diff --git a/charts/k8s-monitoring/Chart.lock b/charts/k8s-monitoring/Chart.lock index 6334f073e8..db7e9bcd79 100644 --- a/charts/k8s-monitoring/Chart.lock +++ b/charts/k8s-monitoring/Chart.lock @@ -20,6 +20,9 @@ dependencies: - name: feature-node-logs repository: "" version: 1.0.0 +- name: feature-private-datasource-connect + repository: "" + version: 1.0.0 - name: feature-pod-logs repository: "" version: 1.0.0 @@ -35,5 +38,5 @@ dependencies: - name: alloy-operator repository: https://grafana.github.io/helm-charts version: 0.3.9 -digest: sha256:d7ff598436ab7b66ce0bf17bb8d246f67efa44101acccce422e24d126f863cbd -generated: "2025-09-10T11:02:57.550572-05:00" +digest: sha256:4de5a9bbe78660e5c6f25e4ada8bea5fe0647014ba627e4f636be793412380c6 +generated: "2025-09-11T00:34:04.100906-07:00" diff --git a/charts/k8s-monitoring/Chart.yaml b/charts/k8s-monitoring/Chart.yaml index 2b9de26a5c..0da8c76041 100644 --- a/charts/k8s-monitoring/Chart.yaml +++ b/charts/k8s-monitoring/Chart.yaml @@ -48,6 +48,11 @@ dependencies: repository: "" version: 1.0.0 condition: nodeLogs.enabled + - alias: privateDatasourceConnect + name: feature-private-datasource-connect + repository: "" + version: 1.0.0 + condition: privateDatasourceConnect.enabled - alias: podLogs name: feature-pod-logs repository: "" diff --git a/charts/k8s-monitoring/README.md b/charts/k8s-monitoring/README.md index cfecffb979..c9c6572094 100644 --- a/charts/k8s-monitoring/README.md +++ b/charts/k8s-monitoring/README.md @@ -250,6 +250,7 @@ details: | | integrations(feature-integrations) | 1.0.0 | | | nodeLogs(feature-node-logs) | 1.0.0 | | | podLogs(feature-pod-logs) | 1.0.0 | +| | privateDatasourceConnect(feature-private-datasource-connect) | 1.0.0 | | | profilesReceiver(feature-profiles-receiver) | 1.0.0 | | | profiling(feature-profiling) | 1.0.0 | | | prometheusOperatorObjects(feature-prometheus-operator-objects) | 1.0.0 | @@ -404,6 +405,14 @@ details: | podLogs.destinations | list | `[]` | The destinations where logs will be sent. If empty, all logs-capable destinations will be used. | | podLogs.enabled | bool | `false` | Enable gathering Kubernetes Pod logs. | +### Features - Private Datasource Connect + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| privateDatasourceConnect | object | Disabled | Private Datasource Connect (PDC) Agent. Deploys and configures the PDC Agent for Grafana Cloud observability. Requires a destination that supports metrics. To see the valid options, please see the [PDC Agent feature documentation](https://github.com/grafana/k8s-monitoring-helm/tree/main/charts/k8s-monitoring/charts/feature-pdc-agent). | +| privateDatasourceConnect.destinations | list | `[]` | The destinations where PDC Agent metrics will be sent. If empty, all metrics-capable destinations will be used. | +| privateDatasourceConnect.enabled | bool | `false` | Enable the PDC Agent deployment. | + ### Features - Profiles Receiver | Key | Type | Default | Description | diff --git a/charts/k8s-monitoring/charts/feature-private-datasource-connect/Chart.lock b/charts/k8s-monitoring/charts/feature-private-datasource-connect/Chart.lock new file mode 100644 index 0000000000..ee1fae5bb7 --- /dev/null +++ b/charts/k8s-monitoring/charts/feature-private-datasource-connect/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: pdc-agent + repository: https://grafana.github.io/helm-charts + version: 0.0.1 +digest: sha256:3f43086bdec4e95b9c9ad052b6c5b186549cc8a847560479415a2bb00fbf2749 +generated: "2025-09-11T09:40:52.670396-07:00" diff --git a/charts/k8s-monitoring/charts/feature-private-datasource-connect/Chart.yaml b/charts/k8s-monitoring/charts/feature-private-datasource-connect/Chart.yaml new file mode 100644 index 0000000000..1c6c521118 --- /dev/null +++ b/charts/k8s-monitoring/charts/feature-private-datasource-connect/Chart.yaml @@ -0,0 +1,17 @@ +--- +apiVersion: v2 +name: feature-private-datasource-connect +description: Deploys and configures the PDC Agent for Grafana Cloud observability +icon: https://raw.githubusercontent.com/grafana/grafana/main/public/img/grafana_icon.svg +sources: + - https://github.com/grafana/k8s-monitoring-helm/tree/main/charts/k8s-monitoring/charts/feature-private-datasource-connect +version: 1.0.0 +appVersion: 1.0.0 +maintainers: + - email: peter.olivo@grafana.com + name: peterolivo +dependencies: + - name: pdc-agent + version: 0.0.1 + repository: https://grafana.github.io/helm-charts + condition: enabled diff --git a/charts/k8s-monitoring/charts/feature-private-datasource-connect/Makefile b/charts/k8s-monitoring/charts/feature-private-datasource-connect/Makefile new file mode 100644 index 0000000000..a3c8a5aa57 --- /dev/null +++ b/charts/k8s-monitoring/charts/feature-private-datasource-connect/Makefile @@ -0,0 +1,38 @@ +HAS_HELM_UNITTEST := $(shell helm plugin list | grep unittest 2> /dev/null) + +.SECONDEXPANSION: +README.md: values.yaml Chart.yaml $$(wildcard README.md.gotmpl) + docker run --rm --platform linux/amd64 --volume $(shell pwd):/chart ghcr.io/grafana/helm-chart-toolbox-doc-generator --chart /chart > $@ + +Chart.lock: Chart.yaml + helm dependency update . + @touch Chart.lock # Ensure the timestamp is updated + +values.schema.json: values.yaml $$(wildcard schema-mods/*) + docker run --rm --platform linux/amd64 --volume $(shell pwd):/chart ghcr.io/grafana/helm-chart-toolbox-schema-generator --chart /chart > $@ + +.PHONY: clean +clean: + rm -f README.md values.schema.json + +.PHONY: build +build: README.md Chart.lock values.schema.json + +.PHONY: test +test: build + helm repo add grafana https://grafana.github.io/helm-charts + helm lint . + ct lint --lint-conf ../../.lintconf.yaml --helm-dependency-extra-args=--skip-refresh --charts . +ifdef HAS_HELM_UNITTEST + helm unittest . +else + docker run --rm --volume $(shell pwd):/apps helmunittest/helm-unittest:3.18.4-1.0.0 . +endif + +.PHONY: update-test-snapshots +update-test-snapshots: +ifdef HAS_HELM_UNITTEST + helm unittest . --update-snapshot +else + docker run --rm --volume $(shell pwd):/apps helmunittest/helm-unittest:3.18.4-1.0.0 . --update-snapshot +endif diff --git a/charts/k8s-monitoring/charts/feature-private-datasource-connect/README.md b/charts/k8s-monitoring/charts/feature-private-datasource-connect/README.md new file mode 100644 index 0000000000..66b37dd450 --- /dev/null +++ b/charts/k8s-monitoring/charts/feature-private-datasource-connect/README.md @@ -0,0 +1,229 @@ + + +# Feature: Private Datasource Connect + +The Private Datasource Connect (PDC) feature enables the deployment and monitoring of the PDC Agent for Grafana Cloud observability within a Kubernetes cluster. + +The PDC Agent creates secure tunnels to connect external data sources (like databases, APIs, or services running outside your Kubernetes cluster) to your Grafana Cloud instance through Private Data Source Connect. + +## Overview + +The Private Datasource Connect feature: + +- **Deploys the PDC Agent**: Uses the official pdc-agent Helm chart as a dependency +- **Configures Metrics Collection**: Sets up Alloy to discover and scrape PDC Agent metrics +- **Provides Security**: Uses proper security contexts and non-root containers +- **Enables Monitoring**: Routes PDC Agent metrics to your chosen destinations +- **Validates Configuration**: Ensures required PDC connection settings are provided + +## Required Setup + +Before enabling this feature, you must: + +1. **Create an Access Policy token** in your Grafana Cloud stack with appropriate permissions +2. **Create a Kubernetes secret** with the token (recommended for production): + + ```bash + kubectl create secret generic pdc-token --from-literal=token=YOUR_ACCESS_POLICY_TOKEN + ``` + +## Usage + +### Basic Configuration + +```yaml +privateDatasourceConnect: + enabled: true + pdc-agent: + cluster: "prod-us-central-0" # Your Hosted Grafana stack cluster + hostedGrafanaId: "123456" # Your Hosted Grafana stack ID + tokenSecretName: "pdc-token" # Kubernetes secret with Access Policy token +``` + +### Advanced Configuration + +```yaml +privateDatasourceConnect: + enabled: true + destinations: ["prometheus"] # Custom destination routing + + pdc-agent: + # Required PDC connection settings + cluster: "prod-us-central-0" + hostedGrafanaId: "123456" + tokenSecretName: "pdc-token" + + # Optional deployment settings + replicaCount: 3 + image: + repository: grafana/pdc-agent + tag: "v1.2.3" + pullPolicy: IfNotPresent + + metricsPort: 8090 + debug: false + + resources: + requests: + cpu: 100m + memory: 256Mi + limits: + cpu: 500m + memory: 512Mi + + # Security contexts (using chart defaults) + podSecurityContext: + runAsUser: 30000 + runAsGroup: 30000 + fsGroup: 30000 + + securityContext: + capabilities: + drop: [ALL] + runAsNonRoot: true + privileged: false + allowPrivilegeEscalation: false + + # Additional arguments for the PDC agent + extraArgs: [] + + # Feature-specific metric filtering + metricsTuning: + includeMetrics: + - "pdc_.*" + - "ssh_.*" + - "go_.*" + excludeMetrics: + - ".*_debug_.*" + + # Custom relabeling rules + extraDiscoveryRules: | + rule { + source_labels = ["__meta_kubernetes_pod_annotation_custom_label"] + target_label = "custom_label" + } + + extraMetricProcessingRules: | + rule { + source_labels = ["__name__"] + regex = "pdc_ssh_connection_duration_seconds" + target_label = "__tmp_connection_time" + } +``` + +### Testing Configuration (Not Recommended for Production) + +For testing purposes only, you can use an insecure token value: + +```yaml +privateDatasourceConnect: + enabled: true + pdc-agent: + cluster: "prod-us-central-0" + hostedGrafanaId: "123456" + insecureTokenValue: "your-access-policy-token-here" # NOT for production! +``` + +## Configuration Reference + +### Required Settings + +The following settings are required when the feature is enabled: + +- `pdc-agent.cluster`: The cluster where your Hosted Grafana stack is running +- `pdc-agent.hostedGrafanaId`: The numeric ID of your Hosted Grafana stack +- Authentication: Either `pdc-agent.tokenSecretName` OR `pdc-agent.insecureTokenValue` + +### PDC Agent Configuration + +All configuration under `pdc-agent.*` is passed directly to the PDC Agent Helm chart. See the [PDC Agent documentation](https://grafana.com/docs/grafana-cloud/connect-externally-hosted/private-data-source-connect/configure-pdc/) for complete configuration options. + +### Metrics Collection + +The feature automatically configures Alloy to: + +- Discover PDC Agent pods using Kubernetes service discovery +- Scrape metrics from the `/metrics` endpoint on port 8090 +- Apply custom relabeling rules if specified +- Route metrics to configured destinations + +## Testing + +This chart contains unit tests to verify the generated configuration. The hidden value `deployAsConfigMap` will render +the generated configuration into a ConfigMap object. While this ConfigMap is not used during regular operation, you can +use it to show the outcome of a given values file. + +The unit tests use this ConfigMap to create an object with the configuration that can be asserted against. To run the +tests, use `helm test`. + +Be sure perform actual integration testing in a live environment in the main [k8s-monitoring](../..) chart. + + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| peterolivo | | | + + + +## Source Code + +* + + +## Requirements + +| Repository | Name | Version | +|------------|------|---------| +| https://grafana.github.io/helm-charts | pdc-agent | 0.0.1 | + +## Values + +### PDC Agent + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| enabled | bool | `true` | Enable the PDC Agent deployment. | +| extraDiscoveryRules | string | `""` | Rule blocks to be added to the prometheus.scrape component for PDC Agent metrics. These relabeling rules are applied pre-scrape against the targets from service discovery. ([docs](https://grafana.com/docs/alloy/latest/reference/components/prometheus/prometheus.scrape/#rule-block)) | +| extraMetricProcessingRules | string | `""` | Rule blocks to be added to the prometheus.relabel component for PDC Agent. These relabeling rules are applied post-scrape against the metrics returned from the scraped target. ([docs](https://grafana.com/docs/alloy/latest/reference/components/prometheus/prometheus.relabel/#rule-block)) | +| maxCacheSize | string | `nil` | Sets the max_cache_size for PDC Agent prometheus.relabel component. This should be at least 2x-5x your largest scrape target or samples appended rate. ([docs](https://grafana.com/docs/alloy/latest/reference/components/prometheus/prometheus.relabel/#arguments)) Overrides global.maxCacheSize | +| metricsTuning.excludeMetrics | list | `[]` | Metrics to drop. Can use regular expressions. | +| metricsTuning.includeMetrics | list | `[]` | Metrics to keep. Can use regular expressions. | +| namespace | string | `""` | Namespace to deploy the PDC Agent in. | +| scrapeInterval | string | 60s | The default interval between scraping targets. Overrides global.scrapeInterval | +| scrapeTimeout | string | 10s | The default timeout for scrape requests. | + +### Global Settings + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| global.maxCacheSize | int | `100000` | Sets the max_cache_size for every prometheus.relabel component. ([docs](https://grafana.com/docs/alloy/latest/reference/components/prometheus/prometheus.relabel/#arguments)) This should be at least 2x-5x your largest scrape target or samples appended rate. | +| global.scrapeInterval | string | `"60s"` | How frequently to scrape metrics. | + +### Other Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| pdc-agent.affinity | object | `{}` | | +| pdc-agent.cluster | string | `""` | The cluster where your Hosted Grafana stack is running | +| pdc-agent.debug | bool | `false` | Enable debug logging for the agent | +| pdc-agent.extraArgs | list | `[]` | Extra arguments for the pdc-agent | +| pdc-agent.fullnameOverride | string | `""` | | +| pdc-agent.hostedGrafanaId | string | `""` | The numeric ID of your Hosted Grafana stack | +| pdc-agent.image | object | `{"pullPolicy":"IfNotPresent","repository":"grafana/pdc-agent","tag":""}` | Container image configuration | +| pdc-agent.imagePullSecrets | list | `[]` | Secrets for pulling an image from a private repository | +| pdc-agent.insecureTokenValue | string | `""` | Insecure token value for testing purposes (not recommended for production) | +| pdc-agent.metricsPort | int | `8090` | The port where metrics are served from the pdc agent | +| pdc-agent.nameOverride | string | `""` | Override the chart name | +| pdc-agent.nodeSelector | object | `{}` | Node selector, tolerations, and affinity | +| pdc-agent.podLabels | object | `{}` | Pod labels | +| pdc-agent.podSecurityContext | object | `{"fsGroup":30000,"runAsGroup":30000,"runAsUser":30000}` | Pod security context | +| pdc-agent.replicaCount | int | `3` | This will set the replicaset count | +| pdc-agent.resources | object | `{"requests":{"cpu":"100m","memory":"256Mi"}}` | Resource limits and requests | +| pdc-agent.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"runAsNonRoot":true}` | Container security context | +| pdc-agent.tokenSecretName | string | `""` | Secret name containing the Access Policy token (expects key 'token') | +| pdc-agent.tolerations | list | `[]` | | diff --git a/charts/k8s-monitoring/charts/feature-private-datasource-connect/README.md.gotmpl b/charts/k8s-monitoring/charts/feature-private-datasource-connect/README.md.gotmpl new file mode 100644 index 0000000000..61b4975fdd --- /dev/null +++ b/charts/k8s-monitoring/charts/feature-private-datasource-connect/README.md.gotmpl @@ -0,0 +1,176 @@ + + +# Feature: Private Datasource Connect + +{{ template "chart.deprecationWarning" . }} + +The Private Datasource Connect (PDC) feature enables the deployment and monitoring of the PDC Agent for Grafana Cloud observability within a Kubernetes cluster. + +The PDC Agent creates secure tunnels to connect external data sources (like databases, APIs, or services running outside your Kubernetes cluster) to your Grafana Cloud instance through Private Data Source Connect. + +## Overview + +The Private Datasource Connect feature: + +- **Deploys the PDC Agent**: Uses the official pdc-agent Helm chart as a dependency +- **Configures Metrics Collection**: Sets up Alloy to discover and scrape PDC Agent metrics +- **Provides Security**: Uses proper security contexts and non-root containers +- **Enables Monitoring**: Routes PDC Agent metrics to your chosen destinations +- **Validates Configuration**: Ensures required PDC connection settings are provided + +## Required Setup + +Before enabling this feature, you must: + +1. **Create an Access Policy token** in your Grafana Cloud stack with appropriate permissions +2. **Create a Kubernetes secret** with the token (recommended for production): + + ```bash + kubectl create secret generic pdc-token --from-literal=token=YOUR_ACCESS_POLICY_TOKEN + ``` + +## Usage + +### Basic Configuration + +```yaml +privateDatasourceConnect: + enabled: true + pdc-agent: + cluster: "prod-us-central-0" # Your Hosted Grafana stack cluster + hostedGrafanaId: "123456" # Your Hosted Grafana stack ID + tokenSecretName: "pdc-token" # Kubernetes secret with Access Policy token +``` + +### Advanced Configuration + +```yaml +privateDatasourceConnect: + enabled: true + destinations: ["prometheus"] # Custom destination routing + + pdc-agent: + # Required PDC connection settings + cluster: "prod-us-central-0" + hostedGrafanaId: "123456" + tokenSecretName: "pdc-token" + + # Optional deployment settings + replicaCount: 3 + image: + repository: grafana/pdc-agent + tag: "v1.2.3" + pullPolicy: IfNotPresent + + metricsPort: 8090 + debug: false + + resources: + requests: + cpu: 100m + memory: 256Mi + limits: + cpu: 500m + memory: 512Mi + + # Security contexts (using chart defaults) + podSecurityContext: + runAsUser: 30000 + runAsGroup: 30000 + fsGroup: 30000 + + securityContext: + capabilities: + drop: [ALL] + runAsNonRoot: true + privileged: false + allowPrivilegeEscalation: false + + # Additional arguments for the PDC agent + extraArgs: [] + + # Feature-specific metric filtering + metricsTuning: + includeMetrics: + - "pdc_.*" + - "ssh_.*" + - "go_.*" + excludeMetrics: + - ".*_debug_.*" + + # Custom relabeling rules + extraDiscoveryRules: | + rule { + source_labels = ["__meta_kubernetes_pod_annotation_custom_label"] + target_label = "custom_label" + } + + extraMetricProcessingRules: | + rule { + source_labels = ["__name__"] + regex = "pdc_ssh_connection_duration_seconds" + target_label = "__tmp_connection_time" + } +``` + +### Testing Configuration (Not Recommended for Production) + +For testing purposes only, you can use an insecure token value: + +```yaml +privateDatasourceConnect: + enabled: true + pdc-agent: + cluster: "prod-us-central-0" + hostedGrafanaId: "123456" + insecureTokenValue: "your-access-policy-token-here" # NOT for production! +``` + +## Configuration Reference + +### Required Settings + +The following settings are required when the feature is enabled: + +- `pdc-agent.cluster`: The cluster where your Hosted Grafana stack is running +- `pdc-agent.hostedGrafanaId`: The numeric ID of your Hosted Grafana stack +- Authentication: Either `pdc-agent.tokenSecretName` OR `pdc-agent.insecureTokenValue` + +### PDC Agent Configuration + +All configuration under `pdc-agent.*` is passed directly to the PDC Agent Helm chart. See the [PDC Agent documentation](https://grafana.com/docs/grafana-cloud/connect-externally-hosted/private-data-source-connect/configure-pdc/) for complete configuration options. + +### Metrics Collection + +The feature automatically configures Alloy to: + +- Discover PDC Agent pods using Kubernetes service discovery +- Scrape metrics from the `/metrics` endpoint on port 8090 +- Apply custom relabeling rules if specified +- Route metrics to configured destinations + +## Testing + +This chart contains unit tests to verify the generated configuration. The hidden value `deployAsConfigMap` will render +the generated configuration into a ConfigMap object. While this ConfigMap is not used during regular operation, you can +use it to show the outcome of a given values file. + +The unit tests use this ConfigMap to create an object with the configuration that can be asserted against. To run the +tests, use `helm test`. + +Be sure perform actual integration testing in a live environment in the main [k8s-monitoring](../..) chart. + + +{{ template "chart.maintainersSection" . }} + + + +{{ template "chart.sourcesSection" . }} + + +{{ template "chart.requirementsSection" . }} + +{{ template "chart.valuesSection" . }} diff --git a/charts/k8s-monitoring/charts/feature-private-datasource-connect/charts/pdc-agent-0.0.1.tgz b/charts/k8s-monitoring/charts/feature-private-datasource-connect/charts/pdc-agent-0.0.1.tgz new file mode 100644 index 0000000000..4946703645 Binary files /dev/null and b/charts/k8s-monitoring/charts/feature-private-datasource-connect/charts/pdc-agent-0.0.1.tgz differ diff --git a/charts/k8s-monitoring/charts/feature-private-datasource-connect/templates/_helpers.tpl b/charts/k8s-monitoring/charts/feature-private-datasource-connect/templates/_helpers.tpl new file mode 100644 index 0000000000..500a1ffd4b --- /dev/null +++ b/charts/k8s-monitoring/charts/feature-private-datasource-connect/templates/_helpers.tpl @@ -0,0 +1,84 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "feature-private-datasource-connect.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "feature-private-datasource-connect.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "feature-private-datasource-connect.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "feature-private-datasource-connect.labels" -}} +helm.sh/chart: {{ include "feature-private-datasource-connect.chart" . }} +{{ include "feature-private-datasource-connect.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "feature-private-datasource-connect.selectorLabels" -}} +app.kubernetes.io/name: {{ include "feature-private-datasource-connect.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the namespace for PDC Agent if specified +*/}} +{{- define "feature-private-datasource-connect.namespace" -}} +{{- if .Values.namespace }} +{{- .Values.namespace }} +{{- else }} +{{- .Release.Namespace }} +{{- end }} +{{- end }} + +{{/* +Get the scrape interval for PDC Agent +*/}} +{{- define "feature-private-datasource-connect.scrapeInterval" -}} +{{- if .Values.scrapeInterval }} +{{- .Values.scrapeInterval }} +{{- else }} +{{- .Values.global.scrapeInterval | default "60s" }} +{{- end }} +{{- end }} + +{{/* +Get the max cache size for PDC Agent +*/}} +{{- define "feature-private-datasource-connect.maxCacheSize" -}} +{{- if .Values.maxCacheSize }} +{{- .Values.maxCacheSize }} +{{- else }} +{{- .Values.global.maxCacheSize | default 100000 }} +{{- end }} +{{- end }} diff --git a/charts/k8s-monitoring/charts/feature-private-datasource-connect/templates/_module.alloy.tpl b/charts/k8s-monitoring/charts/feature-private-datasource-connect/templates/_module.alloy.tpl new file mode 100644 index 0000000000..166146ac50 --- /dev/null +++ b/charts/k8s-monitoring/charts/feature-private-datasource-connect/templates/_module.alloy.tpl @@ -0,0 +1,114 @@ +{{- define "feature.privateDatasourceConnect.module" }} +{{- if .Values.enabled }} +declare "pdc_agent" { + argument "metrics_destinations" { + comment = "Must be a list of metric destinations where collected metrics should be forwarded to" + } + + {{- $metricAllowList := .Values.metricsTuning.includeMetrics }} + {{- $metricDenyList := .Values.metricsTuning.excludeMetrics }} + {{- $namespace := include "feature-private-datasource-connect.namespace" . }} + + // Kubernetes service discovery for PDC Agent + discovery.kubernetes "pdc_agent_pods" { + role = "pod" + {{- if $namespace }} + namespaces { + names = [{{ $namespace | quote }}] + } + {{- end }} + } + + // Relabel rules for PDC Agent service discovery + discovery.relabel "pdc_agent_pods" { + targets = discovery.kubernetes.pdc_agent_pods.targets + + // Only target pods with the pdc-agent label + rule { + source_labels = ["__meta_kubernetes_pod_label_app_kubernetes_io_name"] + regex = "pdc-agent" + action = "keep" + } + + // Set the address to the pod IP and port + rule { + source_labels = ["__meta_kubernetes_pod_ip"] + target_label = "__address__" + replacement = "${1}:{{ index .Values "pdc-agent" "metricsPort" | default "8090" }}" + } + + // Set the instance label + rule { + source_labels = ["__meta_kubernetes_pod_name"] + target_label = "instance" + } + + // Set the job label + rule { + target_label = "job" + replacement = "pdc-agent" + } + + // Set the namespace label + rule { + source_labels = ["__meta_kubernetes_pod_namespace"] + target_label = "namespace" + } + + // Set the pod label + rule { + source_labels = ["__meta_kubernetes_pod_name"] + target_label = "pod" + } + + {{- if .Values.extraDiscoveryRules }} + {{ .Values.extraDiscoveryRules | indent 4 }} + {{- end }} + + } + + // Prometheus scraper for PDC Agent + prometheus.scrape "pdc_agent" { + targets = discovery.relabel.pdc_agent_pods.output + scrape_interval = {{ include "feature-private-datasource-connect.scrapeInterval" . | quote }} + {{- if .Values.scrapeTimeout }} + scrape_timeout = {{ .Values.scrapeTimeout | quote }} + {{- end }} + metrics_path = "/metrics" + scheme = "http" + + {{- if or $metricAllowList $metricDenyList .Values.extraMetricProcessingRules }} + forward_to = [prometheus.relabel.pdc_agent.receiver] + {{- else }} + forward_to = argument.metrics_destinations.value + {{- end }} + } + + {{- if or $metricAllowList $metricDenyList .Values.extraMetricProcessingRules }} + // Metric processing and filtering + prometheus.relabel "pdc_agent" { + {{- if $metricAllowList }} + rule { + source_labels = ["__name__"] + regex = "{{ $metricAllowList | join "|" }}" + action = "keep" + } + {{- end }} + {{- if $metricDenyList }} + rule { + source_labels = ["__name__"] + regex = "{{ $metricDenyList | join "|" }}" + action = "drop" + } + {{- end }} + {{- if .Values.extraMetricProcessingRules }} + {{ .Values.extraMetricProcessingRules | indent 4 }} + {{- end }} + + max_cache_size = {{ include "feature-private-datasource-connect.maxCacheSize" . }} + forward_to = argument.metrics_destinations.value + } + {{- end }} +} +{{- end }} +{{- end -}} diff --git a/charts/k8s-monitoring/charts/feature-private-datasource-connect/templates/_notes.tpl b/charts/k8s-monitoring/charts/feature-private-datasource-connect/templates/_notes.tpl new file mode 100644 index 0000000000..42a5f5c850 --- /dev/null +++ b/charts/k8s-monitoring/charts/feature-private-datasource-connect/templates/_notes.tpl @@ -0,0 +1,58 @@ +{{- define "feature.privateDatasourceConnect.notes.deployments" }} +{{- if .Values.enabled }} +* PDC Agent deployment and associated resources +{{- end }} +{{- end }} + +{{- define "feature.privateDatasourceConnect.notes.task" }} +{{- if .Values.enabled }} +Deploys and monitors the PDC (Private Data Cloud) Agent for Grafana Cloud observability. +{{- else }} +PDC Agent feature is disabled. +{{- end }} +{{- end }} + +{{- define "feature.privateDatasourceConnect.notes.actions" }} +{{- if .Values.enabled }} +{{- if not (index .Values "pdc-agent" "image" "tag") }} +NOTE: No specific image tag was set for PDC Agent. The chart will use the default tag. +{{- end }} +{{- if not (index .Values "pdc-agent" "cluster") }} +WARNING: PDC Agent cluster is not configured. Please set 'pdc-agent.cluster'. +{{- end }} +{{- if not (index .Values "pdc-agent" "hostedGrafanaId") }} +WARNING: PDC Agent hostedGrafanaId is not configured. Please set 'pdc-agent.hostedGrafanaId'. +{{- end }} +{{- if and (not (index .Values "pdc-agent" "tokenSecretName")) (not (index .Values "pdc-agent" "insecureTokenValue")) }} +WARNING: PDC Agent authentication token is not configured. Please set either 'tokenSecretName' or 'insecureTokenValue'. +{{- end }} +{{- if index .Values "pdc-agent" "debug" }} +NOTE: PDC Agent debug logging is enabled. This may produce verbose logs. +{{- end }} +{{- end }} +{{- end }} + +{{- define "feature.privateDatasourceConnect.summary" -}} +version: {{ .Chart.Version }} +enabled: {{ .Values.enabled }} +{{- if .Values.enabled }} +{{- if .Values.namespace }} +namespace: {{ .Values.namespace }} +{{- end }} +{{- if .Values.scrapeInterval }} +scrapeInterval: {{ .Values.scrapeInterval }} +{{- else if .Values.global.scrapeInterval }} +scrapeInterval: {{ .Values.global.scrapeInterval }} +{{- end }} +metricsPort: {{ index .Values "pdc-agent" "metricsPort" | default "8090" }} +{{- if index .Values "pdc-agent" "replicaCount" }} +replicas: {{ index .Values "pdc-agent" "replicaCount" }} +{{- end }} +{{- if index .Values "pdc-agent" "cluster" }} +cluster: {{ index .Values "pdc-agent" "cluster" }} +{{- end }} +{{- if index .Values "pdc-agent" "hostedGrafanaId" }} +hostedGrafanaId: {{ index .Values "pdc-agent" "hostedGrafanaId" }} +{{- end }} +{{- end }} +{{- end }} diff --git a/charts/k8s-monitoring/charts/feature-private-datasource-connect/templates/_validations.tpl b/charts/k8s-monitoring/charts/feature-private-datasource-connect/templates/_validations.tpl new file mode 100644 index 0000000000..6e65739b6a --- /dev/null +++ b/charts/k8s-monitoring/charts/feature-private-datasource-connect/templates/_validations.tpl @@ -0,0 +1,47 @@ +{{- define "feature.privateDatasourceConnect.validate" -}} +{{- if .Values.enabled }} + {{- if not (index .Values "pdc-agent") }} + {{- $msg := list "" "PDC Agent is enabled but no pdc-agent configuration is provided. Please provide configuration in the 'pdc-agent' section. For example:" }} + {{- $msg = append $msg "pdc-agent:" }} + {{- $msg = append $msg " cluster: \"prod-us-central-0\"" }} + {{- $msg = append $msg " hostedGrafanaId: \"123456\"" }} + {{- $msg = append $msg " tokenSecretName: \"pdc-token\"" }} + {{- fail (join "\n" $msg) }} + {{- end }} + + {{- if not (index .Values "pdc-agent" "cluster") }} + {{- $msg := list "" "PDC Agent is enabled but no cluster is specified. Please specify the cluster where your Hosted Grafana stack is running. For example:" }} + {{- $msg = append $msg "pdc-agent:" }} + {{- $msg = append $msg " cluster: \"prod-us-central-0\"" }} + {{- fail (join "\n" $msg) }} + {{- end }} + + {{- if not (index .Values "pdc-agent" "hostedGrafanaId") }} + {{- $msg := list "" "PDC Agent is enabled but no hostedGrafanaId is specified. Please specify the numeric ID of your Hosted Grafana stack. For example:" }} + {{- $msg = append $msg "pdc-agent:" }} + {{- $msg = append $msg " hostedGrafanaId: \"123456\"" }} + {{- fail (join "\n" $msg) }} + {{- end }} + + {{- if and (not (index .Values "pdc-agent" "tokenSecretName")) (not (index .Values "pdc-agent" "insecureTokenValue")) }} + {{- $msg := list "" "PDC Agent is enabled but no authentication token is provided. Please specify either tokenSecretName or insecureTokenValue. For example:" }} + {{- $msg = append $msg "pdc-agent:" }} + {{- $msg = append $msg " tokenSecretName: \"pdc-token\"" }} + {{- $msg = append $msg " # OR for testing only:" }} + {{- $msg = append $msg " # insecureTokenValue: \"your-token-here\"" }} + {{- fail (join "\n" $msg) }} + {{- end }} + + {{- if and .Values.scrapeInterval (not (regexMatch "^[0-9]+(ns|us|µs|ms|s|m|h)$" .Values.scrapeInterval)) }} + {{- fail "PDC Agent scrapeInterval must be a valid duration (e.g., '30s', '1m', '5m')" }} + {{- end }} + + {{- if and .Values.scrapeTimeout (not (regexMatch "^[0-9]+(ns|us|µs|ms|s|m|h)$" .Values.scrapeTimeout)) }} + {{- fail "PDC Agent scrapeTimeout must be a valid duration (e.g., '10s', '30s')" }} + {{- end }} + + {{- if and .Values.maxCacheSize (not (kindIs "float64" .Values.maxCacheSize)) }} + {{- fail "PDC Agent maxCacheSize must be a number" }} + {{- end }} +{{- end }} +{{- end }} diff --git a/charts/k8s-monitoring/charts/feature-private-datasource-connect/templates/configmap.yaml b/charts/k8s-monitoring/charts/feature-private-datasource-connect/templates/configmap.yaml new file mode 100644 index 0000000000..cd7695e2bf --- /dev/null +++ b/charts/k8s-monitoring/charts/feature-private-datasource-connect/templates/configmap.yaml @@ -0,0 +1,15 @@ +{{- if and .Values.deployAsConfigMap .Values.enabled }} +{{- $alloyConfig := include "feature.privateDatasourceConnect.module" . }} +{{- $alloyConfig = regexReplaceAll `[ \t]+(\r?\n)` $alloyConfig "\n" }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Chart.Name }}-config + namespace: {{ .Release.Namespace }} + labels: + {{- include "feature-private-datasource-connect.labels" . | nindent 4 }} +data: + module.alloy: |- + {{- $alloyConfig | trim | nindent 4 }} +{{- end }} diff --git a/charts/k8s-monitoring/charts/feature-private-datasource-connect/tests/__snapshot__/default_test.yaml.snap b/charts/k8s-monitoring/charts/feature-private-datasource-connect/tests/__snapshot__/default_test.yaml.snap new file mode 100644 index 0000000000..b1a4b70b95 --- /dev/null +++ b/charts/k8s-monitoring/charts/feature-private-datasource-connect/tests/__snapshot__/default_test.yaml.snap @@ -0,0 +1,69 @@ +should generate the default configuration: + 1: | + |- + declare "pdc_agent" { + argument "metrics_destinations" { + comment = "Must be a list of metric destinations where collected metrics should be forwarded to" + } + + // Kubernetes service discovery for PDC Agent + discovery.kubernetes "pdc_agent_pods" { + role = "pod" + namespaces { + names = ["NAMESPACE"] + } + } + + // Relabel rules for PDC Agent service discovery + discovery.relabel "pdc_agent_pods" { + targets = discovery.kubernetes.pdc_agent_pods.targets + + // Only target pods with the pdc-agent label + rule { + source_labels = ["__meta_kubernetes_pod_label_app_kubernetes_io_name"] + regex = "pdc-agent" + action = "keep" + } + + // Set the address to the pod IP and port + rule { + source_labels = ["__meta_kubernetes_pod_ip"] + target_label = "__address__" + replacement = "${1}:8090" + } + + // Set the instance label + rule { + source_labels = ["__meta_kubernetes_pod_name"] + target_label = "instance" + } + + // Set the job label + rule { + target_label = "job" + replacement = "pdc-agent" + } + + // Set the namespace label + rule { + source_labels = ["__meta_kubernetes_pod_namespace"] + target_label = "namespace" + } + + // Set the pod label + rule { + source_labels = ["__meta_kubernetes_pod_name"] + target_label = "pod" + } + + } + + // Prometheus scraper for PDC Agent + prometheus.scrape "pdc_agent" { + targets = discovery.relabel.pdc_agent_pods.output + scrape_interval = "60s" + metrics_path = "/metrics" + scheme = "http" + forward_to = argument.metrics_destinations.value + } + } diff --git a/charts/k8s-monitoring/charts/feature-private-datasource-connect/tests/default_test.yaml b/charts/k8s-monitoring/charts/feature-private-datasource-connect/tests/default_test.yaml new file mode 100644 index 0000000000..4f8d9b95d2 --- /dev/null +++ b/charts/k8s-monitoring/charts/feature-private-datasource-connect/tests/default_test.yaml @@ -0,0 +1,38 @@ +# yamllint disable rule:document-start rule:line-length rule:trailing-spaces +suite: Feature - Private Datasource Connect - Defaults +templates: + - configmap.yaml +tests: + - it: should generate the default configuration + set: + deployAsConfigMap: true + enabled: true + pdc-agent: + cluster: "test-cluster" + hostedGrafanaId: "12345" + insecureTokenValue: "test-token" + asserts: + - isKind: + of: ConfigMap + - matchSnapshot: + path: data["module.alloy"] + + - it: should not create configmap when deployAsConfigMap is false + set: + deployAsConfigMap: false + enabled: true + pdc-agent: + cluster: "test-cluster" + hostedGrafanaId: "12345" + insecureTokenValue: "test-token" + asserts: + - hasDocuments: + count: 0 + + - it: should not create configmap when feature is disabled + set: + deployAsConfigMap: true + enabled: false + asserts: + - hasDocuments: + count: 0 diff --git a/charts/k8s-monitoring/charts/feature-private-datasource-connect/values.schema.json b/charts/k8s-monitoring/charts/feature-private-datasource-connect/values.schema.json new file mode 100644 index 0000000000..b69687f482 --- /dev/null +++ b/charts/k8s-monitoring/charts/feature-private-datasource-connect/values.schema.json @@ -0,0 +1,171 @@ +{ + "$schema": "http://json-schema.org/schema#", + "type": "object", + "properties": { + "deployAsConfigMap": { + "type": "boolean" + }, + "enabled": { + "type": "boolean" + }, + "extraDiscoveryRules": { + "type": "string" + }, + "extraMetricProcessingRules": { + "type": "string" + }, + "global": { + "type": "object", + "properties": { + "maxCacheSize": { + "type": "integer" + }, + "scrapeInterval": { + "type": "string" + } + } + }, + "maxCacheSize": { + "type": "null" + }, + "metricsTuning": { + "type": "object", + "properties": { + "excludeMetrics": { + "type": "array" + }, + "includeMetrics": { + "type": "array" + } + } + }, + "namespace": { + "type": "string" + }, + "pdc-agent": { + "type": "object", + "properties": { + "affinity": { + "type": "object" + }, + "cluster": { + "type": "string" + }, + "debug": { + "type": "boolean" + }, + "extraArgs": { + "type": "array" + }, + "fullnameOverride": { + "type": "string" + }, + "hostedGrafanaId": { + "type": "string" + }, + "image": { + "type": "object", + "properties": { + "pullPolicy": { + "type": "string" + }, + "repository": { + "type": "string" + }, + "tag": { + "type": "string" + } + } + }, + "imagePullSecrets": { + "type": "array" + }, + "insecureTokenValue": { + "type": "string" + }, + "metricsPort": { + "type": "integer" + }, + "nameOverride": { + "type": "string" + }, + "nodeSelector": { + "type": "object" + }, + "podLabels": { + "type": "object" + }, + "podSecurityContext": { + "type": "object", + "properties": { + "fsGroup": { + "type": "integer" + }, + "runAsGroup": { + "type": "integer" + }, + "runAsUser": { + "type": "integer" + } + } + }, + "replicaCount": { + "type": "integer" + }, + "resources": { + "type": "object", + "properties": { + "requests": { + "type": "object", + "properties": { + "cpu": { + "type": "string" + }, + "memory": { + "type": "string" + } + } + } + } + }, + "securityContext": { + "type": "object", + "properties": { + "allowPrivilegeEscalation": { + "type": "boolean" + }, + "capabilities": { + "type": "object", + "properties": { + "drop": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "privileged": { + "type": "boolean" + }, + "runAsNonRoot": { + "type": "boolean" + } + } + }, + "tokenSecretName": { + "type": "string" + }, + "tolerations": { + "type": "array" + } + } + }, + "scrapeInterval": { + "type": "string" + }, + "scrapeTimeout": { + "type": "string" + } + } +} diff --git a/charts/k8s-monitoring/charts/feature-private-datasource-connect/values.yaml b/charts/k8s-monitoring/charts/feature-private-datasource-connect/values.yaml new file mode 100644 index 0000000000..bd4e1b96bb --- /dev/null +++ b/charts/k8s-monitoring/charts/feature-private-datasource-connect/values.yaml @@ -0,0 +1,134 @@ +--- +global: + # -- How frequently to scrape metrics. + # @section -- Global Settings + scrapeInterval: 60s + + # -- Sets the max_cache_size for every prometheus.relabel component. ([docs](https://grafana.com/docs/alloy/latest/reference/components/prometheus/prometheus.relabel/#arguments)) + # This should be at least 2x-5x your largest scrape target or samples appended rate. + # @section -- Global Settings + maxCacheSize: 100000 + +# Feature configuration +# -- Enable the PDC Agent deployment. +# @section -- PDC Agent +enabled: true + +# -- Namespace to deploy the PDC Agent in. +# @section -- PDC Agent +namespace: "" + +# PDC Agent subchart values - passed directly to pdc-agent chart +pdc-agent: + # -- This will set the replicaset count + replicaCount: 3 + + # -- Container image configuration + image: + repository: grafana/pdc-agent + tag: "" + pullPolicy: IfNotPresent + + # -- Secrets for pulling an image from a private repository + imagePullSecrets: [] + + # -- Override the chart name + nameOverride: "" + fullnameOverride: "" + + # -- Pod labels + podLabels: {} + + # -- Pod security context + podSecurityContext: + runAsUser: 30000 + runAsGroup: 30000 + fsGroup: 30000 + + # -- Container security context + securityContext: + capabilities: + drop: + - ALL + runAsNonRoot: true + privileged: false + allowPrivilegeEscalation: false + + # -- Resource limits and requests + resources: + requests: + cpu: 100m + memory: 256Mi + + # -- Node selector, tolerations, and affinity + nodeSelector: {} + tolerations: [] + affinity: {} + + # -- The port where metrics are served from the pdc agent + metricsPort: 8090 + + # -- Enable debug logging for the agent + debug: false + + # PDC Connection Configuration + # See https://grafana.com/docs/grafana-cloud/connect-externally-hosted/private-data-source-connect/configure-pdc/#pdc-connection-steps + + # -- The cluster where your Hosted Grafana stack is running + cluster: "" + + # -- The numeric ID of your Hosted Grafana stack + hostedGrafanaId: "" + + # -- Secret name containing the Access Policy token (expects key 'token') + tokenSecretName: "" + + # -- Insecure token value for testing purposes (not recommended for production) + insecureTokenValue: "" + + # -- Extra arguments for the pdc-agent + extraArgs: [] + +# Feature-specific configuration (not passed to subchart) +# -- Rule blocks to be added to the prometheus.scrape component for PDC Agent metrics. +# These relabeling rules are applied pre-scrape against the targets from service discovery. +# ([docs](https://grafana.com/docs/alloy/latest/reference/components/prometheus/prometheus.scrape/#rule-block)) +# @section -- PDC Agent +extraDiscoveryRules: "" + +# -- Rule blocks to be added to the prometheus.relabel component for PDC Agent. +# These relabeling rules are applied post-scrape against the metrics returned from the scraped target. +# ([docs](https://grafana.com/docs/alloy/latest/reference/components/prometheus/prometheus.relabel/#rule-block)) +# @section -- PDC Agent +extraMetricProcessingRules: "" + +# Adjustments to the scraped metrics to filter the amount of data sent to storage. +metricsTuning: + # -- Metrics to keep. Can use regular expressions. + # @section -- PDC Agent + includeMetrics: [] + # -- Metrics to drop. Can use regular expressions. + # @section -- PDC Agent + excludeMetrics: [] + +# -- The default interval between scraping targets. +# Overrides global.scrapeInterval +# @default -- 60s +# @section -- PDC Agent +scrapeInterval: "" + +# -- The default timeout for scrape requests. +# @default -- 10s +# @section -- PDC Agent +scrapeTimeout: "" + +# -- Sets the max_cache_size for PDC Agent prometheus.relabel component. +# This should be at least 2x-5x your largest scrape target or samples appended rate. +# ([docs](https://grafana.com/docs/alloy/latest/reference/components/prometheus/prometheus.relabel/#arguments)) +# Overrides global.maxCacheSize +# @raw +# @section -- PDC Agent +maxCacheSize: + +# @ignore +deployAsConfigMap: false diff --git a/charts/k8s-monitoring/templates/features/_feature_helpers.tpl b/charts/k8s-monitoring/templates/features/_feature_helpers.tpl index 23c6340d21..05b3a81092 100644 --- a/charts/k8s-monitoring/templates/features/_feature_helpers.tpl +++ b/charts/k8s-monitoring/templates/features/_feature_helpers.tpl @@ -5,6 +5,7 @@ - clusterMetrics - clusterEvents - nodeLogs +- privateDatasourceConnect - podLogs - profilesReceiver - profiling diff --git a/charts/k8s-monitoring/templates/features/_feature_private_datasource_connect.tpl b/charts/k8s-monitoring/templates/features/_feature_private_datasource_connect.tpl new file mode 100644 index 0000000000..41a10ae610 --- /dev/null +++ b/charts/k8s-monitoring/templates/features/_feature_private_datasource_connect.tpl @@ -0,0 +1,52 @@ +{{- define "features.privateDatasourceConnect.enabled" }}{{ .Values.privateDatasourceConnect.enabled }}{{- end }} + +{{- define "features.privateDatasourceConnect.collectors" }} +{{- if .Values.privateDatasourceConnect.enabled -}} +- {{ .Values.privateDatasourceConnect.collector }} +{{- end }} +{{- end }} + +{{- define "features.privateDatasourceConnect.include" }} +{{- if .Values.privateDatasourceConnect.enabled -}} +{{- $destinations := include "features.privateDatasourceConnect.destinations" . | fromYamlArray }} +// Feature: Private Datasource Connect (PDC Agent) +{{- include "feature.privateDatasourceConnect.module" (dict "Values" $.Values.privateDatasourceConnect "Files" $.Subcharts.privateDatasourceConnect.Files "Release" $.Release) }} +pdc_agent "feature" { + metrics_destinations = [ + {{ include "destinations.alloy.targets" (dict "destinations" $.Values.destinations "names" $destinations "type" "metrics" "ecosystem" "prometheus") | indent 4 | trim }} + ] +} +{{- end -}} +{{- end -}} + +{{- define "features.privateDatasourceConnect.destinations" }} +{{- if .Values.privateDatasourceConnect.enabled -}} +{{- include "destinations.get" (dict "destinations" $.Values.destinations "type" "metrics" "ecosystem" "prometheus" "filter" $.Values.privateDatasourceConnect.destinations) -}} +{{- end -}} +{{- end -}} + +{{- define "features.privateDatasourceConnect.destinations.isTranslating" }} +{{- $isTranslating := false -}} +{{- $destinations := include "features.privateDatasourceConnect.destinations" . | fromYamlArray -}} +{{ range $destination := $destinations -}} + {{- $destinationEcosystem := include "destination.getEcosystem" (deepCopy $ | merge (dict "destination" $destination)) -}} + {{- if ne $destinationEcosystem "prometheus" -}} + {{- $isTranslating = true -}} + {{- end -}} +{{- end -}} +{{- $isTranslating -}} +{{- end -}} + +{{- define "features.privateDatasourceConnect.collector.values" }}{{- end -}} + +{{- define "features.privateDatasourceConnect.validate" }} +{{- if .Values.privateDatasourceConnect.enabled -}} +{{- $featureName := "Private Datasource Connect" }} +{{- $destinations := include "features.privateDatasourceConnect.destinations" . | fromYamlArray }} +{{- include "destinations.validate_destination_list" (dict "destinations" $destinations "type" "metrics" "ecosystem" "prometheus" "feature" $featureName) }} +{{- range $collector := include "features.privateDatasourceConnect.collectors" . | fromYamlArray }} + {{- include "collectors.require_collector" (dict "Values" $.Values "name" $collector "feature" $featureName) }} +{{- end -}} +{{- include "feature.privateDatasourceConnect.validate" (dict "Values" $.Values.privateDatasourceConnect) }} +{{- end -}} +{{- end -}} diff --git a/charts/k8s-monitoring/values.schema.json b/charts/k8s-monitoring/values.schema.json index f5707a6470..9a6e6a67f6 100644 --- a/charts/k8s-monitoring/values.schema.json +++ b/charts/k8s-monitoring/values.schema.json @@ -266,6 +266,20 @@ } } }, + "privateDatasourceConnect": { + "type": "object", + "properties": { + "collector": { + "type": "string" + }, + "destinations": { + "type": "array" + }, + "enabled": { + "type": "boolean" + } + } + }, "profilesReceiver": { "type": "object", "properties": { diff --git a/charts/k8s-monitoring/values.yaml b/charts/k8s-monitoring/values.yaml index 626978d35c..78ec4af168 100644 --- a/charts/k8s-monitoring/values.yaml +++ b/charts/k8s-monitoring/values.yaml @@ -224,6 +224,28 @@ prometheusOperatorObjects: # To see additional options, please see the [Prometheus Operator Objects feature documentation](https://github.com/grafana/k8s-monitoring-helm/tree/main/charts/k8s-monitoring/charts/feature-prometheus-operator-objects). +# -- Private Datasource Connect (PDC) Agent. +# Deploys and configures the PDC Agent for Grafana Cloud observability. +# Requires a destination that supports metrics. +# To see the valid options, please see the [PDC Agent feature documentation](https://github.com/grafana/k8s-monitoring-helm/tree/main/charts/k8s-monitoring/charts/feature-pdc-agent). +# @default -- Disabled +# @section -- Features - Private Datasource Connect +privateDatasourceConnect: + # -- Enable the PDC Agent deployment. + # @section -- Features - Private Datasource Connect + enabled: false + + # -- The destinations where PDC Agent metrics will be sent. If empty, all metrics-capable destinations will be used. + # @section -- Features - Private Datasource Connect + destinations: [] + + # -- Which collector to assign this feature to. Do not change this unless you are sure of what you are doing. + # @section -- Features - Private Datasource Connect + # @ignored + collector: alloy-metrics + + # To see additional options, please see the [PDC Agent feature documentation](https://github.com/grafana/k8s-monitoring-helm/tree/main/charts/k8s-monitoring/charts/feature-private-datasource-connect). + # -- Profiling enables gathering profiles from applications. # Requires a destination that supports profiles. # To see the valid options, please see the [Profiling feature documentation](https://github.com/grafana/k8s-monitoring-helm/tree/main/charts/k8s-monitoring/charts/feature-profiling).