wrenix/flux-charts
1
0
Fork 0
Code Issues 14 Pull requests 1 Projects Releases Packages Wiki Activity Actions
flux-charts/infra-monitoring/templates/exporter/blackbox/release.yaml

184 lines
4.7 KiB
YAML
Raw Blame History

{{- if .Values.prometheus.exporter.blackbox.enabled }}
---
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: prometheus-blackbox-exporter
spec:
chart:
spec:
sourceRef:
kind: HelmRepository
name: "prometheus-community"
chart: "prometheus-blackbox-exporter"
install:
{{- toYaml .Values.commons.helm.release.install | nindent 4 }}
test:
{{- toYaml .Values.commons.helm.release.test | nindent 4 }}
upgrade:
{{- toYaml .Values.commons.helm.release.upgrade | nindent 4 }}
driftDetection:
{{- toYaml .Values.commons.helm.release.driftDetection | nindent 4 }}
interval: 10m
values:
# to run icmp
# Workaround: https://github.com/prometheus-community/helm-charts/issues/2360
podSecurityContext:
sysctls:
- name: net.ipv4.ping_group_range
value: "0 65536"
# securityContext:
# capabilities:
# add: ["NET_RAW"]
serviceMonitor:
selfMonitor:
enabled: {{ (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/ServiceMonitor") }}
labels:
{{- toYaml .Values.commons.prometheus.monitor.labels | nindent 10 }}
{{- with .Values.prometheus.exporter.blackbox.ingress }}
{{- if .enabled }}
{{- $host := .host | default (printf "blackbox.exporter.%s" $.Values.commons.ingress.domain)}}
ingress:
enabled: true
annotations:
{{- with $.Values.commons.ingress.annotations }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .annotations }}
{{- toYaml . | nindent 8 }}
{{- end }}
hosts:
- host: "{{ $host }}"
paths:
- path: "/"
pathType: Prefix
{{- if $.Values.commons.ingress.tls.enabled }}
tls:
{{- with $.Values.commons.ingress.tls.override }}
{{- toYaml . | nindent 8 }}
{{- else }}
- secretName: "infra-monitoring-exporter-blackbox-cert"
hosts:
- "{{ $host }}"
{{- end }}
{{- end }}
{{- end }}
{{- end }}
config:
modules:
# HTTP IPv4 and IPv6 only
http_2xx:
prober: http
http_2xx_tls_skip_verify:
prober: http
http:
tls_config:
insecure_skip_verify: true
http_2xx_ipv4:
prober: http
http:
ip_protocol_fallback: false
preferred_ip_protocol: "ip4"
http_2xx_ipv6:
prober: http
http:
ip_protocol_fallback: false
preferred_ip_protocol: "ip6"
http_post_2xx:
prober: http
http:
method: POST
# TCP
tcp_connect:
prober: tcp
tcp_connect_ipv4:
prober: tcp
tcp:
ip_protocol_fallback: false
preferred_ip_protocol: "ip4"
tcp_connect_ipv6:
prober: tcp
tcp:
ip_protocol_fallback: false
preferred_ip_protocol: "ip6"
# TLS
tls_connect:
prober: tcp
tcp:
tls: true
tls_config:
insecure_skip_verify: false
tls_connect_tls_skip_verify:
prober: tcp
tcp:
tls: true
tls_config:
insecure_skip_verify: true
tls_connect_ipv4:
prober: tcp
tcp:
tls: true
tls_config:
insecure_skip_verify: false
ip_protocol_fallback: false
preferred_ip_protocol: "ip4"
tls_connect_ipv6:
prober: tcp
tcp:
tls: true
tls_config:
insecure_skip_verify: false
ip_protocol_fallback: false
preferred_ip_protocol: "ip6"
pop3s_banner:
prober: tcp
tcp:
query_response:
- expect: "^+OK"
tls: true
tls_config:
insecure_skip_verify: false
grpc:
prober: grpc
grpc:
tls: true
grpc_plain:
prober: grpc
grpc:
tls: false
service: "service1"
ssh_banner:
prober: tcp
tcp:
query_response:
- expect: "^SSH-2.0-"
- send: "SSH-2.0-blackbox-ssh-check"
# Ping IPv4 and IPv6 only
icmp:
prober: icmp
icmp:
preferred_ip_protocol: "ip4"
icmp_ipv4:
prober: icmp
icmp:
ip_protocol_fallback: false
preferred_ip_protocol: "ip4"
icmp_ipv6:
prober: icmp
icmp:
ip_protocol_fallback: false
preferred_ip_protocol: "ip6"
{{- end }}
Reference in a new issue View git blame Copy permalink