diff --git a/deploy/dev/kustomization.yaml b/deploy/dev/kustomization.yaml index 380a676..fa6257c 100644 --- a/deploy/dev/kustomization.yaml +++ b/deploy/dev/kustomization.yaml @@ -5,6 +5,18 @@ resources: - svc-db.yaml helmCharts: +# Currently, Kustomize does not support inflating Helm charts with multiple values files. +# See: https://github.com/kubernetes-sigs/kustomize/issues/4219 +# This is required by the Prometheus chart which builds a long stringified +# prometheus.yml config based on these values. This config file is difficult to +# patch later. For now, the best solution is to define the helm chart in full +# in both dev and prod stages. +- name: prometheus + version: "15.8.5" + repo: https://prometheus-community.github.io/helm-charts + includeCRDs: true + releaseName: prometheus + valuesInline: {} - name: postgresql version: "11.1.25" repo: https://charts.bitnami.com/bitnami diff --git a/deploy/prod/kustomization.yaml b/deploy/prod/kustomization.yaml index 13d21be..a853c2e 100644 --- a/deploy/prod/kustomization.yaml +++ b/deploy/prod/kustomization.yaml @@ -4,6 +4,35 @@ resources: - svc-db.yaml - svc-netflux.yaml +helmCharts: +- name: prometheus + version: "15.8.5" + repo: https://prometheus-community.github.io/helm-charts + includeCRDs: true + releaseName: prometheus + valuesInline: + server: + extraSecretMounts: + - name: prometheus-credentials + mountPath: /etc/secrets + secretName: prometheus-credentials + readOnly: true + extraScrapeConfigs: |- + - job_name: "node" + scheme: https + basic_auth: + username: metrics + password_file: /etc/secrets/exporter-password + tls_config: + insecure_skip_verify: true + static_configs: + - targets: ["prod-db:9100", "prod-netflux:9100"] + +secretGenerator: +- name: prometheus-credentials + files: + - secrets/exporter-password + patchesJson6902: # Patch the ingress-nginx deployment to allow it to use a service with a # namePrefix. See https://github.com/kubernetes/ingress-nginx/issues/2599#issuecomment-601170289.