diff --git a/charts/victoria-metrics-distributed/CHANGELOG.md b/charts/victoria-metrics-distributed/CHANGELOG.md
index 22f32e599..078f51b71 100644
--- a/charts/victoria-metrics-distributed/CHANGELOG.md
+++ b/charts/victoria-metrics-distributed/CHANGELOG.md
@@ -1,6 +1,15 @@
## Next release
-- TODO
+- `vmauthIngestGlobal` was changed to `write.global.vmauth`
+- `vmauthQueryGlobal` was changed to `read.global.vmauth`
+- `availabilityZones[*].allowIngest` was changed to `availabilityZones[*].write.allow`
+- `availabilityZones[*].allowRead` was changed to `availabilityZones[*].read.allow`
+- `availabilityZones[*].nodeSelector` was moved to `availabilityZones[*].common.spec.nodeSelector`
+- `availabilityZones[*].extraAffinity` was moved to `availabilityZones[*].common.spec.affinity`
+- `availabilityZones[*].topologySpreadConstraints` was moved to `availabilityZones[*].common.spec.topologySpreadConstraints`
+- `availabilityZones[*].vmauthIngest` was moved to `availabilityZones[*].write.vmauth`
+- `availabilityZones[*].vmauthQueryPerZone` was moved to `availabilityZones[*].read.perZone.vmauth`
+- `availabilityZones[*].vmauthCrossAZQuery` was moved to `availabilityZones[*].read.crossZone.vmauth`
## 0.3.1
diff --git a/charts/victoria-metrics-distributed/Chart.lock b/charts/victoria-metrics-distributed/Chart.lock
index ea7cdf613..d95082396 100644
--- a/charts/victoria-metrics-distributed/Chart.lock
+++ b/charts/victoria-metrics-distributed/Chart.lock
@@ -4,6 +4,6 @@ dependencies:
version: 0.0.13
- name: victoria-metrics-k8s-stack
repository: https://victoriametrics.github.io/helm-charts
- version: 0.25.16
-digest: sha256:70b3cd33db0ca6256a8abc353dbaa0deae4264d8b9664a3ceab5ab7225ab8a99
-generated: "2024-09-19T12:53:54.22191+08:00"
+ version: 0.25.17
+digest: sha256:68ca6c3beee62c629340801c0f3036baeb58632eb3cd2ae6bb3949ced18433eb
+generated: "2024-09-20T09:09:51.833064+03:00"
diff --git a/charts/victoria-metrics-distributed/Chart.yaml b/charts/victoria-metrics-distributed/Chart.yaml
index 766bd1141..6b2402728 100644
--- a/charts/victoria-metrics-distributed/Chart.yaml
+++ b/charts/victoria-metrics-distributed/Chart.yaml
@@ -2,7 +2,7 @@ apiVersion: v2
name: victoria-metrics-distributed
description: A Helm chart for Running VMCluster on Multiple Availability Zones
type: application
-version: 0.3.1
+version: 0.4.0
appVersion: "v1.103.0"
sources:
- https://github.com/VictoriaMetrics/helm-charts
diff --git a/charts/victoria-metrics-distributed/README.md b/charts/victoria-metrics-distributed/README.md
index 7008361c8..51fb5530d 100644
--- a/charts/victoria-metrics-distributed/README.md
+++ b/charts/victoria-metrics-distributed/README.md
@@ -243,37 +243,35 @@ Change the values according to the need of the environment in ``victoria-metrics
| availabilityZones |
list |
-- allowIngest: true
- allowQuery: true
- extraAffinity: {}
+- common:
+ spec:
+ affinity: {}
+ nodeSelector:
+ topology.kubernetes.io/zone: zone-eu-1
+ topologySpreadConstraints:
+ - maxSkew: 1
+ topologyKey: kubernetes.io/hostname
+ whenUnsatisfiable: ScheduleAnyway
name: zone-eu-1
- nodeSelector:
- topology.kubernetes.io/zone: zone-eu-1
- topologySpreadConstraints:
- - maxSkew: 1
- topologyKey: kubernetes.io/hostname
- whenUnsatisfiable: ScheduleAnyway
+ read:
+ allow: true
+ crossZone:
+ vmauth:
+ enabled: true
+ name: ""
+ spec: {}
+ perZone:
+ vmauth:
+ enabled: true
+ name: ""
+ spec:
+ extraArgs:
+ discoverBackendIPs: "true"
vmagent:
annotations: {}
enabled: true
name: ""
spec: {}
- vmauthCrossAZQuery:
- enabled: true
- name: ""
- spec: {}
- vmauthIngest:
- enabled: true
- name: ""
- spec:
- extraArgs:
- discoverBackendIPs: "true"
- vmauthQueryPerZone:
- enabled: true
- name: ""
- spec:
- extraArgs:
- discoverBackendIPs: "true"
vmcluster:
enabled: true
name: ""
@@ -292,37 +290,43 @@ Change the values according to the need of the environment in ``victoria-metrics
replicaCount: 2
resources: {}
storageDataPath: /vm-data
-- allowIngest: true
- allowQuery: true
- extraAffinity: {}
+ write:
+ allow: true
+ vmauth:
+ enabled: true
+ name: ""
+ spec:
+ extraArgs:
+ discoverBackendIPs: "true"
+- common:
+ spec:
+ affinity: {}
+ nodeSelector:
+ topology.kubernetes.io/zone: zone-us-1
+ topologySpreadConstraints:
+ - maxSkew: 1
+ topologyKey: kubernetes.io/hostname
+ whenUnsatisfiable: ScheduleAnyway
name: zone-us-1
- nodeSelector:
- topology.kubernetes.io/zone: zone-us-1
- topologySpreadConstraints:
- - maxSkew: 1
- topologyKey: kubernetes.io/hostname
- whenUnsatisfiable: ScheduleAnyway
+ read:
+ allow: true
+ crossZone:
+ vmauth:
+ enabled: true
+ name: ""
+ spec: {}
+ perZone:
+ vmauth:
+ enabled: true
+ name: ""
+ spec:
+ extraArgs:
+ discoverBackendIPs: "true"
vmagent:
annotations: {}
enabled: true
name: ""
spec: {}
- vmauthCrossAZQuery:
- enabled: true
- name: ""
- spec: {}
- vmauthIngest:
- enabled: true
- name: ""
- spec:
- extraArgs:
- discoverBackendIPs: "true"
- vmauthQueryPerZone:
- enabled: true
- name: ""
- spec:
- extraArgs:
- discoverBackendIPs: "true"
vmcluster:
enabled: true
name: ""
@@ -341,33 +345,21 @@ Change the values according to the need of the environment in ``victoria-metrics
replicaCount: 2
resources: {}
storageDataPath: /vm-data
+ write:
+ allow: true
+ vmauth:
+ enabled: true
+ name: ""
+ spec:
+ extraArgs:
+ discoverBackendIPs: "true"
|
config per availability zone components, including vmagent, vmcluster, vmauth etc
|
- | availabilityZones[0].allowIngest |
- bool |
-
-true
-
- |
- allow data ingestion to this zone
- |
-
-
- | availabilityZones[0].allowQuery |
- bool |
-
-true
-
- |
- allow data query from this zone through global query endpoint
- |
-
-
- | availabilityZones[0].extraAffinity |
+ availabilityZones[0].common.spec.affinity |
object |
{}
@@ -377,7 +369,7 @@ true
|
- | availabilityZones[0].nodeSelector |
+ availabilityZones[0].common.spec.nodeSelector |
object |
topology.kubernetes.io/zone: zone-eu-1
@@ -387,7 +379,7 @@ topology.kubernetes.io/zone: zone-eu-1
|
- | availabilityZones[0].topologySpreadConstraints |
+ availabilityZones[0].common.spec.topologySpreadConstraints |
list |
- maxSkew: 1
@@ -399,38 +391,39 @@ topology.kubernetes.io/zone: zone-eu-1
|
- | availabilityZones[0].vmagent |
- object |
-
-annotations: {}
-enabled: true
-name: ""
-spec: {}
+ | availabilityZones[0].read.allow |
+ bool |
+
+true
|
- vmagent here only meant to proxy write requests to each az, doesn’t support customized other remote write address.
