diff --git a/terraform/cos-lite/README.md b/terraform/cos-lite/README.md
index 404bc531..9d1e5dd5 100644
--- a/terraform/cos-lite/README.md
+++ b/terraform/cos-lite/README.md
@@ -27,7 +27,6 @@ This is a Terraform module facilitating the deployment of the COS Lite solution,
|------|-------------|------|---------|:--------:|
| [alertmanager](#input\_alertmanager) | Application configuration for Alertmanager. For more details: https://registry.terraform.io/providers/juju/juju/latest/docs/resources/application | object({
app_name = optional(string, "alertmanager")
config = optional(map(string), {})
constraints = optional(string, "arch=amd64")
revision = optional(number, null)
storage_directives = optional(map(string), {})
units = optional(number, 1)
}) | `{}` | no |
| [catalogue](#input\_catalogue) | Application configuration for Catalogue. For more details: https://registry.terraform.io/providers/juju/juju/latest/docs/resources/application | object({
app_name = optional(string, "catalogue")
config = optional(map(string), {})
constraints = optional(string, "arch=amd64")
revision = optional(number, null)
storage_directives = optional(map(string), {})
units = optional(number, 1)
}) | `{}` | no |
-| [channel](#input\_channel) | Channel that the applications are (unless overwritten by individual channels) deployed from | `string` | `"dev/edge"` | no |
| [external\_ca\_cert\_offer\_url](#input\_external\_ca\_cert\_offer\_url) | A Juju offer URL (e.g. admin/external-ca.send-ca-cert) of a CA providing the 'certificate\_transfer' integration for applications to trust ingress via Traefik. | `string` | `null` | no |
| [external\_certificates\_offer\_url](#input\_external\_certificates\_offer\_url) | A Juju offer URL (e.g. admin/external-ca.certificates) of a CA providing the 'tls\_certificates' integration for Traefik to supply it with server certificates. | `string` | `null` | no |
| [grafana](#input\_grafana) | Application configuration for Grafana. For more details: https://registry.terraform.io/providers/juju/juju/latest/docs/resources/application | object({
app_name = optional(string, "grafana")
config = optional(map(string), {})
constraints = optional(string, "arch=amd64")
revision = optional(number, null)
storage_directives = optional(map(string), {})
units = optional(number, 1)
}) | `{}` | no |
@@ -36,6 +35,7 @@ This is a Terraform module facilitating the deployment of the COS Lite solution,
| [loki](#input\_loki) | Application configuration for Loki. For more details: https://registry.terraform.io/providers/juju/juju/latest/docs/resources/application | object({
app_name = optional(string, "loki")
config = optional(map(string), {})
constraints = optional(string, "arch=amd64")
revision = optional(number, null)
storage_directives = optional(map(string), {})
units = optional(number, 1)
}) | `{}` | no |
| [model\_uuid](#input\_model\_uuid) | Reference to an existing model resource or data source for the model to deploy to | `string` | n/a | yes |
| [prometheus](#input\_prometheus) | Application configuration for Prometheus. For more details: https://registry.terraform.io/providers/juju/juju/latest/docs/resources/application | object({
app_name = optional(string, "prometheus")
config = optional(map(string), {})
constraints = optional(string, "arch=amd64")
revision = optional(number, null)
storage_directives = optional(map(string), {})
units = optional(number, 1)
}) | `{}` | no |
+| [risk](#input\_risk) | Risk level that the applications are (unless overwritten by individual channels) deployed from | `string` | `"edge"` | no |
| [ssc](#input\_ssc) | Application configuration for self-signed-certificates. For more details: https://registry.terraform.io/providers/juju/juju/latest/docs/resources/application | object({
app_name = optional(string, "ca")
channel = optional(string, "1/stable")
config = optional(map(string), {})
constraints = optional(string, "arch=amd64")
revision = optional(number, null)
storage_directives = optional(map(string), {})
units = optional(number, 1)
}) | `{}` | no |
| [traefik](#input\_traefik) | Application configuration for Traefik. For more details: https://registry.terraform.io/providers/juju/juju/latest/docs/resources/application | object({
app_name = optional(string, "traefik")
channel = optional(string, "latest/stable")
config = optional(map(string), {})
constraints = optional(string, "arch=amd64")
revision = optional(number, null)
storage_directives = optional(map(string), {})
units = optional(number, 1)
}) | `{}` | no |
diff --git a/terraform/cos-lite/applications.tf b/terraform/cos-lite/applications.tf
index dd1bd5ab..0fd945df 100644
--- a/terraform/cos-lite/applications.tf
+++ b/terraform/cos-lite/applications.tf
@@ -1,7 +1,7 @@
module "alertmanager" {
source = "git::https://github.com/canonical/alertmanager-k8s-operator//terraform"
app_name = var.alertmanager.app_name
- channel = var.channel
+ channel = local.tracks.alertmanager + "/" + var.risk
config = var.alertmanager.config
constraints = var.alertmanager.constraints
model_uuid = var.model_uuid
@@ -13,7 +13,7 @@ module "alertmanager" {
module "catalogue" {
source = "git::https://github.com/canonical/catalogue-k8s-operator//terraform"
app_name = var.catalogue.app_name
- channel = var.channel
+ channel = local.tracks.catalogue + "/" + var.risk
config = var.catalogue.config
constraints = var.catalogue.constraints
model_uuid = var.model_uuid
@@ -25,7 +25,7 @@ module "catalogue" {
module "grafana" {
source = "git::https://github.com/canonical/grafana-k8s-operator//terraform"
app_name = var.grafana.app_name
- channel = var.channel
+ channel = local.tracks.grafana + "/" + var.risk
config = var.grafana.config
constraints = var.grafana.constraints
model_uuid = var.model_uuid
@@ -37,7 +37,7 @@ module "grafana" {
module "loki" {
source = "git::https://github.com/canonical/loki-k8s-operator//terraform"
app_name = var.loki.app_name
- channel = var.channel
+ channel = local.tracks.loki + "/" + var.risk
config = var.loki.config
constraints = var.loki.constraints
model_uuid = var.model_uuid
@@ -49,7 +49,7 @@ module "loki" {
module "prometheus" {
source = "git::https://github.com/canonical/prometheus-k8s-operator//terraform"
app_name = var.prometheus.app_name
- channel = var.channel
+ channel = local.tracks.prometheus + "/" + var.risk
config = var.prometheus.config
constraints = var.prometheus.constraints
model_uuid = var.model_uuid
@@ -62,7 +62,7 @@ module "ssc" {
count = var.internal_tls ? 1 : 0
source = "git::https://github.com/canonical/self-signed-certificates-operator//terraform"
app_name = var.ssc.app_name
- channel = var.ssc.channel
+ channel = local.tracks.ssc + "/" + var.risk
config = var.ssc.config
constraints = var.ssc.constraints
model_uuid = var.model_uuid
@@ -73,7 +73,7 @@ module "ssc" {
module "traefik" {
source = "git::https://github.com/canonical/traefik-k8s-operator//terraform"
app_name = var.traefik.app_name
- channel = var.traefik.channel
+ channel = local.tracks.traefik + "/" + var.risk
config = var.traefik.config
constraints = var.traefik.constraints
model_uuid = var.model_uuid
diff --git a/terraform/cos-lite/variables.tf b/terraform/cos-lite/variables.tf
index 5421f6c6..fe8e4d75 100644
--- a/terraform/cos-lite/variables.tf
+++ b/terraform/cos-lite/variables.tf
@@ -8,12 +8,21 @@
locals {
# https://github.com/juju/terraform-provider-juju/issues/972
tls_termination = var.external_certificates_offer_url != null ? true : false
+ tracks = {
+ alertmanager = "0.31"
+ catalogue = "3.0"
+ grafana = "12.4"
+ loki = "3.7"
+ prometheus = "3.10"
+ ssc = "latest"
+ traefik = "latest"
+ }
}
-variable "channel" {
- description = "Channel that the applications are (unless overwritten by individual channels) deployed from"
+variable "risk" {
+ description = "Risk level that the applications are (unless overwritten by individual channels) deployed from"
type = string
- default = "dev/edge"
+ default = "edge"
}
variable "model_uuid" {
diff --git a/terraform/cos/README.md b/terraform/cos/README.md
index bd294b6a..f608486d 100644
--- a/terraform/cos/README.md
+++ b/terraform/cos/README.md
@@ -33,7 +33,6 @@ This is a Terraform module facilitating the deployment of the COS solution, usin
| [alertmanager](#input\_alertmanager) | Application configuration for Alertmanager. For more details: https://registry.terraform.io/providers/juju/juju/latest/docs/resources/application | object({
app_name = optional(string, "alertmanager")
config = optional(map(string), {})
constraints = optional(string, "arch=amd64")
revision = optional(number, null)
storage_directives = optional(map(string), {})
units = optional(number, 1)
}) | `{}` | no |
| [anti\_affinity](#input\_anti\_affinity) | Enable anti-affinity constraints across all HA modules (Mimir, Loki, Tempo) | `bool` | `true` | no |
| [catalogue](#input\_catalogue) | Application configuration for Catalogue. For more details: https://registry.terraform.io/providers/juju/juju/latest/docs/resources/application | object({
app_name = optional(string, "catalogue")
config = optional(map(string), {})
constraints = optional(string, "arch=amd64")
revision = optional(number, null)
storage_directives = optional(map(string), {})
units = optional(number, 1)
}) | `{}` | no |
-| [channel](#input\_channel) | Channel that the applications are (unless overwritten by individual channels) deployed from | `string` | `"dev/edge"` | no |
| [cloud](#input\_cloud) | Kubernetes cloud or environment where this COS module will be deployed (e.g self-managed, aws) | `string` | `"self-managed"` | no |
| [external\_ca\_cert\_offer\_url](#input\_external\_ca\_cert\_offer\_url) | A Juju offer URL (e.g. admin/external-ca.send-ca-cert) of a CA providing the 'certificate\_transfer' integration for applications to trust ingress via Traefik. | `string` | `null` | no |
| [external\_certificates\_offer\_url](#input\_external\_certificates\_offer\_url) | A Juju offer URL of a CA providing the 'tls\_certificates' integration for Traefik to supply it with server certificates | `string` | `null` | no |
@@ -48,6 +47,7 @@ This is a Terraform module facilitating the deployment of the COS solution, usin
| [mimir\_worker](#input\_mimir\_worker) | Application configuration for all Mimir Workers. For more details: https://registry.terraform.io/providers/juju/juju/latest/docs/resources/application | object({
backend_config = optional(map(string), {})
read_config = optional(map(string), {})
write_config = optional(map(string), {})
constraints = optional(string, "arch=amd64")
revision = optional(number, null)
backend_storage_directives = optional(map(string), {})
read_storage_directives = optional(map(string), {})
write_storage_directives = optional(map(string), {})
backend_units = optional(number, 3)
read_units = optional(number, 3)
write_units = optional(number, 3)
}) | `{}` | no |
| [model\_uuid](#input\_model\_uuid) | Reference to an existing model resource or data source for the model to deploy to | `string` | n/a | yes |
| [opentelemetry\_collector](#input\_opentelemetry\_collector) | Application configuration for OpenTelemetry Collector. For more details: https://registry.terraform.io/providers/juju/juju/latest/docs/resources/application | object({
app_name = optional(string, "otelcol")
config = optional(map(string), {})
constraints = optional(string, "arch=amd64")
revision = optional(number, null)
storage_directives = optional(map(string), {})
units = optional(number, 1)
}) | `{}` | no |
+| [risk](#input\_risk) | Risk level that the applications are (unless overwritten by individual channels) deployed from | `string` | `"edge"` | no |
| [s3\_access\_key](#input\_s3\_access\_key) | S3 access-key credential | `string` | n/a | yes |
| [s3\_endpoint](#input\_s3\_endpoint) | S3 endpoint | `string` | n/a | yes |
| [s3\_integrator](#input\_s3\_integrator) | Application configuration for all S3-integrators in coordinated workers. For more details: https://registry.terraform.io/providers/juju/juju/latest/docs/resources/application | object({
channel = optional(string, "2/edge")
config = optional(map(string), {})
constraints = optional(string, "arch=amd64")
revision = optional(number, null)
storage_directives = optional(map(string), {})
units = optional(number, 1)
}) | `{}` | no |
diff --git a/terraform/cos/applications.tf b/terraform/cos/applications.tf
index 8420484e..11ac4165 100644
--- a/terraform/cos/applications.tf
+++ b/terraform/cos/applications.tf
@@ -1,7 +1,7 @@
module "alertmanager" {
source = "git::https://github.com/canonical/alertmanager-k8s-operator//terraform"
app_name = var.alertmanager.app_name
- channel = var.channel
+ channel = local.tracks.alertmanager + "/" + var.risk
config = var.alertmanager.config
constraints = var.alertmanager.constraints
model_uuid = var.model_uuid
@@ -13,7 +13,7 @@ module "alertmanager" {
module "catalogue" {
source = "git::https://github.com/canonical/catalogue-k8s-operator//terraform"
app_name = var.catalogue.app_name
- channel = var.channel
+ channel = local.tracks.catalogue + "/" + var.risk
config = var.catalogue.config
constraints = var.catalogue.constraints
model_uuid = var.model_uuid
@@ -25,7 +25,7 @@ module "catalogue" {
module "grafana" {
source = "git::https://github.com/canonical/grafana-k8s-operator//terraform"
app_name = var.grafana.app_name
- channel = var.channel
+ channel = local.tracks.grafana + "/" + var.risk
config = var.grafana.config
constraints = var.grafana.constraints
model_uuid = var.model_uuid
@@ -37,7 +37,7 @@ module "grafana" {
module "loki" {
source = "git::https://github.com/canonical/loki-operators//terraform"
anti_affinity = var.anti_affinity
- channel = var.channel
+ channel = local.tracks.loki + "/" + var.risk
model_uuid = var.model_uuid
s3_endpoint = var.s3_endpoint
s3_secret_key = var.s3_secret_key
@@ -68,29 +68,21 @@ module "loki" {
}
module "mimir" {
- source = "git::https://github.com/canonical/mimir-operators//terraform"
- anti_affinity = var.anti_affinity
- channel = var.channel
- model_uuid = var.model_uuid
- s3_endpoint = var.s3_endpoint
- s3_secret_key = var.s3_secret_key
- s3_access_key = var.s3_access_key
- s3_bucket = var.mimir_bucket
- s3_integrator_channel = var.s3_integrator.channel
- s3_integrator_config = var.s3_integrator.config
- s3_integrator_constraints = var.s3_integrator.constraints
- s3_integrator_revision = var.s3_integrator.revision
- s3_integrator_storage_directives = var.s3_integrator.storage_directives
- s3_integrator_units = var.s3_integrator.units
- coordinator_config = merge(
- var.mimir_coordinator.config,
- # enable exemplar storage (required for metrics-to-traces).
- # This config option is not supported in track `1`, so we'll set it only
- # for newer tracks to maintain backward compatibility.
- can(regex("^1/", var.channel)) ? {} : {
- "max_global_exemplars_per_user" = "100000"
- }
- )
+ source = "git::https://github.com/canonical/mimir-operators//terraform"
+ anti_affinity = var.anti_affinity
+ channel = local.tracks.mimir + "/" + var.risk
+ model_uuid = var.model_uuid
+ s3_endpoint = var.s3_endpoint
+ s3_secret_key = var.s3_secret_key
+ s3_access_key = var.s3_access_key
+ s3_bucket = var.mimir_bucket
+ s3_integrator_channel = var.s3_integrator.channel
+ s3_integrator_config = var.s3_integrator.config
+ s3_integrator_constraints = var.s3_integrator.constraints
+ s3_integrator_revision = var.s3_integrator.revision
+ s3_integrator_storage_directives = var.s3_integrator.storage_directives
+ s3_integrator_units = var.s3_integrator.units
+ coordinator_config = { "max_global_exemplars_per_user" = "100000" }
coordinator_constraints = var.mimir_coordinator.constraints
coordinator_revision = var.mimir_coordinator.revision
coordinator_storage_directives = var.mimir_coordinator.storage_directives
@@ -111,7 +103,7 @@ module "mimir" {
module "opentelemetry_collector" {
source = "git::https://github.com/canonical/opentelemetry-collector-k8s-operator//terraform"
app_name = var.opentelemetry_collector.app_name
- channel = var.channel
+ channel = local.tracks.otelcol + "/" + var.risk
config = var.opentelemetry_collector.config
constraints = var.opentelemetry_collector.constraints
model_uuid = var.model_uuid
@@ -124,7 +116,7 @@ module "ssc" {
count = var.internal_tls ? 1 : 0
source = "git::https://github.com/canonical/self-signed-certificates-operator//terraform"
app_name = var.ssc.app_name
- channel = var.ssc.channel
+ channel = local.tracks.ssc + "/" + var.risk
config = var.ssc.config
constraints = var.ssc.constraints
model_uuid = var.model_uuid
@@ -135,7 +127,7 @@ module "ssc" {
module "tempo" {
source = "git::https://github.com/canonical/tempo-operators//terraform"
anti_affinity = var.anti_affinity
- channel = var.channel
+ channel = local.tracks.tempo + "/" + var.risk
model_uuid = var.model_uuid
s3_endpoint = var.s3_endpoint
s3_access_key = var.s3_access_key
@@ -177,7 +169,7 @@ module "tempo" {
module "traefik" {
source = "git::https://github.com/canonical/traefik-k8s-operator//terraform"
app_name = var.traefik.app_name
- channel = var.traefik.channel
+ channel = local.tracks.traefik + "/" + var.risk
config = var.cloud == "aws" ? { "loadbalancer_annotations" = "service.beta.kubernetes.io/aws-load-balancer-scheme=internet-facing" } : var.traefik.config
constraints = var.traefik.constraints
model_uuid = var.model_uuid
diff --git a/terraform/cos/variables.tf b/terraform/cos/variables.tf
index 2c45184d..62a2d47d 100644
--- a/terraform/cos/variables.tf
+++ b/terraform/cos/variables.tf
@@ -8,12 +8,23 @@
locals {
clouds = ["aws", "self-managed"] # list of k8s clouds where this COS module can be deployed.
tls_termination = var.external_certificates_offer_url != null ? true : false
+ tracks = {
+ alertmanager = "0.31"
+ catalogue = "3.0"
+ grafana = "12.4"
+ loki = "3.7"
+ mimir = "3.0"
+ otelcol = "0.130"
+ ssc = "latest"
+ tempo = "2.10"
+ traefik = "latest"
+ }
}
-variable "channel" {
- description = "Channel that the applications are (unless overwritten by individual channels) deployed from"
+variable "risk" {
+ description = "Risk level that the applications are (unless overwritten by individual channels) deployed from"
type = string
- default = "dev/edge"
+ default = "edge"
}
variable "model_uuid" {