diff --git a/kubernetes/helm_charts/core/analytics/templates/deployment.yaml b/kubernetes/helm_charts/core/analytics/templates/deployment.yaml
index a23c754a5f68c20bece924759e4a847044c2d576..8044dac08e50e586b5980c0bbcc6c19bde7ba7aa 100644
--- a/kubernetes/helm_charts/core/analytics/templates/deployment.yaml
+++ b/kubernetes/helm_charts/core/analytics/templates/deployment.yaml
@@ -159,5 +159,15 @@ spec:
- name: http-{{ .Chart.Name }}
protocol: TCP
port: {{ .Values.network.targetport }}
+{{- if .Values.analytics_opa_enabled }}
+ - name: opa-metrics
+ port: 8181
+ protocol: TCP
+ targetPort: 8181
+ - name: envoy-metrics
+ port: 10000
+ protocol: TCP
+ targetPort: 10000
+{{- end }}
selector:
- app: {{ .Chart.Name }}
+ app: {{ .Chart.Name }}
\ No newline at end of file
diff --git a/kubernetes/helm_charts/core/analytics/templates/envoy-config.yaml b/kubernetes/helm_charts/core/analytics/templates/envoy-config.yaml
index 4e37564d3054e95df804b659a90df4798797e5c7..d7e86e500feafd73939ebf218405176e932b28e0 100644
--- a/kubernetes/helm_charts/core/analytics/templates/envoy-config.yaml
+++ b/kubernetes/helm_charts/core/analytics/templates/envoy-config.yaml
@@ -29,6 +29,15 @@ data:
domains:
- "*"
routes:
+ - match:
+ prefix: "/opa/metrics"
+ route:
+ prefix_rewrite: "/metrics"
+ cluster: opa
+ typed_per_filter_config:
+ envoy.filters.http.ext_authz:
+ "@type": type.googleapis.com/envoy.extensions.filters.http.ext_authz.v3.ExtAuthzPerRoute
+ disabled: true
- match:
prefix: "{{ .Values.livenessProbe.httpGet.path }}"
route:
@@ -71,6 +80,18 @@ data:
socket_address:
address: 127.0.0.1
port_value: {{ .Values.network.targetport }}
+ - name: opa
+ connect_timeout: 5s
+ type: static
+ load_assignment:
+ cluster_name: opa
+ endpoints:
+ - lb_endpoints:
+ - endpoint:
+ address:
+ socket_address:
+ address: 127.0.0.1
+ port_value: 8181
admin:
access_log_path: "/dev/stdout"
address:
diff --git a/kubernetes/helm_charts/core/analytics/templates/serviceMonitor.yaml b/kubernetes/helm_charts/core/analytics/templates/serviceMonitor.yaml
index 16af0de8d90f592439d01912b077d062e0d60552..316a9a12c1ff0e77a2908f020cfa6e8c6fe262f5 100644
--- a/kubernetes/helm_charts/core/analytics/templates/serviceMonitor.yaml
+++ b/kubernetes/helm_charts/core/analytics/templates/serviceMonitor.yaml
@@ -15,6 +15,20 @@ spec:
port: http-{{ .Chart.Name }}
scheme: http
scrapeTimeout: 10s
+{{- if .Values.analytics_opa_enabled }}
+ - honorLabels: true
+ interval: 30s
+ path: /opa/metrics
+ port: opa-metrics
+ scheme: http
+ scrapeTimeout: 10s
+ - honorLabels: true
+ interval: 30s
+ path: /stats/prometheus
+ port: envoy-metrics
+ scheme: http
+ scrapeTimeout: 10s
+{{- end }}
jobLabel: {{ .Chart.Name }}
namespaceSelector:
matchNames:
diff --git a/kubernetes/helm_charts/core/certregistry/templates/deployment.yaml b/kubernetes/helm_charts/core/certregistry/templates/deployment.yaml
index de6f165b4e439adfdd22089ef0c9c0fb67f27864..691c5c33875c4527940e016838fba22906232cab 100644
--- a/kubernetes/helm_charts/core/certregistry/templates/deployment.yaml
+++ b/kubernetes/helm_charts/core/certregistry/templates/deployment.yaml
