github-mirrors/VictoriaMetrics
1
0
Fork 0
mirror of https://github.com/VictoriaMetrics/VictoriaMetrics.git synced 2024-11-21 14:44:00 +00:00
Code Issues Projects Releases Packages Wiki Activity
VictoriaMetrics/docs/helm/victoria-metrics-operator/README.md

919 lines
19 KiB
Markdown
Raw Normal View History

Automatic update helm docs from VictoriaMetrics/helm-charts@f0e007f (#7059) Automated changes by [create-pull-request](https://github.com/peter-evans/create-pull-request) GitHub action Signed-off-by: Github Actions <133988544+victoriametrics-bot@users.noreply.github.com> Co-authored-by: AndrewChubatiuk <3162380+AndrewChubatiuk@users.noreply.github.com>
2024-09-20 14:11:23 +00:00
![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![Version: 0.34.8](https://img.shields.io/badge/Version-0.34.8-informational?style=flat-square)
[![Artifact Hub](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/victoriametrics)](https://artifacthub.io/packages/helm/victoriametrics/victoria-metrics-operator)
Victoria Metrics Operator
## Prerequisites
* Install the follow packages: ``git``, ``kubectl``, ``helm``, ``helm-docs``. See this [tutorial](../../REQUIREMENTS.md).
* PV support on underlying infrastructure.
## ArgoCD issues
When running operator using ArgoCD without Cert Manager (`.Values.admissionWebhooks.certManager.enabled: false`) it will rerender webhook certificates
on each sync since Helm `lookup` function is not respected by ArgoCD. To prevent this please update you operator Application `spec.syncPolicy` and `spec.ignoreDifferences` with a following:
```yaml
apiVersion: argoproj.io/v1alpha1
kind: Application
...
spec:
...
syncPolicy:
syncOptions:
# https://argo-cd.readthedocs.io/en/stable/user-guide/sync-options/#respect-ignore-difference-configs
# argocd must also ignore difference during apply stage
# otherwise it ll silently override changes and cause a problem
- RespectIgnoreDifferences=true
ignoreDifferences:
- group: ""
kind: Secret
name: <fullname>-validation
namespace: kube-system
jsonPointers:
- /data
- group: admissionregistration.k8s.io
kind: ValidatingWebhookConfiguration
name: <fullname>-admission
jqPathExpressions:
- '.webhooks[]?.clientConfig.caBundle'
```
where `<fullname>` is output of `{{ include "vm-operator.fullname" }}` for your setup
## Upgrade guide
During release an issue with helm CRD was discovered. So for upgrade from version less then 0.1.3 you have to two options:
1) use helm management for CRD, enabled by default.
2) use own management system, need to add variable: --set createCRD=false.
If you choose helm management, following steps must be done before upgrade:
1) define namespace and helm release name variables
```
export NAMESPACE=default
export RELEASE_NAME=operator
```
execute kubectl commands:
```
kubectl get crd | grep victoriametrics.com | awk '{print $1 }' | xargs -i kubectl label crd {} app.kubernetes.io/managed-by=Helm --overwrite
kubectl get crd | grep victoriametrics.com | awk '{print $1 }' | xargs -i kubectl annotate crd {} meta.helm.sh/release-namespace="$NAMESPACE" meta.helm.sh/release-name="$RELEASE_NAME" --overwrite
```
run helm upgrade command.
## Chart Details
This chart will do the following:
* Rollout victoria metrics operator
## How to install
Access a Kubernetes cluster.
### Setup chart repository (can be omitted for OCI repositories)
Add a chart helm repository with follow commands:
```console
helm repo add vm https://victoriametrics.github.io/helm-charts/
helm repo update
```
List versions of `vm/victoria-metrics-operator` chart available to installation:
```console
helm search repo vm/victoria-metrics-operator -l
```
### Install `victoria-metrics-operator` chart
Export default values of `victoria-metrics-operator` chart to file `values.yaml`:
- For HTTPS repository
```console
helm show values vm/victoria-metrics-operator > values.yaml
```
- For OCI repository
```console
helm show values oci://ghcr.io/victoriametrics/helm-charts/victoria-metrics-operator > values.yaml
```
Change the values according to the need of the environment in ``values.yaml`` file.
Test the installation with command:
- For HTTPS repository
```console
helm install vmo vm/victoria-metrics-operator -f values.yaml -n NAMESPACE --debug --dry-run
```
- For OCI repository
```console
helm install vmo oci://ghcr.io/victoriametrics/helm-charts/victoria-metrics-operator -f values.yaml -n NAMESPACE --debug --dry-run
```
Install chart with command:
- For HTTPS repository
```console
helm install vmo vm/victoria-metrics-operator -f values.yaml -n NAMESPACE
```
- For OCI repository
```console
helm install vmo oci://ghcr.io/victoriametrics/helm-charts/victoria-metrics-operator -f values.yaml -n NAMESPACE
```
Get the pods lists by running this commands:
```console
kubectl get pods -A | grep 'vmo'
```
Get the application by running this command:
```console
helm list -f vmo -n NAMESPACE
```
See the history of versions of `vmo` application with command.
```console
helm history vmo -n NAMESPACE
```
## Validation webhook
Its possible to use validation of created resources with operator. For now, you need cert-manager to easily certificate management https://cert-manager.io/docs/
```yaml
admissionWebhooks:
enabled: true
# what to do in case, when operator not available to validate request.
certManager:
# enables cert creation and injection by cert-manager
enabled: true
```
## How to uninstall
Remove application with command.
```console
helm uninstall vmo -n NAMESPACE
```
## Documentation of Helm Chart
Install ``helm-docs`` following the instructions on this [tutorial](../../REQUIREMENTS.md).
Generate docs with ``helm-docs`` command.
```bash
cd charts/victoria-metrics-operator
helm-docs
```
The markdown generation is entirely go template driven. The tool parses metadata from charts and generates a number of sub-templates that can be referenced in a template file (by default ``README.md.gotmpl``). If no template file is provided, the tool has a default internal template that will generate a reasonably formatted README.
## Parameters
The following tables lists the configurable parameters of the chart and their default values.
Change the values according to the need of the environment in ``victoria-metrics-operator/values.yaml`` file.
<table>
<thead>
<th>Key</th>
<th>Type</th>
<th>Default</th>
<th>Description</th>
</thead>
<tbody>
<tr>
<td>admissionWebhooks</td>
<td>object</td>
<td><pre lang="plaintext">
certManager:
enabled: false
issuer: {}
enabled: true
enabledCRDValidation:
vlogs: true
vmagent: true
vmalert: true
vmalertmanager: true
vmalertmanagerconfig: true
vmauth: true
vmcluster: true
vmrule: true
vmsingle: true
vmuser: true
keepTLSSecret: true
policy: Fail
tls:
caCert: null
cert: null
key: null
</pre>
</td>
<td><p>Configures resource validation</p>
</td>
</tr>
<tr>
<td>admissionWebhooks.certManager</td>
<td>object</td>
<td><pre lang="plaintext">
enabled: false
issuer: {}
</pre>
</td>
<td><p>with keys: tls.key, tls.crt, ca.crt</p>
</td>
</tr>
<tr>
<td>admissionWebhooks.certManager.enabled</td>
<td>bool</td>
<td><pre lang="">
false
</pre>
</td>
<td><p>Enables cert creation and injection by cert-manager.</p>
</td>
</tr>
<tr>
<td>admissionWebhooks.certManager.issuer</td>
<td>object</td>
<td><pre lang="plaintext">
{}
</pre>
</td>
<td><p>If needed, provide own issuer. Operator will create self-signed if empty.</p>
</td>
</tr>
<tr>
<td>admissionWebhooks.enabled</td>
<td>bool</td>
<td><pre lang="">
true
</pre>
</td>
<td><p>Enables validation webhook.</p>
</td>
</tr>
<tr>
<td>admissionWebhooks.policy</td>
<td>string</td>
<td><pre lang="">
Fail
</pre>
</td>
<td><p>What to do in case, when operator not available to validate request.</p>
</td>
</tr>
<tr>
<td>affinity</td>
<td>object</td>
<td><pre lang="plaintext">
{}
</pre>
</td>
<td><p>Pod affinity</p>
</td>
</tr>
<tr>
<td>annotations</td>
<td>object</td>
<td><pre lang="plaintext">
{}
</pre>
</td>
<td><p>Annotations to be added to the all resources</p>
</td>
</tr>
<tr>
<td>crd.cleanup.enabled</td>
<td>bool</td>
<td><pre lang="">
false
</pre>
</td>
<td><p>Tells helm to clean up all the vm resources under this release&rsquo;s namespace when uninstalling</p>
</td>
</tr>
<tr>
<td>crd.cleanup.image</td>
<td>object</td>
<td><pre lang="plaintext">
pullPolicy: IfNotPresent
repository: bitnami/kubectl
tag: ""
</pre>
</td>
<td><p>Image configuration for CRD cleanup Job</p>
</td>
</tr>
<tr>
<td>crd.create</td>
<td>bool</td>
<td><pre lang="">
true
</pre>
</td>
<td><p>with this option, if you remove this chart, all crd resources will be deleted with it.</p>
</td>
</tr>
<tr>
<td>env</td>
<td>list</td>
<td><pre lang="plaintext">
[]
</pre>
</td>
<td><p>extra settings for the operator deployment. Full list <a href="https://docs.victoriametrics.com/operator/vars" target="_blank">here</a></p>
</td>
</tr>
<tr>
<td>envFrom</td>
<td>list</td>
<td><pre lang="plaintext">
[]
</pre>
</td>
<td></td>
</tr>
<tr>
<td>extraArgs</td>
<td>object</td>
<td><pre lang="plaintext">
{}
</pre>
</td>
<td><p>operator container additional commandline arguments</p>
</td>
</tr>
<tr>
<td>extraContainers</td>
<td>list</td>
<td><pre lang="plaintext">
[]
</pre>
</td>
<td></td>
</tr>
<tr>
<td>extraHostPathMounts</td>
<td>list</td>
<td><pre lang="plaintext">
[]
</pre>
</td>
<td><p>Additional hostPath mounts</p>
</td>
</tr>
<tr>
<td>extraLabels</td>
<td>object</td>
<td><pre lang="plaintext">
{}
</pre>
</td>
<td><p>Labels to be added to the all resources</p>
</td>
</tr>
<tr>
<td>extraObjects</td>
<td>list</td>
<td><pre lang="plaintext">
[]
</pre>
</td>
<td><p>Add extra specs dynamically to this chart</p>
</td>
</tr>
<tr>
<td>extraVolumeMounts</td>
<td>list</td>
<td><pre lang="plaintext">
[]
</pre>
</td>
<td><p>Extra Volume Mounts for the container</p>
</td>
</tr>
<tr>
<td>extraVolumes</td>
<td>list</td>
<td><pre lang="plaintext">
[]
</pre>
</td>
<td><p>Extra Volumes for the pod</p>
</td>
</tr>
<tr>
<td>fullnameOverride</td>
<td>string</td>
<td><pre lang="">
""
</pre>
</td>
<td><p>Overrides the full name of server component</p>
</td>
</tr>
<tr>
<td>global.cluster.dnsDomain</td>
<td>string</td>
<td><pre lang="">
cluster.local
</pre>
</td>
<td></td>
</tr>
<tr>
<td>global.image.registry</td>
<td>string</td>
<td><pre lang="">
""
</pre>
</td>
<td></td>
</tr>
<tr>
<td>global.imagePullSecrets</td>
<td>list</td>
<td><pre lang="plaintext">
[]
</pre>
</td>
<td></td>
</tr>
<tr>
<td>image</td>
<td>object</td>
<td><pre lang="plaintext">
pullPolicy: IfNotPresent
registry: ""
repository: victoriametrics/operator
tag: ""
variant: ""
</pre>
</td>
<td><p>operator image configuration</p>
</td>
</tr>
<tr>
<td>image.pullPolicy</td>
<td>string</td>
<td><pre lang="">
IfNotPresent
</pre>
</td>
<td><p>Image pull policy</p>
</td>
</tr>
<tr>
<td>image.registry</td>
<td>string</td>
<td><pre lang="">
""
</pre>
</td>
<td><p>Image registry</p>
</td>
</tr>
<tr>
<td>image.repository</td>
<td>string</td>
<td><pre lang="">
victoriametrics/operator
</pre>
</td>
<td><p>Image repository</p>
