diff --git a/_templates/argo_app.template b/_templates/argo_app.template new file mode 100644 index 0000000..4f629e9 --- /dev/null +++ b/_templates/argo_app.template @@ -0,0 +1,18 @@ +# vim:ft=jsonnet: +local base = import "argo_base.template"; + +base + { + repo:: error "repo must be defined", + version:: error "version must be defined", + path:: error "path must be defined", + recursive:: true, + + spec+: { + source: { + repoURL: $.repo, + path: $.path, + targetRevision: $.version, + directory: { recurse: $.recursive }, + } + } +} diff --git a/_templates/argo_base.template b/_templates/argo_base.template new file mode 100644 index 0000000..4ea63d3 --- /dev/null +++ b/_templates/argo_base.template @@ -0,0 +1,27 @@ +# vim:ft=jsonnet: +{ + name:: error "name must be defined", + namespace:: $.name, + syncOptions:: ["CreateNamespace=true"], + + apiVersion: "argoproj.io/v1alpha1", + kind: "Application", + metadata: { + name: $.name, + namespace: "argocd", + }, + spec: { + project: "baseline", + destination: { + server: "https://kubernetes.default.svc", + namespace: $.namespace, + }, + syncPolicy: { + automated: { + selfHeal: true, + prune: true, + }, + syncOptions: $.syncOptions, + } + } +} diff --git a/_templates/argo_helm_app.template b/_templates/argo_helm_app.template new file mode 100644 index 0000000..085f643 --- /dev/null +++ b/_templates/argo_helm_app.template @@ -0,0 +1,30 @@ +# vim:ft=jsonnet: +local base = import "argo_base.template"; + +base + { + repo:: error "repo must be defined", + chart:: $.name, + version:: error "version must be defined", + skipCrds:: false, + values:: "", + + spec+: { + source+: { + repoURL: $.repo, + chart: $.chart, + targetRevision: $.version, + } + + + ( + if std.length($.values) > 0 then + { helm+: { values: $.values } } else {} + ) + + + ( + if $.skipCrds then + { helm+: { skipCrds: true } } else {} + ) + + } + +} diff --git a/k8s-manifests/cert-manager.jsonnet b/k8s-manifests/cert-manager.jsonnet new file mode 100644 index 0000000..622376b --- /dev/null +++ b/k8s-manifests/cert-manager.jsonnet @@ -0,0 +1,13 @@ +# vim:expandtab: +local helmapp = import "../_templates/argo_helm_app.template"; + +[ +helmapp + { + name:: "cert-manager", + repo:: "https://charts.jetstack.io", + version:: "v1.7.2", + values:: ||| + installCRDs: true + ||| +}, +] diff --git a/k8s-manifests/cert-manager.yml b/k8s-manifests/cert-manager.yml deleted file mode 100644 index da8d225..0000000 --- a/k8s-manifests/cert-manager.yml +++ /dev/null @@ -1,24 +0,0 @@ ---- -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: cert-manager - namespace: argocd -spec: - project: baseline - destination: - server: https://kubernetes.default.svc - namespace: cert-manager - syncPolicy: - automated: - selfHeal: true - prune: true - syncOptions: - - CreateNamespace=true - source: - repoURL: https://charts.jetstack.io - chart: cert-manager - targetRevision: v1.7.2 - helm: - values: | - installCRDs: true diff --git a/k8s-manifests/ingress-nginx.jsonnet b/k8s-manifests/ingress-nginx.jsonnet new file mode 100644 index 0000000..6cfc3ab --- /dev/null +++ b/k8s-manifests/ingress-nginx.jsonnet @@ -0,0 +1,23 @@ +# vim:expandtab: +local helmapp = import "../_templates/argo_helm_app.template"; + +[ +helmapp + { + name:: "ingress-nginx", + repo:: "https://kubernetes.github.io/ingress-nginx", + version:: "4.0.19", + values:: ||| + controller: + image: + pullPolicy: Always + service: + externalTrafficPolicy: Local + metrics: + enabled: true + serviceMonitor: + enabled: true + additionalLabels: + release: prometheus-grafana # same as prometheus-community chart name + ||| +} +] diff --git a/k8s-manifests/ingress-nginx.yml b/k8s-manifests/ingress-nginx.yml deleted file mode 100644 index edf5e01..0000000 --- a/k8s-manifests/ingress-nginx.yml +++ /dev/null @@ -1,34 +0,0 @@ ---- -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: ingress-nginx - namespace: argocd -spec: - project: baseline - destination: - server: https://kubernetes.default.svc - namespace: ingress-nginx - syncPolicy: - automated: - selfHeal: true - prune: true - syncOptions: - - CreateNamespace=true - source: - repoURL: https://kubernetes.github.io/ingress-nginx - chart: ingress-nginx - targetRevision: 4.0.19 - helm: - values: | - controller: - image: - pullPolicy: Always - service: - externalTrafficPolicy: Local - metrics: - enabled: true - serviceMonitor: - enabled: true - additionalLabels: - release: prometheus-grafana # same as prometheus-community chart name diff --git a/k8s-manifests/keel.jsonnet b/k8s-manifests/keel.jsonnet new file mode 100644 index 0000000..2d4c741 --- /dev/null +++ b/k8s-manifests/keel.jsonnet @@ -0,0 +1,14 @@ +# vim:expandtab: +local helmapp = import "../_templates/argo_helm_app.template"; + +[ +helmapp + { + name:: "keel", + repo:: "https://charts.keel.sh", + version:: "0.9.10", + values:: ||| + helmProvider: + enabled: false + ||| +} +] diff --git a/k8s-manifests/keel.yml b/k8s-manifests/keel.yml deleted file mode 100644 index 6a0f1ca..0000000 --- a/k8s-manifests/keel.yml +++ /dev/null @@ -1,25 +0,0 @@ ---- -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: keel - namespace: argocd -spec: - project: baseline - destination: - server: https://kubernetes.default.svc - namespace: keel - syncPolicy: - automated: - selfHeal: true - prune: true - syncOptions: - - CreateNamespace=true - source: - repoURL: https://charts.keel.sh - chart: keel - targetRevision: 0.9.10 - helm: - values: | - helmProvider: - enabled: false diff --git a/k8s-manifests/monitoring/loki-stack.jsonnet b/k8s-manifests/monitoring/loki-stack.jsonnet new file mode 100644 index 0000000..f83eb2f --- /dev/null +++ b/k8s-manifests/monitoring/loki-stack.jsonnet @@ -0,0 +1,37 @@ +# vim:expandtab: +local helmapp = import "../../_templates/argo_helm_app.template"; + +[ +helmapp + { + name:: "loki", + namespace:: "metrics", + repo:: "https://grafana.github.io/helm-charts", + chart:: "loki-stack", + version:: "2.6.1", + values:: ||| + promtail: + extraScrapeConfigs: + - job_name: journal + journal: + path: /var/log/journal + max_age: 12h + labels: + job: systemd-journal + relabel_configs: + - source_labels: + - '__journal__systemd_unit' + target_label: 'unit' + - source_labels: + - '__journal__hostname' + target_label: 'hostname' + extraVolumes: + - name: journal + hostPath: + path: /var/log/journal + extraVolumeMounts: + - name: journal + mountPath: /var/log/journal + readOnly: true + ||| +} +] diff --git a/k8s-manifests/monitoring/loki-stack.yml b/k8s-manifests/monitoring/loki-stack.yml deleted file mode 100644 index d0b27f4..0000000 --- a/k8s-manifests/monitoring/loki-stack.yml +++ /dev/null @@ -1,46 +0,0 @@ ---- -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: loki - namespace: argocd -spec: - project: baseline - destination: - server: https://kubernetes.default.svc - namespace: metrics - syncPolicy: - automated: - selfHeal: true - prune: true - syncOptions: - - CreateNamespace=true - source: - repoURL: https://grafana.github.io/helm-charts - chart: loki-stack - targetRevision: 2.6.1 - helm: - values: | - promtail: - extraScrapeConfigs: - - job_name: journal - journal: - path: /var/log/journal - max_age: 12h - labels: - job: systemd-journal - relabel_configs: - - source_labels: - - '__journal__systemd_unit' - target_label: 'unit' - - source_labels: - - '__journal__hostname' - target_label: 'hostname' - extraVolumes: - - name: journal - hostPath: - path: /var/log/journal - extraVolumeMounts: - - name: journal - mountPath: /var/log/journal - readOnly: true diff --git a/k8s-manifests/monitoring/prometheus-stack-crds.yml b/k8s-manifests/monitoring/prometheus-stack-crds.yml deleted file mode 100644 index 32f9eb9..0000000 --- a/k8s-manifests/monitoring/prometheus-stack-crds.yml +++ /dev/null @@ -1,25 +0,0 @@ -# https://github.com/prometheus-operator/prometheus-operator/issues/4439#issuecomment-1030198014 ---- -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: prometheus-crds - namespace: argocd -spec: - project: baseline - destination: - server: https://kubernetes.default.svc - namespace: metrics - syncPolicy: - automated: - selfHeal: true - prune: true - syncOptions: - - CreateNamespace=true - - Replace=true - source: - repoURL: https://github.com/prometheus-community/helm-charts.git - path: charts/kube-prometheus-stack/crds/ - targetRevision: kube-prometheus-stack-34.6.0 - directory: - recurse: true diff --git a/k8s-manifests/monitoring/prometheus-stack.yml b/k8s-manifests/monitoring/prometheus-stack.yml deleted file mode 100644 index bf8d83a..0000000 --- a/k8s-manifests/monitoring/prometheus-stack.yml +++ /dev/null @@ -1,62 +0,0 @@ ---- -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: prometheus-grafana - namespace: argocd -spec: - project: baseline - destination: - server: https://kubernetes.default.svc - namespace: metrics - syncPolicy: - automated: - selfHeal: true - prune: true - syncOptions: - - CreateNamespace=true - source: - repoURL: https://prometheus-community.github.io/helm-charts - chart: kube-prometheus-stack - targetRevision: 34.6.0 - helm: - skipCrds: true - values: | - kubeProxy: - enabled: false - kubeScheduler: - enabled: false - kubeControllerManager: - enabled: false - alertmanager: - config: - global: - resolve_timeout: 5m - route: - group_by: ['alertname', 'cluster'] - group_wait: 30s - group_interval: 5m - repeat_interval: 12h - receiver: 'pushover' - routes: - - receiver: 'null' - matchers: - - alertname="Watchdog" - - receiver: 'null' - matchers: - - alertname="InfoInhibitor" - receivers: - - name: 'null' - - name: 'pushover' - pushover_configs: - - user_key: x9PipXt1zGOU31OJH9Osv18BFrlRhw - token: aqvce1uukerhxhayxdq85wgtdh2c5r - prometheus: - prometheusSpec: - storageSpec: - volumeClaimTemplate: - spec: - accessModes: ["ReadWriteOnce"] - resources: - requests: - storage: 10Gi diff --git a/k8s-manifests/monitoring/grafana-ressources/nginx-dashboard.yml b/k8s-manifests/monitoring/prometheus/grafana-ressources/nginx-dashboard.yml similarity index 100% rename from k8s-manifests/monitoring/grafana-ressources/nginx-dashboard.yml rename to k8s-manifests/monitoring/prometheus/grafana-ressources/nginx-dashboard.yml diff --git a/k8s-manifests/monitoring/prometheus/prometheus-stack-crds.jsonnet b/k8s-manifests/monitoring/prometheus/prometheus-stack-crds.jsonnet new file mode 100644 index 0000000..43ed411 --- /dev/null +++ b/k8s-manifests/monitoring/prometheus/prometheus-stack-crds.jsonnet @@ -0,0 +1,14 @@ +# vim:expandtab: +local argoapp = import "../../../_templates/argo_app.template"; +local vars = import "prometheus_vars"; + +[ +argoapp + { + name:: "prometheus-crds", + namespace:: vars.namespace, + repo:: "https://github.com/prometheus-community/helm-charts.git", + path:: "charts/kube-prometheus-stack/crds/", + version:: "kube-prometheus-stack-" + vars.version, + syncOptions:: ["CreateNamespace=true", "Replace=true"] +} +] diff --git a/k8s-manifests/monitoring/prometheus/prometheus-stack.jsonnet b/k8s-manifests/monitoring/prometheus/prometheus-stack.jsonnet new file mode 100644 index 0000000..9118eba --- /dev/null +++ b/k8s-manifests/monitoring/prometheus/prometheus-stack.jsonnet @@ -0,0 +1,54 @@ +# vim:expandtab: +local helmapp = import "../../../_templates/argo_helm_app.template"; +local vars = import "prometheus_vars"; + +[ +helmapp + { + name:: "prometheus-grafana", + namespace: vars.namespace, + repo:: "https://prometheus-community.github.io/helm-charts", + chart:: "kube-prometheus-stack", + version:: vars.version, + skipCrds:: true, + values:: ||| + kubeProxy: + enabled: false + kubeScheduler: + enabled: false + kubeControllerManager: + enabled: false + alertmanager: + config: + global: + resolve_timeout: 5m + route: + group_by: ['alertname', 'cluster'] + group_wait: 30s + group_interval: 5m + repeat_interval: 12h + receiver: 'pushover' + routes: + - receiver: 'null' + matchers: + - alertname="Watchdog" + - receiver: 'null' + matchers: + - alertname="InfoInhibitor" + receivers: + - name: 'null' + - name: 'pushover' + pushover_configs: + - user_key: x9PipXt1zGOU31OJH9Osv18BFrlRhw + token: aqvce1uukerhxhayxdq85wgtdh2c5r + prometheus: + prometheusSpec: + storageSpec: + volumeClaimTemplate: + spec: + accessModes: ["ReadWriteOnce"] + resources: + requests: + storage: 10Gi + ||| +} +] diff --git a/k8s-manifests/monitoring/prometheus/prometheus_vars b/k8s-manifests/monitoring/prometheus/prometheus_vars new file mode 100644 index 0000000..48375d0 --- /dev/null +++ b/k8s-manifests/monitoring/prometheus/prometheus_vars @@ -0,0 +1,4 @@ +{ + "version": "34.6.0", + "namespace": "metrics" +} diff --git a/k8s-manifests/reloader.jsonnet b/k8s-manifests/reloader.jsonnet new file mode 100644 index 0000000..01fc9fb --- /dev/null +++ b/k8s-manifests/reloader.jsonnet @@ -0,0 +1,10 @@ +# vim:expandtab: +local helmapp = import "../_templates/argo_helm_app.template"; + +[ +helmapp + { + name:: "reloader", + repo:: "https://stakater.github.io/stakater-charts", + version:: "v0.0.110" +} +] diff --git a/k8s-manifests/reloader.yml b/k8s-manifests/reloader.yml deleted file mode 100644 index d91654e..0000000 --- a/k8s-manifests/reloader.yml +++ /dev/null @@ -1,21 +0,0 @@ ---- -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: reloader - namespace: argocd -spec: - project: baseline - destination: - server: https://kubernetes.default.svc - namespace: reloader - syncPolicy: - automated: - selfHeal: true - prune: true - syncOptions: - - CreateNamespace=true - source: - repoURL: https://stakater.github.io/stakater-charts - chart: reloader - targetRevision: v0.0.110