From f68109d024d01ff9db31efeb1f00514b042eb85e Mon Sep 17 00:00:00 2001 From: Tine Date: Mon, 29 Jul 2024 22:22:51 +0200 Subject: [PATCH] wip --- .../modules/cluster-components/gateway.tf | 2 +- .../modules/cluster-components/main.tf | 15 --------- .../modules/cluster-core/monitoring.tf | 31 +++++++------------ 3 files changed, 13 insertions(+), 35 deletions(-) diff --git a/k8s.tjo.cloud/modules/cluster-components/gateway.tf b/k8s.tjo.cloud/modules/cluster-components/gateway.tf index 3bfdd23..1d85555 100644 --- a/k8s.tjo.cloud/modules/cluster-components/gateway.tf +++ b/k8s.tjo.cloud/modules/cluster-components/gateway.tf @@ -54,7 +54,7 @@ resource "kubernetes_manifest" "gateway_class_config" { type = "Kubernetes" kubernetes = { envoyService = { - type = "LoadBalancer" + type = "ClusterIP" externalTrafficPolicy = "Local" annotations = { "io.cilium.nodeipam/match-node-labels" = "k8s.tjo.cloud/public=true" diff --git a/k8s.tjo.cloud/modules/cluster-components/main.tf b/k8s.tjo.cloud/modules/cluster-components/main.tf index 3820680..61fbd67 100644 --- a/k8s.tjo.cloud/modules/cluster-components/main.tf +++ b/k8s.tjo.cloud/modules/cluster-components/main.tf @@ -3,18 +3,3 @@ resource "kubernetes_namespace" "tjo-cloud" { name = "tjo-cloud" } } - -resource "kubernetes_manifest" "loadbalancer_ips" { - for_each = var.loadbalancer_ips - - manifest = { - apiVersion = "cilium.io/v2alpha1" - kind = "CiliumLoadBalancerIPPool" - metadata = { - name = each.key - } - spec = { - blocks = [for ip in each.value.ipv4 : { start : ip }] - } - } -} diff --git a/k8s.tjo.cloud/modules/cluster-core/monitoring.tf b/k8s.tjo.cloud/modules/cluster-core/monitoring.tf index 20cfbdb..3ab5a9d 100644 --- a/k8s.tjo.cloud/modules/cluster-core/monitoring.tf +++ b/k8s.tjo.cloud/modules/cluster-core/monitoring.tf @@ -62,13 +62,6 @@ resource "helm_release" "grafana-alloy" { - key: "node-role.kubernetes.io/control-plane" effect: "NoSchedule" alloy: - extraEnv: - - name: "CLUSTER_NAME" - value: "${var.cluster_name}" - - name: "PROMETHEUS_CLIENT_ID" - value: "o6Tz2215HLvhvZ4RCZCR8oMmCapTu30iwkoMkz6m" - - name: "LOKI_CLIENT_ID" - value: "56TYXtgg7QwLjh4lPl1PTu3C4iExOvO1d6b15WuC" configMap: content: |- logging { @@ -189,25 +182,25 @@ resource "helm_release" "grafana-alloy" { prometheus.scrape "all" { honor_labels = true targets = discovery.relabel.all.output - forward_to = [prometheus.remote_write.prometheus_monitor_tjo_space.receiver] + forward_to = [prometheus.remote_write.prometheus_monitor_tjo_cloud.receiver] } prometheus.operator.podmonitors "all" { - forward_to = [prometheus.remote_write.prometheus_monitor_tjo_space.receiver] + forward_to = [prometheus.remote_write.prometheus_monitor_tjo_cloud.receiver] } prometheus.operator.servicemonitors "all" { - forward_to = [prometheus.remote_write.prometheus_monitor_tjo_space.receiver] + forward_to = [prometheus.remote_write.prometheus_monitor_tjo_cloud.receiver] } - prometheus.remote_write "prometheus_monitor_tjo_space" { + prometheus.remote_write "prometheus_monitor_tjo_cloud" { external_labels = { - cluster = env("CLUSTER_NAME"), + cluster = "${var.cluster_name}", } endpoint { - url = "https://prometheus.monitor.tjo.space/api/v1/write" + url = "https://prometheus.monitor.tjo.cloud/api/v1/write" oauth2 { token_url = "https://id.tjo.space/application/o/token/" - client_id = env("PROMETHEUS_CLIENT_ID") + client_id = "o6Tz2215HLvhvZ4RCZCR8oMmCapTu30iwkoMkz6m" client_secret_file = "/var/run/secrets/kubernetes.io/serviceaccount/token" endpoint_params = { client_assertion_type = "urn:ietf:params:oauth:client-assertion-type:jwt-bearer", @@ -227,7 +220,7 @@ resource "helm_release" "grafana-alloy" { forward_to = [loki.relabel.all.receiver] } loki.relabel "all" { - forward_to = [loki.write.loki_monitor_tjo_space.receiver] + forward_to = [loki.write.loki_monitor_tjo_cloud.receiver] rule { source_labels = ["__meta_kubernetes_namespace"] @@ -276,17 +269,17 @@ resource "helm_release" "grafana-alloy" { replacement = "$1" } } - loki.write "loki_monitor_tjo_space" { + loki.write "loki_monitor_tjo_cloud" { external_labels = { - cluster = env("CLUSTER_NAME"), + cluster = "${var.cluster_name}", } endpoint { - url = "https://loki.monitor.tjo.space/loki/api/v1/push" + url = "https://loki.monitor.tjo.cloud/loki/api/v1/push" oauth2 { token_url = "https://id.tjo.space/application/o/token/" - client_id = env("LOKI_CLIENT_ID") + client_id = "56TYXtgg7QwLjh4lPl1PTu3C4iExOvO1d6b15WuC" client_secret_file = "/var/run/secrets/kubernetes.io/serviceaccount/token" endpoint_params = { client_assertion_type = "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",