# The values.yaml is documented here: https://github.com/prometheus-community/helm-charts/blob/main/charts/kube-prometheus-stack/values.yaml

####### This block configures resource limits for the tooling and disables scaping of them using annotations

prometheusOperator:
  admissionWebhooks:
    patch:
      podAnnotations:
        sidecar.istio.io/inject: "false"
  # Define resource limits
  resources:
    requests:
      cpu: "10m"
      memory: "128Mi"
    limits:
      memory: "1Gi"

prometheus-node-exporter:
  # Disables Prometheus annotations on monitoring components because they are scraped using an explicit config
  service:
    annotations:
      prometheus.io/scrape: "false"

kube-state-metrics:
  # Disables Prometheus annotations on monitoring components because they are scraped using an explicit config
  prometheusScrape: false

  # Define resource limits
  resources:
    requests:
      cpu: "10m"
      memory: "128Mi"
    limits:
      memory: "2Gi"

####### This block disables unnecessary features

kubeEtcd:
  # Disable scraping of control plane component etcd because it is not reachable from the data plane
  enabled: false

kubeControllerManager:
  # Disable scraping of control plane component kubeControllerManager because it is not reachable from the data plane
  enabled: false

kubeProxy:
  # Disable scraping of control plane component kubeProxy because it is not reachable from the data plane
  enabled: false

kubeScheduler:
  # Disable scraping of control plane component kubeScheduler because it is not reachable from the data plane
  enabled: false

prometheus:
  prometheusSpec:
####### This block is required to enable OTLP ingestion
    enableOTLPReceiver: true
    otlp:
      promoteResourceAttributes:
      - service.instance.id
      - service.name
      - service.namespace
      - cloud.availability_zone
      - cloud.region
      - container.name
      - k8s.cluster.name
      - k8s.container.name
      - k8s.cronjob.name
      - k8s.daemonset.name
      - k8s.deployment.name
      - k8s.job.name
      - k8s.namespace.name
      - k8s.pod.name
      - k8s.replicaset.name
      - k8s.statefulset.name
    tsdb:
      outOfOrderTimeWindow: 30m

####### This block is required to run Prometheus with a sidecar so that consumers can call it securely
    podMetadata:
      labels:
        # Enables istio sidecar injection
        sidecar.istio.io/inject: "false"
      annotations:
        # Configures istio to not intercept outbound traffic
        traffic.sidecar.istio.io/includeOutboundIPRanges: ""

####### This block configures data retention and persistence
    # How long to retain metrics
    retention: 30d

    # Maximum size of metrics
    retentionSize: 25GB

    # Use a persistent volume for durable storage of data
    storageSpec:
      volumeClaimTemplate:
        spec:
          resources:
            requests:
              storage: 30Gi
    
    # Define resource limits
    resources:
      requests:
        cpu: 125m
        memory: 256Mi
      limits:
        memory: 4Gi


####### This block configures Grafana with Istio sidecar and Alertmanager as additional datasource

grafana:
  # Add alertmanager as datasource
  additionalDataSources:
    - name: Alertmanager
      type: alertmanager
      url: http://{{ printf "%s-kube-prometh-alertmanager.%s" .Release.Name .Release.Namespace }}:9093
      access: proxy
      jsonData:
        implementation: prometheus
  # Configure all grafana sidecars (for loading of dashboards/datasources/rules) with proper security context
  sidecar:
    securityContext:
      privileged: false
      runAsGroup: 1337
      runAsNonRoot: true
      runAsUser: 1337
  podLabels:
    # Enable Istio sidecar for Grafana
    sidecar.istio.io/inject: "true"