Changes Default Values
```diff
diff -U 4 -r out-default-values/target/kubecost_default-values.out out-default-values/pr/kubecost_default-values.out
--- out-default-values/target/kubecost_default-values.out 2024-09-17 19:13:02.076948330 +0000
+++ out-default-values/pr/kubecost_default-values.out 2024-09-17 19:12:35.016809476 +0000
@@ -62,8 +62,29 @@
# basicAuth:
# username: user
# password: pwd
+ # Azure Monitor Managed Service for Prometheus
+ # See https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/azure-monitor/essentials/prometheus-metrics-overview.md for information
+ # and https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/prometheus-remote-write-virtual-machines for more information on setting this up
+ ammsp:
+ enabled: false
+ prometheusServerEndpoint: http://localhost:8081/
+ remoteWriteService: $
+ queryEndpoint: $
+
+ aadAuthProxy:
+ enabled: false
+ # per https://github.com/Azure/aad-auth-proxy/releases/tag/0.1.0-main-04-10-2024-7067ac84
+ image: $ # Example: mcr.microsoft.com/azuremonitor/auth-proxy/prod/aad-auth-proxy/images/aad-auth-proxy:0.1.0-main-04-10-2024-7067ac84
+ imagePullPolicy: IfNotPresent
+ name: aad-auth-proxy
+ port: 8081
+ audience: https://prometheus.monitor.azure.com/.default
+ identityType: userAssigned
+ aadClientId: $
+ aadTenantId: $
+
notifications:
# Kubecost alerting configuration
# Ref: http://docs.kubecost.com/alerts
# alertConfigs:
@@ -177,23 +198,8 @@
filters:
- property: "cluster"
value: "cluster-one"
- # Set saved Advanced report(s) accessible from /reports
- # Ref: http://docs.kubecost.com/saved-reports
- advancedReports:
- enabled: false # If true, overwrites report parameters set through UI
- reports:
- - title: "Example Advanced Report 0"
- window: "7d"
- aggregateBy: "namespace"
- filters: # same as allocation api filters Ref: https://docs.kubecost.com/apis/filters-api
- - key: "cluster" # Ref: https://docs.kubecost.com/apis/filters-api#allocation-apis-request-sizing-v2-api
- operator: ":" # Ref: https://docs.kubecost.com/apis/filters-api#filter-operators
- value: "dev"
- cloudBreakdown: "service"
- cloudJoin: "label:kubernetes_namespace"
-
# Set saved Cloud Cost report(s) accessible from /reports
# Ref: http://docs.kubecost.com/saved-reports
cloudCostReports:
enabled: false # If true, overwrites report parameters set through UI
@@ -553,13 +559,11 @@
# fullImageName overrides the default image construction logic. The exact
# image provided (registry, image, tag) will be used for cost-model.
# fullImageName:
- # extraEnv:
- # - name: SOME_VARIABLE
- # value: "some_value"
# securityContext:
# readOnlyRootFilesystem: true
+
# Build local cost allocation cache
warmCache: false
# Run allocation ETL pipelines
etl: true
@@ -568,24 +572,58 @@
# The total number of days the ETL pipelines will build
# Set to 0 to disable daily ETL (not recommended)
etlDailyStoreDurationDays: 91
# The total number of hours the ETL pipelines will build
- # Set to 0 to disable hourly ETL (not recommended)
+ # Set to 0 to disable hourly ETL (recommended for large environments)
# Must be < prometheus server retention, otherwise empty data may overwrite
# known-good data
etlHourlyStoreDurationHours: 49
- # The total number of weeks the ETL pipelines will build
- # Set to 0 to disable weekly ETL (not recommended)
- # The default is 53 to ensure at least a year of coverage (371 days)
- etlWeeklyStoreDurationWeeks: 53
# For deploying kubecost in a cluster that does not self-monitor
etlReadOnlyMode: false
- # The name of the Secret containing a bucket config for ETL backup.
- # etlBucketConfigSecret:
- # The name of the Secret containing a bucket config for Federated storage. The contents should be stored
- # under a key named federated-store.yaml.
- # federatedStorageConfigSecret: ""
+ ## The name of the Secret containing a bucket config for Federated storage.
+ ## The contents should be stored under a key named federated-store.yaml.
+ ## Ref: https://docs.kubecost.com/install-and-configure/install/multi-cluster/long-term-storage-configuration
+ # federatedStorageConfigSecret: federated-store
+
+ ## Federated storage config can be supplied via a secret or the yaml block
+ ## below when using the block below, only a single provider is supported,
+ ## others are for example purposes.
+ ## Ref: https://docs.kubecost.com/install-and-configure/install/multi-cluster/long-term-storage-configuration
+ # federatedStorageConfig: |-
+ # # AWS EXAMPLE
+ # type: S3
+ # config:
+ # bucket: kubecost-federated-storage-bucket
+ # endpoint: s3.amazonaws.com
+ # region: us-east-1
+ # # best practice is to use pod identities to access AWS resources. Otherwise it is possible to use an access_key and secret_key
+ # access_key: ""
+ # secret_key: ""
+ # # AZURE EXAMPLE
+ # type: AZURE
+ # config:
+ # storage_account: ""
+ # storage_account_key: ""
+ # container: ""
+ # max_retries: 0
+ # # GCP EXAMPLE
+ # type: GCS
+ # config:
+ # bucket: kubecost-federated-storage-bucket
+ # service_account: |-
+ # {
+ # "type": "service_account",
+ # "project_id": "...",
+ # "private_key_id": "...",
+ # "private_key": "...",
+ # "client_email": "...",
+ # "client_id": "...",
+ # "auth_uri": "https://accounts.google.com/o/oauth2/auth",
+ # "token_uri": "https://oauth2.googleapis.com/token",
+ # "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
+ # "client_x509_cert_url": ""
+ # }
# Installs Kubecost/OpenCost plugins
plugins:
enabled: false
@@ -673,13 +711,18 @@
failureThreshold: 200
extraArgs: []
# Optional. A list of extra environment variables to be added to the cost-model container.
- # extraEnv: []
- # - name: LOG_LEVEL
- # value: trace
- # - name: LOG_FORMAT
- # value: json
+ # extraEnv:
+ # - name: LOG_LEVEL
+ # value: trace
+ # - name: LOG_FORMAT
+ # value: json
+ # # When false, Kubecost will not show Asset costs for local disks physically
+ # # attached to nodes (e.g. ephemeral storage). This needs to be applied to
+ # # each cluster monitored.
+ # - name: ASSET_INCLUDE_LOCAL_DISK_COST
+ # value: "true"
# creates an ingress directly to the model container, for API access
ingress:
enabled: false
@@ -705,9 +748,13 @@
# port: 40000
# targetPort: 40000
# containerPort: 40000
-# etlUtils is a utility currently used by Kubecost internal support to implement specific functionality related to Thanos conversion.
+## etlUtils is a utility typically used by Enterprise customers transitioning
+## from v1 to v2 of Kubecost. It translates the data from the "/etl" dir of the
+## bucket, to the "/federated" dir of the bucket.
+## Ref: https://docs.kubecost.com/install-and-configure/install/multi-cluster/federated-etl/thanos-migration-guide
+##
etlUtils:
enabled: false
fullImageName: null
resources: {}
@@ -889,8 +936,23 @@
port: 9008
{{- else }}
port: 9004
{{- end }}
+ ## Enables scraping of NVIDIA GPU metrics via dcgm-exporter. Scrapes all
+ ## endpoints which contain "dcgm-exporter" in labels "app",
+ ## "app.kubernetes.io/component", or "app.kubernetes.io/name" with a case
+ ## insensitive match.
+ ## Refs:
+ ## https://github.com/NVIDIA/gpu-operator/blob/d4316a415bbd684ce8416a88042305fc1a093aa4/assets/state-dcgm-exporter/0600_service.yaml#L7
+ ## https://github.com/NVIDIA/dcgm-exporter/blob/54fd1ca137c66511a87a720390613680b9bdabdd/deployment/templates/service.yaml#L23
+ - job_name: kubecost-dcgm-exporter
+ kubernetes_sd_configs:
+ - role: endpoints
+ relabel_configs:
+ - source_labels: [__meta_kubernetes_pod_label_app, __meta_kubernetes_pod_label_app_kubernetes_io_component, __meta_kubernetes_pod_label_app_kubernetes_io_name]
+ action: keep
+ regex: (?i)(.*dcgm-exporter.*|.*dcgm-exporter.*|.*dcgm-exporter.*)
+
server:
# If clusterIDConfigmap is defined, instead use user-generated configmap with key CLUSTER_ID
# to use as unique cluster ID in kubecost cost-analyzer deployment.
# This overrides the cluster_id set in prometheus.server.global.external_labels.
@@ -911,10 +973,10 @@
## Prometheus server container image
##
image:
- repository: quay.io/prometheus/prometheus
- tag: v2.52.0
+ repository: cgr.dev/chainguard/prometheus
+ tag: latest
pullPolicy: IfNotPresent
## prometheus server priorityClassName
##
@@ -1322,10 +1384,10 @@
## alertmanager container image
##
image:
- repository: quay.io/prometheus/alertmanager
- tag: v0.27.0
+ repository: cgr.dev/chainguard/prometheus-alertmanager
+ tag: latest
pullPolicy: IfNotPresent
## alertmanager priorityClassName
##
@@ -1608,10 +1670,10 @@
## configmap-reload container image
##
image:
- repository: quay.io/prometheus-operator/prometheus-config-reloader
- tag: v0.74.0
+ repository: cgr.dev/chainguard/prometheus-config-reloader
+ tag: latest
pullPolicy: IfNotPresent
## Additional configmap-reload container arguments
##
@@ -1648,10 +1710,10 @@
## configmap-reload container image
##
image:
- repository: quay.io/prometheus-operator/prometheus-config-reloader
- tag: v0.74.0
+ repository: cgr.dev/chainguard/prometheus-config-reloader
+ tag: latest
pullPolicy: IfNotPresent
## Additional configmap-reload container arguments
##
@@ -1705,9 +1767,9 @@
## node-exporter container image
##
image:
repository: prom/node-exporter
- tag: v1.8.0
+ tag: v1.8.2
pullPolicy: IfNotPresent
## node-exporter priorityClassName
##
@@ -1832,9 +1894,9 @@
## pushgateway container image
##
image:
repository: prom/pushgateway
- tag: v1.8.0
+ tag: v1.9.0
pullPolicy: IfNotPresent
## pushgateway priorityClassName
##
@@ -2256,9 +2318,9 @@
networkCosts:
enabled: false
image:
repository: gcr.io/kubecost1/kubecost-network-costs
- tag: v0.17.3
+ tag: v0.17.6
imagePullPolicy: IfNotPresent
updateStrategy:
type: RollingUpdate
# For existing Prometheus Installs, use the serviceMonitor: or prometheusScrape below.
@@ -2414,9 +2476,9 @@
# fullImageName overrides the default image construction logic. The exact
# image provided (registry, image, tag) will be used for the forecasting
# container.
# Example: fullImageName: gcr.io/kubecost1/forecasting:v0.0.1
- fullImageName: gcr.io/kubecost1/kubecost-modeling:v0.1.15
+ fullImageName: gcr.io/kubecost1/kubecost-modeling:v0.1.16
imagePullPolicy: IfNotPresent
# Resource specification block for the forecasting container.
resources:
@@ -2460,11 +2522,10 @@
initialDelaySeconds: 10
periodSeconds: 10
failureThreshold: 200
-## The Kubecost Aggregator is a high scale implementation of Kubecost intended
-## for large datasets and/or high query load. At present, this should only be
-## enabled when recommended by Kubecost staff.
+## The Kubecost Aggregator is the primary query backend for Kubecost
+## Ref: https://docs.kubecost.com/install-and-configure/install/multi-cluster/federated-etl/aggregator
##
kubecostAggregator:
# deployMethod determines how Aggregator is deployed. Current options are
# "singlepod" (within cost-analyzer Pod) "statefulset" (separate
@@ -2480,13 +2541,14 @@
# For legacy configuration support, `enabled: true` overrides deployMethod
# and causes `deployMethod: "statefulset"`
enabled: false
- # the below settings should only be modified with support from Kubecost staff
# Replicas sets the number of Aggregator replicas. It only has an effect if
# `deployMethod: "statefulset"`
replicas: 1
+ logLevel: info
+
# stagingEmptyDirSizeLimit changes how large the "staging"
# /var/configs/waterfowl emptyDir is. It only takes effect in StatefulSet
# configurations of Aggregator, other configurations are unaffected.
#
@@ -2503,24 +2565,20 @@
# the default of 25 is sufficient for 95%+ of users. This should only be modified
# after consulting with Kubecost's support team
numDBCopyPartitions: 25
- # env: has been removed to avoid unknown issues that would be caused by
- # customizations that were required to run aggregator in previous versions
- # extraEnv: can be used to add new environment variables to the aggregator pod
-
- logLevel: info
-
# How many threads the read database is configured with (i.e. Kubecost API /
# UI queries). If increasing this value, it is recommended to increase the
# aggregator's memory requests & limits.
# default: 1
dbReadThreads: 1
+
# How many threads the write database is configured with (i.e. ingestion of
# new data from S3). If increasing this value, it is recommended to increase
# the aggregator's memory requests & limits.
# default: 1
dbWriteThreads: 1
+
# How many threads to use when ingesting Asset/Allocation/CloudCost data
# from the federated store bucket. In most cases the default is sufficient,
# but can be increased if trying to backfill historical data.
# default: 1
@@ -2532,11 +2590,10 @@
# such that dbMemoryLimit + dbWriteMemoryLimit < the total memory available
# to the aggregator pod.
# default: 0GB is no limit
dbMemoryLimit: 0GB
- # Memory limit applied to write database connections.
- # default: 0GB is no limit
dbWriteMemoryLimit: 0GB
+
# How much data to ingest from the federated store bucket, and how much data
# to keep in the DB before rolling the data off.
#
# Note: If increasing this value to backfill historical data, it will take
@@ -2545,8 +2602,26 @@
# refresh and concurrency env vars.
#
# default: 91
etlDailyStoreDurationDays: 91
+
+ # How much hourly data to ingest from the federated store bucket, and how much
+ # to keep in the DB before rolling the data off.
+ #
+ # In high scale environments setting this to `0` can improve performance if hourly
+ # resolution is not a requirement.
+ #
+ # default: 49
+ etlHourlyStoreDurationHours: 49
+
+ # How much container resource usage data to retain in the DB, in terms of days.
+ #
+ # In high scale environments setting this to `0` can improve performance if hourly
+ # resolution is not a requirement.
+ #
+ # default: 1
+ containerResourceUsageRetentionDays: 1
+
# Trim memory on close, only change if advised by Kubecost support.
dbTrimMemoryOnClose: true
persistentConfigsStorage:
@@ -2664,13 +2739,16 @@
image: jaegertracing/all-in-one
imageVersion: latest
# containerSecurityContext:
+ service:
+ labels: {}
+
## Kubecost Multi-cluster Diagnostics (beta)
## A single view into the health of all agent clusters. Each agent cluster sends
## its diagnostic data to a storage bucket. Future versions may include
## repairing & alerting from the primary.
-## Ref: https://docs.kubecost.com/install-and-configure/install/multi-cluster-diagnostics
+## Ref: https://docs.kubecost.com/install-and-configure/install/multi-cluster/multi-cluster-diagnostics
##
diagnostics:
enabled: true
@@ -2717,9 +2795,9 @@
clusterController:
enabled: false
image:
repository: gcr.io/kubecost1/cluster-controller
- tag: v0.16.8
+ tag: v0.16.9
imagePullPolicy: IfNotPresent
## PriorityClassName
## Ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass
priorityClassName: ""
@@ -2931,10 +3009,10 @@
failureThreshold: 10
## Container image settings for the Grafana deployment
image:
- repository: grafana/grafana
- tag: 11.1.4
+ repository: cgr.dev/chainguard/grafana
+ tag: latest
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
@@ -2968,9 +3046,12 @@
port: 80
annotations: {}
labels: {}
- ## Ingress service for the Grafana deployment
+ ## This template is not needed and is not supported.
+ ## It is here for backwards compatibility.
+ ## Kubecost exposes grafana by default with the
+ ## top level ingress template under /grafana/
ingress:
enabled: false
annotations: {}
# kubernetes.io/ingress.class: nginx
@@ -3125,10 +3206,10 @@
## Grafana sidecars that collect the configmaps with specified label and stores the included files them into the respective folders
## Requires at least Grafana 5 to work and can't be used together with parameters dashboardProviders, datasources and dashboards
sidecar:
image:
- repository: kiwigrid/k8s-sidecar
- tag: 1.27.2
+ repository: cgr.dev/chainguard/k8s-sidecar
+ tag: latest
pullPolicy: IfNotPresent
resources: {}
dashboards:
enabled: true
@@ -3339,8 +3420,9 @@
# azureClientPassword: fake key # Only use if your values.yaml are stored encrypted. Otherwise provide an existing secret via serviceKeySecretName
# azureOfferDurableID: "MS-AZR-0003p"
# discount: "" # percentage discount applied to compute
# negotiatedDiscount: "" # custom negotiated cloud provider discount
+# standardDiscount: "" # custom negotiated cloud provider discount, applied to all incoming asset compute costs in a federated environment. Overrides negotiatedDiscount on any cluster in the federated environment.
# defaultIdle: false
# serviceKeySecretName: "" # Use an existing AWS or Azure secret with format as in aws-service-key-secret.yaml or azure-service-key-secret.yaml. Leave blank if using createServiceKeySecret
# createServiceKeySecret: true # Creates a secret representing your cloud service key based on data in values.yaml. If you are storing unencrypted values, add a secret manually
# sharedNamespaces: "" # namespaces with shared workloads, example value: "kube-system\,ingress-nginx\,kubecost\,monitoring"
@@ -3367,8 +3449,22 @@
# }
# secretname: smtpconfigsecret # Reference an existing k8s secret created from a file named smtp.json of format specified by config above. If the secretname is specified, a configmap with the key will not be created.
# mountPath: "/some/custom/path/smtp.json" # (use instead of secretname) Declare the path at which the SMTP config file is mounted (eg. by a secrets provisioner). The file must be of format specified by config above.
# carbonEstimates: false # Enables Kubecost beta carbon estimation endpoints /assets/carbon and /allocations/carbon
+# The below options to hide UI elements are only supported in Enterprise
+# hideDiagnostics: false # useful if the primary is not monitored. Supported in limited environments.
+# hideOrphanedResources: false # OrphanedResources works on the primary-cluster's cloud-provider only.
+# hideKubecostActions: false
+# hideReservedInstances: false
+# hideSpotCommander: false
+# hideUnclaimedVolumes: false
+# hideCloudIntegrationsUI: false
+# hideBellIcon: false
+# hideTeams: false
+# savingsRecommendationsAllowLists: # Define select list of instance types to be evaluated in computing Savings Recommendations
+# AWS: []
+# GCP: []
+# Azure: []
## Specify an existing Kubernetes Secret holding the cloud integration information. This Secret must contain
## a key with name `cloud-integration.json` and the contents must be in a specific format. It is expected
## to exist in the release Namespace. This is mutually exclusive with cloudIntegrationJSON where only one must be defined.
```
This PR contains the following updates:
2.3.5
->2.4.0
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
â™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.