diff --git a/base/monitoring/cadvisor/cadvisor.DaemonSet.yaml b/base/monitoring/cadvisor/cadvisor.DaemonSet.yaml index 9a5cba78..fdb25514 100644 --- a/base/monitoring/cadvisor/cadvisor.DaemonSet.yaml +++ b/base/monitoring/cadvisor/cadvisor.DaemonSet.yaml @@ -26,7 +26,7 @@ spec: serviceAccountName: cadvisor containers: - name: cadvisor - image: index.docker.io/sourcegraph/cadvisor:4.4.2@sha256:4c3af0c4fd9ea4425d38f7d1a784833c5fd542542cdbb81292044773e686fa60 + image: index.docker.io/sourcegraph/cadvisor:4.5.0@sha256:5117f2bc817c16fb129acb6f9b070af8f1be09d3d9a8f88e3297f7adfff9af0d args: # Kubernetes-specific flags below (other flags are baked into the Docker image) # diff --git a/base/monitoring/grafana/grafana.StatefulSet.yaml b/base/monitoring/grafana/grafana.StatefulSet.yaml index 9ebc6e03..2be58cbe 100644 --- a/base/monitoring/grafana/grafana.StatefulSet.yaml +++ b/base/monitoring/grafana/grafana.StatefulSet.yaml @@ -26,7 +26,7 @@ spec: spec: containers: - name: grafana - image: index.docker.io/sourcegraph/grafana:4.4.2@sha256:69777c3a895a03eee035c173c91c0f25893285118c06e51a67728ec4259e2296 + image: index.docker.io/sourcegraph/grafana:4.5.0@sha256:f70a7f79c5c90cab0d5cfb8f3dbca4dc60ed390b045aff1a86079c87bfe9a8af terminationMessagePolicy: FallbackToLogsOnError ports: - containerPort: 3370 diff --git a/components/monitoring/rbacs/grafana/grafana.ServiceAccount.yaml b/base/monitoring/grafana/rbac/grafana.ServiceAccount.yaml similarity index 100% rename from components/monitoring/rbacs/grafana/grafana.ServiceAccount.yaml rename to base/monitoring/grafana/rbac/grafana.ServiceAccount.yaml diff --git a/base/monitoring/grafana/rbac/kustomization.yaml b/base/monitoring/grafana/rbac/kustomization.yaml new file mode 100644 index 00000000..49a541ea --- /dev/null +++ b/base/monitoring/grafana/rbac/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - grafana.ServiceAccount.yaml diff --git a/base/monitoring/jaeger/jaeger.Deployment.yaml b/base/monitoring/jaeger/jaeger.Deployment.yaml index 5bf5d281..6af6fe65 100644 --- a/base/monitoring/jaeger/jaeger.Deployment.yaml +++ b/base/monitoring/jaeger/jaeger.Deployment.yaml @@ -30,7 +30,7 @@ spec: spec: containers: - name: jaeger - image: index.docker.io/sourcegraph/jaeger-all-in-one:insiders@sha256:462ef3b4a5fa9227f04c2f4bc2968970fad0fcc9efbaf89adaad0ef98a24b53f + image: index.docker.io/sourcegraph/jaeger-all-in-one:4.5.0@sha256:461476b01968324a0d8cb43a0176713e006f99cdb1f2efc3ab2210fd0bb812c2 args: ["--memory.max-traces=20000"] ports: - containerPort: 5775 diff --git a/base/monitoring/node-exporter/node-exporter.DaemonSet.yaml b/base/monitoring/node-exporter/node-exporter.DaemonSet.yaml index 7116d6d5..defd94a3 100644 --- a/base/monitoring/node-exporter/node-exporter.DaemonSet.yaml +++ b/base/monitoring/node-exporter/node-exporter.DaemonSet.yaml @@ -24,7 +24,7 @@ spec: spec: containers: - name: node-exporter - image: index.docker.io/sourcegraph/node-exporter:4.4.2@sha256:fa8e5700b7762fffe0674e944762f44bb787a7e44d97569fe55348260453bf80 + image: index.docker.io/sourcegraph/node-exporter:4.5.0@sha256:fa8e5700b7762fffe0674e944762f44bb787a7e44d97569fe55348260453bf80 imagePullPolicy: IfNotPresent resources: limits: diff --git a/base/monitoring/otel-collector/otel-agent.DaemonSet.yaml b/base/monitoring/otel-collector/otel-agent.DaemonSet.yaml index e47fbb05..87e98e24 100644 --- a/base/monitoring/otel-collector/otel-agent.DaemonSet.yaml +++ b/base/monitoring/otel-collector/otel-agent.DaemonSet.yaml @@ -26,7 +26,7 @@ spec: spec: containers: - name: otel-agent - image: index.docker.io/sourcegraph/opentelemetry-collector:4.4.2@sha256:f0723c96c973258ad3123ddc479261bb8f5827bbac1d091b6a683fde55334413 + image: index.docker.io/sourcegraph/opentelemetry-collector:4.5.0@sha256:12f3fc137edea8319ebf574e15e6c27c19fb0b7ca17165973f98c8d8c342ca1d command: - "/bin/otelcol-sourcegraph" - "--config=/etc/otel-agent/config.yaml" diff --git a/base/monitoring/otel-collector/otel-collector.Deployment.yaml b/base/monitoring/otel-collector/otel-collector.Deployment.yaml index d7ac4a8b..07efca7e 100644 --- a/base/monitoring/otel-collector/otel-collector.Deployment.yaml +++ b/base/monitoring/otel-collector/otel-collector.Deployment.yaml @@ -26,7 +26,7 @@ spec: spec: containers: - name: otel-collector - image: index.docker.io/sourcegraph/opentelemetry-collector:4.4.2@sha256:f0723c96c973258ad3123ddc479261bb8f5827bbac1d091b6a683fde55334413 + image: index.docker.io/sourcegraph/opentelemetry-collector:4.5.0@sha256:12f3fc137edea8319ebf574e15e6c27c19fb0b7ca17165973f98c8d8c342ca1d command: - "/bin/otelcol-sourcegraph" # To use a custom configuration, edit otel-collector.ConfigMap.yaml diff --git a/base/monitoring/prometheus/prometheus.ConfigMap.yaml b/base/monitoring/prometheus/prometheus.ConfigMap.yaml index 980dda74..21e30b01 100644 --- a/base/monitoring/prometheus/prometheus.ConfigMap.yaml +++ b/base/monitoring/prometheus/prometheus.ConfigMap.yaml @@ -10,7 +10,7 @@ data: prometheus.yml: | # Prometheus global config global: - scrape_interval: 30s + scrape_interval: 30s evaluation_interval: 30s # scrape_timeout is set to the global default (10s). @@ -19,47 +19,36 @@ data: alertmanagers: # bundled alertmanager, started by prom-wrapper - static_configs: - - targets: ['127.0.0.1:9093'] + - targets: ["127.0.0.1:9093"] path_prefix: /alertmanager # add more alertmanagers here # Load rules once and periodically evaluate them according to the global 'evaluation_interval'. rule_files: - - '/sg_config_prometheus/*_rules.yml' - - '/sg_prometheus_add_ons/*_rules.yml' + - "/sg_config_prometheus/*_rules.yml" + - "/sg_prometheus_add_ons/*_rules.yml" # Configure targets to scrape scrape_configs: - # Scrape prometheus itself for metrics. - - job_name: 'builtin-prometheus' + - job_name: "builtin-prometheus" static_configs: - - targets: ['127.0.0.1:9092'] + - targets: ["127.0.0.1:9092"] - - job_name: 'builtin-alertmanager' + - job_name: "builtin-alertmanager" metrics_path: /alertmanager/metrics static_configs: - - targets: ['127.0.0.1:9093'] + - targets: ["127.0.0.1:9093"] - - job_name: 'sourcegraph-services' - relabel_configs: - - source_labels: [__address__] - target_label: instance - regex: (.*)\.(.*) - replacement: ${1}_${2} - metric_relabel_configs: - - source_labels: [container_label_io_kubernetes_pod_namespace] - regex: kube-system - action: drop - file_sd_configs: - - files: - - '/sg_prometheus_add_ons/*_targets.yml' - - - job_name: 'cadvisor' + ########################################################################################## + # cadvisor + ########################################################################################## + + - job_name: "kubernetes-pods" dns_sd_configs: - names: - - 'cadvisor.default.svc.cluster.local' - - 'cadvisor.ns-sourcegraph.svc.cluster.local' + - "cadvisor.default.svc.cluster.local" + - "cadvisor.ns-sourcegraph.svc.cluster.local" type: A port: 48080 relabel_configs: @@ -73,59 +62,97 @@ data: - source_labels: [container_label_io_kubernetes_pod_namespace] regex: kube-system action: drop - - source_labels: [container_label_io_kubernetes_container_name, container_label_io_kubernetes_pod_name] + - source_labels: + [ + container_label_io_kubernetes_container_name, + container_label_io_kubernetes_pod_name, + ] regex: (.+) action: replace target_label: name - separator: '-' - # - source_labels: [container_label_io_kubernetes_pod_namespace] - # regex: ^$|ns-sourcegraph # ACTION: replace ns-sourcegraph with your namespace - # action: keep - - - job_name: 'sourcegraph-statefulsets' + separator: "-" + + ########################################################################################## + # sourcegraph-services + ########################################################################################## + + - job_name: "sourcegraph-services" + relabel_configs: + - source_labels: [__address__] + target_label: instance + regex: (.*)\.(.*) + replacement: ${1}_${2} + metric_relabel_configs: + - source_labels: [container_label_io_kubernetes_pod_namespace] + regex: kube-system + action: drop + file_sd_configs: + - files: + - "/sg_prometheus_add_ons/*_targets.yml" + + - job_name: "sourcegraph-statefulsets" dns_sd_configs: - names: - - 'symbols.default.svc.cluster.local' - - 'symbols.ns-sourcegraph.svc.cluster.local' - - 'searcher.default.svc.cluster.local' - - 'searcher.ns-sourcegraph.svc.cluster.local' - - 'gitserver.default.svc.cluster.local' - - 'gitserver.ns-sourcegraph.svc.cluster.local' - - 'sourcegraph-frontend.default.svc.cluster.local' - - 'sourcegraph-frontend.ns-sourcegraph.svc.cluster.local' - type: A - port: 6060 - - names: - - 'indexed-search.default.svc.cluster.local' - - 'indexed-search.ns-sourcegraph.svc.cluster.local' - type: A - port: 6070 - - names: - - 'indexed-search-indexer.default.svc.cluster.local' - - 'indexed-search-indexer.ns-sourcegraph.svc.cluster.local' - type: A - port: 6072 + - "symbols.default.svc.cluster.local" + - "symbols.ns-sourcegraph.svc.cluster.local" + - "symbols.$SG_NAMESPACE.svc.cluster.local" + - "searcher.default.svc.cluster.local" + - "searcher.ns-sourcegraph.svc.cluster.local" + - "searcher.$SG_NAMESPACE.svc.cluster.local" + - "gitserver.default.svc.cluster.local" + - "gitserver.ns-sourcegraph.svc.cluster.local" + - "gitserver.$SG_NAMESPACE.svc.cluster.local" + - "sourcegraph-frontend.default.svc.cluster.local" + - "sourcegraph-frontend.ns-sourcegraph.svc.cluster.local" + - "sourcegraph-frontend.$SG_NAMESPACE.svc.cluster.local" + - "indexed-search.default.svc.cluster.local" + - "indexed-search.ns-sourcegraph.svc.cluster.local" + - "indexed-search.$SG_NAMESPACE.svc.cluster.local" + - "indexed-search-indexer.default.svc.cluster.local" + - "indexed-search-indexer.ns-sourcegraph.svc.cluster.local" + - "indexed-search-indexer.$SG_NAMESPACE.svc.cluster.local" + type: SRV relabel_configs: + - source_labels: [__meta_dns_srv_record_target] + target_label: __address__ + regex: (.*)\. + replacement: ${1}:6060 + - source_labels: [__meta_dns_srv_record_target] + target_label: __address__ + regex: ^(indexed-search.*)\. + replacement: ${1}:6070 + - source_labels: [__meta_dns_srv_record_target] + target_label: __address__ + regex: (.*)\.(indexed-search-indexer.*)\. + replacement: ${1}.${2}:6072 + - source_labels: [__meta_dns_srv_record_port] + target_label: __meta_dns_srv_record_port + replacement: 6060 + - source_labels: [__address__] + regex: ^(indexed-search).*$ + target_label: __meta_dns_srv_record_port + replacement: 6070 - source_labels: [__meta_dns_name] - target_label: service_name + target_label: job regex: (.*)\..*\..*\..*\..* replacement: ${1} + - source_labels: [__meta_dns_srv_record_target] + regex: (.*)\.(.*)\..*\..*\..*\..*\..* + target_label: instance + replacement: ${2}_${1} + metric_relabel_configs: + - source_labels: [container_label_io_kubernetes_pod_namespace] + regex: kube-system + action: drop + - source_labels: [__address__] + target_label: instance + regex: (.*)\:.* + replacement: $1:6060 + - source_labels: [__address__] + target_label: instance + regex: (.*)\.(.*)\..*\..*\..*\..*\..* + replacement: ${2}_${1} - # Extra rules - extra_rules.yml: | - groups: - - name: container.rules - rules: - - record: container:process_cpu_seconds_total:ratio_rate5m - expr: sum by (instance) (rate(process_cpu_seconds_total[5m])) / engine_daemon_engine_cpus_cpus - - record: container:process_cpu_seconds_total:sum - expr: sum by (instance) (irate(process_cpu_seconds_total[1m])) - - record: container:process_resident_memory_bytes:max - expr: max by (instance) (process_resident_memory_bytes) - - record: container:process_virtual_memory_bytes:max - expr: max by (instance) (process_virtual_memory_bytes) - - # List of static targets prometheus_targets.yml: | - labels: nodename: "sourcegraph-services" @@ -202,40 +229,15 @@ data: job: otel-collector targets: - otel-collector:8888 - - # Add new targets based on replica count of symbols - symbols_targets.yml: | - - labels: - nodename: "sourcegraph-services" - job: symbols - targets: - - symbols-0.symbols:6060 - - # Add new targets based on replica count of searcher - searcher_targets.yml: | - - labels: - nodename: "sourcegraph-services" - job: searcher - targets: - - searcher-0.searcher:6060 - - # Add new targets based on replica count of gitserver - gitserver_targets.yml: | - - labels: - nodename: "sourcegraph-services" - job: gitserver - targets: - - gitserver-0.gitserver:6060 - - # Add new targets based on replica count of indexed-search - indexed-search_targets.yml: | - - labels: - nodename: "sourcegraph-services" - job: zoekt-indexserver - targets: - - indexed-search-0.indexed-search:6072 - - labels: - nodename: "sourcegraph-services" - job: zoekt-webserver - targets: - - indexed-search-0.indexed-search:6070 + extra_rules.yml: | + groups: + - name: container.rules + rules: + - record: container:process_cpu_seconds_total:ratio_rate5m + expr: sum by (instance) (rate(process_cpu_seconds_total[5m])) / engine_daemon_engine_cpus_cpus + - record: container:process_cpu_seconds_total:sum + expr: sum by (instance) (irate(process_cpu_seconds_total[1m])) + - record: container:process_resident_memory_bytes:max + expr: max by (instance) (process_resident_memory_bytes) + - record: container:process_virtual_memory_bytes:max + expr: max by (instance) (process_virtual_memory_bytes) diff --git a/base/monitoring/prometheus/prometheus.Deployment.yaml b/base/monitoring/prometheus/prometheus.Deployment.yaml index a1360e56..2c11ad00 100644 --- a/base/monitoring/prometheus/prometheus.Deployment.yaml +++ b/base/monitoring/prometheus/prometheus.Deployment.yaml @@ -25,10 +25,10 @@ spec: spec: containers: - name: prometheus - image: index.docker.io/sourcegraph/prometheus:4.4.2@sha256:d833d00a39937cf700f276f816dc789615d6396979418a7d9362386513b1fc9d + image: index.docker.io/sourcegraph/prometheus:4.5.0@sha256:4fe9a5fdee206b1aac9d32afb31ad57e1882394aad9e7e9f719a1b2741afcae5 terminationMessagePolicy: FallbackToLogsOnError env: - - name: MY_POD_NAMESPACE + - name: SG_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace @@ -70,7 +70,6 @@ spec: runAsUser: 100 fsGroup: 100 fsGroupChangePolicy: "OnRootMismatch" - # serviceAccountName: prometheus volumes: - name: data persistentVolumeClaim: diff --git a/base/monitoring/prometheus/prometheus.PersistentVolumeClaim.yaml b/base/monitoring/prometheus/prometheus.PersistentVolumeClaim.yaml index 872e3348..d5083de1 100644 --- a/base/monitoring/prometheus/prometheus.PersistentVolumeClaim.yaml +++ b/base/monitoring/prometheus/prometheus.PersistentVolumeClaim.yaml @@ -11,4 +11,4 @@ spec: - ReadWriteOnce resources: requests: - storage: 50Gi + storage: 200Gi diff --git a/base/monitoring/prometheus/rbac/kustomization.yaml b/base/monitoring/prometheus/rbac/kustomization.yaml new file mode 100644 index 00000000..abcf88c1 --- /dev/null +++ b/base/monitoring/prometheus/rbac/kustomization.yaml @@ -0,0 +1,7 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - prometheus.ConfigMap.yaml + - prometheus.ClusterRole.yaml + - prometheus.ClusterRoleBinding.yaml + - prometheus.ServiceAccount.yaml diff --git a/components/monitoring/rbacs/prometheus/prometheus.ClusterRole.yaml b/base/monitoring/prometheus/rbac/prometheus.ClusterRole.yaml similarity index 100% rename from components/monitoring/rbacs/prometheus/prometheus.ClusterRole.yaml rename to base/monitoring/prometheus/rbac/prometheus.ClusterRole.yaml diff --git a/components/monitoring/rbacs/prometheus/prometheus.ClusterRoleBinding.yaml b/base/monitoring/prometheus/rbac/prometheus.ClusterRoleBinding.yaml similarity index 100% rename from components/monitoring/rbacs/prometheus/prometheus.ClusterRoleBinding.yaml rename to base/monitoring/prometheus/rbac/prometheus.ClusterRoleBinding.yaml diff --git a/base/monitoring/prometheus/rbac/prometheus.ConfigMap.yaml b/base/monitoring/prometheus/rbac/prometheus.ConfigMap.yaml new file mode 100644 index 00000000..1157f429 --- /dev/null +++ b/base/monitoring/prometheus/rbac/prometheus.ConfigMap.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + labels: + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + app.kubernetes.io/component: prometheus + name: prometheus-rbac +data: + prometheus.yml: "global:\n scrape_interval: 30s\n evaluation_interval: 30s\n\nalerting:\n alertmanagers:\n # Bundled Alertmanager, started by prom-wrapper\n - static_configs:\n - targets: ['127.0.0.1:9093']\n path_prefix: /alertmanager\n # Uncomment the following to have alerts delivered to additional Alertmanagers discovered\n # in the cluster. This configuration is not required if you use Sourcegraph's built-in alerting:\n # https://docs.sourcegraph.com/admin/observability/alerting\n # - kubernetes_sd_configs:\n # - role: endpoints\n # relabel_configs:\n # - source_labels: [__meta_kubernetes_service_name]\n # regex: alertmanager\n # action: keep\n\nrule_files:\n - '*_rules.yml'\n - \"/sg_config_prometheus/*_rules.yml\"\n - \"/sg_prometheus_add_ons/*_rules.yml\"\n\n# A scrape configuration for running Prometheus on a Kubernetes cluster.\n# This uses separate scrape configs for cluster components (i.e. API server, node)\n# and services to allow each to use different authentication configs.\n#\n# Kubernetes labels will be added as Prometheus labels on metrics via the\n# `labelmap` relabeling action.\n\n# Scrape config for API servers.\n#\n# Kubernetes exposes API servers as endpoints to the default/kubernetes\n# service so this uses `endpoints` role and uses relabelling to only keep\n# the endpoints associated with the default/kubernetes service using the\n# default named port `https`. This works for single API server deployments as\n# well as HA API server deployments.\nscrape_configs:\n- job_name: 'kubernetes-apiservers'\n\n kubernetes_sd_configs:\n - role: endpoints\n\n # Default to scraping over https. If required, just disable this or change to\n # `http`.\n scheme: https\n\n # This TLS & bearer token file config is used to connect to the actual scrape\n # endpoints for cluster components. This is separate to discovery auth\n # configuration because discovery & scraping are two separate concerns in\n # Prometheus. The discovery auth config is automatic if Prometheus runs inside\n # the cluster. Otherwise, more config options have to be provided within the\n # .\n tls_config:\n ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt\n # If your node certificates are self-signed or use a different CA to the\n # master CA, then disable certificate verification below. Note that\n # certificate verification is an integral part of a secure infrastructure\n # so this should only be disabled in a controlled environment. You can\n # disable certificate verification by uncommenting the line below.\n #\n # insecure_skip_verify: true\n bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token\n\n # Keep only the default/kubernetes service endpoints for the https port. This\n # will add targets for each API server which Kubernetes adds an endpoint to\n # the default/kubernetes service.\n relabel_configs:\n - source_labels: [__meta_kubernetes_namespace, __meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name]\n action: keep\n regex: default;kubernetes;https\n\n- job_name: 'kubernetes-nodes'\n\n # Default to scraping over https. If required, just disable this or change to\n # `http`.\n scheme: https\n\n # This TLS & bearer token file config is used to connect to the actual scrape\n # endpoints for cluster components. This is separate to discovery auth\n # configuration because discovery & scraping are two separate concerns in\n # Prometheus. The discovery auth config is automatic if Prometheus runs inside\n # the cluster. Otherwise, more config options have to be provided within the\n # .\n tls_config:\n ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt\n # If your node certificates are self-signed or use a different CA to the\n # master CA, then disable certificate verification below. Note that\n # certificate verification is an integral part of a secure infrastructure\n # so this should only be disabled in a controlled environment. You can\n # disable certificate verification by uncommenting the line below.\n #\n insecure_skip_verify: true\n bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token\n\n kubernetes_sd_configs:\n - role: node\n\n relabel_configs:\n - action: labelmap\n regex: __meta_kubernetes_node_label_(.+)\n - target_label: __address__\n replacement: kubernetes.default.svc:443\n - source_labels: [__meta_kubernetes_node_name]\n regex: (.+)\n target_label: __metrics_path__\n replacement: /api/v1/nodes/${1}/proxy/metrics\n\n# Scrape config for service endpoints.\n#\n# The relabeling allows the actual service scrape endpoint to be configured\n# via the following annotations:\n#\n# * `sourcegraph.prometheus/scrape`: Only scrape services that have a value of `true`\n# * `prometheus.io/scheme`: If the metrics endpoint is secured then you will need\n# to set this to `https` & most likely set the `tls_config` of the scrape config.\n# * `prometheus.io/path`: If the metrics path is not `/metrics` override this.\n# * `prometheus.io/port`: If the metrics are exposed on a different port to the\n# service then set this appropriately.\n- job_name: 'kubernetes-service-endpoints'\n\n kubernetes_sd_configs:\n - role: endpoints\n\n relabel_configs:\n # Sourcegraph specific customization, only scrape pods with our annotation\n - source_labels: [__meta_kubernetes_service_annotation_sourcegraph_prometheus_scrape]\n action: keep\n regex: true\n - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scheme]\n action: replace\n target_label: __scheme__\n regex: (https?)\n - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_path]\n action: replace\n target_label: __metrics_path__\n regex: (.+)\n - source_labels: [__address__, __meta_kubernetes_service_annotation_prometheus_io_port]\n action: replace\n target_label: __address__\n regex: (.+)(?::\\d+);(\\d+)\n replacement: $1:$2\n - action: labelmap\n regex: __meta_kubernetes_service_label_(.+)\n - source_labels: [__meta_kubernetes_namespace]\n action: replace\n # Sourcegraph specific customization. We want a more convenient to type label.\n # target_label: kubernetes_namespace\n target_label: ns\n - source_labels: [__meta_kubernetes_service_name]\n action: replace\n target_label: kubernetes_name\n # Sourcegraph specific customization. We want a nicer name for job\n - source_labels: [app]\n action: replace\n target_label: job\n # Sourcegraph specific customization. We want a nicer name for instance\n - source_labels: [__meta_kubernetes_pod_name]\n action: replace\n target_label: instance\n # Sourcegraph specific customization. We want to add a label to every \n # metric that indicates the node it came from.\n - source_labels: [__meta_kubernetes_endpoint_node_name]\n action: replace\n target_label: nodename\n metric_relabel_configs:\n # Sourcegraph specific customization. Drop metrics with empty nodename responses from the k8s API\n - source_labels: [nodename]\n regex: ^$\n action: drop\n\n# Example scrape config for probing services via the Blackbox Exporter.\n#\n# The relabeling allows the actual service scrape endpoint to be configured\n# via the following annotations:\n#\n# * `prometheus.io/probe`: Only probe services that have a value of `true`\n- job_name: 'kubernetes-services'\n\n metrics_path: /probe\n params:\n module: [http_2xx]\n\n kubernetes_sd_configs:\n - role: service\n\n relabel_configs:\n - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_probe]\n action: keep\n regex: true\n - source_labels: [__address__]\n target_label: __param_target\n - target_label: __address__\n replacement: blackbox\n - source_labels: [__param_target]\n target_label: instance\n - action: labelmap\n regex: __meta_kubernetes_service_label_(.+)\n - source_labels: [__meta_kubernetes_service_namespace]\n # Sourcegraph specific customization. We want a more convenient to type label.\n # target_label: kubernetes_namespace\n target_label: ns\n - source_labels: [__meta_kubernetes_service_name]\n target_label: kubernetes_name\n\n# Example scrape config for pods\n#\n# The relabeling allows the actual pod scrape endpoint to be configured via the\n# following annotations:\n#\n# * `sourcegraph.prometheus/scrape`: Only scrape pods that have a value of `true`\n# * `prometheus.io/path`: If the metrics path is not `/metrics` override this.\n# * `prometheus.io/port`: Scrape the pod on the indicated port instead of the default of `9102`.\n- job_name: 'kubernetes-pods'\n\n kubernetes_sd_configs:\n - role: pod\n\n relabel_configs:\n # Sourcegraph specific customization, only scrape pods with our annotation\n - source_labels: [__meta_kubernetes_pod_annotation_sourcegraph_prometheus_scrape]\n action: keep\n regex: true\n - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_path]\n action: replace\n target_label: __metrics_path__\n regex: (.+)\n - source_labels: [__address__, __meta_kubernetes_pod_annotation_prometheus_io_port]\n action: replace\n regex: (.+):(?:\\d+);(\\d+)\n replacement: ${1}:${2}\n target_label: __address__\n - action: labelmap\n regex: __meta_kubernetes_pod_label_(.+)\n - source_labels: [__meta_kubernetes_pod_name]\n action: replace\n target_label: kubernetes_pod_name\n # Sourcegraph specific customization. We want a more convenient to type label.\n # target_label: kubernetes_namespace\n - source_labels: [__meta_kubernetes_namespace]\n action: replace\n target_label: ns\n # Sourcegraph specific customization. We want to add a label to every \n # metric that indicates the node it came from.\n - source_labels: [__meta_kubernetes_pod_node_name]\n action: replace\n target_label: nodename\n\n metric_relabel_configs:\n # cAdvisor-specific customization. Drop container metrics exported by cAdvisor\n # not in the same namespace as Sourcegraph.\n # Uncomment this if you have problems with certain dashboards or cAdvisor itself\n # picking up non-Sourcegraph services. Ensure all Sourcegraph services are running\n # within the Sourcegraph namespace you have defined.\n # The regex must keep matches on '^$' (empty string) to ensure other metrics do not\n # get dropped.\n # - source_labels: [container_label_io_kubernetes_pod_namespace]\n # regex: ^$|ns-sourcegraph # ensure this matches with namespace declarations\n # action: keep\n - source_labels: [container_label_io_kubernetes_pod_namespace]\n regex: kube-system\n action: drop\n # cAdvisor-specific customization. We want container metrics to be named after their container name label.\n # Note that 'io.kubernetes.container.name' and 'io.kubernetes.pod.name' must be provided in cAdvisor\n # '--whitelisted_container_labels' (see cadvisor.DaemonSet.yaml)\n - source_labels: [container_label_io_kubernetes_container_name, container_label_io_kubernetes_pod_name]\n regex: (.+)\n action: replace\n target_label: name\n separator: '-'\n # Sourcegraph specific customization. Drop metrics with empty nodename responses from the k8s API\n - source_labels: [nodename]\n regex: ^$\n action: drop\n\n# Scrape prometheus itself for metrics.\n- job_name: 'builtin-prometheus'\n static_configs:\n - targets: ['127.0.0.1:9092']\n labels:\n app: prometheus\n- job_name: 'builtin-alertmanager'\n metrics_path: /alertmanager/metrics\n static_configs:\n - targets: ['127.0.0.1:9093']\n labels:\n app: alertmanager\n" + extra_rules.yml: "" + prometheus_targets.yml: "" diff --git a/components/monitoring/rbacs/prometheus/prometheus.ServiceAccount.yaml b/base/monitoring/prometheus/rbac/prometheus.ServiceAccount.yaml similarity index 100% rename from components/monitoring/rbacs/prometheus/prometheus.ServiceAccount.yaml rename to base/monitoring/prometheus/rbac/prometheus.ServiceAccount.yaml diff --git a/base/sourcegraph/blobstore/blobstore.Deployment.yaml b/base/sourcegraph/blobstore/blobstore.Deployment.yaml index 619c843e..e9ee6f20 100644 --- a/base/sourcegraph/blobstore/blobstore.Deployment.yaml +++ b/base/sourcegraph/blobstore/blobstore.Deployment.yaml @@ -26,7 +26,7 @@ spec: spec: containers: - name: blobstore - image: index.docker.io/sourcegraph/blobstore:4.4.2@sha256:61aa6837e27a898953ea310276d0b2cde6dcd45392d90d7ca4a4395841d8a965 + image: index.docker.io/sourcegraph/blobstore:4.5.0@sha256:c698fc450e913c78f0dba798013efe02d2bb6abcb481b1679d9b0f1b68bdb120 livenessProbe: httpGet: path: / diff --git a/base/sourcegraph/blobstore/blobstore.PersistentVolumeClaim.yaml b/base/sourcegraph/blobstore/blobstore.PersistentVolumeClaim.yaml index 43bf9e93..d06e485b 100644 --- a/base/sourcegraph/blobstore/blobstore.PersistentVolumeClaim.yaml +++ b/base/sourcegraph/blobstore/blobstore.PersistentVolumeClaim.yaml @@ -11,4 +11,4 @@ spec: - ReadWriteOnce resources: requests: - storage: 20Gi + storage: 100Gi diff --git a/base/sourcegraph/codeinsights-db/codeinsights-db.PersistentVolumeClaim.yaml b/base/sourcegraph/codeinsights-db/codeinsights-db.PersistentVolumeClaim.yaml index 3dcf6ebb..97b4e651 100644 --- a/base/sourcegraph/codeinsights-db/codeinsights-db.PersistentVolumeClaim.yaml +++ b/base/sourcegraph/codeinsights-db/codeinsights-db.PersistentVolumeClaim.yaml @@ -11,4 +11,4 @@ spec: - ReadWriteOnce resources: requests: - storage: 50Gi + storage: 200Gi diff --git a/base/sourcegraph/codeinsights-db/codeinsights-db.StatefulSet.yaml b/base/sourcegraph/codeinsights-db/codeinsights-db.StatefulSet.yaml index 0bc6a5cd..74cc0e7a 100644 --- a/base/sourcegraph/codeinsights-db/codeinsights-db.StatefulSet.yaml +++ b/base/sourcegraph/codeinsights-db/codeinsights-db.StatefulSet.yaml @@ -26,7 +26,7 @@ spec: spec: initContainers: - name: correct-data-dir-permissions - image: index.docker.io/sourcegraph/alpine-3.14:4.4.2@sha256:f5b9588d8bc2107cf37ed135ae63ba1930df0828a425bd445a8d9eb3aad5f783 + image: index.docker.io/sourcegraph/alpine-3.14:4.5.0@sha256:8fe0f9e1fea1be080809380c707b512218ad7b665c2632c0253776f8efa9ee68 command: ["sh", "-c", "if [ -d /var/lib/postgresql/data/pgdata ]; then chmod 750 /var/lib/postgresql/data/pgdata; fi"] volumeMounts: - mountPath: /var/lib/postgresql/data/ @@ -45,7 +45,7 @@ spec: runAsUser: 70 containers: - name: codeinsights - image: index.docker.io/sourcegraph/codeinsights-db:4.4.2@sha256:2206b7554f4fde2fbe946163a514b3580e62096c0316f706121363a3c4e30baf + image: index.docker.io/sourcegraph/codeinsights-db:4.5.0@sha256:6c38760505cffe11b3490599078f586b58ca1922bee066e45f98cd7c458ae678 env: - name: POSTGRES_DB value: postgres @@ -82,7 +82,7 @@ spec: value: postgres://postgres:@localhost:5432/?sslmode=disable - name: PG_EXPORTER_EXTEND_QUERY_PATH value: /config/code_insights_queries.yaml - image: index.docker.io/sourcegraph/postgres_exporter:4.4.2@sha256:f928bb932a5f8202d283d78cff686bc0a090b8a407b43337c1aa62d6c65cfb34 + image: index.docker.io/sourcegraph/postgres_exporter:4.5.0@sha256:b6b6c42c8068b3ce3ae290e936c7031f9a9314e011bbdecfeb7b345356968567 terminationMessagePolicy: FallbackToLogsOnError name: pgsql-exporter ports: diff --git a/base/sourcegraph/codeintel-db/codeintel-db.PersistentVolumeClaim.yaml b/base/sourcegraph/codeintel-db/codeintel-db.PersistentVolumeClaim.yaml index 1c9177ff..92a070b0 100644 --- a/base/sourcegraph/codeintel-db/codeintel-db.PersistentVolumeClaim.yaml +++ b/base/sourcegraph/codeintel-db/codeintel-db.PersistentVolumeClaim.yaml @@ -11,4 +11,4 @@ spec: - ReadWriteOnce resources: requests: - storage: 50Gi + storage: 200Gi diff --git a/base/sourcegraph/codeintel-db/codeintel-db.StatefulSet.yaml b/base/sourcegraph/codeintel-db/codeintel-db.StatefulSet.yaml index 27b7bae6..b414f533 100644 --- a/base/sourcegraph/codeintel-db/codeintel-db.StatefulSet.yaml +++ b/base/sourcegraph/codeintel-db/codeintel-db.StatefulSet.yaml @@ -27,7 +27,7 @@ spec: spec: initContainers: - name: correct-data-dir-permissions - image: index.docker.io/sourcegraph/alpine-3.14:4.4.2@sha256:f5b9588d8bc2107cf37ed135ae63ba1930df0828a425bd445a8d9eb3aad5f783 + image: index.docker.io/sourcegraph/alpine-3.14:4.5.0@sha256:8fe0f9e1fea1be080809380c707b512218ad7b665c2632c0253776f8efa9ee68 command: ["sh", "-c", "if [ -d /data/pgdata-12 ]; then chmod 750 /data/pgdata-12; fi"] volumeMounts: - mountPath: /data @@ -45,7 +45,7 @@ spec: memory: "50Mi" containers: - name: pgsql - image: index.docker.io/sourcegraph/codeintel-db:4.4.2@sha256:87a375d13344ae5c3556f77b2aab553b3b799cab21476ff998f9b17bd287ea37 + image: index.docker.io/sourcegraph/codeintel-db:4.5.0@sha256:fc923d60a330b0b4b5dc086cf2a7a52dab7cff62592f1fc6dc466914df9d3f1b terminationMessagePolicy: FallbackToLogsOnError readinessProbe: exec: @@ -87,7 +87,7 @@ spec: value: postgres://sg:@localhost:5432/?sslmode=disable - name: PG_EXPORTER_EXTEND_QUERY_PATH value: /config/code_intel_queries.yaml - image: index.docker.io/sourcegraph/postgres_exporter:4.4.2@sha256:f928bb932a5f8202d283d78cff686bc0a090b8a407b43337c1aa62d6c65cfb34 + image: index.docker.io/sourcegraph/postgres_exporter:4.5.0@sha256:b6b6c42c8068b3ce3ae290e936c7031f9a9314e011bbdecfeb7b345356968567 terminationMessagePolicy: FallbackToLogsOnError name: pgsql-exporter ports: diff --git a/base/sourcegraph/frontend/rbac/kustomization.yaml b/base/sourcegraph/frontend/rbac/kustomization.yaml new file mode 100644 index 00000000..b299f63b --- /dev/null +++ b/base/sourcegraph/frontend/rbac/kustomization.yaml @@ -0,0 +1,6 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - sourcegraph-frontend.Role.yaml + - sourcegraph-frontend.RoleBinding.yaml + - sourcegraph-frontend.ServiceAccount.yaml diff --git a/components/enable/service-discovery/rbac/sourcegraph-frontend.Role.yaml b/base/sourcegraph/frontend/rbac/sourcegraph-frontend.Role.yaml similarity index 82% rename from components/enable/service-discovery/rbac/sourcegraph-frontend.Role.yaml rename to base/sourcegraph/frontend/rbac/sourcegraph-frontend.Role.yaml index 8b513c8f..fd928b04 100644 --- a/components/enable/service-discovery/rbac/sourcegraph-frontend.Role.yaml +++ b/base/sourcegraph/frontend/rbac/sourcegraph-frontend.Role.yaml @@ -19,13 +19,12 @@ rules: - get - list - watch - - apiGroups: - "apps" resources: - # necessary for resolving k8s+http://indexed-search?kind=sts URLs - - statefulsets + # necessary for resolving k8s+http://indexed-search?kind=sts URLs + - statefulsets verbs: - - get - - list - - watch + - get + - list + - watch diff --git a/components/enable/service-discovery/rbac/sourcegraph-frontend.RoleBinding.yaml b/base/sourcegraph/frontend/rbac/sourcegraph-frontend.RoleBinding.yaml similarity index 85% rename from components/enable/service-discovery/rbac/sourcegraph-frontend.RoleBinding.yaml rename to base/sourcegraph/frontend/rbac/sourcegraph-frontend.RoleBinding.yaml index 9440ef27..dcf010c8 100644 --- a/components/enable/service-discovery/rbac/sourcegraph-frontend.RoleBinding.yaml +++ b/base/sourcegraph/frontend/rbac/sourcegraph-frontend.RoleBinding.yaml @@ -12,5 +12,5 @@ roleRef: kind: Role name: sourcegraph-frontend subjects: -- kind: ServiceAccount - name: sourcegraph-frontend + - kind: ServiceAccount + name: sourcegraph-frontend diff --git a/components/enable/service-discovery/rbac/sourcegraph-frontend.ServiceAccount.yaml b/base/sourcegraph/frontend/rbac/sourcegraph-frontend.ServiceAccount.yaml similarity index 90% rename from components/enable/service-discovery/rbac/sourcegraph-frontend.ServiceAccount.yaml rename to base/sourcegraph/frontend/rbac/sourcegraph-frontend.ServiceAccount.yaml index 74e52ced..9d003d13 100644 --- a/components/enable/service-discovery/rbac/sourcegraph-frontend.ServiceAccount.yaml +++ b/base/sourcegraph/frontend/rbac/sourcegraph-frontend.ServiceAccount.yaml @@ -1,6 +1,4 @@ apiVersion: v1 -imagePullSecrets: -- name: docker-registry kind: ServiceAccount metadata: labels: @@ -9,3 +7,5 @@ metadata: sourcegraph-resource-requires: no-cluster-admin app.kubernetes.io/component: frontend name: sourcegraph-frontend +imagePullSecrets: + - name: docker-registry diff --git a/base/sourcegraph/frontend/sourcegraph-frontend.Deployment.yaml b/base/sourcegraph/frontend/sourcegraph-frontend.Deployment.yaml index 80591c16..2bb98759 100644 --- a/base/sourcegraph/frontend/sourcegraph-frontend.Deployment.yaml +++ b/base/sourcegraph/frontend/sourcegraph-frontend.Deployment.yaml @@ -29,7 +29,7 @@ spec: spec: initContainers: - name: migrator - image: index.docker.io/sourcegraph/migrator:4.4.2@sha256:603b17216b6390e486fed6ff3ce4d6bced1446f8ef820b5b4e1278e4d885123f + image: index.docker.io/sourcegraph/migrator:4.5.0@sha256:687bb1794f530d178d30da4c5d32d2168fc95438d3727b7beed053fe1bcc6d9b args: ["up"] resources: limits: @@ -48,7 +48,7 @@ spec: name: sourcegraph-frontend-env containers: - name: frontend - image: index.docker.io/sourcegraph/frontend:4.4.2@sha256:9f7b7d2feccc8e6b404bd4d82f2866b61880447e21a56015ec393547ca3981ce + image: index.docker.io/sourcegraph/frontend:4.5.0@sha256:3bf28af73687fa83af1f03ff21b1393f4b60949286a055d1ef4e529d2be840c5 args: - serve envFrom: diff --git a/base/sourcegraph/github-proxy/github-proxy.Deployment.yaml b/base/sourcegraph/github-proxy/github-proxy.Deployment.yaml index de5e30df..2d6a6d2b 100644 --- a/base/sourcegraph/github-proxy/github-proxy.Deployment.yaml +++ b/base/sourcegraph/github-proxy/github-proxy.Deployment.yaml @@ -29,7 +29,7 @@ spec: spec: containers: - name: github-proxy - image: index.docker.io/sourcegraph/github-proxy:4.4.2@sha256:f5b2b2e8251e6599a5757ad5cbab8fdfe11b3f71446af852b70cf2a58cc062e1 + image: index.docker.io/sourcegraph/github-proxy:4.5.0@sha256:9599bd71a35fcde829ea272ade23c3b2ce9b0d4a46011220e7be844c807307c9 env: # OTEL_AGENT_HOST must be defined before OTEL_EXPORTER_OTLP_ENDPOINT to substitute the node IP on which the DaemonSet pod instance runs in the latter variable - name: OTEL_AGENT_HOST diff --git a/base/sourcegraph/gitserver/gitserver.StatefulSet.yaml b/base/sourcegraph/gitserver/gitserver.StatefulSet.yaml index 4c1fab0f..b244a655 100644 --- a/base/sourcegraph/gitserver/gitserver.StatefulSet.yaml +++ b/base/sourcegraph/gitserver/gitserver.StatefulSet.yaml @@ -35,7 +35,7 @@ spec: fieldPath: status.hostIP - name: OTEL_EXPORTER_OTLP_ENDPOINT value: http://$(OTEL_AGENT_HOST):4317 - image: index.docker.io/sourcegraph/gitserver:4.4.2@sha256:198e9516a79a8aeac4d1d04c9b0bbe5c1bbb71f2395efe645570c93c09e184ab + image: index.docker.io/sourcegraph/gitserver:4.5.0@sha256:fd390905aca509bc37f6e2b912338de33eb689abf17caf4e58c16e4c3e94b0cf terminationMessagePolicy: FallbackToLogsOnError livenessProbe: initialDelaySeconds: 5 diff --git a/base/sourcegraph/indexed-search/indexed-search.StatefulSet.yaml b/base/sourcegraph/indexed-search/indexed-search.StatefulSet.yaml index 27eab5a1..2204793f 100644 --- a/base/sourcegraph/indexed-search/indexed-search.StatefulSet.yaml +++ b/base/sourcegraph/indexed-search/indexed-search.StatefulSet.yaml @@ -33,7 +33,7 @@ spec: value: http://$(OTEL_AGENT_HOST):4317 - name: OPENTELEMETRY_DISABLED value: "false" - image: index.docker.io/sourcegraph/indexed-searcher:4.4.2@sha256:013190418308b94521e072972ae2342c41f99144205f58d61f5dfeda29ac0f58 + image: index.docker.io/sourcegraph/indexed-searcher:4.5.0@sha256:e58d02918558b617fa7533526d51ec176c0277d0051b0cb5aa3d03c84f3963fe terminationMessagePolicy: FallbackToLogsOnError ports: - containerPort: 6070 @@ -72,7 +72,7 @@ spec: value: http://$(OTEL_AGENT_HOST):4317 - name: OPENTELEMETRY_DISABLED value: "false" - image: index.docker.io/sourcegraph/search-indexer:4.4.2@sha256:7716a32597300f7dfb7e974465a3bd3c62fae3aa485b48d9aa9f79ea3348f87f + image: index.docker.io/sourcegraph/search-indexer:4.5.0@sha256:2cab0ebb22aacec48e65762e819b2bb4a5969ff1feb7a8c7b645e54700fb14ad terminationMessagePolicy: FallbackToLogsOnError ports: - containerPort: 6072 diff --git a/base/sourcegraph/pgsql/pgsql.StatefulSet.yaml b/base/sourcegraph/pgsql/pgsql.StatefulSet.yaml index 24bf70d2..f0d22760 100644 --- a/base/sourcegraph/pgsql/pgsql.StatefulSet.yaml +++ b/base/sourcegraph/pgsql/pgsql.StatefulSet.yaml @@ -27,13 +27,8 @@ spec: spec: initContainers: - name: correct-data-dir-permissions - image: index.docker.io/sourcegraph/alpine-3.14:4.4.2@sha256:f5b9588d8bc2107cf37ed135ae63ba1930df0828a425bd445a8d9eb3aad5f783 - command: - [ - "sh", - "-c", - "if [ -d /data/pgdata-12 ]; then chmod 750 /data/pgdata-12; fi", - ] + image: index.docker.io/sourcegraph/alpine-3.14:4.5.0@sha256:8fe0f9e1fea1be080809380c707b512218ad7b665c2632c0253776f8efa9ee68 + command: ["sh", "-c", "if [ -d /data/pgdata-12 ]; then chmod 750 /data/pgdata-12; fi"] volumeMounts: - mountPath: /data name: disk @@ -51,7 +46,7 @@ spec: memory: "50Mi" containers: - name: pgsql - image: index.docker.io/sourcegraph/postgres-12-alpine:4.4.2@sha256:ed669f0b7a2062fa6c5e734ddbbba26e34b3dc9e7503f88b99324327e45352f1 + image: index.docker.io/sourcegraph/postgres-12-alpine:4.5.0@sha256:fc27849a8a70eb395afd22cea6d482f81c73bcf062eb7f78fa2f6e5a429b6a16 terminationMessagePolicy: FallbackToLogsOnError readinessProbe: exec: @@ -95,7 +90,7 @@ spec: value: postgres://sg:@localhost:5432/?sslmode=disable - name: PG_EXPORTER_EXTEND_QUERY_PATH value: /config/queries.yaml - image: index.docker.io/sourcegraph/postgres_exporter:4.4.2@sha256:f928bb932a5f8202d283d78cff686bc0a090b8a407b43337c1aa62d6c65cfb34 + image: index.docker.io/sourcegraph/postgres_exporter:4.5.0@sha256:b6b6c42c8068b3ce3ae290e936c7031f9a9314e011bbdecfeb7b345356968567 terminationMessagePolicy: FallbackToLogsOnError name: pgsql-exporter ports: diff --git a/base/sourcegraph/precise-code-intel/worker.Deployment.yaml b/base/sourcegraph/precise-code-intel/worker.Deployment.yaml index be3cddcf..477b2b78 100644 --- a/base/sourcegraph/precise-code-intel/worker.Deployment.yaml +++ b/base/sourcegraph/precise-code-intel/worker.Deployment.yaml @@ -46,7 +46,7 @@ spec: fieldPath: status.hostIP - name: OTEL_EXPORTER_OTLP_ENDPOINT value: http://$(OTEL_AGENT_HOST):4317 - image: index.docker.io/sourcegraph/precise-code-intel-worker:4.4.2@sha256:87f00201b234483e2b7cd98980621668e69cb11ab9a39e3304b3f2e681ae4d60 + image: index.docker.io/sourcegraph/precise-code-intel-worker:4.5.0@sha256:b8fbdec7c2abdbe7fabf50be3d25568739a42ef2ee951b712ed4bf42ff2a2c4b terminationMessagePolicy: FallbackToLogsOnError livenessProbe: httpGet: diff --git a/base/sourcegraph/redis/redis-cache.Deployment.yaml b/base/sourcegraph/redis/redis-cache.Deployment.yaml index cdd6c02e..0f70d2c8 100644 --- a/base/sourcegraph/redis/redis-cache.Deployment.yaml +++ b/base/sourcegraph/redis/redis-cache.Deployment.yaml @@ -26,7 +26,7 @@ spec: spec: containers: - name: redis-cache - image: index.docker.io/sourcegraph/redis-cache:4.4.2@sha256:133a5996f9f4e0e1c407c6c7c4060ccc0eef0eb3195ff05085fd8411d2e5a311 + image: index.docker.io/sourcegraph/redis-cache:4.5.0@sha256:acdb0b6436648f88bbdee692d4f9f0b2b83d9e16f3ba16c3faa439bef0408d13 terminationMessagePolicy: FallbackToLogsOnError livenessProbe: initialDelaySeconds: 30 @@ -54,7 +54,7 @@ spec: - mountPath: /redis-data name: redis-data - name: redis-exporter - image: index.docker.io/sourcegraph/redis_exporter:4.4.2@sha256:edb0c9b19cacd90acc78f13f0908a7e6efd1df704e401805c24bffd241285f70 + image: index.docker.io/sourcegraph/redis_exporter:4.5.0@sha256:edb0c9b19cacd90acc78f13f0908a7e6efd1df704e401805c24bffd241285f70 terminationMessagePolicy: FallbackToLogsOnError ports: - containerPort: 9121 diff --git a/base/sourcegraph/redis/redis-cache.PersistentVolumeClaim.yaml b/base/sourcegraph/redis/redis-cache.PersistentVolumeClaim.yaml index 79ce4ccc..78e6868d 100644 --- a/base/sourcegraph/redis/redis-cache.PersistentVolumeClaim.yaml +++ b/base/sourcegraph/redis/redis-cache.PersistentVolumeClaim.yaml @@ -11,4 +11,4 @@ spec: - ReadWriteOnce resources: requests: - storage: 50Gi + storage: 100Gi diff --git a/base/sourcegraph/redis/redis-store.Deployment.yaml b/base/sourcegraph/redis/redis-store.Deployment.yaml index 1d588c7b..8e971172 100644 --- a/base/sourcegraph/redis/redis-store.Deployment.yaml +++ b/base/sourcegraph/redis/redis-store.Deployment.yaml @@ -25,7 +25,7 @@ spec: spec: containers: - name: redis-store - image: index.docker.io/sourcegraph/redis-store:4.4.2@sha256:bc7f73b47ef52bc4b76020ecfeffed5b88e9207a5e79ecc6bb8dbcec61bd4225 + image: index.docker.io/sourcegraph/redis-store:4.5.0@sha256:1a134767207c443f883cc9b04ad8a29d1c56dd637138eb05fb276c47c1f1da5b terminationMessagePolicy: FallbackToLogsOnError livenessProbe: initialDelaySeconds: 30 @@ -53,7 +53,7 @@ spec: - mountPath: /redis-data name: redis-data - name: redis-exporter - image: index.docker.io/sourcegraph/redis_exporter:4.4.2@sha256:edb0c9b19cacd90acc78f13f0908a7e6efd1df704e401805c24bffd241285f70 + image: index.docker.io/sourcegraph/redis_exporter:4.5.0@sha256:edb0c9b19cacd90acc78f13f0908a7e6efd1df704e401805c24bffd241285f70 terminationMessagePolicy: FallbackToLogsOnError ports: - containerPort: 9121 diff --git a/base/sourcegraph/redis/redis-store.PersistentVolumeClaim.yaml b/base/sourcegraph/redis/redis-store.PersistentVolumeClaim.yaml index 8ddf1703..d16491a0 100644 --- a/base/sourcegraph/redis/redis-store.PersistentVolumeClaim.yaml +++ b/base/sourcegraph/redis/redis-store.PersistentVolumeClaim.yaml @@ -11,4 +11,4 @@ spec: - ReadWriteOnce resources: requests: - storage: 50Gi + storage: 100Gi diff --git a/base/sourcegraph/repo-updater/repo-updater.Deployment.yaml b/base/sourcegraph/repo-updater/repo-updater.Deployment.yaml index 8d82809a..a483299e 100644 --- a/base/sourcegraph/repo-updater/repo-updater.Deployment.yaml +++ b/base/sourcegraph/repo-updater/repo-updater.Deployment.yaml @@ -29,7 +29,7 @@ spec: spec: containers: - name: repo-updater - image: index.docker.io/sourcegraph/repo-updater:4.4.2@sha256:b2e5940eaac58788b0cc6cb2a4de4d53e15d28477fb7bd12ec31d416426cdbd0 + image: index.docker.io/sourcegraph/repo-updater:4.5.0@sha256:9d1672276d37dcd6b2144328293bc89399b7e1d58fbfaea956b2ecf890edfbd3 env: # Required when service discovery is disabled - name: GITHUB_BASE_URL diff --git a/base/sourcegraph/searcher/searcher.StatefulSet.yaml b/base/sourcegraph/searcher/searcher.StatefulSet.yaml index ae97b006..f2ef89bc 100644 --- a/base/sourcegraph/searcher/searcher.StatefulSet.yaml +++ b/base/sourcegraph/searcher/searcher.StatefulSet.yaml @@ -46,7 +46,7 @@ spec: fieldPath: status.hostIP - name: OTEL_EXPORTER_OTLP_ENDPOINT value: http://$(OTEL_AGENT_HOST):4317 - image: index.docker.io/sourcegraph/searcher:4.4.2@sha256:62554970dfe2a82c82fb82fa6b8fb77f0acef2ce0d9760c8745433f48d8113be + image: index.docker.io/sourcegraph/searcher:4.5.0@sha256:7fdab442b17dbba759c3af11665ad153e5139f3f8aeabc52a71b730be43cf2b1 terminationMessagePolicy: FallbackToLogsOnError ports: - containerPort: 3181 diff --git a/base/sourcegraph/symbols/symbols.StatefulSet.yaml b/base/sourcegraph/symbols/symbols.StatefulSet.yaml index c1639c7e..339cd945 100644 --- a/base/sourcegraph/symbols/symbols.StatefulSet.yaml +++ b/base/sourcegraph/symbols/symbols.StatefulSet.yaml @@ -43,7 +43,7 @@ spec: fieldPath: status.hostIP - name: OTEL_EXPORTER_OTLP_ENDPOINT value: http://$(OTEL_AGENT_HOST):4317 - image: index.docker.io/sourcegraph/symbols:4.4.2@sha256:8c00918153e3e4e1155c19ba59f93cc889ffaaac6f8f7dc91ff2e5d610e1b740 + image: index.docker.io/sourcegraph/symbols:4.5.0@sha256:faa08c08907146181d7fbdcb4e971f1180aaba6eef5137e1bc4d270726258ec5 livenessProbe: httpGet: path: /healthz diff --git a/base/sourcegraph/syntect-server/syntect-server.Deployment.yaml b/base/sourcegraph/syntect-server/syntect-server.Deployment.yaml index 483acf9e..237b948b 100644 --- a/base/sourcegraph/syntect-server/syntect-server.Deployment.yaml +++ b/base/sourcegraph/syntect-server/syntect-server.Deployment.yaml @@ -32,7 +32,7 @@ spec: allowPrivilegeEscalation: false runAsGroup: 101 runAsUser: 100 - image: index.docker.io/sourcegraph/syntax-highlighter:4.4.2@sha256:e02c9d64e431815bf51b05036463d60a2472f4a6ba8c3c475083c3b116ed0fe6 + image: index.docker.io/sourcegraph/syntax-highlighter:4.5.0@sha256:2f9eab98c5913cc813e79489a11247718fb17ba9a06fd6283e802fade2fb60fa terminationMessagePolicy: FallbackToLogsOnError livenessProbe: httpGet: diff --git a/base/sourcegraph/worker/worker.Deployment.yaml b/base/sourcegraph/worker/worker.Deployment.yaml index fad087df..5396b31f 100644 --- a/base/sourcegraph/worker/worker.Deployment.yaml +++ b/base/sourcegraph/worker/worker.Deployment.yaml @@ -48,7 +48,7 @@ spec: fieldPath: status.hostIP - name: OTEL_EXPORTER_OTLP_ENDPOINT value: http://$(OTEL_AGENT_HOST):4317 - image: index.docker.io/sourcegraph/worker:4.4.2@sha256:88403801cc0809ed7227b9bed7be4a15c9fb382b7ce639d39adac0648d6acfc7 + image: index.docker.io/sourcegraph/worker:4.5.0@sha256:249ebd13177f6f61d59e5cb24fa40373a9ad65d2ebd622de3ba33b9221a9b8b2 terminationMessagePolicy: FallbackToLogsOnError livenessProbe: httpGet: diff --git a/components/clusters/old-base/kustomization.yaml b/components/clusters/old-base/kustomization.yaml index 213d0e8a..16382d7d 100644 --- a/components/clusters/old-base/kustomization.yaml +++ b/components/clusters/old-base/kustomization.yaml @@ -1,11 +1,9 @@ apiVersion: kustomize.config.k8s.io/v1alpha1 kind: Component components: - - ../../monitoring - ../../monitoring/otel - ../../monitoring/cadvisor - ../../monitoring/rbacs - - ../../enable/service-discovery - ../../services/searcher/deployment - ../../services/symbols/deployment - ../../services/pgsql @@ -13,8 +11,9 @@ components: - ../../services/codeintel-db # Add sourcegraph as default storage class name - ../../storage-class/sourcegraph - # To support searcher and symbols as both statefulset and deployment + - ../../enable/service-discovery patches: + # To support searcher and symbols as both statefulset and deployment - path: patches/searcher/searcher.patchesJson6902.yaml target: group: apps diff --git a/components/custom/replica/kustomization.yaml b/components/custom/replica/kustomization.yaml index f0d6580f..269147c6 100644 --- a/components/custom/replica/kustomization.yaml +++ b/components/custom/replica/kustomization.yaml @@ -1,8 +1,8 @@ apiVersion: kustomize.config.k8s.io/v1alpha1 kind: Component # DO NOT REMOVE: Handle updating endpoints configs for frontend -replacements: - - path: patches/endpoints-update.yaml +components: + - ../../utils/endpoints ########################## HOW TO USE ######################################## # IMPORTANT: No changes should be made above this line # Step 1 Uncomment the "name" and "count" for service you'd like to scale diff --git a/components/custom/replica/patches/endpoints-update.yaml b/components/custom/replica/patches/endpoints-update.yaml deleted file mode 100644 index f131bd1b..00000000 --- a/components/custom/replica/patches/endpoints-update.yaml +++ /dev/null @@ -1,46 +0,0 @@ -- source: - kind: StatefulSet - name: gitserver - fieldPath: spec.replicas - targets: - - select: - kind: ConfigMap - name: sourcegraph-frontend-env - fieldPaths: - - data.SRC_GIT_SERVERS -- source: - group: apps - name: searcher - fieldPath: spec.replicas - reject: - - kind: Service - - kind: Deployment - targets: - - select: - kind: ConfigMap - name: sourcegraph-frontend-env - fieldPaths: - - data.SEARCHER_URL -- source: - group: apps - name: symbols - fieldPath: spec.replicas - reject: - - kind: Service - - kind: Deployment - targets: - - select: - kind: ConfigMap - name: sourcegraph-frontend-env - fieldPaths: - - data.SYMBOLS_URL -- source: - kind: StatefulSet - name: indexed-search - fieldPath: spec.replicas - targets: - - select: - kind: ConfigMap - name: sourcegraph-frontend-env - fieldPaths: - - data.INDEXED_SEARCH_SERVERS diff --git a/components/custom/resources/kustomization.yaml b/components/custom/resources/kustomization.yaml index 26f3955b..ef07e2be 100644 --- a/components/custom/resources/kustomization.yaml +++ b/components/custom/resources/kustomization.yaml @@ -3,518 +3,558 @@ kind: Component # DO NOT REMOVE: Handle updating endpoints configs for frontend replacements: - path: patches/update-endpoints.yaml - +patches: ########################## HOW TO USE ######################################## -# Uncomment the services and update the values under resources +# 1. Uncomment the patches for services you'd like to adjust resources for +# 2. update the values under resources +# NOTE: Scroll to the bottom to update storage sizes for PVCs ################################################################################ - -patches: - - patch: |- - apiVersion: apps/v1 - kind: StatefulSet - metadata: - name: gitserver - spec: - replicas: 1 - template: - spec: - containers: - - name: gitserver - resources: - limits: - cpu: "4" - memory: 8G - requests: - cpu: "4" - memory: 8G - volumeClaimTemplates: - - spec: - resources: - requests: - storage: 200Gi # If you change this, also change indexed-search's disk size. - - patch: |- - apiVersion: apps/v1 - kind: DaemonSet - metadata: - name: cadvisor - spec: - template: - spec: - containers: - - name: cadvisor - resources: - limits: - cpu: 300m - memory: 200Mi - requests: - cpu: 100m - memory: 200Mi - - patch: |- - apiVersion: apps/v1 - kind: Deployment - metadata: - name: codeinsights-db - spec: - template: - spec: - containers: - - name: codeinsights - resources: - limits: - cpu: "4" - memory: "2Gi" - requests: - cpu: "4" - memory: "2Gi" - - patch: |- - apiVersion: apps/v1 - kind: StatefulSet - metadata: - name: codeinsights-db - spec: - template: - spec: - containers: - - name: codeinsights - resources: - limits: - cpu: "4" - memory: "2Gi" - requests: - cpu: "4" - memory: "2Gi" - - patch: |- - apiVersion: apps/v1 - kind: Deployment - metadata: - name: codeintel-db - spec: - template: - spec: - containers: - - name: pgsql - resources: - limits: - cpu: "16" - memory: 16G - requests: - cpu: "8" - memory: 8G - - patch: |- - apiVersion: apps/v1 - kind: StatefulSet - metadata: - name: codeintel-db - spec: - template: - spec: - containers: - - name: pgsql - resources: - limits: - cpu: "16" - memory: 16G - requests: - cpu: "8" - memory: 8G - - patch: |- - apiVersion: apps/v1 - kind: Deployment - metadata: - name: sourcegraph-frontend - spec: - replicas: 2 - template: - spec: - containers: - - name: frontend - resources: - limits: - cpu: "2" - ephemeral-storage: "8Gi" - memory: 4G - requests: - cpu: "2" - ephemeral-storage: "4Gi" - memory: 2G - - patch: |- - apiVersion: apps/v1 - kind: StatefulSet - metadata: - name: grafana - spec: - template: - spec: - containers: - - name: grafana - resources: - limits: - cpu: "1" - memory: 512Mi - requests: - cpu: 100m - memory: 512Mi - volumeClaimTemplates: - - spec: - resources: - requests: - storage: 2Gi - - patch: |- - apiVersion: apps/v1 - kind: StatefulSet - metadata: - name: indexed-search - spec: - replicas: 1 - template: - spec: - containers: - - name: zoekt-webserver - resources: - limits: - cpu: "16" - memory: 16G - requests: - cpu: "8" - memory: 8G - - name: zoekt-indexserver - resources: - limits: - cpu: "16" - memory: 16G - requests: - cpu: "8" - memory: 8G - volumeClaimTemplates: - - spec: - resources: - requests: - storage: 200Gi - - patch: |- - apiVersion: apps/v1 - kind: Deployment - metadata: - name: blobstore - spec: - template: - spec: - containers: - - name: blobstore - resources: - limits: - cpu: "1" - memory: 500M - requests: - cpu: "1" - memory: 500M - - patch: |- - apiVersion: apps/v1 - kind: Deployment - metadata: - name: pgsql - spec: - template: - spec: - containers: - - name: pgsql - resources: - limits: - cpu: "4" - memory: 4Gi - requests: - cpu: "4" - memory: 4Gi - - patch: |- - apiVersion: apps/v1 - kind: StatefulSet - metadata: - name: pgsql - spec: - template: - spec: - containers: - - name: pgsql - resources: - limits: - cpu: "4" - memory: 4Gi - requests: - cpu: "4" - memory: 4Gi - - patch: |- - apiVersion: apps/v1 - kind: Deployment - metadata: - name: precise-code-intel-worker - spec: - replicas: 2 - template: - spec: - containers: - - name: precise-code-intel-worker - resources: - limits: - cpu: "2" - memory: 4G - requests: - cpu: 500m - memory: 2G - - patch: |- - apiVersion: apps/v1 - kind: Deployment - metadata: - name: prometheus - spec: - template: - spec: - containers: - - name: prometheus - resources: - limits: - cpu: "2" - memory: 6G - requests: - cpu: 500m - memory: 6G - - patch: |- - apiVersion: apps/v1 - kind: Deployment - metadata: - name: redis-cache - spec: - template: - spec: - containers: - - name: redis-cache - resources: - limits: - cpu: "1" - memory: 7Gi - requests: - cpu: "1" - memory: 7Gi - - name: redis-exporter - resources: - limits: - cpu: 10m - memory: 100Mi - requests: - cpu: 10m - memory: 100Mi - - patch: |- - apiVersion: apps/v1 - kind: Deployment - metadata: - name: redis-store - spec: - template: - spec: - containers: - - name: redis-store - resources: - limits: - cpu: "1" - memory: 7Gi - requests: - cpu: "1" - memory: 7Gi - - name: redis-exporter - resources: - limits: - cpu: 10m - memory: 100Mi - requests: - cpu: 10m - memory: 100Mi - - patch: |- - apiVersion: apps/v1 - kind: Deployment - metadata: - name: repo-updater - spec: - replicas: 1 # IMPORTANT: Singleton service. Do NOT add more replica. - template: - spec: - containers: - - name: repo-updater - resources: - limits: - cpu: "1" - memory: 2Gi - requests: - cpu: "1" - memory: 500Mi - - patch: |- - apiVersion: apps/v1 - kind: Deployment - metadata: - name: searcher - spec: - replicas: 2 - template: - spec: - containers: - - name: searcher - resources: - limits: - cpu: "2" - ephemeral-storage: "26G" - memory: 2G - requests: - cpu: 500m - ephemeral-storage: "25G" - memory: 500M - - patch: |- - apiVersion: apps/v1 - kind: Deployment - metadata: - name: symbols - spec: - replicas: 1 - template: - spec: - containers: - - name: symbols - resources: - limits: - cpu: "2" - ephemeral-storage: "12G" - memory: 2G - requests: - cpu: 500m - ephemeral-storage: "10G" - memory: 500M - - patch: |- - apiVersion: apps/v1 - kind: Deployment - metadata: - name: syntect-server - spec: - replicas: 1 - template: - spec: - containers: - - name: syntect-server - resources: - limits: - cpu: "4" - memory: 6G - requests: - cpu: 250m - memory: 2G - - patch: |- - apiVersion: apps/v1 - kind: Deployment - metadata: - name: worker - spec: - replicas: 1 - template: - spec: - containers: - - name: worker - resources: - limits: - cpu: "2" - memory: 4G - requests: - cpu: 500m - memory: 2G - - patch: |- - apiVersion: apps/v1 - kind: DaemonSet - metadata: - name: otel-agent - spec: - template: - spec: - containers: - - name: otel-agent - resources: - limits: - cpu: "500m" - memory: 500Mi - requests: - cpu: "100m" - memory: 100Mi - - patch: |- - apiVersion: apps/v1 - kind: Deployment - metadata: - name: otel-collector - spec: - replicas: 1 - template: - spec: - containers: - - name: otel-collector - resources: - limits: - cpu: "1" - memory: 2Gi - requests: - cpu: "0.5" - memory: 512Mi - - patch: |- - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - name: blobstore - spec: - resources: - requests: - storage: 100Gi - - patch: |- - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - name: codeinsights-db - spec: - resources: - requests: - storage: 200Gi - - patch: |- - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - name: codeintel-db - spec: - resources: - requests: - storage: 200Gi - - patch: |- - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - name: pgsql - spec: - resources: - requests: - storage: 200Gi - - patch: |- - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - name: prometheus - spec: - resources: - requests: - storage: 200Gi - - patch: |- - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - name: redis-cache - spec: - resources: - requests: - storage: 100Gi - - patch: |- - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - name: redis-store - spec: - resources: - requests: - storage: 100Gi +# - patch: |- +# apiVersion: apps/v1 +# kind: StatefulSet +# metadata: +# name: gitserver +# spec: +# replicas: 1 +# template: +# spec: +# containers: +# - name: gitserver +# resources: +# limits: +# cpu: "4" +# memory: 8G +# requests: +# cpu: "4" +# memory: 8G +# volumeClaimTemplates: +# - spec: +# resources: +# requests: +# storage: 200Gi # Must be the same value as the indexed-search's disk size. +# - patch: |- +# apiVersion: apps/v1 +# kind: DaemonSet +# metadata: +# name: cadvisor +# spec: +# template: +# spec: +# containers: +# - name: cadvisor +# resources: +# limits: +# cpu: 300m +# memory: 200Mi +# requests: +# cpu: 100m +# memory: 200Mi +# - patch: |- +# apiVersion: apps/v1 +# kind: Deployment +# metadata: +# name: codeinsights-db +# spec: +# template: +# spec: +# containers: +# - name: codeinsights +# resources: +# limits: +# cpu: "4" +# memory: "2Gi" +# requests: +# cpu: "4" +# memory: "2Gi" +# - patch: |- +# apiVersion: apps/v1 +# kind: StatefulSet +# metadata: +# name: codeinsights-db +# spec: +# template: +# spec: +# containers: +# - name: codeinsights +# resources: +# limits: +# cpu: "4" +# memory: "2Gi" +# requests: +# cpu: "4" +# memory: "2Gi" +# - patch: |- +# apiVersion: apps/v1 +# kind: Deployment +# metadata: +# name: codeintel-db +# spec: +# template: +# spec: +# containers: +# - name: pgsql +# resources: +# limits: +# cpu: "16" +# memory: 16G +# requests: +# cpu: "8" +# memory: 8G +# - patch: |- +# apiVersion: apps/v1 +# kind: StatefulSet +# metadata: +# name: codeintel-db +# spec: +# template: +# spec: +# containers: +# - name: pgsql +# resources: +# limits: +# cpu: "16" +# memory: 16G +# requests: +# cpu: "8" +# memory: 8G +# - patch: |- +# apiVersion: apps/v1 +# kind: Deployment +# metadata: +# name: sourcegraph-frontend +# spec: +# replicas: 2 +# template: +# spec: +# containers: +# - name: frontend +# resources: +# limits: +# cpu: "2" +# ephemeral-storage: "8Gi" +# memory: 4G +# requests: +# cpu: "2" +# ephemeral-storage: "4Gi" +# memory: 2G +# - patch: |- +# apiVersion: apps/v1 +# kind: StatefulSet +# metadata: +# name: grafana +# spec: +# template: +# spec: +# containers: +# - name: grafana +# resources: +# limits: +# cpu: "1" +# memory: 512Mi +# requests: +# cpu: 100m +# memory: 512Mi +# volumeClaimTemplates: +# - spec: +# resources: +# requests: +# storage: 2Gi +# - patch: |- +# apiVersion: apps/v1 +# kind: StatefulSet +# metadata: +# name: indexed-search +# spec: +# replicas: 1 +# template: +# spec: +# containers: +# - name: zoekt-webserver +# resources: +# limits: +# cpu: "16" +# memory: 16G +# requests: +# cpu: "8" +# memory: 8G +# - name: zoekt-indexserver +# resources: +# limits: +# cpu: "16" +# memory: 16G +# requests: +# cpu: "8" +# memory: 8G +# volumeClaimTemplates: +# - spec: +# resources: +# requests: +# storage: 200Gi # Must be the same value as the gitserver's disk size. +# - patch: |- +# apiVersion: apps/v1 +# kind: Deployment +# metadata: +# name: blobstore +# spec: +# template: +# spec: +# containers: +# - name: blobstore +# resources: +# limits: +# cpu: "1" +# memory: 500M +# requests: +# cpu: "1" +# memory: 500M +# - patch: |- +# apiVersion: apps/v1 +# kind: Deployment +# metadata: +# name: pgsql +# spec: +# template: +# spec: +# containers: +# - name: pgsql +# resources: +# limits: +# cpu: "4" +# memory: 4Gi +# requests: +# cpu: "4" +# memory: 4Gi +# - patch: |- +# apiVersion: apps/v1 +# kind: StatefulSet +# metadata: +# name: pgsql +# spec: +# template: +# spec: +# containers: +# - name: pgsql +# resources: +# limits: +# cpu: "4" +# memory: 4Gi +# requests: +# cpu: "4" +# memory: 4Gi +# - patch: |- +# apiVersion: apps/v1 +# kind: Deployment +# metadata: +# name: precise-code-intel-worker +# spec: +# replicas: 2 +# template: +# spec: +# containers: +# - name: precise-code-intel-worker +# resources: +# limits: +# cpu: "2" +# memory: 4G +# requests: +# cpu: 500m +# memory: 2G +# - patch: |- +# apiVersion: apps/v1 +# kind: Deployment +# metadata: +# name: prometheus +# spec: +# template: +# spec: +# containers: +# - name: prometheus +# resources: +# limits: +# cpu: "2" +# memory: 6G +# requests: +# cpu: 500m +# memory: 6G +# - patch: |- +# apiVersion: apps/v1 +# kind: Deployment +# metadata: +# name: redis-cache +# spec: +# template: +# spec: +# containers: +# - name: redis-cache +# resources: +# limits: +# cpu: "1" +# memory: 7Gi +# requests: +# cpu: "1" +# memory: 7Gi +# - name: redis-exporter +# resources: +# limits: +# cpu: 10m +# memory: 100Mi +# requests: +# cpu: 10m +# memory: 100Mi +# - patch: |- +# apiVersion: apps/v1 +# kind: Deployment +# metadata: +# name: redis-store +# spec: +# template: +# spec: +# containers: +# - name: redis-store +# resources: +# limits: +# cpu: "1" +# memory: 7Gi +# requests: +# cpu: "1" +# memory: 7Gi +# - name: redis-exporter +# resources: +# limits: +# cpu: 10m +# memory: 100Mi +# requests: +# cpu: 10m +# memory: 100Mi +# - patch: |- +# apiVersion: apps/v1 +# kind: Deployment +# metadata: +# name: repo-updater +# spec: +# replicas: 1 # IMPORTANT: Singleton service. Do NOT add more replica. +# template: +# spec: +# containers: +# - name: repo-updater +# resources: +# limits: +# cpu: "1" +# memory: 2Gi +# requests: +# cpu: "1" +# memory: 500Mi +# - patch: |- +# apiVersion: apps/v1 +# kind: StatefulSet +# metadata: +# name: searcher +# spec: +# replicas: 1 +# template: +# spec: +# containers: +# - name: searcher +# resources: +# limits: +# cpu: "2" +# ephemeral-storage: "26G" +# memory: 2G +# requests: +# cpu: 500m +# ephemeral-storage: "25G" +# memory: 500M +# - patch: |- +# apiVersion: apps/v1 +# kind: StatefulSet +# metadata: +# name: symbols +# spec: +# replicas: 1 +# template: +# spec: +# containers: +# - name: symbols +# resources: +# limits: +# cpu: "2" +# ephemeral-storage: "12G" +# memory: 2G +# requests: +# cpu: 500m +# ephemeral-storage: "10G" +# memory: 500M +# - patch: |- +# apiVersion: apps/v1 +# kind: Deployment +# metadata: +# name: searcher +# spec: +# replicas: 2 +# template: +# spec: +# containers: +# - name: searcher +# resources: +# limits: +# cpu: "2" +# ephemeral-storage: "26G" +# memory: 2G +# requests: +# cpu: 500m +# ephemeral-storage: "25G" +# memory: 500M +# - patch: |- +# apiVersion: apps/v1 +# kind: Deployment +# metadata: +# name: symbols +# spec: +# replicas: 1 +# template: +# spec: +# containers: +# - name: symbols +# resources: +# limits: +# cpu: "2" +# ephemeral-storage: "12G" +# memory: 2G +# requests: +# cpu: 500m +# ephemeral-storage: "10G" +# memory: 500M +# - patch: |- +# apiVersion: apps/v1 +# kind: Deployment +# metadata: +# name: syntect-server +# spec: +# replicas: 1 +# template: +# spec: +# containers: +# - name: syntect-server +# resources: +# limits: +# cpu: "4" +# memory: 6G +# requests: +# cpu: 250m +# memory: 2G +# - patch: |- +# apiVersion: apps/v1 +# kind: Deployment +# metadata: +# name: worker +# spec: +# replicas: 1 +# template: +# spec: +# containers: +# - name: worker +# resources: +# limits: +# cpu: "2" +# memory: 4G +# requests: +# cpu: 500m +# memory: 2G +# - patch: |- +# apiVersion: apps/v1 +# kind: DaemonSet +# metadata: +# name: otel-agent +# spec: +# template: +# spec: +# containers: +# - name: otel-agent +# resources: +# limits: +# cpu: "500m" +# memory: 500Mi +# requests: +# cpu: "100m" +# memory: 100Mi +# - patch: |- +# apiVersion: apps/v1 +# kind: Deployment +# metadata: +# name: otel-collector +# spec: +# replicas: 1 +# template: +# spec: +# containers: +# - name: otel-collector +# resources: +# limits: +# cpu: "1" +# memory: 2Gi +# requests: +# cpu: "0.5" +# memory: 512Mi +# - patch: |- +# apiVersion: v1 +# kind: PersistentVolumeClaim +# metadata: +# name: blobstore +# spec: +# resources: +# requests: +# storage: 100Gi +# - patch: |- +# apiVersion: v1 +# kind: PersistentVolumeClaim +# metadata: +# name: codeinsights-db +# spec: +# resources: +# requests: +# storage: 200Gi +# - patch: |- +# apiVersion: v1 +# kind: PersistentVolumeClaim +# metadata: +# name: codeintel-db +# spec: +# resources: +# requests: +# storage: 200Gi +# - patch: |- +# apiVersion: v1 +# kind: PersistentVolumeClaim +# metadata: +# name: pgsql +# spec: +# resources: +# requests: +# storage: 200Gi +# - patch: |- +# apiVersion: v1 +# kind: PersistentVolumeClaim +# metadata: +# name: prometheus +# spec: +# resources: +# requests: +# storage: 200Gi +# - patch: |- +# apiVersion: v1 +# kind: PersistentVolumeClaim +# metadata: +# name: redis-cache +# spec: +# resources: +# requests: +# storage: 100Gi +# - patch: |- +# apiVersion: v1 +# kind: PersistentVolumeClaim +# metadata: +# name: redis-store +# spec: +# resources: +# requests: +# storage: 100Gi diff --git a/components/enable/service-discovery/kustomization.yaml b/components/enable/service-discovery/kustomization.yaml index 0b2df4d0..85f1ac87 100644 --- a/components/enable/service-discovery/kustomization.yaml +++ b/components/enable/service-discovery/kustomization.yaml @@ -1,9 +1,7 @@ apiVersion: kustomize.config.k8s.io/v1alpha1 kind: Component resources: - - rbac/sourcegraph-frontend.Role.yaml - - rbac/sourcegraph-frontend.RoleBinding.yaml - - rbac/sourcegraph-frontend.ServiceAccount.yaml + - ../../../base/sourcegraph/frontend/rbac patches: - path: patches/sourcegraph-frontend.Deployment.yaml - path: patches/sourcegraph-frontend.ConfigMap.yaml diff --git a/components/monitoring/rbacs/kustomization.yaml b/components/monitoring/rbacs/kustomization.yaml index 7b55c07d..e2ab8174 100644 --- a/components/monitoring/rbacs/kustomization.yaml +++ b/components/monitoring/rbacs/kustomization.yaml @@ -1,12 +1,18 @@ apiVersion: kustomize.config.k8s.io/v1alpha1 kind: Component resources: - - grafana/grafana.ServiceAccount.yaml - - prometheus/prometheus.ClusterRole.yaml - - prometheus/prometheus.ClusterRoleBinding.yaml - - prometheus/prometheus.ServiceAccount.yaml + - ../../../base/monitoring/grafana/rbac + - ../../../base/monitoring/prometheus/rbac patches: - - path: prometheus/prometheus.ConfigMap.yaml - - path: grafana/grafana.StatefulSet.yaml - path: prometheus/prometheus.Deployment.yaml + - path: grafana/grafana.StatefulSet.yaml - path: grafana/grafana.Dashboards.ConfigMap.yaml + - patch: |- + - op: remove + path: /data/prometheus.yml + - op: remove + path: /data/extra_rules.yml + target: + name: prometheus + version: v1 + kind: ConfigMap diff --git a/components/monitoring/rbacs/prometheus/prometheus.ConfigMap.yaml b/components/monitoring/rbacs/prometheus/prometheus.ConfigMap.yaml deleted file mode 100644 index e3f69c40..00000000 --- a/components/monitoring/rbacs/prometheus/prometheus.ConfigMap.yaml +++ /dev/null @@ -1,305 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - labels: - deploy: sourcegraph - sourcegraph-resource-requires: no-cluster-admin - app.kubernetes.io/component: prometheus - name: prometheus -data: - prometheus.yml: | - global: - scrape_interval: 30s - evaluation_interval: 30s - - alerting: - alertmanagers: - # Bundled Alertmanager, started by prom-wrapper - - static_configs: - - targets: ['127.0.0.1:9093'] - path_prefix: /alertmanager - # Uncomment the following to have alerts delivered to additional Alertmanagers discovered - # in the cluster. This configuration is not required if you use Sourcegraph's built-in alerting: - # https://docs.sourcegraph.com/admin/observability/alerting - # - kubernetes_sd_configs: - # - role: endpoints - # relabel_configs: - # - source_labels: [__meta_kubernetes_service_name] - # regex: alertmanager - # action: keep - - rule_files: - - '*_rules.yml' - - "/sg_config_prometheus/*_rules.yml" - - "/sg_prometheus_add_ons/*_rules.yml" - - # A scrape configuration for running Prometheus on a Kubernetes cluster. - # This uses separate scrape configs for cluster components (i.e. API server, node) - # and services to allow each to use different authentication configs. - # - # Kubernetes labels will be added as Prometheus labels on metrics via the - # `labelmap` relabeling action. - - # Scrape config for API servers. - # - # Kubernetes exposes API servers as endpoints to the default/kubernetes - # service so this uses `endpoints` role and uses relabelling to only keep - # the endpoints associated with the default/kubernetes service using the - # default named port `https`. This works for single API server deployments as - # well as HA API server deployments. - scrape_configs: - - job_name: 'kubernetes-apiservers' - - kubernetes_sd_configs: - - role: endpoints - - # Default to scraping over https. If required, just disable this or change to - # `http`. - scheme: https - - # This TLS & bearer token file config is used to connect to the actual scrape - # endpoints for cluster components. This is separate to discovery auth - # configuration because discovery & scraping are two separate concerns in - # Prometheus. The discovery auth config is automatic if Prometheus runs inside - # the cluster. Otherwise, more config options have to be provided within the - # . - tls_config: - ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - # If your node certificates are self-signed or use a different CA to the - # master CA, then disable certificate verification below. Note that - # certificate verification is an integral part of a secure infrastructure - # so this should only be disabled in a controlled environment. You can - # disable certificate verification by uncommenting the line below. - # - # insecure_skip_verify: true - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token - - # Keep only the default/kubernetes service endpoints for the https port. This - # will add targets for each API server which Kubernetes adds an endpoint to - # the default/kubernetes service. - relabel_configs: - - source_labels: [__meta_kubernetes_namespace, __meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name] - action: keep - regex: default;kubernetes;https - - - job_name: 'kubernetes-nodes' - - # Default to scraping over https. If required, just disable this or change to - # `http`. - scheme: https - - # This TLS & bearer token file config is used to connect to the actual scrape - # endpoints for cluster components. This is separate to discovery auth - # configuration because discovery & scraping are two separate concerns in - # Prometheus. The discovery auth config is automatic if Prometheus runs inside - # the cluster. Otherwise, more config options have to be provided within the - # . - tls_config: - ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - # If your node certificates are self-signed or use a different CA to the - # master CA, then disable certificate verification below. Note that - # certificate verification is an integral part of a secure infrastructure - # so this should only be disabled in a controlled environment. You can - # disable certificate verification by uncommenting the line below. - # - insecure_skip_verify: true - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token - - kubernetes_sd_configs: - - role: node - - relabel_configs: - - action: labelmap - regex: __meta_kubernetes_node_label_(.+) - - target_label: __address__ - replacement: kubernetes.default.svc:443 - - source_labels: [__meta_kubernetes_node_name] - regex: (.+) - target_label: __metrics_path__ - replacement: /api/v1/nodes/${1}/proxy/metrics - - # Scrape config for service endpoints. - # - # The relabeling allows the actual service scrape endpoint to be configured - # via the following annotations: - # - # * `sourcegraph.prometheus/scrape`: Only scrape services that have a value of `true` - # * `prometheus.io/scheme`: If the metrics endpoint is secured then you will need - # to set this to `https` & most likely set the `tls_config` of the scrape config. - # * `prometheus.io/path`: If the metrics path is not `/metrics` override this. - # * `prometheus.io/port`: If the metrics are exposed on a different port to the - # service then set this appropriately. - - job_name: 'kubernetes-service-endpoints' - - kubernetes_sd_configs: - - role: endpoints - - relabel_configs: - # Sourcegraph specific customization, only scrape pods with our annotation - - source_labels: [__meta_kubernetes_service_annotation_sourcegraph_prometheus_scrape] - action: keep - regex: true - - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scheme] - action: replace - target_label: __scheme__ - regex: (https?) - - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_path] - action: replace - target_label: __metrics_path__ - regex: (.+) - - source_labels: [__address__, __meta_kubernetes_service_annotation_prometheus_io_port] - action: replace - target_label: __address__ - regex: (.+)(?::\d+);(\d+) - replacement: $1:$2 - - action: labelmap - regex: __meta_kubernetes_service_label_(.+) - - source_labels: [__meta_kubernetes_namespace] - action: replace - # Sourcegraph specific customization. We want a more convenient to type label. - # target_label: kubernetes_namespace - target_label: ns - - source_labels: [__meta_kubernetes_service_name] - action: replace - target_label: kubernetes_name - # Sourcegraph specific customization. We want a nicer name for job - - source_labels: [app] - action: replace - target_label: job - # Sourcegraph specific customization. We want a nicer name for instance - - source_labels: [__meta_kubernetes_pod_name] - action: replace - target_label: instance - # Sourcegraph specific customization. We want to add a label to every - # metric that indicates the node it came from. - - source_labels: [__meta_kubernetes_endpoint_node_name] - action: replace - target_label: nodename - metric_relabel_configs: - # Sourcegraph specific customization. Drop metrics with empty nodename responses from the k8s API - - source_labels: [nodename] - regex: ^$ - action: drop - - # Example scrape config for probing services via the Blackbox Exporter. - # - # The relabeling allows the actual service scrape endpoint to be configured - # via the following annotations: - # - # * `prometheus.io/probe`: Only probe services that have a value of `true` - - job_name: 'kubernetes-services' - - metrics_path: /probe - params: - module: [http_2xx] - - kubernetes_sd_configs: - - role: service - - relabel_configs: - - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_probe] - action: keep - regex: true - - source_labels: [__address__] - target_label: __param_target - - target_label: __address__ - replacement: blackbox - - source_labels: [__param_target] - target_label: instance - - action: labelmap - regex: __meta_kubernetes_service_label_(.+) - - source_labels: [__meta_kubernetes_service_namespace] - # Sourcegraph specific customization. We want a more convenient to type label. - # target_label: kubernetes_namespace - target_label: ns - - source_labels: [__meta_kubernetes_service_name] - target_label: kubernetes_name - - # Example scrape config for pods - # - # The relabeling allows the actual pod scrape endpoint to be configured via the - # following annotations: - # - # * `sourcegraph.prometheus/scrape`: Only scrape pods that have a value of `true` - # * `prometheus.io/path`: If the metrics path is not `/metrics` override this. - # * `prometheus.io/port`: Scrape the pod on the indicated port instead of the default of `9102`. - - job_name: 'kubernetes-pods' - - kubernetes_sd_configs: - - role: pod - - relabel_configs: - # Sourcegraph specific customization, only scrape pods with our annotation - - source_labels: [__meta_kubernetes_pod_annotation_sourcegraph_prometheus_scrape] - action: keep - regex: true - - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_path] - action: replace - target_label: __metrics_path__ - regex: (.+) - - source_labels: [__address__, __meta_kubernetes_pod_annotation_prometheus_io_port] - action: replace - regex: (.+):(?:\d+);(\d+) - replacement: ${1}:${2} - target_label: __address__ - - action: labelmap - regex: __meta_kubernetes_pod_label_(.+) - - source_labels: [__meta_kubernetes_pod_name] - action: replace - target_label: kubernetes_pod_name - # Sourcegraph specific customization. We want a more convenient to type label. - # target_label: kubernetes_namespace - - source_labels: [__meta_kubernetes_namespace] - action: replace - target_label: ns - # Sourcegraph specific customization. We want to add a label to every - # metric that indicates the node it came from. - - source_labels: [__meta_kubernetes_pod_node_name] - action: replace - target_label: nodename - - metric_relabel_configs: - # cAdvisor-specific customization. Drop container metrics exported by cAdvisor - # not in the same namespace as Sourcegraph. - # Uncomment this if you have problems with certain dashboards or cAdvisor itself - # picking up non-Sourcegraph services. Ensure all Sourcegraph services are running - # within the Sourcegraph namespace you have defined. - # The regex must keep matches on '^$' (empty string) to ensure other metrics do not - # get dropped. - # - source_labels: [container_label_io_kubernetes_pod_namespace] - # regex: ^$|ns-sourcegraph # ensure this matches with namespace declarations - # action: keep - - source_labels: [container_label_io_kubernetes_pod_namespace] - regex: kube-system - action: drop - # cAdvisor-specific customization. We want container metrics to be named after their container name label. - # Note that 'io.kubernetes.container.name' and 'io.kubernetes.pod.name' must be provided in cAdvisor - # '--whitelisted_container_labels' (see cadvisor.DaemonSet.yaml) - - source_labels: [container_label_io_kubernetes_container_name, container_label_io_kubernetes_pod_name] - regex: (.+) - action: replace - target_label: name - separator: '-' - # Sourcegraph specific customization. Drop metrics with empty nodename responses from the k8s API - - source_labels: [nodename] - regex: ^$ - action: drop - - # Scrape prometheus itself for metrics. - - job_name: 'builtin-prometheus' - static_configs: - - targets: ['127.0.0.1:9092'] - labels: - app: prometheus - - job_name: 'builtin-alertmanager' - metrics_path: /alertmanager/metrics - static_configs: - - targets: ['127.0.0.1:9093'] - labels: - app: alertmanager - extra_rules.yml: "" - prometheus_targets.yml: "" - symbols_targets.yml: "" - searcher_targets.yml: "" - gitserver_targets.yml: "" - indexed-search_targets.yml: "" diff --git a/components/monitoring/rbacs/prometheus/prometheus.Deployment.yaml b/components/monitoring/rbacs/prometheus/prometheus.Deployment.yaml index 44bf7a30..d28c78c0 100644 --- a/components/monitoring/rbacs/prometheus/prometheus.Deployment.yaml +++ b/components/monitoring/rbacs/prometheus/prometheus.Deployment.yaml @@ -6,3 +6,8 @@ spec: template: spec: serviceAccountName: prometheus + volumes: + - configMap: + defaultMode: 0777 + name: prometheus-rbac + name: config diff --git a/components/sizes/l/kustomization.yaml b/components/sizes/l/kustomization.yaml index 39b7eb59..c4a298aa 100644 --- a/components/sizes/l/kustomization.yaml +++ b/components/sizes/l/kustomization.yaml @@ -34,11 +34,6 @@ patches: kind: StatefulSet|Deployment name: codeintel-db version: v1 - - path: patches/prometheus.yaml - target: - kind: ConfigMap - name: prometheus - version: v1 - patch: |- apiVersion: apps/v1 kind: Deployment diff --git a/components/sizes/l/patches/prometheus.yaml b/components/sizes/l/patches/prometheus.yaml deleted file mode 100644 index d055bafa..00000000 --- a/components/sizes/l/patches/prometheus.yaml +++ /dev/null @@ -1,39 +0,0 @@ -- op: replace - path: /data/indexed-search_targets.yml - value: | - - labels: - nodename: "sourcegraph-services" - job: zoekt-indexserver - targets: - - indexed-search-0.indexed-search:6072 - - indexed-search-1.indexed-search:6072 - - labels: - nodename: "sourcegraph-services" - job: zoekt-webserver - targets: - - indexed-search-0.indexed-search:6070 - - indexed-search-1.indexed-search:6070 -- op: replace - path: /data/gitserver_targets.yml - value: | - - labels: - nodename: "sourcegraph-services" - job: gitserver - targets: - - gitserver-0.gitserver:6060 -- op: replace - path: /data/searcher_targets.yml - value: | - - labels: - nodename: "sourcegraph-services" - job: searcher - targets: - - searcher-0.searcher:6060 -- op: replace - path: /data/symbols_targets.yml - value: | - - labels: - nodename: "sourcegraph-services" - job: symbols - targets: - - symbols-0.symbols:6060 diff --git a/components/sizes/m/kustomization.yaml b/components/sizes/m/kustomization.yaml index 5514e982..41d6b7b5 100644 --- a/components/sizes/m/kustomization.yaml +++ b/components/sizes/m/kustomization.yaml @@ -34,11 +34,6 @@ patches: kind: StatefulSet|Deployment name: codeintel-db version: v1 - - path: patches/prometheus.yaml - target: - kind: ConfigMap - name: prometheus - version: v1 - path: patches/endpoints.yaml - patch: |- apiVersion: apps/v1 diff --git a/components/sizes/m/patches/prometheus.yaml b/components/sizes/m/patches/prometheus.yaml deleted file mode 100644 index 378b4a55..00000000 --- a/components/sizes/m/patches/prometheus.yaml +++ /dev/null @@ -1,37 +0,0 @@ -- op: replace - path: /data/indexed-search_targets.yml - value: | - - labels: - nodename: "sourcegraph-services" - job: zoekt-indexserver - targets: - - indexed-search-0.indexed-search:6072 - - labels: - nodename: "sourcegraph-services" - job: zoekt-webserver - targets: - - indexed-search-0.indexed-search:6070 -- op: replace - path: /data/gitserver_targets.yml - value: | - - labels: - nodename: "sourcegraph-services" - job: gitserver - targets: - - gitserver-0.gitserver:6060 -- op: replace - path: /data/searcher_targets.yml - value: | - - labels: - nodename: "sourcegraph-services" - job: searcher - targets: - - searcher-0.searcher:6060 -- op: replace - path: /data/symbols_targets.yml - value: | - - labels: - nodename: "sourcegraph-services" - job: symbols - targets: - - symbols-0.symbols:6060 diff --git a/components/sizes/s/kustomization.yaml b/components/sizes/s/kustomization.yaml index f8cdb6fe..93eb0290 100644 --- a/components/sizes/s/kustomization.yaml +++ b/components/sizes/s/kustomization.yaml @@ -34,11 +34,6 @@ patches: kind: StatefulSet|Deployment name: codeintel-db version: v1 - - path: patches/prometheus.yaml - target: - kind: ConfigMap - name: prometheus - version: v1 - patch: |- apiVersion: apps/v1 kind: Deployment diff --git a/components/sizes/s/patches/prometheus.yaml b/components/sizes/s/patches/prometheus.yaml deleted file mode 100644 index 378b4a55..00000000 --- a/components/sizes/s/patches/prometheus.yaml +++ /dev/null @@ -1,37 +0,0 @@ -- op: replace - path: /data/indexed-search_targets.yml - value: | - - labels: - nodename: "sourcegraph-services" - job: zoekt-indexserver - targets: - - indexed-search-0.indexed-search:6072 - - labels: - nodename: "sourcegraph-services" - job: zoekt-webserver - targets: - - indexed-search-0.indexed-search:6070 -- op: replace - path: /data/gitserver_targets.yml - value: | - - labels: - nodename: "sourcegraph-services" - job: gitserver - targets: - - gitserver-0.gitserver:6060 -- op: replace - path: /data/searcher_targets.yml - value: | - - labels: - nodename: "sourcegraph-services" - job: searcher - targets: - - searcher-0.searcher:6060 -- op: replace - path: /data/symbols_targets.yml - value: | - - labels: - nodename: "sourcegraph-services" - job: symbols - targets: - - symbols-0.symbols:6060 diff --git a/components/sizes/xl/kustomization.yaml b/components/sizes/xl/kustomization.yaml index cac413e9..ac42be79 100644 --- a/components/sizes/xl/kustomization.yaml +++ b/components/sizes/xl/kustomization.yaml @@ -34,11 +34,6 @@ patches: kind: StatefulSet|Deployment name: codeintel-db version: v1 - - path: patches/prometheus.yaml - target: - kind: ConfigMap - name: prometheus - version: v1 - patch: |- apiVersion: apps/v1 kind: Deployment diff --git a/components/sizes/xl/patches/prometheus.yaml b/components/sizes/xl/patches/prometheus.yaml deleted file mode 100644 index 3827a2b8..00000000 --- a/components/sizes/xl/patches/prometheus.yaml +++ /dev/null @@ -1,43 +0,0 @@ -- op: replace - path: /data/indexed-search_targets.yml - value: | - - labels: - nodename: "sourcegraph-services" - job: zoekt-indexserver - targets: - - indexed-search-0.indexed-search:6072 - - indexed-search-1.indexed-search:6072 - - indexed-search-2.indexed-search:6072 - - labels: - nodename: "sourcegraph-services" - job: zoekt-webserver - targets: - - indexed-search-0.indexed-search:6070 - - indexed-search-1.indexed-search:6070 - - indexed-search-2.indexed-search:6070 -- op: replace - path: /data/gitserver_targets.yml - value: | - - labels: - nodename: "sourcegraph-services" - job: gitserver - targets: - - gitserver-0.gitserver:6060 - - gitserver-1.gitserver:6060 -- op: replace - path: /data/searcher_targets.yml - value: | - - labels: - nodename: "sourcegraph-services" - job: searcher - targets: - - searcher-0.searcher:6060 - - searcher-1.searcher:6060 -- op: replace - path: /data/symbols_targets.yml - value: | - - labels: - nodename: "sourcegraph-services" - job: symbols - targets: - - symbols-0.symbols:6060 diff --git a/components/sizes/xs/kustomization.yaml b/components/sizes/xs/kustomization.yaml index dfe0dc61..0e7daaea 100644 --- a/components/sizes/xs/kustomization.yaml +++ b/components/sizes/xs/kustomization.yaml @@ -22,11 +22,6 @@ patches: kind: StatefulSet|Deployment name: pgsql|codeinsights-db|codeintel-db version: v1 - - path: patches/prometheus.yaml - target: - kind: ConfigMap - name: prometheus - version: v1 - patch: |- apiVersion: apps/v1 kind: Deployment diff --git a/components/sizes/xs/patches/prometheus.yaml b/components/sizes/xs/patches/prometheus.yaml deleted file mode 100644 index 378b4a55..00000000 --- a/components/sizes/xs/patches/prometheus.yaml +++ /dev/null @@ -1,37 +0,0 @@ -- op: replace - path: /data/indexed-search_targets.yml - value: | - - labels: - nodename: "sourcegraph-services" - job: zoekt-indexserver - targets: - - indexed-search-0.indexed-search:6072 - - labels: - nodename: "sourcegraph-services" - job: zoekt-webserver - targets: - - indexed-search-0.indexed-search:6070 -- op: replace - path: /data/gitserver_targets.yml - value: | - - labels: - nodename: "sourcegraph-services" - job: gitserver - targets: - - gitserver-0.gitserver:6060 -- op: replace - path: /data/searcher_targets.yml - value: | - - labels: - nodename: "sourcegraph-services" - job: searcher - targets: - - searcher-0.searcher:6060 -- op: replace - path: /data/symbols_targets.yml - value: | - - labels: - nodename: "sourcegraph-services" - job: symbols - targets: - - symbols-0.symbols:6060 diff --git a/examples/aws/ebs/kustomization.yaml b/examples/aws/ebs/kustomization.yaml index 33f08725..5ce329a9 100644 --- a/examples/aws/ebs/kustomization.yaml +++ b/examples/aws/ebs/kustomization.yaml @@ -1,11 +1,12 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +namespace: ns-sourcegraph resources: # Sourcegraph Main Stack - ../../../base/sourcegraph - # Monitoring Stack - ../../../base/monitoring components: + - ../../../components/resources/namespace # Use resources for a size-XS instance - ../../../components/sizes/xs - ../../../components/clusters/aws/ebs-csi diff --git a/examples/aws/kustomization.yaml b/examples/aws/kustomization.yaml index 429a4a74..7041a8ec 100644 --- a/examples/aws/kustomization.yaml +++ b/examples/aws/kustomization.yaml @@ -1,11 +1,12 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +namespace: ns-sourcegraph resources: # Sourcegraph Main Stack - ../../base/sourcegraph - # Monitoring Stack - ../../base/monitoring components: + - ../../components/resources/namespace # Use resources for a size-XS instance - ../../components/sizes/xs - ../../components/clusters/aws/aws-ebs diff --git a/examples/aws/with-tracing/kustomization.yaml b/examples/aws/with-tracing/kustomization.yaml index 6619ee59..0cd21e33 100644 --- a/examples/aws/with-tracing/kustomization.yaml +++ b/examples/aws/with-tracing/kustomization.yaml @@ -1,11 +1,12 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +namespace: ns-sourcegraph resources: # Sourcegraph Main Stack - ../../../base/sourcegraph - # Monitoring Stack - ../../../base/monitoring components: + - ../../../components/resources/namespace - ../../../components/monitoring/tracing # Use resources for a size-XS instance - ../../../components/sizes/xs diff --git a/examples/base/kustomization.yaml b/examples/base/kustomization.yaml index 890b121f..cb472722 100644 --- a/examples/base/kustomization.yaml +++ b/examples/base/kustomization.yaml @@ -1,10 +1,10 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +namespace: ns-sourcegraph # Run all