Skip to content

counter proposal with values files #67

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
tommartensen wants to merge 17 commits into
base: main
Choose a base branch
from
Draft

counter proposal with values files #67

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
17 commits
Select commit Hold shift + click to select a range
0fc2370
X-Smart-Branch-Parent: main
JoukoVirtanen Sep 30, 2025
4651220
Set kube-burner config ref for the secured cluster
JoukoVirtanen Jun 28, 2025
79ba82d
Cluster runs for 6h
JoukoVirtanen Jun 28, 2025
18c5022
Set cluster lifespan back to 168h
JoukoVirtanen Aug 22, 2025
0e704c5
Increase memory for prometheus using a patch
JoukoVirtanen Aug 27, 2025
169be03
Using correct deployment
JoukoVirtanen Aug 28, 2025
765eb45
Replace prometheus configmap so berserker containers won't be scraped
JoukoVirtanen Sep 4, 2025
932361d
Corrected prometheus.yaml. Monitoring pod not immediately crashing
JoukoVirtanen Sep 4, 2025
a9a9844
Metrics for berserker containers should be dropped for real
JoukoVirtanen Sep 5, 2025
a426226
Not collecting metrics for berserker namespaces
JoukoVirtanen Sep 5, 2025
3746973
Increased the memory for the prometheus container to 8Gi
JoukoVirtanen Sep 13, 2025
d261f4d
Update release/start-secured-cluster/start-secured-cluster.sh
JoukoVirtanen Sep 29, 2025
873b4cd
Changed the kube burner config ref back
JoukoVirtanen Sep 29, 2025
7782263
Using yq to set memory limits and requests to 8Gi
JoukoVirtanen Sep 29, 2025
9b9249f
Removed patch-monitoring.json
JoukoVirtanen Sep 30, 2025
04a2cb7
Removed redundant creation of configmap
JoukoVirtanen Sep 30, 2025
c05bc36
counter proposal with values files
tommartensen Oct 2, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 0 additions & 2 deletions release/start-kube-burner/start-kube-burner.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,8 +39,6 @@ temp_metrics_file="${DIR}"/metrics.yml
sed '/captureStart/d' "${KUBE_BURNER_METRICS_FILE}" > "$temp_metrics_file"
kubectl create configmap --from-file="$temp_metrics_file" kube-burner-metrics-config -n kube-burner

kubectl create configmap --from-file="$KUBE_BURNER_METRICS_FILE" kube-burner-metrics-config -n kube-burner

kubectl create -f "${DIR}"/service-account.yaml
kubectl create -f "${DIR}"/cluster-role-binding.yaml

Expand Down
72 changes: 72 additions & 0 deletions release/start-secured-cluster/monitoring-values-override.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,72 @@
resources:
requests:
memory: "8Gi"
limits:
memory: "8Gi"

prometheus:
scrape_configs: |
- job_name: "kubernetes-pods"
tls_config:
insecure_skip_verify: false
kubernetes_sd_configs:
- role: pod
namespaces:
own_namespace: true
relabel_configs:
- action: labelmap
regex: __meta_kubernetes_pod_label_(.+)
- source_labels: [__meta_kubernetes_namespace]
action: replace
target_label: namespace
- source_labels: [__meta_kubernetes_pod_name]
action: replace
target_label: pod
- source_labels: [__meta_kubernetes_pod_node_name]
action: replace
target_label: node_name

- job_name: "kubernetes-cadvisor"
scheme: https
metrics_path: /metrics/cadvisor
tls_config:
ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
insecure_skip_verify: true
authorization:
credentials_file: /var/run/secrets/kubernetes.io/serviceaccount/token
kubernetes_sd_configs:
- role: node
relabel_configs:
- action: labelmap
regex: __meta_kubernetes_node_label_(.+)

metric_relabel_configs:
- source_labels: [container]
regex: berserker
action: drop
- source_labels: [namespace]
regex: berserker-*
action: drop

- job_name: stackrox
tls_config:
insecure_skip_verify: false
kubernetes_sd_configs:
- role: endpoints
namespaces:
own_namespace: true
relabel_configs:
- source_labels: [__meta_kubernetes_endpoint_port_name]
action: keep
regex: monitoring
- source_labels: [__meta_kubernetes_endpoints_name]
action: replace
target_label: job
- source_labels: [__meta_kubernetes_namespace]
action: replace
target_label: namespace
- source_labels: [__meta_kubernetes_endpoint_node_name]
action: replace
target_label: node_name

rules_custom: ""
8 changes: 6 additions & 2 deletions release/start-secured-cluster/start-secured-cluster.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,13 +13,17 @@ kubectl -n stackrox create secret generic access-rhacs \
kubectl create -f "${SCRIPT_DIR}/collector-config.yaml"

echo "Deploying Monitoring..."

helm_args=(
--set persistence.type="${STORAGE}"
--set exposure.type="${MONITORING_LOAD_BALANCER}"
)

helm dependency update "${COMMON_DIR}/../charts/monitoring"
envsubst < "${COMMON_DIR}/../charts/monitoring/values.yaml" > "${COMMON_DIR}/../charts/monitoring/values_substituted.yaml"
helm upgrade -n stackrox --install --create-namespace stackrox-monitoring "${COMMON_DIR}/../charts/monitoring" --values "${COMMON_DIR}/../charts/monitoring/values_substituted.yaml" "${helm_args[@]}"
helm upgrade -n stackrox --install --create-namespace stackrox-monitoring "${COMMON_DIR}/../charts/monitoring" \
--values "${COMMON_DIR}/../charts/monitoring/values_substituted.yaml" \
--values "${SCRIPT_DIR}/monitoring-values-override.yaml" \
"${helm_args[@]}"

rm "${COMMON_DIR}/../charts/monitoring/values_substituted.yaml"
echo "Deployed Monitoring..."
Loading