jetstack · maria-reynoso · Oct 9, 2024 · Oct 15, 2024 · Oct 15, 2024 · Oct 15, 2024
@@ -0,0 +1,14 @@
+{{- if and .Values.opencost.customPricing.createConfigmap .Values.opencost.customPricing.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ .Values.opencost.customPricing.configmapName }}
+data:
+  {{ .Values.opencost.configFileName }}.json: |-
+    {
+{{- range $key, $val := .Values.opencost.customPricing.costModel }}
+{{ $key | quote | indent 6}}: {{ $val | quote }},
+{{- end}}
+      "provider" : {{ .Values.opencost.provider | quote }}
+    }
+{{- end }}
@@ -1,8 +1,6 @@
 repositories:
 - name: kyverno
   url: https://kyverno.github.io/kyverno/
-- name: opencost
-  url: https://opencost.github.io/opencost-helm-chart
 - name: prometheus-opencost-exporter
   url: https://prometheus-community.github.io/helm-charts
 - name: grafana
@@ -22,7 +20,7 @@ helmDefaults:
 environments:
   default:
     values:
-    - ./config/common/enabled.yaml # edit this to specify which of the releases to install
+    - "./config/common/enabled.yaml" # edit this to specify which of the releases to install
 ---
 releases:
 - name: kyverno
@@ -111,17 +109,6 @@ releases:
   values:
   - "./config/common/vpa-values.yaml"
 
-- name: opencost
-  version: "1.42.0"
-  chart: "opencost/opencost"
-  condition: opencost.enabled
-  namespace: finops-stack
-  values:
-  - "./config/{{ requiredEnv "HOST_ENV" }}/opencost-values.yaml"
-  - opencost:
-      exporter:
-        cloudProviderApiKey: {{ requiredEnv "CSP_API_KEY" }}
-
 - name: gmp-proxy
   version: "0.1.0"
   chart: "../charts/gmp-proxy"

@@ -0,0 +1,95 @@
+repositories:
+- name: kyverno
+  url: https://kyverno.github.io/kyverno/
+- name: prometheus-opencost-exporter
+  url: https://prometheus-community.github.io/helm-charts
+- name: prometheus
+  url: https://prometheus-community.github.io/helm-charts
+- name: grafana
+  url: https://grafana.github.io/helm-charts
+- name: vpa
+  url: https://charts.fairwinds.com/stable
+- name: fairwinds-stable
+  url: https://charts.fairwinds.com/stable
+
+---
+helmDefaults:
+  wait: true
+  timeout: 1200
+---
+environments:
+  default:
+    values:
+    - ./config/{{ requiredEnv "HOST_ENV" }}/enabled.yaml
+---
+releases:
+- name: kyverno
+  version: "3.2.6"
+  chart: kyverno/kyverno
+  condition: kyverno.enabled
+  namespace: finops-stack
+  values:
+  - "./config/common/kyverno-values.yaml"
+  # - "./config/{{ requiredEnv "HOST_ENV" }}/kyverno-values.yaml"  
+
+- name: finops-policies
+  version: "0.1.0"
+  chart: "../charts/finops-policies"
+  condition: finops-policies.enabled
+  namespace: finops-stack
+  disableValidationOnInstall: true
+  needs:
+  - kyverno
+
+- name: grafana
+  version: "8.4.7"
+  chart: grafana/grafana
+  condition: grafana.enabled
+  namespace: finops-stack
+  values:
+  - "./config/common/grafana-values.yaml"
+  - "./config/{{ requiredEnv "HOST_ENV" }}/grafana-values.yaml"
+  - adminUser: {{ requiredEnv "GRAFANA_ADMIN_USER" }}
+  - adminPassword: {{ requiredEnv "GRAFANA_ADMIN_PW" }}
+
+- name: vpa
+  version: "4.5.0"
+  chart: "vpa/vpa"
+  condition: vpa.enabled
+  namespace: finops-stack
+  values:
+  - "./config/common/vpa-values.yaml"
+
+- name: prometheus
+  version: "25.27.0"
+  chart: "prometheus/prometheus"
+  condition: prometheus.enabled
+  namespace: finops-stack
+  values:
+  - "./config/{{ requiredEnv "HOST_ENV" }}/prometheus-values.yaml"
+
+- name: prometheus-opencost-exporter
+  version: "0.1.1"
+  chart: "prometheus-opencost-exporter/prometheus-opencost-exporter"
+  condition: opencost-exporter.enabled
+  namespace: finops-stack
+  values:
+  - "./config/common/prometheus-opencost-exporter-values.yaml"
+  - "./config/{{ requiredEnv "HOST_ENV" }}/prometheus-opencost-exporter-values.yaml"
+
+- name: finops-stack-opencost-templates
+  version: "0.1.0"
+  chart: "../charts/opencost-config"
+  condition: opencost-templates.enabled
+  namespace: finops-stack
+  disableValidationOnInstall: true
+  values:
+  - "./config/{{ requiredEnv "HOST_ENV" }}/opencost-templates-values.yaml"
+
+- name: goldilocks
+  version: "9.0.0"
+  chart: fairwinds-stable/goldilocks
+  condition: goldilocks.enabled
+  namespace: finops-stack
+  values:
+  - "./config/common/goldilocks-values.yaml"
@@ -0,0 +1,18 @@
+.DEFAULT_GOAL := help
+
+CLUSTER_NAME := ambient
+PROJECT_ID := "$(shell gcloud config get-value project)"
+M_TYPE := n1-standard-2
+ZONE := europe-west2-a
+
+cluster: ## Setup cluster
+	kind create cluster
+
+finops-stack: ## Deploy FinOps Stack using Helmfile
+	set -a; source .env; set +a; helmfile apply --file helmfile_kind.yaml --interactive
+
+cleanup: ## Cleaup
+	kind delete cluster
+
+help: ## Display this help
+	@awk 'BEGIN {FS = ":.*##"; printf "\nUsage:\n  make \033[36m<target>\033[0m\n"} /^[a-zA-Z_-]+:.*?##/ { printf "  \033[36m%-15s\033[0m \t%s\n", $$1, $$2 } /^##@/ { printf "\n\033[1m%s\033[0m\n", substr($$0, 5) } ' $(MAKEFILE_LIST)
@@ -2,39 +2,39 @@
 
