diff --git a/README.md b/README.md index a8dea03..84def96 100644 --- a/README.md +++ b/README.md @@ -129,3 +129,13 @@ ghcr.io/blind-oracle/cortex-tenant:1.6.1 FROM ghcr.io/blind-oracle/cortex-tenant:1.6.1 ADD my-config.yml /data/cortex-tenant.yml ``` + +### Deploy on Kubernetes + +`deploy/k8s` directory contains the deployment, service and configmap manifest files for deploying this on Kubernetes. You can overwrite the default config by editing the configuration parameters in the configmap manifest. + +```bash +kubectl apply -f deploy/k8s/cortex-tenant-deployment.yaml +kubectl apply -f deploy/k8s/cortex-tenant-service.yaml +kubectl apply -f deploy/k8s/config-file-configmap.yml +``` diff --git a/deploy/k8s/config-file-configmap.yml b/deploy/k8s/config-file-configmap.yml new file mode 100644 index 0000000..9b23aa1 --- /dev/null +++ b/deploy/k8s/config-file-configmap.yml @@ -0,0 +1,43 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: cortex-tenants-configmap + namespace: cortex +data: + cortex-tenant.yml: | + # Where to listen for incoming write requests from Prometheus + listen: 0.0.0.0:8080 + # Profiling API, remove to disable + listen_pprof: 0.0.0.0:7008 + # Where to send the modified requests (Cortex) + target: http://cortex-distributor.cortex.svc:8080/api/v1/push + # Log level + log_level: warn + # HTTP request timeout + timeout: 10s + # Timeout to wait on shutdown to allow load balancers detect that we're going away. + # During this period after the shutdown command the /alive endpoint will reply with HTTP 503. + # Set to 0s to disable. + timeout_shutdown: 10s + # Max number of parallel incoming HTTP requests to handle + concurrency: 1000 + # Whether to forward metrics metadata from Prometheus to Cortex + # Since metadata requests have no timeseries in them - we cannot divide them into tenants + # So the metadata requests will be sent to the default tenant only, if one is not defined - they will be dropped + metadata: false + + tenant: + # Which label to look for the tenant information + label: tenant + # Whether to remove the tenant label from the request + label_remove: false + # To which header to add the tenant ID + header: X-Scope-OrgID + # Which tenant ID to use if the label is missing in any of the timeseries + # If this is not set or empty then the write request with missing tenant label + # will be rejected with HTTP code 400 + default: cortex-tenant-default + # Enable if you want all metrics from Prometheus to be accepted with a 204 HTTP code + # regardless of the response from Cortex. This can lose metrics if Cortex is + # throwing rejections. + accept_all: false diff --git a/deploy/k8s/cortex-tenant-deployment.yaml b/deploy/k8s/cortex-tenant-deployment.yaml new file mode 100644 index 0000000..74f52ab --- /dev/null +++ b/deploy/k8s/cortex-tenant-deployment.yaml @@ -0,0 +1,33 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + release: cortex-tenant + name: cortex-tenant + namespace: cortex +spec: + replicas: 1 + selector: + matchLabels: + release: cortex-tenant + template: + metadata: + labels: + release: cortex-tenant + namespace: cortex + spec: + containers: + - image: ghcr.io/blind-oracle/cortex-tenant:latest + imagePullPolicy: IfNotPresent + name: cortex-tenant + ports: + - containerPort: 8080 + name: cortex-tenant + protocol: TCP + volumeMounts: + - mountPath: /data/ + name: config-file + volumes: + - configMap: + name: cortex-tenant-configmap + name: config-file diff --git a/deploy/k8s/cortex-tenant-service.yaml b/deploy/k8s/cortex-tenant-service.yaml new file mode 100644 index 0000000..a4066a2 --- /dev/null +++ b/deploy/k8s/cortex-tenant-service.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Service +metadata: + name: cortex-tenant + namespace: cortex +spec: + ports: + - name: cortex-tenant + port: 8080 + protocol: TCP + targetPort: cortex-tenant + selector: + release: cortex-tenant