diff --git a/charts/aws-ebs-csi-driver/values.yaml.gotmpl b/charts/aws-ebs-csi-driver/values.yaml.gotmpl index 46de5757..c24ef62d 100644 --- a/charts/aws-ebs-csi-driver/values.yaml.gotmpl +++ b/charts/aws-ebs-csi-driver/values.yaml.gotmpl @@ -5,7 +5,7 @@ image: tag: "v1.38.1" storageClasses: - - name: "ebs-sc" + - name: "{{ .Values.ebsStorageClassName }}" parameters: type: "gp3" allowVolumeExpansion: true diff --git a/charts/longhorn/README.md b/charts/longhorn/README.md index 73508294..1698445c 100644 --- a/charts/longhorn/README.md +++ b/charts/longhorn/README.md @@ -2,7 +2,7 @@ ### Can LH be used for critical services (e.g., Databases)? -No (as of now). , we should not use it for volumes of critical services. +No. We should not use it for volumes of critical services. As of now, we should avoid using LH for critical services. Instead, we should rely on easier-to-maintain solutions (e.g., application-level replication [Postgres Operators], S3, etc.). Once we get hands-on experience, extensive monitoring and ability to scale LH, we can consider using it for critical services. diff --git a/charts/portainer/values.ebs-pv.yaml.gotmpl b/charts/portainer/values.ebs-pv.yaml.gotmpl index 67a369b1..b31010f6 100644 --- a/charts/portainer/values.ebs-pv.yaml.gotmpl +++ b/charts/portainer/values.ebs-pv.yaml.gotmpl @@ -1,4 +1,4 @@ persistence: enabled: true size: "1Gi" # minimal size for gp3 is 1Gi - storageClass: "ebs-sc" + storageClass: "{{ .Values.ebsStorageClassName }}" diff --git a/charts/portainer/values.longhorn-pv.yaml.gotmpl b/charts/portainer/values.longhorn-pv.yaml.gotmpl index 755420c0..4eae1b7b 100644 --- a/charts/portainer/values.longhorn-pv.yaml.gotmpl +++ b/charts/portainer/values.longhorn-pv.yaml.gotmpl @@ -1,4 +1,4 @@ persistence: enabled: true size: "300Mi" # cannot be lower https://github.com/longhorn/longhorn/issues/8488 - storageClass: "{{.Values.longhornStorageClassName}}" + storageClass: "{{ .Values.longhornStorageClassName }}" diff --git a/charts/traefik/values.secure.yaml.gotmpl b/charts/traefik/values.secure.yaml.gotmpl index 8abb2e7e..398c04b5 100644 --- a/charts/traefik/values.secure.yaml.gotmpl +++ b/charts/traefik/values.secure.yaml.gotmpl @@ -60,6 +60,27 @@ extraObjects: prefixes: - /longhorn + # a (href) links do not work properly without trailing slash +- apiVersion: traefik.io/v1alpha1 + kind: Middleware + metadata: + name: logs-append-slash + namespace: {{ .Release.Namespace }} + spec: + redirectRegex: + regex: "^(https?://[^/]+/logs)$" + replacement: "${1}/" + +- apiVersion: traefik.io/v1alpha1 + kind: Middleware + metadata: + name: logs-strip-prefix + namespace: {{.Release.Namespace}} + spec: + stripPrefix: + prefixes: + - /logs + - apiVersion: traefik.io/v1alpha1 kind: Middleware metadata: diff --git a/charts/victoria-logs/README.md b/charts/victoria-logs/README.md new file mode 100644 index 00000000..0f774d8f --- /dev/null +++ b/charts/victoria-logs/README.md @@ -0,0 +1,2 @@ +Highly Available Configuration with Helm: +* https://github.com/VictoriaMetrics/VictoriaMetrics/issues/9076 diff --git a/charts/victoria-logs/values.yaml.gotmpl b/charts/victoria-logs/values.yaml.gotmpl new file mode 100644 index 00000000..4abcc528 --- /dev/null +++ b/charts/victoria-logs/values.yaml.gotmpl @@ -0,0 +1,59 @@ +# https://github.com/VictoriaMetrics/helm-charts/blob/victoria-logs-single-0.11.2/charts/victoria-logs-single/values.yaml + +vector: + # by default it will generate sink per statefulset's pod + # each pod has a separate PV, so the data is replicated + enabled: true + +server: + # HA trough multiple replicas + # https://github.com/VictoriaMetrics/VictoriaMetrics/issues/9076 + replicaCount: 2 + + retentionPeriod: 30d + + ingress: + enabled: true + annotations: + namespace: "{{ .Release.Namespace }}" + cert-manager.io/cluster-issuer: "cert-issuer" + traefik.ingress.kubernetes.io/router.entrypoints: websecure + traefik.ingress.kubernetes.io/router.middlewares: traefik-logs-append-slash@kubernetescrd,traefik-logs-strip-prefix@kubernetescrd,traefik-traefik-basic-auth@kubernetescrd # namespace + middleware name + tls: + - hosts: + - {{ requiredEnv "K8S_MONITORING_FQDN" }} + secretName: monitoring-tls + hosts: + - name: {{ requiredEnv "K8S_MONITORING_FQDN" }} + path: + - /logs + pathType: Prefix + + persistentVolume: + enabled: true + storageClassName: "{{ .Values.ebsStorageClassName }}" + size: 10Gi + + nodeSelector: + ops: "true" + + # Schedule pods on different nodes if possible (HA) + # https://stackoverflow.com/a/64958458/12124525 + topologySpreadConstraints: + - maxSkew: 1 + topologyKey: "kubernetes.io/hostname" + whenUnsatisfiable: DoNotSchedule + # hardcoded due to https://github.com/VictoriaMetrics/helm-charts/issues/2219 + labelSelector: + matchLabels: + app: server + app.kubernetes.io/instance: victoria-logs + app.kubernetes.io/name: victoria-logs-single + + resources: + limits: + cpu: 500m + memory: 512Mi + requests: + cpu: 500m + memory: 512Mi