diff --git a/magefiles/cr.go b/magefiles/cr.go
index 2ee4e31cb4..3593991d48 100644
--- a/magefiles/cr.go
+++ b/magefiles/cr.go
@@ -27,8 +27,8 @@ func (s Stage) OperatorCR() {
objs = append(objs, receiveCR(s.namespace(), StageMaps))
objs = append(objs, queryCR(s.namespace(), StageMaps, true))
- objs = append(objs, rulerCR(s.namespace(), StageMaps))
- // TODO: Add compact CRs for stage once we shut down previous
+ // TODO: Add compact and ruler CRs for stage once we shut down previous
+ // objs = append(objs, rulerCR(s.namespace(), StageMaps))
// objs = append(objs, compactCR(s.namespace(), StageMaps, true)...)
objs = append(objs, storeCR(s.namespace(), StageMaps)...)
@@ -560,6 +560,9 @@ func queryCR(namespace string, m TemplateMaps, oauth bool) runtime.Object {
ObjectMeta: metav1.ObjectMeta{
Name: "rhobs",
Namespace: namespace,
+ Annotations: map[string]string{
+ "service.alpha.openshift.io/serving-cert-secret-name": "query-tls",
+ },
},
Spec: v1alpha1.ThanosQuerySpec{
CommonFields: v1alpha1.CommonFields{
@@ -732,6 +735,9 @@ func compactCR(namespace string, m TemplateMaps, oauth bool) []runtime.Object {
ObjectMeta: metav1.ObjectMeta{
Name: "rhobs",
Namespace: namespace,
+ Annotations: map[string]string{
+ "service.alpha.openshift.io/serving-cert-secret-name": "compact-tls",
+ },
},
Spec: v1alpha1.ThanosCompactSpec{
CommonFields: v1alpha1.CommonFields{
@@ -794,6 +800,9 @@ func compactCR(namespace string, m TemplateMaps, oauth bool) []runtime.Object {
ObjectMeta: metav1.ObjectMeta{
Name: "telemeter",
Namespace: namespace,
+ Annotations: map[string]string{
+ "service.alpha.openshift.io/serving-cert-secret-name": "compact-telemeter-tls",
+ },
},
Spec: v1alpha1.ThanosCompactSpec{
CommonFields: v1alpha1.CommonFields{
@@ -844,8 +853,8 @@ func compactCR(namespace string, m TemplateMaps, oauth bool) []runtime.Object {
}
if oauth {
- telemeterCompact.Spec.Additional.Containers = append(telemeterCompact.Spec.Additional.Containers, makeOauthProxy(10902, namespace, "thanos-compact-telemeter", "compact-tls").GetContainer())
- telemeterCompact.Spec.Additional.Volumes = append(telemeterCompact.Spec.Additional.Volumes, kghelpers.NewPodVolumeFromSecret("tls", "compact-tls"))
+ telemeterCompact.Spec.Additional.Containers = append(telemeterCompact.Spec.Additional.Containers, makeOauthProxy(10902, namespace, "thanos-compact-telemeter", "compact-telemeter-tls").GetContainer())
+ telemeterCompact.Spec.Additional.Volumes = append(telemeterCompact.Spec.Additional.Volumes, kghelpers.NewPodVolumeFromSecret("tls", "compact-telemeter-tls"))
}
return []runtime.Object{defaultCompact, telemeterCompact}
diff --git a/resources/services/rhobs-thanos-operator/local/rhobs.yaml b/resources/services/rhobs-thanos-operator/local/rhobs.yaml
index fd356c68aa..f0aa419b05 100755
--- a/resources/services/rhobs-thanos-operator/local/rhobs.yaml
+++ b/resources/services/rhobs-thanos-operator/local/rhobs.yaml
@@ -1,6 +1,8 @@
apiVersion: monitoring.thanos.io/v1alpha1
kind: ThanosCompact
metadata:
+ annotations:
+ service.alpha.openshift.io/serving-cert-secret-name: compact-tls
creationTimestamp: null
name: rhobs
namespace: rhobs-local
@@ -94,6 +96,8 @@ status: {}
apiVersion: monitoring.thanos.io/v1alpha1
kind: ThanosCompact
metadata:
+ annotations:
+ service.alpha.openshift.io/serving-cert-secret-name: compact-telemeter-tls
creationTimestamp: null
name: telemeter
namespace: rhobs-local
@@ -187,6 +191,8 @@ status: {}
apiVersion: monitoring.thanos.io/v1alpha1
kind: ThanosQuery
metadata:
+ annotations:
+ service.alpha.openshift.io/serving-cert-secret-name: query-tls
creationTimestamp: null
name: rhobs
namespace: rhobs-local
diff --git a/resources/services/rhobs-thanos-operator/staging/rhobs.yaml b/resources/services/rhobs-thanos-operator/staging/rhobs.yaml
index 586a0fcd91..2a48e57163 100755
--- a/resources/services/rhobs-thanos-operator/staging/rhobs.yaml
+++ b/resources/services/rhobs-thanos-operator/staging/rhobs.yaml
@@ -101,6 +101,8 @@ objects:
- apiVersion: monitoring.thanos.io/v1alpha1
kind: ThanosQuery
metadata:
+ annotations:
+ service.alpha.openshift.io/serving-cert-secret-name: query-tls
creationTimestamp: null
name: rhobs
namespace: rhobs-stage
@@ -542,104 +544,6 @@ objects:
memory: 2Gi
version: c7c3ef94c51d518bb6056d3ad416d7b4f39559f3
status: {}
-- apiVersion: monitoring.thanos.io/v1alpha1
- kind: ThanosRuler
- metadata:
- creationTimestamp: null
- name: rhobs
- namespace: rhobs-stage
- spec:
- additionalArgs:
- - |-
- --tracing.config="config":
- "sampler_param": 2
- "sampler_type": "ratelimiting"
- "service_name": "thanos-ruler"
- "type": "JAEGER"
- additionalContainers:
- - args:
- - --reporter.grpc.host-port=dns:///otel-trace-writer-collector-headless.observatorium-tools.svc:14250
- - --reporter.type=grpc
- - --agent.tags=pod.namespace=$(NAMESPACE),pod.name=$(POD)
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- - name: POD
- valueFrom:
- fieldRef:
- fieldPath: metadata.name
- image: registry.redhat.io/rhosdt/jaeger-agent-rhel8:1.57.0-10
- imagePullPolicy: IfNotPresent
- livenessProbe:
- failureThreshold: 5
- httpGet:
- path: /
- port: 14271
- scheme: HTTP
- initialDelaySeconds: 1
- name: jaeger-agent
- ports:
- - containerPort: 5778
- name: configs
- - containerPort: 6831
- name: jaeger-thrift
- - containerPort: 14271
- name: metrics
- readinessProbe:
- httpGet:
- path: /
- port: 14271
- scheme: HTTP
- initialDelaySeconds: 1
- resources:
- limits:
- cpu: 128m
- memory: 128Mi
- requests:
- cpu: 32m
- memory: 64Mi
- alertLabelDrop:
- - rule_replica
- alertmanagerURL: dnssrv+http://alertmanager-cluster.rhobs-stage.svc.cluster.local:9093
- baseImage: quay.io/redhat-user-workloads/rhobs-mco-tenant/rhobs-thanos
- defaultObjectStorageConfig:
- key: thanos.yaml
- name: observatorium-mst-thanos-objectstorage
- optional: false
- evaluationInterval: 1m
- externalLabels:
- rule_replica: $(NAME)
- featureGates:
- serviceMonitor:
- enable: false
- imagePullPolicy: IfNotPresent
- logFormat: logfmt
- logLevel: info
- paused: true
- prometheusRuleSelector:
- matchLabels:
- operator.thanos.io/prometheus-rule: "true"
- queryLabelSelector:
- matchLabels:
- app.kubernetes.io/part-of: thanos
- operator.thanos.io/query-api: "true"
- replicas: 2
- resourceRequirements:
- limits:
- cpu: "2"
- memory: 3Gi
- requests:
- cpu: 700m
- memory: 1Gi
- retention: 48h
- ruleConfigSelector:
- matchLabels:
- operator.thanos.io/rule-file: "true"
- storageSize: 512Mi
- version: c7c3ef94c51d518bb6056d3ad416d7b4f39559f3
- status: {}
- apiVersion: monitoring.thanos.io/v1alpha1
kind: ThanosStore
metadata: