From 731b1dbb1505c2e8acb8673d769dce721a9c6c0d Mon Sep 17 00:00:00 2001 From: etiennep Date: Thu, 26 Sep 2024 14:40:00 -0700 Subject: [PATCH 1/2] feat: add lifecycle hooks to alloy container --- operations/helm/charts/alloy/CHANGELOG.md | 6 +- operations/helm/charts/alloy/Chart.yaml | 2 +- operations/helm/charts/alloy/README.md | 3 +- .../alloy/ci/lifecycle-hooks-values.yaml | 8 ++ .../alloy/templates/containers/_agent.yaml | 4 + operations/helm/charts/alloy/values.yaml | 8 ++ .../alloy/templates/configmap.yaml | 43 +++++++ .../templates/controllers/deployment.yaml | 83 ++++++++++++ .../lifecycle-hooks/alloy/templates/rbac.yaml | 119 ++++++++++++++++++ .../alloy/templates/service.yaml | 24 ++++ .../alloy/templates/serviceaccount.yaml | 14 +++ 11 files changed, 311 insertions(+), 3 deletions(-) create mode 100644 operations/helm/charts/alloy/ci/lifecycle-hooks-values.yaml create mode 100644 operations/helm/tests/lifecycle-hooks/alloy/templates/configmap.yaml create mode 100644 operations/helm/tests/lifecycle-hooks/alloy/templates/controllers/deployment.yaml create mode 100644 operations/helm/tests/lifecycle-hooks/alloy/templates/rbac.yaml create mode 100644 operations/helm/tests/lifecycle-hooks/alloy/templates/service.yaml create mode 100644 operations/helm/tests/lifecycle-hooks/alloy/templates/serviceaccount.yaml diff --git a/operations/helm/charts/alloy/CHANGELOG.md b/operations/helm/charts/alloy/CHANGELOG.md index 278c4ae310..311b8b33ef 100644 --- a/operations/helm/charts/alloy/CHANGELOG.md +++ b/operations/helm/charts/alloy/CHANGELOG.md @@ -10,6 +10,10 @@ internal API changes are not present. Unreleased ---------- +### Enhancements + +- Add lifecyle hook to the Helm chart. (@etiennep) + 0.8.1 (2024-09-26) ------------------ @@ -118,4 +122,4 @@ Unreleased - Introduce a Grafana Alloy Helm chart. The Grafana Alloy Helm chart is backwards compatibile with the values.yaml from the `grafana-agent` Helm chart. Review the Helm chart README for a description on how to migrate. - (@rfratto) \ No newline at end of file + (@rfratto) diff --git a/operations/helm/charts/alloy/Chart.yaml b/operations/helm/charts/alloy/Chart.yaml index a4391d0d65..d256e4e8b5 100644 --- a/operations/helm/charts/alloy/Chart.yaml +++ b/operations/helm/charts/alloy/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: alloy description: 'Grafana Alloy' type: application -version: 0.8.1 +version: 0.9.0 appVersion: 'v1.4.1' icon: https://raw.githubusercontent.com/grafana/alloy/main/docs/sources/assets/alloy_icon_orange.svg diff --git a/operations/helm/charts/alloy/README.md b/operations/helm/charts/alloy/README.md index d540222261..0da598f74b 100644 --- a/operations/helm/charts/alloy/README.md +++ b/operations/helm/charts/alloy/README.md @@ -1,6 +1,6 @@ # Grafana Alloy Helm chart -![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![Version: 0.8.1](https://img.shields.io/badge/Version-0.8.1-informational?style=flat-square) ![AppVersion: v1.4.1](https://img.shields.io/badge/AppVersion-v1.4.1-informational?style=flat-square) +![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![Version: 0.9.0](https://img.shields.io/badge/Version-0.9.0-informational?style=flat-square) ![AppVersion: v1.4.1](https://img.shields.io/badge/AppVersion-v1.4.1-informational?style=flat-square) Helm chart for deploying [Grafana Alloy][] to Kubernetes. @@ -45,6 +45,7 @@ useful if just using the default DaemonSet isn't sufficient. | alloy.extraArgs | list | `[]` | Extra args to pass to `alloy run`: https://grafana.com/docs/alloy/latest/reference/cli/run/ | | alloy.extraEnv | list | `[]` | Extra environment variables to pass to the Alloy container. | | alloy.extraPorts | list | `[]` | Extra ports to expose on the Alloy container. | +| alloy.lifecycle | object | `{}` | Set lifecycle hooks for the Grafana Alloy container. | | alloy.listenAddr | string | `"0.0.0.0"` | Address to listen for traffic on. 0.0.0.0 exposes the UI to other containers. | | alloy.listenPort | int | `12345` | Port to listen for traffic on. | | alloy.listenScheme | string | `"HTTP"` | Scheme is needed for readiness probes. If enabling tls in your configs, set to "HTTPS" | diff --git a/operations/helm/charts/alloy/ci/lifecycle-hooks-values.yaml b/operations/helm/charts/alloy/ci/lifecycle-hooks-values.yaml new file mode 100644 index 0000000000..e204f8e3bf --- /dev/null +++ b/operations/helm/charts/alloy/ci/lifecycle-hooks-values.yaml @@ -0,0 +1,8 @@ +controller: + type: deployment + +alloy: + lifecycle: + preStop: + exec: + command: ["/bin/sh", "-c", "sleep 1"] diff --git a/operations/helm/charts/alloy/templates/containers/_agent.yaml b/operations/helm/charts/alloy/templates/containers/_agent.yaml index f6d392b135..2ec3d2e841 100644 --- a/operations/helm/charts/alloy/templates/containers/_agent.yaml +++ b/operations/helm/charts/alloy/templates/containers/_agent.yaml @@ -61,6 +61,10 @@ resources: {{- toYaml . | nindent 4 }} {{- end }} + {{- with $values.lifecycle }} + lifecycle: + {{- toYaml . | nindent 4 }} + {{- end }} {{- with $values.securityContext }} securityContext: {{- toYaml . | nindent 4 }} diff --git a/operations/helm/charts/alloy/values.yaml b/operations/helm/charts/alloy/values.yaml index f55a7893e5..204fef3977 100644 --- a/operations/helm/charts/alloy/values.yaml +++ b/operations/helm/charts/alloy/values.yaml @@ -106,6 +106,14 @@ alloy: # -- Resource requests and limits to apply to the Grafana Alloy container. resources: {} + # -- Set lifecycle hooks for the Grafana Alloy container. + lifecycle: {} + # preStop: + # exec: + # command: + # - /bin/sleep + # - "10" + image: # -- Grafana Alloy image registry (defaults to docker.io) registry: "docker.io" diff --git a/operations/helm/tests/lifecycle-hooks/alloy/templates/configmap.yaml b/operations/helm/tests/lifecycle-hooks/alloy/templates/configmap.yaml new file mode 100644 index 0000000000..381ccbff2f --- /dev/null +++ b/operations/helm/tests/lifecycle-hooks/alloy/templates/configmap.yaml @@ -0,0 +1,43 @@ +--- +# Source: alloy/templates/configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: config +data: + config.alloy: |- + logging { + level = "info" + format = "logfmt" + } + + discovery.kubernetes "pods" { + role = "pod" + } + + discovery.kubernetes "nodes" { + role = "node" + } + + discovery.kubernetes "services" { + role = "service" + } + + discovery.kubernetes "endpoints" { + role = "endpoints" + } + + discovery.kubernetes "endpointslices" { + role = "endpointslice" + } + + discovery.kubernetes "ingresses" { + role = "ingress" + } diff --git a/operations/helm/tests/lifecycle-hooks/alloy/templates/controllers/deployment.yaml b/operations/helm/tests/lifecycle-hooks/alloy/templates/controllers/deployment.yaml new file mode 100644 index 0000000000..f57ecdc692 --- /dev/null +++ b/operations/helm/tests/lifecycle-hooks/alloy/templates/controllers/deployment.yaml @@ -0,0 +1,83 @@ +--- +# Source: alloy/templates/controllers/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm +spec: + replicas: 1 + minReadySeconds: 10 + selector: + matchLabels: + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: alloy + labels: + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + spec: + serviceAccountName: alloy + containers: + - name: alloy + image: docker.io/grafana/alloy:v1.4.1 + imagePullPolicy: IfNotPresent + args: + - run + - /etc/alloy/config.alloy + - --storage.path=/tmp/alloy + - --server.http.listen-addr=0.0.0.0:12345 + - --server.http.ui-path-prefix=/ + - --stability.level=generally-available + env: + - name: ALLOY_DEPLOY_MODE + value: "helm" + - name: HOSTNAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + ports: + - containerPort: 12345 + name: http-metrics + readinessProbe: + httpGet: + path: /-/ready + port: 12345 + scheme: HTTP + initialDelaySeconds: 10 + timeoutSeconds: 1 + lifecycle: + preStop: + exec: + command: + - /bin/sh + - -c + - sleep 20 + volumeMounts: + - name: config + mountPath: /etc/alloy + - name: config-reloader + image: ghcr.io/jimmidyson/configmap-reload:v0.12.0 + args: + - --volume-dir=/etc/alloy + - --webhook-url=http://localhost:12345/-/reload + volumeMounts: + - name: config + mountPath: /etc/alloy + resources: + requests: + cpu: 1m + memory: 5Mi + dnsPolicy: ClusterFirst + volumes: + - name: config + configMap: + name: alloy diff --git a/operations/helm/tests/lifecycle-hooks/alloy/templates/rbac.yaml b/operations/helm/tests/lifecycle-hooks/alloy/templates/rbac.yaml new file mode 100644 index 0000000000..58fe9c6a84 --- /dev/null +++ b/operations/helm/tests/lifecycle-hooks/alloy/templates/rbac.yaml @@ -0,0 +1,119 @@ +--- +# Source: alloy/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: rbac +rules: + # Rules which allow discovery.kubernetes to function. + - apiGroups: + - "" + - "discovery.k8s.io" + - "networking.k8s.io" + resources: + - endpoints + - endpointslices + - ingresses + - nodes + - nodes/proxy + - nodes/metrics + - pods + - services + verbs: + - get + - list + - watch + # Rules which allow loki.source.kubernetes and loki.source.podlogs to work. + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - "monitoring.grafana.com" + resources: + - podlogs + verbs: + - get + - list + - watch + # Rules which allow mimir.rules.kubernetes to work. + - apiGroups: ["monitoring.coreos.com"] + resources: + - prometheusrules + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get + # Rules for prometheus.kubernetes.* + - apiGroups: ["monitoring.coreos.com"] + resources: + - podmonitors + - servicemonitors + - probes + verbs: + - get + - list + - watch + # Rules which allow eventhandler to work. + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + # needed for remote.kubernetes.* + - apiGroups: [""] + resources: + - "configmaps" + - "secrets" + verbs: + - get + - list + - watch + # needed for otelcol.processor.k8sattributes + - apiGroups: ["apps"] + resources: ["replicasets"] + verbs: ["get", "list", "watch"] + - apiGroups: ["extensions"] + resources: ["replicasets"] + verbs: ["get", "list", "watch"] +--- +# Source: alloy/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: rbac +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: alloy +subjects: + - kind: ServiceAccount + name: alloy + namespace: default diff --git a/operations/helm/tests/lifecycle-hooks/alloy/templates/service.yaml b/operations/helm/tests/lifecycle-hooks/alloy/templates/service.yaml new file mode 100644 index 0000000000..0e9857aef6 --- /dev/null +++ b/operations/helm/tests/lifecycle-hooks/alloy/templates/service.yaml @@ -0,0 +1,24 @@ +--- +# Source: alloy/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: networking +spec: + type: ClusterIP + selector: + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + internalTrafficPolicy: Cluster + ports: + - name: http-metrics + port: 12345 + targetPort: 12345 + protocol: "TCP" diff --git a/operations/helm/tests/lifecycle-hooks/alloy/templates/serviceaccount.yaml b/operations/helm/tests/lifecycle-hooks/alloy/templates/serviceaccount.yaml new file mode 100644 index 0000000000..16959476b1 --- /dev/null +++ b/operations/helm/tests/lifecycle-hooks/alloy/templates/serviceaccount.yaml @@ -0,0 +1,14 @@ +--- +# Source: alloy/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: alloy + namespace: default + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: rbac From 5866e907233876e5b28c1884489876450e526e08 Mon Sep 17 00:00:00 2001 From: etiennep Date: Tue, 1 Oct 2024 14:27:38 -0700 Subject: [PATCH 2/2] feat: add terminationGracePeriodSeconds to helm chart --- operations/helm/charts/alloy/CHANGELOG.md | 1 + operations/helm/charts/alloy/README.md | 1 + .../alloy/ci/lifecycle-hooks-values.yaml | 6 +- .../ci/termination-grace-period-values.yaml | 3 + .../alloy/templates/controllers/_pod.yaml | 3 + operations/helm/charts/alloy/values.yaml | 4 + .../templates/controllers/deployment.yaml | 2 +- .../alloy/templates/configmap.yaml | 43 +++++++ .../templates/controllers/deployment.yaml | 77 ++++++++++++ .../alloy/templates/rbac.yaml | 119 ++++++++++++++++++ .../alloy/templates/service.yaml | 24 ++++ .../alloy/templates/serviceaccount.yaml | 14 +++ 12 files changed, 293 insertions(+), 4 deletions(-) create mode 100644 operations/helm/charts/alloy/ci/termination-grace-period-values.yaml create mode 100644 operations/helm/tests/termination-grace-period/alloy/templates/configmap.yaml create mode 100644 operations/helm/tests/termination-grace-period/alloy/templates/controllers/deployment.yaml create mode 100644 operations/helm/tests/termination-grace-period/alloy/templates/rbac.yaml create mode 100644 operations/helm/tests/termination-grace-period/alloy/templates/service.yaml create mode 100644 operations/helm/tests/termination-grace-period/alloy/templates/serviceaccount.yaml diff --git a/operations/helm/charts/alloy/CHANGELOG.md b/operations/helm/charts/alloy/CHANGELOG.md index 311b8b33ef..4021dc1669 100644 --- a/operations/helm/charts/alloy/CHANGELOG.md +++ b/operations/helm/charts/alloy/CHANGELOG.md @@ -13,6 +13,7 @@ Unreleased ### Enhancements - Add lifecyle hook to the Helm chart. (@etiennep) +- Add terminationGracePeriodSeconds setting to the Helm chart. (@etiennep) 0.8.1 (2024-09-26) ------------------ diff --git a/operations/helm/charts/alloy/README.md b/operations/helm/charts/alloy/README.md index 0da598f74b..c0b4012658 100644 --- a/operations/helm/charts/alloy/README.md +++ b/operations/helm/charts/alloy/README.md @@ -94,6 +94,7 @@ useful if just using the default DaemonSet isn't sufficient. | controller.podLabels | object | `{}` | Extra pod labels to add. | | controller.priorityClassName | string | `""` | priorityClassName to apply to Grafana Alloy pods. | | controller.replicas | int | `1` | Number of pods to deploy. Ignored when controller.type is 'daemonset'. | +| controller.terminationGracePeriodSeconds | string | `nil` | Termination grace period in seconds for the Grafana Alloy pods. The default value used by Kubernetes if unspecifed is 30 seconds. | | controller.tolerations | list | `[]` | Tolerations to apply to Grafana Alloy pods. | | controller.topologySpreadConstraints | list | `[]` | Topology Spread Constraints to apply to Grafana Alloy pods. | | controller.type | string | `"daemonset"` | Type of controller to use for deploying Grafana Alloy in the cluster. Must be one of 'daemonset', 'deployment', or 'statefulset'. | diff --git a/operations/helm/charts/alloy/ci/lifecycle-hooks-values.yaml b/operations/helm/charts/alloy/ci/lifecycle-hooks-values.yaml index e204f8e3bf..97fcfeff0c 100644 --- a/operations/helm/charts/alloy/ci/lifecycle-hooks-values.yaml +++ b/operations/helm/charts/alloy/ci/lifecycle-hooks-values.yaml @@ -3,6 +3,6 @@ controller: alloy: lifecycle: - preStop: - exec: - command: ["/bin/sh", "-c", "sleep 1"] + preStop: + exec: + command: ["/bin/sh", "-c", "sleep 1"] diff --git a/operations/helm/charts/alloy/ci/termination-grace-period-values.yaml b/operations/helm/charts/alloy/ci/termination-grace-period-values.yaml new file mode 100644 index 0000000000..4ff8b98d7b --- /dev/null +++ b/operations/helm/charts/alloy/ci/termination-grace-period-values.yaml @@ -0,0 +1,3 @@ +controller: + type: deployment + terminationGracePeriodSeconds: 20 diff --git a/operations/helm/charts/alloy/templates/controllers/_pod.yaml b/operations/helm/charts/alloy/templates/controllers/_pod.yaml index 94625fca2b..1167671fd0 100644 --- a/operations/helm/charts/alloy/templates/controllers/_pod.yaml +++ b/operations/helm/charts/alloy/templates/controllers/_pod.yaml @@ -51,6 +51,9 @@ spec: affinity: {{- toYaml . | nindent 4 }} {{- end }} + {{- if .Values.controller.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.controller.terminationGracePeriodSeconds | int }} + {{- end }} {{- with .Values.controller.nodeSelector }} nodeSelector: {{- toYaml . | nindent 4 }} diff --git a/operations/helm/charts/alloy/values.yaml b/operations/helm/charts/alloy/values.yaml index 204fef3977..a8f2a7e6c3 100644 --- a/operations/helm/charts/alloy/values.yaml +++ b/operations/helm/charts/alloy/values.yaml @@ -191,6 +191,10 @@ controller: # -- Configures the DNS policy for the pod. https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy dnsPolicy: ClusterFirst + # -- Termination grace period in seconds for the Grafana Alloy pods. + # The default value used by Kubernetes if unspecifed is 30 seconds. + terminationGracePeriodSeconds: null + # -- Update strategy for updating deployed Pods. updateStrategy: {} diff --git a/operations/helm/tests/lifecycle-hooks/alloy/templates/controllers/deployment.yaml b/operations/helm/tests/lifecycle-hooks/alloy/templates/controllers/deployment.yaml index f57ecdc692..ccd8d44c3c 100644 --- a/operations/helm/tests/lifecycle-hooks/alloy/templates/controllers/deployment.yaml +++ b/operations/helm/tests/lifecycle-hooks/alloy/templates/controllers/deployment.yaml @@ -60,7 +60,7 @@ spec: command: - /bin/sh - -c - - sleep 20 + - sleep 1 volumeMounts: - name: config mountPath: /etc/alloy diff --git a/operations/helm/tests/termination-grace-period/alloy/templates/configmap.yaml b/operations/helm/tests/termination-grace-period/alloy/templates/configmap.yaml new file mode 100644 index 0000000000..381ccbff2f --- /dev/null +++ b/operations/helm/tests/termination-grace-period/alloy/templates/configmap.yaml @@ -0,0 +1,43 @@ +--- +# Source: alloy/templates/configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: config +data: + config.alloy: |- + logging { + level = "info" + format = "logfmt" + } + + discovery.kubernetes "pods" { + role = "pod" + } + + discovery.kubernetes "nodes" { + role = "node" + } + + discovery.kubernetes "services" { + role = "service" + } + + discovery.kubernetes "endpoints" { + role = "endpoints" + } + + discovery.kubernetes "endpointslices" { + role = "endpointslice" + } + + discovery.kubernetes "ingresses" { + role = "ingress" + } diff --git a/operations/helm/tests/termination-grace-period/alloy/templates/controllers/deployment.yaml b/operations/helm/tests/termination-grace-period/alloy/templates/controllers/deployment.yaml new file mode 100644 index 0000000000..0b62989765 --- /dev/null +++ b/operations/helm/tests/termination-grace-period/alloy/templates/controllers/deployment.yaml @@ -0,0 +1,77 @@ +--- +# Source: alloy/templates/controllers/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm +spec: + replicas: 1 + minReadySeconds: 10 + selector: + matchLabels: + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: alloy + labels: + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + spec: + serviceAccountName: alloy + containers: + - name: alloy + image: docker.io/grafana/alloy:v1.4.1 + imagePullPolicy: IfNotPresent + args: + - run + - /etc/alloy/config.alloy + - --storage.path=/tmp/alloy + - --server.http.listen-addr=0.0.0.0:12345 + - --server.http.ui-path-prefix=/ + - --stability.level=generally-available + env: + - name: ALLOY_DEPLOY_MODE + value: "helm" + - name: HOSTNAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + ports: + - containerPort: 12345 + name: http-metrics + readinessProbe: + httpGet: + path: /-/ready + port: 12345 + scheme: HTTP + initialDelaySeconds: 10 + timeoutSeconds: 1 + volumeMounts: + - name: config + mountPath: /etc/alloy + - name: config-reloader + image: ghcr.io/jimmidyson/configmap-reload:v0.12.0 + args: + - --volume-dir=/etc/alloy + - --webhook-url=http://localhost:12345/-/reload + volumeMounts: + - name: config + mountPath: /etc/alloy + resources: + requests: + cpu: 1m + memory: 5Mi + dnsPolicy: ClusterFirst + terminationGracePeriodSeconds: 20 + volumes: + - name: config + configMap: + name: alloy diff --git a/operations/helm/tests/termination-grace-period/alloy/templates/rbac.yaml b/operations/helm/tests/termination-grace-period/alloy/templates/rbac.yaml new file mode 100644 index 0000000000..58fe9c6a84 --- /dev/null +++ b/operations/helm/tests/termination-grace-period/alloy/templates/rbac.yaml @@ -0,0 +1,119 @@ +--- +# Source: alloy/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: rbac +rules: + # Rules which allow discovery.kubernetes to function. + - apiGroups: + - "" + - "discovery.k8s.io" + - "networking.k8s.io" + resources: + - endpoints + - endpointslices + - ingresses + - nodes + - nodes/proxy + - nodes/metrics + - pods + - services + verbs: + - get + - list + - watch + # Rules which allow loki.source.kubernetes and loki.source.podlogs to work. + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - "monitoring.grafana.com" + resources: + - podlogs + verbs: + - get + - list + - watch + # Rules which allow mimir.rules.kubernetes to work. + - apiGroups: ["monitoring.coreos.com"] + resources: + - prometheusrules + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get + # Rules for prometheus.kubernetes.* + - apiGroups: ["monitoring.coreos.com"] + resources: + - podmonitors + - servicemonitors + - probes + verbs: + - get + - list + - watch + # Rules which allow eventhandler to work. + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + # needed for remote.kubernetes.* + - apiGroups: [""] + resources: + - "configmaps" + - "secrets" + verbs: + - get + - list + - watch + # needed for otelcol.processor.k8sattributes + - apiGroups: ["apps"] + resources: ["replicasets"] + verbs: ["get", "list", "watch"] + - apiGroups: ["extensions"] + resources: ["replicasets"] + verbs: ["get", "list", "watch"] +--- +# Source: alloy/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: rbac +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: alloy +subjects: + - kind: ServiceAccount + name: alloy + namespace: default diff --git a/operations/helm/tests/termination-grace-period/alloy/templates/service.yaml b/operations/helm/tests/termination-grace-period/alloy/templates/service.yaml new file mode 100644 index 0000000000..0e9857aef6 --- /dev/null +++ b/operations/helm/tests/termination-grace-period/alloy/templates/service.yaml @@ -0,0 +1,24 @@ +--- +# Source: alloy/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: networking +spec: + type: ClusterIP + selector: + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + internalTrafficPolicy: Cluster + ports: + - name: http-metrics + port: 12345 + targetPort: 12345 + protocol: "TCP" diff --git a/operations/helm/tests/termination-grace-period/alloy/templates/serviceaccount.yaml b/operations/helm/tests/termination-grace-period/alloy/templates/serviceaccount.yaml new file mode 100644 index 0000000000..16959476b1 --- /dev/null +++ b/operations/helm/tests/termination-grace-period/alloy/templates/serviceaccount.yaml @@ -0,0 +1,14 @@ +--- +# Source: alloy/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: alloy + namespace: default + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: rbac