diff --git a/fleet/lib/extended-ceph-exporter/Chart.yaml b/fleet/lib/extended-ceph-exporter/Chart.yaml new file mode 100644 index 000000000..9f219b651 --- /dev/null +++ b/fleet/lib/extended-ceph-exporter/Chart.yaml @@ -0,0 +1,12 @@ +annotations: + artifacthub.io/category: monitoring-logging + artifacthub.io/operator: "false" + artifacthub.io/screenshots: | + - title: RGW Bucket Usage Overview Grafana Dashboard + url: https://raw.githubusercontent.com/galexrt/extended-ceph-exporter/main/grafana/ceph-rgw-bucket-usage-overview.png +apiVersion: v2 +appVersion: v1.7.1 +description: A Helm chart for deploying the extended-ceph-exporter to Kubernetes +name: extended-ceph-exporter +type: application +version: 1.6.8 diff --git a/fleet/lib/extended-ceph-exporter/LICENSE b/fleet/lib/extended-ceph-exporter/LICENSE new file mode 100644 index 000000000..e1db3e2b6 --- /dev/null +++ b/fleet/lib/extended-ceph-exporter/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright 2022 Koor Technologies, Inc. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/fleet/lib/extended-ceph-exporter/README.md b/fleet/lib/extended-ceph-exporter/README.md new file mode 100644 index 000000000..e62629e5a --- /dev/null +++ b/fleet/lib/extended-ceph-exporter/README.md @@ -0,0 +1,109 @@ +# extended-ceph-exporter + +A Helm chart for deploying the extended-ceph-exporter to Kubernetes + +![Version: 1.6.8](https://img.shields.io/badge/Version-1.6.8-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v1.7.1](https://img.shields.io/badge/AppVersion-v1.7.1-informational?style=flat-square) + +## Get Repo Info + +```console +helm repo add extended-ceph-exporter https://galexrt.github.io/extended-ceph-exporter +helm repo update +``` + +_See [helm repo](https://helm.sh/docs/helm/helm_repo/) for command documentation._ + +## Install Chart + +To install the chart with the release name `my-release`: + +```console +helm install --namespace my-release extended-ceph-exporter/extended-ceph-exporter +``` + +The command deploys extended-ceph-exporter on the Kubernetes cluster in the default configuration. + +_See [configuration](#configuration) below._ + +_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._ + +### Development Build + +To deploy from a local build from your development environment: + +```console +cd charts/extended-ceph-exporter +helm install --namespace my-release . -f values.yaml +``` + +## Uninstall Chart + +To uninstall/delete the my-release deployment: + +```console +helm delete --namespace my-release +``` + +This removes all the Kubernetes components associated with the chart and deletes the release. + +_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._ + +## Configuration + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| additionalEnv | object | `{}` | Will be put in a Secret and used as env vars | +| affinity | object | `{}` | [Affinity](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity) | +| autoscaling | object | `{"enabled":false,"maxReplicas":100,"minReplicas":1,"targetCPUUtilizationPercentage":80}` | Autoscaling configuration | +| config.config | object | `{"cache":{"duration":"20s","enabled":false},"listenHost":":9138","logLevel":"INFO","metricsPath":"/metrics","rbd":{"cephConfig":"","pools":[]},"skipTLSVerify":false,"timeouts":{"collector":"60s","http":"55s"}}` | `config.yaml` for the exporter, make sure to checkout the `config.example.yaml` for more information | +| config.config.cache.duration | string | `"20s"` | Cache duration in seconds | +| config.config.cache.enabled | bool | `false` | Enable metrics caching to reduce load | +| config.config.listenHost | string | `":9138"` | Exporter listen host | +| config.config.metricsPath | string | `"/metrics"` | Set the metrics endpoint path | +| config.config.rbd.cephConfig | string | `""` | Ceph Config file to read (if left empty will read default Ceph config file) | +| config.config.rbd.pools | list | `[]` | List of namespaces and pools to collect RBD related metrics from | +| config.config.skipTLSVerify | bool | `false` | Skip TLS cert verification globally | +| config.mountConfig | bool | `true` | Disable to mount your own `config.yaml` at `/config`. If disabled a volume and volumeMount are required! | +| config.mountRealms | bool | `true` | Disable to mount your own `realms.yaml` at `/realms`. If disabled a volume and volumeMount are required! | +| config.rgwRealms | object | `{"realms":[{"accessKey":"$RGW_ACCESS_KEY","host":"$RGW_HOST","name":"default","secretKey":"$RGW_SECRET_KEY","skipTLSVerify":false}]}` | `realms.yaml` exporter RGW Realms config. If left empty will attempt to detect **one** existing Rook CephObjectStore as a target. | +| config.rgwRealms.realms[0] | object | `{"accessKey":"$RGW_ACCESS_KEY","host":"$RGW_HOST","name":"default","secretKey":"$RGW_SECRET_KEY","skipTLSVerify":false}` | RGW Realm name (used in metrics as a label) | +| config.rgwRealms.realms[0].accessKey | string | `"$RGW_ACCESS_KEY"` | RGW S3 access key | +| config.rgwRealms.realms[0].host | string | `"$RGW_HOST"` | The Ceph RGW endpoint as a URL, e.g. "https://your-ceph-rgw-endpoint-here:8443". Env vars can will be substitued. | +| config.rgwRealms.realms[0].secretKey | string | `"$RGW_SECRET_KEY"` | RGW S3 secret key | +| config.rgwRealms.realms[0].skipTLSVerify | bool | `false` | Skip tls verify for this RGW endpoint | +| extraObjects | list | `[]` | Extra objects to deploy (value evaluated as a template) | +| fullnameOverride | string | `""` | Override fully-qualified app name | +| image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. | +| nameOverride | string | `""` | Override chart name | +| nodeSelector | object | `{}` | [Create a pod that gets scheduled to your chosen node](https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes/#create-a-pod-that-gets-scheduled-to-your-chosen-node) | +| podAnnotations | object | `{}` | Annotations to add to the pod | +| podSecurityContext | object | `{}` | [Pod security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) | +| postInstallJob.enabled | bool | `true` | If enabled, will create a rgw admin user `extended-ceph-exporter` either on Rook/Ceph cluster pre upgrade (when having extended-ceph-exporter as a helm dependency) or on post install of extended-ceph-exporter(needs existing Rook/Ceph cluster). This user will be used for extended ceph metrics. | +| postInstallJob.rgw | object | `{"accessKey":null,"existingSecret":{"keys":{"access":"access","secret":"secret"},"name":""},"host":"","secretKey":null}` | RGW Realms config and options | +| postInstallJob.rgw.accessKey | string | Randomly generated | RGW admin access key | +| postInstallJob.rgw.existingSecret | object | `{"keys":{"access":"access","secret":"secret"},"name":""}` | Existing RGW admin credentials secret config | +| postInstallJob.rgw.existingSecret.keys.access | string | `"access"` | Access key secret key name | +| postInstallJob.rgw.existingSecret.keys.secret | string | `"secret"` | Secret key secret key name | +| postInstallJob.rgw.existingSecret.name | string | `""` | Name of the existing RGW admin credentials secret | +| postInstallJob.rgw.host | string | First detected RGW endpoint | The Ceph RGW endpoint as a URL, e.g. "https://your-ceph-rgw-endpoint-here:8443" | +| postInstallJob.rgw.secretKey | string | Randomly generated | RGW admin secret key | +| priorityClassName | string | `""` | [Pod priority class](https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/) | +| prometheusRule.additionalLabels | object | `{}` | Additional Labels for the PrometheusRule object | +| prometheusRule.enabled | bool | `false` | Specifies whether a prometheus-operator PrometheusRule should be created | +| prometheusRule.rules | prometheusrules.monitoring.coreos.com | `[]` | | +| replicaCount | int | `1` | Number of replicas of the exporter | +| resources | object | `{"limits":{"cpu":"125m","memory":"150Mi"},"requests":{"cpu":"25m","memory":"150Mi"}}` | These are sane defaults for "small" object storages | +| securityContext | object | `{}` | [Security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) | +| service.port | int | `9138` | | +| service.type | string | `"ClusterIP"` | | +| serviceAccount.annotations | object | `{}` | Annotations to add to the service account | +| serviceAccount.create | bool | `true` | Specifies whether a service account should be created | +| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | +| serviceMonitor.additionalLabels | object | `{}` | Additional Labels for the ServiceMonitor object | +| serviceMonitor.enabled | bool | `false` | Specifies whether a prometheus-operator ServiceMonitor should be created | +| serviceMonitor.namespaceSelector | string | `nil` | | +| serviceMonitor.scrapeInterval | duration | `"30s"` | Interval at which metrics should be scraped | +| serviceMonitor.scrapeTimeout | duration | `"20s"` | Timeout for scraping | +| tolerations | list | `[]` | [Tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) | +| volumeMounts | list | `[]` | Extra volume mounts to add to the deployment | +| volumes | list | `[]` | Extra volumes to add to the deployment | diff --git a/fleet/lib/extended-ceph-exporter/README.md.gotmpl b/fleet/lib/extended-ceph-exporter/README.md.gotmpl new file mode 100644 index 000000000..80cdf5cec --- /dev/null +++ b/fleet/lib/extended-ceph-exporter/README.md.gotmpl @@ -0,0 +1,54 @@ +{{ template "chart.header" . }} +{{ template "chart.description" . }} + +{{ template "chart.badgesSection" . }} + +## Get Repo Info + +```console +helm repo add extended-ceph-exporter https://galexrt.github.io/extended-ceph-exporter +helm repo update +``` + +_See [helm repo](https://helm.sh/docs/helm/helm_repo/) for command documentation._ + +## Install Chart + +To install the chart with the release name `my-release`: + +```console +helm install --namespace my-release extended-ceph-exporter/extended-ceph-exporter +``` + +The command deploys extended-ceph-exporter on the Kubernetes cluster in the default configuration. + +_See [configuration](#configuration) below._ + +_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._ + +### Development Build + +To deploy from a local build from your development environment: + +```console +cd charts/extended-ceph-exporter +helm install --namespace my-release . -f values.yaml +``` + +## Uninstall Chart + +To uninstall/delete the my-release deployment: + +```console +helm delete --namespace my-release +``` + +This removes all the Kubernetes components associated with the chart and deletes the release. + +_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._ + +{{ template "chart.requirementsSection" . }} + +## Configuration + +{{ template "chart.valuesTable" . }} diff --git a/fleet/lib/extended-ceph-exporter/fleet.yaml b/fleet/lib/extended-ceph-exporter/fleet.yaml index ea3824dce..9eae76974 100644 --- a/fleet/lib/extended-ceph-exporter/fleet.yaml +++ b/fleet/lib/extended-ceph-exporter/fleet.yaml @@ -5,10 +5,12 @@ labels: namespaceLabels: lsst.io/discover: "true" helm: - chart: *name + # chart: *name releaseName: *name - repo: https://galexrt.github.io/extended-ceph-exporter - version: 1.6.8 + # repo: https://galexrt.github.io/extended-ceph-exporter + # version: 1.6.8 + takeOwnership: true + timeoutSeconds: 60 waitForJobs: true values: serviceMonitor: @@ -16,13 +18,20 @@ helm: additionalLabels: lsst.io/monitor: "true" config: - rgw: - host: http://rook-ceph-rgw-lfa:80 - existingSecret: - name: rook-ceph-object-user-lfa-extended-ceph-exporter - keys: - access: AccessKey - secret: SecretKey + config: + logLevel: DEBUG + mountRealms: false + postpostInstallJob: + enabled: false + volumes: + - name: realms-config + secret: + secretName: extended-ceph-exporter-realms + volumeMounts: + - name: realms-config + mountPath: "/realms" + readOnly: true + dependsOn: - selector: matchLabels: diff --git a/fleet/lib/extended-ceph-exporter/templates/NOTES.txt b/fleet/lib/extended-ceph-exporter/templates/NOTES.txt new file mode 100644 index 000000000..bf6e73409 --- /dev/null +++ b/fleet/lib/extended-ceph-exporter/templates/NOTES.txt @@ -0,0 +1,16 @@ +1. Get the application URL by running these commands: +{{- if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "extended-ceph-exporter.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "extended-ceph-exporter.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "extended-ceph-exporter.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "extended-ceph-exporter.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:9138 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 9138:$CONTAINER_PORT +{{- end }} diff --git a/fleet/lib/extended-ceph-exporter/templates/_helpers.tpl b/fleet/lib/extended-ceph-exporter/templates/_helpers.tpl new file mode 100644 index 000000000..d1c57bbc7 --- /dev/null +++ b/fleet/lib/extended-ceph-exporter/templates/_helpers.tpl @@ -0,0 +1,87 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "extended-ceph-exporter.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "extended-ceph-exporter.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "extended-ceph-exporter.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "extended-ceph-exporter.labels" -}} +helm.sh/chart: {{ include "extended-ceph-exporter.chart" . }} +{{ include "extended-ceph-exporter.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "extended-ceph-exporter.selectorLabels" -}} +app.kubernetes.io/name: {{ include "extended-ceph-exporter.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "extended-ceph-exporter.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "extended-ceph-exporter.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{/* +RGW Host value +*/}} +{{- define "extended-ceph-exporter.rgwHost" -}} +{{- with .Values.postInstallJob.rgw.host }} +{{- $.Values.postInstallJob.rgw.host }} +{{- else }} +{{- $cephobjs := (lookup "ceph.rook.io/v1" "CephObjectStore" "" "").items }} +{{- with $cephobjs }} +{{- (first $cephobjs).status.info.endpoint }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Renders a structure, even values that contain template functions/logic. +*/}} +{{- define "app.render" -}} + {{- if typeIs "string" .value }} + {{- tpl .value .context }} + {{ else }} + {{- tpl (.value | toYaml) .context }} + {{- end }} +{{- end -}} diff --git a/fleet/lib/extended-ceph-exporter/templates/deployment.yaml b/fleet/lib/extended-ceph-exporter/templates/deployment.yaml new file mode 100644 index 000000000..4861841c7 --- /dev/null +++ b/fleet/lib/extended-ceph-exporter/templates/deployment.yaml @@ -0,0 +1,98 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "extended-ceph-exporter.fullname" . }} + labels: + {{- include "extended-ceph-exporter.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "extended-ceph-exporter.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + checksum/additional-env: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }} + {{- with .Values.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "extended-ceph-exporter.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if .Values.priorityClassName }} + priorityClassName: {{ .Values.priorityClassName | quote }} + {{- end }} + serviceAccountName: {{ include "extended-ceph-exporter.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + envFrom: + - secretRef: + name: {{ include "extended-ceph-exporter.fullname" . }}-env + {{- with .Values.additionalEnv }} + env: + {{- range $k, $v := . }} + - name: {{ $k | quote }} + value: {{ $v | b64enc }} + {{- end }} + {{- end }} + ports: + - name: http-metrics + containerPort: 9138 + protocol: TCP + livenessProbe: + httpGet: + path: / + port: http-metrics + readinessProbe: + httpGet: + path: / + port: http-metrics + {{- with .Values.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + volumeMounts: + {{- if .Values.config.mountConfig }} + - name: config + mountPath: /config + readOnly: true + {{- end }} + {{- if .Values.volumeMounts }} + {{- toYaml .Values.volumeMounts | nindent 12 }} + {{- end }} + {{- with .Values.sidecars }} + {{- toYaml .Values.sidecars | nindent 8 }} + {{- end }} + volumes: + {{- if .Values.config.mountConfig }} + - name: config + secret: + secretName: {{ include "extended-ceph-exporter.fullname" . }}-config + {{- end }} + {{- if .Values.volumes }} + {{- toYaml .Values.volumes | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/fleet/lib/extended-ceph-exporter/templates/extra-objects.yaml b/fleet/lib/extended-ceph-exporter/templates/extra-objects.yaml new file mode 100644 index 000000000..8378d323b --- /dev/null +++ b/fleet/lib/extended-ceph-exporter/templates/extra-objects.yaml @@ -0,0 +1,4 @@ +{{- range .Values.extraObjects }} +--- +{{ include "app.render" (dict "value" . "context" $) }} +{{- end }} diff --git a/fleet/lib/extended-ceph-exporter/templates/hpa.yaml b/fleet/lib/extended-ceph-exporter/templates/hpa.yaml new file mode 100644 index 000000000..b653a75c9 --- /dev/null +++ b/fleet/lib/extended-ceph-exporter/templates/hpa.yaml @@ -0,0 +1,28 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2beta1 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "extended-ceph-exporter.fullname" . }} + labels: + {{- include "extended-ceph-exporter.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "extended-ceph-exporter.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/fleet/lib/extended-ceph-exporter/templates/post-install-job.yaml b/fleet/lib/extended-ceph-exporter/templates/post-install-job.yaml new file mode 100644 index 000000000..f43af0c9d --- /dev/null +++ b/fleet/lib/extended-ceph-exporter/templates/post-install-job.yaml @@ -0,0 +1,133 @@ +{{- if .Values.postInstallJob.enabled }} +apiVersion: batch/v1 +kind: Job +metadata: + name: extended-ceph-exporter + labels: + app.kubernetes.io/managed-by: {{ .Release.Service | quote }} + app.kubernetes.io/instance: {{ .Release.Name | quote }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + annotations: + # This is what defines this resource as a hook. Without this line, the + # job is considered part of the release. + "helm.sh/hook": "post-install,post-upgrade" + "helm.sh/hook-weight": "-5" + "helm.sh/hook-delete-policy": before-hook-creation +spec: + template: + metadata: + name: "{{ .Release.Name }}" + labels: + helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + spec: + restartPolicy: Never + initContainers: + - name: rook-ceph-config + image: "{{ .Values.postInstallJob.image.repository }}:{{ .Values.postInstallJob.image.tag }}" + imagePullPolicy: {{ .Values.postInstallJob.image.pullPolicy }} + command: + - /bin/bash + - -c + - | + # Replicate the script from toolbox.sh inline so the ceph image + # can be run directly, instead of requiring the rook toolbox + CEPH_CONFIG="/etc/ceph/ceph.conf" + MON_CONFIG="/etc/rook/mon-endpoints" + KEYRING_FILE="/etc/ceph/keyring" + + # create a ceph config file in its default location so ceph/rados tools can be used + # without specifying any arguments + write_endpoints() { + endpoints=$(cat ${MON_CONFIG}) + + # filter out the mon names + # external cluster can have numbers or hyphens in mon names, handling them in regex + # shellcheck disable=SC2001 + mon_endpoints=$(echo "${endpoints}"| sed 's/[a-z0-9_-]\+=//g') + + DATE=$(date) + echo "$DATE writing mon endpoints to ${CEPH_CONFIG}: ${endpoints}" + cat < ${CEPH_CONFIG} + [global] + mon_host = ${mon_endpoints} + + [client.admin] + keyring = ${KEYRING_FILE} + EOF + } + + # create the keyring file + cat < ${KEYRING_FILE} + [${ROOK_CEPH_USERNAME}] + key = ${ROOK_CEPH_SECRET} + EOF + + # write the initial config file + write_endpoints + env: + - name: ROOK_CEPH_USERNAME + valueFrom: + secretKeyRef: + name: rook-ceph-mon + key: ceph-username + - name: ROOK_CEPH_SECRET + valueFrom: + secretKeyRef: + name: rook-ceph-mon + key: ceph-secret + volumeMounts: + - mountPath: /etc/ceph + name: ceph-config + - name: mon-endpoint-volume + mountPath: /etc/rook + containers: + - name: rgw-creds-setup + image: "{{ .Values.postInstallJob.image.repository }}:{{ .Values.postInstallJob.image.tag }}" + imagePullPolicy: {{ .Values.postInstallJob.image.pullPolicy }} + env: + - name: RGW_ACCESS_KEY + valueFrom: + secretKeyRef: + {{- if .Values.postInstallJob.rgw.existingSecret.name }} + name: {{ .Values.postInstallJob.rgw.existingSecret.name | quote }} + key: {{ .Values.postInstallJob.rgw.existingSecret.keys.access | quote }} + {{ else }} + name: {{ include "extended-ceph-exporter.fullname" . }}-env + key: RGW_ACCESS_KEY + {{- end }} + - name: RGW_SECRET_KEY + valueFrom: + secretKeyRef: + {{- if .Values.postInstallJob.rgw.existingSecret.name }} + name: {{ .Values.postInstallJob.rgw.existingSecret.name | quote }} + key: {{ .Values.postInstallJob.rgw.existingSecret.keys.secret | quote }} + {{ else }} + name: {{ include "extended-ceph-exporter.fullname" . }}-env + key: RGW_SECRET_KEY + {{- end }} + command: + - /bin/bash + - -c + - | + if radosgw-admin user list | grep -q '"extended-ceph-exporter"'; then + radosgw-admin user rm --uid extended-ceph-exporter + fi + radosgw-admin user create --uid extended-ceph-exporter \ + --display-name "extended-ceph-exporter admin user" \ + --caps "buckets=read;users=read;usage=read;metadata=read;zone=read" \ + --access-key=$(RGW_ACCESS_KEY) \ + --secret-key=$(RGW_SECRET_KEY) &> /dev/null + volumeMounts: + - mountPath: /etc/ceph + name: ceph-config + volumes: + - name: mon-endpoint-volume + configMap: + name: rook-ceph-mon-endpoints + items: + - key: data + path: mon-endpoints + - name: ceph-config + emptyDir: {} +{{- end }} diff --git a/fleet/lib/extended-ceph-exporter/templates/prometheusrule.yaml b/fleet/lib/extended-ceph-exporter/templates/prometheusrule.yaml new file mode 100644 index 000000000..57a82a457 --- /dev/null +++ b/fleet/lib/extended-ceph-exporter/templates/prometheusrule.yaml @@ -0,0 +1,20 @@ +{{- if .Values.prometheusRule.enabled -}} +apiVersion: monitoring.coreos.com/v1 +kind: PrometheusRule +metadata: + name: {{ include "extended-ceph-exporter.fullname" . }} +{{- if .Values.prometheusRule.namespace }} + namespace: {{ .Values.prometheusRule.namespace }} +{{- end }} + labels: + {{- include "extended-ceph-exporter.labels" . | nindent 4 }} + {{- if .Values.prometheusRule.additionalLabels }} + {{- toYaml .Values.prometheusRule.additionalLabels | nindent 4 }} + {{- end }} +spec: +{{- if .Values.prometheusRule.rules }} + groups: + - name: {{ template "extended-ceph-exporter.name" . }} + rules: {{- toYaml .Values.prometheusRule.rules | nindent 4 }} +{{- end }} +{{- end }} diff --git a/fleet/lib/extended-ceph-exporter/templates/secrets.yaml b/fleet/lib/extended-ceph-exporter/templates/secrets.yaml new file mode 100644 index 000000000..ed93e3db7 --- /dev/null +++ b/fleet/lib/extended-ceph-exporter/templates/secrets.yaml @@ -0,0 +1,40 @@ +{{- if .Values.config.mountConfig }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "extended-ceph-exporter.fullname" . }}-config + labels: + {{- include "extended-ceph-exporter.labels" . | nindent 4 }} +data: + config.yaml: {{ toYaml .Values.config.config | b64enc }} +{{- end }} +{{- if .Values.config.mountRealms }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "extended-ceph-exporter.fullname" . }}-realms + labels: + {{- include "extended-ceph-exporter.labels" . | nindent 4 }} +data: + realms.yaml: {{ toYaml .Values.config.rgwRealms | b64enc }} +{{- end }} +{{- if .Values.postInstallJob.enabled }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "extended-ceph-exporter.fullname" . }}-env + labels: + {{- include "extended-ceph-exporter.labels" . | nindent 4 }} +data: + RGW_HOST: {{ include "extended-ceph-exporter.rgwHost" . | b64enc }} +{{- if not .Values.postInstallJob.rgw.existingSecret.name }} + RGW_ACCESS_KEY: {{ .Values.postInstallJob.rgw.accessKey | default (randAlphaNum 20) | b64enc }} + RGW_SECRET_KEY: {{ .Values.postInstallJob.rgw.secretKey | default (randAlphaNum 40) | b64enc }} +{{- end }} + +{{- range $k, $v := .Values.additionalEnv }} + {{ $k | quote }}: {{ $v | b64enc }} +{{- end }} +{{- end }} diff --git a/fleet/lib/extended-ceph-exporter/templates/service.yaml b/fleet/lib/extended-ceph-exporter/templates/service.yaml new file mode 100644 index 000000000..4aafc1511 --- /dev/null +++ b/fleet/lib/extended-ceph-exporter/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "extended-ceph-exporter.fullname" . }} + labels: + {{- include "extended-ceph-exporter.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http-metrics + protocol: TCP + name: http-metrics + selector: + {{- include "extended-ceph-exporter.selectorLabels" . | nindent 4 }} diff --git a/fleet/lib/extended-ceph-exporter/templates/serviceaccount.yaml b/fleet/lib/extended-ceph-exporter/templates/serviceaccount.yaml new file mode 100644 index 000000000..7810e61ff --- /dev/null +++ b/fleet/lib/extended-ceph-exporter/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "extended-ceph-exporter.serviceAccountName" . }} + labels: + {{- include "extended-ceph-exporter.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/fleet/lib/extended-ceph-exporter/templates/servicemonitor.yaml b/fleet/lib/extended-ceph-exporter/templates/servicemonitor.yaml new file mode 100644 index 000000000..4d8bb2e04 --- /dev/null +++ b/fleet/lib/extended-ceph-exporter/templates/servicemonitor.yaml @@ -0,0 +1,41 @@ +{{- if .Values.serviceMonitor.enabled -}} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "extended-ceph-exporter.fullname" . }} +{{- if .Values.serviceMonitor.namespace }} + namespace: {{ .Values.serviceMonitor.namespace }} +{{- end }} + labels: + {{- include "extended-ceph-exporter.labels" . | nindent 4 }} + {{- if .Values.serviceMonitor.additionalLabels }} + {{- toYaml .Values.serviceMonitor.additionalLabels | nindent 4 }} + {{- end }} +spec: + endpoints: + - port: http-metrics + interval: {{ .Values.serviceMonitor.scrapeInterval }} + scrapeTimeout: {{ .Values.serviceMonitor.scrapeTimeout }} + {{- if .Values.serviceMonitor.honorLabels }} + honorLabels: true + {{- end }} + {{- if .Values.serviceMonitor.metricRelabelings }} + metricRelabelings: {{ toYaml .Values.serviceMonitor.metricRelabelings | nindent 8 }} + {{- end }} +{{- if .Values.serviceMonitor.namespaceSelector }} + namespaceSelector: {{ toYaml .Values.serviceMonitor.namespaceSelector | nindent 4 }} +{{ else }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} +{{- end }} +{{- if .Values.serviceMonitor.targetLabels }} + targetLabels: + {{- range .Values.serviceMonitor.targetLabels }} + - {{ . }} + {{- end }} +{{- end }} + selector: + matchLabels: + {{- include "extended-ceph-exporter.selectorLabels" . | nindent 6 }} +{{- end }} diff --git a/fleet/lib/extended-ceph-exporter/templates/tests/test-connection.yaml b/fleet/lib/extended-ceph-exporter/templates/tests/test-connection.yaml new file mode 100644 index 000000000..f23c5ea9e --- /dev/null +++ b/fleet/lib/extended-ceph-exporter/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "extended-ceph-exporter.fullname" . }}-test-connection" + labels: + {{- include "extended-ceph-exporter.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "extended-ceph-exporter.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/fleet/lib/extended-ceph-exporter/values.yaml b/fleet/lib/extended-ceph-exporter/values.yaml new file mode 100644 index 000000000..ab39317d1 --- /dev/null +++ b/fleet/lib/extended-ceph-exporter/values.yaml @@ -0,0 +1,245 @@ +# Default values for extended-ceph-exporter. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +# -- Number of replicas of the exporter +replicaCount: 1 + +image: + # @ignore + repository: docker.io/galexrt/extended-ceph-exporter + # @ignore + pullPolicy: IfNotPresent + # -- Overrides the image tag whose default is the chart appVersion. + tag: "" + +# @ignore +imagePullSecrets: [] +# -- Override chart name +nameOverride: "" +# -- Override fully-qualified app name +fullnameOverride: "" + +serviceAccount: + # -- Specifies whether a service account should be created + create: true + # -- Annotations to add to the service account + annotations: {} + # -- The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +# -- [Pod priority class](https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/) +priorityClassName: "" + +# -- Annotations to add to the pod +podAnnotations: {} + +# -- [Pod security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) +podSecurityContext: + {} + # fsGroup: 2000 + +# -- [Security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) +securityContext: + {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +# @ignore +sidecars: [] + +service: + type: ClusterIP + port: 9138 + +# -- These are sane defaults for "small" object storages +resources: + limits: + cpu: 125m + memory: 150Mi + requests: + cpu: 25m + memory: 150Mi + +# -- Autoscaling configuration +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# -- [Create a pod that gets scheduled to your chosen node](https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes/#create-a-pod-that-gets-scheduled-to-your-chosen-node) +nodeSelector: {} + +# -- [Tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) +tolerations: [] + +# -- [Affinity](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity) +affinity: {} + +serviceMonitor: + # -- Specifies whether a prometheus-operator ServiceMonitor should be created + enabled: false + # -- Additional Labels for the ServiceMonitor object + additionalLabels: {} + #namespace: "monitoring" + namespaceSelector: + # Default: scrape .Release.Namespace only + # To scrape all, use the following: + # matchNames: + # - monitoring + # any: true + # -- (duration) Interval at which metrics should be scraped + scrapeInterval: 30s + # -- (duration) Timeout for scraping + scrapeTimeout: 20s + # honorLabels: true + +prometheusRule: + # -- Specifies whether a prometheus-operator PrometheusRule should be created + enabled: false + # -- Additional Labels for the PrometheusRule object + additionalLabels: {} + # Default: .Release.Namespace + # namespace: "" + # prometheusRule.rules # Checkout the file for example alerts + # -- (prometheusrules.monitoring.coreos.com) + rules: [] + +config: + # -- Disable to mount your own `config.yaml` at `/config`. If disabled a volume and volumeMount are required! + mountConfig: true + + # -- `config.yaml` for the exporter, make sure to checkout the `config.example.yaml` for more information + config: + # Set log level + logLevel: "INFO" + # -- Exporter listen host + listenHost: ":9138" + # -- Set the metrics endpoint path + metricsPath: "/metrics" + + # -- Skip TLS cert verification globally + skipTLSVerify: false + + timeouts: + # Context timeout for collecting metrics per collector + collector: "60s" + # HTTP request timeout for collecting metrics for RGW API HTTP client + http: "55s" + + cache: + # -- Enable metrics caching to reduce load + enabled: false + # -- Cache duration in seconds + duration: "20s" + + rbd: + # -- Ceph Config file to read (if left empty will read default Ceph config file) + cephConfig: "" + # -- List of namespaces and pools to collect RBD related metrics from + pools: [] # empty list = all pools and namespaces + # - name: my_pool + # namespaces: [] # empty list = all namespaces + # # - my_namespace # only namespaces listed in the list + + # -- Disable to mount your own `realms.yaml` at `/realms`. If disabled a volume and volumeMount are required! + mountRealms: true + # -- `realms.yaml` exporter RGW Realms config. If left empty will attempt to detect **one** existing Rook CephObjectStore as a target. + rgwRealms: + realms: + # -- RGW Realm name (used in metrics as a label) + - name: default + # -- The Ceph RGW endpoint as a URL, e.g. "https://your-ceph-rgw-endpoint-here:8443". Env vars can will be substitued. + host: "$RGW_HOST" # By default only available when the `postInstallJob` below is enabled. + # -- RGW S3 access key + accessKey: "$RGW_ACCESS_KEY" # By default only available when the `postInstallJob` below is enabled. + # -- RGW S3 secret key + secretKey: "$RGW_SECRET_KEY" # By default only available when the `postInstallJob` below is enabled. + # -- Skip tls verify for this RGW endpoint + skipTLSVerify: false + ## Multiple realms can be specified + #- name: example2 + # host: "https://your-rgw-host.example.com:8443" + # accessKey: "YOUR_ACCESS_KEY" + # secretKey: "YOUR_SECRET_KEY" + # skipTLSVerify: false + +# -- Will be put in a Secret and used as env vars +additionalEnv: {} + +postInstallJob: + # -- If enabled, will create a rgw admin user `extended-ceph-exporter` either on + # Rook/Ceph cluster pre upgrade (when having extended-ceph-exporter as a helm + # dependency) or on post install of extended-ceph-exporter(needs existing + # Rook/Ceph cluster). This user will be used for extended ceph metrics. + enabled: true + # @ignore + image: + repository: quay.io/ceph/ceph + pullPolicy: IfNotPresent + tag: v17.2.8 + # -- RGW Realms config and options + rgw: + # -- The Ceph RGW endpoint as a URL, e.g. "https://your-ceph-rgw-endpoint-here:8443" + # @default -- First detected RGW endpoint + host: "" + # -- Existing RGW admin credentials secret config + existingSecret: + # -- Name of the existing RGW admin credentials secret + name: "" + keys: + # -- Access key secret key name + access: "access" + # -- Secret key secret key name + secret: "secret" + # -- RGW admin access key + # @default -- Randomly generated + accessKey: null + # -- RGW admin secret key + # @default -- Randomly generated + secretKey: null + +# -- Extra volumes to add to the deployment +volumes: [] +# - name: realms-config +# projected: +# sources: +# - secret: +# name: your-realms-config-secret +# items: +# - key: realms.yaml +# path: realms.yaml +# mode: 600 + +# -- Extra volume mounts to add to the deployment +volumeMounts: [] +# - name: realms-config +# mountPath: "/realms" +# readOnly: true + +# -- Extra objects to deploy (value evaluated as a template) +extraObjects: [] +# Example secret for realms config +# - apiVersion: v1 +# kind: Secret +# metadata: +# name: realms-config +# data: +# # See https://github.com/galexrt/extended-ceph-exporter/blob/main/realms.example.yaml +# realms.yaml: | +# realms: +# - name: example1 +# host: your-rgw-host.example.com +# accessKey: YOUR_ACCESS_KEY +# secretKey: YOUR_SECRET_KEY +# - name: example2 +# host: your-rgw-host.example.com +# accessKey: YOUR_ACCESS_KEY +# secretKey: YOUR_SECRET_KEY diff --git a/fleet/lib/rook-ceph-conf/charts/ruka/templates/cephobjectstoreuser-extended-ceph-exporter.yaml b/fleet/lib/rook-ceph-conf/charts/ruka/templates/cephobjectstoreuser-extended-ceph-exporter.yaml new file mode 100644 index 000000000..976acb607 --- /dev/null +++ b/fleet/lib/rook-ceph-conf/charts/ruka/templates/cephobjectstoreuser-extended-ceph-exporter.yaml @@ -0,0 +1,32 @@ +--- +apiVersion: ceph.rook.io/v1 +kind: CephObjectStoreUser +metadata: + name: extended-ceph-exporter-lfa + namespace: rook-ceph +spec: + store: lfa + clusterNamespace: rook-ceph + displayName: extended-ceph-exporter + capabilities: + buckets: read + users: read + usage: read + metadata: read + zone: read +--- +apiVersion: ceph.rook.io/v1 +kind: CephObjectStoreUser +metadata: + name: extended-ceph-exporter-o11y + namespace: rook-ceph +spec: + store: o11y + clusterNamespace: rook-ceph + displayName: extended-ceph-exporter + capabilities: + buckets: read + users: read + usage: read + metadata: read + zone: read diff --git a/fleet/s/dev/c/ruka/extended-ceph-exporter b/fleet/s/dev/c/ruka/extended-ceph-exporter new file mode 120000 index 000000000..ae1db4c2f --- /dev/null +++ b/fleet/s/dev/c/ruka/extended-ceph-exporter @@ -0,0 +1 @@ +../../../../lib/extended-ceph-exporter \ No newline at end of file