Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump to kube stack 58.4.0 & prepare for deprecation of cattle.monitoring.io #42

Merged
merged 31 commits into from
Nov 6, 2024
Merged

Bump to kube stack 58.4.0 & prepare for deprecation of cattle.monitoring.io #42

merged 31 commits into from
Nov 6, 2024

Conversation

puffitos
Copy link
Member

@puffitos puffitos commented Oct 16, 2024
edited
Loading

Motivation

To update the prometheus stack components, which were severely outdated and prepare the monitoring chart up to speed with the deprecation of the monitoring.cattle.io API group, which won't be used in the future (see caas-team/prometheus-auth#19)

Changes

  • Changed RBAC to not use the deprecated apiGroup
  • Radically minimized the values.yaml file, which had hundreds of default values from the kube-prometheus helm chart
  • Possibility to make chart (a la caas-cluster-monitoring)
  • Template README for the values
  • Split the README files up, so they make for a little bit of easier reading

TODO

  • Post a diff of the generated manifests with the old yaml and the current one (should be similar, according to the step by step tests and commits I've done)

Features

  • Update to kube-prometheus-stack 58.4.0
  • Update to grafana-7.3.9 chart
  • New Prometheus Rules:
    • container-cpu-usage-seconds-total
    • container-memory-cache
    • container-memory-rss
    • container-memory-swap
    • container-memory-working-set-bytes
    • container-resource
    • pod-owner

A new, final target_matchers in the inhibit_rules for AlertmanagerConfig, to inhibit more Alerts:

- target_matchers:
  - alertname = InfoInhibitor

Deprecation Warning

** This project monitoring version won't work with older versions of caas-cluster-monitoring (< 0.0.13).**

The ServiceAccount isn't allowed to view prometheus.monitoring.cattle.io, but only prometheus.monitoring.coreos.com. This is part of a bigger deprecation we're doing to remove this non-existent API Group from our monitoring stack.

Smaller changes

  • kubeprometheusstack/k8s-sidecar updated to 1.26.1
  • probes are now selected as well based on the project name label
  • field.cattle.io/projectId added as label to many resources

Other changes, not important for release notes

  • #magic___^_^___line added to alertmanager config (autoformatting, nothing to worry about, was the same in caas-cluster-monitoring) -> we should move the template to a file.
  • CPUThrottlingHigh, KubePersistentVolumeFillingUp, KubePersistentVolumeInodesFillingUp, rules aggregate on cluster as well (this may break the rule, nothing we can do here)

The following prom rules were also changed:

  • PrometheusNotIngestingSamples
  • AlertmanagerFailedToSendAlerts
  • AlertmanagerClusterFailedToSendAlerts

Tests done

A previous version (which was exactly similar to this one) is already running in our dev clusters. Still open:

  • E2E deployment of this version, so assert compatibility with new prometheus-auth

puffitos added 30 commits October 1, 2024 13:40
@puffitos
docs: simplified docs
f6ee4dc 
Updated the heavily outdated docs and simplified the structure of the
documentation.
@puffitos
feat: added Makefile
d727ccf 
added makefile to bundle chart
@puffitos
chore: bumped to kube-prometheus-stack 58.4.0
e5fbcfa 
Updated chart to use the same version as the latest
caas-cluster-monitoring chart
@puffitos
chore: sensible values.yaml
03f9cf5 
Removed comments, old values, wrong values. The new values won't deploy
a fully working project-monitoring (the old ones didn't either), but now
it's hopefully clearer what each value does.

