Initial commit: k3s GitOps manifests with ArgoCD App-of-Apps
This commit is contained in:
62
metrics/README.md
Normal file
62
metrics/README.md
Normal file
@@ -0,0 +1,62 @@
|
||||
# metrics stack
|
||||
|
||||
Opinionated manifests for deploying kube-prometheus-stack (Prometheus Operator + Grafana) together with a VictoriaMetrics single-node database in the `metrics` namespace.
|
||||
|
||||
## Install / upgrade
|
||||
|
||||
```sh
|
||||
kubectl apply -f metrics/namespace.yaml
|
||||
|
||||
# kube-prometheus-stack
|
||||
target=sc prometheus-community
|
||||
helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
|
||||
helm repo update
|
||||
helm upgrade --install kube-prometheus-stack prometheus-community/kube-prometheus-stack \
|
||||
--namespace metrics \
|
||||
--values metrics/kube-prometheus-stack-values.yaml
|
||||
|
||||
kubectl --namespace metrics get secret kube-prometheus-stack-grafana \
|
||||
-o jsonpath="{.data.admin-password}" | base64 -d
|
||||
echo
|
||||
|
||||
# expose grafana via Traefik
|
||||
kubectl apply -f metrics/grafana-ingress.yaml
|
||||
kubectl -n metrics get ingress grafana
|
||||
|
||||
# victoria metrics for long-term storage
|
||||
helm repo add victoria-metrics https://victoriametrics.github.io/helm-charts
|
||||
helm upgrade --install victoria-metrics-single victoria-metrics/victoria-metrics-single \
|
||||
--namespace metrics \
|
||||
--values metrics/victoria-metrics-single-values.yaml
|
||||
|
||||
# expose victoria metrics via ClusterIP for Prometheus/Grafana
|
||||
kubectl apply -f metrics/victoria-metrics-service.yaml
|
||||
```
|
||||
|
||||
The manifests default to the Yandex Managed Kubernetes dynamic storage class `yc-network-hdd`; tweak the `storageClassName`/`storageClass` fields and capacities if you prefer something else.
|
||||
Before applying `metrics/grafana-ingress.yaml`, update the host (`grafana.playground.t01tt.tech`) and, if needed, change the `cert-manager.io/cluster-issuer` annotation to match your staging/production workflow. The ingress uses the `traefik` ingress class.
|
||||
|
||||
## Components
|
||||
|
||||
- **Prometheus Operator** provisions Prometheus, Alertmanager and related CRDs. Remote write targets VictoriaMetrics for durable retention.
|
||||
- **Grafana** is pre-provisioned with persistence enabled and a secondary data source pointing at VictoriaMetrics.
|
||||
- **VictoriaMetrics** stores metrics for long-term retention while also serving query traffic for Grafana. A dedicated ClusterIP service (`metrics/victoria-metrics-service.yaml`) exposes port 8428 for Prometheus remote write and Grafana queries.
|
||||
|
||||
## Database choices
|
||||
|
||||
Prometheus ships with an embedded TSDB. For longer retention, clustering or multi-tenant needs you can offload data to:
|
||||
|
||||
- **VictoriaMetrics** (single, clustered, or managed) – cost-efficient, Prometheus-compatible, supports multi-year retention.
|
||||
- **Thanos / Cortex / Grafana Mimir** – horizontally scalable object-storage backed TSDBs with multi-cluster federation.
|
||||
- **ClickHouse / TimescaleDB / PostgreSQL** – SQL stores for advanced analytics (requires Promscale or similar adapter).
|
||||
- **Graphite / InfluxDB** – legacy or streaming-friendly stores; integrate via remote write adapters.
|
||||
|
||||
Pick the backend that matches your retention and query latency requirements. Remote write configuration lives under `prometheus.prometheusSpec.remoteWrite` in `kube-prometheus-stack-values.yaml`.
