tjo-cloud/infrastructure
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

wip
Some checks failed
/ lint (push) Failing after 2m0s
Details

Browse source
This commit is contained in:
Tine 2024-07-29 22:22:51 +02:00
parent c0254f1bb4
commit f68109d024
Signed by: mentos1386
SSH key fingerprint: SHA256:MNtTsLbihYaWF8j1fkOHfkKNlnN1JQfxEU/rBU8nCGw
3 changed files with 13 additions and 35 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
k8s.tjo.cloud/modules/cluster-components/gateway.tf
View file

@ -54,7 +54,7 @@ resource "kubernetes_manifest" "gateway_class_config" {
type = "Kubernetes"
kubernetes = {
envoyService = {
type = "LoadBalancer"
type = "ClusterIP"
externalTrafficPolicy = "Local"
annotations = {
"io.cilium.nodeipam/match-node-labels" = "k8s.tjo.cloud/public=true"

15
k8s.tjo.cloud/modules/cluster-components/main.tf
View file

@ -3,18 +3,3 @@ resource "kubernetes_namespace" "tjo-cloud" {
name = "tjo-cloud"
}
}
resource "kubernetes_manifest" "loadbalancer_ips" {
for_each = var.loadbalancer_ips
manifest = {
apiVersion = "cilium.io/v2alpha1"
kind = "CiliumLoadBalancerIPPool"
metadata = {
name = each.key
}
spec = {
blocks = [for ip in each.value.ipv4 : { start : ip }]
}
}
}

31
k8s.tjo.cloud/modules/cluster-core/monitoring.tf
View file

@ -62,13 +62,6 @@ resource "helm_release" "grafana-alloy" {
- key: "node-role.kubernetes.io/control-plane"
effect: "NoSchedule"
alloy:
extraEnv:
- name: "CLUSTER_NAME"
value: "${var.cluster_name}"
- name: "PROMETHEUS_CLIENT_ID"
value: "o6Tz2215HLvhvZ4RCZCR8oMmCapTu30iwkoMkz6m"
- name: "LOKI_CLIENT_ID"
value: "56TYXtgg7QwLjh4lPl1PTu3C4iExOvO1d6b15WuC"
configMap:
content: |-
logging {
@ -189,25 +182,25 @@ resource "helm_release" "grafana-alloy" {
prometheus.scrape "all" {
honor_labels = true
targets = discovery.relabel.all.output
forward_to = [prometheus.remote_write.prometheus_monitor_tjo_space.receiver]
forward_to = [prometheus.remote_write.prometheus_monitor_tjo_cloud.receiver]
}
prometheus.operator.podmonitors "all" {
forward_to = [prometheus.remote_write.prometheus_monitor_tjo_space.receiver]
forward_to = [prometheus.remote_write.prometheus_monitor_tjo_cloud.receiver]
}
prometheus.operator.servicemonitors "all" {
forward_to = [prometheus.remote_write.prometheus_monitor_tjo_space.receiver]
forward_to = [prometheus.remote_write.prometheus_monitor_tjo_cloud.receiver]
}
prometheus.remote_write "prometheus_monitor_tjo_space" {
prometheus.remote_write "prometheus_monitor_tjo_cloud" {
external_labels = {
cluster = env("CLUSTER_NAME"),
cluster = "${var.cluster_name}",
}
endpoint {
url = "https://prometheus.monitor.tjo.space/api/v1/write"
url = "https://prometheus.monitor.tjo.cloud/api/v1/write"
oauth2 {
token_url = "https://id.tjo.space/application/o/token/"
client_id = env("PROMETHEUS_CLIENT_ID")
client_id = "o6Tz2215HLvhvZ4RCZCR8oMmCapTu30iwkoMkz6m"
client_secret_file = "/var/run/secrets/kubernetes.io/serviceaccount/token"
endpoint_params = {
client_assertion_type = "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
@ -227,7 +220,7 @@ resource "helm_release" "grafana-alloy" {
forward_to = [loki.relabel.all.receiver]
}
loki.relabel "all" {
forward_to = [loki.write.loki_monitor_tjo_space.receiver]
forward_to = [loki.write.loki_monitor_tjo_cloud.receiver]
rule {
source_labels = ["__meta_kubernetes_namespace"]
@ -276,17 +269,17 @@ resource "helm_release" "grafana-alloy" {
replacement = "$1"
}
}
loki.write "loki_monitor_tjo_space" {
loki.write "loki_monitor_tjo_cloud" {
external_labels = {
cluster = env("CLUSTER_NAME"),
cluster = "${var.cluster_name}",
}
endpoint {
url = "https://loki.monitor.tjo.space/loki/api/v1/push"
url = "https://loki.monitor.tjo.cloud/loki/api/v1/push"
oauth2 {
token_url = "https://id.tjo.space/application/o/token/"
client_id = env("LOKI_CLIENT_ID")
client_id = "56TYXtgg7QwLjh4lPl1PTu3C4iExOvO1d6b15WuC"
client_secret_file = "/var/run/secrets/kubernetes.io/serviceaccount/token"
endpoint_params = {
client_assertion_type = "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",