summaryrefslogtreecommitdiff
path: root/f3s/argocd-apps/monitoring
diff options
context:
space:
mode:
authorPaul Buetow <paul@buetow.org>2026-01-07 23:54:08 +0200
committerPaul Buetow <paul@buetow.org>2026-01-07 23:54:08 +0200
commit058ab81ced6ef47e65cfd255857b857471e295d8 (patch)
tree2ef634ec86bf785cb369d18ca15ccfaff16ba7df /f3s/argocd-apps/monitoring
parent0672f43e1cef527e3c95ca8114de53db3e93c761 (diff)
Reorganize argocd-apps by namespace for better structure
- Create subdirectories: monitoring/, services/, infra/, test/ - Move 6 monitoring apps to monitoring/ - Move 13 service apps to services/ - Move 1 infra app to infra/ - Move 1 test app to test/ - Add README.md documenting the structure and usage This organization: - Makes it easier to understand which apps belong to which namespace - Allows applying apps by namespace: kubectl apply -f argocd-apps/monitoring/ - Supports namespace-scoped app-of-apps patterns - Provides better clarity when browsing the repository All 21 applications remain functional and validated with kubectl --dry-run.
Diffstat (limited to 'f3s/argocd-apps/monitoring')
-rw-r--r--f3s/argocd-apps/monitoring/alloy.yaml130
-rw-r--r--f3s/argocd-apps/monitoring/grafana-ingress.yaml28
-rw-r--r--f3s/argocd-apps/monitoring/loki.yaml86
-rw-r--r--f3s/argocd-apps/monitoring/prometheus.yaml126
-rw-r--r--f3s/argocd-apps/monitoring/pushgateway.yaml28
-rw-r--r--f3s/argocd-apps/monitoring/tempo.yaml97
6 files changed, 495 insertions, 0 deletions
diff --git a/f3s/argocd-apps/monitoring/alloy.yaml b/f3s/argocd-apps/monitoring/alloy.yaml
new file mode 100644
index 0000000..c5574b1
--- /dev/null
+++ b/f3s/argocd-apps/monitoring/alloy.yaml
@@ -0,0 +1,130 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+ name: alloy
+ namespace: cicd
+ finalizers:
+ - resources-finalizer.argocd.argoproj.io
+spec:
+ project: default
+ source:
+ repoURL: https://grafana.github.io/helm-charts
+ chart: alloy
+ targetRevision: 0.3.2
+ helm:
+ releaseName: alloy
+ valuesObject:
+ alloy:
+ service:
+ ports:
+ otlp-grpc:
+ enabled: true
+ port: 4317
+ targetPort: 4317
+ protocol: TCP
+ otlp-http:
+ enabled: true
+ port: 4318
+ targetPort: 4318
+ protocol: TCP
+
+ configMap:
+ content: |
+ discovery.kubernetes "pods" {
+ role = "pod"
+ }
+
+ discovery.relabel "pods" {
+ targets = discovery.kubernetes.pods.targets
+
+ rule {
+ source_labels = ["__meta_kubernetes_namespace"]
+ target_label = "namespace"
+ }
+
+ rule {
+ source_labels = ["__meta_kubernetes_pod_name"]
+ target_label = "pod"
+ }
+
+ rule {
+ source_labels = ["__meta_kubernetes_pod_container_name"]
+ target_label = "container"
+ }
+
+ rule {
+ source_labels = ["__meta_kubernetes_pod_label_app"]
+ target_label = "app"
+ }
+ }
+
+ loki.source.kubernetes "pods" {
+ targets = discovery.relabel.pods.output
+ forward_to = [loki.write.default.receiver]
+ }
+
+ loki.write "default" {
+ endpoint {
+ url = "http://loki.monitoring.svc.cluster.local:3100/loki/api/v1/push"
+ }
+ }
+
+ // ========================================
+ // TRACES COLLECTION
+ // ========================================
+
+ // OTLP receiver for traces via gRPC and HTTP
+ otelcol.receiver.otlp "default" {
+ grpc {
+ endpoint = "0.0.0.0:4317"
+ }
+
+ http {
+ endpoint = "0.0.0.0:4318"
+ }
+
+ output {
+ traces = [otelcol.processor.batch.default.input]
+ }
+ }
+
+ // Batch processor for efficient trace forwarding
+ otelcol.processor.batch "default" {
+ timeout = "5s"
+ send_batch_size = 100
+ send_batch_max_size = 200
+
+ output {
+ traces = [otelcol.exporter.otlp.tempo.input]
+ }
+ }
+
+ // OTLP exporter to send traces to Tempo
+ otelcol.exporter.otlp "tempo" {
+ client {
+ endpoint = "tempo.monitoring.svc.cluster.local:4317"
+
+ tls {
+ insecure = true
+ }
+
+ compression = "gzip"
+ }
+ }
+
+ destination:
+ server: https://kubernetes.default.svc
+ namespace: monitoring
+
+ syncPolicy:
+ automated:
+ prune: true
+ selfHeal: true
+ syncOptions:
+ - CreateNamespace=false
+ retry:
+ limit: 3
+ backoff:
+ duration: 5s
+ factor: 2
+ maxDuration: 1m
diff --git a/f3s/argocd-apps/monitoring/grafana-ingress.yaml b/f3s/argocd-apps/monitoring/grafana-ingress.yaml
new file mode 100644
index 0000000..bc99f02
--- /dev/null
+++ b/f3s/argocd-apps/monitoring/grafana-ingress.yaml
@@ -0,0 +1,28 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+ name: grafana-ingress
+ namespace: cicd
+ finalizers:
+ - resources-finalizer.argocd.argoproj.io
+spec:
+ project: default
+ source:
+ repoURL: https://codeberg.org/snonux/conf.git
+ targetRevision: master
+ path: f3s/prometheus/grafana-ingress
+ destination:
+ server: https://kubernetes.default.svc
+ namespace: monitoring
+ syncPolicy:
+ automated:
+ prune: true
+ selfHeal: true
+ syncOptions:
+ - CreateNamespace=false
+ retry:
+ limit: 3
+ backoff:
+ duration: 5s
+ factor: 2
+ maxDuration: 1m
diff --git a/f3s/argocd-apps/monitoring/loki.yaml b/f3s/argocd-apps/monitoring/loki.yaml
new file mode 100644
index 0000000..c7985c2
--- /dev/null
+++ b/f3s/argocd-apps/monitoring/loki.yaml
@@ -0,0 +1,86 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+ name: loki
+ namespace: cicd
+ finalizers:
+ - resources-finalizer.argocd.argoproj.io
+spec:
+ project: default
+ source:
+ repoURL: https://grafana.github.io/helm-charts
+ chart: loki
+ targetRevision: 6.6.3
+ helm:
+ releaseName: loki
+ valuesObject:
+ deploymentMode: SingleBinary
+
+ loki:
+ auth_enabled: false
+ commonConfig:
+ replication_factor: 1
+ storage:
+ type: filesystem
+ schemaConfig:
+ configs:
+ - from: "2024-01-01"
+ store: tsdb
+ object_store: filesystem
+ schema: v13
+ index:
+ prefix: index_
+ period: 24h
+
+ singleBinary:
+ replicas: 1
+ extraVolumes:
+ - name: loki-data
+ persistentVolumeClaim:
+ claimName: loki-data-pvc
+ extraVolumeMounts:
+ - name: loki-data
+ mountPath: /var/loki
+ persistence:
+ enabled: false
+
+ read:
+ replicas: 0
+
+ write:
+ replicas: 0
+
+ backend:
+ replicas: 0
+
+ gateway:
+ enabled: false
+
+ chunksCache:
+ enabled: false
+
+ resultsCache:
+ enabled: false
+
+ lokiCanary:
+ enabled: false
+
+ test:
+ enabled: false
+
+ destination:
+ server: https://kubernetes.default.svc
+ namespace: monitoring
+
+ syncPolicy:
+ automated:
+ prune: true
+ selfHeal: true
+ syncOptions:
+ - CreateNamespace=false
+ retry:
+ limit: 3
+ backoff:
+ duration: 5s
+ factor: 2
+ maxDuration: 1m
diff --git a/f3s/argocd-apps/monitoring/prometheus.yaml b/f3s/argocd-apps/monitoring/prometheus.yaml
new file mode 100644
index 0000000..4265168
--- /dev/null
+++ b/f3s/argocd-apps/monitoring/prometheus.yaml
@@ -0,0 +1,126 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+ name: prometheus
+ namespace: cicd
+ finalizers:
+ - resources-finalizer.argocd.argoproj.io
+spec:
+ project: default
+
+ sources:
+ # Source 1: Upstream Helm chart from prometheus-community
+ - repoURL: https://prometheus-community.github.io/helm-charts
+ chart: kube-prometheus-stack
+ targetRevision: 55.5.0
+ helm:
+ releaseName: prometheus
+ valuesObject:
+ kubeEtcd:
+ enabled: true
+ endpoints:
+ - 192.168.2.120
+ - 192.168.2.121
+ - 192.168.2.122
+ service:
+ enabled: true
+ port: 2381
+ targetPort: 2381
+
+ kubeControllerManager:
+ enabled: true
+ endpoints:
+ - 192.168.2.120
+ - 192.168.2.121
+ - 192.168.2.122
+ service:
+ enabled: true
+ port: 10257
+ targetPort: 10257
+ serviceMonitor:
+ enabled: true
+ https: true
+ insecureSkipVerify: true
+
+ prometheus:
+ prometheusSpec:
+ additionalArgs:
+ - name: web.enable-remote-write-receiver
+ value: ""
+ - name: web.enable-admin-api
+ value: ""
+ enableFeatures:
+ - exemplar-storage
+ - otlp-write-receiver
+ additionalScrapeConfigs: []
+ tsdb:
+ outOfOrderTimeWindow: 744h # 31 days
+ additionalScrapeConfigsSecret:
+ enabled: true
+ name: additional-scrape-configs
+ key: additional-scrape-configs.yaml
+ storageSpec:
+ volumeClaimTemplate:
+ spec:
+ storageClassName: ""
+ accessModes: ["ReadWriteOnce"]
+ resources:
+ requests:
+ storage: 10Gi
+ selector:
+ matchLabels:
+ type: local
+ app: prometheus
+
+ grafana:
+ persistence:
+ enabled: true
+ type: pvc
+ existingClaim: "grafana-data-pvc"
+
+ initChownData:
+ enabled: false
+
+ podSecurityContext:
+ fsGroup: 911
+ runAsUser: 911
+ runAsGroup: 911
+
+ # Disable sidecar-based datasource provisioning
+ sidecar:
+ datasources:
+ enabled: false
+
+ # Mount datasources ConfigMap directly to provisioning directory
+ extraVolumes:
+ - name: datasources-volume
+ configMap:
+ name: grafana-datasources-all
+
+ extraVolumeMounts:
+ - name: datasources-volume
+ mountPath: /etc/grafana/provisioning/datasources
+ readOnly: true
+
+ # Source 2: Additional manifests from Git repository
+ - repoURL: https://codeberg.org/snonux/conf.git
+ targetRevision: master
+ path: f3s/prometheus/manifests
+
+ destination:
+ server: https://kubernetes.default.svc
+ namespace: monitoring
+
+ syncPolicy:
+ automated:
+ prune: false # Manual pruning for safety on complex stack
+ selfHeal: true
+ syncOptions:
+ - CreateNamespace=false
+ - ServerSideApply=true
+ retry:
+ limit: 3
+ backoff:
+ duration: 10s
+ factor: 2
+ maxDuration: 3m
diff --git a/f3s/argocd-apps/monitoring/pushgateway.yaml b/f3s/argocd-apps/monitoring/pushgateway.yaml
new file mode 100644
index 0000000..46d69ca
--- /dev/null
+++ b/f3s/argocd-apps/monitoring/pushgateway.yaml
@@ -0,0 +1,28 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+ name: pushgateway
+ namespace: cicd
+ finalizers:
+ - resources-finalizer.argocd.argoproj.io
+spec:
+ project: default
+ source:
+ repoURL: https://codeberg.org/snonux/conf.git
+ targetRevision: master
+ path: f3s/pushgateway/helm-chart
+ destination:
+ server: https://kubernetes.default.svc
+ namespace: monitoring
+ syncPolicy:
+ automated:
+ prune: true
+ selfHeal: true
+ syncOptions:
+ - CreateNamespace=false
+ retry:
+ limit: 3
+ backoff:
+ duration: 5s
+ factor: 2
+ maxDuration: 1m
diff --git a/f3s/argocd-apps/monitoring/tempo.yaml b/f3s/argocd-apps/monitoring/tempo.yaml
new file mode 100644
index 0000000..0fd6bc1
--- /dev/null
+++ b/f3s/argocd-apps/monitoring/tempo.yaml
@@ -0,0 +1,97 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+ name: tempo
+ namespace: cicd
+ finalizers:
+ - resources-finalizer.argocd.argoproj.io
+spec:
+ project: default
+ source:
+ repoURL: https://grafana.github.io/helm-charts
+ chart: tempo
+ targetRevision: 1.24.1
+ helm:
+ releaseName: tempo
+ valuesObject:
+ # Grafana Tempo - Monolithic Mode Configuration
+ tempo:
+ # Retention policy for traces (7 days)
+ retention: 168h
+
+ # Storage configuration - Local filesystem backend
+ storage:
+ trace:
+ backend: local
+ local:
+ path: /var/tempo/traces
+ wal:
+ path: /var/tempo/wal
+
+ # Distributor configuration with OTLP receivers
+ receivers:
+ otlp:
+ protocols:
+ grpc:
+ endpoint: 0.0.0.0:4317
+ http:
+ endpoint: 0.0.0.0:4318
+
+ # Persistence configuration using hostPath PV
+ persistence:
+ enabled: true
+ size: 10Gi
+ storageClassName: "" # Empty string for manual PV binding
+ accessModes:
+ - ReadWriteOnce
+
+ # Service configuration
+ service:
+ type: ClusterIP
+
+ # Resource limits
+ resources:
+ limits:
+ cpu: 1000m
+ memory: 2Gi
+ requests:
+ cpu: 500m
+ memory: 1Gi
+
+ # Security context
+ securityContext:
+ fsGroup: 10001
+ runAsUser: 10001
+ runAsGroup: 10001
+ runAsNonRoot: true
+
+ # Disable components not needed in monolithic mode
+ gateway:
+ enabled: false
+
+ # Monitoring integration with Prometheus
+ serviceMonitor:
+ enabled: true
+ labels:
+ release: prometheus
+
+ # Test pod disabled
+ test:
+ enabled: false
+
+ destination:
+ server: https://kubernetes.default.svc
+ namespace: monitoring
+
+ syncPolicy:
+ automated:
+ prune: true
+ selfHeal: true
+ syncOptions:
+ - CreateNamespace=false
+ retry:
+ limit: 3
+ backoff:
+ duration: 5s
+ factor: 2
+ maxDuration: 1m
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-17 18:59:40 +0000