[dop-2361] Due to issue with turning off thanos, leave enabled by def…

…ault, but comment out all settings to cause thanos to be disabled..
IndicoDataSolutions · Oct 29, 2024 · b25a46d · b25a46d
1 parent 3e8b490
commit b25a46d
Show file tree

Hide file tree

Showing 6 changed files with 197 additions and 184 deletions.
diff --git a/azure/ipa.tf b/azure/ipa.tf
@@ -470,33 +470,33 @@ resource "kubernetes_config_map" "azure_dns_credentials" {
 }
 
 
-resource "kubectl_manifest" "thanos-storage-secret" {
-  count      = var.thanos_enabled ? 1 : 0
-  depends_on = [helm_release.ipa-crds, module.secrets-operator-setup]
-  yaml_body  = <<YAML
-    apiVersion: "secrets.hashicorp.com/v1beta1"
-    kind: "VaultStaticSecret"
-    metadata:
-      name:  vault-thanos-storage
-      namespace: default
-    spec:
-      type: "kv-v2"
-      namespace: default
-      mount: customer-Indico-Devops
-      path: thanos-storage
-      refreshAfter: 60s
-      rolloutRestartTargets:
-        - name: prometheus-monitoring-kube-prometheus-prometheus
-          kind: StatefulSet
-      destination:
-        annotations:
-          reflector.v1.k8s.emberstack.com/reflection-allowed: "true"
-          reflector.v1.k8s.emberstack.com/reflection-auto-enabled: "true"
-        create: true
-        name: thanos-storage
-      vaultAuthRef: default
-  YAML
-}
+# resource "kubectl_manifest" "thanos-storage-secret" {
+#   count      = var.thanos_enabled ? 1 : 0
+#   depends_on = [helm_release.ipa-crds, module.secrets-operator-setup]
+#   yaml_body  = <<YAML
+#     apiVersion: "secrets.hashicorp.com/v1beta1"
+#     kind: "VaultStaticSecret"
+#     metadata:
+#       name:  vault-thanos-storage
+#       namespace: default
+#     spec:
+#       type: "kv-v2"
+#       namespace: default
+#       mount: customer-Indico-Devops
+#       path: thanos-storage
+#       refreshAfter: 60s
+#       rolloutRestartTargets:
+#         - name: prometheus-monitoring-kube-prometheus-prometheus
+#           kind: StatefulSet
+#       destination:
+#         annotations:
+#           reflector.v1.k8s.emberstack.com/reflection-allowed: "true"
+#           reflector.v1.k8s.emberstack.com/reflection-auto-enabled: "true"
+#         create: true
+#         name: thanos-storage
+#       vaultAuthRef: default
+#   YAML
+# }
 
 
 resource "kubectl_manifest" "custom-cluster-issuer" {

diff --git a/azure/monitoring.tf b/azure/monitoring.tf
@@ -10,19 +10,25 @@ ingress-nginx:
   EOT
   ) : ""
 
+  # thanos_config = var.thanos_enabled == true ? (<<EOT
+  #     thanos: # this is the one being used
+  #       blockSize: 5m
+  #       objectStorageConfig:
+  #         existingSecret:
+  #           name: thanos-storage
+  #           key: thanos_storage.yaml
+  # EOT
+  #   ) : (<<EOT
+  #     thanos: {}
+  # EOT
+  # )
   thanos_config = var.thanos_enabled == true ? (<<EOT
-      thanos: # this is the one being used
-        blockSize: 5m
-        objectStorageConfig:
-          existingSecret:
-            name: thanos-storage
-            key: thanos_storage.yaml
+      thanos: {}
   EOT
     ) : (<<EOT
       thanos: {}
   EOT
-  )
-
+  # )
   alerting_configuration_values = var.alerting_enabled == false ? (<<EOT
 noExtraConfigs: true
   EOT
@@ -70,13 +76,13 @@ EOT
       reloader.stakater.com/auto: "true"
 
     thanosServiceMonitor:
-      enabled: ${var.thanos_enabled}
+      enabled: false #${var.thanos_enabled}
 
     thanosService:
-      enabled:  ${var.thanos_enabled}
+      enabled:  false #${var.thanos_enabled}
 
     prometheusSpec:
-      disableCompaction: ${var.thanos_enabled}
+      disableCompaction: false #${var.thanos_enabled}
       externalLabels:
         clusterAccount: ${var.account}
         clusterRegion: ${var.region}
@@ -129,13 +135,13 @@ ${local.thanos_config}
       reloader.stakater.com/auto: "true"
 
     thanosServiceMonitor:
-      enabled: ${var.thanos_enabled}
+      enabled: false #${var.thanos_enabled}
 
     thanosService:
-      enabled: ${var.thanos_enabled}
+      enabled: false #${var.thanos_enabled}
     
     prometheusSpec:
-      disableCompaction: ${var.thanos_enabled}
+      disableCompaction: false #${var.thanos_enabled}
       externalLabels:
         clusterAccount: ${var.account}
         clusterRegion: ${var.region}
@@ -300,57 +306,57 @@ ${local.private_dns_config}
   ]
 }
 
-resource "kubectl_manifest" "thanos-datasource-credentials" {
-  count     = var.thanos_enabled ? 1 : 0
-  provider  = kubectl.thanos-kubectl
-  yaml_body = <<YAML
-apiVersion: v1
-stringData:
-  admin-password: ${random_password.monitoring-password.result}
-kind: Secret
-metadata:
-  name: ${replace(local.dns_name, ".", "-")}
-  namespace: default
-type: Opaque
-  YAML
-}
-
-resource "kubectl_manifest" "thanos-datasource" {
-  count      = var.thanos_enabled ? 1 : 0
-  depends_on = [kubectl_manifest.thanos-datasource-credentials]
-  provider   = kubectl.thanos-kubectl
-  yaml_body  = <<YAML
-apiVersion: grafana.integreatly.org/v1beta1
-kind: GrafanaDatasource
-metadata:
-  name: ${replace(local.dns_name, ".", "-")}
-  namespace: default
-spec:
-  valuesFrom:
-    - targetPath: "secureJsonData.basicAuthPassword"
-      valueFrom:
-        secretKeyRef:
-          name: ${replace(local.dns_name, ".", "-")}
-          key: admin-password
-  datasource:
-    basicAuth: true
-    basicAuthUser: monitoring
-    editable: false
-    access: proxy
-    editable: true
-    jsonData:
-      timeInterval: 5s
-      tlsSkipVerify: true
-    name: ${local.dns_name}
-    secureJsonData:
-      basicAuthPassword: $${admin-password}
-    type: prometheus
-    url: https://prometheus.${local.dns_name}/prometheus
-  instanceSelector:
-    matchLabels:
-      dashboards: external-grafana
-  YAML
-}
+# resource "kubectl_manifest" "thanos-datasource-credentials" {
+#   count     = var.thanos_enabled ? 1 : 0
+#   provider  = kubectl.thanos-kubectl
+#   yaml_body = <<YAML
+# apiVersion: v1
+# stringData:
+#   admin-password: ${random_password.monitoring-password.result}
+# kind: Secret
+# metadata:
+#   name: ${replace(local.dns_name, ".", "-")}
+#   namespace: default
+# type: Opaque
+#   YAML
+# }
+
+# resource "kubectl_manifest" "thanos-datasource" {
+#   count      = var.thanos_enabled ? 1 : 0
+#   depends_on = [kubectl_manifest.thanos-datasource-credentials]
+#   provider   = kubectl.thanos-kubectl
+#   yaml_body  = <<YAML
+# apiVersion: grafana.integreatly.org/v1beta1
+# kind: GrafanaDatasource
+# metadata:
+#   name: ${replace(local.dns_name, ".", "-")}
+#   namespace: default
+# spec:
+#   valuesFrom:
+#     - targetPath: "secureJsonData.basicAuthPassword"
+#       valueFrom:
+#         secretKeyRef:
+#           name: ${replace(local.dns_name, ".", "-")}
+#           key: admin-password
+#   datasource:
+#     basicAuth: true
+#     basicAuthUser: monitoring
+#     editable: false
+#     access: proxy
+#     editable: true
+#     jsonData:
+#       timeInterval: 5s
+#       tlsSkipVerify: true
+#     name: ${local.dns_name}
+#     secureJsonData:
+#       basicAuthPassword: $${admin-password}
+#     type: prometheus
+#     url: https://prometheus.${local.dns_name}/prometheus
+#   instanceSelector:
+#     matchLabels:
+#       dashboards: external-grafana
+#   YAML
+# }
 
 
 resource "helm_release" "keda-monitoring" {

diff --git a/azure/variables.tf b/azure/variables.tf
@@ -642,7 +642,7 @@ variable "thanos_cluster_name" {
 
 variable "thanos_enabled" {
   type    = bool
-  default = false
+  default = true
 }
 
 variable "harness_delegate" {

diff --git a/ipa.tf b/ipa.tf
@@ -594,33 +594,33 @@ resource "time_sleep" "wait_1_minutes_after_crds" {
   create_duration = "1m"
 }
 
-resource "kubectl_manifest" "thanos-storage-secret" {
-  count      = var.thanos_enabled ? 1 : 0
-  depends_on = [helm_release.ipa-crds, module.secrets-operator-setup]
-  yaml_body  = <<YAML
-    apiVersion: "secrets.hashicorp.com/v1beta1"
-    kind: "VaultStaticSecret"
-    metadata:
-      name:  vault-thanos-storage
-      namespace: default
-    spec:
-      type: "kv-v2"
-      namespace: default
-      mount: customer-Indico-Devops
-      path: thanos-storage
-      refreshAfter: 60s
-      rolloutRestartTargets:
-        - name: prometheus-monitoring-kube-prometheus-prometheus
-          kind: StatefulSet
-      destination:
-        annotations:
-          reflector.v1.k8s.emberstack.com/reflection-allowed: "true"
-          reflector.v1.k8s.emberstack.com/reflection-auto-enabled: "true"
-        create: true
-        name: thanos-storage
-      vaultAuthRef: default
-  YAML
-}
+# resource "kubectl_manifest" "thanos-storage-secret" {
+#   count      = var.thanos_enabled ? 1 : 0
+#   depends_on = [helm_release.ipa-crds, module.secrets-operator-setup]
+#   yaml_body  = <<YAML
+#     apiVersion: "secrets.hashicorp.com/v1beta1"
+#     kind: "VaultStaticSecret"
+#     metadata:
+#       name:  vault-thanos-storage
+#       namespace: default
+#     spec:
+#       type: "kv-v2"
+#       namespace: default
+#       mount: customer-Indico-Devops
+#       path: thanos-storage
+#       refreshAfter: 60s
+#       rolloutRestartTargets:
+#         - name: prometheus-monitoring-kube-prometheus-prometheus
+#           kind: StatefulSet
+#       destination:
+#         annotations:
+#           reflector.v1.k8s.emberstack.com/reflection-allowed: "true"
+#           reflector.v1.k8s.emberstack.com/reflection-auto-enabled: "true"
+#         create: true
+#         name: thanos-storage
+#       vaultAuthRef: default
+#   YAML
+# }
 
 resource "helm_release" "ipa-pre-requisites" {
   depends_on = [