diff --git a/changelogs/unreleased/sh-add-gitlab-monitor.yml b/changelogs/unreleased/sh-add-gitlab-monitor.yml new file mode 100644 index 0000000000000000000000000000000000000000..e935f4a0d2880fbe62549a20540a61e421adbe36 --- /dev/null +++ b/changelogs/unreleased/sh-add-gitlab-monitor.yml @@ -0,0 +1,5 @@ +--- +title: Add support for gitlab-monitor +merge_request: 787 +author: +type: added diff --git a/charts/gitlab/charts/gitaly/templates/statefulset.yml b/charts/gitlab/charts/gitaly/templates/statefulset.yml index d398816793ea426352ecdba3f8f476a16bf8c5a8..515330bad5673be016bf11706ff228195723dd99 100644 --- a/charts/gitlab/charts/gitaly/templates/statefulset.yml +++ b/charts/gitlab/charts/gitaly/templates/statefulset.yml @@ -95,6 +95,12 @@ spec: valueFrom: fieldRef: fieldPath: metadata.name +{{- if .Values.global.tracing.enabled }} + - name: GITLAB_TRACING + value: opentracing://jaeger?http_endpoint=http%3A%2F%2F{{.Values.global.tracing.serviceName}}-collector%3A14268%2Fapi%2Ftraces&sampler=const&sampler_param=1 + - name: GITLAB_TRACING_URL + value: 'http://{{.Values.global.tracing.serviceName}}-query:16686/search?service={{ "{{" }} service {{ "}}" }}&tags=%7B"correlation_id"%3A"{{ "{{" }} correlation_id {{ "}}" }}"%7D"' +{{- end }} volumeMounts: {{ include "gitlab.extraVolumeMounts" . | indent 12 }} {{ include "gitlab.certificates.volumeMount" . | indent 12 }} diff --git a/charts/gitlab/charts/gitlab-monitor/Chart.yaml b/charts/gitlab/charts/gitlab-monitor/Chart.yaml new file mode 100644 index 0000000000000000000000000000000000000000..3d56a421797e4e71c59743a82756af375efb7b4e --- /dev/null +++ b/charts/gitlab/charts/gitlab-monitor/Chart.yaml @@ -0,0 +1,17 @@ +--- +apiVersion: v1 +name: gitlab-monitor +version: 1.8.4 +appVersion: master +description: Exporter for GitLab Prometheus metrics (e.g. CI, pull mirrors) +keywords: +- gitlab +- gitlab-monitor +home: https://about.gitlab.com/ +icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg +sources: +- https://gitlab.com/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-monitor +- https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-monitor +maintainers: +- name: GitLab Inc. + email: support@gitlab.com diff --git a/charts/gitlab/charts/gitlab-monitor/templates/configmap.yaml b/charts/gitlab/charts/gitlab-monitor/templates/configmap.yaml new file mode 100644 index 0000000000000000000000000000000000000000..dedad925c6d0f1bcfc2c2a6f09a2254f6b36c1fb --- /dev/null +++ b/charts/gitlab/charts/gitlab-monitor/templates/configmap.yaml @@ -0,0 +1,61 @@ +{{- if .Values.enabled -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "fullname" . }} + namespace: {{ $.Release.Namespace }} + labels: +{{ include "gitlab.standardLabels" . | indent 4 }} +data: + gitlab-monitor.yml.erb: | + server: + listen_address: 0.0.0.0 + listen_port: 9168 + + probes: + db_common: &db_common + methods: + - probe_db + opts: + connection_string: dbname={{ template "gitlab.psql.database" . }} user={{ template "gitlab.psql.username" . }} host={{ template "gitlab.psql.host" . }} port={{ template "gitlab.psql.port" . }} password=<%= File.read("/etc/gitlab/postgres/psql-password") %> + database: + multiple: true + ci_builds: + class_name: Database::CiBuildsProber + <<: *db_common + tuple_stats: + class_name: Database::TuplesProber + <<: *db_common + rows_count: + class_name: Database::RowCountProber + <<: *db_common + + sidekiq: &sidekiq + methods: + - probe_queues + - probe_jobs + - probe_workers + - probe_retries + - probe_dead + opts: + redis_url: {{ template "gitlab.redis.url" . }} + redis_enable_client: false + + metrics: + multiple: true + sidekiq: + <<: *sidekiq + ci_builds: + class_name: Database::CiBuildsProber + <<: *db_common + tuple_stats: + class_name: Database::TuplesProber + <<: *db_common + rows_count: + class_name: Database::RowCountProber + <<: *db_common + + configure: | + {{- include "gitlab.scripts.configure.secrets" (dict "required" "postgres" "optional" "redis") | nindent 4 }} +# Leave this here - This line denotes end of block to the parser. +{{- end }} diff --git a/charts/gitlab/charts/gitlab-monitor/templates/deployment.yaml b/charts/gitlab/charts/gitlab-monitor/templates/deployment.yaml new file mode 100644 index 0000000000000000000000000000000000000000..d279d67fbd75d89e6ff41134fad70fd825442c57 --- /dev/null +++ b/charts/gitlab/charts/gitlab-monitor/templates/deployment.yaml @@ -0,0 +1,140 @@ +{{- if .Values.enabled }} +{{- $metricsEnabled := .Values.metrics.enabled -}} +{{- $metricsAnnotations := .Values.metrics.annotations -}} + +apiVersion: apps/v1beta2 +kind: Deployment +metadata: + name: {{ template "fullname" . }} + namespace: {{ $.Release.Namespace }} + labels: +{{ include "gitlab.standardLabels" . | indent 4 }} +spec: + replicas: 1 + selector: + matchLabels: + app: {{ template "name" . }} + release: {{ .Release.Name }} + template: + metadata: + labels: + app: {{ template "name" . }} + release: {{ .Release.Name }} + annotations: + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} +{{- if $metricsEnabled }} +{{ toYaml $metricsAnnotations | indent 8 }} +{{- end }} + spec: + securityContext: + runAsUser: 1000 + fsGroup: 1000 + {{- if eq (default .Values.global.antiAffinity .antiAffinity) "hard" }} + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - topologyKey: "kubernetes.io/hostname" + labelSelector: + matchLabels: + app: {{ template "name" . }} + release: {{ .Release.Name }} + {{- else if eq (default .Values.global.antiAffinity .antiAffinity) "soft" }} + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 1 + podAffinityTerm: + topologyKey: kubernetes.io/hostname + labelSelector: + matchLabels: + app: {{ template "name" . }} + release: {{ .Release.Name }} + {{- end }} + initContainers: +{{ include "gitlab.extraInitContainers" . | indent 8 }} +{{ include "gitlab.certificates.initContainer" . | indent 8 }} + - name: configure + command: ['sh', '/config/configure'] + image: {{ .Values.init.image }}:{{ .Values.init.tag }} + volumeMounts: +{{ include "gitlab.extraVolumeMounts" . | indent 10 }} +{{ include "gitlab.psql.ssl.volumeMount" . | indent 10 }} + - name: gitlab-monitor-config + mountPath: /config + readOnly: true + - name: init-gitlab-monitor-secrets + mountPath: /init-config + readOnly: true + - name: gitlab-monitor-secrets + mountPath: /init-secrets + readOnly: false + resources: +{{ toYaml .Values.init.resources | indent 12 }} +{{- include "pullsecrets" .Values.image | indent 6}} + containers: +{{ include "gitlab.extraContainers" . | indent 8 }} + - name: {{ .Chart.Name }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + {{ template "gitlab.imagePullPolicy" . }} + env: + - name: CONFIG_TEMPLATE_DIRECTORY + value: '/var/opt/gitlab-monitor/templates' + - name: CONFIG_DIRECTORY + value: '/etc/gitlab-monitor' + volumeMounts: + - name: gitlab-monitor-config + mountPath: /var/opt/gitlab-monitor/templates/gitlab-monitor.yml.erb + subPath: gitlab-monitor.yml.erb + - name: gitlab-monitor-secrets + mountPath: '/etc/gitlab' + readOnly: true +{{ include "gitlab.extraVolumeMounts" . | indent 12 }} +{{ include "gitlab.certificates.volumeMount" . | indent 12 }} + livenessProbe: + exec: + command: + - pgrep + - -f + - gitlab-mon + readinessProbe: + exec: + command: + - pgrep + - -f + - gitlab-mon + lifecycle: + preStop: + exec: + command: ["/bin/bash", "-c", "pkill -f 'gitlab-mon'"] + resources: +{{ toYaml .Values.resources | indent 12 }} + volumes: +{{ include "gitlab.extraVolumes" . | indent 6 }} + - name: gitlab-monitor-config + configMap: + name: {{ template "fullname" . }} + - name: init-gitlab-monitor-secrets + projected: + defaultMode: 0400 + sources: + - secret: + name: {{ template "gitlab.psql.password.secret" . }} + items: + - key: {{ template "gitlab.psql.password.key" . }} + path: postgres/psql-password + {{- if .Values.global.redis.password.enabled }} + - secret: + name: {{ template "gitlab.redis.password.secret" . }} + items: + - key: {{ template "gitlab.redis.password.key" . }} + path: redis/password + {{- end }} + - name: gitlab-monitor-secrets + emptyDir: + medium: "Memory" +{{ include "gitlab.certificates.volumes" . | indent 6 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end }} +{{- end }} diff --git a/charts/gitlab/charts/gitlab-monitor/templates/hpa.yaml b/charts/gitlab/charts/gitlab-monitor/templates/hpa.yaml new file mode 100644 index 0000000000000000000000000000000000000000..e13b1f821b01009680db83426f60406777f5e03a --- /dev/null +++ b/charts/gitlab/charts/gitlab-monitor/templates/hpa.yaml @@ -0,0 +1,21 @@ +{{- if .Values.enabled -}} +apiVersion: autoscaling/v2beta1 +kind: HorizontalPodAutoscaler +metadata: + name: {{ template "fullname" . }} + namespace: {{ $.Release.Namespace }} + labels: +{{ include "gitlab.standardLabels" . | indent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1beta2 + kind: Deployment + name: {{ template "fullname" . }} + minReplicas: {{ .Values.minReplicas }} + maxReplicas: {{ .Values.maxReplicas }} + metrics: + - type: Resource + resource: + name: cpu + targetAverageValue: {{ .Values.hpa.targetAverageValue }} +{{- end -}} diff --git a/charts/gitlab/charts/gitlab-monitor/templates/pdb.yaml b/charts/gitlab/charts/gitlab-monitor/templates/pdb.yaml new file mode 100644 index 0000000000000000000000000000000000000000..acac844f0f59652e18ad573d38ca5cab8c63f435 --- /dev/null +++ b/charts/gitlab/charts/gitlab-monitor/templates/pdb.yaml @@ -0,0 +1,15 @@ +{{- if .Values.enabled -}} +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + name: {{ template "fullname" . }} + namespace: {{ $.Release.Namespace }} + labels: +{{ include "gitlab.standardLabels" . | indent 4 }} +spec: + maxUnavailable: {{ .Values.maxUnavailable }} + selector: + matchLabels: + app: {{ template "name" . }} + release: {{ .Release.Name }} +{{- end -}} diff --git a/charts/gitlab/charts/gitlab-monitor/templates/service.yaml b/charts/gitlab/charts/gitlab-monitor/templates/service.yaml new file mode 100644 index 0000000000000000000000000000000000000000..41d547a3220d5c867a59d0197fd7360d174dba98 --- /dev/null +++ b/charts/gitlab/charts/gitlab-monitor/templates/service.yaml @@ -0,0 +1,21 @@ +{{- if .Values.enabled -}} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "fullname" . }} + namespace: {{ $.Release.Namespace }} + labels: +{{ include "gitlab.standardLabels" . | indent 4 }} + annotations: +{{ include "gitlab.serviceAnnotations" . | indent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + protocol: TCP + name: gitlab-monitor + selector: + app: {{ template "name" . }} + release: {{ .Release.Name }} +{{- end }} diff --git a/charts/gitlab/charts/gitlab-monitor/values.yaml b/charts/gitlab/charts/gitlab-monitor/values.yaml new file mode 100644 index 0000000000000000000000000000000000000000..f68f041a3ec56bb5e1121495ff43be32cacf4171 --- /dev/null +++ b/charts/gitlab/charts/gitlab-monitor/values.yaml @@ -0,0 +1,52 @@ +# Default values for gitlab-monitor. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +image: + repository: registry.gitlab.com/gitlab-org/build/cng/gitlab-monitor + pullSecrets: [] + pullPolicy: Always + tag: "sh-add-gitlab-monitor" + +service: + name: gitlab-monitor + type: ClusterIP + externalPort: 9168 + internalPort: 9168 + +metrics: + enabled: true + port: 9168 + annotations: + prometheus.io/scrape: "true" + prometheus.io/port: "9168" + prometheus.io/path: "/metrics" + +enabled: true + +init: + image: busybox + tag: latest + resources: + requests: + cpu: 50m + +global: + # imagePullPolicy: IfNotPresent + redis: + password: {} + +redis: + password: {} + +resources: + # limits: + # cpu: 1 + # memory: 2G + requests: + cpu: 50m + memory: 150M +maxUnavailable: 1 +minReplicas: 1 +maxReplicas: 2 +hpa: + targetAverageValue: 100m diff --git a/charts/gitlab/charts/gitlab-shell/templates/deployment.yaml b/charts/gitlab/charts/gitlab-shell/templates/deployment.yaml index 4a8c783596deb6cfafdd96abf78fd3ce5d7654f2..bed8cb5d007bfa88e073945d9622291a8eecea90 100644 --- a/charts/gitlab/charts/gitlab-shell/templates/deployment.yaml +++ b/charts/gitlab/charts/gitlab-shell/templates/deployment.yaml @@ -84,6 +84,12 @@ spec: value: '/srv/gitlab-shell' - name: KEYS_DIRECTORY value: '/etc/gitlab-secrets/ssh' +{{- if .Values.global.tracing.enabled }} + - name: GITLAB_TRACING + value: opentracing://jaeger?http_endpoint=http%3A%2F%2F{{.Values.global.tracing.serviceName}}-collector%3A14268%2Fapi%2Ftraces&sampler=const&sampler_param=1 + - name: GITLAB_TRACING_URL + value: 'http://{{.Values.global.tracing.serviceName}}-query:16686/search?service={{ "{{" }} service {{ "}}" }}&tags=%7B"correlation_id"%3A"{{ "{{" }} correlation_id {{ "}}" }}"%7D"' +{{- end }} volumeMounts: - name: shell-config mountPath: '/etc/gitlab-shell' diff --git a/charts/gitlab/charts/sidekiq/templates/deployment.yaml b/charts/gitlab/charts/sidekiq/templates/deployment.yaml index 717dc39d67629b90af1c20cfa64f04971e66a671..779e94b3464debb7f13bd2ad1a5755e535b53eb7 100644 --- a/charts/gitlab/charts/sidekiq/templates/deployment.yaml +++ b/charts/gitlab/charts/sidekiq/templates/deployment.yaml @@ -167,6 +167,12 @@ spec: value: {{ int $.Values.memoryKiller.graceTime | quote }} - name: SIDEKIQ_MEMORY_KILLER_SHUTDOWN_WAIT value: {{ int $.Values.memoryKiller.shutdownWait | quote }} +{{- if $.Values.global.tracing.enabled }} + - name: GITLAB_TRACING + value: opentracing://jaeger?http_endpoint=http%3A%2F%2F{{$.Values.global.tracing.serviceName}}-collector%3A14268%2Fapi%2Ftraces&sampler=const&sampler_param=1 + - name: GITLAB_TRACING_URL + value: 'http://{{$.Values.global.tracing.serviceName}}-query:16686/search?service={{ "{{" }} service {{ "}}" }}&tags=%7B"correlation_id"%3A"{{ "{{" }} correlation_id {{ "}}" }}"%7D"' +{{- end }} {{- if $metricsEnabled }} ports: - containerPort: {{ $metricsPort }} diff --git a/charts/gitlab/charts/unicorn/templates/configmap.yml b/charts/gitlab/charts/unicorn/templates/configmap.yml index 90201a95657ddf71f90f81740ec8393c988457fa..145a426007b1b015d62364f691f6e837bc297527 100644 --- a/charts/gitlab/charts/unicorn/templates/configmap.yml +++ b/charts/gitlab/charts/unicorn/templates/configmap.yml @@ -39,7 +39,26 @@ data: pid "/home/git/unicorn.pid" preload_app true + require_relative "/srv/gitlab/lib/gitlab/cluster/lifecycle_events" + + before_exec do |server| + # Signal application hooks that we're about to restart + Gitlab::Cluster::LifecycleEvents.do_master_restart + end + before_fork do |server, worker| + # Signal application hooks that we're about to fork + Gitlab::Cluster::LifecycleEvents.do_before_fork + + # The following is only recommended for memory/DB-constrained + # installations. It is not needed if your system can house + # twice as many worker_processes as you have configured. + # + # This allows a new master process to incrementally + # phase out the old master process with SIGTTOU to avoid a + # thundering herd (especially in the "preload_app false" case) + # when doing a transparent upgrade. The last worker spawned + # will then kill off the old master process with a SIGQUIT. old_pid = "#{server.config[:pid]}.oldbin" if old_pid != server.pid begin @@ -48,13 +67,21 @@ data: rescue Errno::ENOENT, Errno::ESRCH end end - - ActiveRecord::Base.connection.disconnect! if defined?(ActiveRecord::Base) + # + # Throttle the master from forking too quickly by sleeping. Due + # to the implementation of standard Unix signal handlers, this + # helps (but does not completely) prevent identical, repeated signals + # from being lost when the receiving process is busy. + # sleep 1 end after_fork do |server, worker| - ActiveRecord::Base.establish_connection if defined?(ActiveRecord::Base) - defined?(::Prometheus::Client.reinitialize_on_pid_change) && Prometheus::Client.reinitialize_on_pid_change + # Signal application hooks of worker start + Gitlab::Cluster::LifecycleEvents.do_worker_start + + # per-process listener ports for debugging/admin/migrations + # addr = "127.0.0.1:#{9293 + worker.nr}" + # server.listen(addr, :tries => -1, :delay => 5, :tcp_nopush => true) end ENV['GITLAB_UNICORN_MEMORY_MIN'] = ({{ int .Values.memory.min }} * 1 << 20).to_s diff --git a/charts/gitlab/charts/unicorn/templates/deployment.yaml b/charts/gitlab/charts/unicorn/templates/deployment.yaml index f24d853f23cb0b68d746eb188e330e3ea55b69be..39b5536fb5830f64f56354c7d3ba327c976667f3 100644 --- a/charts/gitlab/charts/unicorn/templates/deployment.yaml +++ b/charts/gitlab/charts/unicorn/templates/deployment.yaml @@ -131,6 +131,12 @@ spec: {{- if .Values.workhorse.sentryDSN }} - name: GITLAB_WORKHORSE_SENTRY_DSN value: {{ .Values.workhorse.sentryDSN }} +{{- end }} +{{- if .Values.global.tracing.enabled }} + - name: GITLAB_TRACING + value: opentracing://jaeger?http_endpoint=http%3A%2F%2F{{.Values.global.tracing.serviceName}}-collector%3A14268%2Fapi%2Ftraces&sampler=const&sampler_param=1 + - name: GITLAB_TRACING_URL + value: 'http://{{.Values.global.tracing.serviceName}}-query:16686/search?service={{ "{{" }} service {{ "}}" }}&tags=%7B"correlation_id"%3A"{{ "{{" }} correlation_id {{ "}}" }}"%7D"' {{- end }} volumeMounts: {{- if .Values.metrics.enabled }} @@ -189,6 +195,12 @@ spec: value: '/var/opt/gitlab/templates' - name: CONFIG_DIRECTORY value: '/srv/gitlab/config' +{{- if .Values.global.tracing.enabled }} + - name: GITLAB_TRACING + value: opentracing://jaeger?http_endpoint=http%3A%2F%2F{{.Values.global.tracing.serviceName}}-collector%3A14268%2Fapi%2Ftraces&sampler=const&sampler_param=1 + - name: GITLAB_TRACING_URL + value: 'http://{{.Values.global.tracing.serviceName}}-query:16686/search?service={{ "{{" }} service {{ "}}" }}&tags=%7B"correlation_id"%3A"{{ "{{" }} correlation_id {{ "}}" }}"%7D"' +{{- end }} volumeMounts: - name: workhorse-config mountPath: '/var/opt/gitlab/templates' diff --git a/charts/gitlab/values.yaml b/charts/gitlab/values.yaml index 72d12591f20dc6a3b123fa0ceb7d69eda77470da..691b80538ebd8743468b49ff1c3d1ec310eafc7d 100644 --- a/charts/gitlab/values.yaml +++ b/charts/gitlab/values.yaml @@ -15,6 +15,8 @@ global: repository: registry.gitlab.com/gitlab-org/build/cng/gitlab-sidekiq-ee task-runner: repository: registry.gitlab.com/gitlab-org/build/cng/gitlab-task-runner-ee + gitlab-monitor: + repository: registry.gitlab.com/gitlab-org/build/cng/gitlab-monitor unicorn: repository: registry.gitlab.com/gitlab-org/build/cng/gitlab-unicorn-ee workhorse: @@ -28,10 +30,12 @@ global: repository: registry.gitlab.com/gitlab-org/build/cng/gitlab-sidekiq-ce task-runner: repository: registry.gitlab.com/gitlab-org/build/cng/gitlab-task-runner-ce + gitlab-monitor: + repository: registry.gitlab.com/gitlab-org/build/cng/gitlab-monitor unicorn: repository: registry.gitlab.com/gitlab-org/build/cng/gitlab-unicorn-ce workhorse: repository: registry.gitlab.com/gitlab-org/build/cng/gitlab-workhorse-ce gitlab-runner: - enabled: false + enabled: false \ No newline at end of file diff --git a/charts/jaeger/.helmignore b/charts/jaeger/.helmignore new file mode 100644 index 0000000000000000000000000000000000000000..c13e3c8fbb2f5206619b022bd85687317045d7e4 --- /dev/null +++ b/charts/jaeger/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj \ No newline at end of file diff --git a/charts/jaeger/Chart.yaml b/charts/jaeger/Chart.yaml new file mode 100644 index 0000000000000000000000000000000000000000..1bfb0d4c1565cd0251772d4a0362e713f4c00a46 --- /dev/null +++ b/charts/jaeger/Chart.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +name: jaeger +version: 0.1.0 +appVersion: master +description: Deployment of a Jaeger resource to be used with the Jaeger operator + features. +keywords: +- gitlab +home: https://about.gitlab.com/ +icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg +sources: +- https://gitlab.com/charts/gitlab +maintainers: +- name: GitLab Inc. + email: support@gitlab.com diff --git a/charts/jaeger/templates/_helpers.tpl b/charts/jaeger/templates/_helpers.tpl new file mode 100644 index 0000000000000000000000000000000000000000..1793eae8f88d62c0c51ed619749609c7c0d2ad65 --- /dev/null +++ b/charts/jaeger/templates/_helpers.tpl @@ -0,0 +1,25 @@ +{{- define "jaeger.hostname" -}} +{{- coalesce .Values.global.hosts.jaeger.name (include "gitlab.assembleHost" (dict "name" "jaeger" "context" . )) -}} +{{- end -}} + +{{/* +Returns the secret name for the Secret containing the TLS certificate and key. +Uses `ingress.tls.secretName` first and falls back to `global.ingress.tls.secretName` +if there is a shared tls secret for all ingresses. +*/}} +{{- define "jaeger.tlsSecret" -}} +{{- $defaultName := (dict "secretName" "") -}} +{{- if .Values.global.ingress.configureCertmanager -}} +{{- $_ := set $defaultName "secretName" (printf "%s-jaeger-tls" .Release.Name) -}} +{{- else -}} +{{- $_ := set $defaultName "secretName" (include "gitlab.wildcard-self-signed-cert-name" .) -}} +{{- end -}} +{{- pluck "secretName" .Values.ingress.tls .Values.global.ingress.tls $defaultName | first -}} +{{- end -}} + +{{/* +Returns the nginx ingress class +*/}} +{{- define "jaeger.ingressclass" -}} +{{- pluck "class" .Values.global.ingress (dict "class" (printf "%s-nginx" .Release.Name)) | first -}} +{{- end -}} \ No newline at end of file diff --git a/charts/jaeger/templates/jaeger-cr.yml b/charts/jaeger/templates/jaeger-cr.yml new file mode 100644 index 0000000000000000000000000000000000000000..ef80c04d01cfefd2181642b9ace86c3705df613f --- /dev/null +++ b/charts/jaeger/templates/jaeger-cr.yml @@ -0,0 +1,12 @@ +{{- if and .Values.global.tracing.enabled .Values.global.tracing.install -}} +apiVersion: jaegertracing.io/v1 +kind: Jaeger +metadata: + name: {{ .Values.global.tracing.serviceName }} + namespace: {{ $.Release.Namespace }} + labels: +{{ include "gitlab.standardLabels" . | indent 4 }} +## spec: +## ingress: +## enabled: false +{{- end }} \ No newline at end of file diff --git a/charts/jaeger/templates/jaeger-ingress.yml b/charts/jaeger/templates/jaeger-ingress.yml new file mode 100644 index 0000000000000000000000000000000000000000..f060c86805487804cd396054f6ded6f6f1783e1e --- /dev/null +++ b/charts/jaeger/templates/jaeger-ingress.yml @@ -0,0 +1,41 @@ +{{- if and .Values.global.tracing.enabled .Values.global.tracing.install -}} +{{- if eq (include "gitlab.ingress.enabled" $) "true" -}} +{{- $hostname := include "jaeger.hostname" . -}} +{{- $tlsSecret := include "jaeger.tlsSecret" . -}} +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: {{ template "fullname" . }} + namespace: {{ $.Release.Namespace }} + labels: +{{ include "gitlab.standardLabels" . | indent 4 }} + annotations: + kubernetes.io/ingress.class: "{{ template "jaeger.ingressclass" . }}" + kubernetes.io/ingress.provider: nginx + nginx.ingress.kubernetes.io/proxy-body-size: {{ .Values.ingress.proxyBodySize | quote }} + nginx.ingress.kubernetes.io/proxy-read-timeout: {{ .Values.ingress.proxyReadTimeout | quote }} + nginx.ingress.kubernetes.io/proxy-request-buffering: {{ .Values.ingress.proxyBuffering | quote }} + nginx.ingress.kubernetes.io/proxy-buffering: {{ .Values.ingress.proxyBuffering | quote }} + {{ include "gitlab.certmanager_annotations" . }} + {{- range $key, $value := merge .Values.ingress.annotations .Values.global.ingress.