diff --git a/grafana-agent.yaml b/grafana-agent.yaml index 4bb64d3..c514f73 100644 --- a/grafana-agent.yaml +++ b/grafana-agent.yaml @@ -1949,6 +1949,25 @@ spec: cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object + restartPolicy: + description: 'RestartPolicy defines the restart behavior of + individual containers in a pod. This field may only be set + for init containers, and the only allowed value is "Always". + For non-init containers or when this field is not specified, + the restart behavior is defined by the Pod''s restart policy + and the container type. Setting the RestartPolicy as "Always" + for the init container will have the following effect: this + init container will be continually restarted on exit until + all regular containers have terminated. Once all regular containers + have completed, all init containers with restartPolicy "Always" + will be shut down. This lifecycle differs from normal init + containers and is often referred to as a "sidecar" container. + Although this init container still starts in the init container + sequence, it does not wait for the container to complete before + proceeding to the next init container. Instead, the next init + container starts immediately after this init container is + started, or after any startupProbe has successfully completed.' + type: string securityContext: description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext @@ -2070,8 +2089,8 @@ spec: in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured - seccomp profile location. Must only be set if type - is "Localhost". + seccomp profile location. Must be set if type is "Localhost". + Must NOT be set for any other type. type: string type: description: "type indicates which kind of seccomp profile @@ -2104,16 +2123,12 @@ spec: type: string hostProcess: description: HostProcess determines if a container should - be run as a 'Host Process' container. This field is - alpha-level and will only be honored by components - that enable the WindowsHostProcessContainers feature - flag. Setting this field without the feature flag - will result in errors when validating the Pod. All - of a Pod's containers must have the same effective - HostProcess value (it is not allowed to have a mix - of HostProcess containers and non-HostProcess containers). In - addition, if HostProcess is true then HostNetwork - must also be set to true. + be run as a 'Host Process' container. All of a Pod's + containers must have the same effective HostProcess + value (it is not allowed to have a mix of HostProcess + containers and non-HostProcess containers). In addition, + if HostProcess is true then HostNetwork must also + be set to true. type: boolean runAsUserName: description: The UserName in Windows to run the entrypoint @@ -3262,6 +3277,25 @@ spec: cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object + restartPolicy: + description: 'RestartPolicy defines the restart behavior of + individual containers in a pod. This field may only be set + for init containers, and the only allowed value is "Always". + For non-init containers or when this field is not specified, + the restart behavior is defined by the Pod''s restart policy + and the container type. Setting the RestartPolicy as "Always" + for the init container will have the following effect: this + init container will be continually restarted on exit until + all regular containers have terminated. Once all regular containers + have completed, all init containers with restartPolicy "Always" + will be shut down. This lifecycle differs from normal init + containers and is often referred to as a "sidecar" container. + Although this init container still starts in the init container + sequence, it does not wait for the container to complete before + proceeding to the next init container. Instead, the next init + container starts immediately after this init container is + started, or after any startupProbe has successfully completed.' + type: string securityContext: description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext @@ -3383,8 +3417,8 @@ spec: in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured - seccomp profile location. Must only be set if type - is "Localhost". + seccomp profile location. Must be set if type is "Localhost". + Must NOT be set for any other type. type: string type: description: "type indicates which kind of seccomp profile @@ -3417,16 +3451,12 @@ spec: type: string hostProcess: description: HostProcess determines if a container should - be run as a 'Host Process' container. This field is - alpha-level and will only be honored by components - that enable the WindowsHostProcessContainers feature - flag. Setting this field without the feature flag - will result in errors when validating the Pod. All - of a Pod's containers must have the same effective - HostProcess value (it is not allowed to have a mix - of HostProcess containers and non-HostProcess containers). In - addition, if HostProcess is true then HostNetwork - must also be set to true. + be run as a 'Host Process' container. All of a Pod's + containers must have the same effective HostProcess + value (it is not allowed to have a mix of HostProcess + containers and non-HostProcess containers). In addition, + if HostProcess is true then HostNetwork must also + be set to true. type: boolean runAsUserName: description: The UserName in Windows to run the entrypoint @@ -4893,6 +4923,10 @@ spec: - Lowercase - uppercase - Uppercase + - keepequal + - KeepEqual + - dropequal + - DropEqual type: string modulus: description: Modulus to take of the hash of the source @@ -5157,7 +5191,8 @@ spec: in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile - location. Must only be set if type is "Localhost". + location. Must be set if type is "Localhost". Must NOT be + set for any other type. type: string type: description: "type indicates which kind of seccomp profile @@ -5221,14 +5256,11 @@ spec: type: string hostProcess: description: HostProcess determines if a container should - be run as a 'Host Process' container. This field is alpha-level - and will only be honored by components that enable the WindowsHostProcessContainers - feature flag. Setting this field without the feature flag - will result in errors when validating the Pod. All of a - Pod's containers must have the same effective HostProcess - value (it is not allowed to have a mix of HostProcess containers - and non-HostProcess containers). In addition, if HostProcess - is true then HostNetwork must also be set to true. + be run as a 'Host Process' container. All of a Pod's containers + must have the same effective HostProcess value (it is not + allowed to have a mix of HostProcess containers and non-HostProcess + containers). In addition, if HostProcess is true then HostNetwork + must also be set to true. type: boolean runAsUserName: description: The UserName in Windows to run the entrypoint @@ -5247,14 +5279,13 @@ spec: description: Storage spec to specify how storage will be used. properties: disableMountSubPath: - description: 'Deprecated: subPath usage will be disabled by default - in a future release, this option will become unnecessary. DisableMountSubPath - allows to remove any subPath usage in volume mounts.' + description: '*Deprecated: subPath usage will be removed in a + future release.*' type: boolean emptyDir: description: 'EmptyDirVolumeSource to be used by the StatefulSet. - If specified, used in place of any volumeClaimTemplate. More - info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir' + If specified, it takes precedence over `ephemeral` and `volumeClaimTemplate`. + More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir' properties: medium: description: 'medium represents what type of storage medium @@ -5278,8 +5309,8 @@ spec: type: object ephemeral: description: 'EphemeralVolumeSource to be used by the StatefulSet. - This is a beta field in k8s 1.21, for lower versions, starting - with k8s 1.19, it requires enabling the GenericEphemeralVolume + This is a beta field in k8s 1.21 and GA in 1.15. For lower versions, + starting with k8s 1.19, it requires enabling the GenericEphemeralVolume feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes' properties: volumeClaimTemplate: @@ -5539,10 +5570,10 @@ spec: type: object type: object volumeClaimTemplate: - description: A PVC spec to be used by the StatefulSet. The easiest - way to use a volume that cannot be automatically provisioned - (for whatever reason) is to use a label selector alongside manually - created PersistentVolumes. + description: Defines the PVC spec to be used by the Prometheus + StatefulSets. The easiest way to use a volume that cannot be + automatically provisioned is to use a label selector alongside + manually created PersistentVolumes. properties: apiVersion: description: 'APIVersion defines the versioned schema of this @@ -5587,8 +5618,8 @@ spec: type: string type: object spec: - description: 'Spec defines the desired characteristics of - a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + description: 'Defines the desired characteristics of a volume + requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: accessModes: description: 'accessModes contains the desired access @@ -5801,8 +5832,7 @@ spec: type: string type: object status: - description: 'Status represents the current information/status - of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + description: '*Deprecated: this field is never set.*' properties: accessModes: description: 'accessModes contains the actual access modes @@ -5810,6 +5840,51 @@ spec: items: type: string type: array + allocatedResourceStatuses: + additionalProperties: + description: When a controller receives persistentvolume + claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore + that update and let other controllers handle it. + type: string + description: "allocatedResourceStatuses stores status + of resource being resized for the given PVC. Key names + follow standard Kubernetes label syntax. Valid values + are either: * Un-prefixed keys: - storage - the capacity + of the volume. * Custom resources must use implementation-defined + prefixed names such as \"example.com/my-custom-resource\" + Apart from above values - keys that are unprefixed or + have kubernetes.io prefix are considered reserved and + hence may not be used. \n ClaimResourceStatus can be + in any of following states: - ControllerResizeInProgress: + State set when resize controller starts resizing the + volume in control-plane. - ControllerResizeFailed: State + set when resize has failed in resize controller with + a terminal error. - NodeResizePending: State set when + resize controller has finished resizing the volume but + further resizing of volume is needed on the node. - + NodeResizeInProgress: State set when kubelet starts + resizing the volume. - NodeResizeFailed: State set when + resizing has failed in kubelet with a terminal error. + Transient errors don't set NodeResizeFailed. For example: + if expanding a PVC for more capacity - this field can + be one of the following states: - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\" - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\" - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\" - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\" - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\" When this field is not set, it + means that no resize operation is in progress for the + given PVC. \n A controller that receives PVC update + with previously unknown resourceName or ClaimResourceStatus + should ignore the update for the purpose it was designed. + For example - a controller that only is responsible + for resizing capacity of the volume, should ignore PVC + updates that change other valid resources associated + with PVC. \n This is an alpha field and requires enabling + RecoverVolumeExpansionFailure feature." + type: object + x-kubernetes-map-type: granular allocatedResources: additionalProperties: anyOf: @@ -5817,19 +5892,31 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: allocatedResources is the storage resource - within AllocatedResources tracks the capacity allocated - to a PVC. It may be larger than the actual capacity - when a volume expansion operation is requested. For - storage quota, the larger value from allocatedResources - and PVC.spec.resources is used. If allocatedResources - is not set, PVC.spec.resources alone is used for quota - calculation. If a volume expansion capacity request - is lowered, allocatedResources is only lowered if there - are no expansion operations in progress and if the actual - volume capacity is equal or lower than the requested - capacity. This is an alpha field and requires enabling - RecoverVolumeExpansionFailure feature. + description: "allocatedResources tracks the resources + allocated to a PVC including its capacity. Key names + follow standard Kubernetes label syntax. Valid values + are either: * Un-prefixed keys: - storage - the capacity + of the volume. * Custom resources must use implementation-defined + prefixed names such as \"example.com/my-custom-resource\" + Apart from above values - keys that are unprefixed or + have kubernetes.io prefix are considered reserved and + hence may not be used. \n Capacity reported here may + be larger than the actual capacity when a volume expansion + operation is requested. For storage quota, the larger + value from allocatedResources and PVC.spec.resources + is used. If allocatedResources is not set, PVC.spec.resources + alone is used for quota calculation. If a volume expansion + capacity request is lowered, allocatedResources is only + lowered if there are no expansion operations in progress + and if the actual volume capacity is equal or lower + than the requested capacity. \n A controller that receives + PVC update with previously unknown resourceName should + ignore the update for the purpose it was designed. For + example - a controller that only is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid resources associated with PVC. + \n This is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." type: object capacity: additionalProperties: @@ -5884,13 +5971,6 @@ spec: phase: description: phase represents the current phase of PersistentVolumeClaim. type: string - resizeStatus: - description: resizeStatus stores status of resize operation. - ResizeStatus is not set by default but when expansion - is complete resizeStatus is set to empty string by resize - controller or kubelet. This is an alpha field and requires - enabling RecoverVolumeExpansionFailure feature. - type: string type: object type: object type: object @@ -10663,6 +10743,10 @@ spec: - Lowercase - uppercase - Uppercase + - keepequal + - KeepEqual + - dropequal + - DropEqual type: string modulus: description: Modulus to take of the hash of the source @@ -11308,6 +11392,10 @@ spec: - Lowercase - uppercase - Uppercase + - keepequal + - KeepEqual + - dropequal + - DropEqual type: string modulus: description: Modulus to take of the hash of the source label @@ -11638,6 +11726,10 @@ spec: - Lowercase - uppercase - Uppercase + - keepequal + - KeepEqual + - dropequal + - DropEqual type: string modulus: description: Modulus to take of the hash of the source @@ -11818,6 +11910,10 @@ spec: - Lowercase - uppercase - Uppercase + - keepequal + - KeepEqual + - dropequal + - DropEqual type: string modulus: description: Modulus to take of the hash of the source @@ -11857,7 +11953,13 @@ spec: type: object type: array scheme: - description: HTTP scheme to use for scraping. + description: HTTP scheme to use for scraping. `http` and `https` + are the expected values unless you rewrite the `__scheme__` + label via relabeling. If empty, Prometheus uses the default + value `http`. + enum: + - http + - https type: string scrapeTimeout: description: Timeout after which the scrape is ended If not @@ -12252,6 +12354,10 @@ spec: - Lowercase - uppercase - Uppercase + - keepequal + - KeepEqual + - dropequal + - DropEqual type: string modulus: description: Modulus to take of the hash of the source label @@ -12391,7 +12497,13 @@ spec: description: Optional ProxyURL. type: string scheme: - description: HTTP scheme to use for scraping. Defaults to `http`. + description: HTTP scheme to use for scraping. `http` and `https` + are the expected values unless you rewrite the `__scheme__` + label via relabeling. If empty, Prometheus uses the default + value `http`. + enum: + - http + - https type: string url: description: Mandatory URL of the prober. @@ -12406,7 +12518,7 @@ spec: type: integer scrapeTimeout: description: Timeout for scraping metrics from the Prometheus exporter. - If not specified, the Prometheus global scrape interval is used. + If not specified, the Prometheus global scrape timeout is used. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string targetLimit: @@ -12473,6 +12585,10 @@ spec: - Lowercase - uppercase - Uppercase + - keepequal + - KeepEqual + - dropequal + - DropEqual type: string modulus: description: Modulus to take of the hash of the source @@ -12602,6 +12718,10 @@ spec: - Lowercase - uppercase - Uppercase + - keepequal + - KeepEqual + - dropequal + - DropEqual type: string modulus: description: Modulus to take of the hash of the source @@ -12976,6 +13096,10 @@ spec: - Lowercase - uppercase - Uppercase + - keepequal + - KeepEqual + - dropequal + - DropEqual type: string modulus: description: Modulus to take of the hash of the source @@ -13156,6 +13280,10 @@ spec: - Lowercase - uppercase - Uppercase + - keepequal + - KeepEqual + - dropequal + - DropEqual type: string modulus: description: Modulus to take of the hash of the source @@ -13195,7 +13323,13 @@ spec: type: object type: array scheme: - description: HTTP scheme to use for scraping. + description: HTTP scheme to use for scraping. `http` and `https` + are the expected values unless you rewrite the `__scheme__` + label via relabeling. If empty, Prometheus uses the default + value `http`. + enum: + - http + - https type: string scrapeTimeout: description: Timeout after which the scrape is ended If not @@ -13469,8 +13603,8 @@ metadata: app.kubernetes.io/instance: grafana-agent-operator app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: grafana-agent-operator - app.kubernetes.io/version: 0.35.2 - helm.sh/chart: grafana-agent-operator-0.2.19 + app.kubernetes.io/version: 0.38.0 + helm.sh/chart: grafana-agent-operator-0.3.11 name: grafana-agent-operator namespace: grafana-agent --- @@ -13484,8 +13618,8 @@ metadata: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kube-state-metrics app.kubernetes.io/part-of: kube-state-metrics - app.kubernetes.io/version: 2.9.2 - helm.sh/chart: kube-state-metrics-5.10.1 + app.kubernetes.io/version: 2.10.1 + helm.sh/chart: kube-state-metrics-5.15.2 name: ksm-kube-state-metrics namespace: kube-system --- @@ -13497,8 +13631,8 @@ metadata: app.kubernetes.io/instance: grafana-agent-operator app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: grafana-agent-operator - app.kubernetes.io/version: 0.35.2 - helm.sh/chart: grafana-agent-operator-0.2.19 + app.kubernetes.io/version: 0.38.0 + helm.sh/chart: grafana-agent-operator-0.3.11 name: grafana-agent-operator rules: - apiGroups: @@ -13595,8 +13729,8 @@ metadata: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kube-state-metrics app.kubernetes.io/part-of: kube-state-metrics - app.kubernetes.io/version: 2.9.2 - helm.sh/chart: kube-state-metrics-5.10.1 + app.kubernetes.io/version: 2.10.1 + helm.sh/chart: kube-state-metrics-5.15.2 name: ksm-kube-state-metrics rules: - apiGroups: @@ -13808,8 +13942,8 @@ metadata: app.kubernetes.io/instance: grafana-agent-operator app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: grafana-agent-operator - app.kubernetes.io/version: 0.35.2 - helm.sh/chart: grafana-agent-operator-0.2.19 + app.kubernetes.io/version: 0.38.0 + helm.sh/chart: grafana-agent-operator-0.3.11 name: grafana-agent-operator roleRef: apiGroup: rbac.authorization.k8s.io @@ -13829,8 +13963,8 @@ metadata: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kube-state-metrics app.kubernetes.io/part-of: kube-state-metrics - app.kubernetes.io/version: 2.9.2 - helm.sh/chart: kube-state-metrics-5.10.1 + app.kubernetes.io/version: 2.10.1 + helm.sh/chart: kube-state-metrics-5.15.2 name: ksm-kube-state-metrics roleRef: apiGroup: rbac.authorization.k8s.io @@ -13852,8 +13986,8 @@ metadata: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kube-state-metrics app.kubernetes.io/part-of: kube-state-metrics - app.kubernetes.io/version: 2.9.2 - helm.sh/chart: kube-state-metrics-5.10.1 + app.kubernetes.io/version: 2.10.1 + helm.sh/chart: kube-state-metrics-5.15.2 name: ksm-kube-state-metrics namespace: kube-system spec: @@ -13875,8 +14009,8 @@ metadata: app.kubernetes.io/instance: grafana-agent-operator app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: grafana-agent-operator - app.kubernetes.io/version: 0.35.2 - helm.sh/chart: grafana-agent-operator-0.2.19 + app.kubernetes.io/version: 0.38.0 + helm.sh/chart: grafana-agent-operator-0.3.11 name: grafana-agent-operator namespace: grafana-agent spec: @@ -13894,7 +14028,7 @@ spec: containers: - args: - --kubelet-service=default/kubelet - image: docker.io/grafana/agent-operator:v0.35.2 + image: docker.io/grafana/agent-operator:v0.37.4 imagePullPolicy: IfNotPresent name: grafana-agent-operator resources: @@ -13912,16 +14046,19 @@ metadata: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kube-state-metrics app.kubernetes.io/part-of: kube-state-metrics - app.kubernetes.io/version: 2.9.2 - helm.sh/chart: kube-state-metrics-5.10.1 + app.kubernetes.io/version: 2.10.1 + helm.sh/chart: kube-state-metrics-5.15.2 name: ksm-kube-state-metrics namespace: kube-system spec: replicas: 1 + revisionHistoryLimit: 10 selector: matchLabels: app.kubernetes.io/instance: ksm app.kubernetes.io/name: kube-state-metrics + strategy: + type: RollingUpdate template: metadata: labels: @@ -13930,14 +14067,14 @@ spec: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kube-state-metrics app.kubernetes.io/part-of: kube-state-metrics - app.kubernetes.io/version: 2.9.2 - helm.sh/chart: kube-state-metrics-5.10.1 + app.kubernetes.io/version: 2.10.1 + helm.sh/chart: kube-state-metrics-5.15.2 spec: containers: - args: - --port=8080 - --resources=certificatesigningrequests,configmaps,cronjobs,daemonsets,deployments,endpoints,horizontalpodautoscalers,ingresses,jobs,leases,limitranges,mutatingwebhookconfigurations,namespaces,networkpolicies,nodes,persistentvolumeclaims,persistentvolumes,poddisruptionbudgets,pods,replicasets,replicationcontrollers,resourcequotas,secrets,services,statefulsets,storageclasses,validatingwebhookconfigurations,volumeattachments - image: registry.k8s.io/kube-state-metrics/kube-state-metrics:v2.9.2 + image: registry.k8s.io/kube-state-metrics/kube-state-metrics:v2.10.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: diff --git a/grafana/kustomization.yaml b/grafana/kustomization.yaml index a4d9356..e10c2ad 100644 --- a/grafana/kustomization.yaml +++ b/grafana/kustomization.yaml @@ -7,7 +7,7 @@ helmCharts: - name: grafana-agent-operator namespace: grafana-agent repo: https://grafana.github.io/helm-charts - version: 0.2.19 + version: 0.3.11 releaseName: grafana-agent-operator includeCRDs: true valuesFile: operator-values.yaml diff --git a/ksm/kustomization.yaml b/ksm/kustomization.yaml index 5bf1ce2..9100bdf 100644 --- a/ksm/kustomization.yaml +++ b/ksm/kustomization.yaml @@ -4,7 +4,7 @@ helmCharts: - name: kube-state-metrics namespace: kube-system repo: https://prometheus-community.github.io/helm-charts - version: 5.10.1 + version: 5.15.2 releaseName: ksm includeCRDs: true valuesFile: ksm-values.yaml diff --git a/locals.tf b/locals.tf index e516ecf..3aa8be4 100644 --- a/locals.tf +++ b/locals.tf @@ -1,6 +1,6 @@ locals { - version = "0.35.2" - agent_version = "0.35.2" + version = "0.37.4" + agent_version = "0.38.1" yaml = templatefile("${path.module}/custom-resources.yaml.tmpl", { cluster_name = var.cluster_name external_labels = merge({ cluster = var.cluster_name }, var.external_labels)