bakery-ia/infrastructure/monitoring/k8s-infra/kube-state-metrics-values.yaml

# Kube-State-Metrics Helm Values for Bakery IA
# Chart: prometheus-community/kube-state-metrics
# Documentation: https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-state-metrics
#
# Install Command:
#   helm install kube-state-metrics prometheus-community/kube-state-metrics \
#     -n bakery-ia -f kube-state-metrics-values.yaml

# Image configuration
image:
  registry: registry.k8s.io
  repository: kube-state-metrics/kube-state-metrics
  tag: ""  # Uses chart default (latest stable)
  pullPolicy: IfNotPresent

# Replicas - single instance is sufficient for most clusters
replicas: 1

# Resource limits optimized for MicroK8s VPS
resources:
  requests:
    cpu: 10m
    memory: 32Mi
  limits:
    cpu: 100m
    memory: 128Mi

# Service configuration
service:
  type: ClusterIP
  port: 8080
  annotations: {}

# Prometheus scrape annotations
prometheusScrape: true

# Which Kubernetes resources to collect metrics for
# Full list available, but we focus on most useful ones
collectors:
  - certificatesigningrequests
  - configmaps
  - cronjobs
  - daemonsets
  - deployments
  - endpoints
  - horizontalpodautoscalers
  - ingresses
  - jobs
  - leases
  - limitranges
  - namespaces
  - networkpolicies
  - nodes
  - persistentvolumeclaims
  - persistentvolumes
  - poddisruptionbudgets
  - pods
  - replicasets
  - replicationcontrollers
  - resourcequotas
  - secrets
  - services
  - statefulsets
  - storageclasses

# Namespace to watch (empty = all namespaces)
namespaces: ""

# Node selector for scheduling
nodeSelector: {}

# Tolerations
tolerations: []

# Affinity rules
affinity: {}

# Pod security context
podSecurityContext:
  runAsNonRoot: true
  runAsUser: 65534
  fsGroup: 65534

# Container security context
securityContext:
  allowPrivilegeEscalation: false
  capabilities:
    drop:
      - ALL
  readOnlyRootFilesystem: true

# Self-monitoring metrics
selfMonitor:
  enabled: true

# Kubernetes API access
kubeconfig:
  enabled: false

# RBAC configuration
rbac:
  create: true
  useClusterRole: true

# Service account
serviceAccount:
  create: true
  name: ""
  annotations: {}
Fix redis ssl issues 3 2026-01-24 20:14:19 +01:00			`# Kube-State-Metrics Helm Values for Bakery IA`
			`# Chart: prometheus-community/kube-state-metrics`
			`# Documentation: https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-state-metrics`
			`#`
			`# Install Command:`
			`# helm install kube-state-metrics prometheus-community/kube-state-metrics \`
			`# -n bakery-ia -f kube-state-metrics-values.yaml`

			`# Image configuration`
			`image:`
			`registry: registry.k8s.io`
			`repository: kube-state-metrics/kube-state-metrics`
			`tag: "" # Uses chart default (latest stable)`
			`pullPolicy: IfNotPresent`

			`# Replicas - single instance is sufficient for most clusters`
			`replicas: 1`

			`# Resource limits optimized for MicroK8s VPS`
			`resources:`
			`requests:`
			`cpu: 10m`
			`memory: 32Mi`
			`limits:`
			`cpu: 100m`
			`memory: 128Mi`

			`# Service configuration`
			`service:`
			`type: ClusterIP`
			`port: 8080`
			`annotations: {}`

			`# Prometheus scrape annotations`
			`prometheusScrape: true`

			`# Which Kubernetes resources to collect metrics for`
			`# Full list available, but we focus on most useful ones`
			`collectors:`
			`- certificatesigningrequests`
			`- configmaps`
			`- cronjobs`
			`- daemonsets`
			`- deployments`
			`- endpoints`
			`- horizontalpodautoscalers`
			`- ingresses`
			`- jobs`
			`- leases`
			`- limitranges`
			`- namespaces`
			`- networkpolicies`
			`- nodes`
			`- persistentvolumeclaims`
			`- persistentvolumes`
			`- poddisruptionbudgets`
			`- pods`
			`- replicasets`
			`- replicationcontrollers`
			`- resourcequotas`
			`- secrets`
			`- services`
			`- statefulsets`
			`- storageclasses`

			`# Namespace to watch (empty = all namespaces)`
			`namespaces: ""`

			`# Node selector for scheduling`
			`nodeSelector: {}`

			`# Tolerations`
			`tolerations: []`

			`# Affinity rules`
			`affinity: {}`

			`# Pod security context`
			`podSecurityContext:`
			`runAsNonRoot: true`
			`runAsUser: 65534`
			`fsGroup: 65534`

			`# Container security context`
			`securityContext:`
			`allowPrivilegeEscalation: false`
			`capabilities:`
			`drop:`
			`- ALL`
			`readOnlyRootFilesystem: true`

			`# Self-monitoring metrics`
			`selfMonitor:`
			`enabled: true`

			`# Kubernetes API access`
			`kubeconfig:`
			`enabled: false`

			`# RBAC configuration`
			`rbac:`
			`create: true`
			`useClusterRole: true`

			`# Service account`
			`serviceAccount:`
			`create: true`
			`name: ""`
			`annotations: {}`