apiVersion: charts.kubecost.com/v1alpha1 kind: CostAnalyzer metadata: annotations: operator-sdk/primary-resource: /kubecost-cost-analyzer operator-sdk/primary-resource-type: ClusterRoleBinding.rbac.authorization.k8s.io name: kubecost-cost-analyzer namespace: openshift-operators finalizers: - helm.sdk.operatorframework.io/uninstall-release spec: pricingCsv: enabled: false location: URI: 's3://kc-csv-test/pricing_schema.csv' csvAccessCredentials: pricing-schema-access-secret provider: AWS region: us-east-1 networkPolicy: costAnalyzer: additionalLabels: {} annotations: {} enabled: false denyEgress: true enabled: false sameNamespace: true initChownDataImage: busybox nodeSelector: {} global: grafana: domainName: cost-analyzer-grafana.default.svc enabled: true proxy: true scheme: http amp: enabled: false prometheusServerEndpoint: 'https://localhost:8085//' remoteWriteService: >- https://aps-workspaces.us-west-2.amazonaws.com/workspaces//api/v1/remote_write sigv4: region: us-west-2 thanos: enabled: false additionalLabels: {} notifications: alertmanager: enabled: false fqdn: 'http://cost-analyzer-prometheus-server.default.svc' prometheus: enabled: true fqdn: 'http://cost-analyzer-prometheus-server.default.svc' assetReports: enabled: false reports: - accumulate: false aggregateBy: type filters: - property: cluster value: cluster-one title: Example Asset Report 0 window: today savedReports: enabled: false reports: - accumulate: false aggregateBy: namespace filters: - property: cluster value: 'cluster-one,cluster*' - property: namespace value: kubecost idle: separate title: Example Saved Report 0 window: today - accumulate: false aggregateBy: controllerKind filters: - property: label value: 'app:cost*,environment:kube*' - property: namespace value: kubecost idle: share title: Example Saved Report 1 window: month - accumulate: true aggregateBy: service filters: [] idle: hide title: Example Saved Report 2 window: '2020-11-11T00:00:00Z,2020-12-09T23:59:59Z' podAnnotations: {} awsstore: createServiceAccount: false useAwsStore: false grafana: plugins: [] nodeSelector: {} global: grafana: domainName: cost-analyzer-grafana.default.svc enabled: true proxy: true scheme: http amp: enabled: false prometheusServerEndpoint: 'https://localhost:8085//' remoteWriteService: >- https://aps-workspaces.us-west-2.amazonaws.com/workspaces//api/v1/remote_write sigv4: region: us-west-2 thanos: enabled: false additionalLabels: {} notifications: alertmanager: enabled: false fqdn: 'http://cost-analyzer-prometheus-server.default.svc' prometheus: enabled: true fqdn: 'http://cost-analyzer-prometheus-server.default.svc' assetReports: enabled: false reports: - accumulate: false aggregateBy: type filters: - property: cluster value: cluster-one title: Example Asset Report 0 window: today savedReports: enabled: false reports: - accumulate: false aggregateBy: namespace filters: - property: cluster value: 'cluster-one,cluster*' - property: namespace value: kubecost idle: separate title: Example Saved Report 0 window: today - accumulate: false aggregateBy: controllerKind filters: - property: label value: 'app:cost*,environment:kube*' - property: namespace value: kubecost idle: share title: Example Saved Report 1 window: month - accumulate: true aggregateBy: service filters: [] idle: hide title: Example Saved Report 2 window: '2020-11-11T00:00:00Z,2020-12-09T23:59:59Z' podAnnotations: {} resources: {} readinessProbe: httpGet: path: /api/health port: 3000 ldap: config: '' existingSecret: '' envFromSecret: '' affinity: {} adminPassword: strongpassword livenessProbe: failureThreshold: 10 httpGet: path: /api/health port: 3000 initialDelaySeconds: 60 timeoutSeconds: 30 env: {} dashboardProviders: {} datasources: datasources.yaml: apiVersion: 1 datasources: - access: proxy isDefault: false name: prometheus-kubecost type: prometheus url: 'http://kubecost-prometheus-server.kubecost.svc.cluster.local' securityContext: fsGroup: 472 runAsUser: 472 rbac: create: true pspEnabled: true pspUseAppArmor: true downloadDashboardsImage: pullPolicy: IfNotPresent repository: curlimages/curl tag: latest ingress: annotations: {} enabled: false hosts: - chart-example.local labels: {} path: / tls: [] service: annotations: {} labels: {} port: 80 type: ClusterIP smtp: existingSecret: '' deploymentStrategy: RollingUpdate serviceAccount: create: true name: null dashboardsConfigMaps: {} grafana.ini: analytics: check_for_updates: true auth.anonymous: enabled: true org_name: Main Org. org_role: Editor grafana_net: url: 'https://grafana.net' log: mode: console paths: data: /var/lib/grafana/data logs: /var/log/grafana plugins: /var/lib/grafana/plugins provisioning: /etc/grafana/provisioning server: root_url: '%(protocol)s://%(domain)s:%(http_port)s/grafana' extraSecretMounts: [] adminUser: admin image: pullPolicy: IfNotPresent repository: grafana/grafana tag: 9.0.2 replicas: 1 tolerations: [] sidecar: dashboards: annotations: {} enabled: true error_throttle_sleep: 0 folder: /tmp/dashboards label: grafana_dashboard datasources: enabled: false error_throttle_sleep: 0 label: grafana_datasource image: 'kiwigrid/k8s-sidecar:1.19.2' imagePullPolicy: IfNotPresent resources: null dashboards: {} persistence: enabled: false priority: enabled: false name: '' extraVolumeMounts: [] serviceMonitor: additionalLabels: {} enabled: false prometheusRule: additionalLabels: {} enabled: false affinity: {} extraVolumes: [] kubecostMetrics: exporter: nodeSelector: {} port: 9005 enabled: false serviceMonitor: additionalLabels: {} enabled: false resources: {} additionalLabels: {} affinity: {} extraArgs: [] service: annotations: {} tolerations: [] prometheusScrape: true priorityClassName: [] prometheus: networkPolicy: enabled: false imagePullSecrets: null server: emptyDir: sizeLimit: '' nodeSelector: {} enabled: true alertmanagers: [] global: evaluation_interval: 1m external_labels: cluster_id: cluster-one scrape_interval: 1m scrape_timeout: 10s extraConfigmapMounts: [] podLabels: {} extraVolumeMounts: [] resources: {} readinessProbeInitialDelay: 30 readinessProbeFailureThreshold: 3 configPath: /etc/config/prometheus.yml affinity: {} extraVolumes: [] terminationGracePeriodSeconds: 300 name: server livenessProbeInitialDelay: 30 env: [] extraArgs: query.max-concurrency: 1 query.max-samples: 100000000 verticalAutoscaler: enabled: false livenessProbeFailureThreshold: 3 readinessProbeSuccessThreshold: 1 securityContext: {} sidecarContainers: null configMapOverrideName: '' persistentVolume: accessModes: - ReadWriteOnce annotations: {} enabled: true existingClaim: '' mountPath: /data size: 32Gi subPath: '' extraInitContainers: [] strategy: rollingUpdate: null type: Recreate livenessProbeTimeout: 30 livenessProbeSuccessThreshold: 1 ingress: annotations: {} enabled: false extraLabels: {} extraPaths: [] hosts: [] pathType: Prefix tls: [] service: externalIPs: [] clusterIP: '' statefulsetReplica: enabled: false replica: 0 loadBalancerIP: '' annotations: {} loadBalancerSourceRanges: [] servicePort: 80 type: ClusterIP sessionAffinity: None gRPC: enabled: false servicePort: 10901 labels: {} statefulSet: annotations: {} enabled: false headless: annotations: {} labels: {} servicePort: 80 labels: {} podManagementPolicy: OrderedReady extraFlags: - web.enable-lifecycle podSecurityPolicy: annotations: {} replicaCount: 1 extraHostPathMounts: [] remoteWrite: {} extraSecretMounts: [] image: pullPolicy: IfNotPresent repository: quay.io/prometheus/prometheus tag: v2.35.0 readinessProbeTimeout: 30 remoteRead: {} tolerations: [] podDisruptionBudget: enabled: false maxUnavailable: 1 prefixURL: '' baseURL: '' retention: 15d priorityClassName: '' podAnnotations: {} nodeExporter: nodeSelector: {} enabled: true hostPID: true extraConfigmapMounts: [] resources: {} pod: labels: {} hostNetwork: true name: node-exporter extraArgs: {} securityContext: {} service: externalIPs: [] clusterIP: None loadBalancerIP: '' annotations: prometheus.io/scrape: 'true' hostPort: 9100 loadBalancerSourceRanges: [] servicePort: 9100 type: ClusterIP labels: {} podSecurityPolicy: annotations: {} extraHostPathMounts: [] image: pullPolicy: IfNotPresent repository: prom/node-exporter tag: v1.3.0 tolerations: [] updateStrategy: type: RollingUpdate podDisruptionBudget: enabled: false maxUnavailable: 1 priorityClassName: '' podAnnotations: {} global: grafana: domainName: cost-analyzer-grafana.default.svc enabled: true proxy: true scheme: http amp: enabled: false prometheusServerEndpoint: 'https://localhost:8085//' remoteWriteService: >- https://aps-workspaces.us-west-2.amazonaws.com/workspaces//api/v1/remote_write sigv4: region: us-west-2 thanos: enabled: false additionalLabels: {} notifications: alertmanager: enabled: false fqdn: 'http://cost-analyzer-prometheus-server.default.svc' prometheus: enabled: true fqdn: 'http://cost-analyzer-prometheus-server.default.svc' assetReports: enabled: false reports: - accumulate: false aggregateBy: type filters: - property: cluster value: cluster-one title: Example Asset Report 0 window: today savedReports: enabled: false reports: - accumulate: false aggregateBy: namespace filters: - property: cluster value: 'cluster-one,cluster*' - property: namespace value: kubecost idle: separate title: Example Saved Report 0 window: today - accumulate: false aggregateBy: controllerKind filters: - property: label value: 'app:cost*,environment:kube*' - property: namespace value: kubecost idle: share title: Example Saved Report 1 window: month - accumulate: true aggregateBy: service filters: [] idle: hide title: Example Saved Report 2 window: '2020-11-11T00:00:00Z,2020-12-09T23:59:59Z' podAnnotations: {} alertmanagerFiles: alertmanager.yml: global: {} receivers: - name: default-receiver route: group_interval: 5m group_wait: 10s receiver: default-receiver repeat_interval: 3h kube-state-metrics: nodeSelector: {} enabled: true global: grafana: domainName: cost-analyzer-grafana.default.svc enabled: true proxy: true scheme: http amp: enabled: false prometheusServerEndpoint: 'https://localhost:8085//' remoteWriteService: >- https://aps-workspaces.us-west-2.amazonaws.com/workspaces//api/v1/remote_write sigv4: region: us-west-2 thanos: enabled: false additionalLabels: {} notifications: alertmanager: enabled: false fqdn: 'http://cost-analyzer-prometheus-server.default.svc' prometheus: enabled: true fqdn: 'http://cost-analyzer-prometheus-server.default.svc' assetReports: enabled: false reports: - accumulate: false aggregateBy: type filters: - property: cluster value: cluster-one title: Example Asset Report 0 window: today savedReports: enabled: false reports: - accumulate: false aggregateBy: namespace filters: - property: cluster value: 'cluster-one,cluster*' - property: namespace value: kubecost idle: separate title: Example Saved Report 0 window: today - accumulate: false aggregateBy: controllerKind filters: - property: label value: 'app:cost*,environment:kube*' - property: namespace value: kubecost idle: share title: Example Saved Report 1 window: month - accumulate: true aggregateBy: service filters: [] idle: hide title: Example Saved Report 2 window: '2020-11-11T00:00:00Z,2020-12-09T23:59:59Z' podAnnotations: {} collectors: validatingwebhookconfigurations: false persistentvolumes: true ingresses: true secrets: false cronjobs: true persistentvolumeclaims: true replicasets: true resourcequotas: true replicationcontrollers: true storageclasses: true verticalpodautoscalers: false deployments: true pods: true mutatingwebhookconfigurations: false limitranges: true nodes: true certificatesigningrequests: true daemonsets: true volumeattachments: false jobs: true poddisruptionbudgets: true namespaces: true configmaps: true horizontalpodautoscalers: true statefulsets: true services: true endpoints: true networkpolicies: false hostNetwork: false namespaceOverride: '' affinity: {} prometheus: monitor: additionalLabels: {} enabled: false honorLabels: false namespace: '' securityContext: enabled: true fsGroup: 65534 