diff --git a/clusters/yc-k8s-test/infrastructure/kustomization.yaml b/clusters/yc-k8s-test/infrastructure/kustomization.yaml index febc839..960364d 100644 --- a/clusters/yc-k8s-test/infrastructure/kustomization.yaml +++ b/clusters/yc-k8s-test/infrastructure/kustomization.yaml @@ -72,6 +72,20 @@ patches: kind: HelmRelease name: minio namespace: minio + - path: ./patches/glitchtip.yaml + target: + group: helm.toolkit.fluxcd.io + version: v2 + kind: HelmRelease + name: glitchtip + namespace: glitchtip + - path: ./patches/openobserve.yaml + target: + group: helm.toolkit.fluxcd.io + version: v2 + kind: HelmRelease + name: openobserve + namespace: openobserve - path: ./patches/rabbitmq.yaml target: group: helm.toolkit.fluxcd.io diff --git a/clusters/yc-k8s-test/infrastructure/patches/glitchtip.yaml b/clusters/yc-k8s-test/infrastructure/patches/glitchtip.yaml new file mode 100644 index 0000000..6d32023 --- /dev/null +++ b/clusters/yc-k8s-test/infrastructure/patches/glitchtip.yaml @@ -0,0 +1,38 @@ +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: glitchtip + namespace: glitchtip +spec: + interval: 5m + timeout: 10m + values: + universal-chart: + services: + web: + deployment: + replicaCount: + _default: 1 + serviceAccount: + enabled: true + name: + _default: glitchtip-vault + worker: + deployment: + replicaCount: + _default: 1 + serviceAccount: + enabled: false + name: + _default: glitchtip-vault + glitchtip: + secret: + create: false + name: glitchtip-secret + migrate: + enabled: true + vault: + enabled: true + role: glitchtip + authPath: auth/kubernetes + secretPath: secrets/data/vault/apps/glitchtip diff --git a/clusters/yc-k8s-test/infrastructure/patches/istio-config.yaml b/clusters/yc-k8s-test/infrastructure/patches/istio-config.yaml index 5cff108..ae93e83 100644 --- a/clusters/yc-k8s-test/infrastructure/patches/istio-config.yaml +++ b/clusters/yc-k8s-test/infrastructure/patches/istio-config.yaml @@ -49,6 +49,18 @@ spec: issuerRef: name: letsencrypt-issuer-istio kind: ClusterIssuer + glitchtip-tls: + dnsNames: + - glitchtip.contour.infra.sarex.tech + issuerRef: + name: letsencrypt-issuer-istio + kind: ClusterIssuer + openobserve-tls: + dnsNames: + - openobserve.contour.infra.sarex.tech + issuerRef: + name: letsencrypt-issuer-istio + kind: ClusterIssuer camunda-keycloak-tls: dnsNames: - camunda-keycloak.contour.infra.sarex.tech @@ -135,6 +147,22 @@ spec: - keycloak.contour.infra.sarex.tech tls: credentialName: keycloak-tls + glitchtip: + name: glitchtip-gateway + namespace: gateway + servers: + - hosts: + - glitchtip.contour.infra.sarex.tech + tls: + credentialName: glitchtip-tls + openobserve: + name: openobserve-gateway + namespace: gateway + servers: + - hosts: + - openobserve.contour.infra.sarex.tech + tls: + credentialName: openobserve-tls vault: name: vault-gateway namespace: gateway @@ -526,6 +554,30 @@ spec: prefix: / service: keycloak-keycloak-contour.keycloak.svc.cluster.local port: 80 + glitchtip: + name: glitchtip-virt-service + namespace: gateway + hosts: + - glitchtip.contour.infra.sarex.tech + gateways: + - gateway/glitchtip-gateway + routes: + - path: + prefix: / + service: glitchtip-web.glitchtip.svc.cluster.local + port: 8000 + openobserve: + name: openobserve-virt-service + namespace: gateway + hosts: + - openobserve.contour.infra.sarex.tech + gateways: + - gateway/openobserve-gateway + routes: + - path: + prefix: / + service: openobserve-web.openobserve.svc.cluster.local + port: 5080 camunda-keycloak: name: camunda-keycloak-virt-service namespace: gateway diff --git a/clusters/yc-k8s-test/infrastructure/patches/openobserve.yaml b/clusters/yc-k8s-test/infrastructure/patches/openobserve.yaml new file mode 100644 index 0000000..ec0b823 --- /dev/null +++ b/clusters/yc-k8s-test/infrastructure/patches/openobserve.yaml @@ -0,0 +1,68 @@ +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: openobserve + namespace: openobserve +spec: + interval: 5m + timeout: 10m + values: + universal-chart: + services: + openobserve: + deployment: + replicaCount: + _default: 1 + envs: + - name: ZO_HTTP_PORT + value: + _default: "5080" + - name: ZO_LOCAL_MODE + value: + _default: "false" + - name: ZO_META_STORE + value: + _default: postgres + - name: ZO_CLUSTER_COORDINATOR + value: + _default: nats + - name: ZO_NATS_REPLICAS + value: + _default: "1" + - name: ZO_S3_PROVIDER + value: + _default: s3 + - name: ZO_S3_SERVER_URL + value: + _default: http://minio.minio.svc.cluster.local:9000 + - name: ZO_S3_BUCKET_NAME + value: + _default: open-observe + - name: ZO_S3_REGION_NAME + value: + _default: ru-central1 + - name: ZO_TELEMETRY + value: + _default: "false" + serviceAccount: + enabled: true + name: + _default: openobserve-vault + openobserve: + secret: + create: false + name: openobserve-secret + nats: + enabled: true + replicaCount: 1 + persistence: + enabled: true + size: 10Gi + storageClassName: local-path + otelCollector: + enabled: false + vault: + enabled: true + role: openobserve + authPath: auth/kubernetes + secretPath: secrets/data/vault/apps/openobserve diff --git a/clusters/yc-k8s-test/infrastructure/patches/postgresql.yaml b/clusters/yc-k8s-test/infrastructure/patches/postgresql.yaml index 656af5a..c94b76e 100644 --- a/clusters/yc-k8s-test/infrastructure/patches/postgresql.yaml +++ b/clusters/yc-k8s-test/infrastructure/patches/postgresql.yaml @@ -136,6 +136,16 @@ spec: - pg_stat_statements - uuid-ossp restoreFromDump: false + - name: glitchtip + user: glitchtip + passwordKey: glitchtip + extensions: [] + restoreFromDump: false + - name: openobserve + user: openobserve + passwordKey: openobserve + extensions: [] + restoreFromDump: false # - name: camunda_db # user: camunda diff --git a/infrastructure/glitchtip/base/helmrelease.yaml b/infrastructure/glitchtip/base/helmrelease.yaml new file mode 100644 index 0000000..eb92229 --- /dev/null +++ b/infrastructure/glitchtip/base/helmrelease.yaml @@ -0,0 +1,22 @@ +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: glitchtip + namespace: glitchtip +spec: + interval: 10m + chart: + spec: + chart: glitchtip-contour + version: "0.1.7" + sourceRef: + kind: HelmRepository + name: yc-oci-charts + namespace: flux-system + interval: 10m + install: + remediation: + retries: 3 + upgrade: + remediation: + retries: 3 diff --git a/infrastructure/glitchtip/base/kustomization.yaml b/infrastructure/glitchtip/base/kustomization.yaml new file mode 100644 index 0000000..5ce2053 --- /dev/null +++ b/infrastructure/glitchtip/base/kustomization.yaml @@ -0,0 +1,6 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: glitchtip +resources: + - namespace.yaml + - helmrelease.yaml diff --git a/infrastructure/glitchtip/base/namespace.yaml b/infrastructure/glitchtip/base/namespace.yaml new file mode 100644 index 0000000..d32df01 --- /dev/null +++ b/infrastructure/glitchtip/base/namespace.yaml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: glitchtip + labels: + istio-injection: enabled diff --git a/infrastructure/glitchtip/kustomization.yaml b/infrastructure/glitchtip/kustomization.yaml new file mode 100644 index 0000000..3c2f51f --- /dev/null +++ b/infrastructure/glitchtip/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./base diff --git a/infrastructure/kustomization.yaml b/infrastructure/kustomization.yaml index 0361b09..aff4a77 100644 --- a/infrastructure/kustomization.yaml +++ b/infrastructure/kustomization.yaml @@ -9,6 +9,8 @@ resources: - keycloak - local-path-provisioner - minio + - glitchtip + - openobserve - openldap - postgresql - rabbitmq diff --git a/infrastructure/openobserve/base/helmrelease.yaml b/infrastructure/openobserve/base/helmrelease.yaml new file mode 100644 index 0000000..33431d5 --- /dev/null +++ b/infrastructure/openobserve/base/helmrelease.yaml @@ -0,0 +1,22 @@ +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: openobserve + namespace: openobserve +spec: + interval: 10m + chart: + spec: + chart: openobserve-contour + version: "0.1.7" + sourceRef: + kind: HelmRepository + name: yc-oci-charts + namespace: flux-system + interval: 10m + install: + remediation: + retries: 3 + upgrade: + remediation: + retries: 3 diff --git a/infrastructure/openobserve/base/kustomization.yaml b/infrastructure/openobserve/base/kustomization.yaml new file mode 100644 index 0000000..6707d05 --- /dev/null +++ b/infrastructure/openobserve/base/kustomization.yaml @@ -0,0 +1,6 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: openobserve +resources: + - namespace.yaml + - helmrelease.yaml diff --git a/infrastructure/openobserve/base/namespace.yaml b/infrastructure/openobserve/base/namespace.yaml new file mode 100644 index 0000000..c806ba3 --- /dev/null +++ b/infrastructure/openobserve/base/namespace.yaml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openobserve + labels: + istio-injection: enabled diff --git a/infrastructure/openobserve/kustomization.yaml b/infrastructure/openobserve/kustomization.yaml new file mode 100644 index 0000000..3c2f51f --- /dev/null +++ b/infrastructure/openobserve/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./base