An installation via the UI should possibly even work now, since the CRDs
were removed from the chart completely.
@puffitos
docs: moved app-readme to own folder
9aae07a
@puffitos
docs: automated README
796cb02
@puffitos
chore: removed unneeded helm values
89f151c
@puffitos
chore: removed some grafana values
afe8ae8 
Signed-off-by: Bruno Bressi <[email protected]>
@puffitos
chore: removed unneeded servicemonitor grafana values
c512f6e 
Signed-off-by: Bruno Bressi <[email protected]>
@puffitos
chore: removed uneeded ingress section
0a96a9f 
Signed-off-by: Bruno Bressi <[email protected]>
@puffitos
chore: removed uneeded ingressPerReplica section
de972d0 
Signed-off-by: Bruno Bressi <[email protected]>
@puffitos
chore: explained serviceaccounts and added one to grafana
696d527 
Signed-off-by: Bruno Bressi <[email protected]>
@puffitos
chore: removed unneeded service prometheus section
c289bb5 
Signed-off-by: Bruno Bressi <[email protected]>
@puffitos
chore: removed unneeded servicePerReplica prometheus section
ae9c214 
Signed-off-by: Bruno Bressi <[email protected]>
@puffitos
chore: run make chart
5889882 
Signed-off-by: Bruno Bressi <[email protected]>
@puffitos
chore: removed prometheus image
bc9fb90 
Signed-off-by: Bruno Bressi <[email protected]>
@puffitos
chore: removed some uneeded prometheusSpec fields
f39f02f 
Signed-off-by: Bruno Bressi <[email protected]>
@puffitos
chore: removed more uneeded prometheusSpec fields
18a058a 
Signed-off-by: Bruno Bressi <[email protected]>
@puffitos
chore: removed even more uneeded prometheusSpec fields
85c281f 
Signed-off-by: Bruno Bressi <[email protected]>
@puffitos
chore: added standard selector
77f0923 
Signed-off-by: Bruno Bressi <[email protected]>
@puffitos
chore: removed some more fields which are unneeded
951fdab 
Signed-off-by: Bruno Bressi <[email protected]>
@puffitos
chore: removed prometheusspec fields which are not needed
3a0696f 
Signed-off-by: Bruno Bressi <[email protected]>
@puffitos
chore: removed volume related fields
78d11f8 
Signed-off-by: Bruno Bressi <[email protected]>
@puffitos
chore: added default selectors
80a3d72 
Signed-off-by: Bruno Bressi <[email protected]>
@puffitos
chore: added default selectors and documented usage
77026e9 
Signed-off-by: Bruno Bressi <[email protected]>
@puffitos
fix: proper build of dependend charts
afce1ce 
Signed-off-by: Bruno Bressi <[email protected]>
@puffitos
feat: added serviceaccount RBAC to allow prometheus-auth to work
ace25ad 
Since only caas-project-owners have the verb view on prometheus.monitoring.coreos.com
they can also pass it down to their serviceaccounts, which will need to parse the central prometheus database
for federated metrics for their own namespaces.

Signed-off-by: Bruno Bressi <[email protected]>
@puffitos
docs: development guide
6b2cddc 
Signed-off-by: Bruno Bressi <[email protected]>
@puffitos
chore: RBAC reconciliation with prometheus auth
78b5915 
Prometheus Auth will only use the `prometheus.monitoring.coreos.com` Resource to do its validation
so the users of this helm chart need only that.

Signed-off-by: Bruno Bressi <[email protected]>
@puffitos
chore: 1.3.0 rc2
2ee9ad7 
Signed-off-by: Bruno Bressi <[email protected]>
@puffitos puffitos added the enhancement New feature or request label Oct 16, 2024
@puffitos puffitos self-assigned this Oct 16, 2024
y-eight
y-eight approved these changes Oct 17, 2024
View reviewed changes
Copy link
Contributor

@y-eight y-eight left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@puffitos
fix: grafana OOM sidecar
ee3d569 
The sidecar needs more juice for the default configuration

Signed-off-by: Bruno Bressi <[email protected]>
@puffitos puffitos merged commit 38ccdd2 into main Nov 6, 2024
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@eumel8 eumel8 eumel8 left review comments

@JTaeuber JTaeuber JTaeuber approved these changes

@y-eight y-eight y-eight approved these changes

@CerRegulus CerRegulus Awaiting requested review from CerRegulus

Assignees

@puffitos puffitos

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@puffitos @eumel8 @y-eight @JTaeuber