@@ -147,5 +147,15 @@ spec:
- name: http-{{ .Chart.Name }}
protocol: TCP
port: {{ .Values.network.targetport }}
+{{- if .Values.certregistry_opa_enabled }}
+ - name: opa-metrics
+ port: 8181
+ protocol: TCP
+ targetPort: 8181
+ - name: envoy-metrics
+ port: 10000
+ protocol: TCP
+ targetPort: 10000
+{{- end }}
selector:
- app: {{ .Chart.Name }}
+ app: {{ .Chart.Name }}
\ No newline at end of file
diff --git a/kubernetes/helm_charts/core/certregistry/templates/envoy-config.yaml b/kubernetes/helm_charts/core/certregistry/templates/envoy-config.yaml
index 9eb6517a65499c9fa71e7a747da8fdd337125306..0fb92bd8efbcfb2e4b9e68b156a72863a4fe55fe 100644
--- a/kubernetes/helm_charts/core/certregistry/templates/envoy-config.yaml
+++ b/kubernetes/helm_charts/core/certregistry/templates/envoy-config.yaml
@@ -29,6 +29,15 @@ data:
domains:
- "*"
routes:
+ - match:
+ prefix: "/opa/metrics"
+ route:
+ prefix_rewrite: "/metrics"
+ cluster: opa
+ typed_per_filter_config:
+ envoy.filters.http.ext_authz:
+ "@type": type.googleapis.com/envoy.extensions.filters.http.ext_authz.v3.ExtAuthzPerRoute
+ disabled: true
- match:
prefix: "{{ .Values.livenessProbe.httpGet.path }}"
route:
@@ -71,6 +80,18 @@ data:
socket_address:
address: 127.0.0.1
port_value: {{ .Values.network.targetport }}
+ - name: opa
+ connect_timeout: 5s
+ type: static
+ load_assignment:
+ cluster_name: opa
+ endpoints:
+ - lb_endpoints:
+ - endpoint:
+ address:
+ socket_address:
+ address: 127.0.0.1
+ port_value: 8181
admin:
access_log_path: "/dev/stdout"
address:
diff --git a/kubernetes/helm_charts/core/certregistry/templates/serviceMonitor.yaml b/kubernetes/helm_charts/core/certregistry/templates/serviceMonitor.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..9964b188554b70edf95f126c82e7e2910d5c2451
--- /dev/null
+++ b/kubernetes/helm_charts/core/certregistry/templates/serviceMonitor.yaml
@@ -0,0 +1,34 @@
+{{- if .Values.certregistry_opa_enabled }}
+{{- if .Values.serviceMonitor.enabled }}
+{{- if and ( .Capabilities.APIVersions.Has "monitoring.coreos.com/v1" ) ( .Values.serviceMonitor.enabled ) }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+ name: {{ .Chart.Name }}-service
+ namespace: {{ .Values.namespace }}
+ labels:
+ {{- toYaml .Values.serviceMonitor.labels | nindent 4 }}
+spec:
+ endpoints:
+ - honorLabels: true
+ interval: 30s
+ path: /opa/metrics
+ port: opa-metrics
+ scheme: http
+ scrapeTimeout: 10s
+ - honorLabels: true
+ interval: 30s
+ path: /stats/prometheus
+ port: envoy-metrics
+ scheme: http
+ scrapeTimeout: 10s
+ jobLabel: {{ .Chart.Name }}
+ namespaceSelector:
+ matchNames:
+ - {{ default .Values.namespace .Release.Namespace }}
+ selector:
+ matchLabels:
+ app: {{ .Chart.Name }}
+{{- end }}
+{{- end }}
+{{- end }}
diff --git a/kubernetes/helm_charts/core/certregistry/values.j2 b/kubernetes/helm_charts/core/certregistry/values.j2
index f72e31d0a1ca3ebf145c6bc33ebf0f0e9846f8a8..dd1edddddb31b93e49030181474d3ef46ccc50b8 100644
--- a/kubernetes/helm_charts/core/certregistry/values.j2
+++ b/kubernetes/helm_charts/core/certregistry/values.j2
