From 7a36e3ed0fca17cc8d84544a305fda3171396b4c Mon Sep 17 00:00:00 2001 From: duncan485 Date: Wed, 11 Sep 2024 15:24:49 +0200 Subject: [PATCH] add hostAliases to helm chart --- operations/helm/charts/alloy/CHANGELOG.md | 2 + operations/helm/charts/alloy/README.md | 1 + .../charts/alloy/ci/host-alias-values.yaml | 5 + .../alloy/templates/controllers/_pod.yaml | 4 + operations/helm/charts/alloy/values.yaml | 6 + .../host-alias/alloy/templates/configmap.yaml | 43 +++++++ .../templates/controllers/daemonset.yaml | 79 ++++++++++++ .../host-alias/alloy/templates/rbac.yaml | 119 ++++++++++++++++++ .../host-alias/alloy/templates/service.yaml | 24 ++++ .../alloy/templates/serviceaccount.yaml | 14 +++ 10 files changed, 297 insertions(+) create mode 100644 operations/helm/charts/alloy/ci/host-alias-values.yaml create mode 100644 operations/helm/tests/host-alias/alloy/templates/configmap.yaml create mode 100644 operations/helm/tests/host-alias/alloy/templates/controllers/daemonset.yaml create mode 100644 operations/helm/tests/host-alias/alloy/templates/rbac.yaml create mode 100644 operations/helm/tests/host-alias/alloy/templates/service.yaml create mode 100644 operations/helm/tests/host-alias/alloy/templates/serviceaccount.yaml diff --git a/operations/helm/charts/alloy/CHANGELOG.md b/operations/helm/charts/alloy/CHANGELOG.md index e0265658e1..1577b5897c 100644 --- a/operations/helm/charts/alloy/CHANGELOG.md +++ b/operations/helm/charts/alloy/CHANGELOG.md @@ -9,6 +9,8 @@ internal API changes are not present. Unreleased ---------- +### Enhancements +- Add support for adding hostAliases to the Helm chart. (@duncan485) 0.7.0 (2024-08-26) ------------------ diff --git a/operations/helm/charts/alloy/README.md b/operations/helm/charts/alloy/README.md index 9bf967d7f2..2ca3cfda26 100644 --- a/operations/helm/charts/alloy/README.md +++ b/operations/helm/charts/alloy/README.md @@ -45,6 +45,7 @@ useful if just using the default DaemonSet isn't sufficient. | alloy.extraArgs | list | `[]` | Extra args to pass to `alloy run`: https://grafana.com/docs/alloy/latest/reference/cli/run/ | | alloy.extraEnv | list | `[]` | Extra environment variables to pass to the Alloy container. | | alloy.extraPorts | list | `[]` | Extra ports to expose on the Alloy container. | +| alloy.hostAliases | list | `[]` | Host aliases to add to the Alloy container. | | alloy.listenAddr | string | `"0.0.0.0"` | Address to listen for traffic on. 0.0.0.0 exposes the UI to other containers. | | alloy.listenPort | int | `12345` | Port to listen for traffic on. | | alloy.listenScheme | string | `"HTTP"` | Scheme is needed for readiness probes. If enabling tls in your configs, set to "HTTPS" | diff --git a/operations/helm/charts/alloy/ci/host-alias-values.yaml b/operations/helm/charts/alloy/ci/host-alias-values.yaml new file mode 100644 index 0000000000..5994074756 --- /dev/null +++ b/operations/helm/charts/alloy/ci/host-alias-values.yaml @@ -0,0 +1,5 @@ +alloy: + hostAliases: + - ip: "20.21.22.23" + hostnames: + - "grafana.company.net" \ No newline at end of file diff --git a/operations/helm/charts/alloy/templates/controllers/_pod.yaml b/operations/helm/charts/alloy/templates/controllers/_pod.yaml index 94625fca2b..7f487775ce 100644 --- a/operations/helm/charts/alloy/templates/controllers/_pod.yaml +++ b/operations/helm/charts/alloy/templates/controllers/_pod.yaml @@ -80,4 +80,8 @@ spec: {{- if .Values.controller.volumes.extra }} {{- toYaml .Values.controller.volumes.extra | nindent 4 }} {{- end }} + {{- if $values.hostAliases }} + hostAliases: + {{- toYaml $values.hostAliases | nindent 4 }} + {{- end }} {{- end }} diff --git a/operations/helm/charts/alloy/values.yaml b/operations/helm/charts/alloy/values.yaml index f55a7893e5..0af3b4f738 100644 --- a/operations/helm/charts/alloy/values.yaml +++ b/operations/helm/charts/alloy/values.yaml @@ -89,6 +89,12 @@ alloy: # protocol: "TCP" # appProtocol: "h2c" + # -- Host aliases to add to the Alloy container. + hostAliases: [] + # - ip: "20.21.22.23" + # hostnames: + # - "company.grafana.net" + mounts: # -- Mount /var/log from the host into the container for log collection. varlog: false diff --git a/operations/helm/tests/host-alias/alloy/templates/configmap.yaml b/operations/helm/tests/host-alias/alloy/templates/configmap.yaml new file mode 100644 index 0000000000..381ccbff2f --- /dev/null +++ b/operations/helm/tests/host-alias/alloy/templates/configmap.yaml @@ -0,0 +1,43 @@ +--- +# Source: alloy/templates/configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: config +data: + config.alloy: |- + logging { + level = "info" + format = "logfmt" + } + + discovery.kubernetes "pods" { + role = "pod" + } + + discovery.kubernetes "nodes" { + role = "node" + } + + discovery.kubernetes "services" { + role = "service" + } + + discovery.kubernetes "endpoints" { + role = "endpoints" + } + + discovery.kubernetes "endpointslices" { + role = "endpointslice" + } + + discovery.kubernetes "ingresses" { + role = "ingress" + } diff --git a/operations/helm/tests/host-alias/alloy/templates/controllers/daemonset.yaml b/operations/helm/tests/host-alias/alloy/templates/controllers/daemonset.yaml new file mode 100644 index 0000000000..c9be513378 --- /dev/null +++ b/operations/helm/tests/host-alias/alloy/templates/controllers/daemonset.yaml @@ -0,0 +1,79 @@ +--- +# Source: alloy/templates/controllers/daemonset.yaml +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm +spec: + minReadySeconds: 10 + selector: + matchLabels: + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: alloy + labels: + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + spec: + serviceAccountName: alloy + containers: + - name: alloy + image: docker.io/grafana/alloy:v1.3.1 + imagePullPolicy: IfNotPresent + args: + - run + - /etc/alloy/config.alloy + - --storage.path=/tmp/alloy + - --server.http.listen-addr=0.0.0.0:12345 + - --server.http.ui-path-prefix=/ + - --stability.level=generally-available + env: + - name: ALLOY_DEPLOY_MODE + value: "helm" + - name: HOSTNAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + ports: + - containerPort: 12345 + name: http-metrics + readinessProbe: + httpGet: + path: /-/ready + port: 12345 + scheme: HTTP + initialDelaySeconds: 10 + timeoutSeconds: 1 + volumeMounts: + - name: config + mountPath: /etc/alloy + - name: config-reloader + image: ghcr.io/jimmidyson/configmap-reload:v0.12.0 + args: + - --volume-dir=/etc/alloy + - --webhook-url=http://localhost:12345/-/reload + volumeMounts: + - name: config + mountPath: /etc/alloy + resources: + requests: + cpu: 1m + memory: 5Mi + dnsPolicy: ClusterFirst + volumes: + - name: config + configMap: + name: alloy + hostAliases: + - hostnames: + - grafana.company.net + ip: 20.21.22.23 diff --git a/operations/helm/tests/host-alias/alloy/templates/rbac.yaml b/operations/helm/tests/host-alias/alloy/templates/rbac.yaml new file mode 100644 index 0000000000..58fe9c6a84 --- /dev/null +++ b/operations/helm/tests/host-alias/alloy/templates/rbac.yaml @@ -0,0 +1,119 @@ +--- +# Source: alloy/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: rbac +rules: + # Rules which allow discovery.kubernetes to function. + - apiGroups: + - "" + - "discovery.k8s.io" + - "networking.k8s.io" + resources: + - endpoints + - endpointslices + - ingresses + - nodes + - nodes/proxy + - nodes/metrics + - pods + - services + verbs: + - get + - list + - watch + # Rules which allow loki.source.kubernetes and loki.source.podlogs to work. + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - "monitoring.grafana.com" + resources: + - podlogs + verbs: + - get + - list + - watch + # Rules which allow mimir.rules.kubernetes to work. + - apiGroups: ["monitoring.coreos.com"] + resources: + - prometheusrules + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get + # Rules for prometheus.kubernetes.* + - apiGroups: ["monitoring.coreos.com"] + resources: + - podmonitors + - servicemonitors + - probes + verbs: + - get + - list + - watch + # Rules which allow eventhandler to work. + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + # needed for remote.kubernetes.* + - apiGroups: [""] + resources: + - "configmaps" + - "secrets" + verbs: + - get + - list + - watch + # needed for otelcol.processor.k8sattributes + - apiGroups: ["apps"] + resources: ["replicasets"] + verbs: ["get", "list", "watch"] + - apiGroups: ["extensions"] + resources: ["replicasets"] + verbs: ["get", "list", "watch"] +--- +# Source: alloy/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: rbac +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: alloy +subjects: + - kind: ServiceAccount + name: alloy + namespace: default diff --git a/operations/helm/tests/host-alias/alloy/templates/service.yaml b/operations/helm/tests/host-alias/alloy/templates/service.yaml new file mode 100644 index 0000000000..0e9857aef6 --- /dev/null +++ b/operations/helm/tests/host-alias/alloy/templates/service.yaml @@ -0,0 +1,24 @@ +--- +# Source: alloy/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: alloy + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: networking +spec: + type: ClusterIP + selector: + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + internalTrafficPolicy: Cluster + ports: + - name: http-metrics + port: 12345 + targetPort: 12345 + protocol: "TCP" diff --git a/operations/helm/tests/host-alias/alloy/templates/serviceaccount.yaml b/operations/helm/tests/host-alias/alloy/templates/serviceaccount.yaml new file mode 100644 index 0000000000..16959476b1 --- /dev/null +++ b/operations/helm/tests/host-alias/alloy/templates/serviceaccount.yaml @@ -0,0 +1,14 @@ +--- +# Source: alloy/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: alloy + namespace: default + labels: + helm.sh/chart: alloy + app.kubernetes.io/name: alloy + app.kubernetes.io/instance: alloy + app.kubernetes.io/version: "vX.Y.Z" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: rbac