Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

KubePromStack #85

Closed
3 of 6 tasks
Tracked by #98
jeffmccune opened this issue Apr 1, 2024 · 2 comments · Fixed by #103
Closed
3 of 6 tasks
Tracked by #98

KubePromStack #85

jeffmccune opened this issue Apr 1, 2024 · 2 comments · Fixed by #103
Assignees
@jeffmccune
Milestone
v1alpha1

Comments

@jeffmccune
Copy link
Contributor

jeffmccune commented Apr 1, 2024
edited
Loading

Put it into the prod-platform project environment namespace.

Use case is to get monitoring up and running of the ZITADEL postgres database.

Checklist:

  • Prometheus VS accessible
  • Grafana VS accessible
  • Istio sidecar for Grafana
  • ES for obs-grafana admin user and password
  • Generate the default password, do not use admin / prom-operator as the helm chart does.
  • Integrate with OIDC
@jeffmccune jeffmccune added this to the Public Release milestone Apr 1, 2024
@jeffmccune jeffmccune mentioned this issue Apr 3, 2024
Closed
2 tasks
@jeffmccune jeffmccune self-assigned this Apr 3, 2024
@jeffmccune
Copy link
Contributor Author

Use variable expansion to load oidc secrets. Though honestly we shouldn't need any as long as grafana supports PKCE.

prometheus-community/helm-charts#4155

@jeffmccune
Copy link
Contributor Author

Deferring the remaining tasks until a later point, the main functionality of Grafana is up.

Some parting notes: Since I last did this a year ago the included kubernetes dashboards seem to have fallen into disrepair. The main use case of monitoring the PVC isn't met because the only pvc that show up are the ones in the prod-platform namespace, not the ones in prod-iam I need for the postgres cluster.

Many of the dashboards don't have data, like the etcd one, and nearly all of them use deprecated angular.

jeffmccune added a commit that referenced this issue Apr 4, 2024
@jeffmccune
(#85) Initial addition of kube-prometheus-stack
6f06c73 
Grafana does not yet have the istio sidecar.  Prometheus is accessible
through the auth proxy.  Cert manager is added to the workload clusters
so tls certs can be issued for webhooks, the kube-prom-stack helm chart
uses cert manager for this purpose.

With this patch Grafana is integrated with OIDC and I'm able to log in
as an Administrator.
@jeffmccune jeffmccune mentioned this issue Apr 4, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jeffmccune jeffmccune

Labels
None yet
Projects
None yet
Milestone
v1alpha1
Development

Successfully merging a pull request may close this issue.

(#85) Initial addition of kube-prometheus-stack holos-run/holos
1 participant
@jeffmccune