diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 571053fb..aaa704fd 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -11,4 +11,4 @@ Fixes # **Checklist** -- [ ] `CHANGELOG.md` updated - the order of entries should be `[CHANGE]`, `[FEATURE]`, `[ENHANCEMENT]`, `[BUGFIX]` \ No newline at end of file +- [ ] `CHANGELOG.md` updated - the order of entries should be `[CHANGE]`, `[FEATURE]`, `[ENHANCEMENT]`, `[BUGFIX]`, `[DEPENDENCY]` diff --git a/CHANGELOG.md b/CHANGELOG.md index 343cc599..08034e21 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,10 @@ ## master / unreleased +* [ENHANCEMENT] Add `nginx.config.upstream_protocol` field to configure the upstream protocol in the nginx configuration #506 +* [BUGFIX] fix: upstream_protocol reference in auth_orgs #509 +* [DEPENDENCY] Update quay.io/cortexproject/cortex Docker tag to v1.18.1 #510 + ## 2.4.0 / 2024-07-18 * [CHANGE] Removed the default `livenessProbe` for store-gateway and compactor. You can still use a `livenessProbe` but we advise against it #502 diff --git a/Chart.yaml b/Chart.yaml index 2bb55955..b4e6c29e 100755 --- a/Chart.yaml +++ b/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 version: 2.4.0 -appVersion: v1.17.1 +appVersion: v1.18.1 description: 'Horizontally scalable, highly available, multi-tenant, long term Prometheus.' home: https://cortexmetrics.io/ icon: https://avatars2.githubusercontent.com/u/43045022?s=200&v=4 @@ -9,7 +9,7 @@ maintainers: - email: thayward@infoblox.com name: Tom Hayward url: https://github.com/kd7lxl - - email: Niclas.Schad@mail.schwarz + - email: niclas.schad@stackit.cloud name: Niclas Schad url: https://github.com/nschad name: cortex diff --git a/MAINTAINERS.md b/MAINTAINERS.md index f5ee26c2..b0a65fd5 100644 --- a/MAINTAINERS.md +++ b/MAINTAINERS.md @@ -1,2 +1,2 @@ -- Niclas Schad, STACKIT ([@nschad](https://github.com/nschad)) +- Niclas Schad, STACKIT ([@nschad](https://github.com/nschad)) - Tom Hayward, Infoblox ([@kd7lxl](https://github.com/kd7lxl)) diff --git a/README.md b/README.md index c7d420cb..4c2295cb 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ # cortex -![Version: 2.4.0](https://img.shields.io/badge/Version-2.4.0-informational?style=flat-square) ![AppVersion: v1.17.1](https://img.shields.io/badge/AppVersion-v1.17.1-informational?style=flat-square) +![Version: 2.4.0](https://img.shields.io/badge/Version-2.4.0-informational?style=flat-square) ![AppVersion: v1.18.1](https://img.shields.io/badge/AppVersion-v1.18.1-informational?style=flat-square) Horizontally scalable, highly available, multi-tenant, long term Prometheus. @@ -13,7 +13,7 @@ Horizontally scalable, highly available, multi-tenant, long term Prometheus. | Name | Email | Url | | ---- | ------ | --- | | Tom Hayward | | | -| Niclas Schad | | | +| Niclas Schad | | | ## Documentation @@ -439,6 +439,7 @@ Kubernetes: `^1.19.0-0` | nginx.​config.​mainSnippet | string | `""` | arbitrary snippet to inject in the top section of the nginx config | | nginx.​config.​serverSnippet | string | `""` | arbitrary snippet to inject in the server { } section of the nginx config | | nginx.​config.​setHeaders | object | `{}` | | +| nginx.​config.​upstream_protocol | string | `"http"` | protocol for the communication with the upstream | | nginx.​config.​verboseLogging | bool | `true` | Enables all access logs from nginx, otherwise ignores 2XX and 3XX status codes | | nginx.​containerSecurityContext.​enabled | bool | `true` | | | nginx.​containerSecurityContext.​readOnlyRootFilesystem | bool | `false` | | diff --git a/templates/nginx/nginx-config.yaml b/templates/nginx/nginx-config.yaml index 7db8b83a..7945a0ef 100644 --- a/templates/nginx/nginx-config.yaml +++ b/templates/nginx/nginx-config.yaml @@ -81,20 +81,20 @@ data: # Distributor Config location = /ring { - proxy_pass http://{{ template "cortex.fullname" . }}-distributor.{{ $rootDomain }}$request_uri; + proxy_pass {{ .Values.nginx.config.upstream_protocol }}://{{ template "cortex.fullname" . }}-distributor.{{ $rootDomain }}$request_uri; } location = /all_user_stats { - proxy_pass http://{{ template "cortex.fullname" . }}-distributor.{{ $rootDomain }}$request_uri; + proxy_pass {{ .Values.nginx.config.upstream_protocol }}://{{ template "cortex.fullname" . }}-distributor.{{ $rootDomain }}$request_uri; } location = /api/prom/push { - proxy_pass http://{{ template "cortex.fullname" . }}-distributor.{{ $rootDomain }}$request_uri; + proxy_pass {{ .Values.nginx.config.upstream_protocol }}://{{ template "cortex.fullname" . }}-distributor.{{ $rootDomain }}$request_uri; } ## New Remote write API. Ref: https://cortexmetrics.io/docs/api/#remote-write location = /api/v1/push { - proxy_pass http://{{ template "cortex.fullname" . }}-distributor.{{ $rootDomain }}$request_uri; + proxy_pass {{ .Values.nginx.config.upstream_protocol }}://{{ template "cortex.fullname" . }}-distributor.{{ $rootDomain }}$request_uri; } {{- end }} @@ -103,19 +103,19 @@ data: # Alertmanager Config location ~ /api/prom/alertmanager/.* { - proxy_pass http://{{ template "cortex.fullname" . }}-alertmanager.{{ $rootDomain }}$request_uri; + proxy_pass {{ .Values.nginx.config.upstream_protocol }}://{{ template "cortex.fullname" . }}-alertmanager.{{ $rootDomain }}$request_uri; } location ~ /api/v1/alerts { - proxy_pass http://{{ template "cortex.fullname" . }}-alertmanager.{{ $rootDomain }}$request_uri; + proxy_pass {{ .Values.nginx.config.upstream_protocol }}://{{ template "cortex.fullname" . }}-alertmanager.{{ $rootDomain }}$request_uri; } location ~ /multitenant_alertmanager/status { - proxy_pass http://{{ template "cortex.fullname" . }}-alertmanager.{{ $rootDomain }}$request_uri; + proxy_pass {{ .Values.nginx.config.upstream_protocol }}://{{ template "cortex.fullname" . }}-alertmanager.{{ $rootDomain }}$request_uri; } location = /api/prom/api/v1/alerts { - proxy_pass http://{{ template "cortex.fullname" . }}-alertmanager.{{ $rootDomain }}/api/v1/alerts; + proxy_pass {{ .Values.nginx.config.upstream_protocol }}://{{ template "cortex.fullname" . }}-alertmanager.{{ $rootDomain }}/api/v1/alerts; } {{- end }} @@ -124,15 +124,15 @@ data: # Ruler Config location ~ /api/v1/rules { - proxy_pass http://{{ template "cortex.fullname" . }}-ruler.{{ $rootDomain }}$request_uri; + proxy_pass {{ .Values.nginx.config.upstream_protocol }}://{{ template "cortex.fullname" . }}-ruler.{{ $rootDomain }}$request_uri; } location ~ /ruler/ring { - proxy_pass http://{{ template "cortex.fullname" . }}-ruler.{{ $rootDomain }}$request_uri; + proxy_pass {{ .Values.nginx.config.upstream_protocol }}://{{ template "cortex.fullname" . }}-ruler.{{ $rootDomain }}$request_uri; } location ~ /api/prom/rules { - proxy_pass http://{{ template "cortex.fullname" . }}-ruler.{{ $rootDomain }}$request_uri; + proxy_pass {{ .Values.nginx.config.upstream_protocol }}://{{ template "cortex.fullname" . }}-ruler.{{ $rootDomain }}$request_uri; } {{- end }} @@ -141,16 +141,16 @@ data: # Query Config location ~ /api/prom/.* { - proxy_pass http://{{ template "cortex.fullname" . }}-query-frontend.{{ $rootDomain }}$request_uri; + proxy_pass {{ .Values.nginx.config.upstream_protocol }}://{{ template "cortex.fullname" . }}-query-frontend.{{ $rootDomain }}$request_uri; } ## New Query frontend APIs as per https://cortexmetrics.io/docs/api/#querier--query-frontend location ~ ^{{.Values.config.api.prometheus_http_prefix}}/api/v1/(read|metadata|labels|series|query_range|query) { - proxy_pass http://{{ template "cortex.fullname" . }}-query-frontend.{{ $rootDomain }}$request_uri; + proxy_pass {{ .Values.nginx.config.upstream_protocol }}://{{ template "cortex.fullname" . }}-query-frontend.{{ $rootDomain }}$request_uri; } location ~ {{.Values.config.api.prometheus_http_prefix}}/api/v1/label/.* { - proxy_pass http://{{ template "cortex.fullname" . }}-query-frontend.{{ $rootDomain }}$request_uri; + proxy_pass {{ .Values.nginx.config.upstream_protocol }}://{{ template "cortex.fullname" . }}-query-frontend.{{ $rootDomain }}$request_uri; } {{- end }} @@ -160,7 +160,7 @@ data: {{- range $org := compact .Values.nginx.config.auth_orgs | uniq }} location = /api/v1/push/{{ $org }} { proxy_set_header X-Scope-OrgID {{ $org }}; - proxy_pass http://{{ template "cortex.fullname" $ }}-distributor.{{ $rootDomain }}/api/v1/push; + proxy_pass {{ $.Values.nginx.config.upstream_protocol }}://{{ template "cortex.fullname" $ }}-distributor.{{ $rootDomain }}/api/v1/push; } {{- end }} {{- end }} diff --git a/values.yaml b/values.yaml index ea87bf5d..b10da422 100644 --- a/values.yaml +++ b/values.yaml @@ -1196,6 +1196,8 @@ nginx: mainSnippet: "" # -- arbitrary snippet to inject in the server { } section of the nginx config serverSnippet: "" + # -- protocol for the communication with the upstream + upstream_protocol: http setHeaders: {} # -- Optional list of [auth tenants](https://cortexmetrics.io/docs/guides/auth/) to set in the nginx config auth_orgs: []