mirror of https://git.rancher.io/charts
144 lines
5.7 KiB
YAML
144 lines
5.7 KiB
YAML
# Default values for rancher-pushprox.
|
|
# This is a YAML-formatted file.
|
|
# Declare variables to be passed into your templates.
|
|
|
|
# Default image containing both the proxy and the client was generated from the following Dockerfile
|
|
# https://github.com/prometheus-community/PushProx/blob/eeadbe766641699129920ccfaaaa30a85c67fe81/Dockerfile#L1-L15
|
|
|
|
# Configuration
|
|
|
|
global:
|
|
cattle:
|
|
systemDefaultRegistry: ""
|
|
seLinux:
|
|
enabled: false
|
|
|
|
# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
|
|
#
|
|
# For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
|
|
# any of the semver constraints provided as keys on the map.
|
|
#
|
|
# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
|
|
#
|
|
# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
|
|
#
|
|
# Notes:
|
|
# - On running a helm template, Helm generally assumes the kubeVersion is v1.20.0
|
|
# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
|
|
kubeVersionOverrides: []
|
|
# - constraint: "< 1.21"
|
|
# values:
|
|
# metricsPort: 10252
|
|
# clients:
|
|
# https:
|
|
# enabled: false
|
|
# insecureSkipVerify: false
|
|
# useServiceAccountCredentials: false
|
|
|
|
namespaceOverride: ""
|
|
|
|
# The component that is being monitored (i.e. etcd)
|
|
component: "component"
|
|
|
|
# The port containing the metrics that need to be scraped
|
|
metricsPort: 2739
|
|
|
|
# Configure ServiceMonitor that monitors metrics from the metricsPort endpoint
|
|
serviceMonitor:
|
|
enabled: true
|
|
# A list of endpoints that will be added to the ServiceMonitor based on the Endpoint spec
|
|
# Source: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
|
|
# By default, proxyUrl and params._scheme will be overridden based on other values
|
|
endpoints:
|
|
- port: metrics
|
|
|
|
# Configure Service that grabs scrape targets
|
|
service:
|
|
# The selector that is used to populate the Service's Endpoints object.
|
|
# The chart will error out on rendering templating if .Values.clients.enabled is set alongside this field,
|
|
# since it is expected that this service should point to the PushProx Clients Daemonset / Deployment
|
|
selector: {}
|
|
|
|
clients:
|
|
enabled: true
|
|
# The port which the PushProx client will post PushProx metrics to
|
|
port: 9369
|
|
# If unset, this will default to the URL for the proxy service: http://pushprox-{{component}}-proxy.{{namepsace}}.svc.cluster.local:{{proxy.port}}
|
|
# Should be modified if the clients are being deployed outside the cluster where the proxy rests, otherwise leave it null
|
|
proxyUrl: ""
|
|
# If set to true, the client will forward any requests from the host IP to 127.0.0.1
|
|
# It will only allow proxy requests to the metricsPort specified
|
|
useLocalhost: false
|
|
# Configuration for accessing metrics via HTTPS
|
|
https:
|
|
# Does the client require https to access the metrics?
|
|
enabled: false
|
|
# If set to true, the client will create a service account with adequate permissions and set a flag
|
|
# on the client to use the service account token provided by it to make authorized scrape requests
|
|
useServiceAccountCredentials: false
|
|
# If set to true, the client will disable SSL security checks
|
|
insecureSkipVerify: false
|
|
# Directory on host where necessary TLS cert and key to scrape metrics can be found
|
|
certDir: ""
|
|
# Filenames for files located in .Values.clients.https.certDir that correspond to TLS settings
|
|
certFile: ""
|
|
keyFile: ""
|
|
caCertFile: ""
|
|
# seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host.
|
|
# Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided.
|
|
seLinuxOptions: {}
|
|
|
|
metrics:
|
|
# Whether the client should publish PushProx client-specific metrics to .Values.clients.port
|
|
enabled: false
|
|
|
|
rbac:
|
|
# Additional permissions to provide to the ServiceAccount bound to the client
|
|
# This can be used to provide additional permissions for the client to scrape metrics from the k8s API
|
|
# Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true
|
|
additionalRules: []
|
|
|
|
# Resource limits
|
|
resources: {}
|
|
|
|
# Options to select all nodes to deploy client DaemonSet on
|
|
nodeSelector: {}
|
|
tolerations: []
|
|
affinity: {}
|
|
|
|
image:
|
|
repository: rancher/pushprox-client
|
|
tag: v0.1.0-rancher2-client
|
|
command: ["pushprox-client"]
|
|
|
|
copyCertsImage:
|
|
repository: rancher/mirrored-library-busybox
|
|
tag: 1.31.1
|
|
|
|
# The default intention of rancher-pushprox clients is to scrape hostNetwork metrics across all nodes.
|
|
# This can be used to scrape internal Kubernetes components or DaemonSets of hostNetwork Pods in
|
|
# situations where a cloud provider firewall prevents Pod-To-Host communication but not Pod-To-Pod.
|
|
# However, if the underlying hostNetwork Pod that is being scraped is managed by a Deployment,
|
|
# this advanced option enables users to deploy the client as a Deployment instead of a DaemonSet.
|
|
# If a user deploys this feature and the underlying Deployment's number of replicas changes, the user will
|
|
# be responsible for upgrading this chart accordingly to the right number of replicas.
|
|
deployment:
|
|
enabled: false
|
|
replicas: 0
|
|
|
|
proxy:
|
|
enabled: true
|
|
# The port through which PushProx clients will communicate to the proxy
|
|
port: 8080
|
|
|
|
# Resource limits
|
|
resources: {}
|
|
|
|
# Options to select a node to run a single proxy deployment on
|
|
nodeSelector: {}
|
|
tolerations: []
|
|
|
|
image:
|
|
repository: rancher/pushprox-proxy
|
|
tag: v0.1.0-rancher2-proxy
|
|
command: ["pushprox-proxy"] |