58 lines
1.4 KiB
YAML
58 lines
1.4 KiB
YAML
namePrefix: prod-
|
|
resources:
|
|
- ../base
|
|
- svc-db.yaml
|
|
- svc-netflux.yaml
|
|
|
|
configMapGenerator:
|
|
- name: prometheus-server
|
|
behavior: merge
|
|
files:
|
|
- prometheus.yml=prometheus.yaml
|
|
- name: grafana
|
|
behavior: merge
|
|
files:
|
|
- grafana.ini
|
|
- datasources.yaml=grafana-datasources.yaml
|
|
|
|
secretGenerator:
|
|
- name: prometheus-credentials
|
|
files:
|
|
- secrets/exporter-password
|
|
- name: grafana-credentials
|
|
files:
|
|
- admin-user=secrets/grafana-admin-user
|
|
- admin-password=secrets/grafana-admin-password
|
|
|
|
patches:
|
|
# Patch the ingress-nginx deployment to allow it to use a service with a
|
|
# namePrefix. See https://github.com/kubernetes/ingress-nginx/issues/2599#issuecomment-601170289.
|
|
- target:
|
|
kind: Deployment
|
|
name: ingress-nginx-controller
|
|
path: deploy-ingress-nginx.yaml
|
|
|
|
# Patch prometheus-server pod to mount the secrets volume.
|
|
- target:
|
|
kind: Deployment
|
|
name: prometheus-server
|
|
patch: |-
|
|
- op: add
|
|
path: /spec/template/spec/volumes/-
|
|
value:
|
|
secret:
|
|
secretName: prod-prometheus-credentials
|
|
name: secrets-volume
|
|
- op: add
|
|
path: /spec/template/spec/containers/1/volumeMounts/-
|
|
value:
|
|
mountPath: /etc/secrets
|
|
name: secrets-volume
|
|
readOnly: true
|
|
|
|
# Patch Grafana deployment to inject PostgreSQL credentials:
|
|
- target:
|
|
kind: Deployment
|
|
name: grafana
|
|
path: deploy-grafana.yaml
|