Documentation
¶
Index ¶
- Constants
- func GetKEDANamespace(cluster *clusterv1.Cluster) string
- type ClusterConfig
- type Config
- type CronitorConfig
- type DatasourcesConfig
- type EnvironmentConfig
- type GatewayConfig
- type GrafanaConfig
- type HTTPConfig
- type LoggingConfig
- type MonitoringConfig
- type OTLPConfig
- type OperatorConfig
- type QueueConfig
- type TracingConfig
Constants ¶
const ( AWSClusterKind = "AWSCluster" AWSClusterKindProvider = "capa" AWSManagedClusterKind = "AWSManagedCluster" AWSManagedClusterKindProvider = "eks" AzureClusterKind = "AzureCluster" AzureClusterKindProvider = "capz" AzureManagedClusterKind = "AzureManagedCluster" AzureManagedClusterKindProvider = "aks" VCDClusterKind = "VCDCluster" VCDClusterKindProvider = "cloud-director" VSphereClusterKind = "VSphereCluster" VSphereClusterKindProvider = "vsphere" GCPClusterKind = "GCPCluster" GCPClusterKindProvider = "gcp" GCPManagedClusterKind = "GCPManagedCluster" GCPManagedClusterKindProvider = "gke" ProxmoxClusterKind = "ProxmoxCluster" ProxmoxClusterKindProvider = "proxmox" )
const KEDAAuthenticationLabel = "observability.giantswarm.io/keda-authentication"
const KEDADefaultNamespace = "keda"
const KEDANamespaceAnnotation = "observability.giantswarm.io/keda-namespace"
const LoggingLabel = "observability.giantswarm.io/logging"
const MonitoringLabel = "observability.giantswarm.io/monitoring"
const NetworkMonitoringLabel = "observability.giantswarm.io/network-monitoring"
const TracingLabel = "observability.giantswarm.io/tracing"
Variables ¶
This section is empty.
Functions ¶
func GetKEDANamespace ¶ added in v0.59.0
GetKEDANamespace returns the KEDA operator namespace configured for a cluster via annotation. Defaults to "keda" if the annotation is not set.
Types ¶
type ClusterConfig ¶ added in v0.43.0
type ClusterConfig struct {
// BaseDomain is the base domain of the management cluster.
BaseDomain string
// Customer is the customer name of the management cluster.
Customer string
// CASecretNamespace is the namespace of the cert-manager CA Secret.
CASecretNamespace string
// CASecretName is the name of the cert-manager CA Secret (key: tls.crt).
// Empty means public CA — Alloy uses the system trust store.
CASecretName string
// Name is the name of the management cluster.
Name string
// Pipeline is the pipeline name of the management cluster.
Pipeline string
// Region is the region of the management cluster.
Region string
}
ClusterConfig represents the configuration for the management cluster.
func (ClusterConfig) GetClusterProvider ¶ added in v0.43.0
func (c ClusterConfig) GetClusterProvider(cluster *clusterv1.Cluster) (string, error)
GetClusterProvider returns the provider for the given cluster.
func (ClusterConfig) GetClusterType ¶ added in v0.43.0
func (c ClusterConfig) GetClusterType(cluster *clusterv1.Cluster) string
GetClusterType returns the type of the cluster (management_cluster or workload_cluster).
func (ClusterConfig) IsWorkloadCluster ¶ added in v0.43.0
func (c ClusterConfig) IsWorkloadCluster(cluster *clusterv1.Cluster) bool
IsWorkloadCluster determines if the given cluster is a workload cluster (not the management cluster).
func (ClusterConfig) Validate ¶ added in v0.43.0
func (c ClusterConfig) Validate() error
Validate validates the cluster configuration.
type Config ¶
type Config struct {
// Operator-level configuration
Operator OperatorConfig
// Subsystem configurations
Logging LoggingConfig
Grafana GrafanaConfig
Monitoring MonitoringConfig
Tracing TracingConfig
// HTTP client timeouts for external API calls
HTTP HTTPConfig
// OTLP batch processor settings written into Alloy agent ConfigMaps
OTLP OTLPConfig
// Management cluster configuration
Cluster ClusterConfig
// Environment and runtime settings (secrets from environment variables)
Environment EnvironmentConfig
// Cronitor heartbeat monitor operational settings
Cronitor CronitorConfig
// DefaultTenant is the tenant ID used when no organisation is specified.
// Defaults to "giantswarm".
DefaultTenant string
}
Config represents the main configuration for the observability operator.
type CronitorConfig ¶ added in v0.67.0
type CronitorConfig struct {
// GraceSeconds is the number of seconds after a missed heartbeat before an alert is triggered.
GraceSeconds int
// Schedule is the expected heartbeat frequency (e.g. "every 30 minutes").
Schedule string
// RealertInterval controls how often Cronitor re-alerts if the issue persists (e.g. "every 24 hours").
RealertInterval string
}
CronitorConfig holds operational settings for the Cronitor heartbeat monitor. The Cronitor API keys are in EnvironmentConfig (sourced from env vars).
type DatasourcesConfig ¶ added in v0.67.0
type DatasourcesConfig struct {
// LokiURL is the URL of the Loki gateway service.
