From 938be467d1fb7b0c39daab114c3d5f1ad75e9ee6 Mon Sep 17 00:00:00 2001 From: Joshua Hoblitt Date: Mon, 28 Jul 2025 09:48:03 -0700 Subject: [PATCH 1/2] WIP (fleet/mimir) replace mimir-pre bundle with kustomize + manage mimir s3 buckets with obc --- .../mimir-pre/externalsecret-mimir-s3.yaml | 18 ---- fleet/lib/mimir-pre/fleet.yaml | 15 --- fleet/lib/mimir/fleet.yaml | 44 +++++++-- .../base/cephobjectstoreuser-mimir.yaml | 11 +++ .../mimir/kustomize/base/kustomization.yaml | 7 ++ .../base/obc-mimir-alertmanager.yaml | 23 +++++ .../kustomize/base/obc-mimir-blocks.yaml | 23 +++++ .../mimir/kustomize/base/obc-mimir-ruler.yaml | 23 +++++ fleet/lib/mimir/kustomize/base/obc-mimir.yaml | 23 +++++ .../overlays/antu/kustomization.yaml | 8 ++ .../overlays/antu/obc-mimir-alertmanager.yaml | 7 ++ .../overlays/antu/obc-mimir-blocks.yaml | 7 ++ .../overlays/antu/obc-mimir-ruler.yaml | 7 ++ .../kustomize/overlays/antu/obc-mimir.yaml | 7 ++ .../overlays/ayekan/kustomization.yaml | 8 ++ .../ayekan/obc-mimir-alertmanager.yaml | 7 ++ .../overlays/ayekan/obc-mimir-blocks.yaml | 7 ++ .../overlays/ayekan/obc-mimir-ruler.yaml | 7 ++ .../kustomize/overlays/ayekan/obc-mimir.yaml | 7 ++ .../overlays/kona/kustomization.yaml | 8 ++ .../overlays/kona/obc-mimir-alertmanager.yaml | 7 ++ .../overlays/kona/obc-mimir-blocks.yaml | 7 ++ .../overlays/kona/obc-mimir-ruler.yaml | 7 ++ .../kustomize/overlays/kona/obc-mimir.yaml | 7 ++ .../pillan/cephobjectstoreuser-mimir.yaml | 11 +++ .../overlays/pillan/kustomization.yaml | 9 ++ .../pillan/obc-mimir-alertmanager.yaml | 8 ++ .../overlays/pillan/obc-mimir-blocks.yaml | 8 ++ .../overlays/pillan/obc-mimir-ruler.yaml | 8 ++ .../kustomize/overlays/pillan/obc-mimir.yaml | 8 ++ .../ruka/cephobjectstoreuser-mimir.yaml | 11 +++ .../overlays/ruka/kustomization.yaml | 9 ++ .../overlays/ruka/obc-mimir-alertmanager.yaml | 8 ++ .../overlays/ruka/obc-mimir-blocks.yaml | 8 ++ .../overlays/ruka/obc-mimir-ruler.yaml | 8 ++ .../kustomize/overlays/ruka/obc-mimir.yaml | 8 ++ fleet/lib/mimir/overlays/rke2/values.yaml | 5 - fleet/lib/mimir/values.yaml | 18 +++- .../antu/templates/cephobjectstore-o11y.yaml | 1 + .../kona/templates/cephobjectstore-o11y.yaml | 1 + .../templates/cephobjectstore-o11y.yaml | 29 +++--- .../pillan/templates/cephobjectstore-lfa.yaml | 2 + .../ruka/templates/cephobjectstore-lfa.yaml | 54 ++++++----- .../charts/ruka/templates/obc-ruka-mimir.yaml | 96 ------------------- fleet/s/dev/c/kona/mimir-pre | 1 - fleet/s/dev/c/kueyen/mimir-pre | 1 - fleet/s/dev/c/ruka/mimir-pre | 1 - fleet/s/ls/c/antu/mimir-pre | 1 - fleet/s/tu/c/pillan/mimir-pre | 1 - rke2/pillan/mimir/mkbuckets.sh | 50 ---------- rke2/ruka/mimir/mkbuckets.sh | 50 ---------- 51 files changed, 418 insertions(+), 292 deletions(-) delete mode 100644 fleet/lib/mimir-pre/externalsecret-mimir-s3.yaml delete mode 100644 fleet/lib/mimir-pre/fleet.yaml create mode 100644 fleet/lib/mimir/kustomize/base/cephobjectstoreuser-mimir.yaml create mode 100644 fleet/lib/mimir/kustomize/base/kustomization.yaml create mode 100644 fleet/lib/mimir/kustomize/base/obc-mimir-alertmanager.yaml create mode 100644 fleet/lib/mimir/kustomize/base/obc-mimir-blocks.yaml create mode 100644 fleet/lib/mimir/kustomize/base/obc-mimir-ruler.yaml create mode 100644 fleet/lib/mimir/kustomize/base/obc-mimir.yaml create mode 100644 fleet/lib/mimir/kustomize/overlays/antu/kustomization.yaml create mode 100644 fleet/lib/mimir/kustomize/overlays/antu/obc-mimir-alertmanager.yaml create mode 100644 fleet/lib/mimir/kustomize/overlays/antu/obc-mimir-blocks.yaml create mode 100644 fleet/lib/mimir/kustomize/overlays/antu/obc-mimir-ruler.yaml create mode 100644 fleet/lib/mimir/kustomize/overlays/antu/obc-mimir.yaml create mode 100644 fleet/lib/mimir/kustomize/overlays/ayekan/kustomization.yaml create mode 100644 fleet/lib/mimir/kustomize/overlays/ayekan/obc-mimir-alertmanager.yaml create mode 100644 fleet/lib/mimir/kustomize/overlays/ayekan/obc-mimir-blocks.yaml create mode 100644 fleet/lib/mimir/kustomize/overlays/ayekan/obc-mimir-ruler.yaml create mode 100644 fleet/lib/mimir/kustomize/overlays/ayekan/obc-mimir.yaml create mode 100644 fleet/lib/mimir/kustomize/overlays/kona/kustomization.yaml create mode 100644 fleet/lib/mimir/kustomize/overlays/kona/obc-mimir-alertmanager.yaml create mode 100644 fleet/lib/mimir/kustomize/overlays/kona/obc-mimir-blocks.yaml create mode 100644 fleet/lib/mimir/kustomize/overlays/kona/obc-mimir-ruler.yaml create mode 100644 fleet/lib/mimir/kustomize/overlays/kona/obc-mimir.yaml create mode 100644 fleet/lib/mimir/kustomize/overlays/pillan/cephobjectstoreuser-mimir.yaml create mode 100644 fleet/lib/mimir/kustomize/overlays/pillan/kustomization.yaml create mode 100644 fleet/lib/mimir/kustomize/overlays/pillan/obc-mimir-alertmanager.yaml create mode 100644 fleet/lib/mimir/kustomize/overlays/pillan/obc-mimir-blocks.yaml create mode 100644 fleet/lib/mimir/kustomize/overlays/pillan/obc-mimir-ruler.yaml create mode 100644 fleet/lib/mimir/kustomize/overlays/pillan/obc-mimir.yaml create mode 100644 fleet/lib/mimir/kustomize/overlays/ruka/cephobjectstoreuser-mimir.yaml create mode 100644 fleet/lib/mimir/kustomize/overlays/ruka/kustomization.yaml create mode 100644 fleet/lib/mimir/kustomize/overlays/ruka/obc-mimir-alertmanager.yaml create mode 100644 fleet/lib/mimir/kustomize/overlays/ruka/obc-mimir-blocks.yaml create mode 100644 fleet/lib/mimir/kustomize/overlays/ruka/obc-mimir-ruler.yaml create mode 100644 fleet/lib/mimir/kustomize/overlays/ruka/obc-mimir.yaml delete mode 100644 fleet/lib/mimir/overlays/rke2/values.yaml delete mode 100644 fleet/lib/rook-ceph-conf/charts/ruka/templates/obc-ruka-mimir.yaml delete mode 120000 fleet/s/dev/c/kona/mimir-pre delete mode 120000 fleet/s/dev/c/kueyen/mimir-pre delete mode 120000 fleet/s/dev/c/ruka/mimir-pre delete mode 120000 fleet/s/ls/c/antu/mimir-pre delete mode 120000 fleet/s/tu/c/pillan/mimir-pre delete mode 100755 rke2/pillan/mimir/mkbuckets.sh delete mode 100755 rke2/ruka/mimir/mkbuckets.sh diff --git a/fleet/lib/mimir-pre/externalsecret-mimir-s3.yaml b/fleet/lib/mimir-pre/externalsecret-mimir-s3.yaml deleted file mode 100644 index 7fcb5f3d8..000000000 --- a/fleet/lib/mimir-pre/externalsecret-mimir-s3.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: mimir-s3 -spec: - secretStoreRef: - kind: ClusterSecretStore - name: onepassword - data: - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - key: &item mimir-s3 - property: username - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - key: *item - property: password diff --git a/fleet/lib/mimir-pre/fleet.yaml b/fleet/lib/mimir-pre/fleet.yaml deleted file mode 100644 index fd23e5070..000000000 --- a/fleet/lib/mimir-pre/fleet.yaml +++ /dev/null @@ -1,15 +0,0 @@ ---- -defaultNamespace: mimir -labels: - bundle: &name mimir-pre -namespaceLabels: - lsst.io/discover: "true" -helm: - releaseName: *name - takeOwnership: true - timeoutSeconds: 300 - waitForJobs: false -dependsOn: - - selector: - matchLabels: - bundle: external-secrets diff --git a/fleet/lib/mimir/fleet.yaml b/fleet/lib/mimir/fleet.yaml index b0d01b343..bde2de908 100644 --- a/fleet/lib/mimir/fleet.yaml +++ b/fleet/lib/mimir/fleet.yaml @@ -1,10 +1,11 @@ --- -# XXX automate provisioning of buckets and rgw user defaultNamespace: &name mimir labels: bundle: *name namespaceLabels: lsst.io/discover: "true" +kustomize: + dir: kustomize/base helm: chart: &chart mimir-distributed releaseName: *chart @@ -17,24 +18,47 @@ helm: dependsOn: - selector: matchLabels: - bundle: mimir-pre + bundle: rook-ceph - selector: matchLabels: bundle: prometheus-operator-crds targetCustomizations: - - name: rke2 + - name: antu + clusterSelector: + matchExpressions: + - key: management.cattle.io/cluster-display-name + operator: In + values: + - antu + kustomize: + dir: kustomize/overlays/antu + - name: kona clusterSelector: matchExpressions: - key: management.cattle.io/cluster-display-name operator: In values: - - ruka - - kueyen - - pillan - kona - helm: - valuesFiles: - - overlays/rke2/values.yaml + kustomize: + dir: kustomize/overlays/kona + - name: kueyen + clusterSelector: + matchExpressions: + - key: management.cattle.io/cluster-display-name + operator: In + values: + - kueyen + kustomize: + dir: kustomize/overlays/kueyen + - name: ruka + clusterSelector: + matchExpressions: + - key: management.cattle.io/cluster-display-name + operator: In + values: + - ruka + kustomize: + dir: kustomize/overlays/ruka - name: pillan clusterSelector: matchExpressions: @@ -45,3 +69,5 @@ targetCustomizations: helm: valuesFiles: - overlays/pillan/values.yaml + kustomize: + dir: kustomize/overlays/pillan diff --git a/fleet/lib/mimir/kustomize/base/cephobjectstoreuser-mimir.yaml b/fleet/lib/mimir/kustomize/base/cephobjectstoreuser-mimir.yaml new file mode 100644 index 000000000..d1e9fb122 --- /dev/null +++ b/fleet/lib/mimir/kustomize/base/cephobjectstoreuser-mimir.yaml @@ -0,0 +1,11 @@ +--- +apiVersion: ceph.rook.io/v1 +kind: CephObjectStoreUser +metadata: + name: mimir +spec: + store: o11y + clusterNamespace: rook-ceph + displayName: mimir + quotas: + maxBuckets: 4 diff --git a/fleet/lib/mimir/kustomize/base/kustomization.yaml b/fleet/lib/mimir/kustomize/base/kustomization.yaml new file mode 100644 index 000000000..3afbd009b --- /dev/null +++ b/fleet/lib/mimir/kustomize/base/kustomization.yaml @@ -0,0 +1,7 @@ +--- +resources: + - cephobjectstoreuser-mimir.yaml + - obc-mimir-alertmanager.yaml + - obc-mimir-blocks.yaml + - obc-mimir-ruler.yaml + - obc-mimir.yaml diff --git a/fleet/lib/mimir/kustomize/base/obc-mimir-alertmanager.yaml b/fleet/lib/mimir/kustomize/base/obc-mimir-alertmanager.yaml new file mode 100644 index 000000000..edc8caa03 --- /dev/null +++ b/fleet/lib/mimir/kustomize/base/obc-mimir-alertmanager.yaml @@ -0,0 +1,23 @@ +--- +apiVersion: objectbucket.io/v1alpha1 +kind: ObjectBucketClaim +metadata: + name: mimir-alertmanager +spec: + bucketName: mimir-alertmanager + storageClassName: o11y + additionalConfig: + bucketOwner: mimir + bucketLifecycle: | + { + "Rules": [ + { + "ID": "AbortIncompleteMultipartUploads", + "Status": "Enabled", + "Prefix": "", + "AbortIncompleteMultipartUpload": { + "DaysAfterInitiation": 1 + } + } + ] + } diff --git a/fleet/lib/mimir/kustomize/base/obc-mimir-blocks.yaml b/fleet/lib/mimir/kustomize/base/obc-mimir-blocks.yaml new file mode 100644 index 000000000..291d740bd --- /dev/null +++ b/fleet/lib/mimir/kustomize/base/obc-mimir-blocks.yaml @@ -0,0 +1,23 @@ +--- +apiVersion: objectbucket.io/v1alpha1 +kind: ObjectBucketClaim +metadata: + name: mimir-blocks +spec: + bucketName: mimir-blocks + storageClassName: o11y + additionalConfig: + bucketOwner: mimir + bucketLifecycle: | + { + "Rules": [ + { + "ID": "AbortIncompleteMultipartUploads", + "Status": "Enabled", + "Prefix": "", + "AbortIncompleteMultipartUpload": { + "DaysAfterInitiation": 1 + } + } + ] + } diff --git a/fleet/lib/mimir/kustomize/base/obc-mimir-ruler.yaml b/fleet/lib/mimir/kustomize/base/obc-mimir-ruler.yaml new file mode 100644 index 000000000..0ea98f1fe --- /dev/null +++ b/fleet/lib/mimir/kustomize/base/obc-mimir-ruler.yaml @@ -0,0 +1,23 @@ +--- +apiVersion: objectbucket.io/v1alpha1 +kind: ObjectBucketClaim +metadata: + name: mimir-ruler +spec: + bucketName: mimir-ruler + storageClassName: o11y + additionalConfig: + bucketOwner: mimir + bucketLifecycle: | + { + "Rules": [ + { + "ID": "AbortIncompleteMultipartUploads", + "Status": "Enabled", + "Prefix": "", + "AbortIncompleteMultipartUpload": { + "DaysAfterInitiation": 1 + } + } + ] + } diff --git a/fleet/lib/mimir/kustomize/base/obc-mimir.yaml b/fleet/lib/mimir/kustomize/base/obc-mimir.yaml new file mode 100644 index 000000000..42fa6e5b5 --- /dev/null +++ b/fleet/lib/mimir/kustomize/base/obc-mimir.yaml @@ -0,0 +1,23 @@ +--- +apiVersion: objectbucket.io/v1alpha1 +kind: ObjectBucketClaim +metadata: + name: mimir +spec: + bucketName: mimir + storageClassName: o11y + additionalConfig: + bucketOwner: mimir + bucketLifecycle: | + { + "Rules": [ + { + "ID": "AbortIncompleteMultipartUploads", + "Status": "Enabled", + "Prefix": "", + "AbortIncompleteMultipartUpload": { + "DaysAfterInitiation": 1 + } + } + ] + } diff --git a/fleet/lib/mimir/kustomize/overlays/antu/kustomization.yaml b/fleet/lib/mimir/kustomize/overlays/antu/kustomization.yaml new file mode 100644 index 000000000..c37796827 --- /dev/null +++ b/fleet/lib/mimir/kustomize/overlays/antu/kustomization.yaml @@ -0,0 +1,8 @@ +--- +resources: + - ../../base +patches: + - path: obc-mimir-alertmanager.yaml + - path: obc-mimir-blocks.yaml + - path: obc-mimir-ruler.yaml + - path: obc-mimir.yaml diff --git a/fleet/lib/mimir/kustomize/overlays/antu/obc-mimir-alertmanager.yaml b/fleet/lib/mimir/kustomize/overlays/antu/obc-mimir-alertmanager.yaml new file mode 100644 index 000000000..8131df2d3 --- /dev/null +++ b/fleet/lib/mimir/kustomize/overlays/antu/obc-mimir-alertmanager.yaml @@ -0,0 +1,7 @@ +--- +apiVersion: objectbucket.io/v1alpha1 +kind: ObjectBucketClaim +metadata: + name: mimir-alertmanager +spec: + bucketName: antu-mimir-alertmanager diff --git a/fleet/lib/mimir/kustomize/overlays/antu/obc-mimir-blocks.yaml b/fleet/lib/mimir/kustomize/overlays/antu/obc-mimir-blocks.yaml new file mode 100644 index 000000000..2b87a8b91 --- /dev/null +++ b/fleet/lib/mimir/kustomize/overlays/antu/obc-mimir-blocks.yaml @@ -0,0 +1,7 @@ +--- +apiVersion: objectbucket.io/v1alpha1 +kind: ObjectBucketClaim +metadata: + name: mimir-blocks +spec: + bucketName: antu-mimir-blocks diff --git a/fleet/lib/mimir/kustomize/overlays/antu/obc-mimir-ruler.yaml b/fleet/lib/mimir/kustomize/overlays/antu/obc-mimir-ruler.yaml new file mode 100644 index 000000000..4055978b7 --- /dev/null +++ b/fleet/lib/mimir/kustomize/overlays/antu/obc-mimir-ruler.yaml @@ -0,0 +1,7 @@ +--- +apiVersion: objectbucket.io/v1alpha1 +kind: ObjectBucketClaim +metadata: + name: mimir-ruler +spec: + bucketName: antu-mimir-ruler diff --git a/fleet/lib/mimir/kustomize/overlays/antu/obc-mimir.yaml b/fleet/lib/mimir/kustomize/overlays/antu/obc-mimir.yaml new file mode 100644 index 000000000..194337f5e --- /dev/null +++ b/fleet/lib/mimir/kustomize/overlays/antu/obc-mimir.yaml @@ -0,0 +1,7 @@ +--- +apiVersion: objectbucket.io/v1alpha1 +kind: ObjectBucketClaim +metadata: + name: mimir +spec: + bucketName: antu-mimir diff --git a/fleet/lib/mimir/kustomize/overlays/ayekan/kustomization.yaml b/fleet/lib/mimir/kustomize/overlays/ayekan/kustomization.yaml new file mode 100644 index 000000000..c37796827 --- /dev/null +++ b/fleet/lib/mimir/kustomize/overlays/ayekan/kustomization.yaml @@ -0,0 +1,8 @@ +--- +resources: + - ../../base +patches: + - path: obc-mimir-alertmanager.yaml + - path: obc-mimir-blocks.yaml + - path: obc-mimir-ruler.yaml + - path: obc-mimir.yaml diff --git a/fleet/lib/mimir/kustomize/overlays/ayekan/obc-mimir-alertmanager.yaml b/fleet/lib/mimir/kustomize/overlays/ayekan/obc-mimir-alertmanager.yaml new file mode 100644 index 000000000..b84a76e78 --- /dev/null +++ b/fleet/lib/mimir/kustomize/overlays/ayekan/obc-mimir-alertmanager.yaml @@ -0,0 +1,7 @@ +--- +apiVersion: objectbucket.io/v1alpha1 +kind: ObjectBucketClaim +metadata: + name: mimir-alertmanager +spec: + bucketName: ayekan-mimir-alertmanager diff --git a/fleet/lib/mimir/kustomize/overlays/ayekan/obc-mimir-blocks.yaml b/fleet/lib/mimir/kustomize/overlays/ayekan/obc-mimir-blocks.yaml new file mode 100644 index 000000000..be626fd11 --- /dev/null +++ b/fleet/lib/mimir/kustomize/overlays/ayekan/obc-mimir-blocks.yaml @@ -0,0 +1,7 @@ +--- +apiVersion: objectbucket.io/v1alpha1 +kind: ObjectBucketClaim +metadata: + name: mimir-blocks +spec: + bucketName: ayekan-mimir-blocks diff --git a/fleet/lib/mimir/kustomize/overlays/ayekan/obc-mimir-ruler.yaml b/fleet/lib/mimir/kustomize/overlays/ayekan/obc-mimir-ruler.yaml new file mode 100644 index 000000000..c2788fac5 --- /dev/null +++ b/fleet/lib/mimir/kustomize/overlays/ayekan/obc-mimir-ruler.yaml @@ -0,0 +1,7 @@ +--- +apiVersion: objectbucket.io/v1alpha1 +kind: ObjectBucketClaim +metadata: + name: mimir-ruler +spec: + bucketName: ayekan-mimir-ruler diff --git a/fleet/lib/mimir/kustomize/overlays/ayekan/obc-mimir.yaml b/fleet/lib/mimir/kustomize/overlays/ayekan/obc-mimir.yaml new file mode 100644 index 000000000..49c4900fe --- /dev/null +++ b/fleet/lib/mimir/kustomize/overlays/ayekan/obc-mimir.yaml @@ -0,0 +1,7 @@ +--- +apiVersion: objectbucket.io/v1alpha1 +kind: ObjectBucketClaim +metadata: + name: mimir +spec: + bucketName: ayekan-mimir diff --git a/fleet/lib/mimir/kustomize/overlays/kona/kustomization.yaml b/fleet/lib/mimir/kustomize/overlays/kona/kustomization.yaml new file mode 100644 index 000000000..c37796827 --- /dev/null +++ b/fleet/lib/mimir/kustomize/overlays/kona/kustomization.yaml @@ -0,0 +1,8 @@ +--- +resources: + - ../../base +patches: + - path: obc-mimir-alertmanager.yaml + - path: obc-mimir-blocks.yaml + - path: obc-mimir-ruler.yaml + - path: obc-mimir.yaml diff --git a/fleet/lib/mimir/kustomize/overlays/kona/obc-mimir-alertmanager.yaml b/fleet/lib/mimir/kustomize/overlays/kona/obc-mimir-alertmanager.yaml new file mode 100644 index 000000000..a140bacf3 --- /dev/null +++ b/fleet/lib/mimir/kustomize/overlays/kona/obc-mimir-alertmanager.yaml @@ -0,0 +1,7 @@ +--- +apiVersion: objectbucket.io/v1alpha1 +kind: ObjectBucketClaim +metadata: + name: mimir-alertmanager +spec: + bucketName: kona-mimir-alertmanager diff --git a/fleet/lib/mimir/kustomize/overlays/kona/obc-mimir-blocks.yaml b/fleet/lib/mimir/kustomize/overlays/kona/obc-mimir-blocks.yaml new file mode 100644 index 000000000..b204a8e63 --- /dev/null +++ b/fleet/lib/mimir/kustomize/overlays/kona/obc-mimir-blocks.yaml @@ -0,0 +1,7 @@ +--- +apiVersion: objectbucket.io/v1alpha1 +kind: ObjectBucketClaim +metadata: + name: mimir-blocks +spec: + bucketName: kona-mimir-blocks diff --git a/fleet/lib/mimir/kustomize/overlays/kona/obc-mimir-ruler.yaml b/fleet/lib/mimir/kustomize/overlays/kona/obc-mimir-ruler.yaml new file mode 100644 index 000000000..ac48dd798 --- /dev/null +++ b/fleet/lib/mimir/kustomize/overlays/kona/obc-mimir-ruler.yaml @@ -0,0 +1,7 @@ +--- +apiVersion: objectbucket.io/v1alpha1 +kind: ObjectBucketClaim +metadata: + name: mimir-ruler +spec: + bucketName: kona-mimir-ruler diff --git a/fleet/lib/mimir/kustomize/overlays/kona/obc-mimir.yaml b/fleet/lib/mimir/kustomize/overlays/kona/obc-mimir.yaml new file mode 100644 index 000000000..7107dec99 --- /dev/null +++ b/fleet/lib/mimir/kustomize/overlays/kona/obc-mimir.yaml @@ -0,0 +1,7 @@ +--- +apiVersion: objectbucket.io/v1alpha1 +kind: ObjectBucketClaim +metadata: + name: mimir +spec: + bucketName: kona-mimir diff --git a/fleet/lib/mimir/kustomize/overlays/pillan/cephobjectstoreuser-mimir.yaml b/fleet/lib/mimir/kustomize/overlays/pillan/cephobjectstoreuser-mimir.yaml new file mode 100644 index 000000000..a4f793e91 --- /dev/null +++ b/fleet/lib/mimir/kustomize/overlays/pillan/cephobjectstoreuser-mimir.yaml @@ -0,0 +1,11 @@ +--- +apiVersion: ceph.rook.io/v1 +kind: CephObjectStoreUser +metadata: + name: mimir +spec: + store: lfa + clusterNamespace: rook-ceph + displayName: mimir + quotas: + maxBuckets: 4 diff --git a/fleet/lib/mimir/kustomize/overlays/pillan/kustomization.yaml b/fleet/lib/mimir/kustomize/overlays/pillan/kustomization.yaml new file mode 100644 index 000000000..b475311f5 --- /dev/null +++ b/fleet/lib/mimir/kustomize/overlays/pillan/kustomization.yaml @@ -0,0 +1,9 @@ +--- +resources: + - ../../base +patches: + - path: cephobjectstoreuser-mimir.yaml + - path: obc-mimir-alertmanager.yaml + - path: obc-mimir-blocks.yaml + - path: obc-mimir-ruler.yaml + - path: obc-mimir.yaml diff --git a/fleet/lib/mimir/kustomize/overlays/pillan/obc-mimir-alertmanager.yaml b/fleet/lib/mimir/kustomize/overlays/pillan/obc-mimir-alertmanager.yaml new file mode 100644 index 000000000..430de49d8 --- /dev/null +++ b/fleet/lib/mimir/kustomize/overlays/pillan/obc-mimir-alertmanager.yaml @@ -0,0 +1,8 @@ +--- +apiVersion: objectbucket.io/v1alpha1 +kind: ObjectBucketClaim +metadata: + name: mimir-alertmanager +spec: + storageClassName: lfa + bucketName: pillan-mimir-alertmanager diff --git a/fleet/lib/mimir/kustomize/overlays/pillan/obc-mimir-blocks.yaml b/fleet/lib/mimir/kustomize/overlays/pillan/obc-mimir-blocks.yaml new file mode 100644 index 000000000..d4ebac4fd --- /dev/null +++ b/fleet/lib/mimir/kustomize/overlays/pillan/obc-mimir-blocks.yaml @@ -0,0 +1,8 @@ +--- +apiVersion: objectbucket.io/v1alpha1 +kind: ObjectBucketClaim +metadata: + name: mimir-blocks +spec: + storageClassName: lfa + bucketName: pillan-mimir-blocks diff --git a/fleet/lib/mimir/kustomize/overlays/pillan/obc-mimir-ruler.yaml b/fleet/lib/mimir/kustomize/overlays/pillan/obc-mimir-ruler.yaml new file mode 100644 index 000000000..a2adb95d4 --- /dev/null +++ b/fleet/lib/mimir/kustomize/overlays/pillan/obc-mimir-ruler.yaml @@ -0,0 +1,8 @@ +--- +apiVersion: objectbucket.io/v1alpha1 +kind: ObjectBucketClaim +metadata: + name: mimir-ruler +spec: + storageClassName: lfa + bucketName: pillan-mimir-ruler diff --git a/fleet/lib/mimir/kustomize/overlays/pillan/obc-mimir.yaml b/fleet/lib/mimir/kustomize/overlays/pillan/obc-mimir.yaml new file mode 100644 index 000000000..39e15c738 --- /dev/null +++ b/fleet/lib/mimir/kustomize/overlays/pillan/obc-mimir.yaml @@ -0,0 +1,8 @@ +--- +apiVersion: objectbucket.io/v1alpha1 +kind: ObjectBucketClaim +metadata: + name: mimir +spec: + storageClassName: lfa + bucketName: pillan-mimir diff --git a/fleet/lib/mimir/kustomize/overlays/ruka/cephobjectstoreuser-mimir.yaml b/fleet/lib/mimir/kustomize/overlays/ruka/cephobjectstoreuser-mimir.yaml new file mode 100644 index 000000000..a4f793e91 --- /dev/null +++ b/fleet/lib/mimir/kustomize/overlays/ruka/cephobjectstoreuser-mimir.yaml @@ -0,0 +1,11 @@ +--- +apiVersion: ceph.rook.io/v1 +kind: CephObjectStoreUser +metadata: + name: mimir +spec: + store: lfa + clusterNamespace: rook-ceph + displayName: mimir + quotas: + maxBuckets: 4 diff --git a/fleet/lib/mimir/kustomize/overlays/ruka/kustomization.yaml b/fleet/lib/mimir/kustomize/overlays/ruka/kustomization.yaml new file mode 100644 index 000000000..b475311f5 --- /dev/null +++ b/fleet/lib/mimir/kustomize/overlays/ruka/kustomization.yaml @@ -0,0 +1,9 @@ +--- +resources: + - ../../base +patches: + - path: cephobjectstoreuser-mimir.yaml + - path: obc-mimir-alertmanager.yaml + - path: obc-mimir-blocks.yaml + - path: obc-mimir-ruler.yaml + - path: obc-mimir.yaml diff --git a/fleet/lib/mimir/kustomize/overlays/ruka/obc-mimir-alertmanager.yaml b/fleet/lib/mimir/kustomize/overlays/ruka/obc-mimir-alertmanager.yaml new file mode 100644 index 000000000..4927c38f2 --- /dev/null +++ b/fleet/lib/mimir/kustomize/overlays/ruka/obc-mimir-alertmanager.yaml @@ -0,0 +1,8 @@ +--- +apiVersion: objectbucket.io/v1alpha1 +kind: ObjectBucketClaim +metadata: + name: mimir-alertmanager +spec: + storageClassName: lfa + bucketName: ruka-mimir-alertmanager diff --git a/fleet/lib/mimir/kustomize/overlays/ruka/obc-mimir-blocks.yaml b/fleet/lib/mimir/kustomize/overlays/ruka/obc-mimir-blocks.yaml new file mode 100644 index 000000000..56e9b1806 --- /dev/null +++ b/fleet/lib/mimir/kustomize/overlays/ruka/obc-mimir-blocks.yaml @@ -0,0 +1,8 @@ +--- +apiVersion: objectbucket.io/v1alpha1 +kind: ObjectBucketClaim +metadata: + name: mimir-blocks +spec: + storageClassName: lfa + bucketName: ruka-mimir-blocks diff --git a/fleet/lib/mimir/kustomize/overlays/ruka/obc-mimir-ruler.yaml b/fleet/lib/mimir/kustomize/overlays/ruka/obc-mimir-ruler.yaml new file mode 100644 index 000000000..d9daa2a43 --- /dev/null +++ b/fleet/lib/mimir/kustomize/overlays/ruka/obc-mimir-ruler.yaml @@ -0,0 +1,8 @@ +--- +apiVersion: objectbucket.io/v1alpha1 +kind: ObjectBucketClaim +metadata: + name: mimir-ruler +spec: + storageClassName: lfa + bucketName: ruka-mimir-ruler diff --git a/fleet/lib/mimir/kustomize/overlays/ruka/obc-mimir.yaml b/fleet/lib/mimir/kustomize/overlays/ruka/obc-mimir.yaml new file mode 100644 index 000000000..fdc674687 --- /dev/null +++ b/fleet/lib/mimir/kustomize/overlays/ruka/obc-mimir.yaml @@ -0,0 +1,8 @@ +--- +apiVersion: objectbucket.io/v1alpha1 +kind: ObjectBucketClaim +metadata: + name: mimir +spec: + storageClassName: lfa + bucketName: ruka-mimir diff --git a/fleet/lib/mimir/overlays/rke2/values.yaml b/fleet/lib/mimir/overlays/rke2/values.yaml deleted file mode 100644 index 565747b40..000000000 --- a/fleet/lib/mimir/overlays/rke2/values.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -global: - # XXX this is silly... the mimir-distributed chart should not override the - # pod default ns by default... but it does. This is a workaround. - dnsService: rke2-coredns-rke2-coredns diff --git a/fleet/lib/mimir/values.yaml b/fleet/lib/mimir/values.yaml index 31c8ee323..771e3a6ef 100644 --- a/fleet/lib/mimir/values.yaml +++ b/fleet/lib/mimir/values.yaml @@ -1,9 +1,19 @@ --- -# XXX to allow access to the s3 creds. Can this be more restrictively scoped? global: - extraEnvFrom: - - secretRef: - name: mimir-s3 + # XXX this is silly... the mimir-distributed chart should not override the + # pod default ns by default... but it does. This is a workaround. + dnsService: rke2-coredns-rke2-coredns + extraEnv: + - name: AWS_ACCESS_KEY_ID + valueFrom: + secretKeyRef: + name: rook-ceph-object-user-lfa-mimir + key: AccessKey + - name: AWS_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: + name: rook-ceph-object-user-lfa-mimir + key: SecretKey metaMonitoring: dashboards: diff --git a/fleet/lib/rook-ceph-conf/charts/antu/templates/cephobjectstore-o11y.yaml b/fleet/lib/rook-ceph-conf/charts/antu/templates/cephobjectstore-o11y.yaml index a3b6bac79..0ccfeddd3 100644 --- a/fleet/lib/rook-ceph-conf/charts/antu/templates/cephobjectstore-o11y.yaml +++ b/fleet/lib/rook-ceph-conf/charts/antu/templates/cephobjectstore-o11y.yaml @@ -7,6 +7,7 @@ metadata: spec: allowUsersInNamespaces: - loki + - mimir metadataPool: failureDomain: host replicated: diff --git a/fleet/lib/rook-ceph-conf/charts/kona/templates/cephobjectstore-o11y.yaml b/fleet/lib/rook-ceph-conf/charts/kona/templates/cephobjectstore-o11y.yaml index d95f9bd38..78cd83fc6 100644 --- a/fleet/lib/rook-ceph-conf/charts/kona/templates/cephobjectstore-o11y.yaml +++ b/fleet/lib/rook-ceph-conf/charts/kona/templates/cephobjectstore-o11y.yaml @@ -7,6 +7,7 @@ metadata: spec: allowUsersInNamespaces: - loki + - mimir metadataPool: failureDomain: host replicated: diff --git a/fleet/lib/rook-ceph-conf/charts/kueyen/templates/cephobjectstore-o11y.yaml b/fleet/lib/rook-ceph-conf/charts/kueyen/templates/cephobjectstore-o11y.yaml index 0d6d98428..def6ebeae 100644 --- a/fleet/lib/rook-ceph-conf/charts/kueyen/templates/cephobjectstore-o11y.yaml +++ b/fleet/lib/rook-ceph-conf/charts/kueyen/templates/cephobjectstore-o11y.yaml @@ -6,7 +6,8 @@ metadata: namespace: rook-ceph spec: allowUsersInNamespaces: - - loki + - loki + - mimir metadataPool: failureDomain: host replicated: @@ -45,20 +46,20 @@ metadata: spec: ingressClassName: nginx tls: - - hosts: - - &host s3.o11y.kueyen.dev.lsst.org - secretName: rook-ceph-rgw-ingress-tls-o11y + - hosts: + - &host s3.o11y.kueyen.dev.lsst.org + secretName: rook-ceph-rgw-ingress-tls-o11y rules: - - host: *host - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: rook-ceph-rgw-o11y - port: - number: 80 + - host: *host + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: rook-ceph-rgw-o11y + port: + number: 80 --- apiVersion: storage.k8s.io/v1 kind: StorageClass diff --git a/fleet/lib/rook-ceph-conf/charts/pillan/templates/cephobjectstore-lfa.yaml b/fleet/lib/rook-ceph-conf/charts/pillan/templates/cephobjectstore-lfa.yaml index a79f82576..8963f3b08 100644 --- a/fleet/lib/rook-ceph-conf/charts/pillan/templates/cephobjectstore-lfa.yaml +++ b/fleet/lib/rook-ceph-conf/charts/pillan/templates/cephobjectstore-lfa.yaml @@ -27,6 +27,8 @@ metadata: name: lfa namespace: rook-ceph spec: + allowUsersInNamespaces: + - mimir preservePoolsOnDelete: true gateway: port: 80 diff --git a/fleet/lib/rook-ceph-conf/charts/ruka/templates/cephobjectstore-lfa.yaml b/fleet/lib/rook-ceph-conf/charts/ruka/templates/cephobjectstore-lfa.yaml index 7374c4cc4..15494d5a8 100644 --- a/fleet/lib/rook-ceph-conf/charts/ruka/templates/cephobjectstore-lfa.yaml +++ b/fleet/lib/rook-ceph-conf/charts/ruka/templates/cephobjectstore-lfa.yaml @@ -27,6 +27,8 @@ metadata: name: lfa namespace: rook-ceph spec: + allowUsersInNamespaces: + - mimir preservePoolsOnDelete: false gateway: port: 80 @@ -72,20 +74,20 @@ metadata: spec: ingressClassName: nginx tls: - - hosts: - - &host s3.ruka.dev.lsst.org - secretName: rook-ceph-rgw-ingress-tls + - hosts: + - &host s3.ruka.dev.lsst.org + secretName: rook-ceph-rgw-ingress-tls rules: - - host: *host - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: rook-ceph-rgw-lfa - port: - number: 80 + - host: *host + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: rook-ceph-rgw-lfa + port: + number: 80 --- apiVersion: networking.k8s.io/v1 kind: Ingress @@ -98,20 +100,20 @@ metadata: spec: ingressClassName: nginx tls: - - hosts: - - s3.o11y.ruka.dev.lsst.org - secretName: rook-ceph-rgw-ingress-tls-o11y + - hosts: + - s3.o11y.ruka.dev.lsst.org + secretName: rook-ceph-rgw-ingress-tls-o11y rules: - - host: s3.o11y.ruka.dev.lsst.org - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: rook-ceph-rgw-lfa - port: - number: 80 + - host: s3.o11y.ruka.dev.lsst.org + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: rook-ceph-rgw-lfa + port: + number: 80 --- apiVersion: ceph.rook.io/v1 kind: CephBlockPool diff --git a/fleet/lib/rook-ceph-conf/charts/ruka/templates/obc-ruka-mimir.yaml b/fleet/lib/rook-ceph-conf/charts/ruka/templates/obc-ruka-mimir.yaml deleted file mode 100644 index 3d7033ffd..000000000 --- a/fleet/lib/rook-ceph-conf/charts/ruka/templates/obc-ruka-mimir.yaml +++ /dev/null @@ -1,96 +0,0 @@ ---- -apiVersion: objectbucket.io/v1alpha1 -kind: ObjectBucketClaim -metadata: - name: ruka-mimir - namespace: rook-ceph -spec: - bucketName: ruka-mimir - storageClassName: lfa - additionalConfig: - bucketOwner: mimir - bucketLifecycle: | - { - "Rules": [ - { - "ID": "AbortIncompleteMultipartUploads", - "Status": "Enabled", - "Prefix": "", - "AbortIncompleteMultipartUpload": { - "DaysAfterInitiation": 1 - } - } - ] - } ---- -apiVersion: objectbucket.io/v1alpha1 -kind: ObjectBucketClaim -metadata: - name: ruka-mimir-blocks - namespace: rook-ceph -spec: - bucketName: ruka-mimir-blocks - storageClassName: lfa - additionalConfig: - bucketOwner: mimir - bucketLifecycle: | - { - "Rules": [ - { - "ID": "AbortIncompleteMultipartUploads", - "Status": "Enabled", - "Prefix": "", - "AbortIncompleteMultipartUpload": { - "DaysAfterInitiation": 1 - } - } - ] - } ---- -apiVersion: objectbucket.io/v1alpha1 -kind: ObjectBucketClaim -metadata: - name: ruka-mimir-alertmanager - namespace: rook-ceph -spec: - bucketName: ruka-mimir-alertmanager - storageClassName: lfa - additionalConfig: - bucketOwner: mimir - bucketLifecycle: | - { - "Rules": [ - { - "ID": "AbortIncompleteMultipartUploads", - "Status": "Enabled", - "Prefix": "", - "AbortIncompleteMultipartUpload": { - "DaysAfterInitiation": 1 - } - } - ] - } ---- -apiVersion: objectbucket.io/v1alpha1 -kind: ObjectBucketClaim -metadata: - name: ruka-mimir-ruler - namespace: rook-ceph -spec: - bucketName: ruka-mimir-ruler - storageClassName: lfa - additionalConfig: - bucketOwner: mimir - bucketLifecycle: | - { - "Rules": [ - { - "ID": "AbortIncompleteMultipartUploads", - "Status": "Enabled", - "Prefix": "", - "AbortIncompleteMultipartUpload": { - "DaysAfterInitiation": 1 - } - } - ] - } diff --git a/fleet/s/dev/c/kona/mimir-pre b/fleet/s/dev/c/kona/mimir-pre deleted file mode 120000 index 5b8d0818c..000000000 --- a/fleet/s/dev/c/kona/mimir-pre +++ /dev/null @@ -1 +0,0 @@ -../../../../lib/mimir-pre \ No newline at end of file diff --git a/fleet/s/dev/c/kueyen/mimir-pre b/fleet/s/dev/c/kueyen/mimir-pre deleted file mode 120000 index 5b8d0818c..000000000 --- a/fleet/s/dev/c/kueyen/mimir-pre +++ /dev/null @@ -1 +0,0 @@ -../../../../lib/mimir-pre \ No newline at end of file diff --git a/fleet/s/dev/c/ruka/mimir-pre b/fleet/s/dev/c/ruka/mimir-pre deleted file mode 120000 index 5b8d0818c..000000000 --- a/fleet/s/dev/c/ruka/mimir-pre +++ /dev/null @@ -1 +0,0 @@ -../../../../lib/mimir-pre \ No newline at end of file diff --git a/fleet/s/ls/c/antu/mimir-pre b/fleet/s/ls/c/antu/mimir-pre deleted file mode 120000 index 5b8d0818c..000000000 --- a/fleet/s/ls/c/antu/mimir-pre +++ /dev/null @@ -1 +0,0 @@ -../../../../lib/mimir-pre \ No newline at end of file diff --git a/fleet/s/tu/c/pillan/mimir-pre b/fleet/s/tu/c/pillan/mimir-pre deleted file mode 120000 index 5b8d0818c..000000000 --- a/fleet/s/tu/c/pillan/mimir-pre +++ /dev/null @@ -1 +0,0 @@ -../../../../lib/mimir-pre \ No newline at end of file diff --git a/rke2/pillan/mimir/mkbuckets.sh b/rke2/pillan/mimir/mkbuckets.sh deleted file mode 100755 index f8c75eaec..000000000 --- a/rke2/pillan/mimir/mkbuckets.sh +++ /dev/null @@ -1,50 +0,0 @@ -#!