sarex/iac
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
07f948900c
iac/clusters/brusnika-prod/infrastructure/patches/openobserve.yaml

146 lines
5.4 KiB
YAML
Raw Blame History

apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: openobserve
namespace: openobserve
spec:
interval: 5m
timeout: 30m
postRenderers:
- kustomize:
patches:
- target:
group: apps
version: v1
kind: Deployment
name: openobserve-web
patch: |-
- op: add
path: /spec/template/metadata/annotations/sidecar.istio.io~1inject
value: "false"
- op: add
path: /spec/template/metadata/annotations/vault.hashicorp.com~1agent-init-first
value: "true"
- op: add
path: /spec/template/metadata/annotations/vault.hashicorp.com~1agent-inject
value: "true"
- op: add
path: /spec/template/metadata/annotations/vault.hashicorp.com~1agent-pre-populate-only
value: "true"
- op: add
path: /spec/template/metadata/annotations/vault.hashicorp.com~1auth-path
value: auth/kubernetes
- op: add
path: /spec/template/metadata/annotations/vault.hashicorp.com~1role
value: openobserve
- op: add
path: /spec/template/metadata/annotations/vault.hashicorp.com~1agent-inject-secret-openobserve-env
value: secrets/data/vault/apps/openobserve
- op: add
path: /spec/template/metadata/annotations/vault.hashicorp.com~1agent-inject-template-openobserve-env
value: |-
{{- with secret "secrets/data/vault/apps/openobserve" -}}
ZO_ROOT_USER_EMAIL={{ printf "%q" (index .Data.data "ZO_ROOT_USER_EMAIL") }}
ZO_ROOT_USER_PASSWORD={{ printf "%q" (index .Data.data "ZO_ROOT_USER_PASSWORD") }}
ZO_META_POSTGRES_DSN={{ printf "%q" (index .Data.data "ZO_META_POSTGRES_DSN") }}
ZO_NATS_ADDR={{ printf "%q" (index .Data.data "ZO_NATS_ADDR") }}
PGHOST={{ printf "%q" (index .Data.data "PGHOST") }}
PGPORT={{ printf "%q" (index .Data.data "PGPORT") }}
PGDATABASE={{ printf "%q" (index .Data.data "PGDATABASE") }}
PGUSER={{ printf "%q" (index .Data.data "PGUSER") }}
PGPASSWORD={{ printf "%q" (index .Data.data "PGPASSWORD") }}
PGSSLMODE={{ printf "%q" (index .Data.data "PGSSLMODE") }}
PGSSLROOTCERT={{ printf "%q" (index .Data.data "PGSSLROOTCERT") }}
ZO_S3_ACCESS_KEY={{ printf "%q" (index .Data.data "ZO_S3_ACCESS_KEY") }}
ZO_S3_SECRET_KEY={{ printf "%q" (index .Data.data "ZO_S3_SECRET_KEY") }}
OPENOBSERVE_BASIC_AUTH={{ printf "%q" (index .Data.data "OPENOBSERVE_BASIC_AUTH") }}
{{- end -}}
- op: add
path: /spec/template/spec/imagePullSecrets
value:
- name: regcred
- op: replace
path: /spec/strategy
value:
type: Recreate
- op: replace
path: /spec/template/spec/containers/0/command
value:
- /bin/sh
- -ec
- op: replace
path: /spec/template/spec/containers/0/args
value:
- |
set -a
. /vault/secrets/openobserve-env
set +a
exec /openobserve
- op: replace
path: /spec/template/spec/containers/0/livenessProbe/initialDelaySeconds
value: 300
- op: replace
path: /spec/template/spec/containers/0/readinessProbe/initialDelaySeconds
value: 60
values:
universal-chart:
services:
openobserve:
deployment:
replicaCount:
_default: 1
envs:
- name: ZO_HTTP_PORT
value:
_default: "5080"
- name: ZO_LOCAL_MODE
value:
_default: "false"
- name: ZO_META_STORE
value:
_default: postgres
- name: ZO_CLUSTER_COORDINATOR
value:
_default: nats
- name: ZO_NATS_REPLICAS
value:
_default: "1"
- name: ZO_S3_PROVIDER
value:
_default: s3
- name: ZO_S3_SERVER_URL
value:
_default: http://minio.minio.svc.cluster.local:9000
- name: ZO_S3_BUCKET_NAME
value:
_default: open-observe
- name: ZO_S3_REGION_NAME
value:
_default: ru-central1
- name: ZO_TELEMETRY
value:
_default: "false"
serviceAccount:
enabled: true
name:
_default: openobserve-vault
imagePullSecrets:
create:
_default: false
name:
_default: regcred
openobserve:
secret:
create: false
nats:
enabled: true
replicaCount: 1
persistence:
enabled: true
size: 10Gi
storageClassName: csi-disk
otelCollector:
enabled: false
vault:
enabled: true
Reference in New Issue View Git Blame Copy Permalink