From 56dfab82941570d4e9cf7741849de6c6d8ab2ecd Mon Sep 17 00:00:00 2001 From: Chunlin Yang Date: Thu, 20 Jan 2022 18:05:31 +0800 Subject: [PATCH] Update jsonnet dependency to adopt the new features (#65) Signed-off-by: clyang82 --- jsonnet/jsonnetfile.lock.json | 14 +- .../jsonnet/lib/observatorium-api.libsonnet | 2 + .../kube-thanos-bucket-replicate.libsonnet | 197 ++++++++++++++++++ .../kube-thanos/kube-thanos-bucket.libsonnet | 24 ++- ...be-thanos-compact-default-params.libsonnet | 46 ++++ .../kube-thanos-compact-shards.libsonnet | 106 ++++++++++ .../kube-thanos/kube-thanos-compact.libsonnet | 92 ++++---- .../kube-thanos-query-frontend.libsonnet | 17 ++ .../kube-thanos/kube-thanos-query.libsonnet | 23 ++ ...be-thanos-receive-default-params.libsonnet | 3 + .../kube-thanos-receive-ingestor.libsonnet | 45 ++++ .../kube-thanos-receive-router.libsonnet | 145 +++++++++++++ .../kube-thanos/kube-thanos-receive.libsonnet | 60 ++++-- .../kube-thanos/kube-thanos-rule.libsonnet | 127 ++++++----- ...kube-thanos-store-default-params.libsonnet | 1 + .../kube-thanos/kube-thanos-store.libsonnet | 41 +++- .../jsonnet/kube-thanos/thanos.libsonnet | 4 + .../kube-thanos-bucket-replicate.libsonnet | 197 ++++++++++++++++++ .../kube-thanos/kube-thanos-bucket.libsonnet | 17 +- ...be-thanos-compact-default-params.libsonnet | 46 ++++ .../kube-thanos-compact-shards.libsonnet | 106 ++++++++++ .../kube-thanos/kube-thanos-compact.libsonnet | 83 ++++---- .../kube-thanos-query-frontend.libsonnet | 10 +- .../kube-thanos/kube-thanos-query.libsonnet | 16 +- ...be-thanos-receive-default-params.libsonnet | 5 + .../kube-thanos-receive-ingestor.libsonnet | 45 ++++ .../kube-thanos-receive-router.libsonnet | 145 +++++++++++++ .../kube-thanos/kube-thanos-receive.libsonnet | 56 +++-- .../kube-thanos/kube-thanos-rule.libsonnet | 104 ++++++++- ...kube-thanos-store-default-params.libsonnet | 2 + .../kube-thanos/kube-thanos-store.libsonnet | 33 ++- .../jsonnet/kube-thanos/thanos.libsonnet | 4 + 32 files changed, 1615 insertions(+), 201 deletions(-) create mode 100644 jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-bucket-replicate.libsonnet create mode 100644 jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-compact-default-params.libsonnet create mode 100644 jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-compact-shards.libsonnet create mode 100644 jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-receive-ingestor.libsonnet create mode 100644 jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-receive-router.libsonnet create mode 100644 jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-bucket-replicate.libsonnet create mode 100644 jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-compact-default-params.libsonnet create mode 100644 jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-compact-shards.libsonnet create mode 100644 jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-receive-ingestor.libsonnet create mode 100644 jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-receive-router.libsonnet diff --git a/jsonnet/jsonnetfile.lock.json b/jsonnet/jsonnetfile.lock.json index b9f57c9f..e223c547 100644 --- a/jsonnet/jsonnetfile.lock.json +++ b/jsonnet/jsonnetfile.lock.json @@ -8,8 +8,8 @@ "subdir": "jsonnet/lib" } }, - "version": "f8b0fbf3eaaeb6e0e51f66b342074d5c782b0b69", - "sum": "/33386b3/boEQGuUF3y8mc7iOzFekzLuPtozDzTKfhs=", + "version": "c8691fa6eb610fc88b877069304be0320393caac", + "sum": "PeiropwPLWC8g7o0xaH0clwLoYHTngNJKtaTaEh+hc0=", "name": "observatorium-api" }, { @@ -51,8 +51,8 @@ "subdir": "jsonnet/kube-thanos" } }, - "version": "80968bba78737171e6cabcf922dacab16c07c87c", - "sum": "TzVhKofQG+Bnc9OSzQuUpRVP/cTccrf3sxvFBcd7B38=" + "version": "55d79c62ffbf39c7a8f5973e5bf6421944b3aea6", + "sum": "K3y2JG3FCgXv3zuiaUl2BIfwODpahnb9wphykDreoyI=" }, { "source": { @@ -61,7 +61,7 @@ "subdir": "jsonnet/lib" } }, - "version": "b53a7434607e520bd3d87400e2d89bd8ac455ca8", + "version": "50ffaec20114a46691d549bf3a881c42fba4e8e3", "sum": "FNZlZ8ImUS/MhQhtFqOOiLKxG6+g1cx2TIJNFf1ONF0=" }, { @@ -71,8 +71,8 @@ "subdir": "jsonnet/kube-thanos" } }, - "version": "f53ad9856c6f765989ea76ba8eff8dd1e77186b7", - "sum": "1wMHM/+NvluUAxS5cBW2c6APEKQNQYLYnv1ZCE1R3/A=", + "version": "55d79c62ffbf39c7a8f5973e5bf6421944b3aea6", + "sum": "K3y2JG3FCgXv3zuiaUl2BIfwODpahnb9wphykDreoyI=", "name": "upstream-kube-thanos" } ], diff --git a/jsonnet/vendor/github.com/observatorium/api/jsonnet/lib/observatorium-api.libsonnet b/jsonnet/vendor/github.com/observatorium/api/jsonnet/lib/observatorium-api.libsonnet index 6a72a064..90fc9032 100644 --- a/jsonnet/vendor/github.com/observatorium/api/jsonnet/lib/observatorium-api.libsonnet +++ b/jsonnet/vendor/github.com/observatorium/api/jsonnet/lib/observatorium-api.libsonnet @@ -7,6 +7,7 @@ local defaults = { namespace: error 'must provide namespace', version: error 'must provide version', image: error 'must provide image', + imagePullPolicy: 'IfNotPresent', replicas: error 'must provide replicas', ports: { public: 8080, @@ -102,6 +103,7 @@ function(params) { { name: 'observatorium-api', image: api.config.image, + imagePullPolicy: api.config.imagePullPolicy, args: [ '--web.listen=0.0.0.0:%s' % api.config.ports.public, '--web.internal.listen=0.0.0.0:%s' % api.config.ports.internal, diff --git a/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-bucket-replicate.libsonnet b/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-bucket-replicate.libsonnet new file mode 100644 index 00000000..9ac63679 --- /dev/null +++ b/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-bucket-replicate.libsonnet @@ -0,0 +1,197 @@ +// These are the defaults for this components configuration. +// When calling the function to generate the component's manifest, +// you can pass an object structured like the default to overwrite default values. +local defaults = { + local defaults = self, + name: 'thanos-bucket-replicate', + namespace: error 'must provide namespace', + version: error 'must provide version', + image: error 'must provide image', + imagePullPolicy: 'IfNotPresent', + objectStorageConfig: error 'must provide objectStorageConfig', + objectStorageToConfig: error 'must provide objectStorageToConfig', // Destination object store configuration. + resources: {}, + logLevel: 'info', + logFormat: 'logfmt', + ports: { + http: 10902, + }, + tracing: {}, + minTime: '', + maxTime: '', + compactionLevels: [], + resolutions: [], + extraEnv: [], + + commonLabels:: { + 'app.kubernetes.io/name': 'thanos-bucket-replicate', + 'app.kubernetes.io/instance': defaults.name, + 'app.kubernetes.io/version': defaults.version, + 'app.kubernetes.io/component': 'object-store-bucket-replicate', + }, + + podLabelSelector:: { + [labelName]: defaults.commonLabels[labelName] + for labelName in std.objectFields(defaults.commonLabels) + if labelName != 'app.kubernetes.io/version' + }, + + securityContext:: { + fsGroup: 65534, + runAsUser: 65534, + }, +}; + +function(params) { + local tbr = self, + + // Combine the defaults and the passed params to make the component's config. + config:: defaults + params, + // Safety checks for combined config of defaults and params + assert std.isNumber(tbr.config.replicas) && tbr.config.replicas >= 0 : 'thanos bucket replicate replicas has to be number >= 0', + assert std.isObject(tbr.config.resources), + + service: { + apiVersion: 'v1', + kind: 'Service', + metadata: { + name: tbr.config.name, + namespace: tbr.config.namespace, + labels: tbr.config.commonLabels, + }, + spec: { + ports: [ + { + assert std.isString(name), + assert std.isNumber(tbr.config.ports[name]), + + name: name, + port: tbr.config.ports[name], + targetPort: tbr.config.ports[name], + } + for name in std.objectFields(tbr.config.ports) + ], + selector: tbr.config.podLabelSelector, + }, + }, + + serviceAccount: { + apiVersion: 'v1', + kind: 'ServiceAccount', + metadata: { + name: tbr.config.name, + namespace: tbr.config.namespace, + labels: tbr.config.commonLabels, + }, + }, + + deployment: + local container = { + name: 'thanos-bucket-replicate', + image: tbr.config.image, + imagePullPolicy: tbr.config.imagePullPolicy, + args: [ + 'tools', + 'bucket', + 'replicate', + '--log.level=' + tbr.config.logLevel, + '--log.format=' + tbr.config.logFormat, + '--objstore.config=$(OBJSTORE_CONFIG)', + '--objstore-to.config=$(OBJSTORE_TO_CONFIG)', + ] + ( + if std.length(tbr.config.tracing) > 0 then [ + '--tracing.config=' + std.manifestYamlDoc( + { config+: { service_name: defaults.name } } + tbr.config.tracing + ), + ] else [] + ) + ( + if std.length(tbr.config.minTime) > 0 then [ + '--min-time=' + tbr.config.minTime, + ] else [] + ) + ( + if std.length(tbr.config.maxTime) > 0 then [ + '--max-time=' + tbr.config.maxTime, + ] else [] + ) + ( + if std.length(tbr.config.compactionLevels) > 0 then [ + '--compaction=%d' % compactionLevel + for compactionLevel in tbr.config.compactionLevels + ] else [] + ) + ( + if std.length(tbr.config.resolutions) > 0 then [ + '--resolution=%s' % resolution + for resolution in tbr.config.resolutions + ] else [] + ), + env: [ + { name: 'OBJSTORE_CONFIG', valueFrom: { secretKeyRef: { + key: tbr.config.objectStorageConfig.key, + name: tbr.config.objectStorageConfig.name, + } } }, + { name: 'OBJSTORE_TO_CONFIG', valueFrom: { secretKeyRef: { + key: tbr.config.objectStorageToConfig.key, + name: tbr.config.objectStorageToConfig.name, + } } }, + { + // Inject the host IP to make configuring tracing convenient. + name: 'HOST_IP_ADDRESS', + valueFrom: { + fieldRef: { + fieldPath: 'status.hostIP', + }, + }, + }, + ] + ( + if std.length(tbr.config.extraEnv) > 0 then tbr.config.extraEnv else [] + ), + ports: [ + { name: name, containerPort: tbr.config.ports[name] } + for name in std.objectFields(tbr.config.ports) + ], + livenessProbe: { failureThreshold: 4, periodSeconds: 30, httpGet: { + scheme: 'HTTP', + port: tbr.config.ports.http, + path: '/-/healthy', + } }, + readinessProbe: { failureThreshold: 20, periodSeconds: 5, httpGet: { + scheme: 'HTTP', + port: tbr.config.ports.http, + path: '/-/ready', + } }, + resources: if tbr.config.resources != {} then tbr.config.resources else {}, + terminationMessagePolicy: 'FallbackToLogsOnError', + volumeMounts: if std.objectHas(tbr.config.objectStorageConfig, 'tlsSecretName') && std.length(tbr.config.objectStorageConfig.tlsSecretName) > 0 then [ + { name: 'tls-secret', mountPath: tbr.config.objectStorageConfig.tlsSecretMountPath }, + ] else [], + }; + + { + apiVersion: 'apps/v1', + kind: 'Deployment', + metadata: { + name: tbr.config.name, + namespace: tbr.config.namespace, + labels: tbr.config.commonLabels, + }, + spec: { + replicas: 1, + selector: { matchLabels: tbr.config.podLabelSelector }, + template: { + metadata: { labels: tbr.config.commonLabels }, + spec: { + serviceAccountName: tbr.serviceAccount.metadata.name, + securityContext: tbr.config.securityContext, + containers: [container], + volumes: if std.objectHas(tbr.config.objectStorageConfig, 'tlsSecretName') && std.length(tbr.config.objectStorageConfig.tlsSecretName) > 0 then [{ + name: 'tls-secret', + secret: { secretName: tbr.config.objectStorageConfig.tlsSecretName }, + }] else [], + terminationGracePeriodSeconds: 120, + nodeSelector: { + 'beta.kubernetes.io/os': 'linux', + }, + }, + }, + }, + }, +} diff --git a/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-bucket.libsonnet