apiVersion: v1 kind: ConfigMap metadata: name: thanos-12.13.13-d2iq-defaults namespace: ${releaseNamespace} data: values.yaml: | --- storegateway: enabled: false compactor: enabled: false bucketweb: enabled: false ruler: enabled: false receive: enabled: false receiveDistributor: enabled: false queryFrontend: enabled: false query: priorityClassName: "dkp-critical-priority" # Enable DNS discovery for stores dnsDiscovery: enabled: false # Enable DNS discovery for sidecars (this is for the chart built-in sidecar service) sidecarsService: false # Addresses of statically configured store API servers (repeatable). stores: [] # Names of configmap that contain addresses of store API servers, used for file service discovery. existingSDConfigmap: kommander-thanos-query-stores # Add extra arguments to the compact service extraFlags: # Refresh interval to re-read file SD files. It is used as a resync fallback. - "--store.sd-interval=5m" - "--store.sd-files=/conf/sd/stores.yaml" # Name of HTTP request header used for dynamic prefixing of UI links and redirects. - "--web.prefix-header=X-Forwarded-Prefix" # configuring client tls secret using .grpc.client.tls.existingSecret has assumption on the keys within secret # that is not compatible with cert-manager cert secret ## start grpc client tls config ## - "--grpc-client-tls-secure" - "--grpc-client-tls-cert=/etc/certs/tls.crt" - "--grpc-client-tls-key=/etc/certs/tls.key" - "--grpc-client-tls-ca=/etc/certs/ca.crt" - "--grpc-client-server-name=server.thanos.localhost.localdomain" extraVolumes: - name: kommander-thanos-client-tls secret: defaultMode: 420 secretName: kommander-thanos-client-tls extraVolumeMounts: - mountPath: /etc/certs name: kommander-thanos-client-tls readOnly: true ## end grpc client tls config ## service: ports: http: 10902 serviceGrpc: ports: grpc: 10901 commonAnnotations: secret.reloader.stakater.com/reload: kommander-thanos-client-tls # TODO: make an upstream change to add a change to so that this label will only be applied to service commonLabels: servicemonitor.kommander.mesosphere.io/path: "metrics" ingress: hostname: "" enabled: true annotations: kubernetes.io/ingress.class: kommander-traefik traefik.ingress.kubernetes.io/router.tls: "true" traefik.ingress.kubernetes.io/router.middlewares: "${workspaceNamespace}-stripprefixes@kubernetescrd,${workspaceNamespace}-forwardauth@kubernetescrd" # the way upstream chart defined doesn't support ingress rule without hostname extraRules: - http: paths: - backend: service: name: thanos-query port: number: 10902 path: /dkp/kommander/monitoring/query pathType: ImplementationSpecific extraHosts: [] tls: []