core-deployments/prometheus/values.yaml

alertmanager:
  alertmanagerSpec:
    podAntiAffinity: "hard"
    replicas: 2
    secrets:
      - "telegram-api"
    configMaps:
      - "templates"
    storage:
      volumeClaimTemplate:
       spec:
         accessModes: ["ReadWriteOnce"]
         resources:
           requests:
             storage: 5Gi
    useExistingSecret: false
  config:
    global:
      resolve_timeout: 5m
    templates:
      - '/etc/alertmanager/configmaps/templates/telegram.tmpl'
    route:
      group_by: ['alertname']
      group_wait: 30s
      group_interval: 30s
      repeat_interval: 24h
      receiver: 'tg1'
      routes:
        - matchers:
          - severity=warning
          receiver: 'tg1'
        - matchers:
          - severity=critical
          receiver: 'tg1'
    receivers:
    - name: tg1
      telegram_configs:
      - bot_token_file: '/etc/alertmanager/secrets/telegram-api/api_key'
        chat_id: -995270884
        api_url: "https://api.telegram.org"
        send_resolved: true
        parse_mode: "HTML"
        message: '{{ template "telegram.aaron" .}}'
    inhibit_rules:
      - source_matchers:
          - severity = critical
        target_matchers:
          - severity = warning
          - severity = info
        equal: ['node']
      - source_matchers:
          - alertname = KubeNodeUnreachable
        target_matchers:
          - severity =~ "warning|info"
  ingress:
    paths:
      - /
    enabled: true
    hosts:
      - alertmanager.services.yolokube.de
    annotations:
      traefik.ingress.kubernetes.io/router.middlewares: authentik-authentik@kubernetescrd
      kubernetes.io/tls-acme: "true"
    tls:
      - secretName: alertmanager-tls-key
        hosts:
          - alertmanager.services.yolokube.de
  ingressPerReplica:
    pathType: ImplementationSpecific
    paths:
      - /
    enabled: true
    hostPrefix: alertmanager
    hostDomain: services.yolokube.de
    annotations:
      traefik.ingress.kubernetes.io/router.middlewares: authentik-authentik@kubernetescrd
      kubernetes.io/tls-acme: "true"
    tlsSecretPerReplica:
      enabled: true
      prefix: alertmanager
  servicePerReplica:
    enabled: true
  podAntiAffinity: "hard"
grafana:
  defaultDashboardsTimezone: Europe/Berlin
  ingress:
    annotations:
      kubernetes.io/tls-acme: "true"
      traefik.ingress.kubernetes.io/router.middlewares: authentik-authentik@kubernetescrd
    enabled: true
    hosts:
      - grafana.services.yolokube.de
    tls:
      - secretName: grafana-tls-key
        hosts:
          - grafana.services.yolokube.de
  persistence:
    enabled: true
    accessModes:
     - ReadWriteMany
  grafana.ini:
    auth:
      disable_login_form: true
      disable_signout_menu: true
    auth.proxy:
      enabled: true
      header_name: X-Authentik-Username
      header_property: username
      auto_sign_up: true
      headers: Email:X-Authentik-Email, Name:X-Authentik-Name
      whitelist: 0.0.0.0/0
prometheus-node-exporter:
  prometheus:
    monitor:
      enabled: true
      relabelings:
        - action: replace
          sourceLabels: [__meta_kubernetes_endpoint_node_name]
          targetLabel: node
  extraArgs:
    - '--collector.filesystem.mount-points-exclude=^/(dev|proc|sys|var/lib/docker/.+|var/lib/kubelet/.+)($|/)'
    - '--collector.filesystem.fs-types-exclude=^(autofs|binfmt_misc|bpf|cgroup2?|configfs|debugfs|devpts|devtmpfs|fusectl|hugetlbfs|iso9660|mqueue|nsfs|overlay|proc|procfs|pstore|rpc_pipefs|securityfs|selinuxfs|squashfs|sysfs|tracefs)$'
    - '--collector.textfile.directory=/host/root/var/log/'
    - '--collector.ethtool'
prometheus:
  servicePerReplica:
    enabled: true
  ingress:
    paths:
      - /
    enabled: true
    hosts:
      - prometheus.services.yolokube.de
    annotations:
      traefik.ingress.kubernetes.io/router.middlewares: authentik-authentik@kubernetescrd
      kubernetes.io/tls-acme: "true"
    tls:
      - secretName: prometheus-tls-key
        hosts:
          - prometheus.services.yolokube.de
  ingressPerReplica:
    pathType: ImplementationSpecific
    paths:
      - /
    enabled: true
    hostPrefix: prometheus
    hostDomain: services.yolokube.de
    annotations:
      traefik.ingress.kubernetes.io/router.middlewares: authentik-authentik@kubernetescrd
      kubernetes.io/tls-acme: "true"
    tlsSecretPerReplica:
      enabled: true
      prefix: prometheus
  prometheusSpec:
    retentionSize: "45GB"
    replicas: 2
    storageSpec:
      volumeClaimTemplate:
       spec:
         storageClassName: longhorn-local
         accessModes: ["ReadWriteOnce"]
         resources:
           requests:
             storage: 50Gi
    ruleNamespaceSelector:
      matchLabels:
        prometheus: yolokube
    ruleSelector:
      matchLabels: null
    serviceMonitorSelector:
      matchLabels: null
    podMonitorSelector:
      matchLabels: null
    probeSelector:
      matchLabels: null
    scrapeConfigSelector:
      matchLabels: null
    podAntiAffinity: "hard"
  servicePerReplica:
    enabled: true
defaultRules:
  create: true
customRules:
  KubeNodeUnreachable:
    for: 0m
    severity: "critical"
add alertmanager config 2023-04-20 01:39:36 +02:00			`alertmanager:`
change prometheus to prometheus-operator with kube-prometheus, this includes grafana 2023-06-20 08:43:48 +02:00			`alertmanagerSpec:`
add pod affinity for alertmanager 2024-02-09 04:41:59 +01:00			`podAntiAffinity: "hard"`
change prometheus to prometheus-operator with kube-prometheus, this includes grafana 2023-06-20 08:43:48 +02:00			`replicas: 2`
put alertmanager config back into helm values 2023-08-30 21:27:13 +02:00			`secrets:`
try to fix prometheus try to fix prometheus 2 try to fix prometheus 3 2023-08-30 21:32:18 +02:00			`- "telegram-api"`
			`configMaps:`
			`- "templates"`
try to fix prometheus 2 2023-08-31 00:29:12 +02:00			`storage:`
			`volumeClaimTemplate:`
			`spec:`
			`accessModes: ["ReadWriteOnce"]`
			`resources:`
			`requests:`
			`storage: 5Gi`
			`useExistingSecret: false`
put alertmanager config back into helm values 2023-08-30 21:27:13 +02:00			`config:`
			`global:`
			`resolve_timeout: 5m`
			`templates:`
fix alertmanager 2023-09-15 01:43:41 +02:00			`- '/etc/alertmanager/configmaps/templates/telegram.tmpl'`
put alertmanager config back into helm values 2023-08-30 21:27:13 +02:00			`route:`
			`group_by: ['alertname']`
			`group_wait: 30s`
			`group_interval: 30s`
			`repeat_interval: 24h`
			`receiver: 'tg1'`
			`routes:`
			`- matchers:`
			`- severity=warning`
			`receiver: 'tg1'`
			`- matchers:`
			`- severity=critical`
			`receiver: 'tg1'`
			`receivers:`
			`- name: tg1`
			`telegram_configs:`
fix alertmanager 2023-09-15 01:43:41 +02:00			`- bot_token_file: '/etc/alertmanager/secrets/telegram-api/api_key'`
put alertmanager config back into helm values 2023-08-30 21:27:13 +02:00			`chat_id: -995270884`
			`api_url: "https://api.telegram.org"`
			`send_resolved: true`
			`parse_mode: "HTML"`
			`message: '{{ template "telegram.aaron" .}}'`
			`inhibit_rules:`
			`- source_matchers:`
			`- severity = critical`
			`target_matchers:`
			`- severity = warning`
change alert inhibition rules 2023-12-18 17:33:47 +01:00			`- severity = info`
			`equal: ['node']`
add inhibition rule to alertmanager 2024-01-31 16:19:42 +01:00			`- source_matchers:`
			`- alertname = KubeNodeUnreachable`
			`target_matchers:`
			`- severity =~ "warning\|info"`
change prometheus to prometheus-operator with kube-prometheus, this includes grafana 2023-06-20 08:43:48 +02:00			`ingress:`
try to fix prometheus deployment 2023-06-20 08:54:19 +02:00			`paths:`
			`- /`
reload alertmanager config automatically 2023-06-17 09:11:18 +02:00			`enabled: true`
change prometheus to prometheus-operator with kube-prometheus, this includes grafana 2023-06-20 08:43:48 +02:00			`hosts:`
			`- alertmanager.services.yolokube.de`
			`annotations:`
add SSO to prometheus, longhorn, alertmanager 2024-09-29 14:10:34 +02:00			`traefik.ingress.kubernetes.io/router.middlewares: authentik-authentik@kubernetescrd`
Adjust ingress tls values for cert-manager 2024-05-28 17:42:47 +02:00			`kubernetes.io/tls-acme: "true"`
			`tls:`
			`- secretName: alertmanager-tls-key`
			`hosts:`
			`- alertmanager.services.yolokube.de`
change prometheus to prometheus-operator with kube-prometheus, this includes grafana 2023-06-20 08:43:48 +02:00			`ingressPerReplica:`
try to fix prometheus deployment 3 2023-06-20 09:06:13 +02:00			`pathType: ImplementationSpecific`
try to fix prometheus deployment 2 2023-06-20 08:56:06 +02:00			`paths:`
			`- /`
change prometheus to prometheus-operator with kube-prometheus, this includes grafana 2023-06-20 08:43:48 +02:00			`enabled: true`
			`hostPrefix: alertmanager`
			`hostDomain: services.yolokube.de`
			`annotations:`
add SSO to prometheus, longhorn, alertmanager 2024-09-29 14:10:34 +02:00			`traefik.ingress.kubernetes.io/router.middlewares: authentik-authentik@kubernetescrd`
Adjust ingress tls values for cert-manager 2024-05-28 17:42:47 +02:00			`kubernetes.io/tls-acme: "true"`
			`tlsSecretPerReplica:`
			`enabled: true`
			`prefix: alertmanager`
change prometheus to prometheus-operator with kube-prometheus, this includes grafana 2023-06-20 08:43:48 +02:00			`servicePerReplica:`
			`enabled: true`
prometheus/values.yaml: Prevent all replicas on the same node 2023-12-25 10:19:03 +01:00			`podAntiAffinity: "hard"`
change prometheus to prometheus-operator with kube-prometheus, this includes grafana 2023-06-20 08:43:48 +02:00			`grafana:`
			`defaultDashboardsTimezone: Europe/Berlin`
			`ingress:`
Adjust ingress tls values for cert-manager 2024-05-28 17:42:47 +02:00			`annotations:`
			`kubernetes.io/tls-acme: "true"`
reconfigure grafana for sso 2024-09-29 15:23:01 +02:00			`traefik.ingress.kubernetes.io/router.middlewares: authentik-authentik@kubernetescrd`
change prometheus to prometheus-operator with kube-prometheus, this includes grafana 2023-06-20 08:43:48 +02:00			`enabled: true`
			`hosts:`
			`- grafana.services.yolokube.de`
Adjust ingress tls values for cert-manager 2024-05-28 17:42:47 +02:00			`tls:`
			`- secretName: grafana-tls-key`
			`hosts:`
			`- grafana.services.yolokube.de`
enable persistence for grafana 2023-06-29 12:02:54 +02:00			`persistence:`
			`enabled: true`
change grafana volume to RWX 2024-02-23 13:00:56 +01:00			`accessModes:`
			`- ReadWriteMany`
reconfigure grafana for sso 2024-09-29 15:23:01 +02:00			`grafana.ini:`
			`auth:`
			`disable_login_form: true`
			`disable_signout_menu: true`
			`auth.proxy:`
			`enabled: true`
			`header_name: X-Authentik-Username`
			`header_property: username`
			`auto_sign_up: true`
			`headers: Email:X-Authentik-Email, Name:X-Authentik-Name`
			`whitelist: 0.0.0.0/0`
start scraping the /var/log directory for prometheus text files 2023-04-20 06:03:40 +02:00			`prometheus-node-exporter:`
Monitoring: add node tag to node-exporter metrics 2023-06-23 19:19:48 +02:00			`prometheus:`
			`monitor:`
			`enabled: true`
			`relabelings:`
Monitoring: change prometheus values to prevent sync-loop in argo 2023-06-24 07:28:58 +02:00			`- action: replace`
			`sourceLabels: [__meta_kubernetes_endpoint_node_name]`
Monitoring: add node tag to node-exporter metrics 2023-06-23 19:19:48 +02:00			`targetLabel: node`
start scraping the /var/log directory for prometheus text files 2023-04-20 06:03:40 +02:00			`extraArgs:`
change prometheus to prometheus-operator with kube-prometheus, this includes grafana 2023-06-20 08:43:48 +02:00			`- '--collector.filesystem.mount-points-exclude=^/(dev\|proc\|sys\|var/lib/docker/.+\|var/lib/kubelet/.+)($\|/)'`
			`- '--collector.filesystem.fs-types-exclude=^(autofs\|binfmt_misc\|bpf\|cgroup2?\|configfs\|debugfs\|devpts\|devtmpfs\|fusectl\|hugetlbfs\|iso9660\|mqueue\|nsfs\|overlay\|proc\|procfs\|pstore\|rpc_pipefs\|securityfs\|selinuxfs\|squashfs\|sysfs\|tracefs)$'`
start scraping the /var/log directory for prometheus text files 2023-04-20 06:03:40 +02:00			`- '--collector.textfile.directory=/host/root/var/log/'`
			`- '--collector.ethtool'`
change prometheus to prometheus-operator with kube-prometheus, this includes grafana 2023-06-20 08:43:48 +02:00			`prometheus:`
			`servicePerReplica:`
			`enabled: true`
			`ingress:`
try to fix prometheus deployment 2023-06-20 08:54:19 +02:00			`paths:`
			`- /`
change prometheus to prometheus-operator with kube-prometheus, this includes grafana 2023-06-20 08:43:48 +02:00			`enabled: true`
			`hosts:`
			`- prometheus.services.yolokube.de`
			`annotations:`
add SSO to prometheus, longhorn, alertmanager 2024-09-29 14:10:34 +02:00			`traefik.ingress.kubernetes.io/router.middlewares: authentik-authentik@kubernetescrd`
Adjust ingress tls values for cert-manager 2024-05-28 17:42:47 +02:00			`kubernetes.io/tls-acme: "true"`
			`tls:`
			`- secretName: prometheus-tls-key`
			`hosts:`
			`- prometheus.services.yolokube.de`
change prometheus to prometheus-operator with kube-prometheus, this includes grafana 2023-06-20 08:43:48 +02:00			`ingressPerReplica:`
try to fix prometheus deployment 3 2023-06-20 09:06:13 +02:00			`pathType: ImplementationSpecific`
try to fix prometheus deployment 2 2023-06-20 08:56:06 +02:00			`paths:`
			`- /`
change prometheus to prometheus-operator with kube-prometheus, this includes grafana 2023-06-20 08:43:48 +02:00			`enabled: true`
			`hostPrefix: prometheus`
			`hostDomain: services.yolokube.de`
			`annotations:`
add SSO to prometheus, longhorn, alertmanager 2024-09-29 14:10:34 +02:00			`traefik.ingress.kubernetes.io/router.middlewares: authentik-authentik@kubernetescrd`
Adjust ingress tls values for cert-manager 2024-05-28 17:42:47 +02:00			`kubernetes.io/tls-acme: "true"`
			`tlsSecretPerReplica:`
			`enabled: true`
			`prefix: prometheus`
change prometheus to prometheus-operator with kube-prometheus, this includes grafana 2023-06-20 08:43:48 +02:00			`prometheusSpec:`
change prometheus metric storage values 2024-02-06 22:27:49 +01:00			`retentionSize: "45GB"`
change prometheus to prometheus-operator with kube-prometheus, this includes grafana 2023-06-20 08:43:48 +02:00			`replicas: 2`
try to fix prometheus deployment 6 (final) (for now) 2023-06-20 13:15:28 +02:00			`storageSpec:`
			`volumeClaimTemplate:`
			`spec:`
rework storage to reduce backup load 2024-01-26 13:39:13 +01:00			`storageClassName: longhorn-local`
try to fix prometheus deployment 6 (final) (for now) 2023-06-20 13:15:28 +02:00			`accessModes: ["ReadWriteOnce"]`
			`resources:`
			`requests:`
change prometheus metric storage values 2024-02-06 22:27:49 +01:00			`storage: 50Gi`
Tell Prometheus to only pick up rules from namespaces with label "prometheus: yolokube" 2023-10-23 18:05:29 +02:00			`ruleNamespaceSelector:`
			`matchLabels:`
			`prometheus: yolokube`
prometheus/values.yaml: change settings for 63.x compatibility 2024-09-28 23:54:11 +02:00			`ruleSelector:`
			`matchLabels: null`
			`serviceMonitorSelector:`
			`matchLabels: null`
			`podMonitorSelector:`
			`matchLabels: null`
			`probeSelector:`
			`matchLabels: null`
			`scrapeConfigSelector:`
			`matchLabels: null`
prometheus/values.yaml: Fix pod antiaffinity 2024-03-16 13:06:47 +01:00			`podAntiAffinity: "hard"`
change prometheus to prometheus-operator with kube-prometheus, this includes grafana 2023-06-20 08:43:48 +02:00			`servicePerReplica:`
prometheus/values.yaml: avoid all pods on the same node 2023-11-26 20:41:43 +01:00			`enabled: true`
PROMETHEUS: move alerts to this repo to allow modifications 2024-02-01 22:00:37 +01:00			`defaultRules:`
delete manual rule overrides and handle it with helm values instead 2024-03-17 12:36:18 +01:00			`create: true`
			`customRules:`
			`KubeNodeUnreachable:`
			`for: 0m`
Adjust ingress tls values for cert-manager 2024-05-28 17:42:47 +02:00			`severity: "critical"`