|
||||
|
||||
## Post-install checks
|
||||
|
||||
```sh
|
||||
kubectl -n metrics get pods
|
||||
kubectl -n metrics get svc
|
||||
kubectl -n metrics get prometheus,prometheusrules,servicemonitors -A
|
||||
```
|
||||
26
metrics/grafana-ingress.yaml
Normal file
26
metrics/grafana-ingress.yaml
Normal file
@@ -0,0 +1,26 @@
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: grafana
|
||||
namespace: metrics
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt-production
|
||||
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
||||
traefik.ingress.kubernetes.io/router.tls: "true"
|
||||
spec:
|
||||
ingressClassName: traefik
|
||||
tls:
|
||||
- hosts:
|
||||
- grafana.mrt0rtikize.ru
|
||||
secretName: grafana-tls
|
||||
rules:
|
||||
- host: grafana.mrt0rtikize.ru
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
backend:
|
||||
service:
|
||||
name: kube-prometheus-stack-grafana
|
||||
port:
|
||||
number: 80
|
||||
90
metrics/kube-prometheus-stack-values.yaml
Normal file
90
metrics/kube-prometheus-stack-values.yaml
Normal file
@@ -0,0 +1,90 @@
|
||||
fullnameOverride: kube-prometheus
|
||||
namespaceOverride: metrics
|
||||
|
||||
prometheusOperator:
|
||||
namespace: metrics
|
||||
admissionWebhooks:
|
||||
failurePolicy: Ignore
|
||||
|
||||
alertmanager:
|
||||
enabled: true
|
||||
alertmanagerSpec:
|
||||
resources:
|
||||
requests:
|
||||
cpu: 50m
|
||||
memory: 128Mi
|
||||
limits:
|
||||
cpu: 200m
|
||||
memory: 512Mi
|
||||
storage:
|
||||
volumeClaimTemplate:
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
resources:
|
||||
requests:
|
||||
storage: 10Gi
|
||||
|
||||
prometheus:
|
||||
enabled: true
|
||||
prometheusSpec:
|
||||
replicas: 1
|
||||
retention: 15d
|
||||
walCompression: true
|
||||
serviceMonitorSelectorNilUsesHelmValues: false
|
||||
podMonitorSelectorNilUsesHelmValues: false
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 512Mi
|
||||
limits:
|
||||
cpu: 1000m
|
||||
memory: 1Gi
|
||||
storageSpec:
|
||||
volumeClaimTemplate:
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
resources:
|
||||
requests:
|
||||
storage: 50Gi
|
||||
remoteWrite:
|
||||
- url: http://victoria-metrics.metrics.svc.cluster.local:8428/api/v1/write
|
||||
queueConfig:
|
||||
maxSamplesPerSend: 10000
|
||||
capacity: 5000
|
||||
maxShards: 30
|
||||
|
||||
kubeEtcd:
|
||||
enabled: false
|
||||
|
||||
kubeControllerManager:
|
||||
enabled: false
|
||||
|
||||
kubeScheduler:
|
||||
enabled: false
|
||||
|
||||
kubeProxy:
|
||||
enabled: false
|
||||
|
||||
grafana:
|
||||
enabled: true
|
||||
adminUser: admin
|
||||
adminPassword: change-me
|
||||
defaultDashboardsEnabled: true
|
||||
resources:
|
||||
requests:
|
||||
cpu: 50m
|
||||
memory: 256Mi
|
||||
limits:
|
||||
cpu: 200m
|
||||
memory: 512Mi
|
||||
persistence:
|
||||
enabled: true
|
||||
size: 10Gi
|
||||
additionalDataSources:
|
||||
- name: victoria-metrics
|
||||
type: prometheus
|
||||
access: proxy
|
||||
url: http://victoria-metrics.metrics.svc.cluster.local:8428
|
||||
isDefault: false
|
||||
4
metrics/namespace.yaml
Normal file
4
metrics/namespace.yaml
Normal file
@@ -0,0 +1,4 @@
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: metrics
|
||||
19
metrics/victoria-metrics-service.yaml
Normal file
19
metrics/victoria-metrics-service.yaml
Normal file
@@ -0,0 +1,19 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: victoria-metrics
|
||||
namespace: metrics
|
||||
labels:
|
||||
app.kubernetes.io/name: victoria-metrics-single
|
||||
app.kubernetes.io/instance: victoria-metrics-single
|
||||
app: server
|
||||
spec:
|
||||
selector:
|
||||
app.kubernetes.io/name: victoria-metrics-single
|
||||
app.kubernetes.io/instance: victoria-metrics-single
|
||||
app: server
|
||||
ports:
|
||||
- name: http
|
||||
port: 8428
|
||||
targetPort: 8428
|
||||
type: ClusterIP
|
||||
23
metrics/victoria-metrics-single-values.yaml
Normal file
23
metrics/victoria-metrics-single-values.yaml
Normal file
@@ -0,0 +1,23 @@
|
||||
fullnameOverride: victoria-metrics-single
|
||||
namespaceOverride: metrics
|
||||
|
||||
server:
|
||||
retentionPeriod: 30d
|
||||
scrapeInterval: 30s
|
||||
replicaCount: 1
|
||||
persistentVolume:
|
||||
enabled: true
|
||||
size: 200Gi
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 256Mi
|
||||
limits:
|
||||
cpu: 500m
|
||||
memory: 1Gi
|
||||
service:
|
||||
type: ClusterIP
|
||||
port: 8428
|
||||
|
||||
serviceAccount:
|
||||
create: true
|
||||
Reference in New Issue
Block a user