This is Terraform module to install and configure the kube-prometheus-stack helm chart. It also allows to control the grafana annotations to secure the grafana access, trough nginx-ingress + cert-manager.
This module could also install the Prometheus Adapter helm chart.
This module is provided without any kind of warranty and is GPL3 licensed.
provider "kubernetes" {
host = # reference cluster endpoint
cluster_ca_certificate = # reference cluster ca certificate base64decode
token = # reference access token
}
provider "helm" {
kubernetes {
host = # reference cluster endpoint
cluster_ca_certificate = # reference cluster ca certificate base64decode
token = # reference access token
}
}
locals {
prometheus_stack_additional_values = yamlencode({
commonLabels: {
label1: "this-is-my-first-label"
label2: "this-is-my-second-label"
}
})
prometheus_adapter_additional_values = yamlencode({
resources: {
requests: {
cpu: "10m",
memory: "32Mi"
}
}
})
}
module "kube_prometheus_stack" {
source = "sparkfabrik/terraform-sparkfabrik-prometheus-stack"
prometheus_stack_chart_version = "31.0.0"
prometheus_adapter_chart_version = "3.0.1"
namespace = "kube-prometheus-stack"
regcred = "regcred-secret"
grafana_ingress_host = "monitoring.example.com"
grafana_ingress_class = "nginx"
grafana_cluster_issuer_name = "prod-certmanager"
grafana_tls_secret_name = "monitoring-tls"
grafana_ingress_basic_auth_username = "admin"
grafana_ingress_basic_auth_message = "Grafana basic auth"
prometheus_stack_additional_values = local.prometheus_stack_additional_values
prometheus_adapter_additional_values = local.prometheus_adapter_additional_values
}
Upgrading to 2.0.0 from 1.1.0 will destroy and recreate the basic auth password, which is now different from Grafana admin password, and will update the relative basic auth secret value.
Upgrading to version 2.0.0 will also cause the destruction of the namespace, which now becomes an array.
This implies that it will have to destroy also the Helm release.
To avoid destruction of the Helm release, you will need to use the moved
resource, to move the namespace as shown below:
moved {
from = module.MODULE_NAME.kubernetes_namespace.kube_prometheus_stack_namespace
to = moudle.MODULE_NAME.kubernetes_namespace.kube_prometheus_stack_namespace[0]
}