aboutsummaryrefslogtreecommitdiffstats
path: root/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager
diff options
context:
space:
mode:
Diffstat (limited to 'vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager')
-rw-r--r--vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/alertmanager.yaml100
-rw-r--r--vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/ingress.yaml33
-rw-r--r--vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/podDisruptionBudget.yaml20
-rw-r--r--vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/psp-clusterrole.yaml15
-rw-r--r--vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/psp-clusterrolebinding.yaml17
-rw-r--r--vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/psp.yaml48
-rw-r--r--vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/secret.yaml14
-rw-r--r--vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/service.yaml42
-rw-r--r--vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/serviceaccount.yaml11
-rw-r--r--vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/servicemonitor.yaml21
10 files changed, 321 insertions, 0 deletions
diff --git a/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/alertmanager.yaml b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/alertmanager.yaml
new file mode 100644
index 00000000..24f93847
--- /dev/null
+++ b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/alertmanager.yaml
@@ -0,0 +1,100 @@
+{{- if .Values.alertmanager.enabled }}
+apiVersion: {{ printf "%s/v1" (.Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com") }}
+kind: Alertmanager
+metadata:
+ name: {{ template "prometheus-operator.fullname" . }}-alertmanager
+ labels:
+ app: {{ template "prometheus-operator.name" . }}-alertmanager
+{{ include "prometheus-operator.labels" . | indent 4 }}
+spec:
+{{- if .Values.alertmanager.alertmanagerSpec.image }}
+ baseImage: {{ .Values.alertmanager.alertmanagerSpec.image.repository }}
+ version: {{ .Values.alertmanager.alertmanagerSpec.image.tag }}
+{{- end }}
+ replicas: {{ .Values.alertmanager.alertmanagerSpec.replicas }}
+ listenLocal: {{ .Values.alertmanager.alertmanagerSpec.listenLocal }}
+ serviceAccountName: {{ template "prometheus-operator.alertmanager.serviceAccountName" . }}
+{{- if .Values.alertmanager.alertmanagerSpec.externalUrl }}
+ externalUrl: "{{ .Values.alertmanager.alertmanagerSpec.externalUrl }}"
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.externalUrl }}
+ externalUrl: "{{ .Values.alertmanager.alertmanagerSpec.externalUrl }}"
+{{- else if .Values.alertmanager.ingress.enabled }}
+ externalUrl: "http://{{ index .Values.alertmanager.ingress.hosts 0 }}{{ .Values.alertmanager.alertmanagerSpec.routePrefix }}"
+{{- else }}
+ externalUrl: http://{{ template "prometheus-operator.fullname" . }}-alertmanager.{{ .Release.Namespace }}:9093
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.nodeSelector | indent 4 }}
+{{- end }}
+ paused: {{ .Values.alertmanager.alertmanagerSpec.paused }}
+ logLevel: {{ .Values.alertmanager.alertmanagerSpec.logLevel | quote }}
+ retention: {{ .Values.alertmanager.alertmanagerSpec.retention | quote }}
+{{- if .Values.alertmanager.alertmanagerSpec.secrets }}
+ secrets:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.secrets | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.configMaps }}
+ configMaps:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.configMaps | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.resources }}
+ resources:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.resources | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.routePrefix }}
+ routePrefix: "{{ .Values.alertmanager.alertmanagerSpec.routePrefix }}"
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.securityContext }}
+ securityContext:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.securityContext | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.storage }}
+ storage:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.storage | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.podMetadata }}
+ podMetadata:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.podMetadata | indent 4 }}
+{{- end }}
+{{- if eq .Values.alertmanager.alertmanagerSpec.podAntiAffinity "hard" }}
+ affinity:
+ podAntiAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ - topologyKey: {{ .Values.alertmanager.alertmanagerSpec.podAntiAffinityTopologyKey }}
+ labelSelector:
+ matchLabels:
+ app: alertmanager
+ alertmanager: {{ template "prometheus-operator.fullname" . }}-alertmanager
+{{- else if eq .Values.alertmanager.alertmanagerSpec.podAntiAffinity "soft" }}
+ affinity:
+ podAntiAffinity:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ - weight: 100
+ podAffinityTerm:
+ topologyKey: {{ .Values.alertmanager.alertmanagerSpec.podAntiAffinityTopologyKey }}
+ labelSelector:
+ matchLabels:
+ app: alertmanager
+ alertmanager: {{ template "prometheus-operator.fullname" . }}-alertmanager
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.tolerations }}
+ tolerations:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.tolerations | indent 4 }}
+{{- end }}
+{{- if .Values.global.imagePullSecrets }}
+ imagePullSecrets:
+{{ toYaml .Values.global.imagePullSecrets | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.containers }}
+ containers:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.containers | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.priorityClassName }}
+ priorityClassName: {{.Values.alertmanager.alertmanagerSpec.priorityClassName }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.additionalPeers }}
+ additionalPeers: {{.Values.alertmanager.alertmanagerSpec.additionalPeers }}
+{{- end }}
+{{- end }}
diff --git a/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/ingress.yaml b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/ingress.yaml
new file mode 100644
index 00000000..fd657f71
--- /dev/null
+++ b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/ingress.yaml
@@ -0,0 +1,33 @@
+{{- if and .Values.alertmanager.enabled .Values.alertmanager.ingress.enabled }}
+{{- $routePrefix := .Values.alertmanager.alertmanagerSpec.routePrefix }}
+{{- $serviceName := printf "%s-%s" (include "prometheus-operator.fullname" .) "alertmanager" }}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+ name: {{ $serviceName }}
+{{- if .Values.alertmanager.ingress.annotations }}
+ annotations:
+{{ toYaml .Values.alertmanager.ingress.annotations | indent 4 }}
+{{- end }}
+ labels:
+ app: {{ template "prometheus-operator.name" . }}-alertmanager
+{{- if .Values.alertmanager.ingress.labels }}
+{{ toYaml .Values.alertmanager.ingress.labels | indent 4 }}
+{{- end }}
+{{ include "prometheus-operator.labels" . | indent 4 }}
+spec:
+ rules:
+ {{- range $host := .Values.alertmanager.ingress.hosts }}
+ - host: {{ . }}
+ http:
+ paths:
+ - path: "{{ $routePrefix }}"
+ backend:
+ serviceName: {{ $serviceName }}
+ servicePort: 9093
+ {{- end }}
+{{- if .Values.alertmanager.ingress.tls }}
+ tls:
+{{ toYaml .Values.alertmanager.ingress.tls | indent 4 }}
+{{- end }}
+{{- end }} \ No newline at end of file
diff --git a/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/podDisruptionBudget.yaml b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/podDisruptionBudget.yaml
new file mode 100644
index 00000000..f240fe76
--- /dev/null
+++ b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/podDisruptionBudget.yaml
@@ -0,0 +1,20 @@
+{{- if and .Values.alertmanager.enabled .Values.alertmanager.podDisruptionBudget.enabled }}
+apiVersion: policy/v1beta1
+kind: PodDisruptionBudget
+metadata:
+ name: {{ template "prometheus-operator.fullname" . }}-alertmanager
+ labels:
+ app: {{ template "prometheus-operator.name" . }}-alertmanager
+{{ include "prometheus-operator.labels" . | indent 4 }}
+spec:
+ {{- if .Values.alertmanager.podDisruptionBudget.minAvailable }}
+ minAvailable: {{ .Values.alertmanager.podDisruptionBudget.minAvailable }}
+ {{- end }}
+ {{- if .Values.alertmanager.podDisruptionBudget.maxUnavailable }}
+ maxUnavailable: {{ .Values.alertmanager.podDisruptionBudget.maxUnavailable }}
+ {{- end }}
+ selector:
+ matchLabels:
+ app: alertmanager
+ alertmanager: {{ template "prometheus-operator.fullname" . }}-alertmanager
+{{- end }} \ No newline at end of file
diff --git a/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/psp-clusterrole.yaml b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/psp-clusterrole.yaml
new file mode 100644
index 00000000..e83d8bc7
--- /dev/null
+++ b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/psp-clusterrole.yaml
@@ -0,0 +1,15 @@
+{{- if and .Values.alertmanager.enabled .Values.global.rbac.create .Values.global.rbac.pspEnabled }}
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+ name: {{ template "prometheus-operator.fullname" . }}-alertmanager
+ labels:
+ app: {{ template "prometheus-operator.name" . }}-alertmanager
+{{ include "prometheus-operator.labels" . | indent 4 }}
+rules:
+- apiGroups: ['extensions']
+ resources: ['podsecuritypolicies']
+ verbs: ['use']
+ resourceNames:
+ - {{ template "prometheus-operator.fullname" . }}-alertmanager
+{{- end }}
diff --git a/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/psp-clusterrolebinding.yaml b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/psp-clusterrolebinding.yaml
new file mode 100644
index 00000000..e1d06ab4
--- /dev/null
+++ b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/psp-clusterrolebinding.yaml
@@ -0,0 +1,17 @@
+{{- if and .Values.alertmanager.enabled .Values.global.rbac.create .Values.global.rbac.pspEnabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: {{ template "prometheus-operator.fullname" . }}-alertmanager
+ labels:
+ app: {{ template "prometheus-operator.name" . }}-alertmanager
+{{ include "prometheus-operator.labels" . | indent 4 }}
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: {{ template "prometheus-operator.fullname" . }}-alertmanager
+subjects:
+ - kind: ServiceAccount
+ name: {{ template "prometheus-operator.alertmanager.serviceAccountName" . }}
+ namespace: {{ .Release.Namespace }}
+{{- end }}
diff --git a/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/psp.yaml b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/psp.yaml
new file mode 100644
index 00000000..01eda240
--- /dev/null
+++ b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/psp.yaml
@@ -0,0 +1,48 @@
+{{- if and .Values.alertmanager.enabled .Values.global.rbac.create .Values.global.rbac.pspEnabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+ name: {{ template "prometheus-operator.fullname" . }}-alertmanager
+ labels:
+ app: {{ template "prometheus-operator.name" . }}-alertmanager
+{{ include "prometheus-operator.labels" . | indent 4 }}
+spec:
+ privileged: false
+ # Required to prevent escalations to root.
+ # allowPrivilegeEscalation: false
+ # This is redundant with non-root + disallow privilege escalation,
+ # but we can provide it for defense in depth.
+ #requiredDropCapabilities:
+ # - ALL
+ # Allow core volume types.
+ volumes:
+ - 'configMap'
+ - 'emptyDir'
+ - 'projected'
+ - 'secret'
+ - 'downwardAPI'
+ - 'persistentVolumeClaim'
+ hostNetwork: false
+ hostIPC: false
+ hostPID: false
+ runAsUser:
+ # Permits the container to run with root privileges as well.
+ rule: 'RunAsAny'
+ seLinux:
+ # This policy assumes the nodes are using AppArmor rather than SELinux.
+ rule: 'RunAsAny'
+ supplementalGroups:
+ rule: 'MustRunAs'
+ ranges:
+ # Forbid adding the root group.
+ - min: 0
+ max: 65535
+ fsGroup:
+ rule: 'MustRunAs'
+ ranges:
+ # Forbid adding the root group.
