From 33fdba579bf3c145266e6ff9ec02c7dd37904fa6 Mon Sep 17 00:00:00 2001 From: Simon-Boyer Date: Thu, 18 Jul 2024 20:55:17 -0400 Subject: [PATCH 1/7] netdata --- system/netdata/argo.yaml | 42 +++++++++++++++++++++++++++ system/netdata/kustomization.yaml | 2 ++ system/netdata/ressources/secret.yaml | 19 ++++++++++++ 3 files changed, 63 insertions(+) create mode 100644 system/netdata/argo.yaml create mode 100644 system/netdata/kustomization.yaml create mode 100644 system/netdata/ressources/secret.yaml diff --git a/system/netdata/argo.yaml b/system/netdata/argo.yaml new file mode 100644 index 0000000..3cd3a0f --- /dev/null +++ b/system/netdata/argo.yaml @@ -0,0 +1,42 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: netdata + namespace: argocd + annotations: + argocd.argoproj.io/sync-wave: "2" +spec: + project: default + sources: + - repoURL: https://github.com/ClubCedille/Plateforme-Cedille + path: system/netdata/ressources + targetRevision: feature/netdata + - chart: netdata + repoURL: https://netdata.github.io/helmchart + targetRevision: 3.7.95 + helm: + releaseName: netdata + valuesObject: + restarter: + enabled: true + parent: + claiming: + enabled: true + envFrom: + - secretRef: + name: netdata-claim + child: + claiming: + enabled: true + envFrom: + - secretRef: + name: netdata-claim + destination: + server: "https://kubernetes.default.svc" + namespace: netdata + syncPolicy: + syncOptions: + - CreateNamespace=true + managedNamespaceMetadata: + labels: + pod-security.kubernetes.io/enforce: privileged \ No newline at end of file diff --git a/system/netdata/kustomization.yaml b/system/netdata/kustomization.yaml new file mode 100644 index 0000000..fa286d4 --- /dev/null +++ b/system/netdata/kustomization.yaml @@ -0,0 +1,2 @@ +resources: +- argo.yaml \ No newline at end of file diff --git a/system/netdata/ressources/secret.yaml b/system/netdata/ressources/secret.yaml new file mode 100644 index 0000000..65bdf54 --- /dev/null +++ b/system/netdata/ressources/secret.yaml @@ -0,0 +1,19 @@ +apiVersion: redhatcop.redhat.io/v1alpha1 +kind: VaultSecret +metadata: + name: netdata-claim +spec: + vaultSecretDefinitions: + - authentication: + path: kubernetes + role: secret-reader + serviceAccount: + name: default + name: netdata + path: kv/data/netdata/default/netdata + output: + name: netdata-claim + stringData: + NETDATA_CLAIM_TOKEN: '{{ .netdata.token }}' + NETDATA_CLAIM_ROOMS: '{{ .netdata.rooms }}' + type: Opaque \ No newline at end of file From 4c7b392ec7c4f018154e125dfc590db4d6823695 Mon Sep 17 00:00:00 2001 From: Simon-Boyer Date: Thu, 18 Jul 2024 21:34:41 -0400 Subject: [PATCH 2/7] move helm to kustomize --- sandboxes/svc-cedille-user/kustomization.yaml | 6 +++++ system/netdata/argo.yaml | 20 ---------------- system/netdata/ressources/kustomization.yml | 23 +++++++++++++++++++ 3 files changed, 29 insertions(+), 20 deletions(-) create mode 100644 system/netdata/ressources/kustomization.yml diff --git a/sandboxes/svc-cedille-user/kustomization.yaml b/sandboxes/svc-cedille-user/kustomization.yaml index cc80293..400946b 100644 --- a/sandboxes/svc-cedille-user/kustomization.yaml +++ b/sandboxes/svc-cedille-user/kustomization.yaml @@ -14,3 +14,9 @@ patches: value: cedille@etsmtl.net target: kind: RoleBinding + - patch: |- + - op: replace + path: /metadata/namespace + value: argocd + target: + kind: Application diff --git a/system/netdata/argo.yaml b/system/netdata/argo.yaml index 3cd3a0f..f62241b 100644 --- a/system/netdata/argo.yaml +++ b/system/netdata/argo.yaml @@ -11,26 +11,6 @@ spec: - repoURL: https://github.com/ClubCedille/Plateforme-Cedille path: system/netdata/ressources targetRevision: feature/netdata - - chart: netdata - repoURL: https://netdata.github.io/helmchart - targetRevision: 3.7.95 - helm: - releaseName: netdata - valuesObject: - restarter: - enabled: true - parent: - claiming: - enabled: true - envFrom: - - secretRef: - name: netdata-claim - child: - claiming: - enabled: true - envFrom: - - secretRef: - name: netdata-claim destination: server: "https://kubernetes.default.svc" namespace: netdata diff --git a/system/netdata/ressources/kustomization.yml b/system/netdata/ressources/kustomization.yml new file mode 100644 index 0000000..352c505 --- /dev/null +++ b/system/netdata/ressources/kustomization.yml @@ -0,0 +1,23 @@ +resources: + - secret.yaml + +helmCharts: +- name: netdata + valuesInline: + restarter: + enabled: true + parent: + claiming: + enabled: true + envFrom: + - secretRef: + name: netdata-claim + child: + claiming: + enabled: true + envFrom: + - secretRef: + name: netdata-claim + releaseName: netdata + version: 3.7.95 + repo: https://netdata.github.io/helmchart \ No newline at end of file From 354a6d301e120d4e891f8b8cbcf66bc956b66a18 Mon Sep 17 00:00:00 2001 From: Simon-Boyer Date: Thu, 18 Jul 2024 21:39:06 -0400 Subject: [PATCH 3/7] back to argocd helm --- system/netdata/argo.yaml | 20 ++++++++++ system/netdata/ressources/kustomization.yml | 42 ++++++++++----------- 2 files changed, 41 insertions(+), 21 deletions(-) diff --git a/system/netdata/argo.yaml b/system/netdata/argo.yaml index f62241b..c87ccdd 100644 --- a/system/netdata/argo.yaml +++ b/system/netdata/argo.yaml @@ -11,6 +11,26 @@ spec: - repoURL: https://github.com/ClubCedille/Plateforme-Cedille path: system/netdata/ressources targetRevision: feature/netdata + - chart: netdata + repoURL: https://netdata.github.io/helmchart + targetRevision: 3.7.95 + helm: + releaseName: netdata + valuesObject: + restarter: + enabled: true + parent: + claiming: + enabled: true + envFrom: + - secretRef: + name: netdata-claim + child: + claiming: + enabled: true + envFrom: + - secretRef: + name: netdata-claim destination: server: "https://kubernetes.default.svc" namespace: netdata diff --git a/system/netdata/ressources/kustomization.yml b/system/netdata/ressources/kustomization.yml index 352c505..90691ca 100644 --- a/system/netdata/ressources/kustomization.yml +++ b/system/netdata/ressources/kustomization.yml @@ -1,23 +1,23 @@ resources: - secret.yaml - -helmCharts: -- name: netdata - valuesInline: - restarter: - enabled: true - parent: - claiming: - enabled: true - envFrom: - - secretRef: - name: netdata-claim - child: - claiming: - enabled: true - envFrom: - - secretRef: - name: netdata-claim - releaseName: netdata - version: 3.7.95 - repo: https://netdata.github.io/helmchart \ No newline at end of file + +# helmCharts: +# - name: netdata +# valuesInline: +# restarter: +# enabled: true +# parent: +# claiming: +# enabled: true +# envFrom: +# - secretRef: +# name: netdata-claim +# child: +# claiming: +# enabled: true +# envFrom: +# - secretRef: +# name: netdata-claim +# releaseName: netdata +# version: 3.7.95 +# repo: https://netdata.github.io/helmchart \ No newline at end of file From dae6d2807544b72b9b12c71aa767fe77af6bea36 Mon Sep 17 00:00:00 2001 From: Simon-Boyer Date: Thu, 18 Jul 2024 22:35:57 -0400 Subject: [PATCH 4/7] add netdata to kustomization --- apps/argo-apps/kustomization.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/apps/argo-apps/kustomization.yaml b/apps/argo-apps/kustomization.yaml index 74ebcc0..4508c26 100644 --- a/apps/argo-apps/kustomization.yaml +++ b/apps/argo-apps/kustomization.yaml @@ -6,6 +6,7 @@ kind: Kustomization #- ../../system/pixie/ # Workload resources: +- ../../system/netdata/ - ../../system/crossplane/ - ../../system/vault/ - ../../system/grafana/ From 4530fb3196d83c92e319e2e228c58074dd8b2dd8 Mon Sep 17 00:00:00 2001 From: Simon-Boyer Date: Sat, 20 Jul 2024 16:36:11 -0400 Subject: [PATCH 5/7] netdata terraform --- terraform/modules/user/main.tf | 7 +++++++ terraform/modules/user/providers.tf | 4 ++++ terraform/modules/user/variables.tf | 4 ++++ terraform/providers.tf | 9 +++++++++ terraform/templates/user_module_template.jinja2 | 1 + terraform/users.tf | 15 ++------------- terraform/variables.tf | 5 +++++ 7 files changed, 32 insertions(+), 13 deletions(-) diff --git a/terraform/modules/user/main.tf b/terraform/modules/user/main.tf index fab6bf1..bf8951b 100644 --- a/terraform/modules/user/main.tf +++ b/terraform/modules/user/main.tf @@ -32,4 +32,11 @@ resource "github_repository_file" "omni_acl" { } }) ]) +} + +# Add user to netdata +resource "netdata_space_member" "test" { + email = var.github_email + space_id = "de0f5b64-9300-4be4-94f3-455efa5c0358" + role = var.netdata_role } \ No newline at end of file diff --git a/terraform/modules/user/providers.tf b/terraform/modules/user/providers.tf index 2f526c3..5fb4df0 100644 --- a/terraform/modules/user/providers.tf +++ b/terraform/modules/user/providers.tf @@ -4,5 +4,9 @@ terraform { source = "integrations/github" version = "5.42.0" } + netdata = { + source = "netdata/netdata" + version = "0.2.0" + } } } \ No newline at end of file diff --git a/terraform/modules/user/variables.tf b/terraform/modules/user/variables.tf index c667eeb..8e634f1 100644 --- a/terraform/modules/user/variables.tf +++ b/terraform/modules/user/variables.tf @@ -40,4 +40,8 @@ variable "cluster_role" { variable "cluster_repo" { type = string +} + +variable "netdata_role" { + type = string } \ No newline at end of file diff --git a/terraform/providers.tf b/terraform/providers.tf index 985639c..b8676cf 100644 --- a/terraform/providers.tf +++ b/terraform/providers.tf @@ -14,6 +14,10 @@ terraform { source = "integrations/github" version = "~> 5.0" } + netdata = { + source = "netdata/netdata" + version = "0.2.0" + } } cloud { @@ -42,4 +46,9 @@ provider "github" { installation_id = var.gh_install_id # or `GITHUB_APP_INSTALLATION_ID` pem_file = var.gh_pem # or `GITHUB_APP_PEM_FILE` } +} + +provider "netdata" { + url = "https://app.netdata.cloud" + auth_token = var.netdata_token } \ No newline at end of file diff --git a/terraform/templates/user_module_template.jinja2 b/terraform/templates/user_module_template.jinja2 index 77365a5..4db5dfd 100644 --- a/terraform/templates/user_module_template.jinja2 +++ b/terraform/templates/user_module_template.jinja2 @@ -12,4 +12,5 @@ module "{{ user }}" { cluster_name = var.cluster_name cluster_role = "{{ cluster_role }}" cluster_repo = var.platform_repo + netdata_role = "observer" } diff --git a/terraform/users.tf b/terraform/users.tf index 94af882..dd5a926 100644 --- a/terraform/users.tf +++ b/terraform/users.tf @@ -11,21 +11,9 @@ module "francis" { cluster_name = var.cluster_name cluster_role = "None" cluster_repo = var.platform_repo + netdata_role = "admin" } -module "philippe" { - source = "./modules/user" - github_email = "philippelamy12@gmail.com" - github_username = "lamiphil" - github_role = "member" - teams = [ - { teamName = "members", teamRole = "member" }, - { teamName = "sre", teamRole = "member" } - ] - cluster_name = var.cluster_name - cluster_role = "Reader" - cluster_repo = var.platform_repo -} module "cedille-test" { source = "./modules/user" @@ -39,4 +27,5 @@ module "cedille-test" { cluster_name = var.cluster_name cluster_role = "Reader" cluster_repo = var.platform_repo + netdata_role = "admin" } \ No newline at end of file diff --git a/terraform/variables.tf b/terraform/variables.tf index 4cd06ea..2b2fce6 100644 --- a/terraform/variables.tf +++ b/terraform/variables.tf @@ -46,4 +46,9 @@ variable "cluster_ca" { variable "cluster_name" { type = string +} + +variable "netdata_token" { + type = string + sensitive = true } \ No newline at end of file From d62426263c9565da2f40bad4bbb3c8b236291175 Mon Sep 17 00:00:00 2001 From: Simon-Boyer Date: Sat, 20 Jul 2024 16:43:25 -0400 Subject: [PATCH 6/7] rename netdata_space_member ressource --- terraform/modules/user/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform/modules/user/main.tf b/terraform/modules/user/main.tf index bf8951b..0445d56 100644 --- a/terraform/modules/user/main.tf +++ b/terraform/modules/user/main.tf @@ -35,7 +35,7 @@ resource "github_repository_file" "omni_acl" { } # Add user to netdata -resource "netdata_space_member" "test" { +resource "netdata_space_member" "cedille_membership" { email = var.github_email space_id = "de0f5b64-9300-4be4-94f3-455efa5c0358" role = var.netdata_role From d876f35e6903320dd4f350e808aef2ed17870dd3 Mon Sep 17 00:00:00 2001 From: Simon-Boyer Date: Sat, 20 Jul 2024 16:46:44 -0400 Subject: [PATCH 7/7] cleanup --- system/netdata/ressources/kustomization.yml | 23 +-------------------- 1 file changed, 1 insertion(+), 22 deletions(-) diff --git a/system/netdata/ressources/kustomization.yml b/system/netdata/ressources/kustomization.yml index 90691ca..4409bfc 100644 --- a/system/netdata/ressources/kustomization.yml +++ b/system/netdata/ressources/kustomization.yml @@ -1,23 +1,2 @@ resources: - - secret.yaml - -# helmCharts: -# - name: netdata -# valuesInline: -# restarter: -# enabled: true -# parent: -# claiming: -# enabled: true -# envFrom: -# - secretRef: -# name: netdata-claim -# child: -# claiming: -# enabled: true -# envFrom: -# - secretRef: -# name: netdata-claim -# releaseName: netdata -# version: 3.7.95 -# repo: https://netdata.github.io/helmchart \ No newline at end of file + - secret.yaml \ No newline at end of file