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +spec: + rules: + - host: {{ $hostname }} + http: + paths: + - path: / + backend: + serviceName: {{ .Values.global.tracing.serviceName }}-query + servicePort: 16686 + {{- if (and $tlsSecret (eq (include "gitlab.ingress.tls.enabled" $) "true" )) }} + tls: + - hosts: + - {{ $hostname }} + secretName: {{ $tlsSecret }} + {{- else }} + tls: [] + {{- end }} +{{- end -}} +{{- end -}} diff --git a/charts/jaeger/values.yaml b/charts/jaeger/values.yaml new file mode 100644 index 0000000000000000000000000000000000000000..337d175fb08708520b3e19cf7989806dfc56aaf5 --- /dev/null +++ b/charts/jaeger/values.yaml @@ -0,0 +1,40 @@ +enabled: true + +ingress: + enabled: true + proxyReadTimeout: 900 + proxyBodySize: "0" + proxyBuffering: "off" + tls: {} + # secretName: + # enabled: true + annotations: {} + +global: + ingress: + enabled: true + annotations: {} + tls: {} + # secretName: + # enabled: true + hosts: + domain: example.com + hostSuffix: + https: true + tls: {} + # secretName: + gitlab: {} + #name: gitlab.example.com + #https: false + registry: {} + #name: registry.example.com + #https: false + minio: {} + #name: minio.example.com + #https: false + jaeger: {} + #name: jaeger.example.com + #https: false + tracing: + enabled: true + serviceName: gitlab-jaeger \ No newline at end of file diff --git a/charts/nginx/templates/clusterrolebinding.yaml b/charts/nginx/templates/clusterrolebinding.yaml index 20432ed00f1e60db191205c6d841a4cda82a180f..797d68e08e26315af984d10fe7a6f77e2c428570 100644 --- a/charts/nginx/templates/clusterrolebinding.yaml +++ b/charts/nginx/templates/clusterrolebinding.yaml @@ -1,4 +1,4 @@ -{{- if .Values.enabled -}} +{{- if and .Values.global.tracing.enabled .Values.global.tracing.install -}} {{- if and .Values.rbac.create (not .Values.controller.scope.enabled) -}} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding diff --git a/doc/charts/gitlab/gitlab-monitor/index.md b/doc/charts/gitlab/gitlab-monitor/index.md new file mode 100644 index 0000000000000000000000000000000000000000..80084a2f4af3e455605490a4044a0656e34befb7 --- /dev/null +++ b/doc/charts/gitlab/gitlab-monitor/index.md @@ -0,0 +1,91 @@ +# Using the GitLab-Monitor Chart + +The `gitlab-monitor` sub-chart provides Prometheus metrics for GitLab +application-specific data. It talks to PostgreSQL directly to perform +queries to retrieve data for CI builds, pull mirrors, etc. In addition, +it uses the Sidekiq API, which talks to Redis to gather different +metrics around the state of the Sidekiq queues (e.g. number of jobs). + +## Requirements + +This chart depends on Redis and PostgreSQL services, either as part of +the complete GitLab chart or provided as external services reachable +from the Kubernetes cluster on which this chart is deployed. + +## Configuration + +The `gitlab-monitor` chart is configured as follows: [Global +Settings](#global-settings) and [Chart Settings](#chart-settings). + +## Installation command line options + +The table below contains all the possible chart configurations that can be supplied +to the `helm install` command using the `--set` flags. + +| Parameter | Default | Description | +| -------------------------------- | --------------------- | ---------------------------------------------- | +| `annotations` | | Pod annotations | +| `enabled` | `true` | gitlab-monitor enabled flag | +| `extraContainers` | | List of extra containers to include | +| `extraInitContainers` | | List of extra init containers to include | +| `extraVolumeMounts` | | List of extra volumes mountes to do | +| `extraVolumes` | | List of extra volumes to create | +| `hpa.targetAverageValue` | `100m` | Set the autoscaling target value | +| `image.pullPolicy` | `IfNotPresent` | GitLab image pull policy | +| `image.pullSecrets` | | Secrets for the image repository | +| `image.repository` | `registry.gitlab.com/gitlab-org/build/cng/gitlab-monitor` | Unicorn image repository | +| `image.tag` | | Unicorn image tag | +| `init.image` | `busybox` | initContainer image | +| `init.tag` | `latest` | initContainer image tag | +| `metrics.enabled` | `true` | Toggle Prometheus metrics exporter | +| `resources.requests.cpu` | `50m` | gitlab-monitor minimum cpu | +| `resources.requests.memory` | `150M` | gitlab-monitor