Thanks @naseemkullah !

Regarding the alerting_rules.yaml and recording_rules.yaml parts, have you considered loading them through separate ConfigMaps? Instead of loading them through the main linkerd-prometheus-config CM, we could allow users to define as many separate CMs as they want, and Linkerd would mount them under /etc/prometheus for Prometheus to load them.
So instead of declaring in values.yaml the content of those extra configs, we would just declare the list of extra CMs to load, e.g. in a prometheusExtraConfigs array. And then we'd modify prometheus.yaml so that it mounts them all. That might imply mounting them in subpaths and modifying the rule_files directive so it crawls down those subpaths.

I think decoupling these configs from the main Linkerd values.yaml might be more flexible. LMKWYT.

Thanks for the feedback @alpeb and @zaharidichev, I'll go with that approach then.

Just pushed a change, but I have not had a chance to test it yet.

Just removed the leftover values and fixed indentations @alpeb , pardon the force-push!

Hey Naseem,

Thanks for taking this up! I've been trying to fix this problem in a more broader sense (and using the current add-on model), and have a rfc up for the same. It would be really awesome, to have your reviews/suggestions there as a end user/contributor.

I have the following question:

• Any particular reasoning for dividing configuration into separate configmaps other than to have the state stored during upgrades? In my RFC, as we already have linkerd-values for storing add-on configuration details I was planning to use the same and not separate them into configmaps. WDYT?

Also, The RFC model ain't much different from this PR, especially that we get better separation of configuration there i.e prometheus.*, and it's also trying to address the Bringing your own prometheus use-case. If the rfc isn't missing something that you want, should we directly work on that?

Hey Naseem,

Thanks for taking this up! I've been trying to fix this problem in a more broader sense (and using the current add-on model), and have a rfc up for the same. It would be really awesome, to have your reviews/suggestions there as a end user/contributor.

I have the following question:

• Any particular reasoning for dividing configuration into separate configmaps other than to have the state stored during upgrades? In my RFC, as we already have linkerd-values for storing add-on configuration details I was planning to use the same and not separate them into configmaps. WDYT?

Hi @Pothulapati, thanks for bringing up these questions.

The original PR had a prometheusRules value but @alpeb and @zaharidichev advised the configmap approach as per their comments #4220 (comment) and #4220 (review), either of these approaches would work to allow a user to define alerting and recording rules, the latter just requiring that the configmaps pre exist.

Also, The RFC model ain't much different from this PR, especially that we get better separation of configuration there i.e prometheus.*,

The flat values (e.g. prometheusSomeValue) was already in place and so the pattern was followed, I'm not sure what is meant by better separation of configuration though?

and it's also trying to address the Bringing your own prometheus use-case. If the rfc isn't missing something that you want, should we directly work on that?

Seeing that this PR was opened quite a while ago, effort was put in to it and most importantly it is ready to be merged. The RFC can fill in any gaps/continue to extract prometheus into an add-on if that is ok?

cc @alpeb Can we please merge this if it is good to go? Thanks!

Any particular reasoning for dividing configuration into separate configmaps other than to have the state stored during upgrades? In my RFC, as we already have linkerd-values for storing add-on configuration details I was planning to use the same and not separate them into configmaps.

@Pothulapati Just for decoupling those configs from the rest, in generic configmaps instead of somehing linkerd-specific like linkerd-values which also deals with the other add-on configs.

@naseemkullah I was waiting for the pkg/charts/linkerd2/values.go change to be addressed before approving this PR (mentioned in my last comment).

Having Prometheus become an add-on, its config items will change to become something similar to what we have for tracing in values.yaml. If we merge the changes from this PR, things will have to change again when the RFC changes get merged. So I propose we do merge this PR, but not announce the changes, and then the RFC should pick on these changes when the config migrates to be an add-on. Sounds good to you @Pothulapati ?

instead of somehing linkerd-specific like linkerd-values which also deals with the other add-on configs.

Yep, that makes sense. Also, okay with merging this as the rfc implementation to get merged could take some time!

@naseemkullah I was waiting for the pkg/charts/linkerd2/values.go change to be addressed before approving this PR (mentioned in my last comment).

Oh right, I'll have that in shortly! Thanks.

expected := &Values{

Thanks @alpeb , how did you reset the values for expected := &Values{ ?

Changes applied, hoping tests will pass now.

Worth noting: After applying the patch go test ./cli/cmd/... --update had to be run twice to succeed 🤔 ... failed on first try but succeeded on second 🤷‍♂️

😭
Still failing.

--- FAIL: TestNewValues (0.02s)
    --- FAIL: TestNewValues/HA (0.01s)
        values_test.go:241: Mismatch Helm HA defaults.
            Expected: &{Stage: ControllerImage:gcr.io/linkerd-io/controller ControllerImageVersion:linkerd-dev WebImage:gcr.io/linkerd-io/web PrometheusImage:prom/prometheus:v2.15.2 GrafanaImage:gcr.io/linkerd-io/grafana ControllerReplicas:3 ControllerLogLevel:info PrometheusLogLevel:info PrometheusExtraArgs:map[] PrometheusAlertmanagers:[] PrometheusRuleConfigMapMounts:[] ControllerUID:2103 EnableH2Upgrade:true EnablePodAntiAffinity:true WebhookFailurePolicy:Fail OmitWebhookSideEffects:false RestrictDashboardPrivileges:false DisableHeartBeat:false HeartbeatSchedule:0 0 * * * InstallNamespace:true Configs:{Global: Proxy: Install:} Global:0xc0000eed00 Identity:0xc000010890 Dashboard:0xc0004c8d40 DebugContainer:0xc0000108a0 ProxyInjector:0xc0000108b0 ProfileValidator:0xc0000108c0 Tap:0xc0000108d0 NodeSelector:map[beta.kubernetes.io/os:linux] SMIMetrics:0xc00000f720 DestinationResources:0xc00003d2c0 GrafanaResources:0xc00003d340 HeartbeatResources:0xc00003d2c0 IdentityResources:0xc00003d380 PrometheusResources:0xc00003d3c0 ProxyInjectorResources:0xc00003d2c0 PublicAPIResources:0xc00003d2c0 SPValidatorResources:0xc00003d2c0 TapResources:0xc00003d2c0 WebResources:0xc00003d2c0 Tracing:map[]}
            Actual: &{Stage: ControllerImage:gcr.io/linkerd-io/controller ControllerImageVersion:linkerd-dev WebImage:gcr.io/linkerd-io/web PrometheusImage:prom/prometheus:v2.15.2 GrafanaImage:gcr.io/linkerd-io/grafana ControllerReplicas:3 ControllerLogLevel:info PrometheusLogLevel:info PrometheusExtraArgs:map[] PrometheusAlertmanagers:[] PrometheusRuleConfigMapMounts:[] ControllerUID:2103 EnableH2Upgrade:true EnablePodAntiAffinity:true WebhookFailurePolicy:Fail OmitWebhookSideEffects:false RestrictDashboardPrivileges:false DisableHeartBeat:false HeartbeatSchedule:0 0 * * * InstallNamespace:true Configs:{Global: Proxy: Install:} Global:0xc0000ef300 Identity:0xc000010910 Dashboard:0xc0004c9750 DebugContainer:0xc000010920 ProxyInjector:0xc000010980 ProfileValidator:0xc000010970 Tap:0xc000010990 NodeSelector:map[beta.kubernetes.io/os:linux] SMIMetrics:0xc0001641c0 DestinationResources:0xc00003d000 GrafanaResources:0xc00003d080 HeartbeatResources:0xc00003d140 IdentityResources:0xc00003ce80 PrometheusResources:0xc00003cec0 ProxyInjectorResources:0xc00003cf40 PublicAPIResources:0xc00003d040 SPValidatorResources:0xc00003cf80 TapResources:0xc00003d1c0 WebResources:0xc00003d200 Tracing:map[]}
FAIL

@naseemkullah my fault; the mergo workaround should have gone inside t.Run("HA", func(t *testing.T) { , right after calling NewValues(true)

{{- toYaml .Values.prometheusAlertmanagers | trim | nindent 8 }}

Hi @alpeb thank for your guidance thus far.

The current rendering of

prometheusAlertmanagers:
  - scheme: http
    static_configs:
    - targets:
      - "alertmanager.linkerd.svc:9093"
  - scheme: https
    static_configs:
    - targets:
      - alertmanager.mycomain.com

is

  prometheus.yml: |-
    alerting:
      alertmanagers:
        - scheme: http
          static_configs:
          - targets:
            - alertmanager.linkerd.svc:9093
        - scheme: https
          static_configs:
          - targets:
            - alertmanager.mycomain.com

which seems fine, in what case does it render funny?

It renders fine locally, e.g. using helm template, but when actually installing with helm install if you ask for it through kubectl -n linkerd get cm linkerd-prometheus-config -oyaml you'll see there are issues.

Thanks @Pothulapati, my absolute pleasure!

Hey @naseemkullah , please fill out this form if you'd like to receive some well-earned Linkerd swag! 😉

Hey @naseemkullah , please fill out this form if you'd like to receive some well-earned Linkerd swag! 😉

Thanks @alpeb!