volker.raschek/prometheus-postgres-exporter
1
1
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Compare commits

base: volker.raschek:master
Branches Tags
volker.raschek:master
volker.raschek:renovate/library-node-23.x
volker.raschek:0.4.2
volker.raschek:0.4.1
volker.raschek:0.4.0
volker.raschek:0.3.2
volker.raschek:0.3.1
volker.raschek:0.3.0
volker.raschek:0.2.6
volker.raschek:0.2.5
volker.raschek:0.2.4
volker.raschek:0.2.3
volker.raschek:0.2.2
volker.raschek:0.2.1
volker.raschek:0.2.0
volker.raschek:0.1.11
volker.raschek:0.1.10
volker.raschek:0.1.9
volker.raschek:0.1.8
volker.raschek:0.1.7
volker.raschek:0.1.6
volker.raschek:0.1.5
volker.raschek:0.1.4
volker.raschek:0.1.3
volker.raschek:0.1.2
volker.raschek:0.1.1
volker.raschek:0.1.0
..
compare: volker.raschek:0.1.7
Branches Tags
volker.raschek:renovate/library-node-23.x
volker.raschek:master
volker.raschek:0.4.2
volker.raschek:0.4.1
volker.raschek:0.4.0
volker.raschek:0.3.2
volker.raschek:0.3.1
volker.raschek:0.3.0
volker.raschek:0.2.6
volker.raschek:0.2.5
volker.raschek:0.2.4
volker.raschek:0.2.3
volker.raschek:0.2.2
volker.raschek:0.2.1
volker.raschek:0.2.0
volker.raschek:0.1.11
volker.raschek:0.1.10
volker.raschek:0.1.9
volker.raschek:0.1.8
volker.raschek:0.1.7
volker.raschek:0.1.6
volker.raschek:0.1.5
volker.raschek:0.1.4
volker.raschek:0.1.3
volker.raschek:0.1.2
volker.raschek:0.1.1
volker.raschek:0.1.0

No commits in common. "master" and "0.1.7" have entirely different histories.
master ... 0.1.7

29 changed files with 502 additions and 6749 deletions
Show Stats Expand all files Collapse all files

208
.drone.yml Normal file
View File

@ -0,0 +1,208 @@
---
kind: pipeline
type: kubernetes
name: Linters
clone:
disable: true
platform:
os: linux
arch: amd64
steps:
- name: clone repository
image: git.cryptic.systems/volker.raschek/git:1.4.0
- name: helm lint
commands:
- helm lint
image: git.cryptic.systems/volker.raschek/helm:3.16.1
resources:
limits:
cpu: 150
memory: 150M
- name: markdown lint
commands:
- markdownlint *.md
image: git.cryptic.systems/volker.raschek/markdownlint:0.42.0
resources:
limits:
cpu: 150
memory: 150M
- name: email-notification
environment:
SMTP_FROM_ADDRESS:
from_secret: smtp_from_address
SMTP_FROM_NAME:
from_secret: smtp_from_name
SMTP_HOST:
from_secret: smtp_host
SMTP_USERNAME:
from_secret: smtp_username
SMTP_PASSWORD:
from_secret: smtp_password
image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
resources:
limits:
cpu: 150
memory: 150M
when:
status:
- changed
- failure
trigger:
event:
exclude:
- tag
---
kind: pipeline
type: kubernetes
name: Unit tests
clone:
disable: true
platform:
os: linux
arch: amd64
steps:
- name: clone repository
image: git.cryptic.systems/volker.raschek/git:1.4.0
- name: helm unittest
commands:
- helm unittest --strict --file 'unittests/**/*.yaml' ./
image: git.cryptic.systems/volker.raschek/helm:3.16.1
resources:
limits:
cpu: 150
memory: 150M
- name: email-notification
environment:
SMTP_FROM_ADDRESS:
from_secret: smtp_from_address
SMTP_FROM_NAME:
from_secret: smtp_from_name
SMTP_HOST:
from_secret: smtp_host
SMTP_USERNAME:
from_secret: smtp_username
SMTP_PASSWORD:
from_secret: smtp_password
image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
resources:
limits:
cpu: 150
memory: 150M
when:
status:
- changed
- failure
trigger:
event:
exclude:
- tag
---
kind: pipeline
type: kubernetes
name: Generate README.md
clone:
disable: true
platform:
os: linux
arch: amd64
steps:
- name: clone repository
image: git.cryptic.systems/volker.raschek/git:1.4.0
- name: generate README
commands:
- npm install
- npm run readme:parameters
- npm run readme:lint
image: docker.io/library/node:22.11.0-alpine
resources:
limits:
cpu: 150
memory: 150M
- name: detect diff
commands:
- git diff --exit-code --name-only README.md
image: git.cryptic.systems/volker.raschek/git:1.4.0
- name: email-notification
environment:
SMTP_FROM_ADDRESS:
from_secret: smtp_from_address
SMTP_FROM_NAME:
from_secret: smtp_from_name
SMTP_HOST:
from_secret: smtp_host
SMTP_USERNAME:
from_secret: smtp_username
SMTP_PASSWORD:
from_secret: smtp_password
image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
resources:
limits:
cpu: 150
memory: 150M
when:
status:
- changed
- failure
trigger:
event:
exclude:
- tag
---
kind: pipeline
type: kubernetes
name: Release
clone:
disable: true
platform:
os: linux
steps:
- name: clone repository
image: git.cryptic.systems/volker.raschek/git:1.4.0
- name: release-helm-chart
commands:
- helm repo add prometheus-exporters https://charts.cryptic.systems/prometheus-exporters
- helm package --version ${DRONE_TAG} .
- helm cm-push ${DRONE_REPO_NAME}-${DRONE_TAG}.tgz prometheus-exporters
environment:
HELM_REPO_PASSWORD:
from_secret: helm_repo_password
HELM_REPO_USERNAME:
from_secret: helm_repo_username
image: git.cryptic.systems/volker.raschek/helm:3.16.1
resources:
limits:
cpu: 150
memory: 150M
trigger:
event:
- tag
repo:
- volker.raschek/prometheus-postgres-exporter

32
.gitea/workflows/generate-readme.yaml
View File

@ -1,32 +0,0 @@
name: Generate README
on:
pull_request:
paths: [ "README.md", "values.yaml" ]
types: [ "opened", "reopened", "synchronize" ]
push:
branches:
- '**'
paths: [ "README.md", "values.yaml" ]
tags-ignore:
- '**'
workflow_dispatch: {}
jobs:
generate-parameters:
container:
image: docker.io/library/node:23.11.0-alpine
runs-on:
- ubuntu-latest
steps:
- name: Install tooling
run: |
apk update
apk add git npm
- uses: actions/checkout@v4.2.2
- name: Generate parameter section in README
run: |
npm install
npm run readme:parameters
- name: Compare diff
run: git diff --exit-code --name-only README.md

42
.gitea/workflows/helm.yaml
View File

@ -1,42 +0,0 @@
name: Helm
on:
pull_request:
types: [ "opened", "reopened", "synchronize" ]
push:
branches:
- '**'
tags-ignore:
- '**'
workflow_dispatch: {}
jobs:
helm-lint:
container:
image: docker.io/volkerraschek/helm:3.17.1
runs-on:
- ubuntu-latest
steps:
- name: Install tooling
run: |
apk update
apk add git npm
- uses: actions/checkout@v4.2.2
- name: Lint helm files
run: |
helm lint --values values.yaml .
helm-unittest:
container:
image: docker.io/volkerraschek/helm:3.17.1
runs-on:
- ubuntu-latest
steps:
- name: Install tooling
run: |
apk update
apk add git npm
- uses: actions/checkout@v4.2.2
- name: Unittest
run: |
helm unittest --strict --file 'unittests/**/*.yaml' ./

46
.gitea/workflows/markdown-linters.yaml
View File

@ -1,46 +0,0 @@
name: Markdown linter
on:
pull_request:
paths: [ "**/*.md" ]
types: [ "opened", "reopened", "synchronize" ]
push:
branches:
- '**'
paths: [ "**/*.md" ]
tags-ignore:
- '**'
workflow_dispatch: {}
jobs:
markdown-link-checker:
container:
image: docker.io/library/node:23.11.0-alpine
runs-on:
- ubuntu-latest
steps:
- name: Install tooling
run: |
apk update
apk add git npm
- uses: actions/checkout@v4.2.2
- name: Verify links in markdown files
run: |
npm install
npm run readme:link
markdown-lint:
container:
image: docker.io/library/node:23.11.0-alpine
runs-on:
- ubuntu-latest
steps:
- name: Install tooling
run: |
apk update
apk add git
- uses: actions/checkout@v4.2.2
- name: Lint markdown files
run: |
npm install
npm run readme:lint

46
.gitea/workflows/release.yaml
View File

@ -1,46 +0,0 @@
name: Release
on:
push:
tags:
- "**"
jobs:
publish-chart:
container:
image: docker.io/volkerraschek/helm:3.17.1
runs-on: ubuntu-latest
steps:
- name: Install tooling
run: |
apk update
apk add git npm
- uses: actions/checkout@v4
- name: Package chart
env:
HELM_REPO_NAME: upload
CHARTMUSEUM_PASSWORD: ${{ secrets.CHARTMUSEUM_PASSWORD }}
CHARTMUSEUM_REPOSITORY: ${{ vars.CHARTMUSEUM_REPOSITORY }}
CHARTMUSEUM_USERNAME: ${{ secrets.CHARTMUSEUM_USERNAME }}
CHARTMUSEUM_HOSTNAME: ${{ vars.CHARTMUSEUM_HOSTNAME }}
GITEA_PACKAGE_REGISTRY_TOKEN: ${{ secrets.GIT_CRYPTIC_SYSTEMS_PACKAGE_REGISTRY_TOKEN }}
GITEA_SERVER_URL: ${{ github.server_url }}
run: |
PACKAGE_VERSION=${GITHUB_REF#refs/tags/}
REPOSITORY_NAME=$(echo ${GITHUB_REPOSITORY} | cut -d '/' -f 2)
REPOSITORY_OWNER=$(echo ${GITHUB_REPOSITORY} | cut -d '/' -f 1)
helm dependency build
helm package --version "${PACKAGE_VERSION}" ./
# chart-museum
helm repo add --username ${CHARTMUSEUM_USERNAME} --password ${CHARTMUSEUM_PASSWORD} chartmuseum https://${CHARTMUSEUM_HOSTNAME}/${CHARTMUSEUM_REPOSITORY}
helm cm-push ${REPOSITORY_NAME}-${PACKAGE_VERSION}.tgz chartmuseum
helm repo remove chartmuseum
# gitea
helm repo add --username ${REPOSITORY_OWNER} --password ${GITEA_PACKAGE_REGISTRY_TOKEN} gitea ${GITEA_SERVER_URL}/api/packages/${REPOSITORY_OWNER}/helm
helm cm-push ${REPOSITORY_NAME}-${PACKAGE_VERSION}.tgz gitea
helm repo remove gitea

