added Multclister Observability

clusters/management-cluster/setup-multicluster-observability/Chart.yaml

@@ -0,0 +1,9 @@
+apiVersion: v2
+name: setup-multicluster-observability
+description: Enabled MutliClusterObservability once ACM has been installed
+version: 1.0.0
+dependencies:
+  - name: helper-objectstore
+    version: ~1.0.0
+    repository: https://charts.stderr.at/
+    condition: helper-objectstore.enabled

clusters/management-cluster/setup-multicluster-observability/templates/MultiClusterObservability.yaml

@@ -0,0 +1,29 @@
+{{ if eq (.Values.multicluster_observability.enabled | toString) "true" }}
+{{- with .Values.multicluster_observability }}
+---
+apiVersion: observability.open-cluster-management.io/v1beta2
+kind: MultiClusterObservability
+metadata:
+ name: observability
+spec:
+  enableDownsampling: {{ .config.enableDownsampling | default "true" }}
+  imagePullPolicy: {{ .imagePullPolicy | default "Always" }}
+  observabilityAddonSpec:
+    enableMetrics: {{ .config.addonSpec.enableMetrics | default "true" }}
+    interval: {{ .config.addonSpec.interval | default "60" }}
+  storageConfig:
+    metricObjectStorage:
+      name: {{ .s3_secretname }}
+      key: thanos.yaml
+    storeStorageSize: {{ .config.storage.storeStorageSize | default "10Gi" }}
+    storageClass: {{ .config.storage.storageClass | default "gp2" }}
+  advanced:
+    retentionConfig:
+      blockDuration: {{ .config.advanced.retentionConfig.blockDuration | default "2h" }}
+      deleteDelay: {{ .config.advanced.retentionConfig.deleteDelay | default "48h" }}
+      retentionInLocal: {{ .config.advanced.retentionConfig.retentionInLocal | default "24h" }}
+      retentionResolutionRaw: {{ .config.advanced.retentionConfig.retentionResolutionRaw | default "30d" }}
+      retentionResolution5m: {{ .config.advanced.retentionConfig.retentionResolution5m | default "180d" }}
+      retentionResolution1h: {{ .config.advanced.retentionConfig.retentionResolution1h | default "0d" }}
+{{- end }}
+{{- end }}

clusters/management-cluster/setup-multicluster-observability/templates/_helpers.tpl

@@ -0,0 +1,73 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "common.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "common.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "common.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "common.labels" -}}
+helm.sh/chart: {{ include "common.chart" . }}
+{{ include "common.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "common.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "common.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "helper.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "common.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create the name of the role and rolebinding for the serviceaccount
+*/}}
+{{- define "helper.rolename" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "common.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}

clusters/management-cluster/setup-multicluster-observability/templates/jobs/create-bucket-secret-crb.yaml

@@ -0,0 +1,23 @@
+{{- if eq ( .Values.multicluster_observability.enabled | toString) "true" }}
+{{- with .Values.multicluster_observability }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: create-s3-secret-crb-{{ .namespace }}
+  annotations:
+    argocd.argoproj.io/hook: Sync
+    argocd.argoproj.io/hook-delete-policy: HookSucceeded
+    argocd.argoproj.io/sync-wave: {{ .syncwave | default 3 | quote }}
+  labels:
+    {{- include "common.labels" $ | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: admin
+subjects:
+  - kind: ServiceAccount
+    name: create-s3-secret-sa
+    namespace: {{ .namespace }}
+{{- end }}
+{{- end }}

clusters/management-cluster/setup-multicluster-observability/templates/jobs/create-bucket-secret-sa.yaml

@@ -0,0 +1,16 @@
+{{- if eq ( .Values.multicluster_observability.enabled | toString) "true" }}
+{{- with .Values.multicluster_observability }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: create-s3-secret-sa
+  namespace: {{ .namespace }}
+  annotations:
+    argocd.argoproj.io/hook: Sync
+    argocd.argoproj.io/hook-delete-policy: HookSucceeded
+    argocd.argoproj.io/sync-wave: {{ .syncwave | default 3 | quote }}
+  labels:
+    {{- include "common.labels" $ | nindent 4 }}
+{{- end }}
+{{- end }}

clusters/management-cluster/setup-multicluster-observability/templates/jobs/create-bucket-secret.yaml

@@ -0,0 +1,77 @@
+{{- if eq ( .Values.multicluster_observability.enabled | toString) "true" }}
+{{- with .Values.multicluster_observability }}
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: create-s3-bucket-secret
+  namespace:  {{ .namespace }}
+  annotations:
+    argocd.argoproj.io/hook: Sync
+    argocd.argoproj.io/hook-delete-policy: HookSucceeded
+    argocd.argoproj.io/sync-wave: {{ .syncwave | default "10" | quote }}
+  labels:
+    {{- include "common.labels" $ | nindent 4 }}
+spec:
+  template:
+    metadata:
+      name: create-s3-secret
+    spec:
+      containers:
+        - name: create-s3-secret
+          image: registry.redhat.io/openshift4/ose-cli:latest
+          command:
+            - /bin/bash
+            - -c
+            - |
+              #!/usr/bin/env bash
+
+              # Sleeping before starting with the work, to be sure the bucket has been created.
+              SLEEPER_TMP=0
+
+              printf "Waiting 20 seconds before I start with the generation of the configuration\n"
+             
+              while [[ $SLEEPER_TMP -le "20" ]]; do
+                echo -n "."
+                sleep 1
+                SLEEPER_TMP=$(($SLEEPER_TMP+1))
+              done
+
+              printf "\nTrying to create the required ACM secret file\n"
+
+              bucket_user=`cat /tmp/bucket-secret/AWS_ACCESS_KEY_ID`
+
+              bucket_secret=`cat /tmp/bucket-secret/AWS_SECRET_ACCESS_KEY`
+
+              bucket_name=`cat /tmp/s3-bucket/BUCKET_NAME`
+
+              bucket_host=`cat /tmp/s3-bucket/BUCKET_HOST`
+
+              bucket_region=`cat /tmp/s3-bucket/BUCKET_REGION`
+
+              oc create secret generic {{ .s3_secretname }} --from-literal thanos.yaml="type: s3
+              config:
+                bucket: ${bucket_name}
+                endpoint: ${bucket_host}
+                insecure: true
+                access_key: ${bucket_user}
+                secret_key: ${bucket_secret}" --type=Opaque
+
+              printf "\nSecret {{ .s3_secretname }} has been created\n"
+          volumeMounts:
+            - name: bucket-secret
+              mountPath: "/tmp/bucket-secret"
+              readOnly: true
+            - name: s3-bucket
+              mountPath: /tmp/s3-bucket
+      volumes:
+        - name: bucket-secret
+          secret:
+            secretName: {{ .bucket.name }}
+        - name: s3-bucket
+          configMap:
+            name: {{ .bucket.name }}
+      restartPolicy: Never
+      serviceAccountName: create-s3-secret-sa
+{{- end }}
+{{- end }}

clusters/management-cluster/setup-multicluster-observability/templates/namespace.yaml

@@ -0,0 +1,10 @@
+{{ if eq (.Values.multicluster_observability.enabled | toString) "true" }}
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: open-cluster-management-observability
+  labels:
+    openshift.io/cluster-monitoring: "true"
+    {{- include "common.labels" $ | nindent 4 }}
+{{- end }}

clusters/management-cluster/setup-multicluster-observability/values.yaml

@@ -0,0 +1,104 @@
+---
+storageclassname: &storageclassname observability-bucket-storage-class
+bucketname: &bucketname multicluster-observability-bucket
+
+multicluster_observability:
+  enabled: true
+  namespace: open-cluster-management-observability
+  s3_secretname: thanos-object-store
+  bucket:
+    name: *bucketname
+
+  config:
+    addonSpec:
+      enableMetrics: true
+      # interval: 60
+
+    # Enable or disable the downsampling.
+    # The default is true.
+    #
+    # Note: Disabling downsampling is not recommended as querying long time ranges without non-downsampled data is not efficient and useful.
+    # enableDownSampling: true
+
+    storage:
+      # The amount of storage applied to the Observability stateful sets, i.e. Thanos store, Rule, compact and receiver.
+      # Default: 10Gi
+      # storeStorageSize: 10Gi
+
+      # Specify the storageClass Stateful Sets. This storage class will also be used for Object Storage if 
+      # MetricObjectStorage was configured for the system to create the storage."
+      # Default: gp2
+      storageClass: gp3-csi
+
+    # Advanced configurations for observability
+    advanced:
+      # Specifies the data retention configurations to be used by Observability
+      retentionConfig:
+        # configure --tsdb.block-duration in rule (Block duration for TSDB block)
+        # Default is 2h
+        # blockDuration: 2h
+
+        # configure --delete-delay in compact Time before a block marked for deletion is deleted from bucket.
+        # Default is 48h
+        # deleteDelay: 48h
+
+        # How long to retain raw samples in a local disk. It applies to rule/receive: --tsdb.retention in receive --tsdb.retention in rule.
+        # Default is 24h.
+        # retentionInLocal: 24h
+
+        # How long to retain raw samples in a bucket.
+        # Default is 30d.
+        retentionResolutionRaw: 10d
+
+        # How long to retain samples of resolution 1 (5 minutes) in a bucket.
+        # Default is 180d
+        retentionResolution5m: 90d
+
+        # How long to retain samples of resolution 2 (1 hour) in a bucket.
+        # Default is 0d.
+        retentionResolution1h: 10d
+
+# A helper chart that simply creates another backingstore for quay.
+# This is a chart in a very early state, and not everything can be customized for now.
+# It will create the objects:
+#  - BackingStore
+#  - BackingClass
+#  - StorageClass
+
+# NOTE: Currently only PV type is supported
+helper-objectstore:
+  enabled: true
+  # syncwave: 1
+
+  # Name of the BackingStore
+  backingstore_name: observability-backingstore
+  # Size of the BackingStore
+  backingstore_size: 200Gi
+  limits_cpu: 500m
+  limits_memory: 2Gi
+  # numOfVolumes: 1
+  # type: pv-pool
+
+  # The StorageClass the BackingStore is based on
+  baseStorageClass: gp3-csi
+
+  # Name of the StorageClass that shall be enabled.
+  storageclass_name: *storageclassname
+
+  # Bucket that shall be created
+  bucket:
+    enabled: true
+    name: *bucketname
+    namespace: open-cluster-management-observability
+
+    # is_secure: true
+    # port: 443
+
+    # Name of the storageclass
+    # Default: openshift-storage.noobaa.io
+    # a separate StorageClass with BackingStore and BackingClass can be created.
+    storageclass: *storageclassname
+
+    # Syncwave for bucketclaim creation. This should be done very early, but it depends on ODF.
+    # Default: 2
+    syncwave: 2

clusters/management-cluster/setup-openshift-logging/values.yaml

@@ -20,8 +20,10 @@ helper-objectstore:
   backingstore_name: logging-backingstore
   # Size of the BackingStore
   backingstore_size: 700Gi
+  limits_cpu: 500m
+  limits_memory: 2Gi
   # numOfVolumes: 1
-  # type: py-pool
+  # type: pv-pool
 
   # The StorageClass the BackingStore is based on
   baseStorageClass: thin-csi