Add monitoring components using Helm

adamlahbib · Nov 15, 2024 · ce3bec4 · ce3bec4
1 parent c150a01
commit ce3bec4
Show file tree

Hide file tree

Showing 2 changed files with 53 additions and 0 deletions.
diff --git a/terraform/monitoring.tf b/terraform/monitoring.tf
@@ -3,6 +3,7 @@ resource "helm_release" "grafana" {
     repository = "https://grafana.github.io/helm-charts"
     chart      = "grafana"
     namespace  = "monitoring"
+    create_namespace = true
     version    = "6.50.7"
 
     set {
@@ -21,6 +22,7 @@ resource "helm_release" "loki" {
     repository = "https://grafana.github.io/helm-charts"
     chart      = "loki-stack"
     namespace  = "monitoring"
+    create_namespace = true
     version    = "2.9.10"
 
     set {
@@ -39,6 +41,7 @@ resource "helm_release" "prometheus" {
     repository = "https://prometheus-community.github.io/helm-charts"
     chart      = "prometheus"
     namespace  = "monitoring"
+    create_namespace = true
     version    = "15.10.1"
 }
 
@@ -47,6 +50,7 @@ resource "helm_release" "falco" {
     repository = "https://falcosecurity.github.io/charts"
     chart      = "falco"
     namespace  = "monitoring"
+    create_namespace = true
     version    = "4.14.1"
 
     set {
@@ -60,6 +64,7 @@ resource "helm_release" "falco_sidekick" {
     repository = "https://falcosecurity.github.io/charts"
     chart      = "falco-sidekick"
     namespace  = "monitoring"
+    create_namespace = true
     version    = "0.8.9"
 
     set {
@@ -83,5 +88,10 @@ resource "helm_release" "crowdsec" {
     repository = "https://crowdsecurity.github.io/helm-charts"
     chart      = "crowdsec"
     namespace  = "monitoring"
+    create_namespace = true
     version    = "0.13.0"
+
+    values = [
+        file("${path.module}/values/crowdsec-values.yaml")
+    ]
 }
diff --git a/terraform/values/crowdsec.yaml b/terraform/values/crowdsec.yaml
@@ -0,0 +1,43 @@
+container_runtime: containerd
+
+lapi:
+  resources:
+    requests:
+      cpu: 100m
+      memory: 384Mi
+    limits:
+      cpu: 1000m
+      memory: 384Mi
+  persistentVolume:
+    data:
+      enabled: false
+    config:
+      enabled: false
+
+  metrics:
+    enabled: true
+    serviceMonitor:
+      enabled: true
+
+agent:
+  acquisition:
+    - namespace: traefik
+      podName: traefik-*
+      program: traefik
+
+  env:
+    - name: COLLECTIONS
+      value: crowdsecurity/traefik
+
+  resources:
+    requests:
+      cpu: 100m
+      memory: 128Mi
+    limits:
+      cpu: 1000m
+      memory: 128Mi
+
+  metrics:
+    enabled: true
+    serviceMonitor:
+      enabled: true