Go to file

Dustin C. Hatch 8ecee4133f v-m/alerts: Rework free disk space alert

Fedora CoreOS fills `/boot` beyond the 75% alert threshold under normal
circumstances on aarch64 machines.  This is not a problem, because it
cleans up old files on its own, so we do not need to alert on it.
Unfortunately, the _DiskUsage_ alert is already quite complex, and
adding in exclusions for these devices would make it even worse.

To simplify the logic, we can use a recording rule to precomupte the
used/free space ratio.  By using `sum(...) without (type)` instead of
`sum(...) on (df, instance)`, we keep the other labels, which we can
then use to identify the metrics coming from machines we don't care to
monitor.

Instead of having different thresholds for different volumes
encoded in the same expression, we can use multiple alerts to alert on
"low" vs "very low" thresholds.  Since this will of course cause
duplicate alerts for most volumes, we can use AlertManager inhibition
rules to disable the "low" alert once the metric crosses the "very low"
threshold.

2024-11-02 09:38:02 -05:00

argocd

argocd: apps/authelia: Enable auto-sync

2024-09-24 07:16:45 -05:00

authelia

authelia: Update to 4.38.16

2024-10-12 11:33:03 +00:00

autoscaler

autoscaler: Add SealedSecret for AWS key

2024-02-22 09:59:16 -06:00

cert-manager

websites: Manage dcow cert via Ingress annotation

2024-08-24 11:30:56 -05:00

collectd

collectd: Add DaemonSet for collectd

2024-06-26 18:29:49 -05:00

dch-root-ca

step-ca: Re-deploy (again) with DCH CA R2

2024-04-05 13:03:34 -05:00

dch-webhooks

dch-webhooks: Disable HTTPS redirect

2024-01-22 16:55:03 -06:00

device-plugins

device-plugins: Allow FUSE plugin on Jenkins nodes

2024-02-13 07:56:35 -06:00

docker-distribution

docker-distribution: Deploy OCI image registry

2022-07-31 01:15:01 -05:00

dynk8s-provisioner

dynk8s-provisioner: Set instance label for Argo CD

2023-10-14 07:43:37 -05:00

firefly-iii

firefly-iii: Update to 6.1.21

2024-10-02 09:08:58 -05:00

fleetlock

fleetlock: Deploy Zincati fleet lock manager

2024-05-31 15:18:01 -05:00

grafana

grafana: Trust dch-root-ca for LDAP connections

2024-06-26 18:29:49 -05:00

home-assistant

mosquitto: Update to 2.0.20

2024-10-19 11:32:16 +00:00

hudctrl

hudctrl: Update for v0.2.0

2022-12-18 16:26:07 -06:00

ingress

ingress: Proxy AMQP

2024-07-26 20:59:00 -05:00

invoice-ninja

invoice-ninja: Move under pyrocufflink.net

2024-09-22 11:55:10 -05:00

jenkins

jenkins: Remove Argo CD sync hook

2024-07-04 06:53:58 -05:00

keyserv

keyserv: Add age keys for unifi2

2024-05-26 11:48:12 -05:00

kitchen

kitchen: Run as non-root user

2024-06-06 11:03:42 -05:00

loki-ca

loki-ca: Add cert-manager issuer for Loki CA

2024-02-22 07:10:01 -06:00

metrics

metrics: Add role to allow anon access to metrics

2022-11-05 16:23:02 -05:00

ntfy

ntfy: Migrate to Kustomize

2024-09-22 12:00:28 -05:00

paperless-ngx

paperless-ngx/gotenberg: Run as correct user

2024-10-19 09:46:15 -05:00

photoframesvc

photoframesvc: Initial commit

2023-10-14 11:25:50 -05:00

phpipam

phpipam: Migrate to Sealed Secrets

2023-10-14 10:56:20 -05:00

postgresql

postgresql: Fix pod secrets

2023-10-19 07:12:16 -05:00

prometheus_speedtest

prom_speedtest: Add application manifest

2022-08-06 22:21:06 -05:00

promtail

promtail: Deploy as DaemonSet

2024-02-22 07:10:01 -06:00

rabbitmq

rabbitmq: Deploy RabbitMQ Server

2024-07-26 20:59:00 -05:00

rent-reminder

rent-reminder: Add CronJob to send reminders

2024-01-04 08:54:54 -06:00

restic-exporter

restic-exporter: Point at chromie.p.b

2024-09-08 20:24:43 -05:00

scanservjs

scanservjs: Update to v2.27.0

2023-07-08 07:06:10 -05:00

sealed-secrets

sealed-secrets: Deploy Bitnami Sealed Secrets

2023-10-13 18:34:01 -05:00

setup

setup: ks: Generate iSCSI initiator name

2022-08-23 21:22:01 -05:00

sshca

sshca: Add machine IDs for VM hosts

2024-08-31 17:49:36 -05:00

step-ca

Merge remote-tracking branch 'refs/remotes/origin/master'

2024-08-06 08:03:42 -05:00

storage

storage: Add Longhorn backup target secret

2024-10-13 14:03:49 -05:00

updatebot

updatebot: Manage Authelia

2024-09-24 07:15:41 -05:00

victoria-metrics

v-m/alerts: Rework free disk space alert

2024-11-02 09:38:02 -05:00

websites

websites: Manage dcow cert via Ingress annotation

2024-08-24 11:30:56 -05:00

xactfetch

xactfetch: Configure secretsocket

2024-07-11 22:49:07 -05:00

xactmon

xactmon: Deploy Invoice Ninja importer for HLC

2024-08-03 13:39:17 -05:00

README.md

README: Add storage section

2022-07-31 01:38:46 -05:00

README.md

Dustin's Kubernetes Cluster

This repository contains resources for deploying and managing my on-premises Kubernetes cluster

Cluster Setup

The cluster primarily consists of libvirt/QEMU+KVM virtual machines. The Control Plane nodes are VMs, as are the x86_64 worker nodes. Eventually, I would like to add Raspberry Pi or Pine64 machines as aarch64 nodes.

All machines run Fedora, using only Fedora builds of the Kubernetes components (kubeadm, kubectl, and kubeadm).

See Cluster Setup for details.

Jenkins Agents

One of the main use cases for the Kubernetes cluster is to provide dynamic agents for Jenkins. Using the Kubernetes Plugin, Jenkins will automatically launch worker nodes as Kubernetes pods.

See Jenkins Kubernetes Integration for details.

Persistent Storage

Persistent storage for pods is provided by Longhorn. Longhorn runs within the cluster and provisions storage on worker nodes to make available to pods over iSCSI.

See Persistent Storage Using Longorn for details.