---
apiVersion: apps/v1
kind: Deployment
metadata:
  namespace: thanos
  name: querier
spec:
  replicas: 2
  strategy:
    type: RollingUpdate
  selector:
    matchLabels:
      app.kubernetes.io/name: querier
  template:
    metadata:
      labels:
        app.kubernetes.io/name: querier
    spec:
      serviceAccount: thanos
      securityContext:
        runAsUser: 1001
        fsGroup: 1001
      containers:
        - name: querier
          image: quay.io/thanos/thanos:v0.37.2
          args:
            - query
            - --log.level=info
            - --endpoint.info-timeout=30s
            - --grpc-address=0.0.0.0:10901
            - --http-address=0.0.0.0:10902
            - --query.replica-label=prometheus_replica
            - --store=storegateway.thanos.svc.cluster.local:10901
            - --store=receiver-store-1.thanos.svc.cluster.local:10907
            - --store=receiver-store-2.thanos.svc.cluster.local:10907
          ports:
            - name: http
              containerPort: 10902
              protocol: TCP
            - name: grpc
              containerPort: 10901
              protocol: TCP
          livenessProbe:
            failureThreshold: 6
            httpGet:
              path: /-/healthy
              port: http
            initialDelaySeconds: 30
            periodSeconds: 10
            successThreshold: 1
            timeoutSeconds: 30
          readinessProbe:
            failureThreshold: 6
            httpGet:
              path: /-/ready
              port: http
            initialDelaySeconds: 30
            periodSeconds: 10
            successThreshold: 1
            timeoutSeconds: 30
          resources:
            requests:
              cpu: 100m
              memory: 256Mi
            limits:
              cpu: 750m
              memory: 2Gi
---
apiVersion: v1
kind: Service
metadata:
  namespace: thanos
  name: querier
spec:
  type: ClusterIP
  ports:
    - port: 9090
      targetPort: http
      protocol: TCP
      name: http
    - port: 10901
      targetPort: grpc
      protocol: TCP
      name: grpc
  selector:
    app.kubernetes.io/name: querier
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    kubernetes.io/tls-acme: "true"
    traefik.ingress.kubernetes.io/router.middlewares: authentik-authentik@kubernetescrd
  name: thanos-ingress
  namespace: thanos
spec:
  rules:
    - host: "thanos.services.yolokube.de"
      http:
        paths:
          - pathType: Prefix
            path: "/"
            backend:
              service:
                name: querier
                port:
                  name: http
  tls:
    - hosts:
        - thanos.services.yolokube.de
      secretName: thanos-tls-key