runAsUser: 65534 customLabels: {} rbac: create: true autosharding: enabled: false service: annotations: {} loadBalancerIP: '' nodePort: 0 port: 8080 type: ClusterIP podSecurityPolicy: annotations: {} enabled: false serviceAccount: create: true imagePullSecrets: [] image: pullPolicy: IfNotPresent repository: k8s.gcr.io/kube-state-metrics/kube-state-metrics tag: v1.9.8 replicas: 1 disabled: false tolerations: [] prometheusScrape: true podAnnotations: {} pushgateway: nodeSelector: {} enabled: false resources: {} name: pushgateway extraArgs: {} securityContext: {} persistentVolume: accessModes: - ReadWriteOnce annotations: {} enabled: true existingClaim: '' mountPath: /data size: 2Gi subPath: '' ingress: annotations: {} enabled: false extraPaths: [] hosts: [] tls: [] service: externalIPs: [] clusterIP: '' loadBalancerIP: '' annotations: prometheus.io/probe: pushgateway loadBalancerSourceRanges: [] strategy: rollingUpdate: null type: Recreate servicePort: 9091 type: ClusterIP labels: {} podSecurityPolicy: annotations: {} replicaCount: 1 image: pullPolicy: IfNotPresent repository: prom/pushgateway tag: v1.4.2 tolerations: [] podDisruptionBudget: enabled: false maxUnavailable: 1 priorityClassName: '' podAnnotations: {} alertRelabelConfigs: null extraScrapeConfigs: | - job_name: kubecost honor_labels: true scrape_interval: 1m scrape_timeout: 60s metrics_path: /metrics scheme: http dns_sd_configs: - names: - {{ template "cost-analyzer.serviceName" . }} type: 'A' port: 9003 - job_name: kubecost-networking kubernetes_sd_configs: - role: pod relabel_configs: # Scrape only the the targets matching the following metadata - source_labels: [__meta_kubernetes_pod_label_app] action: keep regex: {{ template "cost-analyzer.networkCostsName" . }} alertmanager: nodeSelector: {} enabled: false podLabels: {} resources: {} affinity: {} configFileName: alertmanager.yml name: alertmanager extraArgs: {} securityContext: {} configMapOverrideName: '' persistentVolume: accessModes: - ReadWriteOnce annotations: {} enabled: true existingClaim: '' mountPath: /data size: 2Gi subPath: '' strategy: rollingUpdate: null type: Recreate ingress: annotations: {} enabled: false extraLabels: {} extraPaths: [] hosts: [] tls: [] service: externalIPs: [] clusterIP: '' loadBalancerIP: '' annotations: {} loadBalancerSourceRanges: [] servicePort: 80 type: ClusterIP sessionAffinity: None labels: {} statefulSet: enabled: false headless: annotations: {} labels: {} servicePort: 80 podManagementPolicy: OrderedReady podSecurityPolicy: annotations: {} replicaCount: 1 extraSecretMounts: [] image: pullPolicy: IfNotPresent repository: quay.io/prometheus/alertmanager tag: v0.23.0 tolerations: [] configFromSecret: '' podDisruptionBudget: enabled: false maxUnavailable: 1 prefixURL: '' extraEnv: {} baseURL: 'http://localhost:9093' priorityClassName: '' podAnnotations: {} rbac: create: true configmapReload: alertmanager: enabled: true extraArgs: {} extraConfigmapMounts: [] extraVolumeDirs: [] image: pullPolicy: IfNotPresent repository: jimmidyson/configmap-reload tag: v0.7.1 name: configmap-reload resources: {} prometheus: enabled: true extraArgs: {} extraConfigmapMounts: [] extraVolumeDirs: [] image: pullPolicy: IfNotPresent repository: jimmidyson/configmap-reload tag: v0.7.1 name: configmap-reload resources: {} serverFiles: alerting_rules.yml: {} alerts: {} prometheus.yml: rule_files: - /etc/config/recording_rules.yml - /etc/config/alerting_rules.yml - /etc/config/rules - /etc/config/alerts scrape_configs: - job_name: prometheus static_configs: - targets: - 'localhost:9090' - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token job_name: kubernetes-nodes-cadvisor kubernetes_sd_configs: - role: node metric_relabel_configs: - action: keep regex: >- (container_cpu_usage_seconds_total|container_memory_working_set_bytes|container_network_receive_errors_total|container_network_transmit_errors_total|container_network_receive_packets_dropped_total|container_network_transmit_packets_dropped_total|container_memory_usage_bytes|container_cpu_cfs_throttled_periods_total|container_cpu_cfs_periods_total|container_fs_usage_bytes|container_fs_limit_bytes|container_cpu_cfs_periods_total|container_fs_inodes_free|container_fs_inodes_total|container_fs_usage_bytes|container_fs_limit_bytes|container_cpu_cfs_throttled_periods_total|container_cpu_cfs_periods_total|container_network_receive_bytes_total|container_network_transmit_bytes_total|container_fs_inodes_free|container_fs_inodes_total|container_fs_usage_bytes|container_fs_limit_bytes|container_spec_cpu_shares|container_spec_memory_limit_bytes|container_network_receive_bytes_total|container_network_transmit_bytes_total|container_fs_reads_bytes_total|container_network_receive_bytes_total|container_fs_writes_bytes_total|container_fs_reads_bytes_total|cadvisor_version_info|kubecost_pv_info) source_labels: - __name__ - action: replace regex: (.+) source_labels: - container target_label: container_name - action: replace regex: (.+) source_labels: - pod target_label: pod_name relabel_configs: - action: labelmap regex: __meta_kubernetes_node_label_(.+) - replacement: 'kubernetes.default.svc:443' target_label: __address__ - regex: (.+) replacement: /api/v1/nodes/$1/proxy/metrics/cadvisor source_labels: - __meta_kubernetes_node_name target_label: __metrics_path__ scheme: https tls_config: ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt insecure_skip_verify: true - job_name: kubernetes-service-endpoints kubernetes_sd_configs: - role: endpoints metric_relabel_configs: - action: keep regex: >- (container_cpu_allocation|container_cpu_usage_seconds_total|container_fs_limit_bytes|container_fs_writes_bytes_total|container_gpu_allocation|container_memory_allocation_bytes|container_memory_usage_bytes|container_memory_working_set_bytes|container_network_receive_bytes_total|container_network_transmit_bytes_total|DCGM_FI_DEV_GPU_UTIL|deployment_match_labels|kube_daemonset_status_desired_number_scheduled|kube_daemonset_status_number_ready|kube_deployment_spec_replicas|kube_deployment_status_replicas|kube_deployment_status_replicas_available|kube_job_status_failed|kube_namespace_annotations|kube_namespace_labels|kube_node_info|kube_node_labels|kube_node_status_allocatable|kube_node_status_allocatable_cpu_cores|kube_node_status_allocatable_memory_bytes|kube_node_status_capacity|kube_node_status_capacity_cpu_cores|kube_node_status_capacity_memory_bytes|kube_node_status_condition|kube_persistentvolume_capacity_bytes|kube_persistentvolume_status_phase|kube_persistentvolumeclaim_info|kube_persistentvolumeclaim_resource_requests_storage_bytes|kube_pod_container_info|kube_pod_container_resource_limits|kube_pod_container_resource_limits_cpu_cores|kube_pod_container_resource_limits_memory_bytes|kube_pod_container_resource_requests|kube_pod_container_resource_requests_cpu_cores|kube_pod_container_resource_requests_memory_bytes|kube_pod_container_status_restarts_total|kube_pod_container_status_running|kube_pod_container_status_terminated_reason|kube_pod_labels|kube_pod_owner|kube_pod_status_phase|kube_replicaset_owner|kube_statefulset_replicas|kube_statefulset_status_replicas|kubecost_cluster_info|kubecost_cluster_management_cost|kubecost_cluster_memory_working_set_bytes|kubecost_load_balancer_cost|kubecost_network_internet_egress_cost|kubecost_network_region_egress_cost|kubecost_network_zone_egress_cost|kubecost_node_is_spot|kubecost_pod_network_egress_bytes_total|node_cpu_hourly_cost|node_cpu_seconds_total|node_disk_reads_completed|node_disk_reads_completed_total|node_disk_writes_completed|node_disk_writes_completed_total|node_filesystem_device_error|node_gpu_count|node_gpu_hourly_cost|node_memory_Buffers_bytes|node_memory_Cached_bytes|node_memory_MemAvailable_bytes|node_memory_MemFree_bytes|node_memory_MemTotal_bytes|node_network_transmit_bytes_total|node_ram_hourly_cost|node_total_hourly_cost|pod_pvc_allocation|pv_hourly_cost|service_selector_labels|statefulSet_match_labels|kubecost_pv_info|up) source_labels: - __name__ relabel_configs: - action: keep regex: true source_labels: - __meta_kubernetes_service_annotation_prometheus_io_scrape - action: replace regex: (https?) source_labels: - __meta_kubernetes_service_annotation_prometheus_io_scheme target_label: __scheme__ - action: replace regex: (.+) source_labels: - __meta_kubernetes_service_annotation_prometheus_io_path target_label: __metrics_path__ - action: replace regex: '([^:]+)(?::\d+)?;(\d+)' replacement: '$1:$2' source_labels: - __address__ - __meta_kubernetes_service_annotation_prometheus_io_port target_label: __address__ - action: labelmap regex: __meta_kubernetes_service_label_(.+) - action: replace source_labels: - __meta_kubernetes_namespace target_label: kubernetes_namespace - action: replace source_labels: - __meta_kubernetes_service_name target_label: kubernetes_name - action: replace source_labels: - __meta_kubernetes_pod_node_name target_label: kubernetes_node - job_name: kubernetes-service-endpoints-slow kubernetes_sd_configs: - role: endpoints relabel_configs: - action: keep regex: true source_labels: - >- __meta_kubernetes_service_annotation_prometheus_io_scrape_slow - action: replace regex: (https?) source_labels: - __meta_kubernetes_service_annotation_prometheus_io_scheme target_label: __scheme__ - action: replace regex: (.+) source_labels: - __meta_kubernetes_service_annotation_prometheus_io_path target_label: __metrics_path__ - action: replace regex: '([^:]+)(?::\d+)?;(\d+)' replacement: '$1:$2' source_labels: - __address__ - __meta_kubernetes_service_annotation_prometheus_io_port target_label: __address__ - action: labelmap regex: __meta_kubernetes_service_label_(.+) - action: replace source_labels: - __meta_kubernetes_namespace target_label: kubernetes_namespace - action: replace source_labels: - __meta_kubernetes_service_name target_label: kubernetes_name - action: replace source_labels: - __meta_kubernetes_pod_node_name target_label: kubernetes_node scrape_interval: 5m scrape_timeout: 30s - honor_labels: true job_name: prometheus-pushgateway kubernetes_sd_configs: - role: service relabel_configs: - action: keep regex: pushgateway source_labels: - __meta_kubernetes_service_annotation_prometheus_io_probe - job_name: kubernetes-services kubernetes_sd_configs: - role: service metrics_path: /probe params: module: - http_2xx relabel_configs: - action: keep regex: true source_labels: - __meta_kubernetes_service_annotation_prometheus_io_probe - source_labels: - __address__ target_label: __param_target - replacement: blackbox target_label: __address__ - source_labels: - __param_target target_label: instance - action: labelmap regex: __meta_kubernetes_service_label_(.+) - source_labels: - __meta_kubernetes_namespace target_label: kubernetes_namespace - source_labels: - __meta_kubernetes_service_name target_label: kubernetes_name recording_rules.yml: {} rules: groups: - name: CPU rules: - expr: >- sum(rate(container_cpu_usage_seconds_total{container_name!=""}[5m])) record: 'cluster:cpu_usage:rate5m' - expr: >- rate(container_cpu_usage_seconds_total{container_name!=""}[5m]) record: 'cluster:cpu_usage_nosum:rate5m' - expr: >- avg(irate(container_cpu_usage_seconds_total{container_name!="POD", container_name!=""}[5m])) by (container_name,pod_name,namespace) record: kubecost_container_cpu_usage_irate - expr: >- sum(container_memory_working_set_bytes{container_name!="POD",container_name!=""}) by (container_name,pod_name,namespace) record: kubecost_container_memory_working_set_bytes - expr: >- sum(container_memory_working_set_bytes{container_name!="POD",container_name!=""}) record: kubecost_cluster_memory_working_set_bytes - name: Savings rules: - expr: >- sum(avg(kube_pod_owner{owner_kind!="DaemonSet"}) by (pod) * sum(container_cpu_allocation) by (pod)) labels: daemonset: 'false' record: kubecost_savings_cpu_allocation - expr: >- sum(avg(kube_pod_owner{owner_kind="DaemonSet"}) by (pod) * sum(container_cpu_allocation) by (pod)) / sum(kube_node_info) labels: daemonset: 'true' record: kubecost_savings_cpu_allocation - expr: >- sum(avg(kube_pod_owner{owner_kind!="DaemonSet"}) by (pod) * sum(container_memory_allocation_bytes) by (pod)) labels: daemonset: 'false' record: kubecost_savings_memory_allocation_bytes - expr: >- sum(avg(kube_pod_owner{owner_kind="DaemonSet"}) by (pod) * sum(container_memory_allocation_bytes) by (pod)) / sum(kube_node_info) labels: daemonset: 'true' record: kubecost_savings_memory_allocation_bytes podSecurityPolicy: enabled: false serviceAccounts: alertmanager: create: true name: null nodeExporter: create: true name: null pushgateway: create: true name: null server: create: true name: null kubeStateMetrics: enabled: true kubecostFrontend: image: gcr.io/kubecost1/frontend imagePullPolicy: Always ipv6: enabled: true resources: requests: cpu: 10m memory: 55Mi supportNFS: false saml: appRootURL: 'http://localhost:9090' authTimeout: 1440 enabled: false idpMetadataURL: >- https://dev-elu2z98r.auth0.com/samlp/metadata/c6nY4M37rBP0qSO1IYIqBPPyIPxLS8v2 rbac: enabled: false groups: - assertionName: 'http://schemas.auth0.com/userType' assertionValues: - admin - superusers enabled: false name: admin - assertionName: 'http://schemas.auth0.com/userType' assertionvalues: - readonly enabled: false name: readonly - assertionName: 'http://schemas.auth0.com/userType' assertionValues: - editor enabled: true name: editor redirectURL: 'https://dev-elu2z98r.auth0.com/v2/logout' secretName: kubecost-authzero reporting: errorReporting: true logCollection: true productAnalytics: true valuesReporting: true kubecostModel: etlReadOnlyMode: false resources: requests: cpu: 200m memory: 55Mi etlHourlyStoreDurationHours: 49 extraArgs: [] warmSavingsCache: true maxQueryConcurrency: 5 etlDailyStoreDurationDays: 91 imagePullPolicy: Always outOfClusterPromMetricsEnabled: false etlFileStoreEnabled: true image: gcr.io/kubecost1/cost-model etl: true warmCache: false persistentVolume: dbSize: 32.0Gi enabled: true size: 32Gi ingress: annotations: null enabled: false hosts: - cost-analyzer.local pathType: ImplementationSpecific paths: - / tls: [] service: annotations: {} labels: {} port: 9090 targetPort: 9090 type: ClusterIP clusterController: enabled: false image: 'gcr.io/kubecost1/cluster-controller:v0.1.0' imagePullPolicy: Always podSecurityPolicy: enabled: true networkCosts: nodeSelector: {} port: 3001 enabled: false trafficLogging: true config: destinations: cross-region: [] direct-classification: [] in-region: [] in-zone: - 127.0.0.1 - 169.254.0.0/16 - 10.0.0.0/8 - 172.16.0.0/12 - 192.168.0.0/16 services: amazon-web-services: false azure-cloud-services: false google-cloud-services: false annotations: {} resources: {} additionalLabels: {} affinity: {} extraArgs: [] imagePullPolicy: Always service: annotations: {} podMonitor: additionalLabels: {} enabled: false podSecurityPolicy: enabled: false image: 'gcr.io/kubecost1/kubecost-network-costs:v16.0' tolerations: [] updateStrategy: type: RollingUpdate prometheusScrape: false priorityClassName: [] serviceAccount: annotations: {} create: true remoteWrite: postgres: auth: password: admin enabled: false initImage: gcr.io/kubecost1/sql-init initImagePullPolicy: Always installLocal: true persistentVolume: size: 200Gi remotePostgresAddress: '' oidc: authURL: 'https://my.auth.server/authorize' clientID: '' clientSecret: '' discoveryURL: 'https://my.auth.server/.well-known/openid-configuration' enabled: false loginRedirectURL: 'http://my.kubecost.url/model/oidc/authorize' secretName: kubecost-oidc-secret initChownData: resources: {} tolerations: [] openshiftDeployment: true sigV4Proxy: extraEnv: null host: aps-workspaces.us-west-2.amazonaws.com image: 'public.ecr.aws/aws-observability/aws-sigv4-proxy:latest' imagePullPolicy: Always name: aps port: 8005 region: us-west-2 systemProxy: enabled: false httpProxyUrl: '' httpsProxyUrl: '' noProxy: '' kubecostToken: null kubecostDeployment: leaderFollower: enabled: false replicas: 1