Merge pull request #1438 from aiyengar2/add_rke2_windows

Add rke2Windows.Enabled to Monitoring and Logging

charts/rancher-logging/rancher-logging/100.0.0+up3.12.0/templates/_helpers.tpl

@@ -66,13 +66,22 @@ app.kubernetes.io/managed-by: {{ .Release.Service }}
 {{- end -}}
 
 {{- define "windowsEnabled" }}
+{{ $windowsEnabled := false }}
 {{- if not (kindIs "invalid" .Values.global.cattle.windows) }}
 {{- if not (kindIs "invalid" .Values.global.cattle.windows.enabled) }}
 {{- if .Values.global.cattle.windows.enabled }}
-true
+{{- $windowsEnabled = true }}
 {{- end }}
 {{- end }}
 {{- end }}
+{{- if not (kindIs "invalid" .Values.rke2Windows) }}
+{{- if not (kindIs "invalid" .Values.rke2Windows.enabled) }}
+{{- if .Values.rke2Windows.enabled }}
+{{- $windowsEnabled = true }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{ $windowsEnabled }}
 {{- end }}
 
 {{- define "windowsPathPrefix" -}}

charts/rancher-logging/rancher-logging/100.0.0+up3.12.0/values.yaml

@@ -194,9 +194,10 @@ global:
   cattle:
     systemDefaultRegistry: ""
     # Uncomment the below two lines to either enable or disable Windows logging. If this chart is
-    # installed via the Rancher UI, it will set this value to "true" if the cluster is a Windows
+    # installed via the Rancher UI, it will set this value to "true" if the cluster is an RKE1 Windows
     # cluster. In that scenario, if you would like to disable Windows logging on Windows clusters,
-    # set the value below to "false".
+    # set both this value below and rke2Windows.enabled to false.
+    #
     # windows:
     #   enabled: true
   # Change the "dockerRootDirectory" if the default Docker directory has changed.
@@ -209,3 +210,10 @@ global:
   rkeWindowsPathPrefix: "c:\\"
   seLinux:
     enabled: false
+
+# Uncomment the below two lines to either enable or disable Windows logging. If this chart is
+# installed via the Rancher UI, you will be able to set this value in an RKE2 Windows
+# cluster. In that scenario, if you would like to disable Windows logging on Windows clusters,
+# set this value below to false.
+# rke2Windows:
+#   enabled: false

charts/rancher-monitoring/rancher-monitoring/100.0.0+up16.6.0/Chart.yaml

@@ -66,6 +66,9 @@ dependencies:
 - condition: rke2Scheduler.enabled
   name: rke2Scheduler
   repository: file://./charts/rke2Scheduler
+- condition: rke2Windows.enabled
+  name: rke2Windows
+  repository: file://./charts/rke2Windows
 - condition: rkeControllerManager.enabled
   name: rkeControllerManager
   repository: file://./charts/rkeControllerManager
@@ -82,8 +85,8 @@ dependencies:
   name: rkeScheduler
   repository: file://./charts/rkeScheduler
 - condition: global.cattle.windows.enabled
-  name: windowsExporter
-  repository: file://./charts/windowsExporter
+  name: rkeWindows
+  repository: file://./charts/rkeWindows
 description: Collects several related Helm charts, Grafana dashboards, and Prometheus
   rules combined with documentation and scripts to provide easy to operate end-to-end
   Kubernetes cluster monitoring with Prometheus using the Prometheus Operator.
@@ -106,8 +109,6 @@ maintainers:
   name: scottrigby
 - email: miroslav.hadzhiev@gmail.com
   name: Xtigyro
-- email: arvind.iyengar@suse.com
-  name: Arvind
 name: rancher-monitoring
 sources:
 - https://github.com/prometheus-community/helm-charts

charts/rancher-monitoring/rancher-monitoring/100.0.0+up16.6.0/charts/rke2Windows/Chart.yaml

@@ -10,6 +10,6 @@ description: Sets up monitoring metrics from Windows nodes via Prometheus window
 maintainers:
 - email: arvind.iyengar@rancher.com
   name: aiyengar2
-name: windowsExporter
+name: rke2Windows
 type: application
 version: 0.1.1

charts/rancher-monitoring/rancher-monitoring/100.0.0+up16.6.0/charts/rkeWindows/.helmignore

@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

charts/rancher-monitoring/rancher-monitoring/100.0.0+up16.6.0/charts/rkeWindows/Chart.yaml

@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/os: windows
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-windows-exporter
+apiVersion: v1
+appVersion: 0.0.2
+description: Sets up monitoring metrics from Windows nodes via Prometheus windows-exporter
+maintainers:
+- email: arvind.iyengar@rancher.com
+  name: aiyengar2
+name: rkeWindows
+type: application
+version: 0.1.1

charts/rancher-monitoring/rancher-monitoring/100.0.0+up16.6.0/charts/rkeWindows/README.md

@@ -0,0 +1,17 @@
+# rancher-windows-exporter
+
+A Rancher chart based on the [prometheus-community/windows-exporter](https://github.com/prometheus-community/windows_exporter) project (previously called wmi-exporter) that sets up a DaemonSet of clients that can scrape windows-exporter metrics from Windows nodes on a Kubernetes cluster.
+
+A [Prometheus Operator](https://github.com/coreos/prometheus-operator) ServiceMonitor CR and PrometheusRule CR are also created by this chart to collect metrics and add some recording rules to map `windows_` series with their OS-agnostic counterparts.
+
+## Node Requirements
+
+Since Windows does not support privileged pods, this chart expects a Named Pipe (`\\.\pipe\rancher_wins`) to exist on the Windows host that allows containers to communicate with the host. This is done by deploying a [rancher/wins](https://github.com/rancher/wins) server on the host.
+
+The image used by the chart, [windows_exporter-package](https://github.com/rancher/windows_exporter-package), is configured to create a wins client that communicates with the wins server, alongside a running copy of a particular version of [windows-exporter](https://github.com/prometheus-community/windows_exporter). Through the wins client and wins server, the windows-exporter is able to communicate directly with the Windows host to collect metrics and expose them.
+
+If the cluster you are installing this chart on is a custom cluster that was created via RKE1 with Windows Support enabled, your nodes should already have the wins server running; this should have been added as part of [the bootstrapping process for adding the Windows node onto your RKE1 cluster](https://github.com/rancher/rancher/blob/master/package/windows/bootstrap.ps1).
+
+## Configuration
+
+See [rancher-monitoring](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-monitoring) for an example of how this chart can be used.

charts/rancher-monitoring/rancher-monitoring/100.0.0+up16.6.0/charts/rkeWindows/scripts/check-wins-version.ps1

@@ -0,0 +1,20 @@
+$ErrorActionPreference = 'Stop'
+
+$winsPath = "c:\Windows\wins.exe"
+$minWinsVersion = [System.Version]"0.1.0"
+
+function Get-Wins-Version
+{
+    $winsAppInfo = Invoke-Expression "& $winsPath cli app info | ConvertFrom-Json"
+    return [System.Version]($winsAppInfo.Server.Version.substring(1))
+}
+
+# Wait till the wins version installed is at least v0.1.0
+$winsVersion = Get-Wins-Version
+while ($winsVersion -lt $minWinsVersion) {
+    Write-Host $('wins on host must be at least v{0}, found v{1}. Checking again in 10 seconds...' -f $minWinsVersion, $winsVersion)
+    Start-Sleep -s 10
+    $winsVersion = Get-Wins-Version
+}
+
+Write-Host $('Detected wins version on host is v{0}, which is >v{1}. Continuing with installation...' -f $winsVersion, $minWinsVersion)

charts/rancher-monitoring/rancher-monitoring/100.0.0+up16.6.0/charts/rkeWindows/scripts/proxy-entry.ps1

@@ -0,0 +1,11 @@
+# default
+$listenPort = "9796"
+
+if ($env:LISTEN_PORT) {
+    $listenPort = $env:LISTEN_PORT
+}
+
+# format "UDP:4789 TCP:8080"
+$winsPublish = $('TCP:{0}' -f $listenPort)
+
+wins.exe cli proxy --publish $winsPublish

charts/rancher-monitoring/rancher-monitoring/100.0.0+up16.6.0/charts/rkeWindows/scripts/run.ps1

@@ -0,0 +1,78 @@
+$ErrorActionPreference = 'Stop'
+
+function Create-Directory
+{
+    param (
+        [parameter(Mandatory = $false, ValueFromPipeline = $true)] [string]$Path
+    )
+
+    if (Test-Path -Path $Path) {
+        if (-not (Test-Path -Path $Path -PathType Container)) {
+            # clean the same path file
+            Remove-Item -Recurse -Force -Path $Path -ErrorAction Ignore | Out-Null
+        }
+
+        return
+    }
+
+    New-Item -Force -ItemType Directory -Path $Path | Out-Null
+}
+
+function Transfer-File
+{
+    param (
+        [parameter(Mandatory = $true)] [string]$Src,
+        [parameter(Mandatory = $true)] [string]$Dst
+    )
+
+    if (Test-Path -PathType leaf -Path $Dst) {
+        $dstHasher = Get-FileHash -Path $Dst
+        $srcHasher = Get-FileHash -Path $Src
+        if ($dstHasher.Hash -eq $srcHasher.Hash) {
+            return
+        }
+    }
+
+    $null = Copy-Item -Force -Path $Src -Destination $Dst
+}
+
+# Copy binary into host
+Create-Directory -Path "c:\host\etc\windows-exporter"
+Transfer-File -Src "c:\etc\windows-exporter\windows-exporter.exe" -Dst "c:\host\etc\windows-exporter\windows-exporter.exe"
+
+# Copy binary into prefix path, since wins expects the same path on the host and on the container
+$prefixPath = 'c:\'
+if ($env:CATTLE_PREFIX_PATH) {
+    $prefixPath = $env:CATTLE_PREFIX_PATH
+}
+$winsDirPath = $('{0}etc\windows-exporter' -f $prefixPath)
+$winsPath = $('{0}\windows-exporter.exe' -f $winsDirPath)
+
+Create-Directory -Path $winsDirPath
+Transfer-File -Src "c:\etc\windows-exporter\windows-exporter.exe" $winsPath
+
+# Run wins with defaults
+$listenPort = "9796"
+$enabledCollectors = "net,os,service,system,cpu,cs,logical_disk"
+$maxRequests = "5"
+
+if ($env:LISTEN_PORT) {
+    $listenPort = $env:LISTEN_PORT
+}
+
+if ($env:ENABLED_COLLECTORS) {
+    $enabledCollectors = $env:ENABLED_COLLECTORS
+}
+
+if ($env:MAX_REQUESTS) {
+    $maxRequests = $env:MAX_REQUESTS
+}
+
+# format "UDP:4789 TCP:8080"
+$winsExposes = $('TCP:{0}' -f $listenPort)
+
+# format "--a=b --c=d"
+$winsArgs = $('--collectors.enabled={0} --telemetry.addr=:{1} --telemetry.max-requests={2} --telemetry.path=/metrics' -f $enabledCollectors, $listenPort, $maxRequests)
+
+
+wins.exe cli prc run --path $winsPath --exposes $winsExposes --args "$winsArgs"

charts/rancher-monitoring/rancher-monitoring/100.0.0+up16.6.0/charts/rkeWindows/templates/_helpers.tpl