21
.helmignore
View File

@ -26,7 +26,7 @@
.vscode/
# drone
.drone.yml
.drone.ya?ml
# editorconfig
.editorconfig
@ -37,24 +37,13 @@ values2.yaml
# helm packages
*.tgz
.helmignore
unittests
# markdownlint
.markdownlint.yml
.markdownlint.yaml
.markdownlintignore
# npm
.prettierignore
.npmrc
package*
# maven
target
# yamllint
.yamllint.yaml
# Others
CONTRIBUTING.md
CODEOWNERS
Makefile
renovate.json
# serviceDescriptor (uctl-cluster)
serviceDescriptor.yaml

4
.markdownlint.yaml
View File

@ -128,18 +128,16 @@ MD044:
# List of proper names
names:
- Git
- GitDevOps
- Gitea
- GitDevOps
- GitHub
- GitLab
- GitOps
- kube-prometheus-stack
- Memcached
- Oracle
- ORBIS U
- PostgreSQL
- Prometheus
- prometheus-exporter
- SSL
- TLS
# Include code blocks

83
CONTRIBUTING.md
View File

@ -1,82 +1 @@
# Contributing
I am very happy if you would like to provide a pull request đź‘Ť
The content of this file describes which requirements contributors should fulfill before submitting a pull request (PR).
1. [Valid Git commits](#valid-git-commits)
## Valid Git commits
### Commit message
The repository is subject to a strict commit message template. This states that there are several types of commits. For
example, `fix`, `chore`, `refac`, `test` or `doc`. All types are described in more detail below.
| type | description |
| ------------------- | ----------------------------------------------------------------- |
| `feat` | New feature. |
| `fix` | Fixes a bug. |
| `refac` | Refactoring production code. |
| `style` | Fixes formatting issues. No production code change. |
| `docs` | Adapt documentation. No production code change. |
| `test` | Adds new or modifies existing tests. No production code change. |
| `chore` | Updating grunt tasks. Is everything which the user does not see. |
Based on these types, commit messaged can then be created. Here are a few examples:
```text
style(README): Wrong indentation
feat(deployment): support restartPolicy
fix(my-app): Add missing volume
docs(CONTRIBUTING): Describe how to commit correctly
```
This type of commit message makes it easier for me as maintainer to keep an overview and does not cause the commits of a
pull request PR to be combined into one commit (squashing).
### Smart commits
Smart commits are excellent when it comes to tracking bugs or issues. In this repository, however, the rebasing of
commits is prohibited, which means that only merge commits are possible. This means that a smart commit message only
needs to be added to the merge commit.
This has the advantage that the maintainer can use the smart commit to find the merge commit and undo the entire history
of a merge without having to select individual commits. The following history illustrates the correct use of smart commits.
```text
* 823edbc7 Volker Raschek (G) | [Close #2] feat(deployment): support additional containers
|\
| * 321aebc3 Volker Raschek (G) | doc(README): generate README with new deployment attributes
| * 8d101dd3 Volker Raschek (G) | test(deployment): Extend unittest of additional containers
| * 6f2abd93 Volker Raschek (G) | fix(deployment): Extend deployment of additional containers
|/
* aa5ebda bob (N) | [Close #1] feat(deployment): support initContainers
```
### Commit signing
Another problem with Git is the chain of trust. Git allows the configuration of any name and e-mail address. An attacker
can impersonate any person and submit pull requests under a false identity. For as Linux Torvalds, the maintainer of the
Linux kernel.
```bash
git config --global user.name 'Linux Torvalds'
git config --global user.email 'torvalds@linux-foundation.org'
```
To avoid this, some Git repositories expect signed commits. In particular, repositories that are subject to direct
delivery to customers. For this reason, the repository is subject to a branch protection rule that only allows signed
commits. *Until* there is *no verified* and *no signed* commit, the pull request is blocked.
The following articles describes how Git can be configured to sign commits. Please keep in mind, that the e-mail
address, which is used as UID of the GPG keyring must also be defined in the profile settings of your GitHub account.
Otherwise will be marked the Git commit as *Unverified*.
1. [Signing Commits](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits)
2. [Tell Git about your signing key](https://docs.github.com/en/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key)
Inspect your Git commit via `git log`. There should be mentioned, that your commit is signed.
Furthermore, the GPG key is unique. **Don't loose your private GPG key**. Backup your private key on a safe device. For
example an external USB drive.
# Contribution Guidelines

2
Chart.yaml
View File

@ -4,7 +4,7 @@ description: Prometheus metric exporter for PostgreSQL
type: application
kubeVersion: ">=1.20.0"
version: "0.1.0"
appVersion: "0.17.1"
appVersion: "0.16.0"
# icon: https://annotations.example.com/icon.png

67
Makefile
View File

@ -3,49 +3,43 @@ CONTAINER_RUNTIME?=$(shell which podman)
# HELM_IMAGE
HELM_IMAGE_REGISTRY_HOST?=docker.io
HELM_IMAGE_REPOSITORY?=volkerraschek/helm
HELM_IMAGE_VERSION?=3.17.1 # renovate: datasource=docker registryUrl=https://docker.io depName=volkerraschek/helm
HELM_IMAGE_REPOSITORY=volkerraschek/helm
HELM_IMAGE_VERSION?=3.16.1 # renovate: datasource=docker registryUrl=https://docker.io depName=volkerraschek/helm
HELM_IMAGE_FULLY_QUALIFIED=${HELM_IMAGE_REGISTRY_HOST}/${HELM_IMAGE_REPOSITORY}:${HELM_IMAGE_VERSION}
# MARKDOWNLINKCHECKER_IMAGE
MARKDOWNLINKCHECK_IMAGE_REGISTRY_HOST?=ghcr.io
MARKDOWNLINKCHECK_IMAGE_REPOSITORY=tcort/markdown-link-check
MARKDOWNLINKCHECK_IMAGE_VERSION?=3.12.2 # renovate: datasource=docker registryUrl=https://ghcr.io depName=tcort/markdown-link-check
MARKDOWNLINKCHECK_IMAGE_FULLY_QUALIFIED=${MARKDOWNLINT_IMAGE_REGISTRY_HOST}/${MARKDOWNLINT_IMAGE_REPOSITORY}:${MARKDOWNLINT_IMAGE_VERSION}
# NODE_IMAGE
NODE_IMAGE_REGISTRY_HOST?=docker.io
NODE_IMAGE_REPOSITORY?=library/node
NODE_IMAGE_VERSION?=22.14.0-alpine # renovate: datasource=docker registryUrl=https://docker.io depName=library/node
NODE_IMAGE_REPOSITORY=library/node
NODE_IMAGE_VERSION?=22.9.0-alpine # renovate: datasource=docker registryUrl=https://docker.io depName=library/node
NODE_IMAGE_FULLY_QUALIFIED=${NODE_IMAGE_REGISTRY_HOST}/${NODE_IMAGE_REPOSITORY}:${NODE_IMAGE_VERSION}
# CHART_SERVER
CHART_SERVER_HOST?=charts.u.orbis-healthcare.com
CHART_SERVER_NAMESPACE?=orbis-u
CHART_SERVER_REPOSITORY?=qu-seed
CHART_VERSION?=0.1.0
# MISSING DOT
# ==============================================================================
missing-dot:
grep --perl-regexp '## @(param|skip).*[^.]$$' values.yaml
# CONTAINER RUN - README
# CONTAINER RUN - PREPARE ENVIRONMENT
# ==============================================================================
PHONY+=container-run/readme
container-run/readme: container-run/readme/link container-run/readme/lint container-run/readme/parameters
container-run/readme/link:
container-run/readme:
${CONTAINER_RUNTIME} run \
--rm \
--volume $(shell pwd):$(shell pwd) \
--workdir $(shell pwd) \
${NODE_IMAGE_FULLY_QUALIFIED} \
npm install && npm run readme:link
container-run/readme/lint:
${CONTAINER_RUNTIME} run \
--rm \
--volume $(shell pwd):$(shell pwd) \
--workdir $(shell pwd) \
${NODE_IMAGE_FULLY_QUALIFIED} \
npm install && npm run readme:lint
container-run/readme/parameters:
${CONTAINER_RUNTIME} run \
--rm \
--volume $(shell pwd):$(shell pwd) \
--workdir $(shell pwd) \
${NODE_IMAGE_FULLY_QUALIFIED} \
npm install && npm run readme:parameters
npm install && npm run readme:parameters && npm run readme:lint
# CONTAINER RUN - HELM UNITTESTS
# ==============================================================================
@ -73,6 +67,19 @@ container-run/helm-update-dependencies:
${HELM_IMAGE_FULLY_QUALIFIED} \
dependency update
# CONTAINER RUN - DEPLOY2CHART-REPO
# ==============================================================================
container-run/deploy2chart-repo:
${CONTAINER_RUNTIME} run \
--env HELM_REPO_PASSWORD=${CHART_SERVER_PASSWORD} \
--env HELM_REPO_USERNAME=${CHART_SERVER_USERNAME} \
--entrypoint /bin/bash \
--rm \
--volume $(shell pwd):$(shell pwd) \
--workdir $(shell pwd) \
${HELM_IMAGE_FULLY_QUALIFIED} \
-c "helm repo add ${CHART_SERVER_NAMESPACE} http://${CHART_SERVER_HOST}/${CHART_SERVER_NAMESPACE} && helm package --version ${CHART_VERSION} . && helm cm-push ./${CHART_SERVER_REPOSITORY}-${CHART_VERSION}.tgz ${CHART_SERVER_NAMESPACE}"
# CONTAINER RUN - MARKDOWN-LINT
# ==============================================================================
PHONY+=container-run/helm-lint
@ -84,6 +91,16 @@ container-run/helm-lint:
${HELM_IMAGE_FULLY_QUALIFIED} \
lint --values values.yaml .
# CONTAINER RUN - MARKDOWN-LINK-CHECK
# ==============================================================================
PHONY+=container-run/markdown-link-check
container-run/markdown-link-check:
${CONTAINER_RUNTIME} run \
--rm \
--volume $(shell pwd):/work \
${MARKDOWNLINKCHECK_IMAGE_FULLY_QUALIFIED} \
*.md
# PHONY
# ==============================================================================
# Declare the contents of the PHONY variable as phony. We keep that information

251
README.md
View File

@ -1,26 +1,25 @@
# Prometheus PostgreSQL exporter
[![Build Status](https://drone.cryptic.systems/api/badges/volker.raschek/prometheus-postgres-exporter/status.svg)](https://drone.cryptic.systems/volker.raschek/prometheus-postgres-exporter)
[![Artifact Hub](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/prometheus-exporters)](https://artifacthub.io/packages/search?repo=prometheus-exporters)
This helm chart enables the deployment of a Prometheus metrics exporter for PostgreSQL databases and allows the
individual configuration of additional containers/initContainers, mounting of volumes, defining additional environment
variables, apply a user-defined web-config.yaml and much more.
Chapter [configuration and installation](#helm-configuration-and-installation) describes the basics how to configure helm
and use it to deploy the exporter. It also contains further configuration examples.
Furthermore, this helm chart unit tests to detect regressions and stabilize the deployment. Additionally, this helm
chart is tested for deployment scenarios with ArgoCD.
> [!NOTE]
> This is not the official *community* helm chart of the Prometheus metric exporter for PostgreSQL databases. You can
> find the official community chart [here](https://github.com/prometheus-community/helm-charts).
This helm chart enables the deployment of a Prometheus metrics exporter for PostgreSQL databases and allows the
individual configuration of additional containers/initContainers, mounting of volumes, defining additional environment
variables, apply a user-defined `webConfig.yaml` and much more.
Chapter [configuration and installation](#helm-configuration-and-installation) describes the basics how to configure helm
and use it to deploy the exporter. It also contains further configuration examples.
Furthermore, this helm chart contains unit tests to detect regressions and stabilize the deployment. Additionally, this
helm chart is tested for deployment scenarios with **ArgoCD**.
## Helm: configuration and installation
1. A helm chart repository must be configured, to pull the helm charts from.
2. All available parameters are [here](#parameters) in detail documented. The parameters can be defined via the helm
2. All available parameters are [here](#parameters) in detail document. The parameters can be defined via the helm
`--set` flag or directly as part of a `values.yaml` file. The following example defines the `prometheus-exporter`
repository and use the `--set` flag for a basic deployment.
@ -32,7 +31,7 @@ helm chart is tested for deployment scenarios with **ArgoCD**.
```bash
helm repo add prometheus-exporters https://charts.cryptic.systems/prometheus-exporters
helm repo update
helm install prometheus-postgres-exporter prometheus-exporters/prometheus-postgres-exporter \
helm install prometheus-exporters/prometheus-postgres-exporter prometheus-postgres-exporter \
--set 'config.database.secret.databaseUsername=postgres' \
--set 'config.database.secret.databasePassword=postgres' \
--set 'config.database.secret.databaseConnectionUrl="postgres.example.local:5432/postgres?ssl=disable"' \
@ -46,8 +45,7 @@ version of the chart must be in sync with the `values.yaml`. Newer *minor* versi
versions can break something!
```bash
CHART_VERSION=0.4.2
helm show values prometheus-exporters/prometheus-postgres-exporter --version "${CHART_VERSION}" > values.yaml
helm show values prometheus-exporters/prometheus-postgres-exporter --version 0.1.0 > values.yaml
```
A complete list of available helm chart versions can be displayed via the following command:
@ -63,38 +61,7 @@ for customizations. These can be configured in more detail via `values.yaml`.
The following examples serve as individual configurations and as inspiration for how deployment problems can be solved.
#### Avoid CPU throttling by defining a CPU limit
If the application is deployed with a CPU resource limit, Prometheus may throw a CPU throttling warning for the
application. This has more or less to do with the fact that the application finds the number of CPUs of the host, but
cannot use the available CPU time to perform computing operations.
The application must be informed that despite several CPUs only a part (limit) of the available computing time is
available. As this is a Golang application, this can be implemented using `GOMAXPROCS`. The following example is one way
of defining `GOMAXPROCS` automatically based on the defined CPU limit like `1000m`. Please keep in mind, that the CFS
rate of `100ms` - default on each kubernetes node, is also very important to avoid CPU throttling.
Further information about this topic can be found [here](https://kanishk.io/posts/cpu-throttling-in-containerized-go-apps/).
> [!NOTE]
> The environment variable `GOMAXPROCS` is set automatically, when a CPU limit is defined. An explicit configuration is
> not anymore required.
>
> Please take care the a CPU limit < `1000m` can also lead to CPU throttling. Please read the linked documentation carefully.
```bash
helm install prometheus-postgres-exporter prometheus-exporters/prometheus-postgres-exporter \
--set 'config.database.secret.databaseUsername=postgres' \
--set 'config.database.secret.databasePassword=postgres' \
--set 'config.database.secret.databaseConnectionUrl="postgres.example.local:5432/postgres?ssl=disable"' \
--set 'prometheus.metrics.enabled=true' \
--set 'prometheus.metrics.serviceMonitor.enabled=true' \
--set 'deployment.postgresExporter.env.name=GOMAXPROCS' \
--set 'deployment.postgresExporter.env.valueFrom.resourceFieldRef.resource=limits.cpu' \
--set 'deployment.postgresExporter.resources.limits.cpu=1000m'
```
#### TLS authentication and encryption
### TLS authentication and encryption
The first example shows how to deploy the metric exporter with TLS encryption. The verification of the custom TLS
certification will be skipped by Prometheus.
@ -104,7 +71,7 @@ certification will be skipped by Prometheus.
> `tls.key` and `tls.crt` of the secret can be mounted into the container filesystem for TLS authentication / encryption.
```bash
helm install prometheus-postgres-exporter prometheus-exporters/prometheus-postgres-exporter \
helm install prometheus-exporters/prometheus-postgres-exporter prometheus-postgres-exporter \
--set 'config.database.secret.databaseUsername=postgres' \
--set 'config.database.secret.databasePassword=postgres' \
--set 'config.database.secret.databaseConnectionUrl="postgres.example.local:5432/postgres?ssl=disable"' \
@ -127,7 +94,7 @@ certificate for the metrics exporter - TLS certificate verification can be enabl
replaced:
```diff
helm install prometheus-postgres-exporter prometheus-exporters/prometheus-postgres-exporter \
helm install prometheus-exporters/prometheus-postgres-exporter prometheus-postgres-exporter \
--set 'config.database.secret.databaseUsername=postgres' \
--set 'config.database.secret.databasePassword=postgres' \
--set 'config.database.secret.databaseConnectionUrl="postgres.example.local:5432/postgres?ssl=disable"' \
@ -148,116 +115,6 @@ replaced:
+ --set 'prometheus.metrics.serviceMonitor.tlsConfig.keyFile=/etc/prometheus/tls/tls.key'
```
#### Grafana dashboard
The helm chart includes Grafana dashboards. These can be deployed as a configMap by activating Grafana integration. It
is assumed that the dashboard is consumed by Grafana or a sidecar container itself and that the dashboard is stored in
the Grafana container file system so that it is subsequently available to the user. The
[kube-prometheus-stack](https://artifacthub.io/packages/helm/prometheus-community/kube-prometheus-stack) deployment
makes this possible.
```bash
helm install prometheus-postgres-exporter prometheus-exporters/prometheus-postgres-exporter \
--set 'config.database.secret.databaseUsername=postgres' \
--set 'config.database.secret.databasePassword=postgres' \
--set 'config.database.secret.databaseConnectionUrl="postgres.example.local:5432/postgres?ssl=disable"' \
--set 'grafana.enabled=true'
```
#### Avoid deploying on same node / bare metal host as PostgresDB
As a best practice, avoid running the postgres-exporter on the same node / bare-metal host as the PostgresDB. This is
because if the postgres-exporter is running on the same node and this node fails, Prometheus can send an alert about the
failure of the node or that the postgres-exporter cannot be reached. However, it is not possible to react based on the
metrics that the postgres-exporter explicitly provides. Depending on the configuration of alerts, this may mean that the
corresponding notifications are not sent to the right person or group of people.
The following example prevent the postgres-exporter from running on nodes with a PostgresDB. The PostgresDB nodes has an
additional label `database=postgres`. The configuration is carried out in `values.yaml`.
```yaml
deployment:
affinity:
nodeAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
preference:
matchExpressions:
- key: database
operator: NotIn
values:
- postgres
```
### Network policies
Network policies can only take effect, when the used CNI plugin support network policies. The chart supports no custom
network policy implementation of CNI plugins. It's support only the official API resource of `networking.k8s.io/v1`.
The object networkPolicies can contains multiple networkPolicy definitions. There is currently only one example
predefined - it's named `default`. Further networkPolicy rules can easy be added by defining additional objects. For example:
> [!NOTE]
> The structure of each custom network policy must be equal like that of default. For this reason don't forget to define
> `annotations`, `labels` and the other properties as well.
```yaml
networkPolicies:
enabled: false
default: {}
my-custom-network-policy: {}
```
The example below is an excerpt of the `values.yaml` file. The network policy `default` contains ingress rules to allow
incoming traffic from Prometheus. Additionally two egress rules are defined, to allow the application outgoing access to
the internal running DNS server `core-dns` and the external running postgres database listen on `10.14.243.12`.
> [!IMPORTANT]
> Please keep in mind, that the namespace and pod selector labels can be different from environment to environment. For
> this reason, there is are not default network policy rules defined.
```yaml
networkPolicies:
enabled: true
default:
enabled: true
annotations: {}
labels: {}
policyTypes:
- Egress
- Ingress
egress:
- to:
- ipBlock:
cidr: 10.14.243.12/32
ports:
- port: 5432
protocol: TCP
- to:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: kube-system
podSelector:
matchLabels:
k8s-app: kube-dns
ports:
- port: 53
protocol: TCP
- port: 53
protocol: UDP
ingress:
- from:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: monitoring
podSelector:
matchLabels:
app.kubernetes.io/name: prometheus
ports:
- port: http
protocol: TCP
```
## Parameters
### Global
@ -269,32 +126,32 @@ networkPolicies:
### Configuration
| Name | Description | Value |
| ------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- |
| `config.database.existingSecret.enabled` | Mount an existing secret containing the application specific `DATA_SOURCE_` prefixed environment variables. | `false` |
| `config.database.existingSecret.secretName` | Name of the existing secret containing the application specific `DATA_SOURCE_` prefixed environment variables. | `""` |
| `config.database.secret.annotations` | Additional annotations of the secret containing the database credentials. | `{}` |
| `config.database.secret.labels` | Additional labels of the secret containing the database credentials. | `{}` |
| `config.database.secret.databaseUsername` | Database username. Will be defined as env `DATA_SOURCE_USER` as part of a secret. | `""` |
| `config.database.secret.databasePassword` | Database password. Will be defined as env `DATA_SOURCE_PASS` as part of a secret. | `""` |
| `config.database.secret.databaseConnectionUrl` | Complex database connection URL. Will be defined as env `DATA_SOURCE_URI` as part of a secret. | `""` |
| `config.exporterConfig.existingSecret.enabled` | Mount an existing secret containing the key `exporterConfig.yaml`. | `false` |
| `config.exporterConfig.existingSecret.secretName` | Name of the existing secret containing the key `exporterConfig.yaml`. | `""` |
| `config.exporterConfig.secret.annotations` | Additional annotations of the secret containing the `exporterConfig.yaml`. | `{}` |
| `config.exporterConfig.secret.labels` | Additional labels of the secret containing the `exporterConfig.yaml`. | `{}` |
| `config.exporterConfig.secret.exporterConfig` | Content of the `exporterConfig.yaml`. Further information can be found [here](https://github.com/prometheus-community/postgres_exporter?tab=readme-ov-file#multi-target-support-beta). | `{}` |
| `config.webConfig.existingSecret.enabled` | Mount an existing secret containing the key `webConfig.yaml`. | `false` |
| `config.webConfig.existingSecret.secretName` | Name of the existing secret containing the key `webConfig.yaml`. | `""` |
| `config.webConfig.secret.annotations` | Additional annotations of the secret containing the `webConfig.yaml`. | `{}` |
| `config.webConfig.secret.labels` | Additional labels of the secret containing the `webConfig.yaml`. | `{}` |
| `config.webConfig.secret.webConfig` | Content of the `webConfig.yaml`. Further information can be found [here](https://prometheus.io/docs/prometheus/latest/configuration/https/). | `{}` |
| Name | Description | Value |
| ------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------- | ------- |
| `config.database.existingSecret.enabled` | Mount an existing secret containing the application specific `DATA_SOURCE_` prefixed environment variables. | `false` |
| `config.database.existingSecret.secretName` | Name of the existing secret containing the application specific `DATA_SOURCE_` prefixed environment variables. | `""` |
| `config.database.secret.annotations` | Additional annotations of the secret containing the database credentials. | `{}` |
| `config.database.secret.labels` | Additional labels of the secret containing the database credentials. | `{}` |
| `config.database.secret.databaseUsername` | Database username. Will be defined as env `DATA_SOURCE_USER` as part of a secret. | `""` |
| `config.database.secret.databasePassword` | Database password. Will be defined as env `DATA_SOURCE_PASS` as part of a secret. | `""` |
| `config.database.secret.databaseConnectionUrl` | Complex database connection URL. Will be defined as env `DATA_SOURCE_URI` as part of a secret. | `""` |
| `config.exporterConfig.existingSecret.enabled` | Mount an existing secret containing the key `exporterConfig.yaml`. | `false` |
| `config.exporterConfig.existingSecret.secretName` | Name of the existing secret containing the key `exporterConfig.yaml`. | `""` |
| `config.exporterConfig.secret.annotations` | Additional annotations of the secret containing the `exporterConfig.yaml`. | `{}` |
| `config.exporterConfig.secret.labels` | Additional labels of the secret containing the `exporterConfig.yaml`. | `{}` |
| `config.exporterConfig.secret.exporterConfig` | Content of the `exporterConfig.yaml`. Further information can be found [here](https://prometheus.io/docs/prometheus/latest/configuration/https/). | `{}` |
| `config.webConfig.existingSecret.enabled` | Mount an existing secret containing the key `webConfig.yaml`. | `false` |
| `config.webConfig.existingSecret.secretName` | Name of the existing secret containing the key `webConfig.yaml`. | `""` |
| `config.webConfig.secret.annotations` | Additional annotations of the secret containing the `webConfig.yaml`. | `{}` |
| `config.webConfig.secret.labels` | Additional labels of the secret containing the `webConfig.yaml`. | `{}` |
| `config.webConfig.secret.webConfig` | Content of the `webConfig.yaml`. Further information can be found [here](https://prometheus.io/docs/prometheus/latest/configuration/https/). | `{}` |
### Deployment
| Name | Description | Value |
| -------------------------------------------------- | ---------------------------------------------------------------------------------------------------------- | --------------------------------------- |
| `deployment.annotations` | Additional deployment annotations. | `{}` |
| `deployment.labels` | Additional deployment labels. | `{}` |
| `deployment.labels` | Additional ingress labels. | `{}` |
| `deployment.additionalContainers` | List of additional containers. | `[]` |
| `deployment.affinity` | Affinity for the postgres-exporter deployment. | `{}` |
| `deployment.initContainers` | List of additional init containers. | `[]` |
@ -316,26 +173,23 @@ networkPolicies:
| `deployment.postgresExporter.volumeMounts` | Additional volume mounts. | `[]` |
| `deployment.nodeSelector` | NodeSelector of the postgres-exporter deployment. | `{}` |
| `deployment.priorityClassName` | PriorityClassName of the postgres-exporter deployment. | `""` |
| `deployment.replicas` | Number of replicas for the postgres-exporter deployment. | `1` |
| `deployment.replicaCount` | Number of replicas for the postgres-exporter deployment. | `1` |
| `deployment.restartPolicy` | Restart policy of the postgres-exporter deployment. | `""` |
| `deployment.securityContext` | Security context of the postgres-exporter deployment. | `{}` |
| `deployment.strategy.type` | Strategy type - `Recreate` or `RollingUpdate`. | `RollingUpdate` |
| `deployment.strategy.type` | Strategy type - `Recreate` or `Rollingupdate`. | `Recreate` |
| `deployment.strategy.rollingUpdate.maxSurge` | The maximum number of pods that can be scheduled above the desired number of pods during a rolling update. | `1` |
| `deployment.strategy.rollingUpdate.maxUnavailable` | The maximum number of pods that can be unavailable during a rolling update. | `1` |
| `deployment.terminationGracePeriodSeconds` | How long to wait until forcefully kill the pod. | `60` |
| `deployment.tolerations` | Tolerations of the postgres-exporter deployment. | `[]` |
| `deployment.topologySpreadConstraints` | TopologySpreadConstraints of the postgres-exporter deployment. | `[]` |
| `deployment.volumes` | Additional volumes to mount into the pods of the prometheus-exporter deployment. | `[]` |
| `deployment.volumes` | Additional volumes to mount into the pods of the Prometheus-exporter deployment. | `[]` |
### Grafana
| Name | Description | Value |
| ------------------------------------------------- | -------------------------------------------------------------------------------------------------------- | ----------- |
| `grafana.enabled` | Enable integration into Grafana. Require the Prometheus operator deployment. | `false` |
| `grafana.dashboardDiscoveryLabels` | Labels that Grafana uses to discover resources. The labels may vary depending on the Grafana deployment. | `undefined` |
| `grafana.dashboards.postgresExporter.enabled` | Enable deployment of Grafana dashboard `postgresExporter`. | `true` |
| `grafana.dashboards.postgresExporter.annotations` | Additional configmap annotations. | `{}` |
| `grafana.dashboards.postgresExporter.labels` | Additional configmap labels. | `{}` |
| Name | Description | Value |
| ------------------------------------ | --------------------------------------------------------- | ------- |
| `grafana.enabled` | Enable integration into Grafana. | `false` |
| `grafana.dashboards.businessMetrics` | Enable deployment of Grafana dashboard `businessMetrics`. | `true` |
### Ingress
@ -354,17 +208,11 @@ networkPolicies:
| --------------------- | ---------------------- | ----- |
| `podDisruptionBudget` | Pod disruption budget. | `{}` |
### NetworkPolicies
### Network
| Name | Description | Value |
| ------------------------------------- | ----------------------------------------------------------------------------------------------------- | ------- |
| `networkPolicies.enabled` | Enable network policies in general. | `false` |
| `networkPolicies.default.enabled` | Enable the network policy for accessing the application by default. For example to scape the metrics. | `false` |
| `networkPolicies.default.annotations` | Additional network policy annotations. | `{}` |
| `networkPolicies.default.labels` | Additional network policy labels. | `{}` |
| `networkPolicies.default.policyTypes` | List of policy types. Supported is ingress, egress or ingress and egress. | `[]` |
| `networkPolicies.default.egress` | Concrete egress network policy implementation. | `[]` |
| `networkPolicies.default.ingress` | Concrete ingress network policy implementation. | `[]` |
| Name | Description | Value |
| ----------------- | ------------------------------------------------------------------------------------------------------------------ | ----- |
| `networkPolicies` | Deploy network policies based on the used container network interface (CNI) implementation - like calico or weave. | `{}` |
### Prometheus
@ -373,7 +221,7 @@ networkPolicies:
| `prometheus.metrics.enabled` | Enable of scraping metrics by Prometheus. | `true` |
| `prometheus.metrics.podMonitor.enabled` | Enable creation of a podMonitor. Excludes the existence of a serviceMonitor resource. | `false` |
| `prometheus.metrics.podMonitor.annotations` | Additional podMonitor annotations. | `{}` |
| `prometheus.metrics.podMonitor.enableHttp2` | Enable HTTP2. | `true` |
| `prometheus.metrics.podMonitor.enableHttp2` | Enable HTTP2. | `false` |
| `prometheus.metrics.podMonitor.followRedirects` | FollowRedirects configures whether scrape requests follow HTTP 3xx redirects. | `false` |
| `prometheus.metrics.podMonitor.honorLabels` | Honor labels. | `false` |
| `prometheus.metrics.podMonitor.labels` | Additional podMonitor labels. | `{}` |
@ -386,11 +234,12 @@ networkPolicies:
| `prometheus.metrics.serviceMonitor.enabled` | Enable creation of a serviceMonitor. Excludes the existence of a podMonitor resource. | `false` |
| `prometheus.metrics.serviceMonitor.annotations` | Additional serviceMonitor annotations. | `{}` |
| `prometheus.metrics.serviceMonitor.labels` | Additional serviceMonitor labels. | `{}` |
| `prometheus.metrics.serviceMonitor.enableHttp2` | Enable HTTP2. | `true` |
| `prometheus.metrics.serviceMonitor.enableHttp2` | Enable HTTP2. | `false` |
| `prometheus.metrics.serviceMonitor.followRedirects` | FollowRedirects configures whether scrape requests follow HTTP 3xx redirects. | `false` |
| `prometheus.metrics.serviceMonitor.honorLabels` | Honor labels. | `false` |
| `prometheus.metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. If not specified Prometheus' global scrape interval is used. | `60s` |
| `prometheus.metrics.serviceMonitor.path` | HTTP path for scraping Prometheus metrics. | `/metrics` |
| `prometheus.metrics.serviceMonitor.port` | HTTP port for scraping Prometheus metrics. | `9187` |
| `prometheus.metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields. | `[]` |
| `prometheus.metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended. If not specified, global Prometheus scrape timeout is used. | `30s` |
| `prometheus.metrics.serviceMonitor.scheme` | HTTP scheme to use for scraping. For example `http` or `https`. | `http` |

1957
package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

8
package.json
View File

@ -1,6 +1,6 @@
{
"name": "prometheus-postgres-exporter",
"homepage": "https://git.cryptic.systems/volker.raschek/prometheus-postgres-exporter.git",
"name": "qu-seed-chart",
"homepage": "https://github.com/dedalus-cis4u/qu-seed-chart.git",
"license": "MIT",
"private": true,
"engineStrict": true,
@ -9,13 +9,11 @@
"npm": ">=8.0.0"
},
"scripts": {
"readme:link": "markdown-link-check *.md",
"readme:lint": "markdownlint *.md -f",
"readme:parameters": "readme-generator -v values.yaml -r README.md"
},
"devDependencies": {
"@bitnami/readme-generator-for-helm": "^2.5.0",
"markdown-link-check": "^3.13.6",
"markdownlint-cli": "^0.44.0"
"markdownlint-cli": "^0.41.0"
}
}

62
renovate.json
View File

@ -1,14 +1,9 @@
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [
"local>volker.raschek/renovate-config:default#master",
"local>volker.raschek/renovate-config:container#master",
"local>volker.raschek/renovate-config:actions#master",
"local>volker.raschek/renovate-config:npm#master",
"local>volker.raschek/renovate-config:regexp#master"
],
"assignees": [ "volker.raschek" ],
"customManagers": [
{
"description": "Update container image reference",
"fileMatch": [
"^Chart\\.yaml$"
],
@ -16,53 +11,26 @@
"appVersion: \"(?<currentValue>.*?)\"\\s+"
],
"datasourceTemplate": "docker",
"depNameTemplate": "prometheuscommunity/postgres-exporter",
"lookupNameTemplate": "quay.io/prometheuscommunity/postgres-exporter",
"versioningTemplate": "semver"
},
{
"fileMatch": ["^README\\.md$"],
"matchStrings": [
"VERSION=(?<currentValue>.*)"
],
"depNameTemplate": "volker.raschek/prometheus-postgres-exporter",
"packageNameTemplate": "https://git.cryptic.systems/volker.raschek/prometheus-postgres-exporter",
"datasourceTemplate": "git-tags",
"versioningTemplate": "semver"
"depNameTemplate": "prometheus-postgres-exporter",
"lookupNameTemplate": "quay.io/prometheuscommunity/postgres-exporter"
}
],
"labels": [ "renovate" ],
"packageRules": [
{
"addLabels": [
"renovate/automerge",
"renovate/container"
],
"addLabels": [ "renovate/droneci", "renovate/automerge" ],
"automerge": true,
"excludePackagePatterns": [
"prometheuscommunity/postgres-exporter"
],
"matchDatasources": [
"docker"
],
"matchUpdateTypes": [
"minor",
"patch"
]
"matchManagers": "droneci",
"matchUpdateTypes": [ "minor", "patch"]
},
{
"addLabels": [
"renovate/automerge",
"renovate/documentation"
],
"addLabels": [ "renovate/markdownlint", "renovate/automerge" ],
"automerge": true,
"matchDepNames": [
"volker.raschek/prometheus-postgres-exporter"
],
"matchUpdateTypes": [
"major",
"minor",
"patch"
]
"matchPackageNames": [ "markdownlint-cli", "@bitnami/readme-generator-for-helm" ],
"matchManagers": [ "npm" ],
"matchUpdateTypes": [ "minor", "patch"]
}
]
],
"rebaseLabel": "renovate/rebase",
"rebaseWhen": "behind-base-branch"
}

20
templates/prometheus-postgres-exporter/_configMap.tpl
View File

@ -1,20 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/* annotations */}}
{{- define "prometheus-postgres-exporter.configMap.grafanaDashboards.postgresExporter.annotations" -}}
{{ include "prometheus-postgres-exporter.annotations" . }}
{{- if .Values.grafana.dashboards.postgresExporter.annotations }}
{{ toYaml .Values.grafana.dashboards.postgresExporter.annotations }}
{{- end }}
{{- end }}
{{/* labels */}}
{{- define "prometheus-postgres-exporter.configMap.grafanaDashboards.postgresExporter.labels" -}}
{{ include "prometheus-postgres-exporter.labels" . }}
{{- if .Values.grafana.dashboards.postgresExporter.labels }}
{{ toYaml .Values.grafana.dashboards.postgresExporter.labels }}
{{- end }}
{{ toYaml .Values.grafana.dashboardDiscoveryLabels }}
{{- end }}

23
templates/prometheus-postgres-exporter/_deployment.tpl
View File

@ -9,17 +9,6 @@
{{- end }}
{{- end }}
{{/* env */}}
{{- define "prometheus-postgres-exporter.deployment.env" -}}
{{- $env := dict "env" (.Values.deployment.postgresExporter.env | default (list) ) }}
{{- if and (hasKey .Values.deployment.postgresExporter.resources "limits") (hasKey .Values.deployment.postgresExporter.resources.limits "cpu") }}
{{- $env = merge $env (dict "env" (list (dict "name" "GOMAXPROCS" "valueFrom" (dict "resourceFieldRef" (dict "divisor" "1" "resource" "limits.cpu"))))) }}
{{- end }}
{{ toYaml $env }}
{{- end -}}
{{/* envFrom */}}
{{- define "prometheus-postgres-exporter.deployment.envFrom" -}}
@ -63,15 +52,15 @@
{{/* volumeMounts */}}
{{- define "prometheus-postgres-exporter.deployment.volumeMounts" -}}
{{- $volumeMounts := .Values.deployment.postgresExporter.volumeMounts | default list }}
{{- $volumeMounts = concat $volumeMounts (list (dict "name" "config-d" "mountPath" "/etc/prometheus-postgres-exporter/config.d" )) }}
{{ toYaml (dict "volumeMounts" $volumeMounts) }}
{{- $volumeMounts := dict "volumeMounts" (.Values.deployment.postgresExporter.volumeMounts | default (list) ) }}
{{- $volumeMounts = merge $volumeMounts (dict "volumeMounts" (list (dict "name" "config-d" "mountPath" "/etc/prometheus-postgres-exporter/config.d" ))) }}
{{ toYaml $volumeMounts }}
{{- end -}}
{{/* volumes */}}
{{- define "prometheus-postgres-exporter.deployment.volumes" -}}
{{- $volumes := .Values.deployment.volumes | default list }}
{{- $volumes := dict "volumes" (.Values.deployment.volumes | default (list) ) }}
{{- $exporterSecretName := .Values.config.exporterConfig.existingSecret.secretName -}}
{{- if not .Values.config.exporterConfig.existingSecret.enabled }}
@ -83,8 +72,8 @@
{{- $webConfigSecretName = printf "%s-web-config" (include "prometheus-postgres-exporter.fullname" . ) }}
{{- end }}
{{- $volumes = concat $volumes (list (dict "name" "config-d" "projected" (dict "defaultMode" 444 "sources" (list (dict "secret" (dict "name" $exporterSecretName)) (dict "secret" (dict "name" $webConfigSecretName)))))) }}
{{- $volumes = merge $volumes (dict "volumes" (list (dict "name" "config-d" "projected" (dict "defaultMode" 444 "sources" (list (dict "secret" (dict "name" $exporterSecretName)) (dict "secret" (dict "name" $webConfigSecretName))))))) }}
{{ toYaml (dict "volumes" $volumes) }}
{{ toYaml $volumes }}
{{- end -}}

19
templates/prometheus-postgres-exporter/_networkPolicies.tpl
View File

@ -1,19 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/* annotations */}}
{{- define "prometheus-postgres-exporter.networkPolicies.annotations" -}}
{{ include "prometheus-postgres-exporter.annotations" .context }}
{{- if .networkPolicy.annotations }}
{{ toYaml .networkPolicy.annotations }}
{{- end }}
{{- end }}
{{/* labels */}}
{{- define "prometheus-postgres-exporter.networkPolicies.labels" -}}
{{ include "prometheus-postgres-exporter.labels" .context }}
{{- if .networkPolicy.labels }}
{{ toYaml .networkPolicy.labels }}
{{- end }}
{{- end }}

3185
templates/prometheus-postgres-exporter/configMapGrafanaDashboardPostgresExporter.yaml
View File

File diff suppressed because it is too large Load Diff

14
templates/prometheus-postgres-exporter/deployment.yaml
View File

@ -12,7 +12,6 @@ metadata:
name: {{ include "prometheus-postgres-exporter.fullname" . }}
namespace: {{ .Release.Namespace }}
spec:
replicas: {{ .Values.deployment.replicas }}
selector:
matchLabels:
{{- include "prometheus-postgres-exporter.pod.selectorLabels" . | nindent 6 }}
@ -21,10 +20,6 @@ spec:
labels:
{{- include "prometheus-postgres-exporter.pod.labels" . | nindent 8 }}
spec:
{{- with .Values.deployment.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
containers:
- name: postgres-exporter
args:
@ -34,10 +29,9 @@ spec:
{{- range .Values.deployment.postgresExporter.args }}
- {{ . | quote }}
{{- end }}
{{- $env := (include "prometheus-postgres-exporter.deployment.env" . | fromYaml) }}
{{- if and (hasKey $env "env") (gt (len $env.env) 0) }}
{{- with .Values.deployment.postgresExporter.env }}
env:
{{- toYaml $env.env | nindent 8 }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- $envFrom := (include "prometheus-postgres-exporter.deployment.envFrom" . | fromYaml) }}
{{- if hasKey $envFrom "envFrom" }}
@ -126,7 +120,3 @@ spec:
volumes:
{{- toYaml $volumes.volumes | nindent 6 }}
{{- end }}
{{- with .Values.deployment.strategy }}
strategy:
{{- toYaml . | nindent 4 }}
{{- end }}

36
templates/prometheus-postgres-exporter/networkPolicies.yaml
View File

@ -1,36 +0,0 @@
{{- if .Values.networkPolicies.enabled }}
{{- range $key, $value := .Values.networkPolicies -}}
{{- if and (not (eq $key "enabled")) $value.enabled }}
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
{{- with (include "prometheus-postgres-exporter.networkPolicies.annotations" (dict "networkPolicy" $value "context" $) | fromYaml) }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with (include "prometheus-postgres-exporter.networkPolicies.labels" (dict "networkPolicy" $value "context" $) | fromYaml) }}
labels:
{{- toYaml . | nindent 4 }}
{{- end }}
name: {{ printf "%s-%s" (include "prometheus-postgres-exporter.fullname" $ ) $key }}
namespace: {{ $.Release.Namespace }}
spec:
podSelector:
matchLabels:
{{- include "prometheus-postgres-exporter.pod.selectorLabels" $ | nindent 6 }}
{{- with $value.policyTypes }}
policyTypes:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- with $value.egress }}
egress:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- with $value.ingress }}
ingress:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}

2
templates/prometheus-postgres-exporter/prometheusRules.yaml
View File

@ -16,7 +16,7 @@ metadata:
spec:
{{- with .Values.prometheus.rules }}
groups:
- name: {{ template "prometheus-postgres-exporter.fullname" $ }}
- name: {{ template "prometheus-postgres-exporter.name" $ }}
rules:
{{ toYaml . | nindent 4 }}
{{- end }}

2
templates/prometheus-postgres-exporter/serviceMonitorHTTP.yaml
View File

@ -25,7 +25,7 @@ spec:
{{- toYaml . | nindent 6 }}
{{- end }}
scrapeTimeout: {{ required "The scrape timeout of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.scrapeTimeout }}
scheme: {{ required "The scheme of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.scheme }}
scheme: {{ required "The scheme of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.scheme}}
targetPort: {{ required "The port of the service is not defined!" .Values.services.http.port }}
{{- with .Values.prometheus.metrics.serviceMonitor.tlsConfig }}
tlsConfig:

79
unittests/configMaps/grafanaDashboardPostgresExporter.yaml
View File

@ -1,79 +0,0 @@
chart:
appVersion: 0.1.0
version: 0.1.0
suite: ConfigMap template (Grafana Dashboard PostgresExporter)
release:
name: prometheus-postgres-exporter-unittest
namespace: testing
templates:
- templates/prometheus-postgres-exporter/configMapGrafanaDashboardPostgresExporter.yaml
tests:
- it: Rendering postgresExporter
asserts:
- hasDocuments:
count: 0
- it: Rendering
set:
grafana.enabled: true
asserts:
- hasDocuments:
count: 1
- containsDocument:
apiVersion: v1
kind: ConfigMap
name: prometheus-postgres-exporter-unittest-grafana-dashboard-postgres-exporter
namespace: testing
- notExists:
path: metadata.annotations
- equal:
path: metadata.labels
value:
app.kubernetes.io/instance: prometheus-postgres-exporter-unittest
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: prometheus-postgres-exporter
app.kubernetes.io/version: 0.1.0
grafana_dashboard: "1"
helm.sh/chart: prometheus-postgres-exporter-0.1.0
- exists:
path: data["postgresExporter.json"]
- it: Test custom annotations and labels
set:
grafana.enabled: true
grafana.dashboards.postgresExporter.annotations:
foo: bar
grafana.dashboards.postgresExporter.labels:
bar: foo
asserts:
- equal:
path: metadata.annotations
value:
foo: bar
- equal:
path: metadata.labels
value:
app.kubernetes.io/instance: prometheus-postgres-exporter-unittest
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: prometheus-postgres-exporter
app.kubernetes.io/version: 0.1.0
grafana_dashboard: "1"
helm.sh/chart: prometheus-postgres-exporter-0.1.0
bar: foo
- it: Test custom grafana discovery labels
set:
grafana.enabled: true
grafana.dashboardDiscoveryLabels:
grafana_dashboard: null
my-custom-discovery-label: my-value
asserts:
- equal:
path: metadata.labels
value:
app.kubernetes.io/instance: prometheus-postgres-exporter-unittest
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: prometheus-postgres-exporter
app.kubernetes.io/version: 0.1.0
my-custom-discovery-label: my-value
helm.sh/chart: prometheus-postgres-exporter-0.1.0

78
unittests/deployment/deployment.yaml
View File

@ -27,11 +27,6 @@ tests:
app.kubernetes.io/name: prometheus-postgres-exporter
app.kubernetes.io/version: 0.1.0
helm.sh/chart: prometheus-postgres-exporter-0.1.0
- equal:
path: spec.replicas
value: 1
- notExists:
path: spec.template.spec.affinity
- contains:
path: spec.template.spec.containers[0].envFrom
content:
@ -95,47 +90,6 @@ tests:
path: spec.template.spec.tolerations
- notExists:
path: spec.template.spec.topologySpreadConstraints
- equal:
path: spec.strategy
value:
type: "RollingUpdate"
rollingUpdate:
maxSurge: 1
maxUnavailable: 1
- it: Test custom replicas
set:
deployment.replicas: 3
asserts:
- equal:
path: spec.replicas
value: 3
- it: Test custom affinity
set:
deployment.affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: topology.kubernetes.io/zone
operator: In
values:
- antarctica-east1
- antarctica-west1
asserts:
- equal:
path: spec.template.spec.affinity
value:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: topology.kubernetes.io/zone
operator: In
values:
- antarctica-east1
- antarctica-west1
- it: Test additional arguments
set:
@ -234,14 +188,6 @@ tests:
cpu: 25m
memory: 100MB
asserts:
- equal:
path: spec.template.spec.containers[0].env
value:
- name: GOMAXPROCS
valueFrom:
resourceFieldRef:
divisor: "1"
resource: limits.cpu
- equal:
path: spec.template.spec.containers[0].resources
value:
@ -406,24 +352,14 @@ tests:
hostPath:
path: /usr/lib/prometheus-postgres-exporter/data
asserts:
- equal:
- contains:
path: spec.template.spec.containers[0].volumeMounts
value:
- name: data
content:
name: data
mountPath: /usr/lib/prometheus-postgres-exporter/data
- name: config-d
mountPath: /etc/prometheus-postgres-exporter/config.d
- equal:
- contains:
path: spec.template.spec.volumes
value:
- name: data
content:
name: data
hostPath:
path: /usr/lib/prometheus-postgres-exporter/data
- name: config-d
projected:
defaultMode: 444
sources:
- secret:
name: prometheus-postgres-exporter-unittest-exporter-config
- secret:
name: prometheus-postgres-exporter-unittest-web-config
path: /usr/lib/prometheus-postgres-exporter/data

118
unittests/networkPolicies/default.yaml
View File

@ -1,118 +0,0 @@
chart:
appVersion: 0.1.0
version: 0.1.0
suite: NetworkPolicies template (basic)
release:
name: prometheus-postgres-exporter-unittest
namespace: testing
templates:
- templates/prometheus-postgres-exporter/networkPolicies.yaml
tests:
- it: Skip networkPolicies in general disabled.
set:
networkPolicies.enabled: false
asserts:
- hasDocuments:
count: 0
- it: Skip networkPolicy 'default' when disabled.
set:
networkPolicies.enabled: true
networkPolicies.default.enabled: false
asserts:
- hasDocuments:
count: 0
- it: Loop over networkPolicies
set:
networkPolicies.enabled: true
networkPolicies.default.enabled: false
networkPolicies.nginx.enabled: true
networkPolicies.prometheus.enabled: true
asserts:
- hasDocuments:
count: 2
- it: Template networkPolicy 'default' without policyTypes, egress and ingress configuration
set:
networkPolicies.enabled: true
networkPolicies.default.enabled: true
asserts:
- hasDocuments:
count: 1
- containsDocument:
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
name: prometheus-postgres-exporter-unittest-default
namespace: testing
- notExists:
path: metadata.annotations
- equal:
path: metadata.labels
value:
app.kubernetes.io/instance: prometheus-postgres-exporter-unittest
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: prometheus-postgres-exporter
app.kubernetes.io/version: 0.1.0
helm.sh/chart: prometheus-postgres-exporter-0.1.0
- equal:
path: spec.podSelector.matchLabels
value:
app.kubernetes.io/instance: prometheus-postgres-exporter-unittest
app.kubernetes.io/name: prometheus-postgres-exporter
- notExists:
path: spec.policyTypes
- notExists:
path: spec.egress
- notExists:
path: spec.ingress
- it: Template networkPolicy 'default' with policyTypes, egress and ingress configuration
set:
networkPolicies.enabled: true
networkPolicies.default.enabled: true
networkPolicies.default.policyTypes:
- Egress
- Ingress
networkPolicies.default.ingress:
- from:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: khv-production
podSelector:
matchLabels:
app.kubernetes.io/name: prometheus
networkPolicies.default.egress:
- to:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: database
podSelector:
matchLabels:
app.kubernetes.io/name: oracle
asserts:
- equal:
path: spec.policyTypes
value:
- Egress
- Ingress
- equal:
path: spec.egress
value:
- to:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: database
podSelector:
matchLabels:
app.kubernetes.io/name: oracle
- equal:
path: spec.ingress
value:
- from:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: khv-production
podSelector:
matchLabels:
app.kubernetes.io/name: prometheus

6
unittests/podMonitors/podMonitorHTTP.yaml
View File

@ -58,7 +58,7 @@ tests:
helm.sh/chart: prometheus-postgres-exporter-0.1.0
- equal:
path: spec.podMetricsEndpoints[0].enableHttp2
value: true
value: false
- equal:
path: spec.podMetricsEndpoints[0].followRedirects
value: false
@ -119,7 +119,7 @@ tests:
set:
prometheus.metrics.enabled: true
prometheus.metrics.podMonitor.enabled: true
prometheus.metrics.podMonitor.enableHttp2: false
prometheus.metrics.podMonitor.enableHttp2: true
prometheus.metrics.podMonitor.followRedirects: true
prometheus.metrics.podMonitor.honorLabels: true
prometheus.metrics.podMonitor.interval: "180s"
@ -137,7 +137,7 @@ tests:
count: 1
- equal:
path: spec.podMetricsEndpoints[0].enableHttp2
value: false
value: true
- equal:
path: spec.podMetricsEndpoints[0].followRedirects
value: true

6
unittests/serviceMonitors/serviceMonitorHTTP.yaml
View File

@ -59,7 +59,7 @@ tests:
helm.sh/chart: prometheus-postgres-exporter-0.1.0
- equal:
path: spec.endpoints[0].enableHttp2
value: true
value: false
- equal:
path: spec.endpoints[0].followRedirects
value: false
@ -121,7 +121,7 @@ tests:
set:
prometheus.metrics.enabled: true
prometheus.metrics.serviceMonitor.enabled: true
prometheus.metrics.serviceMonitor.enableHttp2: false
prometheus.metrics.serviceMonitor.enableHttp2: true
prometheus.metrics.serviceMonitor.followRedirects: true
prometheus.metrics.serviceMonitor.honorLabels: true
prometheus.metrics.serviceMonitor.interval: "180s"
@ -139,7 +139,7 @@ tests:
count: 1
- equal:
path: spec.endpoints[0].enableHttp2
value: false
value: true
- equal:
path: spec.endpoints[0].followRedirects
value: true

700
values.schema.json
View File

@ -1,700 +0,0 @@
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"nameOverride": {
"type": "string"
},
"fullnameOverride": {
"type": "string"
},
"config": {
"type": "object",
"properties": {
"database": {
"type": "object",
"properties": {
"existingSecret": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean"
},
"secretName": {
"type": "string"
}
},
"required": [
"enabled",
"secretName"
]
},
"secret": {
"type": "object",
"properties": {
"annotations": {
"type": "object"
},
"labels": {
"type": "object"
},
"databaseUsername": {
"type": "string"
},
"databasePassword": {
"type": "string"
},
"databaseConnectionUrl": {
"type": "string"
}
},
"required": [
"annotations",
"labels",
"databaseUsername",
"databasePassword",
"databaseConnectionUrl"
]
}
},
"required": [
"existingSecret",
"secret"
]
},
"exporterConfig": {
"type": "object",
"properties": {
"existingSecret": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean"
},
"secretName": {
"type": "string"
}
},
"required": [
"enabled",
"secretName"
]
},
"secret": {
"type": "object",
"properties": {
"annotations": {
"type": "object"
},
"labels": {
"type": "object"
},
"exporterConfig": {
"type": "object"
}
},
"required": [
"annotations",
"labels",
"exporterConfig"
]
}
},
"required": [
"existingSecret",
"secret"
]
},
"webConfig": {
"type": "object",
"properties": {
"existingSecret": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean"
},
"secretName": {
"type": "string"
}
},
"required": [
"enabled",
"secretName"
]
},
"secret": {
"type": "object",
"properties": {
"annotations": {
"type": "object"
},
"labels": {
"type": "object"
},
"webConfig": {
"type": "object"
}
},
"required": [
"annotations",
"labels",
"webConfig"
]
}
},
"required": [
"existingSecret",
"secret"
]
}
},
"required": [
"database",
"exporterConfig",
"webConfig"
]
},
"deployment": {
"type": "object",
"properties": {
"annotations": {
"type": "object"
},
"labels": {
"type": "object"
},
"additionalContainers": {
"type": "array",
"items": {}
},
"affinity": {
"type": "object"
},
"initContainers": {
"type": "array",
"items": {}
},
"dnsConfig": {
"type": "object"
},
"dnsPolicy": {
"type": "string"
},
"hostname": {
"type": "string"
},
"subdomain": {
"type": "string"
},
"hostNetwork": {
"type": "boolean"
},
"imagePullSecrets": {
"type": "array",
"items": {}
},
"postgresExporter": {
"type": "object",
"properties": {
"args": {
"type": "array",
"items": {}
},
"env": {
"type": "array",
"items": {}
},
"envFrom": {
"type": "array",
"items": {}
},
"image": {
"type": "object",
"properties": {
"registry": {
"type": "string"
},
"repository": {
"type": "string"
},
"tag": {
"type": "string"
},
"pullPolicy": {
"type": "string"
}
},
"required": [
"registry",
"repository",
"tag",
"pullPolicy"
]
},
"resources": {
"type": "object"
},
"securityContext": {
"type": "object"
},
"volumeMounts": {
"type": "array",
"items": {}
}
},
"required": [
"args",
"env",
"envFrom",
"image",
"resources",
"securityContext",
"volumeMounts"
]
},
"nodeSelector": {
"type": "object"
},
"priorityClassName": {
"type": "string"
},
"replicas": {
"type": "integer"
},
"restartPolicy": {
"type": "string"
},
"securityContext": {
"type": "object"
},
"strategy": {
"type": "object",
"properties": {
"type": {
"type": "string"
},
"rollingUpdate": {
"type": "object",
"properties": {
"maxSurge": {
"type": "integer"
},
"maxUnavailable": {
"type": "integer"
}
},
"required": [
"maxSurge",
"maxUnavailable"
]
}
},
"required": [
"type",
"rollingUpdate"
]
},
"terminationGracePeriodSeconds": {
"type": "integer"
},
"tolerations": {
"type": "array",
"items": {}
},
"topologySpreadConstraints": {
"type": "array",
"items": {}
},
"volumes": {
"type": "array",
"items": {}
}
},
"required": [
"annotations",
"labels",
"additionalContainers",
"affinity",
"initContainers",
"dnsConfig",
"dnsPolicy",
"hostname",
"subdomain",
"hostNetwork",
"imagePullSecrets",
"postgresExporter",
"nodeSelector",
"priorityClassName",
"replicas",
"restartPolicy",
"securityContext",
"strategy",
"terminationGracePeriodSeconds",
"tolerations",
"topologySpreadConstraints",
"volumes"
]
},
"grafana": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean"
},
"dashboardDiscoveryLabels": {
"type": "object"
},
"dashboards": {
"type": "object",
"properties": {
"postgresExporter": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean"
},
"annotations": {
"type": "object"
},
"labels": {
"type": "object"
}
},
"required": [
"enabled",
"annotations",
"labels"
]
}
},
"required": [
"postgresExporter"
]
}
},
"required": [
"enabled",
"dashboardDiscoveryLabels",
"dashboards"
]
},
"ingress": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean"
},
"className": {
"type": "string"
},
"annotations": {
"type": "object"
},
"labels": {
"type": "object"
},
"hosts": {
"type": "array",
"items": {}
},
"tls": {
"type": "array",
"items": {}
}
},
"required": [
"enabled",
"className",
"annotations",
"labels",
"hosts",
"tls"
]
},
"podDisruptionBudget": {
"type": "object"
},
"networkPolicies": {
"type": "object"
},
"prometheus": {
"type": "object",
"properties": {
"metrics": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean"
},
"podMonitor": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean"
},
"annotations": {
"type": "object"
},
"enableHttp2": {
"type": "boolean"
},
"followRedirects": {
"type": "boolean"
},
"honorLabels": {
"type": "boolean"
},
"labels": {
"type": "object"
},
"interval": {
"type": "string"
},
"path": {
"type": "string"
},
"relabelings": {
"type": "array",
"items": {}
},
"scrapeTimeout": {
"type": "string"
},
"scheme": {
"type": "string"
},
"tlsConfig": {
"type": "object"
}
},
"required": [
"enabled",
"annotations",
"enableHttp2",
"followRedirects",
"honorLabels",
"labels",
"interval",
"path",
"relabelings",
"scrapeTimeout",
"scheme",
"tlsConfig"
]
},
"serviceMonitor": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean"
},
"annotations": {
"type": "object"
},
"labels": {
"type": "object"
},
"enableHttp2": {
"type": "boolean"
},
"followRedirects": {
"type": "boolean"
},
"honorLabels": {
"type": "boolean"
},
"interval": {
"type": "string"
},
"path": {
"type": "string"
},
"relabelings": {
"type": "array",
"items": {}
},
"scrapeTimeout": {
"type": "string"
},
"scheme": {
"type": "string"
},
"tlsConfig": {
"type": "object"
}
},
"required": [
"enabled",
"annotations",
"labels",
"enableHttp2",
"followRedirects",
"honorLabels",
"interval",
"path",
"relabelings",
"scrapeTimeout",
"scheme",
"tlsConfig"
]
}
},
"required": [
"enabled",
"podMonitor",
"serviceMonitor"
]
},
"rules": {
"type": "array",
"items": {}
}
},
"required": [
"metrics",
"rules"
]
},
"services": {
"type": "object",
"properties": {
"http": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean"
},
"annotations": {
"type": "object"
},
"externalIPs": {
"type": "array",
"items": {}
},
"externalTrafficPolicy": {
"type": "string"
},
"internalTrafficPolicy": {
"type": "string"
},
"ipFamilies": {
"type": "array",
"items": {}
},
"labels": {
"type": "object"
},
"loadBalancerClass": {
"type": "string"
},
"loadBalancerIP": {
"type": "string"
},
"loadBalancerSourceRanges": {
"type": "array",
"items": {}
},
"port": {
"type": "integer"
},
"sessionAffinity": {
"type": "string"
},
"sessionAffinityConfig": {
"type": "object"
},
"type": {
"type": "string"
}
},
"required": [
"enabled",
"annotations",
"externalIPs",
"externalTrafficPolicy",
"internalTrafficPolicy",
"ipFamilies",
"labels",
"loadBalancerClass",
"loadBalancerIP",
"loadBalancerSourceRanges",
"port",
"sessionAffinity",
"sessionAffinityConfig",
"type"
]
}
},
"required": [
"http"
]
},
"serviceAccount": {
"type": "object",
"properties": {
"existing": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean"
},
"serviceAccountName": {
"type": "string"
}
},
"required": [
"enabled",
"serviceAccountName"
]
},
"new": {
"type": "object",
"properties": {
"annotations": {
"type": "object"
},
"labels": {
"type": "object"
},
"automountServiceAccountToken": {
"type": "boolean"
},
"imagePullSecrets": {
"type": "array",
"items": {}
},
"secrets": {
"type": "array",
"items": {}
}
},
"required": [
"annotations",
"labels",
"automountServiceAccountToken",
"imagePullSecrets",
"secrets"
]
}
},
"required": [
"existing",
"new"
]
}
},
"required": [
"nameOverride",
"fullnameOverride",
"config",
"deployment",
"grafana",
"ingress",
"podDisruptionBudget",
"networkPolicies",
"prometheus",
"services",
"serviceAccount"
]
}

134
values.yaml
View File

@ -1,3 +1,6 @@
# Default values for qu-seed.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
## @section Global
## @param nameOverride Individual release name suffix.
@ -35,7 +38,7 @@ config:
## @param config.exporterConfig.secret.annotations Additional annotations of the secret containing the `exporterConfig.yaml`.
## @param config.exporterConfig.secret.labels Additional labels of the secret containing the `exporterConfig.yaml`.
## @param config.exporterConfig.secret.exporterConfig Content of the `exporterConfig.yaml`. Further information can be found [here](https://github.com/prometheus-community/postgres_exporter?tab=readme-ov-file#multi-target-support-beta).
## @param config.exporterConfig.secret.exporterConfig Content of the `exporterConfig.yaml`. Further information can be found [here](https://prometheus.io/docs/prometheus/latest/configuration/https/).
## @skip config.exporterConfig.secret.exporterConfig Skip individual postgres exporter configuration.
secret:
annotations: {}
@ -81,7 +84,7 @@ config:
## @section Deployment
deployment:
## @param deployment.annotations Additional deployment annotations.
## @param deployment.labels Additional deployment labels.
## @param deployment.labels Additional ingress labels.
annotations: {}
labels: {}
@ -93,22 +96,6 @@ deployment:
## @param deployment.affinity Affinity for the postgres-exporter deployment.
affinity: {}
# nodeAffinity:
# requiredDuringSchedulingIgnoredDuringExecution:
# nodeSelectorTerms:
# - matchExpressions:
# - key: kubernetes.io/os
# operator: In
# values:
# - linux
# preferredDuringSchedulingIgnoredDuringExecution:
# - weight: 20
# preference:
# matchExpressions:
# - key: kubernetes.io/arch
# operator: In
# values:
# - amd64
## @param deployment.initContainers List of additional init containers.
initContainers: []
@ -214,8 +201,8 @@ deployment:
## @param deployment.priorityClassName PriorityClassName of the postgres-exporter deployment.
priorityClassName: ""
## @param deployment.replicas Number of replicas for the postgres-exporter deployment.
replicas: 1
## @param deployment.replicaCount Number of replicas for the postgres-exporter deployment.
replicaCount: 1
## @param deployment.restartPolicy Restart policy of the postgres-exporter deployment.
restartPolicy: ""
@ -224,11 +211,11 @@ deployment:
securityContext: {}
# fsGroup: 2000
## @param deployment.strategy.type Strategy type - `Recreate` or `RollingUpdate`.
## @param deployment.strategy.type Strategy type - `Recreate` or `Rollingupdate`.
## @param deployment.strategy.rollingUpdate.maxSurge The maximum number of pods that can be scheduled above the desired number of pods during a rolling update.
## @param deployment.strategy.rollingUpdate.maxUnavailable The maximum number of pods that can be unavailable during a rolling update.
strategy:
type: "RollingUpdate"
type: "Recreate"
rollingUpdate:
maxSurge: 1
maxUnavailable: 1
@ -261,23 +248,12 @@ deployment:
# secretName: my-secret
## @section Grafana
## @param grafana.enabled Enable integration into Grafana. Require the Prometheus operator deployment.
## @param grafana.enabled Enable integration into Grafana.
## @param grafana.dashboards.businessMetrics Enable deployment of Grafana dashboard `businessMetrics`.
grafana:
enabled: false
## @param grafana.dashboardDiscoveryLabels Labels that Grafana uses to discover resources. The labels may vary depending on the Grafana deployment.
## @skip grafana.dashboardDiscoveryLabels Skip individual configuration.
dashboardDiscoveryLabels:
grafana_dashboard: "1"
dashboards:
## @param grafana.dashboards.postgresExporter.enabled Enable deployment of Grafana dashboard `postgresExporter`.
## @param grafana.dashboards.postgresExporter.annotations Additional configmap annotations.
## @param grafana.dashboards.postgresExporter.labels Additional configmap labels.
postgresExporter:
enabled: true
annotations: {}
labels: {}
businessMetrics: true
## @section Ingress
ingress:
@ -311,77 +287,9 @@ podDisruptionBudget: {}
# maxUnavailable: 1
# minAvailable: 1
## @section NetworkPolicies
## @param networkPolicies.enabled Enable network policies in general.
networkPolicies:
enabled: false
## @param networkPolicies.default.enabled Enable the network policy for accessing the application by default. For example to scape the metrics.
## @param networkPolicies.default.annotations Additional network policy annotations.
## @param networkPolicies.default.labels Additional network policy labels.
## @param networkPolicies.default.policyTypes List of policy types. Supported is ingress, egress or ingress and egress.
## @param networkPolicies.default.egress Concrete egress network policy implementation.
## @skip networkPolicies.default.egress Skip individual egress configuration.
## @param networkPolicies.default.ingress Concrete ingress network policy implementation.
## @skip networkPolicies.default.ingress Skip individual ingress configuration.
default:
enabled: false
annotations: {}
labels: {}
policyTypes: []
# - Egress
# - Ingress
egress: []
# Allow outgoing traffic to database host
#
# - to:
# - ipBlock:
# cidr: 192.168.179.1/32
# ports:
# - port: 5432
# protocol: TCP
# Allow outgoing DNS traffic to the internal running DNS-Server. For example core-dns.
#
# - to:
# - namespaceSelector:
# matchLabels:
# kubernetes.io/metadata.name: kube-system
# podSelector:
# matchLabels:
# k8s-app: kube-dns
# ports:
# - port: 53
# protocol: TCP
# - port: 53
# protocol: UDP
ingress: []
# Allow incoming HTTP traffic from prometheus.
#
# - from:
# - namespaceSelector:
# matchLabels:
# kubernetes.io/metadata.name: monitoring
# podSelector:
# matchLabels:
# app.kubernetes.io/name: prometheus
# ports:
# - port: http
# protocol: TCP
# Allow incoming HTTP traffic from ingress-nginx.
#
# - from:
# - namespaceSelector:
# matchLabels:
# kubernetes.io/metadata.name: ingress-nginx
# podSelector:
# matchLabels:
# app.kubernetes.io/name: ingress-nginx
# ports:
# - port: http
# protocol: TCP
## @section Network
## @param networkPolicies Deploy network policies based on the used container network interface (CNI) implementation - like calico or weave.
networkPolicies: {}
## @section Prometheus
prometheus:
@ -396,7 +304,7 @@ prometheus:
## @param prometheus.metrics.podMonitor.honorLabels Honor labels.
## @param prometheus.metrics.podMonitor.labels Additional podMonitor labels.
## @param prometheus.metrics.podMonitor.interval Interval at which metrics should be scraped. If not specified Prometheus' global scrape interval is used.
## @param prometheus.metrics.podMonitor.path HTTP path for scraping Prometheus metrics.
## @param prometheus.metrics.podMonitor.path HTTP path for scraping prometheus metrics.
## @param prometheus.metrics.podMonitor.relabelings RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields.
## @param prometheus.metrics.podMonitor.scrapeTimeout Timeout after which the scrape is ended. If not specified, global Prometheus scrape timeout is used.
## @param prometheus.metrics.podMonitor.scheme HTTP scheme to use for scraping. For example `http` or `https`.
@ -405,7 +313,7 @@ prometheus:
podMonitor:
enabled: false
annotations: {}
enableHttp2: true
enableHttp2: false
followRedirects: false
honorLabels: false
labels: {}
@ -423,7 +331,7 @@ prometheus:
## @param prometheus.metrics.serviceMonitor.followRedirects FollowRedirects configures whether scrape requests follow HTTP 3xx redirects.
## @param prometheus.metrics.serviceMonitor.honorLabels Honor labels.
## @param prometheus.metrics.serviceMonitor.interval Interval at which metrics should be scraped. If not specified Prometheus' global scrape interval is used.
## @param prometheus.metrics.serviceMonitor.path HTTP path for scraping Prometheus metrics.
## @param prometheus.metrics.serviceMonitor.path HTTP path for scraping prometheus metrics.
## @param prometheus.metrics.serviceMonitor.relabelings RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields.
## @param prometheus.metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended. If not specified, global Prometheus scrape timeout is used.
## @param prometheus.metrics.serviceMonitor.scheme HTTP scheme to use for scraping. For example `http` or `https`.
@ -433,7 +341,7 @@ prometheus:
enabled: false
annotations: {}
labels: {}
enableHttp2: true
enableHttp2: false
followRedirects: false
honorLabels: false
interval: "60s"
@ -443,8 +351,8 @@ prometheus:
scheme: "http"
tlsConfig: {}
## @param prometheus.rules Array of Prometheus rules for monitoring the application and triggering alerts.
## @skip prometheus.rules Skip individual Prometheus rules.
## @param prometheus.rules Array of prometheus rules for monitoring the application and triggering alerts.
## @skip prometheus.rules Skip individual prometheus rules.
rules: []
# - alert: ExporterErrors
# expr: pg_exporter_last_scrape_error == 1