b/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-bucket.libsonnet index ec612d60..759e8a05 100644 --- a/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-bucket.libsonnet +++ b/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-bucket.libsonnet @@ -16,6 +16,7 @@ local defaults = { http: 10902, }, tracing: {}, + extraEnv: [], commonLabels:: { 'app.kubernetes.io/name': 'thanos-bucket', @@ -111,7 +112,18 @@ function(params) { key: tb.config.objectStorageConfig.key, name: tb.config.objectStorageConfig.name, } } }, - ], + { + // Inject the host IP to make configuring tracing convenient. + name: 'HOST_IP_ADDRESS', + valueFrom: { + fieldRef: { + fieldPath: 'status.hostIP', + }, + }, + }, + ] + ( + if std.length(tb.config.extraEnv) > 0 then tb.config.extraEnv else [] + ), ports: [ { name: name, containerPort: tb.config.ports[name] } for name in std.objectFields(tb.config.ports) @@ -128,6 +140,9 @@ function(params) { } }, resources: if tb.config.resources != {} then tb.config.resources else {}, terminationMessagePolicy: 'FallbackToLogsOnError', + volumeMounts: if std.objectHas(tb.config.objectStorageConfig, 'tlsSecretName') && std.length(tb.config.objectStorageConfig.tlsSecretName) > 0 then [ + { name: 'tls-secret', mountPath: tb.config.objectStorageConfig.tlsSecretMountPath }, + ] else [], }; { @@ -147,7 +162,14 @@ function(params) { serviceAccountName: tb.serviceAccount.metadata.name, securityContext: tb.config.securityContext, containers: [container], + volumes: if std.objectHas(tb.config.objectStorageConfig, 'tlsSecretName') && std.length(tb.config.objectStorageConfig.tlsSecretName) > 0 then [{ + name: 'tls-secret', + secret: { secretName: tb.config.objectStorageConfig.tlsSecretName }, + }] else [], terminationGracePeriodSeconds: 120, + nodeSelector: { + 'kubernetes.io/os': 'linux', + }, }, }, }, diff --git a/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-compact-default-params.libsonnet b/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-compact-default-params.libsonnet new file mode 100644 index 00000000..cbf4bbc8 --- /dev/null +++ b/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-compact-default-params.libsonnet @@ -0,0 +1,46 @@ +// These are the defaults for this components configuration. +// When calling the function to generate the component's manifest, +// you can pass an object structured like the default to overwrite default values. +{ + local defaults = self, + name: 'thanos-compact', + namespace: error 'must provide namespace', + version: error 'must provide version', + image: error 'must provide image', + imagePullPolicy: 'IfNotPresent', + objectStorageConfig: error 'must provide objectStorageConfig', + resources: {}, + logLevel: 'info', + logFormat: 'logfmt', + serviceMonitor: false, + volumeClaimTemplate: {}, + retentionResolutionRaw: '0d', + retentionResolution5m: '0d', + retentionResolution1h: '0d', + deleteDelay: '48h', + disableDownsampling: false, + deduplicationReplicaLabels: [], + ports: { + http: 10902, + }, + tracing: {}, + extraEnv: [], + + commonLabels:: { + 'app.kubernetes.io/name': 'thanos-compact', + 'app.kubernetes.io/instance': defaults.name, + 'app.kubernetes.io/version': defaults.version, + 'app.kubernetes.io/component': 'database-compactor', + }, + + podLabelSelector:: { + [labelName]: defaults.commonLabels[labelName] + for labelName in std.objectFields(defaults.commonLabels) + if labelName != 'app.kubernetes.io/version' + }, + + securityContext:: { + fsGroup: 65534, + runAsUser: 65534, + }, +} diff --git a/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-compact-shards.libsonnet b/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-compact-shards.libsonnet new file mode 100644 index 00000000..694aacde --- /dev/null +++ b/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-compact-shards.libsonnet @@ -0,0 +1,106 @@ +local compactConfigDefaults = import 'kube-thanos/kube-thanos-compact-default-params.libsonnet'; +local compact = import 'kube-thanos/kube-thanos-compact.libsonnet'; + +// These are the defaults for this components configuration. +// When calling the function to generate the component's manifest, +// you can pass an object structured like the default to overwrite default values. +local defaults = compactConfigDefaults { + shards: 1, +}; + +function(params) + // Combine the defaults and the passed params to make the component's config. + local config = defaults + params; + + // Safety checks for combined config of defaults and params + assert std.isNumber(config.shards) && config.shards >= 0 : 'thanos compact shards has to be number >= 0'; + assert std.isArray(config.sourceLabels) && std.length(config.sourceLabels) > 0; + + { config:: config } + { + local allShards = self, + + serviceAccount: { + apiVersion: 'v1', + kind: 'ServiceAccount', + metadata: { + name: config.name, + namespace: config.namespace, + labels: config.commonLabels, + }, + }, + + shards: { + ['shard' + i]: compact(config { + name+: '-%d' % i, + commonLabels+:: { 'compact.thanos.io/shard': 'shard-' + i }, + }) { + serviceAccount: null, // one service account for all compactors + serviceMonitor: null, // one service monitor for all compactors + + statefulSet+: { + spec+: { + template+: { + spec+: { + serviceAccountName: allShards.serviceAccount.metadata.name, + containers: [ + if c.name == 'thanos-compact' then c { + args+: [ + ||| + --selector.relabel-config= + - action: hashmod + source_labels: %s + target_label: shard + modulus: %d + - action: keep + source_labels: ["shard"] + regex: %d + ||| % [config.sourceLabels, config.shards, i], + ], + } else c + for c in super.containers + ], + }, + }, + }, + }, + } + for i in std.range(0, config.shards - 1) + }, + } + { + serviceMonitor: if config.serviceMonitor == true then { + apiVersion: 'monitoring.coreos.com/v1', + kind: 'ServiceMonitor', + metadata+: { + name: config.name, + namespace: config.namespace, + labels: config.commonLabels, + }, + spec: { + selector: { + matchLabels: { + [key]: config.podLabelSelector[key] + for key in std.objectFields(config.podLabelSelector) + if key != 'app.kubernetes.io/instance' + }, + }, + endpoints: [ + { + port: 'http', + relabelings: [ + { + sourceLabels: ['namespace', 'pod'], + separator: '/', + targetLabel: 'instance', + }, + { + sourceLabels: ['__meta_kubernetes_service_label_compact_thanos_io_shard'], + regex: 'shard\\-(\\d+)', + replacement: '$1', + targetLabel: 'shard', + }, + ], + }, + ], + }, + }, + } diff --git a/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-compact.libsonnet b/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-compact.libsonnet index 9df5f0fb..5c12dbd9 100644 --- a/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-compact.libsonnet +++ b/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-compact.libsonnet @@ -1,48 +1,4 @@ -// These are the defaults for this components configuration. -// When calling the function to generate the component's manifest, -// you can pass an object structured like the default to overwrite default values. -local defaults = { - local defaults = self, - name: 'thanos-compact', - namespace: error 'must provide namespace', - version: error 'must provide version', - image: error 'must provide image', - imagePullPolicy: 'IfNotPresent', - objectStorageConfig: error 'must provide objectStorageConfig', - resources: {}, - logLevel: 'info', - logFormat: 'logfmt', - serviceMonitor: false, - volumeClaimTemplate: {}, - retentionResolutionRaw: '0d', - retentionResolution5m: '0d', - retentionResolution1h: '0d', - deleteDelay: '48h', - disableDownsampling: false, - deduplicationReplicaLabels: [], - ports: { - http: 10902, - }, - tracing: {}, - - commonLabels:: { - 'app.kubernetes.io/name': 'thanos-compact', - 'app.kubernetes.io/instance': defaults.name, - 'app.kubernetes.io/version': defaults.version, - 'app.kubernetes.io/component': 'database-compactor', - }, - - podLabelSelector:: { - [labelName]: defaults.commonLabels[labelName] - for labelName in std.objectFields(defaults.commonLabels) - if labelName != 'app.kubernetes.io/version' - }, - - securityContext:: { - fsGroup: 65534, - runAsUser: 65534, - }, -}; +local defaults = import 'kube-thanos/kube-thanos-compact-default-params.libsonnet'; function(params) { local tc = self, @@ -66,6 +22,7 @@ function(params) { labels: tc.config.commonLabels, }, spec: { + clusterIP: 'None', selector: tc.config.podLabelSelector, ports: [ { @@ -128,7 +85,18 @@ function(params) { key: tc.config.objectStorageConfig.key, name: tc.config.objectStorageConfig.name, } } }, - ], + { + // Inject the host IP to make configuring tracing convenient. + name: 'HOST_IP_ADDRESS', + valueFrom: { + fieldRef: { + fieldPath: 'status.hostIP', + }, + }, + }, + ] + ( + if std.length(tc.config.extraEnv) > 0 then tc.config.extraEnv else [] + ), ports: [ { name: name, containerPort: tc.config.ports[name] } for name in std.objectFields(tc.config.ports) @@ -147,7 +115,11 @@ function(params) { name: 'data', mountPath: '/var/thanos/compact', readOnly: false, - }], + }] + ( + if std.objectHas(tc.config.objectStorageConfig, 'tlsSecretName') && std.length(tc.config.objectStorageConfig.tlsSecretName) > 0 then [ + { name: 'tls-secret', mountPath: tc.config.objectStorageConfig.tlsSecretMountPath }, + ] else [] + ), resources: if tc.config.resources != {} then tc.config.resources else {}, terminationMessagePolicy: 'FallbackToLogsOnError', }; @@ -172,8 +144,32 @@ function(params) { serviceAccountName: tc.serviceAccount.metadata.name, securityContext: tc.config.securityContext, containers: [c], - volumes: [], + volumes: if std.objectHas(tc.config.objectStorageConfig, 'tlsSecretName') && std.length(tc.config.objectStorageConfig.tlsSecretName) > 0 then [{ + name: 'tls-secret', + secret: { secretName: tc.config.objectStorageConfig.tlsSecretName }, + }] else [], terminationGracePeriodSeconds: 120, + nodeSelector: { + 'kubernetes.io/os': 'linux', + }, + affinity: { podAntiAffinity: { + preferredDuringSchedulingIgnoredDuringExecution: [{ + podAffinityTerm: { + namespaces: [tc.config.namespace], + topologyKey: 'kubernetes.io/hostname', + labelSelector: { matchExpressions: [{ + key: 'app.kubernetes.io/name', + operator: 'In', + values: [tc.statefulSet.metadata.labels['app.kubernetes.io/name']], + }, { + key: 'app.kubernetes.io/instance', + operator: 'In', + values: [tc.statefulSet.metadata.labels['app.kubernetes.io/instance']], + }] }, + }, + weight: 100, + }], + } }, }, }, volumeClaimTemplates: if std.length(tc.config.volumeClaimTemplate) > 0 then [tc.config.volumeClaimTemplate { diff --git a/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-query-frontend.libsonnet b/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-query-frontend.libsonnet index ade0246b..28d696ec 100644 --- a/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-query-frontend.libsonnet +++ b/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-query-frontend.libsonnet @@ -30,6 +30,7 @@ local defaults = { http: 9090, }, tracing: {}, + extraEnv: [], memcachedDefaults+:: { config+: { @@ -171,6 +172,19 @@ function(params) { ), ] else [] ), + env: [ + { + // Inject the host IP to make configuring tracing convenient. + name: 'HOST_IP_ADDRESS', + valueFrom: { + fieldRef: { + fieldPath: 'status.hostIP', + }, + }, + }, + ] + ( + if std.length(tqf.config.extraEnv) > 0 then tqf.config.extraEnv else [] + ), ports: [ { name: name, containerPort: tqf.config.ports[name] } for name in std.objectFields(tqf.config.ports) @@ -207,6 +221,9 @@ function(params) { serviceAccountName: tqf.serviceAccount.metadata.name, securityContext: tqf.config.securityContext, terminationGracePeriodSeconds: 120, + nodeSelector: { + 'kubernetes.io/os': 'linux', + }, affinity: { podAntiAffinity: { preferredDuringSchedulingIgnoredDuringExecution: [{ podAffinityTerm: { diff --git a/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-query.libsonnet b/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-query.libsonnet index 35803679..eb456ecd 100644 --- a/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-query.libsonnet +++ b/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-query.libsonnet @@ -12,6 +12,7 @@ local defaults = { replicaLabels: error 'must provide replicaLabels', stores: ['dnssrv+_grpc._tcp.thanos-store.%s.svc.cluster.local' % defaults.namespace], externalPrefix: '', + prefixHeader: '', autoDownsampling: true, resources: {}, queryTimeout: '', @@ -24,6 +25,7 @@ local defaults = { logLevel: 'info', logFormat: 'logfmt', tracing: {}, + extraEnv: [], commonLabels:: { 'app.kubernetes.io/name': 'thanos-query', @@ -116,6 +118,11 @@ function(params) { '--web.external-prefix=' + tq.config.externalPrefix, ] else [] ) + + ( + if tq.config.prefixHeader != '' then [ + '--web.prefix-header=' + tq.config.prefixHeader, + ] else [] + ) + ( if tq.config.queryTimeout != '' then [ '--query.timeout=' + tq.config.queryTimeout, @@ -136,6 +143,19 @@ function(params) { '--query.auto-downsampling', ] else [] ), + env: [ + { + // Inject the host IP to make configuring tracing convenient. + name: 'HOST_IP_ADDRESS', + valueFrom: { + fieldRef: { + fieldPath: 'status.hostIP', + }, + }, + }, + ] + ( + if std.length(tq.config.extraEnv) > 0 then tq.config.extraEnv else [] + ), ports: [ { name: port.name, containerPort: port.port } for port in tq.service.spec.ports @@ -174,6 +194,9 @@ function(params) { securityContext: tq.config.securityContext, serviceAccountName: tq.serviceAccount.metadata.name, terminationGracePeriodSeconds: 120, + nodeSelector: { + 'kubernetes.io/os': 'linux', + }, affinity: { podAntiAffinity: { preferredDuringSchedulingIgnoredDuringExecution: [{ podAffinityTerm: { diff --git a/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-receive-default-params.libsonnet b/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-receive-default-params.libsonnet index ced06685..363801c6 100644 --- a/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-receive-default-params.libsonnet +++ b/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-receive-default-params.libsonnet @@ -13,6 +13,7 @@ objectStorageConfig: error 'must provide objectStorageConfig', podDisruptionBudgetMaxUnavailable: (std.floor(defaults.replicationFactor / 2)), hashringConfigMapName: '', + enableLocalEndpoint: true, volumeClaimTemplate: {}, retention: '15d', logLevel: 'info', @@ -31,6 +32,8 @@ ], tenantLabelName: null, tenantHeader: null, + clusterDomain: 'cluster.local', + extraEnv: [], commonLabels:: { 'app.kubernetes.io/name': 'thanos-receive', diff --git a/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-receive-ingestor.libsonnet b/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-receive-ingestor.libsonnet new file mode 100644 index 00000000..0b2b750b --- /dev/null +++ b/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-receive-ingestor.libsonnet @@ -0,0 +1,45 @@ +local receiveConfigDefaults = import 'kube-thanos/kube-thanos-receive-default-params.libsonnet'; +local receiveHashring = import 'kube-thanos/kube-thanos-receive-hashrings.libsonnet'; + +local defaults = receiveConfigDefaults { + hashrings: [{ + hashring: 'default', + tenants: [], + }], + hashringConfigmapName: 'hashring-config', + routerReplicas: 1, +}; + +function(params) { + local tr = self, + // Combine the defaults and the passed params to make the component's config. + config:: defaults + params, + + local ingestors = receiveHashring(tr.config { name: tr.config.name + '-ingestor' }), + + ingestors: { + [name]: ingestors.hashrings[name] + for name in std.objectFields(ingestors.hashrings) + }, + + storeEndpoints:: [ + 'dnssrv+_grpc._tcp.%s.%s.svc.cluster.local:%d' % [ingestors.hashrings[name.hashring].service.metadata.name, tr.config.namespace, tr.config.ports.grpc] + for name in tr.config.hashrings + ], + + endpoints:: { + [name.hashring]: [ + '%s-%d.%s.%s.svc.cluster.local:%d' % [ + ingestors.hashrings[name.hashring].service.metadata.name, + i, + ingestors.hashrings[name.hashring].service.metadata.name, + tr.config.namespace, + tr.config.ports.grpc, + ] + // Replica specification is 1-based, but statefulSets are named 0-based. + for i in std.range(0, tr.config.replicas - 1) + ] + for name in tr.config.hashrings + }, + serviceAccount: ingestors.serviceAccount, +} diff --git a/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-receive-router.libsonnet b/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-receive-router.libsonnet new file mode 100644 index 00000000..a7b41eb6 --- /dev/null +++ b/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-receive-router.libsonnet @@ -0,0 +1,145 @@ +local receiveConfigDefaults = import 'kube-thanos/kube-thanos-receive-default-params.libsonnet'; + +local defaults = receiveConfigDefaults { + hashrings: [{ + hashring: 'default', + tenants: [], + }], + hashringConfigmapName: 'hashring-config', + routerReplicas: 1, + endpoints: error 'must provide ingestor endpoints object', +}; + +function(params) { + local tr = self, + // Combine the defaults and the passed params to make the component's config. + config:: defaults + params, + + routerLabels:: tr.config.commonLabels { + 'app.kubernetes.io/component': tr.config.name + '-router', + }, + + service: { + apiVersion: 'v1', + kind: 'Service', + metadata: { + name: tr.config.name + '-router', + namespace: tr.config.namespace, + }, + spec: { + ports: [{ name: name, port: tr.config.ports[name] } for name in std.objectFields(tr.config.ports)], + selector: tr.routerLabels, + }, + }, + + serviceAccount: { + apiVersion: 'v1', + kind: 'ServiceAccount', + metadata: { + name: tr.config.name + '-router', + namespace: tr.config.namespace, + labels: tr.routerLabels, + }, + }, + + configmap: { + apiVersion: 'v1', + kind: 'ConfigMap', + metadata: { + name: tr.config.hashringConfigmapName, + namespace: tr.config.namespace, + }, + data: { + 'hashrings.json': std.toString([hashring { endpoints: tr.config.endpoints[hashring.hashring] } for hashring in tr.config.hashrings]), + }, + }, + + // Create the deployment that acts as a router to the ingestor backends + deployment: { + apiVersion: 'apps/v1', + kind: 'Deployment', + metadata: { + name: tr.config.name + '-router', + namespace: tr.config.namespace, + labels: tr.routerLabels, + }, + spec: { + replicas: tr.config.routerReplicas, + selector: { matchLabels: tr.routerLabels }, + template: { + metadata: { + labels: tr.routerLabels, + }, + spec: { + serviceAccountName: tr.serviceAccount.metadata.name, + securityContext: tr.config.securityContext, + containers: [{ + name: 'thanos-receive', + image: tr.config.image, + imagePullPolicy: tr.config.imagePullPolicy, + args: [ + 'receive', + '--log.level=' + tr.config.logLevel, + '--log.format=' + tr.config.logFormat, + '--grpc-address=0.0.0.0:%d' % tr.config.ports.grpc, + '--http-address=0.0.0.0:%d' % tr.config.ports.http, + '--remote-write.address=0.0.0.0:%d' % tr.config.ports['remote-write'], + '--receive.replication-factor=%d' % tr.config.replicationFactor, + '--receive.hashrings-file=/var/lib/thanos-receive/hashrings.json', + ] + [ + '--label=%s' % label + for label in tr.config.labels + ] + ( + if tr.config.tenantLabelName != null then [ + '--receive.tenant-label-name=%s' % tr.config.tenantLabelName, + ] else [] + ) + ( + if std.length(tr.config.tracing) > 0 then [ + '--tracing.config=' + std.manifestYamlDoc( + { config+: { service_name: defaults.name } } + tr.config.tracing + ), + ] else [] + ), + env: [ + { name: 'NAME', valueFrom: { fieldRef: { fieldPath: 'metadata.name' } } }, + { name: 'NAMESPACE', valueFrom: { fieldRef: { fieldPath: 'metadata.namespace' } } }, + { + // Inject the host IP to make configuring tracing convenient. + name: 'HOST_IP_ADDRESS', + valueFrom: { + fieldRef: { + fieldPath: 'status.hostIP', + }, + }, + }, + ] + ( + if std.length(tr.config.extraEnv) > 0 then tr.config.extraEnv else [] + ), + ports: [{ name: name, containerPort: tr.config.ports[name] } for name in std.objectFields(tr.config.ports)], + volumeMounts: [{ name: 'hashring-config', mountPath: '/var/lib/thanos-receive' }], + livenessProbe: { failureThreshold: 8, periodSeconds: 30, httpGet: { + scheme: 'HTTP', + port: tr.config.ports.http, + path: '/-/healthy', + } }, + readinessProbe: { failureThreshold: 20, periodSeconds: 5, httpGet: { + scheme: 'HTTP', + port: tr.config.ports.http, + path: '/-/ready', + } }, + resources: if tr.config.resources != {} then tr.config.resources else {}, + terminationMessagePolicy: 'FallbackToLogsOnError', + }], + volumes: [{ + name: 'hashring-config', + configMap: { name: tr.config.hashringConfigMapName }, + }], + terminationGracePeriodSeconds: 30, + nodeSelector: { + 'beta.kubernetes.io/os': 'linux', + }, + }, + }, + }, + }, +} diff --git a/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-receive.libsonnet b/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-receive.libsonnet index 037f692c..2fc88ba7 100644 --- a/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-receive.libsonnet +++ b/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-receive.libsonnet @@ -49,8 +49,9 @@ function(params) { }, statefulSet: - local localEndpointFlag = '--receive.local-endpoint=$(NAME).%s.$(NAMESPACE).svc.cluster.local:%d' % [ + local localEndpointFlag = '--receive.local-endpoint=$(NAME).%s.$(NAMESPACE).svc.%s:%d' % [ tr.config.name, + tr.config.clusterDomain, tr.config.ports.grpc, ]; @@ -66,14 +67,20 @@ function(params) { '--http-address=0.0.0.0:%d' % tr.config.ports.http, '--remote-write.address=0.0.0.0:%d' % tr.config.ports['remote-write'], '--receive.replication-factor=%d' % tr.config.replicationFactor, - '--objstore.config=$(OBJSTORE_CONFIG)', '--tsdb.path=/var/thanos/receive', '--tsdb.retention=' + tr.config.retention, - localEndpointFlag, ] + [ '--label=%s' % label for label in tr.config.labels ] + ( + if tr.config.objectStorageConfig != null then [ + '--objstore.config=$(OBJSTORE_CONFIG)', + ] else [] + ) + ( + if tr.config.enableLocalEndpoint then [ + localEndpointFlag, + ] else [] + ) + ( if tr.config.tenantLabelName != null then [ '--receive.tenant-label-name=%s' % tr.config.tenantLabelName, ] else [] @@ -95,11 +102,26 @@ function(params) { env: [ { name: 'NAME', valueFrom: { fieldRef: { fieldPath: 'metadata.name' } } }, { name: 'NAMESPACE', valueFrom: { fieldRef: { fieldPath: 'metadata.namespace' } } }, - { name: 'OBJSTORE_CONFIG', valueFrom: { secretKeyRef: { - key: tr.config.objectStorageConfig.key, - name: tr.config.objectStorageConfig.name, - } } }, - ], + { + // Inject the host IP to make configuring tracing convenient. + name: 'HOST_IP_ADDRESS', + valueFrom: { + fieldRef: { + fieldPath: 'status.hostIP', + }, + }, + }, + ] + ( + if tr.config.objectStorageConfig != null then [{ + name: 'OBJSTORE_CONFIG', + valueFrom: { secretKeyRef: { + key: tr.config.objectStorageConfig.key, + name: tr.config.objectStorageConfig.name, + } }, + }] else [] + ) + ( + if std.length(tr.config.extraEnv) > 0 then tr.config.extraEnv else [] + ), ports: [ { name: name, containerPort: tr.config.ports[name] } for name in std.objectFields(tr.config.ports) @@ -112,6 +134,10 @@ function(params) { if tr.config.hashringConfigMapName != '' then [ { name: 'hashring-config', mountPath: '/var/lib/thanos-receive' }, ] else [] + ) + ( + if tr.config.objectStorageConfig != null && std.objectHas(tr.config.objectStorageConfig, 'tlsSecretName') && std.length(tr.config.objectStorageConfig.tlsSecretName) > 0 then [ + { name: 'tls-secret', mountPath: tr.config.objectStorageConfig.tlsSecretMountPath }, + ] else [] ), livenessProbe: { failureThreshold: 8, periodSeconds: 30, httpGet: { scheme: 'HTTP', @@ -147,11 +173,21 @@ function(params) { serviceAccountName: tr.serviceAccount.metadata.name, securityContext: tr.config.securityContext, containers: [c], - volumes: if tr.config.hashringConfigMapName != '' then [{ - name: 'hashring-config', - configMap: { name: tr.config.hashringConfigMapName }, - }] else [], + volumes: ( + if tr.config.hashringConfigMapName != '' then [{ + name: 'hashring-config', + configMap: { name: tr.config.hashringConfigMapName }, + }] else [] + ) + ( + if tr.config.objectStorageConfig != null && std.objectHas(tr.config.objectStorageConfig, 'tlsSecretName') && std.length(tr.config.objectStorageConfig.tlsSecretName) > 0 then [{ + name: 'tls-secret', + secret: { secretName: tr.config.objectStorageConfig.tlsSecretName }, + }] else [] + ), terminationGracePeriodSeconds: 900, + nodeSelector: { + 'kubernetes.io/os': 'linux', + }, affinity: { podAntiAffinity: { local labelSelector = { matchExpressions: [{ key: 'app.kubernetes.io/name', diff --git a/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-rule.libsonnet b/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-rule.libsonnet index d3755656..6d0b2131 100644 --- a/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-rule.libsonnet +++ b/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-rule.libsonnet @@ -10,12 +10,10 @@ local defaults = { imagePullPolicy: 'IfNotPresent', replicas: error 'must provide replicas', reloaderImage: error 'must provide reloader image', + reloaderImagePullPolicy: 'IfNotPresent', objectStorageConfig: error 'must provide objectStorageConfig', ruleFiles: [], rulesConfig: [], - retention: '48h', - blockDuration: '2h', - evalInterval: '30s', alertmanagersURLs: [], alertmanagerConfigFile: {}, extraVolumeMounts: [], @@ -23,12 +21,16 @@ local defaults = { logLevel: 'info', logFormat: 'logfmt', resources: {}, + retention: '48h', + blockDuration: '2h', serviceMonitor: false, ports: { grpc: 10901, http: 10902, + reloader: 9533, }, tracing: {}, + extraEnv: [], commonLabels:: { 'app.kubernetes.io/name': 'thanos-rule', @@ -57,10 +59,10 @@ function(params) { // Safety checks for combined config of defaults and params assert std.isNumber(tr.config.replicas) && tr.config.replicas >= 0 : 'thanos rule replicas has to be number >= 0', assert std.isArray(tr.config.ruleFiles), - assert std.isObject(tr.config.alertmanagerConfigFile), - assert std.isArray(tr.config.extraVolumeMounts), assert std.isArray(tr.config.rulesConfig), assert std.isArray(tr.config.alertmanagersURLs), + assert std.isObject(tr.config.alertmanagerConfigFile), + assert std.isArray(tr.config.extraVolumeMounts), assert std.isObject(tr.config.resources), assert std.isBoolean(tr.config.serviceMonitor), assert std.isObject(tr.config.volumeClaimTemplate), @@ -120,14 +122,13 @@ function(params) { '--alert.label-drop=rule_replica', '--tsdb.retention=' + tr.config.retention, '--tsdb.block-duration=' + tr.config.blockDuration, - '--eval-interval=' + tr.config.evalInterval, ] + (['--query=%s' % querier for querier in tr.config.queriers]) + (['--rule-file=%s' % path for path in tr.config.ruleFiles]) + (['--alertmanagers.url=%s' % url for url in tr.config.alertmanagersURLs]) + ( if tr.config.alertmanagerConfigFile != {} then [ - '--alertmanagers.config-file=/etc/thanos/config/' + tr.config.alertmanagerConfigFile.name + '/' + tr.config.alertmanagerConfigFile.key + '--alertmanagers.config-file=/etc/thanos/config/' + tr.config.alertmanagerConfigFile.name + '/' + tr.config.alertmanagerConfigFile.key, ] else [] ) + ( @@ -149,7 +150,18 @@ function(params) { key: tr.config.objectStorageConfig.key, name: tr.config.objectStorageConfig.name, } } }, - ], + { + // Inject the host IP to make configuring tracing convenient. + name: 'HOST_IP_ADDRESS', + valueFrom: { + fieldRef: { + fieldPath: 'status.hostIP', + }, + }, + }, + ] + ( + if std.length(tr.config.extraEnv) > 0 then tr.config.extraEnv else [] + ), ports: [ { name: name, containerPort: tr.config.ports[name] } for name in std.objectFields(tr.config.ports) @@ -163,14 +175,18 @@ function(params) { { name: ruleConfig.name, mountPath: '/etc/thanos/rules/' + ruleConfig.name } for ruleConfig in tr.config.rulesConfig ] else [] + ) + ( + if tr.config.alertmanagerConfigFile != {} then [ + { name: tr.config.alertmanagerConfigFile.name, mountPath: '/etc/thanos/config/' + tr.config.alertmanagerConfigFile.name, readOnly: true }, + ] else [] ) + ( if std.length(tr.config.extraVolumeMounts) > 0 then [ { name: volumeMount.name, mountPath: volumeMount.mountPath } for volumeMount in tr.config.extraVolumeMounts ] else [] ) + ( - if tr.config.alertmanagerConfigFile != {} then [ - { name: tr.config.alertmanagerConfigFile.name, mountPath: '/etc/thanos/config/' + tr.config.alertmanagerConfigFile.name } + if tr.config.objectStorageConfig != null && std.objectHas(tr.config.objectStorageConfig, 'tlsSecretName') && std.length(tr.config.objectStorageConfig.tlsSecretName) > 0 then [ + { name: 'tls-secret', mountPath: tr.config.objectStorageConfig.tlsSecretMountPath }, ] else [] ), livenessProbe: { failureThreshold: 24, periodSeconds: 5, httpGet: { @@ -191,36 +207,38 @@ function(params) { local reloadContainer = { name: 'configmap-reloader', image: tr.config.reloaderImage, - imagePullPolicy: tr.config.imagePullPolicy, + imagePullPolicy: tr.config.reloaderImagePullPolicy, args: [ '-webhook-url=http://localhost:' + tr.service.spec.ports[1].port + '/-/reload', ] + ( if std.length(tr.config.rulesConfig) > 0 then [ - '-volume-dir=/etc/thanos/rules/' + ruleConfig.name for ruleConfig in tr.config.rulesConfig + '-volume-dir=/etc/thanos/rules/' + ruleConfig.name + for ruleConfig in tr.config.rulesConfig ] else [] ) + ( - if std.length(tr.config.extraVolumeMounts) > 0 then [ - '-volume-dir=' + volumeMount.mountPath for volumeMount in tr.config.extraVolumeMounts + if tr.config.alertmanagerConfigFile != {} then [ + '-volume-dir=/etc/thanos/config/' + tr.config.alertmanagerConfigFile.name, ] else [] ) + ( - if tr.config.alertmanagerConfigFile != {} then [ - '-volume-dir=/etc/thanos/config/' + tr.config.alertmanagerConfigFile.name + if std.length(tr.config.extraVolumeMounts) > 0 then [ + '-volume-dir=' + volumeMount.mountPath + for volumeMount in tr.config.extraVolumeMounts ] else [] ), volumeMounts: [ { name: ruleConfig.name, mountPath: '/etc/thanos/rules/' + ruleConfig.name } for ruleConfig in tr.config.rulesConfig ] + ( + if tr.config.alertmanagerConfigFile != {} then [ + { name: tr.config.alertmanagerConfigFile.name, mountPath: '/etc/thanos/config/' + tr.config.alertmanagerConfigFile.name }, + ] else [] + ) + ( if std.length(tr.config.extraVolumeMounts) > 0 then [ { name: volumeMount.name, mountPath: volumeMount.mountPath } for volumeMount in tr.config.extraVolumeMounts ] else [] - ) + ( - if tr.config.alertmanagerConfigFile != {} then [ - { name: tr.config.alertmanagerConfigFile.name, mountPath: '/etc/thanos/config/' + tr.config.alertmanagerConfigFile.name } - ] else [] ), }; @@ -244,35 +262,45 @@ function(params) { serviceAccountName: tr.serviceAccount.metadata.name, securityContext: tr.config.securityContext, containers: [c] + - (if std.length(tr.config.rulesConfig) > 0 || std.length(tr.config.extraVolumeMounts) > 0 || tr.config.alertmanagerConfigFile != {} then [ - reloadContainer - ] else []), - volumes: [] + - ( - if std.length(tr.config.rulesConfig) > 0 then [ - { name: ruleConfig.name, configMap: { name: ruleConfig.name } } - for ruleConfig in tr.config.rulesConfig - ] else [] - ) + - ( - if std.length(tr.config.extraVolumeMounts) > 0 then [ - { name: volumeMount.name, } + - ( - if volumeMount.type == "configMap" then { - configMap : { name: volumeMount.name } - } - else { - secret : { name: volumeMount.name } - } - ) - for volumeMount in tr.config.extraVolumeMounts - ] else [] - ) + - ( - if tr.config.alertmanagerConfigFile != {} then [{ - name: tr.config.alertmanagerConfigFile.name, configMap: { name: tr.config.alertmanagerConfigFile.name } - }] else [] - ), + ( + if std.length(tr.config.rulesConfig) > 0 || std.length(tr.config.extraVolumeMounts) > 0 || tr.config.alertmanagerConfigFile != {} then [ + reloadContainer, + ] else [] + ), + volumes: + [] + + ( + if std.length(tr.config.rulesConfig) > 0 then [ + { name: ruleConfig.name, configMap: { name: ruleConfig.name } } + for ruleConfig in tr.config.rulesConfig + ] else [] + ) + ( + if tr.config.alertmanagerConfigFile != {} then [{ + name: tr.config.alertmanagerConfigFile.name, + configMap: { name: tr.config.alertmanagerConfigFile.name }, + }] else [] + ) + ( + if std.length(tr.config.extraVolumeMounts) > 0 then [ + { name: volumeMount.name } + + ( + if volumeMount.type == 'configMap' then { + configMap: { name: volumeMount.name }, + } + else { + secret: { name: volumeMount.name }, + } + ) + for volumeMount in tr.config.extraVolumeMounts + ] else [] + ) + ( + if tr.config.objectStorageConfig != null && std.objectHas(tr.config.objectStorageConfig, 'tlsSecretName') && std.length(tr.config.objectStorageConfig.tlsSecretName) > 0 then [{ + name: 'tls-secret', + secret: { secretName: tr.config.objectStorageConfig.tlsSecretName }, + }] else [] + ), + nodeSelector: { + 'kubernetes.io/os': 'linux', + }, }, }, volumeClaimTemplates: if std.length(tr.config.volumeClaimTemplate) > 0 then [tr.config.volumeClaimTemplate { @@ -305,6 +333,7 @@ function(params) { targetLabel: 'instance', }], }, + { port: 'reloader' }, ], }, }, diff --git a/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-store-default-params.libsonnet b/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-store-default-params.libsonnet index 0307e43c..3cfa6cbd 100644 --- a/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-store-default-params.libsonnet +++ b/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-store-default-params.libsonnet @@ -25,6 +25,7 @@ tracing: {}, minTime: '', maxTime: '', + extraEnv: [], memcachedDefaults+:: { config+: { diff --git a/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-store.libsonnet b/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-store.libsonnet index 42eeb3b9..99df2aad 100644 --- a/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-store.libsonnet +++ b/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/kube-thanos-store.libsonnet @@ -100,11 +100,27 @@ function(params) { ] else [] ), env: [ - { name: 'OBJSTORE_CONFIG', valueFrom: { secretKeyRef: { - key: ts.config.objectStorageConfig.key, - name: ts.config.objectStorageConfig.name, - } } }, - ], + { + name: 'OBJSTORE_CONFIG', + valueFrom: { + secretKeyRef: { + key: ts.config.objectStorageConfig.key, + name: ts.config.objectStorageConfig.name, + }, + }, + }, + { + // Inject the host IP to make configuring tracing convenient. + name: 'HOST_IP_ADDRESS', + valueFrom: { + fieldRef: { + fieldPath: 'status.hostIP', + }, + }, + }, + ] + ( + if std.length(ts.config.extraEnv) > 0 then ts.config.extraEnv else [] + ), ports: [ { name: name, containerPort: ts.config.ports[name] } for name in std.objectFields(ts.config.ports) @@ -113,7 +129,11 @@ function(params) { name: 'data', mountPath: '/var/thanos/store', readOnly: false, - }], + }] + ( + if std.objectHas(ts.config.objectStorageConfig, 'tlsSecretName') && std.length(ts.config.objectStorageConfig.tlsSecretName) > 0 then [ + { name: 'tls-secret', mountPath: ts.config.objectStorageConfig.tlsSecretMountPath }, + ] else [] + ), livenessProbe: { failureThreshold: 8, periodSeconds: 30, httpGet: { scheme: 'HTTP', port: ts.config.ports.http, @@ -148,8 +168,14 @@ function(params) { serviceAccountName: ts.serviceAccount.metadata.name, securityContext: ts.config.securityContext, containers: [c], - volumes: [], + volumes: if std.objectHas(ts.config.objectStorageConfig, 'tlsSecretName') && std.length(ts.config.objectStorageConfig.tlsSecretName) > 0 then [{ + name: 'tls-secret', + secret: { secretName: ts.config.objectStorageConfig.tlsSecretName }, + }] else [], terminationGracePeriodSeconds: 120, + nodeSelector: { + 'kubernetes.io/os': 'linux', + }, affinity: { podAntiAffinity: { preferredDuringSchedulingIgnoredDuringExecution: [{ podAffinityTerm: { @@ -203,4 +229,5 @@ function(params) { ], }, }, + storeEndpoint:: 'dnssrv+_grpc._tcp.%s.%s.svc.cluster.local:%d' % [ts.service.metadata.name, ts.config.namespace, ts.config.ports.grpc], } diff --git a/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/thanos.libsonnet b/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/thanos.libsonnet index 22fd4d3e..53e594a5 100644 --- a/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/thanos.libsonnet +++ b/jsonnet/vendor/github.com/stolostron/kube-thanos/jsonnet/kube-thanos/thanos.libsonnet @@ -1,8 +1,12 @@ { bucket: (import 'kube-thanos-bucket.libsonnet'), + bucketReplicate: (import 'kube-thanos-bucket-replicate.libsonnet'), compact: (import 'kube-thanos-compact.libsonnet'), + compactShards: (import 'kube-thanos-compact-shards.libsonnet'), query: (import 'kube-thanos-query.libsonnet'), receive: (import 'kube-thanos-receive.libsonnet'), + receiveIngestor: (import 'kube-thanos-receive-ingestor.libsonnet'), + receiveRouter: (import 'kube-thanos-receive-router.libsonnet'), receiveHashrings: (import 'kube-thanos-receive-hashrings.libsonnet'), rule: (import 'kube-thanos-rule.libsonnet'), sidecar: (import 'kube-thanos-sidecar.libsonnet'), diff --git a/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-bucket-replicate.libsonnet b/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-bucket-replicate.libsonnet new file mode 100644 index 00000000..9ac63679 --- /dev/null +++ b/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-bucket-replicate.libsonnet @@ -0,0 +1,197 @@ +// These are the defaults for this components configuration. +// When calling the function to generate the component's manifest, +// you can pass an object structured like the default to overwrite default values. +local defaults = { + local defaults = self, + name: 'thanos-bucket-replicate', + namespace: error 'must provide namespace', + version: error 'must provide version', + image: error 'must provide image', + imagePullPolicy: 'IfNotPresent', + objectStorageConfig: error 'must provide objectStorageConfig', + objectStorageToConfig: error 'must provide objectStorageToConfig', // Destination object store configuration. + resources: {}, + logLevel: 'info', + logFormat: 'logfmt', + ports: { + http: 10902, + }, + tracing: {}, + minTime: '', + maxTime: '', + compactionLevels: [], + resolutions: [], + extraEnv: [], + + commonLabels:: { + 'app.kubernetes.io/name': 'thanos-bucket-replicate', + 'app.kubernetes.io/instance': defaults.name, + 'app.kubernetes.io/version': defaults.version, + 'app.kubernetes.io/component': 'object-store-bucket-replicate', + }, + + podLabelSelector:: { + [labelName]: defaults.commonLabels[labelName] + for labelName in std.objectFields(defaults.commonLabels) + if labelName != 'app.kubernetes.io/version' + }, + + securityContext:: { + fsGroup: 65534, + runAsUser: 65534, + }, +}; + +function(params) { + local tbr = self, + + // Combine the defaults and the passed params to make the component's config. + config:: defaults + params, + // Safety checks for combined config of defaults and params + assert std.isNumber(tbr.config.replicas) && tbr.config.replicas >= 0 : 'thanos bucket replicate replicas has to be number >= 0', + assert std.isObject(tbr.config.resources), + + service: { + apiVersion: 'v1', + kind: 'Service', + metadata: { + name: tbr.config.name, + namespace: tbr.config.namespace, + labels: tbr.config.commonLabels, + }, + spec: { + ports: [ + { + assert std.isString(name), + assert std.isNumber(tbr.config.ports[name]), + + name: name, + port: tbr.config.ports[name], + targetPort: tbr.config.ports[name], + } + for name in std.objectFields(tbr.config.ports) + ], + selector: tbr.config.podLabelSelector, + }, + }, + + serviceAccount: { + apiVersion: 'v1', + kind: 'ServiceAccount', + metadata: { + name: tbr.config.name, + namespace: tbr.config.namespace, + labels: tbr.config.commonLabels, + }, + }, + + deployment: + local container = { + name: 'thanos-bucket-replicate', + image: tbr.config.image, + imagePullPolicy: tbr.config.imagePullPolicy, + args: [ + 'tools', + 'bucket', + 'replicate', + '--log.level=' + tbr.config.logLevel, + '--log.format=' + tbr.config.logFormat, + '--objstore.config=$(OBJSTORE_CONFIG)', + '--objstore-to.config=$(OBJSTORE_TO_CONFIG)', + ] + ( + if std.length(tbr.config.tracing) > 0 then [ + '--tracing.config=' + std.manifestYamlDoc( + { config+: { service_name: defaults.name } } + tbr.config.tracing + ), + ] else [] + ) + ( + if std.length(tbr.config.minTime) > 0 then [ + '--min-time=' + tbr.config.minTime, + ] else [] + ) + ( + if std.length(tbr.config.maxTime) > 0 then [ + '--max-time=' + tbr.config.maxTime, + ] else [] + ) + ( + if std.length(tbr.config.compactionLevels) > 0 then [ + '--compaction=%d' % compactionLevel + for compactionLevel in tbr.config.compactionLevels + ] else [] + ) + ( + if std.length(tbr.config.resolutions) > 0 then [ + '--resolution=%s' % resolution + for resolution in tbr.config.resolutions + ] else [] + ), + env: [ + { name: 'OBJSTORE_CONFIG', valueFrom: { secretKeyRef: { + key: tbr.config.objectStorageConfig.key, + name: tbr.config.objectStorageConfig.name, + } } }, + { name: 'OBJSTORE_TO_CONFIG', valueFrom: { secretKeyRef: { + key: tbr.config.objectStorageToConfig.key, + name: tbr.config.objectStorageToConfig.name, + } } }, + { + // Inject the host IP to make configuring tracing convenient. + name: 'HOST_IP_ADDRESS', + valueFrom: { + fieldRef: { + fieldPath: 'status.hostIP', + }, + }, + }, + ] + ( + if std.length(tbr.config.extraEnv) > 0 then tbr.config.extraEnv else [] + ), + ports: [ + { name: name, containerPort: tbr.config.ports[name] } + for name in std.objectFields(tbr.config.ports) + ], + livenessProbe: { failureThreshold: 4, periodSeconds: 30, httpGet: { + scheme: 'HTTP', + port: tbr.config.ports.http, + path: '/-/healthy', + } }, + readinessProbe: { failureThreshold: 20, periodSeconds: 5, httpGet: { + scheme: 'HTTP', + port: tbr.config.ports.http, + path: '/-/ready', + } }, + resources: if tbr.config.resources != {} then tbr.config.resources else {}, + terminationMessagePolicy: 'FallbackToLogsOnError', + volumeMounts: if std.objectHas(tbr.config.objectStorageConfig, 'tlsSecretName') && std.length(tbr.config.objectStorageConfig.tlsSecretName) > 0 then [ + { name: 'tls-secret', mountPath: tbr.config.objectStorageConfig.tlsSecretMountPath }, + ] else [], + }; + + { + apiVersion: 'apps/v1', + kind: 'Deployment', + metadata: { + name: tbr.config.name, + namespace: tbr.config.namespace, + labels: tbr.config.commonLabels, + }, + spec: { + replicas: 1, + selector: { matchLabels: tbr.config.podLabelSelector }, + template: { + metadata: { labels: tbr.config.commonLabels }, + spec: { + serviceAccountName: tbr.serviceAccount.metadata.name, + securityContext: tbr.config.securityContext, + containers: [container], + volumes: if std.objectHas(tbr.config.objectStorageConfig, 'tlsSecretName') && std.length(tbr.config.objectStorageConfig.tlsSecretName) > 0 then [{ + name: 'tls-secret', + secret: { secretName: tbr.config.objectStorageConfig.tlsSecretName }, + }] else [], + terminationGracePeriodSeconds: 120, + nodeSelector: { + 'beta.kubernetes.io/os': 'linux', + }, + }, + }, + }, + }, +} diff --git a/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-bucket.libsonnet b/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-bucket.libsonnet index c131585e..759e8a05 100644 --- a/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-bucket.libsonnet +++ b/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-bucket.libsonnet @@ -7,6 +7,7 @@ local defaults = { namespace: error 'must provide namespace', version: error 'must provide version', image: error 'must provide image', + imagePullPolicy: 'IfNotPresent', objectStorageConfig: error 'must provide objectStorageConfig', resources: {}, logLevel: 'info', @@ -15,6 +16,7 @@ local defaults = { http: 10902, }, tracing: {}, + extraEnv: [], commonLabels:: { 'app.kubernetes.io/name': 'thanos-bucket', @@ -82,6 +84,7 @@ function(params) { local container = { name: 'thanos-bucket', image: tb.config.image, + imagePullPolicy: tb.config.imagePullPolicy, args: [ 'tools', 'bucket', @@ -118,7 +121,9 @@ function(params) { }, }, }, - ], + ] + ( + if std.length(tb.config.extraEnv) > 0 then tb.config.extraEnv else [] + ), ports: [ { name: name, containerPort: tb.config.ports[name] } for name in std.objectFields(tb.config.ports) @@ -135,6 +140,9 @@ function(params) { } }, resources: if tb.config.resources != {} then tb.config.resources else {}, terminationMessagePolicy: 'FallbackToLogsOnError', + volumeMounts: if std.objectHas(tb.config.objectStorageConfig, 'tlsSecretName') && std.length(tb.config.objectStorageConfig.tlsSecretName) > 0 then [ + { name: 'tls-secret', mountPath: tb.config.objectStorageConfig.tlsSecretMountPath }, + ] else [], }; { @@ -154,7 +162,14 @@ function(params) { serviceAccountName: tb.serviceAccount.metadata.name, securityContext: tb.config.securityContext, containers: [container], + volumes: if std.objectHas(tb.config.objectStorageConfig, 'tlsSecretName') && std.length(tb.config.objectStorageConfig.tlsSecretName) > 0 then [{ + name: 'tls-secret', + secret: { secretName: tb.config.objectStorageConfig.tlsSecretName }, + }] else [], terminationGracePeriodSeconds: 120, + nodeSelector: { + 'kubernetes.io/os': 'linux', + }, }, }, }, diff --git a/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-compact-default-params.libsonnet b/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-compact-default-params.libsonnet new file mode 100644 index 00000000..cbf4bbc8 --- /dev/null +++ b/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-compact-default-params.libsonnet @@ -0,0 +1,46 @@ +// These are the defaults for this components configuration. +// When calling the function to generate the component's manifest, +// you can pass an object structured like the default to overwrite default values. +{ + local defaults = self, + name: 'thanos-compact', + namespace: error 'must provide namespace', + version: error 'must provide version', + image: error 'must provide image', + imagePullPolicy: 'IfNotPresent', + objectStorageConfig: error 'must provide objectStorageConfig', + resources: {}, + logLevel: 'info', + logFormat: 'logfmt', + serviceMonitor: false, + volumeClaimTemplate: {}, + retentionResolutionRaw: '0d', + retentionResolution5m: '0d', + retentionResolution1h: '0d', + deleteDelay: '48h', + disableDownsampling: false, + deduplicationReplicaLabels: [], + ports: { + http: 10902, + }, + tracing: {}, + extraEnv: [], + + commonLabels:: { + 'app.kubernetes.io/name': 'thanos-compact', + 'app.kubernetes.io/instance': defaults.name, + 'app.kubernetes.io/version': defaults.version, + 'app.kubernetes.io/component': 'database-compactor', + }, + + podLabelSelector:: { + [labelName]: defaults.commonLabels[labelName] + for labelName in std.objectFields(defaults.commonLabels) + if labelName != 'app.kubernetes.io/version' + }, + + securityContext:: { + fsGroup: 65534, + runAsUser: 65534, + }, +} diff --git a/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-compact-shards.libsonnet b/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-compact-shards.libsonnet new file mode 100644 index 00000000..694aacde --- /dev/null +++ b/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-compact-shards.libsonnet @@ -0,0 +1,106 @@ +local compactConfigDefaults = import 'kube-thanos/kube-thanos-compact-default-params.libsonnet'; +local compact = import 'kube-thanos/kube-thanos-compact.libsonnet'; + +// These are the defaults for this components configuration. +// When calling the function to generate the component's manifest, +// you can pass an object structured like the default to overwrite default values. +local defaults = compactConfigDefaults { + shards: 1, +}; + +function(params) + // Combine the defaults and the passed params to make the component's config. + local config = defaults + params; + + // Safety checks for combined config of defaults and params + assert std.isNumber(config.shards) && config.shards >= 0 : 'thanos compact shards has to be number >= 0'; + assert std.isArray(config.sourceLabels) && std.length(config.sourceLabels) > 0; + + { config:: config } + { + local allShards = self, + + serviceAccount: { + apiVersion: 'v1', + kind: 'ServiceAccount', + metadata: { + name: config.name, + namespace: config.namespace, + labels: config.commonLabels, + }, + }, + + shards: { + ['shard' + i]: compact(config { + name+: '-%d' % i, + commonLabels+:: { 'compact.thanos.io/shard': 'shard-' + i }, + }) { + serviceAccount: null, // one service account for all compactors + serviceMonitor: null, // one service monitor for all compactors + + statefulSet+: { + spec+: { + template+: { + spec+: { + serviceAccountName: allShards.serviceAccount.metadata.name, + containers: [ + if c.name == 'thanos-compact' then c { + args+: [ + ||| + --selector.relabel-config= + - action: hashmod + source_labels: %s + target_label: shard + modulus: %d + - action: keep + source_labels: ["shard"] + regex: %d + ||| % [config.sourceLabels, config.shards, i], + ], + } else c + for c in super.containers + ], + }, + }, + }, + }, + } + for i in std.range(0, config.shards - 1) + }, + } + { + serviceMonitor: if config.serviceMonitor == true then { + apiVersion: 'monitoring.coreos.com/v1', + kind: 'ServiceMonitor', + metadata+: { + name: config.name, + namespace: config.namespace, + labels: config.commonLabels, + }, + spec: { + selector: { + matchLabels: { + [key]: config.podLabelSelector[key] + for key in std.objectFields(config.podLabelSelector) + if key != 'app.kubernetes.io/instance' + }, + }, + endpoints: [ + { + port: 'http', + relabelings: [ + { + sourceLabels: ['namespace', 'pod'], + separator: '/', + targetLabel: 'instance', + }, + { + sourceLabels: ['__meta_kubernetes_service_label_compact_thanos_io_shard'], + regex: 'shard\\-(\\d+)', + replacement: '$1', + targetLabel: 'shard', + }, + ], + }, + ], + }, + }, + } diff --git a/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-compact.libsonnet b/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-compact.libsonnet index bc2ebb74..5c12dbd9 100644 --- a/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-compact.libsonnet +++ b/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-compact.libsonnet @@ -1,47 +1,4 @@ -// These are the defaults for this components configuration. -// When calling the function to generate the component's manifest, -// you can pass an object structured like the default to overwrite default values. -local defaults = { - local defaults = self, - name: 'thanos-compact', - namespace: error 'must provide namespace', - version: error 'must provide version', - image: error 'must provide image', - objectStorageConfig: error 'must provide objectStorageConfig', - resources: {}, - logLevel: 'info', - logFormat: 'logfmt', - serviceMonitor: false, - volumeClaimTemplate: {}, - retentionResolutionRaw: '0d', - retentionResolution5m: '0d', - retentionResolution1h: '0d', - deleteDelay: '48h', - disableDownsampling: false, - deduplicationReplicaLabels: [], - ports: { - http: 10902, - }, - tracing: {}, - - commonLabels:: { - 'app.kubernetes.io/name': 'thanos-compact', - 'app.kubernetes.io/instance': defaults.name, - 'app.kubernetes.io/version': defaults.version, - 'app.kubernetes.io/component': 'database-compactor', - }, - - podLabelSelector:: { - [labelName]: defaults.commonLabels[labelName] - for labelName in std.objectFields(defaults.commonLabels) - if labelName != 'app.kubernetes.io/version' - }, - - securityContext:: { - fsGroup: 65534, - runAsUser: 65534, - }, -}; +local defaults = import 'kube-thanos/kube-thanos-compact-default-params.libsonnet'; function(params) { local tc = self, @@ -65,6 +22,7 @@ function(params) { labels: tc.config.commonLabels, }, spec: { + clusterIP: 'None', selector: tc.config.podLabelSelector, ports: [ { @@ -94,6 +52,7 @@ function(params) { local c = { name: 'thanos-compact', image: tc.config.image, + imagePullPolicy: tc.config.imagePullPolicy, args: [ 'compact', '--wait', @@ -135,7 +94,9 @@ function(params) { }, }, }, - ], + ] + ( + if std.length(tc.config.extraEnv) > 0 then tc.config.extraEnv else [] + ), ports: [ { name: name, containerPort: tc.config.ports[name] } for name in std.objectFields(tc.config.ports) @@ -154,7 +115,11 @@ function(params) { name: 'data', mountPath: '/var/thanos/compact', readOnly: false, - }], + }] + ( + if std.objectHas(tc.config.objectStorageConfig, 'tlsSecretName') && std.length(tc.config.objectStorageConfig.tlsSecretName) > 0 then [ + { name: 'tls-secret', mountPath: tc.config.objectStorageConfig.tlsSecretMountPath }, + ] else [] + ), resources: if tc.config.resources != {} then tc.config.resources else {}, terminationMessagePolicy: 'FallbackToLogsOnError', }; @@ -179,8 +144,32 @@ function(params) { serviceAccountName: tc.serviceAccount.metadata.name, securityContext: tc.config.securityContext, containers: [c], - volumes: [], + volumes: if std.objectHas(tc.config.objectStorageConfig, 'tlsSecretName') && std.length(tc.config.objectStorageConfig.tlsSecretName) > 0 then [{ + name: 'tls-secret', + secret: { secretName: tc.config.objectStorageConfig.tlsSecretName }, + }] else [], terminationGracePeriodSeconds: 120, + nodeSelector: { + 'kubernetes.io/os': 'linux', + }, + affinity: { podAntiAffinity: { + preferredDuringSchedulingIgnoredDuringExecution: [{ + podAffinityTerm: { + namespaces: [tc.config.namespace], + topologyKey: 'kubernetes.io/hostname', + labelSelector: { matchExpressions: [{ + key: 'app.kubernetes.io/name', + operator: 'In', + values: [tc.statefulSet.metadata.labels['app.kubernetes.io/name']], + }, { + key: 'app.kubernetes.io/instance', + operator: 'In', + values: [tc.statefulSet.metadata.labels['app.kubernetes.io/instance']], + }] }, + }, + weight: 100, + }], + } }, }, }, volumeClaimTemplates: if std.length(tc.config.volumeClaimTemplate) > 0 then [tc.config.volumeClaimTemplate { diff --git a/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-query-frontend.libsonnet b/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-query-frontend.libsonnet index 2b59f060..28d696ec 100644 --- a/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-query-frontend.libsonnet +++ b/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-query-frontend.libsonnet @@ -7,6 +7,7 @@ local defaults = { namespace: error 'must provide namespace', version: error 'must provide version', image: error 'must provide image', + imagePullPolicy: 'IfNotPresent', replicas: error 'must provide replicas', downstreamURL: error 'must provide downstreamURL', splitInterval: '24h', @@ -29,6 +30,7 @@ local defaults = { http: 9090, }, tracing: {}, + extraEnv: [], memcachedDefaults+:: { config+: { @@ -138,6 +140,7 @@ function(params) { local c = { name: 'thanos-query-frontend', image: tqf.config.image, + imagePullPolicy: tqf.config.imagePullPolicy, args: [ 'query-frontend', '--log.level=' + tqf.config.logLevel, @@ -179,7 +182,9 @@ function(params) { }, }, }, - ], + ] + ( + if std.length(tqf.config.extraEnv) > 0 then tqf.config.extraEnv else [] + ), ports: [ { name: name, containerPort: tqf.config.ports[name] } for name in std.objectFields(tqf.config.ports) @@ -216,6 +221,9 @@ function(params) { serviceAccountName: tqf.serviceAccount.metadata.name, securityContext: tqf.config.securityContext, terminationGracePeriodSeconds: 120, + nodeSelector: { + 'kubernetes.io/os': 'linux', + }, affinity: { podAntiAffinity: { preferredDuringSchedulingIgnoredDuringExecution: [{ podAffinityTerm: { diff --git a/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-query.libsonnet b/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-query.libsonnet index 5df41100..eb456ecd 100644 --- a/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-query.libsonnet +++ b/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-query.libsonnet @@ -7,10 +7,12 @@ local defaults = { namespace: error 'must provide namespace', version: error 'must provide version', image: error 'must provide image', + imagePullPolicy: 'IfNotPresent', replicas: error 'must provide replicas', replicaLabels: error 'must provide replicaLabels', stores: ['dnssrv+_grpc._tcp.thanos-store.%s.svc.cluster.local' % defaults.namespace], externalPrefix: '', + prefixHeader: '', autoDownsampling: true, resources: {}, queryTimeout: '', @@ -23,6 +25,7 @@ local defaults = { logLevel: 'info', logFormat: 'logfmt', tracing: {}, + extraEnv: [], commonLabels:: { 'app.kubernetes.io/name': 'thanos-query', @@ -95,6 +98,7 @@ function(params) { local c = { name: 'thanos-query', image: tq.config.image, + imagePullPolicy: tq.config.imagePullPolicy, args: [ 'query', @@ -114,6 +118,11 @@ function(params) { '--web.external-prefix=' + tq.config.externalPrefix, ] else [] ) + + ( + if tq.config.prefixHeader != '' then [ + '--web.prefix-header=' + tq.config.prefixHeader, + ] else [] + ) + ( if tq.config.queryTimeout != '' then [ '--query.timeout=' + tq.config.queryTimeout, @@ -144,7 +153,9 @@ function(params) { }, }, }, - ], + ] + ( + if std.length(tq.config.extraEnv) > 0 then tq.config.extraEnv else [] + ), ports: [ { name: port.name, containerPort: port.port } for port in tq.service.spec.ports @@ -183,6 +194,9 @@ function(params) { securityContext: tq.config.securityContext, serviceAccountName: tq.serviceAccount.metadata.name, terminationGracePeriodSeconds: 120, + nodeSelector: { + 'kubernetes.io/os': 'linux', + }, affinity: { podAntiAffinity: { preferredDuringSchedulingIgnoredDuringExecution: [{ podAffinityTerm: { diff --git a/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-receive-default-params.libsonnet b/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-receive-default-params.libsonnet index 9177349f..363801c6 100644 --- a/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-receive-default-params.libsonnet +++ b/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-receive-default-params.libsonnet @@ -7,11 +7,13 @@ namespace: error 'must provide namespace', version: error 'must provide version', image: error 'must provide image', + imagePullPolicy: 'IfNotPresent', replicas: error 'must provide replicas', replicationFactor: error 'must provide replication factor', objectStorageConfig: error 'must provide objectStorageConfig', podDisruptionBudgetMaxUnavailable: (std.floor(defaults.replicationFactor / 2)), hashringConfigMapName: '', + enableLocalEndpoint: true, volumeClaimTemplate: {}, retention: '15d', logLevel: 'info', @@ -29,6 +31,9 @@ 'receive="true"', ], tenantLabelName: null, + tenantHeader: null, + clusterDomain: 'cluster.local', + extraEnv: [], commonLabels:: { 'app.kubernetes.io/name': 'thanos-receive', diff --git a/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-receive-ingestor.libsonnet b/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-receive-ingestor.libsonnet new file mode 100644 index 00000000..0b2b750b --- /dev/null +++ b/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-receive-ingestor.libsonnet @@ -0,0 +1,45 @@ +local receiveConfigDefaults = import 'kube-thanos/kube-thanos-receive-default-params.libsonnet'; +local receiveHashring = import 'kube-thanos/kube-thanos-receive-hashrings.libsonnet'; + +local defaults = receiveConfigDefaults { + hashrings: [{ + hashring: 'default', + tenants: [], + }], + hashringConfigmapName: 'hashring-config', + routerReplicas: 1, +}; + +function(params) { + local tr = self, + // Combine the defaults and the passed params to make the component's config. + config:: defaults + params, + + local ingestors = receiveHashring(tr.config { name: tr.config.name + '-ingestor' }), + + ingestors: { + [name]: ingestors.hashrings[name] + for name in std.objectFields(ingestors.hashrings) + }, + + storeEndpoints:: [ + 'dnssrv+_grpc._tcp.%s.%s.svc.cluster.local:%d' % [ingestors.hashrings[name.hashring].service.metadata.name, tr.config.namespace, tr.config.ports.grpc] + for name in tr.config.hashrings + ], + + endpoints:: { + [name.hashring]: [ + '%s-%d.%s.%s.svc.cluster.local:%d' % [ + ingestors.hashrings[name.hashring].service.metadata.name, + i, + ingestors.hashrings[name.hashring].service.metadata.name, + tr.config.namespace, + tr.config.ports.grpc, + ] + // Replica specification is 1-based, but statefulSets are named 0-based. + for i in std.range(0, tr.config.replicas - 1) + ] + for name in tr.config.hashrings + }, + serviceAccount: ingestors.serviceAccount, +} diff --git a/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-receive-router.libsonnet b/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-receive-router.libsonnet new file mode 100644 index 00000000..a7b41eb6 --- /dev/null +++ b/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-receive-router.libsonnet @@ -0,0 +1,145 @@ +local receiveConfigDefaults = import 'kube-thanos/kube-thanos-receive-default-params.libsonnet'; + +local defaults = receiveConfigDefaults { + hashrings: [{ + hashring: 'default', + tenants: [], + }], + hashringConfigmapName: 'hashring-config', + routerReplicas: 1, + endpoints: error 'must provide ingestor endpoints object', +}; + +function(params) { + local tr = self, + // Combine the defaults and the passed params to make the component's config. + config:: defaults + params, + + routerLabels:: tr.config.commonLabels { + 'app.kubernetes.io/component': tr.config.name + '-router', + }, + + service: { + apiVersion: 'v1', + kind: 'Service', + metadata: { + name: tr.config.name + '-router', + namespace: tr.config.namespace, + }, + spec: { + ports: [{ name: name, port: tr.config.ports[name] } for name in std.objectFields(tr.config.ports)], + selector: tr.routerLabels, + }, + }, + + serviceAccount: { + apiVersion: 'v1', + kind: 'ServiceAccount', + metadata: { + name: tr.config.name + '-router', + namespace: tr.config.namespace, + labels: tr.routerLabels, + }, + }, + + configmap: { + apiVersion: 'v1', + kind: 'ConfigMap', + metadata: { + name: tr.config.hashringConfigmapName, + namespace: tr.config.namespace, + }, + data: { + 'hashrings.json': std.toString([hashring { endpoints: tr.config.endpoints[hashring.hashring] } for hashring in tr.config.hashrings]), + }, + }, + + // Create the deployment that acts as a router to the ingestor backends + deployment: { + apiVersion: 'apps/v1', + kind: 'Deployment', + metadata: { + name: tr.config.name + '-router', + namespace: tr.config.namespace, + labels: tr.routerLabels, + }, + spec: { + replicas: tr.config.routerReplicas, + selector: { matchLabels: tr.routerLabels }, + template: { + metadata: { + labels: tr.routerLabels, + }, + spec: { + serviceAccountName: tr.serviceAccount.metadata.name, + securityContext: tr.config.securityContext, + containers: [{ + name: 'thanos-receive', + image: tr.config.image, + imagePullPolicy: tr.config.imagePullPolicy, + args: [ + 'receive', + '--log.level=' + tr.config.logLevel, + '--log.format=' + tr.config.logFormat, + '--grpc-address=0.0.0.0:%d' % tr.config.ports.grpc, + '--http-address=0.0.0.0:%d' % tr.config.ports.http, + '--remote-write.address=0.0.0.0:%d' % tr.config.ports['remote-write'], + '--receive.replication-factor=%d' % tr.config.replicationFactor, + '--receive.hashrings-file=/var/lib/thanos-receive/hashrings.json', + ] + [ + '--label=%s' % label + for label in tr.config.labels + ] + ( + if tr.config.tenantLabelName != null then [ + '--receive.tenant-label-name=%s' % tr.config.tenantLabelName, + ] else [] + ) + ( + if std.length(tr.config.tracing) > 0 then [ + '--tracing.config=' + std.manifestYamlDoc( + { config+: { service_name: defaults.name } } + tr.config.tracing + ), + ] else [] + ), + env: [ + { name: 'NAME', valueFrom: { fieldRef: { fieldPath: 'metadata.name' } } }, + { name: 'NAMESPACE', valueFrom: { fieldRef: { fieldPath: 'metadata.namespace' } } }, + { + // Inject the host IP to make configuring tracing convenient. + name: 'HOST_IP_ADDRESS', + valueFrom: { + fieldRef: { + fieldPath: 'status.hostIP', + }, + }, + }, + ] + ( + if std.length(tr.config.extraEnv) > 0 then tr.config.extraEnv else [] + ), + ports: [{ name: name, containerPort: tr.config.ports[name] } for name in std.objectFields(tr.config.ports)], + volumeMounts: [{ name: 'hashring-config', mountPath: '/var/lib/thanos-receive' }], + livenessProbe: { failureThreshold: 8, periodSeconds: 30, httpGet: { + scheme: 'HTTP', + port: tr.config.ports.http, + path: '/-/healthy', + } }, + readinessProbe: { failureThreshold: 20, periodSeconds: 5, httpGet: { + scheme: 'HTTP', + port: tr.config.ports.http, + path: '/-/ready', + } }, + resources: if tr.config.resources != {} then tr.config.resources else {}, + terminationMessagePolicy: 'FallbackToLogsOnError', + }], + volumes: [{ + name: 'hashring-config', + configMap: { name: tr.config.hashringConfigMapName }, + }], + terminationGracePeriodSeconds: 30, + nodeSelector: { + 'beta.kubernetes.io/os': 'linux', + }, + }, + }, + }, + }, +} diff --git a/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-receive.libsonnet b/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-receive.libsonnet index f04efd1f..2fc88ba7 100644 --- a/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-receive.libsonnet +++ b/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-receive.libsonnet @@ -49,14 +49,16 @@ function(params) { }, statefulSet: - local localEndpointFlag = '--receive.local-endpoint=$(NAME).%s.$(NAMESPACE).svc.cluster.local:%d' % [ + local localEndpointFlag = '--receive.local-endpoint=$(NAME).%s.$(NAMESPACE).svc.%s:%d' % [ tr.config.name, + tr.config.clusterDomain, tr.config.ports.grpc, ]; local c = { name: 'thanos-receive', image: tr.config.image, + imagePullPolicy: tr.config.imagePullPolicy, args: [ 'receive', '--log.level=' + tr.config.logLevel, @@ -65,17 +67,27 @@ function(params) { '--http-address=0.0.0.0:%d' % tr.config.ports.http, '--remote-write.address=0.0.0.0:%d' % tr.config.ports['remote-write'], '--receive.replication-factor=%d' % tr.config.replicationFactor, - '--objstore.config=$(OBJSTORE_CONFIG)', '--tsdb.path=/var/thanos/receive', '--tsdb.retention=' + tr.config.retention, - localEndpointFlag, ] + [ '--label=%s' % label for label in tr.config.labels ] + ( + if tr.config.objectStorageConfig != null then [ + '--objstore.config=$(OBJSTORE_CONFIG)', + ] else [] + ) + ( + if tr.config.enableLocalEndpoint then [ + localEndpointFlag, + ] else [] + ) + ( if tr.config.tenantLabelName != null then [ '--receive.tenant-label-name=%s' % tr.config.tenantLabelName, ] else [] + ) + ( + if tr.config.tenantHeader != null then [ + '--receive.tenant-header=%s' % tr.config.tenantHeader, + ] else [] ) + ( if tr.config.hashringConfigMapName != '' then [ '--receive.hashrings-file=/var/lib/thanos-receive/hashrings.json', @@ -90,10 +102,6 @@ function(params) { env: [ { name: 'NAME', valueFrom: { fieldRef: { fieldPath: 'metadata.name' } } }, { name: 'NAMESPACE', valueFrom: { fieldRef: { fieldPath: 'metadata.namespace' } } }, - { name: 'OBJSTORE_CONFIG', valueFrom: { secretKeyRef: { - key: tr.config.objectStorageConfig.key, - name: tr.config.objectStorageConfig.name, - } } }, { // Inject the host IP to make configuring tracing convenient. name: 'HOST_IP_ADDRESS', @@ -103,7 +111,17 @@ function(params) { }, }, }, - ], + ] + ( + if tr.config.objectStorageConfig != null then [{ + name: 'OBJSTORE_CONFIG', + valueFrom: { secretKeyRef: { + key: tr.config.objectStorageConfig.key, + name: tr.config.objectStorageConfig.name, + } }, + }] else [] + ) + ( + if std.length(tr.config.extraEnv) > 0 then tr.config.extraEnv else [] + ), ports: [ { name: name, containerPort: tr.config.ports[name] } for name in std.objectFields(tr.config.ports) @@ -116,6 +134,10 @@ function(params) { if tr.config.hashringConfigMapName != '' then [ { name: 'hashring-config', mountPath: '/var/lib/thanos-receive' }, ] else [] + ) + ( + if tr.config.objectStorageConfig != null && std.objectHas(tr.config.objectStorageConfig, 'tlsSecretName') && std.length(tr.config.objectStorageConfig.tlsSecretName) > 0 then [ + { name: 'tls-secret', mountPath: tr.config.objectStorageConfig.tlsSecretMountPath }, + ] else [] ), livenessProbe: { failureThreshold: 8, periodSeconds: 30, httpGet: { scheme: 'HTTP', @@ -151,11 +173,21 @@ function(params) { serviceAccountName: tr.serviceAccount.metadata.name, securityContext: tr.config.securityContext, containers: [c], - volumes: if tr.config.hashringConfigMapName != '' then [{ - name: 'hashring-config', - configMap: { name: tr.config.hashringConfigMapName }, - }] else [], + volumes: ( + if tr.config.hashringConfigMapName != '' then [{ + name: 'hashring-config', + configMap: { name: tr.config.hashringConfigMapName }, + }] else [] + ) + ( + if tr.config.objectStorageConfig != null && std.objectHas(tr.config.objectStorageConfig, 'tlsSecretName') && std.length(tr.config.objectStorageConfig.tlsSecretName) > 0 then [{ + name: 'tls-secret', + secret: { secretName: tr.config.objectStorageConfig.tlsSecretName }, + }] else [] + ), terminationGracePeriodSeconds: 900, + nodeSelector: { + 'kubernetes.io/os': 'linux', + }, affinity: { podAntiAffinity: { local labelSelector = { matchExpressions: [{ key: 'app.kubernetes.io/name', diff --git a/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-rule.libsonnet b/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-rule.libsonnet index 922cf7a4..6d0b2131 100644 --- a/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-rule.libsonnet +++ b/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-rule.libsonnet @@ -7,12 +7,16 @@ local defaults = { namespace: error 'must provide namespace', version: error 'must provide version', image: error 'must provide image', + imagePullPolicy: 'IfNotPresent', replicas: error 'must provide replicas', reloaderImage: error 'must provide reloader image', + reloaderImagePullPolicy: 'IfNotPresent', objectStorageConfig: error 'must provide objectStorageConfig', ruleFiles: [], rulesConfig: [], alertmanagersURLs: [], + alertmanagerConfigFile: {}, + extraVolumeMounts: [], queriers: [], logLevel: 'info', logFormat: 'logfmt', @@ -23,8 +27,10 @@ local defaults = { ports: { grpc: 10901, http: 10902, + reloader: 9533, }, tracing: {}, + extraEnv: [], commonLabels:: { 'app.kubernetes.io/name': 'thanos-rule', @@ -55,6 +61,8 @@ function(params) { assert std.isArray(tr.config.ruleFiles), assert std.isArray(tr.config.rulesConfig), assert std.isArray(tr.config.alertmanagersURLs), + assert std.isObject(tr.config.alertmanagerConfigFile), + assert std.isArray(tr.config.extraVolumeMounts), assert std.isObject(tr.config.resources), assert std.isBoolean(tr.config.serviceMonitor), assert std.isObject(tr.config.volumeClaimTemplate), @@ -100,6 +108,7 @@ function(params) { local c = { name: 'thanos-rule', image: tr.config.image, + imagePullPolicy: tr.config.imagePullPolicy, args: [ 'rule', @@ -118,6 +127,11 @@ function(params) { (['--rule-file=%s' % path for path in tr.config.ruleFiles]) + (['--alertmanagers.url=%s' % url for url in tr.config.alertmanagersURLs]) + ( + if tr.config.alertmanagerConfigFile != {} then [ + '--alertmanagers.config-file=/etc/thanos/config/' + tr.config.alertmanagerConfigFile.name + '/' + tr.config.alertmanagerConfigFile.key, + ] + else [] + ) + ( if std.length(tr.config.rulesConfig) > 0 then [ '--rule-file=/etc/thanos/rules/' + ruleConfig.name + '/' + ruleConfig.key for ruleConfig in tr.config.rulesConfig @@ -145,7 +159,9 @@ function(params) { }, }, }, - ], + ] + ( + if std.length(tr.config.extraEnv) > 0 then tr.config.extraEnv else [] + ), ports: [ { name: name, containerPort: tr.config.ports[name] } for name in std.objectFields(tr.config.ports) @@ -159,6 +175,19 @@ function(params) { { name: ruleConfig.name, mountPath: '/etc/thanos/rules/' + ruleConfig.name } for ruleConfig in tr.config.rulesConfig ] else [] + ) + ( + if tr.config.alertmanagerConfigFile != {} then [ + { name: tr.config.alertmanagerConfigFile.name, mountPath: '/etc/thanos/config/' + tr.config.alertmanagerConfigFile.name, readOnly: true }, + ] else [] + ) + ( + if std.length(tr.config.extraVolumeMounts) > 0 then [ + { name: volumeMount.name, mountPath: volumeMount.mountPath } + for volumeMount in tr.config.extraVolumeMounts + ] else [] + ) + ( + if tr.config.objectStorageConfig != null && std.objectHas(tr.config.objectStorageConfig, 'tlsSecretName') && std.length(tr.config.objectStorageConfig.tlsSecretName) > 0 then [ + { name: 'tls-secret', mountPath: tr.config.objectStorageConfig.tlsSecretMountPath }, + ] else [] ), livenessProbe: { failureThreshold: 24, periodSeconds: 5, httpGet: { scheme: 'HTTP', @@ -178,15 +207,39 @@ function(params) { local reloadContainer = { name: 'configmap-reloader', image: tr.config.reloaderImage, + imagePullPolicy: tr.config.reloaderImagePullPolicy, args: [ '-webhook-url=http://localhost:' + tr.service.spec.ports[1].port + '/-/reload', ] + - (['-volume-dir=/etc/thanos/rules/' + ruleConfig.name for ruleConfig in tr.config.rulesConfig]), + ( + if std.length(tr.config.rulesConfig) > 0 then [ + '-volume-dir=/etc/thanos/rules/' + ruleConfig.name + for ruleConfig in tr.config.rulesConfig + ] else [] + ) + ( + if tr.config.alertmanagerConfigFile != {} then [ + '-volume-dir=/etc/thanos/config/' + tr.config.alertmanagerConfigFile.name, + ] else [] + ) + ( + if std.length(tr.config.extraVolumeMounts) > 0 then [ + '-volume-dir=' + volumeMount.mountPath + for volumeMount in tr.config.extraVolumeMounts + ] else [] + ), volumeMounts: [ { name: ruleConfig.name, mountPath: '/etc/thanos/rules/' + ruleConfig.name } for ruleConfig in tr.config.rulesConfig - ], + ] + ( + if tr.config.alertmanagerConfigFile != {} then [ + { name: tr.config.alertmanagerConfigFile.name, mountPath: '/etc/thanos/config/' + tr.config.alertmanagerConfigFile.name }, + ] else [] + ) + ( + if std.length(tr.config.extraVolumeMounts) > 0 then [ + { name: volumeMount.name, mountPath: volumeMount.mountPath } + for volumeMount in tr.config.extraVolumeMounts + ] else [] + ), }; { @@ -209,11 +262,45 @@ function(params) { serviceAccountName: tr.serviceAccount.metadata.name, securityContext: tr.config.securityContext, containers: [c] + - (if std.length(tr.config.rulesConfig) > 0 then [reloadContainer] else []), - volumes: [ - { name: ruleConfig.name, configMap: { name: ruleConfig.name } } - for ruleConfig in tr.config.rulesConfig - ], + ( + if std.length(tr.config.rulesConfig) > 0 || std.length(tr.config.extraVolumeMounts) > 0 || tr.config.alertmanagerConfigFile != {} then [ + reloadContainer, + ] else [] + ), + volumes: + [] + + ( + if std.length(tr.config.rulesConfig) > 0 then [ + { name: ruleConfig.name, configMap: { name: ruleConfig.name } } + for ruleConfig in tr.config.rulesConfig + ] else [] + ) + ( + if tr.config.alertmanagerConfigFile != {} then [{ + name: tr.config.alertmanagerConfigFile.name, + configMap: { name: tr.config.alertmanagerConfigFile.name }, + }] else [] + ) + ( + if std.length(tr.config.extraVolumeMounts) > 0 then [ + { name: volumeMount.name } + + ( + if volumeMount.type == 'configMap' then { + configMap: { name: volumeMount.name }, + } + else { + secret: { name: volumeMount.name }, + } + ) + for volumeMount in tr.config.extraVolumeMounts + ] else [] + ) + ( + if tr.config.objectStorageConfig != null && std.objectHas(tr.config.objectStorageConfig, 'tlsSecretName') && std.length(tr.config.objectStorageConfig.tlsSecretName) > 0 then [{ + name: 'tls-secret', + secret: { secretName: tr.config.objectStorageConfig.tlsSecretName }, + }] else [] + ), + nodeSelector: { + 'kubernetes.io/os': 'linux', + }, }, }, volumeClaimTemplates: if std.length(tr.config.volumeClaimTemplate) > 0 then [tr.config.volumeClaimTemplate { @@ -246,6 +333,7 @@ function(params) { targetLabel: 'instance', }], }, + { port: 'reloader' }, ], }, }, diff --git a/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-store-default-params.libsonnet b/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-store-default-params.libsonnet index caaa9046..3cfa6cbd 100644 --- a/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-store-default-params.libsonnet +++ b/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-store-default-params.libsonnet @@ -7,6 +7,7 @@ namespace: error 'must provide namespace', version: error 'must provide version', image: error 'must provide image', + imagePullPolicy: 'IfNotPresent', replicas: error 'must provide replicas', objectStorageConfig: error 'must provide objectStorageConfig', ignoreDeletionMarksDelay: '24h', @@ -24,6 +25,7 @@ tracing: {}, minTime: '', maxTime: '', + extraEnv: [], memcachedDefaults+:: { config+: { diff --git a/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-store.libsonnet b/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-store.libsonnet index b09c67c4..99df2aad 100644 --- a/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-store.libsonnet +++ b/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/kube-thanos-store.libsonnet @@ -66,6 +66,7 @@ function(params) { local c = { name: 'thanos-store', image: ts.config.image, + imagePullPolicy: ts.config.imagePullPolicy, args: [ 'store', '--log.level=' + ts.config.logLevel, @@ -99,10 +100,15 @@ function(params) { ] else [] ), env: [ - { name: 'OBJSTORE_CONFIG', valueFrom: { secretKeyRef: { - key: ts.config.objectStorageConfig.key, - name: ts.config.objectStorageConfig.name, - } } }, + { + name: 'OBJSTORE_CONFIG', + valueFrom: { + secretKeyRef: { + key: ts.config.objectStorageConfig.key, + name: ts.config.objectStorageConfig.name, + }, + }, + }, { // Inject the host IP to make configuring tracing convenient. name: 'HOST_IP_ADDRESS', @@ -112,7 +118,9 @@ function(params) { }, }, }, - ], + ] + ( + if std.length(ts.config.extraEnv) > 0 then ts.config.extraEnv else [] + ), ports: [ { name: name, containerPort: ts.config.ports[name] } for name in std.objectFields(ts.config.ports) @@ -121,7 +129,11 @@ function(params) { name: 'data', mountPath: '/var/thanos/store', readOnly: false, - }], + }] + ( + if std.objectHas(ts.config.objectStorageConfig, 'tlsSecretName') && std.length(ts.config.objectStorageConfig.tlsSecretName) > 0 then [ + { name: 'tls-secret', mountPath: ts.config.objectStorageConfig.tlsSecretMountPath }, + ] else [] + ), livenessProbe: { failureThreshold: 8, periodSeconds: 30, httpGet: { scheme: 'HTTP', port: ts.config.ports.http, @@ -156,8 +168,14 @@ function(params) { serviceAccountName: ts.serviceAccount.metadata.name, securityContext: ts.config.securityContext, containers: [c], - volumes: [], + volumes: if std.objectHas(ts.config.objectStorageConfig, 'tlsSecretName') && std.length(ts.config.objectStorageConfig.tlsSecretName) > 0 then [{ + name: 'tls-secret', + secret: { secretName: ts.config.objectStorageConfig.tlsSecretName }, + }] else [], terminationGracePeriodSeconds: 120, + nodeSelector: { + 'kubernetes.io/os': 'linux', + }, affinity: { podAntiAffinity: { preferredDuringSchedulingIgnoredDuringExecution: [{ podAffinityTerm: { @@ -211,4 +229,5 @@ function(params) { ], }, }, + storeEndpoint:: 'dnssrv+_grpc._tcp.%s.%s.svc.cluster.local:%d' % [ts.service.metadata.name, ts.config.namespace, ts.config.ports.grpc], } diff --git a/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/thanos.libsonnet b/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/thanos.libsonnet index 22fd4d3e..53e594a5 100644 --- a/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/thanos.libsonnet +++ b/jsonnet/vendor/github.com/thanos-io/kube-thanos/jsonnet/kube-thanos/thanos.libsonnet @@ -1,8 +1,12 @@ { bucket: (import 'kube-thanos-bucket.libsonnet'), + bucketReplicate: (import 'kube-thanos-bucket-replicate.libsonnet'), compact: (import 'kube-thanos-compact.libsonnet'), + compactShards: (import 'kube-thanos-compact-shards.libsonnet'), query: (import 'kube-thanos-query.libsonnet'), receive: (import 'kube-thanos-receive.libsonnet'), + receiveIngestor: (import 'kube-thanos-receive-ingestor.libsonnet'), + receiveRouter: (import 'kube-thanos-receive-router.libsonnet'), receiveHashrings: (import 'kube-thanos-receive-hashrings.libsonnet'), rule: (import 'kube-thanos-rule.libsonnet'), sidecar: (import 'kube-thanos-sidecar.libsonnet'),