+ | allow data query from this zone through global query endpoint
|
|
- | availabilityZones[0].vmauthCrossAZQuery |
+ availabilityZones[0].read.crossZone |
object |
-enabled: true
-name: ""
-spec: {}
+vmauth:
+ enabled: true
+ name: ""
+ spec: {}
|
- set up a vmauth with all the zone with allowQuery: true as query backends
+ | set up a vmauth with all the zone with allow: true as query backends
|
- | availabilityZones[0].vmauthIngest.name |
- string |
-
-""
+ | availabilityZones[0].vmagent |
+ object |
+
+annotations: {}
+enabled: true
+name: ""
+spec: {}
|
- override the name of the vmauth object
+ | vmagent here only meant to proxy write requests to each az, doesn’t support customized other remote write address.
|
|
@@ -467,7 +460,7 @@ vmstorage:
- | availabilityZones[1].allowIngest |
+ availabilityZones[0].write.allow |
bool |
true
@@ -477,17 +470,17 @@ true
|
- | availabilityZones[1].allowQuery |
- bool |
+ availabilityZones[0].write.vmauth.name |
+ string |
-true
+""
|
- allow data query from this zone through global query endpoint
+ | override the name of the vmauth object
|
- | availabilityZones[1].extraAffinity |
+ availabilityZones[1].common.spec.affinity |
object |
{}
@@ -497,7 +490,7 @@ true
|
- | availabilityZones[1].nodeSelector |
+ availabilityZones[1].common.spec.nodeSelector |
object |
topology.kubernetes.io/zone: zone-us-1
@@ -507,7 +500,7 @@ topology.kubernetes.io/zone: zone-us-1
|
- | availabilityZones[1].topologySpreadConstraints |
+ availabilityZones[1].common.spec.topologySpreadConstraints |
list |
- maxSkew: 1
@@ -516,6 +509,16 @@ topology.kubernetes.io/zone: zone-us-1
|
topologySpreadConstraints allows to customize the default topologySpreadConstraints.
+ |
+
+
+ | availabilityZones[1].read.allow |
+ bool |
+
+true
+
+ |
+ allow data query from this zone through global query endpoint
|
@@ -564,6 +567,43 @@ vmstorage:
spec for VMCluster crd, see https://docs.victoriametrics.com/operator/api#vmclusterspec
|
+
+ | availabilityZones[1].write.allow |
+ bool |
+
+true
+
+ |
+ allow data ingestion to this zone
+ |
+
+
+ | common.vmagent.spec.remoteWriteSettings.useMultiTenantMode |
+ bool |
+
+true
+
+ |
+ |
+
+
+ | common.vmcluster.spec.vminsert.serviceSpec.spec.clusterIP |
+ string |
+
+None
+
+ |
+ |
+
+
+ | common.vmcluster.spec.vminsert.serviceSpec.spec.type |
+ string |
+
+ClusterIP
+
+ |
+ |
+
| enableMultitenancy |
bool |
@@ -597,6 +637,15 @@ spec:
overrides the chart’s computed fullname.
|
+
+ | global |
+ object |
+
+{}
+
+ |
+ |
+
| nameOverride |
string |
@@ -605,6 +654,20 @@ vm-distributed
overrides the chart’s name
+ |
+
+
+ | read |
+ object |
+
+global:
+ vmauth:
+ enabled: true
+ name: ""
+ spec: {}
+
+ |
+ set up a vmauth as the global read entrypoint
|
@@ -637,27 +700,17 @@ vmsingle:
- | vmauthIngestGlobal |
+ write |
object |
-enabled: true
-name: ""
-spec: {}
+global:
+ vmauth:
+ enabled: true
+ name: ""
+ spec: {}
|
set up a vmauth as the global write entrypoint
- |
-
-
- | vmauthQueryGlobal |
- object |
-
-enabled: true
-name: ""
-spec: {}
-
- |
- set up a vmauth as the global read entrypoint
|
diff --git a/charts/victoria-metrics-distributed/templates/NOTES.txt b/charts/victoria-metrics-distributed/templates/NOTES.txt
index c720879b7..514127679 100644
--- a/charts/victoria-metrics-distributed/templates/NOTES.txt
+++ b/charts/victoria-metrics-distributed/templates/NOTES.txt
@@ -1,10 +1,10 @@
VictoriaMetrics distributed chart has been installed successfully!
-{{ if .Values.vmauthIngestGlobal.enabled }}
+{{ if .Values.write.global.vmauth.enabled }}
Global write endpoint is available now!
-You can send data to `http://vmauth-vmauth-global-write-{{ .Release.Name }}-vm-distributed:8427/prometheus/api/v1/write` from your client like vmagent, check more supported APIs [here](https://docs.victoriametrics.com/vmagent/#how-to-push-data-to-vmagent).
+You can send data to `http://vmauth-global-write-{{ .Release.Name }}-vm-distributed:8427/prometheus/api/v1/write` from your client like vmagent, check more supported APIs [here](https://docs.victoriametrics.com/vmagent/#how-to-push-data-to-vmagent).
{{- end }}
-{{ if .Values.vmauthQueryGlobal.enabled }}
+{{ if .Values.read.global.vmauth.enabled }}
Global read endpoint is available now!
-You can use `http://vmauth-vmauth-global-read-{{ .Release.Name }}-vm-distributed:8427/select//prometheus/` as datasource of vmalert or grafana, check more supported APIs [here](https://docs.victoriametrics.com/cluster-victoriametrics/#url-format).
+You can use `http://vmauth-global-read-{{ .Release.Name }}-vm-distributed:8427/select//prometheus/` as datasource of vmalert or grafana, check more supported APIs [here](https://docs.victoriametrics.com/cluster-victoriametrics/#url-format).
{{- end }}
diff --git a/charts/victoria-metrics-distributed/templates/_helpers.tpl b/charts/victoria-metrics-distributed/templates/_helpers.tpl
index 07ed1f6b9..3b7ed3ac3 100644
--- a/charts/victoria-metrics-distributed/templates/_helpers.tpl
+++ b/charts/victoria-metrics-distributed/templates/_helpers.tpl
@@ -1,173 +1,44 @@
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "victoria-metrics-distributed.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "victoria-metrics-distributed.fullname" -}}
-{{- if .Values.fullnameOverride }}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- $name := default .Chart.Name .Values.nameOverride }}
-{{- if contains $name .Release.Name }}
-{{- .Release.Name | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
-{{- end }}
-{{- end }}
-{{- end }}
-
-{{/*
-Create the name for global ingest vmauth
-*/}}
-{{- define "victoria-metrics-distributed.vmauthIngestGlobalName" -}}
-{{- .Values.vmauthIngestGlobal.name | default (printf "vmauth-global-write-%s" (include "victoria-metrics-distributed.fullname" .)) | trunc 63 }}
-{{- end }}
-
-{{/*
-Create the name for global query vmauth
-*/}}
-{{- define "victoria-metrics-distributed.vmauthQueryGlobalName" -}}
-{{- .Values.vmauthQueryGlobal.name | default (printf "vmauth-global-read-%s" (include "victoria-metrics-distributed.fullname" .)) | trunc 63 }}
-{{- end }}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "victoria-metrics-distributed.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
{{/*
Common labels
*/}}
{{- define "victoria-metrics-distributed.labels" -}}
-helm.sh/chart: {{ include "victoria-metrics-distributed.chart" . }}
+{{- $Chart := (.helm).Chart | default .Chart -}}
+{{- $Release := (.helm).Release | default .Release -}}
+helm.sh/chart: {{ include "vm.chart" . }}
{{ include "victoria-metrics-distributed.selectorLabels" . }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- if $Chart.AppVersion }}
+app.kubernetes.io/version: {{ $Chart.AppVersion | quote }}
{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
+app.kubernetes.io/managed-by: {{ $Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "victoria-metrics-distributed.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "victoria-metrics-distributed.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
+{{- $Release := (.helm).Release | default .Release -}}
+app.kubernetes.io/name: {{ include "vm.name" . }}
+app.kubernetes.io/instance: {{ $Release.Name }}
{{- end }}
-{{/*
-Create the name of the service account to use
-*/}}
-{{- define "victoria-metrics-distributed.serviceAccountName" -}}
-{{- if .Values.serviceAccount.create }}
-{{- default (include "victoria-metrics-distributed.fullname" .) .Values.serviceAccount.name }}
-{{- else }}
-{{- default "default" .Values.serviceAccount.name }}
-{{- end }}
-{{- end }}
-
-
-{{/*
-Lists all the ingest vmauth addresss as remote write addresses for per zone vmagent
-*/}}
-{{- define "per-zone-vmagent.remoteWriteAddr" -}}
-{{- $multitenacySuffix := "/insert/0/prometheus/api/v1/write" }}
-{{- if .Values.enableMultitenancy }}
- {{- $multitenacySuffix = "/insert/multitenant/prometheus/api/v1/write" }}
-{{- end }}
-{{- range $zone := .Values.availabilityZones }}
-{{- if $zone.allowIngest }}
-{{ printf "- url: http://vmauth-%s:8427%s" ( $zone.vmauthIngest.name | default (printf "vmauth-write-balancer-%s" $zone.name ) ) $multitenacySuffix | indent 2 }}
-{{- end }}
-{{- end }}
-{{- end }}
-
-
{{/*
Creates vmclusterSpec map, insert zone's nodeselector and topologySpreadConstraints to all the componets
*/}}
{{- define "per-zone-vmcluster.vmclusterSpec" -}}
-{{- $zonesMap := (dict) -}}
-{{- range $idx, $rolloutZone := .Values.availabilityZones -}}
-{{- $vmclusterSpec := deepCopy $rolloutZone.vmcluster.spec }}
-
-{{- $newNodeSelector := deepCopy $rolloutZone.nodeSelector }}
-{{- if $rolloutZone.vmcluster.spec.vminsert.nodeSelector }}
-{{- $newNodeSelector = mergeOverwrite (deepCopy $rolloutZone.nodeSelector) $rolloutZone.vmcluster.spec.vminsert.nodeSelector }}
-{{- end -}}
-{{- $newTopologySpreadConstraints := deepCopy $rolloutZone.topologySpreadConstraints }}
-{{- if $rolloutZone.vmcluster.spec.vminsert.topologySpreadConstraints }}
-{{- $newTopologySpreadConstraints = mergeOverwrite (deepCopy $rolloutZone.topologySpreadConstraints) $rolloutZone.vmcluster.spec.vminsert.topologySpreadConstraints }}
-{{- end -}}
-{{- $newvminsert := mergeOverwrite (dict "nodeSelector" $newNodeSelector) $vmclusterSpec.vminsert }}
-{{- $newvminsert = mergeOverwrite (dict "topologySpreadConstraints" $newTopologySpreadConstraints) $newvminsert }}
-{{- $newvminsert = mergeOverwrite (dict "serviceSpec" (dict "spec" (dict "clusterIP" "None" "type" "ClusterIP"))) $newvminsert }}
-{{- if or $rolloutZone.extraAffinity ( and $rolloutZone.vmcluster.spec.vminsert $rolloutZone.vmcluster.spec.vminsert.affinity ) }}
-{{- $newAffinity := mergeOverwrite (deepCopy $rolloutZone.extraAffinity) ($rolloutZone.vmcluster.spec.vminsert.affinity | default (dict)) }}
-{{- $newvminsert = mergeOverwrite (dict "affinity" $newAffinity) $newvminsert }}
-{{- end -}}
-
-{{- $newNodeSelector := deepCopy $rolloutZone.nodeSelector }}
-{{- if $rolloutZone.vmcluster.spec.vmstorage.nodeSelector }}
-{{- $newNodeSelector = mergeOverwrite (deepCopy $rolloutZone.nodeSelector) $rolloutZone.vmcluster.spec.vmstorage.nodeSelector }}
-{{- end -}}
-{{- $newTopologySpreadConstraints := deepCopy $rolloutZone.topologySpreadConstraints }}
-{{- if $rolloutZone.vmcluster.spec.vmstorage.topologySpreadConstraints }}
-{{- $newTopologySpreadConstraints = mergeOverwrite (deepCopy $rolloutZone.topologySpreadConstraints) $rolloutZone.vmcluster.spec.vmstorage.topologySpreadConstraints }}
-{{- end -}}
-{{- $newvmstorage := mergeOverwrite (dict "nodeSelector" $newNodeSelector) $vmclusterSpec.vmstorage }}
-{{- $newvmstorage = mergeOverwrite (dict "topologySpreadConstraints" $newTopologySpreadConstraints) $newvmstorage }}
-{{- if or $rolloutZone.extraAffinity ( and $rolloutZone.vmcluster.spec.vmstorage $rolloutZone.vmcluster.spec.vmstorage.affinity ) }}
-{{- $newAffinity := mergeOverwrite (deepCopy $rolloutZone.extraAffinity) ($rolloutZone.vmcluster.spec.vmstorage.affinity | default (dict)) }}
-{{- $newvmstorage = mergeOverwrite (dict "affinity" $newAffinity) $newvmstorage }}
-{{- end -}}
-
-{{- $newNodeSelector := deepCopy $rolloutZone.nodeSelector }}
-{{- if $rolloutZone.vmcluster.spec.vmselect.nodeSelector }}
-{{- $newNodeSelector = mergeOverwrite (deepCopy $rolloutZone.nodeSelector) $rolloutZone.vmcluster.spec.vmselect.nodeSelector }}
-{{- end -}}
-{{- $newTopologySpreadConstraints := deepCopy $rolloutZone.topologySpreadConstraints }}
-{{- if $rolloutZone.vmcluster.spec.vmselect.topologySpreadConstraints }}
-{{- $newTopologySpreadConstraints = mergeOverwrite (deepCopy $rolloutZone.topologySpreadConstraints) $rolloutZone.vmcluster.spec.vmselect.topologySpreadConstraints }}
+ {{- $ctx := (.helm) | default . }}
+ {{- $Values := $ctx.Values }}
+ {{- $zones := (dict) -}}
+ {{- $commonClusterSpec := ((($Values.common).vmcluster).spec) | default dict -}}
+ {{- range $idx, $rolloutZone := $Values.availabilityZones -}}
+ {{- $commonSpec := $rolloutZone.spec | default dict -}}
+ {{- $clusterSpec := mergeOverwrite (deepCopy $commonClusterSpec) (deepCopy $rolloutZone.vmcluster.spec) -}}
+ {{- range $name, $config := $clusterSpec -}}
+ {{- if and (hasPrefix "vm" $name) (kindIs "map" $config) -}}
+ {{ $config = mergeOverwrite (deepCopy $commonSpec) (deepCopy $config) }}
+ {{- $_ := set $clusterSpec $name $config -}}
+ {{- end -}}
+ {{- end -}}
+ {{- $_ := set $zones $rolloutZone.name $clusterSpec -}}
+ {{- end -}}
+ {{- tpl (toYaml $zones) $ctx -}}
{{- end -}}
-{{- $newvmselect := mergeOverwrite (dict "nodeSelector" $newNodeSelector) $vmclusterSpec.vmselect }}
-{{- $newvmselect = mergeOverwrite (dict "topologySpreadConstraints" $newTopologySpreadConstraints) $newvmselect }}
-{{- if or $rolloutZone.extraAffinity ( and $rolloutZone.vmcluster.spec.vmselect $rolloutZone.vmcluster.spec.vmselect.affinity ) }}
-{{- $newAffinity := mergeOverwrite (deepCopy $rolloutZone.extraAffinity) ($rolloutZone.vmcluster.spec.vmselect.affinity | default (dict)) }}
-{{- $newvmselect = mergeOverwrite (dict "affinity" $newAffinity) $newvmselect }}
-{{- end -}}
-
-{{- $newvmclusterSpec := dict "vminsert" $newvminsert "vmstorage" $newvmstorage "vmselect" $newvmselect }}
-{{- $vmclusterSpec = mergeOverwrite (deepCopy $vmclusterSpec) $newvmclusterSpec }}
-
-{{- $vmclusterName := default (printf "vmcluster-%s" $rolloutZone.name) $rolloutZone.vmcluster.name }}
-{{- $_ := set $zonesMap $vmclusterName $vmclusterSpec -}}
-{{- end -}}
-{{- $zonesMap | toYaml }}
-{{- end }}
-
-
-{{/*
-Gets global query entrance as grafana default datasource
-*/}}
-{{- define "victoria-metrics-distributed.globalQueryAddr" -}}
-url: {{ printf "http://vmauth-%s.%s.svc:%s/select/0/prometheus/" (include "victoria-metrics-distributed.vmauthQueryGlobalName" .) (include "vm.namespace" .) (.Values.vmauthQueryGlobal.spec.port | default "8427") }}
-{{- end }}
-
-
-{{/*
-Remote write spec for test-vmagent
-*/}}
-{{- define "victoria-metrics-distributed.extravmagentSpec" -}}
-{{- $remoteWriteSpec := dict "remoteWrite" (list ( dict "url" (printf "http://vmauth-%s.%s.svc:%s/prometheus/api/v1/write" (include "victoria-metrics-distributed.vmauthIngestGlobalName" .) (include "vm.namespace" .) (.Values.vmauthIngestGlobal.spec.port | default "8427") ) )) }}
-{{- tpl (deepCopy .Values.extraVMAgent.spec | mergeOverwrite $remoteWriteSpec | toYaml) . }}
-{{- end }}
diff --git a/charts/victoria-metrics-distributed/templates/extra-vmagent.yaml b/charts/victoria-metrics-distributed/templates/extra-vmagent.yaml
index 75c4631dc..672be0663 100644
--- a/charts/victoria-metrics-distributed/templates/extra-vmagent.yaml
+++ b/charts/victoria-metrics-distributed/templates/extra-vmagent.yaml
@@ -1,4 +1,5 @@
{{- if .Values.extraVMAgent.enabled }}
+{{- $ctx := dict "helm" . }}
---
apiVersion: operator.victoriametrics.com/v1beta1
kind: VMAgent
@@ -6,5 +7,8 @@ metadata:
labels: {{ include "victoria-metrics-distributed.labels" . | nindent 4 }}
name: {{ .Values.extraVMAgent.name }}
namespace: {{ include "vm.namespace" . }}
-spec: {{ include "victoria-metrics-distributed.extravmagentSpec" . | nindent 2 }}
+{{- $spec := (deepCopy .Values.extraVMAgent.spec) }}
+{{- $remoteWrites := list (dict "url" (printf "%s/prometheus/api/v1/write" (include "vm.url" $ctx))) }}
+{{- $_ := set $spec "remoteWrite" (concat $remoteWrites ($spec.remoteWrite | default list)) }}
+spec: {{ tpl (toYaml $spec) . | nindent 2 }}
{{- end }}
diff --git a/charts/victoria-metrics-distributed/templates/grafana-datasource.yaml b/charts/victoria-metrics-distributed/templates/grafana-datasource.yaml
index f83acd530..51d6b950c 100644
--- a/charts/victoria-metrics-distributed/templates/grafana-datasource.yaml
+++ b/charts/victoria-metrics-distributed/templates/grafana-datasource.yaml
@@ -1,9 +1,10 @@
-{{ if and .Values.vmauthQueryGlobal.enabled (index .Values "victoria-metrics-k8s-stack" "grafana" "enabled") }}
+{{ if and .Values.read.global.vmauth.enabled (index .Values "victoria-metrics-k8s-stack" "grafana" "enabled") }}
+{{- $url := (printf "%s/select/0/prometheus/" (include "vm.url" .)) }}
---
apiVersion: v1
kind: ConfigMap
metadata:
- name: {{ include "victoria-metrics-distributed.fullname" . }}-grafana-ds
+ name: {{ include "vm.fullname" . }}-grafana-ds
namespace: {{ include "vm.namespace" . }}
labels: {{ include "victoria-metrics-distributed.labels" . | nindent 4 }}
{{ index .Values "victoria-metrics-k8s-stack" "grafana" "sidecar" "datasources" "label" }}: "1"
@@ -13,8 +14,7 @@ data:
datasources:
- name: VictoriaMetrics
type: prometheus
- {{- $readEndpoint:= (include "victoria-metrics-distributed.globalQueryAddr" . | fromYaml) }}
- url: {{ $readEndpoint.url }}
+ url: {{ $url }}
access: proxy
isDefault: true
jsonData: {}
diff --git a/charts/victoria-metrics-distributed/templates/per-az/vmagent.yaml b/charts/victoria-metrics-distributed/templates/per-az/vmagent.yaml
index 788903fc5..5792b6d19 100644
--- a/charts/victoria-metrics-distributed/templates/per-az/vmagent.yaml
+++ b/charts/victoria-metrics-distributed/templates/per-az/vmagent.yaml
@@ -1,5 +1,10 @@
-{{- range $zone := .Values.availabilityZones }}
+{{- $ctx := dict "helm" . }}
+{{- $tenant := ternary "multitenant" "0" .Values.enableMultitenancy }}
+{{- range $i, $zone := .Values.availabilityZones }}
{{- if $zone.vmagent.enabled }}
+{{- if (($zone.vmagent).spec).remoteWrite }}
+ {{- fail "Error: distributed vmagent doesn't support customized remoteWrite address" }}
+{{- end }}
---
apiVersion: operator.victoriametrics.com/v1beta1
kind: VMAgent
@@ -8,39 +13,18 @@ metadata:
{{- with $zone.vmagent.annotations }}
annotations: {{ toYaml . | nindent 4 }}
{{- end }}
- name: {{ $zone.vmagent.name | default (printf "vmagent-%s" $zone.name ) }}
+ {{- $_ := set $ctx "appKey" (list "availabilityZones" $i "vmagent") }}
+ name: {{ include "vm.fullname" $ctx }}
namespace: {{ include "vm.namespace" $ }}
-spec:
-{{- if and $zone.vmagent.spec $zone.vmagent.spec.remoteWrite }}
-{{- fail "Error: distributed vmagent doesn't support customized remoteWrite address" }}
-{{- end }}
-{{- $nodeSelector := deepCopy $zone.nodeSelector }}
-{{- if and $zone.vmagent.spec $zone.vmagent.spec.nodeSelector }}
-{{- $nodeSelector = mergeOverwrite (deepCopy $zone.nodeSelector) $zone.vmagent.spec.nodeSelector }}
-{{- end }}
- nodeSelector: {{ toYaml $nodeSelector | nindent 4 }}
-{{- if or $zone.extraAffinity ( and $zone.vmagent.spec $zone.vmagent.spec.affinity ) }}
-{{- $affinity := mergeOverwrite (deepCopy $zone.extraAffinity) ($zone.vmagent.spec.affinity | default (dict)) }}
- affinity: {{ toYaml $affinity | nindent 4 }}
-{{- end }}
-{{- $topologySpreadConstraints := deepCopy $zone.topologySpreadConstraints }}
-{{- if and $zone.vmagent.spec $zone.vmagent.spec.topologySpreadConstraints }}
-{{- $topologySpreadConstraints = mergeOverwrite (deepCopy $zone.topologySpreadConstraints) $zone.vmagent.spec.topologySpreadConstraints }}
-{{- end }}
- topologySpreadConstraints: {{ toYaml $topologySpreadConstraints | nindent 4 }}
- remoteWrite:
-{{- default "{}" (include "per-zone-vmagent.remoteWriteAddr" $) }}
-{{- $spec := deepCopy $zone.vmagent.spec }}
-{{- $spec := unset $spec "nodeSelector" }}
-{{- $spec := unset $spec "affinity" }}
-{{- $spec := unset $spec "topologySpreadConstraints" }}
-{{- $spec := unset $spec "remoteWriteSettings" }}
-{{- if $spec }}
-{{- toYaml $spec | nindent 2 }}
-{{- end }}
-{{- if $.Values.enableMultitenancy }}
- {{- $mergedSettings := merge (default (default dict) $zone.vmagent.spec.remoteWriteSettings) (dict "useMultiTenantMode" true) }}
- remoteWriteSettings: {{ toYaml $mergedSettings | nindent 4 }}
-{{- end }}
+{{- $spec := mergeOverwrite (deepCopy ($zone.common).spec) (deepCopy ($zone.vmagent).spec) }}
+{{- $remoteWrites := default list }}
+{{- range $rwZone := $.Values.availabilityZones }}
+ {{- if $rwZone.write.allow }}
+ {{- $url := trimSuffix "/" (include "vm.url" $ctx) }}
+ {{- $remoteWrites = append $remoteWrites (dict "url" (printf "%s/insert/%s/prometheus/api/v1/write" $url $tenant)) }}
+ {{- end }}
+{{- end }}
+{{- $_ := set $spec "remoteWrite" (concat $remoteWrites ($spec.remoteWrites | default list)) }}
+spec: {{ toYaml $spec | nindent 2 }}
{{- end }}
{{- end }}
diff --git a/charts/victoria-metrics-distributed/templates/per-az/vmauth-read-balancer.yaml b/charts/victoria-metrics-distributed/templates/per-az/vmauth-read-balancer.yaml
index 6088c34c2..474823296 100644
--- a/charts/victoria-metrics-distributed/templates/per-az/vmauth-read-balancer.yaml
+++ b/charts/victoria-metrics-distributed/templates/per-az/vmauth-read-balancer.yaml
@@ -1,48 +1,28 @@
-{{- $top := . -}}
-{{- range $zone := .Values.availabilityZones }}
-{{- if $zone.vmauthQueryPerZone.enabled }}
+{{- $ns := include "vm.namespace" . }}
+{{- $ctx := dict "helm" . }}
+{{- range $i, $zone := .Values.availabilityZones }}
+{{- if $zone.read.perZone.vmauth.enabled }}
---
apiVersion: operator.victoriametrics.com/v1beta1
kind: VMAuth
metadata:
- name: {{ $zone.vmauthQueryPerZone.name | default (printf "vmauth-read-balancer-%s" $zone.name ) }}
- namespace: {{ include "vm.namespace" $ }}
- labels: {{ include "victoria-metrics-distributed.labels" $top | nindent 4 }}
- {{- with $zone.vmauthQueryPerZone.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
+ {{- $_ := set $ctx "appKey" (list "availabilityZones" $i "read" "perZone" "vmauth") }}
+ name: read-balancer-{{ include "vm.fullname" $ctx }}
+ namespace: {{ $ns }}
+ labels: {{ include "victoria-metrics-distributed.labels" $ | nindent 4 }}
+ {{- with $zone.read.perZone.vmauth.annotations }}
+ annotations: {{ toYaml . | nindent 4 }}
{{- end }}
-spec:
-{{- $nodeSelector := deepCopy $zone.nodeSelector }}
-{{- if $zone.vmauthQueryPerZone.spec.nodeSelector }}
-{{- $nodeSelector = mergeOverwrite (deepCopy $zone.nodeSelector) $zone.vmauthQueryPerZone.spec.nodeSelector }}
-{{- end }}
- nodeSelector:
-{{- toYaml $nodeSelector | nindent 4 }}
-{{- if or $zone.extraAffinity ( and $zone.vmauthQueryPerZone.spec $zone.vmauthQueryPerZone.spec.affinity ) }}
-{{- $affinity := mergeOverwrite (deepCopy $zone.extraAffinity) ($zone.vmauthQueryPerZone.spec.affinity | default (dict)) }}
- affinity:
-{{- toYaml $affinity | nindent 4 }}
-{{- end }}
-{{- $topologySpreadConstraints := deepCopy $zone.topologySpreadConstraints }}
-{{- if $zone.vmauthQueryPerZone.spec.topologySpreadConstraints }}
-{{- $topologySpreadConstraints = mergeOverwrite (deepCopy $zone.topologySpreadConstraints) $zone.vmauthQueryPerZone.spec.topologySpreadConstraints }}
-{{- end }}
- topologySpreadConstraints:
-{{- toYaml $topologySpreadConstraints | nindent 4 }}
+{{- $spec := mergeOverwrite (deepCopy (($zone.common).spec)) (deepCopy (((($zone.read).perZone).vmauth).spec)) }}
+spec: {{ toYaml (omit $spec "unauthorizedAccessConfig") | nindent 2 }}
unauthorizedAccessConfig:
- - src_paths:
- - "/select/.+"
- url_prefix:
-{{ printf "- http://vmselect-vmcluster-%s:8481/" $zone.name | indent 8 }}
-{{- $spec := deepCopy $zone.vmauthQueryPerZone.spec }}
-{{- $spec := unset $spec "nodeSelector" }}
-{{- $spec := unset $spec "affinity" }}
-{{- $spec := unset $spec "topologySpreadConstraints" }}
-{{- $spec := unset $spec "unauthorizedAccessConfig" }}
-{{- if $spec }}
-{{- toYaml $spec | nindent 2 }}
-{{- end }}
+ - src_paths:
+ - "/select/.+"
+ {{- $_ := set $ctx "appKey" (list "availabilityZones" $i "vmcluster" "spec" "vmselect") }}
+ {{- $_ := set $ctx "style" "managed" }}
+ url_prefix:
+ - {{ include "vm.url" $ctx }}
+ {{- $_ := unset $ctx "style" }}
{{- end }}
{{- end }}
diff --git a/charts/victoria-metrics-distributed/templates/per-az/vmauth-read-proxy.yaml b/charts/victoria-metrics-distributed/templates/per-az/vmauth-read-proxy.yaml
index 3fe008656..7fd021749 100644
--- a/charts/victoria-metrics-distributed/templates/per-az/vmauth-read-proxy.yaml
+++ b/charts/victoria-metrics-distributed/templates/per-az/vmauth-read-proxy.yaml
@@ -1,52 +1,42 @@
+{{- $ns := include "vm.namespace" . }}
+{{- $ctx := dict "helm" . }}
{{- range $i, $zone := .Values.availabilityZones }}
-{{- if and $zone.vmauthCrossAZQuery.enabled $zone.vmauthQueryPerZone.enabled}}
+{{- if and $zone.read.crossZone.vmauth.enabled $zone.read.perZone.vmauth.enabled }}
---
apiVersion: operator.victoriametrics.com/v1beta1
kind: VMAuth
metadata:
- name: {{ $zone.vmauthCrossAZQuery.name | default (printf "vmauth-read-proxy-%s" $zone.name ) }}
- namespace: {{ include "vm.namespace" $ }}
+ {{- $_ := set $ctx "appKey" (list "availabilityZones" $i "read" "crossZone" "vmauth") }}
+ name: read-proxy-{{ include "vm.fullname" $ctx }}
+ namespace: {{ $ns }}
labels: {{ include "victoria-metrics-distributed.labels" $ | nindent 4 }}
- {{- with $zone.vmauthCrossAZQuery.annotations }}
+ {{- with $zone.read.crossZone.vmauth.annotations }}
annotations: {{ toYaml . | nindent 4 }}
- {{- end }}
-spec:
-{{- $nodeSelector := deepCopy $zone.nodeSelector }}
-{{- if $zone.vmauthCrossAZQuery.spec.nodeSelector }}
-{{- $nodeSelector = mergeOverwrite (deepCopy $zone.nodeSelector) $zone.vmauthCrossAZQuery.spec.nodeSelector }}
-{{- end }}
- nodeSelector: {{ toYaml $nodeSelector | nindent 4 }}
-{{- if or $zone.extraAffinity ( and $zone.vmauthCrossAZQuery.spec $zone.vmauthCrossAZQuery.spec.affinity ) }}
-{{- $affinity := mergeOverwrite (deepCopy $zone.extraAffinity) ($zone.vmauthCrossAZQuery.spec.affinity | default (dict)) }}
- affinity: {{ toYaml $affinity | nindent 4 }}
-{{- end }}
-{{- $topologySpreadConstraints := deepCopy $zone.topologySpreadConstraints }}
-{{- if $zone.vmauthCrossAZQuery.spec.topologySpreadConstraints }}
-{{- $topologySpreadConstraints = mergeOverwrite (deepCopy $zone.topologySpreadConstraints) $zone.vmauthCrossAZQuery.spec.topologySpreadConstraints }}
-{{- end }}
- topologySpreadConstraints: {{ toYaml $topologySpreadConstraints | nindent 4 }}
+ {{- end }}
+{{- $spec := mergeOverwrite (deepCopy (($zone.common).spec)) (deepCopy (((($zone.read).crossZone).vmauth).spec)) }}
+spec: {{ toYaml (omit $spec "unauthorizedAccessConfig") | nindent 2 }}
unauthorizedAccessConfig:
- - src_paths:
- - "/select/.+"
- url_prefix:
-{{- if $zone.allowQuery }}
-{{ printf "- http://vmauth-%s:8427/" ($zone.vmauthQueryPerZone.name | default ( printf "vmauth-read-balancer-%s" $zone.name ))| indent 8 }}
-{{- end }}
-{{- range $j, $tmpzone := $.Values.availabilityZones }}
-{{- if and (ne $j $i) $tmpzone.allowQuery }}
-{{ printf "- http://vmauth-%s:8427/" ($tmpzone.vmauthQueryPerZone.name | default ( printf "vmauth-read-balancer-%s" $tmpzone.name )) | indent 8 }}
-{{- end }}
-{{- end }}
- load_balancing_policy: first_available
- retry_status_codes:
- - 503
-{{- $spec := deepCopy $zone.vmauthCrossAZQuery.spec }}
-{{- $spec := unset $spec "nodeSelector" }}
-{{- $spec := unset $spec "affinity" }}
-{{- $spec := unset $spec "topologySpreadConstraints" }}
-{{- $spec := unset $spec "unauthorizedAccessConfig" }}
-{{- if $spec }}
-{{- toYaml $spec | nindent 2 }}
-{{- end }}
+ - src_paths:
+ - "/select/.+"
+ load_balancing_policy: first_available
+ retry_status_codes:
+ - 503
+ {{- $_ := set $ctx "style" "managed" }}
+ {{- $urls := default list }}
+ {{- if $zone.read.allow }}
+ {{- $_ := set $ctx "prefix" "read-balancer" }}
+ {{- $_ := set $ctx "appKey" (list "availabilityZones" $i "read" "perZone" "vmauth") }}
+ {{- $urls = append $urls (include "vm.url" $ctx) }}
+ {{- end }}
+ {{- $_ := set $ctx "prefix" "read-proxy" }}
+ {{- range $j, $cross := $.Values.availabilityZones }}
+ {{- if and (ne $j $i) $cross.read.allow }}
+ {{- $_ := set $ctx "appKey" (list "availabilityZones" $j "read" "perZone" "vmauth") }}
+ {{- $urls = append $urls (include "vm.url" $ctx)}}
+ {{- end }}
+ {{- end }}
+ url_prefix: {{ toYaml $urls | nindent 4 }}
+ {{- $_ := unset $ctx "style" }}
+ {{- $_ := unset $ctx "prefix" }}
{{- end }}
{{- end }}
diff --git a/charts/victoria-metrics-distributed/templates/per-az/vmauth-write-balancer.yaml b/charts/victoria-metrics-distributed/templates/per-az/vmauth-write-balancer.yaml
index d89f3ecb1..100c04bc4 100644
--- a/charts/victoria-metrics-distributed/templates/per-az/vmauth-write-balancer.yaml
+++ b/charts/victoria-metrics-distributed/templates/per-az/vmauth-write-balancer.yaml
@@ -1,43 +1,28 @@
-{{- range $zone := .Values.availabilityZones }}
-{{- if $zone.vmauthIngest.enabled }}
+{{- $ctx := dict "helm" . }}
+{{- range $i, $zone := .Values.availabilityZones }}
+{{- if $zone.write.vmauth.enabled }}
+{{- $_ := set $ctx "appKey" (list "availabilityZones" $i "vmcluster" "spec" "vminsert") }}
---
apiVersion: operator.victoriametrics.com/v1beta1
kind: VMAuth
metadata:
- name: {{ $zone.vmauthIngest.name | default (printf "vmauth-write-balancer-%s" $zone.name ) }}
+ {{- $_ := set $ctx "appKey" (list "availabilityZones" $i "write" "vmauth") }}
+ name: write-balancer-{{ include "vm.fullname" $ctx }}
namespace: {{ include "vm.namespace" $ }}
labels: {{ include "victoria-metrics-distributed.labels" $ | nindent 4 }}
- {{- with $zone.vmauthIngest.annotations }}
+ {{- with $zone.write.vmauth.annotations }}
annotations: {{ toYaml . | nindent 4 }}
{{- end }}
-spec:
-{{- $nodeSelector := deepCopy $zone.nodeSelector }}
-{{- if $zone.vmauthIngest.spec.nodeSelector }}
-{{- $nodeSelector = mergeOverwrite (deepCopy $zone.nodeSelector) $zone.vmauthIngest.spec.nodeSelector }}
-{{- end }}
- nodeSelector: {{ toYaml $nodeSelector | nindent 4 }}
-{{- if or $zone.extraAffinity ( and $zone.vmauthIngest.spec $zone.vmauthIngest.spec.affinity ) }}
-{{- $affinity := mergeOverwrite (deepCopy $zone.extraAffinity) ($zone.vmauthIngest.spec.affinity | default (dict)) }}
- affinity:
-{{- toYaml $affinity | nindent 4 }}
-{{- end }}
-{{- $topologySpreadConstraints := deepCopy $zone.topologySpreadConstraints }}
-{{- if $zone.vmauthIngest.spec.topologySpreadConstraints }}
-{{- $topologySpreadConstraints = mergeOverwrite (deepCopy $zone.topologySpreadConstraints) $zone.vmauthIngest.spec.topologySpreadConstraints }}
-{{- end }}
- topologySpreadConstraints: {{ toYaml $topologySpreadConstraints | nindent 4 }}
+{{- $spec := $zone.spec | default dict }}
+{{- $spec = merge (deepCopy $spec) (deepCopy $zone.write.vmauth.spec) }}
+spec: {{ toYaml (omit $spec "unauthorizedAccessConfig") | nindent 2 }}
+ {{- $_ := set $ctx "style" "managed" }}
+ {{- $_ := set $ctx "appKey" (list "availabilityZones" $i "vmcluster" "spec" "vminsert") }}
unauthorizedAccessConfig:
- - src_paths:
- - "/insert/.+"
- url_prefix:
- - "http://vminsert-vmcluster-{{ $zone.name }}-additional-service:8480/"
-{{- $spec := deepCopy $zone.vmauthIngest.spec }}
-{{- $spec := unset $spec "nodeSelector" }}
-{{- $spec := unset $spec "affinity" }}
-{{- $spec := unset $spec "topologySpreadConstraints" }}
-{{- $spec := unset $spec "unauthorizedAccessConfig" }}
-{{- if $spec }}
-{{- toYaml $spec | nindent 2 }}
-{{- end }}
+ - src_paths:
+ - "/insert/.+"
+ url_prefix:
+ - {{ include "vm.url" $ctx }}
+ {{- $_ := unset $ctx "style" }}
{{- end }}
{{- end }}
diff --git a/charts/victoria-metrics-distributed/templates/vmauth-read.yaml b/charts/victoria-metrics-distributed/templates/vmauth-read.yaml
index 3cf8ee8ea..ac8f194ed 100644
--- a/charts/victoria-metrics-distributed/templates/vmauth-read.yaml
+++ b/charts/victoria-metrics-distributed/templates/vmauth-read.yaml
@@ -1,28 +1,33 @@
-{{- if .Values.vmauthQueryGlobal.enabled }}
+{{- if .Values.read.global.vmauth.enabled }}
+{{- $ctx := dict "helm" . "appKey" (list "write" "global" "vmauth") }}
---
apiVersion: operator.victoriametrics.com/v1beta1
kind: VMAuth
metadata:
- name: {{ include "victoria-metrics-distributed.vmauthQueryGlobalName" . }}
+ name: read-global-{{ include "vm.fullname" $ctx }}
namespace: {{ include "vm.namespace" . }}
labels: {{ include "victoria-metrics-distributed.labels" . | nindent 4 }}
- {{- with .Values.vmauthQueryGlobal.annotations }}
+ {{- with .Values.read.global.vmauth.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
+{{- $spec := .Values.read.global.vmauth.spec }}
spec:
+ {{- with (omit $spec "unauthorizedAccessConfig") }}
+ {{- toYaml . | nindent 2 }}
+ {{- end }}
unauthorizedAccessConfig:
- - src_paths:
- - "/select/.+"
- url_prefix:
-{{- range $zone := $.Values.availabilityZones }}
-{{ printf "- http://vmauth-%s:8427/" ( $zone.vmauthCrossAZQuery.name | default ( printf "vmauth-read-proxy-%s" $zone.name )) | indent 8 }}
-{{- end }}
-{{- $spec := deepCopy .Values.vmauthQueryGlobal.spec }}
-{{- $spec := unset $spec "unauthorizedAccessConfig" }}
- load_balancing_policy: first_available
-{{- if $spec }}
-{{- toYaml $spec | nindent 2 }}
-{{- end }}
+ - src_paths:
+ - "/select/.+"
+ load_balancing_policy: first_available
+ {{- $_ := set $ctx "style" "managed" }}
+ {{- $_ := set $ctx "prefix" "read-proxy" }}
+ {{- $urls := default list }}
+ {{- range $i, $zone := $.Values.availabilityZones }}
+ {{- $_ := set $ctx "appKey" (list "availabilityZones" $i "read" "crossZone" "vmauth") }}
+ {{- $urls = append $urls (include "vm.url" $ctx) }}
+ {{- end }}
+ {{- $_ := unset $ctx "style" }}
+ url_prefix: {{ toYaml $urls | nindent 4 }}
{{- end }}
diff --git a/charts/victoria-metrics-distributed/templates/vmauth-write.yaml b/charts/victoria-metrics-distributed/templates/vmauth-write.yaml
index 908496e38..c954a42c0 100644
--- a/charts/victoria-metrics-distributed/templates/vmauth-write.yaml
+++ b/charts/victoria-metrics-distributed/templates/vmauth-write.yaml
@@ -1,30 +1,33 @@
-{{- if .Values.vmauthIngestGlobal.enabled }}
+{{- if .Values.write.global.vmauth.enabled }}
+{{- $ctx := dict "helm" . "appKey" (list "write" "global" "vmauth") }}
---
apiVersion: operator.victoriametrics.com/v1beta1
kind: VMAuth
metadata:
- name: {{ include "victoria-metrics-distributed.vmauthIngestGlobalName" . }}
+ name: write-global-{{ include "vm.fullname" $ctx }}
namespace: {{ include "vm.namespace" . }}
labels: {{ include "victoria-metrics-distributed.labels" . | nindent 4 }}
- {{- with .Values.vmauthIngestGlobal.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
+ {{- with .Values.write.global.vmauth.annotations }}
+ annotations: {{ toYaml . | nindent 4 }}
{{- end }}
+{{- $spec := .Values.write.global.vmauth.spec }}
spec:
+ {{- with (omit $spec "unauthorizedAccessConfig") }}
+ {{- toYaml . | nindent 2 }}
+ {{- end }}
unauthorizedAccessConfig:
- - src_paths:
- - "/api/v1/write"
- - "/prometheus/api/v1/write"
- - "/write"
- - "/api/v1/import"
- - "/api/v1/import/.+"
- url_prefix:
-{{- range $zone := $.Values.availabilityZones }}
-{{ printf "- http://vmagent-%s:8429/" ($zone.vmagent.name | default (printf "vmagent-%s" $zone.name )) | indent 8 }}
-{{- end }}
-{{- $spec := deepCopy .Values.vmauthIngestGlobal.spec }}
-{{- $spec := unset $spec "unauthorizedAccessConfig" }}
-{{- if $spec }}
-{{- toYaml $spec | nindent 2 }}
-{{- end }}
+ - src_paths:
+ - "/api/v1/write"
+ - "/prometheus/api/v1/write"
+ - "/write"
+ - "/api/v1/import"
+ - "/api/v1/import/.+"
+ {{- $_ := set $ctx "style" "managed" }}
+ {{- $urls := default list }}
+ {{- range $i, $zone := $.Values.availabilityZones }}
+ {{- $_ := set $ctx "appKey" (list "availabilityZones" $i "vmagent") }}
+ {{- $urls = append $urls (include "vm.url" $ctx) }}
+ {{- end }}
+ {{- $_ := unset $ctx "style" }}
+ url_prefix: {{ toYaml $urls | nindent 4 }}
{{- end }}
diff --git a/charts/victoria-metrics-distributed/values.yaml b/charts/victoria-metrics-distributed/values.yaml
index 4cf24322c..9b1985a37 100644
--- a/charts/victoria-metrics-distributed/values.yaml
+++ b/charts/victoria-metrics-distributed/values.yaml
@@ -4,65 +4,90 @@ nameOverride: "vm-distributed"
# -- overrides the chart's computed fullname.
fullnameOverride: ""
+global: {}
+
+common:
+ vmagent:
+ spec:
+ remoteWriteSettings:
+ useMultiTenantMode: true
+ vmcluster:
+ spec:
+ vminsert:
+ serviceSpec:
+ spec:
+ clusterIP: None
+ type: ClusterIP
+
# -- set up a vmauth as the global write entrypoint
-vmauthIngestGlobal:
- enabled: true
- name: ""
- spec: {}
+write:
+ global:
+ vmauth:
+ enabled: true
+ name: ""
+ spec: {}
# -- set up a vmauth as the global read entrypoint
-vmauthQueryGlobal:
- enabled: true
- name: ""
- spec: {}
+read:
+ global:
+ vmauth:
+ enabled: true
+ name: ""
+ spec: {}
# -- config per availability zone components, including vmagent, vmcluster, vmauth etc
availabilityZones:
- name: zone-eu-1
- # -- allow data ingestion to this zone
- allowIngest: true
- # -- allow data query from this zone through global query endpoint
- allowQuery: true
- # -- nodeselector to restrict where pods of this zone can be placed.
- # usually provided by cloud providers.
- nodeSelector:
- topology.kubernetes.io/zone: zone-eu-1
- # -- extraAffinity adds user defined custom affinity rules
- extraAffinity: {}
- # preferredDuringSchedulingIgnoredDuringExecution:
- # - weight: 1
- # preference:
- # matchExpressions:
- # - key: topology.kubernetes.io/zone
- # operator: In
- # values:
- # - us-central1-b
- # -- topologySpreadConstraints allows to customize the default topologySpreadConstraints.
- topologySpreadConstraints:
- - maxSkew: 1
- topologyKey: kubernetes.io/hostname
- whenUnsatisfiable: ScheduleAnyway
- vmauthIngest:
- enabled: true
- # -- override the name of the vmauth object
- name: ""
- spec:
- extraArgs:
- # vmauth discovers backend IPs via periodic DNS queries,
- # and performs load balancing between vminsert instances
- # check https://docs.victoriametrics.com/vmauth/#discovering-backend-ips
- discoverBackendIPs: "true"
- vmauthQueryPerZone:
- enabled: true
- name: ""
+ common:
spec:
- extraArgs:
- discoverBackendIPs: "true"
- # -- set up a vmauth with all the zone with `allowQuery: true` as query backends
- vmauthCrossAZQuery:
- enabled: true
- name: ""
- spec: {}
+ # -- nodeselector to restrict where pods of this zone can be placed.
+ # usually provided by cloud providers.
+ nodeSelector:
+ topology.kubernetes.io/zone: zone-eu-1
+ # -- extraAffinity adds user defined custom affinity rules
+ affinity: {}
+ # preferredDuringSchedulingIgnoredDuringExecution:
+ # - weight: 1
+ # preference:
+ # matchExpressions:
+ # - key: topology.kubernetes.io/zone
+ # operator: In
+ # values:
+ # - us-central1-b
+ # -- topologySpreadConstraints allows to customize the default topologySpreadConstraints.
+ topologySpreadConstraints:
+ - maxSkew: 1
+ topologyKey: kubernetes.io/hostname
+ whenUnsatisfiable: ScheduleAnyway
+ write:
+ # -- allow data ingestion to this zone
+ allow: true
+ vmauth:
+ enabled: true
+ # -- override the name of the vmauth object
+ name: ""
+ spec:
+ extraArgs:
+ # vmauth discovers backend IPs via periodic DNS queries,
+ # and performs load balancing between vminsert instances
+ # check https://docs.victoriametrics.com/vmauth/#discovering-backend-ips
+ discoverBackendIPs: "true"
+ read:
+ # -- allow data query from this zone through global query endpoint
+ allow: true
+ perZone:
+ vmauth:
+ enabled: true
+ name: ""
+ spec:
+ extraArgs:
+ discoverBackendIPs: "true"
+ # -- set up a vmauth with all the zone with `allow: true` as query backends
+ crossZone:
+ vmauth:
+ enabled: true
+ name: ""
+ spec: {}
# -- vmagent here only meant to proxy write requests to each az,
# doesn't support customized other remote write address.
vmagent:
@@ -94,48 +119,54 @@ availabilityZones:
{}
- name: zone-us-1
- # -- allow data ingestion to this zone
- allowIngest: true
- # -- allow data query from this zone through global query endpoint
- allowQuery: true
- # -- nodeselector to restrict where pods of this zone can be placed.
- # usually provided by cloud providers.
- nodeSelector:
- topology.kubernetes.io/zone: zone-us-1
- # -- extraAffinity adds user defined custom affinity rules
- extraAffinity: {}
- # preferredDuringSchedulingIgnoredDuringExecution:
- # - weight: 1
- # preference:
- # matchExpressions:
- # - key: topology.kubernetes.io/zone
- # operator: In
- # values:
- # - us-central1-c
- # -- topologySpreadConstraints allows to customize the default topologySpreadConstraints.
- topologySpreadConstraints:
- - maxSkew: 1
- topologyKey: kubernetes.io/hostname
- whenUnsatisfiable: ScheduleAnyway
- vmauthIngest:
- enabled: true
- name: ""
- spec:
- extraArgs:
- # vmauth discovers backend IPs via periodic DNS queries,
- # and performs load balancing between vminsert instances
- # check https://docs.victoriametrics.com/vmauth/#discovering-backend-ips
- discoverBackendIPs: "true"
- vmauthQueryPerZone:
- enabled: true
- name: ""
+ common:
spec:
- extraArgs:
- discoverBackendIPs: "true"
- vmauthCrossAZQuery:
- enabled: true
- name: ""
- spec: {}
+ # -- nodeselector to restrict where pods of this zone can be placed.
+ # usually provided by cloud providers.
+ nodeSelector:
+ topology.kubernetes.io/zone: zone-us-1
+ # -- extraAffinity adds user defined custom affinity rules
+ affinity: {}
+ # preferredDuringSchedulingIgnoredDuringExecution:
+ # - weight: 1
+ # preference:
+ # matchExpressions:
+ # - key: topology.kubernetes.io/zone
+ # operator: In
+ # values:
+ # - us-central1-c
+ # -- topologySpreadConstraints allows to customize the default topologySpreadConstraints.
+ topologySpreadConstraints:
+ - maxSkew: 1
+ topologyKey: kubernetes.io/hostname
+ whenUnsatisfiable: ScheduleAnyway
+ write:
+ # -- allow data ingestion to this zone
+ allow: true
+ vmauth:
+ enabled: true
+ name: ""
+ spec:
+ extraArgs:
+ # vmauth discovers backend IPs via periodic DNS queries,
+ # and performs load balancing between vminsert instances
+ # check https://docs.victoriametrics.com/vmauth/#discovering-backend-ips
+ discoverBackendIPs: "true"
+ read:
+ # -- allow data query from this zone through global query endpoint
+ allow: true
+ perZone:
+ vmauth:
+ enabled: true
+ name: ""
+ spec:
+ extraArgs:
+ discoverBackendIPs: "true"
+ crossZone:
+ vmauth:
+ enabled: true
+ name: ""
+ spec: {}
# -- vmagent only meant to proxy write requests to each az,
# doesn't support customized remote write address
vmagent:
@@ -168,42 +199,46 @@ availabilityZones:
## add more zones if needed
# - name: zone-na-1
- # # -- allow data ingestion to this zone
- # allowIngest: true
- # # -- allow data query from this zone through global query endpoint
- # allowQuery: true
- # # -- nodeselector to restrict where pods of this zone can be placed.
- # # usually provided by cloud providers.
- # nodeSelector:
- # topology.kubernetes.io/zone: zone-na-1
- # # -- extraAffinity adds user defined custom affinity rules
- # extraAffinity: {}
- # # -- topologySpreadConstraints allows to customize the default topologySpreadConstraints.
- # topologySpreadConstraints:
- # - maxSkew: 1
- # topologyKey: kubernetes.io/hostname
- # whenUnsatisfiable: ScheduleAnyway
- # vmauthIngest:
- # enabled: true
- # # -- override the name of the vmauth object
- # name: ""
+ # common:
# spec:
- # extraArgs:
- # vmauth discovers backend IPs via periodic DNS queries,
- # and performs load balancing between vminsert instances
- # check https://docs.victoriametrics.com/vmauth/#discovering-backend-ips
- # discoverBackendIPs: "true"
- # vmauthQueryPerZone:
- # enabled: true
- # name: ""
- # spec:
- # extraArgs:
- # discoverBackendIPs: "true"
- # # -- set up a vmauth with all the zone with `allowQuery: true` as query backends
- # vmauthCrossAZQuery:
- # enabled: true
- # name: ""
- # spec: {}
+ # # -- nodeselector to restrict where pods of this zone can be placed.
+ # # usually provided by cloud providers.
+ # nodeSelector:
+ # topology.kubernetes.io/zone: zone-na-1
+ # # -- extraAffinity adds user defined custom affinity rules
+ # affinity: {}
+ # # -- topologySpreadConstraints allows to customize the default topologySpreadConstraints.
+ # topologySpreadConstraints:
+ # - maxSkew: 1
+ # topologyKey: kubernetes.io/hostname
+ # whenUnsatisfiable: ScheduleAnyway
+ # write:
+ # allow: true
+ # vmauth:
+ # enabled: true
+ # # -- override the name of the vmauth object
+ # name: ""
+ # spec:
+ # extraArgs:
+ # vmauth discovers backend IPs via periodic DNS queries,
+ # and performs load balancing between vminsert instances
+ # check https://docs.victoriametrics.com/vmauth/#discovering-backend-ips
+ # discoverBackendIPs: "true"
+ # read:
+ # allow:
+ # perZone:
+ # vmauth:
+ # enabled: true
+ # name: ""
+ # spec:
+ # extraArgs:
+ # discoverBackendIPs: "true"
+ # # -- set up a vmauth with all the zone with `allow: true` as query backends
+ # crossZone:
+ # vmauth:
+ # enabled: true
+ # name: ""
+ # spec: {}
# # -- vmagent here only meant to proxy write requests to each az,
# # doesn't support customized remote write address
# vmagent: