diff --git a/charts/prometheus-node-exporter/Chart.yaml b/charts/prometheus-node-exporter/Chart.yaml index 2862c643b6d5..010e1c4769ff 100644 --- a/charts/prometheus-node-exporter/Chart.yaml +++ b/charts/prometheus-node-exporter/Chart.yaml @@ -6,8 +6,8 @@ keywords: - prometheus - exporter type: application -version: 4.21.8 -appVersion: 1.6.0 +version: 4.37.1 +appVersion: 1.8.1 home: https://github.com/prometheus/node_exporter/ sources: - https://github.com/prometheus/node_exporter/ diff --git a/charts/prometheus-node-exporter/README.md b/charts/prometheus-node-exporter/README.md index 5dbfa328977c..ef8384410240 100644 --- a/charts/prometheus-node-exporter/README.md +++ b/charts/prometheus-node-exporter/README.md @@ -1,18 +1,18 @@ -# Prometheus `Node Exporter` +# Prometheus Node Exporter Prometheus exporter for hardware and OS metrics exposed by *NIX kernels, written in Go with pluggable metric collectors. -This chart bootstraps a prometheus [`Node Exporter`](http://github.com/prometheus/node_exporter) daemonset on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. +This chart bootstraps a Prometheus [Node Exporter](http://github.com/prometheus/node_exporter) daemonset on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. ## Get Repository Info - + ```console helm repo add prometheus-community https://prometheus-community.github.io/helm-charts helm repo update ``` -_See [`helm repo`](https://helm.sh/docs/helm/helm_repo/) for command documentation._ - +_See [helm repo](https://helm.sh/docs/helm/helm_repo/) for command documentation._ + ## Install Chart ```console @@ -36,15 +36,11 @@ _See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command doc ## Upgrading Chart ```console -helm upgrade [RELEASE_NAME] [CHART] --install +helm upgrade [RELEASE_NAME] prometheus-community/prometheus-node-exporter --install ``` _See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documentation._ -### 4.16 to 4.17+ - -`containerSecurityContext.readOnlyRootFilesystem` is set to `true` by default. - ### 3.x to 4.x Starting from version 4.0.0, the `node exporter` chart is using the [Kubernetes recommended labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/common-labels/). Therefore you have to delete the daemonset before you upgrade. diff --git a/charts/prometheus-node-exporter/templates/_helpers.tpl b/charts/prometheus-node-exporter/templates/_helpers.tpl index 1eac025c468a..84f7e9e32500 100644 --- a/charts/prometheus-node-exporter/templates/_helpers.tpl +++ b/charts/prometheus-node-exporter/templates/_helpers.tpl @@ -208,3 +208,20 @@ labelNameLengthLimit: {{ . }} labelValueLengthLimit: {{ . }} {{- end }} {{- end }} + +{{/* Sets sidecar volumeMounts */}} +{{- define "prometheus-node-exporter.sidecarVolumeMounts" -}} +{{- range $_, $mount := $.Values.sidecarVolumeMount }} +- name: {{ $mount.name }} + mountPath: {{ $mount.mountPath }} + readOnly: {{ $mount.readOnly }} +{{- end }} +{{- range $_, $mount := $.Values.sidecarHostVolumeMounts }} +- name: {{ $mount.name }} + mountPath: {{ $mount.mountPath }} + readOnly: {{ $mount.readOnly }} +{{- if $mount.mountPropagation }} + mountPropagation: {{ $mount.mountPropagation }} +{{- end }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/prometheus-node-exporter/templates/clusterrole.yaml b/charts/prometheus-node-exporter/templates/clusterrole.yaml index 1fd91150f489..c256dba73dbb 100644 --- a/charts/prometheus-node-exporter/templates/clusterrole.yaml +++ b/charts/prometheus-node-exporter/templates/clusterrole.yaml @@ -3,7 +3,6 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: {{ include "prometheus-node-exporter.fullname" . }} - namespace: {{ include "prometheus-node-exporter.namespace" . }} labels: {{- include "prometheus-node-exporter.labels" . | nindent 4 }} rules: diff --git a/charts/prometheus-node-exporter/templates/daemonset.yaml b/charts/prometheus-node-exporter/templates/daemonset.yaml index 4c81156edc27..24aae10e1a2a 100644 --- a/charts/prometheus-node-exporter/templates/daemonset.yaml +++ b/charts/prometheus-node-exporter/templates/daemonset.yaml @@ -13,6 +13,7 @@ spec: selector: matchLabels: {{- include "prometheus-node-exporter.selectorLabels" . | nindent 6 }} + revisionHistoryLimit: {{ .Values.revisionHistoryLimit }} {{- with .Values.updateStrategy }} updateStrategy: {{- toYaml . | nindent 4 }} @@ -39,6 +40,9 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} serviceAccountName: {{ include "prometheus-node-exporter.serviceAccountName" . }} + {{- with .Values.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ . }} + {{- end }} containers: {{- $servicePort := .Values.service.port }} - name: node-exporter @@ -49,7 +53,7 @@ spec: - --path.sysfs=/host/sys {{- if .Values.hostRootFsMount.enabled }} - --path.rootfs=/host/root - {{- if semverCompare ">=1.4.0" (default .Chart.AppVersion .Values.image.tag) }} + {{- if semverCompare ">=1.4.0-0" (coalesce .Values.version .Values.image.tag .Chart.AppVersion) }} - --path.udev.data=/host/root/run/udev/data {{- end }} {{- end }} @@ -123,12 +127,24 @@ spec: resources: {{- toYaml . | nindent 12 }} {{- end }} + {{- if .Values.terminationMessageParams.enabled }} + {{- with .Values.terminationMessageParams }} + terminationMessagePath: {{ .terminationMessagePath }} + terminationMessagePolicy: {{ .terminationMessagePolicy }} + {{- end }} + {{- end }} volumeMounts: - name: proc mountPath: /host/proc + {{- with .Values.hostProcFsMount.mountPropagation }} + mountPropagation: {{ . }} + {{- end }} readOnly: true - name: sys mountPath: /host/sys + {{- with .Values.hostSysFsMount.mountPropagation }} + mountPropagation: {{ . }} + {{- end }} readOnly: true {{- if .Values.hostRootFsMount.enabled }} - name: root @@ -159,24 +175,10 @@ spec: - name: {{ .name }} mountPath: {{ .mountPath }} {{- end }} - {{- with .Values.sidecars }} - {{- toYaml . | nindent 8 }} - {{- if or $.Values.sidecarVolumeMount $.Values.sidecarHostVolumeMounts }} - volumeMounts: - {{- range $_, $mount := $.Values.sidecarVolumeMount }} - - name: {{ $mount.name }} - mountPath: {{ $mount.mountPath }} - readOnly: {{ $mount.readOnly }} - {{- end }} - {{- range $_, $mount := $.Values.sidecarHostVolumeMounts }} - - name: {{ $mount.name }} - mountPath: {{ $mount.mountPath }} - readOnly: {{ $mount.readOnly }} - {{- if $mount.mountPropagation }} - mountPropagation: {{ $mount.mountPropagation }} - {{- end }} - {{- end }} - {{- end }} + {{- range .Values.sidecars }} + {{- $overwrites := dict "volumeMounts" (concat (include "prometheus-node-exporter.sidecarVolumeMounts" $ | fromYamlArray) (.volumeMounts | default list) | default list) }} + {{- $defaults := dict "image" (include "prometheus-node-exporter.image" $) "securityContext" $.Values.containerSecurityContext "imagePullPolicy" $.Values.image.pullPolicy }} + - {{- toYaml (merge $overwrites . $defaults) | nindent 10 }} {{- end }} {{- if .Values.kubeRBACProxy.enabled }} - name: kube-rbac-proxy @@ -205,7 +207,10 @@ spec: {{- end }} ports: - containerPort: {{ .Values.service.port}} - name: "http" + name: {{ .Values.kubeRBACProxy.portName }} + {{- if .Values.kubeRBACProxy.enableHostPort }} + hostPort: {{ .Values.service.port }} + {{- end }} {{- if gt (int .Values.kubeRBACProxy.proxyEndpointsPort) 0 }} - containerPort: {{ .Values.kubeRBACProxy.proxyEndpointsPort }} name: "http-healthz" @@ -217,15 +222,27 @@ spec: initialDelaySeconds: 5 timeoutSeconds: 5 {{- end }} + {{- if .Values.kubeRBACProxy.resources }} + resources: + {{- toYaml .Values.kubeRBACProxy.resources | nindent 12 }} + {{- end }} + {{- if .Values.terminationMessageParams.enabled }} + {{- with .Values.terminationMessageParams }} + terminationMessagePath: {{ .terminationMessagePath }} + terminationMessagePolicy: {{ .terminationMessagePolicy }} + {{- end }} + {{- end }} env: - name: HOST_IP valueFrom: fieldRef: apiVersion: v1 fieldPath: status.hostIP - {{- if .Values.kubeRBACProxy.resources }} - resources: - {{ toYaml .Values.kubeRBACProxy.resources | nindent 12 }} + {{- with .Values.kubeRBACProxy.env }} + {{- range $key, $value := $.Values.kubeRBACProxy.env }} + - name: {{ $key }} + value: {{ $value | quote }} + {{- end }} {{- end }} {{- if .Values.kubeRBACProxy.containerSecurityContext }} securityContext: @@ -272,6 +289,9 @@ spec: nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.restartPolicy }} + restartPolicy: {{ . }} + {{- end }} {{- with .Values.tolerations }} tolerations: {{- toYaml . | nindent 8 }} @@ -292,6 +312,9 @@ spec: - name: {{ $mount.name }} hostPath: path: {{ $mount.hostPath }} + {{- with $mount.type }} + type: {{ . }} + {{- end }} {{- end }} {{- range $_, $mount := .Values.sidecarVolumeMount }} - name: {{ $mount.name }} diff --git a/charts/prometheus-node-exporter/templates/extra-manifests.yaml b/charts/prometheus-node-exporter/templates/extra-manifests.yaml index 567f7bf32971..2b21b710621f 100644 --- a/charts/prometheus-node-exporter/templates/extra-manifests.yaml +++ b/charts/prometheus-node-exporter/templates/extra-manifests.yaml @@ -1,4 +1,4 @@ {{ range .Values.extraManifests }} --- -{{ tpl (toYaml .) $ }} +{{ tpl . $ }} {{ end }} diff --git a/charts/prometheus-node-exporter/templates/rbac-configmap.yaml b/charts/prometheus-node-exporter/templates/rbac-configmap.yaml index d8606b1c5923..814e11033752 100644 --- a/charts/prometheus-node-exporter/templates/rbac-configmap.yaml +++ b/charts/prometheus-node-exporter/templates/rbac-configmap.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: {{ template "prometheus-node-exporter.fullname" . }}-rbac-config + namespace: {{ include "prometheus-node-exporter.namespace" . }} data: config-file.yaml: |+ authorization: diff --git a/charts/prometheus-node-exporter/templates/service.yaml b/charts/prometheus-node-exporter/templates/service.yaml index c0129dbdc9a8..91270981656b 100644 --- a/charts/prometheus-node-exporter/templates/service.yaml +++ b/charts/prometheus-node-exporter/templates/service.yaml @@ -1,3 +1,4 @@ +{{- if .Values.service.enabled }} apiVersion: v1 kind: Service metadata: @@ -10,7 +11,17 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} spec: +{{- if .Values.service.ipDualStack.enabled }} + ipFamilies: {{ toYaml .Values.service.ipDualStack.ipFamilies | nindent 4 }} + ipFamilyPolicy: {{ .Values.service.ipDualStack.ipFamilyPolicy }} +{{- end }} +{{- if .Values.service.externalTrafficPolicy }} + externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy }} +{{- end }} type: {{ .Values.service.type }} +{{- if and (eq .Values.service.type "ClusterIP") .Values.service.clusterIP }} + clusterIP: "{{ .Values.service.clusterIP }}" +{{- end }} ports: - port: {{ .Values.service.port }} {{- if ( and (eq .Values.service.type "NodePort" ) (not (empty .Values.service.nodePort)) ) }} @@ -21,3 +32,4 @@ spec: name: {{ .Values.service.portName }} selector: {{- include "prometheus-node-exporter.selectorLabels" . | nindent 4 }} +{{- end }} \ No newline at end of file diff --git a/charts/prometheus-node-exporter/templates/serviceaccount.yaml b/charts/prometheus-node-exporter/templates/serviceaccount.yaml index 5c3348c09baf..462b0cda4ba5 100644 --- a/charts/prometheus-node-exporter/templates/serviceaccount.yaml +++ b/charts/prometheus-node-exporter/templates/serviceaccount.yaml @@ -10,6 +10,7 @@ metadata: annotations: {{- toYaml . | nindent 4 }} {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }} {{- if or .Values.serviceAccount.imagePullSecrets .Values.global.imagePullSecrets }} imagePullSecrets: {{- include "prometheus-node-exporter.imagePullSecrets" (dict "Values" .Values "imagePullSecrets" .Values.serviceAccount.imagePullSecrets) | indent 2 }} diff --git a/charts/prometheus-node-exporter/values.yaml b/charts/prometheus-node-exporter/values.yaml index 611b06d4d2b9..c04d1a4ff695 100644 --- a/charts/prometheus-node-exporter/values.yaml +++ b/charts/prometheus-node-exporter/values.yaml @@ -14,6 +14,10 @@ imagePullSecrets: [] nameOverride: "" fullnameOverride: "" +# Number of old history to retain to allow rollback +# Default Kubernetes value is set to 10 +revisionHistoryLimit: 10 + global: # To help compatibility with other charts which use global.imagePullSecrets. # Allow either an array of {name: pullSecret} maps (k8s-style), or an array of strings (more common helm-style). @@ -35,14 +39,17 @@ global: # The requests are served through the same service but requests are HTTPS. kubeRBACProxy: enabled: false + ## Set environment variables as name/value pairs + env: {} + # VARIABLE: value image: registry: quay.io repository: brancz/kube-rbac-proxy - tag: v0.14.0 + tag: v0.18.0 sha: "" pullPolicy: IfNotPresent - # List of additional cli arguments to configure kube-rbac-prxy + # List of additional cli arguments to configure kube-rbac-proxy # for example: --tls-cipher-suites, --log-file, etc. # all the possible args can be found here: https://github.com/brancz/kube-rbac-proxy#usage extraArgs: [] @@ -52,6 +59,18 @@ kubeRBACProxy: ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container containerSecurityContext: {} + # Specify the name of the container port + portName: http + # Configure a hostPort. If true, hostPort will be enabled in the container and set to service.port. + enableHostPort: false + + # Configure Proxy Endpoints Port + # This is the port being probed for readiness + # If > 0, configure --proxy-endpoints-port, and enable readiness probe + proxyEndpointsPort: 0 + # Configure a hostPort. If true, hostPort will be enabled in the container and set to proxyEndpointsPort. + enableProxyEndpointsHostPort: false + resources: {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little @@ -64,11 +83,10 @@ kubeRBACProxy: # cpu: 10m # memory: 32Mi - # If > 0, configure --proxy-endpoints-port, and enable readiness probe - proxyEndpointsPort: 0 - service: + enabled: true type: ClusterIP + clusterIP: "" port: 19100 targetPort: 19100 nodePort: @@ -76,6 +94,11 @@ service: listenOnAllInterfaces: true annotations: prometheus.io/scrape: "true" + ipDualStack: + enabled: false + ipFamilies: ["IPv6", "IPv4"] + ipFamilyPolicy: "PreferDualStack" + externalTrafficPolicy: "" # Set a NetworkPolicy with: # ingress only on service.port @@ -253,6 +276,10 @@ resources: {} # cpu: 100m # memory: 30Mi +# Specify the container restart policy passed to the Node Export container +# Possible Values: Always (default)|OnFailure|Never +restartPolicy: null + serviceAccount: # Specifies whether a ServiceAccount should be created create: true @@ -304,6 +331,16 @@ hostRootFsMount: # https://kubernetes.io/docs/concepts/storage/volumes/#mount-propagation mountPropagation: HostToContainer +# Mount the node's proc file system (/proc) at /host/proc in the container +hostProcFsMount: + # Possible values are None, HostToContainer, and Bidirectional + mountPropagation: "" + +# Mount the node's sys file system (/sys) at /host/sys in the container +hostSysFsMount: + # Possible values are None, HostToContainer, and Bidirectional + mountPropagation: "" + ## Assign a group of affinity scheduling rules ## affinity: {} @@ -348,10 +385,22 @@ nodeSelector: kubernetes.io/os: linux # kubernetes.io/arch: amd64 +# Specify grace period for graceful termination of pods. Defaults to 30 if null or not specified +terminationGracePeriodSeconds: null + tolerations: - effect: NoSchedule operator: Exists +# Enable or disable container termination message settings +# https://kubernetes.io/docs/tasks/debug/debug-application/determine-reason-pod-failure/ +terminationMessageParams: + enabled: false + # If enabled, specify the path for termination messages + terminationMessagePath: /dev/termination-log + # If enabled, specify the policy for termination messages + terminationMessagePolicy: File + ## Assign a PriorityClassName to pods if set # priorityClassName: "" @@ -366,6 +415,8 @@ extraArgs: [] extraHostVolumeMounts: [] # - name: # hostPath: +# https://kubernetes.io/docs/concepts/storage/volumes/#hostpath-volume-types +# type: "" (Default)|DirectoryOrCreate|Directory|FileOrCreate|File|Socket|CharDevice|BlockDevice # mountPath: # readOnly: true|false # mountPropagation: None|HostToContainer|Bidirectional @@ -382,18 +433,19 @@ secrets: [] ## namespaceOverride: "" -## Additional containers for export metrics to text file +## Additional containers for export metrics to text file; fields image,imagePullPolicy,securityContext take default value from main container ## sidecars: [] -## - name: nvidia-dcgm-exporter -## image: nvidia/dcgm-exporter:1.4.3 +# - name: nvidia-dcgm-exporter +# image: nvidia/dcgm-exporter:1.4.3 +# volumeMounts: +# - name: tmp +# mountPath: /tmp -## Volume for sidecar containers -## sidecarVolumeMount: [] -## - name: collector-textfiles -## mountPath: /run/prometheus -## readOnly: false +# - name: collector-textfiles +# mountPath: /run/prometheus +# readOnly: false ## Additional mounts from the host to sidecar containers ## @@ -465,13 +517,17 @@ verticalPodAutoscaler: # Extra manifests to deploy as an array extraManifests: [] - # - apiVersion: v1 + # - | + # apiVersion: v1 # kind: ConfigMap # metadata: # name: prometheus-extra # data: # extra-data: "value" +# Override version of app, required if image.tag is defined and does not follow semver +version: "" + # Nginx configuration for prometheus-node-exporter nginx: image: