parent
c0254f1bb4
commit
f68109d024
SSH key fingerprint:
SHA256:MNtTsLbihYaWF8j1fkOHfkKNlnN1JQfxEU/rBU8nCGw
3 changed files with 13 additions and 35 deletions
|
|
@ -54,7 +54,7 @@ resource "kubernetes_manifest" "gateway_class_config" {
|
||||||
type = "Kubernetes"
|
type = "Kubernetes"
|
||||||
kubernetes = {
|
kubernetes = {
|
||||||
envoyService = {
|
envoyService = {
|
||||||
type = "LoadBalancer"
|
type = "ClusterIP"
|
||||||
externalTrafficPolicy = "Local"
|
externalTrafficPolicy = "Local"
|
||||||
annotations = {
|
annotations = {
|
||||||
"io.cilium.nodeipam/match-node-labels" = "k8s.tjo.cloud/public=true"
|
"io.cilium.nodeipam/match-node-labels" = "k8s.tjo.cloud/public=true"
|
||||||
|
|
|
||||||
|
|
@ -3,18 +3,3 @@ resource "kubernetes_namespace" "tjo-cloud" {
|
||||||
name = "tjo-cloud"
|
name = "tjo-cloud"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "kubernetes_manifest" "loadbalancer_ips" {
|
|
||||||
for_each = var.loadbalancer_ips
|
|
||||||
|
|
||||||
manifest = {
|
|
||||||
apiVersion = "cilium.io/v2alpha1"
|
|
||||||
kind = "CiliumLoadBalancerIPPool"
|
|
||||||
metadata = {
|
|
||||||
name = each.key
|
|
||||||
}
|
|
||||||
spec = {
|
|
||||||
blocks = [for ip in each.value.ipv4 : { start : ip }]
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
|
||||||
|
|
@ -62,13 +62,6 @@ resource "helm_release" "grafana-alloy" {
|
||||||
- key: "node-role.kubernetes.io/control-plane"
|
- key: "node-role.kubernetes.io/control-plane"
|
||||||
effect: "NoSchedule"
|
effect: "NoSchedule"
|
||||||
alloy:
|
alloy:
|
||||||
extraEnv:
|
|
||||||
- name: "CLUSTER_NAME"
|
|
||||||
value: "${var.cluster_name}"
|
|
||||||
- name: "PROMETHEUS_CLIENT_ID"
|
|
||||||
value: "o6Tz2215HLvhvZ4RCZCR8oMmCapTu30iwkoMkz6m"
|
|
||||||
- name: "LOKI_CLIENT_ID"
|
|
||||||
value: "56TYXtgg7QwLjh4lPl1PTu3C4iExOvO1d6b15WuC"
|
|
||||||
configMap:
|
configMap:
|
||||||
content: |-
|
content: |-
|
||||||
logging {
|
logging {
|
||||||
|
|
@ -189,25 +182,25 @@ resource "helm_release" "grafana-alloy" {
|
||||||
prometheus.scrape "all" {
|
prometheus.scrape "all" {
|
||||||
honor_labels = true
|
honor_labels = true
|
||||||
targets = discovery.relabel.all.output
|
targets = discovery.relabel.all.output
|
||||||
forward_to = [prometheus.remote_write.prometheus_monitor_tjo_space.receiver]
|
forward_to = [prometheus.remote_write.prometheus_monitor_tjo_cloud.receiver]
|
||||||
}
|
}
|
||||||
prometheus.operator.podmonitors "all" {
|
prometheus.operator.podmonitors "all" {
|
||||||
forward_to = [prometheus.remote_write.prometheus_monitor_tjo_space.receiver]
|
forward_to = [prometheus.remote_write.prometheus_monitor_tjo_cloud.receiver]
|
||||||
}
|
}
|
||||||
prometheus.operator.servicemonitors "all" {
|
prometheus.operator.servicemonitors "all" {
|
||||||
forward_to = [prometheus.remote_write.prometheus_monitor_tjo_space.receiver]
|
forward_to = [prometheus.remote_write.prometheus_monitor_tjo_cloud.receiver]
|
||||||
}
|
}
|
||||||
prometheus.remote_write "prometheus_monitor_tjo_space" {
|
prometheus.remote_write "prometheus_monitor_tjo_cloud" {
|
||||||
external_labels = {
|
external_labels = {
|
||||||
cluster = env("CLUSTER_NAME"),
|
cluster = "${var.cluster_name}",
|
||||||
}
|
}
|
||||||
|
|
||||||
endpoint {
|
endpoint {
|
||||||
url = "https://prometheus.monitor.tjo.space/api/v1/write"
|
url = "https://prometheus.monitor.tjo.cloud/api/v1/write"
|
||||||
|
|
||||||
oauth2 {
|
oauth2 {
|
||||||
token_url = "https://id.tjo.space/application/o/token/"
|
token_url = "https://id.tjo.space/application/o/token/"
|
||||||
client_id = env("PROMETHEUS_CLIENT_ID")
|
client_id = "o6Tz2215HLvhvZ4RCZCR8oMmCapTu30iwkoMkz6m"
|
||||||
client_secret_file = "/var/run/secrets/kubernetes.io/serviceaccount/token"
|
client_secret_file = "/var/run/secrets/kubernetes.io/serviceaccount/token"
|
||||||
endpoint_params = {
|
endpoint_params = {
|
||||||
client_assertion_type = "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
|
client_assertion_type = "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
|
||||||
|
|
@ -227,7 +220,7 @@ resource "helm_release" "grafana-alloy" {
|
||||||
forward_to = [loki.relabel.all.receiver]
|
forward_to = [loki.relabel.all.receiver]
|
||||||
}
|
}
|
||||||
loki.relabel "all" {
|
loki.relabel "all" {
|
||||||
forward_to = [loki.write.loki_monitor_tjo_space.receiver]
|
forward_to = [loki.write.loki_monitor_tjo_cloud.receiver]
|
||||||
|
|
||||||
rule {
|
rule {
|
||||||
source_labels = ["__meta_kubernetes_namespace"]
|
source_labels = ["__meta_kubernetes_namespace"]
|
||||||
|
|
@ -276,17 +269,17 @@ resource "helm_release" "grafana-alloy" {
|
||||||
replacement = "$1"
|
replacement = "$1"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
loki.write "loki_monitor_tjo_space" {
|
loki.write "loki_monitor_tjo_cloud" {
|
||||||
external_labels = {
|
external_labels = {
|
||||||
cluster = env("CLUSTER_NAME"),
|
cluster = "${var.cluster_name}",
|
||||||
}
|
}
|
||||||
|
|
||||||
endpoint {
|
endpoint {
|
||||||
url = "https://loki.monitor.tjo.space/loki/api/v1/push"
|
url = "https://loki.monitor.tjo.cloud/loki/api/v1/push"
|
||||||
|
|
||||||
oauth2 {
|
oauth2 {
|
||||||
token_url = "https://id.tjo.space/application/o/token/"
|
token_url = "https://id.tjo.space/application/o/token/"
|
||||||
client_id = env("LOKI_CLIENT_ID")
|
client_id = "56TYXtgg7QwLjh4lPl1PTu3C4iExOvO1d6b15WuC"
|
||||||
client_secret_file = "/var/run/secrets/kubernetes.io/serviceaccount/token"
|
client_secret_file = "/var/run/secrets/kubernetes.io/serviceaccount/token"
|
||||||
endpoint_params = {
|
endpoint_params = {
|
||||||
client_assertion_type = "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
|
client_assertion_type = "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue