diff --git a/app-files/core-deployments.yaml b/app-files/core-deployments.yaml index f782aa9..ae471a1 100644 --- a/app-files/core-deployments.yaml +++ b/app-files/core-deployments.yaml @@ -438,23 +438,3 @@ spec: - CreateNamespace=true automated: prune: false ---- -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: thanos - namespace: argocd -spec: - project: default - sources: - - repoURL: https://git.ar21.de/yolokube/core-deployments.git - targetRevision: HEAD - path: thanos - destination: - server: https://kubernetes.default.svc - namespace: thanos - syncPolicy: - syncOptions: - - CreateNamespace=true - automated: - prune: false diff --git a/thanos/0-namespace.yaml b/thanos/0-namespace.yaml deleted file mode 100644 index a96b8af..0000000 --- a/thanos/0-namespace.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: thanos diff --git a/thanos/1-service-account.yaml b/thanos/1-service-account.yaml deleted file mode 100644 index 307fa9b..0000000 --- a/thanos/1-service-account.yaml +++ /dev/null @@ -1,6 +0,0 @@ ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: thanos - namespace: thanos diff --git a/thanos/2-objectstore-secret.enc.yaml b/thanos/2-objectstore-secret.enc.yaml deleted file mode 100644 index 9c62e4c..0000000 --- a/thanos/2-objectstore-secret.enc.yaml +++ /dev/null @@ -1,45 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - namespace: thanos - name: objstore -stringData: - objstore.yml: ENC[AES256_GCM,data:qsYeR6sqW88D3+38dkKazcrY84UmihQcJQaUZmQKOMb4Cz0M4jwGOMd0RcKMdCF5iPRCj3/3KhGKzeeoZC1OCfUk5gQxjcEptFRjwiK2FWQcg/Ddq+2Htk1yL5kNWgXYuCSeHiCPXnnl+ys4ST3StaSO01fWD38Bxf/Koqm28Z8xpUOlBlu6SShLh4vHCA0iQbTe4wewuitVA/csCNZ2Gxx94ptTChQEqSJFdXx0pGwsS98=,iv:Iit7bfMnzYTrxvrw6YHvR+8sYi1IXtO0xWO7Ds0vDFw=,tag:O09md7EQE6bEEkHZ/w5njQ==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1mraede6gqxkh2rkeq5fjrcflp7emenl2qn885asxvtx5erga2pdqujuexz - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmU1l0WDBFQ2V6M2RTQzhS - RCtLSlFRdGxMU29samt0TmJ0NDFJYlh3aFVBCkR5T3dkMEk1LzNabkJheWpoYmkx - QUtSZG1wRWVOTXlGVHVVSGRySUkzekEKLS0tIHhQU1lyMGFPZEhqMUhtN3grUXlW - MXNaUjBCSjlycDRqcU9wcmtFL1VUdk0KhK+4GJ7Rfckegjul1Fcm1lCuIqkKcbcf - dqrjCMNXFktkeVuYsxyNoNpHn9AXQu4dt/3hKcmQOqmkA45Ro3xnNg== - -----END AGE ENCRYPTED FILE----- - - recipient: age1s9nvc4rxj3kaj4apmzzn8fmjrudrvdhgu70rg04we9hyse5aadsq7kmckn - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3WEt1ekFaM0xJYk4rKzFX - WURJb2NRUmRCQW5jRktYTlp1cHMxWWgyVEhvCnNuRWZhT0U2Rm1vWFVQbHBKeVJi - ZlpjZTVYZm9LeXJaWnczM0h4dFg5NUUKLS0tIGZ2MWtQTzhxSVBtY0hGYlFLTDl1 - K0xqVE4zZUN1aVdTemsxb2hURG9nWWsKhfbSLoYYvovM+CuFwxYyKtd8J6qj91nx - bH0xspOG5prCPgZkPkzv5wkCdbdyyq6+IQkX4FR88PSvSjTGSPYeeg== - -----END AGE ENCRYPTED FILE----- - - recipient: age1z5wtjmk0jw0j9qz9k5rrnp30nzqxrl3v6wgl7eryvqus28zekp4qpx9jc2 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1Zm04R0ZWUllMbGJnUWhG - NUJOWHpiTzhITXRlMG1CTlFNOGErRyszSms4CkQybTZTNlkrQ1ZIRkV6LzAwQ1gr - dTcyMkFqKy9jNTVqVHVEblhuTCsvWTgKLS0tIHRvOGFwUEhuYkszYTFQWkwzSGI0 - VkYvNjZOVDBTdFJJUFZIYnNhb2hWRnMKAWseSbZvJVARlBxfF1c02D6k+RDUw23H - /mIWAjW5IhFOU2oiP3qyl8vWk67z4rEro0+MMWaiPFY6V9wfjQlKWQ== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-10-02T18:44:40Z" - mac: ENC[AES256_GCM,data:e4ZUc6HyoMP+36hC+Z5H+uSY4WQhdabfRmsYsvmDoduiFrjcgIB5BuvWcsguS7X9ppAw5xWxXPMVQKguwNwInvrDGpyNtv2uLmEt17QakhGwSFMuQS/0jWVtOKa3o7YofbrEe7HiTsEhKY7ltyc0OEsv64w+x3Bk4F9dbbONfv0=,iv:IQiIClmY7pluN/4CIHJkka5U6TscgzbxCxRODp0HD/s=,tag:RxVdqnLa032JU90+LeS0Fg==,type:str] - pgp: [] - encrypted_regex: ^(data|stringData)$ - version: 3.9.0 diff --git a/thanos/3-querier.yaml b/thanos/3-querier.yaml deleted file mode 100644 index cededff..0000000 --- a/thanos/3-querier.yaml +++ /dev/null @@ -1,111 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - namespace: thanos - name: querier -spec: - replicas: 2 - strategy: - type: RollingUpdate - selector: - matchLabels: - app.kubernetes.io/name: querier - template: - metadata: - labels: - app.kubernetes.io/name: querier - spec: - serviceAccount: thanos - securityContext: - runAsUser: 1001 - fsGroup: 1001 - containers: - - name: querier - image: quay.io/thanos/thanos:v0.36.1 - args: - - query - - --log.level=info - - --endpoint.info-timeout=30s - - --grpc-address=0.0.0.0:10901 - - --http-address=0.0.0.0:10902 - - --query.replica-label=prometheus_replica - - --store=storegateway.thanos.svc.cluster.local:10901 - - --store=receiver-store-1.thanos.svc.cluster.local:10907 - - --store=receiver-store-2.thanos.svc.cluster.local:10907 - ports: - - name: http - containerPort: 10902 - protocol: TCP - - name: grpc - containerPort: 10901 - protocol: TCP - livenessProbe: - failureThreshold: 6 - httpGet: - path: /-/healthy - port: http - initialDelaySeconds: 30 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 30 - readinessProbe: - failureThreshold: 6 - httpGet: - path: /-/ready - port: http - initialDelaySeconds: 30 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 30 - resources: - requests: - cpu: 100m - memory: 256Mi - limits: - cpu: 500m - memory: 2Gi ---- -apiVersion: v1 -kind: Service -metadata: - namespace: thanos - name: querier -spec: - type: ClusterIP - ports: - - port: 9090 - targetPort: http - protocol: TCP - name: http - - port: 10901 - targetPort: grpc - protocol: TCP - name: grpc - selector: - app.kubernetes.io/name: querier ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - annotations: - kubernetes.io/tls-acme: "true" - traefik.ingress.kubernetes.io/router.middlewares: authentik-authentik@kubernetescrd - name: thanos-ingress - namespace: thanos -spec: - rules: - - host: "thanos.services.yolokube.de" - http: - paths: - - pathType: Prefix - path: "/" - backend: - service: - name: querier - port: - name: http - tls: - - hosts: - - thanos.services.yolokube.de - secretName: thanos-tls-key diff --git a/thanos/4-storegateway.yaml b/thanos/4-storegateway.yaml deleted file mode 100644 index 5930f33..0000000 --- a/thanos/4-storegateway.yaml +++ /dev/null @@ -1,118 +0,0 @@ ---- -apiVersion: apps/v1 -kind: StatefulSet -metadata: - namespace: thanos - name: storegateway -spec: - replicas: 1 - serviceName: storegateway - updateStrategy: - type: RollingUpdate - selector: - matchLabels: - app.kubernetes.io/name: storegateway - template: - metadata: - labels: - app.kubernetes.io/name: storegateway - spec: - serviceAccount: thanos - securityContext: - fsGroup: 1001 - initContainers: - - name: init-chmod-data - image: docker.io/bitnami/minideb:buster - command: - - sh - - -c - - | - mkdir -p /data - chown -R "1001:1001" /data - securityContext: - runAsUser: 0 - volumeMounts: - - name: data - mountPath: /data - containers: - - name: storegateway - image: quay.io/thanos/thanos:v0.36.1 - securityContext: - runAsUser: 1001 - args: - - store - - --chunk-pool-size=2GB - - --log.level=debug - - --grpc-address=0.0.0.0:10901 - - --http-address=0.0.0.0:10902 - - --data-dir=/data - - --objstore.config-file=/conf/objstore.yml - ports: - - name: http - containerPort: 10902 - protocol: TCP - - name: grpc - containerPort: 10901 - protocol: TCP - livenessProbe: - failureThreshold: 6 - httpGet: - path: /-/healthy - port: http - initialDelaySeconds: 30 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 30 - readinessProbe: - failureThreshold: 6 - httpGet: - path: /-/ready - port: http - initialDelaySeconds: 30 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 30 - resources: - requests: - cpu: 100m - memory: 256Mi - limits: - cpu: 500m - memory: 1Gi - volumeMounts: - - name: objstore - mountPath: /conf/objstore.yml - subPath: objstore.yml - - name: data - mountPath: /data - volumes: - - name: objstore - secret: - secretName: objstore - volumeClaimTemplates: - - metadata: - name: data - spec: - accessModes: [ReadWriteOnce] - resources: - requests: - storage: 20Gi ---- -apiVersion: v1 -kind: Service -metadata: - namespace: thanos - name: storegateway -spec: - type: ClusterIP - ports: - - port: 9090 - targetPort: http - protocol: TCP - name: http - - port: 10901 - targetPort: grpc - protocol: TCP - name: grpc - selector: - app.kubernetes.io/name: storegateway diff --git a/thanos/5-compactor.yaml b/thanos/5-compactor.yaml deleted file mode 100644 index f5669fa..0000000 --- a/thanos/5-compactor.yaml +++ /dev/null @@ -1,105 +0,0 @@ ---- -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - namespace: thanos - name: compactor -spec: - accessModes: [ReadWriteOnce] - resources: - requests: - storage: 20Gi ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - namespace: thanos - name: compactor -spec: - replicas: 1 - strategy: - type: Recreate - selector: - matchLabels: - app.kubernetes.io/name: compactor - template: - metadata: - labels: - app.kubernetes.io/name: compactor - spec: - serviceAccount: thanos - securityContext: - fsGroup: 1001 - initContainers: - - name: init-chmod-data - image: docker.io/bitnami/minideb:buster - command: - - sh - - -c - - | - mkdir -p /data - chown -R "1001:1001" /data - securityContext: - runAsUser: 0 - volumeMounts: - - name: data - mountPath: /data - containers: - - name: compactor - image: quay.io/thanos/thanos:v0.36.1 - imagePullPolicy: IfNotPresent - securityContext: - runAsUser: 1001 - args: - - compact - - --log.level=info - - --http-address=0.0.0.0:10902 - - --data-dir=/data - - --retention.resolution-raw=7d - - --retention.resolution-5m=30d - - --retention.resolution-1h=180d - - --consistency-delay=30m - - --objstore.config-file=/conf/objstore.yml - - --wait - ports: - - name: http - containerPort: 10902 - protocol: TCP - livenessProbe: - failureThreshold: 6 - httpGet: - path: /-/healthy - port: http - initialDelaySeconds: 30 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 30 - readinessProbe: - failureThreshold: 6 - httpGet: - path: /-/ready - port: http - initialDelaySeconds: 30 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 30 - resources: - requests: - cpu: 100m - memory: 256Mi - limits: - cpu: 500m - memory: 256Mi - volumeMounts: - - name: objstore - mountPath: /conf/objstore.yml - subPath: objstore.yml - - name: data - mountPath: /data - volumes: - - name: objstore - secret: - secretName: objstore - - name: data - persistentVolumeClaim: - claimName: compactor diff --git a/thanos/6-receiver.yaml b/thanos/6-receiver.yaml deleted file mode 100644 index 88ae91c..0000000 --- a/thanos/6-receiver.yaml +++ /dev/null @@ -1,309 +0,0 @@ ---- -apiVersion: v1 -kind: Secret -metadata: - name: hashring - namespace: thanos -stringData: - hashring.json: |- - [ - { - "endpoints": [ - "receiver-store-1.thanos.svc.cluster.local:10907", - "receiver-store-2.thanos.svc.cluster.local:10907" - ] - } - ] ---- -apiVersion: v1 -kind: Service -metadata: - name: receiver-store-1 - namespace: thanos -spec: - type: ClusterIP - ports: - - port: 10907 - targetPort: grpc - protocol: TCP - name: grpc - selector: - app.kubernetes.io/name: receiver - app.kubernetes.io/instance: receiver-1 ---- -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: receiver-1 - namespace: thanos -spec: - replicas: 1 - serviceName: receiver - updateStrategy: - type: RollingUpdate - selector: - matchLabels: - app.kubernetes.io/name: receiver - app.kubernetes.io/instance: receiver-1 - template: - metadata: - labels: - app.kubernetes.io/name: receiver - app.kubernetes.io/instance: receiver-1 - spec: - serviceAccount: thanos - securityContext: - fsGroup: 1001 - initContainers: - - name: init-chmod-data - image: docker.io/bitnami/minideb:buster - imagePullPolicy: Always - command: - - sh - - -c - - | - mkdir -p /data - chown -R "1001:1001" /data - securityContext: - runAsUser: 0 - volumeMounts: - - name: data - mountPath: /data - containers: - - name: receiver - image: quay.io/thanos/thanos:v0.36.1 - imagePullPolicy: IfNotPresent - securityContext: - runAsUser: 1001 - args: - - receive - - --tsdb.path=/data - - --tsdb.retention=15d - - --log.level=info - - --grpc-address=0.0.0.0:10907 - - --http-address=0.0.0.0:10909 - - --receive.replication-factor=1 - - --label - - receive_replica="0" - - --label - - receive_cluster="main" - - --receive.tenant-label-name - - yolokube - - --objstore.config-file=/conf/objstore.yml - - --remote-write.address=0.0.0.0:10908 - - --receive.hashrings-algorithm=ketama - - --receive.hashrings-file=/conf/hashring.json - - --receive.local-endpoint=receiver-store-1.thanos.svc.cluster.local:10907 - ports: - - name: http - containerPort: 10909 - protocol: TCP - - name: grpc - containerPort: 10907 - protocol: TCP - - name: remote-write - containerPort: 10908 - protocol: TCP - livenessProbe: - failureThreshold: 6 - httpGet: - path: /-/healthy - port: http - initialDelaySeconds: 30 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 30 - readinessProbe: - failureThreshold: 6 - httpGet: - path: /-/ready - port: http - initialDelaySeconds: 30 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 30 - resources: - requests: - cpu: 1000m - memory: 512Mi - limits: - cpu: 3000m - memory: 4Gi - volumeMounts: - - name: objstore - mountPath: /conf/objstore.yml - subPath: objstore.yml - - name: data - mountPath: /data - - name: hashring - mountPath: /conf/hashring.json - subPath: hashring.json - volumes: - - name: objstore - secret: - secretName: objstore - - name: hashring - secret: - secretName: hashring - volumeClaimTemplates: - - metadata: - name: data - spec: - accessModes: [ReadWriteOnce] - resources: - requests: - storage: 20Gi ---- -apiVersion: v1 -kind: Service -metadata: - name: receiver-store-2 - namespace: thanos -spec: - type: ClusterIP - ports: - - port: 10907 - targetPort: grpc - protocol: TCP - name: grpc - selector: - app.kubernetes.io/name: receiver - app.kubernetes.io/instance: receiver-2 ---- -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: receiver-2 - namespace: thanos -spec: - replicas: 1 - serviceName: receiver - updateStrategy: - type: RollingUpdate - selector: - matchLabels: - app.kubernetes.io/name: receiver - app.kubernetes.io/instance: receiver-2 - template: - metadata: - labels: - app.kubernetes.io/name: receiver - app.kubernetes.io/instance: receiver-2 - spec: - serviceAccount: thanos - securityContext: - fsGroup: 1001 - initContainers: - - name: init-chmod-data - image: docker.io/bitnami/minideb:buster - imagePullPolicy: Always - command: - - sh - - -c - - | - mkdir -p /data - chown -R "1001:1001" /data - securityContext: - runAsUser: 0 - volumeMounts: - - name: data - mountPath: /data - containers: - - name: receiver - image: quay.io/thanos/thanos:v0.36.1 - imagePullPolicy: IfNotPresent - securityContext: - runAsUser: 1001 - args: - - receive - - --tsdb.path=/data - - --tsdb.retention=15d - - --log.level=info - - --grpc-address=0.0.0.0:10907 - - --http-address=0.0.0.0:10909 - - --receive.replication-factor=1 - - --label - - receive_replica="0" - - --label - - receive_cluster="main" - - --receive.tenant-label-name - - yolokube - - --objstore.config-file=/conf/objstore.yml - - --remote-write.address=0.0.0.0:10908 - - --receive.hashrings-algorithm=ketama - - --receive.hashrings-file=/conf/hashring.json - - --receive.local-endpoint=receiver-store-2.thanos.svc.cluster.local:10907 - ports: - - name: http - containerPort: 10909 - protocol: TCP - - name: grpc - containerPort: 10907 - protocol: TCP - - name: remote-write - containerPort: 10908 - protocol: TCP - livenessProbe: - failureThreshold: 6 - httpGet: - path: /-/healthy - port: http - initialDelaySeconds: 30 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 30 - readinessProbe: - failureThreshold: 6 - httpGet: - path: /-/ready - port: http - initialDelaySeconds: 30 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 30 - resources: - requests: - cpu: 1000m - memory: 512Mi - limits: - cpu: 3000m - memory: 4Gi - volumeMounts: - - name: objstore - mountPath: /conf/objstore.yml - subPath: objstore.yml - - name: data - mountPath: /data - - name: hashring - mountPath: /conf/hashring.json - subPath: hashring.json - volumes: - - name: objstore - secret: - secretName: objstore - - name: hashring - secret: - secretName: hashring - volumeClaimTemplates: - - metadata: - name: data - spec: - accessModes: [ReadWriteOnce] - resources: - requests: - storage: 20Gi ---- -apiVersion: v1 -kind: Service -metadata: - name: receiver-write - namespace: thanos -spec: - type: ClusterIP - ports: - - port: 10908 - targetPort: remote-write - protocol: TCP - name: remote-write - selector: - app.kubernetes.io/name: receiver