services with default values resources: - # Sourcegraph Main Stack - ../../base/sourcegraph - # Monitoring Stack - ../../base/monitoring components: + - ../../components/resources/namespace - ../../components/monitoring/tracing diff --git a/examples/base/l/kustomization.yaml b/examples/base/l/kustomization.yaml index 1730ecbc..1b5b20a5 100644 --- a/examples/base/l/kustomization.yaml +++ b/examples/base/l/kustomization.yaml @@ -1,9 +1,11 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +namespace: ns-sourcegraph resources: # Sourcegraph Main Stack - ../../../base/sourcegraph # Monitoring Stack - ../../../base/monitoring components: + - ../../../components/resources/namespace - ../../../components/sizes/l diff --git a/examples/base/m/kustomization.yaml b/examples/base/m/kustomization.yaml index 766c72e1..a8ac0c10 100644 --- a/examples/base/m/kustomization.yaml +++ b/examples/base/m/kustomization.yaml @@ -1,9 +1,11 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +namespace: ns-sourcegraph resources: # Sourcegraph Main Stack - ../../../base/sourcegraph # Monitoring Stack - ../../../base/monitoring components: + - ../../../components/resources/namespace - ../../../components/sizes/m diff --git a/examples/base/s/kustomization.yaml b/examples/base/s/kustomization.yaml index e30d157b..f268d0b2 100644 --- a/examples/base/s/kustomization.yaml +++ b/examples/base/s/kustomization.yaml @@ -1,9 +1,11 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +namespace: ns-sourcegraph resources: # Sourcegraph Main Stack - ../../../base/sourcegraph # Monitoring Stack - ../../../base/monitoring components: + - ../../../components/resources/namespace - ../../../components/sizes/s diff --git a/examples/base/xl/kustomization.yaml b/examples/base/xl/kustomization.yaml index 9cb6b69b..1a5de396 100644 --- a/examples/base/xl/kustomization.yaml +++ b/examples/base/xl/kustomization.yaml @@ -1,9 +1,11 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +namespace: ns-sourcegraph resources: # Sourcegraph Main Stack - ../../../base/sourcegraph # Monitoring Stack - ../../../base/monitoring components: + - ../../../components/resources/namespace - ../../../components/sizes/xl diff --git a/examples/base/xs/kustomization.yaml b/examples/base/xs/kustomization.yaml index b11ec73c..ba053591 100644 --- a/examples/base/xs/kustomization.yaml +++ b/examples/base/xs/kustomization.yaml @@ -1,10 +1,12 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +namespace: ns-sourcegraph resources: # Sourcegraph Main Stack - ../../../base/sourcegraph # Monitoring Stack - ../../../base/monitoring components: + - ../../../components/resources/namespace # Use resources for a size-XS instance - ../../../components/sizes/xs diff --git a/examples/dev/kustomization.yaml b/examples/dev/kustomization.yaml index 4f070755..ca802f25 100644 --- a/examples/dev/kustomization.yaml +++ b/examples/dev/kustomization.yaml @@ -1,11 +1,13 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +namespace: dev-sourcegraph resources: # Sourcegraph Main Stack - ../../base/sourcegraph - # Monitoring Stack + # Monitoring Stack - ../../base/monitoring components: + - ../../components/resources/namespace - ../../components/resources/ci-volume - ../../components/remove/resources - ../../components/remove/pvcs diff --git a/examples/gke/kustomization.yaml b/examples/gke/kustomization.yaml index 4ee8945b..6811d500 100644 --- a/examples/gke/kustomization.yaml +++ b/examples/gke/kustomization.yaml @@ -1,8 +1,10 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +namespace: ns-sourcegraph resources: - ../../base/sourcegraph - ../../base/monitoring components: + - ../../components/resources/namespace - ../../components/sizes/xs - ../../components/clusters/gke/configure diff --git a/examples/gke/rbac/kustomization.yaml b/examples/gke/rbac/kustomization.yaml index cbcdff95..1d22e802 100644 --- a/examples/gke/rbac/kustomization.yaml +++ b/examples/gke/rbac/kustomization.yaml @@ -1,14 +1,16 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +namespace: ns-sourcegraph resources: # Sourcegraph Main Stack - ../../../base/sourcegraph - ../../../base/monitoring components: + - ../../../components/resources/namespace - ../../../components/monitoring/cadvisor - - ../../../components/monitoring/privileged # Use resources for a size-XS instance - ../../../components/sizes/xs - - ../../../components/privileged - ../../../components/clusters/gke/configure + - ../../../components/privileged + - ../../../components/monitoring/privileged - ../../../components/enable/service-discovery diff --git a/examples/migrator/kustomization.yaml b/examples/migrator/kustomization.yaml index 540144f9..ff625284 100644 --- a/examples/migrator/kustomization.yaml +++ b/examples/migrator/kustomization.yaml @@ -1,5 +1,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +namespace: ns-sourcegraph components: - ../../components/utils/migrator diff --git a/examples/minikube/full/kustomization.yaml b/examples/minikube/full/kustomization.yaml index 411a2b78..f398fe96 100644 --- a/examples/minikube/full/kustomization.yaml +++ b/examples/minikube/full/kustomization.yaml @@ -1,7 +1,11 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +namespace: ns-sourcegraph resources: + # Sourcegraph Main Stack - ../../../base/sourcegraph + # Monitoring Stack - ../../../base/monitoring components: + - ../../../components/resources/namespace - ../../../components/clusters/minikube diff --git a/examples/minikube/kustomization.yaml b/examples/minikube/kustomization.yaml index 4a3c28ea..601fbe81 100644 --- a/examples/minikube/kustomization.yaml +++ b/examples/minikube/kustomization.yaml @@ -1,6 +1,9 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +namespace: ns-sourcegraph resources: + # Sourcegraph Main Stack - ../../base/sourcegraph components: + - ../../components/resources/namespace - ../../components/clusters/minikube diff --git a/examples/monitoring/cadvisor/kustomization.yaml b/examples/monitoring/cadvisor/kustomization.yaml index 6c16e5d3..bd949bfc 100644 --- a/examples/monitoring/cadvisor/kustomization.yaml +++ b/examples/monitoring/cadvisor/kustomization.yaml @@ -1,4 +1,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +namespace: ns-sourcegraph components: - ../../../components/monitoring/cadvisor diff --git a/examples/monitoring/kustomization.yaml b/examples/monitoring/kustomization.yaml index 865b0076..cd005d55 100644 --- a/examples/monitoring/kustomization.yaml +++ b/examples/monitoring/kustomization.yaml @@ -1,4 +1,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +namespace: ns-sourcegraph resources: - ../../base/monitoring diff --git a/examples/monitoring/privileged/kustomization.yaml b/examples/monitoring/privileged/kustomization.yaml index 056f279f..fbac2e67 100644 --- a/examples/monitoring/privileged/kustomization.yaml +++ b/examples/monitoring/privileged/kustomization.yaml @@ -1,5 +1,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +namespace: ns-sourcegraph resources: - ../../../base/monitoring components: diff --git a/examples/old-cluster/kustomization.yaml b/examples/old-cluster/kustomization.yaml index 5b5c41f1..d0639637 100644 --- a/examples/old-cluster/kustomization.yaml +++ b/examples/old-cluster/kustomization.yaml @@ -1,8 +1,11 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +namespace: ns-sourcegraph resources: # Sourcegraph Main Stack - ../../base/sourcegraph + # Monitoring Stack + - ../../base/monitoring components: # Update and generate resources for the old cluster # This includes the monitoring stack diff --git a/examples/privileged/kustomization.yaml b/examples/privileged/kustomization.yaml index a571f9c3..eacdf8a1 100644 --- a/examples/privileged/kustomization.yaml +++ b/examples/privileged/kustomization.yaml @@ -1,11 +1,13 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +namespace: ns-sourcegraph resources: # Sourcegraph Main Stack - ../../base/sourcegraph - # Monitoring Stack + # Monitoring Stack - ../../base/monitoring components: + - ../../components/resources/namespace - ../../components/monitoring/cadvisor - ../../components/sizes/xs - ../../components/privileged diff --git a/examples/privileged/l/kustomization.yaml b/examples/privileged/l/kustomization.yaml index db827fc5..181f220f 100644 --- a/examples/privileged/l/kustomization.yaml +++ b/examples/privileged/l/kustomization.yaml @@ -1,11 +1,13 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +namespace: ns-sourcegraph resources: # Sourcegraph Main Stack - ../../../base/sourcegraph - # Monitoring Stack + # Monitoring Stack - ../../../base/monitoring components: + - ../../../components/resources/namespace - ../../../components/monitoring/cadvisor - ../../../components/sizes/l - ../../../components/privileged diff --git a/examples/privileged/m/kustomization.yaml b/examples/privileged/m/kustomization.yaml index e4fc7d7c..0788b1d6 100644 --- a/examples/privileged/m/kustomization.yaml +++ b/examples/privileged/m/kustomization.yaml @@ -1,11 +1,13 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +namespace: ns-sourcegraph resources: # Sourcegraph Main Stack - ../../../base/sourcegraph - # Monitoring Stack + # Monitoring Stack - ../../../base/monitoring components: + - ../../../components/resources/namespace - ../../../components/monitoring/cadvisor - ../../../components/sizes/m - ../../../components/privileged diff --git a/examples/privileged/s/kustomization.yaml b/examples/privileged/s/kustomization.yaml index b1d0b032..fa11dd3f 100644 --- a/examples/privileged/s/kustomization.yaml +++ b/examples/privileged/s/kustomization.yaml @@ -1,11 +1,13 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +namespace: ns-sourcegraph resources: # Sourcegraph Main Stack - ../../../base/sourcegraph - # Monitoring Stack + # Monitoring Stack - ../../../base/monitoring components: + - ../../../components/resources/namespace - ../../../components/monitoring/cadvisor - ../../../components/sizes/s - ../../../components/privileged diff --git a/examples/privileged/xl/kustomization.yaml b/examples/privileged/xl/kustomization.yaml index 35a27c64..9bd3cc03 100644 --- a/examples/privileged/xl/kustomization.yaml +++ b/examples/privileged/xl/kustomization.yaml @@ -1,11 +1,13 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +namespace: ns-sourcegraph resources: # Sourcegraph Main Stack - ../../../base/sourcegraph - # Monitoring Stack + # Monitoring Stack - ../../../base/monitoring components: + - ../../../components/resources/namespace - ../../../components/monitoring/cadvisor - ../../../components/sizes/xl - ../../../components/privileged diff --git a/examples/privileged/xs/kustomization.yaml b/examples/privileged/xs/kustomization.yaml index a02c391a..f65f73d5 100644 --- a/examples/privileged/xs/kustomization.yaml +++ b/examples/privileged/xs/kustomization.yaml @@ -1,11 +1,13 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +namespace: ns-sourcegraph resources: # Sourcegraph Main Stack - ../../../base/sourcegraph - # Monitoring Stack + # Monitoring Stack - ../../../base/monitoring components: + - ../../../components/resources/namespace - ../../../components/monitoring/cadvisor - ../../../components/sizes/xs - ../../../components/privileged diff --git a/instances/template/kustomization.template.yaml b/instances/template/kustomization.template.yaml index 43a23efc..d8044d23 100644 --- a/instances/template/kustomization.template.yaml +++ b/instances/template/kustomization.template.yaml @@ -21,7 +21,7 @@ resources: # ---------------- Add additional resources below this line if needed ---------------- # # - ########################################################################################## -# [NAMESPACE] Add namespace to all resources generated by this overlay +# [REQUIRED: NAMESPACE] Add namespace to all resources generated by this overlay # # NOTE: Include the 'namespace' component to create namespace with the same name if needed ########################################################################################## @@ -62,6 +62,7 @@ components: # - ../../components/sizes/m # -- Allocate resources for size M instance # - ../../components/sizes/l # -- Allocate resources for size L instance # - ../../components/sizes/xl # -- Allocate resources for size XL instance + # - custom-resources # -- Allocate customized resources --See docs for detailed instructions # #--------------------------------------------------------------------------------------- # Storage class @@ -153,6 +154,10 @@ components: # Permission Configurations # IMPORTANT: Keep the components below as the LAST components # ------------------------------------------------------------------------ + # [DO NOT REMOVE] This component add replica count for some statefulset services as env vars to frontend + # so that when service discovery is disabled, frontend can generate service endpoints based on replica count + - ../../components/utils/endpoints # REQUIRED - DO NOT REMOVE + # # - ../../components/privileged # -- Run Sourcegraph with privileged and root access # - ../../components/monitoring/privileged # -- Run monitoring stack with privileged and root access #