deploy/scenarios/wavefront-full-config.yaml

# Need to change YOUR_CLUSTER_NAME and YOUR_WAVEFRONT_URL accordingly
# This is not a valid configuration since some options are not compatible. See notes for more information.
# Unless otherwise specified, the values here are set to their default values.
apiVersion: wavefront.com/v1alpha1
kind: Wavefront
metadata:
  name: wavefront
  namespace: observability-system
spec:
  clusterName: YOUR_CLUSTER_NAME
  wavefrontUrl: YOUR_WAVEFRONT_URL
  wavefrontTokenSecret: wavefront-secret
  imagePullSecret: registry-secret
  dataCollection:
    # These are top level tolerations to be applied to all data collection (metrics and logging) DaemonSet pods. These
    # are meant to add custom tolerations to DaemonSet pods inorder to enable metrics and log collection from tainted
    # nodes.
    tolerations:
      - key: "key1"
        operator: "Equal"
        value: "value1"
        effect: "NoSchedule"
    logging:
      enable: true
      resources:
        limits:
          cpu: 1000m
          ephemeral-storage: 2Gi
          memory: 1Gi
        requests:
          cpu: 200m
          ephemeral-storage: 1Gi
          memory: 200Mi
      # Can be any key value pair that users can add to all logging emitted.
      tags:
        userDefinedTag: userDefinedValue
      filters:
        tagAllowList:
          # Can be any logging tag (source, service, application, container_name, pod_name, namespace_name, and cluster)
          service:
            - my-application-service-1
            - my-application-service-2
        tagDenyList:
          # Can be any logging tag (source, service, application, container_name, pod_name, namespace_name, and cluster)
          namespace_name:
            - kube-system
    metrics:
      enable: true
      # Can be any key value pair that users can add to all metrics emitted.
      tags:
        userDefinedTag: userDefinedValue
      # Filters to apply towards all metrics collected by the collector
      filters:
        # List of glob patterns.
        # Metrics with names matching the list are dropped.
        # Default: Optimized metrics collection to omit peripheral metrics.
        denyList:
          - 'kubernetes.sys_container.*'
          - 'kubernetes.collector.runtime.*'
          - 'kubernetes.*.network.rx_rate'
          - 'kubernetes.*.network.rx_errors_rate'
          - 'kubernetes.*.network.tx_rate'
          - 'kubernetes.*.network.tx_errors_rate'
          - 'kubernetes.*.memory.page_faults'
          - 'kubernetes.*.memory.page_faults_rate'
          - 'kubernetes.*.memory.major_page_faults'
          - 'kubernetes.*.memory.major_page_faults_rate'
          - 'kubernetes.*.filesystem.inodes'
          - 'kubernetes.*.filesystem.inodes_free'
          - 'kubernetes.*.ephemeral_storage.request'
          - 'kubernetes.*.ephemeral_storage.limit'
        # List of glob patterns.
        # Only metrics with names matching the list are reported.
        # Example: Allow metrics that start with the kubernetes prefix.
        allowList:
          - 'kubernetes.*'
        # Map of tag names to list of glob patterns.
        # Metrics containing these tag keys and values will be dropped.
        # Example: Block metrics that have a namespace_name tag of kube-system.
        tagDenyList:
          namespace_name:
            - 'kube-system'
        # Map of tag names to list of glob patterns.
        # Only metrics containing tag keys and values matching this list will be reported.
        # Example: Allow metrics that have an environment tag of production or staging.
        tagAllowList:
          env:
            - 'prod*'
            - 'staging*'
        # List of glob patterns.
        # Tags with matching keys will be excluded.
        # Default: Filter out generated labels.
        tagExclude:
          - 'label?controller?revision*'
          - 'label?pod?template*'
          - 'annotation_kubectl_kubernetes_io_last_applied_configuration'
        # List of glob patterns.
        # Tags with matching keys will be included. All other tags will be excluded.
        # Example: Allow metrics that have a tag key of cluster.
        tagInclude:
          - 'cluster'
        # List of tag keys.
        # Tags that are guaranteed to not be removed as part of limiting the point tags to the 20 tag limit.
        # Example: Guarantee that if metrics have a point tag key "prod", the tag key will not be filtered out.
        tagGuaranteeList:
          - 'prod'
      defaultCollectionInterval: 60s
      # Rules based and Prometheus endpoints auto-discovery.
      enableDiscovery: true
      # controlPlane can enable/disable control plane metrics
      controlPlane:
        enable: true
      clusterCollector:
        resources:
          limits:
            cpu: 2000m
            ephemeral-storage: 1Gi
            memory: 512Mi
          requests:
            cpu: 200m
            ephemeral-storage: 20Mi
            memory: 10Mi
      nodeCollector:
        resources:
          limits:
            cpu: 1000m
            ephemeral-storage: 512Mi
            memory: 256Mi
          requests:
            cpu: 200m
            ephemeral-storage: 20Mi
            memory: 10Mi
  dataExport:
    # Note on externalWavefrontProxy and wavefrontProxy
    #
    # It is not valid to define an external proxy (externalWavefrontProxy.url) and
    # enable the wavefront proxy (wavefrontProxy.enable) in your Kubernetes cluster.
    # If specified the externalWavefrontProxy is used by metrics and logging.
    externalWavefrontProxy:
      url: YOUR_EXTERNAL_PROXY_URL
    wavefrontProxy:
      enable: true
      metricPort: 2878
      preprocessor: advanced-proxy-preprocessor-rules
      resources:
        limits:
          cpu: 1000m
          ephemeral-storage: 8Gi
          memory: 4Gi
        requests:
          cpu: 100m
          ephemeral-storage: 2Gi
          memory: 1Gi
      tracing:
        wavefront:
          port: 30000
          samplingRate: "0.1"
          samplingDuration: 100
        zipkin:
          port: 9411
          applicationName: "zipkin"
        jaeger:
          port: 30001
          httpPort: 30080
          grpcPort: 14250
          applicationName: "jaeger"
      # Histogram distribution configuration
      histogram:
        port: 40000
        minutePort: 40001
        hourPort: 40002
        dayPort: 40003
      # OpenTelemetry Protocol configuration
      otlp:
        grpcPort: 4317
        httpPort: 4318
        resourceAttrsOnMetricsIncluded: false
      # DeltaCounterPort accumulates 1-minute delta counters on Wavefront data format
      deltaCounterPort: 50000
      httpProxy:
        secret: http-proxy-secret
      # Note on Proxy Configuration Precedence
      #
      # Most wavefront proxy configuration options should be available via explicit fields in the custom resource.
      # It is our recommendation to use those fields. However, it is also possible to specify options as proxy command
      # line parameters in the `dataExport.wavefrontProxy.args` field. If both are used, the operator will allow it at
      # this time, but the custom resource field will take precedence.
      #
      # For example, if you specify `--histogramDistListenerPorts 40123` in `dataExport.wavefrontProxy.args`
      #  and `dataExport.wavefrontProxy.histogram.port: 40000`,
      #  `dataExport.wavefrontProxy.histogram.port: 40000` will take precedence.
      args: >
        --customSourceTags mySource
        --prefix=dev
      replicas: 1
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: advanced-proxy-preprocessor-rules
  namespace: observability-system
data:
  rules.yaml: |
    '2878':
      - rule: tag-all-metrics-processed
        action: addTag
        tag: processed
        value: "true"
---
# Need to change YOUR_HTTP_PROXY_URL, YOUR_HTTP_PROXY_BASIC_AUTH_USERNAME, YOUR_HTTP_PROXY_BASIC_AUTH_PASSWORD, and YOUR_HTTP_PROXY_CA_CERTIFICATE accordingly
apiVersion: v1
kind: Secret
metadata:
  name: http-proxy-secret
  namespace: observability-system
type: Opaque
stringData:
  http-url: YOUR_HTTP_PROXY_URL #i.e. http://10.96.179.49:8080
  #  basic-auth-username: YOUR_HTTP_PROXY_BASIC_AUTH_USERNAME
  #  basic-auth-password: YOUR_HTTP_PROXY__BASIC_AUTH_PASSWORD
  tls-root-ca-bundle: |
    YOUR_HTTP_PROXY_CA_CERTIFICATE
---
# Need to change CONTROL_PLANE_ETCD_CA_CERTIFICATE, CONTROL_PLANE_ETCD_SERVER_CERTIFICATE, and CONTROL_PLANE_ETCD_SERVER_KEY accordingly
apiVersion: v1
kind: Secret
metadata:
  name: etcd-certs
  namespace: observability-system
type: Opaque
stringData:
  # The location of these certificates on the control plane host filesystem depends on your distribution.
  # Check your distribution documentation for how to access them. See the following as an example:
  # https://kubernetes.io/docs/setup/best-practices/certificates/#certificate-paths
  ca_crt: |
    CONTROL_PLANE_ETCD_CA_CERTIFICATE
  server_crt: |
    CONTROL_PLANE_ETCD_SERVER_CERTIFICATE
  server_key: |
    CONTROL_PLANE_ETCD_SERVER_KEY
---
# See docs/collector/metrics.md#telegraf-source for more details
apiVersion: v1
kind: Secret
metadata:
  name: memcached-config
  namespace: observability-system
  annotations:
    wavefront.com/discovery-config: 'true'
stringData:
  collector.yaml: |
    # specify a list of discovery rules (plugins)
    plugins:
    # memcached
    - name: memcached
      type: telegraf/memcached
      selectors:
        images:
        - 'docker.io/bitnami/memcached:*'
      port: 11211
      conf: |
        servers = ["memcached-release.collector-targets.svc.cluster.local:11211"]