From f227764167f4a2062a6c8fc360212e45d1f17458 Mon Sep 17 00:00:00 2001 From: Pouya Date: Fri, 30 Aug 2024 10:35:26 +0200 Subject: [PATCH] Add PodDisruptionBudget to helm chart (#1245) * Add PodDisruptionBudget to helm chart * Add PodDisruptionBudget to helm chart * Update operations/helm/charts/alloy/README.md Co-authored-by: William Dumont * revert changelog first * revert changelog first * revert changelog first * revert changelog first * Add tests for pdb in helm chart * update docs and files * Updated tests(new-line-at-end-of-file) * Update version in chart.yaml --------- Co-authored-by: William Dumont --- operations/helm/charts/alloy/CHANGELOG.md | 9 +- operations/helm/charts/alloy/Chart.yaml | 2 +- operations/helm/charts/alloy/README.md | 6 +- ...deployment-pdb-max-unavailable-values.yaml | 5 + ...r-deployment-pdb-min-available-values.yaml | 5 + ...tatefulset-pdb-max-unavailable-values.yaml | 5 + ...-statefulset-pdb-min-available-values.yaml | 5 + .../helm/charts/alloy/templates/_helpers.tpl | 11 ++ .../helm/charts/alloy/templates/pdb.yaml | 31 +++++ operations/helm/charts/alloy/values.yaml | 11 ++ .../alloy/templates/configmap.yaml | 43 +++++++ .../templates/controllers/deployment.yaml | 76 +++++++++++ .../alloy/templates/pdb.yaml | 19 +++ .../alloy/templates/rbac.yaml | 119 ++++++++++++++++++ .../alloy/templates/service.yaml | 24 ++++ .../alloy/templates/serviceaccount.yaml | 14 +++ .../alloy/templates/configmap.yaml | 43 +++++++ .../templates/controllers/deployment.yaml | 76 +++++++++++ .../alloy/templates/pdb.yaml | 19 +++ .../alloy/templates/rbac.yaml | 119 ++++++++++++++++++ .../alloy/templates/service.yaml | 24 ++++ .../alloy/templates/serviceaccount.yaml | 14 +++ .../alloy/templates/configmap.yaml | 43 +++++++ .../templates/controllers/statefulset.yaml | 78 ++++++++++++ .../alloy/templates/pdb.yaml | 19 +++ .../alloy/templates/rbac.yaml | 119 ++++++++++++++++++ .../alloy/templates/service.yaml | 24 ++++ .../alloy/templates/serviceaccount.yaml | 14 +++ .../alloy/templates/configmap.yaml | 43 +++++++ .../templates/controllers/statefulset.yaml | 78 ++++++++++++ .../alloy/templates/pdb.yaml | 19 +++ .../alloy/templates/rbac.yaml | 119 ++++++++++++++++++ .../alloy/templates/service.yaml | 24 ++++ .../alloy/templates/serviceaccount.yaml | 14 +++ 34 files changed, 1271 insertions(+), 3 deletions(-) create mode 100644 operations/helm/charts/alloy/ci/controller-deployment-pdb-max-unavailable-values.yaml create mode 100644 operations/helm/charts/alloy/ci/controller-deployment-pdb-min-available-values.yaml create mode 100644 operations/helm/charts/alloy/ci/controller-statefulset-pdb-max-unavailable-values.yaml create mode 100644 operations/helm/charts/alloy/ci/controller-statefulset-pdb-min-available-values.yaml create mode 100644 operations/helm/charts/alloy/templates/pdb.yaml create mode 100644 operations/helm/tests/controller-deployment-pdb-max-unavailable/alloy/templates/configmap.yaml create mode 100644 operations/helm/tests/controller-deployment-pdb-max-unavailable/alloy/templates/controllers/deployment.yaml create mode 100644 operations/helm/tests/controller-deployment-pdb-max-unavailable/alloy/templates/pdb.yaml create mode 100644 operations/helm/tests/controller-deployment-pdb-max-unavailable/alloy/templates/rbac.yaml create mode 100644 operations/helm/tests/controller-deployment-pdb-max-unavailable/alloy/templates/service.yaml create mode 100644 operations/helm/tests/controller-deployment-pdb-max-unavailable/alloy/templates/serviceaccount.yaml create mode 100644 operations/helm/tests/controller-deployment-pdb-min-available/alloy/templates/configmap.yaml create mode 100644 operations/helm/tests/controller-deployment-pdb-min-available/alloy/templates/controllers/deployment.yaml create mode 100644 operations/helm/tests/controller-deployment-pdb-min-available/alloy/templates/pdb.yaml create mode 100644 operations/helm/tests/controller-deployment-pdb-min-available/alloy/templates/rbac.yaml create mode 100644 operations/helm/tests/controller-deployment-pdb-min-available/alloy/templates/service.yaml create mode 100644 operations/helm/tests/controller-deployment-pdb-min-available/alloy/templates/serviceaccount.yaml create mode 100644 operations/helm/tests/controller-statefulset-pdb-max-unavailable/alloy/templates/configmap.yaml create mode 100644 operations/helm/tests/controller-statefulset-pdb-max-unavailable/alloy/templates/controllers/statefulset.yaml create mode 100644 operations/helm/tests/controller-statefulset-pdb-max-unavailable/alloy/templates/pdb.yaml create mode 100644 operations/helm/tests/controller-statefulset-pdb-max-unavailable/alloy/templates/rbac.yaml create mode 100644 operations/helm/tests/controller-statefulset-pdb-max-unavailable/alloy/templates/service.yaml create mode 100644 operations/helm/tests/controller-statefulset-pdb-max-unavailable/alloy/templates/serviceaccount.yaml create mode 100644 operations/helm/tests/controller-statefulset-pdb-min-available/alloy/templates/configmap.yaml create mode 100644 operations/helm/tests/controller-statefulset-pdb-min-available/alloy/templates/controllers/statefulset.yaml create mode 100644 operations/helm/tests/controller-statefulset-pdb-min-available/alloy/templates/pdb.yaml create mode 100644 operations/helm/tests/controller-statefulset-pdb-min-available/alloy/templates/rbac.yaml create mode 100644 operations/helm/tests/controller-statefulset-pdb-min-available/alloy/templates/service.yaml create mode 100644 operations/helm/tests/controller-statefulset-pdb-min-available/alloy/templates/serviceaccount.yaml diff --git a/operations/helm/charts/alloy/CHANGELOG.md b/operations/helm/charts/alloy/CHANGELOG.md index f3858c2b86..e0265658e1 100644 --- a/operations/helm/charts/alloy/CHANGELOG.md +++ b/operations/helm/charts/alloy/CHANGELOG.md @@ -10,6 +10,13 @@ internal API changes are not present. Unreleased ---------- +0.7.0 (2024-08-26) +------------------ + +### Enhancements + +- Add PodDisruptionBudget to the Helm chart. (@itspouya) + 0.6.1 (2024-08-23) ---------- @@ -97,4 +104,4 @@ Unreleased - Introduce a Grafana Alloy Helm chart. The Grafana Alloy Helm chart is backwards compatibile with the values.yaml from the `grafana-agent` Helm chart. Review the Helm chart README for a description on how to migrate. - (@rfratto) + (@rfratto) \ No newline at end of file diff --git a/operations/helm/charts/alloy/Chart.yaml b/operations/helm/charts/alloy/Chart.yaml index c7b7c25728..49bc66c429 100644 --- a/operations/helm/charts/alloy/Chart.yaml +++ b/operations/helm/charts/alloy/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: alloy description: 'Grafana Alloy' type: application -version: 0.6.1 +version: 0.7.0 appVersion: 'v1.3.1' icon: https://raw.githubusercontent.com/grafana/alloy/main/docs/sources/assets/alloy_icon_orange.svg diff --git a/operations/helm/charts/alloy/README.md b/operations/helm/charts/alloy/README.md index f97b8679a5..9bf967d7f2 100644 --- a/operations/helm/charts/alloy/README.md +++ b/operations/helm/charts/alloy/README.md @@ -1,6 +1,6 @@ # Grafana Alloy Helm chart -![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![Version: 0.6.1](https://img.shields.io/badge/Version-0.6.1-informational?style=flat-square) ![AppVersion: v1.3.1](https://img.shields.io/badge/AppVersion-v1.3.1-informational?style=flat-square) +![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![Version: 0.7.0](https://img.shields.io/badge/Version-0.7.0-informational?style=flat-square) ![AppVersion: v1.3.1](https://img.shields.io/badge/AppVersion-v1.3.1-informational?style=flat-square) Helm chart for deploying [Grafana Alloy][] to Kubernetes. @@ -86,6 +86,10 @@ useful if just using the default DaemonSet isn't sufficient. | controller.nodeSelector | object | `{}` | nodeSelector to apply to Grafana Alloy pods. | | controller.parallelRollout | bool | `true` | Whether to deploy pods in parallel. Only used when controller.type is 'statefulset'. | | controller.podAnnotations | object | `{}` | Extra pod annotations to add. | +| controller.podDisruptionBudget | object | `{"enabled":false,"maxUnavailable":null,"minAvailable":null}` | PodDisruptionBudget configuration. | +| controller.podDisruptionBudget.enabled | bool | `false` | Whether to create a PodDisruptionBudget for the controller. | +| controller.podDisruptionBudget.maxUnavailable | string | `nil` | Maximum number of pods that can be unavailable during a disruption. Note: Only one of minAvailable or maxUnavailable should be set. | +| controller.podDisruptionBudget.minAvailable | string | `nil` | Minimum number of pods that must be available during a disruption. Note: Only one of minAvailable or maxUnavailable should be set. | | controller.podLabels | object | `{}` | Extra pod labels to add. | | controller.priorityClassName | string | `""` | priorityClassName to apply to Grafana Alloy pods. | | controller.replicas | int | `1` | Number of pods to deploy. Ignored when controller.type is 'daemonset'. | diff --git a/operations/helm/charts/alloy/ci/controller-deployment-pdb-max-unavailable-values.yaml b/operations/helm/charts/alloy/ci/controller-deployment-pdb-max-unavailable-values.yaml new file mode 100644 index 0000000000..1bddddc385 --- /dev/null +++ b/operations/helm/charts/alloy/ci/controller-deployment-pdb-max-unavailable-values.yaml @@ -0,0 +1,5 @@ +controller: + type: deployment + podDisruptionBudget: + enabled: true + maxUnavailable: 1 diff --git a/operations/helm/charts/alloy/ci/controller-deployment-pdb-min-available-values.yaml b/operations/helm/charts/alloy/ci/controller-deployment-pdb-min-available-values.yaml new file mode 100644 index 0000000000..f9879cc660 --- /dev/null +++ b/operations/helm/charts/alloy/ci/controller-deployment-pdb-min-available-values.yaml @@ -0,0 +1,5 @@ +controller: + type: deployment + podDisruptionBudget: + enabled: true + minAvailable: 1 diff --git a/operations/helm/charts/alloy/ci/controller-statefulset-pdb-max-unavailable-values.yaml b/operations/helm/charts/alloy/ci/controller-statefulset-pdb-max-unavailable-values.yaml new file mode 100644 index 0000000000..0aaf358f45 --- /dev/null +++ b/operations/helm/charts/alloy/ci/controller-statefulset-pdb-max-unavailable-values.yaml @@ -0,0 +1,5 @@ +controller: + type: statefulset + podDisruptionBudget: + enabled: true + maxUnavailable: 1 diff --git a/operations/helm/charts/alloy/ci/controller-statefulset-pdb-min-available-values.yaml b/operations/helm/charts/alloy/ci/controller-statefulset-pdb-min-available-values.yaml new file mode 100644 index 0000000000..b8dbcbfecc --- /dev/null +++ b/operations/helm/charts/alloy/ci/controller-statefulset-pdb-min-available-values.yaml @@ -0,0 +1,5 @@ +controller: + type: statefulset + podDisruptionBudget: + enabled: true + minAvailable: 1 diff --git a/operations/helm/charts/alloy/templates/_helpers.tpl b/operations/helm/charts/alloy/templates/_helpers.tpl index 798aeb0da3..68a6f32678 100644 --- a/operations/helm/charts/alloy/templates/_helpers.tpl +++ b/operations/helm/charts/alloy/templates/_helpers.tpl @@ -149,3 +149,14 @@ Return if ingress supports pathType. {{- define "alloy.ingress.supportsPathType" -}} {{- or (eq (include "alloy.ingress.isStable" .) "true") (and (eq (include "alloy.ingress.apiVersion" .) "networking.k8s.io/v1beta1") (semverCompare ">= 1.18-0" .Capabilities.KubeVersion.Version)) }} {{- end }} + +{{/* +Return the appropriate apiVersion for PodDisruptionBudget. +*/}} +{{- define "alloy.controller.pdb.apiVersion" -}} + {{- if and (.Capabilities.APIVersions.Has "policy/v1") (semverCompare ">=1.21-0" .Capabilities.KubeVersion.Version) -}} + {{- print "policy/v1" -}} + {{- else -}} + {{- print "policy/v1beta1" -}} + {{- end -}} +{{- end -}} diff --git a/operations/helm/charts/alloy/templates/pdb.yaml b/operations/helm/charts/alloy/templates/pdb.yaml new file mode 100644 index 0000000000..4462456bf8 --- /dev/null +++ b/operations/helm/charts/alloy/templates/pdb.yaml @@ -0,0 +1,31 @@ +{{- if .Values.controller.podDisruptionBudget.enabled }} +{{- if eq .Values.controller.type "daemonset" }} +{{- fail "PDBs (Pod Disruption Budgets) are not intended for DaemonSets. Please use a different controller type." }} +{{- end }} + +{{- if and .Values.controller.podDisruptionBudget.minAvailable .Values.controller.podDisruptionBudget.maxUnavailable }} +{{- fail "Only one of minAvailable or maxUnavailable should be defined for PodDisruptionBudget" }} +{{- end }} + +{{- if not (or .Values.controller.podDisruptionBudget.minAvailable .Values.controller.podDisruptionBudget.maxUnavailable) }} +{{- fail "Either minAvailable or maxUnavailable must be defined for PodDisruptionBudget" }} +{{- end }} + +apiVersion: {{ include "alloy.controller.pdb.apiVersion" . }} +kind: PodDisruptionBudget +metadata: + name: {{ include "alloy.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "alloy.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + {{- include "alloy.selectorLabels" . | nindent 6 }} + {{- if .Values.controller.podDisruptionBudget.minAvailable }} + minAvailable: {{ .Values.controller.podDisruptionBudget.minAvailable }} + {{- end }} + {{- if .Values.controller.podDisruptionBudget.maxUnavailable }} + maxUnavailable: {{ .Values.controller.podDisruptionBudget.maxUnavailable }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/operations/helm/charts/alloy/values.yaml b/operations/helm/charts/alloy/values.yaml index 275fce52b4..f55a7893e5 100644 --- a/operations/helm/charts/alloy/values.yaml +++ b/operations/helm/charts/alloy/values.yaml @@ -204,6 +204,17 @@ controller: # -- Extra pod labels to add. podLabels: {} + # -- PodDisruptionBudget configuration. + podDisruptionBudget: + # -- Whether to create a PodDisruptionBudget for the controller. + enabled: false + # -- Minimum number of pods that must be available during a disruption. + # Note: Only one of minAvailable or maxUnavailable should be set. + minAvailable: null + # -- Maximum number of pods that can be unavailable during a disruption. + # Note: Only one of minAvailable or maxUnavailable should be set. + maxUnavailable: null + # -- Whether to enable automatic deletion of stale PVCs due to a scale down operation, when controller.type is 'statefulset'. enableStatefulSetAutoDeletePVC: false diff --git a/operations/helm/tests/controller-deployment-pdb-max-unavailable/alloy/templates/configmap.yaml b/operations/helm/tests/controller-deployment-pdb-max-unavailable/alloy/templates/configmap.yaml new file mode 100644 index 0000000000..381ccbff2f --- /dev/null +++ b/operations/helm/tests/controller-deployment-pdb-max-unavailable/alloy/templates/configmap.yaml @@ -0,0 +1,43 @@ +--- +# Source: alloy/templates/configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: config +data: + config.alloy: |- + logging { + level = "info" + format = "logfmt" + } + + discovery.kubernetes "pods" { + role = "pod" + } + + discovery.kubernetes "nodes" { + role = "node" + } + + discovery.kubernetes "services" { + role = "service" + } + + discovery.kubernetes "endpoints" { + role = "endpoints" + } + + discovery.kubernetes "endpointslices" { + role = "endpointslice" + } + + discovery.kubernetes "ingresses" { + role = "ingress" + } diff --git a/operations/helm/tests/controller-deployment-pdb-max-unavailable/alloy/templates/controllers/deployment.yaml b/operations/helm/tests/controller-deployment-pdb-max-unavailable/alloy/templates/controllers/deployment.yaml new file mode 100644 index 0000000000..a7fa50508b --- /dev/null +++ b/operations/helm/tests/controller-deployment-pdb-max-unavailable/alloy/templates/controllers/deployment.yaml @@ -0,0 +1,76 @@ +--- +# Source: alloy/templates/controllers/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm +spec: + replicas: 1 + minReadySeconds: 10 + selector: + matchLabels: + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: alloy + labels: + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + spec: + serviceAccountName: alloy + containers: + - name: alloy + image: docker.io/grafana/alloy:v1.3.1 + imagePullPolicy: IfNotPresent + args: + - run + - /etc/alloy/config.alloy + - --storage.path=/tmp/alloy + - --server.http.listen-addr=0.0.0.0:12345 + - --server.http.ui-path-prefix=/ + - --stability.level=generally-available + env: + - name: ALLOY_DEPLOY_MODE + value: "helm" + - name: HOSTNAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + ports: + - containerPort: 12345 + name: http-metrics + readinessProbe: + httpGet: + path: /-/ready + port: 12345 + scheme: HTTP + initialDelaySeconds: 10 + timeoutSeconds: 1 + volumeMounts: + - name: config + mountPath: /etc/alloy + - name: config-reloader + image: ghcr.io/jimmidyson/configmap-reload:v0.12.0 + args: + - --volume-dir=/etc/alloy + - --webhook-url=http://localhost:12345/-/reload + volumeMounts: + - name: config + mountPath: /etc/alloy + resources: + requests: + cpu: 1m + memory: 5Mi + dnsPolicy: ClusterFirst + volumes: + - name: config + configMap: + name: alloy diff --git a/operations/helm/tests/controller-deployment-pdb-max-unavailable/alloy/templates/pdb.yaml b/operations/helm/tests/controller-deployment-pdb-max-unavailable/alloy/templates/pdb.yaml new file mode 100644 index 0000000000..bb98df7c78 --- /dev/null +++ b/operations/helm/tests/controller-deployment-pdb-max-unavailable/alloy/templates/pdb.yaml @@ -0,0 +1,19 @@ +--- +# Source: alloy/templates/pdb.yaml +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: alloy + namespace: default + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm +spec: + selector: + matchLabels: + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + maxUnavailable: 1 diff --git a/operations/helm/tests/controller-deployment-pdb-max-unavailable/alloy/templates/rbac.yaml b/operations/helm/tests/controller-deployment-pdb-max-unavailable/alloy/templates/rbac.yaml new file mode 100644 index 0000000000..58fe9c6a84 --- /dev/null +++ b/operations/helm/tests/controller-deployment-pdb-max-unavailable/alloy/templates/rbac.yaml @@ -0,0 +1,119 @@ +--- +# Source: alloy/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: rbac +rules: + # Rules which allow discovery.kubernetes to function. + - apiGroups: + - "" + - "discovery.k8s.io" + - "networking.k8s.io" + resources: + - endpoints + - endpointslices + - ingresses + - nodes + - nodes/proxy + - nodes/metrics + - pods + - services + verbs: + - get + - list + - watch + # Rules which allow loki.source.kubernetes and loki.source.podlogs to work. + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - "monitoring.grafana.com" + resources: + - podlogs + verbs: + - get + - list + - watch + # Rules which allow mimir.rules.kubernetes to work. + - apiGroups: ["monitoring.coreos.com"] + resources: + - prometheusrules + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get + # Rules for prometheus.kubernetes.* + - apiGroups: ["monitoring.coreos.com"] + resources: + - podmonitors + - servicemonitors + - probes + verbs: + - get + - list + - watch + # Rules which allow eventhandler to work. + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + # needed for remote.kubernetes.* + - apiGroups: [""] + resources: + - "configmaps" + - "secrets" + verbs: + - get + - list + - watch + # needed for otelcol.processor.k8sattributes + - apiGroups: ["apps"] + resources: ["replicasets"] + verbs: ["get", "list", "watch"] + - apiGroups: ["extensions"] + resources: ["replicasets"] + verbs: ["get", "list", "watch"] +--- +# Source: alloy/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: rbac +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: alloy +subjects: + - kind: ServiceAccount + name: alloy + namespace: default diff --git a/operations/helm/tests/controller-deployment-pdb-max-unavailable/alloy/templates/service.yaml b/operations/helm/tests/controller-deployment-pdb-max-unavailable/alloy/templates/service.yaml new file mode 100644 index 0000000000..0e9857aef6 --- /dev/null +++ b/operations/helm/tests/controller-deployment-pdb-max-unavailable/alloy/templates/service.yaml @@ -0,0 +1,24 @@ +--- +# Source: alloy/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: networking +spec: + type: ClusterIP + selector: + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + internalTrafficPolicy: Cluster + ports: + - name: http-metrics + port: 12345 + targetPort: 12345 + protocol: "TCP" diff --git a/operations/helm/tests/controller-deployment-pdb-max-unavailable/alloy/templates/serviceaccount.yaml b/operations/helm/tests/controller-deployment-pdb-max-unavailable/alloy/templates/serviceaccount.yaml new file mode 100644 index 0000000000..16959476b1 --- /dev/null +++ b/operations/helm/tests/controller-deployment-pdb-max-unavailable/alloy/templates/serviceaccount.yaml @@ -0,0 +1,14 @@ +--- +# Source: alloy/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: alloy + namespace: default + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: rbac diff --git a/operations/helm/tests/controller-deployment-pdb-min-available/alloy/templates/configmap.yaml b/operations/helm/tests/controller-deployment-pdb-min-available/alloy/templates/configmap.yaml new file mode 100644 index 0000000000..381ccbff2f --- /dev/null +++ b/operations/helm/tests/controller-deployment-pdb-min-available/alloy/templates/configmap.yaml @@ -0,0 +1,43 @@ +--- +# Source: alloy/templates/configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: config +data: + config.alloy: |- + logging { + level = "info" + format = "logfmt" + } + + discovery.kubernetes "pods" { + role = "pod" + } + + discovery.kubernetes "nodes" { + role = "node" + } + + discovery.kubernetes "services" { + role = "service" + } + + discovery.kubernetes "endpoints" { + role = "endpoints" + } + + discovery.kubernetes "endpointslices" { + role = "endpointslice" + } + + discovery.kubernetes "ingresses" { + role = "ingress" + } diff --git a/operations/helm/tests/controller-deployment-pdb-min-available/alloy/templates/controllers/deployment.yaml b/operations/helm/tests/controller-deployment-pdb-min-available/alloy/templates/controllers/deployment.yaml new file mode 100644 index 0000000000..a7fa50508b --- /dev/null +++ b/operations/helm/tests/controller-deployment-pdb-min-available/alloy/templates/controllers/deployment.yaml @@ -0,0 +1,76 @@ +--- +# Source: alloy/templates/controllers/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm +spec: + replicas: 1 + minReadySeconds: 10 + selector: + matchLabels: + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: alloy + labels: + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + spec: + serviceAccountName: alloy + containers: + - name: alloy + image: docker.io/grafana/alloy:v1.3.1 + imagePullPolicy: IfNotPresent + args: + - run + - /etc/alloy/config.alloy + - --storage.path=/tmp/alloy + - --server.http.listen-addr=0.0.0.0:12345 + - --server.http.ui-path-prefix=/ + - --stability.level=generally-available + env: + - name: ALLOY_DEPLOY_MODE + value: "helm" + - name: HOSTNAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + ports: + - containerPort: 12345 + name: http-metrics + readinessProbe: + httpGet: + path: /-/ready + port: 12345 + scheme: HTTP + initialDelaySeconds: 10 + timeoutSeconds: 1 + volumeMounts: + - name: config + mountPath: /etc/alloy + - name: config-reloader + image: ghcr.io/jimmidyson/configmap-reload:v0.12.0 + args: + - --volume-dir=/etc/alloy + - --webhook-url=http://localhost:12345/-/reload + volumeMounts: + - name: config + mountPath: /etc/alloy + resources: + requests: + cpu: 1m + memory: 5Mi + dnsPolicy: ClusterFirst + volumes: + - name: config + configMap: + name: alloy diff --git a/operations/helm/tests/controller-deployment-pdb-min-available/alloy/templates/pdb.yaml b/operations/helm/tests/controller-deployment-pdb-min-available/alloy/templates/pdb.yaml new file mode 100644 index 0000000000..d9aa2cf79a --- /dev/null +++ b/operations/helm/tests/controller-deployment-pdb-min-available/alloy/templates/pdb.yaml @@ -0,0 +1,19 @@ +--- +# Source: alloy/templates/pdb.yaml +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: alloy + namespace: default + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm +spec: + selector: + matchLabels: + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + minAvailable: 1 diff --git a/operations/helm/tests/controller-deployment-pdb-min-available/alloy/templates/rbac.yaml b/operations/helm/tests/controller-deployment-pdb-min-available/alloy/templates/rbac.yaml new file mode 100644 index 0000000000..58fe9c6a84 --- /dev/null +++ b/operations/helm/tests/controller-deployment-pdb-min-available/alloy/templates/rbac.yaml @@ -0,0 +1,119 @@ +--- +# Source: alloy/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: rbac +rules: + # Rules which allow discovery.kubernetes to function. + - apiGroups: + - "" + - "discovery.k8s.io" + - "networking.k8s.io" + resources: + - endpoints + - endpointslices + - ingresses + - nodes + - nodes/proxy + - nodes/metrics + - pods + - services + verbs: + - get + - list + - watch + # Rules which allow loki.source.kubernetes and loki.source.podlogs to work. + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - "monitoring.grafana.com" + resources: + - podlogs + verbs: + - get + - list + - watch + # Rules which allow mimir.rules.kubernetes to work. + - apiGroups: ["monitoring.coreos.com"] + resources: + - prometheusrules + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get + # Rules for prometheus.kubernetes.* + - apiGroups: ["monitoring.coreos.com"] + resources: + - podmonitors + - servicemonitors + - probes + verbs: + - get + - list + - watch + # Rules which allow eventhandler to work. + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + # needed for remote.kubernetes.* + - apiGroups: [""] + resources: + - "configmaps" + - "secrets" + verbs: + - get + - list + - watch + # needed for otelcol.processor.k8sattributes + - apiGroups: ["apps"] + resources: ["replicasets"] + verbs: ["get", "list", "watch"] + - apiGroups: ["extensions"] + resources: ["replicasets"] + verbs: ["get", "list", "watch"] +--- +# Source: alloy/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: rbac +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: alloy +subjects: + - kind: ServiceAccount + name: alloy + namespace: default diff --git a/operations/helm/tests/controller-deployment-pdb-min-available/alloy/templates/service.yaml b/operations/helm/tests/controller-deployment-pdb-min-available/alloy/templates/service.yaml new file mode 100644 index 0000000000..0e9857aef6 --- /dev/null +++ b/operations/helm/tests/controller-deployment-pdb-min-available/alloy/templates/service.yaml @@ -0,0 +1,24 @@ +--- +# Source: alloy/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: networking +spec: + type: ClusterIP + selector: + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + internalTrafficPolicy: Cluster + ports: + - name: http-metrics + port: 12345 + targetPort: 12345 + protocol: "TCP" diff --git a/operations/helm/tests/controller-deployment-pdb-min-available/alloy/templates/serviceaccount.yaml b/operations/helm/tests/controller-deployment-pdb-min-available/alloy/templates/serviceaccount.yaml new file mode 100644 index 0000000000..16959476b1 --- /dev/null +++ b/operations/helm/tests/controller-deployment-pdb-min-available/alloy/templates/serviceaccount.yaml @@ -0,0 +1,14 @@ +--- +# Source: alloy/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: alloy + namespace: default + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: rbac diff --git a/operations/helm/tests/controller-statefulset-pdb-max-unavailable/alloy/templates/configmap.yaml b/operations/helm/tests/controller-statefulset-pdb-max-unavailable/alloy/templates/configmap.yaml new file mode 100644 index 0000000000..381ccbff2f --- /dev/null +++ b/operations/helm/tests/controller-statefulset-pdb-max-unavailable/alloy/templates/configmap.yaml @@ -0,0 +1,43 @@ +--- +# Source: alloy/templates/configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: config +data: + config.alloy: |- + logging { + level = "info" + format = "logfmt" + } + + discovery.kubernetes "pods" { + role = "pod" + } + + discovery.kubernetes "nodes" { + role = "node" + } + + discovery.kubernetes "services" { + role = "service" + } + + discovery.kubernetes "endpoints" { + role = "endpoints" + } + + discovery.kubernetes "endpointslices" { + role = "endpointslice" + } + + discovery.kubernetes "ingresses" { + role = "ingress" + } diff --git a/operations/helm/tests/controller-statefulset-pdb-max-unavailable/alloy/templates/controllers/statefulset.yaml b/operations/helm/tests/controller-statefulset-pdb-max-unavailable/alloy/templates/controllers/statefulset.yaml new file mode 100644 index 0000000000..e700eb038a --- /dev/null +++ b/operations/helm/tests/controller-statefulset-pdb-max-unavailable/alloy/templates/controllers/statefulset.yaml @@ -0,0 +1,78 @@ +--- +# Source: alloy/templates/controllers/statefulset.yaml +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm +spec: + replicas: 1 + podManagementPolicy: Parallel + minReadySeconds: 10 + serviceName: alloy + selector: + matchLabels: + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: alloy + labels: + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + spec: + serviceAccountName: alloy + containers: + - name: alloy + image: docker.io/grafana/alloy:v1.3.1 + imagePullPolicy: IfNotPresent + args: + - run + - /etc/alloy/config.alloy + - --storage.path=/tmp/alloy + - --server.http.listen-addr=0.0.0.0:12345 + - --server.http.ui-path-prefix=/ + - --stability.level=generally-available + env: + - name: ALLOY_DEPLOY_MODE + value: "helm" + - name: HOSTNAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + ports: + - containerPort: 12345 + name: http-metrics + readinessProbe: + httpGet: + path: /-/ready + port: 12345 + scheme: HTTP + initialDelaySeconds: 10 + timeoutSeconds: 1 + volumeMounts: + - name: config + mountPath: /etc/alloy + - name: config-reloader + image: ghcr.io/jimmidyson/configmap-reload:v0.12.0 + args: + - --volume-dir=/etc/alloy + - --webhook-url=http://localhost:12345/-/reload + volumeMounts: + - name: config + mountPath: /etc/alloy + resources: + requests: + cpu: 1m + memory: 5Mi + dnsPolicy: ClusterFirst + volumes: + - name: config + configMap: + name: alloy diff --git a/operations/helm/tests/controller-statefulset-pdb-max-unavailable/alloy/templates/pdb.yaml b/operations/helm/tests/controller-statefulset-pdb-max-unavailable/alloy/templates/pdb.yaml new file mode 100644 index 0000000000..bb98df7c78 --- /dev/null +++ b/operations/helm/tests/controller-statefulset-pdb-max-unavailable/alloy/templates/pdb.yaml @@ -0,0 +1,19 @@ +--- +# Source: alloy/templates/pdb.yaml +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: alloy + namespace: default + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm +spec: + selector: + matchLabels: + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + maxUnavailable: 1 diff --git a/operations/helm/tests/controller-statefulset-pdb-max-unavailable/alloy/templates/rbac.yaml b/operations/helm/tests/controller-statefulset-pdb-max-unavailable/alloy/templates/rbac.yaml new file mode 100644 index 0000000000..58fe9c6a84 --- /dev/null +++ b/operations/helm/tests/controller-statefulset-pdb-max-unavailable/alloy/templates/rbac.yaml @@ -0,0 +1,119 @@ +--- +# Source: alloy/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: rbac +rules: + # Rules which allow discovery.kubernetes to function. + - apiGroups: + - "" + - "discovery.k8s.io" + - "networking.k8s.io" + resources: + - endpoints + - endpointslices + - ingresses + - nodes + - nodes/proxy + - nodes/metrics + - pods + - services + verbs: + - get + - list + - watch + # Rules which allow loki.source.kubernetes and loki.source.podlogs to work. + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - "monitoring.grafana.com" + resources: + - podlogs + verbs: + - get + - list + - watch + # Rules which allow mimir.rules.kubernetes to work. + - apiGroups: ["monitoring.coreos.com"] + resources: + - prometheusrules + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get + # Rules for prometheus.kubernetes.* + - apiGroups: ["monitoring.coreos.com"] + resources: + - podmonitors + - servicemonitors + - probes + verbs: + - get + - list + - watch + # Rules which allow eventhandler to work. + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + # needed for remote.kubernetes.* + - apiGroups: [""] + resources: + - "configmaps" + - "secrets" + verbs: + - get + - list + - watch + # needed for otelcol.processor.k8sattributes + - apiGroups: ["apps"] + resources: ["replicasets"] + verbs: ["get", "list", "watch"] + - apiGroups: ["extensions"] + resources: ["replicasets"] + verbs: ["get", "list", "watch"] +--- +# Source: alloy/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: rbac +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: alloy +subjects: + - kind: ServiceAccount + name: alloy + namespace: default diff --git a/operations/helm/tests/controller-statefulset-pdb-max-unavailable/alloy/templates/service.yaml b/operations/helm/tests/controller-statefulset-pdb-max-unavailable/alloy/templates/service.yaml new file mode 100644 index 0000000000..0e9857aef6 --- /dev/null +++ b/operations/helm/tests/controller-statefulset-pdb-max-unavailable/alloy/templates/service.yaml @@ -0,0 +1,24 @@ +--- +# Source: alloy/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: networking +spec: + type: ClusterIP + selector: + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + internalTrafficPolicy: Cluster + ports: + - name: http-metrics + port: 12345 + targetPort: 12345 + protocol: "TCP" diff --git a/operations/helm/tests/controller-statefulset-pdb-max-unavailable/alloy/templates/serviceaccount.yaml b/operations/helm/tests/controller-statefulset-pdb-max-unavailable/alloy/templates/serviceaccount.yaml new file mode 100644 index 0000000000..16959476b1 --- /dev/null +++ b/operations/helm/tests/controller-statefulset-pdb-max-unavailable/alloy/templates/serviceaccount.yaml @@ -0,0 +1,14 @@ +--- +# Source: alloy/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: alloy + namespace: default + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: rbac diff --git a/operations/helm/tests/controller-statefulset-pdb-min-available/alloy/templates/configmap.yaml b/operations/helm/tests/controller-statefulset-pdb-min-available/alloy/templates/configmap.yaml new file mode 100644 index 0000000000..381ccbff2f --- /dev/null +++ b/operations/helm/tests/controller-statefulset-pdb-min-available/alloy/templates/configmap.yaml @@ -0,0 +1,43 @@ +--- +# Source: alloy/templates/configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: config +data: + config.alloy: |- + logging { + level = "info" + format = "logfmt" + } + + discovery.kubernetes "pods" { + role = "pod" + } + + discovery.kubernetes "nodes" { + role = "node" + } + + discovery.kubernetes "services" { + role = "service" + } + + discovery.kubernetes "endpoints" { + role = "endpoints" + } + + discovery.kubernetes "endpointslices" { + role = "endpointslice" + } + + discovery.kubernetes "ingresses" { + role = "ingress" + } diff --git a/operations/helm/tests/controller-statefulset-pdb-min-available/alloy/templates/controllers/statefulset.yaml b/operations/helm/tests/controller-statefulset-pdb-min-available/alloy/templates/controllers/statefulset.yaml new file mode 100644 index 0000000000..e700eb038a --- /dev/null +++ b/operations/helm/tests/controller-statefulset-pdb-min-available/alloy/templates/controllers/statefulset.yaml @@ -0,0 +1,78 @@ +--- +# Source: alloy/templates/controllers/statefulset.yaml +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm +spec: + replicas: 1 + podManagementPolicy: Parallel + minReadySeconds: 10 + serviceName: alloy + selector: + matchLabels: + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: alloy + labels: + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + spec: + serviceAccountName: alloy + containers: + - name: alloy + image: docker.io/grafana/alloy:v1.3.1 + imagePullPolicy: IfNotPresent + args: + - run + - /etc/alloy/config.alloy + - --storage.path=/tmp/alloy + - --server.http.listen-addr=0.0.0.0:12345 + - --server.http.ui-path-prefix=/ + - --stability.level=generally-available + env: + - name: ALLOY_DEPLOY_MODE + value: "helm" + - name: HOSTNAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + ports: + - containerPort: 12345 + name: http-metrics + readinessProbe: + httpGet: + path: /-/ready + port: 12345 + scheme: HTTP + initialDelaySeconds: 10 + timeoutSeconds: 1 + volumeMounts: + - name: config + mountPath: /etc/alloy + - name: config-reloader + image: ghcr.io/jimmidyson/configmap-reload:v0.12.0 + args: + - --volume-dir=/etc/alloy + - --webhook-url=http://localhost:12345/-/reload + volumeMounts: + - name: config + mountPath: /etc/alloy + resources: + requests: + cpu: 1m + memory: 5Mi + dnsPolicy: ClusterFirst + volumes: + - name: config + configMap: + name: alloy diff --git a/operations/helm/tests/controller-statefulset-pdb-min-available/alloy/templates/pdb.yaml b/operations/helm/tests/controller-statefulset-pdb-min-available/alloy/templates/pdb.yaml new file mode 100644 index 0000000000..d9aa2cf79a --- /dev/null +++ b/operations/helm/tests/controller-statefulset-pdb-min-available/alloy/templates/pdb.yaml @@ -0,0 +1,19 @@ +--- +# Source: alloy/templates/pdb.yaml +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: alloy + namespace: default + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm +spec: + selector: + matchLabels: + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + minAvailable: 1 diff --git a/operations/helm/tests/controller-statefulset-pdb-min-available/alloy/templates/rbac.yaml b/operations/helm/tests/controller-statefulset-pdb-min-available/alloy/templates/rbac.yaml new file mode 100644 index 0000000000..58fe9c6a84 --- /dev/null +++ b/operations/helm/tests/controller-statefulset-pdb-min-available/alloy/templates/rbac.yaml @@ -0,0 +1,119 @@ +--- +# Source: alloy/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: rbac +rules: + # Rules which allow discovery.kubernetes to function. + - apiGroups: + - "" + - "discovery.k8s.io" + - "networking.k8s.io" + resources: + - endpoints + - endpointslices + - ingresses + - nodes + - nodes/proxy + - nodes/metrics + - pods + - services + verbs: + - get + - list + - watch + # Rules which allow loki.source.kubernetes and loki.source.podlogs to work. + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - "monitoring.grafana.com" + resources: + - podlogs + verbs: + - get + - list + - watch + # Rules which allow mimir.rules.kubernetes to work. + - apiGroups: ["monitoring.coreos.com"] + resources: + - prometheusrules + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get + # Rules for prometheus.kubernetes.* + - apiGroups: ["monitoring.coreos.com"] + resources: + - podmonitors + - servicemonitors + - probes + verbs: + - get + - list + - watch + # Rules which allow eventhandler to work. + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + # needed for remote.kubernetes.* + - apiGroups: [""] + resources: + - "configmaps" + - "secrets" + verbs: + - get + - list + - watch + # needed for otelcol.processor.k8sattributes + - apiGroups: ["apps"] + resources: ["replicasets"] + verbs: ["get", "list", "watch"] + - apiGroups: ["extensions"] + resources: ["replicasets"] + verbs: ["get", "list", "watch"] +--- +# Source: alloy/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: rbac +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: alloy +subjects: + - kind: ServiceAccount + name: alloy + namespace: default diff --git a/operations/helm/tests/controller-statefulset-pdb-min-available/alloy/templates/service.yaml b/operations/helm/tests/controller-statefulset-pdb-min-available/alloy/templates/service.yaml new file mode 100644 index 0000000000..0e9857aef6 --- /dev/null +++ b/operations/helm/tests/controller-statefulset-pdb-min-available/alloy/templates/service.yaml @@ -0,0 +1,24 @@ +--- +# Source: alloy/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: networking +spec: + type: ClusterIP + selector: + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + internalTrafficPolicy: Cluster + ports: + - name: http-metrics + port: 12345 + targetPort: 12345 + protocol: "TCP" diff --git a/operations/helm/tests/controller-statefulset-pdb-min-available/alloy/templates/serviceaccount.yaml b/operations/helm/tests/controller-statefulset-pdb-min-available/alloy/templates/serviceaccount.yaml new file mode 100644 index 0000000000..16959476b1 --- /dev/null +++ b/operations/helm/tests/controller-statefulset-pdb-min-available/alloy/templates/serviceaccount.yaml @@ -0,0 +1,14 @@ +--- +# Source: alloy/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: alloy + namespace: default + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: rbac