@@ -56,6 +56,12 @@ initcontainer_resources:
cpu: "{{ certregistry_initcontainer_cpu_limit | default('100m') }}"
memory: "{{ certregistry_initcontainer_mem_limit | default('100Mi') }}"
+serviceMonitor:
+ enabled: true
+ labels: # labels with which the prometheus choose the serviceMonitor
+ app: prometheus-operator
+ release: prometheus-operator
+
autoscaling:
enabled: {{ certregistry_autoscaling_enabled | default('false') }}
minReplicas: {{ certregistry_autoscaling_minReplicas|default(1) }}
diff --git a/kubernetes/helm_charts/core/content/templates/deployment.yaml b/kubernetes/helm_charts/core/content/templates/deployment.yaml
index fb121ac7b203f38614b6813964536cce17d09c87..bb0433ee9be381cb00001b1a2c3a1c379f2ac790 100644
--- a/kubernetes/helm_charts/core/content/templates/deployment.yaml
+++ b/kubernetes/helm_charts/core/content/templates/deployment.yaml
@@ -152,5 +152,15 @@ spec:
- name: http-{{ .Chart.Name }}
protocol: TCP
port: {{ .Values.network.targetport }}
+{{- if .Values.content_opa_enabled }}
+ - name: opa-metrics
+ port: 8181
+ protocol: TCP
+ targetPort: 8181
+ - name: envoy-metrics
+ port: 10000
+ protocol: TCP
+ targetPort: 10000
+{{- end }}
selector:
app: {{ .Chart.Name }}
diff --git a/kubernetes/helm_charts/core/content/templates/envoy-config.yaml b/kubernetes/helm_charts/core/content/templates/envoy-config.yaml
index ad22424e3fa29acd44796e16efe9384bd63b52eb..6e1fe8d2bf057ddc4d8bf8914ad4139bbd12e598 100644
--- a/kubernetes/helm_charts/core/content/templates/envoy-config.yaml
+++ b/kubernetes/helm_charts/core/content/templates/envoy-config.yaml
@@ -29,6 +29,15 @@ data:
domains:
- "*"
routes:
+ - match:
+ prefix: "/opa/metrics"
+ route:
+ prefix_rewrite: "/metrics"
+ cluster: opa
+ typed_per_filter_config:
+ envoy.filters.http.ext_authz:
+ "@type": type.googleapis.com/envoy.extensions.filters.http.ext_authz.v3.ExtAuthzPerRoute
+ disabled: true
- match:
prefix: "{{ .Values.livenessProbe.httpGet.path }}"
route:
@@ -71,6 +80,18 @@ data:
socket_address:
address: 127.0.0.1
port_value: {{ .Values.network.targetport }}
+ - name: opa
+ connect_timeout: 5s
+ type: static
+ load_assignment:
+ cluster_name: opa
+ endpoints:
+ - lb_endpoints:
+ - endpoint:
+ address:
+ socket_address:
+ address: 127.0.0.1
+ port_value: 8181
admin:
access_log_path: "/dev/stdout"
address:
diff --git a/kubernetes/helm_charts/core/content/templates/serviceMonitor.yaml b/kubernetes/helm_charts/core/content/templates/serviceMonitor.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..e2e64108b8938297e338082a84349c2a878abc78
--- /dev/null
+++ b/kubernetes/helm_charts/core/content/templates/serviceMonitor.yaml
@@ -0,0 +1,34 @@
+{{- if .Values.content_opa_enabled }}
+{{- if .Values.serviceMonitor.enabled }}
+{{- if and ( .Capabilities.APIVersions.Has "monitoring.coreos.com/v1" ) ( .Values.serviceMonitor.enabled ) }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+ name: {{ .Chart.Name }}-service
+ namespace: {{ .Values.namespace }}
+ labels:
+ {{- toYaml .Values.serviceMonitor.labels | nindent 4 }}
+spec:
+ endpoints:
+ - honorLabels: true
+ interval: 30s
+ path: /opa/metrics