@@ -0,0 +1,113 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# General
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+The components in this chart create additional resources that expand the longest created name strings.
+The longest name that gets created adds and extra 37 characters, so truncation should be 63-35=26.
+*/}}
+{{- define "windowsExporter.name" -}}
+{{ printf "%s-windows-exporter" .Release.Name }}
+{{- end -}}
+
+{{- define "windowsExporter.namespace" -}}
+{{- default .Release.Namespace .Values.namespaceOverride -}}
+{{- end -}}
+
+{{- define "windowsExporter.labels" -}}
+k8s-app: {{ template "windowsExporter.name" . }}
+release: {{ .Release.Name }}
+component: "windows-exporter"
+provider: kubernetes
+{{- end -}}
+
+# Client
+
+{{- define "windowsExporter.client.nodeSelector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: windows
+{{- else -}}
+kubernetes.io/os: windows
+{{- end -}}
+{{- if .Values.clients.nodeSelector }}
+{{ toYaml .Values.clients.nodeSelector }}
+{{- end }}
+{{- end -}}
+
+{{- define "windowsExporter.client.tolerations" -}}
+{{- if .Values.clients.tolerations -}}
+{{ toYaml .Values.clients.tolerations }}
+{{- else -}}
+- operator: Exists
+{{- end -}}
+{{- end -}}
+
+{{- define "windowsExporter.client.env" -}}
+- name: LISTEN_PORT
+  value: {{ required "Need .Values.clients.port to figure out where to get metrics from" .Values.clients.port | quote }}
+{{- if .Values.clients.enabledCollectors }}
+- name: ENABLED_COLLECTORS
+  value: {{ .Values.clients.enabledCollectors | quote }}
+{{- end }}
+{{- if .Values.clients.env }}
+{{ toYaml .Values.clients.env }}
+{{- end }}
+{{- end -}}
+
+{{- define "windowsExporter.validatePathPrefix" -}}
+{{- if .Values.global.cattle.rkeWindowsPathPrefix -}}
+{{- $prefixPath := (.Values.global.cattle.rkeWindowsPathPrefix | replace "/" "\\") -}}
+{{- if (not (hasSuffix "\\" $prefixPath)) -}}
+{{- fail (printf ".Values.global.cattle.rkeWindowsPathPrefix must end in '/' or '\\', found %s" $prefixPath) -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{- define "windowsExporter.renamedMetrics" -}}
+{{- $renamed := dict -}}
+{{/* v0.15.0 */}}
+{{- $_ := set $renamed "windows_mssql_transactions_active_total" "windows_mssql_transactions_active" -}}
+{{/* v0.16.0 */}}
+{{- $_ := set $renamed "windows_adfs_ad_login_connection_failures" "windows_adfs_ad_login_connection_failures_total" -}}
+{{- $_ := set $renamed "windows_adfs_certificate_authentications" "windows_adfs_certificate_authentications_total" -}}
+{{- $_ := set $renamed "windows_adfs_device_authentications" "windows_adfs_device_authentications_total" -}}
+{{- $_ := set $renamed "windows_adfs_extranet_account_lockouts" "windows_adfs_extranet_account_lockouts_total" -}}
+{{- $_ := set $renamed "windows_adfs_federated_authentications" "windows_adfs_federated_authentications_total" -}}
+{{- $_ := set $renamed "windows_adfs_passport_authentications" "windows_adfs_passport_authentications_total" -}}
+{{- $_ := set $renamed "windows_adfs_password_change_failed" "windows_adfs_password_change_failed_total" -}}
+{{- $_ := set $renamed "windows_adfs_password_change_succeeded" "windows_adfs_password_change_succeeded_total" -}}
+{{- $_ := set $renamed "windows_adfs_token_requests" "windows_adfs_token_requests_total" -}}
+{{- $_ := set $renamed "windows_adfs_windows_integrated_authentications" "windows_adfs_windows_integrated_authentications_total" -}}
+{{- $_ := set $renamed "windows_net_packets_outbound_errors" "windows_net_packets_outbound_errors_total" -}}
+{{- $_ := set $renamed "windows_net_packets_received_discarded" "windows_net_packets_received_discarded_total" -}}
+{{- $_ := set $renamed "windows_net_packets_received_errors" "windows_net_packets_received_errors_total" -}}
+{{- $_ := set $renamed "windows_net_packets_received_total" "windows_net_packets_received_total_total" -}}
+{{- $_ := set $renamed "windows_net_packets_received_unknown" "windows_net_packets_received_unknown_total" -}}
+{{- $_ := set $renamed "windows_dns_memory_used_bytes_total" "windows_dns_memory_used_bytes" -}}
+{{- $renamed | toJson -}}
+{{- end -}}
+
+{{- define "windowsExporter.renamedMetricsRelabeling" -}}
+{{- range $original, $new := (include "windowsExporter.renamedMetrics" . | fromJson) -}}
+- sourceLabels: [__name__]
+  regex: {{ $original }}
+  replacement: '{{ $new }}'
+  targetLabel: __name__
+{{ end -}}
+{{- end -}}
+
+{{- define "windowsExporter.renamedMetricsRules" -}}
+{{- range $original, $new := (include "windowsExporter.renamedMetrics" . | fromJson) -}}
+- record: {{ $original }}
+  expr: {{ $new }}
+{{ end -}}
+{{- end -}}

charts/rancher-monitoring/rancher-monitoring/100.0.0+up16.6.0/charts/rkeWindows/templates/configmap.yaml

@@ -0,0 +1,10 @@
+{{- if .Values.clients }}{{ if .Values.clients.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ template "windowsExporter.name" . }}-scripts
+  namespace: {{ template "windowsExporter.namespace" . }}
+  labels: {{ include "windowsExporter.labels" . | nindent 4 }}
+data:
+{{ (.Files.Glob "scripts/*").AsConfig | indent 2 }}
+{{- end }}{{- end }}

charts/rancher-monitoring/rancher-monitoring/100.0.0+up16.6.0/charts/rkeWindows/templates/daemonset.yaml

@@ -0,0 +1,77 @@
+{{- if .Values.clients }}{{ if .Values.clients.enabled }}
+{{ include "windowsExporter.validatePathPrefix" . }}
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: {{ template "windowsExporter.name" . }}
+  namespace: {{ template "windowsExporter.namespace" . }}
+  labels: {{ include "windowsExporter.labels" . | nindent 4 }}
+spec:
+  selector:
+    matchLabels: {{ include "windowsExporter.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "windowsExporter.labels" . | nindent 8 }}
+    spec:
+      nodeSelector: {{ include "windowsExporter.client.nodeSelector" . | nindent 8 }}
+      tolerations: {{ include "windowsExporter.client.tolerations" . | nindent 8 }}
+      serviceAccountName: {{ template "windowsExporter.name" . }}
+      containers:
+      - name: exporter-node-proxy
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command: ["pwsh", "-f", "c:/scripts/proxy-entry.ps1"]
+        ports:
+        - name: http
+          containerPort: {{ required "Need .Values.clients.port to figure out where to get metrics from" .Values.clients.port }}
+        env: {{ include "windowsExporter.client.env" . | nindent 10 }}
+{{- if .Values.resources }}
+        resources: {{ toYaml .Values.clients.proxy.resources | nindent 10 }}
+{{- end }}
+        volumeMounts:
+        - name: wins-pipe-proxy
+          mountPath: \\.\pipe\rancher_wins_proxy
+        - name: exporter-scripts
+          mountPath: c:/scripts/
+      - name: exporter-node
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command: ["pwsh", "-f", "c:/scripts/run.ps1"]
+{{- if .Values.clients.args }}
+        args: {{ .Values.clients.args }}
+{{- end }}
+        env: {{ include "windowsExporter.client.env" . | nindent 8 }}
+        - name: CATTLE_PREFIX_PATH
+          value: {{ default "c:\\" .Values.global.cattle.rkeWindowsPathPrefix | replace "/" "\\" }}
+{{- if .Values.resources }}
+        resources: {{ toYaml .Values.clients.resources | nindent 10 }}
+{{- end }}
+        volumeMounts:
+        - name: wins-pipe
+          mountPath: \\.\pipe\rancher_wins
+        - name: binary-host-path
+          mountPath: c:/host/etc/windows-exporter
+        - name: exporter-scripts
+          mountPath: c:/scripts/
+      initContainers:
+      - name: check-wins-version
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command: ["pwsh", "-f", "c:/scripts/check-wins-version.ps1"]
+        volumeMounts:
+        - name: wins-pipe
+          mountPath: \\.\pipe\rancher_wins
+        - name: exporter-scripts
+          mountPath: c:/scripts/
+      volumes:
+      - name: wins-pipe
+        hostPath:
+          path: \\.\pipe\rancher_wins
+      - name: wins-pipe-proxy
+        hostPath:
+          path: \\.\pipe\rancher_wins_proxy
+      - name: binary-host-path
+        hostPath:
+          path: {{ default "c:\\" .Values.global.cattle.rkeWindowsPathPrefix | replace "\\" "/" }}etc/windows-exporter
+          type: DirectoryOrCreate
+      - name: exporter-scripts
+        configMap:
+          name: {{ template "windowsExporter.name" . }}-scripts
+{{- end }}{{- end }}

charts/rancher-monitoring/rancher-monitoring/100.0.0+up16.6.0/charts/rkeWindows/templates/prometheusrule.yaml

@@ -0,0 +1,13 @@
+{{- if and .Values.prometheusRule .Values.clients }}{{- if and .Values.prometheusRule.enabled .Values.clients.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  labels: {{ include "windowsExporter.labels" . | nindent 4 }}
+  name: {{ template "windowsExporter.name" . }}
+  namespace: {{ template "windowsExporter.namespace" . }}
+spec:
+  groups:
+  - name: windows-exporter-relabel.rules
+    rules:
+{{- include "windowsExporter.renamedMetricsRules" . | nindent 4 -}}
+{{- end }}{{- end }}

charts/rancher-monitoring/rancher-monitoring/100.0.0+up16.6.0/charts/rkeWindows/templates/rbac.yaml

@@ -0,0 +1,78 @@
+{{- if .Values.clients }}{{ if .Values.clients.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "windowsExporter.name" . }}
+  namespace: {{ template "windowsExporter.namespace" . }}
+  labels: {{ include "windowsExporter.labels" . | nindent 4 }}
+rules:
+- apiGroups: ['authentication.k8s.io']
+  resources: ['tokenreviews']
+  verbs: ['create']
+- apiGroups: ['authorization.k8s.io']
+  resources: ['subjectaccessreviews']
+  verbs: ['create']
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames: ['{{ template "windowsExporter.name" . }}']
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "windowsExporter.name" . }}
+  namespace: {{ template "windowsExporter.namespace" . }}
+  labels: {{ include "windowsExporter.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "windowsExporter.name" . }}
+subjects:
+- kind: ServiceAccount
+  name: {{ template "windowsExporter.name" . }}
+  namespace: {{ .Release.Namespace }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "windowsExporter.name" . }}
+  namespace: {{ template "windowsExporter.namespace" . }}
+  labels: {{ include "windowsExporter.labels" . | nindent 4 }}
+{{- if .Values.clients.imagePullSecrets }}
+imagePullSecrets: {{ toYaml .Values.clients.imagePullSecrets | nindent 2 }}
+{{- end }}
+---
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "windowsExporter.name" . }}
+  namespace: {{ template "windowsExporter.namespace" . }}
+  labels: {{ include "windowsExporter.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+    - 'hostPath'
+  allowedHostPaths:
+  - pathPrefix: \\.\pipe\rancher_wins
+  - pathPrefix: \\.\pipe\rancher_wins_proxy
+  - pathPrefix: c:/etc/windows-exporter
+{{- end }}{{- end }}

charts/rancher-monitoring/rancher-monitoring/100.0.0+up16.6.0/charts/rkeWindows/templates/service.yaml

@@ -0,0 +1,15 @@
+{{- if and .Values.clients }}{{- if and .Values.clients.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "windowsExporter.name" . }}
+  namespace: {{ template "windowsExporter.namespace" . }}
+  labels: {{ include "windowsExporter.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: windows-metrics
+    port: {{ required "Need .Values.clients.port to figure out where to get metrics from" .Values.clients.port }}
+    protocol: TCP
+    targetPort: {{ .Values.clients.port }}
+  selector: {{ include "windowsExporter.labels" . | nindent 4 }}
+{{- end }}{{- end }}

charts/rancher-monitoring/rancher-monitoring/100.0.0+up16.6.0/charts/rkeWindows/templates/servicemonitor.yaml

@@ -0,0 +1,41 @@
+{{- if and .Values.serviceMonitor .Values.clients }}{{- if and .Values.serviceMonitor.enabled .Values.clients.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  labels: {{ include "windowsExporter.labels" . | nindent 4 }}
+  name: {{ template "windowsExporter.name" . }}
+  namespace: {{ template "windowsExporter.namespace" . }}
+spec:
+  selector:
+    matchLabels: {{ include "windowsExporter.labels" . | nindent 6 }}
+  namespaceSelector:
+    matchNames:
+    - {{ template "windowsExporter.namespace" . }}
+  jobLabel: component
+  podTargetLabels:
+  - component
+  endpoints:
+  - port: windows-metrics
+    metricRelabelings:
+{{- include "windowsExporter.renamedMetricsRelabeling" . | nindent 4 -}}
+    - sourceLabels: [__name__]
+      regex: 'wmi_(.*)'
+      replacement: 'windows_$1'
+      targetLabel: __name__
+    - sourceLabels: [volume, nic]
+      regex: (.*);(.*)
+      separator: ''
+      targetLabel: device
+      action: replace
+      replacement: $1$2
+    - sourceLabels: [__name__]
+      regex: windows_cs_logical_processors
+      replacement: 'system'
+      targetLabel: mode
+    relabelings:
+    - separator: ':'
+      sourceLabels:
+      - __meta_kubernetes_pod_host_ip
+      - __meta_kubernetes_pod_container_port_number
+      targetLabel: instance
+{{- end }}{{- end }}

charts/rancher-monitoring/rancher-monitoring/100.0.0+up16.6.0/charts/rkeWindows/values.yaml

@@ -0,0 +1,50 @@
+# Default values for rancher-windows-exporter.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Configuration
+
+global:
+  cattle:
+    systemDefaultRegistry: ""
+    rkeWindowsPathPrefix: "c:\\"
+
+# Configure ServiceMonitor that monitors metrics
+serviceMonitor: 
+  enabled: true
+
+# Configure PrometheusRule that renames existing metrics
+prometheusRule:
+  enabled: true
+
+## Components scraping metrics from Windows nodes
+##
+clients:
+  enabled: true
+
+  port: 9796
+  image:
+    repository: rancher/windows_exporter-package
+    tag: v0.0.2
+    os: "windows"
+
+  # Specify the IP addresses of nodes that you want to collect metrics from
+  endpoints: []
+
+  # Get more details on https://github.com/prometheus-community/windows_exporter
+  args: []
+  env: {}
+  enabledCollectors: "net,os,service,system,cpu,cs,logical_disk,tcp,memory,container"
+
+  # Resource limits
+  resources: {}
+  
+  # Options to select nodes to target for scraping Windows metrics
+  nodeSelector: {} # Note: {<beta.>kubernetes.io/os: windows} is default and cannot be overridden
+  tolerations: []  # Note: if not specified, the default option is to use [{operator: Exists}]
+
+  # Image Pull Secrets for the service account used by the clients
+  imagePullSecrets: {}
+
+  proxy:
+    resources: {}

charts/rancher-monitoring/rancher-monitoring/100.0.0+up16.6.0/values.yaml

@@ -17,7 +17,7 @@ prometheus-adapter:
     create: true
 
 ## RKE PushProx Monitoring
-## ref: https://github.com/rancher/charts/tree/dev-v2.5-source/packages/rancher-pushprox
+## ref: https://github.com/rancher/charts/tree/release-v2.6/charts/rancher-pushprox
 ##
 rkeControllerManager:
   enabled: false
@@ -98,7 +98,7 @@ rkeIngressNginx:
       node-role.kubernetes.io/worker: "true"
 
 ## k3s PushProx Monitoring
-## ref: https://github.com/rancher/charts/tree/dev-v2.5-source/packages/rancher-pushprox
+## ref: https://github.com/rancher/charts/tree/release-v2.6/charts/rancher-pushprox
 ##
 k3sServer:
   enabled: false
@@ -144,7 +144,7 @@ k3sServer:
         targetLabel: metrics_path
 
 ## KubeADM PushProx Monitoring
-## ref: https://github.com/rancher/charts/tree/dev-v2.5-source/packages/rancher-pushprox
+## ref: https://github.com/rancher/charts/tree/release-v2.6/charts/rancher-pushprox
 ##
 kubeAdmControllerManager:
   enabled: false
@@ -212,8 +212,8 @@ kubeAdmEtcd:
     - effect: "NoSchedule"
       operator: "Exists"
 
-## rke2 PushProx Monitoring
-## ref: https://github.com/rancher/charts/tree/dev-v2.5-source/packages/rancher-pushprox
+## RKE2 PushProx Monitoring
+## ref: https://github.com/rancher/charts/tree/release-v2.6/charts/rancher-pushprox
 ##
 rke2ControllerManager:
   enabled: false
@@ -304,10 +304,19 @@ rke2IngressNginx:
       enabled: false
       replicas: 1
 
-
+## RKE2 Windows Monitoring
+## ref: https://github.com/rancher/charts/tree/release-v2.6/charts/rancher-windows-exporter
+##
+## Deploys a DaemonSet of Prometheus exporters based on https://github.com/prometheus-community/windows_exporter.
+## Every Windows host must have a wins version of 0.1.0+ to use this chart (default as of Rancher 2.5.8).
+## To upgrade wins versions on Windows hosts, see https://github.com/rancher/wins/tree/master/charts/rancher-wins-upgrader.
+##
+rke2Windows:
+  ## Do not enable this value if global.cattle.windows.enabled=true
+  enabled: false
 
 ## Additional PushProx Monitoring
-## ref: https://github.com/rancher/charts/tree/dev-v2.5-source/packages/rancher-pushprox
+## ref: https://github.com/rancher/charts/tree/release-v2.6/charts/rancher-pushprox
 ##
 
 # hardenedKubelet can only be deployed if kubelet.enabled=true
@@ -509,14 +518,15 @@ additionalPrometheusRulesMap: {}
 global:
   cattle:
     systemDefaultRegistry: ""
-    ## Windows Monitoring
-    ## ref: https://github.com/rancher/charts/tree/dev-v2.5-source/packages/rancher-windows-exporter
+    ## RKE1 Windows Monitoring
+    ## ref: https://github.com/rancher/charts/tree/release-v2.6/charts/rancher-windows-exporter
     ##
     ## Deploys a DaemonSet of Prometheus exporters based on https://github.com/prometheus-community/windows_exporter.
     ## Every Windows host must have a wins version of 0.1.0+ to use this chart (default as of Rancher 2.5.8).
     ## To upgrade wins versions on Windows hosts, see https://github.com/rancher/wins/tree/master/charts/rancher-wins-upgrader.
     ##
     windows:
+      # Do not enable this value if rke2Windows.enabled=true
       enabled: false
   kubectl:
      repository: rancher/kubectl

packages/rancher-logging/generated-changes/patch/templates/_helpers.tpl.patch

@@ -1,6 +1,6 @@
 --- charts-original/templates/_helpers.tpl
 +++ charts/templates/_helpers.tpl
-@@ -56,3 +56,92 @@
+@@ -56,3 +56,101 @@
  {{- end }}
  app.kubernetes.io/managed-by: {{ .Release.Service }}
  {{- end -}}
@@ -14,13 +14,22 @@
 +{{- end -}}
 +
 +{{- define "windowsEnabled" }}
++{{ $windowsEnabled := false }}
 +{{- if not (kindIs "invalid" .Values.global.cattle.windows) }}
 +{{- if not (kindIs "invalid" .Values.global.cattle.windows.enabled) }}
 +{{- if .Values.global.cattle.windows.enabled }}
-+true
++{{- $windowsEnabled = true }}
 +{{- end }}
 +{{- end }}
 +{{- end }}
++{{- if not (kindIs "invalid" .Values.rke2Windows) }}
++{{- if not (kindIs "invalid" .Values.rke2Windows.enabled) }}
++{{- if .Values.rke2Windows.enabled }}
++{{- $windowsEnabled = true }}
++{{- end }}
++{{- end }}
++{{- end }}
++{{ $windowsEnabled }}
 +{{- end }}
 +
 +{{- define "windowsPathPrefix" -}}

packages/rancher-logging/generated-changes/patch/values.yaml.patch

@@ -36,7 +36,7 @@
  rbac:
    enabled: true
    psp:
-@@ -95,3 +103,109 @@
+@@ -95,3 +103,117 @@
      additionalLabels: {}
      metricRelabelings: []
      relabelings: []
@@ -131,9 +131,10 @@
 +  cattle:
 +    systemDefaultRegistry: ""
 +    # Uncomment the below two lines to either enable or disable Windows logging. If this chart is
-+    # installed via the Rancher UI, it will set this value to "true" if the cluster is a Windows
++    # installed via the Rancher UI, it will set this value to "true" if the cluster is an RKE1 Windows
 +    # cluster. In that scenario, if you would like to disable Windows logging on Windows clusters,
-+    # set the value below to "false".
++    # set both this value below and rke2Windows.enabled to false.
++    #
 +    # windows:
 +    #   enabled: true
 +  # Change the "dockerRootDirectory" if the default Docker directory has changed.
@@ -146,3 +147,11 @@
 +  rkeWindowsPathPrefix: "c:\\"
 +  seLinux:
 +    enabled: false
++
++# Uncomment the below two lines to either enable or disable Windows logging. If this chart is
++# installed via the Rancher UI, you will be able to set this value in an RKE2 Windows
++# cluster. In that scenario, if you would like to disable Windows logging on Windows clusters,
++# set this value below to false.
++# rke2Windows:
++#   enabled: false
+\ No newline at end of file

packages/rancher-monitoring/generated-changes/dependencies/rkeWindows/dependency.yaml

@@ -0,0 +1,2 @@
+workingDir: ""
+url: packages/rancher-windows-exporter

packages/rancher-monitoring/generated-changes/patch/Chart.yaml.patch

@@ -1,47 +1,9 @@
 --- charts-original/Chart.yaml
 +++ charts/Chart.yaml
-@@ -1,3 +1,35 @@
-+apiVersion: v2
-+description: Collects several related Helm charts, Grafana dashboards, and Prometheus rules combined with documentation and scripts to provide easy to operate end-to-end Kubernetes cluster monitoring with Prometheus using the Prometheus Operator.
-+icon: https://raw.githubusercontent.com/prometheus/prometheus.github.io/master/assets/prometheus_logo-cb55bb5c346.png
-+engine: gotpl
-+type: application
-+maintainers:
-+  - name: vsliouniaev
-+  - name: bismarck
-+  - name: gianrubio
-+    email: gianrubio@gmail.com
-+  - name: gkarthiks
-+    email: github.gkarthiks@gmail.com
-+  - name: scottrigby
-+    email: scott@r6by.com
-+  - name: Xtigyro
-+    email: miroslav.hadzhiev@gmail.com
-+  - name: Arvind
-+    email: arvind.iyengar@suse.com
-+    url: ""
-+name: rancher-monitoring
-+sources:
-+  - https://github.com/prometheus-community/helm-charts
-+  - https://github.com/prometheus-operator/kube-prometheus
-+version: 16.6.0
-+appVersion: 0.48.0
-+kubeVersion: ">=1.16.0-0"
-+home: https://github.com/prometheus-operator/kube-prometheus
-+keywords:
-+- operator
-+- prometheus
-+- kube-prometheus
-+- monitoring
- annotations:
-   artifacthub.io/links: |
-     - name: Chart Source
-@@ -5,8 +37,16 @@
+@@ -5,6 +5,16 @@
      - name: Upstream Project
        url: https://github.com/prometheus-operator/kube-prometheus
    artifacthub.io/operator: "true"
--apiVersion: v2
--appVersion: 0.48.0
 +  catalog.cattle.io/certified: rancher
 +  catalog.cattle.io/namespace: cattle-monitoring-system
 +  catalog.cattle.io/release-name: rancher-monitoring
@@ -52,42 +14,38 @@
 +  catalog.cattle.io/auto-install: rancher-monitoring-crd=match
 +  catalog.cattle.io/requests-cpu: "4500m"
 +  catalog.cattle.io/requests-memory: "4000Mi"
+ apiVersion: v2
+ appVersion: 0.48.0
  dependencies:
- - condition: grafana.enabled
-   name: grafana
-@@ -71,34 +111,6 @@
+@@ -74,19 +84,17 @@
  - condition: rkeScheduler.enabled
    name: rkeScheduler
    repository: file://./charts/rkeScheduler
--- condition: windowsExporter.enabled
+-- condition: rkeWindows.enabled
 +- condition: global.cattle.windows.enabled
-   name: windowsExporter
-   repository: file://./charts/windowsExporter
+   name: rkeWindows
+   repository: file://./charts/rkeWindows
 -description: kube-prometheus-stack collects Kubernetes manifests, Grafana dashboards,
 -  and Prometheus rules combined with documentation and scripts to provide easy to
 -  operate end-to-end Kubernetes cluster monitoring with Prometheus using the Prometheus
 -  Operator.
--home: https://github.com/prometheus-operator/kube-prometheus
--icon: https://raw.githubusercontent.com/prometheus/prometheus.github.io/master/assets/prometheus_logo-cb55bb5c346.png
--keywords:
--- operator
--- prometheus
--- kube-prometheus
--kubeVersion: '>=1.16.0-0'
--maintainers:
--- name: vsliouniaev
--- name: bismarck
--- email: gianrubio@gmail.com
--  name: gianrubio
--- email: github.gkarthiks@gmail.com
--  name: gkarthiks
--- email: scott@r6by.com
--  name: scottrigby
--- email: miroslav.hadzhiev@gmail.com
--  name: Xtigyro
++description: Collects several related Helm charts, Grafana dashboards, and Prometheus rules combined with documentation and scripts to provide easy to operate end-to-end Kubernetes cluster monitoring with Prometheus using the Prometheus Operator.
+ home: https://github.com/prometheus-operator/kube-prometheus
+ icon: https://raw.githubusercontent.com/prometheus/prometheus.github.io/master/assets/prometheus_logo-cb55bb5c346.png
+ keywords:
+ - operator
+ - prometheus
+ - kube-prometheus
++- monitoring
+ kubeVersion: '>=1.16.0-0'
+ maintainers:
+ - name: vsliouniaev
+@@ -99,7 +107,7 @@
+   name: scottrigby
+ - email: miroslav.hadzhiev@gmail.com
+   name: Xtigyro
 -name: kube-prometheus-stack
--sources:
--- https://github.com/prometheus-community/helm-charts
--- https://github.com/prometheus-operator/kube-prometheus
--type: application
--version: 16.6.0
++name: rancher-monitoring
+ sources:
+ - https://github.com/prometheus-community/helm-charts
+ - https://github.com/prometheus-operator/kube-prometheus

packages/rancher-monitoring/generated-changes/patch/values.yaml.patch

@@ -1,6 +1,6 @@
 --- charts-original/values.yaml
 +++ charts/values.yaml
-@@ -2,13 +2,427 @@
+@@ -2,13 +2,436 @@
  # This is a YAML-formatted file.
  # Declare variables to be passed into your templates.
  
@@ -19,7 +19,7 @@
 +    create: true
 +
 +## RKE PushProx Monitoring
-+## ref: https://github.com/rancher/charts/tree/dev-v2.5-source/packages/rancher-pushprox
++## ref: https://github.com/rancher/charts/tree/release-v2.6/charts/rancher-pushprox
 +##
 +rkeControllerManager:
 +  enabled: false
@@ -100,7 +100,7 @@
 +      node-role.kubernetes.io/worker: "true"
 +
 +## k3s PushProx Monitoring
-+## ref: https://github.com/rancher/charts/tree/dev-v2.5-source/packages/rancher-pushprox
++## ref: https://github.com/rancher/charts/tree/release-v2.6/charts/rancher-pushprox
 +##
 +k3sServer:
 +  enabled: false
@@ -146,7 +146,7 @@
 +        targetLabel: metrics_path
 +
 +## KubeADM PushProx Monitoring
-+## ref: https://github.com/rancher/charts/tree/dev-v2.5-source/packages/rancher-pushprox
++## ref: https://github.com/rancher/charts/tree/release-v2.6/charts/rancher-pushprox
 +##
 +kubeAdmControllerManager:
 +  enabled: false
@@ -214,8 +214,8 @@
 +    - effect: "NoSchedule"
 +      operator: "Exists"
 +
-+## rke2 PushProx Monitoring
-+## ref: https://github.com/rancher/charts/tree/dev-v2.5-source/packages/rancher-pushprox
++## RKE2 PushProx Monitoring
++## ref: https://github.com/rancher/charts/tree/release-v2.6/charts/rancher-pushprox
 +##
 +rke2ControllerManager:
 +  enabled: false
@@ -306,10 +306,19 @@
 +      enabled: false
 +      replicas: 1
 +
-+
++## RKE2 Windows Monitoring
++## ref: https://github.com/rancher/charts/tree/release-v2.6/charts/rancher-windows-exporter
++##
++## Deploys a DaemonSet of Prometheus exporters based on https://github.com/prometheus-community/windows_exporter.
++## Every Windows host must have a wins version of 0.1.0+ to use this chart (default as of Rancher 2.5.8).
++## To upgrade wins versions on Windows hosts, see https://github.com/rancher/wins/tree/master/charts/rancher-wins-upgrader.
++##
++rke2Windows:
++  ## Do not enable this value if global.cattle.windows.enabled=true
++  enabled: false
 +
 +## Additional PushProx Monitoring
-+## ref: https://github.com/rancher/charts/tree/dev-v2.5-source/packages/rancher-pushprox
++## ref: https://github.com/rancher/charts/tree/release-v2.6/charts/rancher-pushprox
 +##
 +
 +# hardenedKubelet can only be deployed if kubelet.enabled=true
@@ -430,20 +439,21 @@
  
  ## Provide a k8s version to auto dashboard import script example: kubeTargetVersionOverride: 1.16.6
  ##
-@@ -93,8 +507,32 @@
+@@ -93,8 +516,33 @@
  
  ##
  global:
 +  cattle:
 +    systemDefaultRegistry: ""
-+    ## Windows Monitoring
-+    ## ref: https://github.com/rancher/charts/tree/dev-v2.5-source/packages/rancher-windows-exporter
++    ## RKE1 Windows Monitoring
++    ## ref: https://github.com/rancher/charts/tree/release-v2.6/charts/rancher-windows-exporter
 +    ##
 +    ## Deploys a DaemonSet of Prometheus exporters based on https://github.com/prometheus-community/windows_exporter.
 +    ## Every Windows host must have a wins version of 0.1.0+ to use this chart (default as of Rancher 2.5.8).
 +    ## To upgrade wins versions on Windows hosts, see https://github.com/rancher/wins/tree/master/charts/rancher-wins-upgrader.
 +    ##
 +    windows:
++      # Do not enable this value if rke2Windows.enabled=true
 +      enabled: false
 +  kubectl:
 +     repository: rancher/kubectl
@@ -463,7 +473,7 @@
      pspEnabled: true
      pspAnnotations: {}
        ## Specify pod annotations
-@@ -187,25 +625,76 @@
+@@ -187,25 +635,76 @@
    ## ref: https://prometheus.io/docs/alerting/notifications/
    ##      https://prometheus.io/docs/alerting/notification_examples/
    ##
@@ -559,7 +569,7 @@
  
    ingress:
      enabled: false
-@@ -395,7 +884,7 @@
+@@ -395,7 +894,7 @@
      ## Image of Alertmanager
      ##
      image:
@@ -568,7 +578,7 @@
        tag: v0.22.2
        sha: ""
  
-@@ -507,9 +996,13 @@
+@@ -507,9 +1006,13 @@
      ## Define resources requests and limits for single Pods.
      ## ref: https://kubernetes.io/docs/user-guide/compute-resources/
      ##
@@ -585,7 +595,7 @@
  
      ## Pod anti-affinity can prevent the scheduler from placing Prometheus replicas on the same node.
      ## The default value "soft" means that the scheduler should *prefer* to not schedule two replica pods onto the same node but no guarantee is provided.
-@@ -613,6 +1106,30 @@
+@@ -613,6 +1116,30 @@
    enabled: true
    namespaceOverride: ""
  
@@ -616,7 +626,7 @@
    ## ForceDeployDatasources Create datasource configmap even if grafana deployment has been disabled
    ##
    forceDeployDatasources: false
-@@ -625,6 +1142,18 @@
+@@ -625,6 +1152,18 @@
    ##
    defaultDashboardsEnabled: true
  
@@ -635,7 +645,7 @@
    adminPassword: prom-operator
  
    ingress:
-@@ -664,6 +1193,7 @@
+@@ -664,6 +1203,7 @@
      dashboards:
        enabled: true
        label: grafana_dashboard
@@ -643,7 +653,7 @@
  
        ## Annotations for Grafana dashboard configmaps
        ##
-@@ -716,7 +1246,60 @@
+@@ -716,7 +1256,60 @@
    ## Passed to grafana subchart and used by servicemonitor below
    ##
    service:
@@ -705,7 +715,7 @@
  
    ## If true, create a serviceMonitor for grafana
    ##
-@@ -746,6 +1329,14 @@
+@@ -746,6 +1339,14 @@
      #   targetLabel: nodename
      #   replacement: $1
      #   action: replace
@@ -720,7 +730,7 @@
  
  ## Component scraping the kube api server
  ##
-@@ -907,7 +1498,7 @@
+@@ -907,7 +1508,7 @@
  ## Component scraping the kube controller manager
  ##
  kubeControllerManager:
@@ -729,7 +739,7 @@
  
    ## If your kube controller manager is not deployed as a pod, specify IPs it can be found on
    ##
-@@ -1054,7 +1645,7 @@
+@@ -1054,7 +1655,7 @@
  ## Component scraping etcd
  ##
  kubeEtcd:
@@ -738,7 +748,7 @@
  
    ## If your etcd is not deployed as a pod, specify IPs it can be found on
    ##
-@@ -1119,7 +1710,7 @@
+@@ -1119,7 +1720,7 @@
  ## Component scraping kube scheduler
  ##
  kubeScheduler:
@@ -747,7 +757,7 @@
  
    ## If your kube scheduler is not deployed as a pod, specify IPs it can be found on
    ##
-@@ -1177,7 +1768,7 @@
+@@ -1177,7 +1778,7 @@
  ## Component scraping kube proxy
  ##
  kubeProxy:
@@ -756,7 +766,7 @@
  
    ## If your kube proxy is not deployed as a pod, specify IPs it can be found on
    ##
-@@ -1266,6 +1857,13 @@
+@@ -1266,6 +1867,13 @@
      create: true
    podSecurityPolicy:
      enabled: true
@@ -770,7 +780,7 @@
  
  ## Deploy node exporter as a daemonset to all nodes
  ##
-@@ -1319,6 +1917,16 @@
+@@ -1319,6 +1927,16 @@
    extraArgs:
      - --collector.filesystem.ignored-mount-points=^/(dev|proc|sys|var/lib/docker/.+|var/lib/kubelet/.+)($|/)
      - --collector.filesystem.ignored-fs-types=^(autofs|binfmt_misc|bpf|cgroup2?|configfs|debugfs|devpts|devtmpfs|fusectl|hugetlbfs|iso9660|mqueue|nsfs|overlay|proc|procfs|pstore|rpc_pipefs|securityfs|selinuxfs|squashfs|sysfs|tracefs)$
@@ -787,7 +797,7 @@
  
  ## Manages Prometheus and Alertmanager components
  ##
-@@ -1331,8 +1939,8 @@
+@@ -1331,8 +1949,8 @@
      enabled: true
      # Value must match version names from https://golang.org/pkg/crypto/tls/#pkg-constants
      tlsMinVersion: VersionTLS13
@@ -798,7 +808,7 @@
  
    ## Admission webhook support for PrometheusRules resources added in Prometheus Operator 0.30 can be enabled to prevent incorrectly formatted
    ## rules from making their way into prometheus and potentially preventing the container from starting
-@@ -1349,7 +1957,7 @@
+@@ -1349,7 +1967,7 @@
      patch:
        enabled: true
        image:
@@ -807,7 +817,7 @@
          tag: v1.5.2
          sha: ""
          pullPolicy: IfNotPresent
-@@ -1498,13 +2106,13 @@
+@@ -1498,13 +2116,13 @@
  
    ## Resource limits & requests
    ##
@@ -828,7 +838,7 @@
  
    # Required for use in managed kubernetes clusters (such as AWS EKS) with custom CNI (such as calico),
    # because control-plane managed by AWS cannot communicate with pods' IP CIDR and admission webhooks are not working
-@@ -1557,7 +2165,7 @@
+@@ -1557,7 +2175,7 @@
    ## Prometheus-operator image
    ##
    image:
@@ -837,7 +847,7 @@
      tag: v0.48.0
      sha: ""
      pullPolicy: IfNotPresent
-@@ -1573,7 +2181,7 @@
+@@ -1573,7 +2191,7 @@
    ## Prometheus-config-reloader image to use for config and rule reloading
    ##
    prometheusConfigReloaderImage:
@@ -846,7 +856,7 @@
      tag: v0.48.0
      sha: ""
  
-@@ -1659,7 +2267,7 @@
+@@ -1659,7 +2277,7 @@
      port: 9090
  
      ## To be used with a proxy extraContainer port
@@ -855,7 +865,7 @@
  
      ## List of IP addresses at which the Prometheus server service is available
      ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
-@@ -1916,7 +2524,7 @@
+@@ -1916,7 +2534,7 @@
      ## Image of Prometheus.
      ##
      image:
@@ -864,7 +874,7 @@
        tag: v2.27.1
        sha: ""
  
-@@ -1979,6 +2587,11 @@
+@@ -1979,6 +2597,11 @@
      ##
      externalUrl: ""
  
@@ -876,7 +886,7 @@
      ## Define which Nodes the Pods are scheduled on.
      ## ref: https://kubernetes.io/docs/user-guide/node-selection/
      ##
-@@ -2011,7 +2624,7 @@
+@@ -2011,7 +2634,7 @@
      ## prometheus resource to be created with selectors based on values in the helm deployment,
      ## which will also match the PrometheusRule resources created
      ##
@@ -885,7 +895,7 @@
  
      ## PrometheusRules to be selected for target discovery.
      ## If {}, select all PrometheusRules
-@@ -2036,7 +2649,7 @@
+@@ -2036,7 +2659,7 @@
      ## prometheus resource to be created with selectors based on values in the helm deployment,
      ## which will also match the servicemonitors created
      ##
@@ -894,7 +904,7 @@
  
      ## ServiceMonitors to be selected for target discovery.
      ## If {}, select all ServiceMonitors
-@@ -2059,7 +2672,7 @@
+@@ -2059,7 +2682,7 @@
      ## prometheus resource to be created with selectors based on values in the helm deployment,
      ## which will also match the podmonitors created
      ##
@@ -903,7 +913,7 @@
  
      ## PodMonitors to be selected for target discovery.
      ## If {}, select all PodMonitors
-@@ -2190,9 +2803,13 @@
+@@ -2190,9 +2813,13 @@
  
      ## Resource limits & requests
      ##
@@ -920,7 +930,7 @@
  
      ## Prometheus StorageSpec for persistent data
      ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/user-guides/storage.md
-@@ -2215,7 +2832,13 @@
+@@ -2215,7 +2842,13 @@
      #    medium: Memory
  
      # Additional volumes on the output StatefulSet definition.
@@ -935,7 +945,7 @@
  
      # Additional VolumeMounts on the output StatefulSet definition.
      volumeMounts: []
-@@ -2322,9 +2945,34 @@
+@@ -2322,9 +2955,34 @@
      ##
      thanos: {}
  
@@ -971,7 +981,7 @@
  
      ## InitContainers allows injecting additional initContainers. This is meant to allow doing some changes
      ## (permissions, dir tree) on mounted volumes before starting prometheus
-@@ -2332,7 +2980,7 @@
+@@ -2332,7 +2990,7 @@
  
      ## PortName to use for Prometheus.
      ##