This is required due to the change released in v0.1.0 of the charts-build-scripts to switch the package used for YAML marshalling / unmarshalling.
Note: This does not need a packageVersion bump since it has already been bumped once for this release.
(cherry picked from commit 7ec1716f66)
(partially cherry picked from commit e2c9a0746b)
This is required due to the change released in v0.1.0 of the charts-build-scripts to switch the package used for YAML marshalling / unmarshalling.
(cherry picked from commit 5392d84cf6)
(partially cherry picked from commit 8845d9ae9f)
This is required due to the change released in v0.1.0 of the charts-build-scripts to switch the package used for YAML marshalling / unmarshalling.
Note: This does not need a packageVersion bump since it has already been bumped once for this release.
(cherry picked from commit e5415e48de)
(partially cherry picked from commit ba726cdc6c)
```bash
git fetch upstream
git checkout upstream/dev-v2.6-source -- packages; git reset HEAD; git checkout -- packages/README.md
```
This overwrites the previous changes based on stuff currently in dev-v2.6-source today.
(partially cherry picked from commit 1107be9199)
This commit adds an nginx proxy in front of Prometheus that intercepts the requests that are sent to the Prometheus pod. This change was necessary since the Prometheus pod encounters issues with Rancher proxy URLs that are formatted like:
```
<server-url>/k8s/clusters/<cluster-id>/api/v1/namespaces/cattle-monitoring-system/services/http:rancher-monitoring-prometheus:9090/proxy
```
Specifically, if using the root_url option, it doubles up this URL when making requests for resources, e.g.
```
<server-url>/k8s/clusters/<cluster-id>/api/v1/namespaces/cattle-monitoring-system/services/http:rancher-monitoring-prometheus:9090/proxy/<my-path>
=>
<server-url>/k8s/clusters/<cluster-id>/api/v1/namespaces/cattle-monitoring-system/services/http:rancher-monitoring-prometheus:9090/proxy/k8s/clusters/<cluster-id>/api/v1/namespaces/cattle-monitoring-system/services/http:rancher-monitoring-prometheus:9090/proxy/<my-path>
```
However, this does not resolve the issue in https://github.com/rancher/rancher/issues/29068.
(partially cherry picked from commit 92f0eca770)
This commit adds an nginx proxy in front of Grafana that intercepts the requests that are sent to the Grafana pod. This change was necessary since the Grafana pod encounters issues with Rancher proxy URLs that are formatted like:
```
<server-url>/k8s/clusters/<cluster-id>/api/v1/namespaces/cattle-monitoring-system/services/http:rancher-monitoring-grafana:80/proxy
```
Specifically, if using the root_url option, it doubles up this URL when making requests for resources, e.g.
```
<server-url>/k8s/clusters/<cluster-id>/api/v1/namespaces/cattle-monitoring-system/services/http:rancher-monitoring-grafana:80/proxy/<my-path>
=>
<server-url>/k8s/clusters/<cluster-id>/api/v1/namespaces/cattle-monitoring-system/services/http:rancher-monitoring-grafana:80/proxy/k8s/clusters/<cluster-id>/api/v1/namespaces/cattle-monitoring-system/services/http:rancher-monitoring-grafana:80/proxy/<my-path>
```
(partially cherry picked from commit d6c774aa42)
This commit adds support for deploying rancher-monitoring into hardened clusters.
It modifies some of the default securityContexts and does some misc. fixes such as:
- Removing default AppArmor PSP annotations from Grafana (related to https://github.com/helm/charts/issues/9090)
- Modifying rkeScheduler and rkeControllerManager to use localhost to scrape components since the endpoints aren't exposed in a hardened cluster
These changes have been verified on a hardened RKE cluster.
(partially cherry picked from commit e3d6033572)
This commit adds support for deploying rancher-pushprox into hardened clusters.
It introduces securityContexts and rearranges the RBAC in order to support a PodSecurityPolicy for the PushProx clients.
These changes have been verified on a hardened RKE cluster.
(partially cherry picked from commit 7d1332356c)
This commit renames `grafana-dashboards` to `cattle-dashboards` and deprecates the `grafana-datasources` namespace in favor of the normal release namespace.
Related Issue: rancher/rancher#28887
(partially cherry picked from commit b80fb3a8ff)
Donnie Adams
dbason
Jiaqi Luo
Prachi Damle
Prachi Damle
Arvind Iyengar
Arvind Iyengar
Nick Gerace
actions
Darren Shepherd
rajashree
maggieliu
Jacob Payne
Steven Crespo
Daishan
Brenda Rearden