+ - min: 0
+ max: 65535
+ readOnlyRootFilesystem: false
+{{- end }}
+
diff --git a/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/secret.yaml b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/secret.yaml
new file mode 100644
index 00000000..e73c465f
--- /dev/null
+++ b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/secret.yaml
@@ -0,0 +1,14 @@
+{{- if and .Values.alertmanager.enabled }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: alertmanager-{{ template "prometheus-operator.fullname" . }}-alertmanager
+ labels:
+ app: {{ template "prometheus-operator.name" . }}-alertmanager
+{{ include "prometheus-operator.labels" . | indent 4 }}
+data:
+ alertmanager.yaml: {{ toYaml .Values.alertmanager.config | b64enc | quote }}
+{{- range $key, $val := .Values.alertmanager.templateFiles }}
+ {{ $key }}: {{ $val | b64enc | quote }}
+{{- end }}
+{{- end }} \ No newline at end of file
diff --git a/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/service.yaml b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/service.yaml
new file mode 100644
index 00000000..d10bf745
--- /dev/null
+++ b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/service.yaml
@@ -0,0 +1,42 @@
+{{- if .Values.alertmanager.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ template "prometheus-operator.fullname" . }}-alertmanager
+ labels:
+ app: {{ template "prometheus-operator.name" . }}-alertmanager
+{{ include "prometheus-operator.labels" . | indent 4 }}
+{{- if .Values.alertmanager.service.annotations }}
+ annotations:
+{{ toYaml .Values.alertmanager.service.annotations | indent 4 }}
+{{- end }}
+spec:
+{{- if .Values.alertmanager.service.clusterIP }}
+ clusterIP: {{ .Values.alertmanager.service.clusterIP }}
+{{- end }}
+{{- if .Values.alertmanager.service.externalIPs }}
+ externalIPs:
+{{ toYaml .Values.alertmanager.service.externalIPs | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.service.loadBalancerIP }}
+ loadBalancerIP: {{ .Values.alertmanager.service.loadBalancerIP }}
+{{- end }}
+{{- if .Values.alertmanager.service.loadBalancerSourceRanges }}
+ loadBalancerSourceRanges:
+ {{- range $cidr := .Values.alertmanager.service.loadBalancerSourceRanges }}
+ - {{ $cidr }}
+ {{- end }}
+{{- end }}
+ ports:
+ - name: web
+ {{- if eq .Values.alertmanager.service.type "NodePort" }}
+ nodePort: {{ .Values.alertmanager.service.nodePort }}
+ {{- end }}
+ port: 9093
+ targetPort: 9093
+ protocol: TCP
+ selector:
+ app: alertmanager
+ alertmanager: {{ template "prometheus-operator.fullname" . }}-alertmanager
+ type: "{{ .Values.alertmanager.service.type }}"
+{{- end }}
diff --git a/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/serviceaccount.yaml b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/serviceaccount.yaml
new file mode 100644
index 00000000..bbed0287
--- /dev/null
+++ b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/serviceaccount.yaml
@@ -0,0 +1,11 @@
+{{- if and .Values.alertmanager.enabled .Values.global.rbac.create .Values.alertmanager.serviceAccount.create }}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: {{ template "prometheus-operator.alertmanager.serviceAccountName" . }}
+ labels:
+ app: {{ template "prometheus-operator.name" . }}-alertmanager
+{{ include "prometheus-operator.labels" . | indent 4 }}
+imagePullSecrets:
+{{ toYaml .Values.global.imagePullSecrets | indent 2 }}
+{{- end }}
diff --git a/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/servicemonitor.yaml b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/servicemonitor.yaml
new file mode 100644
index 00000000..5c8cab90
--- /dev/null
+++ b/vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/servicemonitor.yaml
@@ -0,0 +1,21 @@
+{{- if and .Values.alertmanager.enabled .Values.alertmanager.serviceMonitor.selfMonitor }}
+apiVersion: {{ printf "%s/v1" (.Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com") }}
+kind: ServiceMonitor
+metadata:
+ name: {{ template "prometheus-operator.fullname" . }}-alertmanager
+ labels:
+ app: {{ template "prometheus-operator.name" . }}-alertmanager
+{{ include "prometheus-operator.labels" . | indent 4 }}
+spec:
+ selector:
+ matchLabels:
+ app: {{ template "prometheus-operator.name" . }}-alertmanager
+ release: {{ .Release.Name | quote }}
+ namespaceSelector:
+ matchNames:
+ - {{ .Release.Namespace | quote }}
+ endpoints:
+ - port: web
+ interval: 30s
+ path: "{{ trimSuffix "/" .Values.alertmanager.alertmanagerSpec.routePrefix }}/metrics"
+{{- end }}