diff --git a/charts/charon-relay/Chart.yaml b/charts/charon-relay/Chart.yaml index 047d8fd..4e3640a 100644 --- a/charts/charon-relay/Chart.yaml +++ b/charts/charon-relay/Chart.yaml @@ -29,7 +29,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.7.0 +version: 0.8.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/charts/charon-relay/README.md b/charts/charon-relay/README.md index dc4fc2f..36d4fe3 100755 --- a/charts/charon-relay/README.md +++ b/charts/charon-relay/README.md @@ -2,7 +2,7 @@ Charon Relay =========== -![Version: 0.7.0](https://img.shields.io/badge/Version-0.7.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.10.0](https://img.shields.io/badge/AppVersion-1.10.0-informational?style=flat-square) +![Version: 0.8.0](https://img.shields.io/badge/Version-0.8.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.10.0](https://img.shields.io/badge/AppVersion-1.10.0-informational?style=flat-square) Charon is an open-source Ethereum Distributed validator middleware written in golang. This chart deploys a libp2p relay server. @@ -59,6 +59,7 @@ Charon is an open-source Ethereum Distributed validator middleware written in go | imagePullSecrets | list | `[]` | Credentials to fetch images from private registry # ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ | | initContainerImage | string | `"alpine/kubectl:1.35.2"` | Init container image | | livenessProbe | object | `{"enabled":true,"httpGet":{"path":"/livez"},"initialDelaySeconds":10,"periodSeconds":5}` | Configure liveness probes # ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ | +| metricsService | object | `{"enabled":false}` | When enabled, the metrics port (service.ports.monitoring) is removed from the main (LoadBalancer) Service above and exposed on a separate ClusterIP Service `{release}-{index}-metrics` so the port is not reachable from the public LoadBalancer. ServiceMonitor (if enabled) auto-selects the right Service. Default false to preserve the legacy behaviour. | | nameOverride | string | `""` | Provide a name in place of lighthouse for `app:` labels | | nodeSelector | object | `{}` | Node labels for pod assignment # ref: https://kubernetes.io/docs/user-guide/node-selection/ | | podAnnotations | object | `{}` | Pod annotations | diff --git a/charts/charon-relay/templates/prometheus-configmap.yaml b/charts/charon-relay/templates/prometheus-configmap.yaml index 36385ab..7eeaddc 100644 --- a/charts/charon-relay/templates/prometheus-configmap.yaml +++ b/charts/charon-relay/templates/prometheus-configmap.yaml @@ -22,7 +22,11 @@ data: {{- range $i := until (int .Values.clusterSize) }} - job_name: '{{ include "release.name" $ }}-{{ $i }}' static_configs: - - targets: ['{{ include "release.name" $ }}-{{ $i }}:3620'] + {{- if $.Values.metricsService.enabled }} + - targets: ['{{ include "release.name" $ }}-{{ $i }}-metrics:{{ $.Values.service.ports.monitoring.port }}'] + {{- else }} + - targets: ['{{ include "release.name" $ }}-{{ $i }}:{{ $.Values.service.ports.monitoring.port }}'] + {{- end }} relabel_configs: - target_label: relay_cluster_name replacement: obol-{{ $.Release.Namespace }}-{{ $i }} diff --git a/charts/charon-relay/templates/service.yaml b/charts/charon-relay/templates/service.yaml index 3c48ab1..34d1f20 100644 --- a/charts/charon-relay/templates/service.yaml +++ b/charts/charon-relay/templates/service.yaml @@ -18,12 +18,37 @@ spec: protocol: {{ $.Values.service.ports.p2pTcp.protocol }} port: {{ $.Values.service.ports.p2pTcp.port }} targetPort: {{ $.Values.service.ports.p2pTcp.targetPort }} + {{- if not $.Values.metricsService.enabled }} - name: {{ $.Values.service.ports.monitoring.name }} protocol: {{ $.Values.service.ports.monitoring.protocol }} port: {{ $.Values.service.ports.monitoring.port }} targetPort: {{ $.Values.service.ports.monitoring.targetPort }} + {{- end }} selector: name: {{ include "release.name" $ }}-{{ $i }} +{{- if $.Values.metricsService.enabled }} +--- +# Separate ClusterIP Service for metrics so port 3620 is not exposed by +# the public LoadBalancer above. In-cluster scrapers (ServiceMonitor or +# Prometheus pod_sd) hit this Service instead. +apiVersion: v1 +kind: Service +metadata: + name: {{ include "release.name" $ }}-{{ $i }}-metrics + namespace: {{ $.Release.Namespace }} + labels: + name: {{ include "release.name" $ }}-{{ $i }}-metrics + app.kubernetes.io/component: metrics +spec: + type: ClusterIP + ports: + - name: {{ $.Values.service.ports.monitoring.name }} + protocol: {{ $.Values.service.ports.monitoring.protocol }} + port: {{ $.Values.service.ports.monitoring.port }} + targetPort: {{ $.Values.service.ports.monitoring.targetPort }} + selector: + name: {{ include "release.name" $ }}-{{ $i }} +{{- end }} {{- if $.Values.config.p2pUdpAddress }} --- apiVersion: v1 diff --git a/charts/charon-relay/templates/servicemonitor.yaml b/charts/charon-relay/templates/servicemonitor.yaml index 2e44afa..7a928c0 100644 --- a/charts/charon-relay/templates/servicemonitor.yaml +++ b/charts/charon-relay/templates/servicemonitor.yaml @@ -21,7 +21,7 @@ spec: scrapeTimeout: {{ $.Values.serviceMonitor.scrapeTimeout }} {{- end }} honorLabels: true - port: metrics + port: {{ $.Values.service.ports.monitoring.name }} path: {{ $.Values.serviceMonitor.path }} scheme: {{ $.Values.serviceMonitor.scheme }} {{- if $.Values.serviceMonitor.tlsConfig }} @@ -35,7 +35,11 @@ spec: jobLabel: "{{ $.Release.Name }}-{{ $i }}" selector: matchLabels: + {{- if $.Values.metricsService.enabled }} + name: {{ include "release.name" $ }}-{{ $i }}-metrics + {{- else }} name: {{ include "release.name" $ }}-{{ $i }} + {{- end }} namespaceSelector: matchNames: - {{ $.Release.Namespace }} diff --git a/charts/charon-relay/values.yaml b/charts/charon-relay/values.yaml index 9c6924e..e914129 100644 --- a/charts/charon-relay/values.yaml +++ b/charts/charon-relay/values.yaml @@ -105,6 +105,14 @@ service: protocol: TCP targetPort: 3620 +# -- When enabled, the metrics port (service.ports.monitoring) is removed from +# the main (LoadBalancer) Service above and exposed on a separate ClusterIP +# Service `{release}-{index}-metrics` so the port is not reachable from the +# public LoadBalancer. ServiceMonitor (if enabled) auto-selects the right +# Service. Default false to preserve the legacy behaviour. +metricsService: + enabled: false + # -- Pod resources limits and requests resources: {} # We usually recommend not to specify default resources and to leave this as a conscious