</td>
</tr>
<tr>
<td>image.tag</td>
<td>string</td>
<td><pre lang="">
""
</pre>
</td>
<td><p>Image tag override Chart.AppVersion</p>
</td>
</tr>
<tr>
<td>imagePullSecrets</td>
<td>list</td>
<td><pre lang="plaintext">
[]
</pre>
</td>
<td><p>Secret to pull images</p>
</td>
</tr>
<tr>
<td>logLevel</td>
<td>string</td>
<td><pre lang="">
info
</pre>
</td>
<td><p>possible values: info and error.</p>
</td>
</tr>
<tr>
<td>nameOverride</td>
<td>string</td>
<td><pre lang="">
""
</pre>
</td>
<td><p>VM operatror deployment name override</p>
</td>
</tr>
<tr>
<td>nodeSelector</td>
<td>object</td>
<td><pre lang="plaintext">
{}
</pre>
</td>
<td><p>Pod&rsquo;s node selector. Details are <a href="https://kubernetes.io/docs/user-guide/node-selection/" target="_blank">here</a></p>
</td>
</tr>
<tr>
<td>operator.disable_prometheus_converter</td>
<td>bool</td>
<td><pre lang="">
false
</pre>
</td>
<td><p>By default, operator converts prometheus-operator objects.</p>
</td>
</tr>
<tr>
<td>operator.enable_converter_ownership</td>
<td>bool</td>
<td><pre lang="">
false
</pre>
</td>
<td><p>Enables ownership reference for converted prometheus-operator objects, it will remove corresponding victoria-metrics objects in case of deletion prometheus one.</p>
</td>
</tr>
<tr>
<td>operator.prometheus_converter_add_argocd_ignore_annotations</td>
<td>bool</td>
<td><pre lang="">
false
</pre>
</td>
<td><p>Compare-options and sync-options for prometheus objects converted by operator for properly use with ArgoCD</p>
</td>
</tr>
<tr>
<td>operator.useCustomConfigReloader</td>
<td>bool</td>
<td><pre lang="">
false
</pre>
</td>
<td><p>Enables custom config-reloader, bundled with operator. It should reduce vmagent and vmauth config sync-time and make it predictable.</p>
</td>
</tr>
<tr>
<td>podDisruptionBudget</td>
<td>object</td>
<td><pre lang="plaintext">
enabled: false
labels: {}
</pre>
</td>
<td><p>See <code>kubectl explain poddisruptionbudget.spec</code> for more or check <a href="https://kubernetes.io/docs/tasks/run-application/configure-pdb/" target="_blank">these docs</a></p>
</td>
</tr>
<tr>
<td>podLabels</td>
<td>object</td>
<td><pre lang="plaintext">
{}
</pre>
</td>
<td></td>
</tr>
<tr>
<td>podSecurityContext</td>
<td>object</td>
<td><pre lang="plaintext">
{}
</pre>
</td>
<td></td>
</tr>
<tr>
<td>probe.liveness</td>
<td>object</td>
<td><pre lang="plaintext">
failureThreshold: 3
initialDelaySeconds: 5
periodSeconds: 15
tcpSocket:
port: probe
timeoutSeconds: 5
</pre>
</td>
<td><p>Liveness probe</p>
</td>
</tr>
<tr>
<td>probe.readiness</td>
<td>object</td>
<td><pre lang="plaintext">
failureThreshold: 3
httpGet:
port: probe
initialDelaySeconds: 5
periodSeconds: 15
timeoutSeconds: 5
</pre>
</td>
<td><p>Readiness probe</p>
</td>
</tr>
<tr>
<td>probe.startup</td>
<td>object</td>
<td><pre lang="plaintext">
{}
</pre>
</td>
<td><p>Startup probe</p>
</td>
</tr>
<tr>
<td>rbac.aggregatedClusterRoles</td>
<td>object</td>
<td><pre lang="plaintext">
enabled: true
labels:
admin:
rbac.authorization.k8s.io/aggregate-to-admin: "true"
view:
rbac.authorization.k8s.io/aggregate-to-view: "true"
</pre>
</td>
<td><p>create aggregated clusterRoles for CRD readonly and admin permissions</p>
</td>
</tr>
<tr>
<td>rbac.aggregatedClusterRoles.labels</td>
<td>object</td>
<td><pre lang="plaintext">
admin:
rbac.authorization.k8s.io/aggregate-to-admin: "true"
view:
rbac.authorization.k8s.io/aggregate-to-view: "true"
</pre>
</td>
<td><p>labels attached to according clusterRole</p>
</td>
</tr>
<tr>
<td>rbac.create</td>
<td>bool</td>
<td><pre lang="">
true
</pre>
</td>
<td><p>Specifies whether the RBAC resources should be created</p>
</td>
</tr>
<tr>
<td>replicaCount</td>
<td>int</td>
<td><pre lang="">
1
</pre>
</td>
<td></td>
</tr>
<tr>
<td>resources</td>
<td>object</td>
<td><pre lang="plaintext">
{}
</pre>
</td>
<td><p>Resource object</p>
</td>
</tr>
<tr>
<td>securityContext</td>
<td>object</td>
<td><pre lang="plaintext">
{}
</pre>
</td>
<td></td>
</tr>
<tr>
<td>service.annotations</td>
<td>object</td>
<td><pre lang="plaintext">
{}
</pre>
</td>
<td></td>
</tr>
<tr>
<td>service.clusterIP</td>
<td>string</td>
<td><pre lang="">
""
</pre>
</td>
<td></td>
</tr>
<tr>
<td>service.externalIPs</td>
<td>string</td>
<td><pre lang="">
""
</pre>
</td>
<td></td>
</tr>
<tr>
<td>service.externalTrafficPolicy</td>
<td>string</td>
<td><pre lang="">
""
</pre>
</td>
<td></td>
</tr>
<tr>
<td>service.healthCheckNodePort</td>
<td>string</td>
<td><pre lang="">
""
</pre>
</td>
<td></td>
</tr>
<tr>
<td>service.ipFamilies</td>
<td>list</td>
<td><pre lang="plaintext">
[]
</pre>
</td>
<td></td>
</tr>
<tr>
<td>service.ipFamilyPolicy</td>
<td>string</td>
<td><pre lang="">
""
</pre>
</td>
<td></td>
</tr>
<tr>
<td>service.labels</td>
<td>object</td>
<td><pre lang="plaintext">
{}
</pre>
</td>
<td></td>
</tr>
<tr>
<td>service.loadBalancerIP</td>
<td>string</td>
<td><pre lang="">
""
</pre>
</td>
<td></td>
</tr>
<tr>
<td>service.loadBalancerSourceRanges</td>
<td>list</td>
<td><pre lang="plaintext">
[]
</pre>
</td>
<td></td>
</tr>
<tr>
<td>service.servicePort</td>
<td>int</td>
<td><pre lang="">
8080
</pre>
</td>
<td></td>
</tr>
<tr>
<td>service.type</td>
<td>string</td>
<td><pre lang="">
ClusterIP
</pre>
</td>
<td></td>
</tr>
<tr>
<td>service.webhookPort</td>
<td>int</td>
<td><pre lang="">
9443
</pre>
</td>
<td></td>
</tr>
<tr>
<td>serviceAccount.create</td>
<td>bool</td>
<td><pre lang="">
true
</pre>
</td>
<td><p>Specifies whether a service account should be created</p>
</td>
</tr>
<tr>
<td>serviceAccount.name</td>
<td>string</td>
<td><pre lang="">
""
</pre>
</td>
<td><p>The name of the service account to use. If not set and create is true, a name is generated using the fullname template</p>
</td>
</tr>
<tr>
<td>serviceMonitor</td>
<td>object</td>
<td><pre lang="plaintext">
annotations: {}
basicAuth: {}
enabled: false
extraLabels: {}
interval: ""
relabelings: []
scheme: ""
scrapeTimeout: ""
tlsConfig: {}
</pre>
</td>
<td><p>configures monitoring with serviceScrape. VMServiceScrape must be pre-installed</p>
</td>
</tr>
<tr>
<td>tolerations</td>
<td>list</td>
<td><pre lang="plaintext">
[]
</pre>
</td>
<td><p>Array of tolerations object. Spec is <a href="https://kubernetes.io/docs/concepts/configuration/assign-pod-node/" target="_blank">here</a></p>
</td>
</tr>
<tr>
<td>topologySpreadConstraints</td>
<td>list</td>
<td><pre lang="plaintext">
[]
</pre>
</td>
<td><p>Pod Topology Spread Constraints. Spec is <a href="https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/" target="_blank">here</a></p>
</td>
</tr>
<tr>
<td>watchNamespaces</td>
<td>list</td>
<td><pre lang="plaintext">
[]
</pre>
</td>
<td><p>By default, the operator will watch all the namespaces If you want to override this behavior, specify the namespace. Operator supports multiple namespaces for watching.</p>
</td>
</tr>
</tbody>
</table>
Reference in a new issue Copy permalink