alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 6 Actions 1 Activity

add monitor for garage
All checks were successful
lint-test-helm / helm-lint (push) Successful in 13s
Details
renovate / renovate (push) Successful in 1m29s
Details

Browse Source
This commit is contained in:
Alex Lebens
2025-10-27 21:08:35 -05:00
parent a63c9ef5ec
commit 1ba776a8d7
3 changed files with 248 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

148
clusters/cl01tl/monitoring/s3-exporter/templates/external-secret.yaml
View File

@@ -1,42 +1,5 @@
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: s3-ceph-directus-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: s3-ceph-directus-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: AWS_ACCESS_KEY_ID
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/directus/ceph
metadataPolicy: None
property: AWS_ACCESS_KEY_ID
- secretKey: AWS_SECRET_ACCESS_KEY
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/directus/ceph
metadataPolicy: None
property: AWS_SECRET_ACCESS_KEY
- secretKey: BUCKET_HOST
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/directus/ceph
metadataPolicy: None
property: BUCKET_HOST
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: s3-do-home-infra-secret
namespace: {{ .Release.Namespace }}
@@ -70,3 +33,114 @@ spec:
key: /digital-ocean/home-infra/prometheus-exporter
metadataPolicy: None
property: AWS_REGION
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: s3-garage-local-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: s3-garage-local-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: AWS_ACCESS_KEY_ID
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/directus/ceph
metadataPolicy: None
property: AWS_ACCESS_KEY_ID
- secretKey: AWS_SECRET_ACCESS_KEY
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/directus/ceph
metadataPolicy: None
property: AWS_SECRET_ACCESS_KEY
- secretKey: BUCKET_HOST
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/directus/ceph
metadataPolicy: None
property: BUCKET_HOST
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: s3-garage-remote-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: s3-garage-remote-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: AWS_ACCESS_KEY_ID
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /garage/home-infra/postgres-backups
metadataPolicy: None
property: ACCESS_KEY_ID
- secretKey: AWS_SECRET_ACCESS_KEY
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /garage/home-infra/postgres-backups
metadataPolicy: None
property: ACCESS_SECRET_KEY
- secretKey: AWS_REGION
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /garage/home-infra/postgres-backups
metadataPolicy: None
property: ACCESS_REGION
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: s3-do-home-infra-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: s3-do-home-infra-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: AWS_ACCESS_KEY_ID
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /garage/home-infra/postgres-backups
metadataPolicy: None
property: ACCESS_KEY_ID
- secretKey: AWS_SECRET_ACCESS_KEY
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /garage/home-infra/postgres-backups
metadataPolicy: None
property: ACCESS_SECRET_KEY
- secretKey: AWS_REGION
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /garage/home-infra/postgres-backups
metadataPolicy: None
property: ACCESS_REGION

44
clusters/cl01tl/monitoring/s3-exporter/templates/service-monitor.yaml
View File

@@ -40,3 +40,47 @@ spec:
interval: 6h
scrapeTimeout: 120s
path: /metrics
---
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: s3-exporter-garage-local
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: s3-exporter-garage-local
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
selector:
matchLabels:
app.kubernetes.io/name: s3-exporter
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/service: s3-exporter-garage-local
endpoints:
- port: metrics
interval: 6h
scrapeTimeout: 120s
path: /metrics
---
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: s3-exporter-garage-remote
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: s3-exporter-garage-remote
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
selector:
matchLabels:
app.kubernetes.io/name: s3-exporter
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/service: s3-exporter-garage-remote
endpoints:
- port: metrics
interval: 6h
scrapeTimeout: 120s
path: /metrics

94
clusters/cl01tl/monitoring/s3-exporter/values.yaml
View File

@@ -32,7 +32,7 @@ s3-exporter:
name: s3-do-home-infra-secret
key: AWS_REGION
- name: LOG_LEVEL
value: debug
value: info
- name: S3_FORCE_PATH_STYLE
value: false
resources:
@@ -70,6 +70,84 @@ s3-exporter:
key: AWS_SECRET_ACCESS_KEY
- name: S3_REGION
value: us-east-1
- name: LOG_LEVEL
value: info
- name: S3_FORCE_PATH_STYLE
value: true
resources:
requests:
cpu: 10m
memory: 64Mi
garage-local:
type: deployment
replicas: 1
strategy: Recreate
revisionHistoryLimit: 3
containers:
main:
image:
repository: molu8bits/s3bucket_exporter
tag: 1.0.2
pullPolicy: IfNotPresent
env:
- name: S3_NAME
value: garage-local
- name: S3_ENDPOINT
value: http://garage-main.garage:3900
- name: S3_ACCESS_KEY
valueFrom:
secretKeyRef:
name: s3-garage-local-secret
key: AWS_ACCESS_KEY_ID
- name: S3_SECRET_KEY
valueFrom:
secretKeyRef:
name: s3-garage-local-secret
key: AWS_SECRET_ACCESS_KEY
- name: S3_REGION
valueFrom:
secretKeyRef:
name: s3-garage-local-secret
key: AWS_REGION
- name: LOG_LEVEL
value: debug
- name: S3_FORCE_PATH_STYLE
value: true
resources:
requests:
cpu: 10m
memory: 64Mi
garage-remote:
type: deployment
replicas: 1
strategy: Recreate
revisionHistoryLimit: 3
containers:
main:
image:
repository: molu8bits/s3bucket_exporter
tag: 1.0.2
pullPolicy: IfNotPresent
env:
- name: S3_NAME
value: garage-remote
- name: S3_ENDPOINT
value: https://garage-ps10rp.boreal-beaufort.ts.net:3900
- name: S3_ACCESS_KEY
valueFrom:
secretKeyRef:
name: s3-garage-remote-secret
key: AWS_ACCESS_KEY_ID
- name: S3_SECRET_KEY
valueFrom:
secretKeyRef:
name: s3-garage-remote-secret
key: AWS_SECRET_ACCESS_KEY
- name: S3_REGION
valueFrom:
secretKeyRef:
name: s3-garage-remote-secret
key: AWS_REGION
- name: LOG_LEVEL
value: debug
- name: S3_FORCE_PATH_STYLE
@@ -93,3 +171,17 @@ s3-exporter:
port: 9655
targetPort: 9655
protocol: TCP
garage-local:
controller: garage-local
ports:
metrics:
port: 9655
targetPort: 9655
protocol: TCP
garage-remote:
controller: garage-remote
ports:
metrics:
port: 9655
targetPort: 9655
protocol: TCP