charts,salt,build: Bump kube-prometheus-stack chart to 35.0.3

Bump the kube-prometheus-stack chart to 35.0.3 and also bump images: - alertmanager to v0.24.0 - grafana to 8.4.7-ubuntu - k8s-sidecar to 1.15.6 - kube-state-metrics to v2.4.1 - prometheus to v2.35.0 - prometheus-config-reloader to v0.56.0 - prometheus-operator to v0.56.0 - thanos to v0.25.2 Upgrade the kube-prometheus-stack chart using: ``` rm -rf charts/kube-prometheus-stack helm repo add prometheus-community https://prometheus-community.github.io/helm-charts helm repo update helm fetch -d charts --untar prometheus-community/kube-prometheus-stack ``` Re-render prometheus-operator salt state using: ``` ./charts/render.py prometheus-operator \ charts/kube-prometheus-stack.yaml \ charts/kube-prometheus-stack/ \ --namespace metalk8s-monitoring \ --service-config grafana \ metalk8s-grafana-config \ metalk8s/addons/prometheus-operator/config/grafana.yaml.j2 \ metalk8s-monitoring \ --service-config prometheus \ metalk8s-prometheus-config \ metalk8s/addons/prometheus-operator/config/prometheus.yaml \ metalk8s-monitoring \ --service-config alertmanager \ metalk8s-alertmanager-config \ metalk8s/addons/prometheus-operator/config/alertmanager.yaml \ metalk8s-monitoring \ --drop-prometheus-rules charts/drop-prometheus-rules.yaml \ --patch 'PrometheusRule,metalk8s-monitoring,prometheus-operator-kubernetes-system-kubelet,spec:groups:0:rules:1:for,"5m"' \ --remove-manifest ConfigMap prometheus-operator-grafana \ > salt/metalk8s/addons/prometheus-operator/deployed/chart.sls ``` We also bump the thanos image in thanos chart and re-render the chart with the following command: ``` ./charts/render.py thanos charts/thanos.yaml \ charts/thanos/ --namespace metalk8s-monitoring \ > salt/metalk8s/addons/prometheus-operator/deployed/thanos-chart.sls ``` Extract again all Prometheus rules using: ``` ./tools/rule_extractor/rule_extractor.py \ -i <control-plane-ip> -p 8443 -t rules ```
scality · May 17, 2022 · 6525d3f · 6525d3f
1 parent 8c121a1
commit 6525d3f
Show file tree

Hide file tree

Showing 67 changed files with 4,515 additions and 4,165 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -34,17 +34,20 @@
   (PR[#3690](https://github.com/scality/metalk8s/pull/3690))
 
 - Bump kube-prometheus-stack charts version to
-  [32.2.0](https://github.com/prometheus-community/helm-charts/releases/tag/kube-prometheus-stack-32.2.0)
+  [35.0.3](https://github.com/prometheus-community/helm-charts/releases/tag/kube-prometheus-stack-35.0.3)
   The following images have also been bumped accordingly:
-   - k8s-sidecar to [1.15.1](https://github.com/kiwigrid/k8s-sidecar/releases/tag/1.15.1)
-   - kube-state-metrics to [v2.3.0](https://github.com/kubernetes/kube-state-metrics/releases/tag/v2.3.0)
+   - alertmanager to [v0.24.0](https://github.com/prometheus/alertmanager/releases/tag/v0.24.0)
+   - k8s-sidecar to [1.15.6](https://github.com/kiwigrid/k8s-sidecar/releases/tag/1.15.6)
+   - grafana to [8.4.7-ubuntu](https://github.com/grafana/grafana/releases/tag/v8.4.7)
+   - kube-state-metrics to [v2.4.1](https://github.com/kubernetes/kube-state-metrics/releases/tag/v2.4.1)
    - node-exporter to [v1.3.1](https://github.com/prometheus/node_exporter/releases/tag/v1.3.1)
-   - prometheus to [v2.33.1](https://github.com/prometheus/prometheus/releases/tag/v2.33.1)
-   - prometheus-config-reloader to [v0.54.0](https://github.com/prometheus-operator/prometheus-operator/releases/tag/v0.54.0)
-   - prometheus-operator to [v0.54.0](https://github.com/prometheus-operator/prometheus-operator/releases/tag/v0.54.0)
+   - prometheus to [v2.35.0](https://github.com/prometheus/prometheus/releases/tag/v2.35.0)
+   - prometheus-config-reloader to [v0.56.0](https://github.com/prometheus-operator/prometheus-operator/releases/tag/v0.56.0)
+   - prometheus-operator to [v0.56.0](https://github.com/prometheus-operator/prometheus-operator/releases/tag/v0.56.0)
+   - thanos to [v0.25.2](https://github.com/thanos-io/thanos/releases/tag/v0.25.2)
    This new version also come with Grafana metrics and a dashboard to
-   monitor Grafana
-  (PR[#3701](https://github.com/scality/metalk8s/pull/3701))
+   monitor Grafana, the `Statefulsets` dashboard has been removed
+  (PR[#3759](https://github.com/scality/metalk8s/pull/3759))
 
 - Bump Prometheus Adapter chart version to
   [3.2.2](https://github.com/prometheus-community/helm-charts/releases/tag/prometheus-adapter-3.2.2)

diff --git a/buildchain/buildchain/versions.py b/buildchain/buildchain/versions.py
@@ -91,8 +91,8 @@ def _version_prefix(version: str, prefix: str = "v") -> str:
     # Remote images
     Image(
         name="alertmanager",
-        version="v0.23.0",
-        digest="sha256:9ab73a421b65b80be072f96a88df756fc5b52a1bc8d983537b8ec5be8b624c5a",
+        version="v0.24.0",
+        digest="sha256:088464f949de8065b9da7dfce7302a633d700e9d598e2bebc03310712f083b31",
     ),
     Image(
         name="calico-node",
@@ -121,13 +121,13 @@ def _version_prefix(version: str, prefix: str = "v") -> str:
     ),
     Image(
         name="grafana",
-        version="8.3.4-ubuntu",
-        digest="sha256:c51dfff572f8f87f374d44e621e7f02e5f963335051cff03a3438872a2036542",
+        version="8.4.7-ubuntu",
+        digest="sha256:1409a98424082acb296cdb0c6c5903754d29e0b0a6412b2d5c396dfe7f0aed30",
     ),
     Image(
         name="k8s-sidecar",
-        version="1.15.1",
-        digest="sha256:a25886092fa4dae9de14825366a1ded3dcfa170c4335e104b7c11830936339c3",
+        version="1.15.6",
+        digest="sha256:1f025ae37b7b20d63bffd179e5e6f972039dd53d9646388c0a8c456229c7bbcb",
     ),
     Image(
         name="kube-apiserver",
@@ -151,8 +151,8 @@ def _version_prefix(version: str, prefix: str = "v") -> str:
     ),
     Image(
         name="kube-state-metrics",
-        version="v2.3.0",
-        digest="sha256:c9137505edaef138cc23479c73e46e9a3ef7ec6225b64789a03609c973b99030",
+        version="v2.4.1",
+        digest="sha256:69a18fa1e0d0c9f972a64e69ca13b65451b8c5e79ae8dccf3a77968be4a301df",
     ),
     Image(
         name="nginx",
@@ -191,8 +191,8 @@ def _version_prefix(version: str, prefix: str = "v") -> str:
     ),
     Image(
         name="prometheus",
-        version="v2.33.1",
-        digest="sha256:3a75763d209af6ef82aca8fb202a76092a690d25f24d2def7f4eff64e79b7ed9",
+        version="v2.35.0",
+        digest="sha256:2acfab1966f0dbecc6afbead13eca7f47062cfe8726bb9db25e39e0c0b88e9c3",
     ),
     Image(
         name="prometheus-adapter",
@@ -201,18 +201,18 @@ def _version_prefix(version: str, prefix: str = "v") -> str:
     ),
     Image(
         name="prometheus-config-reloader",
-        version="v0.54.0",
-        digest="sha256:90935d5dbd61cf9c7f3061ef3c359f58029af66a378fd1ce3e88052851e4a865",
+        version="v0.56.0",
+        digest="sha256:2ca7942fa5a7ac9b2f565ac5b2c1622a6c884019ad82bcc6f07a4454df012d58",
     ),
     Image(
         name="prometheus-operator",
-        version="v0.54.0",
-        digest="sha256:be2aef39a2f8b7ad1186ca52070475dd9ac6c23d6cb6b0d11ebe49cfd71f91bc",
+        version="v0.56.0",
+        digest="sha256:5a37a4cb8bb60c6bac537146d8cff759f10e0af180f4ddf9867374076f0c8fb7",
     ),
     Image(
         name="thanos",
-        version="v0.23.1",
-        digest="sha256:2f7d1ddc7877b076efbc3fa626b5003f7f197efbd777cff0eec2b20c2cd68d20",
+        version="v0.25.2",
+        digest="sha256:43bfca02f322e4c719f4a373dd4618685fa806ce6d8094e1e2ff4a6ba4260cc2",
     ),
     # Local images
     Image(

diff --git a/charts/kube-prometheus-stack.yaml b/charts/kube-prometheus-stack.yaml
@@ -160,7 +160,7 @@ grafana:
 
   image:
     repository: '__image__(grafana)'
-    tag: '8.3.4-ubuntu'
+    tag: '8.4.7-ubuntu'
 
   sidecar:
     image:

diff --git a/charts/kube-prometheus-stack/Chart.lock b/charts/kube-prometheus-stack/Chart.lock
@@ -1,12 +1,12 @@
 dependencies:
 - name: kube-state-metrics
   repository: https://prometheus-community.github.io/helm-charts
-  version: 4.4.3
+  version: 4.7.0
 - name: prometheus-node-exporter
   repository: https://prometheus-community.github.io/helm-charts
-  version: 2.5.0
+  version: 3.1.1
 - name: grafana
   repository: https://grafana.github.io/helm-charts
-  version: 6.21.2
-digest: sha256:a269c9b0db3d51919159cc5f001b6bd77ab0c0a518b5082d95bd62dd1e9ffb1e
-generated: "2022-02-07T13:03:04.53094609+01:00"
+  version: 6.26.5
+digest: sha256:0e6ea942dc95be70ac849f7a4f0e967de774bd5d2fba2676e26446ecd234f838
+generated: "2022-04-22T15:58:03.872863215+02:00"
diff --git a/charts/kube-prometheus-stack/Chart.yaml b/charts/kube-prometheus-stack/Chart.yaml
@@ -6,20 +6,20 @@ annotations:
       url: https://github.com/prometheus-operator/kube-prometheus
   artifacthub.io/operator: "true"
 apiVersion: v2
-appVersion: 0.54.0
+appVersion: 0.56.0
 dependencies:
 - condition: kubeStateMetrics.enabled
   name: kube-state-metrics
   repository: https://prometheus-community.github.io/helm-charts
-  version: 4.4.*
+  version: 4.7.*
 - condition: nodeExporter.enabled
   name: prometheus-node-exporter
   repository: https://prometheus-community.github.io/helm-charts
-  version: 2.5.*
+  version: 3.1.*
 - condition: grafana.enabled
   name: grafana
   repository: https://grafana.github.io/helm-charts
-  version: 6.21.*
+  version: 6.26.*
 description: kube-prometheus-stack collects Kubernetes manifests, Grafana dashboards,
   and Prometheus rules combined with documentation and scripts to provide easy to
   operate end-to-end Kubernetes cluster monitoring with Prometheus using the Prometheus
@@ -52,4 +52,4 @@ sources:
 - https://github.com/prometheus-community/helm-charts
 - https://github.com/prometheus-operator/kube-prometheus
 type: application
-version: 32.2.0
+version: 35.0.3
diff --git a/charts/kube-prometheus-stack/README.md b/charts/kube-prometheus-stack/README.md
@@ -11,20 +11,19 @@ _Note: This chart was formerly named `prometheus-operator` chart, now renamed to
 - Kubernetes 1.16+
 - Helm 3+
 
-## Get Repo Info
+## Get Helm Repository Info
 
 ```console
 helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
 helm repo update
 ```
 
-_See [helm repo](https://helm.sh/docs/helm/helm_repo/) for command documentation._
+_See [`helm repo`](https://helm.sh/docs/helm/helm_repo/) for command documentation._
 
-## Install Chart
+## Install Helm Chart
 
 ```console
-# Helm
-$ helm install [RELEASE_NAME] prometheus-community/kube-prometheus-stack
+helm install [RELEASE_NAME] prometheus-community/kube-prometheus-stack
 ```
 
 _See [configuration](#configuration) below._
@@ -43,11 +42,10 @@ To disable dependencies during installation, see [multiple releases](#multiple-r
 
 _See [helm dependency](https://helm.sh/docs/helm/helm_dependency/) for command documentation._
 
-## Uninstall Chart
+## Uninstall Helm Chart
 
 ```console
-# Helm
-$ helm uninstall [RELEASE_NAME]
+helm uninstall [RELEASE_NAME]
 ```
 
 This removes all the Kubernetes components associated with the chart and deletes the release.
@@ -70,8 +68,7 @@ kubectl delete crd thanosrulers.monitoring.coreos.com
 ## Upgrading Chart
 
 ```console
-# Helm
-$ helm upgrade [RELEASE_NAME] prometheus-community/kube-prometheus-stack
+helm upgrade [RELEASE_NAME] prometheus-community/kube-prometheus-stack
 ```
 
 With Helm v3, CRDs created by this chart are not updated by default and should be manually updated.
@@ -83,10 +80,50 @@ _See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documen
 
 A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an incompatible breaking change needing manual actions.
 
+### From 34.x to 35.x
+
+This upgraded prometheus-operator to v0.56.0 and prometheus to v2.35.0
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.56.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.56.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.56.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.56.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.56.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.56.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.56.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.56.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 33.x to 34.x
+
+This upgrades to prometheus-operator to v0.55.0 and prometheus to v2.33.5.
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.55.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.55.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.55.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.55.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.55.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.55.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.55.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.55.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 32.x to 33.x
+
+This upgrades the prometheus-node-exporter Chart to v3.0.0. Please review the changes to this subchart if you make customizations to hostMountPropagation.
+
 ### From 31.x to 32.x
+
 This upgrades to prometheus-operator to v0.54.0 and prometheus to v2.33.1. It also changes the default for `grafana.serviceMonitor.enabled` to `true.
 
 Run these commands to update the CRDs before applying the upgrade.
+
 ```console
 kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.54.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
 kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.54.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
@@ -98,7 +135,6 @@ kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-oper
 kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.54.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
 ```
 
-
 ### From 30.x to 31.x
 
 This version removes the built-in grafana ServiceMonitor and instead relies on the ServiceMonitor of the sub-chart.
@@ -126,7 +162,7 @@ If you are using PodSecurityPolicies you can enable the previous behaviour by se
 
 ### From 26.x to 27.x
 
-This version splits Node Exporter recording and altering rules in separate config values.
+This version splits prometheus-node-exporter chart recording and altering rules in separate config values.
 Instead of `defaultRules.rules.node` the 2 new variables `defaultRules.rules.nodeExporterAlerting` and `defaultRules.rules.nodeExporterRecording` are used.
 
 Also the following defaultRules.rules has been removed as they had no effect: `kubeApiserverError`, `kubePrometheusNodeAlerting`, `kubernetesAbsent`, `time`.
@@ -154,7 +190,7 @@ kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-oper
 
 ### From 23.x to 24.x
 
-The custom `ServiceMonitor` for the _kube-state-metrics_ & _prometheus-node-exporter_ charts have been removed in favour of the built in sub-chart `ServiceMonitor`; for both sub-charts this means that `ServiceMonitor` customisations happen via the values passed to the chart. If you haven't directly customised this behaviour then there are no changes required to upgrade, but if you have please read the following.
+The custom `ServiceMonitor` for the _kube-state-metrics_ & _prometheus-node-exporter_ charts have been removed in favour of the built-in sub-chart `ServiceMonitor`; for both sub-charts this means that `ServiceMonitor` customisations happen via the values passed to the chart. If you haven't directly customised this behaviour then there are no changes required to upgrade, but if you have please read the following.
 
 For _kube-state-metrics_ the `ServiceMonitor` customisation is now set via `kube-state-metrics.prometheus.monitor` and the `kubeStateMetrics.serviceMonitor.selfMonitor.enabled` value has moved to `kube-state-metrics.selfMonitor.enabled`.
 
@@ -376,7 +412,7 @@ With Prometheus Operator version 0.30+, the core Prometheus Operator pod exposes
 
 A validating and mutating webhook configuration requires the endpoint to which the request is sent to use TLS. It is possible to set up custom certificates to do this, but in most cases, a self-signed certificate is enough. The setup of this component requires some more complex orchestration when using helm. The steps are created to be idempotent and to allow turning the feature on and off without running into helm quirks.
 
-1. A pre-install hook provisions a certificate into the same namespace using a format compatible with provisioning using end-user certificates. If the certificate already exists, the hook exits.
+1. A pre-install hook provisions a certificate into the same namespace using a format compatible with provisioning using end user certificates. If the certificate already exists, the hook exits.
 2. The prometheus operator pod is configured to use a TLS proxy container, which will load that certificate.
 3. Validating and Mutating webhook configurations are created in the cluster, with their failure mode set to Ignore. This allows rules to be created by the same chart at the same time, even though the webhook has not yet been fully set up - it does not have the correct CA field set.
 4. A post-install hook reads the CA from the secret created by step 1 and patches the Validating and Mutating webhook configurations. This process will allow a custom CA provisioned by some other process to also be patched into the webhook configurations. The chosen failure policy is also patched into the webhook configurations
@@ -393,7 +429,7 @@ Because the operator can only run as a single pod, there is potential for this c
 
 ## Developing Prometheus Rules and Grafana Dashboards
 
-This chart Grafana Dashboards and Prometheus Rules are just a copy from [prometheus-operator/prometheus-operator](https://github.com/prometheus-operator/prometheus-operator) and other sources, synced (with alterations) by scripts in [hack](hack) folder. In order to introduce any changes you need to first [add them to the original repo](https://github.com/prometheus-operator/kube-prometheus/blob/master/docs/developing-prometheus-rules-and-grafana-dashboards.md) and then sync there by scripts.
+This chart Grafana Dashboards and Prometheus Rules are just a copy from [prometheus-operator/prometheus-operator](https://github.com/prometheus-operator/prometheus-operator) and other sources, synced (with alterations) by scripts in [hack](hack) folder. In order to introduce any changes you need to first [add them to the original repository](https://github.com/prometheus-operator/kube-prometheus/blob/master/docs/developing-prometheus-rules-and-grafana-dashboards.md) and then sync there by scripts.
 
 ## Further Information
 

diff --git a/charts/kube-prometheus-stack/charts/grafana/Chart.yaml b/charts/kube-prometheus-stack/charts/grafana/Chart.yaml
@@ -1,5 +1,5 @@
 apiVersion: v2
-appVersion: 8.3.4
+appVersion: 8.4.6
 description: The leading tool for querying and visualizing time series and metrics.
 home: https://grafana.net
 icon: https://raw.githubusercontent.com/grafana/grafana/master/public/img/logo_transparent_400x.png
@@ -19,4 +19,4 @@ name: grafana
 sources:
 - https://github.com/grafana/grafana
 type: application
-version: 6.21.2
+version: 6.26.5