make charts

charts/rancher-logging/rancher-logging/100.0.0+up3.12.0/templates/_helpers.tpl

@@ -66,13 +66,22 @@ app.kubernetes.io/managed-by: {{ .Release.Service }}
 {{- end -}}
 
 {{- define "windowsEnabled" }}
+{{ $windowsEnabled := false }}
 {{- if not (kindIs "invalid" .Values.global.cattle.windows) }}
 {{- if not (kindIs "invalid" .Values.global.cattle.windows.enabled) }}
 {{- if .Values.global.cattle.windows.enabled }}
-true
+{{- $windowsEnabled = true }}
 {{- end }}
 {{- end }}
 {{- end }}
+{{- if not (kindIs "invalid" .Values.rke2Windows) }}
+{{- if not (kindIs "invalid" .Values.rke2Windows.enabled) }}
+{{- if .Values.rke2Windows.enabled }}
+{{- $windowsEnabled = true }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{ $windowsEnabled }}
 {{- end }}
 
 {{- define "windowsPathPrefix" -}}

charts/rancher-logging/rancher-logging/100.0.0+up3.12.0/values.yaml

@@ -194,9 +194,10 @@ global:
   cattle:
     systemDefaultRegistry: ""
     # Uncomment the below two lines to either enable or disable Windows logging. If this chart is
-    # installed via the Rancher UI, it will set this value to "true" if the cluster is a Windows
+    # installed via the Rancher UI, it will set this value to "true" if the cluster is an RKE1 Windows
     # cluster. In that scenario, if you would like to disable Windows logging on Windows clusters,
-    # set the value below to "false".
+    # set both this value below and rke2Windows.enabled to false.
+    #
     # windows:
     #   enabled: true
   # Change the "dockerRootDirectory" if the default Docker directory has changed.
@@ -209,3 +210,10 @@ global:
   rkeWindowsPathPrefix: "c:\\"
   seLinux:
     enabled: false
+
+# Uncomment the below two lines to either enable or disable Windows logging. If this chart is
+# installed via the Rancher UI, you will be able to set this value in an RKE2 Windows
+# cluster. In that scenario, if you would like to disable Windows logging on Windows clusters,
+# set this value below to false.
+# rke2Windows:
+#   enabled: false

charts/rancher-monitoring/rancher-monitoring/100.0.0+up16.6.0/Chart.yaml

@@ -66,6 +66,9 @@ dependencies:
 - condition: rke2Scheduler.enabled
   name: rke2Scheduler
   repository: file://./charts/rke2Scheduler
+- condition: rke2Windows.enabled
+  name: rke2Windows
+  repository: file://./charts/rke2Windows
 - condition: rkeControllerManager.enabled
   name: rkeControllerManager
   repository: file://./charts/rkeControllerManager
@@ -82,8 +85,8 @@ dependencies:
   name: rkeScheduler
   repository: file://./charts/rkeScheduler
 - condition: global.cattle.windows.enabled
-  name: windowsExporter
+  name: rkeWindows
-  repository: file://./charts/windowsExporter
+  repository: file://./charts/rkeWindows
 description: Collects several related Helm charts, Grafana dashboards, and Prometheus
   rules combined with documentation and scripts to provide easy to operate end-to-end
   Kubernetes cluster monitoring with Prometheus using the Prometheus Operator.
@@ -106,8 +109,6 @@ maintainers:
   name: scottrigby
 - email: miroslav.hadzhiev@gmail.com
   name: Xtigyro
-- email: arvind.iyengar@suse.com
-  name: Arvind
 name: rancher-monitoring
 sources:
 - https://github.com/prometheus-community/helm-charts

charts/rancher-monitoring/rancher-monitoring/100.0.0+up16.6.0/charts/rke2Windows/Chart.yaml

@@ -10,6 +10,6 @@ description: Sets up monitoring metrics from Windows nodes via Prometheus window
 maintainers:
 - email: arvind.iyengar@rancher.com
   name: aiyengar2
-name: windowsExporter
+name: rke2Windows
 type: application
 version: 0.1.1

charts/rancher-monitoring/rancher-monitoring/100.0.0+up16.6.0/charts/rkeWindows/.helmignore

@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

charts/rancher-monitoring/rancher-monitoring/100.0.0+up16.6.0/charts/rkeWindows/Chart.yaml

@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/os: windows
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-windows-exporter
+apiVersion: v1
+appVersion: 0.0.2
+description: Sets up monitoring metrics from Windows nodes via Prometheus windows-exporter
+maintainers:
+- email: arvind.iyengar@rancher.com
+  name: aiyengar2
+name: rkeWindows
+type: application
+version: 0.1.1

charts/rancher-monitoring/rancher-monitoring/100.0.0+up16.6.0/charts/rkeWindows/README.md

@@ -0,0 +1,17 @@
+# rancher-windows-exporter
+
+A Rancher chart based on the [prometheus-community/windows-exporter](https://github.com/prometheus-community/windows_exporter) project (previously called wmi-exporter) that sets up a DaemonSet of clients that can scrape windows-exporter metrics from Windows nodes on a Kubernetes cluster.
+
+A [Prometheus Operator](https://github.com/coreos/prometheus-operator) ServiceMonitor CR and PrometheusRule CR are also created by this chart to collect metrics and add some recording rules to map `windows_` series with their OS-agnostic counterparts.
+
+## Node Requirements
+
+Since Windows does not support privileged pods, this chart expects a Named Pipe (`\\.\pipe\rancher_wins`) to exist on the Windows host that allows containers to communicate with the host. This is done by deploying a [rancher/wins](https://github.com/rancher/wins) server on the host.
+
+The image used by the chart, [windows_exporter-package](https://github.com/rancher/windows_exporter-package), is configured to create a wins client that communicates with the wins server, alongside a running copy of a particular version of [windows-exporter](https://github.com/prometheus-community/windows_exporter). Through the wins client and wins server, the windows-exporter is able to communicate directly with the Windows host to collect metrics and expose them.
+
+If the cluster you are installing this chart on is a custom cluster that was created via RKE1 with Windows Support enabled, your nodes should already have the wins server running; this should have been added as part of [the bootstrapping process for adding the Windows node onto your RKE1 cluster](https://github.com/rancher/rancher/blob/master/package/windows/bootstrap.ps1).
+
+## Configuration
+
+See [rancher-monitoring](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-monitoring) for an example of how this chart can be used.

charts/rancher-monitoring/rancher-monitoring/100.0.0+up16.6.0/charts/rkeWindows/scripts/check-wins-version.ps1

@@ -0,0 +1,20 @@
+$ErrorActionPreference = 'Stop'
+
+$winsPath = "c:\Windows\wins.exe"
+$minWinsVersion = [System.Version]"0.1.0"
+
+function Get-Wins-Version
+{
+    $winsAppInfo = Invoke-Expression "& $winsPath cli app info | ConvertFrom-Json"
+    return [System.Version]($winsAppInfo.Server.Version.substring(1))
+}
+
+# Wait till the wins version installed is at least v0.1.0
+$winsVersion = Get-Wins-Version
+while ($winsVersion -lt $minWinsVersion) {
+    Write-Host $('wins on host must be at least v{0}, found v{1}. Checking again in 10 seconds...' -f $minWinsVersion, $winsVersion)
+    Start-Sleep -s 10
+    $winsVersion = Get-Wins-Version
+}
+
+Write-Host $('Detected wins version on host is v{0}, which is >v{1}. Continuing with installation...' -f $winsVersion, $minWinsVersion)

charts/rancher-monitoring/rancher-monitoring/100.0.0+up16.6.0/charts/rkeWindows/scripts/proxy-entry.ps1

@@ -0,0 +1,11 @@
+# default
+$listenPort = "9796"
+
+if ($env:LISTEN_PORT) {
+    $listenPort = $env:LISTEN_PORT
+}
+
+# format "UDP:4789 TCP:8080"
+$winsPublish = $('TCP:{0}' -f $listenPort)
+
+wins.exe cli proxy --publish $winsPublish

charts/rancher-monitoring/rancher-monitoring/100.0.0+up16.6.0/charts/rkeWindows/scripts/run.ps1

@@ -0,0 +1,78 @@
+$ErrorActionPreference = 'Stop'
+
+function Create-Directory
+{
+    param (
+        [parameter(Mandatory = $false, ValueFromPipeline = $true)] [string]$Path
+    )
+
+    if (Test-Path -Path $Path) {
+        if (-not (Test-Path -Path $Path -PathType Container)) {
+            # clean the same path file
+            Remove-Item -Recurse -Force -Path $Path -ErrorAction Ignore | Out-Null
+        }
+
+        return
+    }
+
+    New-Item -Force -ItemType Directory -Path $Path | Out-Null
+}
+
+function Transfer-File
+{
+    param (
+        [parameter(Mandatory = $true)] [string]$Src,
+        [parameter(Mandatory = $true)] [string]$Dst
+    )
+
+    if (Test-Path -PathType leaf -Path $Dst) {
+        $dstHasher = Get-FileHash -Path $Dst
+        $srcHasher = Get-FileHash -Path $Src
+        if ($dstHasher.Hash -eq $srcHasher.Hash) {
+            return
+        }
+    }
+
+    $null = Copy-Item -Force -Path $Src -Destination $Dst
+}
+
+# Copy binary into host
+Create-Directory -Path "c:\host\etc\windows-exporter"
+Transfer-File -Src "c:\etc\windows-exporter\windows-exporter.exe" -Dst "c:\host\etc\windows-exporter\windows-exporter.exe"
+
+# Copy binary into prefix path, since wins expects the same path on the host and on the container
+$prefixPath = 'c:\'
+if ($env:CATTLE_PREFIX_PATH) {
+    $prefixPath = $env:CATTLE_PREFIX_PATH
+}
+$winsDirPath = $('{0}etc\windows-exporter' -f $prefixPath)
+$winsPath = $('{0}\windows-exporter.exe' -f $winsDirPath)
+
+Create-Directory -Path $winsDirPath
+Transfer-File -Src "c:\etc\windows-exporter\windows-exporter.exe" $winsPath
+
+# Run wins with defaults
+$listenPort = "9796"
+$enabledCollectors = "net,os,service,system,cpu,cs,logical_disk"
+$maxRequests = "5"
+
+if ($env:LISTEN_PORT) {
+    $listenPort = $env:LISTEN_PORT
+}
+
+if ($env:ENABLED_COLLECTORS) {
+    $enabledCollectors = $env:ENABLED_COLLECTORS
+}
+
+if ($env:MAX_REQUESTS) {
+    $maxRequests = $env:MAX_REQUESTS
+}
+
+# format "UDP:4789 TCP:8080"
+$winsExposes = $('TCP:{0}' -f $listenPort)
+
+# format "--a=b --c=d"
+$winsArgs = $('--collectors.enabled={0} --telemetry.addr=:{1} --telemetry.max-requests={2} --telemetry.path=/metrics' -f $enabledCollectors, $listenPort, $maxRequests)
+
+
+wins.exe cli prc run --path $winsPath --exposes $winsExposes --args "$winsArgs"

charts/rancher-monitoring/rancher-monitoring/100.0.0+up16.6.0/charts/rkeWindows/templates/_helpers.tpl

@@ -0,0 +1,113 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# General
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+The components in this chart create additional resources that expand the longest created name strings.
+The longest name that gets created adds and extra 37 characters, so truncation should be 63-35=26.
+*/}}
+{{- define "windowsExporter.name" -}}
+{{ printf "%s-windows-exporter" .Release.Name }}
+{{- end -}}
+
+{{- define "windowsExporter.namespace" -}}
+{{- default .Release.Namespace .Values.namespaceOverride -}}
+{{- end -}}
+
+{{- define "windowsExporter.labels" -}}
+k8s-app: {{ template "windowsExporter.name" . }}
+release: {{ .Release.Name }}
+component: "windows-exporter"
+provider: kubernetes
+{{- end -}}
+
+# Client
+
+{{- define "windowsExporter.client.nodeSelector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: windows
+{{- else -}}
+kubernetes.io/os: windows
+{{- end -}}
+{{- if .Values.clients.nodeSelector }}
+{{ toYaml .Values.clients.nodeSelector }}
+{{- end }}
+{{- end -}}
+
+{{- define "windowsExporter.client.tolerations" -}}
+{{- if .Values.clients.tolerations -}}
+{{ toYaml .Values.clients.tolerations }}
+{{- else -}}
+- operator: Exists
+{{- end -}}
+{{- end -}}
+
+{{- define "windowsExporter.client.env" -}}
+- name: LISTEN_PORT
+  value: {{ required "Need .Values.clients.port to figure out where to get metrics from" .Values.clients.port | quote }}
+{{- if .Values.clients.enabledCollectors }}
+- name: ENABLED_COLLECTORS
+  value: {{ .Values.clients.enabledCollectors | quote }}
+{{- end }}
+{{- if .Values.clients.env }}
+{{ toYaml .Values.clients.env }}
+{{- end }}
+{{- end -}}
+
+{{- define "windowsExporter.validatePathPrefix" -}}
+{{- if .Values.global.cattle.rkeWindowsPathPrefix -}}
+{{- $prefixPath := (.Values.global.cattle.rkeWindowsPathPrefix | replace "/" "\\") -}}
+{{- if (not (hasSuffix "\\" $prefixPath)) -}}
+{{- fail (printf ".Values.global.cattle.rkeWindowsPathPrefix must end in '/' or '\\', found %s" $prefixPath) -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{- define "windowsExporter.renamedMetrics" -}}
+{{- $renamed := dict -}}
+{{/* v0.15.0 */}}
+{{- $_ := set $renamed "windows_mssql_transactions_active_total" "windows_mssql_transactions_active" -}}
+{{/* v0.16.0 */}}
+{{- $_ := set $renamed "windows_adfs_ad_login_connection_failures" "windows_adfs_ad_login_connection_failures_total" -}}
+{{- $_ := set $renamed "windows_adfs_certificate_authentications" "windows_adfs_certificate_authentications_total" -}}
+{{- $_ := set $renamed "windows_adfs_device_authentications" "windows_adfs_device_authentications_total" -}}
+{{- $_ := set $renamed "windows_adfs_extranet_account_lockouts" "windows_adfs_extranet_account_lockouts_total" -}}
+{{- $_ := set $renamed "windows_adfs_federated_authentications" "windows_adfs_federated_authentications_total" -}}
+{{- $_ := set $renamed "windows_adfs_passport_authentications" "windows_adfs_passport_authentications_total" -}}
+{{- $_ := set $renamed "windows_adfs_password_change_failed" "windows_adfs_password_change_failed_total" -}}
+{{- $_ := set $renamed "windows_adfs_password_change_succeeded" "windows_adfs_password_change_succeeded_total" -}}
+{{- $_ := set $renamed "windows_adfs_token_requests" "windows_adfs_token_requests_total" -}}
+{{- $_ := set $renamed "windows_adfs_windows_integrated_authentications" "windows_adfs_windows_integrated_authentications_total" -}}
+{{- $_ := set $renamed "windows_net_packets_outbound_errors" "windows_net_packets_outbound_errors_total" -}}
+{{- $_ := set $renamed "windows_net_packets_received_discarded" "windows_net_packets_received_discarded_total" -}}
+{{- $_ := set $renamed "windows_net_packets_received_errors" "windows_net_packets_received_errors_total" -}}
+{{- $_ := set $renamed "windows_net_packets_received_total" "windows_net_packets_received_total_total" -}}
+{{- $_ := set $renamed "windows_net_packets_received_unknown" "windows_net_packets_received_unknown_total" -}}
+{{- $_ := set $renamed "windows_dns_memory_used_bytes_total" "windows_dns_memory_used_bytes" -}}
+{{- $renamed | toJson -}}
+{{- end -}}
+
+{{- define "windowsExporter.renamedMetricsRelabeling" -}}
+{{- range $original, $new := (include "windowsExporter.renamedMetrics" . | fromJson) -}}
+- sourceLabels: [__name__]
+  regex: {{ $original }}
+  replacement: '{{ $new }}'
+  targetLabel: __name__
+{{ end -}}
+{{- end -}}
+
+{{- define "windowsExporter.renamedMetricsRules" -}}
+{{- range $original, $new := (include "windowsExporter.renamedMetrics" . | fromJson) -}}
+- record: {{ $original }}
+  expr: {{ $new }}
+{{ end -}}
+{{- end -}}

charts/rancher-monitoring/rancher-monitoring/100.0.0+up16.6.0/charts/rkeWindows/templates/configmap.yaml

@@ -0,0 +1,10 @@
+{{- if .Values.clients }}{{ if .Values.clients.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ template "windowsExporter.name" . }}-scripts
+  namespace: {{ template "windowsExporter.namespace" . }}
+  labels: {{ include "windowsExporter.labels" . | nindent 4 }}
+data:
+{{ (.Files.Glob "scripts/*").AsConfig | indent 2 }}
+{{- end }}{{- end }}

charts/rancher-monitoring/rancher-monitoring/100.0.0+up16.6.0/charts/rkeWindows/templates/daemonset.yaml

@@ -0,0 +1,77 @@
+{{- if .Values.clients }}{{ if .Values.clients.enabled }}
+{{ include "windowsExporter.validatePathPrefix" . }}
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: {{ template "windowsExporter.name" . }}
+  namespace: {{ template "windowsExporter.namespace" . }}
+  labels: {{ include "windowsExporter.labels" . | nindent 4 }}
+spec:
+  selector:
+    matchLabels: {{ include "windowsExporter.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "windowsExporter.labels" . | nindent 8 }}
+    spec:
+      nodeSelector: {{ include "windowsExporter.client.nodeSelector" . | nindent 8 }}
+      tolerations: {{ include "windowsExporter.client.tolerations" . | nindent 8 }}
+      serviceAccountName: {{ template "windowsExporter.name" . }}
+      containers:
+      - name: exporter-node-proxy
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command: ["pwsh", "-f", "c:/scripts/proxy-entry.ps1"]
+        ports:
+        - name: http
+          containerPort: {{ required "Need .Values.clients.port to figure out where to get metrics from" .Values.clients.port }}
+        env: {{ include "windowsExporter.client.env" . | nindent 10 }}
+{{- if .Values.resources }}
+        resources: {{ toYaml .Values.clients.proxy.resources | nindent 10 }}
+{{- end }}
+        volumeMounts:
+        - name: wins-pipe-proxy
+          mountPath: \\.\pipe\rancher_wins_proxy
+        - name: exporter-scripts
+          mountPath: c:/scripts/
+      - name: exporter-node
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command: ["pwsh", "-f", "c:/scripts/run.ps1"]
+{{- if .Values.clients.args }}
+        args: {{ .Values.clients.args }}
+{{- end }}
+        env: {{ include "windowsExporter.client.env" . | nindent 8 }}
+        - name: CATTLE_PREFIX_PATH
+          value: {{ default "c:\\" .Values.global.cattle.rkeWindowsPathPrefix | replace "/" "\\" }}
+{{- if .Values.resources }}
+        resources: {{ toYaml .Values.clients.resources | nindent 10 }}
+{{- end }}
+        volumeMounts:
+        - name: wins-pipe
+          mountPath: \\.\pipe\rancher_wins
+        - name: binary-host-path
+          mountPath: c:/host/etc/windows-exporter
+        - name: exporter-scripts
+          mountPath: c:/scripts/
+      initContainers:
+      - name: check-wins-version
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command: ["pwsh", "-f", "c:/scripts/check-wins-version.ps1"]
+        volumeMounts:
+        - name: wins-pipe
+          mountPath: \\.\pipe\rancher_wins
+        - name: exporter-scripts
+          mountPath: c:/scripts/
+      volumes:
+      - name: wins-pipe
+        hostPath:
+          path: \\.\pipe\rancher_wins
+      - name: wins-pipe-proxy
+        hostPath:
+          path: \\.\pipe\rancher_wins_proxy
+      - name: binary-host-path
+        hostPath:
+          path: {{ default "c:\\" .Values.global.cattle.rkeWindowsPathPrefix | replace "\\" "/" }}etc/windows-exporter
+          type: DirectoryOrCreate
+      - name: exporter-scripts
+        configMap:
+          name: {{ template "windowsExporter.name" . }}-scripts
+{{- end }}{{- end }}

charts/rancher-monitoring/rancher-monitoring/100.0.0+up16.6.0/charts/rkeWindows/templates/prometheusrule.yaml

@@ -0,0 +1,13 @@
+{{- if and .Values.prometheusRule .Values.clients }}{{- if and .Values.prometheusRule.enabled .Values.clients.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  labels: {{ include "windowsExporter.labels" . | nindent 4 }}
+  name: {{ template "windowsExporter.name" . }}
+  namespace: {{ template "windowsExporter.namespace" . }}
+spec:
+  groups:
+  - name: windows-exporter-relabel.rules
+    rules:
+{{- include "windowsExporter.renamedMetricsRules" . | nindent 4 -}}
+{{- end }}{{- end }}

charts/rancher-monitoring/rancher-monitoring/100.0.0+up16.6.0/charts/rkeWindows/templates/rbac.yaml

@@ -0,0 +1,78 @@
+{{- if .Values.clients }}{{ if .Values.clients.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "windowsExporter.name" . }}
+  namespace: {{ template "windowsExporter.namespace" . }}
+  labels: {{ include "windowsExporter.labels" . | nindent 4 }}
+rules:
+- apiGroups: ['authentication.k8s.io']
+  resources: ['tokenreviews']
+  verbs: ['create']
+- apiGroups: ['authorization.k8s.io']
+  resources: ['subjectaccessreviews']
+  verbs: ['create']
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames: ['{{ template "windowsExporter.name" . }}']
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "windowsExporter.name" . }}
+  namespace: {{ template "windowsExporter.namespace" . }}
+  labels: {{ include "windowsExporter.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "windowsExporter.name" . }}
+subjects:
+- kind: ServiceAccount
+  name: {{ template "windowsExporter.name" . }}
+  namespace: {{ .Release.Namespace }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "windowsExporter.name" . }}
+  namespace: {{ template "windowsExporter.namespace" . }}
+  labels: {{ include "windowsExporter.labels" . | nindent 4 }}
+{{- if .Values.clients.imagePullSecrets }}
+imagePullSecrets: {{ toYaml .Values.clients.imagePullSecrets | nindent 2 }}
+{{- end }}
+---
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "windowsExporter.name" . }}
+  namespace: {{ template "windowsExporter.namespace" . }}
+  labels: {{ include "windowsExporter.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+    - 'hostPath'
+  allowedHostPaths:
+  - pathPrefix: \\.\pipe\rancher_wins
+  - pathPrefix: \\.\pipe\rancher_wins_proxy
+  - pathPrefix: c:/etc/windows-exporter
+{{- end }}{{- end }}

charts/rancher-monitoring/rancher-monitoring/100.0.0+up16.6.0/charts/rkeWindows/templates/service.yaml

@@ -0,0 +1,15 @@
+{{- if and .Values.clients }}{{- if and .Values.clients.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "windowsExporter.name" . }}
+  namespace: {{ template "windowsExporter.namespace" . }}
+  labels: {{ include "windowsExporter.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: windows-metrics
+    port: {{ required "Need .Values.clients.port to figure out where to get metrics from" .Values.clients.port }}
+    protocol: TCP
+    targetPort: {{ .Values.clients.port }}
+  selector: {{ include "windowsExporter.labels" . | nindent 4 }}
+{{- end }}{{- end }}

charts/rancher-monitoring/rancher-monitoring/100.0.0+up16.6.0/charts/rkeWindows/templates/servicemonitor.yaml

@@ -0,0 +1,41 @@
+{{- if and .Values.serviceMonitor .Values.clients }}{{- if and .Values.serviceMonitor.enabled .Values.clients.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  labels: {{ include "windowsExporter.labels" . | nindent 4 }}
+  name: {{ template "windowsExporter.name" . }}
+  namespace: {{ template "windowsExporter.namespace" . }}
+spec:
+  selector:
+    matchLabels: {{ include "windowsExporter.labels" . | nindent 6 }}
+  namespaceSelector:
+    matchNames:
+    - {{ template "windowsExporter.namespace" . }}
+  jobLabel: component
+  podTargetLabels:
+  - component
+  endpoints:
+  - port: windows-metrics
+    metricRelabelings:
+{{- include "windowsExporter.renamedMetricsRelabeling" . | nindent 4 -}}
+    - sourceLabels: [__name__]
+      regex: 'wmi_(.*)'
+      replacement: 'windows_$1'
+      targetLabel: __name__
+    - sourceLabels: [volume, nic]
+      regex: (.*);(.*)
+      separator: ''
+      targetLabel: device
+      action: replace
+      replacement: $1$2
+    - sourceLabels: [__name__]
+      regex: windows_cs_logical_processors
+      replacement: 'system'
+      targetLabel: mode
+    relabelings:
+    - separator: ':'
+      sourceLabels:
+      - __meta_kubernetes_pod_host_ip
+      - __meta_kubernetes_pod_container_port_number
+      targetLabel: instance
+{{- end }}{{- end }}

charts/rancher-monitoring/rancher-monitoring/100.0.0+up16.6.0/charts/rkeWindows/values.yaml

@@ -0,0 +1,50 @@
+# Default values for rancher-windows-exporter.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Configuration
+
+global:
+  cattle:
+    systemDefaultRegistry: ""
+    rkeWindowsPathPrefix: "c:\\"
+
+# Configure ServiceMonitor that monitors metrics
+serviceMonitor: 
+  enabled: true
+
+# Configure PrometheusRule that renames existing metrics
+prometheusRule:
+  enabled: true
+
+## Components scraping metrics from Windows nodes
+##
+clients:
+  enabled: true
+
+  port: 9796
+  image:
+    repository: rancher/windows_exporter-package
+    tag: v0.0.2
+    os: "windows"
+
+  # Specify the IP addresses of nodes that you want to collect metrics from
+  endpoints: []
+
+  # Get more details on https://github.com/prometheus-community/windows_exporter
+  args: []
+  env: {}
+  enabledCollectors: "net,os,service,system,cpu,cs,logical_disk,tcp,memory,container"
+
+  # Resource limits
+  resources: {}
+  
+  # Options to select nodes to target for scraping Windows metrics
+  nodeSelector: {} # Note: {<beta.>kubernetes.io/os: windows} is default and cannot be overridden
+  tolerations: []  # Note: if not specified, the default option is to use [{operator: Exists}]
+
+  # Image Pull Secrets for the service account used by the clients
+  imagePullSecrets: {}
+
+  proxy:
+    resources: {}

charts/rancher-monitoring/rancher-monitoring/100.0.0+up16.6.0/values.yaml

@@ -17,7 +17,7 @@ prometheus-adapter:
     create: true
 
 ## RKE PushProx Monitoring
-## ref: https://github.com/rancher/charts/tree/dev-v2.5-source/packages/rancher-pushprox
+## ref: https://github.com/rancher/charts/tree/release-v2.6/charts/rancher-pushprox
 ##
 rkeControllerManager:
   enabled: false
@@ -98,7 +98,7 @@ rkeIngressNginx:
       node-role.kubernetes.io/worker: "true"
 
 ## k3s PushProx Monitoring
-## ref: https://github.com/rancher/charts/tree/dev-v2.5-source/packages/rancher-pushprox
+## ref: https://github.com/rancher/charts/tree/release-v2.6/charts/rancher-pushprox
 ##
 k3sServer:
   enabled: false
@@ -144,7 +144,7 @@ k3sServer:
         targetLabel: metrics_path
 
 ## KubeADM PushProx Monitoring
-## ref: https://github.com/rancher/charts/tree/dev-v2.5-source/packages/rancher-pushprox
+## ref: https://github.com/rancher/charts/tree/release-v2.6/charts/rancher-pushprox
 ##
 kubeAdmControllerManager:
   enabled: false
@@ -212,8 +212,8 @@ kubeAdmEtcd:
     - effect: "NoSchedule"
       operator: "Exists"
 
-## rke2 PushProx Monitoring
+## RKE2 PushProx Monitoring
-## ref: https://github.com/rancher/charts/tree/dev-v2.5-source/packages/rancher-pushprox
+## ref: https://github.com/rancher/charts/tree/release-v2.6/charts/rancher-pushprox
 ##
 rke2ControllerManager:
   enabled: false
@@ -304,10 +304,19 @@ rke2IngressNginx:
       enabled: false
       replicas: 1
 
-
+## RKE2 Windows Monitoring
+## ref: https://github.com/rancher/charts/tree/release-v2.6/charts/rancher-windows-exporter
+##
+## Deploys a DaemonSet of Prometheus exporters based on https://github.com/prometheus-community/windows_exporter.
+## Every Windows host must have a wins version of 0.1.0+ to use this chart (default as of Rancher 2.5.8).
+## To upgrade wins versions on Windows hosts, see https://github.com/rancher/wins/tree/master/charts/rancher-wins-upgrader.
+##
+rke2Windows:
+  ## Do not enable this value if global.cattle.windows.enabled=true
+  enabled: false
 
 ## Additional PushProx Monitoring
-## ref: https://github.com/rancher/charts/tree/dev-v2.5-source/packages/rancher-pushprox
+## ref: https://github.com/rancher/charts/tree/release-v2.6/charts/rancher-pushprox
 ##
 
 # hardenedKubelet can only be deployed if kubelet.enabled=true
@@ -509,14 +518,15 @@ additionalPrometheusRulesMap: {}
 global:
   cattle:
     systemDefaultRegistry: ""
-    ## Windows Monitoring
+    ## RKE1 Windows Monitoring
-    ## ref: https://github.com/rancher/charts/tree/dev-v2.5-source/packages/rancher-windows-exporter
+    ## ref: https://github.com/rancher/charts/tree/release-v2.6/charts/rancher-windows-exporter
     ##
     ## Deploys a DaemonSet of Prometheus exporters based on https://github.com/prometheus-community/windows_exporter.
     ## Every Windows host must have a wins version of 0.1.0+ to use this chart (default as of Rancher 2.5.8).
     ## To upgrade wins versions on Windows hosts, see https://github.com/rancher/wins/tree/master/charts/rancher-wins-upgrader.
     ##
     windows:
+      # Do not enable this value if rke2Windows.enabled=true
       enabled: false
   kubectl:
      repository: rancher/kubectl