diff options
Diffstat (limited to 'vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager')
10 files changed, 321 insertions, 0 deletions
diff --git a/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/alertmanager.yaml b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/alertmanager.yaml new file mode 100644 index 00000000..24f93847 --- /dev/null +++ b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/alertmanager.yaml @@ -0,0 +1,100 @@ +{{- if .Values.alertmanager.enabled }} +apiVersion: {{ printf "%s/v1" (.Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com") }} +kind: Alertmanager +metadata: + name: {{ template "prometheus-operator.fullname" . }}-alertmanager + labels: + app: {{ template "prometheus-operator.name" . }}-alertmanager +{{ include "prometheus-operator.labels" . | indent 4 }} +spec: +{{- if .Values.alertmanager.alertmanagerSpec.image }} + baseImage: {{ .Values.alertmanager.alertmanagerSpec.image.repository }} + version: {{ .Values.alertmanager.alertmanagerSpec.image.tag }} +{{- end }} + replicas: {{ .Values.alertmanager.alertmanagerSpec.replicas }} + listenLocal: {{ .Values.alertmanager.alertmanagerSpec.listenLocal }} + serviceAccountName: {{ template "prometheus-operator.alertmanager.serviceAccountName" . }} +{{- if .Values.alertmanager.alertmanagerSpec.externalUrl }} + externalUrl: "{{ .Values.alertmanager.alertmanagerSpec.externalUrl }}" +{{- end }} +{{- if .Values.alertmanager.alertmanagerSpec.externalUrl }} + externalUrl: "{{ .Values.alertmanager.alertmanagerSpec.externalUrl }}" +{{- else if .Values.alertmanager.ingress.enabled }} + externalUrl: "http://{{ index .Values.alertmanager.ingress.hosts 0 }}{{ .Values.alertmanager.alertmanagerSpec.routePrefix }}" +{{- else }} + externalUrl: http://{{ template "prometheus-operator.fullname" . }}-alertmanager.{{ .Release.Namespace }}:9093 +{{- end }} +{{- if .Values.alertmanager.alertmanagerSpec.nodeSelector }} + nodeSelector: +{{ toYaml .Values.alertmanager.alertmanagerSpec.nodeSelector | indent 4 }} +{{- end }} + paused: {{ .Values.alertmanager.alertmanagerSpec.paused }} + logLevel: {{ .Values.alertmanager.alertmanagerSpec.logLevel | quote }} + retention: {{ .Values.alertmanager.alertmanagerSpec.retention | quote }} +{{- if .Values.alertmanager.alertmanagerSpec.secrets }} + secrets: +{{ toYaml .Values.alertmanager.alertmanagerSpec.secrets | indent 4 }} +{{- end }} +{{- if .Values.alertmanager.alertmanagerSpec.configMaps }} + configMaps: +{{ toYaml .Values.alertmanager.alertmanagerSpec.configMaps | indent 4 }} +{{- end }} +{{- if .Values.alertmanager.alertmanagerSpec.resources }} + resources: +{{ toYaml .Values.alertmanager.alertmanagerSpec.resources | indent 4 }} +{{- end }} +{{- if .Values.alertmanager.alertmanagerSpec.routePrefix }} + routePrefix: "{{ .Values.alertmanager.alertmanagerSpec.routePrefix }}" +{{- end }} +{{- if .Values.alertmanager.alertmanagerSpec.securityContext }} + securityContext: +{{ toYaml .Values.alertmanager.alertmanagerSpec.securityContext | indent 4 }} +{{- end }} +{{- if .Values.alertmanager.alertmanagerSpec.storage }} + storage: +{{ toYaml .Values.alertmanager.alertmanagerSpec.storage | indent 4 }} +{{- end }} +{{- if .Values.alertmanager.alertmanagerSpec.podMetadata }} + podMetadata: +{{ toYaml .Values.alertmanager.alertmanagerSpec.podMetadata | indent 4 }} +{{- end }} +{{- if eq .Values.alertmanager.alertmanagerSpec.podAntiAffinity "hard" }} + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - topologyKey: {{ .Values.alertmanager.alertmanagerSpec.podAntiAffinityTopologyKey }} + labelSelector: + matchLabels: + app: alertmanager + alertmanager: {{ template "prometheus-operator.fullname" . }}-alertmanager +{{- else if eq .Values.alertmanager.alertmanagerSpec.podAntiAffinity "soft" }} + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + topologyKey: {{ .Values.alertmanager.alertmanagerSpec.podAntiAffinityTopologyKey }} + labelSelector: + matchLabels: + app: alertmanager + alertmanager: {{ template "prometheus-operator.fullname" . }}-alertmanager +{{- end }} +{{- if .Values.alertmanager.alertmanagerSpec.tolerations }} + tolerations: +{{ toYaml .Values.alertmanager.alertmanagerSpec.tolerations | indent 4 }} +{{- end }} +{{- if .Values.global.imagePullSecrets }} + imagePullSecrets: +{{ toYaml .Values.global.imagePullSecrets | indent 4 }} +{{- end }} +{{- if .Values.alertmanager.alertmanagerSpec.containers }} + containers: +{{ toYaml .Values.alertmanager.alertmanagerSpec.containers | indent 4 }} +{{- end }} +{{- if .Values.alertmanager.alertmanagerSpec.priorityClassName }} + priorityClassName: {{.Values.alertmanager.alertmanagerSpec.priorityClassName }} +{{- end }} +{{- if .Values.alertmanager.alertmanagerSpec.additionalPeers }} + additionalPeers: {{.Values.alertmanager.alertmanagerSpec.additionalPeers }} +{{- end }} +{{- end }} diff --git a/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/ingress.yaml b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/ingress.yaml new file mode 100644 index 00000000..fd657f71 --- /dev/null +++ b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/ingress.yaml @@ -0,0 +1,33 @@ +{{- if and .Values.alertmanager.enabled .Values.alertmanager.ingress.enabled }} +{{- $routePrefix := .Values.alertmanager.alertmanagerSpec.routePrefix }} +{{- $serviceName := printf "%s-%s" (include "prometheus-operator.fullname" .) "alertmanager" }} +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: {{ $serviceName }} +{{- if .Values.alertmanager.ingress.annotations }} + annotations: +{{ toYaml .Values.alertmanager.ingress.annotations | indent 4 }} +{{- end }} + labels: + app: {{ template "prometheus-operator.name" . }}-alertmanager +{{- if .Values.alertmanager.ingress.labels }} +{{ toYaml .Values.alertmanager.ingress.labels | indent 4 }} +{{- end }} +{{ include "prometheus-operator.labels" . | indent 4 }} +spec: + rules: + {{- range $host := .Values.alertmanager.ingress.hosts }} + - host: {{ . }} + http: + paths: + - path: "{{ $routePrefix }}" + backend: + serviceName: {{ $serviceName }} + servicePort: 9093 + {{- end }} +{{- if .Values.alertmanager.ingress.tls }} + tls: +{{ toYaml .Values.alertmanager.ingress.tls | indent 4 }} +{{- end }} +{{- end }}
\ No newline at end of file diff --git a/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/podDisruptionBudget.yaml b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/podDisruptionBudget.yaml new file mode 100644 index 00000000..f240fe76 --- /dev/null +++ b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/podDisruptionBudget.yaml @@ -0,0 +1,20 @@ +{{- if and .Values.alertmanager.enabled .Values.alertmanager.podDisruptionBudget.enabled }} +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + name: {{ template "prometheus-operator.fullname" . }}-alertmanager + labels: + app: {{ template "prometheus-operator.name" . }}-alertmanager +{{ include "prometheus-operator.labels" . | indent 4 }} +spec: + {{- if .Values.alertmanager.podDisruptionBudget.minAvailable }} + minAvailable: {{ .Values.alertmanager.podDisruptionBudget.minAvailable }} + {{- end }} + {{- if .Values.alertmanager.podDisruptionBudget.maxUnavailable }} + maxUnavailable: {{ .Values.alertmanager.podDisruptionBudget.maxUnavailable }} + {{- end }} + selector: + matchLabels: + app: alertmanager + alertmanager: {{ template "prometheus-operator.fullname" . }}-alertmanager +{{- end }}
\ No newline at end of file diff --git a/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/psp-clusterrole.yaml b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/psp-clusterrole.yaml new file mode 100644 index 00000000..e83d8bc7 --- /dev/null +++ b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/psp-clusterrole.yaml @@ -0,0 +1,15 @@ +{{- if and .Values.alertmanager.enabled .Values.global.rbac.create .Values.global.rbac.pspEnabled }} +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ template "prometheus-operator.fullname" . }}-alertmanager + labels: + app: {{ template "prometheus-operator.name" . }}-alertmanager +{{ include "prometheus-operator.labels" . | indent 4 }} +rules: +- apiGroups: ['extensions'] + resources: ['podsecuritypolicies'] + verbs: ['use'] + resourceNames: + - {{ template "prometheus-operator.fullname" . }}-alertmanager +{{- end }} diff --git a/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/psp-clusterrolebinding.yaml b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/psp-clusterrolebinding.yaml new file mode 100644 index 00000000..e1d06ab4 --- /dev/null +++ b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/psp-clusterrolebinding.yaml @@ -0,0 +1,17 @@ +{{- if and .Values.alertmanager.enabled .Values.global.rbac.create .Values.global.rbac.pspEnabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "prometheus-operator.fullname" . }}-alertmanager + labels: + app: {{ template "prometheus-operator.name" . }}-alertmanager +{{ include "prometheus-operator.labels" . | indent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "prometheus-operator.fullname" . }}-alertmanager +subjects: + - kind: ServiceAccount + name: {{ template "prometheus-operator.alertmanager.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/psp.yaml b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/psp.yaml new file mode 100644 index 00000000..01eda240 --- /dev/null +++ b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/psp.yaml @@ -0,0 +1,48 @@ +{{- if and .Values.alertmanager.enabled .Values.global.rbac.create .Values.global.rbac.pspEnabled }} +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: {{ template "prometheus-operator.fullname" . }}-alertmanager + labels: + app: {{ template "prometheus-operator.name" . }}-alertmanager +{{ include "prometheus-operator.labels" . | indent 4 }} +spec: + privileged: false + # Required to prevent escalations to root. + # allowPrivilegeEscalation: false + # This is redundant with non-root + disallow privilege escalation, + # but we can provide it for defense in depth. + #requiredDropCapabilities: + # - ALL + # Allow core volume types. + volumes: + - 'configMap' + - 'emptyDir' + - 'projected' + - 'secret' + - 'downwardAPI' + - 'persistentVolumeClaim' + hostNetwork: false + hostIPC: false + hostPID: false + runAsUser: + # Permits the container to run with root privileges as well. + rule: 'RunAsAny' + seLinux: + # This policy assumes the nodes are using AppArmor rather than SELinux. + rule: 'RunAsAny' + supplementalGroups: + rule: 'MustRunAs' + ranges: + # Forbid adding the root group. + - min: 0 + max: 65535 + fsGroup: + rule: 'MustRunAs' + ranges: + # Forbid adding the root group. + - min: 0 + max: 65535 + readOnlyRootFilesystem: false +{{- end }} + diff --git a/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/secret.yaml b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/secret.yaml new file mode 100644 index 00000000..e73c465f --- /dev/null +++ b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/secret.yaml @@ -0,0 +1,14 @@ +{{- if and .Values.alertmanager.enabled }} +apiVersion: v1 +kind: Secret +metadata: + name: alertmanager-{{ template "prometheus-operator.fullname" . }}-alertmanager + labels: + app: {{ template "prometheus-operator.name" . }}-alertmanager +{{ include "prometheus-operator.labels" . | indent 4 }} +data: + alertmanager.yaml: {{ toYaml .Values.alertmanager.config | b64enc | quote }} +{{- range $key, $val := .Values.alertmanager.templateFiles }} + {{ $key }}: {{ $val | b64enc | quote }} +{{- end }} +{{- end }}
\ No newline at end of file diff --git a/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/service.yaml b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/service.yaml new file mode 100644 index 00000000..d10bf745 --- /dev/null +++ b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/service.yaml @@ -0,0 +1,42 @@ +{{- if .Values.alertmanager.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "prometheus-operator.fullname" . }}-alertmanager + labels: + app: {{ template "prometheus-operator.name" . }}-alertmanager +{{ include "prometheus-operator.labels" . | indent 4 }} +{{- if .Values.alertmanager.service.annotations }} + annotations: +{{ toYaml .Values.alertmanager.service.annotations | indent 4 }} +{{- end }} +spec: +{{- if .Values.alertmanager.service.clusterIP }} + clusterIP: {{ .Values.alertmanager.service.clusterIP }} +{{- end }} +{{- if .Values.alertmanager.service.externalIPs }} + externalIPs: +{{ toYaml .Values.alertmanager.service.externalIPs | indent 4 }} +{{- end }} +{{- if .Values.alertmanager.service.loadBalancerIP }} + loadBalancerIP: {{ .Values.alertmanager.service.loadBalancerIP }} +{{- end }} +{{- if .Values.alertmanager.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: + {{- range $cidr := .Values.alertmanager.service.loadBalancerSourceRanges }} + - {{ $cidr }} + {{- end }} +{{- end }} + ports: + - name: web + {{- if eq .Values.alertmanager.service.type "NodePort" }} + nodePort: {{ .Values.alertmanager.service.nodePort }} + {{- end }} + port: 9093 + targetPort: 9093 + protocol: TCP + selector: + app: alertmanager + alertmanager: {{ template "prometheus-operator.fullname" . }}-alertmanager + type: "{{ .Values.alertmanager.service.type }}" +{{- end }} diff --git a/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/serviceaccount.yaml b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/serviceaccount.yaml new file mode 100644 index 00000000..bbed0287 --- /dev/null +++ b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/serviceaccount.yaml @@ -0,0 +1,11 @@ +{{- if and .Values.alertmanager.enabled .Values.global.rbac.create .Values.alertmanager.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "prometheus-operator.alertmanager.serviceAccountName" . }} + labels: + app: {{ template "prometheus-operator.name" . }}-alertmanager +{{ include "prometheus-operator.labels" . | indent 4 }} +imagePullSecrets: +{{ toYaml .Values.global.imagePullSecrets | indent 2 }} +{{- end }} diff --git a/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/servicemonitor.yaml b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/servicemonitor.yaml new file mode 100644 index 00000000..5c8cab90 --- /dev/null +++ b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/servicemonitor.yaml @@ -0,0 +1,21 @@ +{{- if and .Values.alertmanager.enabled .Values.alertmanager.serviceMonitor.selfMonitor }} +apiVersion: {{ printf "%s/v1" (.Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com") }} +kind: ServiceMonitor +metadata: + name: {{ template "prometheus-operator.fullname" . }}-alertmanager + labels: + app: {{ template "prometheus-operator.name" . }}-alertmanager +{{ include "prometheus-operator.labels" . | indent 4 }} +spec: + selector: + matchLabels: + app: {{ template "prometheus-operator.name" . }}-alertmanager + release: {{ .Release.Name | quote }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace | quote }} + endpoints: + - port: web + interval: 30s + path: "{{ trimSuffix "/" .Values.alertmanager.alertmanagerSpec.routePrefix }}/metrics" +{{- end }} |