Mayne0213
6b576d6a16
- Add Thanos Query, Store Gateway, Compactor - Enable Prometheus Sidecar with S3 (MinIO) storage - Configure Prometheus replicas: 2 with pod anti-affinity - Add ExternalSecrets for MinIO credentials - Retention: raw 7d, 5m downsampled 30d, 1h downsampled 90d
33 lines
775 B
YAML
33 lines
775 B
YAML
apiVersion: external-secrets.io/v1
|
|
kind: ExternalSecret
|
|
metadata:
|
|
name: thanos-objstore-secret
|
|
namespace: thanos
|
|
spec:
|
|
refreshInterval: 1h
|
|
secretStoreRef:
|
|
name: vault-backend
|
|
kind: ClusterSecretStore
|
|
target:
|
|
name: thanos-objstore-secret
|
|
template:
|
|
engineVersion: v2
|
|
data:
|
|
objstore.yml: |
|
|
type: S3
|
|
config:
|
|
bucket: thanos
|
|
endpoint: minio.minio.svc.cluster.local:9000
|
|
access_key: {{ .access_key }}
|
|
secret_key: {{ .secret_key }}
|
|
insecure: true
|
|
data:
|
|
- secretKey: access_key
|
|
remoteRef:
|
|
key: secret/minio
|
|
property: root-user
|
|
- secretKey: secret_key
|
|
remoteRef:
|
|
key: secret/minio
|
|
property: root-password
|