Skip to content

Commit

Permalink
Port reasonable default values from SCS k8s-observability project
Browse files Browse the repository at this point in the history
Signed-off-by: Roman Hros <roman.hros@dnation.cloud>
  • Loading branch information
chess-knight committed Feb 14, 2024
1 parent 5d56eb5 commit c88ce29
Show file tree
Hide file tree
Showing 3 changed files with 93 additions and 7 deletions.
33 changes: 29 additions & 4 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,9 @@ Prerequisites
* For production environment we recommend (based on our experience) a kubernetes cluster with at least 2 worker nodes and 4 GiB RAM per node or more.


dNation Kubernetes Monitoring Stack umbrella chart is hosted in the [dNation helm repository](https://artifacthub.io/packages/search?repo=dnationcloud). By default, dNation Kubernetes Monitoring Stack installs Prometheus with Thanos sidecar and Thanos Query. For more details check [Multicluster monitoring support](#multicluster-monitoring-support) section.
dNation Kubernetes Monitoring Stack umbrella chart is hosted in the [dNation helm repository](https://artifacthub.io/packages/search?repo=dnationcloud). By default, dNation Kubernetes Monitoring Stack installs Prometheus with Thanos sidecar and Thanos Query.
Thanos components are tuned according to [SCS Thanos tuning](https://github.com/SovereignCloudStack/k8s-observability/blob/main/docs/thanos-tuning.md).
For more details check [Multicluster monitoring support](#multicluster-monitoring-support) section.
```bash
# Add dNation helm repository
helm repo add dnationcloud https://dnationcloud.github.io/helm-hub/
Expand Down Expand Up @@ -119,7 +121,9 @@ kube-prometheus-stack:
hosts:
- <grafana-endpoint>

thanos.query.stores: []
thanos:
query:
stores: []
```
- `thanosStorage.config` field contains configuration of object storage used by thanos components in the observer cluster. More info can be found here: https://thanos.io/tip/thanos/storage.md/
Expand Down Expand Up @@ -193,8 +197,10 @@ kube-prometheus-stack:
hosts:
- <grafana-endpoint>
thanos.query.stores:
- dnssrv+_http-[envoy-name]._tcp.thanos-query-envoy.[namespace].svc.cluster.local
thanos:
query:
stores:
- dnssrv+_http-[envoy-name]._tcp.thanos-query-envoy.[namespace].svc.cluster.local
```

Thanos sidecar in workload clusters is published with an Ingress object with TLS client auth. To trust the observer cluster CA you need to create following two secerets:
Expand Down Expand Up @@ -316,6 +322,25 @@ ssl-exporter:
More information about configuration is in the [helmchart repo](https://github.com/dNationCloud/ssl-exporter)
and [ribbybibby/ssl_exporter](https://github.com/ribbybibby/ssl_exporter) repo.

# Prometheus Blackbox Exporter
Our monitoring stack contains a helmchart for
[prometheus-blackbox-exporter](https://github.com/prometheus-community/helm-charts/tree/main/charts/prometheus-blackbox-exporter)
as an optional component
## Configuration
Enable prometheus-blackbox-exporter by adding `--set prometheus-blackbox-exporter.enabled=true` flag to the `helm` command, or enable it in values file.
You can further configure prometheus-blackbox-exporter with values file, e.g.:
```yaml
prometheus-blackbox-exporter:
enabled: true
serviceMonitor:
targets:
- name: dnation-cloud
url: https://dnation.cloud/
# enable also dashboards
dnation-kubernetes-monitoring:
blackboxMonitoring:
enabled: true
```

# Contribution guidelines
If you want to contribute, please read following:
Expand Down
11 changes: 8 additions & 3 deletions chart/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,8 +15,8 @@

apiVersion: v2
name: dnation-kubernetes-monitoring-stack
version: 3.4.5
appVersion: 2.6.3 # dnation-kubernetes-monitoring
version: 3.5.0
appVersion: 2.7.0 # dnation-kubernetes-monitoring
description: An umbrella helm chart for Kubernetes monitoring based on kube-prometheus-stack, thanos, loki, loki-distributed, promtail and dnation-kubernetes-monitoring.
keywords:
- dnation
Expand All @@ -28,6 +28,7 @@ keywords:
- loki
- thanos
- ssl-exporter
- blackbox-exporter
home: https://dnation.cloud
sources:
- https://github.com/dNationCloud/kubernetes-monitoring-stack
Expand All @@ -53,13 +54,17 @@ dependencies:
repository: https://grafana.github.io/helm-charts
condition: promtail.enabled
- name: dnation-kubernetes-monitoring
version: "2.6.*"
version: "2.7.*"
repository: https://dnationcloud.github.io/helm-hub
condition: dnation-kubernetes-monitoring.enabled
- name: ssl-exporter
version: "1.2.*"
repository: https://dnationcloud.github.io/helm-hub
condition: ssl-exporter.enabled
- name: prometheus-blackbox-exporter
version: "8.10.*"
repository: https://prometheus-community.github.io/helm-charts
condition: prometheus-blackbox-exporter.enabled
icon: https://cdn.ifne.eu/public/icons/dnation_k8sm8g.png
maintainers:
- name: dNation
Expand Down
56 changes: 56 additions & 0 deletions chart/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -51,18 +51,74 @@ ssl-exporter:
# # Included in default values of ssl-exporter helm chart
# - /etc/kubernetes/admin.conf

## Deploy a prometheus-blackbox-exporter
## ref: https://github.com/prometheus-community/helm-charts/tree/main/charts/prometheus-blackbox-exporter
##
prometheus-blackbox-exporter:
enabled: false
releaseLabel: true
prometheusRule:
enabled: true
additionalLabels:
prometheus_rule: '1'
rules:
- alert: BlackboxProbeFailed
expr: 'probe_success == 0'
for: 5m
labels:
severity: critical
annotations:
message: 'Blackbox probe on target: {{ $labels.target }} failed'
- alert: BlackboxSlowProbe
expr: 'avg_over_time(probe_duration_seconds[1m]) > 5'
for: 5m
labels:
severity: warning
annotations:
message: 'Blackbox probe on target: {{ $labels.target }} took more than 5s to complete, probe time = {{ $value }}'
- alert: BlackboxSslCertificateWillExpireSoon
expr: 'round((probe_ssl_earliest_cert_expiry - time()) / 86400, 0.1) < 30'
for: 5m
labels:
severity: warning
annotations:
message: 'SSL certificate expires in {{ $value }} days'
serviceMonitor:
enabled: true
# targets:
# - name: dnation-cloud
# url: https://dnation.cloud/

thanos:
enabled: true
queryFrontend:
enabled: false
extraFlags:
- --query-range.split-interval=12h
- --query-frontend.log-queries-longer-than=10s
- --query-frontend.compress-responses
- |-
--query-range.response-cache-config="config":
"max_size": "500MB"
"max_size_items": 0
"validity": 0s
"type": "in-memory"
query:
extraFlags:
- --query.auto-downsampling
dnsDiscovery:
sidecarsService: kube-prometheus-thanos-discovery
sidecarsNamespace: "{{ .Release.Namespace }}"
bucketweb:
enabled: false
compactor:
enabled: false
retentionResolutionRaw: 2d
retentionResolution5m: 10d
retentionResolution1h: 15d
extraFlags:
- --compact.concurrency=3
- --downsample.concurrency=3
storegateway:
enabled: false
ruler:
Expand Down

0 comments on commit c88ce29

Please sign in to comment.