 Installing Helm charts with lots of dependencies and CRDs is challenging; these instructions use Helmfile to mitigate issues with Helm. 
 
-This documentation focuses on installing the FinOps Stack in GKE standard/autopilot clusters.
+This documentation provides instructions for installing the FinOps Stack in Kind cluster for a quick setup. For deployment on a GKE cluster, refer to the [gke docs](./gke.md).
 
 ## Pre-requisites
 
-- A GKE standard or autopilot cluster with:
-   - kubectl access 
-   - cluster-admin permissions
-   - workload identity enabled 
+- [Kind](https://kind.sigs.k8s.io/docs/user/quick-start/#installation) installed on your local machine
+- [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/)
 - [Helmfile](https://helmfile.readthedocs.io/en/latest/#installation) installed on your local machine
-- A Google Service Account with the following:
-    - roles/monitor.viewer and roles/iam.serviceAccountTokenCreator permissions
-    - workload identity configured for grafana kubernetes service account: `[finops-stack/grafana]`. Have a look at this [blog post](https://venafi.com/blog/gke-workload-identity-federation-for-kubernetes-principals/) to configure workload identity.
-- Unless you want to access the Grafana dashboard via `kubectl port-forward` you'll need a domain name
 
-## Distribution support
-
-### GKE Autopilot
+## Installation
 
-- Enable cost allocation
+## Create a kind cluster
 
-## Installation
+```bash
+make cluster
+```
 
 ### Configuration changes for your cluster environment
 
 1. To control which Finops Stack components to install, edit the [enabled.yaml](./installation/config/common/enabled.yaml) file
-1. Copy `./env.tmpl` to `./.env` and replace the env var values accordingly. As a minimum, you will need to change the `GCP_PROJECT`, `CSP_API_KEY`,  `GRAFANA_SA_ANNOTATION` values. <!-- TODO: Automate env variable values replacement -->
+1. Copy env.tmpl file and replace the env var values accordingly (`GRAFANA_FQDN` for example).
+
+```sh
+cp ./env.tmpl ./.env
+```
 
 ### Install everything using Helmfile
 
 For the first run:
 
 ```bash
-set -a; source .env; set +a; helmfile apply --interactive
+make finops-stack
+# FinOps stack is install using Helmfile:
+# set -a; source .env; set +a; helmfile apply --file helmfile_kind.yaml --interactive
 ```
 
 NOTE: it will take several minutes for all workloads to install and start running. Helmfile does display its progress in the terminal. All workloads get installed into the `finops-stack` namespace so you can also view progress using `kubectl`.
@@ -61,8 +61,11 @@ General guidance when configuring ingress:
 
 ## Enable Goldilocks for namespaces
 
-For Goldilocks to analyse namespaces and add then to its dashboard you need to add this label to the namespace resource: `goldilocks.fairwinds.com/enabled=true`, e.g.  
-`kubectl label ns finops-stack goldilocks.fairwinds.com/enabled=true`
+For Goldilocks to analyse namespaces and add then to its dashboard you need to add this label to the namespace resource: `goldilocks.fairwinds.com/enabled=true`, e.g:
+
+```bash
+kubectl label ns finops-stack goldilocks.fairwinds.com/enabled=true
+```
 
 ## Useful commands
 

@@ -0,0 +1,26 @@
+# -- Enable / Disable the installation of Kyverno
+kyverno:
+  enabled: true
+
+# -- Enable / Disable the installation of Kyverno FinOps Policies
+finops-policies:
+  enabled: true
+# -- Enable / Disable the installation of the VPA Controller
+vpa:
+  enabled: true
+# -- Enable / Disable the installation of the Grafana
+grafana:
+  enabled: true
+# -- Enable / Disable the installation of Prometheus
+prometheus:
+  enabled: true
+# -- Enable / Disable the installation of OpenCost Exporter
+opencost-exporter:
+  enabled: true
+
+opencost-templates:
+  enabled: true
+
+# -- Enable / Disable the installation of Fairwinds' Goldilocks
+goldilocks:
+  enabled: true
@@ -0,0 +1,10 @@
+datasources:
+  datasources.yaml:
+    apiVersion: 1
+    datasources:
+      - name: Prometheus
+        type: prometheus
+        uid: "PFB5ABA51A8A585D7"
+        url: http://prometheus-server
+        isDefault: true
+        editable: true
@@ -0,0 +1,24 @@
+opencost:
+  configFileName: default
+  provider: kind
+  customPricing:
+    # -- Enables custom pricing for on-premise setup.
+    enabled: true
+    configmapName: custom-pricing-model
+    # -- Path for the pricing configuration.
+    configPath: /tmp/custom-config
+    # -- Configures the pricing model provided in the values file.
+    createConfigmap: true
+    # -- More information about these values here: https://www.opencost.io/docs/configuration/on-prem#custom-pricing-using-the-opencost-helm-chart
+    costModel:
+      description: Modified prices based on your internal pricing
+      CPU: 1.25
+      spotCPU: 0.006655
+      RAM: 0.50
+      spotRAM: 0.000892
+      GPU: 0.95
+      storage: 0.25
+      zoneNetworkEgress: 0.01
+      regionNetworkEgress: 0.01
+      internetNetworkEgress: 0.12
+      loadBalancer: 0
@@ -0,0 +1,27 @@
+opencost:
+  prometheus:
+    external:
+      enabled: true
+      url: http://prometheus-server
+    internal:
+      enabled: false
+  customPricing:
+    # -- Enables custom pricing for on-premise setup.
+    enabled: true
+    configmapName: custom-pricing-model
+    # -- Path for the pricing configuration.
+    configPath: /tmp/custom-config
+    # -- Configures the pricing model provided in the values file.
+    createConfigmap: true
+    # -- More information about these values here: https://www.opencost.io/docs/configuration/on-prem#custom-pricing-using-the-opencost-helm-chart
+    costModel:
+      description: Modified prices based on your internal pricing
+      CPU: 1.25
+      spotCPU: 0.006655
+      RAM: 0.50
+      spotRAM: 0.000892
+      GPU: 0.95
+      storage: 0.25
+      zoneNetworkEgress: 0.01
+      regionNetworkEgress: 0.01
+      internetNetworkEgress: 0.12
@@ -0,0 +1,17 @@
+extraScrapeConfigs: |
+  - job_name: opencost
+    honor_labels: true
+    scrape_interval: 1m
+    scrape_timeout: 10s
+    metrics_path: /metrics
+    scheme: http
+    dns_sd_configs:
+    - names:
+      - opencost.opencost
+      type: 'A'
+      port: 9003
+
+alertmanager:
+  enabled: false
+prometheus-pushgateway:
+  enabled: false
@@ -1,24 +1,12 @@
 # Sub-dir under ./config that holds your hosting env specific Helm values.files, e.g. gke
-HOST_ENV=gke
-
-# GCP Project - used by gmp-proxy and cert-manager
-GCP_PROJECT="my-gcp-project"
-
-# API Key used by Opencost to call your CSPs billing APIs: https://www.opencost.io/docs/configuration/gcp#configuring-gcp-pricing
-CSP_API_KEY=paste_key_here
+HOST_ENV=kind
 
 # Grafana admin user credentials
 GRAFANA_ADMIN_USER=finops
 GRAFANA_ADMIN_PW=s7@ck
 
-# GCP SA for workload identity
-GRAFANA_SA_ANNOTATION="iam.gke.io/gcp-service-account: [email protected]"
-
 # Grafana ingress settings
 GRAFANA_INGRESS="false"
 # GRAFANA_PUBLIC_IP_NAME="name-of-public-ip"
 # GRAFANA_FQDN="grafana.host.name"
 
-##  GCP SA for workload identity for cert-manager (need to be defined but only used if cert-manager is being installed)
-CERT_MANAGER_SA_ANNOTATION="iam.gke.io/gcp-service-account: [email protected]"
-CERT_MANAGER_EMAIL="[email protected]"