minimum memory | +| `service.externalPort` | `8080` | gitlab-monitor exposed port | +| `service.internalPort` | `8080` | gitlab-monitor internal port | +| `service.name` | `unicorn` | gitlab-monitor service name | +| `service.type` | `ClusterIP` | gitlab-monitor service type | + +## Chart configuration examples + +### image.pullSecrets + +`pullSecrets` allows you to authenticate to a private registry to pull images for a pod. + +Additional details about private registries and their authentication methods can be +found in [the Kubernetes documentation](https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod). + +Below is an example use of `pullSecrets`: + +```YAML +image: + repository: my.unicorn.repository + pullPolicy: Always + pullSecrets: + - name: my-secret-name + - name: my-secondary-secret-name +``` + +### annotations + +`annotations` allows you to add annotations to the unicorn pods. For example: + +```YAML +annotations: + kubernetes.io/example-annotation: annotation-value +``` + +## Global Settings + +We share some common global settings among our charts. See the [Globals Documentation](../../globals.md) +for common configuration options, such as GitLab and Registry hostnames. + +## Chart Settings + +The following values are used to configure the gitlab-monitor Pods. + +### metrics.enabled + +By default, each pod exposes a metrics endpoint at `/metrics`. When +metrics are enabled, annotations are added to each pod allowing a +Prometheus server to discover and scrape the exposed metrics. + diff --git a/requirements.yaml b/requirements.yaml index 1fb2fbbd34ee15f9bb9973f9e427047818a2bb61..ce90f391fc2f52411ed3726aecadb8899d0da2ae 100644 --- a/requirements.yaml +++ b/requirements.yaml @@ -16,3 +16,7 @@ dependencies: version: 0.4.1 repository: https://charts.gitlab.io/ condition: gitlab-runner.install +- name: grafana + version: 3.3.7 + repository: https://kubernetes-charts.storage.googleapis.com/ + condition: grafana.install diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl index 5bb1bd6b0d667a9900561c7242489d39a7e2fa7d..c4094d7e66b37464daee620d84fb3554c327d853 100644 --- a/templates/_helpers.tpl +++ b/templates/_helpers.tpl @@ -144,7 +144,7 @@ Alias of gitlab.psql.host Return the db database name */}} {{- define "gitlab.psql.database" -}} -{{- coalesce .Values.global.psql.database "gitlabhq_production" | quote -}} +{{- coalesce .Values.global.psql.database "gitlabhq_production" -}} {{- end -}} {{/* diff --git a/values.yaml b/values.yaml index 0411c099a6e28445f71a9220e29e35c1d0d68651..2c909d4f914b2466c67b198eecb25a44d177818b 100644 --- a/values.yaml +++ b/values.yaml @@ -26,6 +26,7 @@ global: ## doc/charts/globals.md#gitlab-version # gitlabVersion: master + gitlabVersion: v11-11-0-rc2-ee ## doc/charts/globals.md#application-resource application: @@ -298,6 +299,11 @@ global: customCAs: [] # - secret: custom-CA # - secret: more-custom-CAs + + tracing: + enabled: true + install: true + serviceName: jaeger-gitlab ## End of global ## Settings to for the Let's Encrypt ACME Issuer @@ -439,6 +445,36 @@ gitlab-runner: s3CachePath: gitlab-runner s3CacheInsecure: false +grafana: + install: true + adminUser: admin + adminPassword: admin + datasources: + datasources.yaml: + apiVersion: 1 + datasources: + - name: GitLab Omnibus + type: prometheus + url: http://{{ $.Release.Name }}-prometheus-server + access: proxy + isDefault: true + dashboardProviders: + dashboardproviders.yaml: + apiVersion: 1 + providers: + - name: 'default' + orgId: 1 + folder: '' + type: file + disableDeletion: false + editable: true + options: + path: /var/lib/grafana/dashboards/default + dashboards: + default: + overview: + url: https://gitlab.com/gitlab-org/grafana-dashboards/raw/sh-add-kubernetes-dashboard/k8s/overview.json + ## Settings for individual sub-charts under GitLab ## Note: Many of these settings are configurable via globals # gitlab: