From 904a44f0fdd32b55054a98ee57438dd7a4d91f94 Mon Sep 17 00:00:00 2001 From: Nicole Date: Wed, 24 Jan 2024 18:46:34 -0700 Subject: [PATCH 01/14] added more customizable vars for volumes and where termination message paths should go Signed-off-by: Nicole --- .../templates/daemonset.yaml | 35 +++++++++++- charts/prometheus-node-exporter/values.yaml | 57 +++++++++++++++++-- 2 files changed, 86 insertions(+), 6 deletions(-) diff --git a/charts/prometheus-node-exporter/templates/daemonset.yaml b/charts/prometheus-node-exporter/templates/daemonset.yaml index bcba856f916e..8ef6bb177271 100644 --- a/charts/prometheus-node-exporter/templates/daemonset.yaml +++ b/charts/prometheus-node-exporter/templates/daemonset.yaml @@ -40,6 +40,7 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} serviceAccountName: {{ include "prometheus-node-exporter.serviceAccountName" . }} + terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }} containers: {{- $servicePort := ternary .Values.kubeRBACProxy.port .Values.service.port .Values.kubeRBACProxy.enabled }} - name: node-exporter @@ -124,12 +125,25 @@ spec: resources: {{- toYaml . | nindent 12 }} {{- end }} + + # CHANGED + {{- if eq .Values.configureTerminationMessagePath true }} + terminationMessagePath: {{ .Values.terminationMessagePath }} + terminationMessagePolicy: {{ .Values.terminationMessagePolicy }} + {{- end }} + volumeMounts: - name: proc mountPath: /host/proc + {{- if .Values.hostProcFsMount.enabled }} + mountPropagation: {{ .Values.hostProcFsMount.mountPropagation }} + {{- end }} readOnly: true - name: sys mountPath: /host/sys + {{- if .Values.hostProcFsMount.enabled }} + mountPropagation: {{ .Values.hostSysFsMount.mountPropagation }} + {{- end }} readOnly: true {{- if .Values.hostRootFsMount.enabled }} - name: root @@ -146,6 +160,7 @@ spec: {{- with $mount.mountPropagation }} mountPropagation: {{ . }} {{- end }} + type: {{ $mount.type}} {{- end }} {{- range $_, $mount := .Values.sidecarVolumeMount }} - name: {{ $mount.name }} @@ -196,6 +211,9 @@ spec: {{- if .Values.kubeRBACProxy.enableHostPort }} hostPort: {{ .Values.service.port }} {{- end }} + + # CHANGED + protocol: {{ .Values.kubeRBACProxy.portProtocol }} - containerPort: 8888 name: "http-healthz" readinessProbe: @@ -207,8 +225,22 @@ spec: timeoutSeconds: 5 {{- if .Values.kubeRBACProxy.resources }} resources: - {{ toYaml .Values.kubeRBACProxy.resources | nindent 12 }} + {{- toYaml .Values.kubeRBACProxy.resources | nindent 12 }} + {{- end }} + + # CHANGED + env: + {{- range $key, $value := .Values.kubeRBACProxy.env }} + - name: {{ $key }} + value: {{ $value | quote }} + {{- end }} + + # CHANGED + {{- if eq .Values.kubeRBACProxy.configureTerminationMessagePath true }} + terminationMessagePath: {{ .Values.kubeRBACProxy.terminationMessagePath }} + terminationMessagePolicy: {{ .Values.kubeRBACProxy.terminationMessagePolicy }} {{- end }} + {{- if .Values.kubeRBACProxy.containerSecurityContext }} securityContext: {{ toYaml .Values.kubeRBACProxy.containerSecurityContext | nindent 12 }} @@ -228,6 +260,7 @@ spec: dnsConfig: {{- toYaml . | nindent 8 }} {{- end }} + restartPolicy: {{ .Values.restartPolicy }} {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} diff --git a/charts/prometheus-node-exporter/values.yaml b/charts/prometheus-node-exporter/values.yaml index 8f3a038307f1..6c1d39fe8174 100644 --- a/charts/prometheus-node-exporter/values.yaml +++ b/charts/prometheus-node-exporter/values.yaml @@ -38,7 +38,9 @@ global: # Configure kube-rbac-proxy. When enabled, creates a kube-rbac-proxy to protect the node-exporter http endpoint. # The requests are served through the same service but requests are HTTPS. kubeRBACProxy: - enabled: false + enabled: true # CHANGED + env: + create_key: true # SET TO {} image: registry: quay.io repository: brancz/kube-rbac-proxy @@ -63,6 +65,13 @@ kubeRBACProxy: # Configure a hostPort. If true, hostPort will be enabled in the container and set to service.port. enableHostPort: false + # CHANGED + portProtocol: TCP + + configureTerminationMessagePath: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + resources: {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little @@ -71,9 +80,9 @@ kubeRBACProxy: # limits: # cpu: 100m # memory: 64Mi - # requests: - # cpu: 10m - # memory: 32Mi + # requests: + # cpu: 10m + # memory: 32Mi service: enabled: true @@ -266,6 +275,9 @@ resources: {} # cpu: 100m # memory: 30Mi +# CHANGED +restartPolicy: Always + serviceAccount: # Specifies whether a ServiceAccount should be created create: true @@ -317,6 +329,26 @@ hostRootFsMount: # https://kubernetes.io/docs/concepts/storage/volumes/#mount-propagation mountPropagation: HostToContainer +# Mount the node's root file system (/) at /host/root in the container +hostProcFsMount: + enabled: false + # Defines how new mounts in existing mounts on the node or in the container + # are propagated to the container or node, respectively. Possible values are + # None, HostToContainer, and Bidirectional. If this field is omitted, then + # None is used. More information on: + # https://kubernetes.io/docs/concepts/storage/volumes/#mount-propagation + mountPropagation: HostToContainer + +# Mount the node's root file system (/) at /host/root in the container +hostSysFsMount: + enabled: true + # Defines how new mounts in existing mounts on the node or in the container + # are propagated to the container or node, respectively. Possible values are + # None, HostToContainer, and Bidirectional. If this field is omitted, then + # None is used. More information on: + # https://kubernetes.io/docs/concepts/storage/volumes/#mount-propagation + mountPropagation: HostToContainer + ## Assign a group of affinity scheduling rules ## affinity: {} @@ -361,10 +393,17 @@ nodeSelector: kubernetes.io/os: linux # kubernetes.io/arch: amd64 +# CHANGED +terminationGracePeriodSeconds: 30 + tolerations: - effect: NoSchedule operator: Exists +configureTerminationMessagePath: true +terminationMessagePath: /dev/termination-log +terminationMessagePolicy: File + ## Assign a PriorityClassName to pods if set # priorityClassName: "" @@ -376,11 +415,19 @@ extraArgs: [] ## Additional mounts from the host to node-exporter container ## -extraHostVolumeMounts: [] +extraHostVolumeMounts: + - name: node-exporter-volume + mountPath: /run/node-exporter/textfile_collector + readOnly: true + hostPath: /run/node-exporter/textfile_collector + mountPropagation: HostToContainer + +#extraHostVolumeMounts: [] # - name: # hostPath: # mountPath: # readOnly: true|false +# type: ""|DirectoryOrCreate|Directory|FileOrCreate|File|Socket|CharDevice|BlockDevice # mountPropagation: None|HostToContainer|Bidirectional ## Additional configmaps to be mounted. From d193c127a77c0449268d53a8e926a0826159fcec Mon Sep 17 00:00:00 2001 From: Nicole Date: Fri, 26 Jan 2024 12:46:57 -0700 Subject: [PATCH 02/14] added additional vars for termination msg pts, env vars for kuberbacproxy and termination grace period seconds Signed-off-by: Nicole --- .../templates/daemonset.yaml | 12 +----- charts/prometheus-node-exporter/values.yaml | 39 +++++++------------ 2 files changed, 15 insertions(+), 36 deletions(-) diff --git a/charts/prometheus-node-exporter/templates/daemonset.yaml b/charts/prometheus-node-exporter/templates/daemonset.yaml index 8ef6bb177271..91412e1cf859 100644 --- a/charts/prometheus-node-exporter/templates/daemonset.yaml +++ b/charts/prometheus-node-exporter/templates/daemonset.yaml @@ -125,13 +125,10 @@ spec: resources: {{- toYaml . | nindent 12 }} {{- end }} - - # CHANGED {{- if eq .Values.configureTerminationMessagePath true }} terminationMessagePath: {{ .Values.terminationMessagePath }} terminationMessagePolicy: {{ .Values.terminationMessagePolicy }} {{- end }} - volumeMounts: - name: proc mountPath: /host/proc @@ -211,8 +208,6 @@ spec: {{- if .Values.kubeRBACProxy.enableHostPort }} hostPort: {{ .Values.service.port }} {{- end }} - - # CHANGED protocol: {{ .Values.kubeRBACProxy.portProtocol }} - containerPort: 8888 name: "http-healthz" @@ -227,20 +222,17 @@ spec: resources: {{- toYaml .Values.kubeRBACProxy.resources | nindent 12 }} {{- end }} - - # CHANGED + {{- if .Values.kubeRBACProxy.env }} env: {{- range $key, $value := .Values.kubeRBACProxy.env }} - name: {{ $key }} value: {{ $value | quote }} {{- end }} - - # CHANGED + {{- end }} {{- if eq .Values.kubeRBACProxy.configureTerminationMessagePath true }} terminationMessagePath: {{ .Values.kubeRBACProxy.terminationMessagePath }} terminationMessagePolicy: {{ .Values.kubeRBACProxy.terminationMessagePolicy }} {{- end }} - {{- if .Values.kubeRBACProxy.containerSecurityContext }} securityContext: {{ toYaml .Values.kubeRBACProxy.containerSecurityContext | nindent 12 }} diff --git a/charts/prometheus-node-exporter/values.yaml b/charts/prometheus-node-exporter/values.yaml index 6c1d39fe8174..db5c703a2226 100644 --- a/charts/prometheus-node-exporter/values.yaml +++ b/charts/prometheus-node-exporter/values.yaml @@ -39,8 +39,7 @@ global: # The requests are served through the same service but requests are HTTPS. kubeRBACProxy: enabled: true # CHANGED - env: - create_key: true # SET TO {} + env: {} image: registry: quay.io repository: brancz/kube-rbac-proxy @@ -64,12 +63,14 @@ kubeRBACProxy: portName: http # Configure a hostPort. If true, hostPort will be enabled in the container and set to service.port. enableHostPort: false - - # CHANGED + # Configure the protocol for the container port portProtocol: TCP + # Enable or disable container termination messages for KubeRBACProxy container configureTerminationMessagePath: true + # If configureTerminationMessagePath is enabled, specify the path for termination messages for KubeRBACProxy container terminationMessagePath: /dev/termination-log + # If configureTerminationMessagePath is enabled, specify the Policy for termination messages for KubeRBACProxy container terminationMessagePolicy: File resources: {} @@ -329,24 +330,14 @@ hostRootFsMount: # https://kubernetes.io/docs/concepts/storage/volumes/#mount-propagation mountPropagation: HostToContainer -# Mount the node's root file system (/) at /host/root in the container +# Mount the node's proc file system (/) at /host/proc in the container hostProcFsMount: enabled: false - # Defines how new mounts in existing mounts on the node or in the container - # are propagated to the container or node, respectively. Possible values are - # None, HostToContainer, and Bidirectional. If this field is omitted, then - # None is used. More information on: - # https://kubernetes.io/docs/concepts/storage/volumes/#mount-propagation mountPropagation: HostToContainer -# Mount the node's root file system (/) at /host/root in the container +# Mount the node's sys file system (/) at /host/sys in the container hostSysFsMount: enabled: true - # Defines how new mounts in existing mounts on the node or in the container - # are propagated to the container or node, respectively. Possible values are - # None, HostToContainer, and Bidirectional. If this field is omitted, then - # None is used. More information on: - # https://kubernetes.io/docs/concepts/storage/volumes/#mount-propagation mountPropagation: HostToContainer ## Assign a group of affinity scheduling rules @@ -393,15 +384,18 @@ nodeSelector: kubernetes.io/os: linux # kubernetes.io/arch: amd64 -# CHANGED +# Specify grace period for graceful termination of pods terminationGracePeriodSeconds: 30 tolerations: - effect: NoSchedule operator: Exists +# Enable or disable container termination messages for Node Exporter container configureTerminationMessagePath: true +# If configureTerminationMessagePath is enabled, specify the path for termination messages for Node Exporter container terminationMessagePath: /dev/termination-log +# If configureTerminationMessagePath is enabled, specify the Policy for termination messages for Node Exporter container terminationMessagePolicy: File ## Assign a PriorityClassName to pods if set @@ -415,21 +409,14 @@ extraArgs: [] ## Additional mounts from the host to node-exporter container ## -extraHostVolumeMounts: - - name: node-exporter-volume - mountPath: /run/node-exporter/textfile_collector - readOnly: true - hostPath: /run/node-exporter/textfile_collector - mountPropagation: HostToContainer - -#extraHostVolumeMounts: [] +extraHostVolumeMounts: [] # - name: # hostPath: # mountPath: # readOnly: true|false -# type: ""|DirectoryOrCreate|Directory|FileOrCreate|File|Socket|CharDevice|BlockDevice # mountPropagation: None|HostToContainer|Bidirectional + ## Additional configmaps to be mounted. ## configmaps: [] From 15c4c5bb16072fd2aec4416a599f8c94e4a85d42 Mon Sep 17 00:00:00 2001 From: Nicole Date: Fri, 26 Jan 2024 12:50:45 -0700 Subject: [PATCH 03/14] flip kuberbacproxy to false again Signed-off-by: Nicole --- charts/prometheus-node-exporter/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/prometheus-node-exporter/values.yaml b/charts/prometheus-node-exporter/values.yaml index db5c703a2226..948fee095e14 100644 --- a/charts/prometheus-node-exporter/values.yaml +++ b/charts/prometheus-node-exporter/values.yaml @@ -38,7 +38,7 @@ global: # Configure kube-rbac-proxy. When enabled, creates a kube-rbac-proxy to protect the node-exporter http endpoint. # The requests are served through the same service but requests are HTTPS. kubeRBACProxy: - enabled: true # CHANGED + enabled: false env: {} image: registry: quay.io From 377ddfaaffff00e4e5ce181d6ebae3d17d5aac71 Mon Sep 17 00:00:00 2001 From: Nicole Date: Fri, 26 Jan 2024 13:05:29 -0700 Subject: [PATCH 04/14] added notes for env var and for restart policy Added notes in vals files and restart policy Signed-off-by: Nicole --- charts/prometheus-node-exporter/values.yaml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/charts/prometheus-node-exporter/values.yaml b/charts/prometheus-node-exporter/values.yaml index 948fee095e14..4707b3323238 100644 --- a/charts/prometheus-node-exporter/values.yaml +++ b/charts/prometheus-node-exporter/values.yaml @@ -40,6 +40,8 @@ global: kubeRBACProxy: enabled: false env: {} + ## env: + ## VARIABLE: value image: registry: quay.io repository: brancz/kube-rbac-proxy @@ -47,7 +49,7 @@ kubeRBACProxy: sha: "" pullPolicy: IfNotPresent - # List of additional cli arguments to configure kube-rbac-prxy + # List of additional cli arguments to configure kube-rbac-proxy # for example: --tls-cipher-suites, --log-file, etc. # all the possible args can be found here: https://github.com/brancz/kube-rbac-proxy#usage extraArgs: [] @@ -276,7 +278,8 @@ resources: {} # cpu: 100m # memory: 30Mi -# CHANGED +# Specify the container restart policy passed to the Node Export container +# Possible Values: Always (default)|OnFailure|Never restartPolicy: Always serviceAccount: From cdfd29232ec19d6e583afb9e3fb04638242a6ad5 Mon Sep 17 00:00:00 2001 From: Nicole Date: Fri, 26 Jan 2024 13:21:06 -0700 Subject: [PATCH 05/14] added definition in values file for volumemounts type Signed-off-by: Nicole --- charts/prometheus-node-exporter/values.yaml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/charts/prometheus-node-exporter/values.yaml b/charts/prometheus-node-exporter/values.yaml index 4707b3323238..df3344339ff7 100644 --- a/charts/prometheus-node-exporter/values.yaml +++ b/charts/prometheus-node-exporter/values.yaml @@ -83,9 +83,9 @@ kubeRBACProxy: # limits: # cpu: 100m # memory: 64Mi - # requests: - # cpu: 10m - # memory: 32Mi + # requests: + # cpu: 10m + # memory: 32Mi service: enabled: true @@ -417,6 +417,7 @@ extraHostVolumeMounts: [] # hostPath: # mountPath: # readOnly: true|false +# type: "" (Default)|DirectoryOrCreate|Directory|FileOrCreate|File|Socket|CharDevice|BlockDevice # mountPropagation: None|HostToContainer|Bidirectional From cf95ed6ac7b4bb7aae2f9c28e35b467d9fbabf67 Mon Sep 17 00:00:00 2001 From: Nicole Date: Mon, 29 Jan 2024 07:51:20 -0700 Subject: [PATCH 06/14] remove small fix for bug for later pr Signed-off-by: Nicole --- charts/prometheus-node-exporter/templates/daemonset.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/prometheus-node-exporter/templates/daemonset.yaml b/charts/prometheus-node-exporter/templates/daemonset.yaml index 91412e1cf859..fea8004dc87d 100644 --- a/charts/prometheus-node-exporter/templates/daemonset.yaml +++ b/charts/prometheus-node-exporter/templates/daemonset.yaml @@ -220,7 +220,7 @@ spec: timeoutSeconds: 5 {{- if .Values.kubeRBACProxy.resources }} resources: - {{- toYaml .Values.kubeRBACProxy.resources | nindent 12 }} + {{ toYaml .Values.kubeRBACProxy.resources | nindent 12 }} {{- end }} {{- if .Values.kubeRBACProxy.env }} env: From 711ecd840a108b579143b7bb3a84f72e81d9104d Mon Sep 17 00:00:00 2001 From: Nicole Date: Mon, 29 Jan 2024 11:05:46 -0700 Subject: [PATCH 07/14] fix version Signed-off-by: Nicole --- charts/prometheus-node-exporter/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/prometheus-node-exporter/Chart.yaml b/charts/prometheus-node-exporter/Chart.yaml index aea1b521c30f..e3f72296e782 100644 --- a/charts/prometheus-node-exporter/Chart.yaml +++ b/charts/prometheus-node-exporter/Chart.yaml @@ -6,7 +6,7 @@ keywords: - prometheus - exporter type: application -version: 4.26.1 +version: 4.27.1 appVersion: 1.7.0 home: https://github.com/prometheus/node_exporter/ sources: From 7f2f9a5fb37099354833d4d35c358c3d88274fba Mon Sep 17 00:00:00 2001 From: Nicole Date: Tue, 30 Jan 2024 08:16:01 -0700 Subject: [PATCH 08/14] remove most changes except for termination params Signed-off-by: Nicole --- charts/prometheus-node-exporter/Chart.yaml | 2 +- .../templates/daemonset.yaml | 9 --------- charts/prometheus-node-exporter/values.yaml | 20 ------------------- 3 files changed, 1 insertion(+), 30 deletions(-) diff --git a/charts/prometheus-node-exporter/Chart.yaml b/charts/prometheus-node-exporter/Chart.yaml index e3f72296e782..923276db45fe 100644 --- a/charts/prometheus-node-exporter/Chart.yaml +++ b/charts/prometheus-node-exporter/Chart.yaml @@ -6,7 +6,7 @@ keywords: - prometheus - exporter type: application -version: 4.27.1 +version: 4.27.0 appVersion: 1.7.0 home: https://github.com/prometheus/node_exporter/ sources: diff --git a/charts/prometheus-node-exporter/templates/daemonset.yaml b/charts/prometheus-node-exporter/templates/daemonset.yaml index fea8004dc87d..38f4e6a67309 100644 --- a/charts/prometheus-node-exporter/templates/daemonset.yaml +++ b/charts/prometheus-node-exporter/templates/daemonset.yaml @@ -132,15 +132,9 @@ spec: volumeMounts: - name: proc mountPath: /host/proc - {{- if .Values.hostProcFsMount.enabled }} - mountPropagation: {{ .Values.hostProcFsMount.mountPropagation }} - {{- end }} readOnly: true - name: sys mountPath: /host/sys - {{- if .Values.hostProcFsMount.enabled }} - mountPropagation: {{ .Values.hostSysFsMount.mountPropagation }} - {{- end }} readOnly: true {{- if .Values.hostRootFsMount.enabled }} - name: root @@ -157,7 +151,6 @@ spec: {{- with $mount.mountPropagation }} mountPropagation: {{ . }} {{- end }} - type: {{ $mount.type}} {{- end }} {{- range $_, $mount := .Values.sidecarVolumeMount }} - name: {{ $mount.name }} @@ -208,7 +201,6 @@ spec: {{- if .Values.kubeRBACProxy.enableHostPort }} hostPort: {{ .Values.service.port }} {{- end }} - protocol: {{ .Values.kubeRBACProxy.portProtocol }} - containerPort: 8888 name: "http-healthz" readinessProbe: @@ -252,7 +244,6 @@ spec: dnsConfig: {{- toYaml . | nindent 8 }} {{- end }} - restartPolicy: {{ .Values.restartPolicy }} {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} diff --git a/charts/prometheus-node-exporter/values.yaml b/charts/prometheus-node-exporter/values.yaml index df3344339ff7..49c0e789e04c 100644 --- a/charts/prometheus-node-exporter/values.yaml +++ b/charts/prometheus-node-exporter/values.yaml @@ -39,9 +39,6 @@ global: # The requests are served through the same service but requests are HTTPS. kubeRBACProxy: enabled: false - env: {} - ## env: - ## VARIABLE: value image: registry: quay.io repository: brancz/kube-rbac-proxy @@ -65,8 +62,6 @@ kubeRBACProxy: portName: http # Configure a hostPort. If true, hostPort will be enabled in the container and set to service.port. enableHostPort: false - # Configure the protocol for the container port - portProtocol: TCP # Enable or disable container termination messages for KubeRBACProxy container configureTerminationMessagePath: true @@ -278,10 +273,6 @@ resources: {} # cpu: 100m # memory: 30Mi -# Specify the container restart policy passed to the Node Export container -# Possible Values: Always (default)|OnFailure|Never -restartPolicy: Always - serviceAccount: # Specifies whether a ServiceAccount should be created create: true @@ -333,16 +324,6 @@ hostRootFsMount: # https://kubernetes.io/docs/concepts/storage/volumes/#mount-propagation mountPropagation: HostToContainer -# Mount the node's proc file system (/) at /host/proc in the container -hostProcFsMount: - enabled: false - mountPropagation: HostToContainer - -# Mount the node's sys file system (/) at /host/sys in the container -hostSysFsMount: - enabled: true - mountPropagation: HostToContainer - ## Assign a group of affinity scheduling rules ## affinity: {} @@ -417,7 +398,6 @@ extraHostVolumeMounts: [] # hostPath: # mountPath: # readOnly: true|false -# type: "" (Default)|DirectoryOrCreate|Directory|FileOrCreate|File|Socket|CharDevice|BlockDevice # mountPropagation: None|HostToContainer|Bidirectional From e8b022dababf0f81b2ee8eb8312a87556883b5f5 Mon Sep 17 00:00:00 2001 From: Nicole Date: Tue, 30 Jan 2024 08:17:55 -0700 Subject: [PATCH 09/14] remove env from the ds Signed-off-by: Nicole --- charts/prometheus-node-exporter/templates/daemonset.yaml | 7 ------- charts/prometheus-node-exporter/values.yaml | 1 - 2 files changed, 8 deletions(-) diff --git a/charts/prometheus-node-exporter/templates/daemonset.yaml b/charts/prometheus-node-exporter/templates/daemonset.yaml index 38f4e6a67309..fc07a32aba00 100644 --- a/charts/prometheus-node-exporter/templates/daemonset.yaml +++ b/charts/prometheus-node-exporter/templates/daemonset.yaml @@ -214,13 +214,6 @@ spec: resources: {{ toYaml .Values.kubeRBACProxy.resources | nindent 12 }} {{- end }} - {{- if .Values.kubeRBACProxy.env }} - env: - {{- range $key, $value := .Values.kubeRBACProxy.env }} - - name: {{ $key }} - value: {{ $value | quote }} - {{- end }} - {{- end }} {{- if eq .Values.kubeRBACProxy.configureTerminationMessagePath true }} terminationMessagePath: {{ .Values.kubeRBACProxy.terminationMessagePath }} terminationMessagePolicy: {{ .Values.kubeRBACProxy.terminationMessagePolicy }} diff --git a/charts/prometheus-node-exporter/values.yaml b/charts/prometheus-node-exporter/values.yaml index 49c0e789e04c..4b1a71c59a01 100644 --- a/charts/prometheus-node-exporter/values.yaml +++ b/charts/prometheus-node-exporter/values.yaml @@ -400,7 +400,6 @@ extraHostVolumeMounts: [] # readOnly: true|false # mountPropagation: None|HostToContainer|Bidirectional - ## Additional configmaps to be mounted. ## configmaps: [] From f9fd7c65145119258cf3182ebb98b3eaa4af90aa Mon Sep 17 00:00:00 2001 From: Nicole Date: Tue, 30 Jan 2024 13:17:49 -0700 Subject: [PATCH 10/14] using suggestion, used a toggle instead for setting termination message paths Signed-off-by: Nicole --- .../templates/daemonset.yaml | 16 ++++++++----- charts/prometheus-node-exporter/values.yaml | 24 ++++++++----------- 2 files changed, 20 insertions(+), 20 deletions(-) diff --git a/charts/prometheus-node-exporter/templates/daemonset.yaml b/charts/prometheus-node-exporter/templates/daemonset.yaml index fc07a32aba00..289ec50ec293 100644 --- a/charts/prometheus-node-exporter/templates/daemonset.yaml +++ b/charts/prometheus-node-exporter/templates/daemonset.yaml @@ -125,9 +125,11 @@ spec: resources: {{- toYaml . | nindent 12 }} {{- end }} - {{- if eq .Values.configureTerminationMessagePath true }} - terminationMessagePath: {{ .Values.terminationMessagePath }} - terminationMessagePolicy: {{ .Values.terminationMessagePolicy }} + {{- if .Values.terminationMessageParams.enabled }} + {{- with .Values.terminationMessageParams }} + terminationMessagePath: {{ .terminationMessagePath }} + terminationMessagePolicy: {{ .terminationMessagePolicy }} + {{- end }} {{- end }} volumeMounts: - name: proc @@ -214,9 +216,11 @@ spec: resources: {{ toYaml .Values.kubeRBACProxy.resources | nindent 12 }} {{- end }} - {{- if eq .Values.kubeRBACProxy.configureTerminationMessagePath true }} - terminationMessagePath: {{ .Values.kubeRBACProxy.terminationMessagePath }} - terminationMessagePolicy: {{ .Values.kubeRBACProxy.terminationMessagePolicy }} + {{- if .Values.terminationMessageParams.enabled }} + {{- with .Values.terminationMessageParams }} + terminationMessagePath: {{ .terminationMessagePath }} + terminationMessagePolicy: {{ .terminationMessagePolicy }} + {{- end }} {{- end }} {{- if .Values.kubeRBACProxy.containerSecurityContext }} securityContext: diff --git a/charts/prometheus-node-exporter/values.yaml b/charts/prometheus-node-exporter/values.yaml index 4b1a71c59a01..004ae779f0c1 100644 --- a/charts/prometheus-node-exporter/values.yaml +++ b/charts/prometheus-node-exporter/values.yaml @@ -38,7 +38,7 @@ global: # Configure kube-rbac-proxy. When enabled, creates a kube-rbac-proxy to protect the node-exporter http endpoint. # The requests are served through the same service but requests are HTTPS. kubeRBACProxy: - enabled: false + enabled: true image: registry: quay.io repository: brancz/kube-rbac-proxy @@ -63,13 +63,6 @@ kubeRBACProxy: # Configure a hostPort. If true, hostPort will be enabled in the container and set to service.port. enableHostPort: false - # Enable or disable container termination messages for KubeRBACProxy container - configureTerminationMessagePath: true - # If configureTerminationMessagePath is enabled, specify the path for termination messages for KubeRBACProxy container - terminationMessagePath: /dev/termination-log - # If configureTerminationMessagePath is enabled, specify the Policy for termination messages for KubeRBACProxy container - terminationMessagePolicy: File - resources: {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little @@ -375,12 +368,15 @@ tolerations: - effect: NoSchedule operator: Exists -# Enable or disable container termination messages for Node Exporter container -configureTerminationMessagePath: true -# If configureTerminationMessagePath is enabled, specify the path for termination messages for Node Exporter container -terminationMessagePath: /dev/termination-log -# If configureTerminationMessagePath is enabled, specify the Policy for termination messages for Node Exporter container -terminationMessagePolicy: File +# Enable or disable container termination message settings +# https://kubernetes.io/docs/tasks/debug/debug-application/determine-reason-pod-failure/ +terminationMessageParams: + enabled: true + # If enabled, specify the path for termination messages + terminationMessagePath: /dev/termination-log + # If enabled, specify the policy for termination messages + terminationMessagePolicy: File + ## Assign a PriorityClassName to pods if set # priorityClassName: "" From e4964d7c12a0144a12796aeb1ac300d512fdf9e7 Mon Sep 17 00:00:00 2001 From: Nicole Date: Tue, 30 Jan 2024 13:24:37 -0700 Subject: [PATCH 11/14] revert krp and terminationmsgpath back to false from true that was set for testing Signed-off-by: Nicole --- charts/prometheus-node-exporter/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/prometheus-node-exporter/values.yaml b/charts/prometheus-node-exporter/values.yaml index 004ae779f0c1..7bc44a17e18c 100644 --- a/charts/prometheus-node-exporter/values.yaml +++ b/charts/prometheus-node-exporter/values.yaml @@ -38,7 +38,7 @@ global: # Configure kube-rbac-proxy. When enabled, creates a kube-rbac-proxy to protect the node-exporter http endpoint. # The requests are served through the same service but requests are HTTPS. kubeRBACProxy: - enabled: true + enabled: false image: registry: quay.io repository: brancz/kube-rbac-proxy @@ -371,7 +371,7 @@ tolerations: # Enable or disable container termination message settings # https://kubernetes.io/docs/tasks/debug/debug-application/determine-reason-pod-failure/ terminationMessageParams: - enabled: true + enabled: false # If enabled, specify the path for termination messages terminationMessagePath: /dev/termination-log # If enabled, specify the policy for termination messages From 05955e8e4b2a517e66988b1740053b2aac30dffd Mon Sep 17 00:00:00 2001 From: Nicole Date: Wed, 31 Jan 2024 10:04:52 -0700 Subject: [PATCH 12/14] Added with statement for termination grace period Signed-off-by: Nicole --- charts/prometheus-node-exporter/templates/daemonset.yaml | 4 +++- charts/prometheus-node-exporter/values.yaml | 6 +++--- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/charts/prometheus-node-exporter/templates/daemonset.yaml b/charts/prometheus-node-exporter/templates/daemonset.yaml index 289ec50ec293..23996a7da3f3 100644 --- a/charts/prometheus-node-exporter/templates/daemonset.yaml +++ b/charts/prometheus-node-exporter/templates/daemonset.yaml @@ -40,7 +40,9 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} serviceAccountName: {{ include "prometheus-node-exporter.serviceAccountName" . }} - terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }} + {{- with .Values.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ . }} + {{- end }} containers: {{- $servicePort := ternary .Values.kubeRBACProxy.port .Values.service.port .Values.kubeRBACProxy.enabled }} - name: node-exporter diff --git a/charts/prometheus-node-exporter/values.yaml b/charts/prometheus-node-exporter/values.yaml index 7bc44a17e18c..99ebd9f0c1ac 100644 --- a/charts/prometheus-node-exporter/values.yaml +++ b/charts/prometheus-node-exporter/values.yaml @@ -361,8 +361,8 @@ nodeSelector: kubernetes.io/os: linux # kubernetes.io/arch: amd64 -# Specify grace period for graceful termination of pods -terminationGracePeriodSeconds: 30 +# Specify grace period for graceful termination of pods. Defaults to 30 +terminationGracePeriodSeconds: null tolerations: - effect: NoSchedule @@ -371,7 +371,7 @@ tolerations: # Enable or disable container termination message settings # https://kubernetes.io/docs/tasks/debug/debug-application/determine-reason-pod-failure/ terminationMessageParams: - enabled: false + enabled: true # If enabled, specify the path for termination messages terminationMessagePath: /dev/termination-log # If enabled, specify the policy for termination messages From cbb5b883830eb1cf9f13f0843d8f3db9be99b2a2 Mon Sep 17 00:00:00 2001 From: Nicole Date: Wed, 31 Jan 2024 10:05:17 -0700 Subject: [PATCH 13/14] disable termination msg path Signed-off-by: Nicole --- charts/prometheus-node-exporter/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/prometheus-node-exporter/values.yaml b/charts/prometheus-node-exporter/values.yaml index 99ebd9f0c1ac..745a9590f03c 100644 --- a/charts/prometheus-node-exporter/values.yaml +++ b/charts/prometheus-node-exporter/values.yaml @@ -371,7 +371,7 @@ tolerations: # Enable or disable container termination message settings # https://kubernetes.io/docs/tasks/debug/debug-application/determine-reason-pod-failure/ terminationMessageParams: - enabled: true + enabled: false # If enabled, specify the path for termination messages terminationMessagePath: /dev/termination-log # If enabled, specify the policy for termination messages From ac69e2532cf89f35c6e4a5ccc7bddc8c3be76425 Mon Sep 17 00:00:00 2001 From: Nicole Date: Wed, 31 Jan 2024 13:18:35 -0700 Subject: [PATCH 14/14] added null or 30 default message Signed-off-by: Nicole --- charts/prometheus-node-exporter/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/prometheus-node-exporter/values.yaml b/charts/prometheus-node-exporter/values.yaml index 745a9590f03c..9b94ab0547d7 100644 --- a/charts/prometheus-node-exporter/values.yaml +++ b/charts/prometheus-node-exporter/values.yaml @@ -361,7 +361,7 @@ nodeSelector: kubernetes.io/os: linux # kubernetes.io/arch: amd64 -# Specify grace period for graceful termination of pods. Defaults to 30 +# Specify grace period for graceful termination of pods. Defaults to 30 if null or not specified terminationGracePeriodSeconds: null tolerations: