Public/grafana-meta-monitoring-chart
2
0
Fork 0
forked from RemoteSync/grafana-meta-monitoring-chart
Code Pull Requests Activity

Add secret and configmap for credentials and endpoints

Browse Source 
Signed-off-by: Michel Hollands <michel.hollands@gmail.com>
This commit is contained in:
Michel Hollands
2024-04-01 13:15:50 +01:00
parent f61913d3da
commit d9fc9e4f4e
4 changed files with 77 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
charts/meta-monitoring/templates/agent/config.yaml
View File

@@ -40,6 +40,16 @@ data:
// Logs // Logs
{{- if or .Values.local.logs.enabled .Values.cloud.logs.enabled }} {{- if or .Values.local.logs.enabled .Values.cloud.logs.enabled }}
remote.kubernetes.secret "logs_credentials" {
namespace = "{{- .Values.metaMonitoringNamespace -}}"
name = "logs"
}
remote.kubernetes.configmap "logs_endpoint" {
namespace = "{{- .Values.metaMonitoringNamespace -}}"
name = "logs-endpoint"
}
loki.source.kubernetes "pods" { loki.source.kubernetes "pods" {
clustering { clustering {
enabled = true enabled = true
@@ -75,6 +85,16 @@ data:
// Metrics // Metrics
{{- if or .Values.local.metrics.enabled .Values.cloud.metrics.enabled }} {{- if or .Values.local.metrics.enabled .Values.cloud.metrics.enabled }}
remote.kubernetes.secret "metrics_credentials" {
namespace = "{{- .Values.metaMonitoringNamespace -}}"
name = "metrics"
}
remote.kubernetes.configmap "metrics_endpoint" {
namespace = "{{- .Values.metaMonitoringNamespace -}}"
name = "metrics-endpoint"
}
prometheus.scrape "pods" { prometheus.scrape "pods" {
clustering { clustering {
enabled = true enabled = true
@@ -210,6 +230,16 @@ data:
// Traces // Traces
{{- if or .Values.local.traces.enabled .Values.cloud.traces.enabled }} {{- if or .Values.local.traces.enabled .Values.cloud.traces.enabled }}
remote.kubernetes.secret "traces_credentials" {
namespace = "{{- .Values.metaMonitoringNamespace -}}"
name = "traces"
}
remote.kubernetes.configmap "traces_endpoint" {
namespace = "{{- .Values.metaMonitoringNamespace -}}"
name = "traces-endpoint"
}
// Shamelessly copied from https://github.com/grafana/intro-to-mlt/blob/main/agent/config.river // Shamelessly copied from https://github.com/grafana/intro-to-mlt/blob/main/agent/config.river
otelcol.receiver.otlp "otlp_receiver" { otelcol.receiver.otlp "otlp_receiver" {
// We don't technically need this, but it shows how to change listen address and incoming port. // We don't technically need this, but it shows how to change listen address and incoming port.
@@ -278,11 +308,10 @@ data:
{{- if .Values.cloud.logs.enabled }} {{- if .Values.cloud.logs.enabled }}
loki.write "cloud" { loki.write "cloud" {
endpoint { endpoint {
url = "{{- .Values.cloud.logs.endpoint -}}/loki/api/v1/push" url = remote.kubernetes.configmap.logs_endpoint.data["endpoint"]
basic_auth { basic_auth {
username = "{{- .Values.cloud.logs.username -}}" username = nonsensitive(remote.kubernetes.secret.logs_credentials.data["username"])
password = "{{- .Values.cloud.logs.password -}}" password = remote.kubernetes.secret.logs_credentials.data["password"]
} }
} }
} }
@@ -291,11 +320,10 @@ data:
{{- if .Values.cloud.metrics.enabled }} {{- if .Values.cloud.metrics.enabled }}
prometheus.remote_write "cloud" { prometheus.remote_write "cloud" {
endpoint { endpoint {
url = "{{- .Values.cloud.metrics.endpoint -}}/api/prom/push" url = remote.kubernetes.configmap.metrics_endpoint.data["endpoint"]
basic_auth { basic_auth {
username = "{{- .Values.cloud.metrics.username -}}" username = nonsensitive(remote.kubernetes.secret.metrics_credentials.data["username"])
password = "{{- .Values.cloud.metrics.password -}}" password = remote.kubernetes.secret.metrics_credentials.data["password"]
} }
} }
} }
@@ -304,13 +332,13 @@ data:
{{- if .Values.cloud.traces.enabled }} {{- if .Values.cloud.traces.enabled }}
otelcol.exporter.otlp "cloud" { otelcol.exporter.otlp "cloud" {
client { client {
endpoint = "{{- .Values.cloud.traces.endpoint -}}" endpoint = remote.kubernetes.configmap.traces_endpoint.data["endpoint"]
auth = otelcol.auth.basic.creds.handler auth = otelcol.auth.basic.creds.handler
} }
} }
otelcol.auth.basic "creds" { otelcol.auth.basic "creds" {
username = "{{- .Values.cloud.traces.username -}}" username = nonsensitive(remote.kubernetes.secret.traces_credentials.data["username"])
password = "{{- .Values.cloud.traces.password -}}" password = remote.kubernetes.secret.traces_credentials.data["password"]
} }
{{- end }} {{- end }}

12
charts/meta-monitoring/templates/validate.yaml
View File

@@ -3,20 +3,20 @@
{{- end -}} {{- end -}}
{{- if eq .Values.cloud.logs.enabled true -}} {{- if eq .Values.cloud.logs.enabled true -}}
{{- if or (empty .Values.cloud.logs.endpoint) (or (empty .Values.cloud.logs.username) (empty .Values.cloud.logs.password)) -}} {{- if or (empty .Values.cloud.logs.secret) (empty .Values.cloud.logs.endpointConfigmap) -}}
{{- fail "if cloud.logs is enabled then the endpoint, username and password have to be filled in" -}} {{- fail "if cloud.logs is enabled then the secret and endpoint config map have to be filled in" -}}
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}
{{- if eq .Values.cloud.metrics.enabled true -}} {{- if eq .Values.cloud.metrics.enabled true -}}
{{- if or (empty .Values.cloud.metrics.endpoint) (or (empty .Values.cloud.metrics.username) (empty .Values.cloud.metrics.password)) -}} {{- if or (empty .Values.cloud.metrics.secret) (empty .Values.cloud.logs.endpointConfigmap) -}}
{{- fail "if cloud.metrics is enabled then the endpoint, username and password have to be filled in" -}} {{- fail "if cloud.metrics is enabled then the secret and endpoint config map have to be filled in" -}}
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}
{{- if eq .Values.cloud.traces.enabled true -}} {{- if eq .Values.cloud.traces.enabled true -}}
{{- if or (empty .Values.cloud.traces.endpoint) (or (empty .Values.cloud.traces.username) (empty .Values.cloud.traces.password)) -}} {{- if or (empty .Values.cloud.traces.secret) (empty .Values.cloud.logs.endpointConfigmap) -}}
{{- fail "if cloud.traces is enabled then the endpoint, username and password have to be filled in" -}} {{- fail "if cloud.traces is enabled then the secret and endpoint config map have to be filled in" -}}
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}

15
charts/meta-monitoring/values.yaml
View File

@@ -12,19 +12,16 @@ lokiNamespace: "loki"
cloud: cloud:
logs: logs:
enabled: true enabled: true
endpoint: to_be_changed secret: ""
username: to_be_changed endpointConfigmap: ""
password: to_be_changed
metrics: metrics:
enabled: true enabled: true
endpoint: to_be_changed secret: ""
username: to_be_changed endpointConfigmap: ""
password: to_be_changed
traces: traces:
enabled: true enabled: true
endpoint: to_be_changed secret: ""
username: to_be_changed endpointConfigmap: ""
password: to_be_changed
# Set to true for a local version of logs, metrics or traces # Set to true for a local version of logs, metrics or traces
local: local:

27
docs/installation.md
View File

@@ -6,7 +6,32 @@
kubectl create namespace meta kubectl create namespace meta
``` ```
1. Create a values.yaml file based on the [default one](../charts/meta-monitoring/values.yaml). 1. Create secrets with credentials and a configmap with the endpoint (as needed) when sending logs, metrics or traces to Grafana Cloud.
```
kubectl create configmap logs-endpoint -n meta \
--from-literal=endpoint='https://logs-prod-us-central1.grafana.net/loki/api/v1/push'
kubectl create secret generic logs -n meta \
--from-literal=username=<logs username> \
--from-literal=password=<logs password>
kubectl create configmap metrics-endpoint -n meta \
--from-literal=endpoint='https://prometheus-us-central1.grafana.net/api/prom/push'
kubectl create secret generic metrics -n meta \
--from-literal=username=<metrics username> \
--from-literal=password=<metrics password>
kubectl create configmap traces-endpoint -n meta \
--from-literal=endpoint='https://tempo-us-central1.grafana.net/tempo'
kubectl create secret generic traces -n meta \
--from-literal=username=<traces username> \
--from-literal=password=<traces password>
```
1. Create a values.yaml file based on the [default one](../charts/meta-monitoring/values.yaml). Fill in the names of the secrets and configmaps created above as needed.
1. Install this helm chart 1. Install this helm chart