+ port: opa-metrics
+ scheme: http
+ scrapeTimeout: 10s
+ - honorLabels: true
+ interval: 30s
+ path: /stats/prometheus
+ port: envoy-metrics
+ scheme: http
+ scrapeTimeout: 10s
+ jobLabel: {{ .Chart.Name }}
+ namespaceSelector:
+ matchNames:
+ - {{ default .Values.namespace .Release.Namespace }}
+ selector:
+ matchLabels:
+ app: {{ .Chart.Name }}
+{{- end }}
+{{- end }}
+{{- end }}
diff --git a/kubernetes/helm_charts/core/content/values.j2 b/kubernetes/helm_charts/core/content/values.j2
index 505a2b90d66009d5eeddf39533ff37e1a89e142d..9a1e65973a1c63966b641afad1650f9b0f47f601 100644
--- a/kubernetes/helm_charts/core/content/values.j2
+++ b/kubernetes/helm_charts/core/content/values.j2
@@ -56,6 +56,12 @@ initcontainer_resources:
cpu: "{{ content_initcontainer_cpu_limit | default('100m') }}"
memory: "{{ content_initcontainer_mem_limit | default('100Mi') }}"
+serviceMonitor:
+ enabled: true
+ labels: # labels with which the prometheus choose the serviceMonitor
+ app: prometheus-operator
+ release: prometheus-operator
+
autoscaling:
enabled: {{ content_autoscaling_enabled | default('false') }}
minReplicas: {{ content_autoscaling_minReplicas|default(1) }}
diff --git a/kubernetes/helm_charts/core/knowledgemw/templates/deployment.yaml b/kubernetes/helm_charts/core/knowledgemw/templates/deployment.yaml
index 5432b2579f4400ae0f424e355256a77e3fbc8e3b..f81500830c583060f78f92b85acb626c1321da6e 100644
--- a/kubernetes/helm_charts/core/knowledgemw/templates/deployment.yaml
+++ b/kubernetes/helm_charts/core/knowledgemw/templates/deployment.yaml
@@ -143,5 +143,15 @@ spec:
- name: http-{{ .Chart.Name }}
protocol: TCP
port: {{ .Values.network.targetport }}
+{{- if .Values.knowledgemw_opa_enabled }}
+ - name: opa-metrics
+ port: 8181
+ protocol: TCP
+ targetPort: 8181
+ - name: envoy-metrics
+ port: 10000
+ protocol: TCP
+ targetPort: 10000
+{{- end }}
selector:
app: {{ .Chart.Name }}
diff --git a/kubernetes/helm_charts/core/knowledgemw/templates/envoy-config.yaml b/kubernetes/helm_charts/core/knowledgemw/templates/envoy-config.yaml
index ec91a1127a035fe6d421d60d95aa9536be2c3965..32af75f2b9825e54a6a0ba6be2280b54ab8fb01c 100644
--- a/kubernetes/helm_charts/core/knowledgemw/templates/envoy-config.yaml
+++ b/kubernetes/helm_charts/core/knowledgemw/templates/envoy-config.yaml
@@ -29,6 +29,15 @@ data:
domains:
- "*"
routes:
+ - match:
+ prefix: "/opa/metrics"
+ route:
+ prefix_rewrite: "/metrics"
+ cluster: opa
+ typed_per_filter_config:
+ envoy.filters.http.ext_authz:
+ "@type": type.googleapis.com/envoy.extensions.filters.http.ext_authz.v3.ExtAuthzPerRoute
+ disabled: true
- match:
prefix: "{{ .Values.livenessProbe.httpGet.path }}"
route:
@@ -71,6 +80,18 @@ data:
socket_address:
address: 127.0.0.1
port_value: {{ .Values.network.targetport }}
+ - name: opa
+ connect_timeout: 5s
+ type: static
+ load_assignment:
+ cluster_name: opa
+ endpoints:
+ - lb_endpoints:
+ - endpoint:
+ address:
+ socket_address:
+ address: 127.0.0.1
+ port_value: 8181
admin:
access_log_path: "/dev/stdout"
address:
diff --git a/kubernetes/helm_charts/core/knowledgemw/templates/serviceMonitor.yaml b/kubernetes/helm_charts/core/knowledgemw/templates/serviceMonitor.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..4749dec07b415b3a23abbe08e5426f435d5e3147
--- /dev/null
+++ b/kubernetes/helm_charts/core/knowledgemw/templates/serviceMonitor.yaml
@@ -0,0 +1,34 @@
+{{- if .Values.knowledgemw_opa_enabled }}
+{{- if .Values.serviceMonitor.enabled }}
+{{- if and ( .Capabilities.APIVersions.Has "monitoring.coreos.com/v1" ) ( .Values.serviceMonitor.enabled ) }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+ name: {{ .Chart.Name }}-service
+ namespace: {{ .Values.namespace }}
+ labels:
+ {{- toYaml .Values.serviceMonitor.labels | nindent 4 }}
+spec:
+ endpoints:
+ - honorLabels: true
+ interval: 30s
+ path: /opa/metrics
+ port: opa-metrics
+ scheme: http
+ scrapeTimeout: 10s
+ - honorLabels: true
+ interval: 30s
+ path: /stats/prometheus
+ port: envoy-metrics
+ scheme: http
+ scrapeTimeout: 10s
+ jobLabel: {{ .Chart.Name }}
+ namespaceSelector:
+ matchNames:
+ - {{ default .Values.namespace .Release.Namespace }}
+ selector:
+ matchLabels:
+ app: {{ .Chart.Name }}
+{{- end }}
+{{- end }}
+{{- end }}
diff --git a/kubernetes/helm_charts/core/knowledgemw/values.j2 b/kubernetes/helm_charts/core/knowledgemw/values.j2
index a1dba6944dea0573292b1e20b629cf9f227e962b..e7b32824e4e42844ef3541c8b038aaf607da0310 100644
--- a/kubernetes/helm_charts/core/knowledgemw/values.j2
+++ b/kubernetes/helm_charts/core/knowledgemw/values.j2
@@ -55,6 +55,12 @@ initcontainer_resources:
knowledgemw_access_basepath: {{ knowledgemw_access_basepath | default('/home/sunbird/mw/content/keys/') }}
+serviceMonitor:
+ enabled: true
+ labels: # labels with which the prometheus choose the serviceMonitor
+ app: prometheus-operator
+ release: prometheus-operator
+
autoscaling:
enabled: {{ knowledgemw_autoscaling_enabled | default('false') }}
minReplicas: {{ knowledgemw_autoscaling_minReplicas|default(1) }}
diff --git a/kubernetes/helm_charts/core/learner/templates/deployment.yaml b/kubernetes/helm_charts/core/learner/templates/deployment.yaml
index fcf765e76c574898f80791471bcf4a7eaa0416fe..4232974145d43ee08496a02d4ca54c483049b5f3 100644
--- a/kubernetes/helm_charts/core/learner/templates/deployment.yaml
+++ b/kubernetes/helm_charts/core/learner/templates/deployment.yaml
@@ -157,5 +157,15 @@ spec:
- name: http-{{ .Chart.Name }}
protocol: TCP
port: {{ .Values.network.targetport }}
+{{- if .Values.learner_opa_enabled }}
+ - name: opa-metrics
+ port: 8181
+ protocol: TCP
+ targetPort: 8181
+ - name: envoy-metrics
+ port: 10000
+ protocol: TCP
+ targetPort: 10000
+{{- end }}
selector:
app: {{ .Chart.Name }}
diff --git a/kubernetes/helm_charts/core/learner/templates/envoy-config.yaml b/kubernetes/helm_charts/core/learner/templates/envoy-config.yaml
index 61f4338ff9e48607c25c90cd5875b65dcb814318..5c70cfe9db08cf79a9ef1306d46cb9ca2c395755 100644
--- a/kubernetes/helm_charts/core/learner/templates/envoy-config.yaml
+++ b/kubernetes/helm_charts/core/learner/templates/envoy-config.yaml
@@ -29,6 +29,15 @@ data:
domains:
- "*"
routes:
+ - match:
+ prefix: "/opa/metrics"
+ route:
+ prefix_rewrite: "/metrics"
+ cluster: opa
+ typed_per_filter_config:
+ envoy.filters.http.ext_authz:
+ "@type": type.googleapis.com/envoy.extensions.filters.http.ext_authz.v3.ExtAuthzPerRoute
+ disabled: true
- match:
prefix: "{{ .Values.livenessProbe.httpGet.path }}"
route:
@@ -71,6 +80,18 @@ data:
socket_address:
address: 127.0.0.1
port_value: {{ .Values.network.targetport }}
+ - name: opa
+ connect_timeout: 5s
+ type: static
+ load_assignment:
+ cluster_name: opa
+ endpoints:
+ - lb_endpoints:
+ - endpoint:
+ address:
+ socket_address:
+ address: 127.0.0.1
+ port_value: 8181
admin:
access_log_path: "/dev/stdout"
address:
diff --git a/kubernetes/helm_charts/core/learner/templates/serviceMonitor.yaml b/kubernetes/helm_charts/core/learner/templates/serviceMonitor.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..5d659175ce574a558bc705b6b82ff37ffef19a9d
--- /dev/null
+++ b/kubernetes/helm_charts/core/learner/templates/serviceMonitor.yaml
@@ -0,0 +1,34 @@
+{{- if .Values.learner_opa_enabled }}
+{{- if .Values.serviceMonitor.enabled }}
+{{- if and ( .Capabilities.APIVersions.Has "monitoring.coreos.com/v1" ) ( .Values.serviceMonitor.enabled ) }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+ name: {{ .Chart.Name }}-service
+ namespace: {{ .Values.namespace }}
+ labels:
+ {{- toYaml .Values.serviceMonitor.labels | nindent 4 }}
+spec:
+ endpoints:
+ - honorLabels: true
+ interval: 30s
+ path: /opa/metrics
+ port: opa-metrics
+ scheme: http
+ scrapeTimeout: 10s
+ - honorLabels: true
+ interval: 30s
+ path: /stats/prometheus
+ port: envoy-metrics
+ scheme: http
+ scrapeTimeout: 10s
+ jobLabel: {{ .Chart.Name }}
+ namespaceSelector:
+ matchNames:
+ - {{ default .Values.namespace .Release.Namespace }}
+ selector:
+ matchLabels:
+ app: {{ .Chart.Name }}
+{{- end }}
+{{- end }}
+{{- end }}
diff --git a/kubernetes/helm_charts/core/learner/values.j2 b/kubernetes/helm_charts/core/learner/values.j2
index 9a463b20261e19ba5fc06b6eaede248b4a077713..7a0797b4d1d019bd28c52bc4022eb4f9b0900e6d 100644
--- a/kubernetes/helm_charts/core/learner/values.j2
+++ b/kubernetes/helm_charts/core/learner/values.j2
@@ -59,6 +59,12 @@ initcontainer_resources:
learner_access_basepath: {{ learner_access_basepath | default('/keys/') }}
+serviceMonitor:
+ enabled: true
+ labels: # labels with which the prometheus choose the serviceMonitor
+ app: prometheus-operator
+ release: prometheus-operator
+
autoscaling:
enabled: {{ learner_autoscaling_enabled | default('false') }}
minReplicas: {{ learner_autoscaling_minReplicas|default(1) }}
diff --git a/kubernetes/helm_charts/core/lms/templates/deployment.yaml b/kubernetes/helm_charts/core/lms/templates/deployment.yaml
index d394b5f750ee43ddc338042d15e9fe3a34421665..ccefa7062052c496fdbbaa1822c8101c3a98decc 100644
--- a/kubernetes/helm_charts/core/lms/templates/deployment.yaml
+++ b/kubernetes/helm_charts/core/lms/templates/deployment.yaml
@@ -162,5 +162,15 @@ spec:
- name: http-{{ .Chart.Name }}
protocol: TCP
port: {{ .Values.network.targetport }}
+{{- if .Values.lms_opa_enabled }}
+ - name: opa-metrics
+ port: 8181
+ protocol: TCP
+ targetPort: 8181
+ - name: envoy-metrics
+ port: 10000
+ protocol: TCP
+ targetPort: 10000
+{{- end }}
selector:
app: {{ .Chart.Name }}
diff --git a/kubernetes/helm_charts/core/lms/templates/envoy-config.yaml b/kubernetes/helm_charts/core/lms/templates/envoy-config.yaml
index 05961809e1f2a08be1b6db8502337570a6228864..5d08a0abb4960898ff6e17ba294befa96698dc29 100644
--- a/kubernetes/helm_charts/core/lms/templates/envoy-config.yaml
+++ b/kubernetes/helm_charts/core/lms/templates/envoy-config.yaml
@@ -29,6 +29,15 @@ data:
domains:
- "*"
routes:
+ - match:
+ prefix: "/opa/metrics"
+ route:
+ prefix_rewrite: "/metrics"
+ cluster: opa
+ typed_per_filter_config:
+ envoy.filters.http.ext_authz:
+ "@type": type.googleapis.com/envoy.extensions.filters.http.ext_authz.v3.ExtAuthzPerRoute
+ disabled: true
- match:
prefix: "{{ .Values.livenessProbe.httpGet.path }}"
route:
@@ -71,6 +80,18 @@ data:
socket_address:
address: 127.0.0.1
port_value: {{ .Values.network.targetport }}
+ - name: opa
+ connect_timeout: 5s
+ type: static
+ load_assignment:
+ cluster_name: opa
+ endpoints:
+ - lb_endpoints:
+ - endpoint:
+ address:
+ socket_address:
+ address: 127.0.0.1
+ port_value: 8181
admin:
access_log_path: "/dev/stdout"
address:
diff --git a/kubernetes/helm_charts/core/lms/templates/serviceMonitor.yaml b/kubernetes/helm_charts/core/lms/templates/serviceMonitor.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..06b49f9967e79ed86678108845918c0f1b8dafd4
--- /dev/null
+++ b/kubernetes/helm_charts/core/lms/templates/serviceMonitor.yaml
@@ -0,0 +1,34 @@
+{{- if .Values.lms_opa_enabled }}
+{{- if .Values.serviceMonitor.enabled }}
+{{- if and ( .Capabilities.APIVersions.Has "monitoring.coreos.com/v1" ) ( .Values.serviceMonitor.enabled ) }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+ name: {{ .Chart.Name }}-service
+ namespace: {{ .Values.namespace }}
+ labels:
+ {{- toYaml .Values.serviceMonitor.labels | nindent 4 }}
+spec:
+ endpoints:
+ - honorLabels: true
+ interval: 30s
+ path: /opa/metrics
+ port: opa-metrics
+ scheme: http
+ scrapeTimeout: 10s
+ - honorLabels: true
+ interval: 30s
+ path: /stats/prometheus
+ port: envoy-metrics
+ scheme: http
+ scrapeTimeout: 10s
+ jobLabel: {{ .Chart.Name }}
+ namespaceSelector:
+ matchNames:
+ - {{ default .Values.namespace .Release.Namespace }}
+ selector:
+ matchLabels:
+ app: {{ .Chart.Name }}
+{{- end }}
+{{- end }}
+{{- end }}
diff --git a/kubernetes/helm_charts/core/lms/values.j2 b/kubernetes/helm_charts/core/lms/values.j2
index 519736aaac189475ff4b7c18360d0e7f2cdd8bb6..43e51a2871f91c7892c44e3040a5d19a09eebea1 100644
--- a/kubernetes/helm_charts/core/lms/values.j2
+++ b/kubernetes/helm_charts/core/lms/values.j2
@@ -58,6 +58,12 @@ initcontainer_resources:
lms_access_basepath: {{ lms_access_basepath | default('/keys/') }}
+serviceMonitor:
+ enabled: true
+ labels: # labels with which the prometheus choose the serviceMonitor
+ app: prometheus-operator
+ release: prometheus-operator
+
autoscaling:
enabled: {{ lms_autoscaling_enabled | default('false') }}
minReplicas: {{ lms_autoscaling_minReplicas|default(1) }}