container volume-permissions image) +*/}} +{{- define "victoriametrics.volume-permissions.image" -}} +{{- include "common.images.image" ( dict "imageRoot" .Values.defaultInitContainers.volumePermissions.image "global" .Values.global ) -}} +{{- end -}} + +{{- define "victoriametrics.init-containers.volume-permissions" -}} +{{- /* As most Drycc charts have volumePermissions in the root, we add this overwrite to maintain a similar UX */}} +- name: volume-permissions + image: {{ include "victoriametrics.volume-permissions.image" . }} + imagePullPolicy: {{ .context.Values.defaultInitContainers.volumePermissions.image.pullPolicy | quote }} + command: + - /bin/bash + - -ec + - | + {{- if eq ( toString ( .Values.defaultInitContainers.volumePermissions.containerSecurityContext.runAsUser )) "auto" }} + chown -R `id -u`:`id -G | cut -d " " -f2` {{ .componentValues.persistence.mountPath }} + {{- else }} + chown -R {{ .componentValues.containerSecurityContext.runAsUser }}:{{ .componentValues.podSecurityContext.fsGroup }} {{ .componentValues.persistence.mountPath }} + {{- end }} + {{- if .Values.defaultInitContainers.volumePermissions.containerSecurityContext.enabled }} + securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.defaultInitContainers.volumePermissions.containerSecurityContext "context" $) | nindent 4 }} + {{- end }} + {{- if .Values.defaultInitContainers.volumePermissions.resources }} + resources: {{- toYaml .Values.defaultInitContainers.volumePermissions.resources | nindent 4 }} + {{- else if ne .Values.defaultInitContainers.volumePermissions.resourcesPreset "none" }} + resources: {{- include "common.resources.preset" (dict "type" .Values.defaultInitContainers.volumePermissions.resourcesPreset) | nindent 4 }} + {{- end }} + volumeMounts: + - name: data + mountPath: {{ .componentValues.persistence.mountPath }} + {{- if .componentValues.persistence.subPath }} + subPath: {{ .componentValues.persistence.subPath }} + {{- end }} +{{- end -}} + +{{/* +Validate values for victoriametrics. +*/}} +{{- define "victoriametrics.validateValues" -}} +{{- $messages := list -}} +{{- $messages := append $messages (include "victoriametrics.vmselect.kind" .) -}} +{{- $messages := append $messages (include "victoriametrics.vmauth.kind" .) -}} +{{- $messages := append $messages (include "victoriametrics.vmagent.kind" .) -}} +{{- $messages := without $messages "" -}} +{{- $message := join "\n" $messages -}} +{{- if $message -}} +{{- printf "\nVALUES VALIDATION:\n%s" $message -}} +{{- end -}} +{{- end -}} + +{{/* +Function to validate the vmagent kind +*/}} +{{- define "victoriametrics.vmagent.kind" -}} +{{- if .Values.vmagent.enabled -}} +{{- $kind := lower .Values.vmagent.kind -}} +{{- $allowedKinds := list "daemonset" "deployment" -}} +{{- if not (has $kind $allowedKinds) -}} +vmagent: Incorrect kind {{ $kind }}. Allowed values: {{ join "," $allowedKinds }} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Function to validate the vmselect kind +*/}} +{{- define "victoriametrics.vmselect.kind" -}} +{{- $kind := lower .Values.vmselect.kind -}} +{{- $allowedKinds := list "statefulset" "deployment" -}} +{{- if not (has $kind $allowedKinds) -}} +vmselect: Incorrect kind {{ $kind }}. Allowed values: {{ join "," $allowedKinds }} +{{- end -}} +{{- end -}} + +{{/* +Function to validate the vmauth kind +*/}} +{{- define "victoriametrics.vmauth.kind" -}} +{{- if .Values.vmauth.enabled -}} +{{- $kind := lower .Values.vmauth.kind -}} +{{- $allowedKinds := list "deployment" "daemonset" -}} +{{- if not (has $kind $allowedKinds) -}} +vmauth: Incorrect kind {{ $kind }}. Allowed values: {{ join "," $allowedKinds }} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/bind.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/bind.yaml new file mode 100644 index 00000000..2889e803 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/bind.yaml @@ -0,0 +1,24 @@ +credential: + - name: {{ printf "DOMAIN" }} + value: {{ printf "%s" (include "common.names.fullname" .) }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }} +{{- if (eq .Values.vmauth.service.type "LoadBalancer") }} + - name: EXTRANET_HOST + valueFrom: + serviceRef: + name: {{ template "victoriametrics.vmauth.fullname" . }} + jsonpath: '{ .status.loadBalancer.ingress[*].ip }' +{{- end }} + - name: HOST + valueFrom: + serviceRef: + name: {{ template "victoriametrics.vmauth.fullname" . }} + jsonpath: '{ .spec.clusterIP }' + - name: PORT + valueFrom: + serviceRef: + name: {{ template "victoriametrics.vmauth.fullname" . }} + jsonpath: ' { .spec.ports[?(@.name=="http")].port }' + - name: USER + value: {{ .Values.vmauth.user.username }} + - name: PASSWORD + value: {{ .Values.vmauth.user.password }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/extra-list.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/extra-list.yaml new file mode 100644 index 00000000..329f5c65 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/extra-list.yaml @@ -0,0 +1,9 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- range .Values.extraDeploy }} +--- +{{ include "common.tplvalues.render" (dict "value" . "context" $) }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmagent/configmap.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmagent/configmap.yaml new file mode 100644 index 00000000..17631a7b --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmagent/configmap.yaml @@ -0,0 +1,215 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{/* Adding the helper in configmap.yaml for better readability */}} +{{- define "victoriametrics.vmagent.defaultScrapeConfig" -}} +global: + scrape_interval: {{ .Values.vmagent.scrapeInterval | default "30s" }} + scrape_timeout: {{ .Values.vmagent.scrapeTimeout | default "30s" }} +scrape_configs: + - job_name: vmagent + static_configs: + - targets: ["localhost:{{ .Values.vmagent.containerPorts.http }}"] + + ## COPY from Prometheus helm chart https://github.com/helm/charts/blob/master/stable/prometheus/values.yaml + + # Scrape config for API servers. + # + # Kubernetes exposes API servers as endpoints to the default/kubernetes + # service so this uses `endpoints` role and uses relabelling to only keep + # the endpoints associated with the default/kubernetes service using the + # default named port `https`. This works for single API server deployments as + # well as HA API server deployments. + - job_name: "kubernetes-service-endpoints" + kubernetes_sd_configs: + - role: endpointslices + namespaces: + own_namespace: true + relabel_configs: + - action: drop + source_labels: [__meta_kubernetes_pod_container_init] + regex: true + - action: keep_if_equal + source_labels: [__meta_kubernetes_service_annotation_prometheus_io_port, __meta_kubernetes_pod_container_port_number] + - source_labels: + [__meta_kubernetes_service_annotation_prometheus_io_scrape] + action: keep + regex: true + - source_labels: + [__meta_kubernetes_service_annotation_prometheus_io_scheme] + action: replace + target_label: __scheme__ + regex: (https?) + - source_labels: + [__meta_kubernetes_service_annotation_prometheus_io_path] + action: replace + target_label: __metrics_path__ + regex: (.+) + - source_labels: + [ + __address__, + __meta_kubernetes_service_annotation_prometheus_io_port, + ] + action: replace + target_label: __address__ + regex: ([^:]+)(?::\d+)?;(\d+) + replacement: $1:$2 + - action: labelmap + regex: __meta_kubernetes_service_label_(.+) + - source_labels: [__meta_kubernetes_pod_name] + target_label: pod + - source_labels: [__meta_kubernetes_pod_container_name] + target_label: container + - source_labels: [__meta_kubernetes_namespace] + target_label: namespace + - source_labels: [__meta_kubernetes_service_name] + target_label: service + - source_labels: [__meta_kubernetes_service_name] + target_label: job + replacement: ${1} + - source_labels: [__meta_kubernetes_pod_node_name] + action: replace + target_label: node + # Scrape config for slow service endpoints; same as above, but with a larger + # timeout and a larger interval + # + # The relabeling allows the actual service scrape endpoint to be configured + # via the following annotations: + # + # * `prometheus.io/scrape-slow`: Only scrape services that have a value of `true` + # * `prometheus.io/scheme`: If the metrics endpoint is secured then you will need + # to set this to `https` & most likely set the `tls_config` of the scrape config. + # * `prometheus.io/path`: If the metrics path is not `/metrics` override this. + # * `prometheus.io/port`: If the metrics are exposed on a different port to the + # service then set this appropriately. + # + - job_name: "kubernetes-service-endpoints-slow" + scrape_interval: 5m + scrape_timeout: 30s + kubernetes_sd_configs: + - role: endpointslices + namespaces: + own_namespace: true + relabel_configs: + - action: drop + source_labels: [__meta_kubernetes_pod_container_init] + regex: true + - action: keep_if_equal + source_labels: [__meta_kubernetes_service_annotation_prometheus_io_port, __meta_kubernetes_pod_container_port_number] + - source_labels: + [__meta_kubernetes_service_annotation_prometheus_io_scrape_slow] + action: keep + regex: true + - source_labels: + [__meta_kubernetes_service_annotation_prometheus_io_scheme] + action: replace + target_label: __scheme__ + regex: (https?) + - source_labels: + [__meta_kubernetes_service_annotation_prometheus_io_path] + action: replace + target_label: __metrics_path__ + regex: (.+) + - source_labels: + [ + __address__, + __meta_kubernetes_service_annotation_prometheus_io_port, + ] + action: replace + target_label: __address__ + regex: ([^:]+)(?::\d+)?;(\d+) + replacement: $1:$2 + - action: labelmap + regex: __meta_kubernetes_service_label_(.+) + - source_labels: [__meta_kubernetes_pod_name] + target_label: pod + - source_labels: [__meta_kubernetes_pod_container_name] + target_label: container + - source_labels: [__meta_kubernetes_namespace] + target_label: namespace + - source_labels: [__meta_kubernetes_service_name] + target_label: service + - source_labels: [__meta_kubernetes_service_name] + target_label: job + replacement: ${1} + - source_labels: [__meta_kubernetes_pod_node_name] + action: replace + target_label: node + + # Example scrape config for pods + # + # The relabeling allows the actual pod scrape endpoint to be configured via the + # following annotations: + # + # * `prometheus.io/scrape`: Only scrape pods that have a value of `true` + # * `prometheus.io/path`: If the metrics path is not `/metrics` override this. + # * `prometheus.io/port`: Scrape the pod on the indicated port instead of the default of `9102`. + # + - job_name: "kubernetes-pods" + kubernetes_sd_configs: + - role: pod + namespaces: + own_namespace: true + relabel_configs: + - action: drop + source_labels: [__meta_kubernetes_pod_container_init] + regex: true + - action: keep_if_equal + source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_port, __meta_kubernetes_pod_container_port_number] + - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_scrape] + action: keep + regex: true + - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_path] + action: replace + target_label: __metrics_path__ + regex: (.+) + - source_labels: + [__address__, __meta_kubernetes_pod_annotation_prometheus_io_port] + action: replace + regex: ([^:]+)(?::\d+)?;(\d+) + replacement: $1:$2 + target_label: __address__ + - action: labelmap + regex: __meta_kubernetes_pod_label_(.+) + - source_labels: [__meta_kubernetes_pod_name] + target_label: pod + - source_labels: [__meta_kubernetes_pod_container_name] + target_label: container + - source_labels: [__meta_kubernetes_namespace] + target_label: namespace + - source_labels: [__meta_kubernetes_pod_node_name] + action: replace + target_label: node + ## End of COPY +{{- end }} + + +{{- if and .Values.vmagent.enabled (not .Values.vmagent.existingScrapeConfigMap) }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "victoriametrics.vmagent.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmagent + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +data: + {{- /* Convert the default configuration and extra overrides */ -}} + {{- $defaultConfiguration := include "victoriametrics.vmagent.defaultScrapeConfig" . | fromYaml -}} + {{- $overrideConfiguration := include "common.tplvalues.render" (dict "value" .Values.vmagent.scrapeConfigOverrides "context" $) | fromYaml -}} + {{- /* add extraJobs */}} + {{- $extraJobs := .Values.vmagent.extraJobs | default list -}} + {{- if $extraJobs -}} + {{- $defaultJobs := $defaultConfiguration.scrape_configs | default list -}} + {{- $mergedJobs := concat $defaultJobs $extraJobs -}} + {{- $defaultConfiguration = set $defaultConfiguration "scrape_configs" $mergedJobs -}} + {{- end -}} + {{- /* Merge both maps and render the configuration */}} + scrape.yml: | + {{- mergeOverwrite $defaultConfiguration $overrideConfiguration | toYaml | nindent 4 }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmagent/dep-ds.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmagent/dep-ds.yaml new file mode 100644 index 00000000..cb5de41e --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmagent/dep-ds.yaml @@ -0,0 +1,215 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.vmagent.enabled }} +{{- $kind := lower .Values.vmagent.kind }} +{{- if eq $kind "daemonset" }} +apiVersion: {{ include "common.capabilities.daemonset.apiVersion" . }} +kind: DaemonSet +{{- else }} +apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} +kind: StatefulSet +{{- end }} +metadata: + name: {{ template "victoriametrics.vmagent.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmagent + {{- if or .Values.vmagent.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" (dict "values" (list .Values.vmagent.annotations .Values.commonAnnotations) "context" .) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + {{- if and (not .Values.vmagent.autoscaling.hpa.enabled) (eq $kind "deployment") }} + replicas: {{ .Values.vmagent.replicaCount }} + {{- end }} + {{- if .Values.vmagent.updateStrategy }} + {{ ternary "strategy" "updateStrategy" (eq $kind "deployment")}}: {{- toYaml .Values.vmagent.updateStrategy | nindent 4 }} + {{- end }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" (list .Values.vmagent.podLabels .Values.commonLabels) "context" . ) }} + selector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} + app.kubernetes.io/component: vmagent + template: + metadata: + {{- if or .Values.vmagent.podAnnotations (not .Values.vmagent.existingScrapeConfigMap) }} + annotations: + {{- if .Values.vmagent.podAnnotations }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmagent.podAnnotations "context" $) | nindent 8 }} + {{- end }} + {{- if not .Values.vmagent.existingScrapeConfigMap }} + checksum/scrape-config: {{ include (print $.Template.BasePath "/vmagent/configmap.yaml") $ | sha256sum }} + {{- end }} + {{- end }} + labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmagent + spec: + serviceAccountName: {{ template "victoriametrics.vmagent.serviceAccountName" . }} + {{- include "victoriametrics.imagePullSecrets" . | nindent 6 }} + automountServiceAccountToken: {{ .Values.vmagent.automountServiceAccountToken }} + {{- if .Values.vmagent.hostAliases }} + hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.vmagent.hostAliases "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.vmagent.affinity }} + affinity: {{- include "common.tplvalues.render" ( dict "value" .Values.vmagent.affinity "context" $) | nindent 8 }} + {{- else }} + affinity: + podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.vmagent.podAffinityPreset "component" "vmagent" "customLabels" $podLabels "context" $) | nindent 10 }} + podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.vmagent.podAntiAffinityPreset "component" "vmagent" "customLabels" $podLabels "context" $) | nindent 10 }} + nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.vmagent.nodeAffinityPreset.type "key" .Values.vmagent.nodeAffinityPreset.key "values" .Values.vmagent.nodeAffinityPreset.values) | nindent 10 }} + {{- end }} + {{- if .Values.vmagent.nodeSelector }} + nodeSelector: {{- include "common.tplvalues.render" ( dict "value" .Values.vmagent.nodeSelector "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.vmagent.tolerations }} + tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.vmagent.tolerations "context" .) | nindent 8 }} + {{- end }} + {{- if .Values.vmagent.priorityClassName }} + priorityClassName: {{ .Values.vmagent.priorityClassName | quote }} + {{- end }} + {{- if .Values.vmagent.schedulerName }} + schedulerName: {{ .Values.vmagent.schedulerName | quote }} + {{- end }} + {{- if .Values.vmagent.topologySpreadConstraints }} + topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.vmagent.topologySpreadConstraints "context" .) | nindent 8 }} + {{- end }} + {{- if .Values.vmagent.podSecurityContext.enabled }} + securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.vmagent.podSecurityContext "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.vmagent.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.vmagent.terminationGracePeriodSeconds }} + {{- end }} + {{- if .Values.vmagent.initContainers }} + initContainers: {{- include "common.tplvalues.render" (dict "value" .Values.vmagent.initContainers "context" $) | nindent 8 }} + {{- end }} + containers: + - name: vmagent + image: {{ template "victoriametrics.vmagent.image" . }} + imagePullPolicy: {{ .Values.vmagent.image.pullPolicy }} + {{- if .Values.vmagent.containerSecurityContext.enabled }} + securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.vmagent.containerSecurityContext "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.vmagent.command }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.vmagent.command "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.vmagent.args }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.vmagent.args "context" $) | nindent 12 }} + {{- else }} + args: + {{- if .Values.envflagEnable }} + - vmagent + - --envflag.enable + - --envflag.prefix={{ .Values.envflagPrefix }} + {{- end }} + - --loggerFormat={{ .Values.loggerFormat }} + - --httpListenAddr=:{{ .Values.vmagent.containerPorts.http }} + - --promscrape.config=/opt/drycc/scrape/scrape.yml + - --remoteWrite.tmpDataPath=/opt/drycc/data/tmpData + - --remoteWrite.maxDiskUsagePerURL=2GiB + - --promscrape.cluster.membersCount={{.Values.vmagent.replicaCount}} + - --promscrape.cluster.memberNum=$(SHARD_NUM) + {{- $remoteHost := (include "victoriametrics.vminsert.fullname" .) }} + {{- $remotePort := .Values.vminsert.service.ports.http }} + - --remoteWrite.url=http://{{ $remoteHost }}:{{ $remotePort }}/insert/0/prometheus + {{- if .Values.vmagent.enableListeners.influxdb }} + - --influxListenAddr=:{{ .Values.vmagent.containerPorts.influxdb }} + {{- end }} + {{- if .Values.vmagent.enableListeners.graphite }} + - --graphiteListenAddr=:{{ .Values.vmagent.containerPorts.graphite }} + {{- end }} + {{- if .Values.vmagent.enableListeners.opentsdb }} + - --opentsdbListenAddr=:{{ .Values.vmagent.containerPorts.opentsdb }} + {{- end }} + {{- if .Values.vmagent.extraArgs }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmagent.extraArgs "context" $) | nindent 12 }} + {{- end }} + {{- end }} + env: + - name: SHARD_NUM + valueFrom: + fieldRef: + fieldPath: metadata.labels['apps.kubernetes.io/pod-index'] + {{- if .Values.vmagent.extraEnvVars }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmagent.extraEnvVars "context" $) | nindent 12 }} + {{- end }} + envFrom: + {{- if .Values.vmagent.extraEnvVarsCM }} + - configMapRef: + name: {{ include "common.tplvalues.render" (dict "value" .Values.vmagent.extraEnvVarsCM "context" $) }} + {{- end }} + {{- if .Values.vmagent.extraEnvVarsSecret }} + - secretRef: + name: {{ include "common.tplvalues.render" (dict "value" .Values.vmagent.extraEnvVarsSecret "context" $) }} + {{- end }} + {{- if .Values.vmagent.resources }} + resources: {{- toYaml .Values.vmagent.resources | nindent 12 }} + {{- else if ne .Values.vmagent.resourcesPreset "none" }} + resources: {{- include "common.resources.preset" (dict "type" .Values.vmagent.resourcesPreset) | nindent 12 }} + {{- end }} + ports: + - name: http + containerPort: {{ .Values.vmagent.containerPorts.http }} + {{- if .Values.vmagent.enableListeners.influxdb }} + - name: tcp-influxdb + containerPort: {{ .Values.vmagent.containerPorts.influxdb }} + {{- end }} + {{- if .Values.vmagent.enableListeners.graphite }} + - name: tcp-graphite + containerPort: {{ .Values.vmagent.containerPorts.graphite }} + {{- end }} + {{- if .Values.vmagent.enableListeners.opentsdb }} + - name: tcp-opentsdb + containerPort: {{ .Values.vmagent.containerPorts.opentsdb }} + {{- end }} + {{- if .Values.vmagent.customLivenessProbe }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.vmagent.customLivenessProbe "context" $) | nindent 12 }} + {{- else if .Values.vmagent.livenessProbe.enabled }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.vmagent.livenessProbe "enabled") "context" $) | nindent 12 }} + tcpSocket: + port: http + {{- end }} + {{- if .Values.vmagent.customReadinessProbe }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.vmagent.customReadinessProbe "context" $) | nindent 12 }} + {{- else if .Values.vmagent.readinessProbe.enabled }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.vmagent.readinessProbe "enabled") "context" $) | nindent 12 }} + httpGet: + path: /health + port: http + {{- end }} + {{- if .Values.vmagent.customStartupProbe }} + startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.vmagent.customStartupProbe "context" $) | nindent 12 }} + {{- else if .Values.vmagent.startupProbe.enabled }} + startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.vmagent.startupProbe "enabled") "context" $) | nindent 12 }} + httpGet: + path: /health + port: http + {{- end }} + {{- if .Values.vmagent.lifecycleHooks }} + lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.vmagent.lifecycleHooks "context" $) | nindent 12 }} + {{- end }} + volumeMounts: + - name: scrape-configuration + mountPath: /opt/drycc/scrape/ + - name: empty-dir + mountPath: /opt/drycc/data/tmpData + subPath: app-tmpdata-dir + {{- if .Values.vmagent.extraVolumeMounts }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmagent.extraVolumeMounts "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.vmagent.sidecars }} + {{- include "common.tplvalues.render" ( dict "value" .Values.vmagent.sidecars "context" $) | nindent 8 }} + {{- end }} + volumes: + - name: scrape-configuration + configMap: + name: {{ include "victoriametrics.vmagent.scrapeConfigMapName" . }} + - name: empty-dir + emptyDir: {} + {{- if .Values.vmagent.extraVolumes }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmagent.extraVolumes "context" $) | nindent 8 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmagent/hpa.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmagent/hpa.yaml new file mode 100644 index 00000000..41267c88 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmagent/hpa.yaml @@ -0,0 +1,42 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.vmagent.enabled (eq .Values.vmagent.kind "deployment") .Values.vmagent.autoscaling.hpa.enabled }} +apiVersion: {{ include "common.capabilities.hpa.apiVersion" (dict "context" $) }} +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "victoriametrics.vmagent.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmagent + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + scaleTargetRef: + apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} + kind: Deployment + name: {{ include "victoriametrics.vmagent.fullname" . }} + minReplicas: {{ .Values.vmagent.autoscaling.hpa.minReplicas }} + maxReplicas: {{ .Values.vmagent.autoscaling.hpa.maxReplicas }} + metrics: + {{- if .Values.vmagent.autoscaling.hpa.targetMemory }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.vmagent.autoscaling.hpa.targetMemory }} + {{- end }} + {{- if .Values.vmagent.autoscaling.hpa.targetCPU }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.vmagent.autoscaling.hpa.targetCPU }} + {{- end }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmagent/networkpolicy.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmagent/networkpolicy.yaml new file mode 100644 index 00000000..757ccd98 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmagent/networkpolicy.yaml @@ -0,0 +1,99 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.vmagent.enabled .Values.vmagent.networkPolicy.enabled }} +kind: NetworkPolicy +apiVersion: {{ include "common.capabilities.networkPolicy.apiVersion" . }} +metadata: + name: {{ template "victoriametrics.vmagent.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmagent + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + policyTypes: + - Ingress + - Egress + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.vmagent.podLabels .Values.commonLabels ) "context" . ) }} + podSelector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmagent + {{- if .Values.vmagent.networkPolicy.allowExternalEgress }} + egress: + - {} + {{- else }} + egress: + # Allow dns resolution + - ports: + - port: 53 + protocol: UDP + - port: 53 + protocol: TCP + {{- if .Values.vmauth.enabled }} + # Allow outbound connections to victoriametrics insert controller + - ports: + - port: {{ .Values.vmauth.containerPorts.http }} + to: + - podSelector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 14 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmauth + {{- else }} + # Allow outbound connections to victoriametrics insert controller + - ports: + - port: {{ .Values.vminsert.containerPorts.http }} + to: + - podSelector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 14 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vminsert + {{- end }} + {{- if .Values.vmagent.networkPolicy.extraEgress }} + {{- include "common.tplvalues.render" ( dict "value" .Values.vmagent.networkPolicy.extraEgress "context" $ ) | nindent 4 }} + {{- end }} + {{- end }} + ingress: + # Allow inbound connections + - ports: + - port: {{ .Values.vmagent.containerPorts.http }} + {{- if .Values.vmagent.enableListeners.graphite }} + - port: {{ .Values.vmagent.containerPorts.graphite }} + {{- end }} + {{- if .Values.vmagent.enableListeners.influxdb }} + - port: {{ .Values.vmagent.containerPorts.influxdb }} + {{- end }} + {{- if .Values.vmagent.enableListeners.opentsdb }} + - port: {{ .Values.vmagent.containerPorts.opentsdb }} + {{- end }} + {{- if not .Values.vmagent.networkPolicy.allowExternal }} + from: + - namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: {{ .Release.Namespace }} + podSelector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 14 }} + {{- if .Values.vmagent.networkPolicy.ingressNSMatchLabels }} + - namespaceSelector: + matchLabels: + {{- range $key, $value := .Values.vmagent.networkPolicy.ingressNSMatchLabels }} + {{ $key | quote }}: {{ $value | quote }} + {{- end }} + {{- if .Values.vmagent.networkPolicy.ingressNSPodMatchLabels }} + podSelector: + matchLabels: + {{- range $key, $value := .Values.vmagent.networkPolicy.ingressNSPodMatchLabels }} + {{ $key | quote }}: {{ $value | quote }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} + {{- if .Values.vmagent.networkPolicy.extraIngress }} + {{- include "common.tplvalues.render" ( dict "value" .Values.vmagent.networkPolicy.extraIngress "context" $ ) | nindent 4 }} + {{- end }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmagent/pdb.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmagent/pdb.yaml new file mode 100644 index 00000000..3046ff8d --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmagent/pdb.yaml @@ -0,0 +1,29 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.vmagent.enabled (eq .Values.vmagent.kind "deployment") .Values.vmagent.pdb.create }} +apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} +kind: PodDisruptionBudget +metadata: + name: {{ template "victoriametrics.vmagent.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmagent + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + {{- if .Values.vmagent.pdb.minAvailable }} + minAvailable: {{ .Values.vmagent.pdb.minAvailable }} + {{- end }} + {{- if or .Values.vmagent.pdb.maxUnavailable ( not .Values.vmagent.pdb.minAvailable ) }} + maxUnavailable: {{ .Values.vmagent.pdb.maxUnavailable | default 1 }} + {{- end }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.vmagent.podLabels .Values.commonLabels ) "context" . ) }} + selector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} + app.kubernetes.io/component: vmagent +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmagent/rbac.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmagent/rbac.yaml new file mode 100644 index 00000000..2327e178 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmagent/rbac.yaml @@ -0,0 +1,72 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.vmagent.enabled .Values.vmagent.rbac.create }} +apiVersion: {{ include "common.capabilities.rbac.apiVersion" . }} +kind: {{ ternary "Role" "ClusterRole" .Values.vmagent.namespaced }} +metadata: + name: {{ include "victoriametrics.vmagent.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmagent + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +rules: + - apiGroups: + - discovery.k8s.io + resources: + - endpointslices + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: + - networking.k8s.io + resources: + - ingresses + verbs: ["get", "list", "watch"] + {{- if not .Values.vmagent.namespaced }} + - apiGroups: [""] + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["namespaces"] + verbs: ["get", "list", "watch"] + resourceNames: ["zhangjint"] + - nonResourceURLs: {{ include "common.tplvalues.render" ( dict "value" .Values.vmagent.allowedMetricsEndpoints "context" $ ) | nindent 6 }} + verbs: ["get"] + {{- end }} + {{- if .Values.vmagent.rbac.rules }} + {{- include "common.tplvalues.render" ( dict "value" .Values.vmagent.rbac.rules "context" $ ) | nindent 2 }} + {{- end }} +--- +apiVersion: {{ include "common.capabilities.rbac.apiVersion" . }} +kind: {{ ternary "RoleBinding" "ClusterRoleBinding" .Values.vmagent.namespaced }} +metadata: + name: {{ include "victoriametrics.vmagent.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmagent + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +subjects: + - kind: ServiceAccount + name: {{ include "victoriametrics.vmagent.serviceAccountName" . }} + namespace: {{ include "common.names.namespace" . | quote }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: {{ ternary "Role" "ClusterRole" .Values.vmagent.namespaced }} + name: {{ include "victoriametrics.vmagent.fullname" . }} +{{- end -}} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmagent/service-account.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmagent/service-account.yaml new file mode 100644 index 00000000..6ae16900 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmagent/service-account.yaml @@ -0,0 +1,20 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.vmagent.enabled .Values.vmagent.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "victoriametrics.vmagent.serviceAccountName" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmagent + {{- if or .Values.vmagent.serviceAccount.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.vmagent.serviceAccount.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.vmagent.serviceAccount.automountServiceAccountToken }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmagent/service.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmagent/service.yaml new file mode 100644 index 00000000..953ef79c --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmagent/service.yaml @@ -0,0 +1,92 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.vmagent.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "victoriametrics.vmagent.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmagent + {{- if or .Values.vmagent.service.annotations .Values.commonAnnotations .Values.vmagent.metrics.enabled .Values.vmagent.metrics.annotations }} + {{- $annotations := include "common.tplvalues.merge" (dict "values" (list .Values.vmagent.service.annotations .Values.commonAnnotations .Values.vmagent.metrics.annotations) "context" .) }} + {{- if .Values.vmagent.metrics.enabled }} + {{- $defaultMetricsAnnotations := dict "prometheus.io/scrape" "true" "prometheus.io/port" .Values.vmagent.service.ports.http "prometheus.io/path" "/metrics" }} + {{- $annotations = include "common.tplvalues.merge" (dict "values" (list $annotations $defaultMetricsAnnotations) "context" .) }} + {{- end }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + type: {{ .Values.vmagent.service.type }} + {{- if and .Values.vmagent.service.clusterIP (eq .Values.vmagent.service.type "ClusterIP") }} + clusterIP: {{ .Values.vmagent.service.clusterIP }} + {{- end }} + {{- if .Values.vmagent.service.sessionAffinity }} + sessionAffinity: {{ .Values.vmagent.service.sessionAffinity }} + {{- end }} + {{- if .Values.vmagent.service.sessionAffinityConfig }} + sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.vmagent.service.sessionAffinityConfig "context" $) | nindent 4 }} + {{- end }} + {{- if or (eq .Values.vmagent.service.type "LoadBalancer") (eq .Values.vmagent.service.type "NodePort") }} + externalTrafficPolicy: {{ .Values.vmagent.service.externalTrafficPolicy | quote }} + {{- end }} + {{- if and (eq .Values.vmagent.service.type "LoadBalancer") (not (empty .Values.vmagent.service.loadBalancerSourceRanges)) }} + loadBalancerSourceRanges: {{ .Values.vmagent.service.loadBalancerSourceRanges }} + {{- end }} + {{- if and (eq .Values.vmagent.service.type "LoadBalancer") (not (empty .Values.vmagent.service.loadBalancerIP)) }} + loadBalancerIP: {{ .Values.vmagent.service.loadBalancerIP }} + {{- end }} + ports: + - name: http + port: {{ .Values.vmagent.service.ports.http }} + protocol: TCP + {{- if and (or (eq .Values.vmagent.service.type "NodePort") (eq .Values.vmagent.service.type "LoadBalancer")) (not (empty .Values.vmagent.service.nodePorts.http)) }} + nodePort: {{ .Values.vmagent.service.nodePorts.http }} + {{- else if eq .Values.vmagent.service.type "ClusterIP" }} + nodePort: null + {{- end }} + targetPort: http + {{- if .Values.vmagent.enableListeners.graphite }} + - name: tcp-graphite + port: {{ .Values.vmagent.service.ports.graphite }} + protocol: TCP + {{- if and (or (eq .Values.vmagent.service.type "NodePort") (eq .Values.vmagent.service.type "LoadBalancer")) (not (empty .Values.vmagent.service.nodePorts.graphite)) }} + nodePort: {{ .Values.vmagent.service.nodePorts.graphite }} + {{- else if eq .Values.vmagent.service.type "ClusterIP" }} + nodePort: null + {{- end }} + targetPort: tcp-graphite + {{- end }} + {{- if .Values.vmagent.enableListeners.opentsdb }} + - name: tcp-opentsdb + port: {{ .Values.vmagent.service.ports.opentsdb }} + protocol: TCP + {{- if and (or (eq .Values.vmagent.service.type "NodePort") (eq .Values.vmagent.service.type "LoadBalancer")) (not (empty .Values.vmagent.service.nodePorts.opentsdb)) }} + nodePort: {{ .Values.vmagent.service.nodePorts.opentsdb }} + {{- else if eq .Values.vmagent.service.type "ClusterIP" }} + nodePort: null + {{- end }} + targetPort: tcp-opentsdb + {{- end }} + {{- if .Values.vmagent.enableListeners.influxdb }} + - name: tcp-influxdb + port: {{ .Values.vmagent.service.ports.influxdb }} + protocol: TCP + {{- if and (or (eq .Values.vmagent.service.type "NodePort") (eq .Values.vmagent.service.type "LoadBalancer")) (not (empty .Values.vmagent.service.nodePorts.influxdb)) }} + nodePort: {{ .Values.vmagent.service.nodePorts.influxdb }} + {{- else if eq .Values.vmagent.service.type "ClusterIP" }} + nodePort: null + {{- end }} + targetPort: tcp-influxdb + {{- end }} + {{- if .Values.vmagent.service.extraPorts }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmagent.service.extraPorts "context" $) | nindent 4 }} + {{- end }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.vmagent.podLabels .Values.commonLabels ) "context" . ) }} + selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: vmagent +{{- end }} \ No newline at end of file diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmagent/servicemonitor.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmagent/servicemonitor.yaml new file mode 100644 index 00000000..b69bcbc2 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmagent/servicemonitor.yaml @@ -0,0 +1,48 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.vmagent.enabled .Values.vmagent.metrics.enabled .Values.vmagent.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "victoriametrics.vmagent.fullname" . }} + namespace: {{ default (include "common.names.namespace" .) .Values.vmagent.metrics.serviceMonitor.namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmagent + {{- if or .Values.vmagent.metrics.serviceMonitor.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.vmagent.metrics.serviceMonitor.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +spec: + jobLabel: {{ .Values.vmagent.metrics.serviceMonitor.jobLabel | quote }} + selector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 6 }} + app.kubernetes.io/component: vmagent + {{- if .Values.vmagent.metrics.serviceMonitor.selector }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmagent.metrics.serviceMonitor.selector "context" $) | nindent 6 }} + {{- end }} + endpoints: + - port: http-metrics + path: "/metrics" + {{- if .Values.vmagent.metrics.serviceMonitor.interval }} + interval: {{ .Values.vmagent.metrics.serviceMonitor.interval }} + {{- end }} + {{- if .Values.vmagent.metrics.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ .Values.vmagent.metrics.serviceMonitor.scrapeTimeout }} + {{- end }} + {{- if .Values.vmagent.metrics.serviceMonitor.honorLabels }} + honorLabels: {{ .Values.vmagent.metrics.serviceMonitor.honorLabels }} + {{- end }} + {{- if .Values.vmagent.metrics.serviceMonitor.metricRelabelings }} + metricRelabelings: {{- include "common.tplvalues.render" ( dict "value" .Values.vmagent.metrics.serviceMonitor.metricRelabelings "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.vmagent.metrics.serviceMonitor.relabelings }} + relabelings: {{- include "common.tplvalues.render" ( dict "value" .Values.vmagent.metrics.serviceMonitor.relabelings "context" $) | nindent 8 }} + {{- end }} + namespaceSelector: + matchNames: + - {{ include "common.names.namespace" . | quote }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmagent/vpa.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmagent/vpa.yaml new file mode 100644 index 00000000..23ec617f --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmagent/vpa.yaml @@ -0,0 +1,50 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.vmagent.enabled (include "common.capabilities.apiVersions.has" ( dict "version" "autoscaling.k8s.io/v1/VerticalPodAutoscaler" "context" . )) .Values.vmagent.autoscaling.vpa.enabled }} +apiVersion: {{ include "common.capabilities.vpa.apiVersion" (dict "context" $) }} +kind: VerticalPodAutoscaler +metadata: + name: {{ include "victoriametrics.vmagent.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmagent + {{- if or .Values.vmagent.autoscaling.vpa.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.vmagent.autoscaling.vpa.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +spec: + resourcePolicy: + containerPolicies: + - containerName: vmagent + {{- with .Values.vmagent.autoscaling.vpa.controlledResources }} + controlledResources: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.vmagent.autoscaling.vpa.maxAllowed }} + maxAllowed: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.vmagent.autoscaling.vpa.minAllowed }} + minAllowed: + {{- toYaml . | nindent 8 }} + {{- end }} + targetRef: + {{- if eq .Values.vmagent.kind "daemonset" }} + apiVersion: {{ include "common.capabilities.daemonset.apiVersion" . }} + kind: DaemonSet + {{- else }} + apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} + kind: Deployment + {{- end }} + name: {{ include "victoriametrics.vmagent.fullname" . }} + {{- if .Values.vmagent.autoscaling.vpa.updatePolicy }} + updatePolicy: + {{- with .Values.vmagent.autoscaling.vpa.updatePolicy.updateMode }} + updateMode: {{ . }} + {{- end }} + {{- end }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmalert/configmap.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmalert/configmap.yaml new file mode 100644 index 00000000..b223e86f --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmalert/configmap.yaml @@ -0,0 +1,31 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{/* Adding the helper in configmap.yaml for better readability */}} +{{- define "victoriametrics.vmalert.defaultRulesConfig" -}} +groups: [] +{{- end }} + +{{- if and .Values.vmalert.enabled (not .Values.vmalert.existingRulesConfigMap) }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "victoriametrics.vmalert.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmalert + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +data: + {{- /* Convert the default configuration and extra overrides */ -}} + {{- $defaultConfiguration := include "victoriametrics.vmalert.defaultRulesConfig" . | fromYaml -}} + {{- $overrideConfiguration := include "common.tplvalues.render" (dict "value" .Values.vmalert.rulesConfigOverrides "context" $) | fromYaml -}} + + {{- /* Merge both maps and render the configuration */}} + alert-rules.yaml: | + {{- mergeOverwrite $defaultConfiguration $overrideConfiguration | toYaml | nindent 4 }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmalert/deployment.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmalert/deployment.yaml new file mode 100644 index 00000000..a01b0398 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmalert/deployment.yaml @@ -0,0 +1,185 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.vmalert.enabled }} +apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} +kind: Deployment +metadata: + name: {{ template "victoriametrics.vmalert.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmalert + {{- if or .Values.vmalert.deploymentAnnotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" (dict "values" (list .Values.vmalert.deploymentAnnotations .Values.commonAnnotations) "context" .) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + {{- if not .Values.vmalert.autoscaling.hpa.enabled }} + replicas: {{ .Values.vmalert.replicaCount }} + {{- end }} + {{- if .Values.vmalert.updateStrategy }} + strategy: {{- toYaml .Values.vmalert.updateStrategy | nindent 4 }} + {{- end }} + {{- $podLabels := include "common.tplvalues.merge" (dict "values" (list .Values.vmalert.podLabels .Values.commonLabels) "context" . ) }} + selector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} + app.kubernetes.io/component: vmalert + template: + metadata: + {{- if or .Values.vmalert.podAnnotations (not .Values.vmalert.existingRulesConfigMap) }} + annotations: + {{- if .Values.vmalert.podAnnotations }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmalert.podAnnotations "context" $) | nindent 8 }} + {{- end }} + {{- if not .Values.vmalert.existingRulesConfigMap }} + checksum/rules-config: {{ include (print $.Template.BasePath "/vmalert/configmap.yaml") $ | sha256sum }} + {{- end }} + {{- end }} + labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmalert + spec: + serviceAccountName: {{ template "victoriametrics.vmalert.serviceAccountName" . }} + {{- include "victoriametrics.imagePullSecrets" . | nindent 6 }} + automountServiceAccountToken: {{ .Values.vmalert.automountServiceAccountToken }} + {{- if .Values.vmalert.hostAliases }} + hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.vmalert.hostAliases "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.vmalert.affinity }} + affinity: {{- include "common.tplvalues.render" ( dict "value" .Values.vmalert.affinity "context" $) | nindent 8 }} + {{- else }} + affinity: + podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.vmalert.podAffinityPreset "component" "vmalert" "customLabels" $podLabels "context" $) | nindent 10 }} + podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.vmalert.podAntiAffinityPreset "component" "vmalert" "customLabels" $podLabels "context" $) | nindent 10 }} + nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.vmalert.nodeAffinityPreset.type "key" .Values.vmalert.nodeAffinityPreset.key "values" .Values.vmalert.nodeAffinityPreset.values) | nindent 10 }} + {{- end }} + {{- if .Values.vmalert.nodeSelector }} + nodeSelector: {{- include "common.tplvalues.render" ( dict "value" .Values.vmalert.nodeSelector "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.vmalert.tolerations }} + tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.vmalert.tolerations "context" .) | nindent 8 }} + {{- end }} + {{- if .Values.vmalert.priorityClassName }} + priorityClassName: {{ .Values.vmalert.priorityClassName | quote }} + {{- end }} + {{- if .Values.vmalert.schedulerName }} + schedulerName: {{ .Values.vmalert.schedulerName | quote }} + {{- end }} + {{- if .Values.vmalert.topologySpreadConstraints }} + topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.vmalert.topologySpreadConstraints "context" .) | nindent 8 }} + {{- end }} + {{- if .Values.vmalert.podSecurityContext.enabled }} + securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.vmalert.podSecurityContext "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.vmalert.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.vmalert.terminationGracePeriodSeconds }} + {{- end }} + {{- if .Values.vmalert.initContainers }} + initContainers: {{- include "common.tplvalues.render" (dict "value" .Values.vmalert.initContainers "context" $) | nindent 8 }} + {{- end }} + containers: + - name: vmalert + image: {{ template "victoriametrics.vmalert.image" . }} + imagePullPolicy: {{ .Values.vmalert.image.pullPolicy }} + {{- if .Values.vmalert.containerSecurityContext.enabled }} + securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.vmalert.containerSecurityContext "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.vmalert.command }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.vmalert.command "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.vmalert.args }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.vmalert.args "context" $) | nindent 12 }} + {{- else }} + args: + {{- if .Values.envflagEnable }} + - --envflag.enable + - --envflag.prefix={{ .Values.envflagPrefix }} + {{- end }} + - --loggerFormat={{ .Values.loggerFormat }} + - --httpListenAddr=:{{ .Values.vmalert.containerPorts.http }} + - --rule=/config/alert-rules.yaml + {{- $remoteWriteHost := ternary (include "victoriametrics.vmauth.fullname" .) (include "victoriametrics.vminsert.fullname" .) .Values.vmauth.enabled }} + {{- $remoteWritePort := ternary .Values.vmauth.service.ports.http .Values.vminsert.service.ports.http .Values.vmauth.enabled }} + - --remoteWrite.url=http://{{ $remoteWriteHost }}:{{ $remoteWritePort }}/insert/0/prometheus + {{- $remoteReadHost := ternary (include "victoriametrics.vmauth.fullname" .) (include "victoriametrics.vmselect.fullname" .) .Values.vmauth.enabled }} + {{- $remoteReadPort := ternary .Values.vmauth.service.ports.http .Values.vmselect.service.ports.http .Values.vmauth.enabled }} + - --remoteWrite.url=http://{{ $remoteWriteHost }}:{{ $remoteWritePort }}/select/0/prometheus + {{- if .Values.vmalert.datasourceUrl }} + - --datasource.url={{ .Values.vmalert.datasourceUrl }} + {{- else }} + - --datasource.url=http://{{ $remoteWriteHost }}:{{ $remoteWritePort }}/select/0/prometheus + {{- end }} + {{- if .Values.vmalert.notifierUrl }} + - --notifier.url={{ .Values.vmalert.notifierUrl }} + {{- end }} + {{- if .Values.vmalert.extraArgs }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmalert.extraArgs "context" $) | nindent 12 }} + {{- end }} + {{- end }} + env: + {{- if .Values.vmalert.extraEnvVars }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmalert.extraEnvVars "context" $) | nindent 12 }} + {{- end }} + envFrom: + {{- if .Values.vmalert.extraEnvVarsCM }} + - configMapRef: + name: {{ include "common.tplvalues.render" (dict "value" .Values.vmalert.extraEnvVarsCM "context" $) }} + {{- end }} + {{- if .Values.vmalert.extraEnvVarsSecret }} + - secretRef: + name: {{ include "common.tplvalues.render" (dict "value" .Values.vmalert.extraEnvVarsSecret "context" $) }} + {{- end }} + {{- if .Values.vmalert.resources }} + resources: {{- toYaml .Values.vmalert.resources | nindent 12 }} + {{- else if ne .Values.vmalert.resourcesPreset "none" }} + resources: {{- include "common.resources.preset" (dict "type" .Values.vmalert.resourcesPreset) | nindent 12 }} + {{- end }} + ports: + - name: http + containerPort: {{ .Values.vmalert.containerPorts.http }} + {{- if .Values.vmalert.customLivenessProbe }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.vmalert.customLivenessProbe "context" $) | nindent 12 }} + {{- else if .Values.vmalert.livenessProbe.enabled }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.vmalert.livenessProbe "enabled") "context" $) | nindent 12 }} + tcpSocket: + port: http + {{- end }} + {{- if .Values.vmalert.customReadinessProbe }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.vmalert.customReadinessProbe "context" $) | nindent 12 }} + {{- else if .Values.vmalert.readinessProbe.enabled }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.vmalert.readinessProbe "enabled") "context" $) | nindent 12 }} + httpGet: + path: /health + port: http + {{- end }} + {{- if .Values.vmalert.customStartupProbe }} + startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.vmalert.customStartupProbe "context" $) | nindent 12 }} + {{- else if .Values.vmalert.startupProbe.enabled }} + startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.vmalert.startupProbe "enabled") "context" $) | nindent 12 }} + httpGet: + path: /health + port: http + {{- end }} + {{- if .Values.vmalert.lifecycleHooks }} + lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.vmalert.lifecycleHooks "context" $) | nindent 12 }} + {{- end }} + volumeMounts: + - name: rules-configuration + mountPath: /config + {{- if .Values.vmalert.extraVolumeMounts }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmalert.extraVolumeMounts "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.vmalert.sidecars }} + {{- include "common.tplvalues.render" ( dict "value" .Values.vmalert.sidecars "context" $) | nindent 8 }} + {{- end }} + volumes: + - name: rules-configuration + configMap: + name: {{ include "victoriametrics.vmalert.rulesConfigMapName" . }} + {{- if .Values.vmalert.extraVolumes }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmalert.extraVolumes "context" $) | nindent 8 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmalert/hpa.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmalert/hpa.yaml new file mode 100644 index 00000000..d65175b8 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmalert/hpa.yaml @@ -0,0 +1,42 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.vmalert.enabled .Values.vmalert.autoscaling.hpa.enabled }} +apiVersion: {{ include "common.capabilities.hpa.apiVersion" (dict "context" $) }} +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "victoriametrics.vmalert.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmalert + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + scaleTargetRef: + apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} + kind: Deployment + name: {{ include "victoriametrics.vmalert.fullname" . }} + minReplicas: {{ .Values.vmalert.autoscaling.hpa.minReplicas }} + maxReplicas: {{ .Values.vmalert.autoscaling.hpa.maxReplicas }} + metrics: + {{- if .Values.vmalert.autoscaling.hpa.targetMemory }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.vmalert.autoscaling.hpa.targetMemory }} + {{- end }} + {{- if .Values.vmalert.autoscaling.hpa.targetCPU }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.vmalert.autoscaling.hpa.targetCPU }} + {{- end }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmalert/networkpolicy.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmalert/networkpolicy.yaml new file mode 100644 index 00000000..7653a9ef --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmalert/networkpolicy.yaml @@ -0,0 +1,76 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.vmalert.enabled .Values.vmalert.networkPolicy.enabled }} +kind: NetworkPolicy +apiVersion: {{ include "common.capabilities.networkPolicy.apiVersion" . }} +metadata: + name: {{ template "victoriametrics.vmalert.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmalert + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + policyTypes: + - Ingress + - Egress + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.vmalert.podLabels .Values.commonLabels ) "context" . ) }} + podSelector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmalert + {{- if .Values.vmalert.networkPolicy.allowExternalEgress }} + egress: + - {} + {{- else }} + egress: + # Allow dns resolution + - ports: + - port: 53 + protocol: UDP + - port: 53 + protocol: TCP + # Allow outbound connections to victoriametrics storage controller + - ports: + - port: {{ .Values.vmstorage.containerPorts.http }} + to: + - podSelector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 14 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmstorage + {{- if .Values.vmalert.networkPolicy.extraEgress }} + {{- include "common.tplvalues.render" ( dict "value" .Values.vmalert.networkPolicy.extraEgress "context" $ ) | nindent 4 }} + {{- end }} + {{- end }} + ingress: + # Allow inbound connections + - ports: + - port: {{ .Values.vmalert.containerPorts.http }} + {{- if not .Values.vmalert.networkPolicy.allowExternal }} + from: + - podSelector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 14 }} + {{- if .Values.vmalert.networkPolicy.ingressNSMatchLabels }} + - namespaceSelector: + matchLabels: + {{- range $key, $value := .Values.vmalert.networkPolicy.ingressNSMatchLabels }} + {{ $key | quote }}: {{ $value | quote }} + {{- end }} + {{- if .Values.vmalert.networkPolicy.ingressNSPodMatchLabels }} + podSelector: + matchLabels: + {{- range $key, $value := .Values.vmalert.networkPolicy.ingressNSPodMatchLabels }} + {{ $key | quote }}: {{ $value | quote }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} + {{- if .Values.vmalert.networkPolicy.extraIngress }} + {{- include "common.tplvalues.render" ( dict "value" .Values.vmalert.networkPolicy.extraIngress "context" $ ) | nindent 4 }} + {{- end }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmalert/pdb.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmalert/pdb.yaml new file mode 100644 index 00000000..718863da --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmalert/pdb.yaml @@ -0,0 +1,29 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.vmalert.enabled .Values.vmalert.pdb.create }} +apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} +kind: PodDisruptionBudget +metadata: + name: {{ template "victoriametrics.vmalert.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmalert + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + {{- if .Values.vmalert.pdb.minAvailable }} + minAvailable: {{ .Values.vmalert.pdb.minAvailable }} + {{- end }} + {{- if or .Values.vmalert.pdb.maxUnavailable ( not .Values.vmalert.pdb.minAvailable ) }} + maxUnavailable: {{ .Values.vmalert.pdb.maxUnavailable | default 1 }} + {{- end }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.vmalert.podLabels .Values.commonLabels ) "context" . ) }} + selector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} + app.kubernetes.io/component: vmalert +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmalert/service-account.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmalert/service-account.yaml new file mode 100644 index 00000000..939a7915 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmalert/service-account.yaml @@ -0,0 +1,20 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.vmalert.enabled .Values.vmalert.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "victoriametrics.vmalert.serviceAccountName" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmalert + {{- if or .Values.vmalert.serviceAccount.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.vmalert.serviceAccount.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.vmalert.serviceAccount.automountServiceAccountToken }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmalert/service.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmalert/service.yaml new file mode 100644 index 00000000..2e3b7864 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmalert/service.yaml @@ -0,0 +1,59 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.vmalert.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "victoriametrics.vmalert.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmalert + {{- if or .Values.vmalert.service.annotations .Values.commonAnnotations .Values.vmalert.metrics.enabled .Values.vmalert.metrics.annotations }} + {{- $annotations := include "common.tplvalues.merge" (dict "values" (list .Values.vmalert.service.annotations .Values.commonAnnotations .Values.vmalert.metrics.annotations) "context" .) }} + {{- if .Values.vmalert.metrics.enabled }} + {{- $defaultMetricsAnnotations := dict "prometheus.io/scrape" "true" "prometheus.io/port" .Values.vmalert.service.ports.http "prometheus.io/path" "/metrics" }} + {{- $annotations = include "common.tplvalues.merge" (dict "values" (list $annotations $defaultMetricsAnnotations) "context" .) }} + {{- end }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + type: {{ .Values.vmalert.service.type }} + {{- if and .Values.vmalert.service.clusterIP (eq .Values.vmalert.service.type "ClusterIP") }} + clusterIP: {{ .Values.vmalert.service.clusterIP }} + {{- end }} + {{- if .Values.vmalert.service.sessionAffinity }} + sessionAffinity: {{ .Values.vmalert.service.sessionAffinity }} + {{- end }} + {{- if .Values.vmalert.service.sessionAffinityConfig }} + sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.vmalert.service.sessionAffinityConfig "context" $) | nindent 4 }} + {{- end }} + {{- if or (eq .Values.vmalert.service.type "LoadBalancer") (eq .Values.vmalert.service.type "NodePort") }} + externalTrafficPolicy: {{ .Values.vmalert.service.externalTrafficPolicy | quote }} + {{- end }} + {{- if and (eq .Values.vmalert.service.type "LoadBalancer") (not (empty .Values.vmalert.service.loadBalancerSourceRanges)) }} + loadBalancerSourceRanges: {{ .Values.vmalert.service.loadBalancerSourceRanges }} + {{- end }} + {{- if and (eq .Values.vmalert.service.type "LoadBalancer") (not (empty .Values.vmalert.service.loadBalancerIP)) }} + loadBalancerIP: {{ .Values.vmalert.service.loadBalancerIP }} + {{- end }} + ports: + - name: http + port: {{ .Values.vmalert.service.ports.http }} + protocol: TCP + {{- if and (or (eq .Values.vmalert.service.type "NodePort") (eq .Values.vmalert.service.type "LoadBalancer")) (not (empty .Values.vmalert.service.nodePorts.http)) }} + nodePort: {{ .Values.vmalert.service.nodePorts.http }} + {{- else if eq .Values.vmalert.service.type "ClusterIP" }} + nodePort: null + {{- end }} + targetPort: http + {{- if .Values.vmalert.service.extraPorts }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmalert.service.extraPorts "context" $) | nindent 4 }} + {{- end }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.vmalert.podLabels .Values.commonLabels ) "context" . ) }} + selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: vmalert +{{- end }} \ No newline at end of file diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmalert/servicemonitor.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmalert/servicemonitor.yaml new file mode 100644 index 00000000..d040f7ed --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmalert/servicemonitor.yaml @@ -0,0 +1,48 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.vmalert.enabled .Values.vmalert.metrics.enabled .Values.vmalert.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "victoriametrics.vmalert.fullname" . }} + namespace: {{ default (include "common.names.namespace" .) .Values.vmalert.metrics.serviceMonitor.namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmalert + {{- if or .Values.vmalert.metrics.serviceMonitor.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.vmalert.metrics.serviceMonitor.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +spec: + jobLabel: {{ .Values.vmalert.metrics.serviceMonitor.jobLabel | quote }} + selector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 6 }} + app.kubernetes.io/component: vmalert + {{- if .Values.vmalert.metrics.serviceMonitor.selector }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmalert.metrics.serviceMonitor.selector "context" $) | nindent 6 }} + {{- end }} + endpoints: + - port: http-metrics + path: "/metrics" + {{- if .Values.vmalert.metrics.serviceMonitor.interval }} + interval: {{ .Values.vmalert.metrics.serviceMonitor.interval }} + {{- end }} + {{- if .Values.vmalert.metrics.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ .Values.vmalert.metrics.serviceMonitor.scrapeTimeout }} + {{- end }} + {{- if .Values.vmalert.metrics.serviceMonitor.honorLabels }} + honorLabels: {{ .Values.vmalert.metrics.serviceMonitor.honorLabels }} + {{- end }} + {{- if .Values.vmalert.metrics.serviceMonitor.metricRelabelings }} + metricRelabelings: {{- include "common.tplvalues.render" ( dict "value" .Values.vmalert.metrics.serviceMonitor.metricRelabelings "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.vmalert.metrics.serviceMonitor.relabelings }} + relabelings: {{- include "common.tplvalues.render" ( dict "value" .Values.vmalert.metrics.serviceMonitor.relabelings "context" $) | nindent 8 }} + {{- end }} + namespaceSelector: + matchNames: + - {{ include "common.names.namespace" . | quote }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmalert/vpa.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmalert/vpa.yaml new file mode 100644 index 00000000..64bae63c --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmalert/vpa.yaml @@ -0,0 +1,45 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.vmalert.enabled (include "common.capabilities.apiVersions.has" ( dict "version" "autoscaling.k8s.io/v1/VerticalPodAutoscaler" "context" . )) .Values.vmalert.autoscaling.vpa.enabled }} +apiVersion: {{ include "common.capabilities.vpa.apiVersion" (dict "context" $) }} +kind: VerticalPodAutoscaler +metadata: + name: {{ include "victoriametrics.vmalert.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmalert + {{- if or .Values.vmalert.autoscaling.vpa.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.vmalert.autoscaling.vpa.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +spec: + resourcePolicy: + containerPolicies: + - containerName: vmalert + {{- with .Values.vmalert.autoscaling.vpa.controlledResources }} + controlledResources: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.vmalert.autoscaling.vpa.maxAllowed }} + maxAllowed: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.vmalert.autoscaling.vpa.minAllowed }} + minAllowed: + {{- toYaml . | nindent 8 }} + {{- end }} + targetRef: + apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} + kind: Deployment + name: {{ include "victoriametrics.vmalert.fullname" . }} + {{- if .Values.vmalert.autoscaling.vpa.updatePolicy }} + updatePolicy: + {{- with .Values.vmalert.autoscaling.vpa.updatePolicy.updateMode }} + updateMode: {{ . }} + {{- end }} + {{- end }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmauth/dep-ds.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmauth/dep-ds.yaml new file mode 100644 index 00000000..bd72864e --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmauth/dep-ds.yaml @@ -0,0 +1,178 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.vmauth.enabled }} +{{- $kind := lower .Values.vmauth.kind }} +{{- if eq $kind "daemonset" }} +apiVersion: {{ include "common.capabilities.daemonset.apiVersion" . }} +kind: DaemonSet +{{- else }} +apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} +kind: Deployment +{{- end }} +metadata: + name: {{ template "victoriametrics.vmauth.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmauth + {{- if or .Values.vmauth.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" (dict "values" (list .Values.vmauth.annotations .Values.commonAnnotations) "context" .) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + {{- if and (not .Values.vmauth.autoscaling.hpa.enabled) (eq $kind "deployment") }} + replicas: {{ .Values.vmauth.replicaCount }} + {{- end }} + {{- if .Values.vmauth.updateStrategy }} + {{ ternary "strategy" "updateStrategy" (eq $kind "deployment")}}: {{- toYaml .Values.vmauth.updateStrategy | nindent 4 }} + {{- end }} + {{- $podLabels := include "common.tplvalues.merge" (dict "values" (list .Values.vmauth.podLabels .Values.commonLabels) "context" .) }} + selector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} + app.kubernetes.io/component: vmauth + template: + metadata: + {{- if or .Values.vmauth.podAnnotations (not .Values.vmauth.existingSecret) }} + annotations: + {{- if .Values.vmauth.podAnnotations }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmauth.podAnnotations "context" $) | nindent 8 }} + {{- end }} + {{- if not .Values.vmauth.existingSecret }} + checksum/secret: {{ include (print $.Template.BasePath "/vmauth/secret.yaml") $ | sha256sum }} + {{- end }} + {{- end }} + labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmauth + spec: + serviceAccountName: {{ template "victoriametrics.vmauth.serviceAccountName" . }} + {{- include "victoriametrics.imagePullSecrets" . | nindent 6 }} + automountServiceAccountToken: {{ .Values.vmauth.automountServiceAccountToken }} + {{- if .Values.vmauth.hostAliases }} + hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.vmauth.hostAliases "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.vmauth.affinity }} + affinity: {{- include "common.tplvalues.render" ( dict "value" .Values.vmauth.affinity "context" $) | nindent 8 }} + {{- else }} + affinity: + podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.vmauth.podAffinityPreset "component" "vmauth" "customLabels" $podLabels "context" $) | nindent 10 }} + podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.vmauth.podAntiAffinityPreset "component" "vmauth" "customLabels" $podLabels "context" $) | nindent 10 }} + nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.vmauth.nodeAffinityPreset.type "key" .Values.vmauth.nodeAffinityPreset.key "values" .Values.vmauth.nodeAffinityPreset.values) | nindent 10 }} + {{- end }} + {{- if .Values.vmauth.nodeSelector }} + nodeSelector: {{- include "common.tplvalues.render" ( dict "value" .Values.vmauth.nodeSelector "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.vmauth.tolerations }} + tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.vmauth.tolerations "context" .) | nindent 8 }} + {{- end }} + {{- if .Values.vmauth.priorityClassName }} + priorityClassName: {{ .Values.vmauth.priorityClassName | quote }} + {{- end }} + {{- if .Values.vmauth.schedulerName }} + schedulerName: {{ .Values.vmauth.schedulerName | quote }} + {{- end }} + {{- if .Values.vmauth.topologySpreadConstraints }} + topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.vmauth.topologySpreadConstraints "context" .) | nindent 8 }} + {{- end }} + {{- if .Values.vmauth.podSecurityContext.enabled }} + securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.vmauth.podSecurityContext "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.vmauth.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.vmauth.terminationGracePeriodSeconds }} + {{- end }} + {{- if .Values.vmauth.initContainers }} + initContainers: {{- include "common.tplvalues.render" (dict "value" .Values.vmauth.initContainers "context" $) | nindent 8 }} + {{- end }} + containers: + - name: vmauth + image: {{ template "victoriametrics.vmauth.image" . }} + imagePullPolicy: {{ .Values.vmauth.image.pullPolicy }} + {{- if .Values.vmauth.containerSecurityContext.enabled }} + securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.vmauth.containerSecurityContext "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.vmauth.command }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.vmauth.command "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.vmauth.args }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.vmauth.args "context" $) | nindent 12 }} + {{- else }} + args: + {{- if .Values.envflagEnable }} + - vmauth + - --envflag.enable + - --envflag.prefix={{ .Values.envflagPrefix }} + {{- end }} + - --loggerFormat={{ .Values.loggerFormat }} + - --httpListenAddr=:{{ .Values.vmauth.containerPorts.http }} + - --auth.config=/config/auth.yml + {{- if .Values.vmauth.extraArgs }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmauth.extraArgs "context" $) | nindent 12 }} + {{- end }} + {{- end }} + env: + {{- if .Values.vmauth.extraEnvVars }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmauth.extraEnvVars "context" $) | nindent 12 }} + {{- end }} + envFrom: + {{- if .Values.vmauth.extraEnvVarsCM }} + - configMapRef: + name: {{ include "common.tplvalues.render" (dict "value" .Values.vmauth.extraEnvVarsCM "context" $) }} + {{- end }} + {{- if .Values.vmauth.extraEnvVarsSecret }} + - secretRef: + name: {{ include "common.tplvalues.render" (dict "value" .Values.vmauth.extraEnvVarsSecret "context" $) }} + {{- end }} + {{- if .Values.vmauth.resources }} + resources: {{- toYaml .Values.vmauth.resources | nindent 12 }} + {{- else if ne .Values.vmauth.resourcesPreset "none" }} + resources: {{- include "common.resources.preset" (dict "type" .Values.vmauth.resourcesPreset) | nindent 12 }} + {{- end }} + ports: + - name: http + containerPort: {{ .Values.vmauth.containerPorts.http }} + {{- if .Values.vmauth.customLivenessProbe }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.vmauth.customLivenessProbe "context" $) | nindent 12 }} + {{- else if .Values.vmauth.livenessProbe.enabled }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.vmauth.livenessProbe "enabled") "context" $) | nindent 12 }} + tcpSocket: + port: http + {{- end }} + {{- if .Values.vmauth.customReadinessProbe }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.vmauth.customReadinessProbe "context" $) | nindent 12 }} + {{- else if .Values.vmauth.readinessProbe.enabled }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.vmauth.readinessProbe "enabled") "context" $) | nindent 12 }} + httpGet: + path: /health + port: http + {{- end }} + {{- if .Values.vmauth.customStartupProbe }} + startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.vmauth.customStartupProbe "context" $) | nindent 12 }} + {{- else if .Values.vmauth.startupProbe.enabled }} + startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.vmauth.startupProbe "enabled") "context" $) | nindent 12 }} + httpGet: + path: /health + port: http + {{- end }} + {{- if .Values.vmauth.lifecycleHooks }} + lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.vmauth.lifecycleHooks "context" $) | nindent 12 }} + {{- end }} + volumeMounts: + - name: configuration + mountPath: /config + {{- if .Values.vmauth.extraVolumeMounts }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmauth.extraVolumeMounts "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.vmauth.sidecars }} + {{- include "common.tplvalues.render" ( dict "value" .Values.vmauth.sidecars "context" $) | nindent 8 }} + {{- end }} + volumes: + - name: configuration + secret: + secretName: {{ include "victoriametrics.vmauth.secretName" . }} + {{- if .Values.vmauth.extraVolumes }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmauth.extraVolumes "context" $) | nindent 8 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmauth/hpa.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmauth/hpa.yaml new file mode 100644 index 00000000..552326cf --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmauth/hpa.yaml @@ -0,0 +1,42 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.vmauth.enabled (eq .Values.vmauth.kind "deployment") .Values.vmauth.autoscaling.hpa.enabled }} +apiVersion: {{ include "common.capabilities.hpa.apiVersion" (dict "context" $) }} +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "victoriametrics.vmauth.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmauth + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + scaleTargetRef: + apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} + kind: Deployment + name: {{ include "victoriametrics.vmauth.fullname" . }} + minReplicas: {{ .Values.vmauth.autoscaling.hpa.minReplicas }} + maxReplicas: {{ .Values.vmauth.autoscaling.hpa.maxReplicas }} + metrics: + {{- if .Values.vmauth.autoscaling.hpa.targetMemory }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.vmauth.autoscaling.hpa.targetMemory }} + {{- end }} + {{- if .Values.vmauth.autoscaling.hpa.targetCPU }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.vmauth.autoscaling.hpa.targetCPU }} + {{- end }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmauth/ingress-tls-secret.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmauth/ingress-tls-secret.yaml new file mode 100644 index 00000000..fd5705c2 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmauth/ingress-tls-secret.yaml @@ -0,0 +1,48 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.vmauth.ingress.enabled }} +{{- if .Values.vmauth.ingress.secrets }} +{{- range .Values.vmauth.ingress.secrets }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ .name }} + namespace: {{ include "common.names.namespace" $ | quote }} + labels: {{- include "common.labels.standard" (dict "customLabels" $.Values.commonLabels "context" $) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmauth + {{- if $.Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $.Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: kubernetes.io/tls +data: + tls.crt: {{ .certificate | b64enc }} + tls.key: {{ .key | b64enc }} +--- +{{- end }} +{{- end }} +{{- if and .Values.vmauth.ingress.tls .Values.vmauth.ingress.selfSigned }} +{{- $secretName := printf "%s-tls" .Values.vmauth.ingress.hostname }} +{{- $ca := genCA "vmauth-ca" 365 }} +{{- $cert := genSignedCert .Values.vmauth.ingress.hostname nil (list .Values.vmauth.ingress.hostname) 365 $ca }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ $secretName }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmauth + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: kubernetes.io/tls +data: + tls.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.crt" "defaultValue" $cert.Cert "context" $) }} + tls.key: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.key" "defaultValue" $cert.Key "context" $) }} + ca.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "ca.crt" "defaultValue" $ca.Cert "context" $) }} +{{- end }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmauth/ingress.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmauth/ingress.yaml new file mode 100644 index 00000000..01c01f0f --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmauth/ingress.yaml @@ -0,0 +1,57 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.vmauth.enabled .Values.vmauth.ingress.enabled }} +apiVersion: {{ include "common.capabilities.ingress.apiVersion" . }} +kind: Ingress +metadata: + name: {{ template "victoriametrics.vmauth.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmauth + {{- if or .Values.vmauth.ingress.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.vmauth.ingress.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +spec: + {{- if .Values.vmauth.ingress.ingressClassName }} + ingressClassName: {{ .Values.vmauth.ingress.ingressClassName | quote }} + {{- end }} + rules: + {{- if .Values.vmauth.ingress.hostname }} + - host: {{ .Values.vmauth.ingress.hostname }} + http: + paths: + {{- if .Values.vmauth.ingress.extraPaths }} + {{- toYaml .Values.vmauth.ingress.extraPaths | nindent 10 }} + {{- end }} + - path: {{ .Values.vmauth.ingress.path }} + pathType: {{ .Values.vmauth.ingress.pathType }} + backend: {{- include "common.ingress.backend" (dict "serviceName" (include "victoriametrics.vmauth.fullname" . | trunc 63 | trimSuffix "-") "servicePort" "http" "context" $) | nindent 14 }} + {{- end }} + {{- range .Values.vmauth.ingress.extraHosts }} + - host: {{ .name | quote }} + http: + paths: + - path: {{ default "/" .path }} + pathType: {{ default "ImplementationSpecific" .pathType }} + backend: {{- include "common.ingress.backend" (dict "serviceName" (include "victoriametrics.vmauth.fullname" $ | trunc 63 | trimSuffix "-") "servicePort" "http" "context" $) | nindent 14 }} + {{- end }} + {{- if .Values.vmauth.ingress.extraRules }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmauth.ingress.extraRules "context" $) | nindent 4 }} + {{- end }} + {{- if or (and .Values.vmauth.ingress.tls (or (include "common.ingress.certManagerRequest" ( dict "annotations" .Values.vmauth.ingress.annotations )) .Values.vmauth.ingress.selfSigned)) .Values.vmauth.ingress.extraTls }} + tls: + {{- if and .Values.vmauth.ingress.tls (or (include "common.ingress.certManagerRequest" ( dict "annotations" .Values.vmauth.ingress.annotations )) .Values.vmauth.ingress.selfSigned) }} + - hosts: + - {{ .Values.vmauth.ingress.hostname | quote }} + secretName: {{ printf "%s-tls" .Values.vmauth.ingress.hostname }} + {{- end }} + {{- if .Values.vmauth.ingress.extraTls }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmauth.ingress.extraTls "context" $) | nindent 4 }} + {{- end }} + {{- end }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmauth/networkpolicy.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmauth/networkpolicy.yaml new file mode 100644 index 00000000..6b016dd7 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmauth/networkpolicy.yaml @@ -0,0 +1,100 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.vmauth.enabled .Values.vmauth.networkPolicy.enabled }} +kind: NetworkPolicy +apiVersion: {{ include "common.capabilities.networkPolicy.apiVersion" . }} +metadata: + name: {{ template "victoriametrics.vmauth.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmauth + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + policyTypes: + - Ingress + - Egress + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.vmauth.podLabels .Values.commonLabels ) "context" . ) }} + podSelector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmauth + {{- if .Values.vmauth.networkPolicy.allowExternalEgress }} + egress: + - {} + {{- else }} + egress: + # Allow dns resolution + - ports: + - port: 53 + protocol: UDP + - port: 53 + protocol: TCP + # Allow outbound connections to victoriametrics insert controller + - ports: + - port: {{ .Values.vminsert.containerPorts.http }} + to: + - podSelector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 14 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vminsert + # Allow outbound connections to victoriametrics select controller + - ports: + - port: {{ .Values.vmselect.containerPorts.http }} + to: + - podSelector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 14 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmselect + {{- if .Values.vmauth.networkPolicy.extraEgress }} + {{- include "common.tplvalues.render" ( dict "value" .Values.vmauth.networkPolicy.extraEgress "context" $ ) | nindent 4 }} + {{- end }} + {{- end }} + {{- if eq .Values.vmauth.service.type "ClusterIP" }} + ingress: + # Allow inbound connections + - ports: + - port: {{ .Values.vmauth.containerPorts.http }} + {{- if not .Values.vmauth.networkPolicy.allowExternal }} + from: + {{- range $namespace := .Values.vmauth.networkPolicy.allowNamespaces }} + {{- if $namespace }} + - namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: {{ $namespace }} + {{- end }} + {{- end }} + - namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: {{ .Release.Namespace }} + podSelector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 14 }} + {{- if .Values.vmauth.networkPolicy.ingressNSMatchLabels }} + - namespaceSelector: + matchLabels: + {{- range $key, $value := .Values.vmauth.networkPolicy.ingressNSMatchLabels }} + {{ $key | quote }}: {{ $value | quote }} + {{- end }} + {{- if .Values.vmauth.networkPolicy.ingressNSPodMatchLabels }} + podSelector: + matchLabels: + {{- range $key, $value := .Values.vmauth.networkPolicy.ingressNSPodMatchLabels }} + {{ $key | quote }}: {{ $value | quote }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} + {{- if .Values.vmauth.networkPolicy.extraIngress }} + {{- include "common.tplvalues.render" ( dict "value" .Values.vmauth.networkPolicy.extraIngress "context" $ ) | nindent 4 }} + {{- end }} + {{- end }} + {{- if eq .Values.vmauth.service.type "LoadBalancer" }} + ingress: + - {} + {{- end}} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmauth/pdb.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmauth/pdb.yaml new file mode 100644 index 00000000..82882e27 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmauth/pdb.yaml @@ -0,0 +1,29 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.vmauth.enabled (eq .Values.vmauth.kind "deployment") .Values.vmauth.pdb.create }} +apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} +kind: PodDisruptionBudget +metadata: + name: {{ template "victoriametrics.vmauth.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmauth + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + {{- if .Values.vmauth.pdb.minAvailable }} + minAvailable: {{ .Values.vmauth.pdb.minAvailable }} + {{- end }} + {{- if or .Values.vmauth.pdb.maxUnavailable ( not .Values.vmauth.pdb.minAvailable ) }} + maxUnavailable: {{ .Values.vmauth.pdb.maxUnavailable | default 1 }} + {{- end }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.vmauth.podLabels .Values.commonLabels ) "context" . ) }} + selector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} + app.kubernetes.io/component: vmauth +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmauth/secret.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmauth/secret.yaml new file mode 100644 index 00000000..a0da2f30 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmauth/secret.yaml @@ -0,0 +1,42 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{/* Adding the helper in configmap.yaml for better readability */}} +{{- define "victoriametrics.vmauth.defaultConfig" -}} +users: +- username: {{ .Values.vmauth.user.username | quote }} + password: {{ .Values.vmauth.user.password | quote }} + url_map: + - discover_backend_ips: true + src_paths: + - /select/.* + url_prefix: http://{{ include "victoriametrics.vmselect.fullname" . }}:{{ .Values.vmselect.service.ports.http }} + - discover_backend_ips: true + src_paths: + - /insert/.* + url_prefix: http://{{ include "victoriametrics.vminsert.fullname" . }}:{{ .Values.vminsert.service.ports.http }} +{{- end }} + +{{- if and .Values.vmauth.enabled (not .Values.vmauth.existingSecret) }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "victoriametrics.vmauth.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmauth + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +stringData: + {{- /* Convert the default configuration and extra overrides */ -}} + {{- $defaultConfiguration := include "victoriametrics.vmauth.defaultConfig" . | fromYaml -}} + {{- $overrideConfiguration := include "common.tplvalues.render" (dict "value" .Values.vmauth.configOverrides "context" $) | fromYaml -}} + + {{- /* Merge both maps and render the configuration */}} + auth.yml: | + {{- mergeOverwrite $defaultConfiguration $overrideConfiguration | toYaml | nindent 4 }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmauth/service-account.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmauth/service-account.yaml new file mode 100644 index 00000000..451acd98 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmauth/service-account.yaml @@ -0,0 +1,20 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.vmauth.enabled .Values.vmauth.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "victoriametrics.vmauth.serviceAccountName" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmauth + {{- if or .Values.vmauth.serviceAccount.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.vmauth.serviceAccount.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.vmauth.serviceAccount.automountServiceAccountToken }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmauth/service.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmauth/service.yaml new file mode 100644 index 00000000..b10555b5 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmauth/service.yaml @@ -0,0 +1,59 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.vmauth.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "victoriametrics.vmauth.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmauth + {{- if or .Values.vmauth.service.annotations .Values.commonAnnotations .Values.vmauth.metrics.enabled .Values.vmauth.metrics.annotations }} + {{- $annotations := include "common.tplvalues.merge" (dict "values" (list .Values.vmauth.service.annotations .Values.commonAnnotations .Values.vmauth.metrics.annotations) "context" .) }} + {{- if .Values.vmauth.metrics.enabled }} + {{- $defaultMetricsAnnotations := dict "prometheus.io/scrape" "true" "prometheus.io/port" .Values.vmauth.service.ports.http "prometheus.io/path" "/metrics" }} + {{- $annotations = include "common.tplvalues.merge" (dict "values" (list $annotations $defaultMetricsAnnotations) "context" .) }} + {{- end }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + type: {{ .Values.vmauth.service.type }} + {{- if and .Values.vmauth.service.clusterIP (eq .Values.vmauth.service.type "ClusterIP") }} + clusterIP: {{ .Values.vmauth.service.clusterIP }} + {{- end }} + {{- if .Values.vmauth.service.sessionAffinity }} + sessionAffinity: {{ .Values.vmauth.service.sessionAffinity }} + {{- end }} + {{- if .Values.vmauth.service.sessionAffinityConfig }} + sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.vmauth.service.sessionAffinityConfig "context" $) | nindent 4 }} + {{- end }} + {{- if or (eq .Values.vmauth.service.type "LoadBalancer") (eq .Values.vmauth.service.type "NodePort") }} + externalTrafficPolicy: {{ .Values.vmauth.service.externalTrafficPolicy | quote }} + {{- end }} + {{- if and (eq .Values.vmauth.service.type "LoadBalancer") (not (empty .Values.vmauth.service.loadBalancerSourceRanges)) }} + loadBalancerSourceRanges: {{ .Values.vmauth.service.loadBalancerSourceRanges }} + {{- end }} + {{- if and (eq .Values.vmauth.service.type "LoadBalancer") (not (empty .Values.vmauth.service.loadBalancerIP)) }} + loadBalancerIP: {{ .Values.vmauth.service.loadBalancerIP }} + {{- end }} + ports: + - name: http + port: {{ .Values.vmauth.service.ports.http }} + protocol: TCP + {{- if and (or (eq .Values.vmauth.service.type "NodePort") (eq .Values.vmauth.service.type "LoadBalancer")) (not (empty .Values.vmauth.service.nodePorts.http)) }} + nodePort: {{ .Values.vmauth.service.nodePorts.http }} + {{- else if eq .Values.vmauth.service.type "ClusterIP" }} + nodePort: null + {{- end }} + targetPort: http + {{- if .Values.vmauth.service.extraPorts }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmauth.service.extraPorts "context" $) | nindent 4 }} + {{- end }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.vmauth.podLabels .Values.commonLabels ) "context" . ) }} + selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: vmauth +{{- end }} \ No newline at end of file diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmauth/servicemonitor.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmauth/servicemonitor.yaml new file mode 100644 index 00000000..e6bdebbc --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmauth/servicemonitor.yaml @@ -0,0 +1,48 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.vmauth.enabled .Values.vmauth.metrics.enabled .Values.vmauth.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "victoriametrics.vmauth.fullname" . }} + namespace: {{ default (include "common.names.namespace" .) .Values.vmauth.metrics.serviceMonitor.namespace | quote }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmauth + {{- if or .Values.vmauth.metrics.serviceMonitor.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.vmauth.metrics.serviceMonitor.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +spec: + jobLabel: {{ .Values.vmauth.metrics.serviceMonitor.jobLabel | quote }} + selector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 6 }} + app.kubernetes.io/component: vmauth + {{- if .Values.vmauth.metrics.serviceMonitor.selector }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmauth.metrics.serviceMonitor.selector "context" $) | nindent 6 }} + {{- end }} + endpoints: + - port: http-metrics + path: "/metrics" + {{- if .Values.vmauth.metrics.serviceMonitor.interval }} + interval: {{ .Values.vmauth.metrics.serviceMonitor.interval }} + {{- end }} + {{- if .Values.vmauth.metrics.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ .Values.vmauth.metrics.serviceMonitor.scrapeTimeout }} + {{- end }} + {{- if .Values.vmauth.metrics.serviceMonitor.honorLabels }} + honorLabels: {{ .Values.vmauth.metrics.serviceMonitor.honorLabels }} + {{- end }} + {{- if .Values.vmauth.metrics.serviceMonitor.metricRelabelings }} + metricRelabelings: {{- include "common.tplvalues.render" ( dict "value" .Values.vmauth.metrics.serviceMonitor.metricRelabelings "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.vmauth.metrics.serviceMonitor.relabelings }} + relabelings: {{- include "common.tplvalues.render" ( dict "value" .Values.vmauth.metrics.serviceMonitor.relabelings "context" $) | nindent 8 }} + {{- end }} + namespaceSelector: + matchNames: + - {{ include "common.names.namespace" . | quote }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmauth/vpa.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmauth/vpa.yaml new file mode 100644 index 00000000..558adcac --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmauth/vpa.yaml @@ -0,0 +1,50 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.vmauth.enabled (include "common.capabilities.apiVersions.has" ( dict "version" "autoscaling.k8s.io/v1/VerticalPodAutoscaler" "context" . )) .Values.vmauth.autoscaling.vpa.enabled }} +apiVersion: {{ include "common.capabilities.vpa.apiVersion" (dict "context" $) }} +kind: VerticalPodAutoscaler +metadata: + name: {{ include "victoriametrics.vmauth.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmauth + {{- if or .Values.vmauth.autoscaling.vpa.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.vmauth.autoscaling.vpa.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +spec: + resourcePolicy: + containerPolicies: + - containerName: vmauth + {{- with .Values.vmauth.autoscaling.vpa.controlledResources }} + controlledResources: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.vmauth.autoscaling.vpa.maxAllowed }} + maxAllowed: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.vmauth.autoscaling.vpa.minAllowed }} + minAllowed: + {{- toYaml . | nindent 8 }} + {{- end }} + targetRef: + {{- if eq .Values.vmauth.kind "daemonset" }} + apiVersion: {{ include "common.capabilities.daemonset.apiVersion" . }} + kind: DaemonSet + {{- else }} + apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} + kind: Deployment + {{- end }} + name: {{ include "victoriametrics.vmauth.fullname" . }} + {{- if .Values.vmauth.autoscaling.vpa.updatePolicy }} + updatePolicy: + {{- with .Values.vmauth.autoscaling.vpa.updatePolicy.updateMode }} + updateMode: {{ . }} + {{- end }} + {{- end }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vminsert/deployment.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vminsert/deployment.yaml new file mode 100644 index 00000000..23a0697b --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vminsert/deployment.yaml @@ -0,0 +1,160 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} +kind: Deployment +metadata: + name: {{ template "victoriametrics.vminsert.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vminsert + {{- if or .Values.vminsert.deploymentAnnotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" (dict "values" (list .Values.vminsert.deploymentAnnotations .Values.commonAnnotations) "context" .) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + {{- if not .Values.vminsert.autoscaling.hpa.enabled }} + replicas: {{ .Values.vminsert.replicaCount }} + {{- end }} + {{- if .Values.vminsert.updateStrategy }} + strategy: {{- toYaml .Values.vminsert.updateStrategy | nindent 4 }} + {{- end }} + {{- $podLabels := include "common.tplvalues.merge" (dict "values" (list .Values.vminsert.podLabels .Values.commonLabels) "context" .) }} + selector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} + app.kubernetes.io/component: vminsert + template: + metadata: + {{- if .Values.vminsert.podAnnotations }} + annotations: {{- include "common.tplvalues.render" (dict "value" .Values.vminsert.podAnnotations "context" $) | nindent 8 }} + {{- end }} + labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vminsert + spec: + serviceAccountName: {{ template "victoriametrics.vminsert.serviceAccountName" . }} + {{- include "victoriametrics.imagePullSecrets" . | nindent 6 }} + automountServiceAccountToken: {{ .Values.vminsert.automountServiceAccountToken }} + {{- if .Values.vminsert.hostAliases }} + hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.vminsert.hostAliases "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.vminsert.affinity }} + affinity: {{- include "common.tplvalues.render" ( dict "value" .Values.vminsert.affinity "context" $) | nindent 8 }} + {{- else }} + affinity: + podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.vminsert.podAffinityPreset "component" "vminsert" "customLabels" $podLabels "context" $) | nindent 10 }} + podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.vminsert.podAntiAffinityPreset "component" "vminsert" "customLabels" $podLabels "context" $) | nindent 10 }} + nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.vminsert.nodeAffinityPreset.type "key" .Values.vminsert.nodeAffinityPreset.key "values" .Values.vminsert.nodeAffinityPreset.values) | nindent 10 }} + {{- end }} + {{- if .Values.vminsert.nodeSelector }} + nodeSelector: {{- include "common.tplvalues.render" ( dict "value" .Values.vminsert.nodeSelector "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.vminsert.tolerations }} + tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.vminsert.tolerations "context" .) | nindent 8 }} + {{- end }} + {{- if .Values.vminsert.priorityClassName }} + priorityClassName: {{ .Values.vminsert.priorityClassName | quote }} + {{- end }} + {{- if .Values.vminsert.schedulerName }} + schedulerName: {{ .Values.vminsert.schedulerName | quote }} + {{- end }} + {{- if .Values.vminsert.topologySpreadConstraints }} + topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.vminsert.topologySpreadConstraints "context" .) | nindent 8 }} + {{- end }} + {{- if .Values.vminsert.podSecurityContext.enabled }} + securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.vminsert.podSecurityContext "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.vminsert.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.vminsert.terminationGracePeriodSeconds }} + {{- end }} + {{- if .Values.vminsert.initContainers }} + initContainers: {{- include "common.tplvalues.render" (dict "value" .Values.vminsert.initContainers "context" $) | nindent 8 }} + {{- end }} + containers: + - name: vminsert + image: {{ template "victoriametrics.vminsert.image" . }} + imagePullPolicy: {{ .Values.vminsert.image.pullPolicy }} + {{- if .Values.vminsert.containerSecurityContext.enabled }} + securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.vminsert.containerSecurityContext "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.vminsert.command }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.vminsert.command "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.vminsert.args }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.vminsert.args "context" $) | nindent 12 }} + {{- else }} + args: + - vminsert + - --replicationFactor=2 + {{- if .Values.envflagEnable }} + - --envflag.enable + - --envflag.prefix={{ .Values.envflagPrefix }} + {{- end }} + - --loggerFormat={{ .Values.loggerFormat }} + - --httpListenAddr=:{{ .Values.vminsert.containerPorts.http }} + {{- range $e, $i := until (int .Values.vmstorage.replicaCount) }} + - --storageNode={{ include "victoriametrics.vmstorage.fullname" $ }}-{{ int $i }}.{{ printf "%s-headless" (include "victoriametrics.vmstorage.fullname" $) | trunc 63 | trimSuffix "-" }}:{{ $.Values.vmstorage.containerPorts.vminsert }} + {{- end }} + {{- if .Values.vminsert.extraArgs }} + {{- include "common.tplvalues.render" (dict "value" .Values.vminsert.extraArgs "context" $) | nindent 12 }} + {{- end }} + {{- end }} + env: + {{- if .Values.vminsert.extraEnvVars }} + {{- include "common.tplvalues.render" (dict "value" .Values.vminsert.extraEnvVars "context" $) | nindent 12 }} + {{- end }} + envFrom: + {{- if .Values.vminsert.extraEnvVarsCM }} + - configMapRef: + name: {{ include "common.tplvalues.render" (dict "value" .Values.vminsert.extraEnvVarsCM "context" $) }} + {{- end }} + {{- if .Values.vminsert.extraEnvVarsSecret }} + - secretRef: + name: {{ include "common.tplvalues.render" (dict "value" .Values.vminsert.extraEnvVarsSecret "context" $) }} + {{- end }} + {{- if .Values.vminsert.resources }} + resources: {{- toYaml .Values.vminsert.resources | nindent 12 }} + {{- else if ne .Values.vminsert.resourcesPreset "none" }} + resources: {{- include "common.resources.preset" (dict "type" .Values.vminsert.resourcesPreset) | nindent 12 }} + {{- end }} + ports: + - name: http + containerPort: {{ .Values.vminsert.containerPorts.http }} + {{- if .Values.vminsert.customLivenessProbe }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.vminsert.customLivenessProbe "context" $) | nindent 12 }} + {{- else if .Values.vminsert.livenessProbe.enabled }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.vminsert.livenessProbe "enabled") "context" $) | nindent 12 }} + tcpSocket: + port: http + {{- end }} + {{- if .Values.vminsert.customReadinessProbe }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.vminsert.customReadinessProbe "context" $) | nindent 12 }} + {{- else if .Values.vminsert.readinessProbe.enabled }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.vminsert.readinessProbe "enabled") "context" $) | nindent 12 }} + httpGet: + path: /health + port: http + {{- end }} + {{- if .Values.vminsert.customStartupProbe }} + startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.vminsert.customStartupProbe "context" $) | nindent 12 }} + {{- else if .Values.vminsert.startupProbe.enabled }} + startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.vminsert.startupProbe "enabled") "context" $) | nindent 12 }} + httpGet: + path: /health + port: http + {{- end }} + {{- if .Values.vminsert.lifecycleHooks }} + lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.vminsert.lifecycleHooks "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.vminsert.extraVolumeMounts }} + volumeMounts: {{- include "common.tplvalues.render" (dict "value" .Values.vminsert.extraVolumeMounts "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.vminsert.sidecars }} + {{- include "common.tplvalues.render" ( dict "value" .Values.vminsert.sidecars "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.vminsert.extraVolumes }} + volumes: {{- include "common.tplvalues.render" (dict "value" .Values.vminsert.extraVolumes "context" $) | nindent 8 }} + {{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vminsert/hpa.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vminsert/hpa.yaml new file mode 100644 index 00000000..54611f67 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vminsert/hpa.yaml @@ -0,0 +1,42 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.vminsert.autoscaling.hpa.enabled }} +apiVersion: {{ include "common.capabilities.hpa.apiVersion" (dict "context" $) }} +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "victoriametrics.vminsert.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vminsert + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + scaleTargetRef: + apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} + kind: Deployment + name: {{ include "victoriametrics.vminsert.fullname" . }} + minReplicas: {{ .Values.vminsert.autoscaling.hpa.minReplicas }} + maxReplicas: {{ .Values.vminsert.autoscaling.hpa.maxReplicas }} + metrics: + {{- if .Values.vminsert.autoscaling.hpa.targetMemory }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.vminsert.autoscaling.hpa.targetMemory }} + {{- end }} + {{- if .Values.vminsert.autoscaling.hpa.targetCPU }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.vminsert.autoscaling.hpa.targetCPU }} + {{- end }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vminsert/ingress-tls-secret.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vminsert/ingress-tls-secret.yaml new file mode 100644 index 00000000..261aafe4 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vminsert/ingress-tls-secret.yaml @@ -0,0 +1,48 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.vminsert.ingress.enabled }} +{{- if .Values.vminsert.ingress.secrets }} +{{- range .Values.vminsert.ingress.secrets }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ .name }} + namespace: {{ include "common.names.namespace" $ | quote }} + labels: {{- include "common.labels.standard" (dict "customLabels" $.Values.commonLabels "context" $) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vminsert + {{- if $.Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $.Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: kubernetes.io/tls +data: + tls.crt: {{ .certificate | b64enc }} + tls.key: {{ .key | b64enc }} +--- +{{- end }} +{{- end }} +{{- if and .Values.vminsert.ingress.tls .Values.vminsert.ingress.selfSigned }} +{{- $secretName := printf "%s-tls" .Values.vminsert.ingress.hostname }} +{{- $ca := genCA "vminsert-ca" 365 }} +{{- $cert := genSignedCert .Values.vminsert.ingress.hostname nil (list .Values.vminsert.ingress.hostname) 365 $ca }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ $secretName }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vminsert + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: kubernetes.io/tls +data: + tls.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.crt" "defaultValue" $cert.Cert "context" $) }} + tls.key: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.key" "defaultValue" $cert.Key "context" $) }} + ca.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "ca.crt" "defaultValue" $ca.Cert "context" $) }} +{{- end }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vminsert/ingress.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vminsert/ingress.yaml new file mode 100644 index 00000000..32cecc8f --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vminsert/ingress.yaml @@ -0,0 +1,57 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.vminsert.ingress.enabled }} +apiVersion: {{ include "common.capabilities.ingress.apiVersion" . }} +kind: Ingress +metadata: + name: {{ template "victoriametrics.vminsert.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vminsert + {{- if or .Values.vminsert.ingress.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.vminsert.ingress.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +spec: + {{- if .Values.vminsert.ingress.ingressClassName }} + ingressClassName: {{ .Values.vminsert.ingress.ingressClassName | quote }} + {{- end }} + rules: + {{- if .Values.vminsert.ingress.hostname }} + - host: {{ .Values.vminsert.ingress.hostname }} + http: + paths: + {{- if .Values.vminsert.ingress.extraPaths }} + {{- toYaml .Values.vminsert.ingress.extraPaths | nindent 10 }} + {{- end }} + - path: {{ .Values.vminsert.ingress.path }} + pathType: {{ .Values.vminsert.ingress.pathType }} + backend: {{- include "common.ingress.backend" (dict "serviceName" (include "victoriametrics.vminsert.fullname" . | trunc 63 | trimSuffix "-") "servicePort" "http" "context" $) | nindent 14 }} + {{- end }} + {{- range .Values.vminsert.ingress.extraHosts }} + - host: {{ .name | quote }} + http: + paths: + - path: {{ default "/" .path }} + pathType: {{ default "ImplementationSpecific" .pathType }} + backend: {{- include "common.ingress.backend" (dict "serviceName" (include "victoriametrics.vminsert.fullname" $ | trunc 63 | trimSuffix "-") "servicePort" "http" "context" $) | nindent 14 }} + {{- end }} + {{- if .Values.vminsert.ingress.extraRules }} + {{- include "common.tplvalues.render" (dict "value" .Values.vminsert.ingress.extraRules "context" $) | nindent 4 }} + {{- end }} + {{- if or (and .Values.vminsert.ingress.tls (or (include "common.ingress.certManagerRequest" ( dict "annotations" .Values.vminsert.ingress.annotations )) .Values.vminsert.ingress.selfSigned)) .Values.vminsert.ingress.extraTls }} + tls: + {{- if and .Values.vminsert.ingress.tls (or (include "common.ingress.certManagerRequest" ( dict "annotations" .Values.vminsert.ingress.annotations )) .Values.vminsert.ingress.selfSigned) }} + - hosts: + - {{ .Values.vminsert.ingress.hostname | quote }} + secretName: {{ printf "%s-tls" .Values.vminsert.ingress.hostname }} + {{- end }} + {{- if .Values.vminsert.ingress.extraTls }} + {{- include "common.tplvalues.render" (dict "value" .Values.vminsert.ingress.extraTls "context" $) | nindent 4 }} + {{- end }} + {{- end }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vminsert/networkpolicy.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vminsert/networkpolicy.yaml new file mode 100644 index 00000000..11c01b23 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vminsert/networkpolicy.yaml @@ -0,0 +1,79 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.vminsert.networkPolicy.enabled }} +kind: NetworkPolicy +apiVersion: {{ include "common.capabilities.networkPolicy.apiVersion" . }} +metadata: + name: {{ template "victoriametrics.vminsert.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vminsert + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + policyTypes: + - Ingress + - Egress + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.vminsert.podLabels .Values.commonLabels ) "context" . ) }} + podSelector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vminsert + {{- if .Values.vminsert.networkPolicy.allowExternalEgress }} + egress: + - {} + {{- else }} + egress: + # Allow dns resolution + - ports: + - port: 53 + protocol: UDP + - port: 53 + protocol: TCP + # Allow outbound connections to victoriametrics storage controller + - ports: + - port: {{ .Values.vmstorage.containerPorts.http }} + to: + - podSelector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 14 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmstorage + {{- if .Values.vminsert.networkPolicy.extraEgress }} + {{- include "common.tplvalues.render" ( dict "value" .Values.vminsert.networkPolicy.extraEgress "context" $ ) | nindent 4 }} + {{- end }} + {{- end }} + ingress: + # Allow inbound connections + - ports: + - port: {{ .Values.vminsert.containerPorts.http }} + {{- if not .Values.vminsert.networkPolicy.allowExternal }} + from: + - namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: {{ .Release.Namespace }} + podSelector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 14 }} + {{- if .Values.vminsert.networkPolicy.ingressNSMatchLabels }} + - namespaceSelector: + matchLabels: + {{- range $key, $value := .Values.vminsert.networkPolicy.ingressNSMatchLabels }} + {{ $key | quote }}: {{ $value | quote }} + {{- end }} + {{- if .Values.vminsert.networkPolicy.ingressNSPodMatchLabels }} + podSelector: + matchLabels: + {{- range $key, $value := .Values.vminsert.networkPolicy.ingressNSPodMatchLabels }} + {{ $key | quote }}: {{ $value | quote }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} + {{- if .Values.vminsert.networkPolicy.extraIngress }} + {{- include "common.tplvalues.render" ( dict "value" .Values.vminsert.networkPolicy.extraIngress "context" $ ) | nindent 4 }} + {{- end }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vminsert/pdb.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vminsert/pdb.yaml new file mode 100644 index 00000000..27b94864 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vminsert/pdb.yaml @@ -0,0 +1,29 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.vminsert.pdb.create }} +apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} +kind: PodDisruptionBudget +metadata: + name: {{ template "victoriametrics.vminsert.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vminsert + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + {{- if .Values.vminsert.pdb.minAvailable }} + minAvailable: {{ .Values.vminsert.pdb.minAvailable }} + {{- end }} + {{- if or .Values.vminsert.pdb.maxUnavailable ( not .Values.vminsert.pdb.minAvailable ) }} + maxUnavailable: {{ .Values.vminsert.pdb.maxUnavailable | default 1 }} + {{- end }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.vminsert.podLabels .Values.commonLabels ) "context" . ) }} + selector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} + app.kubernetes.io/component: vminsert +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vminsert/service-account.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vminsert/service-account.yaml new file mode 100644 index 00000000..ce874398 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vminsert/service-account.yaml @@ -0,0 +1,20 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.vminsert.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "victoriametrics.vminsert.serviceAccountName" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vminsert + {{- if or .Values.vminsert.serviceAccount.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.vminsert.serviceAccount.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.vminsert.serviceAccount.automountServiceAccountToken }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vminsert/service.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vminsert/service.yaml new file mode 100644 index 00000000..22412e0d --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vminsert/service.yaml @@ -0,0 +1,57 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "victoriametrics.vminsert.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vminsert + {{- if or .Values.vminsert.service.annotations .Values.commonAnnotations .Values.vminsert.metrics.enabled .Values.vminsert.metrics.annotations }} + {{- $annotations := include "common.tplvalues.merge" (dict "values" (list .Values.vminsert.service.annotations .Values.commonAnnotations .Values.vminsert.metrics.annotations) "context" .) }} + {{- if .Values.vminsert.metrics.enabled }} + {{- $defaultMetricsAnnotations := dict "prometheus.io/scrape" "true" "prometheus.io/port" .Values.vminsert.service.ports.http "prometheus.io/path" "/metrics" }} + {{- $annotations = include "common.tplvalues.merge" (dict "values" (list $annotations $defaultMetricsAnnotations) "context" .) }} + {{- end }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + type: {{ .Values.vminsert.service.type }} + {{- if and .Values.vminsert.service.clusterIP (eq .Values.vminsert.service.type "ClusterIP") }} + clusterIP: {{ .Values.vminsert.service.clusterIP }} + {{- end }} + {{- if .Values.vminsert.service.sessionAffinity }} + sessionAffinity: {{ .Values.vminsert.service.sessionAffinity }} + {{- end }} + {{- if .Values.vminsert.service.sessionAffinityConfig }} + sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.vminsert.service.sessionAffinityConfig "context" $) | nindent 4 }} + {{- end }} + {{- if or (eq .Values.vminsert.service.type "LoadBalancer") (eq .Values.vminsert.service.type "NodePort") }} + externalTrafficPolicy: {{ .Values.vminsert.service.externalTrafficPolicy | quote }} + {{- end }} + {{- if and (eq .Values.vminsert.service.type "LoadBalancer") (not (empty .Values.vminsert.service.loadBalancerSourceRanges)) }} + loadBalancerSourceRanges: {{ .Values.vminsert.service.loadBalancerSourceRanges }} + {{- end }} + {{- if and (eq .Values.vminsert.service.type "LoadBalancer") (not (empty .Values.vminsert.service.loadBalancerIP)) }} + loadBalancerIP: {{ .Values.vminsert.service.loadBalancerIP }} + {{- end }} + ports: + - name: http + port: {{ .Values.vminsert.service.ports.http }} + protocol: TCP + {{- if and (or (eq .Values.vminsert.service.type "NodePort") (eq .Values.vminsert.service.type "LoadBalancer")) (not (empty .Values.vminsert.service.nodePorts.http)) }} + nodePort: {{ .Values.vminsert.service.nodePorts.http }} + {{- else if eq .Values.vminsert.service.type "ClusterIP" }} + nodePort: null + {{- end }} + targetPort: http + {{- if .Values.vminsert.service.extraPorts }} + {{- include "common.tplvalues.render" (dict "value" .Values.vminsert.service.extraPorts "context" $) | nindent 4 }} + {{- end }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.vminsert.podLabels .Values.commonLabels ) "context" . ) }} + selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: vminsert diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vminsert/servicemonitor.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vminsert/servicemonitor.yaml new file mode 100644 index 00000000..4284fa93 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vminsert/servicemonitor.yaml @@ -0,0 +1,48 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.vminsert.metrics.enabled .Values.vminsert.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "victoriametrics.vminsert.fullname" . }} + namespace: {{ default (include "common.names.namespace" .) .Values.vminsert.metrics.serviceMonitor.namespace | quote }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vminsert + {{- if or .Values.vminsert.metrics.serviceMonitor.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.vminsert.metrics.serviceMonitor.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +spec: + jobLabel: {{ .Values.vminsert.metrics.serviceMonitor.jobLabel | quote }} + selector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 6 }} + app.kubernetes.io/component: vminsert + {{- if .Values.vminsert.metrics.serviceMonitor.selector }} + {{- include "common.tplvalues.render" (dict "value" .Values.vminsert.metrics.serviceMonitor.selector "context" $) | nindent 6 }} + {{- end }} + endpoints: + - port: http-metrics + path: "/metrics" + {{- if .Values.vminsert.metrics.serviceMonitor.interval }} + interval: {{ .Values.vminsert.metrics.serviceMonitor.interval }} + {{- end }} + {{- if .Values.vminsert.metrics.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ .Values.vminsert.metrics.serviceMonitor.scrapeTimeout }} + {{- end }} + {{- if .Values.vminsert.metrics.serviceMonitor.honorLabels }} + honorLabels: {{ .Values.vminsert.metrics.serviceMonitor.honorLabels }} + {{- end }} + {{- if .Values.vminsert.metrics.serviceMonitor.metricRelabelings }} + metricRelabelings: {{- include "common.tplvalues.render" ( dict "value" .Values.vminsert.metrics.serviceMonitor.metricRelabelings "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.vminsert.metrics.serviceMonitor.relabelings }} + relabelings: {{- include "common.tplvalues.render" ( dict "value" .Values.vminsert.metrics.serviceMonitor.relabelings "context" $) | nindent 8 }} + {{- end }} + namespaceSelector: + matchNames: + - {{ include "common.names.namespace" . | quote }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vminsert/vpa.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vminsert/vpa.yaml new file mode 100644 index 00000000..d6e07f71 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vminsert/vpa.yaml @@ -0,0 +1,45 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and (include "common.capabilities.apiVersions.has" ( dict "version" "autoscaling.k8s.io/v1/VerticalPodAutoscaler" "context" . )) .Values.vminsert.autoscaling.vpa.enabled }} +apiVersion: {{ include "common.capabilities.vpa.apiVersion" (dict "context" $) }} +kind: VerticalPodAutoscaler +metadata: + name: {{ include "victoriametrics.vminsert.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vminsert + {{- if or .Values.vminsert.autoscaling.vpa.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.vminsert.autoscaling.vpa.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +spec: + resourcePolicy: + containerPolicies: + - containerName: vminsert + {{- with .Values.vminsert.autoscaling.vpa.controlledResources }} + controlledResources: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.vminsert.autoscaling.vpa.maxAllowed }} + maxAllowed: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.vminsert.autoscaling.vpa.minAllowed }} + minAllowed: + {{- toYaml . | nindent 8 }} + {{- end }} + targetRef: + apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} + kind: Deployment + name: {{ include "victoriametrics.vminsert.fullname" . }} + {{- if .Values.vminsert.autoscaling.vpa.updatePolicy }} + updatePolicy: + {{- with .Values.vminsert.autoscaling.vpa.updatePolicy.updateMode }} + updateMode: {{ . }} + {{- end }} + {{- end }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmselect/dep-sts.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmselect/dep-sts.yaml new file mode 100644 index 00000000..896a6ad3 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmselect/dep-sts.yaml @@ -0,0 +1,178 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} +{{- $kind := lower .Values.vmselect.kind }} +{{- if eq $kind "statefulset" }} +apiVersion: {{ include "common.capabilities.statefulset.apiVersion" . }} +kind: StatefulSet +{{- else }} +apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} +kind: Deployment +{{- end }} +metadata: + name: {{ template "victoriametrics.vmselect.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmselect + {{- if or .Values.vmselect.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" (dict "values" (list .Values.vmselect.annotations .Values.commonAnnotations) "context" .) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + {{- if not .Values.vmselect.autoscaling.hpa.enabled }} + replicas: {{ .Values.vmselect.replicaCount }} + {{- end }} + {{- if eq $kind "statefulset" }} + serviceName: {{ printf "%s-headless" (include "victoriametrics.vmstorage.fullname" .) | trunc 63 | trimSuffix "-" }} + podManagementPolicy: {{ .Values.vmselect.podManagementPolicy }} + {{- end }} + {{- if .Values.vmselect.updateStrategy }} + {{ ternary "strategy" "updateStrategy" (eq $kind "deployment")}}: {{- toYaml .Values.vmselect.updateStrategy | nindent 4 }} + {{- end }} + {{- $podLabels := include "common.tplvalues.merge" (dict "values" (list .Values.vmselect.podLabels .Values.commonLabels) "context" .) }} + selector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} + app.kubernetes.io/component: vmselect + template: + metadata: + {{- if .Values.vmselect.podAnnotations }} + annotations: {{- include "common.tplvalues.render" (dict "value" .Values.vmselect.podAnnotations "context" $) | nindent 8 }} + {{- end }} + labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmselect + spec: + serviceAccountName: {{ template "victoriametrics.vmselect.serviceAccountName" . }} + {{- include "victoriametrics.imagePullSecrets" . | nindent 6 }} + automountServiceAccountToken: {{ .Values.vmselect.automountServiceAccountToken }} + {{- if .Values.vmselect.hostAliases }} + hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.vmselect.hostAliases "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.vmselect.affinity }} + affinity: {{- include "common.tplvalues.render" ( dict "value" .Values.vmselect.affinity "context" $) | nindent 8 }} + {{- else }} + affinity: + podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.vmselect.podAffinityPreset "component" "vmselect" "customLabels" $podLabels "context" $) | nindent 10 }} + podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.vmselect.podAntiAffinityPreset "component" "vmselect" "customLabels" $podLabels "context" $) | nindent 10 }} + nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.vmselect.nodeAffinityPreset.type "key" .Values.vmselect.nodeAffinityPreset.key "values" .Values.vmselect.nodeAffinityPreset.values) | nindent 10 }} + {{- end }} + {{- if .Values.vmselect.nodeSelector }} + nodeSelector: {{- include "common.tplvalues.render" ( dict "value" .Values.vmselect.nodeSelector "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.vmselect.tolerations }} + tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.vmselect.tolerations "context" .) | nindent 8 }} + {{- end }} + {{- if .Values.vmselect.priorityClassName }} + priorityClassName: {{ .Values.vmselect.priorityClassName | quote }} + {{- end }} + {{- if .Values.vmselect.schedulerName }} + schedulerName: {{ .Values.vmselect.schedulerName | quote }} + {{- end }} + {{- if .Values.vmselect.topologySpreadConstraints }} + topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.vmselect.topologySpreadConstraints "context" .) | nindent 8 }} + {{- end }} + {{- if .Values.vmselect.podSecurityContext.enabled }} + securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.vmselect.podSecurityContext "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.vmselect.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.vmselect.terminationGracePeriodSeconds }} + {{- end }} + {{- if .Values.vmselect.initContainers }} + initContainers: {{- include "common.tplvalues.render" (dict "value" .Values.vmselect.initContainers "context" $) | nindent 8 }} + {{- end }} + containers: + - name: vmselect + image: {{ template "victoriametrics.vmselect.image" . }} + imagePullPolicy: {{ .Values.vmselect.image.pullPolicy }} + {{- if .Values.vmselect.containerSecurityContext.enabled }} + securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.vmselect.containerSecurityContext "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.vmselect.command }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.vmselect.command "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.vmselect.args }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.vmselect.args "context" $) | nindent 12 }} + {{- else }} + args: + - vmselect + - --replicationFactor=2 + - --dedup.minScrapeInterval=1ms + {{- if .Values.envflagEnable }} + - --envflag.enable + - --envflag.prefix={{ .Values.envflagPrefix }} + {{- end }} + - --loggerFormat={{ .Values.loggerFormat }} + - --cacheDataPath=/opt/drycc/cache + - --httpListenAddr=:{{ .Values.vmselect.containerPorts.http }} + {{- range $e, $i := until (int .Values.vmstorage.replicaCount) }} + - --storageNode={{ include "victoriametrics.vmstorage.fullname" $ }}-{{ int $i }}.{{ printf "%s-headless" (include "victoriametrics.vmstorage.fullname" $) | trunc 63 | trimSuffix "-" }}:{{ $.Values.vmstorage.containerPorts.vmselect }} + {{- end }} + {{- if .Values.vmselect.extraArgs }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmselect.extraArgs "context" $) | nindent 12 }} + {{- end }} + {{- end }} + env: + {{- if .Values.vmselect.extraEnvVars }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmselect.extraEnvVars "context" $) | nindent 12 }} + {{- end }} + envFrom: + {{- if .Values.vmselect.extraEnvVarsCM }} + - configMapRef: + name: {{ include "common.tplvalues.render" (dict "value" .Values.vmselect.extraEnvVarsCM "context" $) }} + {{- end }} + {{- if .Values.vmselect.extraEnvVarsSecret }} + - secretRef: + name: {{ include "common.tplvalues.render" (dict "value" .Values.vmselect.extraEnvVarsSecret "context" $) }} + {{- end }} + {{- if .Values.vmselect.resources }} + resources: {{- toYaml .Values.vmselect.resources | nindent 12 }} + {{- else if ne .Values.vmselect.resourcesPreset "none" }} + resources: {{- include "common.resources.preset" (dict "type" .Values.vmselect.resourcesPreset) | nindent 12 }} + {{- end }} + ports: + - name: http + containerPort: {{ .Values.vmselect.containerPorts.http }} + {{- if .Values.vmselect.customLivenessProbe }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.vmselect.customLivenessProbe "context" $) | nindent 12 }} + {{- else if .Values.vmselect.livenessProbe.enabled }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.vmselect.livenessProbe "enabled") "context" $) | nindent 12 }} + tcpSocket: + port: http + {{- end }} + {{- if .Values.vmselect.customReadinessProbe }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.vmselect.customReadinessProbe "context" $) | nindent 12 }} + {{- else if .Values.vmselect.readinessProbe.enabled }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.vmselect.readinessProbe "enabled") "context" $) | nindent 12 }} + httpGet: + path: /health + port: http + {{- end }} + {{- if .Values.vmselect.customStartupProbe }} + startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.vmselect.customStartupProbe "context" $) | nindent 12 }} + {{- else if .Values.vmselect.startupProbe.enabled }} + startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.vmselect.startupProbe "enabled") "context" $) | nindent 12 }} + httpGet: + path: /health + port: http + {{- end }} + {{- if .Values.vmselect.lifecycleHooks }} + lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.vmselect.lifecycleHooks "context" $) | nindent 12 }} + {{- end }} + volumeMounts: + - name: empty-dir + mountPath: /opt/drycc/cache + subPath: app-cache-dir + {{- if .Values.vmselect.extraVolumeMounts }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmselect.extraVolumeMounts "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.vmselect.sidecars }} + {{- include "common.tplvalues.render" ( dict "value" .Values.vmselect.sidecars "context" $) | nindent 8 }} + {{- end }} + volumes: + - name: empty-dir + emptyDir: {} + {{- if .Values.vmselect.extraVolumes }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmselect.extraVolumes "context" $) | nindent 8 }} + {{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmselect/headless-service.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmselect/headless-service.yaml new file mode 100644 index 00000000..68ce140f --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmselect/headless-service.yaml @@ -0,0 +1,30 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if (eq .Values.vmselect.kind "statefulset") }} +apiVersion: v1 +kind: Service +metadata: + name: {{ printf "%s-headless" (include "victoriametrics.vmselect.fullname" .) | trunc 63 | trimSuffix "-" }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmselect + {{- if or .Values.commonAnnotations .Values.vmselect.service.headless.annotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.vmselect.service.headless.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +spec: + type: ClusterIP + publishNotReadyAddresses: true + clusterIP: None + ports: + - name: http + port: {{ .Values.vmselect.containerPorts.http }} + targetPort: http + protocol: TCP + selector: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: vmselect +{{- end }} \ No newline at end of file diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmselect/hpa.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmselect/hpa.yaml new file mode 100644 index 00000000..aad19d9f --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmselect/hpa.yaml @@ -0,0 +1,47 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.vmselect.autoscaling.hpa.enabled }} +apiVersion: {{ include "common.capabilities.hpa.apiVersion" (dict "context" $) }} +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "victoriametrics.vmselect.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmselect + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + scaleTargetRef: + {{- if eq .Values.vmselect.kind "statefulset" }} + apiVersion: {{ include "common.capabilities.statefulset.apiVersion" . }} + kind: StatefulSet + {{- else }} + apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} + kind: Deployment + {{- end }} + name: {{ include "victoriametrics.vmselect.fullname" . }} + minReplicas: {{ .Values.vmselect.autoscaling.hpa.minReplicas }} + maxReplicas: {{ .Values.vmselect.autoscaling.hpa.maxReplicas }} + metrics: + {{- if .Values.vmselect.autoscaling.hpa.targetMemory }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.vmselect.autoscaling.hpa.targetMemory }} + {{- end }} + {{- if .Values.vmselect.autoscaling.hpa.targetCPU }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.vmselect.autoscaling.hpa.targetCPU }} + {{- end }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmselect/ingress-tls-secret.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmselect/ingress-tls-secret.yaml new file mode 100644 index 00000000..afd30458 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmselect/ingress-tls-secret.yaml @@ -0,0 +1,48 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.vmselect.ingress.enabled }} +{{- if .Values.vmselect.ingress.secrets }} +{{- range .Values.vmselect.ingress.secrets }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ .name }} + namespace: {{ include "common.names.namespace" $ | quote }} + labels: {{- include "common.labels.standard" (dict "customLabels" $.Values.commonLabels "context" $) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmselect + {{- if $.Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $.Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: kubernetes.io/tls +data: + tls.crt: {{ .certificate | b64enc }} + tls.key: {{ .key | b64enc }} +--- +{{- end }} +{{- end }} +{{- if and .Values.vmselect.ingress.tls .Values.vmselect.ingress.selfSigned }} +{{- $secretName := printf "%s-tls" .Values.vmselect.ingress.hostname }} +{{- $ca := genCA "vmselect-ca" 365 }} +{{- $cert := genSignedCert .Values.vmselect.ingress.hostname nil (list .Values.vmselect.ingress.hostname) 365 $ca }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ $secretName }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmselect + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: kubernetes.io/tls +data: + tls.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.crt" "defaultValue" $cert.Cert "context" $) }} + tls.key: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.key" "defaultValue" $cert.Key "context" $) }} + ca.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "ca.crt" "defaultValue" $ca.Cert "context" $) }} +{{- end }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmselect/ingress.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmselect/ingress.yaml new file mode 100644 index 00000000..5a068658 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmselect/ingress.yaml @@ -0,0 +1,57 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.vmselect.ingress.enabled }} +apiVersion: {{ include "common.capabilities.ingress.apiVersion" . }} +kind: Ingress +metadata: + name: {{ template "victoriametrics.vmselect.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmselect + {{- if or .Values.vmselect.ingress.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.vmselect.ingress.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +spec: + {{- if .Values.vmselect.ingress.ingressClassName }} + ingressClassName: {{ .Values.vmselect.ingress.ingressClassName | quote }} + {{- end }} + rules: + {{- if .Values.vmselect.ingress.hostname }} + - host: {{ .Values.vmselect.ingress.hostname }} + http: + paths: + {{- if .Values.vmselect.ingress.extraPaths }} + {{- toYaml .Values.vmselect.ingress.extraPaths | nindent 10 }} + {{- end }} + - path: {{ .Values.vmselect.ingress.path }} + pathType: {{ .Values.vmselect.ingress.pathType }} + backend: {{- include "common.ingress.backend" (dict "serviceName" (include "victoriametrics.vmselect.fullname" . | trunc 63 | trimSuffix "-") "servicePort" "http" "context" $) | nindent 14 }} + {{- end }} + {{- range .Values.vmselect.ingress.extraHosts }} + - host: {{ .name | quote }} + http: + paths: + - path: {{ default "/" .path }} + pathType: {{ default "ImplementationSpecific" .pathType }} + backend: {{- include "common.ingress.backend" (dict "serviceName" (include "victoriametrics.vmselect.fullname" $ | trunc 63 | trimSuffix "-") "servicePort" "http" "context" $) | nindent 14 }} + {{- end }} + {{- if .Values.vmselect.ingress.extraRules }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmselect.ingress.extraRules "context" $) | nindent 4 }} + {{- end }} + {{- if or (and .Values.vmselect.ingress.tls (or (include "common.ingress.certManagerRequest" ( dict "annotations" .Values.vmselect.ingress.annotations )) .Values.vmselect.ingress.selfSigned)) .Values.vmselect.ingress.extraTls }} + tls: + {{- if and .Values.vmselect.ingress.tls (or (include "common.ingress.certManagerRequest" ( dict "annotations" .Values.vmselect.ingress.annotations )) .Values.vmselect.ingress.selfSigned) }} + - hosts: + - {{ .Values.vmselect.ingress.hostname | quote }} + secretName: {{ printf "%s-tls" .Values.vmselect.ingress.hostname }} + {{- end }} + {{- if .Values.vmselect.ingress.extraTls }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmselect.ingress.extraTls "context" $) | nindent 4 }} + {{- end }} + {{- end }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmselect/networkpolicy.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmselect/networkpolicy.yaml new file mode 100644 index 00000000..a1814be3 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmselect/networkpolicy.yaml @@ -0,0 +1,79 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.vmselect.networkPolicy.enabled }} +kind: NetworkPolicy +apiVersion: {{ include "common.capabilities.networkPolicy.apiVersion" . }} +metadata: + name: {{ template "victoriametrics.vmselect.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmselect + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + policyTypes: + - Ingress + - Egress + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.vmselect.podLabels .Values.commonLabels ) "context" . ) }} + podSelector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmselect + {{- if .Values.vmselect.networkPolicy.allowExternalEgress }} + egress: + - {} + {{- else }} + egress: + # Allow dns resolution + - ports: + - port: 53 + protocol: UDP + - port: 53 + protocol: TCP + # Allow outbound connections to victoriametrics storage controller + - ports: + - port: {{ .Values.vmstorage.containerPorts.http }} + to: + - podSelector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 14 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmstorage + {{- if .Values.vmselect.networkPolicy.extraEgress }} + {{- include "common.tplvalues.render" ( dict "value" .Values.vmselect.networkPolicy.extraEgress "context" $ ) | nindent 4 }} + {{- end }} + {{- end }} + ingress: + # Allow inbound connections + - ports: + - port: {{ .Values.vmselect.containerPorts.http }} + {{- if not .Values.vmselect.networkPolicy.allowExternal }} + from: + - namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: {{ .Release.Namespace }} + podSelector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 14 }} + {{- if .Values.vmselect.networkPolicy.ingressNSMatchLabels }} + - namespaceSelector: + matchLabels: + {{- range $key, $value := .Values.vmselect.networkPolicy.ingressNSMatchLabels }} + {{ $key | quote }}: {{ $value | quote }} + {{- end }} + {{- if .Values.vmselect.networkPolicy.ingressNSPodMatchLabels }} + podSelector: + matchLabels: + {{- range $key, $value := .Values.vmselect.networkPolicy.ingressNSPodMatchLabels }} + {{ $key | quote }}: {{ $value | quote }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} + {{- if .Values.vmselect.networkPolicy.extraIngress }} + {{- include "common.tplvalues.render" ( dict "value" .Values.vmselect.networkPolicy.extraIngress "context" $ ) | nindent 4 }} + {{- end }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmselect/pdb.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmselect/pdb.yaml new file mode 100644 index 00000000..cd08d62e --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmselect/pdb.yaml @@ -0,0 +1,29 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.vmselect.pdb.create }} +apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} +kind: PodDisruptionBudget +metadata: + name: {{ template "victoriametrics.vmselect.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmselect + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + {{- if .Values.vmselect.pdb.minAvailable }} + minAvailable: {{ .Values.vmselect.pdb.minAvailable }} + {{- end }} + {{- if or .Values.vmselect.pdb.maxUnavailable ( not .Values.vmselect.pdb.minAvailable ) }} + maxUnavailable: {{ .Values.vmselect.pdb.maxUnavailable | default 1 }} + {{- end }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.vmselect.podLabels .Values.commonLabels ) "context" . ) }} + selector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} + app.kubernetes.io/component: vmselect +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmselect/service-account.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmselect/service-account.yaml new file mode 100644 index 00000000..3a5d6cf7 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmselect/service-account.yaml @@ -0,0 +1,20 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.vmselect.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "victoriametrics.vmselect.serviceAccountName" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmselect + {{- if or .Values.vmselect.serviceAccount.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.vmselect.serviceAccount.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.vmselect.serviceAccount.automountServiceAccountToken }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmselect/service.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmselect/service.yaml new file mode 100644 index 00000000..0bb2407a --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmselect/service.yaml @@ -0,0 +1,57 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "victoriametrics.vmselect.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmselect + {{- if or .Values.vmselect.service.annotations .Values.commonAnnotations .Values.vmselect.metrics.enabled .Values.vmselect.metrics.annotations }} + {{- $annotations := include "common.tplvalues.merge" (dict "values" (list .Values.vmselect.service.annotations .Values.commonAnnotations .Values.vmselect.metrics.annotations) "context" .) }} + {{- if .Values.vmselect.metrics.enabled }} + {{- $defaultMetricsAnnotations := dict "prometheus.io/scrape" "true" "prometheus.io/port" .Values.vmselect.service.ports.http "prometheus.io/path" "/metrics" }} + {{- $annotations = include "common.tplvalues.merge" (dict "values" (list $annotations $defaultMetricsAnnotations) "context" .) }} + {{- end }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + type: {{ .Values.vmselect.service.type }} + {{- if and .Values.vmselect.service.clusterIP (eq .Values.vmselect.service.type "ClusterIP") }} + clusterIP: {{ .Values.vmselect.service.clusterIP }} + {{- end }} + {{- if .Values.vmselect.service.sessionAffinity }} + sessionAffinity: {{ .Values.vmselect.service.sessionAffinity }} + {{- end }} + {{- if .Values.vmselect.service.sessionAffinityConfig }} + sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.vmselect.service.sessionAffinityConfig "context" $) | nindent 4 }} + {{- end }} + {{- if or (eq .Values.vmselect.service.type "LoadBalancer") (eq .Values.vmselect.service.type "NodePort") }} + externalTrafficPolicy: {{ .Values.vmselect.service.externalTrafficPolicy | quote }} + {{- end }} + {{- if and (eq .Values.vmselect.service.type "LoadBalancer") (not (empty .Values.vmselect.service.loadBalancerSourceRanges)) }} + loadBalancerSourceRanges: {{ .Values.vmselect.service.loadBalancerSourceRanges }} + {{- end }} + {{- if and (eq .Values.vmselect.service.type "LoadBalancer") (not (empty .Values.vmselect.service.loadBalancerIP)) }} + loadBalancerIP: {{ .Values.vmselect.service.loadBalancerIP }} + {{- end }} + ports: + - name: http + port: {{ .Values.vmselect.service.ports.http }} + protocol: TCP + {{- if and (or (eq .Values.vmselect.service.type "NodePort") (eq .Values.vmselect.service.type "LoadBalancer")) (not (empty .Values.vmselect.service.nodePorts.http)) }} + nodePort: {{ .Values.vmselect.service.nodePorts.http }} + {{- else if eq .Values.vmselect.service.type "ClusterIP" }} + nodePort: null + {{- end }} + targetPort: http + {{- if .Values.vmselect.service.extraPorts }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmselect.service.extraPorts "context" $) | nindent 4 }} + {{- end }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.vmselect.podLabels .Values.commonLabels ) "context" . ) }} + selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: vmselect diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmselect/servicemonitor.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmselect/servicemonitor.yaml new file mode 100644 index 00000000..d5f8ffdd --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmselect/servicemonitor.yaml @@ -0,0 +1,48 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.vmselect.metrics.enabled .Values.vmselect.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "victoriametrics.vmselect.fullname" . }} + namespace: {{ default (include "common.names.namespace" .) .Values.vmselect.metrics.serviceMonitor.namespace | quote }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmselect + {{- if or .Values.vmselect.metrics.serviceMonitor.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.vmselect.metrics.serviceMonitor.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +spec: + jobLabel: {{ .Values.vmselect.metrics.serviceMonitor.jobLabel | quote }} + selector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 6 }} + app.kubernetes.io/component: vmselect + {{- if .Values.vmselect.metrics.serviceMonitor.selector }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmselect.metrics.serviceMonitor.selector "context" $) | nindent 6 }} + {{- end }} + endpoints: + - port: http-metrics + path: "/metrics" + {{- if .Values.vmselect.metrics.serviceMonitor.interval }} + interval: {{ .Values.vmselect.metrics.serviceMonitor.interval }} + {{- end }} + {{- if .Values.vmselect.metrics.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ .Values.vmselect.metrics.serviceMonitor.scrapeTimeout }} + {{- end }} + {{- if .Values.vmselect.metrics.serviceMonitor.honorLabels }} + honorLabels: {{ .Values.vmselect.metrics.serviceMonitor.honorLabels }} + {{- end }} + {{- if .Values.vmselect.metrics.serviceMonitor.metricRelabelings }} + metricRelabelings: {{- include "common.tplvalues.render" ( dict "value" .Values.vmselect.metrics.serviceMonitor.metricRelabelings "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.vmselect.metrics.serviceMonitor.relabelings }} + relabelings: {{- include "common.tplvalues.render" ( dict "value" .Values.vmselect.metrics.serviceMonitor.relabelings "context" $) | nindent 8 }} + {{- end }} + namespaceSelector: + matchNames: + - {{ include "common.names.namespace" . | quote }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmselect/vpa.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmselect/vpa.yaml new file mode 100644 index 00000000..2f4cedc6 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmselect/vpa.yaml @@ -0,0 +1,50 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and (include "common.capabilities.apiVersions.has" ( dict "version" "autoscaling.k8s.io/v1/VerticalPodAutoscaler" "context" . )) .Values.vmselect.autoscaling.vpa.enabled }} +apiVersion: {{ include "common.capabilities.vpa.apiVersion" (dict "context" $) }} +kind: VerticalPodAutoscaler +metadata: + name: {{ include "victoriametrics.vmselect.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmselect + {{- if or .Values.vmselect.autoscaling.vpa.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.vmselect.autoscaling.vpa.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +spec: + resourcePolicy: + containerPolicies: + - containerName: vmselect + {{- with .Values.vmselect.autoscaling.vpa.controlledResources }} + controlledResources: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.vmselect.autoscaling.vpa.maxAllowed }} + maxAllowed: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.vmselect.autoscaling.vpa.minAllowed }} + minAllowed: + {{- toYaml . | nindent 8 }} + {{- end }} + targetRef: + {{- if eq .Values.vmselect.kind "statefulset" }} + apiVersion: {{ include "common.capabilities.statefulset.apiVersion" . }} + kind: StatefulSet + {{- else }} + apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} + kind: Deployment + {{- end }} + name: {{ include "victoriametrics.vmselect.fullname" . }} + {{- if .Values.vmselect.autoscaling.vpa.updatePolicy }} + updatePolicy: + {{- with .Values.vmselect.autoscaling.vpa.updatePolicy.updateMode }} + updateMode: {{ . }} + {{- end }} + {{- end }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmstorage/headless-service.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmstorage/headless-service.yaml new file mode 100644 index 00000000..78013fdd --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmstorage/headless-service.yaml @@ -0,0 +1,36 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ printf "%s-headless" (include "victoriametrics.vmstorage.fullname" .) | trunc 63 | trimSuffix "-" }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmstorage + {{- if or .Values.commonAnnotations .Values.vmstorage.service.headless.annotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.vmstorage.service.headless.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +spec: + type: ClusterIP + publishNotReadyAddresses: true + clusterIP: None + ports: + - name: http + port: {{ .Values.vmstorage.containerPorts.http }} + targetPort: http + protocol: TCP + - name: tcp-vminsert + port: {{ .Values.vmstorage.containerPorts.vminsert }} + targetPort: tcp-vminsert + protocol: TCP + - name: tcp-vmselect + port: {{ .Values.vmstorage.containerPorts.vmselect }} + targetPort: tcp-vmselect + protocol: TCP + selector: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: vmstorage diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmstorage/hpa.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmstorage/hpa.yaml new file mode 100644 index 00000000..83b4eae8 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmstorage/hpa.yaml @@ -0,0 +1,42 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.vmstorage.autoscaling.hpa.enabled }} +apiVersion: {{ include "common.capabilities.hpa.apiVersion" (dict "context" $) }} +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "victoriametrics.vmstorage.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmstorage + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + scaleTargetRef: + apiVersion: {{ include "common.capabilities.statefulset.apiVersion" . }} + kind: StatefulSet + name: {{ include "victoriametrics.vmstorage.fullname" . }} + minReplicas: {{ .Values.vmstorage.autoscaling.hpa.minReplicas }} + maxReplicas: {{ .Values.vmstorage.autoscaling.hpa.maxReplicas }} + metrics: + {{- if .Values.vmstorage.autoscaling.hpa.targetMemory }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.vmstorage.autoscaling.hpa.targetMemory }} + {{- end }} + {{- if .Values.vmstorage.autoscaling.hpa.targetCPU }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.vmstorage.autoscaling.hpa.targetCPU }} + {{- end }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmstorage/networkpolicy.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmstorage/networkpolicy.yaml new file mode 100644 index 00000000..684c9c5a --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmstorage/networkpolicy.yaml @@ -0,0 +1,73 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.vmstorage.networkPolicy.enabled }} +kind: NetworkPolicy +apiVersion: {{ include "common.capabilities.networkPolicy.apiVersion" . }} +metadata: + name: {{ template "victoriametrics.vmstorage.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmstorage + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + policyTypes: + - Ingress + - Egress + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.vmstorage.podLabels .Values.commonLabels ) "context" . ) }} + podSelector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmstorage + {{- if .Values.vmstorage.networkPolicy.allowExternalEgress }} + egress: + - {} + {{- else }} + egress: + # Allow dns resolution + - ports: + - port: 53 + protocol: UDP + - port: 53 + protocol: TCP + {{- if .Values.vmstorage.networkPolicy.extraEgress }} + {{- include "common.tplvalues.render" ( dict "value" .Values.vmstorage.networkPolicy.extraEgress "context" $ ) | nindent 4 }} + {{- end }} + {{- end }} + ingress: + # Allow inbound connections + - ports: + - port: {{ .Values.vmstorage.containerPorts.http }} + - port: {{ .Values.vmstorage.containerPorts.vminsert }} + - port: {{ .Values.vmstorage.containerPorts.vmselect }} + {{- if not .Values.vmstorage.networkPolicy.allowExternal }} + from: + - namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: {{ .Release.Namespace }} + podSelector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 14 }} + {{- if .Values.vmstorage.networkPolicy.ingressNSMatchLabels }} + - namespaceSelector: + matchLabels: + {{- range $key, $value := .Values.vmstorage.networkPolicy.ingressNSMatchLabels }} + {{ $key | quote }}: {{ $value | quote }} + {{- end }} + {{- if .Values.vmstorage.networkPolicy.ingressNSPodMatchLabels }} + podSelector: + matchLabels: + {{- range $key, $value := .Values.vmstorage.networkPolicy.ingressNSPodMatchLabels }} + {{ $key | quote }}: {{ $value | quote }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} + {{- if .Values.vmstorage.networkPolicy.extraIngress }} + {{- include "common.tplvalues.render" ( dict "value" .Values.vmstorage.networkPolicy.extraIngress "context" $ ) | nindent 4 }} + {{- end }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmstorage/pdb.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmstorage/pdb.yaml new file mode 100644 index 00000000..f85245a5 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmstorage/pdb.yaml @@ -0,0 +1,29 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.vmstorage.pdb.create }} +apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} +kind: PodDisruptionBudget +metadata: + name: {{ template "victoriametrics.vmstorage.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmstorage + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + {{- if .Values.vmstorage.pdb.minAvailable }} + minAvailable: {{ .Values.vmstorage.pdb.minAvailable }} + {{- end }} + {{- if or .Values.vmstorage.pdb.maxUnavailable ( not .Values.vmstorage.pdb.minAvailable ) }} + maxUnavailable: {{ .Values.vmstorage.pdb.maxUnavailable | default 1 }} + {{- end }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.vmstorage.podLabels .Values.commonLabels ) "context" . ) }} + selector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} + app.kubernetes.io/component: vmstorage +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmstorage/service-account.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmstorage/service-account.yaml new file mode 100644 index 00000000..3d7867c8 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmstorage/service-account.yaml @@ -0,0 +1,20 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.vmstorage.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "victoriametrics.vmstorage.serviceAccountName" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmstorage + {{- if or .Values.vmstorage.serviceAccount.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.vmstorage.serviceAccount.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.vmstorage.serviceAccount.automountServiceAccountToken }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmstorage/service.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmstorage/service.yaml new file mode 100644 index 00000000..40abf629 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmstorage/service.yaml @@ -0,0 +1,57 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "victoriametrics.vmstorage.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmstorage + {{- if or .Values.vmstorage.service.annotations .Values.commonAnnotations .Values.vmstorage.metrics.enabled .Values.vmstorage.metrics.annotations }} + {{- $annotations := include "common.tplvalues.merge" (dict "values" (list .Values.vmstorage.service.annotations .Values.commonAnnotations .Values.vmstorage.metrics.annotations) "context" .) }} + {{- if .Values.vmstorage.metrics.enabled }} + {{- $defaultMetricsAnnotations := dict "prometheus.io/scrape" "true" "prometheus.io/port" (.Values.vmstorage.service.ports.http ) "prometheus.io/path" "/metrics" }} + {{- $annotations = include "common.tplvalues.merge" (dict "values" (list $annotations $defaultMetricsAnnotations) "context" .) }} + {{- end }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + type: {{ .Values.vmstorage.service.type }} + {{- if and .Values.vmstorage.service.clusterIP (eq .Values.vmstorage.service.type "ClusterIP") }} + clusterIP: {{ .Values.vmstorage.service.clusterIP }} + {{- end }} + {{- if .Values.vmstorage.service.sessionAffinity }} + sessionAffinity: {{ .Values.vmstorage.service.sessionAffinity }} + {{- end }} + {{- if .Values.vmstorage.service.sessionAffinityConfig }} + sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.vmstorage.service.sessionAffinityConfig "context" $) | nindent 4 }} + {{- end }} + {{- if or (eq .Values.vmstorage.service.type "LoadBalancer") (eq .Values.vmstorage.service.type "NodePort") }} + externalTrafficPolicy: {{ .Values.vmstorage.service.externalTrafficPolicy | quote }} + {{- end }} + {{- if and (eq .Values.vmstorage.service.type "LoadBalancer") (not (empty .Values.vmstorage.service.loadBalancerSourceRanges)) }} + loadBalancerSourceRanges: {{ .Values.vmstorage.service.loadBalancerSourceRanges }} + {{- end }} + {{- if and (eq .Values.vmstorage.service.type "LoadBalancer") (not (empty .Values.vmstorage.service.loadBalancerIP)) }} + loadBalancerIP: {{ .Values.vmstorage.service.loadBalancerIP }} + {{- end }} + ports: + - name: http + port: {{ .Values.vmstorage.service.ports.http }} + protocol: TCP + {{- if and (or (eq .Values.vmstorage.service.type "NodePort") (eq .Values.vmstorage.service.type "LoadBalancer")) (not (empty .Values.vmstorage.service.nodePorts.http)) }} + nodePort: {{ .Values.vmstorage.service.nodePorts.http }} + {{- else if eq .Values.vmstorage.service.type "ClusterIP" }} + nodePort: null + {{- end }} + targetPort: http + {{- if .Values.vmstorage.service.extraPorts }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmstorage.service.extraPorts "context" $) | nindent 4 }} + {{- end }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.vmstorage.podLabels .Values.commonLabels ) "context" . ) }} + selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: vmstorage diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmstorage/servicemonitor.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmstorage/servicemonitor.yaml new file mode 100644 index 00000000..63ea54c1 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmstorage/servicemonitor.yaml @@ -0,0 +1,48 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.vmstorage.metrics.enabled .Values.vmstorage.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "victoriametrics.vmstorage.fullname" . }} + namespace: {{ default (include "common.names.namespace" .) .Values.vmstorage.metrics.serviceMonitor.namespace | quote }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmstorage + {{- if or .Values.vmstorage.metrics.serviceMonitor.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.vmstorage.metrics.serviceMonitor.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +spec: + jobLabel: {{ .Values.vmstorage.metrics.serviceMonitor.jobLabel | quote }} + selector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 6 }} + app.kubernetes.io/component: vmstorage + {{- if .Values.vmstorage.metrics.serviceMonitor.selector }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmstorage.metrics.serviceMonitor.selector "context" $) | nindent 6 }} + {{- end }} + endpoints: + - port: http-metrics + path: "/metrics" + {{- if .Values.vmstorage.metrics.serviceMonitor.interval }} + interval: {{ .Values.vmstorage.metrics.serviceMonitor.interval }} + {{- end }} + {{- if .Values.vmstorage.metrics.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ .Values.vmstorage.metrics.serviceMonitor.scrapeTimeout }} + {{- end }} + {{- if .Values.vmstorage.metrics.serviceMonitor.honorLabels }} + honorLabels: {{ .Values.vmstorage.metrics.serviceMonitor.honorLabels }} + {{- end }} + {{- if .Values.vmstorage.metrics.serviceMonitor.metricRelabelings }} + metricRelabelings: {{- include "common.tplvalues.render" ( dict "value" .Values.vmstorage.metrics.serviceMonitor.metricRelabelings "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.vmstorage.metrics.serviceMonitor.relabelings }} + relabelings: {{- include "common.tplvalues.render" ( dict "value" .Values.vmstorage.metrics.serviceMonitor.relabelings "context" $) | nindent 8 }} + {{- end }} + namespaceSelector: + matchNames: + - {{ include "common.names.namespace" . | quote }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmstorage/statefulset.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmstorage/statefulset.yaml new file mode 100644 index 00000000..40f409ec --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmstorage/statefulset.yaml @@ -0,0 +1,225 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +apiVersion: {{ include "common.capabilities.statefulset.apiVersion" . }} +kind: StatefulSet +metadata: + name: {{ template "victoriametrics.vmstorage.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmstorage + {{- if or .Values.vmstorage.statefulsetAnnotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" (dict "values" (list .Values.vmstorage.statefulsetAnnotations .Values.commonAnnotations) "context" .) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + {{- if not .Values.vmstorage.autoscaling.hpa.enabled }} + replicas: {{ .Values.vmstorage.replicaCount }} + {{- end }} + persistentVolumeClaimRetentionPolicy: + whenDeleted: Delete + whenScaled: Retain + serviceName: {{ printf "%s-headless" (include "victoriametrics.vmstorage.fullname" .) | trunc 63 | trimSuffix "-" }} + podManagementPolicy: {{ .Values.vmstorage.podManagementPolicy }} + {{- if .Values.vmstorage.updateStrategy }} + updateStrategy: {{- toYaml .Values.vmstorage.updateStrategy | nindent 4 }} + {{- end }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.vmstorage.podLabels .Values.commonLabels ) "context" . ) }} + selector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmstorage + template: + metadata: + {{- if .Values.vmstorage.podAnnotations }} + annotations: {{- include "common.tplvalues.render" (dict "value" .Values.vmstorage.podAnnotations "context" $) | nindent 8 }} + {{- end }} + labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmstorage + spec: + serviceAccountName: {{ template "victoriametrics.vmstorage.serviceAccountName" . }} + {{- include "victoriametrics.imagePullSecrets" . | nindent 6 }} + automountServiceAccountToken: {{ .Values.vmstorage.automountServiceAccountToken }} + {{- if .Values.vmstorage.hostAliases }} + hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.vmstorage.hostAliases "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.vmstorage.affinity }} + affinity: {{- include "common.tplvalues.render" ( dict "value" .Values.vmstorage.affinity "context" $) | nindent 8 }} + {{- else }} + affinity: + podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.vmstorage.podAffinityPreset "component" "vmstorage" "customLabels" $podLabels "context" $) | nindent 10 }} + podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.vmstorage.podAntiAffinityPreset "component" "vmstorage" "customLabels" $podLabels "context" $) | nindent 10 }} + nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.vmstorage.nodeAffinityPreset.type "key" .Values.vmstorage.nodeAffinityPreset.key "values" .Values.vmstorage.nodeAffinityPreset.values) | nindent 10 }} + {{- end }} + {{- if .Values.vmstorage.nodeSelector }} + nodeSelector: {{- include "common.tplvalues.render" ( dict "value" .Values.vmstorage.nodeSelector "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.vmstorage.tolerations }} + tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.vmstorage.tolerations "context" .) | nindent 8 }} + {{- end }} + {{- if .Values.vmstorage.priorityClassName }} + priorityClassName: {{ .Values.vmstorage.priorityClassName | quote }} + {{- end }} + {{- if .Values.vmstorage.schedulerName }} + schedulerName: {{ .Values.vmstorage.schedulerName | quote }} + {{- end }} + {{- if .Values.vmstorage.topologySpreadConstraints }} + topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.vmstorage.topologySpreadConstraints "context" .) | nindent 8 }} + {{- end }} + {{- if .Values.vmstorage.podSecurityContext.enabled }} + securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.vmstorage.podSecurityContext "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.vmstorage.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.vmstorage.terminationGracePeriodSeconds }} + {{- end }} + {{- if or (and .Values.defaultInitContainers.volumePermissions.enabled .Values.vmstorage.persistence.enabled) .Values.vmstorage.initContainers }} + initContainers: + {{- if and .Values.defaultInitContainers.volumePermissions.enabled .Values.vmstorage.persistence.enabled }} + {{- include "victoriametrics.init-containers.volume-permissions" (dict "context" . "componentValues" .Values.vmstorage) | nindent 8 }} + {{- end }} + {{- if .Values.vmstorage.initContainers }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmstorage.initContainers "context" $) | nindent 8 }} + {{- end }} + {{- end }} + containers: + - name: vmstorage + image: {{ template "victoriametrics.vmstorage.image" . }} + imagePullPolicy: {{ .Values.vmstorage.image.pullPolicy }} + {{- if .Values.vmstorage.containerSecurityContext.enabled }} + securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.vmstorage.containerSecurityContext "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.vmstorage.command }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.vmstorage.command "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.vmstorage.args }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.vmstorage.args "context" $) | nindent 12 }} + {{- else }} + args: + - vmstorage + {{- if .Values.envflagEnable }} + - --envflag.enable + - --envflag.prefix={{ .Values.envflagPrefix }} + {{- end }} + - --loggerFormat={{ .Values.loggerFormat }} + - --httpListenAddr=:{{ .Values.vmstorage.containerPorts.http }} + - --vminsertAddr=:{{ .Values.vmstorage.containerPorts.vminsert }} + - --vmselectAddr=:{{ .Values.vmstorage.containerPorts.vmselect }} + - --retentionPeriod={{ .Values.vmstorage.retentionPeriod }} + - --storageDataPath={{ .Values.vmstorage.persistence.mountPath }} + {{- if .Values.vmstorage.extraArgs }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmstorage.extraArgs "context" $) | nindent 12 }} + {{- end }} + {{- end }} + env: + {{- if .Values.vmstorage.extraEnvVars }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmstorage.extraEnvVars "context" $) | nindent 12 }} + {{- end }} + envFrom: + {{- if .Values.vmstorage.extraEnvVarsCM }} + - configMapRef: + name: {{ include "common.tplvalues.render" (dict "value" .Values.vmstorage.extraEnvVarsCM "context" $) }} + {{- end }} + {{- if .Values.vmstorage.extraEnvVarsSecret }} + - secretRef: + name: {{ include "common.tplvalues.render" (dict "value" .Values.vmstorage.extraEnvVarsSecret "context" $) }} + {{- end }} + {{- if .Values.vmstorage.resources }} + resources: {{- toYaml .Values.vmstorage.resources | nindent 12 }} + {{- else if ne .Values.vmstorage.resourcesPreset "none" }} + resources: {{- include "common.resources.preset" (dict "type" .Values.vmstorage.resourcesPreset) | nindent 12 }} + {{- end }} + ports: + - name: http + containerPort: {{ .Values.vmstorage.containerPorts.http }} + - name: tcp-vminsert + containerPort: {{ .Values.vmstorage.containerPorts.vminsert }} + - name: tcp-vmselect + containerPort: {{ .Values.vmstorage.containerPorts.vmselect }} + {{- if .Values.vmstorage.customLivenessProbe }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.vmstorage.customLivenessProbe "context" $) | nindent 12 }} + {{- else if .Values.vmstorage.livenessProbe.enabled }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.vmstorage.livenessProbe "enabled") "context" $) | nindent 12 }} + tcpSocket: + port: http + {{- end }} + {{- if .Values.vmstorage.customReadinessProbe }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.vmstorage.customReadinessProbe "context" $) | nindent 12 }} + {{- else if .Values.vmstorage.readinessProbe.enabled }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.vmstorage.readinessProbe "enabled") "context" $) | nindent 12 }} + httpGet: + path: /health + port: http + {{- end }} + {{- if .Values.vmstorage.customStartupProbe }} + startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.vmstorage.customStartupProbe "context" $) | nindent 12 }} + {{- else if .Values.vmstorage.startupProbe.enabled }} + startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.vmstorage.startupProbe "enabled") "context" $) | nindent 12 }} + httpGet: + path: /health + port: http + {{- end }} + {{- if .Values.vmstorage.lifecycleHooks }} + lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.vmstorage.lifecycleHooks "context" $) | nindent 12 }} + {{- end }} + volumeMounts: + {{- if .Values.vmstorage.persistence.enabled }} + - name: data + mountPath: {{ .Values.vmstorage.persistence.mountPath }} + {{- end }} + {{- if .Values.vmstorage.extraVolumeMounts }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmstorage.extraVolumeMounts "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.vmstorage.sidecars }} + {{- include "common.tplvalues.render" ( dict "value" .Values.vmstorage.sidecars "context" $) | nindent 8 }} + {{- end }} + volumes: + {{- if and .Values.vmstorage.persistence.enabled .Values.vmstorage.persistence.existingClaim }} + - name: data + persistentVolumeClaim: + claimName: {{ .Values.vmstorage.persistence.existingClaim }} + {{- else if (not .Values.vmstorage.persistence.enabled) }} + - name: data + emptyDir: {} + {{- end }} + {{- if .Values.vmstorage.extraVolumes }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmstorage.extraVolumes "context" $) | nindent 8 }} + {{- end }} + {{- if and .Values.vmstorage.persistence.enabled (not .Values.vmstorage.persistence.existingClaim) }} + volumeClaimTemplates: + - apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + name: data + annotations: + {{- if .Values.vmstorage.persistence.annotations }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmstorage.persistence.annotations "context" $) | nindent 10 }} + {{- end }} + {{- if .Values.commonAnnotations }} + {{- include "common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 10 }} + {{- end }} + {{- if .Values.commonLabels }} + labels: {{- include "common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 10 }} + {{- end }} + spec: + {{- if .Values.vmstorage.persistence.dataSource }} + dataSource: {{- include "common.tplvalues.render" (dict "value" .Values.vmstorage.persistence.dataSource "context" $) | nindent 4 }} + {{- end }} + accessModes: + {{- range .Values.vmstorage.persistence.accessModes }} + - {{ . | quote }} + {{- end }} + resources: + requests: + storage: {{ .Values.vmstorage.persistence.size | quote }} + {{- include "common.storage.class" (dict "persistence" .Values.vmstorage.persistence "global" .Values.global) | nindent 8 }} + {{- if .Values.vmstorage.persistence.selector }} + selector: {{- include "common.tplvalues.render" (dict "value" .Values.vmstorage.persistence.selector "context" $) | nindent 10 }} + {{- end }} + {{- if .Values.vmstorage.persistence.extraVolumeClaimTemplates }} + {{- include "common.tplvalues.render" (dict "value" .Values.vmstorage.persistence.extraVolumeClaimTemplates "context" $) | nindent 4 }} + {{- end }} + {{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/templates/vmstorage/vpa.yaml b/addons/victoriametrics/1/chart/victoriametrics/templates/vmstorage/vpa.yaml new file mode 100644 index 00000000..b88c0b75 --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/templates/vmstorage/vpa.yaml @@ -0,0 +1,45 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and (include "common.capabilities.apiVersions.has" ( dict "version" "autoscaling.k8s.io/v1/VerticalPodAutoscaler" "context" . )) .Values.vmstorage.autoscaling.vpa.enabled }} +apiVersion: {{ include "common.capabilities.vpa.apiVersion" (dict "context" $) }} +kind: VerticalPodAutoscaler +metadata: + name: {{ include "victoriametrics.vmstorage.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: victoriametrics + app.kubernetes.io/component: vmstorage + {{- if or .Values.vmstorage.autoscaling.vpa.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.vmstorage.autoscaling.vpa.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +spec: + resourcePolicy: + containerPolicies: + - containerName: vmstorage + {{- with .Values.vmstorage.autoscaling.vpa.controlledResources }} + controlledResources: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.vmstorage.autoscaling.vpa.maxAllowed }} + maxAllowed: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.vmstorage.autoscaling.vpa.minAllowed }} + minAllowed: + {{- toYaml . | nindent 8 }} + {{- end }} + targetRef: + apiVersion: {{ include "common.capabilities.statefulset.apiVersion" . }} + kind: StatefulSet + name: {{ include "victoriametrics.vmstorage.fullname" . }} + {{- if .Values.vmstorage.autoscaling.vpa.updatePolicy }} + updatePolicy: + {{- with .Values.vmstorage.autoscaling.vpa.updatePolicy.updateMode }} + updateMode: {{ . }} + {{- end }} + {{- end }} +{{- end }} diff --git a/addons/victoriametrics/1/chart/victoriametrics/values.yaml b/addons/victoriametrics/1/chart/victoriametrics/values.yaml new file mode 100644 index 00000000..225c4b3c --- /dev/null +++ b/addons/victoriametrics/1/chart/victoriametrics/values.yaml @@ -0,0 +1,3670 @@ +# Copyright Broadcom, Inc. All Rights Reserved. +# SPDX-License-Identifier: APACHE-2.0 + +## @section Global parameters +## Global Docker image parameters +## Please, note that this will override the image parameters, including dependencies, configured to use the global value +## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass +## + +## @param global.imageRegistry Global Docker image registry +## @param global.imagePullSecrets Global Docker registry secret names as an array +## @param global.defaultStorageClass Global default StorageClass for Persistent Volume(s) +## +global: + imageRegistry: "" + ## E.g. + ## imagePullSecrets: + ## - myRegistryKeySecretName + ## + imagePullSecrets: [] + defaultStorageClass: "" + ## Security parameters + ## + security: + ## @param global.security.allowInsecureImages Allows skipping image verification + allowInsecureImages: true + ## Compatibility adaptations for Kubernetes platforms + ## + compatibility: + ## Compatibility adaptations for Openshift + ## + openshift: + ## @param global.compatibility.openshift.adaptSecurityContext Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation) + ## + adaptSecurityContext: auto +## @section Common parameters +## + +## @param kubeVersion Override Kubernetes version +## +kubeVersion: "" +## @param apiVersions Override Kubernetes API versions reported by .Capabilities +## +apiVersions: [] +## @param nameOverride String to partially override common.names.name +## +nameOverride: "" +## @param fullnameOverride String to fully override common.names.fullname +## +fullnameOverride: "" +## @param namespaceOverride String to fully override common.names.namespace +## +namespaceOverride: "" +## @param commonLabels Labels to add to all deployed objects +## +commonLabels: {} +## @param commonAnnotations Annotations to add to all deployed objects +## +commonAnnotations: {} +## @param clusterDomain Kubernetes cluster domain name +## +clusterDomain: cluster.local +## @param extraDeploy Array of extra objects to deploy with the release +## +extraDeploy: [] + +## @section VictoriaMetrics common parameters +## +## @param envflagEnable Enable envflag +## +envflagEnable: true +## @param envflagPrefix Prefix used for the envflag entries +## +envflagPrefix: VM_ +## @param loggerFormat Set format of the logs +## +loggerFormat: json + +## @section VictoriaMetrics Select Parameters +## +vmselect: + ## Drycc VictoriaMetrics Select image + ## ref: https://hub.docker.com/r/drycc/victoriametrics-vmselect/tags/ + ## @param vmselect.image.registry [default: REGISTRY_NAME] VictoriaMetrics Select image registry + ## @param vmselect.image.repository [default: REPOSITORY_NAME/victoriametrics-vmselect] VictoriaMetrics Select image repository + ## @skip vmselect.image.tag VictoriaMetrics Select image tag (immutable tags are recommended) + ## @param vmselect.image.digest VictoriaMetrics Select image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) + ## @param vmselect.image.pullPolicy VictoriaMetrics Select image pull policy + ## @param vmselect.image.pullSecrets VictoriaMetrics Select image pull secrets + ## + image: + registry: registry.drycc.cc + repository: drycc/victoriametrics + tag: 0.0.1 + digest: "" + ## Specify a imagePullPolicy + ## ref: http://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images + ## + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] + ## @param vmselect.replicaCount Number of VictoriaMetrics Select replicas to deploy + ## + replicaCount: 2 + ## @param vmselect.containerPorts.http VictoriaMetrics Select http container port + ## + containerPorts: + http: 8481 + ## Configure extra options for VictoriaMetrics Select containers' liveness and readiness probes + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes + ## @param vmselect.livenessProbe.enabled Enable livenessProbe on VictoriaMetrics Select containers + ## @param vmselect.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe + ## @param vmselect.livenessProbe.periodSeconds Period seconds for livenessProbe + ## @param vmselect.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe + ## @param vmselect.livenessProbe.failureThreshold Failure threshold for livenessProbe + ## @param vmselect.livenessProbe.successThreshold Success threshold for livenessProbe + ## + livenessProbe: + enabled: true + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 5 + successThreshold: 1 + ## @param vmselect.readinessProbe.enabled Enable readinessProbe on VictoriaMetrics Select containers + ## @param vmselect.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe + ## @param vmselect.readinessProbe.periodSeconds Period seconds for readinessProbe + ## @param vmselect.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe + ## @param vmselect.readinessProbe.failureThreshold Failure threshold for readinessProbe + ## @param vmselect.readinessProbe.successThreshold Success threshold for readinessProbe + ## + readinessProbe: + enabled: true + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 5 + successThreshold: 1 + ## @param vmselect.startupProbe.enabled Enable startupProbe on VictoriaMetrics Select containers + ## @param vmselect.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe + ## @param vmselect.startupProbe.periodSeconds Period seconds for startupProbe + ## @param vmselect.startupProbe.timeoutSeconds Timeout seconds for startupProbe + ## @param vmselect.startupProbe.failureThreshold Failure threshold for startupProbe + ## @param vmselect.startupProbe.successThreshold Success threshold for startupProbe + ## + startupProbe: + enabled: true + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 5 + successThreshold: 1 + ## @param vmselect.customLivenessProbe Custom livenessProbe that overrides the default one + ## + customLivenessProbe: {} + ## @param vmselect.customReadinessProbe Custom readinessProbe that overrides the default one + ## + customReadinessProbe: {} + ## @param vmselect.customStartupProbe Custom startupProbe that overrides the default one + ## + customStartupProbe: {} + ## VictoriaMetrics Select resource requests and limits + ## ref: http://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ + ## @param vmselect.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if vmselect.resources is set (vmselect.resources is recommended for production). + ## More information: https://github.com/drycc/charts/blob/main/drycc/common/templates/_resources.tpl#L15 + ## + resourcesPreset: "nano" + ## @param vmselect.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) + ## Example: + ## resources: + ## requests: + ## cpu: 2 + ## memory: 512Mi + ## limits: + ## cpu: 3 + ## memory: 1024Mi + ## + resources: {} + ## @param vmselect.kind Define how to deploy VictoriaMetrics Select (allowed values: deployment or statefulset) + ## + kind: "deployment" + ## @param vmselect.podManagementPolicy Pod management policy for VictoriaMetrics Storage statefulset + ## Ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies + ## + podManagementPolicy: Parallel + ## @param vmselect.annotations Annotations for VictoriaMetrics Select Deployment or StatefulSet + ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + ## + annotations: {} + ## Configure Pods Security Context + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod + ## @param vmselect.podSecurityContext.enabled Enabled VictoriaMetrics Select pods' Security Context + ## @param vmselect.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy + ## @param vmselect.podSecurityContext.sysctls Set kernel settings using the sysctl interface + ## @param vmselect.podSecurityContext.supplementalGroups Set filesystem extra groups + ## @param vmselect.podSecurityContext.fsGroup Set VictoriaMetrics Select pod's Security Context fsGroup + ## + podSecurityContext: + enabled: true + fsGroupChangePolicy: Always + sysctls: [] + supplementalGroups: [] + fsGroup: 1001 + ## Configure Container Security Context + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container + ## @param vmselect.containerSecurityContext.enabled Enabled VictoriaMetrics Select containers' Security Context + ## @param vmselect.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container + ## @param vmselect.containerSecurityContext.runAsUser Set containers' Security Context runAsUser + ## @param vmselect.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup + ## @param vmselect.containerSecurityContext.runAsNonRoot Set VictoriaMetrics Select containers' Security Context runAsNonRoot + ## @param vmselect.containerSecurityContext.privileged Set VictoriaMetrics Select containers' Security Context privileged + ## @param vmselect.containerSecurityContext.readOnlyRootFilesystem Set VictoriaMetrics Select containers' Security Context runAsNonRoot + ## @param vmselect.containerSecurityContext.allowPrivilegeEscalation Set VictoriaMetrics Select container's privilege escalation + ## @param vmselect.containerSecurityContext.capabilities.drop Set VictoriaMetrics Select container's Security Context runAsNonRoot + ## @param vmselect.containerSecurityContext.seccompProfile.type Set VictoriaMetrics Select container's Security Context seccomp profile + ## + containerSecurityContext: + enabled: true + seLinuxOptions: {} + runAsUser: 1001 + runAsGroup: 1001 + runAsNonRoot: true + privileged: false + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + capabilities: + drop: ["ALL"] + seccompProfile: + type: RuntimeDefault + ## @param vmselect.command Override default container command (useful when using custom images) + ## + command: [] + ## @param vmselect.args Override default container args (useful when using custom images) + ## + args: [] + ## @param vmselect.extraArgs Add extra arguments to the default command + ## + extraArgs: [] + ## @param vmselect.automountServiceAccountToken Mount Service Account token in pod + ## + automountServiceAccountToken: false + ## @param vmselect.hostAliases VictoriaMetrics Select pods host aliases + ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ + ## + hostAliases: [] + ## @param vmselect.podLabels Extra labels for VictoriaMetrics Select pods + ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + ## + podLabels: {} + ## @param vmselect.podAnnotations Annotations for VictoriaMetrics Select pods + ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + ## + podAnnotations: {} + ## @param vmselect.podAffinityPreset Pod affinity preset. Ignored if `vmselect.affinity` is set. Allowed values: `soft` or `hard` + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity + ## + podAffinityPreset: "" + ## @param vmselect.podAntiAffinityPreset Pod anti-affinity preset. Ignored if `vmselect.affinity` is set. Allowed values: `soft` or `hard` + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity + ## + podAntiAffinityPreset: soft + ## Pod Disruption Budget configuration + ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb + ## @param vmselect.pdb.create Enable/disable a Pod Disruption Budget creation + ## @param vmselect.pdb.minAvailable Minimum number/percentage of pods that should remain scheduled + ## @param vmselect.pdb.maxUnavailable Maximum number/percentage of pods that may be made unavailable + ## + pdb: + create: true + minAvailable: "" + maxUnavailable: "" + ## Autoscaling configuration + ## ref: https://kubernetes.io/docs/concepts/workloads/autoscaling/ + ## + autoscaling: + ## @param vmselect.autoscaling.vpa.enabled Enable VPA for VictoriaMetrics Select pods + ## @param vmselect.autoscaling.vpa.annotations Annotations for VPA resource + ## @param vmselect.autoscaling.vpa.controlledResources VPA List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory + ## @param vmselect.autoscaling.vpa.maxAllowed VPA Max allowed resources for the pod + ## @param vmselect.autoscaling.vpa.minAllowed VPA Min allowed resources for the pod + ## + vpa: + enabled: false + annotations: {} + controlledResources: [] + maxAllowed: {} + minAllowed: {} + ## @param vmselect.autoscaling.vpa.updatePolicy.updateMode Autoscaling update policy + ## Specifies whether recommended updates are applied when a Pod is started and whether recommended updates are applied during the life of a Pod + ## Possible values are "Off", "Initial", "Recreate", and "Auto". + ## + updatePolicy: + updateMode: Auto + ## @param vmselect.autoscaling.hpa.enabled Enable HPA for VictoriaMetrics Select pods + ## @param vmselect.autoscaling.hpa.minReplicas Minimum number of replicas + ## @param vmselect.autoscaling.hpa.maxReplicas Maximum number of replicas + ## @param vmselect.autoscaling.hpa.targetCPU Target CPU utilization percentage + ## @param vmselect.autoscaling.hpa.targetMemory Target Memory utilization percentage + ## + hpa: + enabled: false + minReplicas: "" + maxReplicas: "" + targetCPU: "" + targetMemory: "" + ## Node vmselect.affinity preset + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity + ## + nodeAffinityPreset: + ## @param vmselect.nodeAffinityPreset.type Node affinity preset type. Ignored if `vmselect.affinity` is set. Allowed values: `soft` or `hard` + ## + type: "" + ## @param vmselect.nodeAffinityPreset.key Node label key to match. Ignored if `vmselect.affinity` is set + ## + key: "" + ## @param vmselect.nodeAffinityPreset.values Node label values to match. Ignored if `vmselect.affinity` is set + ## E.g. + ## values: + ## - e2e-az1 + ## - e2e-az2 + ## + values: [] + ## @param vmselect.affinity Affinity for VictoriaMetrics Select pods assignment + ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity + ## NOTE: `vmselect.podAffinityPreset`, `vmselect.podAntiAffinityPreset`, and `vmselect.nodeAffinityPreset` will be ignored when it's set + ## + affinity: {} + ## @param vmselect.nodeSelector Node labels for VictoriaMetrics Select pods assignment + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ + ## + nodeSelector: {} + ## @param vmselect.tolerations Tolerations for VictoriaMetrics Select pods assignment + ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ + ## + tolerations: [] + ## @param vmselect.updateStrategy.type VictoriaMetrics Select statefulset strategy type + ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies + ## + updateStrategy: + ## StrategyType + ## Can be set to RollingUpdate or OnDelete + ## + type: RollingUpdate + ## @param vmselect.priorityClassName VictoriaMetrics Select pods' priorityClassName + ## + priorityClassName: "" + ## @param vmselect.topologySpreadConstraints Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods + ## + topologySpreadConstraints: [] + ## @param vmselect.schedulerName Name of the k8s scheduler (other than default) for VictoriaMetrics Select pods + ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ + ## + schedulerName: "" + ## @param vmselect.terminationGracePeriodSeconds Seconds Redmine pod needs to terminate gracefully + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods + ## + terminationGracePeriodSeconds: "" + ## @param vmselect.lifecycleHooks for the VictoriaMetrics Select container(s) to automate configuration before or after startup + ## + lifecycleHooks: {} + ## @param vmselect.extraEnvVars Array with extra environment variables to add to VictoriaMetrics Select nodes + ## e.g: + ## extraEnvVars: + ## - name: FOO + ## value: "bar" + ## + extraEnvVars: [] + ## @param vmselect.extraEnvVarsCM Name of existing ConfigMap containing extra env vars for VictoriaMetrics Select nodes + ## + extraEnvVarsCM: "" + ## @param vmselect.extraEnvVarsSecret Name of existing Secret containing extra env vars for VictoriaMetrics Select nodes + ## + extraEnvVarsSecret: "" + ## @param vmselect.extraVolumes Optionally specify extra list of additional volumes for the VictoriaMetrics Select pod(s) + ## + extraVolumes: [] + ## @param vmselect.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the VictoriaMetrics Select container(s) + ## + extraVolumeMounts: [] + ## @param vmselect.sidecars Add additional sidecar containers to the VictoriaMetrics Select pod(s) + ## e.g: + ## sidecars: + ## - name: your-image-name + ## image: your-image + ## imagePullPolicy: Always + ## ports: + ## - name: portname + ## containerPort: 1234 + ## + sidecars: [] + ## @param vmselect.initContainers Add additional init containers to the VictoriaMetrics Select pod(s) + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + ## e.g: + ## initContainers: + ## - name: your-image-name + ## image: your-image + ## imagePullPolicy: Always + ## command: ['sh', '-c', 'echo "hello world"'] + ## + initContainers: [] + ## @section VictoriaMetrics Select RBAC Parameters + ## + + ## ServiceAccount configuration + ## + serviceAccount: + ## @param vmselect.serviceAccount.create Specifies whether a ServiceAccount should be created + ## + create: true + ## @param vmselect.serviceAccount.name The name of the ServiceAccount to use. + ## If not set and create is true, a name is generated using the common.names.fullname template + ## + name: "" + ## @param vmselect.serviceAccount.annotations Additional Service Account annotations (evaluated as a template) + ## + annotations: {} + ## @param vmselect.serviceAccount.automountServiceAccountToken Automount service account token for the server service account + ## + automountServiceAccountToken: false + ## @section VictoriaMetrics Select Traffic Exposure Parameters + ## + service: + ## @param vmselect.service.type VictoriaMetrics Select service type + ## + type: ClusterIP + ## @param vmselect.service.ports.http VictoriaMetrics Select service http port + ## + ports: + http: "8481" + ## Node ports to expose + ## @param vmselect.service.nodePorts.http Node port for HTTP + ## NOTE: choose port between <30000-32767> + ## + nodePorts: + http: "" + ## @param vmselect.service.clusterIP VictoriaMetrics Select service Cluster IP + ## e.g.: + ## clusterIP: None + ## + clusterIP: "" + ## @param vmselect.service.loadBalancerIP VictoriaMetrics Select service Load Balancer IP + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer + ## + loadBalancerIP: "" + ## @param vmselect.service.loadBalancerSourceRanges VictoriaMetrics Select service Load Balancer sources + ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service + ## e.g: + ## loadBalancerSourceRanges: + ## - 10.10.10.0/24 + ## + loadBalancerSourceRanges: [] + ## @param vmselect.service.externalTrafficPolicy VictoriaMetrics Select service external traffic policy + ## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip + ## + externalTrafficPolicy: Cluster + ## @param vmselect.service.annotations [object] Additional custom annotations for VictoriaMetrics Select service + ## + annotations: {} + ## @param vmselect.service.extraPorts Extra ports to expose in VictoriaMetrics Select service (normally used with the `sidecars` value) + ## + extraPorts: [] + ## @param vmselect.service.sessionAffinity Control where client requests go, to the same pod or round-robin + ## Values: ClientIP or None + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/ + ## + sessionAffinity: None + ## @param vmselect.service.sessionAffinityConfig Additional settings for the sessionAffinity + ## sessionAffinityConfig: + ## clientIP: + ## timeoutSeconds: 300 + ## + sessionAffinityConfig: {} + ## Headless service properties + ## + headless: + ## @param vmselect.service.headless.annotations Annotations for the headless service. + ## + annotations: {} + ## ref: http://kubernetes.io/docs/concepts/services-networking/ingress/ + ## + ingress: + ## @param vmselect.ingress.enabled Enable ingress record generation for VictoriaMetrics Select + ## + enabled: false + ## @param vmselect.ingress.pathType Ingress path type + ## + pathType: ImplementationSpecific + ## @param vmselect.ingress.apiVersion Force Ingress API version (automatically detected if not set) + ## + apiVersion: "" + ## @param vmselect.ingress.hostname Default host for the ingress record + ## + hostname: vmselect.local + ## @param vmselect.ingress.ingressClassName IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) + ## This is supported in Kubernetes 1.18+ and required if you have more than one IngressClass marked as the default for your cluster . + ## ref: https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/ + ## + ingressClassName: "" + ## @param vmselect.ingress.path Default path for the ingress record + ## NOTE: You may need to set this to '/*' in order to use this with ALB ingress controllers + ## + path: / + ## @param vmselect.ingress.annotations Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. + ## Use this parameter to set the required annotations for cert-manager, see + ## ref: https://cert-manager.io/docs/usage/ingress/#supported-annotations + ## e.g: + ## annotations: + ## kubernetes.io/ingress.class: nginx + ## cert-manager.io/cluster-issuer: cluster-issuer-name + ## + annotations: {} + ## @param vmselect.ingress.tls Enable TLS configuration for the host defined at `vmselect.ingress.hostname` parameter + ## TLS certificates will be retrieved from a TLS secret with name: `{{- printf "%s-tls" .Values.ingress.hostname }}` + ## You can: + ## - Use the `vmselect.ingress.secrets` parameter to create this TLS secret + ## - Rely on cert-manager to create it by setting the corresponding annotations + ## - Rely on Helm to create self-signed certificates by setting `vmselect.ingress.selfSigned=true` + ## + tls: false + ## @param vmselect.ingress.selfSigned Create a TLS secret for this ingress record using self-signed certificates generated by Helm + ## + selfSigned: false + ## @param vmselect.ingress.extraHosts An array with additional hostname(s) to be covered with the ingress record + ## e.g: + ## extraHosts: + ## - name: victoriametrics select.local + ## path: / + ## + extraHosts: [] + ## @param vmselect.ingress.extraPaths An array with additional arbitrary paths that may need to be added to the ingress under the main host + ## e.g: + ## extraPaths: + ## - path: /* + ## backend: + ## serviceName: ssl-redirect + ## servicePort: use-annotation + ## + extraPaths: [] + ## @param vmselect.ingress.extraTls TLS configuration for additional hostname(s) to be covered with this ingress record + ## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls + ## e.g: + ## extraTls: + ## - hosts: + ## - victoriametrics select.local + ## secretName: victoriametrics select.local-tls + ## + extraTls: [] + ## @param vmselect.ingress.secrets Custom TLS certificates as secrets + ## NOTE: 'key' and 'certificate' are expected in PEM format + ## NOTE: 'name' should line up with a 'secretName' set further up + ## If it is not set and you're using cert-manager, this is unneeded, as it will create a secret for you with valid certificates + ## If it is not set and you're NOT using cert-manager either, self-signed certificates will be created valid for 365 days + ## It is also possible to create and manage the certificates outside of this helm chart + ## Please see README.md for more information + ## e.g: + ## secrets: + ## - name: victoriametrics select.local-tls + ## key: |- + ## -----BEGIN RSA PRIVATE KEY----- + ## ... + ## -----END RSA PRIVATE KEY----- + ## certificate: |- + ## -----BEGIN CERTIFICATE----- + ## ... + ## -----END CERTIFICATE----- + ## + secrets: [] + ## @param vmselect.ingress.extraRules Additional rules to be covered with this ingress record + ## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-rules + ## e.g: + ## extraRules: + ## - host: example.local + ## http: + ## path: / + ## backend: + ## service: + ## name: example-svc + ## port: + ## name: http + ## + extraRules: [] + ## Network Policies + ## Ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/ + ## + networkPolicy: + ## @param vmselect.networkPolicy.enabled Specifies whether a NetworkPolicy should be created + ## + enabled: true + ## @param vmselect.networkPolicy.allowExternal Don't require server label for connections + ## The Policy model to apply. When set to false, only pods with the correct + ## server label will have network access to the ports server is listening + ## on. When true, server will accept connections from any source + ## (with the correct destination port). + ## + allowExternal: false + ## @param vmselect.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations. + ## + allowExternalEgress: true + ## @param vmselect.networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy + ## e.g: + ## extraIngress: + ## - ports: + ## - port: 1234 + ## from: + ## - podSelector: + ## - matchLabels: + ## - role: frontend + ## - podSelector: + ## - matchExpressions: + ## - key: role + ## operator: In + ## values: + ## - frontend + extraIngress: [] + ## @param vmselect.networkPolicy.extraEgress [array] Add extra ingress rules to the NetworkPolicy + ## e.g: + ## extraEgress: + ## - ports: + ## - port: 1234 + ## to: + ## - podSelector: + ## - matchLabels: + ## - role: frontend + ## - podSelector: + ## - matchExpressions: + ## - key: role + ## operator: In + ## values: + ## - frontend + ## + extraEgress: [] + ## @param vmselect.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces + ## @param vmselect.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces + ## + ingressNSMatchLabels: {} + ingressNSPodMatchLabels: {} + + ## @section VictoriaMetrics Select Metrics Parameters + ## + ## Prometheus metrics + ## + metrics: + ## @param vmselect.metrics.enabled Enable the export of Prometheus metrics + ## + enabled: true + ## @param vmselect.metrics.annotations Additional custom annotations for the service + ## + annotations: {} + ## Prometheus Operator ServiceMonitor configuration + ## + serviceMonitor: + ## @param vmselect.metrics.serviceMonitor.enabled if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) + ## + enabled: false + ## @param vmselect.metrics.serviceMonitor.namespace Namespace in which Prometheus is running + ## + namespace: "" + ## @param vmselect.metrics.serviceMonitor.annotations Additional custom annotations for the ServiceMonitor + ## + annotations: {} + ## @param vmselect.metrics.serviceMonitor.labels Extra labels for the ServiceMonitor + ## + labels: {} + ## @param vmselect.metrics.serviceMonitor.jobLabel The name of the label on the target service to use as the job name in Prometheus + ## + jobLabel: "" + ## @param vmselect.metrics.serviceMonitor.honorLabels honorLabels chooses the metric's labels on collisions with target labels + ## + honorLabels: false + ## @param vmselect.metrics.serviceMonitor.interval Interval at which metrics should be scraped. + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## e.g: + ## interval: 10s + ## + interval: "" + ## @param vmselect.metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## e.g: + ## scrapeTimeout: 10s + ## + scrapeTimeout: "" + ## @param vmselect.metrics.serviceMonitor.metricRelabelings Specify additional relabeling of metrics + ## + metricRelabelings: [] + ## @param vmselect.metrics.serviceMonitor.relabelings Specify general relabeling + ## + relabelings: [] + ## @param vmselect.metrics.serviceMonitor.selector Prometheus instance selector labels + ## ref: https://github.com/drycc/charts/tree/main/drycc/prometheus-operator#prometheus-configuration + ## selector: + ## prometheus: my-prometheus + ## + selector: {} + +## @section VictoriaMetrics Insert Parameters +## +vminsert: + ## Drycc VictoriaMetrics Insert image + ## ref: https://hub.docker.com/r/drycc/victoriametrics-vminsert/tags/ + ## @param vminsert.image.registry [default: REGISTRY_NAME] VictoriaMetrics Insert image registry + ## @param vminsert.image.repository [default: REPOSITORY_NAME/victoriametrics-vminsert] VictoriaMetrics Insert image repository + ## @skip vminsert.image.tag VictoriaMetrics Insert image tag (immutable tags are recommended) + ## @param vminsert.image.digest VictoriaMetrics Insert image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) + ## @param vminsert.image.pullPolicy VictoriaMetrics Insert image pull policy + ## @param vminsert.image.pullSecrets VictoriaMetrics Insert image pull secrets + ## + image: + registry: registry.drycc.cc + repository: drycc/victoriametrics + tag: 0.0.1 + digest: "" + ## Specify a imagePullPolicy + ## ref: http://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images + ## + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] + ## @param vminsert.replicaCount Number of VictoriaMetrics Insert replicas to deploy + ## + replicaCount: 2 + ## @param vminsert.containerPorts.http VictoriaMetrics Insert http container port + ## + containerPorts: + http: 8480 + ## Configure extra options for VictoriaMetrics Insert containers' liveness and readiness probes + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes + ## @param vminsert.livenessProbe.enabled Enable livenessProbe on VictoriaMetrics Insert containers + ## @param vminsert.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe + ## @param vminsert.livenessProbe.periodSeconds Period seconds for livenessProbe + ## @param vminsert.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe + ## @param vminsert.livenessProbe.failureThreshold Failure threshold for livenessProbe + ## @param vminsert.livenessProbe.successThreshold Success threshold for livenessProbe + ## + livenessProbe: + enabled: true + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 5 + successThreshold: 1 + ## @param vminsert.readinessProbe.enabled Enable readinessProbe on VictoriaMetrics Insert containers + ## @param vminsert.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe + ## @param vminsert.readinessProbe.periodSeconds Period seconds for readinessProbe + ## @param vminsert.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe + ## @param vminsert.readinessProbe.failureThreshold Failure threshold for readinessProbe + ## @param vminsert.readinessProbe.successThreshold Success threshold for readinessProbe + ## + readinessProbe: + enabled: true + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 5 + successThreshold: 1 + ## @param vminsert.startupProbe.enabled Enable startupProbe on VictoriaMetrics Insert containers + ## @param vminsert.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe + ## @param vminsert.startupProbe.periodSeconds Period seconds for startupProbe + ## @param vminsert.startupProbe.timeoutSeconds Timeout seconds for startupProbe + ## @param vminsert.startupProbe.failureThreshold Failure threshold for startupProbe + ## @param vminsert.startupProbe.successThreshold Success threshold for startupProbe + ## + startupProbe: + enabled: true + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 5 + successThreshold: 1 + ## @param vminsert.customLivenessProbe Custom livenessProbe that overrides the default one + ## + customLivenessProbe: {} + ## @param vminsert.customReadinessProbe Custom readinessProbe that overrides the default one + ## + customReadinessProbe: {} + ## @param vminsert.customStartupProbe Custom startupProbe that overrides the default one + ## + customStartupProbe: {} + ## VictoriaMetrics Insert resource requests and limits + ## ref: http://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ + ## @param vminsert.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if vminsert.resources is set (vminsert.resources is recommended for production). + ## More information: https://github.com/drycc/charts/blob/main/drycc/common/templates/_resources.tpl#L15 + ## + resourcesPreset: "nano" + ## @param vminsert.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) + ## Example: + ## resources: + ## requests: + ## cpu: 2 + ## memory: 512Mi + ## limits: + ## cpu: 3 + ## memory: 1024Mi + ## + resources: {} + ## @param vminsert.deploymentAnnotations Annotations for VictoriaMetrics Insert Deployment + ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + ## + deploymentAnnotations: {} + ## Configure Pods Security Context + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod + ## @param vminsert.podSecurityContext.enabled Enabled VictoriaMetrics Insert pods' Security Context + ## @param vminsert.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy + ## @param vminsert.podSecurityContext.sysctls Set kernel settings using the sysctl interface + ## @param vminsert.podSecurityContext.supplementalGroups Set filesystem extra groups + ## @param vminsert.podSecurityContext.fsGroup Set VictoriaMetrics Insert pod's Security Context fsGroup + ## + podSecurityContext: + enabled: true + fsGroupChangePolicy: Always + sysctls: [] + supplementalGroups: [] + fsGroup: 1001 + ## Configure Container Security Context + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container + ## @param vminsert.containerSecurityContext.enabled Enabled VictoriaMetrics Insert containers' Security Context + ## @param vminsert.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container + ## @param vminsert.containerSecurityContext.runAsUser Set containers' Security Context runAsUser + ## @param vminsert.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup + ## @param vminsert.containerSecurityContext.runAsNonRoot Set VictoriaMetrics Insert containers' Security Context runAsNonRoot + ## @param vminsert.containerSecurityContext.privileged Set VictoriaMetrics Insert containers' Security Context privileged + ## @param vminsert.containerSecurityContext.readOnlyRootFilesystem Set VictoriaMetrics Insert containers' Security Context runAsNonRoot + ## @param vminsert.containerSecurityContext.allowPrivilegeEscalation Set VictoriaMetrics Insert container's privilege escalation + ## @param vminsert.containerSecurityContext.capabilities.drop Set VictoriaMetrics Insert container's Security Context runAsNonRoot + ## @param vminsert.containerSecurityContext.seccompProfile.type Set VictoriaMetrics Insert container's Security Context seccomp profile + ## + containerSecurityContext: + enabled: true + seLinuxOptions: {} + runAsUser: 1001 + runAsGroup: 1001 + runAsNonRoot: true + privileged: false + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + capabilities: + drop: ["ALL"] + seccompProfile: + type: RuntimeDefault + ## @param vminsert.command Override default container command (useful when using custom images) + ## + command: [] + ## @param vminsert.args Override default container args (useful when using custom images) + ## + args: [] + ## @param vminsert.extraArgs Add extra arguments to the default command + ## + extraArgs: [] + ## @param vminsert.automountServiceAccountToken Mount Service Account token in pod + ## + automountServiceAccountToken: false + ## @param vminsert.hostAliases VictoriaMetrics Insert pods host aliases + ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ + ## + hostAliases: [] + ## @param vminsert.podLabels Extra labels for VictoriaMetrics Insert pods + ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + ## + podLabels: {} + ## @param vminsert.podAnnotations Annotations for VictoriaMetrics Insert pods + ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + ## + podAnnotations: {} + ## @param vminsert.podAffinityPreset Pod affinity preset. Ignored if `vminsert.affinity` is set. Allowed values: `soft` or `hard` + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity + ## + podAffinityPreset: "" + ## @param vminsert.podAntiAffinityPreset Pod anti-affinity preset. Ignored if `vminsert.affinity` is set. Allowed values: `soft` or `hard` + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity + ## + podAntiAffinityPreset: soft + ## Pod Disruption Budget configuration + ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb + ## @param vminsert.pdb.create Enable/disable a Pod Disruption Budget creation + ## @param vminsert.pdb.minAvailable Minimum number/percentage of pods that should remain scheduled + ## @param vminsert.pdb.maxUnavailable Maximum number/percentage of pods that may be made unavailable + ## + pdb: + create: true + minAvailable: "" + maxUnavailable: "" + ## Autoscaling configuration + ## ref: https://kubernetes.io/docs/concepts/workloads/autoscaling/ + ## + autoscaling: + ## @param vminsert.autoscaling.vpa.enabled Enable VPA for VictoriaMetrics Insert pods + ## @param vminsert.autoscaling.vpa.annotations Annotations for VPA resource + ## @param vminsert.autoscaling.vpa.controlledResources VPA List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory + ## @param vminsert.autoscaling.vpa.maxAllowed VPA Max allowed resources for the pod + ## @param vminsert.autoscaling.vpa.minAllowed VPA Min allowed resources for the pod + ## + vpa: + enabled: false + annotations: {} + controlledResources: [] + maxAllowed: {} + minAllowed: {} + ## @param vminsert.autoscaling.vpa.updatePolicy.updateMode Autoscaling update policy + ## Specifies whether recommended updates are applied when a Pod is started and whether recommended updates are applied during the life of a Pod + ## Possible values are "Off", "Initial", "Recreate", and "Auto". + ## + updatePolicy: + updateMode: Auto + ## @param vminsert.autoscaling.hpa.enabled Enable HPA for VictoriaMetrics Insert pods + ## @param vminsert.autoscaling.hpa.minReplicas Minimum number of replicas + ## @param vminsert.autoscaling.hpa.maxReplicas Maximum number of replicas + ## @param vminsert.autoscaling.hpa.targetCPU Target CPU utilization percentage + ## @param vminsert.autoscaling.hpa.targetMemory Target Memory utilization percentage + ## + hpa: + enabled: false + minReplicas: "" + maxReplicas: "" + targetCPU: "" + targetMemory: "" + ## Node vminsert.affinity preset + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity + ## + nodeAffinityPreset: + ## @param vminsert.nodeAffinityPreset.type Node affinity preset type. Ignored if `vminsert.affinity` is set. Allowed values: `soft` or `hard` + ## + type: "" + ## @param vminsert.nodeAffinityPreset.key Node label key to match. Ignored if `vminsert.affinity` is set + ## + key: "" + ## @param vminsert.nodeAffinityPreset.values Node label values to match. Ignored if `vminsert.affinity` is set + ## E.g. + ## values: + ## - e2e-az1 + ## - e2e-az2 + ## + values: [] + ## @param vminsert.affinity Affinity for VictoriaMetrics Insert pods assignment + ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity + ## NOTE: `vminsert.podAffinityPreset`, `vminsert.podAntiAffinityPreset`, and `vminsert.nodeAffinityPreset` will be ignored when it's set + ## + affinity: {} + ## @param vminsert.nodeSelector Node labels for VictoriaMetrics Insert pods assignment + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ + ## + nodeSelector: {} + ## @param vminsert.tolerations Tolerations for VictoriaMetrics Insert pods assignment + ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ + ## + tolerations: [] + ## @param vminsert.updateStrategy.type VictoriaMetrics Insert statefulset strategy type + ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies + ## + updateStrategy: + ## StrategyType + ## Can be set to RollingUpdate or OnDelete + ## + type: RollingUpdate + ## @param vminsert.priorityClassName VictoriaMetrics Insert pods' priorityClassName + ## + priorityClassName: "" + ## @param vminsert.topologySpreadConstraints Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods + ## + topologySpreadConstraints: [] + ## @param vminsert.schedulerName Name of the k8s scheduler (other than default) for VictoriaMetrics Insert pods + ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ + ## + schedulerName: "" + ## @param vminsert.terminationGracePeriodSeconds Seconds Redmine pod needs to terminate gracefully + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods + ## + terminationGracePeriodSeconds: "" + ## @param vminsert.lifecycleHooks for the VictoriaMetrics Insert container(s) to automate configuration before or after startup + ## + lifecycleHooks: {} + ## @param vminsert.extraEnvVars Array with extra environment variables to add to VictoriaMetrics Insert nodes + ## e.g: + ## extraEnvVars: + ## - name: FOO + ## value: "bar" + ## + extraEnvVars: [] + ## @param vminsert.extraEnvVarsCM Name of existing ConfigMap containing extra env vars for VictoriaMetrics Insert nodes + ## + extraEnvVarsCM: "" + ## @param vminsert.extraEnvVarsSecret Name of existing Secret containing extra env vars for VictoriaMetrics Insert nodes + ## + extraEnvVarsSecret: "" + ## @param vminsert.extraVolumes Optionally specify extra list of additional volumes for the VictoriaMetrics Insert pod(s) + ## + extraVolumes: [] + ## @param vminsert.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the VictoriaMetrics Insert container(s) + ## + extraVolumeMounts: [] + ## @param vminsert.sidecars Add additional sidecar containers to the VictoriaMetrics Insert pod(s) + ## e.g: + ## sidecars: + ## - name: your-image-name + ## image: your-image + ## imagePullPolicy: Always + ## ports: + ## - name: portname + ## containerPort: 1234 + ## + sidecars: [] + ## @param vminsert.initContainers Add additional init containers to the VictoriaMetrics Insert pod(s) + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + ## e.g: + ## initContainers: + ## - name: your-image-name + ## image: your-image + ## imagePullPolicy: Always + ## command: ['sh', '-c', 'echo "hello world"'] + ## + initContainers: [] + + ## ServiceAccount configuration + ## + serviceAccount: + ## @param vminsert.serviceAccount.create Specifies whether a ServiceAccount should be created + ## + create: true + ## @param vminsert.serviceAccount.name The name of the ServiceAccount to use. + ## If not set and create is true, a name is generated using the common.names.fullname template + ## + name: "" + ## @param vminsert.serviceAccount.annotations Additional Service Account annotations (evaluated as a template) + ## + annotations: {} + ## @param vminsert.serviceAccount.automountServiceAccountToken Automount service account token for the server service account + ## + automountServiceAccountToken: false + ## @section VictoriaMetrics Insert Traffic Exposure Parameters + ## + service: + ## @param vminsert.service.type VictoriaMetrics Insert service type + ## + type: ClusterIP + ## @param vminsert.service.ports.http VictoriaMetrics Insert service http port + ## + ports: + http: "8480" + ## Node ports to expose + ## @param vminsert.service.nodePorts.http Node port for HTTP + ## NOTE: choose port between <30000-32767> + ## + nodePorts: + http: "" + ## @param vminsert.service.clusterIP VictoriaMetrics Insert service Cluster IP + ## e.g.: + ## clusterIP: None + ## + clusterIP: "" + ## @param vminsert.service.loadBalancerIP VictoriaMetrics Insert service Load Balancer IP + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer + ## + loadBalancerIP: "" + ## @param vminsert.service.loadBalancerSourceRanges VictoriaMetrics Insert service Load Balancer sources + ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service + ## e.g: + ## loadBalancerSourceRanges: + ## - 10.10.10.0/24 + ## + loadBalancerSourceRanges: [] + ## @param vminsert.service.externalTrafficPolicy VictoriaMetrics Insert service external traffic policy + ## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip + ## + externalTrafficPolicy: Cluster + ## @param vminsert.service.annotations [object] Additional custom annotations for VictoriaMetrics Insert service + ## + annotations: {} + ## @param vminsert.service.extraPorts Extra ports to expose in VictoriaMetrics Insert service (normally used with the `sidecars` value) + ## + extraPorts: [] + ## @param vminsert.service.sessionAffinity Control where client requests go, to the same pod or round-robin + ## Values: ClientIP or None + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/ + ## + sessionAffinity: None + ## @param vminsert.service.sessionAffinityConfig Additional settings for the sessionAffinity + ## sessionAffinityConfig: + ## clientIP: + ## timeoutSeconds: 300 + ## + sessionAffinityConfig: {} + ## ref: http://kubernetes.io/docs/concepts/services-networking/ingress/ + ## + ingress: + ## @param vminsert.ingress.enabled Enable ingress record generation for VictoriaMetrics Insert + ## + enabled: false + ## @param vminsert.ingress.pathType Ingress path type + ## + pathType: ImplementationSpecific + ## @param vminsert.ingress.apiVersion Force Ingress API version (automatically detected if not set) + ## + apiVersion: "" + ## @param vminsert.ingress.hostname Default host for the ingress record + ## + hostname: vminsert.local + ## @param vminsert.ingress.ingressClassName IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) + ## This is supported in Kubernetes 1.18+ and required if you have more than one IngressClass marked as the default for your cluster . + ## ref: https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/ + ## + ingressClassName: "" + ## @param vminsert.ingress.path Default path for the ingress record + ## NOTE: You may need to set this to '/*' in order to use this with ALB ingress controllers + ## + path: / + ## @param vminsert.ingress.annotations Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. + ## Use this parameter to set the required annotations for cert-manager, see + ## ref: https://cert-manager.io/docs/usage/ingress/#supported-annotations + ## e.g: + ## annotations: + ## kubernetes.io/ingress.class: nginx + ## cert-manager.io/cluster-issuer: cluster-issuer-name + ## + annotations: {} + ## @param vminsert.ingress.tls Enable TLS configuration for the host defined at `vminsert.ingress.hostname` parameter + ## TLS certificates will be retrieved from a TLS secret with name: `{{- printf "%s-tls" .Values.ingress.hostname }}` + ## You can: + ## - Use the `vminsert.ingress.secrets` parameter to create this TLS secret + ## - Rely on cert-manager to create it by setting the corresponding annotations + ## - Rely on Helm to create self-signed certificates by setting `vminsert.ingress.selfSigned=true` + ## + tls: false + ## @param vminsert.ingress.selfSigned Create a TLS secret for this ingress record using self-signed certificates generated by Helm + ## + selfSigned: false + ## @param vminsert.ingress.extraHosts An array with additional hostname(s) to be covered with the ingress record + ## e.g: + ## extraHosts: + ## - name: victoriametrics select.local + ## path: / + ## + extraHosts: [] + ## @param vminsert.ingress.extraPaths An array with additional arbitrary paths that may need to be added to the ingress under the main host + ## e.g: + ## extraPaths: + ## - path: /* + ## backend: + ## serviceName: ssl-redirect + ## servicePort: use-annotation + ## + extraPaths: [] + ## @param vminsert.ingress.extraTls TLS configuration for additional hostname(s) to be covered with this ingress record + ## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls + ## e.g: + ## extraTls: + ## - hosts: + ## - victoriametrics select.local + ## secretName: victoriametrics select.local-tls + ## + extraTls: [] + ## @param vminsert.ingress.secrets Custom TLS certificates as secrets + ## NOTE: 'key' and 'certificate' are expected in PEM format + ## NOTE: 'name' should line up with a 'secretName' set further up + ## If it is not set and you're using cert-manager, this is unneeded, as it will create a secret for you with valid certificates + ## If it is not set and you're NOT using cert-manager either, self-signed certificates will be created valid for 365 days + ## It is also possible to create and manage the certificates outside of this helm chart + ## Please see README.md for more information + ## e.g: + ## secrets: + ## - name: victoriametrics select.local-tls + ## key: |- + ## -----BEGIN RSA PRIVATE KEY----- + ## ... + ## -----END RSA PRIVATE KEY----- + ## certificate: |- + ## -----BEGIN CERTIFICATE----- + ## ... + ## -----END CERTIFICATE----- + ## + secrets: [] + ## @param vminsert.ingress.extraRules Additional rules to be covered with this ingress record + ## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-rules + ## e.g: + ## extraRules: + ## - host: example.local + ## http: + ## path: / + ## backend: + ## service: + ## name: example-svc + ## port: + ## name: http + ## + extraRules: [] + ## Network Policies + ## Ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/ + ## + networkPolicy: + ## @param vminsert.networkPolicy.enabled Specifies whether a NetworkPolicy should be created + ## + enabled: true + ## @param vminsert.networkPolicy.allowExternal Don't require server label for connections + ## The Policy model to apply. When set to false, only pods with the correct + ## server label will have network access to the ports server is listening + ## on. When true, server will accept connections from any source + ## (with the correct destination port). + ## + allowExternal: false + ## @param vminsert.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations. + ## + allowExternalEgress: true + ## @param vminsert.networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy + ## e.g: + ## extraIngress: + ## - ports: + ## - port: 1234 + ## from: + ## - podSelector: + ## - matchLabels: + ## - role: frontend + ## - podSelector: + ## - matchExpressions: + ## - key: role + ## operator: In + ## values: + ## - frontend + extraIngress: [] + ## @param vminsert.networkPolicy.extraEgress [array] Add extra ingress rules to the NetworkPolicy + ## e.g: + ## extraEgress: + ## - ports: + ## - port: 1234 + ## to: + ## - podSelector: + ## - matchLabels: + ## - role: frontend + ## - podSelector: + ## - matchExpressions: + ## - key: role + ## operator: In + ## values: + ## - frontend + ## + extraEgress: [] + ## @param vminsert.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces + ## @param vminsert.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces + ## + ingressNSMatchLabels: {} + ingressNSPodMatchLabels: {} + + ## @section VictoriaMetrics Insert Metrics Parameters + ## + ## Prometheus metrics + ## + metrics: + ## @param vminsert.metrics.enabled Enable the export of Prometheus metrics + ## + enabled: true + ## @param vminsert.metrics.annotations Additional custom annotations for the service + ## + annotations: {} + ## Prometheus Operator ServiceMonitor configuration + ## + serviceMonitor: + ## @param vminsert.metrics.serviceMonitor.enabled if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) + ## + enabled: false + ## @param vminsert.metrics.serviceMonitor.namespace Namespace in which Prometheus is running + ## + namespace: "" + ## @param vminsert.metrics.serviceMonitor.annotations Additional custom annotations for the ServiceMonitor + ## + annotations: {} + ## @param vminsert.metrics.serviceMonitor.labels Extra labels for the ServiceMonitor + ## + labels: {} + ## @param vminsert.metrics.serviceMonitor.jobLabel The name of the label on the target service to use as the job name in Prometheus + ## + jobLabel: "" + ## @param vminsert.metrics.serviceMonitor.honorLabels honorLabels chooses the metric's labels on collisions with target labels + ## + honorLabels: false + ## @param vminsert.metrics.serviceMonitor.interval Interval at which metrics should be scraped. + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## e.g: + ## interval: 10s + ## + interval: "" + ## @param vminsert.metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## e.g: + ## scrapeTimeout: 10s + ## + scrapeTimeout: "" + ## @param vminsert.metrics.serviceMonitor.metricRelabelings Specify additional relabeling of metrics + ## + metricRelabelings: [] + ## @param vminsert.metrics.serviceMonitor.relabelings Specify general relabeling + ## + relabelings: [] + ## @param vminsert.metrics.serviceMonitor.selector Prometheus instance selector labels + ## ref: https://github.com/drycc/charts/tree/main/drycc/prometheus-operator#prometheus-configuration + ## selector: + ## prometheus: my-prometheus + ## + selector: {} + +## @section VictoriaMetrics Storage Parameters +## +vmstorage: + ## Drycc VictoriaMetrics Storage image + ## ref: https://hub.docker.com/r/drycc/victoriametrics-vmstorage/tags/ + ## @param vmstorage.image.registry [default: REGISTRY_NAME] VictoriaMetrics Storage image registry + ## @param vmstorage.image.repository [default: REPOSITORY_NAME/victoriametrics-vmstorage] VictoriaMetrics Storage image repository + ## @skip vmstorage.image.tag VictoriaMetrics Storage image tag (immutable tags are recommended) + ## @param vmstorage.image.digest VictoriaMetrics Storage image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) + ## @param vmstorage.image.pullPolicy VictoriaMetrics Storage image pull policy + ## @param vmstorage.image.pullSecrets VictoriaMetrics Storage image pull secrets + ## + image: + registry: registry.drycc.cc + repository: drycc/victoriametrics + tag: 0.0.1 + digest: "" + ## Specify a imagePullPolicy + ## ref: http://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images + ## + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] + ## @param vmstorage.replicaCount Number of VictoriaMetrics Storage replicas to deploy + ## + replicaCount: 3 + ## @param vmstorage.containerPorts.http VictoriaMetrics Storage http container port + ## @param vmstorage.containerPorts.vmselect VictoriaMetrics Storage vmselect container port + ## @param vmstorage.containerPorts.vminsert VictoriaMetrics Storage vminsert container port + ## + containerPorts: + http: 8482 + vmselect: 8401 + vminsert: 8400 + ## Configure extra options for VictoriaMetrics Storage containers' liveness and readiness probes + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes + ## @param vmstorage.livenessProbe.enabled Enable livenessProbe on VictoriaMetrics Storage containers + ## @param vmstorage.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe + ## @param vmstorage.livenessProbe.periodSeconds Period seconds for livenessProbe + ## @param vmstorage.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe + ## @param vmstorage.livenessProbe.failureThreshold Failure threshold for livenessProbe + ## @param vmstorage.livenessProbe.successThreshold Success threshold for livenessProbe + ## + livenessProbe: + enabled: true + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 5 + successThreshold: 1 + ## @param vmstorage.readinessProbe.enabled Enable readinessProbe on VictoriaMetrics Storage containers + ## @param vmstorage.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe + ## @param vmstorage.readinessProbe.periodSeconds Period seconds for readinessProbe + ## @param vmstorage.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe + ## @param vmstorage.readinessProbe.failureThreshold Failure threshold for readinessProbe + ## @param vmstorage.readinessProbe.successThreshold Success threshold for readinessProbe + ## + readinessProbe: + enabled: true + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 5 + successThreshold: 1 + ## @param vmstorage.startupProbe.enabled Enable startupProbe on VictoriaMetrics Storage containers + ## @param vmstorage.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe + ## @param vmstorage.startupProbe.periodSeconds Period seconds for startupProbe + ## @param vmstorage.startupProbe.timeoutSeconds Timeout seconds for startupProbe + ## @param vmstorage.startupProbe.failureThreshold Failure threshold for startupProbe + ## @param vmstorage.startupProbe.successThreshold Success threshold for startupProbe + ## + startupProbe: + enabled: true + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 5 + successThreshold: 1 + ## @param vmstorage.customLivenessProbe Custom livenessProbe that overrides the default one + ## + customLivenessProbe: {} + ## @param vmstorage.customReadinessProbe Custom readinessProbe that overrides the default one + ## + customReadinessProbe: {} + ## @param vmstorage.customStartupProbe Custom startupProbe that overrides the default one + ## + customStartupProbe: {} + ## VictoriaMetrics Storage resource requests and limits + ## ref: http://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ + ## @param vmstorage.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if vmstorage.resources is set (vmstorage.resources is recommended for production). + ## More information: https://github.com/drycc/charts/blob/main/drycc/common/templates/_resources.tpl#L15 + ## + resourcesPreset: "small" + ## @param vmstorage.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) + ## Example: + ## resources: + ## requests: + ## cpu: 2 + ## memory: 512Mi + ## limits: + ## cpu: 3 + ## memory: 1024Mi + ## + resources: {} + ## @param vmstorage.retentionPeriod Data retention period + ## + retentionPeriod: 30 + ## @param vmstorage.statefulsetAnnotations Annotations for VictoriaMetrics Storage statefulset + ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + ## + statefulsetAnnotations: {} + ## Configure Pods Security Context + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod + ## @param vmstorage.podSecurityContext.enabled Enabled VictoriaMetrics Storage pods' Security Context + ## @param vmstorage.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy + ## @param vmstorage.podSecurityContext.sysctls Set kernel settings using the sysctl interface + ## @param vmstorage.podSecurityContext.supplementalGroups Set filesystem extra groups + ## @param vmstorage.podSecurityContext.fsGroup Set VictoriaMetrics Storage pod's Security Context fsGroup + ## + podSecurityContext: + enabled: true + fsGroupChangePolicy: Always + sysctls: [] + supplementalGroups: [] + fsGroup: 1001 + ## Configure Container Security Context + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container + ## @param vmstorage.containerSecurityContext.enabled Enabled VictoriaMetrics Storage containers' Security Context + ## @param vmstorage.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container + ## @param vmstorage.containerSecurityContext.runAsUser Set containers' Security Context runAsUser + ## @param vmstorage.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup + ## @param vmstorage.containerSecurityContext.runAsNonRoot Set VictoriaMetrics Storage containers' Security Context runAsNonRoot + ## @param vmstorage.containerSecurityContext.privileged Set VictoriaMetrics Storage containers' Security Context privileged + ## @param vmstorage.containerSecurityContext.readOnlyRootFilesystem Set VictoriaMetrics Storage containers' Security Context runAsNonRoot + ## @param vmstorage.containerSecurityContext.allowPrivilegeEscalation Set VictoriaMetrics Storage container's privilege escalation + ## @param vmstorage.containerSecurityContext.capabilities.drop Set VictoriaMetrics Storage container's Security Context runAsNonRoot + ## @param vmstorage.containerSecurityContext.seccompProfile.type Set VictoriaMetrics Storage container's Security Context seccomp profile + ## + containerSecurityContext: + enabled: true + seLinuxOptions: {} + runAsUser: 1001 + runAsGroup: 1001 + runAsNonRoot: true + privileged: false + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + capabilities: + drop: ["ALL"] + seccompProfile: + type: RuntimeDefault + ## @param vmstorage.command Override default container command (useful when using custom images) + ## + command: [] + ## @param vmstorage.args Override default container args (useful when using custom images) + ## + args: [] + ## @param vmstorage.extraArgs Add extra arguments to the default command + ## + extraArgs: [] + ## @param vmstorage.automountServiceAccountToken Mount Service Account token in pod + ## + automountServiceAccountToken: false + ## @param vmstorage.hostAliases VictoriaMetrics Storage pods host aliases + ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ + ## + hostAliases: [] + ## @param vmstorage.podLabels Extra labels for VictoriaMetrics Storage pods + ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + ## + podLabels: {} + ## @param vmstorage.podAnnotations Annotations for VictoriaMetrics Storage pods + ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + ## + podAnnotations: {} + ## @param vmstorage.podAffinityPreset Pod affinity preset. Ignored if `vmstorage.affinity` is set. Allowed values: `soft` or `hard` + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity + ## + podAffinityPreset: "" + ## @param vmstorage.podAntiAffinityPreset Pod anti-affinity preset. Ignored if `vmstorage.affinity` is set. Allowed values: `soft` or `hard` + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity + ## + podAntiAffinityPreset: soft + ## Pod Disruption Budget configuration + ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb + ## @param vmstorage.pdb.create Enable/disable a Pod Disruption Budget creation + ## @param vmstorage.pdb.minAvailable Minimum number/percentage of pods that should remain scheduled + ## @param vmstorage.pdb.maxUnavailable Maximum number/percentage of pods that may be made unavailable + ## + pdb: + create: true + minAvailable: "" + maxUnavailable: "" + ## Autoscaling configuration + ## ref: https://kubernetes.io/docs/concepts/workloads/autoscaling/ + ## + autoscaling: + ## @param vmstorage.autoscaling.vpa.enabled Enable VPA for VictoriaMetrics Storage pods + ## @param vmstorage.autoscaling.vpa.annotations Annotations for VPA resource + ## @param vmstorage.autoscaling.vpa.controlledResources VPA List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory + ## @param vmstorage.autoscaling.vpa.maxAllowed VPA Max allowed resources for the pod + ## @param vmstorage.autoscaling.vpa.minAllowed VPA Min allowed resources for the pod + ## + vpa: + enabled: false + annotations: {} + controlledResources: [] + maxAllowed: {} + minAllowed: {} + ## @param vmstorage.autoscaling.vpa.updatePolicy.updateMode Autoscaling update policy + ## Specifies whether recommended updates are applied when a Pod is started and whether recommended updates are applied during the life of a Pod + ## Possible values are "Off", "Initial", "Recreate", and "Auto". + ## + updatePolicy: + updateMode: Auto + ## @param vmstorage.autoscaling.hpa.enabled Enable HPA for VictoriaMetrics Storage pods + ## @param vmstorage.autoscaling.hpa.minReplicas Minimum number of replicas + ## @param vmstorage.autoscaling.hpa.maxReplicas Maximum number of replicas + ## @param vmstorage.autoscaling.hpa.targetCPU Target CPU utilization percentage + ## @param vmstorage.autoscaling.hpa.targetMemory Target Memory utilization percentage + ## + hpa: + enabled: false + minReplicas: "" + maxReplicas: "" + targetCPU: "" + targetMemory: "" + ## Node vmstorage.affinity preset + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity + ## + nodeAffinityPreset: + ## @param vmstorage.nodeAffinityPreset.type Node affinity preset type. Ignored if `vmstorage.affinity` is set. Allowed values: `soft` or `hard` + ## + type: "" + ## @param vmstorage.nodeAffinityPreset.key Node label key to match. Ignored if `vmstorage.affinity` is set + ## + key: "" + ## @param vmstorage.nodeAffinityPreset.values Node label values to match. Ignored if `vmstorage.affinity` is set + ## E.g. + ## values: + ## - e2e-az1 + ## - e2e-az2 + ## + values: [] + ## @param vmstorage.affinity Affinity for VictoriaMetrics Storage pods assignment + ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity + ## NOTE: `vmstorage.podAffinityPreset`, `vmstorage.podAntiAffinityPreset`, and `vmstorage.nodeAffinityPreset` will be ignored when it's set + ## + affinity: {} + ## @param vmstorage.nodeSelector Node labels for VictoriaMetrics Storage pods assignment + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ + ## + nodeSelector: {} + ## @param vmstorage.podManagementPolicy Pod management policy for VictoriaMetrics Storage statefulset + ## Ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies + ## + podManagementPolicy: Parallel + ## @param vmstorage.tolerations Tolerations for VictoriaMetrics Storage pods assignment + ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ + ## + tolerations: [] + ## @param vmstorage.updateStrategy.type VictoriaMetrics Storage statefulset strategy type + ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies + ## + updateStrategy: + ## StrategyType + ## Can be set to RollingUpdate or OnDelete + ## + type: RollingUpdate + ## @param vmstorage.priorityClassName VictoriaMetrics Storage pods' priorityClassName + ## + priorityClassName: "" + ## @param vmstorage.topologySpreadConstraints Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods + ## + topologySpreadConstraints: [] + ## @param vmstorage.schedulerName Name of the k8s scheduler (other than default) for VictoriaMetrics Storage pods + ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ + ## + schedulerName: "" + ## @param vmstorage.terminationGracePeriodSeconds Seconds Redmine pod needs to terminate gracefully + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods + ## + terminationGracePeriodSeconds: "" + ## @param vmstorage.lifecycleHooks for the VictoriaMetrics Storage container(s) to automate configuration before or after startup + ## + lifecycleHooks: {} + ## @param vmstorage.extraEnvVars Array with extra environment variables to add to VictoriaMetrics Storage nodes + ## e.g: + ## extraEnvVars: + ## - name: FOO + ## value: "bar" + ## + extraEnvVars: [] + ## @param vmstorage.extraEnvVarsCM Name of existing ConfigMap containing extra env vars for VictoriaMetrics Storage nodes + ## + extraEnvVarsCM: "" + ## @param vmstorage.extraEnvVarsSecret Name of existing Secret containing extra env vars for VictoriaMetrics Storage nodes + ## + extraEnvVarsSecret: "" + ## @param vmstorage.extraVolumes Optionally specify extra list of additional volumes for the VictoriaMetrics Storage pod(s) + ## + extraVolumes: [] + ## @param vmstorage.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the VictoriaMetrics Storage container(s) + ## + extraVolumeMounts: [] + ## @param vmstorage.sidecars Add additional sidecar containers to the VictoriaMetrics Storage pod(s) + ## e.g: + ## sidecars: + ## - name: your-image-name + ## image: your-image + ## imagePullPolicy: Always + ## ports: + ## - name: portname + ## containerPort: 1234 + ## + sidecars: [] + ## @param vmstorage.initContainers Add additional init containers to the VictoriaMetrics Storage pod(s) + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + ## e.g: + ## initContainers: + ## - name: your-image-name + ## image: your-image + ## imagePullPolicy: Always + ## command: ['sh', '-c', 'echo "hello world"'] + ## + initContainers: [] + ## ServiceAccount configuration + ## + serviceAccount: + ## @param vmstorage.serviceAccount.create Specifies whether a ServiceAccount should be created + ## + create: true + ## @param vmstorage.serviceAccount.name The name of the ServiceAccount to use. + ## If not set and create is true, a name is generated using the common.names.fullname template + ## + name: "" + ## @param vmstorage.serviceAccount.annotations Additional Service Account annotations (evaluated as a template) + ## + annotations: {} + ## @param vmstorage.serviceAccount.automountServiceAccountToken Automount service account token for the server service account + ## + automountServiceAccountToken: false + ## @section VictoriaMetrics Storage Traffic Exposure Parameters + ## + service: + ## @param vmstorage.service.type VictoriaMetrics Storage service type + ## + type: ClusterIP + ## @param vmstorage.service.ports.http VictoriaMetrics Storage service http port + ## + ports: + http: "80" + ## Node ports to expose + ## @param vmstorage.service.nodePorts.http Node port for HTTP + ## NOTE: choose port between <30000-32767> + ## + nodePorts: + http: "" + ## @param vmstorage.service.clusterIP VictoriaMetrics Storage service Cluster IP + ## e.g.: + ## clusterIP: None + ## + clusterIP: "" + ## @param vmstorage.service.loadBalancerIP VictoriaMetrics Storage service Load Balancer IP + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer + ## + loadBalancerIP: "" + ## @param vmstorage.service.loadBalancerSourceRanges VictoriaMetrics Storage service Load Balancer sources + ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service + ## e.g: + ## loadBalancerSourceRanges: + ## - 10.10.10.0/24 + ## + loadBalancerSourceRanges: [] + ## @param vmstorage.service.externalTrafficPolicy VictoriaMetrics Storage service external traffic policy + ## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip + ## + externalTrafficPolicy: Cluster + ## @param vmstorage.service.annotations [object] Additional custom annotations for VictoriaMetrics Storage service + ## + annotations: {} + ## @param vmstorage.service.extraPorts Extra ports to expose in VictoriaMetrics Storage service (normally used with the `sidecars` value) + ## + extraPorts: [] + ## @param vmstorage.service.sessionAffinity Control where client requests go, to the same pod or round-robin + ## Values: ClientIP or None + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/ + ## + sessionAffinity: None + ## @param vmstorage.service.sessionAffinityConfig Additional settings for the sessionAffinity + ## sessionAffinityConfig: + ## clientIP: + ## timeoutSeconds: 300 + ## + sessionAffinityConfig: {} + ## Headless service properties + ## + headless: + ## @param vmstorage.service.headless.annotations Annotations for the headless service. + ## + annotations: {} + ## Network Policies + ## Ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/ + ## + networkPolicy: + ## @param vmstorage.networkPolicy.enabled Specifies whether a NetworkPolicy should be created + ## + enabled: true + ## @param vmstorage.networkPolicy.allowExternal Don't require server label for connections + ## The Policy model to apply. When set to false, only pods with the correct + ## server label will have network access to the ports server is listening + ## on. When true, server will accept connections from any source + ## (with the correct destination port). + ## + allowExternal: false + ## @param vmstorage.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations. + ## + allowExternalEgress: true + ## @param vmstorage.networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy + ## e.g: + ## extraIngress: + ## - ports: + ## - port: 1234 + ## from: + ## - podSelector: + ## - matchLabels: + ## - role: frontend + ## - podSelector: + ## - matchExpressions: + ## - key: role + ## operator: In + ## values: + ## - frontend + extraIngress: [] + ## @param vmstorage.networkPolicy.extraEgress [array] Add extra ingress rules to the NetworkPolicy + ## e.g: + ## extraEgress: + ## - ports: + ## - port: 1234 + ## to: + ## - podSelector: + ## - matchLabels: + ## - role: frontend + ## - podSelector: + ## - matchExpressions: + ## - key: role + ## operator: In + ## values: + ## - frontend + ## + extraEgress: [] + ## @param vmstorage.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces + ## @param vmstorage.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces + ## + ingressNSMatchLabels: {} + ingressNSPodMatchLabels: {} + + ## @section VictoriaMetrics Storage Persistence Parameters + ## ref: https://kubernetes.io/docs/concepts/storage/persistent-volumes/ + ## + persistence: + ## @param vmstorage.persistence.enabled Enable persistence using Persistent Volume Claims + ## + enabled: true + ## @param vmstorage.persistence.mountPath Persistent Volume mount root path + ## + mountPath: /opt/drycc/victoriametrics/data + ## @param vmstorage.persistence.storageClass Persistent Volume storage class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner + ## + storageClass: "" + ## @param vmstorage.persistence.accessModes [array] Persistent Volume access modes + ## + accessModes: + - ReadWriteOnce + ## @param vmstorage.persistence.size Persistent Volume size + ## + size: 10Gi + ## @param vmstorage.persistence.dataSource Custom PVC data source + ## + dataSource: {} + ## @param vmstorage.persistence.annotations Annotations for the PVC + ## + annotations: {} + ## @param vmstorage.persistence.selector Selector to match an existing Persistent Volume (this value is evaluated as a template) + ## selector: + ## matchLabels: + ## app: my-app + ## + selector: {} + ## @param vmstorage.persistence.existingClaim The name of an existing PVC to use for persistence + ## + existingClaim: "" + ## @param vmstorage.persistence.extraVolumeClaimTemplates Add additional VolumeClaimTemplates for enabling any plugins or any other purpose + ## + extraVolumeClaimTemplates: [] + + ## @section VictoriaMetrics Storage Metrics Parameters + ## + + ## Prometheus metrics + ## + metrics: + ## @param vmstorage.metrics.enabled Enable the export of Prometheus metrics + ## + enabled: true + ## @param vmstorage.metrics.annotations Additional custom annotations for the service + ## + annotations: {} + ## Prometheus Operator ServiceMonitor configuration + ## + serviceMonitor: + ## @param vmstorage.metrics.serviceMonitor.enabled if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) + ## + enabled: false + ## @param vmstorage.metrics.serviceMonitor.namespace Namespace in which Prometheus is running + ## + namespace: "" + ## @param vmstorage.metrics.serviceMonitor.annotations Additional custom annotations for the ServiceMonitor + ## + annotations: {} + ## @param vmstorage.metrics.serviceMonitor.labels Extra labels for the ServiceMonitor + ## + labels: {} + ## @param vmstorage.metrics.serviceMonitor.jobLabel The name of the label on the target service to use as the job name in Prometheus + ## + jobLabel: "" + ## @param vmstorage.metrics.serviceMonitor.honorLabels honorLabels chooses the metric's labels on collisions with target labels + ## + honorLabels: false + ## @param vmstorage.metrics.serviceMonitor.interval Interval at which metrics should be scraped. + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## e.g: + ## interval: 10s + ## + interval: "" + ## @param vmstorage.metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## e.g: + ## scrapeTimeout: 10s + ## + scrapeTimeout: "" + ## @param vmstorage.metrics.serviceMonitor.metricRelabelings Specify additional relabeling of metrics + ## + metricRelabelings: [] + ## @param vmstorage.metrics.serviceMonitor.relabelings Specify general relabeling + ## + relabelings: [] + ## @param vmstorage.metrics.serviceMonitor.selector Prometheus instance selector labels + ## ref: https://github.com/drycc/charts/tree/main/drycc/prometheus-operator#prometheus-configuration + ## selector: + ## prometheus: my-prometheus + ## + selector: {} + +## @section VictoriaMetrics Auth Parameters +## +vmauth: + ## @param vmauth.enabled Enable VictoriaMetrics Auth + ## + enabled: true + ## Drycc VictoriaMetrics Auth image + ## ref: https://hub.docker.com/r/drycc/victoriametrics-vmauth/tags/ + ## @param vmauth.image.registry [default: REGISTRY_NAME] VictoriaMetrics Auth image registry + ## @param vmauth.image.repository [default: REPOSITORY_NAME/victoriametrics-vmauth] VictoriaMetrics Auth image repository + ## @skip vmauth.image.tag VictoriaMetrics Auth image tag (immutable tags are recommended) + ## @param vmauth.image.digest VictoriaMetrics Auth image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) + ## @param vmauth.image.pullPolicy VictoriaMetrics Auth image pull policy + ## @param vmauth.image.pullSecrets VictoriaMetrics Auth image pull secrets + ## + user: + username: "admin1" + password: "admin" + image: + registry: registry.drycc.cc + repository: drycc/victoriametrics + tag: 0.0.1 + digest: "" + ## Specify a imagePullPolicy + ## ref: http://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images + ## + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] + ## @param vmauth.replicaCount Number of VictoriaMetrics Auth replicas to deploy + ## + replicaCount: 2 + ## @param vmauth.containerPorts.http VictoriaMetrics Auth http container port + ## + containerPorts: + http: 8427 + ## Configure extra options for VictoriaMetrics Auth containers' liveness and readiness probes + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes + ## @param vmauth.livenessProbe.enabled Enable livenessProbe on VictoriaMetrics Auth containers + ## @param vmauth.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe + ## @param vmauth.livenessProbe.periodSeconds Period seconds for livenessProbe + ## @param vmauth.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe + ## @param vmauth.livenessProbe.failureThreshold Failure threshold for livenessProbe + ## @param vmauth.livenessProbe.successThreshold Success threshold for livenessProbe + ## + livenessProbe: + enabled: true + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 5 + successThreshold: 1 + ## @param vmauth.readinessProbe.enabled Enable readinessProbe on VictoriaMetrics Auth containers + ## @param vmauth.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe + ## @param vmauth.readinessProbe.periodSeconds Period seconds for readinessProbe + ## @param vmauth.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe + ## @param vmauth.readinessProbe.failureThreshold Failure threshold for readinessProbe + ## @param vmauth.readinessProbe.successThreshold Success threshold for readinessProbe + ## + readinessProbe: + enabled: true + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 5 + successThreshold: 1 + ## @param vmauth.startupProbe.enabled Enable startupProbe on VictoriaMetrics Auth containers + ## @param vmauth.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe + ## @param vmauth.startupProbe.periodSeconds Period seconds for startupProbe + ## @param vmauth.startupProbe.timeoutSeconds Timeout seconds for startupProbe + ## @param vmauth.startupProbe.failureThreshold Failure threshold for startupProbe + ## @param vmauth.startupProbe.successThreshold Success threshold for startupProbe + ## + startupProbe: + enabled: false + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 5 + successThreshold: 1 + ## @param vmauth.customLivenessProbe Custom livenessProbe that overrides the default one + ## + customLivenessProbe: {} + ## @param vmauth.customReadinessProbe Custom readinessProbe that overrides the default one + ## + customReadinessProbe: {} + ## @param vmauth.customStartupProbe Custom startupProbe that overrides the default one + ## + customStartupProbe: {} + ## VictoriaMetrics Auth resource requests and limits + ## ref: http://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ + ## @param vmauth.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if vmauth.resources is set (vmauth.resources is recommended for production). + ## More information: https://github.com/drycc/charts/blob/main/drycc/common/templates/_resources.tpl#L15 + ## + resourcesPreset: "nano" + ## @param vmauth.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) + ## Example: + ## resources: + ## requests: + ## cpu: 2 + ## memory: 512Mi + ## limits: + ## cpu: 3 + ## memory: 1024Mi + ## + resources: {} + ## @param vmauth.kind Define how to deploy VictoriaMetrics Auth (allowed values: deployment or daemonset) + ## + kind: "deployment" + ## @param vmauth.annotations Annotations for VictoriaMetrics Auth Deployment or StatefulSet + ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + ## + annotations: {} + ## Configure Pods Security Context + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod + ## @param vmauth.podSecurityContext.enabled Enabled VictoriaMetrics Auth pods' Security Context + ## @param vmauth.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy + ## @param vmauth.podSecurityContext.sysctls Set kernel settings using the sysctl interface + ## @param vmauth.podSecurityContext.supplementalGroups Set filesystem extra groups + ## @param vmauth.podSecurityContext.fsGroup Set VictoriaMetrics Auth pod's Security Context fsGroup + ## + podSecurityContext: + enabled: true + fsGroupChangePolicy: Always + sysctls: [] + supplementalGroups: [] + fsGroup: 1001 + ## Configure Container Security Context + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container + ## @param vmauth.containerSecurityContext.enabled Enabled VictoriaMetrics Auth containers' Security Context + ## @param vmauth.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container + ## @param vmauth.containerSecurityContext.runAsUser Set containers' Security Context runAsUser + ## @param vmauth.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup + ## @param vmauth.containerSecurityContext.runAsNonRoot Set VictoriaMetrics Auth containers' Security Context runAsNonRoot + ## @param vmauth.containerSecurityContext.privileged Set VictoriaMetrics Auth containers' Security Context privileged + ## @param vmauth.containerSecurityContext.readOnlyRootFilesystem Set VictoriaMetrics Auth containers' Security Context runAsNonRoot + ## @param vmauth.containerSecurityContext.allowPrivilegeEscalation Set VictoriaMetrics Auth container's privilege escalation + ## @param vmauth.containerSecurityContext.capabilities.drop Set VictoriaMetrics Auth container's Security Context runAsNonRoot + ## @param vmauth.containerSecurityContext.seccompProfile.type Set VictoriaMetrics Auth container's Security Context seccomp profile + ## + containerSecurityContext: + enabled: true + seLinuxOptions: {} + runAsUser: 1001 + runAsGroup: 1001 + runAsNonRoot: true + privileged: false + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + capabilities: + drop: ["ALL"] + seccompProfile: + type: RuntimeDefault + ## @param vmauth.command Override default container command (useful when using custom images) + ## + command: [] + ## @param vmauth.args Override default container args (useful when using custom images) + ## + args: [] + ## @param vmauth.extraArgs Add extra arguments to the default command + ## + extraArgs: [] + ## @param vmauth.automountServiceAccountToken Mount Service Account token in pod + ## + automountServiceAccountToken: false + ## @param vmauth.hostAliases VictoriaMetrics Auth pods host aliases + ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ + ## + hostAliases: [] + ## @param vmauth.podLabels Extra labels for VictoriaMetrics Auth pods + ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + ## + podLabels: {} + ## @param vmauth.podAnnotations Annotations for VictoriaMetrics Auth pods + ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + ## + podAnnotations: {} + ## @param vmauth.podAffinityPreset Pod affinity preset. Ignored if `vmauth.affinity` is set. Allowed values: `soft` or `hard` + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity + ## + podAffinityPreset: "" + ## @param vmauth.podAntiAffinityPreset Pod anti-affinity preset. Ignored if `vmauth.affinity` is set. Allowed values: `soft` or `hard` + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity + ## + podAntiAffinityPreset: soft + ## Pod Disruption Budget configuration + ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb + ## @param vmauth.pdb.create Enable/disable a Pod Disruption Budget creation + ## @param vmauth.pdb.minAvailable Minimum number/percentage of pods that should remain scheduled + ## @param vmauth.pdb.maxUnavailable Maximum number/percentage of pods that may be made unavailable + ## + pdb: + create: true + minAvailable: "" + maxUnavailable: "" + ## @param vmauth.configOverrides Overwrite or add extra configuration options to the chart default + ## Example: + ## configOverrides: + ## ip_filters: + ## allow_list: ["1.2.3.0/24", "127.0.0.1"] + ## + configOverrides: {} + ## @param vmauth.existingSecret The name of an existing Secret with configuration + ## + existingSecret: "" + ## Autoscaling configuration + ## ref: https://kubernetes.io/docs/concepts/workloads/autoscaling/ + ## + autoscaling: + ## @param vmauth.autoscaling.vpa.enabled Enable VPA for VictoriaMetrics Auth pods + ## @param vmauth.autoscaling.vpa.annotations Annotations for VPA resource + ## @param vmauth.autoscaling.vpa.controlledResources VPA List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory + ## @param vmauth.autoscaling.vpa.maxAllowed VPA Max allowed resources for the pod + ## @param vmauth.autoscaling.vpa.minAllowed VPA Min allowed resources for the pod + ## + vpa: + enabled: false + annotations: {} + controlledResources: [] + maxAllowed: {} + minAllowed: {} + ## @param vmauth.autoscaling.vpa.updatePolicy.updateMode Autoscaling update policy + ## Specifies whether recommended updates are applied when a Pod is started and whether recommended updates are applied during the life of a Pod + ## Possible values are "Off", "Initial", "Recreate", and "Auto". + ## + updatePolicy: + updateMode: Auto + ## @param vmauth.autoscaling.hpa.enabled Enable HPA for VictoriaMetrics Auth pods + ## @param vmauth.autoscaling.hpa.minReplicas Minimum number of replicas + ## @param vmauth.autoscaling.hpa.maxReplicas Maximum number of replicas + ## @param vmauth.autoscaling.hpa.targetCPU Target CPU utilization percentage + ## @param vmauth.autoscaling.hpa.targetMemory Target Memory utilization percentage + ## + hpa: + enabled: false + minReplicas: "" + maxReplicas: "" + targetCPU: "" + targetMemory: "" + ## Node vmauth.affinity preset + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity + ## + nodeAffinityPreset: + ## @param vmauth.nodeAffinityPreset.type Node affinity preset type. Ignored if `vmauth.affinity` is set. Allowed values: `soft` or `hard` + ## + type: "" + ## @param vmauth.nodeAffinityPreset.key Node label key to match. Ignored if `vmauth.affinity` is set + ## + key: "" + ## @param vmauth.nodeAffinityPreset.values Node label values to match. Ignored if `vmauth.affinity` is set + ## E.g. + ## values: + ## - e2e-az1 + ## - e2e-az2 + ## + values: [] + ## @param vmauth.affinity Affinity for VictoriaMetrics Auth pods assignment + ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity + ## NOTE: `vmauth.podAffinityPreset`, `vmauth.podAntiAffinityPreset`, and `vmauth.nodeAffinityPreset` will be ignored when it's set + ## + affinity: {} + ## @param vmauth.nodeSelector Node labels for VictoriaMetrics Auth pods assignment + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ + ## + nodeSelector: {} + ## @param vmauth.tolerations Tolerations for VictoriaMetrics Auth pods assignment + ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ + ## + tolerations: [] + ## @param vmauth.updateStrategy.type VictoriaMetrics Auth statefulset strategy type + ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies + ## + updateStrategy: + ## StrategyType + ## Can be set to RollingUpdate or OnDelete + ## + type: RollingUpdate + ## @param vmauth.priorityClassName VictoriaMetrics Auth pods' priorityClassName + ## + priorityClassName: "" + ## @param vmauth.topologySpreadConstraints Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods + ## + topologySpreadConstraints: [] + ## @param vmauth.schedulerName Name of the k8s scheduler (other than default) for VictoriaMetrics Auth pods + ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ + ## + schedulerName: "" + ## @param vmauth.terminationGracePeriodSeconds Seconds Redmine pod needs to terminate gracefully + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods + ## + terminationGracePeriodSeconds: "" + ## @param vmauth.lifecycleHooks for the VictoriaMetrics Auth container(s) to automate configuration before or after startup + ## + lifecycleHooks: {} + ## @param vmauth.extraEnvVars Array with extra environment variables to add to VictoriaMetrics Auth nodes + ## e.g: + ## extraEnvVars: + ## - name: FOO + ## value: "bar" + ## + extraEnvVars: [] + ## @param vmauth.extraEnvVarsCM Name of existing ConfigMap containing extra env vars for VictoriaMetrics Auth nodes + ## + extraEnvVarsCM: "" + ## @param vmauth.extraEnvVarsSecret Name of existing Secret containing extra env vars for VictoriaMetrics Auth nodes + ## + extraEnvVarsSecret: "" + ## @param vmauth.extraVolumes Optionally specify extra list of additional volumes for the VictoriaMetrics Auth pod(s) + ## + extraVolumes: [] + ## @param vmauth.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the VictoriaMetrics Auth container(s) + ## + extraVolumeMounts: [] + ## @param vmauth.sidecars Add additional sidecar containers to the VictoriaMetrics Auth pod(s) + ## e.g: + ## sidecars: + ## - name: your-image-name + ## image: your-image + ## imagePullPolicy: Always + ## ports: + ## - name: portname + ## containerPort: 1234 + ## + sidecars: [] + ## @param vmauth.initContainers Add additional init containers to the VictoriaMetrics Auth pod(s) + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + ## e.g: + ## initContainers: + ## - name: your-image-name + ## image: your-image + ## imagePullPolicy: Always + ## command: ['sh', '-c', 'echo "hello world"'] + ## + initContainers: [] + ## @section VictoriaMetrics Auth RBAC Parameters + ## + + ## ServiceAccount configuration + ## + serviceAccount: + ## @param vmauth.serviceAccount.create Specifies whether a ServiceAccount should be created + ## + create: true + ## @param vmauth.serviceAccount.name The name of the ServiceAccount to use. + ## If not set and create is true, a name is generated using the common.names.fullname template + ## + name: "" + ## @param vmauth.serviceAccount.annotations Additional Service Account annotations (evaluated as a template) + ## + annotations: {} + ## @param vmauth.serviceAccount.automountServiceAccountToken Automount service account token for the server service account + ## + automountServiceAccountToken: false + ## @section VictoriaMetrics Auth Traffic Exposure Parameters + ## + service: + ## @param vmauth.service.type VictoriaMetrics Auth service type + ## + type: LoadBalancer + ## @param vmauth.service.ports.http VictoriaMetrics Auth service http port + ## + ports: + http: "8427" + ## Node ports to expose + ## @param vmauth.service.nodePorts.http Node port for HTTP + ## NOTE: choose port between <30000-32767> + ## + nodePorts: + http: "" + ## @param vmauth.service.clusterIP VictoriaMetrics Auth service Cluster IP + ## e.g.: + ## clusterIP: None + ## + clusterIP: "" + ## @param vmauth.service.loadBalancerIP VictoriaMetrics Auth service Load Balancer IP + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer + ## + loadBalancerIP: "" + ## @param vmauth.service.loadBalancerSourceRanges VictoriaMetrics Auth service Load Balancer sources + ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service + ## e.g: + ## loadBalancerSourceRanges: + ## - 10.10.10.0/24 + ## + loadBalancerSourceRanges: [] + ## @param vmauth.service.externalTrafficPolicy VictoriaMetrics Auth service external traffic policy + ## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip + ## + externalTrafficPolicy: Cluster + ## @param vmauth.service.annotations [object] Additional custom annotations for VictoriaMetrics Auth service + ## + annotations: {} + ## @param vmauth.service.extraPorts Extra ports to expose in VictoriaMetrics Auth service (normally used with the `sidecars` value) + ## + extraPorts: [] + ## @param vmauth.service.sessionAffinity Control where client requests go, to the same pod or round-robin + ## Values: ClientIP or None + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/ + ## + sessionAffinity: None + ## @param vmauth.service.sessionAffinityConfig Additional settings for the sessionAffinity + ## sessionAffinityConfig: + ## clientIP: + ## timeoutSeconds: 300 + ## + sessionAffinityConfig: {} + ## ref: http://kubernetes.io/docs/concepts/services-networking/ingress/ + ## + ingress: + ## @param vmauth.ingress.enabled Enable ingress record generation for VictoriaMetrics Auth + ## + enabled: false + ## @param vmauth.ingress.pathType Ingress path type + ## + pathType: ImplementationSpecific + ## @param vmauth.ingress.apiVersion Force Ingress API version (automatically detected if not set) + ## + apiVersion: "" + ## @param vmauth.ingress.hostname Default host for the ingress record + ## + hostname: vmauth.local + ## @param vmauth.ingress.ingressClassName IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) + ## This is supported in Kubernetes 1.18+ and required if you have more than one IngressClass marked as the default for your cluster . + ## ref: https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/ + ## + ingressClassName: "" + ## @param vmauth.ingress.path Default path for the ingress record + ## NOTE: You may need to set this to '/*' in order to use this with ALB ingress controllers + ## + path: / + ## @param vmauth.ingress.annotations Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. + ## Use this parameter to set the required annotations for cert-manager, see + ## ref: https://cert-manager.io/docs/usage/ingress/#supported-annotations + ## e.g: + ## annotations: + ## kubernetes.io/ingress.class: nginx + ## cert-manager.io/cluster-issuer: cluster-issuer-name + ## + annotations: {} + ## @param vmauth.ingress.tls Enable TLS configuration for the host defined at `vmauth.ingress.hostname` parameter + ## TLS certificates will be retrieved from a TLS secret with name: `{{- printf "%s-tls" .Values.ingress.hostname }}` + ## You can: + ## - Use the `vmauth.ingress.secrets` parameter to create this TLS secret + ## - Rely on cert-manager to create it by setting the corresponding annotations + ## - Rely on Helm to create self-signed certificates by setting `vmauth.ingress.selfSigned=true` + ## + tls: false + ## @param vmauth.ingress.selfSigned Create a TLS secret for this ingress record using self-signed certificates generated by Helm + ## + selfSigned: false + ## @param vmauth.ingress.extraHosts An array with additional hostname(s) to be covered with the ingress record + ## e.g: + ## extraHosts: + ## - name: victoriametrics select.local + ## path: / + ## + extraHosts: [] + ## @param vmauth.ingress.extraPaths An array with additional arbitrary paths that may need to be added to the ingress under the main host + ## e.g: + ## extraPaths: + ## - path: /* + ## backend: + ## serviceName: ssl-redirect + ## servicePort: use-annotation + ## + extraPaths: [] + ## @param vmauth.ingress.extraTls TLS configuration for additional hostname(s) to be covered with this ingress record + ## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls + ## e.g: + ## extraTls: + ## - hosts: + ## - victoriametrics select.local + ## secretName: victoriametrics select.local-tls + ## + extraTls: [] + ## @param vmauth.ingress.secrets Custom TLS certificates as secrets + ## NOTE: 'key' and 'certificate' are expected in PEM format + ## NOTE: 'name' should line up with a 'secretName' set further up + ## If it is not set and you're using cert-manager, this is unneeded, as it will create a secret for you with valid certificates + ## If it is not set and you're NOT using cert-manager either, self-signed certificates will be created valid for 365 days + ## It is also possible to create and manage the certificates outside of this helm chart + ## Please see README.md for more information + ## e.g: + ## secrets: + ## - name: victoriametrics select.local-tls + ## key: |- + ## -----BEGIN RSA PRIVATE KEY----- + ## ... + ## -----END RSA PRIVATE KEY----- + ## certificate: |- + ## -----BEGIN CERTIFICATE----- + ## ... + ## -----END CERTIFICATE----- + ## + secrets: [] + ## @param vmauth.ingress.extraRules Additional rules to be covered with this ingress record + ## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-rules + ## e.g: + ## extraRules: + ## - host: example.local + ## http: + ## path: / + ## backend: + ## service: + ## name: example-svc + ## port: + ## name: http + ## + extraRules: [] + ## Network Policies + ## Ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/ + ## + networkPolicy: + ## @param vmauth.networkPolicy.enabled Specifies whether a NetworkPolicy should be created + ## + enabled: true + ## @param vmauth.networkPolicy.allowExternal Don't require server label for connections + ## The Policy model to apply. When set to false, only pods with the correct + ## server label will have network access to the ports server is listening + ## on. When true, server will accept connections from any source + ## (with the correct destination port). + ## + allowExternal: false + ## @param vmauth.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations. + ## + allowExternalEgress: true + ## @param vmauth.networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy + ## e.g: + ## extraIngress: + ## - ports: + ## - port: 1234 + ## from: + ## - podSelector: + ## - matchLabels: + ## - role: frontend + ## - podSelector: + ## - matchExpressions: + ## - key: role + ## operator: In + ## values: + ## - frontend + extraIngress: [] + ## @param vmauth.networkPolicy.extraEgress [array] Add extra ingress rules to the NetworkPolicy + ## e.g: + ## extraEgress: + ## - ports: + ## - port: 1234 + ## to: + ## - podSelector: + ## - matchLabels: + ## - role: frontend + ## - podSelector: + ## - matchExpressions: + ## - key: role + ## operator: In + ## values: + ## - frontend + ## + extraEgress: [] + ## @param vmauth.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces + ## @param vmauth.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces + ## + ingressNSMatchLabels: {} + ingressNSPodMatchLabels: {} + allowNamespaces: + - "aaa" + - "bbb" + ## @section VictoriaMetrics Auth Metrics Parameters + ## + ## Prometheus metrics + ## + metrics: + ## @param vmauth.metrics.enabled Enable the export of Prometheus metrics + ## + enabled: true + ## @param vmauth.metrics.annotations Additional custom annotations for the service + ## + annotations: {} + ## Prometheus Operator ServiceMonitor configuration + ## + serviceMonitor: + ## @param vmauth.metrics.serviceMonitor.enabled if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) + ## + enabled: false + ## @param vmauth.metrics.serviceMonitor.namespace Namespace in which Prometheus is running + ## + namespace: "" + ## @param vmauth.metrics.serviceMonitor.annotations Additional custom annotations for the ServiceMonitor + ## + annotations: {} + ## @param vmauth.metrics.serviceMonitor.labels Extra labels for the ServiceMonitor + ## + labels: {} + ## @param vmauth.metrics.serviceMonitor.jobLabel The name of the label on the target service to use as the job name in Prometheus + ## + jobLabel: "" + ## @param vmauth.metrics.serviceMonitor.honorLabels honorLabels chooses the metric's labels on collisions with target labels + ## + honorLabels: false + ## @param vmauth.metrics.serviceMonitor.interval Interval at which metrics should be scraped. + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## e.g: + ## interval: 10s + ## + interval: "" + ## @param vmauth.metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## e.g: + ## scrapeTimeout: 10s + ## + scrapeTimeout: "" + ## @param vmauth.metrics.serviceMonitor.metricRelabelings Specify additional relabeling of metrics + ## + metricRelabelings: [] + ## @param vmauth.metrics.serviceMonitor.relabelings Specify general relabeling + ## + relabelings: [] + ## @param vmauth.metrics.serviceMonitor.selector Prometheus instance selector labels + ## ref: https://github.com/drycc/charts/tree/main/drycc/prometheus-operator#prometheus-configuration + ## selector: + ## prometheus: my-prometheus + ## + selector: {} + +## @section VictoriaMetrics Agent Parameters +## +vmagent: + ## @param vmagent.enabled Enable VictoriaMetrics Agent + ## + enabled: true + ## Drycc VictoriaMetrics Agent image + ## ref: https://hub.docker.com/r/drycc/victoriametrics-vmagent/tags/ + ## @param vmagent.image.registry [default: REGISTRY_NAME] VictoriaMetrics Agent image registry + ## @param vmagent.image.repository [default: REPOSITORY_NAME/victoriametrics-vmagent] VictoriaMetrics Agent image repository + ## @skip vmagent.image.tag VictoriaMetrics Agent image tag (immutable tags are recommended) + ## @param vmagent.image.digest VictoriaMetrics Agent image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) + ## @param vmagent.image.pullPolicy VictoriaMetrics Agent image pull policy + ## @param vmagent.image.pullSecrets VictoriaMetrics Agent image pull secrets + ## + image: + registry: registry.drycc.cc + repository: drycc/victoriametrics + tag: 0.0.1 + digest: "" + ## Specify a imagePullPolicy + ## ref: http://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images + ## + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] + ## @param vmagent.replicaCount Number of VictoriaMetrics Agent replicas to deploy + ## + replicaCount: 1 + ## @param vmagent.containerPorts.http VictoriaMetrics Agent http container port + ## @param vmagent.containerPorts.graphite VictoriaMetrics Agent graphite container port + ## @param vmagent.containerPorts.opentsdb VictoriaMetrics Agent opentsdb container port + ## @param vmagent.containerPorts.influxdb VictoriaMetrics Agent influxdb container port + ## + containerPorts: + http: 8429 + graphite: 2003 + opentsdb: 4242 + influxdb: 8089 + ## Configure extra options for VictoriaMetrics Agent containers' liveness and readiness probes + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes + ## @param vmagent.livenessProbe.enabled Enable livenessProbe on VictoriaMetrics Agent containers + ## @param vmagent.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe + ## @param vmagent.livenessProbe.periodSeconds Period seconds for livenessProbe + ## @param vmagent.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe + ## @param vmagent.livenessProbe.failureThreshold Failure threshold for livenessProbe + ## @param vmagent.livenessProbe.successThreshold Success threshold for livenessProbe + ## + livenessProbe: + enabled: true + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 5 + successThreshold: 1 + ## @param vmagent.readinessProbe.enabled Enable readinessProbe on VictoriaMetrics Agent containers + ## @param vmagent.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe + ## @param vmagent.readinessProbe.periodSeconds Period seconds for readinessProbe + ## @param vmagent.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe + ## @param vmagent.readinessProbe.failureThreshold Failure threshold for readinessProbe + ## @param vmagent.readinessProbe.successThreshold Success threshold for readinessProbe + ## + readinessProbe: + enabled: true + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 5 + successThreshold: 1 + ## @param vmagent.startupProbe.enabled Enable startupProbe on VictoriaMetrics Agent containers + ## @param vmagent.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe + ## @param vmagent.startupProbe.periodSeconds Period seconds for startupProbe + ## @param vmagent.startupProbe.timeoutSeconds Timeout seconds for startupProbe + ## @param vmagent.startupProbe.failureThreshold Failure threshold for startupProbe + ## @param vmagent.startupProbe.successThreshold Success threshold for startupProbe + ## + startupProbe: + enabled: false + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 5 + successThreshold: 1 + ## @param vmagent.customLivenessProbe Custom livenessProbe that overrides the default one + ## + customLivenessProbe: {} + ## @param vmagent.customReadinessProbe Custom readinessProbe that overrides the default one + ## + customReadinessProbe: {} + ## @param vmagent.customStartupProbe Custom startupProbe that overrides the default one + ## + customStartupProbe: {} + ## VictoriaMetrics Agent resource requests and limits + ## ref: http://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ + ## @param vmagent.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if vmagent.resources is set (vmagent.resources is recommended for production). + ## More information: https://github.com/drycc/charts/blob/main/drycc/common/templates/_resources.tpl#L15 + ## + resourcesPreset: "nano" + ## @param vmagent.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) + ## Example: + ## resources: + ## requests: + ## cpu: 2 + ## memory: 512Mi + ## limits: + ## cpu: 3 + ## memory: 1024Mi + ## + resources: {} + ## @param vmagent.kind Define how to deploy VictoriaMetrics Agent (allowed values: deployment or daemonset) + ## + kind: "deployment" + ## @param vmagent.annotations Annotations for VictoriaMetrics Agent Deployment or StatefulSet + ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + ## + annotations: {} + ## Configure Pods Security Context + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod + ## @param vmagent.podSecurityContext.enabled Enabled VictoriaMetrics Agent pods' Security Context + ## @param vmagent.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy + ## @param vmagent.podSecurityContext.sysctls Set kernel settings using the sysctl interface + ## @param vmagent.podSecurityContext.supplementalGroups Set filesystem extra groups + ## @param vmagent.podSecurityContext.fsGroup Set VictoriaMetrics Agent pod's Security Context fsGroup + ## + podSecurityContext: + enabled: true + fsGroupChangePolicy: Always + sysctls: [] + supplementalGroups: [] + fsGroup: 1001 + ## Configure Container Security Context + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container + ## @param vmagent.containerSecurityContext.enabled Enabled VictoriaMetrics Agent containers' Security Context + ## @param vmagent.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container + ## @param vmagent.containerSecurityContext.runAsUser Set containers' Security Context runAsUser + ## @param vmagent.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup + ## @param vmagent.containerSecurityContext.runAsNonRoot Set VictoriaMetrics Agent containers' Security Context runAsNonRoot + ## @param vmagent.containerSecurityContext.privileged Set VictoriaMetrics Agent containers' Security Context privileged + ## @param vmagent.containerSecurityContext.readOnlyRootFilesystem Set VictoriaMetrics Agent containers' Security Context runAsNonRoot + ## @param vmagent.containerSecurityContext.allowPrivilegeEscalation Set VictoriaMetrics Agent container's privilege escalation + ## @param vmagent.containerSecurityContext.capabilities.drop Set VictoriaMetrics Agent container's Security Context runAsNonRoot + ## @param vmagent.containerSecurityContext.seccompProfile.type Set VictoriaMetrics Agent container's Security Context seccomp profile + ## + containerSecurityContext: + enabled: true + seLinuxOptions: {} + runAsUser: 1001 + runAsGroup: 1001 + runAsNonRoot: true + privileged: false + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + capabilities: + drop: ["ALL"] + seccompProfile: + type: RuntimeDefault + ## @param vmagent.command Override default container command (useful when using custom images) + ## + command: [] + ## @param vmagent.args Override default container args (useful when using custom images) + ## + args: [] + ## @param vmagent.extraArgs Add extra arguments to the default command + ## + extraArgs: [] + ## @param vmagent.automountServiceAccountToken Mount Service Account token in pod + ## + automountServiceAccountToken: true + ## @param vmagent.hostAliases VictoriaMetrics Agent pods host aliases + ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ + ## + hostAliases: [] + ## @param vmagent.podLabels Extra labels for VictoriaMetrics Agent pods + ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + ## + podLabels: {} + ## @param vmagent.podAnnotations Annotations for VictoriaMetrics Agent pods + ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + ## + podAnnotations: {} + ## @param vmagent.podAffinityPreset Pod affinity preset. Ignored if `vmagent.affinity` is set. Allowed values: `soft` or `hard` + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity + ## + podAffinityPreset: "" + ## @param vmagent.podAntiAffinityPreset Pod anti-affinity preset. Ignored if `vmagent.affinity` is set. Allowed values: `soft` or `hard` + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity + ## + podAntiAffinityPreset: soft + ## Pod Disruption Budget configuration + ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb + ## @param vmagent.pdb.create Enable/disable a Pod Disruption Budget creation + ## @param vmagent.pdb.minAvailable Minimum number/percentage of pods that should remain scheduled + ## @param vmagent.pdb.maxUnavailable Maximum number/percentage of pods that may be made unavailable + ## + pdb: + create: true + minAvailable: "" + maxUnavailable: "" + ## @param vmagent.scrapeConfigOverrides Overwrite or add extra scraping configuration options to the chart default + ## Example: + # configOverrides: + # ip_filters: + # allow_list: ["1.2.3.0/24", "127.0.0.1"] + # + scrapeConfigOverrides: {} + extraJobs: [] + ## @param vmagent.enableListeners.influxdb Enable influxdb listener + ## @param vmagent.enableListeners.opentsdb Enable graphite listener + ## @param vmagent.enableListeners.graphite Enable opentsdb listener + enableListeners: + influxdb: false + opentsdb: false + graphite: false + ## @param vmagent.existingScrapeConfigMap The name of an existing ConfigMap with the scrape configuration + ## + existingScrapeConfigMap: "" + ## @param vmagent.namespaced Only scrape in the deployed namespace + ## + namespaced: true + ## @param vmagent.allowedMetricsEndpoints [array] Allowed metrics endpoints to scrape (when not namespaced) + ## + allowedMetricsEndpoints: + - /metrics + ## Autoscaling configuration + ## ref: https://kubernetes.io/docs/concepts/workloads/autoscaling/ + ## + autoscaling: + ## @param vmagent.autoscaling.vpa.enabled Enable VPA for VictoriaMetrics Agent pods + ## @param vmagent.autoscaling.vpa.annotations Annotations for VPA resource + ## @param vmagent.autoscaling.vpa.controlledResources VPA List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory + ## @param vmagent.autoscaling.vpa.maxAllowed VPA Max allowed resources for the pod + ## @param vmagent.autoscaling.vpa.minAllowed VPA Min allowed resources for the pod + ## + vpa: + enabled: false + annotations: {} + controlledResources: [] + maxAllowed: {} + minAllowed: {} + ## @param vmagent.autoscaling.vpa.updatePolicy.updateMode Autoscaling update policy + ## Specifies whether recommended updates are applied when a Pod is started and whether recommended updates are applied during the life of a Pod + ## Possible values are "Off", "Initial", "Recreate", and "Auto". + ## + updatePolicy: + updateMode: Auto + ## @param vmagent.autoscaling.hpa.enabled Enable HPA for VictoriaMetrics Agent pods + ## @param vmagent.autoscaling.hpa.minReplicas Minimum number of replicas + ## @param vmagent.autoscaling.hpa.maxReplicas Maximum number of replicas + ## @param vmagent.autoscaling.hpa.targetCPU Target CPU utilization percentage + ## @param vmagent.autoscaling.hpa.targetMemory Target Memory utilization percentage + ## + hpa: + enabled: false + minReplicas: "" + maxReplicas: "" + targetCPU: "" + targetMemory: "" + ## Node vmagent.affinity preset + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity + ## + nodeAffinityPreset: + ## @param vmagent.nodeAffinityPreset.type Node affinity preset type. Ignored if `vmagent.affinity` is set. Allowed values: `soft` or `hard` + ## + type: "" + ## @param vmagent.nodeAffinityPreset.key Node label key to match. Ignored if `vmagent.affinity` is set + ## + key: "" + ## @param vmagent.nodeAffinityPreset.values Node label values to match. Ignored if `vmagent.affinity` is set + ## E.g. + ## values: + ## - e2e-az1 + ## - e2e-az2 + ## + values: [] + ## @param vmagent.affinity Affinity for VictoriaMetrics Agent pods assignment + ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity + ## NOTE: `vmagent.podAffinityPreset`, `vmagent.podAntiAffinityPreset`, and `vmagent.nodeAffinityPreset` will be ignored when it's set + ## + affinity: {} + ## @param vmagent.nodeSelector Node labels for VictoriaMetrics Agent pods assignment + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ + ## + nodeSelector: {} + ## @param vmagent.tolerations Tolerations for VictoriaMetrics Agent pods assignment + ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ + ## + tolerations: [] + ## @param vmagent.updateStrategy.type VictoriaMetrics Agent statefulset strategy type + ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies + ## + updateStrategy: + ## StrategyType + ## Can be set to RollingUpdate or OnDelete + ## + type: RollingUpdate + ## @param vmagent.priorityClassName VictoriaMetrics Agent pods' priorityClassName + ## + priorityClassName: "" + ## @param vmagent.topologySpreadConstraints Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods + ## + topologySpreadConstraints: [] + ## @param vmagent.schedulerName Name of the k8s scheduler (other than default) for VictoriaMetrics Agent pods + ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ + ## + schedulerName: "" + ## @param vmagent.terminationGracePeriodSeconds Seconds Redmine pod needs to terminate gracefully + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods + ## + terminationGracePeriodSeconds: "" + ## @param vmagent.lifecycleHooks for the VictoriaMetrics Agent container(s) to automate configuration before or after startup + ## + lifecycleHooks: {} + ## @param vmagent.extraEnvVars Array with extra environment variables to add to VictoriaMetrics Agent nodes + ## e.g: + ## extraEnvVars: + ## - name: FOO + ## value: "bar" + ## + extraEnvVars: [] + ## @param vmagent.extraEnvVarsCM Name of existing ConfigMap containing extra env vars for VictoriaMetrics Agent nodes + ## + extraEnvVarsCM: "" + ## @param vmagent.extraEnvVarsSecret Name of existing Secret containing extra env vars for VictoriaMetrics Agent nodes + ## + extraEnvVarsSecret: "" + ## @param vmagent.extraVolumes Optionally specify extra list of additional volumes for the VictoriaMetrics Agent pod(s) + ## + extraVolumes: [] + ## @param vmagent.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the VictoriaMetrics Agent container(s) + ## + extraVolumeMounts: [] + ## @param vmagent.sidecars Add additional sidecar containers to the VictoriaMetrics Agent pod(s) + ## e.g: + ## sidecars: + ## - name: your-image-name + ## image: your-image + ## imagePullPolicy: Always + ## ports: + ## - name: portname + ## containerPort: 1234 + ## + sidecars: [] + ## @param vmagent.initContainers Add additional init containers to the VictoriaMetrics Agent pod(s) + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + ## e.g: + ## initContainers: + ## - name: your-image-name + ## image: your-image + ## imagePullPolicy: Always + ## command: ['sh', '-c', 'echo "hello world"'] + ## + initContainers: [] + ## @section VictoriaMetrics Agent RBAC Parameters + ## + ## RBAC configuration + ## + rbac: + ## @param vmagent.rbac.create Specifies whether RBAC resources should be created + ## + create: true + ## @param vmagent.rbac.rules Custom RBAC rules to set + ## e.g: + ## rules: + ## - apiGroups: + ## - "" + ## resources: + ## - pods + ## verbs: + ## - get + ## - list + ## + rules: [] + + ## ServiceAccount configuration + ## + serviceAccount: + ## @param vmagent.serviceAccount.create Specifies whether a ServiceAccount should be created + ## + create: true + ## @param vmagent.serviceAccount.name The name of the ServiceAccount to use. + ## If not set and create is true, a name is generated using the common.names.fullname template + ## + name: "" + ## @param vmagent.serviceAccount.annotations Additional Service Account annotations (evaluated as a template) + ## + annotations: {} + ## @param vmagent.serviceAccount.automountServiceAccountToken Automount service account token for the server service account + ## + automountServiceAccountToken: false + ## @section VictoriaMetrics Agent Traffic Exposure Parameters + ## + service: + ## @param vmagent.service.type VictoriaMetrics Agent service type + ## + type: ClusterIP + ## @param vmagent.service.ports.http VictoriaMetrics Agent service http port + ## @param vmagent.service.ports.graphite VictoriaMetrics Agent service graphite port + ## @param vmagent.service.ports.opentsdb VictoriaMetrics Agent service opentsdb port + ## @param vmagent.service.ports.influxdb VictoriaMetrics Agent service influxdb port + ## + ports: + http: "8429" + graphite: 2003 + opentsdb: 4242 + influxdb: 8089 + ## Node ports to expose + ## @param vmagent.service.nodePorts.http Node port for HTTP + ## @param vmagent.service.nodePorts.graphite Node port for graphite + ## @param vmagent.service.nodePorts.opentsdb Node port for opentsdb + ## @param vmagent.service.nodePorts.influxdb Node port for influxdb + ## NOTE: choose port between <30000-32767> + ## + nodePorts: + http: "" + graphite: "" + opentsdb: "" + influxdb: "" + ## @param vmagent.service.clusterIP VictoriaMetrics Agent service Cluster IP + ## e.g.: + ## clusterIP: None + ## + clusterIP: "" + ## @param vmagent.service.loadBalancerIP VictoriaMetrics Agent service Load Balancer IP + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer + ## + loadBalancerIP: "" + ## @param vmagent.service.loadBalancerSourceRanges VictoriaMetrics Agent service Load Balancer sources + ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service + ## e.g: + ## loadBalancerSourceRanges: + ## - 10.10.10.0/24 + ## + loadBalancerSourceRanges: [] + ## @param vmagent.service.externalTrafficPolicy VictoriaMetrics Agent service external traffic policy + ## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip + ## + externalTrafficPolicy: Cluster + ## @param vmagent.service.annotations [object] Additional custom annotations for VictoriaMetrics Agent service + ## + annotations: {} + ## @param vmagent.service.extraPorts Extra ports to expose in VictoriaMetrics Agent service (normally used with the `sidecars` value) + ## + extraPorts: [] + ## @param vmagent.service.sessionAffinity Control where client requests go, to the same pod or round-robin + ## Values: ClientIP or None + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/ + ## + sessionAffinity: None + ## @param vmagent.service.sessionAffinityConfig Additional settings for the sessionAffinity + ## sessionAffinityConfig: + ## clientIP: + ## timeoutSeconds: 300 + ## + sessionAffinityConfig: {} + ## Network Policies + ## Ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/ + ## + networkPolicy: + ## @param vmagent.networkPolicy.enabled Specifies whether a NetworkPolicy should be created + ## + enabled: true + ## @param vmagent.networkPolicy.allowExternal Don't require server label for connections + ## The Policy model to apply. When set to false, only pods with the correct + ## server label will have network access to the ports server is listening + ## on. When true, server will accept connections from any source + ## (with the correct destination port). + ## + allowExternal: false + ## @param vmagent.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations. + ## + allowExternalEgress: true + ## @param vmagent.networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy + ## e.g: + ## extraIngress: + ## - ports: + ## - port: 1234 + ## from: + ## - podSelector: + ## - matchLabels: + ## - role: frontend + ## - podSelector: + ## - matchExpressions: + ## - key: role + ## operator: In + ## values: + ## - frontend + extraIngress: [] + ## @param vmagent.networkPolicy.extraEgress [array] Add extra ingress rules to the NetworkPolicy + ## e.g: + ## extraEgress: + ## - ports: + ## - port: 1234 + ## to: + ## - podSelector: + ## - matchLabels: + ## - role: frontend + ## - podSelector: + ## - matchExpressions: + ## - key: role + ## operator: In + ## values: + ## - frontend + ## + extraEgress: [] + ## @param vmagent.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces + ## @param vmagent.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces + ## + ingressNSMatchLabels: {} + ingressNSPodMatchLabels: {} + + ## @section VictoriaMetrics Agent Metrics Parameters + ## + ## Prometheus metrics + ## + metrics: + ## @param vmagent.metrics.enabled Enable the export of Prometheus metrics + ## + enabled: true + ## @param vmagent.metrics.annotations Additional custom annotations for the service + ## + annotations: {} + ## Prometheus Operator ServiceMonitor configuration + ## + serviceMonitor: + ## @param vmagent.metrics.serviceMonitor.enabled if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) + ## + enabled: false + ## @param vmagent.metrics.serviceMonitor.namespace Namespace in which Prometheus is running + ## + namespace: "" + ## @param vmagent.metrics.serviceMonitor.annotations Additional custom annotations for the ServiceMonitor + ## + annotations: {} + ## @param vmagent.metrics.serviceMonitor.labels Extra labels for the ServiceMonitor + ## + labels: {} + ## @param vmagent.metrics.serviceMonitor.jobLabel The name of the label on the target service to use as the job name in Prometheus + ## + jobLabel: "" + ## @param vmagent.metrics.serviceMonitor.honorLabels honorLabels chooses the metric's labels on collisions with target labels + ## + honorLabels: false + ## @param vmagent.metrics.serviceMonitor.interval Interval at which metrics should be scraped. + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## e.g: + ## interval: 10s + ## + interval: "" + ## @param vmagent.metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## e.g: + ## scrapeTimeout: 10s + ## + scrapeTimeout: "" + ## @param vmagent.metrics.serviceMonitor.metricRelabelings Specify additional relabeling of metrics + ## + metricRelabelings: [] + ## @param vmagent.metrics.serviceMonitor.relabelings Specify general relabeling + ## + relabelings: [] + ## @param vmagent.metrics.serviceMonitor.selector Prometheus instance selector labels + ## ref: https://github.com/drycc/charts/tree/main/drycc/prometheus-operator#prometheus-configuration + ## selector: + ## prometheus: my-prometheus + ## + selector: {} + scrapeInterval: 30s + scrapeTimeout: 30s +## @section VictoriaMetrics Alert Parameters +## +vmalert: + ## @param vmalert.enabled Enable VictoriaMetrics Alert + ## + enabled: false + ## Drycc VictoriaMetrics Alert image + ## ref: https://hub.docker.com/r/drycc/victoriametrics-vmalert/tags/ + ## @param vmalert.image.registry [default: REGISTRY_NAME] VictoriaMetrics Alert image registry + ## @param vmalert.image.repository [default: REPOSITORY_NAME/victoriametrics-vmalert] VictoriaMetrics Alert image repository + ## @skip vmalert.image.tag VictoriaMetrics Alert image tag (immutable tags are recommended) + ## @param vmalert.image.digest VictoriaMetrics Alert image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) + ## @param vmalert.image.pullPolicy VictoriaMetrics Alert image pull policy + ## @param vmalert.image.pullSecrets VictoriaMetrics Alert image pull secrets + ## + image: + registry: registry.drycc.cc + repository: drycc/victoriametrics + tag: 0.0.1 + digest: "" + ## Specify a imagePullPolicy + ## ref: http://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images + ## + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] + ## @param vmalert.replicaCount Number of VictoriaMetrics Alert replicas to deploy + ## + replicaCount: 1 + ## @param vmalert.containerPorts.http VictoriaMetrics Alert http container port + ## + containerPorts: + http: 8429 + ## Configure extra options for VictoriaMetrics Alert containers' liveness and readiness probes + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes + ## @param vmalert.livenessProbe.enabled Enable livenessProbe on VictoriaMetrics Alert containers + ## @param vmalert.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe + ## @param vmalert.livenessProbe.periodSeconds Period seconds for livenessProbe + ## @param vmalert.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe + ## @param vmalert.livenessProbe.failureThreshold Failure threshold for livenessProbe + ## @param vmalert.livenessProbe.successThreshold Success threshold for livenessProbe + ## + livenessProbe: + enabled: true + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 5 + successThreshold: 1 + ## @param vmalert.readinessProbe.enabled Enable readinessProbe on VictoriaMetrics Alert containers + ## @param vmalert.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe + ## @param vmalert.readinessProbe.periodSeconds Period seconds for readinessProbe + ## @param vmalert.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe + ## @param vmalert.readinessProbe.failureThreshold Failure threshold for readinessProbe + ## @param vmalert.readinessProbe.successThreshold Success threshold for readinessProbe + ## + readinessProbe: + enabled: true + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 5 + successThreshold: 1 + ## @param vmalert.startupProbe.enabled Enable startupProbe on VictoriaMetrics Alert containers + ## @param vmalert.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe + ## @param vmalert.startupProbe.periodSeconds Period seconds for startupProbe + ## @param vmalert.startupProbe.timeoutSeconds Timeout seconds for startupProbe + ## @param vmalert.startupProbe.failureThreshold Failure threshold for startupProbe + ## @param vmalert.startupProbe.successThreshold Success threshold for startupProbe + ## + startupProbe: + enabled: false + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 5 + successThreshold: 1 + ## @param vmalert.customLivenessProbe Custom livenessProbe that overrides the default one + ## + customLivenessProbe: {} + ## @param vmalert.customReadinessProbe Custom readinessProbe that overrides the default one + ## + customReadinessProbe: {} + ## @param vmalert.customStartupProbe Custom startupProbe that overrides the default one + ## + customStartupProbe: {} + ## VictoriaMetrics Alert resource requests and limits + ## ref: http://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ + ## @param vmalert.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if vmalert.resources is set (vmalert.resources is recommended for production). + ## More information: https://github.com/drycc/charts/blob/main/drycc/common/templates/_resources.tpl#L15 + ## + resourcesPreset: "nano" + ## @param vmalert.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) + ## Example: + ## resources: + ## requests: + ## cpu: 2 + ## memory: 512Mi + ## limits: + ## cpu: 3 + ## memory: 1024Mi + ## + resources: {} + ## @param vmalert.datasourceUrl URL to an external datasource (uses VictoriaMetrics Insert if not set) + ## + datasourceUrl: "" + ## @param vmalert.notifierUrl URL to a notifier like AlertManager (necessary when alert rules are set) + ## + notifierUrl: "" + ## @param vmalert.deploymentAnnotations Annotations for VictoriaMetrics Alert Deployment + ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + ## + deploymentAnnotations: {} + ## Configure Pods Security Context + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod + ## @param vmalert.podSecurityContext.enabled Enabled VictoriaMetrics Alert pods' Security Context + ## @param vmalert.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy + ## @param vmalert.podSecurityContext.sysctls Set kernel settings using the sysctl interface + ## @param vmalert.podSecurityContext.supplementalGroups Set filesystem extra groups + ## @param vmalert.podSecurityContext.fsGroup Set VictoriaMetrics Alert pod's Security Context fsGroup + ## + podSecurityContext: + enabled: true + fsGroupChangePolicy: Always + sysctls: [] + supplementalGroups: [] + fsGroup: 1001 + ## Configure Container Security Context + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container + ## @param vmalert.containerSecurityContext.enabled Enabled VictoriaMetrics Alert containers' Security Context + ## @param vmalert.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container + ## @param vmalert.containerSecurityContext.runAsUser Set containers' Security Context runAsUser + ## @param vmalert.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup + ## @param vmalert.containerSecurityContext.runAsNonRoot Set VictoriaMetrics Alert containers' Security Context runAsNonRoot + ## @param vmalert.containerSecurityContext.privileged Set VictoriaMetrics Alert containers' Security Context privileged + ## @param vmalert.containerSecurityContext.readOnlyRootFilesystem Set VictoriaMetrics Alert containers' Security Context runAsNonRoot + ## @param vmalert.containerSecurityContext.allowPrivilegeEscalation Set VictoriaMetrics Alert container's privilege escalation + ## @param vmalert.containerSecurityContext.capabilities.drop Set VictoriaMetrics Alert container's Security Context runAsNonRoot + ## @param vmalert.containerSecurityContext.seccompProfile.type Set VictoriaMetrics Alert container's Security Context seccomp profile + ## + containerSecurityContext: + enabled: true + seLinuxOptions: {} + runAsUser: 1001 + runAsGroup: 1001 + runAsNonRoot: true + privileged: false + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + capabilities: + drop: ["ALL"] + seccompProfile: + type: RuntimeDefault + ## @param vmalert.command Override default container command (useful when using custom images) + ## + command: [] + ## @param vmalert.args Override default container args (useful when using custom images) + ## + args: [] + ## @param vmalert.extraArgs Add extra arguments to the default command + ## + extraArgs: [] + ## @param vmalert.automountServiceAccountToken Mount Service Account token in pod + ## + automountServiceAccountToken: true + ## @param vmalert.hostAliases VictoriaMetrics Alert pods host aliases + ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ + ## + hostAliases: [] + ## @param vmalert.podLabels Extra labels for VictoriaMetrics Alert pods + ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + ## + podLabels: {} + ## @param vmalert.podAnnotations Annotations for VictoriaMetrics Alert pods + ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + ## + podAnnotations: {} + ## @param vmalert.podAffinityPreset Pod affinity preset. Ignored if `vmalert.affinity` is set. Allowed values: `soft` or `hard` + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity + ## + podAffinityPreset: "" + ## @param vmalert.podAntiAffinityPreset Pod anti-affinity preset. Ignored if `vmalert.affinity` is set. Allowed values: `soft` or `hard` + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity + ## + podAntiAffinityPreset: soft + ## Pod Disruption Budget configuration + ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb + ## @param vmalert.pdb.create Enable/disable a Pod Disruption Budget creation + ## @param vmalert.pdb.minAvailable Minimum number/percentage of pods that should remain scheduled + ## @param vmalert.pdb.maxUnavailable Maximum number/percentage of pods that may be made unavailable + ## + pdb: + create: true + minAvailable: "" + maxUnavailable: "" + ## @param vmalert.rulesConfigOverrides Overwrite or add extra rules configuration options to the chart default + ## Example: + ## rulesonfigOverrides: + ## groups: + ## - name: AlertGroupName + ## rules: + ## - alert: AlertName + ## expr: any_metric > 100 + ## for: 30s + ## labels: + ## alertname: 'Any metric is too high' + ## severity: 'warning' + ## + rulesConfigOverrides: {} + ## @param vmalert.existingRulesConfigMap The name of an existing ConfigMap with the rules configuration + ## + existingRulesConfigMap: "" + ## Autoscaling configuration + ## ref: https://kubernetes.io/docs/concepts/workloads/autoscaling/ + ## + autoscaling: + ## @param vmalert.autoscaling.vpa.enabled Enable VPA for VictoriaMetrics Alert pods + ## @param vmalert.autoscaling.vpa.annotations Annotations for VPA resource + ## @param vmalert.autoscaling.vpa.controlledResources VPA List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory + ## @param vmalert.autoscaling.vpa.maxAllowed VPA Max allowed resources for the pod + ## @param vmalert.autoscaling.vpa.minAllowed VPA Min allowed resources for the pod + ## + vpa: + enabled: false + annotations: {} + controlledResources: [] + maxAllowed: {} + minAllowed: {} + ## @param vmalert.autoscaling.vpa.updatePolicy.updateMode Autoscaling update policy + ## Specifies whether recommended updates are applied when a Pod is started and whether recommended updates are applied during the life of a Pod + ## Possible values are "Off", "Initial", "Recreate", and "Auto". + ## + updatePolicy: + updateMode: Auto + ## @param vmalert.autoscaling.hpa.enabled Enable HPA for VictoriaMetrics Alert pods + ## @param vmalert.autoscaling.hpa.minReplicas Minimum number of replicas + ## @param vmalert.autoscaling.hpa.maxReplicas Maximum number of replicas + ## @param vmalert.autoscaling.hpa.targetCPU Target CPU utilization percentage + ## @param vmalert.autoscaling.hpa.targetMemory Target Memory utilization percentage + ## + hpa: + enabled: false + minReplicas: "" + maxReplicas: "" + targetCPU: "" + targetMemory: "" + ## Node vmalert.affinity preset + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity + ## + nodeAffinityPreset: + ## @param vmalert.nodeAffinityPreset.type Node affinity preset type. Ignored if `vmalert.affinity` is set. Allowed values: `soft` or `hard` + ## + type: "" + ## @param vmalert.nodeAffinityPreset.key Node label key to match. Ignored if `vmalert.affinity` is set + ## + key: "" + ## @param vmalert.nodeAffinityPreset.values Node label values to match. Ignored if `vmalert.affinity` is set + ## E.g. + ## values: + ## - e2e-az1 + ## - e2e-az2 + ## + values: [] + ## @param vmalert.affinity Affinity for VictoriaMetrics Alert pods assignment + ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity + ## NOTE: `vmalert.podAffinityPreset`, `vmalert.podAntiAffinityPreset`, and `vmalert.nodeAffinityPreset` will be ignored when it's set + ## + affinity: {} + ## @param vmalert.nodeSelector Node labels for VictoriaMetrics Alert pods assignment + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ + ## + nodeSelector: {} + ## @param vmalert.tolerations Tolerations for VictoriaMetrics Alert pods assignment + ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ + ## + tolerations: [] + ## @param vmalert.updateStrategy.type VictoriaMetrics Alert statefulset strategy type + ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies + ## + updateStrategy: + ## StrategyType + ## Can be set to RollingUpdate or OnDelete + ## + type: RollingUpdate + ## @param vmalert.priorityClassName VictoriaMetrics Alert pods' priorityClassName + ## + priorityClassName: "" + ## @param vmalert.topologySpreadConstraints Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods + ## + topologySpreadConstraints: [] + ## @param vmalert.schedulerName Name of the k8s scheduler (other than default) for VictoriaMetrics Alert pods + ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ + ## + schedulerName: "" + ## @param vmalert.terminationGracePeriodSeconds Seconds Redmine pod needs to terminate gracefully + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods + ## + terminationGracePeriodSeconds: "" + ## @param vmalert.lifecycleHooks for the VictoriaMetrics Alert container(s) to automate configuration before or after startup + ## + lifecycleHooks: {} + ## @param vmalert.extraEnvVars Array with extra environment variables to add to VictoriaMetrics Alert nodes + ## e.g: + ## extraEnvVars: + ## - name: FOO + ## value: "bar" + ## + extraEnvVars: [] + ## @param vmalert.extraEnvVarsCM Name of existing ConfigMap containing extra env vars for VictoriaMetrics Alert nodes + ## + extraEnvVarsCM: "" + ## @param vmalert.extraEnvVarsSecret Name of existing Secret containing extra env vars for VictoriaMetrics Alert nodes + ## + extraEnvVarsSecret: "" + ## @param vmalert.extraVolumes Optionally specify extra list of additional volumes for the VictoriaMetrics Alert pod(s) + ## + extraVolumes: [] + ## @param vmalert.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the VictoriaMetrics Alert container(s) + ## + extraVolumeMounts: [] + ## @param vmalert.sidecars Add additional sidecar containers to the VictoriaMetrics Alert pod(s) + ## e.g: + ## sidecars: + ## - name: your-image-name + ## image: your-image + ## imagePullPolicy: Always + ## ports: + ## - name: portname + ## containerPort: 1234 + ## + sidecars: [] + ## @param vmalert.initContainers Add additional init containers to the VictoriaMetrics Alert pod(s) + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + ## e.g: + ## initContainers: + ## - name: your-image-name + ## image: your-image + ## imagePullPolicy: Always + ## command: ['sh', '-c', 'echo "hello world"'] + ## + initContainers: [] + + ## ServiceAccount configuration + ## + serviceAccount: + ## @param vmalert.serviceAccount.create Specifies whether a ServiceAccount should be created + ## + create: true + ## @param vmalert.serviceAccount.name The name of the ServiceAccount to use. + ## If not set and create is true, a name is generated using the common.names.fullname template + ## + name: "" + ## @param vmalert.serviceAccount.annotations Additional Service Account annotations (evaluated as a template) + ## + annotations: {} + ## @param vmalert.serviceAccount.automountServiceAccountToken Automount service account token for the server service account + ## + automountServiceAccountToken: false + ## @section VictoriaMetrics Alert Traffic Exposure Parameters + ## + service: + ## @param vmalert.service.type VictoriaMetrics Alert service type + ## + type: ClusterIP + ## @param vmalert.service.ports.http VictoriaMetrics Alert service http port + ## + ports: + http: "8429" + ## Node ports to expose + ## @param vmalert.service.nodePorts.http Node port for HTTP + ## NOTE: choose port between <30000-32767> + ## + nodePorts: + http: "" + ## @param vmalert.service.clusterIP VictoriaMetrics Alert service Cluster IP + ## e.g.: + ## clusterIP: None + ## + clusterIP: "" + ## @param vmalert.service.loadBalancerIP VictoriaMetrics Alert service Load Balancer IP + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer + ## + loadBalancerIP: "" + ## @param vmalert.service.loadBalancerSourceRanges VictoriaMetrics Alert service Load Balancer sources + ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service + ## e.g: + ## loadBalancerSourceRanges: + ## - 10.10.10.0/24 + ## + loadBalancerSourceRanges: [] + ## @param vmalert.service.externalTrafficPolicy VictoriaMetrics Alert service external traffic policy + ## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip + ## + externalTrafficPolicy: Cluster + ## @param vmalert.service.annotations [object] Additional custom annotations for VictoriaMetrics Alert service + ## + annotations: {} + ## @param vmalert.service.extraPorts Extra ports to expose in VictoriaMetrics Alert service (normally used with the `sidecars` value) + ## + extraPorts: [] + ## @param vmalert.service.sessionAffinity Control where client requests go, to the same pod or round-robin + ## Values: ClientIP or None + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/ + ## + sessionAffinity: None + ## @param vmalert.service.sessionAffinityConfig Additional settings for the sessionAffinity + ## sessionAffinityConfig: + ## clientIP: + ## timeoutSeconds: 300 + ## + sessionAffinityConfig: {} + ## Network Policies + ## Ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/ + ## + networkPolicy: + ## @param vmalert.networkPolicy.enabled Specifies whether a NetworkPolicy should be created + ## + enabled: true + ## @param vmalert.networkPolicy.allowExternal Don't require server label for connections + ## The Policy model to apply. When set to false, only pods with the correct + ## server label will have network access to the ports server is listening + ## on. When true, server will accept connections from any source + ## (with the correct destination port). + ## + allowExternal: true + ## @param vmalert.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations. + ## + allowExternalEgress: true + ## @param vmalert.networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy + ## e.g: + ## extraIngress: + ## - ports: + ## - port: 1234 + ## from: + ## - podSelector: + ## - matchLabels: + ## - role: frontend + ## - podSelector: + ## - matchExpressions: + ## - key: role + ## operator: In + ## values: + ## - frontend + extraIngress: [] + ## @param vmalert.networkPolicy.extraEgress [array] Add extra ingress rules to the NetworkPolicy + ## e.g: + ## extraEgress: + ## - ports: + ## - port: 1234 + ## to: + ## - podSelector: + ## - matchLabels: + ## - role: frontend + ## - podSelector: + ## - matchExpressions: + ## - key: role + ## operator: In + ## values: + ## - frontend + ## + extraEgress: [] + ## @param vmalert.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces + ## @param vmalert.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces + ## + ingressNSMatchLabels: {} + ingressNSPodMatchLabels: {} + + ## @section VictoriaMetrics Alert Metrics Parameters + ## + ## Prometheus metrics + ## + metrics: + ## @param vmalert.metrics.enabled Enable the export of Prometheus metrics + ## + enabled: false + ## @param vmalert.metrics.annotations Additional custom annotations for the service + ## + annotations: {} + ## Prometheus Operator ServiceMonitor configuration + ## + serviceMonitor: + ## @param vmalert.metrics.serviceMonitor.enabled if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) + ## + enabled: false + ## @param vmalert.metrics.serviceMonitor.namespace Namespace in which Prometheus is running + ## + namespace: "" + ## @param vmalert.metrics.serviceMonitor.annotations Additional custom annotations for the ServiceMonitor + ## + annotations: {} + ## @param vmalert.metrics.serviceMonitor.labels Extra labels for the ServiceMonitor + ## + labels: {} + ## @param vmalert.metrics.serviceMonitor.jobLabel The name of the label on the target service to use as the job name in Prometheus + ## + jobLabel: "" + ## @param vmalert.metrics.serviceMonitor.honorLabels honorLabels chooses the metric's labels on collisions with target labels + ## + honorLabels: false + ## @param vmalert.metrics.serviceMonitor.interval Interval at which metrics should be rulesd. + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## e.g: + ## interval: 10s + ## + interval: "" + ## @param vmalert.metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## e.g: + ## scrapeTimeout: 10s + ## + scrapeTimeout: "" + ## @param vmalert.metrics.serviceMonitor.metricRelabelings Specify additional relabeling of metrics + ## + metricRelabelings: [] + ## @param vmalert.metrics.serviceMonitor.relabelings Specify general relabeling + ## + relabelings: [] + ## @param vmalert.metrics.serviceMonitor.selector Prometheus instance selector labels + ## ref: https://github.com/drycc/charts/tree/main/drycc/prometheus-operator#prometheus-configuration + ## selector: + ## prometheus: my-prometheus + ## + selector: {} + +## @section Default Init Containers Parameters +## +defaultInitContainers: + ## volumePermissions: Change the owner and group of the persistent volume(s) mountpoint(s) to 'runAsUser:fsGroup' on each node + ## + volumePermissions: + ## @param defaultInitContainers.volumePermissions.enabled Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` + ## + enabled: false + ## OS Shell + Utility image + ## ref: https://hub.docker.com/r/drycc/os-shell/tags/ + ## @param defaultInitContainers.volumePermissions.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry + ## @param defaultInitContainers.volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository + ## @skip defaultInitContainers.volumePermissions.image.tag OS Shell + Utility image tag (immutable tags are recommended) + ## @param defaultInitContainers.volumePermissions.image.digest OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag + ## @param defaultInitContainers.volumePermissions.image.pullPolicy OS Shell + Utility image pull policy + ## @param defaultInitContainers.volumePermissions.image.pullSecrets OS Shell + Utility image pull secrets + ## + image: + registry: registry.drycc.cc + repository: drycc/victoriametrics + tag: 0.0.1 + digest: "" + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] + ## Init container's resource requests and limits + ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ + ## @param defaultInitContainers.volumePermissions.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if volumePermissions.resources is set (volumePermissions.resources is recommended for production). + ## More information: https://github.com/drycc/charts/blob/main/drycc/common/templates/_resources.tpl#L15 + ## + resourcesPreset: "nano" + ## @param defaultInitContainers.volumePermissions.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) + ## Example: + ## resources: + ## requests: + ## cpu: 2 + ## memory: 512Mi + ## limits: + ## cpu: 3 + ## memory: 1024Mi + ## + resources: {} + ## Init container' Security Context + ## Note: the chown of the data folder is done to containerSecurityContext.runAsUser + ## and not the below volumePermissions.containerSecurityContext.runAsUser + ## @param defaultInitContainers.volumePermissions.containerSecurityContext.enabled Enable securityContext in the init container + ## @param defaultInitContainers.volumePermissions.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container + ## @param defaultInitContainers.volumePermissions.containerSecurityContext.runAsUser User ID for the init container + ## + containerSecurityContext: + enabled: true + seLinuxOptions: {} + runAsUser: 0 diff --git a/addons/victoriametrics/1/demo.yaml b/addons/victoriametrics/1/demo.yaml new file mode 100644 index 00000000..0ad18c8d --- /dev/null +++ b/addons/victoriametrics/1/demo.yaml @@ -0,0 +1,17 @@ +vmauth: + user: + username: admin + password: admin + networkPolicy: + allowNamespaces: + - "ns1" + - "ns2" + service: + type: LoadBalancer + +vmagent: + scrapeInterval: 60s + scrapeTimeout: 10s + +vmstorage: + retentionPeriod: 30d \ No newline at end of file diff --git a/addons/victoriametrics/1/meta.yaml b/addons/victoriametrics/1/meta.yaml new file mode 100644 index 00000000..377b83d7 --- /dev/null +++ b/addons/victoriametrics/1/meta.yaml @@ -0,0 +1,45 @@ +name: victoriametrics +version: "1.0" +id: 6ee5a947-61b6-47ce-b27d-fe7a5246ea3b +description: "victoriametrics" +displayName: "victoriametrics" +metadata: + displayName: "victoriametrics" + provider: + name: drycc + supportURL: https://victoriametrics.com/ + documentationURL: https://github.com/drycc-addons/containers/tree/main/containers/victoriametrics +tags: victoriametrics +bindable: true +instances_retrievable: true +bindings_retrievable: true +plan_updateable: true +allow_parameters: +- name: "vmauth.user.username" + required: false + description: "username for mvauth" +- name: "vmauth.user.password" + required: false + description: "password for mvauth" +- name: "vmauth.networkPolicy.allowNamespaces" + required: false + description: "networkPolicy allowNamespaces" +- name: "vmauth.service.type" + required: false + description: "networkPolicy ClusterIP or LoadBalancer" +- name: "vmagent.scrapeInterval" + required: false + description: "scrape interval for vmagent" +- name: "vmagent.scrapeTimeout" + required: false + description: "scrape timeout for vmagent" +- name: "vmagent.scrapeConfigOverrides" + required: false + description: "scrape config overrides for vmagent" +- name: "vmagent.extraJobs" + required: false + description: "extra jobs for vmagent" +- name: "vmstorage.retentionPeriod" + required: false + description: "retention period for vmstorage" +archive: false diff --git a/addons/victoriametrics/1/plans/standard-16c32g500/bind.yaml b/addons/victoriametrics/1/plans/standard-16c32g500/bind.yaml new file mode 100644 index 00000000..2889e803 --- /dev/null +++ b/addons/victoriametrics/1/plans/standard-16c32g500/bind.yaml @@ -0,0 +1,24 @@ +credential: + - name: {{ printf "DOMAIN" }} + value: {{ printf "%s" (include "common.names.fullname" .) }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }} +{{- if (eq .Values.vmauth.service.type "LoadBalancer") }} + - name: EXTRANET_HOST + valueFrom: + serviceRef: + name: {{ template "victoriametrics.vmauth.fullname" . }} + jsonpath: '{ .status.loadBalancer.ingress[*].ip }' +{{- end }} + - name: HOST + valueFrom: + serviceRef: + name: {{ template "victoriametrics.vmauth.fullname" . }} + jsonpath: '{ .spec.clusterIP }' + - name: PORT + valueFrom: + serviceRef: + name: {{ template "victoriametrics.vmauth.fullname" . }} + jsonpath: ' { .spec.ports[?(@.name=="http")].port }' + - name: USER + value: {{ .Values.vmauth.user.username }} + - name: PASSWORD + value: {{ .Values.vmauth.user.password }} diff --git a/addons/victoriametrics/1/plans/standard-16c32g500/create-instance-schema.json b/addons/victoriametrics/1/plans/standard-16c32g500/create-instance-schema.json new file mode 100644 index 00000000..66ebbaa0 --- /dev/null +++ b/addons/victoriametrics/1/plans/standard-16c32g500/create-instance-schema.json @@ -0,0 +1,12 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "type": "object", + "properties": { + "imagePullPolicy": { + "type": "string", + "enum": ["Always", "IfNotPresent", "Never"], + "default": "IfNotPresent", + "title": "Image pull policy" + } + } +} \ No newline at end of file diff --git a/addons/victoriametrics/1/plans/standard-16c32g500/meta.yaml b/addons/victoriametrics/1/plans/standard-16c32g500/meta.yaml new file mode 100644 index 00000000..9278d834 --- /dev/null +++ b/addons/victoriametrics/1/plans/standard-16c32g500/meta.yaml @@ -0,0 +1,6 @@ +name: "standard-16c32g500" +id: 99b0550c-4fd6-11f0-98ea-f3c453bc45ed +description: "VictoriaMetrics Standard Plan with 16 CPU, 32GB Memory" +displayName: "standard-16c32g500" +bindable: true +maximum_polling_duration: 1800 diff --git a/addons/victoriametrics/1/plans/standard-16c32g500/values.yaml b/addons/victoriametrics/1/plans/standard-16c32g500/values.yaml new file mode 100644 index 00000000..7ebeff88 --- /dev/null +++ b/addons/victoriametrics/1/plans/standard-16c32g500/values.yaml @@ -0,0 +1,44 @@ +## @param fullnameOverride String to fully override common.names.fullname template +## +fullnameOverride: "hb-vmcluster-standard-16c32g500" +vmauth: + resources: + limits: + cpu: 1000m + memory: 1024Mi + requests: + cpu: 1600m + memory: 32Gi + replicaCount: 2 + +vmselect: + resources: + limits: + cpu: 1000m + memory: 1024Mi + requests: + cpu: 1600m + memory: 32Gi + replicaCount: 2 + +vminsert: + resources: + limits: + cpu: 1000m + memory: 1024Mi + requests: + cpu: 1600m + memory: 32Gi + replicaCount: 2 + +vmstorage: + resources: + limits: + cpu: 1000m + memory: 1024Mi + requests: + cpu: 1600m + memory: 32Gi + replicaCount: 3 + persistence: + size: 500Gi diff --git a/addons/victoriametrics/1/plans/standard-1c1g10/bind.yaml b/addons/victoriametrics/1/plans/standard-1c1g10/bind.yaml new file mode 100644 index 00000000..2889e803 --- /dev/null +++ b/addons/victoriametrics/1/plans/standard-1c1g10/bind.yaml @@ -0,0 +1,24 @@ +credential: + - name: {{ printf "DOMAIN" }} + value: {{ printf "%s" (include "common.names.fullname" .) }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }} +{{- if (eq .Values.vmauth.service.type "LoadBalancer") }} + - name: EXTRANET_HOST + valueFrom: + serviceRef: + name: {{ template "victoriametrics.vmauth.fullname" . }} + jsonpath: '{ .status.loadBalancer.ingress[*].ip }' +{{- end }} + - name: HOST + valueFrom: + serviceRef: + name: {{ template "victoriametrics.vmauth.fullname" . }} + jsonpath: '{ .spec.clusterIP }' + - name: PORT + valueFrom: + serviceRef: + name: {{ template "victoriametrics.vmauth.fullname" . }} + jsonpath: ' { .spec.ports[?(@.name=="http")].port }' + - name: USER + value: {{ .Values.vmauth.user.username }} + - name: PASSWORD + value: {{ .Values.vmauth.user.password }} diff --git a/addons/victoriametrics/1/plans/standard-1c1g10/create-instance-schema.json b/addons/victoriametrics/1/plans/standard-1c1g10/create-instance-schema.json new file mode 100644 index 00000000..66ebbaa0 --- /dev/null +++ b/addons/victoriametrics/1/plans/standard-1c1g10/create-instance-schema.json @@ -0,0 +1,12 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "type": "object", + "properties": { + "imagePullPolicy": { + "type": "string", + "enum": ["Always", "IfNotPresent", "Never"], + "default": "IfNotPresent", + "title": "Image pull policy" + } + } +} \ No newline at end of file diff --git a/addons/victoriametrics/1/plans/standard-1c1g10/meta.yaml b/addons/victoriametrics/1/plans/standard-1c1g10/meta.yaml new file mode 100644 index 00000000..fe439e08 --- /dev/null +++ b/addons/victoriametrics/1/plans/standard-1c1g10/meta.yaml @@ -0,0 +1,6 @@ +name: "standard-1c1g10" +id: a69619c6-4ff6-11f0-b5d5-3b23b0dd4860 +description: "VictoriaMetrics Standard Plan with 1 CPU, 2GB Memory" +displayName: "standard-1c1g10" +bindable: true +maximum_polling_duration: 1800 diff --git a/addons/victoriametrics/1/plans/standard-1c1g10/values.yaml b/addons/victoriametrics/1/plans/standard-1c1g10/values.yaml new file mode 100644 index 00000000..5815cabe --- /dev/null +++ b/addons/victoriametrics/1/plans/standard-1c1g10/values.yaml @@ -0,0 +1,44 @@ +## @param fullnameOverride String to fully override common.names.fullname template +## +fullnameOverride: "hb-vmcluster-standard-1c1g10" +vmauth: + resources: + requests: + cpu: 100m + memory: 16Mi + limits: + cpu: 500m + memory: 512Mi + replicaCount: 2 + +vmselect: + resources: + requests: + cpu: 100m + memory: 32Mi + limits: + cpu: 500m + memory: 512Mi + replicaCount: 2 + +vminsert: + resources: + requests: + cpu: 100m + memory: 32Mi + limits: + cpu: 500m + memory: 512Mi + replicaCount: 2 + +vmstorage: + resources: + requests: + cpu: 100m + memory: 32Mi + limits: + cpu: 500m + memory: 512Mi + replicaCount: 3 + persistence: + size: 10Gi diff --git a/addons/victoriametrics/1/plans/standard-2c4g50/bind.yaml b/addons/victoriametrics/1/plans/standard-2c4g50/bind.yaml new file mode 100644 index 00000000..2889e803 --- /dev/null +++ b/addons/victoriametrics/1/plans/standard-2c4g50/bind.yaml @@ -0,0 +1,24 @@ +credential: + - name: {{ printf "DOMAIN" }} + value: {{ printf "%s" (include "common.names.fullname" .) }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }} +{{- if (eq .Values.vmauth.service.type "LoadBalancer") }} + - name: EXTRANET_HOST + valueFrom: + serviceRef: + name: {{ template "victoriametrics.vmauth.fullname" . }} + jsonpath: '{ .status.loadBalancer.ingress[*].ip }' +{{- end }} + - name: HOST + valueFrom: + serviceRef: + name: {{ template "victoriametrics.vmauth.fullname" . }} + jsonpath: '{ .spec.clusterIP }' + - name: PORT + valueFrom: + serviceRef: + name: {{ template "victoriametrics.vmauth.fullname" . }} + jsonpath: ' { .spec.ports[?(@.name=="http")].port }' + - name: USER + value: {{ .Values.vmauth.user.username }} + - name: PASSWORD + value: {{ .Values.vmauth.user.password }} diff --git a/addons/victoriametrics/1/plans/standard-2c4g50/create-instance-schema.json b/addons/victoriametrics/1/plans/standard-2c4g50/create-instance-schema.json new file mode 100644 index 00000000..66ebbaa0 --- /dev/null +++ b/addons/victoriametrics/1/plans/standard-2c4g50/create-instance-schema.json @@ -0,0 +1,12 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "type": "object", + "properties": { + "imagePullPolicy": { + "type": "string", + "enum": ["Always", "IfNotPresent", "Never"], + "default": "IfNotPresent", + "title": "Image pull policy" + } + } +} \ No newline at end of file diff --git a/addons/victoriametrics/1/plans/standard-2c4g50/meta.yaml b/addons/victoriametrics/1/plans/standard-2c4g50/meta.yaml new file mode 100644 index 00000000..c964810e --- /dev/null +++ b/addons/victoriametrics/1/plans/standard-2c4g50/meta.yaml @@ -0,0 +1,6 @@ +name: "standard-2c4g50" +id: ba1c92c3-03a1-4825-ad74-02490a0e0447 +description: "VictoriaMetrics Standard Plan with 2 CPU, 4GB Memory" +displayName: "standard-2c4g50" +bindable: true +maximum_polling_duration: 1800 diff --git a/addons/victoriametrics/1/plans/standard-2c4g50/values.yaml b/addons/victoriametrics/1/plans/standard-2c4g50/values.yaml new file mode 100644 index 00000000..646122f8 --- /dev/null +++ b/addons/victoriametrics/1/plans/standard-2c4g50/values.yaml @@ -0,0 +1,44 @@ +## @param fullnameOverride String to fully override common.names.fullname template +## +fullnameOverride: "hb-vmcluster-standard-2c4g50" +vmauth: + resources: + requests: + cpu: 100m + memory: 16Mi + limits: + cpu: 2000m + memory: 4096Mi + replicaCount: 2 + +vmselect: + resources: + requests: + cpu: 100m + memory: 32Mi + limits: + cpu: 2000m + memory: 4096Mi + replicaCount: 2 + +vminsert: + resources: + requests: + cpu: 100m + memory: 32Mi + limits: + cpu: 2000m + memory: 4096Mi + replicaCount: 2 + +vmstorage: + resources: + requests: + cpu: 100m + memory: 32Mi + limits: + cpu: 2000m + memory: 4096Mi + replicaCount: 3 + persistence: + size: 50Gi diff --git a/addons/victoriametrics/1/plans/standard-4c8g100/bind.yaml b/addons/victoriametrics/1/plans/standard-4c8g100/bind.yaml new file mode 100644 index 00000000..2889e803 --- /dev/null +++ b/addons/victoriametrics/1/plans/standard-4c8g100/bind.yaml @@ -0,0 +1,24 @@ +credential: + - name: {{ printf "DOMAIN" }} + value: {{ printf "%s" (include "common.names.fullname" .) }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }} +{{- if (eq .Values.vmauth.service.type "LoadBalancer") }} + - name: EXTRANET_HOST + valueFrom: + serviceRef: + name: {{ template "victoriametrics.vmauth.fullname" . }} + jsonpath: '{ .status.loadBalancer.ingress[*].ip }' +{{- end }} + - name: HOST + valueFrom: + serviceRef: + name: {{ template "victoriametrics.vmauth.fullname" . }} + jsonpath: '{ .spec.clusterIP }' + - name: PORT + valueFrom: + serviceRef: + name: {{ template "victoriametrics.vmauth.fullname" . }} + jsonpath: ' { .spec.ports[?(@.name=="http")].port }' + - name: USER + value: {{ .Values.vmauth.user.username }} + - name: PASSWORD + value: {{ .Values.vmauth.user.password }} diff --git a/addons/victoriametrics/1/plans/standard-4c8g100/create-instance-schema.json b/addons/victoriametrics/1/plans/standard-4c8g100/create-instance-schema.json new file mode 100644 index 00000000..66ebbaa0 --- /dev/null +++ b/addons/victoriametrics/1/plans/standard-4c8g100/create-instance-schema.json @@ -0,0 +1,12 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "type": "object", + "properties": { + "imagePullPolicy": { + "type": "string", + "enum": ["Always", "IfNotPresent", "Never"], + "default": "IfNotPresent", + "title": "Image pull policy" + } + } +} \ No newline at end of file diff --git a/addons/victoriametrics/1/plans/standard-4c8g100/meta.yaml b/addons/victoriametrics/1/plans/standard-4c8g100/meta.yaml new file mode 100644 index 00000000..f8d06865 --- /dev/null +++ b/addons/victoriametrics/1/plans/standard-4c8g100/meta.yaml @@ -0,0 +1,6 @@ +name: "standard-4c8g100" +id: 4ed63e32-4fd3-11f0-934c-ff0f8d3bcb1d +description: "VictoriaMetrics Standard Plan with 4 CPU, 8GB Memory" +displayName: "standard-4c8g100" +bindable: true +maximum_polling_duration: 1800 diff --git a/addons/victoriametrics/1/plans/standard-4c8g100/values.yaml b/addons/victoriametrics/1/plans/standard-4c8g100/values.yaml new file mode 100644 index 00000000..48f33c01 --- /dev/null +++ b/addons/victoriametrics/1/plans/standard-4c8g100/values.yaml @@ -0,0 +1,44 @@ +## @param fullnameOverride String to fully override common.names.fullname template +## +fullnameOverride: "hb-vmcluster-standard-4c8g100" +vmauth: + resources: + requests: + cpu: 1000m + memory: 512Mi + limits: + cpu: 4000m + memory: 8Gi + replicaCount: 2 + +vmselect: + resources: + requests: + cpu: 1000m + memory: 512Mi + limits: + cpu: 4000m + memory: 8Gi + replicaCount: 2 + +vminsert: + resources: + requests: + cpu: 1000m + memory: 512Mi + limits: + cpu: 4000m + memory: 8Gi + replicaCount: 2 + +vmstorage: + resources: + requests: + cpu: 1000m + memory: 512Mi + memory: + cpu: 4000m + memory: 8Gi + replicaCount: 3 + persistence: + size: 100Gi diff --git a/addons/victoriametrics/1/plans/standard-8c16g200/bind.yaml b/addons/victoriametrics/1/plans/standard-8c16g200/bind.yaml new file mode 100644 index 00000000..2889e803 --- /dev/null +++ b/addons/victoriametrics/1/plans/standard-8c16g200/bind.yaml @@ -0,0 +1,24 @@ +credential: + - name: {{ printf "DOMAIN" }} + value: {{ printf "%s" (include "common.names.fullname" .) }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }} +{{- if (eq .Values.vmauth.service.type "LoadBalancer") }} + - name: EXTRANET_HOST + valueFrom: + serviceRef: + name: {{ template "victoriametrics.vmauth.fullname" . }} + jsonpath: '{ .status.loadBalancer.ingress[*].ip }' +{{- end }} + - name: HOST + valueFrom: + serviceRef: + name: {{ template "victoriametrics.vmauth.fullname" . }} + jsonpath: '{ .spec.clusterIP }' + - name: PORT + valueFrom: + serviceRef: + name: {{ template "victoriametrics.vmauth.fullname" . }} + jsonpath: ' { .spec.ports[?(@.name=="http")].port }' + - name: USER + value: {{ .Values.vmauth.user.username }} + - name: PASSWORD + value: {{ .Values.vmauth.user.password }} diff --git a/addons/victoriametrics/1/plans/standard-8c16g200/create-instance-schema.json b/addons/victoriametrics/1/plans/standard-8c16g200/create-instance-schema.json new file mode 100644 index 00000000..66ebbaa0 --- /dev/null +++ b/addons/victoriametrics/1/plans/standard-8c16g200/create-instance-schema.json @@ -0,0 +1,12 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "type": "object", + "properties": { + "imagePullPolicy": { + "type": "string", + "enum": ["Always", "IfNotPresent", "Never"], + "default": "IfNotPresent", + "title": "Image pull policy" + } + } +} \ No newline at end of file diff --git a/addons/victoriametrics/1/plans/standard-8c16g200/meta.yaml b/addons/victoriametrics/1/plans/standard-8c16g200/meta.yaml new file mode 100644 index 00000000..b4f8b520 --- /dev/null +++ b/addons/victoriametrics/1/plans/standard-8c16g200/meta.yaml @@ -0,0 +1,6 @@ +name: "standard-8c16g200" +id: 8e34beb6-4fd6-11f0-91bf-fb3650f4e494 +description: "VictoriaMetrics Standard Plan with 8 CPU, 16GB Memory" +displayName: "standard-8c16g200" +bindable: true +maximum_polling_duration: 1800 diff --git a/addons/victoriametrics/1/plans/standard-8c16g200/values.yaml b/addons/victoriametrics/1/plans/standard-8c16g200/values.yaml new file mode 100644 index 00000000..97fb68a1 --- /dev/null +++ b/addons/victoriametrics/1/plans/standard-8c16g200/values.yaml @@ -0,0 +1,44 @@ +## @param fullnameOverride String to fully override common.names.fullname template +## +fullnameOverride: "hb-vmcluster-standard-8c16g200" +vmauth: + resources: + limits: + cpu: 1000m + memory: 512Mi + requests: + cpu: 8000m + memory: 16Gi + replicaCount: 2 + +vmselect: + resources: + limits: + cpu: 1000m + memory: 512Mi + requests: + cpu: 8000m + memory: 16Gi + replicaCount: 2 + +vminsert: + resources: + limits: + cpu: 1000m + memory: 512Mi + requests: + cpu: 8000m + memory: 16Gi + replicaCount: 2 + +vmstorage: + resources: + limits: + cpu: 1000m + memory: 512Mi + requests: + cpu: 8000m + memory: 16Gi + replicaCount: 3 + persistence: + size: 200Gi