Added kubecost templates

2026-04-18 08:22:20 +00:00
parent e33a2a51f3
commit 5e0b597cf4
2 changed files with 391 additions and 0 deletions
--- a/kubernetes-templates/kubecost/deployment.yml
+++ b/kubernetes-templates/kubecost/deployment.yml
@@ -0,0 +1,156 @@
+{{- if .Values.hooks.clusterID.enabled }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "kubecost.fullname" . }}-hook
+  namespace: {{ $.Release.Namespace }}
+  labels:
+    app: {{ template "kubecost.name" . }}-kubecost
+{{ include "kubecost.labels" . | indent 4 }}
+  annotations:
+    helm.sh/hook: pre-install,pre-upgrade,post-delete
+    helm.sh/hook-weight: "-5"
+    helm.sh/hook-delete-policy: before-hook-creation
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "kubecost.fullname" . }}-hook
+  labels:
+    app: {{ template "kubecost.name" . }}
+{{ include "kubecost.labels" . | indent 4 }}
+  annotations:
+    helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade,post-delete
+    helm.sh/hook-weight: "-4"
+    helm.sh/hook-delete-policy: hook-succeeded,before-hook-creation
+rules:
+# The following namespaces and configmaps permissions are needed to
+# grab the kube-system namespace uid and write it out to a configmap.
+- apiGroups: [""]
+  resources:
+  - namespaces
+  verbs: ["get"]
+- apiGroups: [""]
+  resources:
+  - configmaps
+  verbs: ["get", "create", "patch", "update", "delete"]
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "kubecost.fullname" . }}-hook
+  labels:
+    app: {{ template "kubecost.name" . }}
+{{ include "kubecost.labels" . | indent 4 }}
+  annotations:
+    helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade,post-delete
+    helm.sh/hook-weight: "-3"
+    helm.sh/hook-delete-policy: hook-succeeded,before-hook-creation
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "kubecost.fullname" . }}-hook
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "kubecost.fullname" . }}-hook
+    namespace: {{ $.Release.Namespace }}
+{{- if index .Values "cost-analyzer" "global" "prometheus" "enabled" }}
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: {{ .Release.Name }}-edit-prom-cluster-id
+  namespace: {{ .Release.Namespace }}
+  annotations:
+    helm.sh/hook: post-install,post-upgrade
+    helm.sh/hook-weight: "3"
+    helm.sh/hook-delete-policy: hook-succeeded,before-hook-creation
+spec:
+  template:
+    metadata:
+      name: {{ .Release.Name }}-edit-prom-cluster-id
+    spec:
+      serviceAccountName: {{ template "kubecost.fullname" . }}-hook
+{{- if .Values.hooks.clusterID.priorityClassName }}
+      priorityClassName: "{{ .Values.hooks.clusterID.priorityClassName }}"
+{{- end }}
+      containers:
+        - name: kubectl
+          image: {{ .Values.hooks.clusterID.kubectlImage | quote }}
+          imagePullPolicy: IfNotPresent
+          command:
+            - sh
+            - "-c"
+            - |
+              /bin/bash <<'EOF'
+              set -o nounset
+              set -o errexit
+              set -o pipefail
+              CLUSTERID=$(kubectl get namespace kube-system -o jsonpath="{.metadata.uid}")
+              kubectl get configmap/{{ template "kubecost.prometheus-server-cm-name" . }} -oyaml > /tmp/override.yaml
+              sed -e 's/\$CLUSTER_ID/"'$CLUSTERID'"/g' /tmp/override.yaml > /tmp/final.yaml
+              kubectl apply -f /tmp/final.yaml
+              echo "Done replacing \$CLUSTER_ID with $CLUSTERID"
+              EOF
+      restartPolicy: OnFailure
+{{- end }}
+{{- if index .Values "cost-analyzer" "prometheus" "server" "clusterIDConfigmap" }}
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: {{ .Release.Name }}-cluster-id-configmap
+  namespace: {{ .Release.Namespace }}
+  annotations:
+    helm.sh/hook: pre-install,pre-upgrade
+    helm.sh/hook-weight: "3"
+    helm.sh/hook-delete-policy: hook-succeeded,before-hook-creation
+spec:
+  template:
+    metadata:
+      name: {{ .Release.Name }}-cluster-id-configmap
+    spec:
+      serviceAccountName: {{ template "kubecost.fullname" . }}-hook
+{{- if .Values.hooks.clusterID.priorityClassName }}
+      priorityClassName: "{{ .Values.hooks.clusterID.priorityClassName }}"
+{{- end }}
+      containers:
+        - name: kubectl
+          image: {{ .Values.hooks.clusterID.kubectlImage | quote }}
+          imagePullPolicy: IfNotPresent
+          command:
+            - sh
+            - "-c"
+            - kubectl create configmap {{ index .Values "cost-analyzer" "prometheus" "server" "clusterIDConfigmap" }} -n {{ .Release.Namespace }} -oyaml --dry-run --save-config --from-literal=CLUSTER_ID=$(kubectl get namespace kube-system -o jsonpath="{.metadata.uid}") | kubectl apply -f -
+      restartPolicy: OnFailure
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: {{ .Release.Name }}-cleanup-cluster-id-configmap
+  namespace: {{ .Release.Namespace }}
+  annotations:
+    helm.sh/hook: post-delete
+    helm.sh/hook-weight: "3"
+    helm.sh/hook-delete-policy: hook-succeeded,before-hook-creation
+spec:
+  template:
+    metadata:
+      name: {{ .Release.Name }}-cleanup-cluster-id-configmap
+    spec:
+      serviceAccountName: {{ template "kubecost.fullname" . }}-hook
+{{- if .Values.hooks.clusterID.priorityClassName }}
+      priorityClassName: "{{ .Values.hooks.clusterID.priorityClassName }}"
+{{- end }}
+      containers:
+        - name: kubectl
+          image: {{ .Values.hooks.clusterID.kubectlImage | quote }}
+          imagePullPolicy: IfNotPresent
+          command:
+            - /bin/sh
+            - -c
+            - kubectl delete configmap {{ index .Values "cost-analyzer" "prometheus" "server" "clusterIDConfigmap" }} -n {{ .Release.Namespace }} --ignore-not-found
+      restartPolicy: OnFailure
+{{- end }}
+{{- end }}