/bin/bash - -set -e - -print_error() { - >&2 echo -e "$@" -} - -fail() { - local code=${2:-1} - [[ -n $1 ]] && print_error "$1" - # shellcheck disable=SC2086 - exit $code -} - -check_vars() { - local req_vars=( - AWS_ACCESS_KEY_ID - AWS_SECRET_ACCESS_KEY - ) - - local err - for v in "${req_vars[@]}"; do - [[ ! -v $v ]] && err="${err}Missing required env variable: ${v}\n" - done - - [[ -n $err ]] && fail "$err" - - # need explicit return status incase the last -z check returns 1 - return 0 -} - -check_vars - -set -x - -tmpdir=$(mktemp -d -t "$(basename BASH_SOURCE)-XXXXXXXX") -# shellcheck disable=SC2064 -trap "{ rm -rf $tmpdir; }" EXIT - -ENDPOINT='--ca-bundle /etc/ssl/certs/ca-bundle.crt --endpoint-url https://s3.pillan.tu.lsst.org' - -# shellcheck disable=SC2086 -aws s3 $ENDPOINT --region lfa mb s3://pillan-mimir -# shellcheck disable=SC2086 -aws s3 $ENDPOINT --region lfa mb s3://pillan-mimir-blocks -# shellcheck disable=SC2086 -aws s3 $ENDPOINT --region lfa mb s3://pillan-mimir-alertmanager -# shellcheck disable=SC2086 -aws s3 $ENDPOINT --region lfa mb s3://pillan-mimir-ruler diff --git a/rke2/ruka/mimir/mkbuckets.sh b/rke2/ruka/mimir/mkbuckets.sh deleted file mode 100755 index 55b8cfbe2..000000000 --- a/rke2/ruka/mimir/mkbuckets.sh +++ /dev/null @@ -1,50 +0,0 @@ -#!/bin/bash - -set -e - -print_error() { - >&2 echo -e "$@" -} - -fail() { - local code=${2:-1} - [[ -n $1 ]] && print_error "$1" - # shellcheck disable=SC2086 - exit $code -} - -check_vars() { - local req_vars=( - AWS_ACCESS_KEY_ID - AWS_SECRET_ACCESS_KEY - ) - - local err - for v in "${req_vars[@]}"; do - [[ ! -v $v ]] && err="${err}Missing required env variable: ${v}\n" - done - - [[ -n $err ]] && fail "$err" - - # need explicit return status incase the last -z check returns 1 - return 0 -} - -check_vars - -set -x - -tmpdir=$(mktemp -d -t "$(basename BASH_SOURCE)-XXXXXXXX") -# shellcheck disable=SC2064 -trap "{ rm -rf $tmpdir; }" EXIT - -ENDPOINT='--ca-bundle /etc/ssl/certs/ca-bundle.crt --endpoint-url https://s3.o11y.ruka.dev.lsst.org' - -# shellcheck disable=SC2086 -aws s3 $ENDPOINT --region o11y mb s3://ruka-mimir -# shellcheck disable=SC2086 -aws s3 $ENDPOINT --region o11y mb s3://ruka-mimir-blocks -# shellcheck disable=SC2086 -aws s3 $ENDPOINT --region o11y mb s3://ruka-mimir-alertmanager -# shellcheck disable=SC2086 -aws s3 $ENDPOINT --region o11y mb s3://ruka-mimir-ruler From 31339d37ef492405c7bb0647fb90deb2bed9193d Mon Sep 17 00:00:00 2001 From: Joshua Hoblitt Date: Wed, 13 Aug 2025 14:08:16 -0700 Subject: [PATCH 2/2] TESTING deliverator scraping --- .../overlays/dev/values.yaml | 48 +++++++++++++++++++ 1 file changed, 48 insertions(+) diff --git a/fleet/lib/kube-prometheus-stack/overlays/dev/values.yaml b/fleet/lib/kube-prometheus-stack/overlays/dev/values.yaml index 2266213b9..38d885eec 100644 --- a/fleet/lib/kube-prometheus-stack/overlays/dev/values.yaml +++ b/fleet/lib/kube-prometheus-stack/overlays/dev/values.yaml @@ -156,6 +156,54 @@ prometheus: target_label: network_function - target_label: __address__ replacement: prometheus-snmp-exporter.snmp-exporter:9116 + - job_name: deliverator-ls + scrape_interval: 100ms + puppetdb_sd_configs: + - url: https://puppetdb.ls.lsst.org:8443 + basic_auth: + username: svc_prometheus + password_file: /etc/prometheus/secrets/puppetdb/password + query: resources { type = "S3nd::Instance" } + refresh_interval: 30s + follow_redirects: true + include_parameters: true + enable_http2: true + relabel_configs: + - source_labels: [__meta_puppetdb_certname, __meta_puppetdb_parameter_port] + separator: ':' + target_label: __address__ + - source_labels: [__meta_puppetdb_certname] + target_label: instance + - source_labels: [__meta_puppetdb_parameter_port] + target_label: port + - source_labels: [__meta_puppetdb_title] + target_label: service + - target_label: site + replacement: ls + - job_name: deliverator-cp + scrape_interval: 100ms + puppetdb_sd_configs: + - url: https://puppetdb.cp.lsst.org:8443 + basic_auth: + username: svc_prometheus + password_file: /etc/prometheus/secrets/puppetdb/password + query: resources { type = "S3nd::Instance" } + refresh_interval: 30s + follow_redirects: true + include_parameters: true + enable_http2: true + relabel_configs: + - source_labels: [__meta_puppetdb_certname, __meta_puppetdb_parameter_port] + separator: ':' + target_label: __address__ + - source_labels: [__meta_puppetdb_certname] + target_label: instance + - source_labels: [__meta_puppetdb_parameter_port] + target_label: port + - source_labels: [__meta_puppetdb_title] + target_label: service + - target_label: site + replacement: cp grafana: grafana.ini: server: