From 0c43e86dd840916c5c77c5b32973c2159c2e7302 Mon Sep 17 00:00:00 2001 From: Pete Wall Date: Wed, 26 Nov 2025 07:49:54 -0600 Subject: [PATCH 01/10] Hackathon feature to get kubernetes manifests --- charts/k8s-monitoring/Chart.lock | 7 +- charts/k8s-monitoring/Chart.yaml | 5 + charts/k8s-monitoring/README.md | 18 + .../feature-kubernetes-manifests/.helmignore | 6 + .../feature-kubernetes-manifests/Chart.lock | 3 + .../feature-kubernetes-manifests/Chart.yaml | 13 + .../feature-kubernetes-manifests/Makefile | 48 ++ .../feature-kubernetes-manifests/README.md | 55 ++ .../README.md.gotmpl | 38 + .../collect-manifests.sh | 170 +++++ .../templates/_collector_validation.tpl | 13 + .../templates/_helpers.tpl | 3 + .../templates/_module.alloy.tpl | 67 ++ .../templates/_notes.tpl | 11 + .../templates/_sidecar.tpl | 40 + .../templates/configmap.yaml | 11 + .../templates/test/collector.yaml | 4 + .../tests/__snapshot__/default_test.yaml.snap | 12 + .../tests/default_test.yaml | 13 + .../values.schema.json | 43 ++ .../feature-kubernetes-manifests/values.yaml | 19 + .../kubernetes-manifests/default/README.md | 40 + .../default/alloy-singleton.alloy | 109 +++ .../default/description.txt | 4 + .../kubernetes-manifests/default}/output.yaml | 694 ++++++++---------- .../default/test/test-plan.yaml | 50 ++ .../kubernetes-manifests/default/values.yaml | 25 + .../templates/alloy-config.yaml | 7 + .../templates/features/_feature_helpers.tpl | 1 + .../_feature_kubernetes_manifests.tpl | 69 ++ charts/k8s-monitoring/values.schema.json | 34 + charts/k8s-monitoring/values.yaml | 25 + 32 files changed, 1253 insertions(+), 404 deletions(-) create mode 100644 charts/k8s-monitoring/charts/feature-kubernetes-manifests/.helmignore create mode 100644 charts/k8s-monitoring/charts/feature-kubernetes-manifests/Chart.lock create mode 100644 charts/k8s-monitoring/charts/feature-kubernetes-manifests/Chart.yaml create mode 100644 charts/k8s-monitoring/charts/feature-kubernetes-manifests/Makefile create mode 100644 charts/k8s-monitoring/charts/feature-kubernetes-manifests/README.md create mode 100644 charts/k8s-monitoring/charts/feature-kubernetes-manifests/README.md.gotmpl create mode 100755 charts/k8s-monitoring/charts/feature-kubernetes-manifests/collect-manifests.sh create mode 100644 charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_collector_validation.tpl create mode 100644 charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_helpers.tpl create mode 100644 charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_module.alloy.tpl create mode 100644 charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_notes.tpl create mode 100644 charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_sidecar.tpl create mode 100644 charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/configmap.yaml create mode 100644 charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/test/collector.yaml create mode 100644 charts/k8s-monitoring/charts/feature-kubernetes-manifests/tests/__snapshot__/default_test.yaml.snap create mode 100644 charts/k8s-monitoring/charts/feature-kubernetes-manifests/tests/default_test.yaml create mode 100644 charts/k8s-monitoring/charts/feature-kubernetes-manifests/values.schema.json create mode 100644 charts/k8s-monitoring/charts/feature-kubernetes-manifests/values.yaml create mode 100644 charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/README.md create mode 100644 charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/alloy-singleton.alloy create mode 100644 charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/description.txt rename charts/k8s-monitoring/docs/examples/{custom-destinations/debug => features/kubernetes-manifests/default}/output.yaml (56%) create mode 100644 charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/test/test-plan.yaml create mode 100644 charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/values.yaml create mode 100644 charts/k8s-monitoring/templates/features/_feature_kubernetes_manifests.tpl diff --git a/charts/k8s-monitoring/Chart.lock b/charts/k8s-monitoring/Chart.lock index b2c2e2b5d7..9d111996b4 100644 --- a/charts/k8s-monitoring/Chart.lock +++ b/charts/k8s-monitoring/Chart.lock @@ -26,6 +26,9 @@ dependencies: - name: feature-pod-logs-via-kubernetes-api repository: "" version: 1.0.0 +- name: feature-kubernetes-manifests + repository: "" + version: 1.0.0 - name: feature-profiling repository: "" version: 1.0.0 @@ -38,5 +41,5 @@ dependencies: - name: alloy-operator repository: https://grafana.github.io/helm-charts version: 0.3.14 -digest: sha256:660387cc1740f69780420e72cdddd6eb497097901a524e5d5f20b8a59303e402 -generated: "2025-12-02T10:47:58.495-06:00" +digest: sha256:74d3926b919ff3580aecc7c990ca9b9e37b3a3d10a129cf61e3ba7deeaab6d6c +generated: "2025-12-02T14:05:13.070402-06:00" diff --git a/charts/k8s-monitoring/Chart.yaml b/charts/k8s-monitoring/Chart.yaml index a752c06d5b..10ea416cec 100644 --- a/charts/k8s-monitoring/Chart.yaml +++ b/charts/k8s-monitoring/Chart.yaml @@ -58,6 +58,11 @@ dependencies: repository: "" version: 1.0.0 condition: podLogsViaKubernetesApi.enabled + - alias: kubernetesManifests + name: feature-kubernetes-manifests + repository: "" + version: 1.0.0 + condition: kubernetesManifests.enabled - alias: profiling name: feature-profiling repository: "" diff --git a/charts/k8s-monitoring/README.md b/charts/k8s-monitoring/README.md index 746c967e2f..edac9377ef 100644 --- a/charts/k8s-monitoring/README.md +++ b/charts/k8s-monitoring/README.md @@ -248,6 +248,7 @@ details: | | clusterEvents(feature-cluster-events) | 1.0.0 | | | clusterMetrics(feature-cluster-metrics) | 1.0.0 | | | integrations(feature-integrations) | 1.0.0 | +| | kubernetesManifests(feature-kubernetes-manifests) | 1.0.0 | | | nodeLogs(feature-node-logs) | 1.0.0 | | | podLogs(feature-pod-logs) | 1.0.0 | | | podLogsViaKubernetesApi(feature-pod-logs-via-kubernetes-api) | 1.0.0 | @@ -393,6 +394,13 @@ details: | integrations | object | No integrations enabled | Service Integrations enables gathering telemetry data for common services and applications deployed to Kubernetes. To see the valid options, please see the [Service Integrations documentation](https://github.com/grafana/k8s-monitoring-helm/tree/main/charts/k8s-monitoring/charts/feature-integrations). | | integrations.destinations | list | `[]` | The destinations where integration metrics will be sent. If empty, all metrics-capable destinations will be used. | +### Features - Kubernetes Manifests + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| kubernetesManifests.destinations | list | `[]` | The destinations where logs will be sent. If empty, all logs-capable destinations will be used. | +| kubernetesManifests.enabled | bool | `false` | Enable gathering Kubernetes Manifests. | + ### Features - Node Logs | Key | Type | Default | Description | @@ -448,3 +456,13 @@ details: | selfReporting.destinations | list | `[]` | The destinations where self-report metrics will be sent. If empty, all metrics-capable destinations will be used. | | selfReporting.enabled | bool | `true` | Enable Self-reporting. | | selfReporting.scrapeInterval | string | 60s | How frequently to generate self-report metrics. This does utilize the global scrapeInterval setting. | + +### Other Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| kubernetesManifests.image.digest | string | `""` | | +| kubernetesManifests.image.pullPolicy | string | `"IfNotPresent"` | | +| kubernetesManifests.image.registry | string | `"ghcr.io"` | | +| kubernetesManifests.image.repository | string | `"grafana/helm-chart-toolbox-kubectl"` | | +| kubernetesManifests.image.tag | string | `"0.1.2"` | | diff --git a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/.helmignore b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/.helmignore new file mode 100644 index 0000000000..2b29eaf564 --- /dev/null +++ b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/.helmignore @@ -0,0 +1,6 @@ +docs +schema-mods +tests +Makefile +README.md +README.md.gotmpl diff --git a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/Chart.lock b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/Chart.lock new file mode 100644 index 0000000000..cc833191e5 --- /dev/null +++ b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/Chart.lock @@ -0,0 +1,3 @@ +dependencies: [] +digest: sha256:643d5437104296e21d906ecb15b2c96ad278f20cfc4af53b12bb6069bd853726 +generated: "2024-08-28T15:09:37.347011-05:00" diff --git a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/Chart.yaml b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/Chart.yaml new file mode 100644 index 0000000000..7951325271 --- /dev/null +++ b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/Chart.yaml @@ -0,0 +1,13 @@ +--- +apiVersion: v2 +name: feature-kubernetes-manifests +description: Kubernetes Observability feature for gathering Kubernetes manifests. +type: application +sources: + - https://github.com/grafana/k8s-monitoring-helm/tree/main/charts/k8s-monitoring/charts/feature-kubernetes-manifests +version: 1.0.0 +appVersion: 1.0.0 +maintainers: + - email: pete.wall@grafana.com + name: petewall +dependencies: [] diff --git a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/Makefile b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/Makefile new file mode 100644 index 0000000000..b277581c2f --- /dev/null +++ b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/Makefile @@ -0,0 +1,48 @@ +HAS_HELM_UNITTEST := $(shell helm plugin list | grep unittest 2> /dev/null) + +.SECONDEXPANSION: +README.md: values.yaml Chart.yaml $$(wildcard README.md.gotmpl) + docker run --rm --platform linux/amd64 --volume $(shell pwd):/chart ghcr.io/grafana/helm-chart-toolbox-doc-generator --chart /chart > $@ + +Chart.lock: Chart.yaml + helm dependency update . + @touch Chart.lock # Ensure the timestamp is updated + +values.schema.json: values.yaml $$(wildcard schema-mods/*) + docker run --rm --platform linux/amd64 --volume $(shell pwd):/chart ghcr.io/grafana/helm-chart-toolbox-schema-generator --chart /chart > $@ + +.PHONY: clean +clean: + rm -f README.md values.schema.json + +.PHONY: build +build: README.md Chart.lock values.schema.json + +.PHONY: lint-script +lint-script: + @if command -v shellcheck &> /dev/null; then \ + shellcheck templates/script.sh; \ + else \ + docker run --rm -v $(shell pwd):/src --workdir /src koalaman/shellcheck:stable --rcfile .shellcheckrc templates/script.sh; \ + fi + +.PHONY: lint +lint: lint-script + +.PHONY: test +test: build + helm lint . + ct lint --lint-conf ../../.lintconf.yaml --helm-dependency-extra-args=--skip-refresh --charts . +ifdef HAS_HELM_UNITTEST + helm unittest . +else + docker run --rm --volume $(shell pwd):/apps helmunittest/helm-unittest:3.18.4-1.0.0 . +endif + +.PHONY: update-test-snapshots +update-test-snapshots: +ifdef HAS_HELM_UNITTEST + helm unittest . --update-snapshot +else + docker run --rm --volume $(shell pwd):/apps helmunittest/helm-unittest:3.18.4-1.0.0 . --update-snapshot +endif diff --git a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/README.md b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/README.md new file mode 100644 index 0000000000..5edcd0d248 --- /dev/null +++ b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/README.md @@ -0,0 +1,55 @@ + + +# Feature: Kubernetes Manifests + +TODO + +## Usage + +```yaml +kubernetesManifests: + enabled: true + ... [values](#values) +``` + +## Testing + +This chart contains unit tests to verify the generated configuration. The hidden value `deployAsConfigMap` will render +the generated configuration into a ConfigMap object. While this ConfigMap is not used during regular operation, you can +use it to show the outcome of a given values file. + +The unit tests use this ConfigMap to create an object with the configuration that can be asserted against. To run the +tests, use `helm test`. + +Be sure perform actual integration testing in a live environment in the main [k8s-monitoring](../..) chart. + + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| petewall | | | + + + +## Source Code + +* + + + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| image.digest | string | `""` | | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.pullSecrets | list | `[]` | | +| image.registry | string | `"ghcr.io"` | | +| image.repository | string | `"grafana/helm-chart-toolbox-kubectl"` | | +| image.tag | string | `"0.1.2"` | | +| namespaces | list | `[]` | | +| pods.gather | bool | `true` | | diff --git a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/README.md.gotmpl b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/README.md.gotmpl new file mode 100644 index 0000000000..f9e27dbfb6 --- /dev/null +++ b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/README.md.gotmpl @@ -0,0 +1,38 @@ + + +# Feature: Kubernetes Manifests + +TODO + +## Usage + +```yaml +kubernetesManifests: + enabled: true + ... [values](#values) +``` + +## Testing + +This chart contains unit tests to verify the generated configuration. The hidden value `deployAsConfigMap` will render +the generated configuration into a ConfigMap object. While this ConfigMap is not used during regular operation, you can +use it to show the outcome of a given values file. + +The unit tests use this ConfigMap to create an object with the configuration that can be asserted against. To run the +tests, use `helm test`. + +Be sure perform actual integration testing in a live environment in the main [k8s-monitoring](../..) chart. + + +{{ template "chart.maintainersSection" . }} + + + +{{ template "chart.sourcesSection" . }} + + +{{ template "chart.requirementsSection" . }} +{{ template "chart.valuesSection" . }} diff --git a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/collect-manifests.sh b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/collect-manifests.sh new file mode 100755 index 0000000000..0232619690 --- /dev/null +++ b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/collect-manifests.sh @@ -0,0 +1,170 @@ +#!/bin/bash +set -o pipefail + +script_name="${0##*/}" +if [[ "${script_name}" == "bash" || "${script_name}" == "-bash" ]]; then + script_name="script.sh" +fi + +usage() { + echo "Usage: ${script_name} [OPTIONS]" + echo "" + echo "Collects Kubernetes manifests and saves them as files." + echo "" + echo "Pod manifests are stored at \${MANIFEST_DIR}/pods//.json" + echo "" + echo "Requires the MANIFEST_DIR environment variable to be set to the target directory." + echo "" + echo "Options:" + echo " -n, --namespaces Comma or space separated list of namespaces to scan." + echo " When omitted, all namespaces are scanned." + echo " -p, --pod-filters Comma or space separated list of jq selectors to drop" + echo " from the pod JSON." + echo " Default: .status" + echo " -h, --help Show this help message." +} + +namespaces_arg="" +pod_filters_arg="" + +while [[ $# -gt 0 ]]; do + case "$1" in + -n|--namespaces) + if [[ $# -lt 2 ]]; then + echo "Error: --namespaces requires an argument." >&2 + usage + exit 1 + fi + namespaces_arg="$2" + shift 2 + ;; + -p|--pod-filters) + if [[ $# -lt 2 ]]; then + echo "Error: --pod-filters requires an argument." >&2 + usage + exit 1 + fi + pod_filters_arg="$2" + shift 2 + ;; + -h|--help) + usage + exit 0 + ;; + *) + echo "Unknown option: $1" >&2 + usage + exit 1 + ;; + esac +done + +if [[ -z "${namespaces_arg}" && -n "${NAMESPACES:-}" ]]; then + namespaces_arg="${NAMESPACES}" +fi + +if [[ -z "${MANIFEST_DIR:-}" ]]; then + echo "MANIFEST_DIR environment variable must be set." >&2 + exit 1 +fi + +mkdir -p "${MANIFEST_DIR}" + +pod_namespaces=() +if [[ -n "${namespaces_arg}" ]]; then + sanitized="${namespaces_arg//$'\n'/ }" + sanitized="${sanitized//,/ }" + read -ra parsed_namespaces <<< "${sanitized}" + for ns in "${parsed_namespaces[@]}"; do + [[ -n "${ns}" ]] || continue + pod_namespaces+=("${ns}") + done +fi + +default_pod_filters=(".status") +pod_filters=() +if [[ -n "${pod_filters_arg}" ]]; then + sanitized="${pod_filters_arg//$'\n'/ }" + sanitized="${sanitized//,/ }" + read -ra parsed_pod_filters <<< "${sanitized}" + for filter in "${parsed_pod_filters[@]}"; do + [[ -n "${filter}" ]] || continue + pod_filters+=("${filter}") + done +fi + +if [[ ${#pod_filters[@]} -eq 0 ]]; then + pod_filters=("${default_pod_filters[@]}") +fi + +build_jq_filter() { + local program="." + for filter in "$@"; do + [[ -n "${filter}" ]] || continue + program+=" | del(${filter})" + done + printf '%s' "${program}" +} + +collect_pod_manifest() { + local namespace="$1" + local pod_name="$2" + pod_output_filter="$(build_jq_filter "${pod_filters[@]}")" + + [[ -n "${namespace}" && -n "${pod_name}" ]] || return 0 + + local namespace_dir="${MANIFEST_DIR}/pods/${namespace}" + mkdir -p "${namespace_dir}" + + local output_file="${namespace_dir}/${pod_name}.json" + local tmp_file="${output_file}.tmp" + + if kubectl get pod --namespace "${namespace}" "${pod_name}" -o json | jq --compact-output "${pod_output_filter}" > "${tmp_file}"; then + echo "Storing pod manifest \"${namespace}/${pod_name}\"" + mv "${tmp_file}" "${output_file}" + else + echo "Failed to collect manifest for pod ${namespace}/${pod_name}" >&2 + rm -f "${tmp_file}" + fi +} + +collect_all_pod_manifests() { + if pod_entries=$(kubectl get pods --all-namespaces -o jsonpath='{range .items[*]}{.metadata.namespace}{" "}{.metadata.name}{"\n"}{end}'); then + while IFS= read -r entry; do + [[ -n "${entry}" ]] || continue + read -r namespace pod_name _ <<< "${entry}" + if [[ -z "${namespace}" || -z "${pod_name}" ]]; then + continue + fi + collect_pod_manifest "${namespace}" "${pod_name}" + done <<< "${pod_entries}" + else + echo "Failed to list pods across all namespaces." >&2 + fi +} + +collect_pod_manifests_by_namespace() { + for namespace in "${pod_namespaces[@]}"; do + [[ -n "${namespace}" ]] || continue + + if ! pod_names=$(kubectl get pods --namespace "${namespace}" -o jsonpath='{range .items[*]}{.metadata.name}{"\n"}{end}'); then + echo "Failed to list pods in namespace ${namespace}" >&2 + continue + fi + + while IFS= read -r pod_name; do + [[ -n "${pod_name}" ]] || continue + collect_pod_manifest "${namespace}" "${pod_name}" + done <<< "${pod_names}" + done +} + +while true; do + if [[ ${#pod_namespaces[@]} -eq 0 ]]; then + collect_all_pod_manifests + else + collect_pod_manifests_by_namespace + fi + + sleep 60 +done diff --git a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_collector_validation.tpl b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_collector_validation.tpl new file mode 100644 index 0000000000..ae8088952a --- /dev/null +++ b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_collector_validation.tpl @@ -0,0 +1,13 @@ +{{/* Validates that the Alloy instance is appropriate for the given Kubernetes Manifests settings */}} +{{/* Inputs: Values (Kubernetes Manifests values), Collector (Alloy values), CollectorName (string) */}} +{{- define "feature.kubernetesManifests.collector.validate" -}} +{{/*{{- if and (hasPrefix "/var/kubernetes-manifests" .Values.path) (not .Collector.alloy.mounts.varlog) }}*/}} +{{/* {{- $msg := list "" "Kubernetes Manifests feature requires Alloy to mount /var/log." }}*/}} +{{/* {{- $msg = append $msg "Please set:"}}*/}} +{{/* {{- $msg = append $msg (printf "%s:" .CollectorName) }}*/}} +{{/* {{- $msg = append $msg " alloy:"}}*/}} +{{/* {{- $msg = append $msg " mounts:"}}*/}} +{{/* {{- $msg = append $msg " varlog: true" }}*/}} +{{/* {{- fail (join "\n" $msg) }}*/}} +{{/*{{- end -}}*/}} +{{- end -}} diff --git a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_helpers.tpl b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_helpers.tpl new file mode 100644 index 0000000000..276d91802c --- /dev/null +++ b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_helpers.tpl @@ -0,0 +1,3 @@ +{{- define "escape_label" -}} +{{ . | replace "-" "_" | replace "." "_" | replace "/" "_" }} +{{- end }} diff --git a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_module.alloy.tpl b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_module.alloy.tpl new file mode 100644 index 0000000000..2097afbea6 --- /dev/null +++ b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_module.alloy.tpl @@ -0,0 +1,67 @@ +{{- define "feature.kubernetesManifests.module" }} +declare "kubernetes_manifests" { + argument "logs_destinations" { + comment = "Must be a list of log destinations where collected logs should be forwarded to" + } + + otelcol.receiver.filelog "pod_manifests" { + include = ["/var/kubernetes-manifests/pods/*/*.json"] + include_file_path_resolved = true + start_at = "beginning" + delete_after_read = true + + output { + logs = [otelcol.processor.transform.pod_manifests.input] + } + } + + otelcol.processor.transform "pod_manifests" { + error_mode = "ignore" + + log_statements { + context = "log" + statements = [ + `merge_maps(attributes, ExtractPatterns(log.attributes["log.file.path_resolved"], "^/var/kubernetes-manifests/pods/(?P[^/]+)/(?P[^.]+)\\.json$"), "upsert")`, + `set(resource.attributes["k8s.namespace.name"], attributes["namespace"])`, + `set(resource.attributes["k8s.pod.name"], attributes["pod"])`, + `set(resource.attributes["service.name"], "k8s.grafana.com/manifest-collector")`, + `set(resource.attributes["service.namespace"], {{ $.Release.Namespace | quote }})`, + ] + } + + output { + logs = [otelcol.processor.k8sattributes.pod_manifests.input] + } + } + + otelcol.processor.k8sattributes "pod_manifests" { + pod_association { + source { + from = "resource_attribute" + name = "k8s.pod.name" + } + source { + from = "resource_attribute" + name = "k8s.namespace.name" + } + } + + extract { + metadata = [ + "k8s.cronjob.name", + "k8s.daemonset.name", + "k8s.deployment.name", + "k8s.job.name", + "k8s.node.name", + "k8s.pod.start_time", + "k8s.replicaset.name", + "k8s.statefulset.name", + ] + } + + output { + logs = argument.logs_destinations.value + } + } +} +{{- end -}} diff --git a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_notes.tpl b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_notes.tpl new file mode 100644 index 0000000000..4d542cf0bd --- /dev/null +++ b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_notes.tpl @@ -0,0 +1,11 @@ +{{- define "feature.kubernetesManifests.notes.deployments" }}{{- end }} + +{{- define "feature.kubernetesManifests.notes.task" }} +Gather Kubernetes manifests +{{- end }} + +{{- define "feature.kubernetesManifests.notes.actions" }}{{- end }} + +{{- define "feature.kubernetesManifests.summary" -}} +version: {{ .Chart.Version }} +{{- end }} diff --git a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_sidecar.tpl b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_sidecar.tpl new file mode 100644 index 0000000000..2c2f02e086 --- /dev/null +++ b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_sidecar.tpl @@ -0,0 +1,40 @@ +{{- define "feature.kubernetesManifests.sidecarContainer" }} +- name: kubernetes-manifest-collector + {{- with .Values.image }} + {{- if .digest }} + image: "{{ dig "image" "registry" .registry $.Values.global }}/{{ .repository }}@{{ .digest }}" + {{- else }} + image: "{{ dig "image" "registry" .registry $.Values.global }}/{{ .repository }}:{{ .tag }}" + {{- end }} + {{- end }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + command: + - /bin/bash + - /etc/alloy/collect-manifests.sh +{{- if .Values.namespaces }} + - --namespaces + - {{ .Values.namespaces | join "," }} +{{- end }} + env: + - name: MANIFEST_DIR + value: /var/kubernetes-manifests + volumeMounts: + - mountPath: /etc/alloy + name: config + - mountPath: /var/kubernetes-manifests + name: kubernetes-manifests + readOnly: false +{{- end }} + +{{- define "feature.kubernetesManifests.volume" }} +- name: kubernetes-manifests + emptyDir: + medium: Memory +{{- end }} + +{{- define "feature.kubernetesManifests.volumeMount" }} +- mountPath: /var/kubernetes-manifests + name: kubernetes-manifests + readOnly: false +{{- end }} + diff --git a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/configmap.yaml b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/configmap.yaml new file mode 100644 index 0000000000..6fbd2c0c72 --- /dev/null +++ b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/configmap.yaml @@ -0,0 +1,11 @@ +{{- if .Values.deployAsConfigMap }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Chart.Name }}-test-config + namespace: {{ .Release.Namespace }} +data: + module.alloy: |- + {{- include "feature.kubernetesManifests.module" . | indent 4 }} +{{- end }} diff --git a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/test/collector.yaml b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/test/collector.yaml new file mode 100644 index 0000000000..6a7c4b3fd3 --- /dev/null +++ b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/test/collector.yaml @@ -0,0 +1,4 @@ +{{- if eq (((index .Values "testing") | default false) | toString) "true" }} +{{ include "feature.kubernetesManifests.collector.validate" (dict "Values" .Values "Collector" .Values.test.Collector "CollectorName" "alloy-test" )}} +--- +{{- end }} diff --git a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/tests/__snapshot__/default_test.yaml.snap b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/tests/__snapshot__/default_test.yaml.snap new file mode 100644 index 0000000000..a567b5734e --- /dev/null +++ b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/tests/__snapshot__/default_test.yaml.snap @@ -0,0 +1,12 @@ +should render the default configuration: + 1: | + |- + declare "kubernetes_manifests" { + argument "logs_destinations" { + comment = "Must be a list of log destinations where collected logs should be forwarded to" + } + + + forward_to = argument.logs_destinations.value + } + } diff --git a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/tests/default_test.yaml b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/tests/default_test.yaml new file mode 100644 index 0000000000..3445087cc2 --- /dev/null +++ b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/tests/default_test.yaml @@ -0,0 +1,13 @@ +# yamllint disable rule:document-start rule:line-length rule:trailing-spaces +suite: Test default values +templates: + - configmap.yaml +tests: + - it: should render the default configuration + set: + deployAsConfigMap: true + asserts: + - isKind: + of: ConfigMap + - matchSnapshot: + path: data["module.alloy"] diff --git a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/values.schema.json b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/values.schema.json new file mode 100644 index 0000000000..9fd75cfb34 --- /dev/null +++ b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/values.schema.json @@ -0,0 +1,43 @@ +{ + "$schema": "http://json-schema.org/schema#", + "type": "object", + "properties": { + "deployAsConfigMap": { + "type": "boolean" + }, + "image": { + "type": "object", + "properties": { + "digest": { + "type": "string" + }, + "pullPolicy": { + "type": "string" + }, + "pullSecrets": { + "type": "array" + }, + "registry": { + "type": "string" + }, + "repository": { + "type": "string" + }, + "tag": { + "type": "string" + } + } + }, + "namespaces": { + "type": "array" + }, + "pods": { + "type": "object", + "properties": { + "gather": { + "type": "boolean" + } + } + } + } +} diff --git a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/values.yaml b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/values.yaml new file mode 100644 index 0000000000..c4279022c9 --- /dev/null +++ b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/values.yaml @@ -0,0 +1,19 @@ +--- +namespaces: [] + +pods: + gather: true + +# The image to run to get the Kubernetes manifests from this cluster. It must contain +# `kubectl` and `jq` at a minimum. +# @section -- Image +image: + registry: ghcr.io + repository: grafana/helm-chart-toolbox-kubectl + tag: 0.1.2 + digest: "" + pullPolicy: IfNotPresent + pullSecrets: [] + +# @ignore +deployAsConfigMap: false diff --git a/charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/README.md b/charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/README.md new file mode 100644 index 0000000000..15be46f33e --- /dev/null +++ b/charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/README.md @@ -0,0 +1,40 @@ + +# Node Logs + +This example demonstrates how to gather logs from the Nodes in your Kubernetes cluster. It currently gathers logs from +the journald services on the node and requires a HostPath volume mount to `/var/log/journal`. + +## Values + + +```yaml +--- +cluster: + name: kubernetes-manifest-cluster + +destinations: + - name: loki + type: loki + url: http://loki.loki.svc:3100/loki/api/v1/push + tenantId: "1" + auth: + type: basic + username: loki + password: lokipassword + +kubernetesManifests: + enabled: true + + namespaces: [default] + +alloy-singleton: + enabled: true + liveDebugging: + enabled: true + alloy: + stabilityLevel: public-preview +``` + diff --git a/charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/alloy-singleton.alloy b/charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/alloy-singleton.alloy new file mode 100644 index 0000000000..6497424d44 --- /dev/null +++ b/charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/alloy-singleton.alloy @@ -0,0 +1,109 @@ +// Feature: Kubernetes Manifests +declare "kubernetes_manifests" { + argument "logs_destinations" { + comment = "Must be a list of log destinations where collected logs should be forwarded to" + } + + otelcol.receiver.filelog "pod_manifests" { + include = ["/var/kubernetes-manifests/pods/*/*.json"] + include_file_path_resolved = true + start_at = "beginning" + delete_after_read = true + + output { + logs = [otelcol.processor.transform.pod_manifests.input] + } + } + + otelcol.processor.transform "pod_manifests" { + error_mode = "ignore" + + log_statements { + context = "log" + statements = [ + `merge_maps(attributes, ExtractPatterns(log.attributes["log.file.path_resolved"], "^/var/kubernetes-manifests/pods/(?P[^/]+)/(?P[^.]+)\\.json$"), "upsert")`, + `set(resource.attributes["k8s.namespace.name"], attributes["namespace"])`, + `set(resource.attributes["k8s.pod.name"], attributes["pod"])`, + `set(resource.attributes["service.name"], "k8s.grafana.com/manifest-collector")`, + `set(resource.attributes["service.namespace"], "default")`, + ] + } + + output { + logs = [otelcol.processor.k8sattributes.pod_manifests.input] + } + } + + otelcol.processor.k8sattributes "pod_manifests" { + pod_association { + source { + from = "resource_attribute" + name = "k8s.pod.name" + } + source { + from = "resource_attribute" + name = "k8s.namespace.name" + } + } + + extract { + metadata = [ + "k8s.cronjob.name", + "k8s.daemonset.name", + "k8s.deployment.name", + "k8s.job.name", + "k8s.node.name", + "k8s.pod.start_time", + "k8s.replicaset.name", + "k8s.statefulset.name", + ] + } + + output { + logs = argument.logs_destinations.value + } + } +} +kubernetes_manifests "feature" { + logs_destinations = [ + otelcol.exporter.loki.loki.input, + ] +} + +livedebugging { + enabled = true +} + + +// Destination: loki (loki) +otelcol.exporter.loki "loki" { + forward_to = [loki.write.loki.receiver] +} + +loki.write "loki" { + endpoint { + url = "http://loki.loki.svc:3100/loki/api/v1/push" + retry_on_http_429 = true + tenant_id = convert.nonsensitive(remote.kubernetes.secret.loki.data["tenantId"]) + basic_auth { + username = convert.nonsensitive(remote.kubernetes.secret.loki.data["username"]) + password = remote.kubernetes.secret.loki.data["password"] + } + tls_config { + insecure_skip_verify = false + } + min_backoff_period = "500ms" + max_backoff_period = "5m" + max_backoff_retries = "10" + } + external_labels = { + "cluster" = "kubernetes-manifest-cluster", + "k8s_cluster_name" = "kubernetes-manifest-cluster", + } +} + +remote.kubernetes.secret "loki" { + name = "loki-k8smon-k8s-monitoring" + namespace = "default" +} + diff --git a/charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/description.txt b/charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/description.txt new file mode 100644 index 0000000000..9b0b7a0ff4 --- /dev/null +++ b/charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/description.txt @@ -0,0 +1,4 @@ +# Node Logs + +This example demonstrates how to gather logs from the Nodes in your Kubernetes cluster. It currently gathers logs from +the journald services on the node and requires a HostPath volume mount to `/var/log/journal`. diff --git a/charts/k8s-monitoring/docs/examples/custom-destinations/debug/output.yaml b/charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/output.yaml similarity index 56% rename from charts/k8s-monitoring/docs/examples/custom-destinations/debug/output.yaml rename to charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/output.yaml index 53c6298852..d408e783ac 100644 --- a/charts/k8s-monitoring/docs/examples/custom-destinations/debug/output.yaml +++ b/charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/output.yaml @@ -13,436 +13,305 @@ metadata: app.kubernetes.io/managed-by: Helm automountServiceAccountToken: true --- +# Source: k8s-monitoring/templates/destination_secret.yaml +apiVersion: v1 +kind: Secret +metadata: + name: "loki-k8smon-k8s-monitoring" + namespace: "default" +type: Opaque +data: + tenantId: "MQ==" + username: "bG9raQ==" + password: "bG9raXBhc3N3b3Jk" +--- # Source: k8s-monitoring/templates/alloy-config.yaml apiVersion: v1 kind: ConfigMap metadata: - name: k8smon-alloy-metrics + name: k8smon-alloy-singleton namespace: default data: config.alloy: | - // Feature: Annotation Autodiscovery - declare "annotation_autodiscovery" { - argument "metrics_destinations" { - comment = "Must be a list of metric destinations where collected metrics should be forwarded to" + // Feature: Kubernetes Manifests + declare "kubernetes_manifests" { + argument "logs_destinations" { + comment = "Must be a list of log destinations where collected logs should be forwarded to" } - discovery.kubernetes "pods" { - role = "pod" - } - - discovery.relabel "annotation_autodiscovery_pods" { - targets = discovery.kubernetes.pods.targets - rule { - source_labels = ["__meta_kubernetes_pod_annotation_k8s_grafana_com_scrape"] - regex = "true" - action = "keep" - } - // Only keep pods that are running, ready, and not init containers. - rule { - source_labels = [ - "__meta_kubernetes_pod_phase", - "__meta_kubernetes_pod_ready", - "__meta_kubernetes_pod_container_init", - ] - regex = "Running;true;false" - action = "keep" - } - rule { - source_labels = ["__meta_kubernetes_pod_name"] - target_label = "pod" - } - rule { - source_labels = ["__meta_kubernetes_pod_container_name"] - target_label = "container" - } - rule { - source_labels = ["__meta_kubernetes_namespace"] - target_label = "namespace" - } - rule { - source_labels = ["__meta_kubernetes_pod_annotation_k8s_grafana_com_job"] - target_label = "job" - } - rule { - source_labels = ["job", "__meta_kubernetes_pod_label_app_kubernetes_io_name"] - regex = ";(.+)" - target_label = "job" - } - rule { - source_labels = ["job", "__meta_kubernetes_pod_label_app"] - regex = ";(.+)" - target_label = "job" - } - rule { - source_labels = ["job", "container"] - regex = ";(.+)" - target_label = "job" - } - rule { - source_labels = ["__meta_kubernetes_pod_annotation_k8s_grafana_com_instance"] - target_label = "instance" - } - - // Rules to choose the right container - rule { - source_labels = ["container"] - target_label = "__tmp_container" - } - rule { - source_labels = ["__meta_kubernetes_pod_annotation_k8s_grafana_com_metrics_container"] - regex = "(.+)" - target_label = "__tmp_container" - } - rule { - source_labels = ["container"] - action = "keepequal" - target_label = "__tmp_container" - } - rule { - action = "labeldrop" - regex = "__tmp_container" - } - - // Set metrics path - rule { - source_labels = ["__meta_kubernetes_pod_annotation_k8s_grafana_com_metrics_path"] - regex = "(.+)" - target_label = "__metrics_path__" - } - - // Set metrics scraping URL parameters - rule { - action = "labelmap" - regex = "__meta_kubernetes_pod_annotation_k8s_grafana_com_metrics_param_(.+)" - replacement = "__param_$1" - } + otelcol.receiver.filelog "pod_manifests" { + include = ["/var/kubernetes-manifests/pods/*/*.json"] + include_file_path_resolved = true + start_at = "beginning" + delete_after_read = true - // Choose the pod port - // The discovery generates a target for each declared container port of the pod. - // If the metricsPortName annotation has value, keep only the target where the port name matches the one of the annotation. - rule { - source_labels = ["__meta_kubernetes_pod_container_port_name"] - target_label = "__tmp_port" - } - rule { - source_labels = ["__meta_kubernetes_pod_annotation_k8s_grafana_com_metrics_portName"] - regex = "(.+)" - target_label = "__tmp_port" - } - rule { - source_labels = ["__meta_kubernetes_pod_container_port_name"] - action = "keepequal" - target_label = "__tmp_port" - } - rule { - action = "labeldrop" - regex = "__tmp_port" - } - - // If the metrics port number annotation has a value, override the target address to use it, regardless whether it is - // one of the declared ports on that Pod. - rule { - source_labels = ["__meta_kubernetes_pod_annotation_k8s_grafana_com_metrics_portNumber", "__meta_kubernetes_pod_ip"] - regex = "(\\d+);(([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4})" - replacement = "[$2]:$1" // IPv6 - target_label = "__address__" - } - rule { - source_labels = ["__meta_kubernetes_pod_annotation_k8s_grafana_com_metrics_portNumber", "__meta_kubernetes_pod_ip"] - regex = "(\\d+);((([0-9]+?)(\\.|$)){4})" // IPv4, takes priority over IPv6 when both exists - replacement = "$2:$1" - target_label = "__address__" - } - - rule { - source_labels = ["__meta_kubernetes_pod_annotation_k8s_grafana_com_metrics_scheme"] - regex = "(.+)" - target_label = "__scheme__" - } - - rule { - source_labels = ["__meta_kubernetes_pod_annotation_k8s_grafana_com_metrics_scrapeInterval"] - regex = "(.+)" - target_label = "__scrape_interval__" - } - rule { - source_labels = ["__scrape_interval__"] - regex = "" - replacement = "60s" - target_label = "__scrape_interval__" - } - rule { - source_labels = ["__meta_kubernetes_pod_annotation_k8s_grafana_com_metrics_scrapeTimeout"] - regex = "(.+)" - target_label = "__scrape_timeout__" + output { + logs = [otelcol.processor.transform.pod_manifests.input] } - rule { - source_labels = ["__scrape_timeout__"] - regex = "" - replacement = "10s" - target_label = "__scrape_timeout__" - } - } - - discovery.kubernetes "services" { - role = "service" } - discovery.relabel "annotation_autodiscovery_services" { - targets = discovery.kubernetes.services.targets - rule { - source_labels = ["__meta_kubernetes_service_annotation_k8s_grafana_com_scrape"] - regex = "true" - action = "keep" - } - rule { - source_labels = ["__meta_kubernetes_service_name"] - target_label = "service" - } - rule { - source_labels = ["__meta_kubernetes_namespace"] - target_label = "namespace" - } - rule { - source_labels = ["__meta_kubernetes_service_annotation_k8s_grafana_com_job"] - target_label = "job" - } - rule { - source_labels = ["job", "__meta_kubernetes_service_label_app_kubernetes_io_name"] - regex = ";(.+)" - target_label = "job" - } - rule { - source_labels = ["job", "__meta_kubernetes_service_label_app"] - regex = ";(.+)" - target_label = "job" - } - rule { - source_labels = ["job", "service"] - regex = ";(.+)" - target_label = "job" - } - rule { - source_labels = ["__meta_kubernetes_service_annotation_k8s_grafana_com_instance"] - target_label = "instance" - } - - // Set metrics path - rule { - source_labels = ["__meta_kubernetes_service_annotation_k8s_grafana_com_metrics_path"] - target_label = "__metrics_path__" - } - - // Set metrics scraping URL parameters - rule { - action = "labelmap" - regex = "__meta_kubernetes_service_annotation_k8s_grafana_com_metrics_param_(.+)" - replacement = "__param_$1" - } - - // Choose the service port - rule { - source_labels = ["__meta_kubernetes_service_port_name"] - target_label = "__tmp_port" - } - rule { - source_labels = ["__meta_kubernetes_service_annotation_k8s_grafana_com_metrics_portName"] - regex = "(.+)" - target_label = "__tmp_port" - } - rule { - source_labels = ["__meta_kubernetes_service_port_name"] - action = "keepequal" - target_label = "__tmp_port" - } - - rule { - source_labels = ["__meta_kubernetes_service_port_number"] - target_label = "__tmp_port" - } - rule { - source_labels = ["__meta_kubernetes_service_annotation_k8s_grafana_com_metrics_portNumber"] - regex = "(.+)" - target_label = "__tmp_port" - } - rule { - source_labels = ["__meta_kubernetes_service_port_number"] - action = "keepequal" - target_label = "__tmp_port" - } - rule { - action = "labeldrop" - regex = "__tmp_port" - } - - rule { - source_labels = ["__meta_kubernetes_service_annotation_k8s_grafana_com_metrics_scheme"] - regex = "(.+)" - target_label = "__scheme__" + otelcol.processor.transform "pod_manifests" { + error_mode = "ignore" + + log_statements { + context = "log" + statements = [ + `merge_maps(attributes, ExtractPatterns(log.attributes["log.file.path_resolved"], "^/var/kubernetes-manifests/pods/(?P[^/]+)/(?P[^.]+)\\.json$"), "upsert")`, + `set(resource.attributes["k8s.namespace.name"], attributes["namespace"])`, + `set(resource.attributes["k8s.pod.name"], attributes["pod"])`, + `set(resource.attributes["service.name"], "k8s.grafana.com/manifest-collector")`, + `set(resource.attributes["service.namespace"], "default")`, + ] } - rule { - source_labels = ["__meta_kubernetes_service_annotation_k8s_grafana_com_metrics_scrapeInterval"] - regex = "(.+)" - target_label = "__scrape_interval__" - } - rule { - source_labels = ["__scrape_interval__"] - regex = "" - replacement = "60s" - target_label = "__scrape_interval__" - } - rule { - source_labels = ["__meta_kubernetes_service_annotation_k8s_grafana_com_metrics_scrapeTimeout"] - regex = "(.+)" - target_label = "__scrape_timeout__" - } - rule { - source_labels = ["__scrape_timeout__"] - regex = "" - replacement = "10s" - target_label = "__scrape_timeout__" + output { + logs = [otelcol.processor.k8sattributes.pod_manifests.input] } } - discovery.relabel "annotation_autodiscovery_http" { - targets = array.concat(discovery.relabel.annotation_autodiscovery_pods.output, discovery.relabel.annotation_autodiscovery_services.output) - rule { - source_labels = ["__scheme__"] - regex = "https" - action = "drop" + otelcol.processor.k8sattributes "pod_manifests" { + pod_association { + source { + from = "resource_attribute" + name = "k8s.pod.name" + } + source { + from = "resource_attribute" + name = "k8s.namespace.name" + } + } + + extract { + metadata = [ + "k8s.cronjob.name", + "k8s.daemonset.name", + "k8s.deployment.name", + "k8s.job.name", + "k8s.node.name", + "k8s.pod.start_time", + "k8s.replicaset.name", + "k8s.statefulset.name", + ] } - } - discovery.relabel "annotation_autodiscovery_https" { - targets = array.concat(discovery.relabel.annotation_autodiscovery_pods.output, discovery.relabel.annotation_autodiscovery_services.output) - rule { - source_labels = ["__scheme__"] - regex = "https" - action = "keep" + output { + logs = argument.logs_destinations.value } } + } + kubernetes_manifests "feature" { + logs_destinations = [ + otelcol.exporter.loki.loki.input, + ] + } - prometheus.scrape "annotation_autodiscovery_http" { - targets = discovery.relabel.annotation_autodiscovery_http.output - honor_labels = true - bearer_token_file = "/var/run/secrets/kubernetes.io/serviceaccount/token" - scrape_protocols = ["OpenMetricsText1.0.0","OpenMetricsText0.0.1","PrometheusText0.0.4"] - scrape_classic_histograms = false - scrape_native_histograms = false - clustering { - enabled = true - } - - forward_to = [prometheus.relabel.annotation_autodiscovery.receiver] - } + livedebugging { + enabled = true + } - prometheus.scrape "annotation_autodiscovery_https" { - targets = discovery.relabel.annotation_autodiscovery_https.output - honor_labels = true - bearer_token_file = "/var/run/secrets/kubernetes.io/serviceaccount/token" - tls_config { - insecure_skip_verify = true - } - scrape_protocols = ["OpenMetricsText1.0.0","OpenMetricsText0.0.1","PrometheusText0.0.4"] - scrape_classic_histograms = false - scrape_native_histograms = false - clustering { - enabled = true - } - forward_to = [prometheus.relabel.annotation_autodiscovery.receiver] - } + // Destination: loki (loki) + otelcol.exporter.loki "loki" { + forward_to = [loki.write.loki.receiver] + } - prometheus.relabel "annotation_autodiscovery" { - max_cache_size = 100000 - rule { - source_labels = ["__name__"] - regex = "up|scrape_samples_scraped|alloy_build_info" - action = "keep" + loki.write "loki" { + endpoint { + url = "http://loki.loki.svc:3100/loki/api/v1/push" + retry_on_http_429 = true + tenant_id = convert.nonsensitive(remote.kubernetes.secret.loki.data["tenantId"]) + basic_auth { + username = convert.nonsensitive(remote.kubernetes.secret.loki.data["username"]) + password = remote.kubernetes.secret.loki.data["password"] } - rule { - action = "labeldrop" - regex = "temp_source" + tls_config { + insecure_skip_verify = false } - forward_to = argument.metrics_destinations.value + min_backoff_period = "500ms" + max_backoff_period = "5m" + max_backoff_retries = "10" } - } - annotation_autodiscovery "feature" { - metrics_destinations = [ - otelcol.receiver.prometheus.debug.receiver, - ] - } - // Self Reporting - prometheus.exporter.unix "kubernetes_monitoring_telemetry" { - set_collectors = ["textfile"] - textfile { - directory = "/etc/alloy" + external_labels = { + "cluster" = "kubernetes-manifest-cluster", + "k8s_cluster_name" = "kubernetes-manifest-cluster", } } - discovery.relabel "kubernetes_monitoring_telemetry" { - targets = prometheus.exporter.unix.kubernetes_monitoring_telemetry.targets - rule { - target_label = "instance" - action = "replace" - replacement = "k8smon" - } - rule { - target_label = "job" - action = "replace" - replacement = "integrations/kubernetes/kubernetes_monitoring_telemetry" - } + remote.kubernetes.secret "loki" { + name = "loki-k8smon-k8s-monitoring" + namespace = "default" } - - prometheus.scrape "kubernetes_monitoring_telemetry" { - job_name = "integrations/kubernetes/kubernetes_monitoring_telemetry" - targets = discovery.relabel.kubernetes_monitoring_telemetry.output - scrape_interval = "60s" - clustering { - enabled = true - } - forward_to = [prometheus.relabel.kubernetes_monitoring_telemetry.receiver] + collect-manifests.sh: | + #!/bin/bash + set -o pipefail + + script_name="${0##*/}" + if [[ "${script_name}" == "bash" || "${script_name}" == "-bash" ]]; then + script_name="script.sh" + fi + + usage() { + echo "Usage: ${script_name} [OPTIONS]" + echo "" + echo "Collects Kubernetes manifests and saves them as files." + echo "" + echo "Pod manifests are stored at \${MANIFEST_DIR}/pods//.json" + echo "" + echo "Requires the MANIFEST_DIR environment variable to be set to the target directory." + echo "" + echo "Options:" + echo " -n, --namespaces Comma or space separated list of namespaces to scan." + echo " When omitted, all namespaces are scanned." + echo " -p, --pod-filters Comma or space separated list of jq selectors to drop" + echo " from the pod JSON." + echo " Default: .status" + echo " -h, --help Show this help message." } - prometheus.relabel "kubernetes_monitoring_telemetry" { - rule { - source_labels = ["__name__"] - regex = "grafana_kubernetes_monitoring_.*" - action = "keep" - } - forward_to = [ - otelcol.receiver.prometheus.debug.receiver, - ] + namespaces_arg="" + pod_filters_arg="" + + while [[ $# -gt 0 ]]; do + case "$1" in + -n|--namespaces) + if [[ $# -lt 2 ]]; then + echo "Error: --namespaces requires an argument." >&2 + usage + exit 1 + fi + namespaces_arg="$2" + shift 2 + ;; + -p|--pod-filters) + if [[ $# -lt 2 ]]; then + echo "Error: --pod-filters requires an argument." >&2 + usage + exit 1 + fi + pod_filters_arg="$2" + shift 2 + ;; + -h|--help) + usage + exit 0 + ;; + *) + echo "Unknown option: $1" >&2 + usage + exit 1 + ;; + esac + done + + if [[ -z "${namespaces_arg}" && -n "${NAMESPACES:-}" ]]; then + namespaces_arg="${NAMESPACES}" + fi + + if [[ -z "${MANIFEST_DIR:-}" ]]; then + echo "MANIFEST_DIR environment variable must be set." >&2 + exit 1 + fi + + mkdir -p "${MANIFEST_DIR}" + + pod_namespaces=() + if [[ -n "${namespaces_arg}" ]]; then + sanitized="${namespaces_arg//$'\n'/ }" + sanitized="${sanitized//,/ }" + read -ra parsed_namespaces <<< "${sanitized}" + for ns in "${parsed_namespaces[@]}"; do + [[ -n "${ns}" ]] || continue + pod_namespaces+=("${ns}") + done + fi + + default_pod_filters=(".status") + pod_filters=() + if [[ -n "${pod_filters_arg}" ]]; then + sanitized="${pod_filters_arg//$'\n'/ }" + sanitized="${sanitized//,/ }" + read -ra parsed_pod_filters <<< "${sanitized}" + for filter in "${parsed_pod_filters[@]}"; do + [[ -n "${filter}" ]] || continue + pod_filters+=("${filter}") + done + fi + + if [[ ${#pod_filters[@]} -eq 0 ]]; then + pod_filters=("${default_pod_filters[@]}") + fi + + build_jq_filter() { + local program="." + for filter in "$@"; do + [[ -n "${filter}" ]] || continue + program+=" | del(${filter})" + done + printf '%s' "${program}" } + collect_pod_manifest() { + local namespace="$1" + local pod_name="$2" + pod_output_filter="$(build_jq_filter "${pod_filters[@]}")" + [[ -n "${namespace}" && -n "${pod_name}" ]] || return 0 + local namespace_dir="${MANIFEST_DIR}/pods/${namespace}" + mkdir -p "${namespace_dir}" - // Destination: debug (custom) - otelcol.receiver.prometheus "debug" { - output { - metrics = [otelcol.exporter.debug.default.input] - } + local output_file="${namespace_dir}/${pod_name}.json" + local tmp_file="${output_file}.tmp" + + if kubectl get pod --namespace "${namespace}" "${pod_name}" -o json | jq --compact-output "${pod_output_filter}" > "${tmp_file}"; then + echo "Storing pod manifest \"${namespace}/${pod_name}\"" + mv "${tmp_file}" "${output_file}" + else + echo "Failed to collect manifest for pod ${namespace}/${pod_name}" >&2 + rm -f "${tmp_file}" + fi } - otelcol.receiver.loki "debug" { - output { - logs = [otelcol.exporter.debug.default.input] - } + + collect_all_pod_manifests() { + if pod_entries=$(kubectl get pods --all-namespaces -o jsonpath='{range .items[*]}{.metadata.namespace}{" "}{.metadata.name}{"\n"}{end}'); then + while IFS= read -r entry; do + [[ -n "${entry}" ]] || continue + read -r namespace pod_name _ <<< "${entry}" + if [[ -z "${namespace}" || -z "${pod_name}" ]]; then + continue + fi + collect_pod_manifest "${namespace}" "${pod_name}" + done <<< "${pod_entries}" + else + echo "Failed to list pods across all namespaces." >&2 + fi } - otelcol.exporter.debug "default" { - verbosity = "detailed" + collect_pod_manifests_by_namespace() { + for namespace in "${pod_namespaces[@]}"; do + [[ -n "${namespace}" ]] || continue + + if ! pod_names=$(kubectl get pods --namespace "${namespace}" -o jsonpath='{range .items[*]}{.metadata.name}{"\n"}{end}'); then + echo "Failed to list pods in namespace ${namespace}" >&2 + continue + fi + + while IFS= read -r pod_name; do + [[ -n "${pod_name}" ]] || continue + collect_pod_manifest "${namespace}" "${pod_name}" + done <<< "${pod_names}" + done } - self-reporting-metric.prom: | - # HELP grafana_kubernetes_monitoring_build_info A metric to report the version of the Kubernetes Monitoring Helm chart - # TYPE grafana_kubernetes_monitoring_build_info gauge - grafana_kubernetes_monitoring_build_info{version="3.6.0", namespace="default"} 1 - # HELP grafana_kubernetes_monitoring_feature_info A metric to report the enabled features of the Kubernetes Monitoring Helm chart - # TYPE grafana_kubernetes_monitoring_feature_info gauge - grafana_kubernetes_monitoring_feature_info{feature="annotationAutodiscovery", version="1.0.0"} 1 - # EOF + + while true; do + if [[ ${#pod_namespaces[@]} -eq 0 ]]; then + collect_all_pod_manifests + else + collect_pod_manifests_by_namespace + fi + + sleep 60 + done --- # Source: k8s-monitoring/charts/alloy-operator/templates/rbac/alloy-manager.yaml apiVersion: rbac.authorization.k8s.io/v1 @@ -715,15 +584,15 @@ spec: apiVersion: collectors.grafana.com/v1alpha1 kind: Alloy metadata: - name: k8smon-alloy-metrics + name: k8smon-alloy-singleton namespace: default annotations: helm.sdk.operatorframework.io/uninstall-wait: "true" spec: alloy: clustering: - enabled: true - name: alloy-metrics + enabled: false + name: "" portName: http configMap: content: "" @@ -743,7 +612,10 @@ spec: livenessProbe: {} mounts: dockercontainers: false - extra: [] + extra: + - mountPath: /var/kubernetes-manifests + name: kubernetes-manifests + readOnly: false varlog: false resources: {} securityContext: @@ -768,7 +640,7 @@ spec: - ALL seccompProfile: type: RuntimeDefault - stabilityLevel: experimental + stabilityLevel: public-preview storagePath: /tmp/alloy uiPathPrefix: / configReloader: @@ -830,7 +702,24 @@ spec: dnsPolicy: ClusterFirst enableStatefulSetAutoDeletePVC: false extraAnnotations: {} - extraContainers: [] + extraContainers: + - command: + - /bin/bash + - /etc/alloy/collect-manifests.sh + - --namespaces + - default + env: + - name: MANIFEST_DIR + value: /var/kubernetes-manifests + image: ghcr.io/grafana/helm-chart-toolbox-kubectl:0.1.2 + imagePullPolicy: IfNotPresent + name: kubernetes-manifest-collector + volumeMounts: + - mountPath: /etc/alloy + name: config + - mountPath: /var/kubernetes-manifests + name: kubernetes-manifests + readOnly: false hostNetwork: false hostPID: false initContainers: [] @@ -839,8 +728,6 @@ spec: parallelRollout: true podAnnotations: k8s.grafana.com/logs.job: integrations/alloy - k8s.grafana.com/metrics.container: alloy - k8s.grafana.com/scrape: "true" podDisruptionBudget: enabled: false maxUnavailable: null @@ -851,11 +738,14 @@ spec: terminationGracePeriodSeconds: null tolerations: [] topologySpreadConstraints: [] - type: statefulset + type: deployment updateStrategy: {} volumeClaimTemplates: [] volumes: - extra: [] + extra: + - emptyDir: + medium: Memory + name: kubernetes-manifests crds: create: false extraObjects: [] @@ -882,7 +772,7 @@ spec: path: / pathType: Prefix tls: [] - nameOverride: alloy-metrics + nameOverride: alloy-singleton rbac: create: true service: @@ -1005,7 +895,7 @@ metadata: labels: app.kubernetes.io/name: k8smon-k8s-monitoring-add-finalizer app.kubernetes.io/instance: k8smon - helm.sh/chart: k8s-monitoring-3.6.0 + helm.sh/chart: k8s-monitoring-3.6.1 annotations: helm.sh/hook: post-install,post-upgrade helm.sh/hook-weight: "15" @@ -1058,7 +948,7 @@ metadata: labels: app.kubernetes.io/name: k8smon-k8s-monitoring-remove-alloy-and-finalizer app.kubernetes.io/instance: k8smon - helm.sh/chart: k8s-monitoring-3.6.0 + helm.sh/chart: k8s-monitoring-3.6.1 annotations: helm.sh/hook: pre-delete helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded @@ -1086,9 +976,9 @@ spec: - /bin/bash - -ce - | - echo "Deleting Alloy instance: alloy/k8smon-alloy-metrics..." - kubectl delete alloy/k8smon-alloy-metrics --ignore-not-found=true --wait - kubectl wait --for=delete alloy/k8smon-alloy-metrics --timeout=60s || echo "Timed out waiting for deletion of alloy/k8smon-alloy-metrics or it may not exist." + echo "Deleting Alloy instance: alloy/k8smon-alloy-singleton..." + kubectl delete alloy/k8smon-alloy-singleton --ignore-not-found=true --wait + kubectl wait --for=delete alloy/k8smon-alloy-singleton --timeout=60s || echo "Timed out waiting for deletion of alloy/k8smon-alloy-singleton or it may not exist." kubectl patch \ --namespace=default \ diff --git a/charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/test/test-plan.yaml b/charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/test/test-plan.yaml new file mode 100644 index 0000000000..e92a645791 --- /dev/null +++ b/charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/test/test-plan.yaml @@ -0,0 +1,50 @@ +--- +apiVersion: helm-chart-toolbox.grafana.com/v1 +kind: TestPlan +name: kubernetes-manifests + +subject: + releaseName: k8smon + path: ../../../../../../ + valuesFile: ../values.yaml + +cluster: + type: kind + +dependencies: + - preset: test-parameters + namespace: toolbox + - preset: loki + - preset: grafana + overrides: + datasources: + datasources.yaml: + apiVersion: 1 + datasources: + - name: Loki + type: loki + url: http://loki-gateway.loki.svc:8080 + isDefault: true + basicAuth: true + basicAuthUser: loki + jsonData: + httpHeaderName1: X-Scope-OrgID + secureJsonData: + basicAuthPassword: lokipassword + httpHeaderValue1: "1" + +tests: + - type: query-test + values: + tests: + - env: + LOKI_URL: http://loki.loki.svc:3100/loki/api/v1/query + LOKI_TENANTID: 1 + LOKI_USER: loki + LOKI_PASS: lokipassword + envFrom: + - configMapRef: {name: test-parameters} + queries: + # Pod logs + - query: count_over_time({cluster="kubernetes-manifest-cluster", service_name="default/k8s.grafana.com/manifest-collector"}[1h] | json | resources_k8s_deployment_name="k8smon-alloy-operator") + type: logql diff --git a/charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/values.yaml b/charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/values.yaml new file mode 100644 index 0000000000..2f2e239b9e --- /dev/null +++ b/charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/values.yaml @@ -0,0 +1,25 @@ +--- +cluster: + name: kubernetes-manifest-cluster + +destinations: + - name: loki + type: loki + url: http://loki.loki.svc:3100/loki/api/v1/push + tenantId: "1" + auth: + type: basic + username: loki + password: lokipassword + +kubernetesManifests: + enabled: true + + namespaces: [default] + +alloy-singleton: + enabled: true + liveDebugging: + enabled: true + alloy: + stabilityLevel: public-preview diff --git a/charts/k8s-monitoring/templates/alloy-config.yaml b/charts/k8s-monitoring/templates/alloy-config.yaml index a80c66e07e..aaae02e850 100644 --- a/charts/k8s-monitoring/templates/alloy-config.yaml +++ b/charts/k8s-monitoring/templates/alloy-config.yaml @@ -1,11 +1,15 @@ {{- range $collectorName := include "collectors.list.enabled" . | fromYamlArray }} {{- $selfReportingEnabled := false }} +{{- $kubernetesManifestsEnabled := false }} {{- $destinations := (index $.Values $collectorName).includeDestinations | default list }} {{- range $feature := include "features.list" $ | fromYamlArray }} {{- if has $collectorName (include (printf "features.%s.collectors" $feature) $ | fromYamlArray ) }} {{- if eq $feature "selfReporting" }} {{- $selfReportingEnabled = true }} {{- end }} + {{- if eq $feature "kubernetesManifests" }} + {{- $kubernetesManifestsEnabled = true }} + {{- end }} {{- $destinations = concat $destinations ((include (printf "features.%s.destinations" $feature) $) | fromYamlArray) }} {{- end }} {{- end }} @@ -38,4 +42,7 @@ data: {{- if $selfReportingEnabled }} self-reporting-metric.prom: |{{ printf "%s\n" (include "features.selfReporting.metrics" $values | trim) | nindent 4 }} {{- end }} +{{- if $kubernetesManifestsEnabled }} + collect-manifests.sh: |{{ $.Subcharts.kubernetesManifests.Files.Get "collect-manifests.sh" | trim | nindent 4 }} +{{- end }} {{- end }} diff --git a/charts/k8s-monitoring/templates/features/_feature_helpers.tpl b/charts/k8s-monitoring/templates/features/_feature_helpers.tpl index 1a1f55485f..5dd7246906 100644 --- a/charts/k8s-monitoring/templates/features/_feature_helpers.tpl +++ b/charts/k8s-monitoring/templates/features/_feature_helpers.tpl @@ -4,6 +4,7 @@ - autoInstrumentation - clusterMetrics - clusterEvents +- kubernetesManifests - nodeLogs - podLogs - podLogsViaKubernetesApi diff --git a/charts/k8s-monitoring/templates/features/_feature_kubernetes_manifests.tpl b/charts/k8s-monitoring/templates/features/_feature_kubernetes_manifests.tpl new file mode 100644 index 0000000000..36088473f8 --- /dev/null +++ b/charts/k8s-monitoring/templates/features/_feature_kubernetes_manifests.tpl @@ -0,0 +1,69 @@ +{{- define "features.kubernetesManifests.enabled" }}{{ .Values.kubernetesManifests.enabled }}{{- end }} + +{{- define "features.kubernetesManifests.collectors" }} +{{- if .Values.kubernetesManifests.enabled -}} +- {{ .Values.kubernetesManifests.collector }} +{{- end }} +{{- end }} + +{{- define "features.kubernetesManifests.include" }} +{{- if .Values.kubernetesManifests.enabled -}} +{{- $destinations := include "features.kubernetesManifests.destinations" . | fromYamlArray }} + +// Feature: Kubernetes Manifests +{{- include "feature.kubernetesManifests.module" (dict "Values" .Values.kubernetesManifests "Files" $.Subcharts.kubernetesManifests.Files "Release" $.Release) }} +kubernetes_manifests "feature" { + logs_destinations = [ + {{ include "destinations.alloy.targets" (dict "destinations" $.Values.destinations "names" $destinations "type" "logs" "ecosystem" "otlp") | indent 4 | trim }} + ] +} +{{- end -}} +{{- end -}} + +{{- define "features.kubernetesManifests.destinations" }} +{{- if .Values.kubernetesManifests.enabled -}} +{{- include "destinations.get" (dict "destinations" $.Values.destinations "type" "logs" "ecosystem" "otlp" "filter" $.Values.kubernetesManifests.destinations) -}} +{{- end -}} +{{- end -}} + + +{{- define "features.kubernetesManifests.destinations.isTranslating" }} +{{- $isTranslating := false -}} +{{- $destinations := include "features.kubernetesManifests.destinations" . | fromYamlArray -}} +{{ range $destination := $destinations -}} + {{- $destinationEcosystem := include "destination.getEcosystem" (deepCopy $ | merge (dict "destination" $destination)) -}} + {{- if ne $destinationEcosystem "otlp" -}} + {{- $isTranslating = true -}} + {{- end -}} +{{- end -}} +{{- $isTranslating -}} +{{- end -}} + +{{- define "features.kubernetesManifests.collector.values" }} +{{- if .Values.kubernetesManifests.enabled -}} +{{- $values := dict }} +{{- range $collector := include "features.kubernetesManifests.collectors" . | fromYamlArray }} + {{- $featureValues := dict "Values" $.Values.kubernetesManifests "Files" $.Subcharts.kubernetesManifests.Files "Release" $.Release "CollectorName" $collector }} + {{- $extraContainers := include "feature.kubernetesManifests.sidecarContainer" $featureValues | fromYamlArray }} + {{- $extraVolumes := include "feature.kubernetesManifests.volume" $featureValues | fromYamlArray }} + {{- $extraVolumeMounts := include "feature.kubernetesManifests.volumeMount" $featureValues | fromYamlArray }} + + {{- $values = $values | merge (dict $collector (dict "alloy" (dict "mounts" (dict "extra" $extraVolumeMounts)) "controller" (dict "extraContainers" $extraContainers "volumes" (dict "extra" $extraVolumes)))) }} +{{- end -}} +{{- $values | toYaml }} +{{- end -}} +{{- end -}} + +{{- define "features.kubernetesManifests.validate" }} +{{- if .Values.kubernetesManifests.enabled -}} +{{- $featureName := "Kubernetes Manifests" }} +{{- $destinations := include "features.kubernetesManifests.destinations" . | fromYamlArray }} +{{- include "destinations.validate_destination_list" (dict "destinations" $destinations "type" "logs" "ecosystem" "otlp" "feature" $featureName) }} + +{{- range $collectorName := include "features.kubernetesManifests.collectors" . | fromYamlArray }} + {{- $collectorValues := include "collector.alloy.values" (deepCopy $ | merge (dict "collectorName" $collectorName)) | fromYaml }} + {{- include "collectors.require_collector" (dict "Values" $.Values "name" $collectorName "feature" $featureName) }} + {{- include "feature.kubernetesManifests.collector.validate" (dict "Values" $.Values.kubernetesManifests "Collector" $collectorValues "CollectorName" $collectorName) }} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/charts/k8s-monitoring/values.schema.json b/charts/k8s-monitoring/values.schema.json index 1c16ac6320..3eade2201c 100644 --- a/charts/k8s-monitoring/values.schema.json +++ b/charts/k8s-monitoring/values.schema.json @@ -281,6 +281,40 @@ } } }, + "kubernetesManifests": { + "type": "object", + "properties": { + "collector": { + "type": "string" + }, + "destinations": { + "type": "array" + }, + "enabled": { + "type": "boolean" + }, + "image": { + "type": "object", + "properties": { + "digest": { + "type": "string" + }, + "pullPolicy": { + "type": "string" + }, + "registry": { + "type": "string" + }, + "repository": { + "type": "string" + }, + "tag": { + "type": "string" + } + } + } + } + }, "nodeLogs": { "type": "object", "properties": { diff --git a/charts/k8s-monitoring/values.yaml b/charts/k8s-monitoring/values.yaml index 7dffc01c3b..dd588feef0 100644 --- a/charts/k8s-monitoring/values.yaml +++ b/charts/k8s-monitoring/values.yaml @@ -165,6 +165,31 @@ podLogsViaKubernetesApi: # To see additional options, please see the [Pod Logs via Kubernetes API feature documentation](https://github.com/grafana/k8s-monitoring-helm/tree/main/charts/k8s-monitoring/charts/feature-pod-logs-via-kubernetes-api). +# TODO: Feature intro +kubernetesManifests: + # -- Enable gathering Kubernetes Manifests. + # @section -- Features - Kubernetes Manifests + enabled: false + + # TODO: image + # @section -- Features - Kubernetes Manifests + image: + registry: ghcr.io + repository: grafana/helm-chart-toolbox-kubectl + tag: 0.1.2 + digest: "" + pullPolicy: IfNotPresent +# pullSecrets: [] + + # -- The destinations where logs will be sent. If empty, all logs-capable destinations will be used. + # @section -- Features - Kubernetes Manifests + destinations: [] + + # -- Which collector to assign this feature to. Do not change this unless you are sure of what you are doing. + # @section -- Features - Kubernetes Manifests + # @ignored + collector: alloy-singleton + # -- Application Observability. # Requires destinations that supports metrics, logs, and traces. # To see the valid options, please see the [Application Observability feature documentation](https://github.com/grafana/k8s-monitoring-helm/tree/main/charts/k8s-monitoring/charts/feature-application-observability). From 3320f6437736d95e1114a6e4db852c536af3f2af Mon Sep 17 00:00:00 2001 From: Pete Wall Date: Tue, 2 Dec 2025 10:45:22 -0600 Subject: [PATCH 02/10] Wip Signed-off-by: Pete Wall --- .../feature-kubernetes-manifests/README.md | 7 +- .../collect-manifests.sh | 211 +++++-- .../templates/_sidecar.tpl | 4 + .../values.schema.json | 52 +- .../feature-kubernetes-manifests/values.yaml | 15 +- .../kubernetes-manifests/default/output.yaml | 213 +++++-- .../default/test/test-plan.yaml | 1 + .../k8s-monitoring/tests/platform/gke/.envrc | 8 +- .../tests/platform/gke/.rendered/output.yaml | 583 +++++++++++++++++- .../tests/platform/gke/Makefile | 4 +- .../tests/platform/gke/values.yaml | 24 +- charts/k8s-monitoring/values.schema.json | 20 - charts/k8s-monitoring/values.yaml | 10 - 13 files changed, 984 insertions(+), 168 deletions(-) diff --git a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/README.md b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/README.md index 5edcd0d248..aa7ae266d7 100644 --- a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/README.md +++ b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/README.md @@ -51,5 +51,10 @@ Be sure perform actual integration testing in a live environment in the main [k8 | image.registry | string | `"ghcr.io"` | | | image.repository | string | `"grafana/helm-chart-toolbox-kubectl"` | | | image.tag | string | `"0.1.2"` | | +| kinds.cronjobs.gather | bool | `true` | | +| kinds.daemonsets.gather | bool | `true` | | +| kinds.deployments.gather | bool | `true` | | +| kinds.pods.gather | bool | `true` | | +| kinds.statefulsets.gather | bool | `true` | | | namespaces | list | `[]` | | -| pods.gather | bool | `true` | | +| refreshInterval | int | `3600` | | diff --git a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/collect-manifests.sh b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/collect-manifests.sh index 0232619690..469ee08fff 100755 --- a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/collect-manifests.sh +++ b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/collect-manifests.sh @@ -6,6 +6,8 @@ if [[ "${script_name}" == "bash" || "${script_name}" == "-bash" ]]; then script_name="script.sh" fi +DefaultRefreshInterval=60 + usage() { echo "Usage: ${script_name} [OPTIONS]" echo "" @@ -19,13 +21,14 @@ usage() { echo " -n, --namespaces Comma or space separated list of namespaces to scan." echo " When omitted, all namespaces are scanned." echo " -p, --pod-filters Comma or space separated list of jq selectors to drop" - echo " from the pod JSON." - echo " Default: .status" + echo " from the pod JSON. Default: \".status\"" + echo " --refresh-interval How frequently to refresh manifests. Default: \"${DefaultRefreshInterval}\"" echo " -h, --help Show this help message." } -namespaces_arg="" -pod_filters_arg="" +podNamespaces=() +podFilters=(".status") +refreshInterval="${DefaultRefreshInterval}" while [[ $# -gt 0 ]]; do case "$1" in @@ -35,7 +38,15 @@ while [[ $# -gt 0 ]]; do usage exit 1 fi - namespaces_arg="$2" + + sanitized="${2//$'\n'/ }" + sanitized="${sanitized//,/ }" + read -ra parsedNamespaces <<< "${sanitized}" + for ns in "${parsedNamespaces[@]}"; do + [[ -n "${ns}" ]] || continue + podNamespaces+=("${ns}") + done + shift 2 ;; -p|--pod-filters) @@ -44,7 +55,25 @@ while [[ $# -gt 0 ]]; do usage exit 1 fi - pod_filters_arg="$2" + + podFilters=() + sanitized="${2//$'\n'/ }" + sanitized="${sanitized//,/ }" + read -ra parsedPodFilters <<< "${sanitized}" + for filter in "${parsedPodFilters[@]}"; do + [[ -n "${filter}" ]] || continue + podFilters+=("${filter}") + done + + shift 2 + ;; + --refresh-interval) + if [[ $# -lt 2 ]]; then + echo "Error: --pod-refresh requires an argument." >&2 + usage + exit 1 + fi + refreshInterval="$2" shift 2 ;; -h|--help) @@ -70,32 +99,7 @@ fi mkdir -p "${MANIFEST_DIR}" -pod_namespaces=() -if [[ -n "${namespaces_arg}" ]]; then - sanitized="${namespaces_arg//$'\n'/ }" - sanitized="${sanitized//,/ }" - read -ra parsed_namespaces <<< "${sanitized}" - for ns in "${parsed_namespaces[@]}"; do - [[ -n "${ns}" ]] || continue - pod_namespaces+=("${ns}") - done -fi - -default_pod_filters=(".status") -pod_filters=() -if [[ -n "${pod_filters_arg}" ]]; then - sanitized="${pod_filters_arg//$'\n'/ }" - sanitized="${sanitized//,/ }" - read -ra parsed_pod_filters <<< "${sanitized}" - for filter in "${parsed_pod_filters[@]}"; do - [[ -n "${filter}" ]] || continue - pod_filters+=("${filter}") - done -fi - -if [[ ${#pod_filters[@]} -eq 0 ]]; then - pod_filters=("${default_pod_filters[@]}") -fi +watchPids=() build_jq_filter() { local program="." @@ -108,63 +112,158 @@ build_jq_filter() { collect_pod_manifest() { local namespace="$1" - local pod_name="$2" - pod_output_filter="$(build_jq_filter "${pod_filters[@]}")" + local podName="$2" - [[ -n "${namespace}" && -n "${pod_name}" ]] || return 0 + [[ -n "${namespace}" && -n "${podName}" ]] || return 0 local namespace_dir="${MANIFEST_DIR}/pods/${namespace}" mkdir -p "${namespace_dir}" - local output_file="${namespace_dir}/${pod_name}.json" - local tmp_file="${output_file}.tmp" + local outputFile="${namespace_dir}/${podName}.json" + local tmpFile="${outputFile}.tmp" - if kubectl get pod --namespace "${namespace}" "${pod_name}" -o json | jq --compact-output "${pod_output_filter}" > "${tmp_file}"; then - echo "Storing pod manifest \"${namespace}/${pod_name}\"" - mv "${tmp_file}" "${output_file}" + pod_output_filter="$(build_jq_filter "${podFilters[@]}")" + if kubectl get pod --namespace "${namespace}" "${podName}" -o json | jq --compact-output "${pod_output_filter}" > "${tmpFile}"; then + if [[ ! -f "${outputFile}" ]] || ! cmp -s "${tmpFile}" "${outputFile}"; then + echo "Storing pod manifest \"${namespace}/${podName}\"" + mv "${tmpFile}" "${outputFile}" + else + echo "No changes to pod manifest \"${namespace}/${podName}\"" + rm -f "${tmpFile}" + fi else - echo "Failed to collect manifest for pod ${namespace}/${pod_name}" >&2 - rm -f "${tmp_file}" + echo "Failed to collect manifest for pod ${namespace}/${podName}" >&2 + rm -f "${tmpFile}" + fi +} + +remove_pod_manifest() { + local namespace="$1" + local podName="$2" + + [[ -n "${namespace}" && -n "${podName}" ]] || return + + local outputFile="${MANIFEST_DIR}/pods/${namespace}/${podName}.json" + if [[ -f "${outputFile}" ]]; then + rm -f "${outputFile}" + echo "Removed pod manifest \"${namespace}/${podName}\"" fi } collect_all_pod_manifests() { - if pod_entries=$(kubectl get pods --all-namespaces -o jsonpath='{range .items[*]}{.metadata.namespace}{" "}{.metadata.name}{"\n"}{end}'); then + if podEntries=$(kubectl get pods --all-namespaces -o jsonpath='{range .items[*]}{.metadata.namespace}{" "}{.metadata.name}{"\n"}{end}'); then while IFS= read -r entry; do [[ -n "${entry}" ]] || continue - read -r namespace pod_name _ <<< "${entry}" - if [[ -z "${namespace}" || -z "${pod_name}" ]]; then + read -r namespace podName _ <<< "${entry}" + if [[ -z "${namespace}" || -z "${podName}" ]]; then continue fi - collect_pod_manifest "${namespace}" "${pod_name}" - done <<< "${pod_entries}" + collect_pod_manifest "${namespace}" "${podName}" + done <<< "${podEntries}" else echo "Failed to list pods across all namespaces." >&2 fi } collect_pod_manifests_by_namespace() { - for namespace in "${pod_namespaces[@]}"; do + for namespace in "${podNamespaces[@]}"; do [[ -n "${namespace}" ]] || continue - if ! pod_names=$(kubectl get pods --namespace "${namespace}" -o jsonpath='{range .items[*]}{.metadata.name}{"\n"}{end}'); then + if ! podNames=$(kubectl get pods --namespace "${namespace}" -o jsonpath='{range .items[*]}{.metadata.name}{"\n"}{end}'); then echo "Failed to list pods in namespace ${namespace}" >&2 continue fi - while IFS= read -r pod_name; do - [[ -n "${pod_name}" ]] || continue - collect_pod_manifest "${namespace}" "${pod_name}" - done <<< "${pod_names}" + while IFS= read -r podName; do + [[ -n "${podName}" ]] || continue + collect_pod_manifest "${namespace}" "${podName}" + done <<< "${podNames}" done } -while true; do - if [[ ${#pod_namespaces[@]} -eq 0 ]]; then +refresh_pod_manifests() { + if [[ ${#podNamespaces[@]} -eq 0 ]]; then collect_all_pod_manifests else collect_pod_manifests_by_namespace fi +} + +handle_pod_watch_event() { + local eventType="$1" + local namespace="$2" + local podName="$3" + + [[ -n "${event_type}" && -n "${namespace}" && -n "${podName}" ]] || return + + echo "Pod event: ${namespace}/${podName}: ${eventType}" + case "${eventType}" in + ADDED|MODIFIED) + collect_pod_manifest "${namespace}" "${podName}" + ;; + DELETED) + remove_pod_manifest "${namespace}" "${podName}" + ;; + *) + ;; + esac +} + +watch_pods() { + local kubectl_args=("$@") + echo "Starting pod watcher: kubectl get pods ${kubectl_args[*]}" + + while true; do + if ! kubectl get pods "${kubectl_args[@]}" --watch --output-watch-events -o json \ + | jq --unbuffered -r 'select(.object.metadata.namespace != null and .object.metadata.name != null and .type != null) | "\(.type) \(.object.metadata.namespace) \(.object.metadata.name)"' \ + | while read -r eventType namespace podName; do + handle_pod_watch_event "${eventType}" "${namespace}" "${podName}" + done; then + echo "Pod watch ended unexpectedly for args: ${kubectl_args[*]}" >&2 + sleep 5 + fi + done +} + +start_pod_watches() { + if [[ ${#podNamespaces[@]} -eq 0 ]]; then + watch_pods "--all-namespaces" & + watchPids+=("$!") + else + for namespace in "${podNamespaces[@]}"; do + [[ -n "${namespace}" ]] || continue + watch_pods "--namespace" "${namespace}" & + watchPids+=("$!") + done + fi +} + +stop_pod_watches() { + if [[ ${#watchPids[@]} -eq 0 ]]; then + return + fi + + for pid in "${watchPids[@]}"; do + [[ -n "${pid}" ]] || continue + kill "${pid}" 2>/dev/null || true + done + + watchPids=() +} + +trap stop_pod_watches EXIT + +start_pod_watches + +loop_delay="${POD_LOOP_DELAY:-5}" +lastFullSync=0 + +while true; do + currentTime=$(date +%s) + if (( currentTime - lastFullSync >= refreshInterval )); then + refresh_pod_manifests + lastFullSync="${currentTime}" + fi - sleep 60 + sleep "${loop_delay}" done diff --git a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_sidecar.tpl b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_sidecar.tpl index 2c2f02e086..c1cc80449a 100644 --- a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_sidecar.tpl +++ b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_sidecar.tpl @@ -14,6 +14,10 @@ {{- if .Values.namespaces }} - --namespaces - {{ .Values.namespaces | join "," }} +{{- end }} +{{- if .Values.refreshInterval }} + - --refresh-interval + - {{ .Values.refreshInterval | quote }} {{- end }} env: - name: MANIFEST_DIR diff --git a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/values.schema.json b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/values.schema.json index 9fd75cfb34..60fbd1b052 100644 --- a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/values.schema.json +++ b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/values.schema.json @@ -28,16 +28,56 @@ } } }, - "namespaces": { - "type": "array" - }, - "pods": { + "kinds": { "type": "object", "properties": { - "gather": { - "type": "boolean" + "cronjobs": { + "type": "object", + "properties": { + "gather": { + "type": "boolean" + } + } + }, + "daemonsets": { + "type": "object", + "properties": { + "gather": { + "type": "boolean" + } + } + }, + "deployments": { + "type": "object", + "properties": { + "gather": { + "type": "boolean" + } + } + }, + "pods": { + "type": "object", + "properties": { + "gather": { + "type": "boolean" + } + } + }, + "statefulsets": { + "type": "object", + "properties": { + "gather": { + "type": "boolean" + } + } } } + }, + "namespaces": { + "type": "array" + }, + "refreshInterval": { + "type": "integer" } } } diff --git a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/values.yaml b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/values.yaml index c4279022c9..571bea4217 100644 --- a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/values.yaml +++ b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/values.yaml @@ -1,8 +1,19 @@ --- namespaces: [] -pods: - gather: true +refreshInterval: 3600 + +kinds: + pods: + gather: true + deployments: + gather: true + statefulsets: + gather: true + daemonsets: + gather: true + cronjobs: + gather: true # The image to run to get the Kubernetes manifests from this cluster. It must contain # `kubectl` and `jq` at a minimum. diff --git a/charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/output.yaml b/charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/output.yaml index d408e783ac..12c0521d60 100644 --- a/charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/output.yaml +++ b/charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/output.yaml @@ -150,6 +150,8 @@ data: script_name="script.sh" fi + DefaultRefreshInterval=60 + usage() { echo "Usage: ${script_name} [OPTIONS]" echo "" @@ -163,13 +165,14 @@ data: echo " -n, --namespaces Comma or space separated list of namespaces to scan." echo " When omitted, all namespaces are scanned." echo " -p, --pod-filters Comma or space separated list of jq selectors to drop" - echo " from the pod JSON." - echo " Default: .status" + echo " from the pod JSON. Default: \".status\"" + echo " --refresh-interval How frequently to refresh manifests. Default: \"${DefaultRefreshInterval}\"" echo " -h, --help Show this help message." } - namespaces_arg="" - pod_filters_arg="" + podNamespaces=() + podFilters=(".status") + refreshInterval="${DefaultRefreshInterval}" while [[ $# -gt 0 ]]; do case "$1" in @@ -179,7 +182,15 @@ data: usage exit 1 fi - namespaces_arg="$2" + + sanitized="${2//$'\n'/ }" + sanitized="${sanitized//,/ }" + read -ra parsedNamespaces <<< "${sanitized}" + for ns in "${parsedNamespaces[@]}"; do + [[ -n "${ns}" ]] || continue + podNamespaces+=("${ns}") + done + shift 2 ;; -p|--pod-filters) @@ -188,7 +199,25 @@ data: usage exit 1 fi - pod_filters_arg="$2" + + podFilters=() + sanitized="${2//$'\n'/ }" + sanitized="${sanitized//,/ }" + read -ra parsedPodFilters <<< "${sanitized}" + for filter in "${parsedPodFilters[@]}"; do + [[ -n "${filter}" ]] || continue + podFilters+=("${filter}") + done + + shift 2 + ;; + --refresh-interval) + if [[ $# -lt 2 ]]; then + echo "Error: --pod-refresh requires an argument." >&2 + usage + exit 1 + fi + refreshInterval="$2" shift 2 ;; -h|--help) @@ -214,32 +243,7 @@ data: mkdir -p "${MANIFEST_DIR}" - pod_namespaces=() - if [[ -n "${namespaces_arg}" ]]; then - sanitized="${namespaces_arg//$'\n'/ }" - sanitized="${sanitized//,/ }" - read -ra parsed_namespaces <<< "${sanitized}" - for ns in "${parsed_namespaces[@]}"; do - [[ -n "${ns}" ]] || continue - pod_namespaces+=("${ns}") - done - fi - - default_pod_filters=(".status") - pod_filters=() - if [[ -n "${pod_filters_arg}" ]]; then - sanitized="${pod_filters_arg//$'\n'/ }" - sanitized="${sanitized//,/ }" - read -ra parsed_pod_filters <<< "${sanitized}" - for filter in "${parsed_pod_filters[@]}"; do - [[ -n "${filter}" ]] || continue - pod_filters+=("${filter}") - done - fi - - if [[ ${#pod_filters[@]} -eq 0 ]]; then - pod_filters=("${default_pod_filters[@]}") - fi + watchPids=() build_jq_filter() { local program="." @@ -252,65 +256,160 @@ data: collect_pod_manifest() { local namespace="$1" - local pod_name="$2" - pod_output_filter="$(build_jq_filter "${pod_filters[@]}")" + local podName="$2" - [[ -n "${namespace}" && -n "${pod_name}" ]] || return 0 + [[ -n "${namespace}" && -n "${podName}" ]] || return 0 local namespace_dir="${MANIFEST_DIR}/pods/${namespace}" mkdir -p "${namespace_dir}" - local output_file="${namespace_dir}/${pod_name}.json" - local tmp_file="${output_file}.tmp" + local outputFile="${namespace_dir}/${podName}.json" + local tmpFile="${outputFile}.tmp" - if kubectl get pod --namespace "${namespace}" "${pod_name}" -o json | jq --compact-output "${pod_output_filter}" > "${tmp_file}"; then - echo "Storing pod manifest \"${namespace}/${pod_name}\"" - mv "${tmp_file}" "${output_file}" + pod_output_filter="$(build_jq_filter "${podFilters[@]}")" + if kubectl get pod --namespace "${namespace}" "${podName}" -o json | jq --compact-output "${pod_output_filter}" > "${tmpFile}"; then + if [[ ! -f "${outputFile}" ]] || ! cmp -s "${tmpFile}" "${outputFile}"; then + echo "Storing pod manifest \"${namespace}/${podName}\"" + mv "${tmpFile}" "${outputFile}" + else + echo "No changes to pod manifest \"${namespace}/${podName}\"" + rm -f "${tmpFile}" + fi else - echo "Failed to collect manifest for pod ${namespace}/${pod_name}" >&2 - rm -f "${tmp_file}" + echo "Failed to collect manifest for pod ${namespace}/${podName}" >&2 + rm -f "${tmpFile}" + fi + } + + remove_pod_manifest() { + local namespace="$1" + local podName="$2" + + [[ -n "${namespace}" && -n "${podName}" ]] || return + + local outputFile="${MANIFEST_DIR}/pods/${namespace}/${podName}.json" + if [[ -f "${outputFile}" ]]; then + rm -f "${outputFile}" + echo "Removed pod manifest \"${namespace}/${podName}\"" fi } collect_all_pod_manifests() { - if pod_entries=$(kubectl get pods --all-namespaces -o jsonpath='{range .items[*]}{.metadata.namespace}{" "}{.metadata.name}{"\n"}{end}'); then + if podEntries=$(kubectl get pods --all-namespaces -o jsonpath='{range .items[*]}{.metadata.namespace}{" "}{.metadata.name}{"\n"}{end}'); then while IFS= read -r entry; do [[ -n "${entry}" ]] || continue - read -r namespace pod_name _ <<< "${entry}" - if [[ -z "${namespace}" || -z "${pod_name}" ]]; then + read -r namespace podName _ <<< "${entry}" + if [[ -z "${namespace}" || -z "${podName}" ]]; then continue fi - collect_pod_manifest "${namespace}" "${pod_name}" - done <<< "${pod_entries}" + collect_pod_manifest "${namespace}" "${podName}" + done <<< "${podEntries}" else echo "Failed to list pods across all namespaces." >&2 fi } collect_pod_manifests_by_namespace() { - for namespace in "${pod_namespaces[@]}"; do + for namespace in "${podNamespaces[@]}"; do [[ -n "${namespace}" ]] || continue - if ! pod_names=$(kubectl get pods --namespace "${namespace}" -o jsonpath='{range .items[*]}{.metadata.name}{"\n"}{end}'); then + if ! podNames=$(kubectl get pods --namespace "${namespace}" -o jsonpath='{range .items[*]}{.metadata.name}{"\n"}{end}'); then echo "Failed to list pods in namespace ${namespace}" >&2 continue fi - while IFS= read -r pod_name; do - [[ -n "${pod_name}" ]] || continue - collect_pod_manifest "${namespace}" "${pod_name}" - done <<< "${pod_names}" + while IFS= read -r podName; do + [[ -n "${podName}" ]] || continue + collect_pod_manifest "${namespace}" "${podName}" + done <<< "${podNames}" done } - while true; do - if [[ ${#pod_namespaces[@]} -eq 0 ]]; then + refresh_pod_manifests() { + if [[ ${#podNamespaces[@]} -eq 0 ]]; then collect_all_pod_manifests else collect_pod_manifests_by_namespace fi + } + + handle_pod_watch_event() { + local eventType="$1" + local namespace="$2" + local podName="$3" + + [[ -n "${event_type}" && -n "${namespace}" && -n "${podName}" ]] || return + + echo "Pod event: ${namespace}/${podName}: ${eventType}" + case "${eventType}" in + ADDED|MODIFIED) + collect_pod_manifest "${namespace}" "${podName}" + ;; + DELETED) + remove_pod_manifest "${namespace}" "${podName}" + ;; + *) + ;; + esac + } + + watch_pods() { + local kubectl_args=("$@") + echo "Starting pod watcher: kubectl get pods ${kubectl_args[*]}" + + while true; do + if ! kubectl get pods "${kubectl_args[@]}" --watch --output-watch-events -o json \ + | jq --unbuffered -r 'select(.object.metadata.namespace != null and .object.metadata.name != null and .type != null) | "\(.type) \(.object.metadata.namespace) \(.object.metadata.name)"' \ + | while read -r eventType namespace podName; do + handle_pod_watch_event "${eventType}" "${namespace}" "${podName}" + done; then + echo "Pod watch ended unexpectedly for args: ${kubectl_args[*]}" >&2 + sleep 5 + fi + done + } + + start_pod_watches() { + if [[ ${#podNamespaces[@]} -eq 0 ]]; then + watch_pods "--all-namespaces" & + watchPids+=("$!") + else + for namespace in "${podNamespaces[@]}"; do + [[ -n "${namespace}" ]] || continue + watch_pods "--namespace" "${namespace}" & + watchPids+=("$!") + done + fi + } + + stop_pod_watches() { + if [[ ${#watchPids[@]} -eq 0 ]]; then + return + fi + + for pid in "${watchPids[@]}"; do + [[ -n "${pid}" ]] || continue + kill "${pid}" 2>/dev/null || true + done + + watchPids=() + } + + trap stop_pod_watches EXIT + + start_pod_watches + + loop_delay="${POD_LOOP_DELAY:-5}" + lastFullSync=0 + + while true; do + currentTime=$(date +%s) + if (( currentTime - lastFullSync >= refreshInterval )); then + refresh_pod_manifests + lastFullSync="${currentTime}" + fi - sleep 60 + sleep "${loop_delay}" done --- # Source: k8s-monitoring/charts/alloy-operator/templates/rbac/alloy-manager.yaml @@ -708,6 +807,8 @@ spec: - /etc/alloy/collect-manifests.sh - --namespaces - default + - --refresh-interval + - 3600 env: - name: MANIFEST_DIR value: /var/kubernetes-manifests diff --git a/charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/test/test-plan.yaml b/charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/test/test-plan.yaml index e92a645791..777794a144 100644 --- a/charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/test/test-plan.yaml +++ b/charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/test/test-plan.yaml @@ -1,4 +1,5 @@ --- +# yamllint disable rule:line-length apiVersion: helm-chart-toolbox.grafana.com/v1 kind: TestPlan name: kubernetes-manifests diff --git a/charts/k8s-monitoring/tests/platform/gke/.envrc b/charts/k8s-monitoring/tests/platform/gke/.envrc index e13ee02ffc..2181660e2f 100644 --- a/charts/k8s-monitoring/tests/platform/gke/.envrc +++ b/charts/k8s-monitoring/tests/platform/gke/.envrc @@ -3,7 +3,9 @@ op --account grafana.1password.com read --out-file sak.json "op://Kubernetes Mon gcloud auth activate-service-account "${GCP_SERVICE_ACCOUNT}" --key-file=sak.json rm sak.json -export GRAFANA_CLOUD_METRICS_USERNAME=$(op --account grafana.1password.com read "op://Kubernetes Monitoring/helmchart Prometheus/username") -export GRAFANA_CLOUD_LOGS_USERNAME=$(op --account grafana.1password.com read "op://Kubernetes Monitoring/helmchart Loki/username") -export GRAFANA_CLOUD_RW_POLICY_TOKEN=$(op --account grafana.1password.com read "op://Kubernetes Monitoring/helmchart Prometheus/password") +# TODO: Change these back to the old secret path +export GRAFANA_CLOUD_METRICS_USERNAME=$(op --account grafana.1password.com read "op://Kubernetes Monitoring/k8sprod Mimir/username") +export GRAFANA_CLOUD_LOGS_USERNAME=$(op --account grafana.1password.com read "op://Kubernetes Monitoring/k8sprod Loki/username") +export GRAFANA_CLOUD_OTLP_USERNAME=$(op --account grafana.1password.com read "op://Kubernetes Monitoring/k8sprod OTLP/username") +export GRAFANA_CLOUD_RW_POLICY_TOKEN=$(op --account grafana.1password.com read "op://Kubernetes Monitoring/k8sprod Mimir/password") export RANDOM_NUMBER=$(shuf -i 100000-999999 -n 1) diff --git a/charts/k8s-monitoring/tests/platform/gke/.rendered/output.yaml b/charts/k8s-monitoring/tests/platform/gke/.rendered/output.yaml index 6d80747e61..d8d8fd1a67 100644 --- a/charts/k8s-monitoring/tests/platform/gke/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/platform/gke/.rendered/output.yaml @@ -994,7 +994,7 @@ data: } basic_auth { username = convert.nonsensitive(remote.kubernetes.secret.grafana_cloud_metrics.data["PROMETHEUS_USER"]) - password = remote.kubernetes.secret.grafana_cloud_metrics.data["PROMETHEUS_PASS"] + password = remote.kubernetes.secret.grafana_cloud_metrics.data["ACCESS_POLICY_TOKEN"] } tls_config { insecure_skip_verify = false @@ -1139,6 +1139,77 @@ data: loki.write.grafana_cloud_logs.receiver, ] } + // Feature: Kubernetes Manifests + declare "kubernetes_manifests" { + argument "logs_destinations" { + comment = "Must be a list of log destinations where collected logs should be forwarded to" + } + + otelcol.receiver.filelog "pod_manifests" { + include = ["/var/kubernetes-manifests/pods/*/*.json"] + include_file_path_resolved = true + start_at = "beginning" + delete_after_read = true + + output { + logs = [otelcol.processor.transform.pod_manifests.input] + } + } + + otelcol.processor.transform "pod_manifests" { + error_mode = "ignore" + + log_statements { + context = "log" + statements = [ + `merge_maps(attributes, ExtractPatterns(log.attributes["log.file.path_resolved"], "^/var/kubernetes-manifests/pods/(?P[^/]+)/(?P[^.]+)\\.json$"), "upsert")`, + `set(resource.attributes["k8s.namespace.name"], attributes["namespace"])`, + `set(resource.attributes["k8s.pod.name"], attributes["pod"])`, + `set(resource.attributes["service.name"], "k8s.grafana.com/manifest-collector")`, + `set(resource.attributes["service.namespace"], "default")`, + ] + } + + output { + logs = [otelcol.processor.k8sattributes.pod_manifests.input] + } + } + + otelcol.processor.k8sattributes "pod_manifests" { + pod_association { + source { + from = "resource_attribute" + name = "k8s.pod.name" + } + source { + from = "resource_attribute" + name = "k8s.namespace.name" + } + } + + extract { + metadata = [ + "k8s.cronjob.name", + "k8s.daemonset.name", + "k8s.deployment.name", + "k8s.job.name", + "k8s.node.name", + "k8s.pod.start_time", + "k8s.replicaset.name", + "k8s.statefulset.name", + ] + } + + output { + logs = argument.logs_destinations.value + } + } + } + kubernetes_manifests "feature" { + logs_destinations = [ + otelcol.processor.attributes.gc_otlp_endpoint.input, + ] + } // Self Reporting prometheus.exporter.unix "kubernetes_monitoring_telemetry" { set_collectors = ["textfile"] @@ -1200,7 +1271,7 @@ data: } basic_auth { username = convert.nonsensitive(remote.kubernetes.secret.grafana_cloud_metrics.data["PROMETHEUS_USER"]) - password = remote.kubernetes.secret.grafana_cloud_metrics.data["PROMETHEUS_PASS"] + password = remote.kubernetes.secret.grafana_cloud_metrics.data["ACCESS_POLICY_TOKEN"] } tls_config { insecure_skip_verify = false @@ -1260,7 +1331,7 @@ data: tenant_id = convert.nonsensitive(remote.kubernetes.secret.grafana_cloud_logs.data["tenantId"]) basic_auth { username = convert.nonsensitive(remote.kubernetes.secret.grafana_cloud_logs.data["LOKI_USER"]) - password = remote.kubernetes.secret.grafana_cloud_logs.data["LOKI_PASS"] + password = remote.kubernetes.secret.grafana_cloud_logs.data["ACCESS_POLICY_TOKEN"] } tls_config { insecure_skip_verify = false @@ -1282,6 +1353,205 @@ data: name = "grafana-cloud-credentials" namespace = "default" } + + // Destination: gc-otlp-endpoint (otlp) + otelcol.receiver.prometheus "gc_otlp_endpoint" { + output { + metrics = [otelcol.processor.attributes.gc_otlp_endpoint.input] + } + } + otelcol.receiver.loki "gc_otlp_endpoint" { + output { + logs = [otelcol.processor.attributes.gc_otlp_endpoint.input] + } + } + + otelcol.processor.attributes "gc_otlp_endpoint" { + output { + metrics = [otelcol.processor.transform.gc_otlp_endpoint.input] + logs = [otelcol.processor.transform.gc_otlp_endpoint.input] + traces = [otelcol.processor.transform.gc_otlp_endpoint.input] + } + } + + otelcol.processor.transform "gc_otlp_endpoint" { + error_mode = "ignore" + metric_statements { + context = "resource" + statements = [ + `set(attributes["cluster"], "gke-test")`, + `set(attributes["k8s.cluster.name"], "gke-test")`, + `delete_key(attributes, "process.pid")`, + `delete_key(attributes, "process.parent_pid")`, + `delete_key(attributes, "process.executable.path")`, + `delete_key(attributes, "process.command_line")`, + `delete_key(attributes, "process.command_args")`, + `delete_key(attributes, "process.owner")`, + `delete_key(attributes, "process.runtime.version")`, + `delete_key(attributes, "process.runtime.description")`, + `delete_key(attributes, "host.ip")`, + `delete_key(attributes, "host.mac")`, + `delete_key(attributes, "k8s.pod.start_time")`, + `delete_key(attributes, "k8s.pod.uid")`, + `delete_key(attributes, "container.image.id")`, + `delete_key(attributes, "container.image.repo_digests")`, + `delete_key(attributes, "os.description")`, + `delete_key(attributes, "os.build_id")`, + ] + } + + metric_statements { + context = "datapoint" + statements = [ + `set(attributes["cluster"], "gke-test")`, + `set(attributes["k8s.cluster.name"], "gke-test")`, + `set(resource.attributes["deployment.environment"], attributes["deployment_environment"] ) where resource.attributes["deployment.environment"] == nil and attributes["deployment_environment"] != nil`, + `delete_key(attributes, "deployment_environment") where attributes["deployment_environment"] == resource.attributes["deployment.environment"]`, + `set(resource.attributes["deployment.environment.name"], attributes["deployment_environment_name"] ) where resource.attributes["deployment.environment.name"] == nil and attributes["deployment_environment_name"] != nil`, + `delete_key(attributes, "deployment_environment_name") where attributes["deployment_environment_name"] == resource.attributes["deployment.environment.name"]`, + `set(resource.attributes["service.name"], attributes["service_name"] ) where resource.attributes["service.name"] == nil and attributes["service_name"] != nil`, + `delete_key(attributes, "service_name") where attributes["service_name"] == resource.attributes["service.name"]`, + `set(resource.attributes["service.namespace"], attributes["service_namespace"] ) where resource.attributes["service.namespace"] == nil and attributes["service_namespace"] != nil`, + `delete_key(attributes, "service_namespace") where attributes["service_namespace"] == resource.attributes["service.namespace"]`, + ] + } + log_statements { + context = "resource" + statements = [ + `set(attributes["cluster"], "gke-test")`, + `set(attributes["k8s.cluster.name"], "gke-test")`, + `delete_key(attributes, "process.pid")`, + `delete_key(attributes, "process.parent_pid")`, + `delete_key(attributes, "process.executable.path")`, + `delete_key(attributes, "process.command_line")`, + `delete_key(attributes, "process.command_args")`, + `delete_key(attributes, "process.owner")`, + `delete_key(attributes, "process.runtime.version")`, + `delete_key(attributes, "process.runtime.description")`, + `delete_key(attributes, "host.ip")`, + `delete_key(attributes, "host.mac")`, + `delete_key(attributes, "k8s.pod.start_time")`, + `delete_key(attributes, "k8s.pod.uid")`, + `delete_key(attributes, "container.image.id")`, + `delete_key(attributes, "container.image.repo_digests")`, + `delete_key(attributes, "os.description")`, + `delete_key(attributes, "os.build_id")`, + ] + } + + log_statements { + context = "log" + statements = [ + `delete_key(attributes, "loki.attribute.labels")`, + `delete_key(attributes, "loki.resource.labels")`, + `set(resource.attributes["k8s.container.name"], attributes["container"] ) where resource.attributes["k8s.container.name"] == nil and attributes["container"] != nil`, + `delete_key(attributes, "container") where attributes["container"] == resource.attributes["k8s.container.name"]`, + `set(resource.attributes["k8s.cronjob.name"], attributes["cronjob"] ) where resource.attributes["k8s.cronjob.name"] == nil and attributes["cronjob"] != nil`, + `delete_key(attributes, "cronjob") where attributes["cronjob"] == resource.attributes["k8s.cronjob.name"]`, + `set(resource.attributes["k8s.daemonset.name"], attributes["daemonset"] ) where resource.attributes["k8s.daemonset.name"] == nil and attributes["daemonset"] != nil`, + `delete_key(attributes, "daemonset") where attributes["daemonset"] == resource.attributes["k8s.daemonset.name"]`, + `set(resource.attributes["k8s.deployment.name"], attributes["deployment"] ) where resource.attributes["k8s.deployment.name"] == nil and attributes["deployment"] != nil`, + `delete_key(attributes, "deployment") where attributes["deployment"] == resource.attributes["k8s.deployment.name"]`, + `set(resource.attributes["deployment.environment"], attributes["deployment_environment"] ) where resource.attributes["deployment.environment"] == nil and attributes["deployment_environment"] != nil`, + `delete_key(attributes, "deployment_environment") where attributes["deployment_environment"] == resource.attributes["deployment.environment"]`, + `set(resource.attributes["deployment.environment.name"], attributes["deployment_environment_name"] ) where resource.attributes["deployment.environment.name"] == nil and attributes["deployment_environment_name"] != nil`, + `delete_key(attributes, "deployment_environment_name") where attributes["deployment_environment_name"] == resource.attributes["deployment.environment.name"]`, + `set(resource.attributes["k8s.job.name"], attributes["job_name"] ) where resource.attributes["k8s.job.name"] == nil and attributes["job_name"] != nil`, + `delete_key(attributes, "job_name") where attributes["job_name"] == resource.attributes["k8s.job.name"]`, + `set(resource.attributes["k8s.namespace.name"], attributes["namespace"] ) where resource.attributes["k8s.namespace.name"] == nil and attributes["namespace"] != nil`, + `delete_key(attributes, "namespace") where attributes["namespace"] == resource.attributes["k8s.namespace.name"]`, + `set(resource.attributes["k8s.pod.name"], attributes["pod"] ) where resource.attributes["k8s.pod.name"] == nil and attributes["pod"] != nil`, + `delete_key(attributes, "pod") where attributes["pod"] == resource.attributes["k8s.pod.name"]`, + `set(resource.attributes["k8s.replicaset.name"], attributes["replicaset"] ) where resource.attributes["k8s.replicaset.name"] == nil and attributes["replicaset"] != nil`, + `delete_key(attributes, "replicaset") where attributes["replicaset"] == resource.attributes["k8s.replicaset.name"]`, + `set(resource.attributes["service.name"], attributes["service_name"] ) where resource.attributes["service.name"] == nil and attributes["service_name"] != nil`, + `delete_key(attributes, "service_name") where attributes["service_name"] == resource.attributes["service.name"]`, + `set(resource.attributes["service.namespace"], attributes["service_namespace"] ) where resource.attributes["service.namespace"] == nil and attributes["service_namespace"] != nil`, + `delete_key(attributes, "service_namespace") where attributes["service_namespace"] == resource.attributes["service.namespace"]`, + `set(resource.attributes["k8s.statefulset.name"], attributes["statefulset"] ) where resource.attributes["k8s.statefulset.name"] == nil and attributes["statefulset"] != nil`, + `delete_key(attributes, "statefulset") where attributes["statefulset"] == resource.attributes["k8s.statefulset.name"]`, + ] + } + + trace_statements { + context = "resource" + statements = [ + `set(attributes["cluster"], "gke-test")`, + `set(attributes["k8s.cluster.name"], "gke-test")`, + `delete_key(attributes, "process.pid")`, + `delete_key(attributes, "process.parent_pid")`, + `delete_key(attributes, "process.executable.path")`, + `delete_key(attributes, "process.command_line")`, + `delete_key(attributes, "process.command_args")`, + `delete_key(attributes, "process.owner")`, + `delete_key(attributes, "process.runtime.version")`, + `delete_key(attributes, "process.runtime.description")`, + `delete_key(attributes, "host.ip")`, + `delete_key(attributes, "host.mac")`, + `delete_key(attributes, "k8s.pod.start_time")`, + `delete_key(attributes, "k8s.pod.uid")`, + `delete_key(attributes, "container.image.id")`, + `delete_key(attributes, "container.image.repo_digests")`, + `delete_key(attributes, "os.description")`, + `delete_key(attributes, "os.build_id")`, + ] + } + + output { + metrics = [otelcol.processor.batch.gc_otlp_endpoint.input] + logs = [otelcol.processor.batch.gc_otlp_endpoint.input] + traces = [otelcol.processor.batch.gc_otlp_endpoint.input] + } + } + + otelcol.processor.batch "gc_otlp_endpoint" { + timeout = "2s" + send_batch_size = 8192 + send_batch_max_size = 0 + + output { + metrics = [otelcol.exporter.otlphttp.gc_otlp_endpoint.input] + logs = [otelcol.exporter.otlphttp.gc_otlp_endpoint.input] + traces = [otelcol.exporter.otlphttp.gc_otlp_endpoint.input] + } + } + otelcol.exporter.otlphttp "gc_otlp_endpoint" { + client { + endpoint = "https://otlp-gateway-prod-us-east-0.grafana.net/otlp" + auth = otelcol.auth.basic.gc_otlp_endpoint.handler + headers = { + "X-Scope-OrgID" = convert.nonsensitive(remote.kubernetes.secret.gc_otlp_endpoint.data["tenantId"]), + } + tls { + insecure = false + insecure_skip_verify = false + ca_pem = convert.nonsensitive(remote.kubernetes.secret.gc_otlp_endpoint.data["ca"]) + cert_pem = convert.nonsensitive(remote.kubernetes.secret.gc_otlp_endpoint.data["cert"]) + key_pem = remote.kubernetes.secret.gc_otlp_endpoint.data["key"] + } + } + + retry_on_failure { + enabled = true + initial_interval = "5s" + max_interval = "30s" + max_elapsed_time = "5m" + } + + sending_queue { + enabled = true + } + } + + otelcol.auth.basic "gc_otlp_endpoint" { + username = convert.nonsensitive(remote.kubernetes.secret.gc_otlp_endpoint.data["OTLP_USER"]) + password = remote.kubernetes.secret.gc_otlp_endpoint.data["ACCESS_POLICY_TOKEN"] + } + + remote.kubernetes.secret "gc_otlp_endpoint" { + name = "grafana-cloud-credentials" + namespace = "default" + } self-reporting-metric.prom: | # HELP grafana_kubernetes_monitoring_build_info A metric to report the version of the Kubernetes Monitoring Helm chart # TYPE grafana_kubernetes_monitoring_build_info gauge @@ -1290,9 +1560,281 @@ data: # TYPE grafana_kubernetes_monitoring_feature_info gauge grafana_kubernetes_monitoring_feature_info{deployments="kube-state-metrics,node-exporter,windows-exporter", feature="clusterMetrics", sources="kubelet,kubeletResource,cadvisor,kube-state-metrics,node-exporter,windows-exporter", version="1.0.0"} 1 grafana_kubernetes_monitoring_feature_info{feature="clusterEvents", version="1.0.0"} 1 + grafana_kubernetes_monitoring_feature_info{feature="kubernetesManifests", version="1.0.0"} 1 grafana_kubernetes_monitoring_feature_info{feature="podLogs", method="volumes", version="1.0.0"} 1 grafana_kubernetes_monitoring_feature_info{feature="integrations", sources="alloy", version="1.0.0"} 1 # EOF + + collect-manifests.sh: | + #!/bin/bash + set -o pipefail + + script_name="${0##*/}" + if [[ "${script_name}" == "bash" || "${script_name}" == "-bash" ]]; then + script_name="script.sh" + fi + + DefaultRefreshInterval=60 + + usage() { + echo "Usage: ${script_name} [OPTIONS]" + echo "" + echo "Collects Kubernetes manifests and saves them as files." + echo "" + echo "Pod manifests are stored at \${MANIFEST_DIR}/pods//.json" + echo "" + echo "Requires the MANIFEST_DIR environment variable to be set to the target directory." + echo "" + echo "Options:" + echo " -n, --namespaces Comma or space separated list of namespaces to scan." + echo " When omitted, all namespaces are scanned." + echo " -p, --pod-filters Comma or space separated list of jq selectors to drop" + echo " from the pod JSON. Default: \".status\"" + echo " --refresh-interval How frequently to refresh manifests. Default: \"${DefaultRefreshInterval}\"" + echo " -h, --help Show this help message." + } + + podNamespaces=() + podFilters=(".status") + refreshInterval="${DefaultRefreshInterval}" + + while [[ $# -gt 0 ]]; do + case "$1" in + -n|--namespaces) + if [[ $# -lt 2 ]]; then + echo "Error: --namespaces requires an argument." >&2 + usage + exit 1 + fi + + sanitized="${2//$'\n'/ }" + sanitized="${sanitized//,/ }" + read -ra parsedNamespaces <<< "${sanitized}" + for ns in "${parsedNamespaces[@]}"; do + [[ -n "${ns}" ]] || continue + podNamespaces+=("${ns}") + done + + shift 2 + ;; + -p|--pod-filters) + if [[ $# -lt 2 ]]; then + echo "Error: --pod-filters requires an argument." >&2 + usage + exit 1 + fi + + podFilters=() + sanitized="${2//$'\n'/ }" + sanitized="${sanitized//,/ }" + read -ra parsedPodFilters <<< "${sanitized}" + for filter in "${parsedPodFilters[@]}"; do + [[ -n "${filter}" ]] || continue + podFilters+=("${filter}") + done + + shift 2 + ;; + --refresh-interval) + if [[ $# -lt 2 ]]; then + echo "Error: --pod-refresh requires an argument." >&2 + usage + exit 1 + fi + refreshInterval="$2" + shift 2 + ;; + -h|--help) + usage + exit 0 + ;; + *) + echo "Unknown option: $1" >&2 + usage + exit 1 + ;; + esac + done + + if [[ -z "${namespaces_arg}" && -n "${NAMESPACES:-}" ]]; then + namespaces_arg="${NAMESPACES}" + fi + + if [[ -z "${MANIFEST_DIR:-}" ]]; then + echo "MANIFEST_DIR environment variable must be set." >&2 + exit 1 + fi + + mkdir -p "${MANIFEST_DIR}" + + watchPids=() + + build_jq_filter() { + local program="." + for filter in "$@"; do + [[ -n "${filter}" ]] || continue + program+=" | del(${filter})" + done + printf '%s' "${program}" + } + + collect_pod_manifest() { + local namespace="$1" + local podName="$2" + + [[ -n "${namespace}" && -n "${podName}" ]] || return 0 + + local namespace_dir="${MANIFEST_DIR}/pods/${namespace}" + mkdir -p "${namespace_dir}" + + local outputFile="${namespace_dir}/${podName}.json" + local tmpFile="${outputFile}.tmp" + + pod_output_filter="$(build_jq_filter "${podFilters[@]}")" + if kubectl get pod --namespace "${namespace}" "${podName}" -o json | jq --compact-output "${pod_output_filter}" > "${tmpFile}"; then + if [[ ! -f "${outputFile}" ]] || ! cmp -s "${tmpFile}" "${outputFile}"; then + echo "Storing pod manifest \"${namespace}/${podName}\"" + mv "${tmpFile}" "${outputFile}" + else + echo "No changes to pod manifest \"${namespace}/${podName}\"" + rm -f "${tmpFile}" + fi + else + echo "Failed to collect manifest for pod ${namespace}/${podName}" >&2 + rm -f "${tmpFile}" + fi + } + + remove_pod_manifest() { + local namespace="$1" + local podName="$2" + + [[ -n "${namespace}" && -n "${podName}" ]] || return + + local outputFile="${MANIFEST_DIR}/pods/${namespace}/${podName}.json" + if [[ -f "${outputFile}" ]]; then + rm -f "${outputFile}" + echo "Removed pod manifest \"${namespace}/${podName}\"" + fi + } + + collect_all_pod_manifests() { + if podEntries=$(kubectl get pods --all-namespaces -o jsonpath='{range .items[*]}{.metadata.namespace}{" "}{.metadata.name}{"\n"}{end}'); then + while IFS= read -r entry; do + [[ -n "${entry}" ]] || continue + read -r namespace podName _ <<< "${entry}" + if [[ -z "${namespace}" || -z "${podName}" ]]; then + continue + fi + collect_pod_manifest "${namespace}" "${podName}" + done <<< "${podEntries}" + else + echo "Failed to list pods across all namespaces." >&2 + fi + } + + collect_pod_manifests_by_namespace() { + for namespace in "${podNamespaces[@]}"; do + [[ -n "${namespace}" ]] || continue + + if ! podNames=$(kubectl get pods --namespace "${namespace}" -o jsonpath='{range .items[*]}{.metadata.name}{"\n"}{end}'); then + echo "Failed to list pods in namespace ${namespace}" >&2 + continue + fi + + while IFS= read -r podName; do + [[ -n "${podName}" ]] || continue + collect_pod_manifest "${namespace}" "${podName}" + done <<< "${podNames}" + done + } + + refresh_pod_manifests() { + if [[ ${#podNamespaces[@]} -eq 0 ]]; then + collect_all_pod_manifests + else + collect_pod_manifests_by_namespace + fi + } + + handle_pod_watch_event() { + local eventType="$1" + local namespace="$2" + local podName="$3" + + [[ -n "${event_type}" && -n "${namespace}" && -n "${podName}" ]] || return + + echo "Pod event: ${namespace}/${podName}: ${eventType}" + case "${eventType}" in + ADDED|MODIFIED) + collect_pod_manifest "${namespace}" "${podName}" + ;; + DELETED) + remove_pod_manifest "${namespace}" "${podName}" + ;; + *) + ;; + esac + } + + watch_pods() { + local kubectl_args=("$@") + echo "Starting pod watcher: kubectl get pods ${kubectl_args[*]}" + + while true; do + if ! kubectl get pods "${kubectl_args[@]}" --watch --output-watch-events -o json \ + | jq --unbuffered -r 'select(.object.metadata.namespace != null and .object.metadata.name != null and .type != null) | "\(.type) \(.object.metadata.namespace) \(.object.metadata.name)"' \ + | while read -r eventType namespace podName; do + handle_pod_watch_event "${eventType}" "${namespace}" "${podName}" + done; then + echo "Pod watch ended unexpectedly for args: ${kubectl_args[*]}" >&2 + sleep 5 + fi + done + } + + start_pod_watches() { + if [[ ${#podNamespaces[@]} -eq 0 ]]; then + watch_pods "--all-namespaces" & + watchPids+=("$!") + else + for namespace in "${podNamespaces[@]}"; do + [[ -n "${namespace}" ]] || continue + watch_pods "--namespace" "${namespace}" & + watchPids+=("$!") + done + fi + } + + stop_pod_watches() { + if [[ ${#watchPids[@]} -eq 0 ]]; then + return + fi + + for pid in "${watchPids[@]}"; do + [[ -n "${pid}" ]] || continue + kill "${pid}" 2>/dev/null || true + done + + watchPids=() + } + + trap stop_pod_watches EXIT + + start_pod_watches + + loop_delay="${POD_LOOP_DELAY:-5}" + lastFullSync=0 + + while true; do + currentTime=$(date +%s) + if (( currentTime - lastFullSync >= refreshInterval )); then + refresh_pod_manifests + lastFullSync="${currentTime}" + fi + + sleep "${loop_delay}" + done --- # Source: k8s-monitoring/templates/alloy-config.yaml apiVersion: v1 @@ -1529,7 +2071,7 @@ data: tenant_id = convert.nonsensitive(remote.kubernetes.secret.grafana_cloud_logs.data["tenantId"]) basic_auth { username = convert.nonsensitive(remote.kubernetes.secret.grafana_cloud_logs.data["LOKI_USER"]) - password = remote.kubernetes.secret.grafana_cloud_logs.data["LOKI_PASS"] + password = remote.kubernetes.secret.grafana_cloud_logs.data["ACCESS_POLICY_TOKEN"] } tls_config { insecure_skip_verify = false @@ -2644,7 +3186,7 @@ spec: valueFrom: secretKeyRef: name: grafana-cloud-credentials - key: PROMETHEUS_PASS + key: ACCESS_POLICY_TOKEN - name: RESOLUTION_1D_RETENTION value: "15" - name: RESOLUTION_1H_RETENTION @@ -2901,7 +3443,10 @@ spec: livenessProbe: {} mounts: dockercontainers: false - extra: [] + extra: + - mountPath: /var/kubernetes-manifests + name: kubernetes-manifests + readOnly: false varlog: false resources: {} securityContext: @@ -2926,7 +3471,7 @@ spec: - ALL seccompProfile: type: RuntimeDefault - stabilityLevel: generally-available + stabilityLevel: public-preview storagePath: /tmp/alloy uiPathPrefix: / configReloader: @@ -2988,7 +3533,24 @@ spec: dnsPolicy: ClusterFirst enableStatefulSetAutoDeletePVC: false extraAnnotations: {} - extraContainers: [] + extraContainers: + - command: + - /bin/bash + - /etc/alloy/collect-manifests.sh + - --refresh-interval + - 3600 + env: + - name: MANIFEST_DIR + value: /var/kubernetes-manifests + image: ghcr.io/grafana/helm-chart-toolbox-kubectl:0.1.2 + imagePullPolicy: IfNotPresent + name: kubernetes-manifest-collector + volumeMounts: + - mountPath: /etc/alloy + name: config + - mountPath: /var/kubernetes-manifests + name: kubernetes-manifests + readOnly: false hostNetwork: false hostPID: false initContainers: [] @@ -3011,7 +3573,10 @@ spec: updateStrategy: {} volumeClaimTemplates: [] volumes: - extra: [] + extra: + - emptyDir: + medium: Memory + name: kubernetes-manifests crds: create: false extraObjects: [] diff --git a/charts/k8s-monitoring/tests/platform/gke/Makefile b/charts/k8s-monitoring/tests/platform/gke/Makefile index be81d263da..ab9b7d7894 100644 --- a/charts/k8s-monitoring/tests/platform/gke/Makefile +++ b/charts/k8s-monitoring/tests/platform/gke/Makefile @@ -10,9 +10,9 @@ grafana-cloud-credentials.yaml: echo "# yamllint disable rule:line-length" >> $@ kubectl create secret generic grafana-cloud-credentials \ --from-literal=PROMETHEUS_USER="$$GRAFANA_CLOUD_METRICS_USERNAME" \ - --from-literal=PROMETHEUS_PASS="$$GRAFANA_CLOUD_RW_POLICY_TOKEN" \ --from-literal=LOKI_USER="$$GRAFANA_CLOUD_LOGS_USERNAME" \ - --from-literal=LOKI_PASS="$$GRAFANA_CLOUD_RW_POLICY_TOKEN" \ + --from-literal=OTLP_USER="$$GRAFANA_CLOUD_OTLP_USERNAME" \ + --from-literal=ACCESS_POLICY_TOKEN="$$GRAFANA_CLOUD_RW_POLICY_TOKEN" \ -o yaml --dry-run=client >> $@ echo "---" >> $@ echo "# yamllint disable rule:line-length" >> $@ diff --git a/charts/k8s-monitoring/tests/platform/gke/values.yaml b/charts/k8s-monitoring/tests/platform/gke/values.yaml index 3683925f90..1b2fef16c2 100644 --- a/charts/k8s-monitoring/tests/platform/gke/values.yaml +++ b/charts/k8s-monitoring/tests/platform/gke/values.yaml @@ -9,7 +9,7 @@ destinations: auth: type: basic usernameKey: PROMETHEUS_USER - passwordKey: PROMETHEUS_PASS + passwordKey: ACCESS_POLICY_TOKEN secret: create: false name: grafana-cloud-credentials @@ -20,7 +20,19 @@ destinations: auth: type: basic usernameKey: LOKI_USER - passwordKey: LOKI_PASS + passwordKey: ACCESS_POLICY_TOKEN + secret: + create: false + name: grafana-cloud-credentials + namespace: default + - name: gc-otlp-endpoint + type: otlp + url: https://otlp-gateway-prod-us-east-0.grafana.net/otlp + protocol: http + auth: + type: basic + usernameKey: OTLP_USER + passwordKey: ACCESS_POLICY_TOKEN secret: create: false name: grafana-cloud-credentials @@ -39,7 +51,7 @@ clusterMetrics: url: https://prometheus-prod-13-prod-us-east-0.grafana.net/api/prom existingSecretName: grafana-cloud-credentials username_key: PROMETHEUS_USER - password_key: PROMETHEUS_PASS + password_key: ACCESS_POLICY_TOKEN clusterEvents: enabled: true @@ -47,6 +59,10 @@ clusterEvents: podLogs: enabled: true +kubernetesManifests: + enabled: true + namespaces: [default] + integrations: alloy: instances: @@ -58,5 +74,7 @@ alloy-metrics: enabled: true alloy-singleton: enabled: true + alloy: + stabilityLevel: public-preview alloy-logs: enabled: true diff --git a/charts/k8s-monitoring/values.schema.json b/charts/k8s-monitoring/values.schema.json index 3eade2201c..484dd5963e 100644 --- a/charts/k8s-monitoring/values.schema.json +++ b/charts/k8s-monitoring/values.schema.json @@ -292,26 +292,6 @@ }, "enabled": { "type": "boolean" - }, - "image": { - "type": "object", - "properties": { - "digest": { - "type": "string" - }, - "pullPolicy": { - "type": "string" - }, - "registry": { - "type": "string" - }, - "repository": { - "type": "string" - }, - "tag": { - "type": "string" - } - } } } }, diff --git a/charts/k8s-monitoring/values.yaml b/charts/k8s-monitoring/values.yaml index dd588feef0..64a10e4675 100644 --- a/charts/k8s-monitoring/values.yaml +++ b/charts/k8s-monitoring/values.yaml @@ -171,16 +171,6 @@ kubernetesManifests: # @section -- Features - Kubernetes Manifests enabled: false - # TODO: image - # @section -- Features - Kubernetes Manifests - image: - registry: ghcr.io - repository: grafana/helm-chart-toolbox-kubectl - tag: 0.1.2 - digest: "" - pullPolicy: IfNotPresent -# pullSecrets: [] - # -- The destinations where logs will be sent. If empty, all logs-capable destinations will be used. # @section -- Features - Kubernetes Manifests destinations: [] From 2b5802c79dcb5cc42cbf84cb7d07c91eebc2cc4b Mon Sep 17 00:00:00 2001 From: Pete Wall Date: Tue, 2 Dec 2025 21:05:59 -0600 Subject: [PATCH 03/10] WIP Signed-off-by: Pete Wall --- charts/k8s-monitoring/README.md | 10 - .../feature-kubernetes-manifests/README.md | 2 +- .../collect-manifests.sh | 229 ++---- .../templates/_module.alloy.tpl | 75 +- .../templates/_pods.alloy.tpl | 61 ++ .../templates/_sidecar.tpl | 29 +- .../templates/_workload.alloy.tpl | 31 + .../feature-kubernetes-manifests/values.yaml | 2 +- .../collectors/upstream/alloy-values.yaml | 74 ++ .../examples/auth/bearer-token/output.yaml | 351 ++++++++ .../auth/embedded-secrets/output.yaml | 351 ++++++++ .../auth/external-secrets/output.yaml | 351 ++++++++ .../docs/examples/auth/oauth2/output.yaml | 351 ++++++++ .../docs/examples/auth/sigv4/output.yaml | 117 +++ .../examples/collector-storage/output.yaml | 234 ++++++ .../destinations/custom/debug/output.yaml | 234 ++++++ .../destinations/custom/kafka/output.yaml | 117 +++ .../destinations/loki-stdout/output.yaml | 117 +++ .../destinations/otlp-endpoint/output.yaml | 234 ++++++ .../examples/exclude-by-namespace/output.yaml | 585 ++++++++++++++ .../examples/extra-configuration/output.yaml | 117 +++ .../docs/examples/extra-rules/output.yaml | 351 ++++++++ .../default/output.yaml | 117 +++ .../prom-annotations/output.yaml | 117 +++ .../default/output.yaml | 117 +++ .../tail-sampling/output.yaml | 117 +++ .../beyla-metrics-and-traces/output.yaml | 234 ++++++ .../beyla-metrics/output.yaml | 117 +++ .../discovery-rules/output.yaml | 117 +++ .../span-metrics-only/output.yaml | 234 ++++++ .../cluster-events/default/output.yaml | 117 +++ .../control-plane-monitoring/output.yaml | 351 ++++++++ .../cluster-metrics/default/output.yaml | 117 +++ .../database-observability/mysql/output.yaml | 234 ++++++ .../features/integrations/alloy/output.yaml | 117 +++ .../integrations/cert-manager/output.yaml | 117 +++ .../integrations/dcgm-exporter/output.yaml | 117 +++ .../features/integrations/etcd/output.yaml | 117 +++ .../features/integrations/grafana/output.yaml | 234 ++++++ .../features/integrations/loki/output.yaml | 234 ++++++ .../features/integrations/mimir/output.yaml | 234 ++++++ .../integrations/multiple/output.yaml | 234 ++++++ .../features/integrations/mysql/output.yaml | 234 ++++++ .../default/alloy-singleton.alloy | 125 +++ .../kubernetes-manifests/default/output.yaml | 576 +++++++++---- .../features/node-logs/default/output.yaml | 117 +++ .../pod-logs-via-kubernetes-api/output.yaml | 117 +++ .../features/pod-logs/default/output.yaml | 117 +++ .../features/pod-logs/multiline/output.yaml | 117 +++ .../features/profiles-receiver/output.yaml | 117 +++ .../features/profiling/default/output.yaml | 117 +++ .../default/output.yaml | 117 +++ .../images/images-by-digest/output.yaml | 351 ++++++++ .../examples/include-by-namespace/output.yaml | 585 ++++++++++++++ .../examples/istio-service-mesh/output.yaml | 234 ++++++ .../docs/examples/log-metrics/output.yaml | 234 ++++++ .../docs/examples/meta-monitoring/output.yaml | 234 ++++++ .../docs/examples/metrics-tuning/output.yaml | 117 +++ .../fullname-overrides/output.yaml | 117 +++ .../name-overrides/name-overrides/output.yaml | 117 +++ .../output.yaml | 351 ++++++++ .../docs/examples/node-labels/output.yaml | 234 ++++++ .../examples/platforms/azure-aks/output.yaml | 351 ++++++++ .../platforms/eks-fargate/output.yaml | 351 ++++++++ .../platforms/gke-autopilot/output.yaml | 351 ++++++++ .../examples/platforms/openshift/output.yaml | 351 ++++++++ .../pod-labels-and-annotations/output.yaml | 351 ++++++++ .../globally/output.yaml | 468 +++++++++++ .../individual/output.yaml | 351 ++++++++ .../docs/examples/proxies/output.yaml | 585 ++++++++++++++ .../docs/examples/remote-config/output.yaml | 234 ++++++ .../resource-requests-and-limits/output.yaml | 117 +++ .../scalability/autoscaling/output.yaml | 117 +++ .../output.yaml | 117 +++ .../sharded-kube-state-metrics/output.yaml | 117 +++ .../mongodb-atlas/output.yaml | 117 +++ .../timescaledb/output.yaml | 117 +++ .../docs/examples/tail-sampling/output.yaml | 468 +++++++++++ .../docs/examples/tolerations/output.yaml | 234 ++++++ .../templates/kubernetes-manifest-rules.yaml | 82 ++ .../.rendered/output.yaml | 234 ++++++ .../.rendered/output.yaml | 117 +++ .../integration/auth/.rendered/output.yaml | 234 ++++++ .../.rendered/output.yaml | 234 ++++++ .../cluster-monitoring/.rendered/output.yaml | 351 ++++++++ .../.rendered/output.yaml | 351 ++++++++ .../istio-service-mesh/.rendered/output.yaml | 468 +++++++++++ .../pod-logs/default/.rendered/output.yaml | 117 +++ .../pod-logs/filelog/.rendered/output.yaml | 117 +++ .../log-metrics/.rendered/output.yaml | 234 ++++++ .../secret-filter/.rendered/output.yaml | 117 +++ .../profiles-receiver/.rendered/output.yaml | 117 +++ .../profiling/.rendered/output.yaml | 117 +++ .../.rendered/output.yaml | 351 ++++++++ .../.rendered/output.yaml | 117 +++ .../.rendered/output.yaml | 117 +++ .../integration/proxies/.rendered/output.yaml | 468 +++++++++++ .../.rendered/output.yaml | 468 +++++++++++ .../alloy/.rendered/output.yaml | 117 +++ .../cert-manager/.rendered/output.yaml | 117 +++ .../coredns/.rendered/output.yaml | 117 +++ .../etcd/.rendered/output.yaml | 117 +++ .../grafana/.rendered/output.yaml | 351 ++++++++ .../loki/.rendered/output.yaml | 351 ++++++++ .../mysql/.rendered/output.yaml | 234 ++++++ .../tempo/.rendered/output.yaml | 351 ++++++++ .../.rendered/output.yaml | 117 +++ .../split-destinations/.rendered/output.yaml | 351 ++++++++ .../integration/statsd/.rendered/output.yaml | 117 +++ .../tail-sampling/.rendered/output.yaml | 351 ++++++++ .../uninstall/.rendered/output.yaml | 351 ++++++++ .../upgrade/major/.rendered/output.yaml | 351 ++++++++ .../upgrade/minor/.rendered/output.yaml | 351 ++++++++ .../upgrade/patch/.rendered/output.yaml | 351 ++++++++ .../tests/platform/aks/.rendered/output.yaml | 351 ++++++++ .../eks-fargate/.rendered/output.yaml | 351 ++++++++ .../eks-with-windows/.rendered/output.yaml | 351 ++++++++ .../gke-autopilot/.rendered/output.yaml | 351 ++++++++ .../tests/platform/gke/.rendered/output.yaml | 761 ++++++++++++++---- .../tests/platform/gpu/.rendered/output.yaml | 117 +++ .../app-observability/.rendered/output.yaml | 234 ++++++ .../.rendered/output.yaml | 117 +++ .../k8s-monitoring/.rendered/output.yaml | 585 ++++++++++++++ .../platform/openshift/.rendered/output.yaml | 351 ++++++++ .../otlp-gateway/.rendered/output.yaml | 351 ++++++++ .../remote-config/.rendered/output.yaml | 234 ++++++ 126 files changed, 28649 insertions(+), 552 deletions(-) create mode 100644 charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_pods.alloy.tpl create mode 100644 charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_workload.alloy.tpl create mode 100644 charts/k8s-monitoring/templates/kubernetes-manifest-rules.yaml diff --git a/charts/k8s-monitoring/README.md b/charts/k8s-monitoring/README.md index edac9377ef..1da56c4b4b 100644 --- a/charts/k8s-monitoring/README.md +++ b/charts/k8s-monitoring/README.md @@ -456,13 +456,3 @@ details: | selfReporting.destinations | list | `[]` | The destinations where self-report metrics will be sent. If empty, all metrics-capable destinations will be used. | | selfReporting.enabled | bool | `true` | Enable Self-reporting. | | selfReporting.scrapeInterval | string | 60s | How frequently to generate self-report metrics. This does utilize the global scrapeInterval setting. | - -### Other Values - -| Key | Type | Default | Description | -|-----|------|---------|-------------| -| kubernetesManifests.image.digest | string | `""` | | -| kubernetesManifests.image.pullPolicy | string | `"IfNotPresent"` | | -| kubernetesManifests.image.registry | string | `"ghcr.io"` | | -| kubernetesManifests.image.repository | string | `"grafana/helm-chart-toolbox-kubectl"` | | -| kubernetesManifests.image.tag | string | `"0.1.2"` | | diff --git a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/README.md b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/README.md index aa7ae266d7..2e53cf4b8a 100644 --- a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/README.md +++ b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/README.md @@ -50,7 +50,7 @@ Be sure perform actual integration testing in a live environment in the main [k8 | image.pullSecrets | list | `[]` | | | image.registry | string | `"ghcr.io"` | | | image.repository | string | `"grafana/helm-chart-toolbox-kubectl"` | | -| image.tag | string | `"0.1.2"` | | +| image.tag | string | `"0.1.3"` | | | kinds.cronjobs.gather | bool | `true` | | | kinds.daemonsets.gather | bool | `true` | | | kinds.deployments.gather | bool | `true` | | diff --git a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/collect-manifests.sh b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/collect-manifests.sh index 469ee08fff..d9cd703f06 100755 --- a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/collect-manifests.sh +++ b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/collect-manifests.sh @@ -6,74 +6,87 @@ if [[ "${script_name}" == "bash" || "${script_name}" == "-bash" ]]; then script_name="script.sh" fi -DefaultRefreshInterval=60 +DefaultWatchTimeout=30 usage() { echo "Usage: ${script_name} [OPTIONS]" echo "" echo "Collects Kubernetes manifests and saves them as files." echo "" - echo "Pod manifests are stored at \${MANIFEST_DIR}/pods//.json" + echo "Resource manifests are stored at \${MANIFEST_DIR}///.json" echo "" echo "Requires the MANIFEST_DIR environment variable to be set to the target directory." echo "" echo "Options:" - echo " -n, --namespaces Comma or space separated list of namespaces to scan." - echo " When omitted, all namespaces are scanned." - echo " -p, --pod-filters Comma or space separated list of jq selectors to drop" - echo " from the pod JSON. Default: \".status\"" - echo " --refresh-interval How frequently to refresh manifests. Default: \"${DefaultRefreshInterval}\"" + echo " -k, --kind Kubernetes resource kind passed to \"kubectl get\"." + echo " Default: pods" + echo " -n, --namespace Namespace to scan. When omitted, all namespaces" + echo " are scanned." + echo " -f, --filters Comma or space separated list of jq selectors to drop" + echo " from the resource JSON. Default: \".status\"" + echo " --watch-timeout How long to keep a watch open before restarting." + echo " Default: ${DefaultWatchTimeout} seconds." echo " -h, --help Show this help message." } -podNamespaces=() -podFilters=(".status") -refreshInterval="${DefaultRefreshInterval}" +kind="pods" +kindDir="pods" +namespace="" +filters=(".status") +watchTimeout="${DefaultWatchTimeout}" while [[ $# -gt 0 ]]; do case "$1" in - -n|--namespaces) + -k|--kind) if [[ $# -lt 2 ]]; then - echo "Error: --namespaces requires an argument." >&2 + echo "Error: --kind requires an argument." >&2 usage exit 1 fi - - sanitized="${2//$'\n'/ }" - sanitized="${sanitized//,/ }" - read -ra parsedNamespaces <<< "${sanitized}" - for ns in "${parsedNamespaces[@]}"; do - [[ -n "${ns}" ]] || continue - podNamespaces+=("${ns}") - done - + kind="$2" + kindDir="${kind,,}" # Forces lowercase + kindDir="${kindDir//[^a-z0-9._-]/_}" # Replace special characters with _ shift 2 ;; - -p|--pod-filters) + -n|--namespace) if [[ $# -lt 2 ]]; then - echo "Error: --pod-filters requires an argument." >&2 + echo "Error: --namespace requires an argument." >&2 + usage + exit 1 + fi + namespace="$2" + shift 2 + ;; + -f|--filters) + if [[ $# -lt 2 ]]; then + echo "Error: --filters requires an argument." >&2 usage exit 1 fi - podFilters=() + filters=() sanitized="${2//$'\n'/ }" sanitized="${sanitized//,/ }" - read -ra parsedPodFilters <<< "${sanitized}" - for filter in "${parsedPodFilters[@]}"; do + read -ra parsedFilters <<< "${sanitized}" + for filter in "${parsedFilters[@]}"; do [[ -n "${filter}" ]] || continue - podFilters+=("${filter}") + filters+=("${filter}") done + jqFilters="$(build_jq_filter "${filters[@]}")" shift 2 ;; - --refresh-interval) + --watch-timeout) if [[ $# -lt 2 ]]; then - echo "Error: --pod-refresh requires an argument." >&2 + echo "Error: --watch-timeout requires an argument." >&2 usage exit 1 fi - refreshInterval="$2" + watchTimeout="$2" + if ! [[ "${watchTimeout}" =~ ^[0-9]+$ ]] || (( watchTimeout <= 0 )); then + echo "Error: --watch-timeout must be a positive integer (seconds)." >&2 + exit 1 + fi shift 2 ;; -h|--help) @@ -88,19 +101,13 @@ while [[ $# -gt 0 ]]; do esac done -if [[ -z "${namespaces_arg}" && -n "${NAMESPACES:-}" ]]; then - namespaces_arg="${NAMESPACES}" -fi - if [[ -z "${MANIFEST_DIR:-}" ]]; then - echo "MANIFEST_DIR environment variable must be set." >&2 + echo "Error: MANIFEST_DIR environment variable must be set." >&2 exit 1 fi mkdir -p "${MANIFEST_DIR}" -watchPids=() - build_jq_filter() { local program="." for filter in "$@"; do @@ -110,160 +117,88 @@ build_jq_filter() { printf '%s' "${program}" } -collect_pod_manifest() { +jqFilters="$(build_jq_filter "${filters[@]}")" + +collect_manifest() { local namespace="$1" - local podName="$2" + local resourceName="$2" - [[ -n "${namespace}" && -n "${podName}" ]] || return 0 + [[ -n "${namespace}" && -n "${resourceName}" ]] || return 0 - local namespace_dir="${MANIFEST_DIR}/pods/${namespace}" - mkdir -p "${namespace_dir}" + local namespaceDir="${MANIFEST_DIR}/${kindDir}/${namespace}" + mkdir -p "${namespaceDir}" - local outputFile="${namespace_dir}/${podName}.json" + local outputFile="${namespaceDir}/${resourceName}.json" local tmpFile="${outputFile}.tmp" - pod_output_filter="$(build_jq_filter "${podFilters[@]}")" - if kubectl get pod --namespace "${namespace}" "${podName}" -o json | jq --compact-output "${pod_output_filter}" > "${tmpFile}"; then + if kubectl get "${kind}" --namespace "${namespace}" "${resourceName}" -o json \ + | jq --compact-output "${jqFilters}" > "${tmpFile}"; then if [[ ! -f "${outputFile}" ]] || ! cmp -s "${tmpFile}" "${outputFile}"; then - echo "Storing pod manifest \"${namespace}/${podName}\"" + echo "[INFO] ${kind}: Saving manifest for \"${namespace}/${resourceName}\"" mv "${tmpFile}" "${outputFile}" else - echo "No changes to pod manifest \"${namespace}/${podName}\"" + echo "[DEBUG] ${kind}: No changes to manifest for \"${namespace}/${resourceName}\"" rm -f "${tmpFile}" fi else - echo "Failed to collect manifest for pod ${namespace}/${podName}" >&2 + echo "[ERROR] ${kind}: Failed to collect manifest for ${kind} ${namespace}/${resourceName}" >&2 rm -f "${tmpFile}" fi } -remove_pod_manifest() { +remove_manifest() { local namespace="$1" - local podName="$2" + local resourceName="$2" - [[ -n "${namespace}" && -n "${podName}" ]] || return + [[ -n "${namespace}" && -n "${resourceName}" ]] || return - local outputFile="${MANIFEST_DIR}/pods/${namespace}/${podName}.json" + local outputFile="${MANIFEST_DIR}/${kindDir}/${namespace}/${resourceName}.json" if [[ -f "${outputFile}" ]]; then rm -f "${outputFile}" - echo "Removed pod manifest \"${namespace}/${podName}\"" - fi -} - -collect_all_pod_manifests() { - if podEntries=$(kubectl get pods --all-namespaces -o jsonpath='{range .items[*]}{.metadata.namespace}{" "}{.metadata.name}{"\n"}{end}'); then - while IFS= read -r entry; do - [[ -n "${entry}" ]] || continue - read -r namespace podName _ <<< "${entry}" - if [[ -z "${namespace}" || -z "${podName}" ]]; then - continue - fi - collect_pod_manifest "${namespace}" "${podName}" - done <<< "${podEntries}" - else - echo "Failed to list pods across all namespaces." >&2 - fi -} - -collect_pod_manifests_by_namespace() { - for namespace in "${podNamespaces[@]}"; do - [[ -n "${namespace}" ]] || continue - - if ! podNames=$(kubectl get pods --namespace "${namespace}" -o jsonpath='{range .items[*]}{.metadata.name}{"\n"}{end}'); then - echo "Failed to list pods in namespace ${namespace}" >&2 - continue - fi - - while IFS= read -r podName; do - [[ -n "${podName}" ]] || continue - collect_pod_manifest "${namespace}" "${podName}" - done <<< "${podNames}" - done -} - -refresh_pod_manifests() { - if [[ ${#podNamespaces[@]} -eq 0 ]]; then - collect_all_pod_manifests - else - collect_pod_manifests_by_namespace + echo "[INFO] ${kind}: Removed manifest for \"${namespace}/${resourceName}\"" fi } -handle_pod_watch_event() { +handle_watch_event() { local eventType="$1" local namespace="$2" - local podName="$3" + local resourceName="$3" - [[ -n "${event_type}" && -n "${namespace}" && -n "${podName}" ]] || return + [[ -n "${eventType}" && -n "${namespace}" && -n "${resourceName}" ]] || return - echo "Pod event: ${namespace}/${podName}: ${eventType}" + echo "[DEBUG] ${kind}: ${eventType} event for ${namespace}/${resourceName}" case "${eventType}" in ADDED|MODIFIED) - collect_pod_manifest "${namespace}" "${podName}" + collect_manifest "${namespace}" "${resourceName}" ;; DELETED) - remove_pod_manifest "${namespace}" "${podName}" + remove_manifest "${namespace}" "${resourceName}" ;; *) ;; esac } -watch_pods() { - local kubectl_args=("$@") - echo "Starting pod watcher: kubectl get pods ${kubectl_args[*]}" +watch_resources() { + local kubectlArgs=() + if [[ -n "${namespace}" ]]; then + kubectlArgs=(--namespace "${namespace}") + echo "[INFO] ${kind}: Watching namespace ${namespace}" + else + kubectlArgs=(--all-namespaces) + echo "[INFO] ${kind}: Watching all namespaces" + fi while true; do - if ! kubectl get pods "${kubectl_args[@]}" --watch --output-watch-events -o json \ + if ! timeout --foreground "${watchTimeout}s" kubectl get "${kind}" "${kubectlArgs[@]}" --watch --output-watch-events -o json \ | jq --unbuffered -r 'select(.object.metadata.namespace != null and .object.metadata.name != null and .type != null) | "\(.type) \(.object.metadata.namespace) \(.object.metadata.name)"' \ - | while read -r eventType namespace podName; do - handle_pod_watch_event "${eventType}" "${namespace}" "${podName}" + | while read -r eventType namespace resourceName; do + handle_watch_event "${eventType}" "${namespace}" "${resourceName}" done; then - echo "Pod watch ended unexpectedly for args: ${kubectl_args[*]}" >&2 + echo "[WARN] ${kind}: Watch ended; restarting in 5 seconds." >&2 sleep 5 fi done } -start_pod_watches() { - if [[ ${#podNamespaces[@]} -eq 0 ]]; then - watch_pods "--all-namespaces" & - watchPids+=("$!") - else - for namespace in "${podNamespaces[@]}"; do - [[ -n "${namespace}" ]] || continue - watch_pods "--namespace" "${namespace}" & - watchPids+=("$!") - done - fi -} - -stop_pod_watches() { - if [[ ${#watchPids[@]} -eq 0 ]]; then - return - fi - - for pid in "${watchPids[@]}"; do - [[ -n "${pid}" ]] || continue - kill "${pid}" 2>/dev/null || true - done - - watchPids=() -} - -trap stop_pod_watches EXIT - -start_pod_watches - -loop_delay="${POD_LOOP_DELAY:-5}" -lastFullSync=0 - -while true; do - currentTime=$(date +%s) - if (( currentTime - lastFullSync >= refreshInterval )); then - refresh_pod_manifests - lastFullSync="${currentTime}" - fi - - sleep "${loop_delay}" -done +watch_resources diff --git a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_module.alloy.tpl b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_module.alloy.tpl index 2097afbea6..e6905ce0ab 100644 --- a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_module.alloy.tpl +++ b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_module.alloy.tpl @@ -3,65 +3,20 @@ declare "kubernetes_manifests" { argument "logs_destinations" { comment = "Must be a list of log destinations where collected logs should be forwarded to" } - - otelcol.receiver.filelog "pod_manifests" { - include = ["/var/kubernetes-manifests/pods/*/*.json"] - include_file_path_resolved = true - start_at = "beginning" - delete_after_read = true - - output { - logs = [otelcol.processor.transform.pod_manifests.input] - } - } - - otelcol.processor.transform "pod_manifests" { - error_mode = "ignore" - - log_statements { - context = "log" - statements = [ - `merge_maps(attributes, ExtractPatterns(log.attributes["log.file.path_resolved"], "^/var/kubernetes-manifests/pods/(?P[^/]+)/(?P[^.]+)\\.json$"), "upsert")`, - `set(resource.attributes["k8s.namespace.name"], attributes["namespace"])`, - `set(resource.attributes["k8s.pod.name"], attributes["pod"])`, - `set(resource.attributes["service.name"], "k8s.grafana.com/manifest-collector")`, - `set(resource.attributes["service.namespace"], {{ $.Release.Namespace | quote }})`, - ] - } - - output { - logs = [otelcol.processor.k8sattributes.pod_manifests.input] - } - } - - otelcol.processor.k8sattributes "pod_manifests" { - pod_association { - source { - from = "resource_attribute" - name = "k8s.pod.name" - } - source { - from = "resource_attribute" - name = "k8s.namespace.name" - } - } - - extract { - metadata = [ - "k8s.cronjob.name", - "k8s.daemonset.name", - "k8s.deployment.name", - "k8s.job.name", - "k8s.node.name", - "k8s.pod.start_time", - "k8s.replicaset.name", - "k8s.statefulset.name", - ] - } - - output { - logs = argument.logs_destinations.value - } - } +{{- if .Values.kinds.pods.gather }} +{{ include "feature.kubernetesManifests.pods" . | nindent 2 }} +{{- end }} +{{- if .Values.kinds.deployments.gather }} +{{ include "feature.kubernetesManifests.workload" (dict "kind" "deployment" "Values" .Values "Release" .Release) | nindent 2 }} +{{- end }} +{{- if .Values.kinds.statefulsets.gather }} +{{ include "feature.kubernetesManifests.workload" (dict "kind" "statefulset" "Values" .Values "Release" .Release) | nindent 2 }} +{{- end }} +{{- if .Values.kinds.daemonsets.gather }} +{{ include "feature.kubernetesManifests.workload" (dict "kind" "daemonset" "Values" .Values "Release" .Release) | nindent 2 }} +{{- end }} +{{- if .Values.kinds.cronjobs.gather }} +{{ include "feature.kubernetesManifests.workload" (dict "kind" "cronjob" "Values" .Values "Release" .Release) | nindent 2 }} +{{- end }} } {{- end -}} diff --git a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_pods.alloy.tpl b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_pods.alloy.tpl new file mode 100644 index 0000000000..5b2c001f9a --- /dev/null +++ b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_pods.alloy.tpl @@ -0,0 +1,61 @@ +{{- define "feature.kubernetesManifests.pods" }} +otelcol.receiver.filelog "pod_manifests" { + include = ["/var/kubernetes-manifests/pods/*/*.json"] + include_file_path_resolved = true + start_at = "beginning" + delete_after_read = true + + output { + logs = [otelcol.processor.transform.pod_manifests.input] + } +} + +otelcol.processor.transform "pod_manifests" { + error_mode = "ignore" + + log_statements { + context = "log" + statements = [ + `merge_maps(attributes, ExtractPatterns(log.attributes["log.file.path_resolved"], "^/var/kubernetes-manifests/pods/(?P[^/]+)/(?P[^.]+)\\.json$"), "upsert")`, + `set(resource.attributes["k8s.namespace.name"], attributes["namespace"])`, + `set(resource.attributes["k8s.pod.name"], attributes["pod"])`, + `set(resource.attributes["service.name"], "k8s.grafana.com/manifest-collector")`, + `set(resource.attributes["service.namespace"], {{ $.Release.Namespace | quote }})`, + ] + } + + output { + logs = [otelcol.processor.k8sattributes.pod_manifests.input] + } +} + +otelcol.processor.k8sattributes "pod_manifests" { + pod_association { + source { + from = "resource_attribute" + name = "k8s.pod.name" + } + source { + from = "resource_attribute" + name = "k8s.namespace.name" + } + } + + extract { + metadata = [ + "k8s.cronjob.name", + "k8s.daemonset.name", + "k8s.deployment.name", + "k8s.job.name", + "k8s.node.name", + "k8s.pod.start_time", + "k8s.replicaset.name", + "k8s.statefulset.name", + ] + } + + output { + logs = argument.logs_destinations.value + } +} +{{- end -}} diff --git a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_sidecar.tpl b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_sidecar.tpl index c1cc80449a..0d67438479 100644 --- a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_sidecar.tpl +++ b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_sidecar.tpl @@ -1,4 +1,8 @@ {{- define "feature.kubernetesManifests.sidecarContainer" }} +{{- $globalArgs := "" }} +{{- if .Values.refreshInterval }} + {{- $globalArgs = printf "--watch-timeout %d" (.Values.refreshInterval | int64) }} +{{- end }} - name: kubernetes-manifest-collector {{- with .Values.image }} {{- if .digest }} @@ -10,15 +14,25 @@ imagePullPolicy: {{ .Values.image.pullPolicy }} command: - /bin/bash - - /etc/alloy/collect-manifests.sh -{{- if .Values.namespaces }} - - --namespaces - - {{ .Values.namespaces | join "," }} + - -c + - | + set -euo pipefail + pids=() +{{- range $kind := keys .Values.kinds }} +{{- if dig $kind "gather" false $.Values.kinds }} +{{- if not $.Values.namespaces }} + bash /etc/alloy/collect-manifests.sh --kind {{ $kind }} {{ $globalArgs }} & + pids+=("$!") +{{- else }} +{{- range $namespace := $.Values.namespaces }} + bash /etc/alloy/collect-manifests.sh --kind {{ $kind }} --namespace {{ $namespace | quote }} {{ $globalArgs }} & + pids+=("$!") {{- end }} -{{- if .Values.refreshInterval }} - - --refresh-interval - - {{ .Values.refreshInterval | quote }} {{- end }} +{{- end }} +{{- end }} + trap 'for pid in "${pids[@]}"; do kill "${pid}" 2>/dev/null || true; done' EXIT + wait -n "${pids[@]}" env: - name: MANIFEST_DIR value: /var/kubernetes-manifests @@ -41,4 +55,3 @@ name: kubernetes-manifests readOnly: false {{- end }} - diff --git a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_workload.alloy.tpl b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_workload.alloy.tpl new file mode 100644 index 0000000000..163656d864 --- /dev/null +++ b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_workload.alloy.tpl @@ -0,0 +1,31 @@ +{{- define "feature.kubernetesManifests.workload" }} +otelcol.receiver.filelog "{{ .kind }}_manifests" { + include = ["/var/kubernetes-manifests/{{ .kind }}s/*/*.json"] + include_file_path_resolved = true + start_at = "beginning" + delete_after_read = true + + output { + logs = [otelcol.processor.transform.{{ .kind }}_manifests.input] + } +} + +otelcol.processor.transform "{{ .kind }}_manifests" { + error_mode = "ignore" + + log_statements { + context = "log" + statements = [ + `merge_maps(attributes, ExtractPatterns(log.attributes["log.file.path_resolved"], "^/var/kubernetes-manifests/{{ .kind }}s/(?P[^/]+)/(?P<{{ .kind }}>[^.]+)\\.json$"), "upsert")`, + `set(resource.attributes["k8s.namespace.name"], attributes["namespace"])`, + `set(resource.attributes["k8s.{{ .kind }}.name"], attributes["{{ .kind }}"])`, + `set(resource.attributes["service.name"], "k8s.grafana.com/manifest-collector")`, + `set(resource.attributes["service.namespace"], {{ $.Release.Namespace | quote }})`, + ] + } + + output { + logs = argument.logs_destinations.value + } +} +{{- end -}} diff --git a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/values.yaml b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/values.yaml index 571bea4217..353a661c9f 100644 --- a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/values.yaml +++ b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/values.yaml @@ -21,7 +21,7 @@ kinds: image: registry: ghcr.io repository: grafana/helm-chart-toolbox-kubectl - tag: 0.1.2 + tag: 0.1.3 digest: "" pullPolicy: IfNotPresent pullSecrets: [] diff --git a/charts/k8s-monitoring/collectors/upstream/alloy-values.yaml b/charts/k8s-monitoring/collectors/upstream/alloy-values.yaml index 5dc72afa51..0a7c5d8d67 100644 --- a/charts/k8s-monitoring/collectors/upstream/alloy-values.yaml +++ b/charts/k8s-monitoring/collectors/upstream/alloy-values.yaml @@ -41,6 +41,8 @@ alloy: # -- Path to where Grafana Alloy stores data (for example, the Write-Ahead Log). # By default, data is lost between reboots. storagePath: /tmp/alloy + # -- Enables Grafana Alloy container's http server port. + enableHttpServerPort: true # -- Address to listen for traffic on. 0.0.0.0 exposes the UI to other # containers. listenAddr: 0.0.0.0 @@ -48,6 +50,10 @@ alloy: listenPort: 12345 # -- Scheme is needed for readiness probes. If enabling tls in your configs, set to "HTTPS" listenScheme: HTTP + # -- Initial delay for readiness probe. + initialDelaySeconds: 10 + # -- Timeout for readiness probe. + timeoutSeconds: 1 # -- Base path where the UI is exposed. uiPathPrefix: / # -- Enables sending Grafana Labs anonymous usage stats to help improve Grafana @@ -113,6 +119,57 @@ image: rbac: # -- Whether to create RBAC resources for Alloy. create: true + # -- If set, only create Roles and RoleBindings in the given list of namespaces, rather than ClusterRoles and + # ClusterRoleBindings. If not using ClusterRoles, bear in mind that Alloy will not be able to discover cluster-scoped + # resources such as Nodes. + namespaces: [] + # -- The rules to create for the ClusterRole or Role objects. + rules: + # -- Rules required for the `discovery.kubernetes` component. + - apiGroups: ["", "discovery.k8s.io", "networking.k8s.io"] + resources: ["endpoints", "endpointslices", "ingresses", "pods", "services"] + verbs: ["get", "list", "watch"] + # -- Rules required for the `loki.source.kubernetes` component. + - apiGroups: [""] + resources: ["pods", "pods/log", "namespaces"] + verbs: ["get", "list", "watch"] + # -- Rules required for the `loki.source.podlogs` component. + - apiGroups: ["monitoring.grafana.com"] + resources: ["podlogs"] + verbs: ["get", "list", "watch"] + # -- Rules required for the `mimir.rules.kubernetes` component. + - apiGroups: ["monitoring.coreos.com"] + resources: ["prometheusrules"] + verbs: ["get", "list", "watch"] + # -- Rules required for the `mimir.alerts.kubernetes` component. + - apiGroups: ["monitoring.coreos.com"] + resources: ["alertmanagerconfigs"] + verbs: ["get", "list", "watch"] + # -- Rules required for the `prometheus.operator.*` components. + - apiGroups: ["monitoring.coreos.com"] + resources: ["podmonitors", "servicemonitors", "probes", "scrapeconfigs"] + verbs: ["get", "list", "watch"] + # -- Rules required for the `loki.source.kubernetes_events` component. + - apiGroups: [""] + resources: ["events"] + verbs: ["get", "list", "watch"] + # -- Rules required for the `remote.kubernetes.*` components. + - apiGroups: [""] + resources: ["configmaps", "secrets"] + verbs: ["get", "list", "watch"] + # -- Rules required for the `otelcol.processor.k8sattributes` component. + - apiGroups: ["apps", "extensions"] + resources: ["replicasets"] + verbs: ["get", "list", "watch"] + # -- The rules to create for the ClusterRole objects. + clusterRules: + # -- Rules required for the `discovery.kubernetes` component. + - apiGroups: [""] + resources: ["nodes", "nodes/proxy", "nodes/metrics"] + verbs: ["get", "list", "watch"] + # -- Rules required for accessing metrics endpoint. + - nonResourceURLs: ["/metrics"] + verbs: ["get"] serviceAccount: # -- Whether to create a service account for the Grafana Alloy deployment. create: true @@ -153,11 +210,15 @@ controller: type: 'daemonset' # -- Number of pods to deploy. Ignored when controller.type is 'daemonset'. replicas: 1 + # -- Extra labels to add to the controller. + extraLabels: {} # -- Annotations to add to controller. extraAnnotations: {} # -- Whether to deploy pods in parallel. Only used when controller.type is # 'statefulset'. parallelRollout: true + # -- How many additional seconds to wait before considering a pod ready. + minReadySeconds: 10 # -- Configures Pods to use the host network. When set to true, the ports that will be used must be specified. hostNetwork: false # -- Configures Pods to use the host PID namespace. @@ -308,6 +369,19 @@ controller: initContainers: [] # -- Additional containers to run alongside the Alloy container and initContainers. extraContainers: [] +networkPolicy: + enabled: false + flavor: kubernetes + policyTypes: + - Ingress + - Egress + # Default allow all traffic because Alloy is so configurable + # It is recommended to change this before deploying to production + # To disable each policyType, set value to `null` + ingress: + - {} + egress: + - {} service: # -- Creates a Service for the controller's pods. enabled: true diff --git a/charts/k8s-monitoring/docs/examples/auth/bearer-token/output.yaml b/charts/k8s-monitoring/docs/examples/auth/bearer-token/output.yaml index a2b83005ad..8d2d9d7a92 100644 --- a/charts/k8s-monitoring/docs/examples/auth/bearer-token/output.yaml +++ b/charts/k8s-monitoring/docs/examples/auth/bearer-token/output.yaml @@ -1027,12 +1027,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1067,6 +1069,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1128,9 +1131,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1178,8 +1183,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -1220,6 +1337,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -1228,6 +1346,7 @@ spec: value: sample-bearer-token extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1262,6 +1381,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1323,9 +1443,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1375,8 +1497,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -1417,6 +1651,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -1427,6 +1662,7 @@ spec: protocol: TCP targetPort: 14268 hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1461,6 +1697,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1522,9 +1759,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1572,8 +1811,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-receiver + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/auth/embedded-secrets/output.yaml b/charts/k8s-monitoring/docs/examples/auth/embedded-secrets/output.yaml index e612125367..160ba50f25 100644 --- a/charts/k8s-monitoring/docs/examples/auth/embedded-secrets/output.yaml +++ b/charts/k8s-monitoring/docs/examples/auth/embedded-secrets/output.yaml @@ -1007,12 +1007,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1047,6 +1049,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1108,9 +1111,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1158,8 +1163,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -1200,12 +1317,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1240,6 +1359,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1301,9 +1421,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1353,8 +1475,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -1395,6 +1629,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -1405,6 +1640,7 @@ spec: protocol: TCP targetPort: 4317 hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1439,6 +1675,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1500,9 +1737,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1550,8 +1789,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-receiver + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/auth/external-secrets/output.yaml b/charts/k8s-monitoring/docs/examples/auth/external-secrets/output.yaml index a9ccc521c9..5e1e3936c0 100644 --- a/charts/k8s-monitoring/docs/examples/auth/external-secrets/output.yaml +++ b/charts/k8s-monitoring/docs/examples/auth/external-secrets/output.yaml @@ -1088,6 +1088,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -1111,6 +1112,7 @@ spec: value: k8smon-$(CLUSTER_NAME)-$(NAMESPACE)-alloy-logs-$(NODE_NAME) extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1145,6 +1147,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1206,9 +1209,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1256,8 +1261,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -1298,12 +1415,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1338,6 +1457,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1399,9 +1519,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1451,8 +1573,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -1493,6 +1727,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -1503,6 +1738,7 @@ spec: protocol: TCP targetPort: 14250 hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1537,6 +1773,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1598,9 +1835,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1648,8 +1887,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-receiver + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/auth/oauth2/output.yaml b/charts/k8s-monitoring/docs/examples/auth/oauth2/output.yaml index 7f31d44158..93960ed4fc 100644 --- a/charts/k8s-monitoring/docs/examples/auth/oauth2/output.yaml +++ b/charts/k8s-monitoring/docs/examples/auth/oauth2/output.yaml @@ -2973,12 +2973,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -3013,6 +3015,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -3074,9 +3077,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -3124,8 +3129,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -3166,12 +3283,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -3206,6 +3325,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -3267,9 +3387,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -3317,8 +3439,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-singleton + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -3359,12 +3593,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -3399,6 +3635,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -3460,9 +3697,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -3512,8 +3751,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/auth/sigv4/output.yaml b/charts/k8s-monitoring/docs/examples/auth/sigv4/output.yaml index 9822ddfb52..df49cfe6bb 100644 --- a/charts/k8s-monitoring/docs/examples/auth/sigv4/output.yaml +++ b/charts/k8s-monitoring/docs/examples/auth/sigv4/output.yaml @@ -1573,12 +1573,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1613,6 +1615,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1674,9 +1677,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1724,8 +1729,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/collector-storage/output.yaml b/charts/k8s-monitoring/docs/examples/collector-storage/output.yaml index d99b2b223b..b03cccb988 100644 --- a/charts/k8s-monitoring/docs/examples/collector-storage/output.yaml +++ b/charts/k8s-monitoring/docs/examples/collector-storage/output.yaml @@ -1798,12 +1798,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1840,6 +1842,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /var/lib/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1901,9 +1904,11 @@ spec: enableStatefulSetAutoDeletePVC: true extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1960,8 +1965,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2002,12 +2119,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2044,6 +2163,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /var/lib/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2105,9 +2225,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2161,8 +2283,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/destinations/custom/debug/output.yaml b/charts/k8s-monitoring/docs/examples/destinations/custom/debug/output.yaml index 06eebfddc2..07474888ba 100644 --- a/charts/k8s-monitoring/docs/examples/destinations/custom/debug/output.yaml +++ b/charts/k8s-monitoring/docs/examples/destinations/custom/debug/output.yaml @@ -1035,12 +1035,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1075,6 +1077,7 @@ spec: type: RuntimeDefault stabilityLevel: experimental storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1136,9 +1139,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1186,8 +1191,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -1228,12 +1345,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1268,6 +1387,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1329,9 +1449,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1381,8 +1503,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/destinations/custom/kafka/output.yaml b/charts/k8s-monitoring/docs/examples/destinations/custom/kafka/output.yaml index ebabcef7ad..8afbe34673 100644 --- a/charts/k8s-monitoring/docs/examples/destinations/custom/kafka/output.yaml +++ b/charts/k8s-monitoring/docs/examples/destinations/custom/kafka/output.yaml @@ -424,12 +424,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -464,6 +466,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -525,9 +528,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -575,8 +580,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-singleton + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/destinations/loki-stdout/output.yaml b/charts/k8s-monitoring/docs/examples/destinations/loki-stdout/output.yaml index 49f0d339c8..80ede5e6db 100644 --- a/charts/k8s-monitoring/docs/examples/destinations/loki-stdout/output.yaml +++ b/charts/k8s-monitoring/docs/examples/destinations/loki-stdout/output.yaml @@ -584,12 +584,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -624,6 +626,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -685,9 +688,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -737,8 +742,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/destinations/otlp-endpoint/output.yaml b/charts/k8s-monitoring/docs/examples/destinations/otlp-endpoint/output.yaml index be666115b0..8eb7aedef4 100644 --- a/charts/k8s-monitoring/docs/examples/destinations/otlp-endpoint/output.yaml +++ b/charts/k8s-monitoring/docs/examples/destinations/otlp-endpoint/output.yaml @@ -2149,12 +2149,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2189,6 +2191,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2250,9 +2253,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2300,8 +2305,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2342,12 +2459,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2382,6 +2501,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2443,9 +2563,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2495,8 +2617,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/exclude-by-namespace/output.yaml b/charts/k8s-monitoring/docs/examples/exclude-by-namespace/output.yaml index ab8555a531..7c77cc17c1 100644 --- a/charts/k8s-monitoring/docs/examples/exclude-by-namespace/output.yaml +++ b/charts/k8s-monitoring/docs/examples/exclude-by-namespace/output.yaml @@ -4024,12 +4024,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -4064,6 +4066,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -4125,9 +4128,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -4175,8 +4180,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -4217,12 +4334,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -4257,6 +4376,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -4318,9 +4438,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -4368,8 +4490,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-singleton + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -4410,12 +4644,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -4450,6 +4686,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -4511,9 +4748,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -4563,8 +4802,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -4605,6 +4956,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -4615,6 +4967,7 @@ spec: protocol: TCP targetPort: 4317 hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -4649,6 +5002,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -4710,9 +5064,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -4760,8 +5116,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-receiver + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -4802,12 +5270,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -4845,6 +5315,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -4906,9 +5377,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: true initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -4958,8 +5431,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-profiles + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/extra-configuration/output.yaml b/charts/k8s-monitoring/docs/examples/extra-configuration/output.yaml index 0c73d8c0bc..6351970c42 100644 --- a/charts/k8s-monitoring/docs/examples/extra-configuration/output.yaml +++ b/charts/k8s-monitoring/docs/examples/extra-configuration/output.yaml @@ -372,12 +372,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -412,6 +414,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -473,9 +476,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -523,8 +528,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/extra-rules/output.yaml b/charts/k8s-monitoring/docs/examples/extra-rules/output.yaml index d99bc9fc55..07edcec43a 100644 --- a/charts/k8s-monitoring/docs/examples/extra-rules/output.yaml +++ b/charts/k8s-monitoring/docs/examples/extra-rules/output.yaml @@ -2026,6 +2026,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -2034,6 +2035,7 @@ spec: value: northwest extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2068,6 +2070,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2129,9 +2132,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2179,8 +2184,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2221,6 +2338,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -2229,6 +2347,7 @@ spec: value: northwest extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2263,6 +2382,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2324,9 +2444,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2374,8 +2496,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-singleton + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2416,6 +2650,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -2426,6 +2661,7 @@ spec: value: blue extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2460,6 +2696,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2521,9 +2758,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2573,8 +2812,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/features/annotation-autodiscovery/default/output.yaml b/charts/k8s-monitoring/docs/examples/features/annotation-autodiscovery/default/output.yaml index 67e4810bb7..ddc662e524 100644 --- a/charts/k8s-monitoring/docs/examples/features/annotation-autodiscovery/default/output.yaml +++ b/charts/k8s-monitoring/docs/examples/features/annotation-autodiscovery/default/output.yaml @@ -750,12 +750,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -790,6 +792,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -851,9 +854,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -901,8 +906,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/features/annotation-autodiscovery/prom-annotations/output.yaml b/charts/k8s-monitoring/docs/examples/features/annotation-autodiscovery/prom-annotations/output.yaml index e80f213e2f..6d9fdb163a 100644 --- a/charts/k8s-monitoring/docs/examples/features/annotation-autodiscovery/prom-annotations/output.yaml +++ b/charts/k8s-monitoring/docs/examples/features/annotation-autodiscovery/prom-annotations/output.yaml @@ -750,12 +750,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -790,6 +792,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -851,9 +854,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -901,8 +906,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/features/application-observability/default/output.yaml b/charts/k8s-monitoring/docs/examples/features/application-observability/default/output.yaml index 175d05e13a..9209ac641c 100644 --- a/charts/k8s-monitoring/docs/examples/features/application-observability/default/output.yaml +++ b/charts/k8s-monitoring/docs/examples/features/application-observability/default/output.yaml @@ -673,6 +673,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -683,6 +684,7 @@ spec: protocol: TCP targetPort: 4318 hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -717,6 +719,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -778,9 +781,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -828,8 +833,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-receiver + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/features/application-observability/tail-sampling/output.yaml b/charts/k8s-monitoring/docs/examples/features/application-observability/tail-sampling/output.yaml index 9bf37d2195..f589728e15 100644 --- a/charts/k8s-monitoring/docs/examples/features/application-observability/tail-sampling/output.yaml +++ b/charts/k8s-monitoring/docs/examples/features/application-observability/tail-sampling/output.yaml @@ -715,6 +715,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -725,6 +726,7 @@ spec: protocol: TCP targetPort: 4318 hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -759,6 +761,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -820,9 +823,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -870,8 +875,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-receiver + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/features/auto-instrumentation/beyla-metrics-and-traces/output.yaml b/charts/k8s-monitoring/docs/examples/features/auto-instrumentation/beyla-metrics-and-traces/output.yaml index 11935818fe..1eb715fd33 100644 --- a/charts/k8s-monitoring/docs/examples/features/auto-instrumentation/beyla-metrics-and-traces/output.yaml +++ b/charts/k8s-monitoring/docs/examples/features/auto-instrumentation/beyla-metrics-and-traces/output.yaml @@ -1135,12 +1135,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1175,6 +1177,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1236,9 +1239,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1286,8 +1291,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -1328,6 +1445,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -1338,6 +1456,7 @@ spec: protocol: TCP targetPort: 4317 hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1372,6 +1491,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1433,9 +1553,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1483,8 +1605,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-receiver + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/features/auto-instrumentation/beyla-metrics/output.yaml b/charts/k8s-monitoring/docs/examples/features/auto-instrumentation/beyla-metrics/output.yaml index 9320ccfbea..463a798f59 100644 --- a/charts/k8s-monitoring/docs/examples/features/auto-instrumentation/beyla-metrics/output.yaml +++ b/charts/k8s-monitoring/docs/examples/features/auto-instrumentation/beyla-metrics/output.yaml @@ -645,12 +645,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -685,6 +687,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -746,9 +749,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -796,8 +801,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/features/auto-instrumentation/discovery-rules/output.yaml b/charts/k8s-monitoring/docs/examples/features/auto-instrumentation/discovery-rules/output.yaml index a3edbc46db..d45f9395d1 100644 --- a/charts/k8s-monitoring/docs/examples/features/auto-instrumentation/discovery-rules/output.yaml +++ b/charts/k8s-monitoring/docs/examples/features/auto-instrumentation/discovery-rules/output.yaml @@ -646,12 +646,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -686,6 +688,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -747,9 +750,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -797,8 +802,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/features/auto-instrumentation/span-metrics-only/output.yaml b/charts/k8s-monitoring/docs/examples/features/auto-instrumentation/span-metrics-only/output.yaml index 86439ae0ef..d0d7ef9c07 100644 --- a/charts/k8s-monitoring/docs/examples/features/auto-instrumentation/span-metrics-only/output.yaml +++ b/charts/k8s-monitoring/docs/examples/features/auto-instrumentation/span-metrics-only/output.yaml @@ -930,12 +930,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -970,6 +972,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1031,9 +1034,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1081,8 +1086,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -1123,6 +1240,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -1133,6 +1251,7 @@ spec: protocol: TCP targetPort: 4317 hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1167,6 +1286,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1228,9 +1348,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1278,8 +1400,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-receiver + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/features/cluster-events/default/output.yaml b/charts/k8s-monitoring/docs/examples/features/cluster-events/default/output.yaml index c407e26325..a3caa8d699 100644 --- a/charts/k8s-monitoring/docs/examples/features/cluster-events/default/output.yaml +++ b/charts/k8s-monitoring/docs/examples/features/cluster-events/default/output.yaml @@ -422,12 +422,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -462,6 +464,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -523,9 +526,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -573,8 +578,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-singleton + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/features/cluster-metrics/control-plane-monitoring/output.yaml b/charts/k8s-monitoring/docs/examples/features/cluster-metrics/control-plane-monitoring/output.yaml index 550d01acf3..a3dd17c9b4 100644 --- a/charts/k8s-monitoring/docs/examples/features/cluster-metrics/control-plane-monitoring/output.yaml +++ b/charts/k8s-monitoring/docs/examples/features/cluster-metrics/control-plane-monitoring/output.yaml @@ -2381,12 +2381,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2421,6 +2423,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2482,9 +2485,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2532,8 +2537,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2574,12 +2691,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2614,6 +2733,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2675,9 +2795,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2725,8 +2847,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-singleton + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2767,12 +3001,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2807,6 +3043,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2868,9 +3105,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2920,8 +3159,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/features/cluster-metrics/default/output.yaml b/charts/k8s-monitoring/docs/examples/features/cluster-metrics/default/output.yaml index 7697750ba4..97688d82fa 100644 --- a/charts/k8s-monitoring/docs/examples/features/cluster-metrics/default/output.yaml +++ b/charts/k8s-monitoring/docs/examples/features/cluster-metrics/default/output.yaml @@ -2138,12 +2138,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2178,6 +2180,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2239,9 +2242,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2289,8 +2294,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/features/database-observability/mysql/output.yaml b/charts/k8s-monitoring/docs/examples/features/database-observability/mysql/output.yaml index 565a523b70..333030d981 100644 --- a/charts/k8s-monitoring/docs/examples/features/database-observability/mysql/output.yaml +++ b/charts/k8s-monitoring/docs/examples/features/database-observability/mysql/output.yaml @@ -844,12 +844,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -884,6 +886,7 @@ spec: type: RuntimeDefault stabilityLevel: experimental storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -945,9 +948,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -995,8 +1000,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-singleton + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -1037,12 +1154,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1077,6 +1196,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1138,9 +1258,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1190,8 +1312,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/features/integrations/alloy/output.yaml b/charts/k8s-monitoring/docs/examples/features/integrations/alloy/output.yaml index a365ba23b7..50d84397e4 100644 --- a/charts/k8s-monitoring/docs/examples/features/integrations/alloy/output.yaml +++ b/charts/k8s-monitoring/docs/examples/features/integrations/alloy/output.yaml @@ -733,12 +733,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -773,6 +775,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -834,9 +837,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -884,8 +889,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/features/integrations/cert-manager/output.yaml b/charts/k8s-monitoring/docs/examples/features/integrations/cert-manager/output.yaml index 36987d16d7..c8c74bcec9 100644 --- a/charts/k8s-monitoring/docs/examples/features/integrations/cert-manager/output.yaml +++ b/charts/k8s-monitoring/docs/examples/features/integrations/cert-manager/output.yaml @@ -535,12 +535,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -575,6 +577,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -636,9 +639,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -686,8 +691,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/features/integrations/dcgm-exporter/output.yaml b/charts/k8s-monitoring/docs/examples/features/integrations/dcgm-exporter/output.yaml index a6f1032fd2..661f95431c 100644 --- a/charts/k8s-monitoring/docs/examples/features/integrations/dcgm-exporter/output.yaml +++ b/charts/k8s-monitoring/docs/examples/features/integrations/dcgm-exporter/output.yaml @@ -660,12 +660,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -700,6 +702,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -761,9 +764,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -811,8 +816,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/features/integrations/etcd/output.yaml b/charts/k8s-monitoring/docs/examples/features/integrations/etcd/output.yaml index c6a4435e89..69910798ad 100644 --- a/charts/k8s-monitoring/docs/examples/features/integrations/etcd/output.yaml +++ b/charts/k8s-monitoring/docs/examples/features/integrations/etcd/output.yaml @@ -535,12 +535,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -575,6 +577,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -636,9 +639,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -686,8 +691,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/features/integrations/grafana/output.yaml b/charts/k8s-monitoring/docs/examples/features/integrations/grafana/output.yaml index 0cf826139e..c0c333f89f 100644 --- a/charts/k8s-monitoring/docs/examples/features/integrations/grafana/output.yaml +++ b/charts/k8s-monitoring/docs/examples/features/integrations/grafana/output.yaml @@ -982,12 +982,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1022,6 +1024,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1083,9 +1086,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1133,8 +1138,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -1175,12 +1292,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1215,6 +1334,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1276,9 +1396,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1328,8 +1450,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/features/integrations/loki/output.yaml b/charts/k8s-monitoring/docs/examples/features/integrations/loki/output.yaml index 1930bd4b57..71579e0775 100644 --- a/charts/k8s-monitoring/docs/examples/features/integrations/loki/output.yaml +++ b/charts/k8s-monitoring/docs/examples/features/integrations/loki/output.yaml @@ -1008,12 +1008,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1048,6 +1050,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1109,9 +1112,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1159,8 +1164,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -1201,12 +1318,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1241,6 +1360,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1302,9 +1422,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1354,8 +1476,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/features/integrations/mimir/output.yaml b/charts/k8s-monitoring/docs/examples/features/integrations/mimir/output.yaml index c92db7d55f..b7b91e37b9 100644 --- a/charts/k8s-monitoring/docs/examples/features/integrations/mimir/output.yaml +++ b/charts/k8s-monitoring/docs/examples/features/integrations/mimir/output.yaml @@ -1006,12 +1006,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1046,6 +1048,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1107,9 +1110,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1157,8 +1162,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -1199,12 +1316,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1239,6 +1358,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1300,9 +1420,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1352,8 +1474,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/features/integrations/multiple/output.yaml b/charts/k8s-monitoring/docs/examples/features/integrations/multiple/output.yaml index 7fbeb64629..5bf6551fed 100644 --- a/charts/k8s-monitoring/docs/examples/features/integrations/multiple/output.yaml +++ b/charts/k8s-monitoring/docs/examples/features/integrations/multiple/output.yaml @@ -919,12 +919,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -959,6 +961,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1020,9 +1023,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1070,8 +1075,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -1112,12 +1229,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1152,6 +1271,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1213,9 +1333,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1265,8 +1387,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/features/integrations/mysql/output.yaml b/charts/k8s-monitoring/docs/examples/features/integrations/mysql/output.yaml index 5f680a871d..8fa783bfc4 100644 --- a/charts/k8s-monitoring/docs/examples/features/integrations/mysql/output.yaml +++ b/charts/k8s-monitoring/docs/examples/features/integrations/mysql/output.yaml @@ -862,12 +862,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -902,6 +904,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -963,9 +966,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1013,8 +1018,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -1055,12 +1172,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1095,6 +1214,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1156,9 +1276,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1208,8 +1330,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/alloy-singleton.alloy b/charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/alloy-singleton.alloy index 6497424d44..12b132ab77 100644 --- a/charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/alloy-singleton.alloy +++ b/charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/alloy-singleton.alloy @@ -4,6 +4,7 @@ declare "kubernetes_manifests" { comment = "Must be a list of log destinations where collected logs should be forwarded to" } + otelcol.receiver.filelog "pod_manifests" { include = ["/var/kubernetes-manifests/pods/*/*.json"] include_file_path_resolved = true @@ -63,6 +64,130 @@ declare "kubernetes_manifests" { logs = argument.logs_destinations.value } } + + + otelcol.receiver.filelog "deployment_manifests" { + include = ["/var/kubernetes-manifests/deployments/*/*.json"] + include_file_path_resolved = true + start_at = "beginning" + delete_after_read = true + + output { + logs = [otelcol.processor.transform.deployment_manifests.input] + } + } + + otelcol.processor.transform "deployment_manifests" { + error_mode = "ignore" + + log_statements { + context = "log" + statements = [ + `merge_maps(attributes, ExtractPatterns(log.attributes["log.file.path_resolved"], "^/var/kubernetes-manifests/deployments/(?P[^/]+)/(?P[^.]+)\\.json$"), "upsert")`, + `set(resource.attributes["k8s.namespace.name"], attributes["namespace"])`, + `set(resource.attributes["k8s.deployment.name"], attributes["deployment"])`, + `set(resource.attributes["service.name"], "k8s.grafana.com/manifest-collector")`, + `set(resource.attributes["service.namespace"], "default")`, + ] + } + + output { + logs = argument.logs_destinations.value + } + } + + + otelcol.receiver.filelog "statefulset_manifests" { + include = ["/var/kubernetes-manifests/statefulsets/*/*.json"] + include_file_path_resolved = true + start_at = "beginning" + delete_after_read = true + + output { + logs = [otelcol.processor.transform.statefulset_manifests.input] + } + } + + otelcol.processor.transform "statefulset_manifests" { + error_mode = "ignore" + + log_statements { + context = "log" + statements = [ + `merge_maps(attributes, ExtractPatterns(log.attributes["log.file.path_resolved"], "^/var/kubernetes-manifests/statefulsets/(?P[^/]+)/(?P[^.]+)\\.json$"), "upsert")`, + `set(resource.attributes["k8s.namespace.name"], attributes["namespace"])`, + `set(resource.attributes["k8s.statefulset.name"], attributes["statefulset"])`, + `set(resource.attributes["service.name"], "k8s.grafana.com/manifest-collector")`, + `set(resource.attributes["service.namespace"], "default")`, + ] + } + + output { + logs = argument.logs_destinations.value + } + } + + + otelcol.receiver.filelog "daemonset_manifests" { + include = ["/var/kubernetes-manifests/daemonsets/*/*.json"] + include_file_path_resolved = true + start_at = "beginning" + delete_after_read = true + + output { + logs = [otelcol.processor.transform.daemonset_manifests.input] + } + } + + otelcol.processor.transform "daemonset_manifests" { + error_mode = "ignore" + + log_statements { + context = "log" + statements = [ + `merge_maps(attributes, ExtractPatterns(log.attributes["log.file.path_resolved"], "^/var/kubernetes-manifests/daemonsets/(?P[^/]+)/(?P[^.]+)\\.json$"), "upsert")`, + `set(resource.attributes["k8s.namespace.name"], attributes["namespace"])`, + `set(resource.attributes["k8s.daemonset.name"], attributes["daemonset"])`, + `set(resource.attributes["service.name"], "k8s.grafana.com/manifest-collector")`, + `set(resource.attributes["service.namespace"], "default")`, + ] + } + + output { + logs = argument.logs_destinations.value + } + } + + + otelcol.receiver.filelog "cronjob_manifests" { + include = ["/var/kubernetes-manifests/cronjobs/*/*.json"] + include_file_path_resolved = true + start_at = "beginning" + delete_after_read = true + + output { + logs = [otelcol.processor.transform.cronjob_manifests.input] + } + } + + otelcol.processor.transform "cronjob_manifests" { + error_mode = "ignore" + + log_statements { + context = "log" + statements = [ + `merge_maps(attributes, ExtractPatterns(log.attributes["log.file.path_resolved"], "^/var/kubernetes-manifests/cronjobs/(?P[^/]+)/(?P[^.]+)\\.json$"), "upsert")`, + `set(resource.attributes["k8s.namespace.name"], attributes["namespace"])`, + `set(resource.attributes["k8s.cronjob.name"], attributes["cronjob"])`, + `set(resource.attributes["service.name"], "k8s.grafana.com/manifest-collector")`, + `set(resource.attributes["service.namespace"], "default")`, + ] + } + + output { + logs = argument.logs_destinations.value + } + } } kubernetes_manifests "feature" { logs_destinations = [ diff --git a/charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/output.yaml b/charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/output.yaml index 12c0521d60..055fabb1e2 100644 --- a/charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/output.yaml +++ b/charts/k8s-monitoring/docs/examples/features/kubernetes-manifests/default/output.yaml @@ -6,10 +6,10 @@ metadata: name: k8smon-alloy-operator namespace: default labels: - helm.sh/chart: alloy-operator-0.3.12 + helm.sh/chart: alloy-operator-0.3.14 app.kubernetes.io/name: alloy-operator app.kubernetes.io/instance: k8smon - app.kubernetes.io/version: "1.4.0" + app.kubernetes.io/version: "1.5.0" app.kubernetes.io/managed-by: Helm automountServiceAccountToken: true --- @@ -39,6 +39,7 @@ data: comment = "Must be a list of log destinations where collected logs should be forwarded to" } + otelcol.receiver.filelog "pod_manifests" { include = ["/var/kubernetes-manifests/pods/*/*.json"] include_file_path_resolved = true @@ -98,6 +99,130 @@ data: logs = argument.logs_destinations.value } } + + + otelcol.receiver.filelog "deployment_manifests" { + include = ["/var/kubernetes-manifests/deployments/*/*.json"] + include_file_path_resolved = true + start_at = "beginning" + delete_after_read = true + + output { + logs = [otelcol.processor.transform.deployment_manifests.input] + } + } + + otelcol.processor.transform "deployment_manifests" { + error_mode = "ignore" + + log_statements { + context = "log" + statements = [ + `merge_maps(attributes, ExtractPatterns(log.attributes["log.file.path_resolved"], "^/var/kubernetes-manifests/deployments/(?P[^/]+)/(?P[^.]+)\\.json$"), "upsert")`, + `set(resource.attributes["k8s.namespace.name"], attributes["namespace"])`, + `set(resource.attributes["k8s.deployment.name"], attributes["deployment"])`, + `set(resource.attributes["service.name"], "k8s.grafana.com/manifest-collector")`, + `set(resource.attributes["service.namespace"], "default")`, + ] + } + + output { + logs = argument.logs_destinations.value + } + } + + + otelcol.receiver.filelog "statefulset_manifests" { + include = ["/var/kubernetes-manifests/statefulsets/*/*.json"] + include_file_path_resolved = true + start_at = "beginning" + delete_after_read = true + + output { + logs = [otelcol.processor.transform.statefulset_manifests.input] + } + } + + otelcol.processor.transform "statefulset_manifests" { + error_mode = "ignore" + + log_statements { + context = "log" + statements = [ + `merge_maps(attributes, ExtractPatterns(log.attributes["log.file.path_resolved"], "^/var/kubernetes-manifests/statefulsets/(?P[^/]+)/(?P[^.]+)\\.json$"), "upsert")`, + `set(resource.attributes["k8s.namespace.name"], attributes["namespace"])`, + `set(resource.attributes["k8s.statefulset.name"], attributes["statefulset"])`, + `set(resource.attributes["service.name"], "k8s.grafana.com/manifest-collector")`, + `set(resource.attributes["service.namespace"], "default")`, + ] + } + + output { + logs = argument.logs_destinations.value + } + } + + + otelcol.receiver.filelog "daemonset_manifests" { + include = ["/var/kubernetes-manifests/daemonsets/*/*.json"] + include_file_path_resolved = true + start_at = "beginning" + delete_after_read = true + + output { + logs = [otelcol.processor.transform.daemonset_manifests.input] + } + } + + otelcol.processor.transform "daemonset_manifests" { + error_mode = "ignore" + + log_statements { + context = "log" + statements = [ + `merge_maps(attributes, ExtractPatterns(log.attributes["log.file.path_resolved"], "^/var/kubernetes-manifests/daemonsets/(?P[^/]+)/(?P[^.]+)\\.json$"), "upsert")`, + `set(resource.attributes["k8s.namespace.name"], attributes["namespace"])`, + `set(resource.attributes["k8s.daemonset.name"], attributes["daemonset"])`, + `set(resource.attributes["service.name"], "k8s.grafana.com/manifest-collector")`, + `set(resource.attributes["service.namespace"], "default")`, + ] + } + + output { + logs = argument.logs_destinations.value + } + } + + + otelcol.receiver.filelog "cronjob_manifests" { + include = ["/var/kubernetes-manifests/cronjobs/*/*.json"] + include_file_path_resolved = true + start_at = "beginning" + delete_after_read = true + + output { + logs = [otelcol.processor.transform.cronjob_manifests.input] + } + } + + otelcol.processor.transform "cronjob_manifests" { + error_mode = "ignore" + + log_statements { + context = "log" + statements = [ + `merge_maps(attributes, ExtractPatterns(log.attributes["log.file.path_resolved"], "^/var/kubernetes-manifests/cronjobs/(?P[^/]+)/(?P[^.]+)\\.json$"), "upsert")`, + `set(resource.attributes["k8s.namespace.name"], attributes["namespace"])`, + `set(resource.attributes["k8s.cronjob.name"], attributes["cronjob"])`, + `set(resource.attributes["service.name"], "k8s.grafana.com/manifest-collector")`, + `set(resource.attributes["service.namespace"], "default")`, + ] + } + + output { + logs = argument.logs_destinations.value + } + } } kubernetes_manifests "feature" { logs_destinations = [ @@ -150,74 +275,87 @@ data: script_name="script.sh" fi - DefaultRefreshInterval=60 + DefaultWatchTimeout=30 usage() { echo "Usage: ${script_name} [OPTIONS]" echo "" echo "Collects Kubernetes manifests and saves them as files." echo "" - echo "Pod manifests are stored at \${MANIFEST_DIR}/pods//.json" + echo "Resource manifests are stored at \${MANIFEST_DIR}///.json" echo "" echo "Requires the MANIFEST_DIR environment variable to be set to the target directory." echo "" echo "Options:" - echo " -n, --namespaces Comma or space separated list of namespaces to scan." - echo " When omitted, all namespaces are scanned." - echo " -p, --pod-filters Comma or space separated list of jq selectors to drop" - echo " from the pod JSON. Default: \".status\"" - echo " --refresh-interval How frequently to refresh manifests. Default: \"${DefaultRefreshInterval}\"" + echo " -k, --kind Kubernetes resource kind passed to \"kubectl get\"." + echo " Default: pods" + echo " -n, --namespace Namespace to scan. When omitted, all namespaces" + echo " are scanned." + echo " -f, --filters Comma or space separated list of jq selectors to drop" + echo " from the resource JSON. Default: \".status\"" + echo " --watch-timeout How long to keep a watch open before restarting." + echo " Default: ${DefaultWatchTimeout} seconds." echo " -h, --help Show this help message." } - podNamespaces=() - podFilters=(".status") - refreshInterval="${DefaultRefreshInterval}" + kind="pods" + kindDir="pods" + namespace="" + filters=(".status") + watchTimeout="${DefaultWatchTimeout}" while [[ $# -gt 0 ]]; do case "$1" in - -n|--namespaces) + -k|--kind) if [[ $# -lt 2 ]]; then - echo "Error: --namespaces requires an argument." >&2 + echo "Error: --kind requires an argument." >&2 usage exit 1 fi - - sanitized="${2//$'\n'/ }" - sanitized="${sanitized//,/ }" - read -ra parsedNamespaces <<< "${sanitized}" - for ns in "${parsedNamespaces[@]}"; do - [[ -n "${ns}" ]] || continue - podNamespaces+=("${ns}") - done - + kind="$2" + kindDir="${kind,,}" # Forces lowercase + kindDir="${kindDir//[^a-z0-9._-]/_}" # Replace special characters with _ + shift 2 + ;; + -n|--namespace) + if [[ $# -lt 2 ]]; then + echo "Error: --namespace requires an argument." >&2 + usage + exit 1 + fi + namespace="$2" shift 2 ;; - -p|--pod-filters) + -f|--filters) if [[ $# -lt 2 ]]; then - echo "Error: --pod-filters requires an argument." >&2 + echo "Error: --filters requires an argument." >&2 usage exit 1 fi - podFilters=() + filters=() sanitized="${2//$'\n'/ }" sanitized="${sanitized//,/ }" - read -ra parsedPodFilters <<< "${sanitized}" - for filter in "${parsedPodFilters[@]}"; do + read -ra parsedFilters <<< "${sanitized}" + for filter in "${parsedFilters[@]}"; do [[ -n "${filter}" ]] || continue - podFilters+=("${filter}") + filters+=("${filter}") done + jqFilters="$(build_jq_filter "${filters[@]}")" shift 2 ;; - --refresh-interval) + --watch-timeout) if [[ $# -lt 2 ]]; then - echo "Error: --pod-refresh requires an argument." >&2 + echo "Error: --watch-timeout requires an argument." >&2 usage exit 1 fi - refreshInterval="$2" + watchTimeout="$2" + if ! [[ "${watchTimeout}" =~ ^[0-9]+$ ]] || (( watchTimeout <= 0 )); then + echo "Error: --watch-timeout must be a positive integer (seconds)." >&2 + exit 1 + fi shift 2 ;; -h|--help) @@ -232,18 +370,17 @@ data: esac done - if [[ -z "${namespaces_arg}" && -n "${NAMESPACES:-}" ]]; then - namespaces_arg="${NAMESPACES}" - fi - if [[ -z "${MANIFEST_DIR:-}" ]]; then - echo "MANIFEST_DIR environment variable must be set." >&2 + echo "Error: MANIFEST_DIR environment variable must be set." >&2 exit 1 fi - mkdir -p "${MANIFEST_DIR}" + kubectl get nodes - watchPids=() + echo "k8s host: ${KUBERNETES_SERVICE_HOST}" + echo "k8s port: ${KUBERNETES_SERVICE_PORT_HTTPS}" + + mkdir -p "${MANIFEST_DIR}" build_jq_filter() { local program="." @@ -254,163 +391,91 @@ data: printf '%s' "${program}" } - collect_pod_manifest() { + jqFilters="$(build_jq_filter "${filters[@]}")" + + collect_manifest() { local namespace="$1" - local podName="$2" + local resourceName="$2" - [[ -n "${namespace}" && -n "${podName}" ]] || return 0 + [[ -n "${namespace}" && -n "${resourceName}" ]] || return 0 - local namespace_dir="${MANIFEST_DIR}/pods/${namespace}" - mkdir -p "${namespace_dir}" + local namespaceDir="${MANIFEST_DIR}/${kindDir}/${namespace}" + mkdir -p "${namespaceDir}" - local outputFile="${namespace_dir}/${podName}.json" + local outputFile="${namespaceDir}/${resourceName}.json" local tmpFile="${outputFile}.tmp" - pod_output_filter="$(build_jq_filter "${podFilters[@]}")" - if kubectl get pod --namespace "${namespace}" "${podName}" -o json | jq --compact-output "${pod_output_filter}" > "${tmpFile}"; then + if kubectl get "${kind}" --namespace "${namespace}" "${resourceName}" -o json \ + | jq --compact-output "${jqFilters}" > "${tmpFile}"; then if [[ ! -f "${outputFile}" ]] || ! cmp -s "${tmpFile}" "${outputFile}"; then - echo "Storing pod manifest \"${namespace}/${podName}\"" + echo "[INFO] ${kind}: Saving manifest for \"${namespace}/${resourceName}\"" mv "${tmpFile}" "${outputFile}" else - echo "No changes to pod manifest \"${namespace}/${podName}\"" + echo "[DEBUG] ${kind}: No changes to manifest for \"${namespace}/${resourceName}\"" rm -f "${tmpFile}" fi else - echo "Failed to collect manifest for pod ${namespace}/${podName}" >&2 + echo "[ERROR] ${kind}: Failed to collect manifest for ${kind} ${namespace}/${resourceName}" >&2 rm -f "${tmpFile}" fi } - remove_pod_manifest() { + remove_manifest() { local namespace="$1" - local podName="$2" + local resourceName="$2" - [[ -n "${namespace}" && -n "${podName}" ]] || return + [[ -n "${namespace}" && -n "${resourceName}" ]] || return - local outputFile="${MANIFEST_DIR}/pods/${namespace}/${podName}.json" + local outputFile="${MANIFEST_DIR}/${kindDir}/${namespace}/${resourceName}.json" if [[ -f "${outputFile}" ]]; then rm -f "${outputFile}" - echo "Removed pod manifest \"${namespace}/${podName}\"" - fi - } - - collect_all_pod_manifests() { - if podEntries=$(kubectl get pods --all-namespaces -o jsonpath='{range .items[*]}{.metadata.namespace}{" "}{.metadata.name}{"\n"}{end}'); then - while IFS= read -r entry; do - [[ -n "${entry}" ]] || continue - read -r namespace podName _ <<< "${entry}" - if [[ -z "${namespace}" || -z "${podName}" ]]; then - continue - fi - collect_pod_manifest "${namespace}" "${podName}" - done <<< "${podEntries}" - else - echo "Failed to list pods across all namespaces." >&2 - fi - } - - collect_pod_manifests_by_namespace() { - for namespace in "${podNamespaces[@]}"; do - [[ -n "${namespace}" ]] || continue - - if ! podNames=$(kubectl get pods --namespace "${namespace}" -o jsonpath='{range .items[*]}{.metadata.name}{"\n"}{end}'); then - echo "Failed to list pods in namespace ${namespace}" >&2 - continue - fi - - while IFS= read -r podName; do - [[ -n "${podName}" ]] || continue - collect_pod_manifest "${namespace}" "${podName}" - done <<< "${podNames}" - done - } - - refresh_pod_manifests() { - if [[ ${#podNamespaces[@]} -eq 0 ]]; then - collect_all_pod_manifests - else - collect_pod_manifests_by_namespace + echo "[INFO] ${kind}: Removed manifest for \"${namespace}/${resourceName}\"" fi } - handle_pod_watch_event() { + handle_watch_event() { local eventType="$1" local namespace="$2" - local podName="$3" + local resourceName="$3" - [[ -n "${event_type}" && -n "${namespace}" && -n "${podName}" ]] || return + [[ -n "${eventType}" && -n "${namespace}" && -n "${resourceName}" ]] || return - echo "Pod event: ${namespace}/${podName}: ${eventType}" + echo "[DEBUG] ${kind}: ${eventType} event for ${namespace}/${resourceName}" case "${eventType}" in ADDED|MODIFIED) - collect_pod_manifest "${namespace}" "${podName}" + collect_manifest "${namespace}" "${resourceName}" ;; DELETED) - remove_pod_manifest "${namespace}" "${podName}" + remove_manifest "${namespace}" "${resourceName}" ;; *) ;; esac } - watch_pods() { - local kubectl_args=("$@") - echo "Starting pod watcher: kubectl get pods ${kubectl_args[*]}" + watch_resources() { + local kubectlArgs=() + if [[ -n "${namespace}" ]]; then + kubectlArgs=(--namespace "${namespace}") + echo "[INFO] ${kind}: Watching namespace ${namespace}" + else + kubectlArgs=(--all-namespaces) + echo "[INFO] ${kind}: Watching all namespaces" + fi while true; do - if ! kubectl get pods "${kubectl_args[@]}" --watch --output-watch-events -o json \ + if ! timeout --foreground "${watchTimeout}s" kubectl get "${kind}" "${kubectlArgs[@]}" --watch --output-watch-events -o json \ | jq --unbuffered -r 'select(.object.metadata.namespace != null and .object.metadata.name != null and .type != null) | "\(.type) \(.object.metadata.namespace) \(.object.metadata.name)"' \ - | while read -r eventType namespace podName; do - handle_pod_watch_event "${eventType}" "${namespace}" "${podName}" + | while read -r eventType namespace resourceName; do + handle_watch_event "${eventType}" "${namespace}" "${resourceName}" done; then - echo "Pod watch ended unexpectedly for args: ${kubectl_args[*]}" >&2 + echo "[WARN] ${kind}: Watch ended; restarting in 5 seconds." >&2 sleep 5 fi done } - start_pod_watches() { - if [[ ${#podNamespaces[@]} -eq 0 ]]; then - watch_pods "--all-namespaces" & - watchPids+=("$!") - else - for namespace in "${podNamespaces[@]}"; do - [[ -n "${namespace}" ]] || continue - watch_pods "--namespace" "${namespace}" & - watchPids+=("$!") - done - fi - } - - stop_pod_watches() { - if [[ ${#watchPids[@]} -eq 0 ]]; then - return - fi - - for pid in "${watchPids[@]}"; do - [[ -n "${pid}" ]] || continue - kill "${pid}" 2>/dev/null || true - done - - watchPids=() - } - - trap stop_pod_watches EXIT - - start_pod_watches - - loop_delay="${POD_LOOP_DELAY:-5}" - lastFullSync=0 - - while true; do - currentTime=$(date +%s) - if (( currentTime - lastFullSync >= refreshInterval )); then - refresh_pod_manifests - lastFullSync="${currentTime}" - fi - - sleep "${loop_delay}" - done + watch_resources --- # Source: k8s-monitoring/charts/alloy-operator/templates/rbac/alloy-manager.yaml apiVersion: rbac.authorization.k8s.io/v1 @@ -418,10 +483,10 @@ kind: ClusterRole metadata: name: k8smon-alloy-operator-alloy-manager labels: - helm.sh/chart: alloy-operator-0.3.12 + helm.sh/chart: alloy-operator-0.3.14 app.kubernetes.io/name: alloy-operator app.kubernetes.io/instance: k8smon - app.kubernetes.io/version: "1.4.0" + app.kubernetes.io/version: "1.5.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -476,10 +541,10 @@ kind: ClusterRoleBinding metadata: name: k8smon-alloy-operator-alloy-manager labels: - helm.sh/chart: alloy-operator-0.3.12 + helm.sh/chart: alloy-operator-0.3.14 app.kubernetes.io/name: alloy-operator app.kubernetes.io/instance: k8smon - app.kubernetes.io/version: "1.4.0" + app.kubernetes.io/version: "1.5.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -496,10 +561,10 @@ kind: ClusterRoleBinding metadata: name: k8smon-alloy-operator labels: - helm.sh/chart: alloy-operator-0.3.12 + helm.sh/chart: alloy-operator-0.3.14 app.kubernetes.io/name: alloy-operator app.kubernetes.io/instance: k8smon - app.kubernetes.io/version: "1.4.0" + app.kubernetes.io/version: "1.5.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -517,10 +582,10 @@ metadata: name: k8smon-alloy-operator-leader-election-role namespace: default labels: - helm.sh/chart: alloy-operator-0.3.12 + helm.sh/chart: alloy-operator-0.3.14 app.kubernetes.io/name: alloy-operator app.kubernetes.io/instance: k8smon - app.kubernetes.io/version: "1.4.0" + app.kubernetes.io/version: "1.5.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -555,6 +620,28 @@ rules: - create - patch --- +# Source: k8s-monitoring/templates/kubernetes-manifest-rules.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: k8smon-alloy-singleton-kubernetes-manifests + namespace: default +rules: + - apiGroups: + - "" + - apps + - batch + resources: + - pods + - deployments + - statefulsets + - daemonsets + - cronjobs + verbs: + - get + - list + - watch +--- # Source: k8s-monitoring/charts/alloy-operator/templates/rbac/leader-election.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding @@ -562,10 +649,10 @@ metadata: name: k8smon-alloy-operator-leader-election-rolebinding namespace: default labels: - helm.sh/chart: alloy-operator-0.3.12 + helm.sh/chart: alloy-operator-0.3.14 app.kubernetes.io/name: alloy-operator app.kubernetes.io/instance: k8smon - app.kubernetes.io/version: "1.4.0" + app.kubernetes.io/version: "1.5.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -576,6 +663,21 @@ subjects: name: k8smon-alloy-operator namespace: default --- +# Source: k8s-monitoring/templates/kubernetes-manifest-rules.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: k8smon-alloy-singleton-kubernetes-manifests + namespace: default +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: k8smon-alloy-singleton-kubernetes-manifests +subjects: + - kind: ServiceAccount + name: k8smon-alloy-singleton + namespace: default +--- # Source: k8s-monitoring/charts/alloy-operator/templates/service.yaml apiVersion: v1 kind: Service @@ -583,10 +685,10 @@ metadata: name: k8smon-alloy-operator namespace: default labels: - helm.sh/chart: alloy-operator-0.3.12 + helm.sh/chart: alloy-operator-0.3.14 app.kubernetes.io/name: alloy-operator app.kubernetes.io/instance: k8smon - app.kubernetes.io/version: "1.4.0" + app.kubernetes.io/version: "1.5.0" app.kubernetes.io/managed-by: Helm spec: type: ClusterIP @@ -610,10 +712,10 @@ metadata: name: k8smon-alloy-operator namespace: default labels: - helm.sh/chart: alloy-operator-0.3.12 + helm.sh/chart: alloy-operator-0.3.14 app.kubernetes.io/name: alloy-operator app.kubernetes.io/instance: k8smon - app.kubernetes.io/version: "1.4.0" + app.kubernetes.io/version: "1.5.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -624,10 +726,10 @@ spec: template: metadata: labels: - helm.sh/chart: alloy-operator-0.3.12 + helm.sh/chart: alloy-operator-0.3.14 app.kubernetes.io/name: alloy-operator app.kubernetes.io/instance: k8smon - app.kubernetes.io/version: "1.4.0" + app.kubernetes.io/version: "1.5.0" app.kubernetes.io/managed-by: Helm spec: serviceAccountName: k8smon-alloy-operator @@ -640,7 +742,7 @@ spec: type: RuntimeDefault containers: - name: alloy-operator - image: "ghcr.io/grafana/alloy-operator:1.4.0" + image: "ghcr.io/grafana/alloy-operator:1.5.0" imagePullPolicy: IfNotPresent args: - --health-probe-bind-address=:8081 @@ -698,12 +800,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -741,6 +845,7 @@ spec: type: RuntimeDefault stabilityLevel: public-preview storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -804,15 +909,24 @@ spec: extraContainers: - command: - /bin/bash - - /etc/alloy/collect-manifests.sh - - --namespaces - - default - - --refresh-interval - - 3600 + - -c + - | + set -euo pipefail + pids=() + bash /etc/alloy/collect-manifests.sh --kind pods --namespace "default" --watch-timeout 3600 & + pids+=("$!") + bash /etc/alloy/collect-manifests.sh --kind deployments --namespace "default" --watch-timeout 3600 & + pids+=("$!") + bash /etc/alloy/collect-manifests.sh --kind statefulsets --namespace "default" --watch-timeout 3600 & + pids+=("$!") + bash /etc/alloy/collect-manifests.sh --kind daemonsets --namespace "default" --watch-timeout 3600 & + pids+=("$!") + trap 'for pid in "${pids[@]}"; do kill "${pid}" 2>/dev/null || true; done' EXIT + wait -n "${pids[@]}" env: - name: MANIFEST_DIR value: /var/kubernetes-manifests - image: ghcr.io/grafana/helm-chart-toolbox-kubectl:0.1.2 + image: ghcr.io/grafana/helm-chart-toolbox-kubectl:0.1.3 imagePullPolicy: IfNotPresent name: kubernetes-manifest-collector volumeMounts: @@ -821,9 +935,11 @@ spec: - mountPath: /var/kubernetes-manifests name: kubernetes-manifests readOnly: false + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -874,8 +990,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-singleton + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -996,7 +1224,7 @@ metadata: labels: app.kubernetes.io/name: k8smon-k8s-monitoring-add-finalizer app.kubernetes.io/instance: k8smon - helm.sh/chart: k8s-monitoring-3.6.1 + helm.sh/chart: k8s-monitoring-3.6.2 annotations: helm.sh/hook: post-install,post-upgrade helm.sh/hook-weight: "15" @@ -1049,7 +1277,7 @@ metadata: labels: app.kubernetes.io/name: k8smon-k8s-monitoring-remove-alloy-and-finalizer app.kubernetes.io/instance: k8smon - helm.sh/chart: k8s-monitoring-3.6.1 + helm.sh/chart: k8s-monitoring-3.6.2 annotations: helm.sh/hook: pre-delete helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded diff --git a/charts/k8s-monitoring/docs/examples/features/node-logs/default/output.yaml b/charts/k8s-monitoring/docs/examples/features/node-logs/default/output.yaml index c48fb400e3..fa5ab6d17c 100644 --- a/charts/k8s-monitoring/docs/examples/features/node-logs/default/output.yaml +++ b/charts/k8s-monitoring/docs/examples/features/node-logs/default/output.yaml @@ -490,12 +490,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -530,6 +532,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -591,9 +594,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -643,8 +648,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/features/pod-logs-via-kubernetes-api/output.yaml b/charts/k8s-monitoring/docs/examples/features/pod-logs-via-kubernetes-api/output.yaml index 073569ede3..bff17ae9bf 100644 --- a/charts/k8s-monitoring/docs/examples/features/pod-logs-via-kubernetes-api/output.yaml +++ b/charts/k8s-monitoring/docs/examples/features/pod-logs-via-kubernetes-api/output.yaml @@ -528,12 +528,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -568,6 +570,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -629,9 +632,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -681,8 +686,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/features/pod-logs/default/output.yaml b/charts/k8s-monitoring/docs/examples/features/pod-logs/default/output.yaml index 08d4ba9b6c..53693dce32 100644 --- a/charts/k8s-monitoring/docs/examples/features/pod-logs/default/output.yaml +++ b/charts/k8s-monitoring/docs/examples/features/pod-logs/default/output.yaml @@ -544,12 +544,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -584,6 +586,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -645,9 +648,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -697,8 +702,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/features/pod-logs/multiline/output.yaml b/charts/k8s-monitoring/docs/examples/features/pod-logs/multiline/output.yaml index f8edb0559d..50e3aba59d 100644 --- a/charts/k8s-monitoring/docs/examples/features/pod-logs/multiline/output.yaml +++ b/charts/k8s-monitoring/docs/examples/features/pod-logs/multiline/output.yaml @@ -572,12 +572,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -612,6 +614,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -673,9 +676,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -725,8 +730,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/features/profiles-receiver/output.yaml b/charts/k8s-monitoring/docs/examples/features/profiles-receiver/output.yaml index 02722ddfe9..1bdbcce1e9 100644 --- a/charts/k8s-monitoring/docs/examples/features/profiles-receiver/output.yaml +++ b/charts/k8s-monitoring/docs/examples/features/profiles-receiver/output.yaml @@ -351,6 +351,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -361,6 +362,7 @@ spec: protocol: TCP targetPort: 4040 hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -395,6 +397,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -456,9 +459,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -506,8 +511,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-receiver + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/features/profiling/default/output.yaml b/charts/k8s-monitoring/docs/examples/features/profiling/default/output.yaml index 0b8df16589..114e001c3d 100644 --- a/charts/k8s-monitoring/docs/examples/features/profiling/default/output.yaml +++ b/charts/k8s-monitoring/docs/examples/features/profiling/default/output.yaml @@ -1351,12 +1351,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1394,6 +1396,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1455,9 +1458,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: true initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1507,8 +1512,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-profiles + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/features/prometheus-operator-objects/default/output.yaml b/charts/k8s-monitoring/docs/examples/features/prometheus-operator-objects/default/output.yaml index df9af31b7f..c7902f5c0e 100644 --- a/charts/k8s-monitoring/docs/examples/features/prometheus-operator-objects/default/output.yaml +++ b/charts/k8s-monitoring/docs/examples/features/prometheus-operator-objects/default/output.yaml @@ -476,12 +476,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -516,6 +518,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -577,9 +580,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -627,8 +632,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/images/images-by-digest/output.yaml b/charts/k8s-monitoring/docs/examples/images/images-by-digest/output.yaml index 1f2e4e77ef..e03e8246f6 100644 --- a/charts/k8s-monitoring/docs/examples/images/images-by-digest/output.yaml +++ b/charts/k8s-monitoring/docs/examples/images/images-by-digest/output.yaml @@ -2151,12 +2151,14 @@ spec: create: true key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2191,6 +2193,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2252,9 +2255,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2304,8 +2309,120 @@ spec: tls: [] nameOverride: null namespaceOverride: null + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2346,12 +2463,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2386,6 +2505,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2447,9 +2567,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2497,8 +2619,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2539,6 +2773,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -2549,6 +2784,7 @@ spec: protocol: TCP targetPort: 4318 hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2583,6 +2819,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2644,9 +2881,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2694,8 +2933,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-receiver + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/include-by-namespace/output.yaml b/charts/k8s-monitoring/docs/examples/include-by-namespace/output.yaml index 0ad34f3b4a..f7e97c011d 100644 --- a/charts/k8s-monitoring/docs/examples/include-by-namespace/output.yaml +++ b/charts/k8s-monitoring/docs/examples/include-by-namespace/output.yaml @@ -3977,12 +3977,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -4017,6 +4019,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -4078,9 +4081,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -4128,8 +4133,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -4170,12 +4287,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -4210,6 +4329,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -4271,9 +4391,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -4321,8 +4443,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-singleton + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -4363,12 +4597,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -4403,6 +4639,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -4464,9 +4701,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -4516,8 +4755,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -4558,6 +4909,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -4568,6 +4920,7 @@ spec: protocol: TCP targetPort: 4317 hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -4602,6 +4955,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -4663,9 +5017,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -4713,8 +5069,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-receiver + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -4755,12 +5223,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -4798,6 +5268,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -4859,9 +5330,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: true initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -4911,8 +5384,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-profiles + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/istio-service-mesh/output.yaml b/charts/k8s-monitoring/docs/examples/istio-service-mesh/output.yaml index 4d0917600c..45bd6af841 100644 --- a/charts/k8s-monitoring/docs/examples/istio-service-mesh/output.yaml +++ b/charts/k8s-monitoring/docs/examples/istio-service-mesh/output.yaml @@ -2150,12 +2150,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2190,6 +2192,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2251,9 +2254,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2301,8 +2306,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2343,6 +2460,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -2357,6 +2475,7 @@ spec: protocol: TCP targetPort: 4318 hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2391,6 +2510,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2452,9 +2572,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2503,8 +2625,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-receiver + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/log-metrics/output.yaml b/charts/k8s-monitoring/docs/examples/log-metrics/output.yaml index 0f1cc18eee..6b93e6eff6 100644 --- a/charts/k8s-monitoring/docs/examples/log-metrics/output.yaml +++ b/charts/k8s-monitoring/docs/examples/log-metrics/output.yaml @@ -990,12 +990,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1030,6 +1032,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1091,9 +1094,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1141,8 +1146,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -1183,12 +1300,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1223,6 +1342,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1284,9 +1404,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1336,8 +1458,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/meta-monitoring/output.yaml b/charts/k8s-monitoring/docs/examples/meta-monitoring/output.yaml index dfe6cffb77..34b38ec8e8 100644 --- a/charts/k8s-monitoring/docs/examples/meta-monitoring/output.yaml +++ b/charts/k8s-monitoring/docs/examples/meta-monitoring/output.yaml @@ -3458,12 +3458,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -3498,6 +3500,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -3559,9 +3562,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -3609,8 +3614,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-singleton + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -3651,6 +3768,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -3661,6 +3779,7 @@ spec: protocol: TCP targetPort: 14268 hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -3695,6 +3814,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -3756,9 +3876,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -3806,8 +3928,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-receiver + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/metrics-tuning/output.yaml b/charts/k8s-monitoring/docs/examples/metrics-tuning/output.yaml index e6913b9979..40416d6385 100644 --- a/charts/k8s-monitoring/docs/examples/metrics-tuning/output.yaml +++ b/charts/k8s-monitoring/docs/examples/metrics-tuning/output.yaml @@ -1896,12 +1896,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1936,6 +1938,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1997,9 +2000,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2047,8 +2052,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/name-overrides/fullname-overrides/output.yaml b/charts/k8s-monitoring/docs/examples/name-overrides/fullname-overrides/output.yaml index 07cef6c1e6..362fd4cd3f 100644 --- a/charts/k8s-monitoring/docs/examples/name-overrides/fullname-overrides/output.yaml +++ b/charts/k8s-monitoring/docs/examples/name-overrides/fullname-overrides/output.yaml @@ -2138,12 +2138,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2178,6 +2180,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2239,9 +2242,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2290,8 +2295,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/name-overrides/name-overrides/output.yaml b/charts/k8s-monitoring/docs/examples/name-overrides/name-overrides/output.yaml index f8267a1902..1ff7644379 100644 --- a/charts/k8s-monitoring/docs/examples/name-overrides/name-overrides/output.yaml +++ b/charts/k8s-monitoring/docs/examples/name-overrides/name-overrides/output.yaml @@ -2138,12 +2138,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2178,6 +2180,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2239,9 +2242,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2289,8 +2294,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/namespace-labels-and-annotations/output.yaml b/charts/k8s-monitoring/docs/examples/namespace-labels-and-annotations/output.yaml index abf6a1c31c..a966cded30 100644 --- a/charts/k8s-monitoring/docs/examples/namespace-labels-and-annotations/output.yaml +++ b/charts/k8s-monitoring/docs/examples/namespace-labels-and-annotations/output.yaml @@ -2098,12 +2098,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2138,6 +2140,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2199,9 +2202,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2249,8 +2254,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2291,12 +2408,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2331,6 +2450,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2392,9 +2512,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2444,8 +2566,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2486,6 +2720,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -2496,6 +2731,7 @@ spec: protocol: TCP targetPort: 4318 hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2530,6 +2766,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2591,9 +2828,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2641,8 +2880,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-receiver + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/node-labels/output.yaml b/charts/k8s-monitoring/docs/examples/node-labels/output.yaml index 7cd0540f35..c6a7fd49dc 100644 --- a/charts/k8s-monitoring/docs/examples/node-labels/output.yaml +++ b/charts/k8s-monitoring/docs/examples/node-labels/output.yaml @@ -2367,12 +2367,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2407,6 +2409,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2468,9 +2471,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2518,8 +2523,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2560,12 +2677,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2600,6 +2719,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2661,9 +2781,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2713,8 +2835,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/platforms/azure-aks/output.yaml b/charts/k8s-monitoring/docs/examples/platforms/azure-aks/output.yaml index 6fde3e07e3..9079e617e4 100644 --- a/charts/k8s-monitoring/docs/examples/platforms/azure-aks/output.yaml +++ b/charts/k8s-monitoring/docs/examples/platforms/azure-aks/output.yaml @@ -1972,12 +1972,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2012,6 +2014,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2073,9 +2076,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2124,8 +2129,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2166,12 +2283,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2206,6 +2325,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2267,9 +2387,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2318,8 +2440,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-singleton + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2360,12 +2594,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2400,6 +2636,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2461,9 +2698,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2514,8 +2753,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/platforms/eks-fargate/output.yaml b/charts/k8s-monitoring/docs/examples/platforms/eks-fargate/output.yaml index eff8c5e8b7..55b1c8d9c9 100644 --- a/charts/k8s-monitoring/docs/examples/platforms/eks-fargate/output.yaml +++ b/charts/k8s-monitoring/docs/examples/platforms/eks-fargate/output.yaml @@ -1615,12 +1615,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1655,6 +1657,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1716,9 +1719,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1766,8 +1771,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -1808,12 +1925,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1848,6 +1967,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1909,9 +2029,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1959,8 +2081,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-singleton + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2001,12 +2235,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2041,6 +2277,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2102,9 +2339,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2154,8 +2393,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/platforms/gke-autopilot/output.yaml b/charts/k8s-monitoring/docs/examples/platforms/gke-autopilot/output.yaml index 70498f385f..087ff11383 100644 --- a/charts/k8s-monitoring/docs/examples/platforms/gke-autopilot/output.yaml +++ b/charts/k8s-monitoring/docs/examples/platforms/gke-autopilot/output.yaml @@ -1753,12 +1753,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1793,6 +1795,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1854,9 +1857,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1904,8 +1909,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -1946,12 +2063,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1986,6 +2105,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2047,9 +2167,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2097,8 +2219,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-singleton + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2139,12 +2373,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2179,6 +2415,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2240,9 +2477,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2292,8 +2531,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/platforms/openshift/output.yaml b/charts/k8s-monitoring/docs/examples/platforms/openshift/output.yaml index 024de1d603..92d10cf090 100644 --- a/charts/k8s-monitoring/docs/examples/platforms/openshift/output.yaml +++ b/charts/k8s-monitoring/docs/examples/platforms/openshift/output.yaml @@ -2167,12 +2167,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2207,6 +2209,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2268,9 +2271,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2318,8 +2323,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2360,12 +2477,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2400,6 +2519,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2461,9 +2581,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2511,8 +2633,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-singleton + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2553,12 +2787,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2593,6 +2829,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2654,9 +2891,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2708,8 +2947,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/pod-labels-and-annotations/output.yaml b/charts/k8s-monitoring/docs/examples/pod-labels-and-annotations/output.yaml index 7270cf1f24..07c8a9ba65 100644 --- a/charts/k8s-monitoring/docs/examples/pod-labels-and-annotations/output.yaml +++ b/charts/k8s-monitoring/docs/examples/pod-labels-and-annotations/output.yaml @@ -2099,12 +2099,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2139,6 +2141,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2200,9 +2203,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2250,8 +2255,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2292,12 +2409,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2332,6 +2451,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2393,9 +2513,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2445,8 +2567,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2487,6 +2721,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -2497,6 +2732,7 @@ spec: protocol: TCP targetPort: 4317 hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2531,6 +2767,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2592,9 +2829,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2642,8 +2881,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-receiver + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/private-image-registries/globally/output.yaml b/charts/k8s-monitoring/docs/examples/private-image-registries/globally/output.yaml index d710287c60..15656abaaa 100644 --- a/charts/k8s-monitoring/docs/examples/private-image-registries/globally/output.yaml +++ b/charts/k8s-monitoring/docs/examples/private-image-registries/globally/output.yaml @@ -2175,12 +2175,14 @@ spec: create: true key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2215,6 +2217,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2276,9 +2279,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2329,8 +2334,120 @@ spec: tls: [] nameOverride: null namespaceOverride: null + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2371,12 +2488,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2411,6 +2530,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2472,9 +2592,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2523,8 +2645,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2565,12 +2799,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2605,6 +2841,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2666,9 +2903,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2719,8 +2958,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2761,6 +3112,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -2771,6 +3123,7 @@ spec: protocol: TCP targetPort: 4318 hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2805,6 +3158,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2866,9 +3220,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2917,8 +3273,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-receiver + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/private-image-registries/individual/output.yaml b/charts/k8s-monitoring/docs/examples/private-image-registries/individual/output.yaml index d911c957c3..0ebeb2f820 100644 --- a/charts/k8s-monitoring/docs/examples/private-image-registries/individual/output.yaml +++ b/charts/k8s-monitoring/docs/examples/private-image-registries/individual/output.yaml @@ -2162,12 +2162,14 @@ spec: create: true key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2202,6 +2204,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2263,9 +2266,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2316,8 +2321,120 @@ spec: tls: [] nameOverride: null namespaceOverride: null + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2358,12 +2475,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2398,6 +2517,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2459,9 +2579,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2510,8 +2632,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2552,6 +2786,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -2562,6 +2797,7 @@ spec: protocol: TCP targetPort: 4318 hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2596,6 +2832,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2657,9 +2894,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2708,8 +2947,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-receiver + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/proxies/output.yaml b/charts/k8s-monitoring/docs/examples/proxies/output.yaml index 9f2d46e4d9..da6d92c155 100644 --- a/charts/k8s-monitoring/docs/examples/proxies/output.yaml +++ b/charts/k8s-monitoring/docs/examples/proxies/output.yaml @@ -3769,12 +3769,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -3809,6 +3811,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -3870,9 +3873,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -3920,8 +3925,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -3962,12 +4079,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -4002,6 +4121,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -4063,9 +4183,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -4113,8 +4235,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-singleton + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -4155,12 +4389,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -4195,6 +4431,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -4256,9 +4493,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -4308,8 +4547,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -4350,6 +4701,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -4364,6 +4716,7 @@ spec: protocol: TCP targetPort: 9411 hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -4398,6 +4751,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -4459,9 +4813,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -4509,8 +4865,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-receiver + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -4551,12 +5019,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -4594,6 +5064,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -4655,9 +5126,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: true initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -4707,8 +5180,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-profiles + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/remote-config/output.yaml b/charts/k8s-monitoring/docs/examples/remote-config/output.yaml index 9b397f47a3..13df6fa82d 100644 --- a/charts/k8s-monitoring/docs/examples/remote-config/output.yaml +++ b/charts/k8s-monitoring/docs/examples/remote-config/output.yaml @@ -397,6 +397,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -420,6 +421,7 @@ spec: value: k8smon-$(CLUSTER_NAME)-$(NAMESPACE)-$(POD_NAME) extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -454,6 +456,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -515,9 +518,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -565,8 +570,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -607,6 +724,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -630,6 +748,7 @@ spec: value: k8smon-$(CLUSTER_NAME)-$(NAMESPACE)-alloy-logs-$(NODE_NAME) extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -664,6 +783,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -725,9 +845,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -777,8 +899,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/resource-requests-and-limits/output.yaml b/charts/k8s-monitoring/docs/examples/resource-requests-and-limits/output.yaml index 8b994fcce2..1b80fcb50d 100644 --- a/charts/k8s-monitoring/docs/examples/resource-requests-and-limits/output.yaml +++ b/charts/k8s-monitoring/docs/examples/resource-requests-and-limits/output.yaml @@ -2079,12 +2079,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2125,6 +2127,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2189,9 +2192,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2239,8 +2244,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/scalability/autoscaling/output.yaml b/charts/k8s-monitoring/docs/examples/scalability/autoscaling/output.yaml index a7d27d14e8..a6ecce7839 100644 --- a/charts/k8s-monitoring/docs/examples/scalability/autoscaling/output.yaml +++ b/charts/k8s-monitoring/docs/examples/scalability/autoscaling/output.yaml @@ -1552,12 +1552,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1595,6 +1597,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1656,9 +1659,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1706,8 +1711,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/scalability/high-availability-kube-state-metrics/output.yaml b/charts/k8s-monitoring/docs/examples/scalability/high-availability-kube-state-metrics/output.yaml index 8d5aafa9a2..546ed961c8 100644 --- a/charts/k8s-monitoring/docs/examples/scalability/high-availability-kube-state-metrics/output.yaml +++ b/charts/k8s-monitoring/docs/examples/scalability/high-availability-kube-state-metrics/output.yaml @@ -1552,12 +1552,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1592,6 +1594,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1653,9 +1656,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1703,8 +1708,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/scalability/sharded-kube-state-metrics/output.yaml b/charts/k8s-monitoring/docs/examples/scalability/sharded-kube-state-metrics/output.yaml index 78d702c075..488e034a7f 100644 --- a/charts/k8s-monitoring/docs/examples/scalability/sharded-kube-state-metrics/output.yaml +++ b/charts/k8s-monitoring/docs/examples/scalability/sharded-kube-state-metrics/output.yaml @@ -1622,12 +1622,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1662,6 +1664,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1723,9 +1726,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1773,8 +1778,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/service-integrations/mongodb-atlas/output.yaml b/charts/k8s-monitoring/docs/examples/service-integrations/mongodb-atlas/output.yaml index 9fae2d0105..7a74799650 100644 --- a/charts/k8s-monitoring/docs/examples/service-integrations/mongodb-atlas/output.yaml +++ b/charts/k8s-monitoring/docs/examples/service-integrations/mongodb-atlas/output.yaml @@ -447,12 +447,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -487,6 +489,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -548,9 +551,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -598,8 +603,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/service-integrations/timescaledb/output.yaml b/charts/k8s-monitoring/docs/examples/service-integrations/timescaledb/output.yaml index e5362018cb..46de3eafc3 100644 --- a/charts/k8s-monitoring/docs/examples/service-integrations/timescaledb/output.yaml +++ b/charts/k8s-monitoring/docs/examples/service-integrations/timescaledb/output.yaml @@ -440,12 +440,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -480,6 +482,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -541,9 +544,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -591,8 +596,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/tail-sampling/output.yaml b/charts/k8s-monitoring/docs/examples/tail-sampling/output.yaml index 4e1b1b7b7b..c931a8fa8c 100644 --- a/charts/k8s-monitoring/docs/examples/tail-sampling/output.yaml +++ b/charts/k8s-monitoring/docs/examples/tail-sampling/output.yaml @@ -2204,12 +2204,14 @@ spec: create: true key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2244,6 +2246,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2305,9 +2308,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2357,8 +2362,120 @@ spec: tls: [] nameOverride: null namespaceOverride: null + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2399,12 +2516,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2439,6 +2558,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2500,9 +2620,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2550,8 +2672,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2592,12 +2826,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2632,6 +2868,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2693,9 +2930,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2745,8 +2984,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2787,6 +3138,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -2797,6 +3149,7 @@ spec: protocol: TCP targetPort: 4318 hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2831,6 +3184,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2892,9 +3246,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2942,8 +3298,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-receiver + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/docs/examples/tolerations/output.yaml b/charts/k8s-monitoring/docs/examples/tolerations/output.yaml index 7eb53477bc..ebf8413f6d 100644 --- a/charts/k8s-monitoring/docs/examples/tolerations/output.yaml +++ b/charts/k8s-monitoring/docs/examples/tolerations/output.yaml @@ -2293,12 +2293,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2333,6 +2335,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2394,9 +2397,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2447,8 +2452,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2489,12 +2606,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2529,6 +2648,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2590,9 +2710,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2643,8 +2765,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/templates/kubernetes-manifest-rules.yaml b/charts/k8s-monitoring/templates/kubernetes-manifest-rules.yaml new file mode 100644 index 0000000000..930233e3f2 --- /dev/null +++ b/charts/k8s-monitoring/templates/kubernetes-manifest-rules.yaml @@ -0,0 +1,82 @@ +{{- if .Values.kubernetesManifests.enabled }} +{{- $apiGroups := list }} +{{- $resources := list }} +{{- $verbs := list "get" "list" "watch" }} +{{- if .Values.kubernetesManifests.kinds.pods.gather }} + {{- $apiGroups = append $apiGroups "" }} + {{- $resources = append $resources "pods" }} +{{- end }} +{{- if .Values.kubernetesManifests.kinds.deployments.gather }} + {{- $apiGroups = append $apiGroups "apps" }} + {{- $resources = append $resources "deployments" }} +{{- end }} +{{- if .Values.kubernetesManifests.kinds.statefulsets.gather }} + {{- $apiGroups = append $apiGroups "apps" }} + {{- $resources = append $resources "statefulsets" }} +{{- end }} +{{- if .Values.kubernetesManifests.kinds.daemonsets.gather }} + {{- $apiGroups = append $apiGroups "apps" }} + {{- $resources = append $resources "daemonsets" }} +{{- end }} +{{- if .Values.kubernetesManifests.kinds.cronjobs.gather }} + {{- $apiGroups = append $apiGroups "batch" }} + {{- $resources = append $resources "cronjobs" }} +{{- end }} + +{{- range $collectorName := include "features.kubernetesManifests.collectors" . | fromYamlArray }} + {{- $collectorContext := dict "Values" $.Values "Release" $.Release "collectorName" $collectorName }} + {{- $serviceAccount := include "collector.alloy.fullname" $collectorContext }} + {{- $rbacName := (printf "%s-kubernetes-manifests" $serviceAccount) | trunc 63 | trimSuffix "-" }} + {{- if $.Values.kubernetesManifests.namespaces }} + {{- range $namespace := $.Values.kubernetesManifests.namespaces }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ $rbacName }} + namespace: {{ $namespace }} +rules: + - apiGroups:{{ $apiGroups | uniq | toYaml | nindent 6 }} + resources:{{ $resources | uniq | toYaml | nindent 6 }} + verbs:{{ $verbs | uniq | toYaml | nindent 6 }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ $rbacName }} + namespace: {{ $namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ $rbacName }} +subjects: + - kind: ServiceAccount + name: {{ $serviceAccount }} + namespace: {{ $.Release.Namespace }} + {{- end }} + {{- else }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ $rbacName }} +rules: + - apiGroups:{{ $apiGroups | uniq | toYaml | nindent 6 }} + resources:{{ $resources | uniq | toYaml | nindent 6 }} + verbs:{{ $verbs | uniq | toYaml | nindent 6 }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ $rbacName }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ $rbacName }} +subjects: + - kind: ServiceAccount + name: {{ $serviceAccount }} + namespace: {{ $.Release.Namespace }} + {{- end }} +{{- end }} +{{- end }} diff --git a/charts/k8s-monitoring/tests/integration/annotation-autodiscovery/.rendered/output.yaml b/charts/k8s-monitoring/tests/integration/annotation-autodiscovery/.rendered/output.yaml index 608e459b5f..04bd52a58e 100644 --- a/charts/k8s-monitoring/tests/integration/annotation-autodiscovery/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/integration/annotation-autodiscovery/.rendered/output.yaml @@ -1042,12 +1042,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1082,6 +1084,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1143,9 +1146,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1193,8 +1198,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -1235,12 +1352,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1275,6 +1394,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1336,9 +1456,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1388,8 +1510,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/integration/application-observability/.rendered/output.yaml b/charts/k8s-monitoring/tests/integration/application-observability/.rendered/output.yaml index 08d93a7815..8b8e07687c 100644 --- a/charts/k8s-monitoring/tests/integration/application-observability/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/integration/application-observability/.rendered/output.yaml @@ -1013,6 +1013,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -1027,6 +1028,7 @@ spec: protocol: TCP targetPort: 4318 hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1061,6 +1063,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1122,9 +1125,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1172,8 +1177,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-receiver + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/integration/auth/.rendered/output.yaml b/charts/k8s-monitoring/tests/integration/auth/.rendered/output.yaml index ddf41e81c2..0ad4e60a24 100644 --- a/charts/k8s-monitoring/tests/integration/auth/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/integration/auth/.rendered/output.yaml @@ -1483,12 +1483,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1523,6 +1525,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1584,9 +1587,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1634,8 +1639,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -1676,12 +1793,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1716,6 +1835,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1777,9 +1897,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1829,8 +1951,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/integration/auto-instrumentation/.rendered/output.yaml b/charts/k8s-monitoring/tests/integration/auto-instrumentation/.rendered/output.yaml index 9b1dcf4e72..1ca780d83a 100644 --- a/charts/k8s-monitoring/tests/integration/auto-instrumentation/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/integration/auto-instrumentation/.rendered/output.yaml @@ -957,12 +957,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -997,6 +999,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1058,9 +1061,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1108,8 +1113,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -1150,6 +1267,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -1160,6 +1278,7 @@ spec: protocol: TCP targetPort: 4317 hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1194,6 +1313,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1255,9 +1375,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1305,8 +1427,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-receiver + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/integration/cluster-monitoring/.rendered/output.yaml b/charts/k8s-monitoring/tests/integration/cluster-monitoring/.rendered/output.yaml index 23e7beea21..c28b304498 100644 --- a/charts/k8s-monitoring/tests/integration/cluster-monitoring/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/integration/cluster-monitoring/.rendered/output.yaml @@ -2629,12 +2629,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2669,6 +2671,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2730,9 +2733,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2780,8 +2785,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2822,12 +2939,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2862,6 +2981,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2923,9 +3043,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2973,8 +3095,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-singleton + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -3015,12 +3249,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -3055,6 +3291,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -3116,9 +3353,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -3168,8 +3407,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/integration/control-plane-monitoring/.rendered/output.yaml b/charts/k8s-monitoring/tests/integration/control-plane-monitoring/.rendered/output.yaml index 01319b9ee7..96099f3f19 100644 --- a/charts/k8s-monitoring/tests/integration/control-plane-monitoring/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/integration/control-plane-monitoring/.rendered/output.yaml @@ -2339,12 +2339,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2379,6 +2381,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2440,9 +2443,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2490,8 +2495,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2532,12 +2649,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2572,6 +2691,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2633,9 +2753,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2683,8 +2805,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-singleton + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2725,12 +2959,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2765,6 +3001,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2826,9 +3063,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2878,8 +3117,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/integration/istio-service-mesh/.rendered/output.yaml b/charts/k8s-monitoring/tests/integration/istio-service-mesh/.rendered/output.yaml index 4bd74e3704..1f0b48c7c1 100644 --- a/charts/k8s-monitoring/tests/integration/istio-service-mesh/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/integration/istio-service-mesh/.rendered/output.yaml @@ -2673,12 +2673,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2713,6 +2715,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2774,9 +2777,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2824,8 +2829,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2866,12 +2983,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2906,6 +3025,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2967,9 +3087,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -3017,8 +3139,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-singleton + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -3059,12 +3293,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -3099,6 +3335,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -3160,9 +3397,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -3212,8 +3451,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -3254,6 +3605,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -3268,6 +3620,7 @@ spec: protocol: TCP targetPort: 4318 hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -3302,6 +3655,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -3363,9 +3717,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -3414,8 +3770,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-receiver + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/integration/pod-logs/default/.rendered/output.yaml b/charts/k8s-monitoring/tests/integration/pod-logs/default/.rendered/output.yaml index 0291990087..9bc74daf19 100644 --- a/charts/k8s-monitoring/tests/integration/pod-logs/default/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/integration/pod-logs/default/.rendered/output.yaml @@ -568,12 +568,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -608,6 +610,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -669,9 +672,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -721,8 +726,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/integration/pod-logs/filelog/.rendered/output.yaml b/charts/k8s-monitoring/tests/integration/pod-logs/filelog/.rendered/output.yaml index 9bb52401f5..d05e9e17dd 100644 --- a/charts/k8s-monitoring/tests/integration/pod-logs/filelog/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/integration/pod-logs/filelog/.rendered/output.yaml @@ -539,12 +539,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -579,6 +581,7 @@ spec: type: RuntimeDefault stabilityLevel: public-preview storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -640,9 +643,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -692,8 +697,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/integration/pod-logs/log-metrics/.rendered/output.yaml b/charts/k8s-monitoring/tests/integration/pod-logs/log-metrics/.rendered/output.yaml index cd40624b25..5eaffa779d 100644 --- a/charts/k8s-monitoring/tests/integration/pod-logs/log-metrics/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/integration/pod-logs/log-metrics/.rendered/output.yaml @@ -1012,12 +1012,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1052,6 +1054,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1113,9 +1116,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1163,8 +1168,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -1205,12 +1322,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1245,6 +1364,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1306,9 +1426,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1358,8 +1480,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/integration/pod-logs/secret-filter/.rendered/output.yaml b/charts/k8s-monitoring/tests/integration/pod-logs/secret-filter/.rendered/output.yaml index 19bf42cba9..98cef7ae14 100644 --- a/charts/k8s-monitoring/tests/integration/pod-logs/secret-filter/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/integration/pod-logs/secret-filter/.rendered/output.yaml @@ -572,12 +572,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -612,6 +614,7 @@ spec: type: RuntimeDefault stabilityLevel: experimental storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -673,9 +676,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -725,8 +730,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/integration/profiles-receiver/.rendered/output.yaml b/charts/k8s-monitoring/tests/integration/profiles-receiver/.rendered/output.yaml index df44c052b0..2d2e411c86 100644 --- a/charts/k8s-monitoring/tests/integration/profiles-receiver/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/integration/profiles-receiver/.rendered/output.yaml @@ -360,6 +360,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -370,6 +371,7 @@ spec: protocol: TCP targetPort: 4040 hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -404,6 +406,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -465,9 +468,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -515,8 +520,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-receiver + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/integration/profiling/.rendered/output.yaml b/charts/k8s-monitoring/tests/integration/profiling/.rendered/output.yaml index 6cefd9ffd5..cbe9c60dcd 100644 --- a/charts/k8s-monitoring/tests/integration/profiling/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/integration/profiling/.rendered/output.yaml @@ -1351,12 +1351,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1394,6 +1396,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1455,9 +1458,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: true initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1507,8 +1512,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-profiles + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/integration/prom-and-loki-to-otlp/.rendered/output.yaml b/charts/k8s-monitoring/tests/integration/prom-and-loki-to-otlp/.rendered/output.yaml index d422e97eec..6c27abdbc6 100644 --- a/charts/k8s-monitoring/tests/integration/prom-and-loki-to-otlp/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/integration/prom-and-loki-to-otlp/.rendered/output.yaml @@ -2291,12 +2291,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2331,6 +2333,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2392,9 +2395,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2442,8 +2447,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2484,12 +2601,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2524,6 +2643,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2585,9 +2705,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2635,8 +2757,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-singleton + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2677,12 +2911,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2717,6 +2953,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2778,9 +3015,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2830,8 +3069,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/integration/prometheus-io-annotations/.rendered/output.yaml b/charts/k8s-monitoring/tests/integration/prometheus-io-annotations/.rendered/output.yaml index e9c8c8b479..d34f2702a7 100644 --- a/charts/k8s-monitoring/tests/integration/prometheus-io-annotations/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/integration/prometheus-io-annotations/.rendered/output.yaml @@ -1892,12 +1892,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1932,6 +1934,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1993,9 +1996,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2043,8 +2048,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/integration/prometheus-operator-objects/.rendered/output.yaml b/charts/k8s-monitoring/tests/integration/prometheus-operator-objects/.rendered/output.yaml index b1ac038612..95a62308ec 100644 --- a/charts/k8s-monitoring/tests/integration/prometheus-operator-objects/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/integration/prometheus-operator-objects/.rendered/output.yaml @@ -485,12 +485,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -525,6 +527,7 @@ spec: type: RuntimeDefault stabilityLevel: experimental storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -586,9 +589,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -636,8 +641,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/integration/proxies/.rendered/output.yaml b/charts/k8s-monitoring/tests/integration/proxies/.rendered/output.yaml index 882c5667de..ae5608e893 100644 --- a/charts/k8s-monitoring/tests/integration/proxies/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/integration/proxies/.rendered/output.yaml @@ -1489,12 +1489,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1529,6 +1531,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1590,9 +1593,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1640,8 +1645,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -1682,12 +1799,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1722,6 +1841,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1783,9 +1903,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1833,8 +1955,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-singleton + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -1875,12 +2109,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1915,6 +2151,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1976,9 +2213,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2028,8 +2267,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2070,6 +2421,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -2080,6 +2432,7 @@ spec: protocol: TCP targetPort: 4317 hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2114,6 +2467,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2175,9 +2529,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2225,8 +2581,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-receiver + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/integration/service-graph-metrics/.rendered/output.yaml b/charts/k8s-monitoring/tests/integration/service-graph-metrics/.rendered/output.yaml index 450a3df226..1b3e6b86f5 100644 --- a/charts/k8s-monitoring/tests/integration/service-graph-metrics/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/integration/service-graph-metrics/.rendered/output.yaml @@ -1428,6 +1428,7 @@ spec: create: true key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -1439,6 +1440,7 @@ spec: fieldPath: metadata.name extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1473,6 +1475,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1534,9 +1537,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1586,8 +1591,120 @@ spec: tls: [] nameOverride: null namespaceOverride: null + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -1628,12 +1745,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1668,6 +1787,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1729,9 +1849,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1779,8 +1901,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -1821,12 +2055,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1861,6 +2097,7 @@ spec: type: RuntimeDefault stabilityLevel: public-preview storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1922,9 +2159,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1974,8 +2213,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2016,6 +2367,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -2030,6 +2382,7 @@ spec: protocol: TCP targetPort: 4317 hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2064,6 +2417,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2125,9 +2479,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2175,8 +2531,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-receiver + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/integration/service-integrations/alloy/.rendered/output.yaml b/charts/k8s-monitoring/tests/integration/service-integrations/alloy/.rendered/output.yaml index 7f81b6adcd..1e197214fb 100644 --- a/charts/k8s-monitoring/tests/integration/service-integrations/alloy/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/integration/service-integrations/alloy/.rendered/output.yaml @@ -733,12 +733,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -773,6 +775,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -834,9 +837,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -884,8 +889,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/integration/service-integrations/cert-manager/.rendered/output.yaml b/charts/k8s-monitoring/tests/integration/service-integrations/cert-manager/.rendered/output.yaml index 66f7e303b9..1622801696 100644 --- a/charts/k8s-monitoring/tests/integration/service-integrations/cert-manager/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/integration/service-integrations/cert-manager/.rendered/output.yaml @@ -545,12 +545,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -585,6 +587,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -646,9 +649,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -696,8 +701,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/integration/service-integrations/coredns/.rendered/output.yaml b/charts/k8s-monitoring/tests/integration/service-integrations/coredns/.rendered/output.yaml index 8ae20ec639..87e76a44d8 100644 --- a/charts/k8s-monitoring/tests/integration/service-integrations/coredns/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/integration/service-integrations/coredns/.rendered/output.yaml @@ -1663,12 +1663,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1703,6 +1705,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1764,9 +1767,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1814,8 +1819,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/integration/service-integrations/etcd/.rendered/output.yaml b/charts/k8s-monitoring/tests/integration/service-integrations/etcd/.rendered/output.yaml index 5b225f8376..5b3adc7d32 100644 --- a/charts/k8s-monitoring/tests/integration/service-integrations/etcd/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/integration/service-integrations/etcd/.rendered/output.yaml @@ -538,12 +538,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -578,6 +580,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -639,9 +642,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -689,8 +694,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/integration/service-integrations/grafana/.rendered/output.yaml b/charts/k8s-monitoring/tests/integration/service-integrations/grafana/.rendered/output.yaml index 4fc0de8e79..1687fd3c45 100644 --- a/charts/k8s-monitoring/tests/integration/service-integrations/grafana/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/integration/service-integrations/grafana/.rendered/output.yaml @@ -2359,12 +2359,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2399,6 +2401,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2460,9 +2463,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2510,8 +2515,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2552,12 +2669,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2592,6 +2711,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2653,9 +2773,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2703,8 +2825,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-singleton + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2745,12 +2979,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2785,6 +3021,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2846,9 +3083,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2898,8 +3137,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/integration/service-integrations/loki/.rendered/output.yaml b/charts/k8s-monitoring/tests/integration/service-integrations/loki/.rendered/output.yaml index c3d781fbf0..6542bc3999 100644 --- a/charts/k8s-monitoring/tests/integration/service-integrations/loki/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/integration/service-integrations/loki/.rendered/output.yaml @@ -2385,12 +2385,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2425,6 +2427,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2486,9 +2489,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2536,8 +2541,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2578,12 +2695,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2618,6 +2737,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2679,9 +2799,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2729,8 +2851,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-singleton + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2771,12 +3005,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2811,6 +3047,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2872,9 +3109,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2924,8 +3163,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/integration/service-integrations/mysql/.rendered/output.yaml b/charts/k8s-monitoring/tests/integration/service-integrations/mysql/.rendered/output.yaml index 8ac8995329..553d44f47b 100644 --- a/charts/k8s-monitoring/tests/integration/service-integrations/mysql/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/integration/service-integrations/mysql/.rendered/output.yaml @@ -815,12 +815,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -855,6 +857,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -916,9 +919,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -966,8 +971,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -1008,12 +1125,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1048,6 +1167,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1109,9 +1229,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1161,8 +1283,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/integration/service-integrations/tempo/.rendered/output.yaml b/charts/k8s-monitoring/tests/integration/service-integrations/tempo/.rendered/output.yaml index f0533a416c..454b3a4004 100644 --- a/charts/k8s-monitoring/tests/integration/service-integrations/tempo/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/integration/service-integrations/tempo/.rendered/output.yaml @@ -2385,12 +2385,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2425,6 +2427,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2486,9 +2489,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2536,8 +2541,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2578,12 +2695,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2618,6 +2737,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2679,9 +2799,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2729,8 +2851,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-singleton + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2771,12 +3005,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2811,6 +3047,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2872,9 +3109,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2924,8 +3163,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/integration/sharded-kube-state-metrics/.rendered/output.yaml b/charts/k8s-monitoring/tests/integration/sharded-kube-state-metrics/.rendered/output.yaml index 06e0a49e29..d4b9b6c167 100644 --- a/charts/k8s-monitoring/tests/integration/sharded-kube-state-metrics/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/integration/sharded-kube-state-metrics/.rendered/output.yaml @@ -1965,12 +1965,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2005,6 +2007,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2066,9 +2069,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2116,8 +2121,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/integration/split-destinations/.rendered/output.yaml b/charts/k8s-monitoring/tests/integration/split-destinations/.rendered/output.yaml index 6e7f2a40bf..f989617638 100644 --- a/charts/k8s-monitoring/tests/integration/split-destinations/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/integration/split-destinations/.rendered/output.yaml @@ -2703,12 +2703,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2743,6 +2745,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2804,9 +2807,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2854,8 +2859,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2896,12 +3013,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2936,6 +3055,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2997,9 +3117,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -3049,8 +3171,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -3091,6 +3325,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -3101,6 +3336,7 @@ spec: protocol: TCP targetPort: 4317 hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -3135,6 +3371,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -3196,9 +3433,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -3246,8 +3485,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-receiver + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/integration/statsd/.rendered/output.yaml b/charts/k8s-monitoring/tests/integration/statsd/.rendered/output.yaml index 09f4132a14..f208ffc838 100644 --- a/charts/k8s-monitoring/tests/integration/statsd/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/integration/statsd/.rendered/output.yaml @@ -438,6 +438,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -452,6 +453,7 @@ spec: protocol: TCP targetPort: 8125 hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -486,6 +488,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -547,9 +550,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -597,8 +602,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-receiver + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/integration/tail-sampling/.rendered/output.yaml b/charts/k8s-monitoring/tests/integration/tail-sampling/.rendered/output.yaml index 1a7fc99e61..f8be668b34 100644 --- a/charts/k8s-monitoring/tests/integration/tail-sampling/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/integration/tail-sampling/.rendered/output.yaml @@ -1139,12 +1139,14 @@ spec: create: true key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1179,6 +1181,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1240,9 +1243,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1292,8 +1297,120 @@ spec: tls: [] nameOverride: null namespaceOverride: null + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -1334,12 +1451,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1374,6 +1493,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1435,9 +1555,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1485,8 +1607,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -1527,6 +1761,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -1537,6 +1772,7 @@ spec: protocol: TCP targetPort: 4317 hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1571,6 +1807,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1632,9 +1869,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1682,8 +1921,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-receiver + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/integration/uninstall/.rendered/output.yaml b/charts/k8s-monitoring/tests/integration/uninstall/.rendered/output.yaml index 8f709fdf9f..48a8de832f 100644 --- a/charts/k8s-monitoring/tests/integration/uninstall/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/integration/uninstall/.rendered/output.yaml @@ -2629,12 +2629,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2669,6 +2671,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2730,9 +2733,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2780,8 +2785,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2822,12 +2939,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2862,6 +2981,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2923,9 +3043,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2973,8 +3095,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-singleton + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -3015,12 +3249,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -3055,6 +3291,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -3116,9 +3353,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -3168,8 +3407,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/integration/upgrade/major/.rendered/output.yaml b/charts/k8s-monitoring/tests/integration/upgrade/major/.rendered/output.yaml index bbf12b8f69..06bc91cc97 100644 --- a/charts/k8s-monitoring/tests/integration/upgrade/major/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/integration/upgrade/major/.rendered/output.yaml @@ -2655,12 +2655,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2695,6 +2697,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2756,9 +2759,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2806,8 +2811,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2848,12 +2965,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2888,6 +3007,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2949,9 +3069,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2999,8 +3121,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-singleton + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -3041,12 +3275,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -3081,6 +3317,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -3142,9 +3379,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -3194,8 +3433,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/integration/upgrade/minor/.rendered/output.yaml b/charts/k8s-monitoring/tests/integration/upgrade/minor/.rendered/output.yaml index a487dfd69a..9cd13cab3c 100644 --- a/charts/k8s-monitoring/tests/integration/upgrade/minor/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/integration/upgrade/minor/.rendered/output.yaml @@ -2655,12 +2655,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2695,6 +2697,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2756,9 +2759,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2806,8 +2811,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2848,12 +2965,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2888,6 +3007,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2949,9 +3069,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2999,8 +3121,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-singleton + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -3041,12 +3275,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -3081,6 +3317,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -3142,9 +3379,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -3194,8 +3433,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/integration/upgrade/patch/.rendered/output.yaml b/charts/k8s-monitoring/tests/integration/upgrade/patch/.rendered/output.yaml index f35ac864f5..53870b62c5 100644 --- a/charts/k8s-monitoring/tests/integration/upgrade/patch/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/integration/upgrade/patch/.rendered/output.yaml @@ -2655,12 +2655,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2695,6 +2697,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2756,9 +2759,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2806,8 +2811,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2848,12 +2965,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2888,6 +3007,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2949,9 +3069,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2999,8 +3121,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-singleton + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -3041,12 +3275,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -3081,6 +3317,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -3142,9 +3379,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -3194,8 +3433,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/platform/aks/.rendered/output.yaml b/charts/k8s-monitoring/tests/platform/aks/.rendered/output.yaml index ce2a9d8206..a5c081c227 100644 --- a/charts/k8s-monitoring/tests/platform/aks/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/platform/aks/.rendered/output.yaml @@ -2348,12 +2348,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2388,6 +2390,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2449,9 +2452,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2500,8 +2505,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2542,12 +2659,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2582,6 +2701,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2643,9 +2763,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2694,8 +2816,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-singleton + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2736,12 +2970,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2776,6 +3012,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2837,9 +3074,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2890,8 +3129,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/platform/eks-fargate/.rendered/output.yaml b/charts/k8s-monitoring/tests/platform/eks-fargate/.rendered/output.yaml index d431ee6ff1..e5f4686d10 100644 --- a/charts/k8s-monitoring/tests/platform/eks-fargate/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/platform/eks-fargate/.rendered/output.yaml @@ -2525,12 +2525,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2565,6 +2567,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2626,9 +2629,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2676,8 +2681,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2718,12 +2835,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2758,6 +2877,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2819,9 +2939,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2869,8 +2991,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-singleton + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2911,12 +3145,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2951,6 +3187,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -3012,9 +3249,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: alpha.eksctl.io/nodegroup-name: ng-linux kubernetes.io/arch: amd64 @@ -3066,8 +3305,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/platform/eks-with-windows/.rendered/output.yaml b/charts/k8s-monitoring/tests/platform/eks-with-windows/.rendered/output.yaml index 015878117d..ad3c75c943 100644 --- a/charts/k8s-monitoring/tests/platform/eks-with-windows/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/platform/eks-with-windows/.rendered/output.yaml @@ -2671,12 +2671,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2711,6 +2713,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2772,9 +2775,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2822,8 +2827,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2864,12 +2981,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2904,6 +3023,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2965,9 +3085,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -3015,8 +3137,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-singleton + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -3057,12 +3291,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -3097,6 +3333,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -3158,9 +3395,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -3210,8 +3449,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/platform/gke-autopilot/.rendered/output.yaml b/charts/k8s-monitoring/tests/platform/gke-autopilot/.rendered/output.yaml index a389b78d95..273d663789 100644 --- a/charts/k8s-monitoring/tests/platform/gke-autopilot/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/platform/gke-autopilot/.rendered/output.yaml @@ -1806,12 +1806,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1846,6 +1848,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1907,9 +1910,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1957,8 +1962,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -1999,12 +2116,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2039,6 +2158,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2100,9 +2220,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2150,8 +2272,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-singleton + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2192,12 +2426,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2232,6 +2468,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2293,9 +2530,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2345,8 +2584,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/platform/gke/.rendered/output.yaml b/charts/k8s-monitoring/tests/platform/gke/.rendered/output.yaml index d8d8fd1a67..16782d226b 100644 --- a/charts/k8s-monitoring/tests/platform/gke/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/platform/gke/.rendered/output.yaml @@ -1145,6 +1145,7 @@ data: comment = "Must be a list of log destinations where collected logs should be forwarded to" } + otelcol.receiver.filelog "pod_manifests" { include = ["/var/kubernetes-manifests/pods/*/*.json"] include_file_path_resolved = true @@ -1204,6 +1205,130 @@ data: logs = argument.logs_destinations.value } } + + + otelcol.receiver.filelog "deployment_manifests" { + include = ["/var/kubernetes-manifests/deployments/*/*.json"] + include_file_path_resolved = true + start_at = "beginning" + delete_after_read = true + + output { + logs = [otelcol.processor.transform.deployment_manifests.input] + } + } + + otelcol.processor.transform "deployment_manifests" { + error_mode = "ignore" + + log_statements { + context = "log" + statements = [ + `merge_maps(attributes, ExtractPatterns(log.attributes["log.file.path_resolved"], "^/var/kubernetes-manifests/deployments/(?P[^/]+)/(?P[^.]+)\\.json$"), "upsert")`, + `set(resource.attributes["k8s.namespace.name"], attributes["namespace"])`, + `set(resource.attributes["k8s.deployment.name"], attributes["deployment"])`, + `set(resource.attributes["service.name"], "k8s.grafana.com/manifest-collector")`, + `set(resource.attributes["service.namespace"], "default")`, + ] + } + + output { + logs = argument.logs_destinations.value + } + } + + + otelcol.receiver.filelog "statefulset_manifests" { + include = ["/var/kubernetes-manifests/statefulsets/*/*.json"] + include_file_path_resolved = true + start_at = "beginning" + delete_after_read = true + + output { + logs = [otelcol.processor.transform.statefulset_manifests.input] + } + } + + otelcol.processor.transform "statefulset_manifests" { + error_mode = "ignore" + + log_statements { + context = "log" + statements = [ + `merge_maps(attributes, ExtractPatterns(log.attributes["log.file.path_resolved"], "^/var/kubernetes-manifests/statefulsets/(?P[^/]+)/(?P[^.]+)\\.json$"), "upsert")`, + `set(resource.attributes["k8s.namespace.name"], attributes["namespace"])`, + `set(resource.attributes["k8s.statefulset.name"], attributes["statefulset"])`, + `set(resource.attributes["service.name"], "k8s.grafana.com/manifest-collector")`, + `set(resource.attributes["service.namespace"], "default")`, + ] + } + + output { + logs = argument.logs_destinations.value + } + } + + + otelcol.receiver.filelog "daemonset_manifests" { + include = ["/var/kubernetes-manifests/daemonsets/*/*.json"] + include_file_path_resolved = true + start_at = "beginning" + delete_after_read = true + + output { + logs = [otelcol.processor.transform.daemonset_manifests.input] + } + } + + otelcol.processor.transform "daemonset_manifests" { + error_mode = "ignore" + + log_statements { + context = "log" + statements = [ + `merge_maps(attributes, ExtractPatterns(log.attributes["log.file.path_resolved"], "^/var/kubernetes-manifests/daemonsets/(?P[^/]+)/(?P[^.]+)\\.json$"), "upsert")`, + `set(resource.attributes["k8s.namespace.name"], attributes["namespace"])`, + `set(resource.attributes["k8s.daemonset.name"], attributes["daemonset"])`, + `set(resource.attributes["service.name"], "k8s.grafana.com/manifest-collector")`, + `set(resource.attributes["service.namespace"], "default")`, + ] + } + + output { + logs = argument.logs_destinations.value + } + } + + + otelcol.receiver.filelog "cronjob_manifests" { + include = ["/var/kubernetes-manifests/cronjobs/*/*.json"] + include_file_path_resolved = true + start_at = "beginning" + delete_after_read = true + + output { + logs = [otelcol.processor.transform.cronjob_manifests.input] + } + } + + otelcol.processor.transform "cronjob_manifests" { + error_mode = "ignore" + + log_statements { + context = "log" + statements = [ + `merge_maps(attributes, ExtractPatterns(log.attributes["log.file.path_resolved"], "^/var/kubernetes-manifests/cronjobs/(?P[^/]+)/(?P[^.]+)\\.json$"), "upsert")`, + `set(resource.attributes["k8s.namespace.name"], attributes["namespace"])`, + `set(resource.attributes["k8s.cronjob.name"], attributes["cronjob"])`, + `set(resource.attributes["service.name"], "k8s.grafana.com/manifest-collector")`, + `set(resource.attributes["service.namespace"], "default")`, + ] + } + + output { + logs = argument.logs_destinations.value + } + } } kubernetes_manifests "feature" { logs_destinations = [ @@ -1574,74 +1699,87 @@ data: script_name="script.sh" fi - DefaultRefreshInterval=60 + DefaultWatchTimeout=30 usage() { echo "Usage: ${script_name} [OPTIONS]" echo "" echo "Collects Kubernetes manifests and saves them as files." echo "" - echo "Pod manifests are stored at \${MANIFEST_DIR}/pods//.json" + echo "Resource manifests are stored at \${MANIFEST_DIR}///.json" echo "" echo "Requires the MANIFEST_DIR environment variable to be set to the target directory." echo "" echo "Options:" - echo " -n, --namespaces Comma or space separated list of namespaces to scan." - echo " When omitted, all namespaces are scanned." - echo " -p, --pod-filters Comma or space separated list of jq selectors to drop" - echo " from the pod JSON. Default: \".status\"" - echo " --refresh-interval How frequently to refresh manifests. Default: \"${DefaultRefreshInterval}\"" + echo " -k, --kind Kubernetes resource kind passed to \"kubectl get\"." + echo " Default: pods" + echo " -n, --namespace Namespace to scan. When omitted, all namespaces" + echo " are scanned." + echo " -f, --filters Comma or space separated list of jq selectors to drop" + echo " from the resource JSON. Default: \".status\"" + echo " --watch-timeout How long to keep a watch open before restarting." + echo " Default: ${DefaultWatchTimeout} seconds." echo " -h, --help Show this help message." } - podNamespaces=() - podFilters=(".status") - refreshInterval="${DefaultRefreshInterval}" + kind="pods" + kindDir="pods" + namespace="" + filters=(".status") + watchTimeout="${DefaultWatchTimeout}" while [[ $# -gt 0 ]]; do case "$1" in - -n|--namespaces) + -k|--kind) if [[ $# -lt 2 ]]; then - echo "Error: --namespaces requires an argument." >&2 + echo "Error: --kind requires an argument." >&2 usage exit 1 fi - - sanitized="${2//$'\n'/ }" - sanitized="${sanitized//,/ }" - read -ra parsedNamespaces <<< "${sanitized}" - for ns in "${parsedNamespaces[@]}"; do - [[ -n "${ns}" ]] || continue - podNamespaces+=("${ns}") - done - + kind="$2" + kindDir="${kind,,}" # Forces lowercase + kindDir="${kindDir//[^a-z0-9._-]/_}" # Replace special characters with _ + shift 2 + ;; + -n|--namespace) + if [[ $# -lt 2 ]]; then + echo "Error: --namespace requires an argument." >&2 + usage + exit 1 + fi + namespace="$2" shift 2 ;; - -p|--pod-filters) + -f|--filters) if [[ $# -lt 2 ]]; then - echo "Error: --pod-filters requires an argument." >&2 + echo "Error: --filters requires an argument." >&2 usage exit 1 fi - podFilters=() + filters=() sanitized="${2//$'\n'/ }" sanitized="${sanitized//,/ }" - read -ra parsedPodFilters <<< "${sanitized}" - for filter in "${parsedPodFilters[@]}"; do + read -ra parsedFilters <<< "${sanitized}" + for filter in "${parsedFilters[@]}"; do [[ -n "${filter}" ]] || continue - podFilters+=("${filter}") + filters+=("${filter}") done + jqFilters="$(build_jq_filter "${filters[@]}")" shift 2 ;; - --refresh-interval) + --watch-timeout) if [[ $# -lt 2 ]]; then - echo "Error: --pod-refresh requires an argument." >&2 + echo "Error: --watch-timeout requires an argument." >&2 usage exit 1 fi - refreshInterval="$2" + watchTimeout="$2" + if ! [[ "${watchTimeout}" =~ ^[0-9]+$ ]] || (( watchTimeout <= 0 )); then + echo "Error: --watch-timeout must be a positive integer (seconds)." >&2 + exit 1 + fi shift 2 ;; -h|--help) @@ -1656,19 +1794,13 @@ data: esac done - if [[ -z "${namespaces_arg}" && -n "${NAMESPACES:-}" ]]; then - namespaces_arg="${NAMESPACES}" - fi - if [[ -z "${MANIFEST_DIR:-}" ]]; then - echo "MANIFEST_DIR environment variable must be set." >&2 + echo "Error: MANIFEST_DIR environment variable must be set." >&2 exit 1 fi mkdir -p "${MANIFEST_DIR}" - watchPids=() - build_jq_filter() { local program="." for filter in "$@"; do @@ -1678,163 +1810,91 @@ data: printf '%s' "${program}" } - collect_pod_manifest() { + jqFilters="$(build_jq_filter "${filters[@]}")" + + collect_manifest() { local namespace="$1" - local podName="$2" + local resourceName="$2" - [[ -n "${namespace}" && -n "${podName}" ]] || return 0 + [[ -n "${namespace}" && -n "${resourceName}" ]] || return 0 - local namespace_dir="${MANIFEST_DIR}/pods/${namespace}" - mkdir -p "${namespace_dir}" + local namespaceDir="${MANIFEST_DIR}/${kindDir}/${namespace}" + mkdir -p "${namespaceDir}" - local outputFile="${namespace_dir}/${podName}.json" + local outputFile="${namespaceDir}/${resourceName}.json" local tmpFile="${outputFile}.tmp" - pod_output_filter="$(build_jq_filter "${podFilters[@]}")" - if kubectl get pod --namespace "${namespace}" "${podName}" -o json | jq --compact-output "${pod_output_filter}" > "${tmpFile}"; then + if kubectl get "${kind}" --namespace "${namespace}" "${resourceName}" -o json \ + | jq --compact-output "${jqFilters}" > "${tmpFile}"; then if [[ ! -f "${outputFile}" ]] || ! cmp -s "${tmpFile}" "${outputFile}"; then - echo "Storing pod manifest \"${namespace}/${podName}\"" + echo "[INFO] ${kind}: Saving manifest for \"${namespace}/${resourceName}\"" mv "${tmpFile}" "${outputFile}" else - echo "No changes to pod manifest \"${namespace}/${podName}\"" + echo "[DEBUG] ${kind}: No changes to manifest for \"${namespace}/${resourceName}\"" rm -f "${tmpFile}" fi else - echo "Failed to collect manifest for pod ${namespace}/${podName}" >&2 + echo "[ERROR] ${kind}: Failed to collect manifest for ${kind} ${namespace}/${resourceName}" >&2 rm -f "${tmpFile}" fi } - remove_pod_manifest() { + remove_manifest() { local namespace="$1" - local podName="$2" + local resourceName="$2" - [[ -n "${namespace}" && -n "${podName}" ]] || return + [[ -n "${namespace}" && -n "${resourceName}" ]] || return - local outputFile="${MANIFEST_DIR}/pods/${namespace}/${podName}.json" + local outputFile="${MANIFEST_DIR}/${kindDir}/${namespace}/${resourceName}.json" if [[ -f "${outputFile}" ]]; then rm -f "${outputFile}" - echo "Removed pod manifest \"${namespace}/${podName}\"" - fi - } - - collect_all_pod_manifests() { - if podEntries=$(kubectl get pods --all-namespaces -o jsonpath='{range .items[*]}{.metadata.namespace}{" "}{.metadata.name}{"\n"}{end}'); then - while IFS= read -r entry; do - [[ -n "${entry}" ]] || continue - read -r namespace podName _ <<< "${entry}" - if [[ -z "${namespace}" || -z "${podName}" ]]; then - continue - fi - collect_pod_manifest "${namespace}" "${podName}" - done <<< "${podEntries}" - else - echo "Failed to list pods across all namespaces." >&2 - fi - } - - collect_pod_manifests_by_namespace() { - for namespace in "${podNamespaces[@]}"; do - [[ -n "${namespace}" ]] || continue - - if ! podNames=$(kubectl get pods --namespace "${namespace}" -o jsonpath='{range .items[*]}{.metadata.name}{"\n"}{end}'); then - echo "Failed to list pods in namespace ${namespace}" >&2 - continue - fi - - while IFS= read -r podName; do - [[ -n "${podName}" ]] || continue - collect_pod_manifest "${namespace}" "${podName}" - done <<< "${podNames}" - done - } - - refresh_pod_manifests() { - if [[ ${#podNamespaces[@]} -eq 0 ]]; then - collect_all_pod_manifests - else - collect_pod_manifests_by_namespace + echo "[INFO] ${kind}: Removed manifest for \"${namespace}/${resourceName}\"" fi } - handle_pod_watch_event() { + handle_watch_event() { local eventType="$1" local namespace="$2" - local podName="$3" + local resourceName="$3" - [[ -n "${event_type}" && -n "${namespace}" && -n "${podName}" ]] || return + [[ -n "${eventType}" && -n "${namespace}" && -n "${resourceName}" ]] || return - echo "Pod event: ${namespace}/${podName}: ${eventType}" + echo "[DEBUG] ${kind}: ${eventType} event for ${namespace}/${resourceName}" case "${eventType}" in ADDED|MODIFIED) - collect_pod_manifest "${namespace}" "${podName}" + collect_manifest "${namespace}" "${resourceName}" ;; DELETED) - remove_pod_manifest "${namespace}" "${podName}" + remove_manifest "${namespace}" "${resourceName}" ;; *) ;; esac } - watch_pods() { - local kubectl_args=("$@") - echo "Starting pod watcher: kubectl get pods ${kubectl_args[*]}" + watch_resources() { + local kubectlArgs=() + if [[ -n "${namespace}" ]]; then + kubectlArgs=(--namespace "${namespace}") + echo "[INFO] ${kind}: Watching namespace ${namespace}" + else + kubectlArgs=(--all-namespaces) + echo "[INFO] ${kind}: Watching all namespaces" + fi while true; do - if ! kubectl get pods "${kubectl_args[@]}" --watch --output-watch-events -o json \ + if ! timeout --foreground "${watchTimeout}s" kubectl get "${kind}" "${kubectlArgs[@]}" --watch --output-watch-events -o json \ | jq --unbuffered -r 'select(.object.metadata.namespace != null and .object.metadata.name != null and .type != null) | "\(.type) \(.object.metadata.namespace) \(.object.metadata.name)"' \ - | while read -r eventType namespace podName; do - handle_pod_watch_event "${eventType}" "${namespace}" "${podName}" + | while read -r eventType namespace resourceName; do + handle_watch_event "${eventType}" "${namespace}" "${resourceName}" done; then - echo "Pod watch ended unexpectedly for args: ${kubectl_args[*]}" >&2 + echo "[WARN] ${kind}: Watch ended; restarting in 5 seconds." >&2 sleep 5 fi done } - start_pod_watches() { - if [[ ${#podNamespaces[@]} -eq 0 ]]; then - watch_pods "--all-namespaces" & - watchPids+=("$!") - else - for namespace in "${podNamespaces[@]}"; do - [[ -n "${namespace}" ]] || continue - watch_pods "--namespace" "${namespace}" & - watchPids+=("$!") - done - fi - } - - stop_pod_watches() { - if [[ ${#watchPids[@]} -eq 0 ]]; then - return - fi - - for pid in "${watchPids[@]}"; do - [[ -n "${pid}" ]] || continue - kill "${pid}" 2>/dev/null || true - done - - watchPids=() - } - - trap stop_pod_watches EXIT - - start_pod_watches - - loop_delay="${POD_LOOP_DELAY:-5}" - lastFullSync=0 - - while true; do - currentTime=$(date +%s) - if (( currentTime - lastFullSync >= refreshInterval )); then - refresh_pod_manifests - lastFullSync="${currentTime}" - fi - - sleep "${loop_delay}" - done + watch_resources --- # Source: k8s-monitoring/templates/alloy-config.yaml apiVersion: v1 @@ -2525,6 +2585,28 @@ rules: - create - patch --- +# Source: k8s-monitoring/templates/kubernetes-manifest-rules.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: k8smon-alloy-singleton-kubernetes-manifests + namespace: default +rules: + - apiGroups: + - "" + - apps + - batch + resources: + - pods + - deployments + - statefulsets + - daemonsets + - cronjobs + verbs: + - get + - list + - watch +--- # Source: k8s-monitoring/charts/alloy-operator/templates/rbac/leader-election.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding @@ -2546,6 +2628,21 @@ subjects: name: k8smon-alloy-operator namespace: default --- +# Source: k8s-monitoring/templates/kubernetes-manifest-rules.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: k8smon-alloy-singleton-kubernetes-manifests + namespace: default +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: k8smon-alloy-singleton-kubernetes-manifests +subjects: + - kind: ServiceAccount + name: k8smon-alloy-singleton + namespace: default +--- # Source: k8s-monitoring/charts/alloy-operator/templates/service.yaml apiVersion: v1 kind: Service @@ -3237,12 +3334,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -3277,6 +3376,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -3338,9 +3438,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -3388,8 +3490,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -3430,12 +3644,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -3473,6 +3689,7 @@ spec: type: RuntimeDefault stabilityLevel: public-preview storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -3536,13 +3753,24 @@ spec: extraContainers: - command: - /bin/bash - - /etc/alloy/collect-manifests.sh - - --refresh-interval - - 3600 + - -c + - | + set -euo pipefail + pids=() + bash /etc/alloy/collect-manifests.sh --kind pods --namespace "default" --watch-timeout 3600 & + pids+=("$!") + bash /etc/alloy/collect-manifests.sh --kind deployments --namespace "default" --watch-timeout 3600 & + pids+=("$!") + bash /etc/alloy/collect-manifests.sh --kind statefulsets --namespace "default" --watch-timeout 3600 & + pids+=("$!") + bash /etc/alloy/collect-manifests.sh --kind daemonsets --namespace "default" --watch-timeout 3600 & + pids+=("$!") + trap 'for pid in "${pids[@]}"; do kill "${pid}" 2>/dev/null || true; done' EXIT + wait -n "${pids[@]}" env: - name: MANIFEST_DIR value: /var/kubernetes-manifests - image: ghcr.io/grafana/helm-chart-toolbox-kubectl:0.1.2 + image: ghcr.io/grafana/helm-chart-toolbox-kubectl:0.1.3 imagePullPolicy: IfNotPresent name: kubernetes-manifest-collector volumeMounts: @@ -3551,9 +3779,11 @@ spec: - mountPath: /var/kubernetes-manifests name: kubernetes-manifests readOnly: false + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -3604,8 +3834,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-singleton + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -3646,12 +3988,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -3686,6 +4030,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -3747,9 +4092,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -3799,8 +4146,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/platform/gpu/.rendered/output.yaml b/charts/k8s-monitoring/tests/platform/gpu/.rendered/output.yaml index 7f60768027..8bef45585f 100644 --- a/charts/k8s-monitoring/tests/platform/gpu/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/platform/gpu/.rendered/output.yaml @@ -1815,12 +1815,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1855,6 +1857,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1916,9 +1919,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1966,8 +1971,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/platform/grafana-cloud/app-observability/.rendered/output.yaml b/charts/k8s-monitoring/tests/platform/grafana-cloud/app-observability/.rendered/output.yaml index 62af1d88c3..b688d3e7fe 100644 --- a/charts/k8s-monitoring/tests/platform/grafana-cloud/app-observability/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/platform/grafana-cloud/app-observability/.rendered/output.yaml @@ -1127,12 +1127,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1167,6 +1169,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1228,9 +1231,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1280,8 +1285,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -1322,6 +1439,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -1336,6 +1454,7 @@ spec: protocol: TCP targetPort: 4317 hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1370,6 +1489,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1431,9 +1551,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1481,8 +1603,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-receiver + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/platform/grafana-cloud/database-observability/.rendered/output.yaml b/charts/k8s-monitoring/tests/platform/grafana-cloud/database-observability/.rendered/output.yaml index e773524af9..7076001203 100644 --- a/charts/k8s-monitoring/tests/platform/grafana-cloud/database-observability/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/platform/grafana-cloud/database-observability/.rendered/output.yaml @@ -810,12 +810,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -850,6 +852,7 @@ spec: type: RuntimeDefault stabilityLevel: experimental storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -911,9 +914,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -961,8 +966,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-singleton + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/platform/grafana-cloud/k8s-monitoring/.rendered/output.yaml b/charts/k8s-monitoring/tests/platform/grafana-cloud/k8s-monitoring/.rendered/output.yaml index 306a06fcc8..4a23d0d6fd 100644 --- a/charts/k8s-monitoring/tests/platform/grafana-cloud/k8s-monitoring/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/platform/grafana-cloud/k8s-monitoring/.rendered/output.yaml @@ -3634,12 +3634,14 @@ spec: create: true key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -3674,6 +3676,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -3735,9 +3738,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -3788,8 +3793,120 @@ spec: tls: [] nameOverride: null namespaceOverride: null + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -3830,12 +3947,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -3870,6 +3989,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -3931,9 +4051,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -3982,8 +4104,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -4024,12 +4258,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -4064,6 +4300,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -4125,9 +4362,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -4176,8 +4415,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-singleton + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -4218,12 +4569,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -4258,6 +4611,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -4319,9 +4673,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -4372,8 +4728,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -4414,6 +4882,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -4424,6 +4893,7 @@ spec: protocol: TCP targetPort: 4317 hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -4458,6 +4928,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -4519,9 +4990,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -4570,8 +5043,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-receiver + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/platform/openshift/.rendered/output.yaml b/charts/k8s-monitoring/tests/platform/openshift/.rendered/output.yaml index fba19a90e8..98604a154c 100644 --- a/charts/k8s-monitoring/tests/platform/openshift/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/platform/openshift/.rendered/output.yaml @@ -2207,12 +2207,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2249,6 +2251,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /var/lib/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2310,9 +2313,11 @@ spec: enableStatefulSetAutoDeletePVC: true extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2369,8 +2374,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2411,12 +2528,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2451,6 +2570,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2512,9 +2632,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2562,8 +2684,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-singleton + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -2604,12 +2838,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2644,6 +2880,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2705,9 +2942,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2759,8 +2998,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/platform/otlp-gateway/.rendered/output.yaml b/charts/k8s-monitoring/tests/platform/otlp-gateway/.rendered/output.yaml index c4a961b06d..b99500f70f 100644 --- a/charts/k8s-monitoring/tests/platform/otlp-gateway/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/platform/otlp-gateway/.rendered/output.yaml @@ -1604,12 +1604,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1644,6 +1646,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1705,9 +1708,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1755,8 +1760,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -1797,12 +1914,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -1837,6 +1956,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -1898,9 +2018,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -1948,8 +2070,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-singleton + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -1990,12 +2224,14 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] extraEnv: [] extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -2030,6 +2266,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -2091,9 +2328,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -2143,8 +2382,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" diff --git a/charts/k8s-monitoring/tests/platform/remote-config/.rendered/output.yaml b/charts/k8s-monitoring/tests/platform/remote-config/.rendered/output.yaml index a7a5b7f961..5de21c3a38 100644 --- a/charts/k8s-monitoring/tests/platform/remote-config/.rendered/output.yaml +++ b/charts/k8s-monitoring/tests/platform/remote-config/.rendered/output.yaml @@ -381,6 +381,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -407,6 +408,7 @@ spec: value: k8smon-$(CLUSTER_NAME)-$(NAMESPACE)-$(POD_NAME) extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -441,6 +443,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -502,9 +505,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -552,8 +557,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-metrics + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" @@ -594,6 +711,7 @@ spec: create: false key: null name: null + enableHttpServerPort: true enableReporting: true envFrom: [] extraArgs: [] @@ -620,6 +738,7 @@ spec: value: k8smon-$(CLUSTER_NAME)-$(NAMESPACE)-alloy-logs-$(NODE_NAME) extraPorts: [] hostAliases: [] + initialDelaySeconds: 10 lifecycle: {} listenAddr: 0.0.0.0 listenPort: 12345 @@ -654,6 +773,7 @@ spec: type: RuntimeDefault stabilityLevel: generally-available storagePath: /tmp/alloy + timeoutSeconds: 1 uiPathPrefix: / configReloader: customArgs: [] @@ -715,9 +835,11 @@ spec: enableStatefulSetAutoDeletePVC: false extraAnnotations: {} extraContainers: [] + extraLabels: {} hostNetwork: false hostPID: false initContainers: [] + minReadySeconds: 10 nodeSelector: kubernetes.io/os: linux parallelRollout: true @@ -767,8 +889,120 @@ spec: pathType: Prefix tls: [] nameOverride: alloy-logs + networkPolicy: + egress: + - {} + enabled: false + flavor: kubernetes + ingress: + - {} + policyTypes: + - Ingress + - Egress rbac: + clusterRules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get create: true + namespaces: [] + rules: + - apiGroups: + - "" + - discovery.k8s.io + - networking.k8s.io + resources: + - endpoints + - endpointslices + - ingresses + - pods + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.grafana.com + resources: + - podlogs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagerconfigs + verbs: + - get + - list + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + - probes + - scrapeconfigs + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch service: annotations: {} clusterIP: "" From d17a733378ef040ba6687515922395343bd2da4c Mon Sep 17 00:00:00 2001 From: Pete Wall Date: Wed, 3 Dec 2025 10:29:40 -0600 Subject: [PATCH 04/10] Updates Signed-off-by: Pete Wall --- .../feature-kubernetes-manifests/README.md | 30 +- .../collect-manifests.sh | 12 +- .../templates/_collector_validation.tpl | 9 - .../templates/_sidecar.tpl | 6 +- .../templates/_validation.tpl | 18 + .../templates/configmap.yaml | 11 - .../templates/test/collector.yaml | 10 + .../templates/test/configmap.yaml | 14 + .../tests/__snapshot__/default_test.yaml.snap | 326 +++++++++++++++++- .../tests/default_test.yaml | 41 ++- .../tests/validation_test.yaml | 18 + .../values.schema.json | 16 +- .../feature-kubernetes-manifests/values.yaml | 32 +- .../tests/platform/gke/.rendered/output.yaml | 94 +++-- .../tests/platform/gke/values.yaml | 12 +- 15 files changed, 535 insertions(+), 114 deletions(-) create mode 100644 charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/_validation.tpl delete mode 100644 charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/configmap.yaml create mode 100644 charts/k8s-monitoring/charts/feature-kubernetes-manifests/templates/test/configmap.yaml create mode 100644 charts/k8s-monitoring/charts/feature-kubernetes-manifests/tests/validation_test.yaml diff --git a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/README.md b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/README.md index 2e53cf4b8a..6614de6050 100644 --- a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/README.md +++ b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/README.md @@ -43,18 +43,22 @@ Be sure perform actual integration testing in a live environment in the main [k8 ## Values +### Image + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| image | object | `{"digest":"","pullPolicy":"IfNotPresent","pullSecrets":[],"registry":"ghcr.io","repository":"grafana/helm-chart-toolbox-kubectl","tag":"0.1.3"}` | The image to run to get the Kubernetes manifests from this cluster. It must contain `kubectl` and `jq` at a minimum. | + +### General Settings + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| kinds | object | `{"cronjobs":{"gather":false},"daemonsets":{"gather":false},"deployments":{"gather":false},"pods":{"gather":false},"statefulsets":{"gather":false}}` | The kinds of manifests to gather. | +| namespaces | list | `[]` | Only gather manifests from these namespaces. If empty, gather from all. This affects the manifests gathered, but Also if this chart deploys ClusterRoles and ClusterRoleBindings or Roles and RoleBindings. | +| refreshInterval | string | `"1d"` | How frequently to refresh all manifests, regardless of if they have changed. At maximum, this should be set lower Than the retention period for your log storage. | + +### Other Values + | Key | Type | Default | Description | |-----|------|---------|-------------| -| image.digest | string | `""` | | -| image.pullPolicy | string | `"IfNotPresent"` | | -| image.pullSecrets | list | `[]` | | -| image.registry | string | `"ghcr.io"` | | -| image.repository | string | `"grafana/helm-chart-toolbox-kubectl"` | | -| image.tag | string | `"0.1.3"` | | -| kinds.cronjobs.gather | bool | `true` | | -| kinds.daemonsets.gather | bool | `true` | | -| kinds.deployments.gather | bool | `true` | | -| kinds.pods.gather | bool | `true` | | -| kinds.statefulsets.gather | bool | `true` | | -| namespaces | list | `[]` | | -| refreshInterval | int | `3600` | | +| global.image.registry | string | `""` | | diff --git a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/collect-manifests.sh b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/collect-manifests.sh index d9cd703f06..029953f5a3 100755 --- a/charts/k8s-monitoring/charts/feature-kubernetes-manifests/collect-manifests.sh +++ b/charts/k8s-monitoring/charts/feature-kubernetes-manifests/collect-manifests.sh @@ -6,7 +6,7 @@ if [[ "${script_name}" == "bash" || "${script_name}" == "-bash" ]]; then script_name="script.sh" fi -DefaultWatchTimeout=30 +DefaultWatchTimeout=30s usage() { echo "Usage: ${script_name} [OPTIONS]" @@ -24,8 +24,8 @@ usage() { echo " are scanned." echo " -f, --filters Comma or space separated list of jq selectors to drop" echo " from the resource JSON. Default: \".status\"" - echo " --watch-timeout How long to keep a watch open before restarting." - echo " Default: ${DefaultWatchTimeout} seconds." + echo " --watch-timeout