K3S-HOME/platform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
00cdc2efb19f1061dee1cac2e807c47853654ac2
platform/argocd/helm-values.yaml
Mayne0213 03ca19b771 feat(argocd): enable ServiceMonitor for metrics collection 
- Add serviceMonitor.enabled: true to controller, server, repoServer
- Allows Prometheus to scrape ArgoCD metrics

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-10 03:36:29 +09:00

165 lines
4.5 KiB
YAML
Raw Blame History

# ArgoCD Helm Chart Values
# Chart: https://argoproj.github.io/argo-helm (argo-cd)
# All custom settings from current cluster deployment
# =============================================================================
# GLOBAL SETTINGS
# =============================================================================
global:
# Deploy to control-plane node
nodeSelector:
node-role.kubernetes.io/control-plane: "true"
# Tolerate control-plane taint
tolerations:
- key: node-role.kubernetes.io/control-plane
operator: Exists
effect: NoSchedule
# =============================================================================
# CONFIGS (ConfigMaps)
# =============================================================================
configs:
# argocd-cm
cm:
# Authelia handles authentication, so allow anonymous access
users.anonymous.enabled: "true"
# Disable polling - webhook only
timeout.reconciliation: "0"
# Ignore resource status field differences
resource.compareoptions: |
ignoreResourceStatusField: all
# argocd-cmd-params-cm
params:
# Ingress handles TLS, so run in insecure mode
server.insecure: "true"
# Disable periodic app resync (webhook + self-heal only)
controller.self.heal.timeout.seconds: "5"
# argocd-rbac-cm
rbac:
# Anonymous users get admin role (Authelia handles authentication)
policy.csv: |
g, , role:admin
policy.default: role:admin
# =============================================================================
# APPLICATION CONTROLLER (StatefulSet)
# =============================================================================
controller:
# Metrics for Prometheus
metrics:
enabled: true
service:
enabled: true
servicePort: 8082
serviceMonitor:
enabled: true
# Memory optimization environment variables
env:
- name: GOMEMLIMIT
value: "400MiB"
- name: GOGC
value: "50"
# Disable periodic app resync
args:
appResyncPeriod: "0"
# Resource settings (from VPA recommendations)
resources:
requests:
cpu: 126m
memory: 1700Mi
limits:
memory: 1700Mi
# =============================================================================
# API SERVER (Deployment)
# =============================================================================
server:
# Metrics for Prometheus
metrics:
enabled: true
service:
enabled: true
servicePort: 8083
serviceMonitor:
enabled: true
# Main Ingress with Authelia middleware
ingress:
enabled: true
ingressClassName: traefik
hostname: argocd0213.kro.kr
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
traefik.ingress.kubernetes.io/router.middlewares: authelia-authelia-auth@kubernetescrd
tls: true
# Resource settings
resources:
requests:
cpu: 15m
memory: 138Mi
limits:
memory: 138Mi
# =============================================================================
# REPO SERVER (Deployment)
# =============================================================================
repoServer:
# Metrics for Prometheus
metrics:
enabled: true
service:
enabled: true
servicePort: 8084
serviceMonitor:
enabled: true
resources:
requests:
cpu: 15m
memory: 960Mi
limits:
memory: 960Mi
# =============================================================================
# REDIS (Deployment)
# =============================================================================
redis:
resources:
requests:
cpu: 15m
memory: 100Mi
limits:
memory: 100Mi
# =============================================================================
# DEX (OIDC) - Disabled (using Authelia instead)
# =============================================================================
dex:
enabled: false
# =============================================================================
# APPLICATIONSET CONTROLLER - Disabled (not used)
# =============================================================================
applicationSet:
enabled: false
# =============================================================================
# NOTIFICATIONS CONTROLLER - Disabled (not used)
# =============================================================================
notifications:
enabled: false
# =============================================================================
# CRDs
# =============================================================================
crds:
install: true
keep: true
Reference in New Issue View Git Blame Copy Permalink