diff --git a/.github/scripts/validate-kustomize.sh b/.github/scripts/validate-kustomize.sh new file mode 100755 index 0000000000..f2bfc129e3 --- /dev/null +++ b/.github/scripts/validate-kustomize.sh @@ -0,0 +1,67 @@ +#!/usr/bin/env bash + +# This script downloads the Flux OpenAPI schemas, then it validates the +# Flux custom resources and the kustomize overlays using kubeval. +# This script is meant to be run locally and in CI before the changes +# are merged on the main branch that's synced by Flux. + +# Copyright 2020 The Flux authors. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# This script is meant to be run locally and in CI to validate the Kubernetes +# manifests (including Flux custom resources) before changes are merged into +# the branch synced by Flux in-cluster. + +# Prerequisites +# - yq v4.6 +# - kustomize v4.1 +# - kubeval v0.15.x + +set -o errexit + +echo "INFO - Downloading Flux OpenAPI schemas" +mkdir -p /tmp/flux-crd-schemas/master-standalone-strict +#curl -sL https://github.com/fluxcd/flux2/releases/latest/download/crd-schemas.tar.gz | tar zxf - -C /tmp/flux-crd-schemas/master-standalone-strict + +# mirror kustomize-controller build options +kustomize_flags="--load-restrictor=LoadRestrictionsNone --reorder=legacy" +kustomize_config="kustomization.yaml" + + +# find . -type f -name '*.yaml' -print0 | while IFS= read -r -d $'\0' file; +# do +# echo "INFO - Validating $file" +# yq -e 'true' "$file" > /dev/null +# done + +echo "INFO - Validating clusters" +find ./k8s/clusters -type f -name '*.yaml' -maxdepth 1 -print0 | while IFS= read -r -d $'\0' file; + do + kubeval "${file}" --strict --ignore-missing-schemas --additional-schema-locations=file:///tmp/flux-crd-schemas + if [[ ${PIPESTATUS[0]} != 0 ]]; then + exit 1 + fi +done + +echo "INFO - Validating kustomize overlays" +find . -type f -name $kustomize_config -print0 | while IFS= read -r -d $'\0' file; + do + echo "INFO - Validating kustomization ${file/%$kustomize_config}" + # Secrets are ignored with --skip-kinds due to using SOPS with FluxCD + # shellcheck disable=SC2086 + kustomize build "${file/%$kustomize_config}" $kustomize_flags | kubeval --ignore-missing-schemas --strict --additional-schema-locations=file:///tmp/flux-crd-schemas --skip-kinds Secret + if [[ ${PIPESTATUS[0]} != 0 ]]; then + exit 1 + fi +done diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index eda467fc30..387682372f 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -53,3 +53,8 @@ repos: hooks: - id: fix-smartquotes - id: fix-ligatures + + - repo: https://github.com/zricethezav/gitleaks + rev: v8.5.3 + hooks: + - id: gitleaks diff --git a/k8s/clusters/hegira/flux/orchestration/kustomization.yaml b/k8s/clusters/hegira/flux/orchestration/kustomization.yaml index fb6a68da7f..898936bd07 100644 --- a/k8s/clusters/hegira/flux/orchestration/kustomization.yaml +++ b/k8s/clusters/hegira/flux/orchestration/kustomization.yaml @@ -4,7 +4,6 @@ kind: Kustomization resources: - ./cert-manager.yaml - ./rook-ceph.yaml - # # - ./dev.yaml - ./downloads.yaml - ./databases.yaml - ./flux-system.yaml diff --git a/k8s/clusters/hegira/flux/orchestration/rook-ceph.yaml b/k8s/clusters/hegira/flux/orchestration/rook-ceph.yaml index e50358e9ed..0c7ed82cbd 100644 --- a/k8s/clusters/hegira/flux/orchestration/rook-ceph.yaml +++ b/k8s/clusters/hegira/flux/orchestration/rook-ceph.yaml @@ -96,20 +96,3 @@ spec: sourceRef: kind: GitRepository name: home-cluster ---- -apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 -kind: Kustomization -metadata: - name: rook-ceph-monitoring - namespace: flux-system -spec: - dependsOn: - - name: rook-ceph-namespace - - name: rook-ceph-operator - interval: 5m - path: "./k8s/manifests/rook-ceph/monitoring" - prune: true - wait: true - sourceRef: - kind: GitRepository - name: home-cluster diff --git a/k8s/manifests/cert-manager/cert-manager/config/kustomization.yaml b/k8s/manifests/cert-manager/cert-manager/config/kustomization.yaml index 6caf7c604b..81c92b91f4 100644 --- a/k8s/manifests/cert-manager/cert-manager/config/kustomization.yaml +++ b/k8s/manifests/cert-manager/cert-manager/config/kustomization.yaml @@ -4,4 +4,3 @@ kind: Kustomization resources: - ./secret.sops.yaml - ./clusterissuer.yaml - - ./prometheusrule.yaml diff --git a/k8s/manifests/databases/postgresql/kustomization.yaml b/k8s/manifests/databases/postgresql/kustomization.yaml index 8bf8dd59d4..4ed091d81e 100644 --- a/k8s/manifests/databases/postgresql/kustomization.yaml +++ b/k8s/manifests/databases/postgresql/kustomization.yaml @@ -4,4 +4,3 @@ kind: Kustomization resources: - ./config-pvc.yaml - ./helmrelease.yaml - - ./monitoring diff --git a/k8s/manifests/flux-system/add-ons/monitoring/kustomization.yaml b/k8s/manifests/flux-system/add-ons/monitoring/kustomization.yaml deleted file mode 100644 index c826a3edf4..0000000000 --- a/k8s/manifests/flux-system/add-ons/monitoring/kustomization.yaml +++ /dev/null @@ -1,6 +0,0 @@ ---- -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - ./podmonitor.yaml - - ./prometheusrules.yaml diff --git a/k8s/manifests/flux-system/add-ons/monitoring/prometheusrules.yaml b/k8s/manifests/flux-system/add-ons/monitoring/prometheusrules.yaml deleted file mode 100644 index beb7430d80..0000000000 --- a/k8s/manifests/flux-system/add-ons/monitoring/prometheusrules.yaml +++ /dev/null @@ -1,20 +0,0 @@ ---- -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: flux-alert-rules - namespace: flux-system - labels: - prometheus: flux-rules - role: alert-rules -spec: - groups: - - name: GitOpsToolkit - rules: - - alert: ReconciliationFailure - expr: max(gotk_reconcile_condition{status="False",type="Ready"}) by (namespace, name, kind) + on(namespace, name, kind) (max(gotk_reconcile_condition{status="Deleted"}) by (namespace, name, kind)) * 2 == 1 - for: 10m - labels: - severity: page - annotations: - summary: "{{ $labels.kind }} {{ $labels.namespace }}/{{ $labels.name }} reconciliation has been failing for more than ten minutes." diff --git a/k8s/manifests/kasten-io/k10/k10-config/kustomization.yaml b/k8s/manifests/kasten-io/k10/k10-config/kustomization.yaml index e94d79670c..45d1784065 100644 --- a/k8s/manifests/kasten-io/k10/k10-config/kustomization.yaml +++ b/k8s/manifests/kasten-io/k10/k10-config/kustomization.yaml @@ -3,6 +3,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - blueprints - - monitoring - policies - profiles diff --git a/k8s/manifests/kasten-io/k10/k10-config/monitoring/kustomization.yaml b/k8s/manifests/kasten-io/k10/k10-config/monitoring/kustomization.yaml deleted file mode 100644 index e257600ff5..0000000000 --- a/k8s/manifests/kasten-io/k10/k10-config/monitoring/kustomization.yaml +++ /dev/null @@ -1,6 +0,0 @@ ---- -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - prometheus-rule.yaml - - service-monitor.yaml diff --git a/k8s/manifests/kasten-io/k10/k10-config/monitoring/service-monitor.yaml b/k8s/manifests/kasten-io/k10/k10-config/monitoring/service-monitor.yaml deleted file mode 100644 index bff6cf864d..0000000000 --- a/k8s/manifests/kasten-io/k10/k10-config/monitoring/service-monitor.yaml +++ /dev/null @@ -1,23 +0,0 @@ ---- -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: k10 - namespace: kasten-io -spec: - namespaceSelector: - matchNames: - - kasten-io - selector: - matchLabels: - app: prometheus - endpoints: - - port: http - scheme: http - path: /k10/prometheus/federate - honorLabels: true - interval: 15s - params: - "match[]": - - '{__name__=~"jobs.*"}' - - '{__name__=~"catalog.*"}' diff --git a/k8s/manifests/kube-system/cilium/kustomization.yaml b/k8s/manifests/kube-system/cilium/kustomization.yaml index 8046dad41a..dbc604ed71 100644 --- a/k8s/manifests/kube-system/cilium/kustomization.yaml +++ b/k8s/manifests/kube-system/cilium/kustomization.yaml @@ -3,4 +3,3 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - helmrelease.yaml - - servicemonitor.yaml diff --git a/k8s/manifests/kube-system/descheduler/kustomization.yaml b/k8s/manifests/kube-system/descheduler/kustomization.yaml index 8ebb10cca9..dbc604ed71 100644 --- a/k8s/manifests/kube-system/descheduler/kustomization.yaml +++ b/k8s/manifests/kube-system/descheduler/kustomization.yaml @@ -3,4 +3,3 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - helmrelease.yaml - - monitoring diff --git a/k8s/manifests/media/plex/pvc.yaml b/k8s/manifests/media/plex/config-pvc.yaml similarity index 100% rename from k8s/manifests/media/plex/pvc.yaml rename to k8s/manifests/media/plex/config-pvc.yaml diff --git a/k8s/manifests/media/plex/helmrelease.yaml b/k8s/manifests/media/plex/helmrelease.yaml index e89ae5bdec..6a90768019 100644 --- a/k8s/manifests/media/plex/helmrelease.yaml +++ b/k8s/manifests/media/plex/helmrelease.yaml @@ -54,7 +54,7 @@ spec: external-dns.alpha.kubernetes.io/cloudflare-proxied: "true" hajimari.io/enable: "true" hajimari.io/icon: plex - hajimari.io/appName: plex + hajimari.io/appName: plex # TODO #942 fix hajimari ingress to /web/index (base is 401) hosts: - host: "plex.${CLUSTER_DOMAIN}" paths: diff --git a/k8s/manifests/media/plex/kustomization.yaml b/k8s/manifests/media/plex/kustomization.yaml index 44e428850e..a66bbd942a 100644 --- a/k8s/manifests/media/plex/kustomization.yaml +++ b/k8s/manifests/media/plex/kustomization.yaml @@ -2,7 +2,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - ./pvc.yaml + - ./config-pvc.yaml - ./helmrelease.yaml # - ./probe.yaml - ./endpoint-monitor.yaml diff --git a/k8s/manifests/system-monitoring/blackbox-exporter/kustomization.yaml b/k8s/manifests/system-monitoring/blackbox-exporter/kustomization.yaml index a618c1dda5..dbc604ed71 100644 --- a/k8s/manifests/system-monitoring/blackbox-exporter/kustomization.yaml +++ b/k8s/manifests/system-monitoring/blackbox-exporter/kustomization.yaml @@ -3,4 +3,3 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - helmrelease.yaml - - prometheusrule.yaml diff --git a/k8s/manifests/cert-manager/cert-manager/config/prometheusrule.yaml b/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/cert-manager/cert-manager.yaml similarity index 100% rename from k8s/manifests/cert-manager/cert-manager/config/prometheusrule.yaml rename to k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/cert-manager/cert-manager.yaml diff --git a/k8s/manifests/rook-ceph/monitoring/kustomization.yaml b/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/cert-manager/kustomization.yaml similarity index 76% rename from k8s/manifests/rook-ceph/monitoring/kustomization.yaml rename to k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/cert-manager/kustomization.yaml index 1deb763456..37438a7299 100644 --- a/k8s/manifests/rook-ceph/monitoring/kustomization.yaml +++ b/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/cert-manager/kustomization.yaml @@ -2,4 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - prometheusrule.yaml + - cert-manager.yaml diff --git a/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/databases/kustomization.yaml b/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/databases/kustomization.yaml new file mode 100644 index 0000000000..5ba91cd3dc --- /dev/null +++ b/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/databases/kustomization.yaml @@ -0,0 +1,6 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - postgresql.yaml + - redis.yaml diff --git a/k8s/manifests/databases/postgresql/monitoring/alert.yaml b/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/databases/postgresql.yaml similarity index 100% rename from k8s/manifests/databases/postgresql/monitoring/alert.yaml rename to k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/databases/postgresql.yaml diff --git a/k8s/manifests/databases/redis/monitoring/alerts.yaml b/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/databases/redis.yaml similarity index 100% rename from k8s/manifests/databases/redis/monitoring/alerts.yaml rename to k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/databases/redis.yaml diff --git a/k8s/manifests/flux-system/add-ons/monitoring/podmonitor.yaml b/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/flux-system/flux-system.yaml similarity index 67% rename from k8s/manifests/flux-system/add-ons/monitoring/podmonitor.yaml rename to k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/flux-system/flux-system.yaml index 8bdd254c5b..ceba984812 100644 --- a/k8s/manifests/flux-system/add-ons/monitoring/podmonitor.yaml +++ b/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/flux-system/flux-system.yaml @@ -78,3 +78,23 @@ spec: podMetricsEndpoints: - port: http-prom +--- +apiVersion: monitoring.coreos.com/v1 +kind: PrometheusRule +metadata: + name: flux-alert-rules + namespace: flux-system + labels: + prometheus: flux-rules + role: alert-rules +spec: + groups: + - name: GitOpsToolkit + rules: + - alert: ReconciliationFailure + expr: max(gotk_reconcile_condition{status="False",type="Ready"}) by (namespace, name, kind) + on(namespace, name, kind) (max(gotk_reconcile_condition{status="Deleted"}) by (namespace, name, kind)) * 2 == 1 + for: 10m + labels: + severity: page + annotations: + summary: "{{ $labels.kind }} {{ $labels.namespace }}/{{ $labels.name }} reconciliation has been failing for more than ten minutes." diff --git a/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/flux-system/kustomization.yaml b/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/flux-system/kustomization.yaml new file mode 100644 index 0000000000..c59e15b68c --- /dev/null +++ b/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/flux-system/kustomization.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - flux-system.yaml diff --git a/k8s/manifests/kasten-io/k10/k10-config/monitoring/prometheus-rule.yaml b/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/kasten-io/k10.yaml similarity index 53% rename from k8s/manifests/kasten-io/k10/k10-config/monitoring/prometheus-rule.yaml rename to k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/kasten-io/k10.yaml index 4d9c66955e..eb68efe99d 100644 --- a/k8s/manifests/kasten-io/k10/k10-config/monitoring/prometheus-rule.yaml +++ b/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/kasten-io/k10.yaml @@ -18,3 +18,26 @@ spec: for: 1m labels: severity: critical +--- +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: k10 + namespace: kasten-io +spec: + namespaceSelector: + matchNames: + - kasten-io + selector: + matchLabels: + app: prometheus + endpoints: + - port: http + scheme: http + path: /k10/prometheus/federate + honorLabels: true + interval: 15s + params: + "match[]": + - '{__name__=~"jobs.*"}' + - '{__name__=~"catalog.*"}' diff --git a/k8s/manifests/databases/postgresql/monitoring/kustomization.yaml b/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/kasten-io/kustomization.yaml similarity index 84% rename from k8s/manifests/databases/postgresql/monitoring/kustomization.yaml rename to k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/kasten-io/kustomization.yaml index 601ed78882..35fcc77724 100644 --- a/k8s/manifests/databases/postgresql/monitoring/kustomization.yaml +++ b/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/kasten-io/kustomization.yaml @@ -2,4 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - alert.yaml + - k10.yaml diff --git a/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/kustomization.yaml b/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/kustomization.yaml index 75fed6eb24..77cef21827 100644 --- a/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/kustomization.yaml +++ b/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/kustomization.yaml @@ -2,5 +2,11 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - node-exporter.yaml - - upsc.yaml + - cert-manager + - databases + - kasten-io + - network-system + - rook-ceph + - services + - flux-system + - system-monitoring diff --git a/k8s/manifests/kube-system/cilium/servicemonitor.yaml b/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/network-system/cilium.yaml similarity index 100% rename from k8s/manifests/kube-system/cilium/servicemonitor.yaml rename to k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/network-system/cilium.yaml diff --git a/k8s/manifests/kube-system/descheduler/monitoring/metrics.yaml b/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/network-system/descheduler.yaml similarity index 100% rename from k8s/manifests/kube-system/descheduler/monitoring/metrics.yaml rename to k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/network-system/descheduler.yaml diff --git a/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/network-system/kustomization.yaml b/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/network-system/kustomization.yaml new file mode 100644 index 0000000000..2b008261c8 --- /dev/null +++ b/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/network-system/kustomization.yaml @@ -0,0 +1,6 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - cilium.yaml + - descheduler.yaml diff --git a/k8s/manifests/kube-system/descheduler/monitoring/kustomization.yaml b/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/rook-ceph/kustomization.yaml similarity index 80% rename from k8s/manifests/kube-system/descheduler/monitoring/kustomization.yaml rename to k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/rook-ceph/kustomization.yaml index 71533bc7a0..e50e2cb7d7 100644 --- a/k8s/manifests/kube-system/descheduler/monitoring/kustomization.yaml +++ b/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/rook-ceph/kustomization.yaml @@ -2,4 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - metrics.yaml + - rook-ceph.yaml diff --git a/k8s/manifests/rook-ceph/monitoring/prometheusrule.yaml b/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/rook-ceph/rook-ceph.yaml similarity index 100% rename from k8s/manifests/rook-ceph/monitoring/prometheusrule.yaml rename to k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/rook-ceph/rook-ceph.yaml diff --git a/k8s/manifests/databases/redis/monitoring/kustomization.yaml b/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/services/kustomization.yaml similarity index 83% rename from k8s/manifests/databases/redis/monitoring/kustomization.yaml rename to k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/services/kustomization.yaml index 953a96e6ee..5314084337 100644 --- a/k8s/manifests/databases/redis/monitoring/kustomization.yaml +++ b/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/services/kustomization.yaml @@ -2,4 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - alerts.yaml + - minio.yaml diff --git a/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/services/minio.yaml b/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/services/minio.yaml new file mode 100644 index 0000000000..822f45b382 --- /dev/null +++ b/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/services/minio.yaml @@ -0,0 +1,20 @@ +--- +apiVersion: monitoring.coreos.com/v1 +kind: PrometheusRule +metadata: + name: minio-rules + namespace: cert-manager +spec: + groups: + - name: minio.rules + rules: + - alert: MinioS3Errors + expr: | + increase(minio_s3_requests_errors_total[5m]) > 5 + for: 0m + labels: + severity: critical + annotations: + description: "Minio is experiencing increased S3 errors. Operations + may not occur as expected, and service may be impacted" + summary: "Minio is experiecing elevated S3 errors." diff --git a/k8s/manifests/system-monitoring/blackbox-exporter/prometheusrule.yaml b/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/system-monitoring/blackbox-exporter.yaml similarity index 100% rename from k8s/manifests/system-monitoring/blackbox-exporter/prometheusrule.yaml rename to k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/system-monitoring/blackbox-exporter.yaml diff --git a/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/system-monitoring/kustomization.yaml b/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/system-monitoring/kustomization.yaml new file mode 100644 index 0000000000..bb6e7b2ae4 --- /dev/null +++ b/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/system-monitoring/kustomization.yaml @@ -0,0 +1,9 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - node-exporter.yaml + - blackbox-exporter.yaml + - loki.yaml + - prom-smartctl.yaml + - thanos.yaml diff --git a/k8s/manifests/system-monitoring/loki/prometheus-rule.yaml b/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/system-monitoring/loki.yaml similarity index 100% rename from k8s/manifests/system-monitoring/loki/prometheus-rule.yaml rename to k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/system-monitoring/loki.yaml diff --git a/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/node-exporter.yaml b/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/system-monitoring/node-exporter.yaml similarity index 100% rename from k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/node-exporter.yaml rename to k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/system-monitoring/node-exporter.yaml diff --git a/k8s/manifests/system-monitoring/prometheus-smartctl/servicemonitor.yaml b/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/system-monitoring/prom-smartctl.yaml similarity index 95% rename from k8s/manifests/system-monitoring/prometheus-smartctl/servicemonitor.yaml rename to k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/system-monitoring/prom-smartctl.yaml index 0fb8eb1a78..f537a0721b 100644 --- a/k8s/manifests/system-monitoring/prometheus-smartctl/servicemonitor.yaml +++ b/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/system-monitoring/prom-smartctl.yaml @@ -25,4 +25,4 @@ spec: selector: matchLabels: app.kubernetes.io/name: prometheus-smartctl -# FIXME - needs alerts! +# FIXME #943 - needs alerts! diff --git a/k8s/manifests/system-monitoring/thanos/monitoring/prometheus-rules.yaml b/k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/system-monitoring/thanos.yaml similarity index 100% rename from k8s/manifests/system-monitoring/thanos/monitoring/prometheus-rules.yaml rename to k8s/manifests/system-monitoring/kube-prometheus-stack/prometheus-rules/system-monitoring/thanos.yaml diff --git a/k8s/manifests/system-monitoring/loki/kustomization.yaml b/k8s/manifests/system-monitoring/loki/kustomization.yaml index 1cbcec00c6..dbc604ed71 100644 --- a/k8s/manifests/system-monitoring/loki/kustomization.yaml +++ b/k8s/manifests/system-monitoring/loki/kustomization.yaml @@ -3,4 +3,3 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - helmrelease.yaml - - prometheus-rule.yaml diff --git a/k8s/manifests/system-monitoring/prometheus-smartctl/kustomization.yaml b/k8s/manifests/system-monitoring/prometheus-smartctl/kustomization.yaml index c8a59197fc..9a5ed8e0d6 100644 --- a/k8s/manifests/system-monitoring/prometheus-smartctl/kustomization.yaml +++ b/k8s/manifests/system-monitoring/prometheus-smartctl/kustomization.yaml @@ -4,4 +4,3 @@ kind: Kustomization resources: - ./daemonset.yaml - ./service.yaml - - ./servicemonitor.yaml diff --git a/k8s/manifests/system-monitoring/thanos/kustomization.yaml b/k8s/manifests/system-monitoring/thanos/kustomization.yaml index e807c485ec..e11ade8a1d 100644 --- a/k8s/manifests/system-monitoring/thanos/kustomization.yaml +++ b/k8s/manifests/system-monitoring/thanos/kustomization.yaml @@ -3,6 +3,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - dashboard - - monitoring - secret.sops.yaml - helmrelease.yaml diff --git a/k8s/manifests/system-monitoring/thanos/monitoring/kustomization.yaml b/k8s/manifests/system-monitoring/thanos/monitoring/kustomization.yaml deleted file mode 100644 index f145c6c902..0000000000 --- a/k8s/manifests/system-monitoring/thanos/monitoring/kustomization.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - prometheus-rules.yaml