LokiURL string
// MimirURL is the URL of the Mimir query-frontend / gateway (Prometheus-compatible endpoint).
MimirURL string
// MimirAlertmanagerURL is the URL of the Mimir Alertmanager service.
MimirAlertmanagerURL string
// MimirCardinalityURL is the URL of the Mimir cardinality API (used for the JSON datasource).
MimirCardinalityURL string
// TempoURL is the URL of the Tempo query-frontend service.
TempoURL string
}
DatasourcesConfig holds the service URLs for the Grafana datasources provisioned by the operator. These default to the standard in-cluster svc DNS names used by a GiantSwarm stack.
type EnvironmentConfig ¶ added in v0.43.0
type EnvironmentConfig struct {
CronitorHeartbeatManagementKey string `env:"CRONITOR_HEARTBEAT_MANAGEMENT_KEY"`
CronitorHeartbeatPingKey string `env:"CRONITOR_HEARTBEAT_PING_KEY"`
}
EnvironmentConfig represents environment-specific configuration.
type GatewayConfig ¶ added in v0.67.0
type GatewayConfig struct {
// Namespace is the Kubernetes namespace where the gateway secrets reside.
Namespace string
// IngressSecretName is the name of the secret used for Ingress-based auth.
IngressSecretName string
// HTTPRouteSecretName is the name of the secret used for HTTPRoute-based auth.
HTTPRouteSecretName string
}
GatewayConfig holds the namespace and secret names for gateway authentication secrets. These secrets are read by Alloy agents on workload clusters to authenticate with the observability gateways (Mimir, Loki, Tempo).
type GrafanaConfig ¶ added in v0.43.0
type GrafanaConfig struct {
URL *url.URL
Datasources DatasourcesConfig
// ClientRetries is the number of retries for Grafana HTTP API calls.
ClientRetries int
// AdminSecretNamespace is the Kubernetes namespace of the Grafana admin credentials secret.
AdminSecretNamespace string
// AdminSecretName is the name of the Kubernetes secret holding Grafana admin credentials.
AdminSecretName string
// GatewayTLSSecretNamespace is the namespace of the gateway TLS secret used for Grafana client mTLS.
GatewayTLSSecretNamespace string
// GatewayTLSSecretName is the name of the gateway TLS secret used for Grafana client mTLS.
GatewayTLSSecretName string
}
GrafanaConfig represents the Grafana-specific configuration.
func (GrafanaConfig) Validate ¶ added in v0.43.0
func (c GrafanaConfig) Validate() error
Validate validates the Grafana configuration
type HTTPConfig ¶ added in v0.67.0
type HTTPConfig struct {
// RulerTimeout is the HTTP client timeout for Mimir/Loki ruler API calls.
RulerTimeout time.Duration
// AlertmanagerTimeout is the HTTP client timeout for the Mimir Alertmanager API.
AlertmanagerTimeout time.Duration
// MimirQueryTimeout is the timeout applied to Mimir instant-query requests.
MimirQueryTimeout time.Duration
}
HTTPConfig holds HTTP client timeout settings for outbound API calls.
type LoggingConfig ¶ added in v0.43.0
type LoggingConfig struct {
// Enabled controls logging at the installation level
Enabled bool
// EnableNodeFiltering enables node filtering in Alloy logging configuration
EnableNodeFiltering bool
// DefaultNamespaces is the list of namespaces to collect logs from by default
DefaultNamespaces []string
// IncludeEventsNamespaces is the list of namespaces to collect events from
// If empty, collect from all namespaces
IncludeEventsNamespaces []string
// ExcludeEventsNamespaces is the list of namespaces to exclude events from
ExcludeEventsNamespaces []string
// RulerURL is the URL to the Loki ruler API used to clean up rules on cluster deletion.
// Leave empty to disable Loki ruler cleanup.
RulerURL string
// Gateway holds the namespace and secret names for the Loki gateway authentication secrets.
Gateway GatewayConfig
// LokiMaxBackoffPeriod is the maximum backoff period for Loki remote write retries in Alloy
// agent ConfigMaps (e.g. "10m").
LokiMaxBackoffPeriod string
// LokiRemoteTimeout is the timeout for Loki remote write operations in Alloy agent ConfigMaps
// (e.g. "60s").
LokiRemoteTimeout string
}
LoggingConfig represents the configuration used by the logging package.
func (LoggingConfig) IsLoggingEnabled ¶ added in v0.52.0
func (l LoggingConfig) IsLoggingEnabled(cluster *clusterv1.Cluster) bool
IsLoggingEnabled checks if logging is enabled for a specific cluster. Logging is enabled when all conditions are met:
- logging is enabled at the installation level (global flag)
- cluster is not being deleted
- cluster-specific logging label is set to true (or missing/invalid, defaulting to true)
func (LoggingConfig) Validate ¶ added in v0.43.0
func (l LoggingConfig) Validate() error
Validate validates the logging configuration
type MonitoringConfig ¶ added in v0.43.0
type MonitoringConfig struct {
// Enabled controls monitoring at the installation level
Enabled bool
// NetworkEnabled controls network monitoring at the installation level
NetworkEnabled bool
AlertmanagerSecretName string
AlertmanagerURL string
AlertmanagerEnabled bool
DefaultShardingStrategy sharding.Strategy
// WALTruncateFrequency is the frequency at which the WAL segments should be truncated.
WALTruncateFrequency time.Duration
MetricsQueryURL string
// RulerURL is the URL to the Mimir ruler API used to clean up rules on cluster deletion.
// Leave empty to disable ruler cleanup.
RulerURL string
QueueConfig QueueConfig
// ExemplarsEnabled controls whether exemplars are forwarded in the remote write pipeline.
// Uses opt-out model: enabled by default.
ExemplarsEnabled bool
// Gateway holds the namespace and secret names for the Mimir gateway authentication secrets.
Gateway GatewayConfig
// MimirRemoteWriteTimeout is the remote_timeout for the Mimir remote write endpoint in Alloy
// agent ConfigMaps (e.g. "60s").
MimirRemoteWriteTimeout string
}
MonitoringConfig represents the configuration used by the monitoring package.
func (MonitoringConfig) IsKEDAAuthenticationEnabled ¶ added in v0.59.0
func (c MonitoringConfig) IsKEDAAuthenticationEnabled(cluster *clusterv1.Cluster) bool
IsKEDAAuthenticationEnabled checks if KEDA authentication is enabled for a cluster. Uses opt-in model: disabled by default, must be explicitly enabled. When enabled, creates a ClusterTriggerAuthentication resource for KEDA ScaledObjects to authenticate with Mimir for querying metrics.
func (MonitoringConfig) IsMonitoringEnabled ¶ added in v0.53.0
func (c MonitoringConfig) IsMonitoringEnabled(cluster *clusterv1.Cluster) bool
IsMonitoringEnabled checks if monitoring is enabled for a cluster. Uses opt-out model: enabled by default unless explicitly disabled.
func (MonitoringConfig) IsNetworkMonitoringEnabled ¶ added in v0.56.0
func (c MonitoringConfig) IsNetworkMonitoringEnabled(cluster *clusterv1.Cluster) bool
IsNetworkMonitoringEnabled checks if network monitoring is enabled for a cluster. Uses opt-in model: disabled by default, must be explicitly enabled. TODO revisit this logic in the future when network monitoring is more widely adopted.
func (MonitoringConfig) Validate ¶ added in v0.43.0
func (c MonitoringConfig) Validate() error
Validate validates the monitoring configuration
type OTLPConfig ¶ added in v0.67.0
type OTLPConfig struct {
// BatchSendBatchSize is the number of items to accumulate before flushing
// (must be ≤ BatchMaxSize).
BatchSendBatchSize int
// BatchMaxSize is the hard cap on batch size.
BatchMaxSize int
// BatchTimeout is the maximum wait before flushing an incomplete batch (e.g. "500ms").
BatchTimeout string
}
OTLPConfig holds batch-processor settings written into Alloy agent ConfigMaps. These control how OTLP signals are batched before export to Mimir, Loki, and Tempo.
type OperatorConfig ¶ added in v0.43.0
type OperatorConfig struct {
MetricsAddr string
EnableLeaderElection bool
ProbeAddr string
SecureMetrics bool
EnableHTTP2 bool
WebhookCertPath string
MetricsCertPath string
OperatorNamespace string
}
OperatorConfig represents the operator-level configuration.
func (OperatorConfig) Validate ¶ added in v0.43.0
func (c OperatorConfig) Validate() error
Validate validates the operator configuration
type QueueConfig ¶ added in v0.43.0
type QueueConfig struct {
BatchSendDeadline *string
Capacity *int
MaxBackoff *string
MaxSamplesPerSend *int
MaxShards *int
MinBackoff *string
MinShards *int
RetryOnHttp429 *bool
SampleAgeLimit *string
}
QueueConfig represents the configuration for the remote write queue.
type TracingConfig ¶ added in v0.43.0
type TracingConfig struct {
// Enabled controls tracing at the installation level
Enabled bool
// Gateway holds the namespace and secret names for the Tempo gateway authentication secrets.
Gateway GatewayConfig
}
TracingConfig represents the configuration for tracing support in Grafana.
func (TracingConfig) IsTracingEnabled ¶ added in v0.52.0
func (c TracingConfig) IsTracingEnabled(cluster *clusterv1.Cluster) bool
IsTracingEnabled checks if tracing is enabled for a specific cluster. Tracing is enabled when all conditions are met:
- tracing is enabled at the installation level (global flag)
- cluster is not being deleted
- cluster-specific tracing label is set to true (or missing/invalid, defaulting to true)
func (TracingConfig) Validate ¶ added in v0.43.0
func (c TracingConfig) Validate() error
Validate validates the tracing configuration
Source Files