From 44ede532aedd06095527c1eeaae948216bdde86c Mon Sep 17 00:00:00 2001 From: Fiona Liao Date: Wed, 31 May 2023 16:42:49 +0100 Subject: [PATCH 1/6] Remove graphite-web component from Helm chart --- .../graphite-web/graphite-web-dep.yaml | 68 ------------------- .../graphite-web/graphite-web-pdb.yaml | 3 - .../graphite-web/graphite-web-servmon.yaml | 3 - .../graphite-web/graphite-web-svc.yaml | 23 ------- .../helm/charts/mimir-distributed/values.yaml | 58 +--------------- .../templates/mimir-config.yaml | 2 +- 6 files changed, 2 insertions(+), 155 deletions(-) delete mode 100644 operations/helm/charts/mimir-distributed/templates/graphite-proxy/graphite-web/graphite-web-dep.yaml delete mode 100644 operations/helm/charts/mimir-distributed/templates/graphite-proxy/graphite-web/graphite-web-pdb.yaml delete mode 100644 operations/helm/charts/mimir-distributed/templates/graphite-proxy/graphite-web/graphite-web-servmon.yaml delete mode 100644 operations/helm/charts/mimir-distributed/templates/graphite-proxy/graphite-web/graphite-web-svc.yaml diff --git a/operations/helm/charts/mimir-distributed/templates/graphite-proxy/graphite-web/graphite-web-dep.yaml b/operations/helm/charts/mimir-distributed/templates/graphite-proxy/graphite-web/graphite-web-dep.yaml deleted file mode 100644 index 87d982f16c5..00000000000 --- a/operations/helm/charts/mimir-distributed/templates/graphite-proxy/graphite-web/graphite-web-dep.yaml +++ /dev/null @@ -1,68 +0,0 @@ -{{- if and .Values.enterprise.enabled .Values.graphite.enabled -}} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "mimir.resourceName" (dict "ctx" . "component" "graphite-web") }} - labels: - {{- include "mimir.labels" (dict "ctx" . "component" "graphite-web") | nindent 4 }} - annotations: - {{- toYaml .Values.graphite.web.annotations | nindent 4 }} - namespace: {{ .Release.Namespace | quote }} -spec: - replicas: {{ .Values.graphite.web.replicas }} - selector: - matchLabels: - {{- include "mimir.selectorLabels" (dict "ctx" . "component" "graphite-web") | nindent 6 }} - strategy: - {{- toYaml .Values.graphite.web.strategy | nindent 4 }} - template: - metadata: - labels: - {{- include "mimir.podLabels" (dict "ctx" . "component" "graphite-web") | nindent 8 }} - annotations: - {{- include "mimir.podAnnotations" (dict "ctx" . "component" "graphite-web") | nindent 8 }} - namespace: {{ .Release.Namespace | quote }} - spec: - serviceAccountName: {{ template "mimir.serviceAccountName" . }} - {{- if .Values.graphite.web.priorityClassName }} - priorityClassName: {{ .Values.graphite.web.priorityClassName }} - {{- end }} - securityContext: - {{- include "mimir.lib.podSecurityContext" (dict "ctx" . "component" "graphite-web") | nindent 8 }} - {{- if .Values.image.pullSecrets }} - imagePullSecrets: - {{- range .Values.image.pullSecrets }} - - name: {{ . }} - {{- end }} - {{- end }} - containers: - - name: graphite-web - image: "{{ .Values.graphite.web.image.repository }}:{{ .Values.graphite.web.image.tag }}" - imagePullPolicy: {{ .Values.graphite.web.image.pullPolicy }} - env: - - name: GRAPHITE_CLUSTER_SERVERS - value: {{ template "mimir.fullname" . }}-graphite.{{ .Release.Namespace }}.svc:{{ include "mimir.serverHttpListenPort" . }}/graphite - - name: GRAPHITE_ENFORCE_INPUT_VALIDATION - value: "true" - - name: GRAPHITE_POOL_WORKERS - value: "1" - - name: GRAPHITE_POOL_WORKERS_PER_BACKEND - value: "16" - - name: GRAPHITE_USE_WORKER_POOL - value: "false" - ports: - - name: http-metrics - containerPort: {{ include "mimir.serverHttpListenPort" . }} - protocol: TCP - resources: - {{- toYaml .Values.graphite.web.resources | nindent 12 }} - securityContext: - {{- toYaml .Values.graphite.web.containerSecurityContext | nindent 12 }} - nodeSelector: - {{- toYaml .Values.graphite.web.nodeSelector | nindent 8 }} - affinity: - {{- toYaml .Values.graphite.web.affinity | nindent 8 }} - tolerations: - {{- toYaml .Values.graphite.web.tolerations | nindent 8 }} - terminationGracePeriodSeconds: {{ .Values.graphite.web.terminationGracePeriodSeconds }} -{{- end -}} diff --git a/operations/helm/charts/mimir-distributed/templates/graphite-proxy/graphite-web/graphite-web-pdb.yaml b/operations/helm/charts/mimir-distributed/templates/graphite-proxy/graphite-web/graphite-web-pdb.yaml deleted file mode 100644 index abe6d11a874..00000000000 --- a/operations/helm/charts/mimir-distributed/templates/graphite-proxy/graphite-web/graphite-web-pdb.yaml +++ /dev/null @@ -1,3 +0,0 @@ -{{- if and .Values.enterprise.enabled .Values.graphite.enabled -}} -{{- include "mimir.lib.podDisruptionBudget" (dict "ctx" $ "component" "graphite-web") }} -{{- end -}} diff --git a/operations/helm/charts/mimir-distributed/templates/graphite-proxy/graphite-web/graphite-web-servmon.yaml b/operations/helm/charts/mimir-distributed/templates/graphite-proxy/graphite-web/graphite-web-servmon.yaml deleted file mode 100644 index e26fed1696a..00000000000 --- a/operations/helm/charts/mimir-distributed/templates/graphite-proxy/graphite-web/graphite-web-servmon.yaml +++ /dev/null @@ -1,3 +0,0 @@ -{{- if and .Values.enterprise.enabled .Values.graphite.enabled -}} -{{- include "mimir.lib.serviceMonitor" (dict "ctx" $ "component" "graphite-web") }} -{{- end -}} \ No newline at end of file diff --git a/operations/helm/charts/mimir-distributed/templates/graphite-proxy/graphite-web/graphite-web-svc.yaml b/operations/helm/charts/mimir-distributed/templates/graphite-proxy/graphite-web/graphite-web-svc.yaml deleted file mode 100644 index c3cfeeb2ad2..00000000000 --- a/operations/helm/charts/mimir-distributed/templates/graphite-proxy/graphite-web/graphite-web-svc.yaml +++ /dev/null @@ -1,23 +0,0 @@ -{{- if and .Values.enterprise.enabled .Values.graphite.enabled -}} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "mimir.resourceName" (dict "ctx" . "component" "graphite-web") }} - labels: - {{- include "mimir.labels" (dict "ctx" . "component" "graphite-web") | nindent 4 }} - {{- with .Values.graphite.web.service.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} - annotations: - {{- toYaml .Values.graphite.web.service.annotations | nindent 4 }} - namespace: {{ .Release.Namespace | quote }} -spec: - type: ClusterIP - ports: - - port: {{ include "mimir.serverHttpListenPort" . }} - protocol: TCP - name: http-metrics - targetPort: http-metrics - selector: - {{- include "mimir.selectorLabels" (dict "ctx" . "component" "graphite-web") | nindent 4 }} -{{- end -}} diff --git a/operations/helm/charts/mimir-distributed/values.yaml b/operations/helm/charts/mimir-distributed/values.yaml index d82e38e1e39..b441df49dc2 100644 --- a/operations/helm/charts/mimir-distributed/values.yaml +++ b/operations/helm/charts/mimir-distributed/values.yaml @@ -385,7 +385,7 @@ mimir: remote_read: query_address: http://{{ template "mimir.fullname" . }}-query-frontend.{{ .Release.Namespace }}.svc:{{ include "mimir.serverHttpListenPort" . }}/prometheus - graphite_fallback: http://{{ template "mimir.fullname" . }}-graphite-web.{{ .Release.Namespace}}.svc:{{ include "mimir.serverHttpListenPort" . }} + proxy_bad_requests: false schemas: default_storage_schemas_file: /etc/graphite-proxy/storage-schemas.conf @@ -3236,62 +3236,6 @@ graphite: extraVolumes: [] extraVolumeMounts: [] - web: - replicas: 1 - - image: - repository: docker.io/raintank/graphite-mt - tag: 8-7ebde4c60-v2 - pullPolicy: IfNotPresent - - service: - annotations: {} - labels: {} - - # -- Resources for graphite-web pods - resources: - requests: - cpu: 100m - memory: 512Mi - # -- The name of the PriorityClass for graphite-web pods - priorityClassName: null - # -- Labels for graphite-web pods - podLabels: {} - # -- Annotations for graphite-web pods - podAnnotations: {} - # -- Node selector for graphite-web pods - nodeSelector: {} - # -- Affinity for graphite-web pods - affinity: - podAntiAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - - labelSelector: - matchExpressions: - - key: app.kubernetes.io/component - operator: In - values: - - graphite-web - topologyKey: 'kubernetes.io/hostname' - - strategy: - type: RollingUpdate - # -- Grace period to allow the graphite-web to shutdown before it is killed - terminationGracePeriodSeconds: 30 - # -- Tolerations for graphite-web pods - tolerations: [] - # -- Pod Disruption Budget - podDisruptionBudget: {} - - # -- SecurityContext override for graphite web pods - securityContext: {} - - containerSecurityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - capabilities: - drop: [ALL] - - # Graphite's aggregation cache. If you want to know more about it please check # https://grafana.com/docs/enterprise-metrics/latest/graphite/graphite_querier/#aggregation-cache gr-aggr-cache: diff --git a/operations/helm/tests/graphite-enabled-values-generated/mimir-distributed/templates/mimir-config.yaml b/operations/helm/tests/graphite-enabled-values-generated/mimir-distributed/templates/mimir-config.yaml index 17a6ae46a51..7f610c1f8ff 100644 --- a/operations/helm/tests/graphite-enabled-values-generated/mimir-distributed/templates/mimir-config.yaml +++ b/operations/helm/tests/graphite-enabled-values-generated/mimir-distributed/templates/mimir-config.yaml @@ -107,11 +107,11 @@ data: memcached: addresses: dnssrvnoa+graphite-enabled-values-mimir-gr-aggr-cache.citestns.svc:11211 timeout: 1s - graphite_fallback: http://graphite-enabled-values-mimir-graphite-web.citestns.svc:8080 metric_name_cache: memcached: addresses: dnssrvnoa+graphite-enabled-values-mimir-gr-metricname-cache.citestns.svc:11211 timeout: 1s + proxy_bad_requests: false remote_read: query_address: http://graphite-enabled-values-mimir-query-frontend.citestns.svc:8080/prometheus schemas: From 7e2cfb850750f7b7f7ab8bb1d15f85b88529f917 Mon Sep 17 00:00:00 2001 From: Fiona Liao Date: Thu, 1 Jun 2023 17:09:31 +0100 Subject: [PATCH 2/6] Fix generate token script --- .../scripts/generate_enterprise_tenant_token.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/operations/helm/charts/mimir-distributed/scripts/generate_enterprise_tenant_token.sh b/operations/helm/charts/mimir-distributed/scripts/generate_enterprise_tenant_token.sh index 57746b0803b..ed4dc6df8ec 100755 --- a/operations/helm/charts/mimir-distributed/scripts/generate_enterprise_tenant_token.sh +++ b/operations/helm/charts/mimir-distributed/scripts/generate_enterprise_tenant_token.sh @@ -24,7 +24,7 @@ ADMIN_API_HOST="localhost" TENANT="test-tenant" echo "# Getting API TOKEN from tokengen job" -API_TOKEN=$(kubectl logs -f "job/${HELM_INSTALL_NAME}-mimir-tokengen" | grep Token | awk '{print $2}') +API_TOKEN=$(kubectl logs -f "job/${HELM_INSTALL_NAME}-tokengen" | grep Token | awk '{print $2}') echo "Succesfully found token: ${API_TOKEN}" echo "# Creating Test Tenant" From 278f319a5150151de102f9553d1a1cc9e9d19745 Mon Sep 17 00:00:00 2001 From: Fiona Liao Date: Thu, 1 Jun 2023 17:09:47 +0100 Subject: [PATCH 3/6] Add a couple more queries to the graphite read path test --- .../scripts/test_graphite_read_path.sh | 25 +++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/operations/helm/charts/mimir-distributed/scripts/test_graphite_read_path.sh b/operations/helm/charts/mimir-distributed/scripts/test_graphite_read_path.sh index 87f200af966..aedcb454e47 100755 --- a/operations/helm/charts/mimir-distributed/scripts/test_graphite_read_path.sh +++ b/operations/helm/charts/mimir-distributed/scripts/test_graphite_read_path.sh @@ -25,3 +25,28 @@ curl \ -H "Content-Type: application/json" \ --fail-with-body \ "${MIMIR_GATEWAY_HOST}:8080/graphite/tags" + +echo "" +echo "" + +echo "# Getting functions" +# this will return 400 when using values.yaml as graphite-web is not enabled there +curl \ + -X GET \ + -H "Authorization: Basic ${MIMIR_BASIC_AUTH}" \ + -H "Content-Type: application/json" \ + --fail-with-body \ + "${MIMIR_GATEWAY_HOST}:8080/graphite/functions" + +echo "" + +echo "# Running query" +curl \ + -X GET \ + -H "Authorization: Basic ${MIMIR_BASIC_AUTH}" \ + -H "Content-Type: application/json" \ + --fail-with-body \ + "${MIMIR_GATEWAY_HOST}:8080/graphite/render?target=seriesByTag(\"service=foo\")&from=-5m" + +echo "" +echo "" From 46650b5bb7ff5bc8639b1f8cfcaa03149830a42c Mon Sep 17 00:00:00 2001 From: Fiona Liao Date: Thu, 1 Jun 2023 17:11:04 +0100 Subject: [PATCH 4/6] Remove unncessary whitespace --- operations/helm/charts/mimir-distributed/values.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/operations/helm/charts/mimir-distributed/values.yaml b/operations/helm/charts/mimir-distributed/values.yaml index b441df49dc2..99ea1abcc3e 100644 --- a/operations/helm/charts/mimir-distributed/values.yaml +++ b/operations/helm/charts/mimir-distributed/values.yaml @@ -384,7 +384,6 @@ mimir: querier: remote_read: query_address: http://{{ template "mimir.fullname" . }}-query-frontend.{{ .Release.Namespace }}.svc:{{ include "mimir.serverHttpListenPort" . }}/prometheus - proxy_bad_requests: false schemas: From 31d8124a489b53e519090deb91c0be2783370037 Mon Sep 17 00:00:00 2001 From: Fiona Liao Date: Thu, 1 Jun 2023 17:24:09 +0100 Subject: [PATCH 5/6] Update CHANGELOG --- operations/helm/charts/mimir-distributed/CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/operations/helm/charts/mimir-distributed/CHANGELOG.md b/operations/helm/charts/mimir-distributed/CHANGELOG.md index aea3740d769..2234aba7bc5 100644 --- a/operations/helm/charts/mimir-distributed/CHANGELOG.md +++ b/operations/helm/charts/mimir-distributed/CHANGELOG.md @@ -29,6 +29,7 @@ Entries should include a reference to the Pull Request that introduced the chang ## main / unreleased * [CHANGE] Query-frontend: enable cardinality estimation via `frontend.query_sharding_target_series_per_shard` in the Mimir configuration for query sharding by default if `results-cache.enabled` is true. #5128 +* [CHANGE] Remove `graphite-web` component from the graphite proxy. The `graphite-web` component had several configuration issues which meant it was failing to process requests. #5133 * [ENHANCEMENT] Set `nginx` and `gateway` Nginx read timeout (`proxy_read_timeout`) to 300 seconds (increase from default 60 seconds), so that it doesn't interfere with the querier's default 120 seconds timeout (`mimir.structuredConfig.querier.timeout`). #4924 * [ENHANCEMENT] Update nginx image to `nginxinc/nginx-unprivileged:1.24-alpine`. #5066 * [ENHANCEMENT] Update the `rollout-operator` subchart to `0.5.0`. #4930 From 9bf127c400619ffc28323c0dd83b62a9548dbbef Mon Sep 17 00:00:00 2001 From: Fiona Liao Date: Thu, 1 Jun 2023 17:28:20 +0100 Subject: [PATCH 6/6] Remove graphite-web from Helm tests --- .../mimir-distributed/templates/_helpers.tpl | 1 - .../graphite-web/graphite-web-dep.yaml | 85 ------------------- .../graphite-web/graphite-web-svc.yaml | 25 ------ 3 files changed, 111 deletions(-) delete mode 100644 operations/helm/tests/graphite-enabled-values-generated/mimir-distributed/templates/graphite-proxy/graphite-web/graphite-web-dep.yaml delete mode 100644 operations/helm/tests/graphite-enabled-values-generated/mimir-distributed/templates/graphite-proxy/graphite-web/graphite-web-svc.yaml diff --git a/operations/helm/charts/mimir-distributed/templates/_helpers.tpl b/operations/helm/charts/mimir-distributed/templates/_helpers.tpl index 247ba4ab9a1..31cfd9d6a54 100644 --- a/operations/helm/charts/mimir-distributed/templates/_helpers.tpl +++ b/operations/helm/charts/mimir-distributed/templates/_helpers.tpl @@ -408,7 +408,6 @@ Examples: "gr-aggr-cache" "gr-aggr-cache" "gr-metricname-cache" "gr-metricname-cache" "graphite-querier" "graphite.querier" - "graphite-web" "graphite.web" "graphite-write-proxy" "graphite.write_proxy" "index-cache" "index-cache" "ingester" "ingester" diff --git a/operations/helm/tests/graphite-enabled-values-generated/mimir-distributed/templates/graphite-proxy/graphite-web/graphite-web-dep.yaml b/operations/helm/tests/graphite-enabled-values-generated/mimir-distributed/templates/graphite-proxy/graphite-web/graphite-web-dep.yaml deleted file mode 100644 index 49f75fbcec8..00000000000 --- a/operations/helm/tests/graphite-enabled-values-generated/mimir-distributed/templates/graphite-proxy/graphite-web/graphite-web-dep.yaml +++ /dev/null @@ -1,85 +0,0 @@ ---- -# Source: mimir-distributed/templates/graphite-proxy/graphite-web/graphite-web-dep.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: graphite-enabled-values-mimir-graphite-web - labels: - app.kubernetes.io/name: mimir - app.kubernetes.io/instance: graphite-enabled-values - app.kubernetes.io/component: graphite-web - app.kubernetes.io/managed-by: Helm - annotations: - null - namespace: "citestns" -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/name: mimir - app.kubernetes.io/instance: graphite-enabled-values - app.kubernetes.io/component: graphite-web - strategy: - type: RollingUpdate - template: - metadata: - labels: - app.kubernetes.io/name: mimir - app.kubernetes.io/instance: graphite-enabled-values - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/component: graphite-web - annotations: - namespace: "citestns" - spec: - serviceAccountName: graphite-enabled-values-mimir - securityContext: - fsGroup: 10001 - runAsGroup: 10001 - runAsNonRoot: true - runAsUser: 10001 - seccompProfile: - type: RuntimeDefault - containers: - - name: graphite-web - image: "docker.io/raintank/graphite-mt:8-7ebde4c60-v2" - imagePullPolicy: IfNotPresent - env: - - name: GRAPHITE_CLUSTER_SERVERS - value: graphite-enabled-values-mimir-graphite.citestns.svc:8080/graphite - - name: GRAPHITE_ENFORCE_INPUT_VALIDATION - value: "true" - - name: GRAPHITE_POOL_WORKERS - value: "1" - - name: GRAPHITE_POOL_WORKERS_PER_BACKEND - value: "16" - - name: GRAPHITE_USE_WORKER_POOL - value: "false" - ports: - - name: http-metrics - containerPort: 8080 - protocol: TCP - resources: - requests: - cpu: 100m - memory: 512Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - nodeSelector: - {} - affinity: - podAntiAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - - labelSelector: - matchExpressions: - - key: app.kubernetes.io/component - operator: In - values: - - graphite-web - topologyKey: kubernetes.io/hostname - tolerations: - [] - terminationGracePeriodSeconds: 30 diff --git a/operations/helm/tests/graphite-enabled-values-generated/mimir-distributed/templates/graphite-proxy/graphite-web/graphite-web-svc.yaml b/operations/helm/tests/graphite-enabled-values-generated/mimir-distributed/templates/graphite-proxy/graphite-web/graphite-web-svc.yaml deleted file mode 100644 index b00077ae0db..00000000000 --- a/operations/helm/tests/graphite-enabled-values-generated/mimir-distributed/templates/graphite-proxy/graphite-web/graphite-web-svc.yaml +++ /dev/null @@ -1,25 +0,0 @@ ---- -# Source: mimir-distributed/templates/graphite-proxy/graphite-web/graphite-web-svc.yaml -apiVersion: v1 -kind: Service -metadata: - name: graphite-enabled-values-mimir-graphite-web - labels: - app.kubernetes.io/name: mimir - app.kubernetes.io/instance: graphite-enabled-values - app.kubernetes.io/component: graphite-web - app.kubernetes.io/managed-by: Helm - annotations: - {} - namespace: "citestns" -spec: - type: ClusterIP - ports: - - port: 8080 - protocol: TCP - name: http-metrics - targetPort: http-metrics - selector: - app.kubernetes.io/name: mimir - app.kubernetes.io/instance: graphite-enabled-values - app.kubernetes.io/component: graphite-web