From 3ef57636584190d89d4e1ef6ce437e119ff903c6 Mon Sep 17 00:00:00 2001 From: kireque <5346530+kireque@users.noreply.github.com> Date: Mon, 26 Aug 2024 23:24:11 +0200 Subject: [PATCH] feat(blackbox-exporter): Deploy :rocket: --- .../blackbox-exporter/app/helmrelease.yaml | 121 ++++++++++++++++++ .../blackbox-exporter/app/kustomization.yaml | 6 + .../apps/monitoring/blackbox-exporter/ks.yaml | 19 +++ .../main/apps/monitoring/kustomization.yaml | 1 + 4 files changed, 147 insertions(+) create mode 100644 kubernetes/main/apps/monitoring/blackbox-exporter/app/helmrelease.yaml create mode 100644 kubernetes/main/apps/monitoring/blackbox-exporter/app/kustomization.yaml create mode 100644 kubernetes/main/apps/monitoring/blackbox-exporter/ks.yaml diff --git a/kubernetes/main/apps/monitoring/blackbox-exporter/app/helmrelease.yaml b/kubernetes/main/apps/monitoring/blackbox-exporter/app/helmrelease.yaml new file mode 100644 index 000000000..d81769489 --- /dev/null +++ b/kubernetes/main/apps/monitoring/blackbox-exporter/app/helmrelease.yaml @@ -0,0 +1,121 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/helm.toolkit.fluxcd.io/helmrelease_v2.json +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: blackbox-exporter +spec: + interval: 30m + chart: + spec: + chart: prometheus-blackbox-exporter + version: 9.0.0 + sourceRef: + kind: HelmRepository + name: prometheus-community + namespace: flux-system + interval: 30m + values: + fullnameOverride: blackbox-exporter + + image: + registry: quay.io + + podSecurityContext: + sysctls: + - name: net.ipv4.ping_group_range + value: "0 2147483647" + + config: + modules: + http_2xx: + prober: http + timeout: 5s + http: + valid_http_versions: ["HTTP/1.1", "HTTP/2.0"] + follow_redirects: true + preferred_ip_protocol: "ip4" + icmp: + prober: icmp + timeout: 30s + icmp: + preferred_ip_protocol: "ip4" + + ingress: + enabled: true + className: internal-nginx + annotations: + external-dns.alpha.kubernetes.io/target: ingress-int.econline.nl + hosts: + - host: &host "blackbox-exporter.econline.nl" + paths: + - path: / + pathType: Prefix + tls: + - hosts: + - *host + + prometheusRule: + enabled: true + additionalLabels: + app: prometheus-operator + release: prometheus + rules: + - alert: BlackboxSslCertificateWillExpireSoon + expr: probe_ssl_earliest_cert_expiry - time() < 86400 * 3 + for: 15m + labels: + severity: critical + annotations: + summary: |- + The SSL certificate for {{ $labels.target }} will expire in less than 3 days + - alert: BlackboxSslCertificateExpired + expr: probe_ssl_earliest_cert_expiry - time() <= 0 + for: 15m + labels: + severity: critical + annotations: + summary: |- + The SSL certificate for {{ $labels.target }} has expired + - alert: BlackboxProbeFailed + expr: probe_success == 0 + for: 15m + labels: + severity: critical + annotations: + summary: |- + The host {{ $labels.instance }} is currently unreachable + + pspEnabled: false + + securityContext: + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + capabilities: + add: ["NET_RAW"] + + serviceMonitor: + enabled: true + defaults: + labels: + release: prometheus + interval: 1m + scrapeTimeout: 30s + targets: + # Robot vacuums + # - module: icmp + # name: valetudo-living-room-icmp + # url: livingroom-vacuum.home.econline.nl + # - module: http_2xx + # name: valetudo-living-room-http + # url: "http://livingroom-vacuum.home.econline.nl" + + # Other devices + - module: icmp + name: zigbee-controller-icmp + url: office-zigbee-adapter.home.econline.nl + + - module: icmp + name: ping-cloudflare + url: 1.1.1.1 + scrape_interval: 30s \ No newline at end of file diff --git a/kubernetes/main/apps/monitoring/blackbox-exporter/app/kustomization.yaml b/kubernetes/main/apps/monitoring/blackbox-exporter/app/kustomization.yaml new file mode 100644 index 000000000..17cbc72b2 --- /dev/null +++ b/kubernetes/main/apps/monitoring/blackbox-exporter/app/kustomization.yaml @@ -0,0 +1,6 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/kustomization +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./helmrelease.yaml diff --git a/kubernetes/main/apps/monitoring/blackbox-exporter/ks.yaml b/kubernetes/main/apps/monitoring/blackbox-exporter/ks.yaml new file mode 100644 index 000000000..bc31b3250 --- /dev/null +++ b/kubernetes/main/apps/monitoring/blackbox-exporter/ks.yaml @@ -0,0 +1,19 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &appname blackbox-exporter + namespace: flux-system +spec: + targetNamespace: monitoring + commonMetadata: + labels: + app.kubernetes.io/name: *appname + interval: 10m + path: "./kubernetes/main/apps/monitoring/blackbox-exporter/app" + prune: true + sourceRef: + kind: GitRepository + name: home-ops-kubernetes + wait: false diff --git a/kubernetes/main/apps/monitoring/kustomization.yaml b/kubernetes/main/apps/monitoring/kustomization.yaml index 31bde4103..fdee66813 100644 --- a/kubernetes/main/apps/monitoring/kustomization.yaml +++ b/kubernetes/main/apps/monitoring/kustomization.yaml @@ -6,6 +6,7 @@ resources: - ./namespace.yaml # Flux-Kustomizations - ./alertmanager/ks.yaml + - ./blackbox-exporter/ks.yaml - ./fluent-bit/ks.yaml - ./grafana/ks.yaml - ./kromgo/ks.yaml