From 885feeb26525d4d2b3a91d93c4df6250aa416e16 Mon Sep 17 00:00:00 2001
From: Luis Schweigard <luis.schweigard@maibornwolff.de>
Date: Sun, 23 Apr 2023 18:18:50 +0200
Subject: [PATCH 1/2] Fixing namespace naming for fluxcd

---
 clusters/dev/flux-system/base.yaml            |  13 +
 clusters/dev/flux-system/gitrepository.yaml   |  11 +
 clusters/dev/helmrepository.yaml              |  73 ++++
 clusters/dev/infrastructure.yaml              |  13 +
 clusters/dev/ingress.yaml                     |  21 +
 clusters/dev/istio.yaml                       |  82 ++++
 clusters/dev/jaeger.yaml                      |  13 +
 clusters/dev/logging-elastic.yaml             | 392 ++++++++++++++++++
 clusters/dev/logging-loki.yaml                |  83 ++++
 clusters/dev/monitoring.yaml                  | 245 +++++++++++
 clusters/dev/tempo.yaml                       |  31 ++
 local/README.md                               |   8 +-
 local/kubernetes/00_setup_k3d.sh              |  17 -
 local/kubernetes/00_setup_kind.sh             |  20 +
 local/kubernetes/11_deploy_dima.sh            |   6 +-
 local/kubernetes/20_deploy_istio.sh           |  21 -
 local/kubernetes/21_deploy_monitoring.sh      |  20 -
 local/kubernetes/22a_deploy_logging_loki.sh   |  15 -
 .../kubernetes/22b_deploy_logging_elastic.sh  |  31 --
 local/kubernetes/23_deploy_tracing.sh         |  12 -
 local/kubernetes/30_deploy_ingress.sh         |  18 -
 local/kubernetes/99_teardown.sh               |   6 +-
 .../{infrastructure => }/namespaces.yaml      |   9 +-
 local/kubernetes/tools/istio/istiod.yaml      |  20 -
 local/kubernetes/tools/istio/kiali.yaml       |  36 --
 .../kubernetes/tools/istio/kustomization.yaml |   2 +
 .../kubernetes/tools/logging/apm-server.yaml  |   8 -
 local/kubernetes/tools/logging/curator.yaml   |  47 ---
 .../tools/logging/elasticsearch.yaml          |  30 --
 local/kubernetes/tools/logging/fluentd.yaml   | 239 -----------
 .../tools/logging/kibana-index/TODO.md        |   1 +
 local/kubernetes/tools/logging/kibana.yaml    |  15 -
 local/kubernetes/tools/logging/loki.yaml      |  34 --
 .../prometheus-elasticsearch-exporter.yaml    |   8 -
 local/kubernetes/tools/logging/promtail.yaml  |  22 -
 .../kubernetes/tools/monitoring/grafana.yaml  | 176 --------
 .../tools/monitoring/prometheus.yaml          |  23 -
 local/kubernetes/tools/tracing/tempo.yaml     |  13 -
 .../kubernetes/application/values_local.yaml  |   2 +
 39 files changed, 1017 insertions(+), 819 deletions(-)
 create mode 100644 clusters/dev/flux-system/base.yaml
 create mode 100644 clusters/dev/flux-system/gitrepository.yaml
 create mode 100644 clusters/dev/helmrepository.yaml
 create mode 100644 clusters/dev/infrastructure.yaml
 create mode 100644 clusters/dev/ingress.yaml
 create mode 100644 clusters/dev/istio.yaml
 create mode 100644 clusters/dev/jaeger.yaml
 create mode 100644 clusters/dev/logging-elastic.yaml
 create mode 100644 clusters/dev/logging-loki.yaml
 create mode 100644 clusters/dev/monitoring.yaml
 create mode 100644 clusters/dev/tempo.yaml
 delete mode 100755 local/kubernetes/00_setup_k3d.sh
 create mode 100755 local/kubernetes/00_setup_kind.sh
 delete mode 100755 local/kubernetes/20_deploy_istio.sh
 delete mode 100755 local/kubernetes/21_deploy_monitoring.sh
 delete mode 100755 local/kubernetes/22a_deploy_logging_loki.sh
 delete mode 100755 local/kubernetes/22b_deploy_logging_elastic.sh
 delete mode 100755 local/kubernetes/23_deploy_tracing.sh
 delete mode 100755 local/kubernetes/30_deploy_ingress.sh
 rename local/kubernetes/{infrastructure => }/namespaces.yaml (79%)
 delete mode 100644 local/kubernetes/tools/istio/istiod.yaml
 delete mode 100644 local/kubernetes/tools/istio/kiali.yaml
 create mode 100644 local/kubernetes/tools/istio/kustomization.yaml
 delete mode 100644 local/kubernetes/tools/logging/apm-server.yaml
 delete mode 100644 local/kubernetes/tools/logging/curator.yaml
 delete mode 100644 local/kubernetes/tools/logging/elasticsearch.yaml
 delete mode 100644 local/kubernetes/tools/logging/fluentd.yaml
 create mode 100644 local/kubernetes/tools/logging/kibana-index/TODO.md
 delete mode 100644 local/kubernetes/tools/logging/kibana.yaml
 delete mode 100644 local/kubernetes/tools/logging/loki.yaml
 delete mode 100644 local/kubernetes/tools/logging/prometheus-elasticsearch-exporter.yaml
 delete mode 100644 local/kubernetes/tools/logging/promtail.yaml
 delete mode 100644 local/kubernetes/tools/monitoring/grafana.yaml
 delete mode 100644 local/kubernetes/tools/monitoring/prometheus.yaml
 delete mode 100644 local/kubernetes/tools/tracing/tempo.yaml
 rename local/application/values.yaml => stack/kubernetes/application/values_local.yaml (97%)

diff --git a/clusters/dev/flux-system/base.yaml b/clusters/dev/flux-system/base.yaml
new file mode 100644
index 00000000..311ff606
--- /dev/null
+++ b/clusters/dev/flux-system/base.yaml
@@ -0,0 +1,13 @@
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: dev-cluster
+  namespace: default
+spec:
+  interval: 1m0s
+  path: ./clusters/dev
+  prune: true
+  sourceRef:
+    kind: GitRepository
+    name: observability
+    namespace: default
\ No newline at end of file
diff --git a/clusters/dev/flux-system/gitrepository.yaml b/clusters/dev/flux-system/gitrepository.yaml
new file mode 100644
index 00000000..c80a9648
--- /dev/null
+++ b/clusters/dev/flux-system/gitrepository.yaml
@@ -0,0 +1,11 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1
+kind: GitRepository
+metadata:
+  name: observability
+  namespace: default
+spec:
+  url: https://github.com/lieberlois/observability-workshop.git
+  ref:
+    branch: flux
+  interval: 1m0s
\ No newline at end of file
diff --git a/clusters/dev/helmrepository.yaml b/clusters/dev/helmrepository.yaml
new file mode 100644
index 00000000..566f8259
--- /dev/null
+++ b/clusters/dev/helmrepository.yaml
@@ -0,0 +1,73 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: HelmRepository
+metadata:
+  name: grafana
+  namespace: default
+spec:
+  interval: 5m
+  url: https://grafana.github.io/helm-charts
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: HelmRepository
+metadata:
+  name: ingress-nginx
+  namespace: default
+spec:
+  interval: 5m
+  url: https://kubernetes.github.io/ingress-nginx
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: HelmRepository
+metadata:
+  name: istio
+  namespace: default
+spec:
+  interval: 5m
+  url: https://istio-release.storage.googleapis.com/charts
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: HelmRepository
+metadata:
+  name: kiali
+  namespace: default
+spec:
+  interval: 5m
+  url: https://kiali.org/helm-charts
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: HelmRepository
+metadata:
+  name: elastic
+  namespace: default
+spec:
+  interval: 5m
+  url: https://helm.elastic.co
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: HelmRepository
+metadata:
+  name: fluent
+  namespace: default
+spec:
+  interval: 5m
+  url: https://fluent.github.io/helm-charts
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: HelmRepository
+metadata:
+  name: lebenitza
+  namespace: default
+spec:
+  interval: 5m
+  url: https://lebenitza.github.io/charts
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: HelmRepository
+metadata:
+  name: prometheus-community
+  namespace: default
+spec:
+  interval: 5m
+  url: https://prometheus-community.github.io/helm-charts
+---
\ No newline at end of file
diff --git a/clusters/dev/infrastructure.yaml b/clusters/dev/infrastructure.yaml
new file mode 100644
index 00000000..1088eb80
--- /dev/null
+++ b/clusters/dev/infrastructure.yaml
@@ -0,0 +1,13 @@
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: infrastructure
+  namespace: default
+spec:
+  interval: 1m0s
+  path: ./local/kubernetes/infrastructure
+  prune: true
+  sourceRef:
+    kind: GitRepository
+    name: observability
+    namespace: default
diff --git a/clusters/dev/ingress.yaml b/clusters/dev/ingress.yaml
new file mode 100644
index 00000000..7e04e3c0
--- /dev/null
+++ b/clusters/dev/ingress.yaml
@@ -0,0 +1,21 @@
+---
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: nginx-ingress
+  namespace: ingress
+spec:
+  interval: 5m
+  chart:
+    spec:
+      chart: ingress-nginx
+      sourceRef:
+        kind: HelmRepository
+        name: ingress-nginx
+        namespace: default
+      interval: 5m
+  values:
+    controller:
+      replicaCount: 1
+      admissionWebhooks:
+        enabled: false
\ No newline at end of file
diff --git a/clusters/dev/istio.yaml b/clusters/dev/istio.yaml
new file mode 100644
index 00000000..a75b84e6
--- /dev/null
+++ b/clusters/dev/istio.yaml
@@ -0,0 +1,82 @@
+---
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: istio-base
+  namespace: istio-system
+spec:
+  interval: 5m
+  chart:
+    spec:
+      chart: base
+      sourceRef:
+        kind: HelmRepository
+        name: istio
+        namespace: default
+      interval: 5m
+---
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: istiod
+  namespace: istio-system
+spec:
+  dependsOn:
+    - name: istio-base
+  interval: 5m
+  chart:
+    spec:
+      chart: istiod
+      sourceRef:
+        kind: HelmRepository
+        name: istio
+        namespace: default
+      interval: 5m
+  values:
+    meshConfig:
+      defaultConfig:
+        tracing:
+          sampling: 100.0
+      defaultProviders:
+        tracing:
+        - zipkin
+      enableTracing: true
+      extensionProviders:
+        - name: "tempo"
+          zipkin:
+            service: "tempo-distributor.monitoring.svc.cluster.local"
+            port: 9411
+            maxTagLength: 56
+        - name: "zipkin"
+          zipkin:
+            service: "zipkin.istio-system.svc.cluster.local"
+            port: 9411
+            maxTagLength: 56
+---
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: kiali-server
+  namespace: istio-system
+spec:
+  interval: 5m
+  chart:
+    spec:
+      chart: kiali-server
+      sourceRef:
+        kind: HelmRepository
+        name: kiali
+        namespace: default
+      interval: 5m
+  values:
+    auth:
+      strategy: anonymous
+    server:
+      web_fqdn: localhost
+    external_services:
+        prometheus:
+          url: "http://prometheus-server.monitoring/"
+        grafana:
+          enabled: true
+          in_cluster_url: "http://grafana.monitoring/"
+          url: "http://localhost:8080/grafana"
\ No newline at end of file
diff --git a/clusters/dev/jaeger.yaml b/clusters/dev/jaeger.yaml
new file mode 100644
index 00000000..f494ccd2
--- /dev/null
+++ b/clusters/dev/jaeger.yaml
@@ -0,0 +1,13 @@
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: jaeger
+  namespace: istio-system
+spec:
+  interval: 1m0s
+  path: ./local/kubernetes/tools/istio
+  prune: true
+  sourceRef:
+    kind: GitRepository
+    name: observability
+    namespace: default
diff --git a/clusters/dev/logging-elastic.yaml b/clusters/dev/logging-elastic.yaml
new file mode 100644
index 00000000..b1007cb1
--- /dev/null
+++ b/clusters/dev/logging-elastic.yaml
@@ -0,0 +1,392 @@
+---
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: elasticsearch
+  namespace: logging
+spec:
+  interval: 5m
+  chart:
+    spec:
+      chart: elasticsearch
+      version: 7.17.3
+      sourceRef:
+        kind: HelmRepository
+        name: elastic
+        namespace: default
+      interval: 5m
+  values:
+    replicas: 1
+    resources:
+      requests:
+        cpu: "250m"
+        memory: "1000Mi"
+      limits:
+        cpu: "500m"
+        memory: "1500Mi"
+    secret:
+      enabled: true
+      password: "changeme"
+    clusterHealthCheckParams: "wait_for_status=yellow&timeout=1s"
+    volumeClaimTemplate:
+      resources:
+        requests:
+          storage: 10Gi
+    lifecycle:
+      postStart:
+        exec:
+          command:
+            - bash
+            - -c
+            - |
+              #!/bin/bash
+              RETENTION=2d
+              echo "applying index lifecycle management with retention period of $RETENTION days to"
+              ES_URL=http://localhost:9200
+              while [[ "$(curl -s -o /dev/null -w '%{http_code}\n' $ES_URL)" != "200" ]]; do sleep 1; done
+              curl -XPUT "$ES_URL/_ilm/policy/logs_policy" -H 'Content-Type: application/json' -d'{"policy":{"phases":{"delete":{"min_age":"$RETENTION","actions":{"delete":{}}}}}}'
+---
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: prometheus-elasticsearch-exporter
+  namespace: logging
+spec:
+  interval: 5m
+  chart:
+    spec:
+      chart: prometheus-elasticsearch-exporter
+      sourceRef:
+        kind: HelmRepository
+        name: prometheus-community
+        namespace: default
+      interval: 5m
+  values:
+    es:
+      uri: http://elasticsearch-master:9200
+    service:
+      annotations:
+        prometheus.io/scrape: "true"
+        prometheus.io/path: /metrics
+        prometheus.io/port: "9108"
+---
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: elasticsearch-curator
+  namespace: logging
+spec:
+  interval: 5m
+  chart:
+    spec:
+      chart: elasticsearch-curator
+      sourceRef:
+        kind: HelmRepository
+        name: lebenitza
+        namespace: default
+      interval: 5m
+---
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: fluentd
+  namespace: logging
+spec:
+  dependsOn:
+    - name: elasticsearch
+  interval: 5m
+  chart:
+    spec:
+      chart: fluentd
+      sourceRef:
+        kind: HelmRepository
+        name: fluent
+        namespace: default
+      interval: 5m
+  values:
+    podSecurityPolicy:
+      enabled: false
+    plugins:
+      - fluent-plugin-elasticsearch-5.2.5
+      - fluent-plugin-prometheus
+      - fluent-plugin-rewrite-tag-filter
+    fileConfigs:
+      01_sources.conf: |-
+        ## logs from podman
+        <source>
+          @type tail
+          @id in_tail_container_logs
+          @label @KUBERNETES
+          path /var/log/containers/*.log
+          pos_file /var/log/fluentd-containers.log.pos
+          tag kubernetes.*
+          read_from_head true
+          skip_refresh_on_startup true
+          <parse>
+            @type multi_format
+            <pattern>
+              format json
+              time_key time
+              time_type string
+              time_format "%Y-%m-%dT%H:%M:%S.%NZ"
+              keep_time_key false
+            </pattern>
+            <pattern>
+              format regexp
+              expression /^(?<time>.+) (?<stream>stdout|stderr)( (.))? (?<log>.*)$/
+              time_format '%Y-%m-%dT%H:%M:%S.%NZ'
+              keep_time_key false
+            </pattern>
+          </parse>
+          emit_unmatched_lines true
+        </source>
+      02_filters.conf: |-
+        <label @KUBERNETES>
+          <match kubernetes.var.log.containers.fluentd**>
+            @type relabel
+            @label @FLUENT_LOG
+          </match>
+          # <match kubernetes.var.log.containers.**_kube-system_**>
+          #   @type null
+          #   @id ignore_kube_system_logs
+          # </match>
+          <filter kubernetes.**>
+            @type kubernetes_metadata
+            @id filter_kube_metadata
+            skip_labels false
+            skip_container_metadata false
+            skip_namespace_metadata true
+            skip_master_url true
+          </filter>
+
+          # copy log field to message field
+          <filter kubernetes.**>
+            @type record_transformer
+            <record>
+              message ${record["log"]}
+            </record>
+          </filter>
+
+          # write part of container name to service field
+          <filter kubernetes.**>
+            @type parser
+            format /(?<service>[^_]+)/
+            key_name $.kubernetes.container_name
+            reserve_data true
+          </filter>
+
+          # ------------------------- split container logs ------------------------- #
+
+          # rewrite tags based on service name
+          # needs to happen within one match block as non matching results will be discarded
+          # resulting in tags: domain.<service>, mongodb, frontend, trafficgen
+          <match kubernetes.**>
+            @type rewrite_tag_filter
+            <rule>
+              key service
+              pattern ^(.*dima-image.+)$
+              tag domain.$1
+            </rule>
+            <rule>
+              key service
+              pattern ^(.*dima-mongodb.*)$
+              tag mongodb
+            </rule>
+            <rule>
+              key service
+              pattern ^(.*dima-frontend.*)$
+              tag frontend
+            </rule>
+            <rule>
+              key service
+              pattern ^(.*dima-trafficgen.*)$
+              tag trafficgen
+            </rule>
+          </match>
+
+          # ------------------------- handle domain service logs ------------------------- #
+
+          # parse log field as json
+          <filter domain.* trafficgen>
+            @type parser
+            format json
+            key_name log
+            reserve_data true
+          </filter>
+
+          # remove tag field & log field (it is either in message now or parsed)
+          <filter domain.* trafficgen>
+            @type record_transformer
+            remove_keys log,tag
+          </filter>
+
+          # ------------------------- split domain services' events ------------------------- #
+
+          # reroute image* services' events to domain.<service>.event
+          # field logger_name is set to event in case of event, others are set to the class
+          <match domain.*>
+            @type rewrite_tag_filter
+            <rule>
+              key logger_name
+              pattern ^(.+)$
+              tag ${tag}.$1
+            </rule>
+          </match>
+
+          <match **>
+            @type relabel
+            @label @DISPATCH
+          </match>
+        </label>
+      03_dispatch.conf: |-
+        <label @DISPATCH>
+          <filter **>
+            @type prometheus
+            <metric>
+              name fluentd_input_status_num_records_total
+              type counter
+              desc The total number of incoming records
+              <labels>
+                tag ${tag}
+                hostname ${hostname}
+              </labels>
+            </metric>
+          </filter>
+          <match **>
+            @type relabel
+            @label @OUTPUT
+          </match>
+        </label>
+      04_outputs.conf: |-
+        <label @OUTPUT>
+          # ------------------------- outputs ------------------------- #
+
+          # send all logs from fluentd itself to their own index "fluent"
+          <match fluent.**>
+            @type                 elasticsearch
+            host                  elasticsearch-master
+            port                  9200
+            user                  elastic
+            password              changeme
+            logstash_format       true
+            logstash_prefix       fluent
+            logstash_dateformat   %Y.%m.%d
+            include_tag_key       true
+            type_name             log
+            tag_key               @tag
+            <buffer>
+              flush_interval      1s
+              flush_thread_count  2
+            </buffer>
+          </match>
+
+          # send all domain events to their own index "events"
+          <match domain.*.event>
+            @type                 elasticsearch
+            host                  elasticsearch-master
+            port                  9200
+            user                  elastic
+            password              changeme
+            logstash_format       true
+            logstash_prefix       events
+            logstash_dateformat   %Y.%m.%d
+            include_tag_key       true
+            type_name             event
+            tag_key               @tag
+            <buffer>
+              flush_interval      1s
+              flush_thread_count  2
+            </buffer>
+          </match>
+
+          <match domain.*.** mongodb frontend trafficgen>
+            @type copy
+            # send all remaining logs from the domain services, mongodb, trafficgen and frontend to "logs"
+            <store>
+              @type                 elasticsearch
+              host                  elasticsearch-master
+              port                  9200
+              user                  elastic
+              password              changeme
+              logstash_format       true
+              logstash_prefix       logs
+              logstash_dateformat   %Y.%m.%d
+              include_tag_key       true
+              type_name             log
+              tag_key               @tag
+              <buffer>
+                flush_interval      1s
+                flush_thread_count  2
+              </buffer>
+            </store>
+          </match>
+
+          # catch all for any potential unmatched logs
+          <match **.**>
+            @type                 elasticsearch
+            host                  elasticsearch-master
+            port                  9200
+            user                  elastic
+            password              changeme
+            logstash_format       true
+            logstash_prefix       unmatched
+            logstash_dateformat   %Y.%m.%d
+            include_tag_key       true
+            type_name             log
+            tag_key               @tag
+            <buffer>
+              flush_interval      1s
+              flush_thread_count  2
+            </buffer>
+          </match>
+
+        </label>
+---
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: kibana
+  namespace: logging
+spec:
+  interval: 5m
+  chart:
+    spec:
+      chart: kibana
+      version: 7.17.3
+      sourceRef:
+        kind: HelmRepository
+        name: elastic
+        namespace: default
+      interval: 5m
+  values:
+    kibanaConfig:
+      kibana.yml: |
+        elasticsearch.username: elastic
+        elasticsearch.password: changeme
+        server.publicBaseUrl: http://localhost:8080/kibana
+        server.basePath: /kibana
+
+    resources:
+      requests:
+        cpu: "100m"
+        memory: "1Gi"
+      limits:
+        cpu: "250m"
+        memory: "1Gi"
+---
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: apm-server
+  namespace: logging
+spec:
+  interval: 5m
+  chart:
+    spec:
+      chart: apm-server
+      version: 7.17.3
+      sourceRef:
+        kind: HelmRepository
+        name: elastic
+        namespace: default
+      interval: 5m
\ No newline at end of file
diff --git a/clusters/dev/logging-loki.yaml b/clusters/dev/logging-loki.yaml
new file mode 100644
index 00000000..10dd7f21
--- /dev/null
+++ b/clusters/dev/logging-loki.yaml
@@ -0,0 +1,83 @@
+---
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: loki
+  namespace: logging
+spec:
+  interval: 5m
+  chart:
+    spec:
+      chart: loki
+      sourceRef:
+        kind: HelmRepository
+        name: grafana
+        namespace: default
+      interval: 5m
+  values:
+    enterprise:
+      enabled: false
+    minio:
+      enabled: false
+    loki:
+      auth_enabled: false
+      commonConfig:
+        path_prefix: /var/loki
+        replication_factor: 1
+      podAnnotations:
+        prometheus.io/scrape: "true"
+    read:
+      replicas: 1
+    write:
+      replicas: 1
+    gateway:
+      replicas: 1
+    backend:
+      replicas: 1
+    test:
+      enabled: false
+    monitoring:
+      dashboards:
+        namespace: monitoring
+        labels:
+          grafana_dashboard: ""
+        annotations:
+          grafana_folder: "loki"
+---
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: promtail
+  namespace: logging
+spec:
+  interval: 5m
+  chart:
+    spec:
+      chart: promtail
+      sourceRef:
+        kind: HelmRepository
+        name: grafana
+        namespace: default
+      interval: 5m
+  values:
+    config:
+      clients:
+        - url: http://loki-gateway.logging.svc.cluster.local/loki/api/v1/push
+      snippets:
+        pipelineStages:
+          - cri: {}
+          - json:
+              expressions:
+                time: '"@timestamp"'
+                message: message
+                level: level
+                trace_id: traceId
+                span_id: spanId
+          - labels:
+              level: level
+              trace_id: trace_id
+          - timestamp:
+              format: RFC3339
+              source: "time"
+          - output:
+              source: message
\ No newline at end of file
diff --git a/clusters/dev/monitoring.yaml b/clusters/dev/monitoring.yaml
new file mode 100644
index 00000000..74d359b0
--- /dev/null
+++ b/clusters/dev/monitoring.yaml
@@ -0,0 +1,245 @@
+---
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: prometheus
+  namespace: monitoring
+spec:
+  interval: 5m
+  chart:
+    spec:
+      chart: prometheus
+      sourceRef:
+        kind: HelmRepository
+        name: prometheus-community
+        namespace: default
+      interval: 5m
+  values:
+    server:
+      prefixURL: /prometheus
+      extraArgs:
+        web.external-url: "http://localhost:8080/prometheus/"
+        # web.route-prefix: "/"
+    alertmanager:
+      enabled: false
+    kube-state-metrics:
+      enabled: true
+      image:
+        # use compatible version, see https://github.com/kubernetes/kube-state-metrics#compatibility-matrix
+        tag: v2.6.0
+      selfMonitor:
+        enabled: true
+        telemetryPort: 8081
+      podAnnotations:
+        prometheus.io/scrape: "true"
+        prometheus.io/port: "8081"
+    prometheus-node-exporter:
+      enabled: true
+    prometheus-pushgateway:
+      enabled: false
+---
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: grafana
+  namespace: monitoring
+spec:
+  interval: 5m
+  chart:
+    spec:
+      chart: grafana
+      sourceRef:
+        kind: HelmRepository
+        name: grafana
+        namespace: default
+      interval: 5m
+  values:
+    adminUser: grafana
+    adminPassword: changeme
+    dashboards:
+      infra:
+        kubernetes:
+          gnetId: 13332
+          revision: 12
+          datasource: Prometheus
+        springboot:
+          gnetId: 17175
+          revision: 1
+          datasource:
+          - name: DS_PROMETHEUS
+            value: Prometheus
+          - name: DS_LOKI
+            value: loki
+      tools:
+        prometheus-stats:
+          gnetId: 3662
+          revision: 2
+          datasource: Prometheus
+        ingress-nginx:
+          gnetId: 9614
+          revision: 1
+          datasource: Prometheus
+        elasticsearch:
+          gnetId: 13071
+          revision: 1
+          datasource: Prometheus
+        jaeger:
+          gnetId: 12535
+          revision: 1
+          datasource: Prometheus
+      istio:
+        istio-performance-dashboard:
+          gnetId: 11829
+          revision: 158
+          datasource: Prometheus
+        istio-pilot-dashboard:
+          gnetId: 12154
+          revision: 158
+          datasource: Prometheus
+        istio-workload-dashboard:
+          gnetId: 7630
+          revision: 158
+          datasource: Prometheus
+        istio-service-dashboard:
+          gnetId: 7636
+          revision: 158
+          datasource: Prometheus
+        istio-mesh-dashboard:
+          gnetId: 7639
+          revision: 158
+          datasource: Prometheus
+        istio-controlplane-dashboard:
+          gnetId: 7645
+          revision: 158
+          datasource: Prometheus
+    dashboardProviders:
+      dashboardproviders.yaml:
+        apiVersion: 1
+        providers:
+        - disableDeletion: true
+          folder: infra
+          name: infra
+          editable: false
+          options:
+            path: /var/lib/grafana/dashboards/infra
+          orgId: 1
+          type: file
+        - disableDeletion: true
+          folder: tools
+          name: tools
+          editable: false
+          options:
+            path: /var/lib/grafana/dashboards/tools
+          orgId: 1
+          type: file
+        - disableDeletion: false
+          folder: istio
+          name: istio
+          options:
+            path: /var/lib/grafana/dashboards/istio
+          orgId: 1
+          type: file
+    datasources:
+    datasources.yaml:
+        apiVersion: 1
+        datasources:
+        - access: proxy
+          editable: true
+          isDefault: true
+          jsonData:
+            timeInterval: 5s
+          name: Prometheus
+          orgId: 1
+          type: prometheus
+          url: http://prometheus-server:80
+        - access: 'proxy'
+          editable: true
+          isDefault: false
+          name: 'Loki'
+          orgId: 1
+          type: 'loki'
+          url: 'http://loki-gateway.logging.svc.cluster.local'
+        - name: 'Elasticsearch'
+          type: 'elasticsearch'
+          access: 'proxy'
+          orgId: 1
+          url: 'http://elasticsearch-master.logging:9200'
+          isDefault: false
+          editable: true
+          basicAuth: true
+          basicAuthUser: elastic
+          secureJsonData:
+            basicAuthPassword: changeme
+          database: "[logs-]YYYY.MM.DD"
+          jsonData:
+            interval: Daily
+            timeField: "@timestamp"
+            esVersion: "7.10+"
+            logMessageField: message
+            logLevelField: level
+        - name: 'Tempo'
+          access: 'proxy'
+          editable: true
+          isDefault: false
+          orgId: 1
+          type: 'tempo'
+          url: 'http://tempo-gateway.monitoring.svc.cluster.local'
+    deploymentStrategy:
+      type: Recreate
+    grafana.ini:
+      analytics:
+        check_for_updates: true
+      grafana_net:
+        url: https://grafana.net
+      log:
+        mode: console
+        console:
+          format: json
+      paths:
+        data: /var/lib/grafana/
+        logs: /var/log/grafana
+        plugins: /var/lib/grafana/plugins
+        provisioning: /etc/grafana/provisioning
+      server:
+        serve_from_sub_path: true
+        root_url: http://localhost:8080/grafana/
+    plugins:
+      - "raintank-worldping-app"
+      - "jdbranham-diagram-panel"
+    resources:
+    limits:
+      cpu: 100m
+      memory: 128Mi
+    requests:
+      cpu: 80m
+      memory: 128Mi
+    persistence:
+      enabled: "true"
+      size: 5Gi
+    sidecar:
+      dashboards:
+        enabled: "true"
+        folderAnnotation: "grafana_folder"
+        searchNamespace: "monitoring"
+        provider:
+          foldersFromFilesStructure: true
+    service:
+      labels:
+        sidecar.istio.io/inject: "false"
+      annotations:
+        prometheus.io/scrape: "true"
+        prometheus.io/path: /metrics
+---
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: grafana-dashboards
+  namespace: monitoring
+spec:
+  interval: 1m0s
+  path: ./stack/kubernetes/tools/monitoring/dashboards
+  prune: true
+  sourceRef:
+    kind: GitRepository
+    name: observability
+    namespace: default
diff --git a/clusters/dev/tempo.yaml b/clusters/dev/tempo.yaml
new file mode 100644
index 00000000..230bf521
--- /dev/null
+++ b/clusters/dev/tempo.yaml
@@ -0,0 +1,31 @@
+---
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: tempo
+  namespace: monitoring
+spec:
+  interval: 5m
+  chart:
+    spec:
+      chart: tempo-distributed
+      sourceRef:
+        kind: HelmRepository
+        name: grafana
+        namespace: default
+      interval: 5m
+  values:
+    ingester:
+      replicas: 1
+    distributor:
+      replicas: 1
+    minio:
+      enabled: false
+    storage:
+      trace:
+        backend: local
+    traces:
+      zipkin:
+        enabled: true
+    gateway:
+      enabled: true
\ No newline at end of file
diff --git a/local/README.md b/local/README.md
index 3076aa82..97f18bae 100644
--- a/local/README.md
+++ b/local/README.md
@@ -8,10 +8,12 @@ The deployment scripts and configuration mimick the remote ones from [../stack/k
 
 ## Preqrequisites
 
-To startup the local setup, you need the tool [k3d](https://k3d.io/) by Rancher, which deploys a lightweight k3s cluster in your local setup using docker containers.
+To startup the local setup, you need the tool [kind](https://kind.sigs.k8s.io/), which deploys a lightweight kubernetes cluster in your local setup using docker containers. Also you will need the [Flux CLI](https://fluxcd.io/flux/cmd/) installed on your machine.
 
 ## Setup
 
-First, startup your k3d cluster using the script [00_setup_k3d.sh](./kubernetes/00_setup_k3d.sh). Once the setup is complete, you can deploy the application services using the scripts [10_build_dima.sh](./kubernetes/10_build_dima.sh) and [11_deploy_dima.sh](./kubernetes/11_deploy_dima.sh). Depending on which infrastructure components you want to deploy, run the rest of the bash scripts.
+First, startup your kind cluster using the script [00_setup_kind.sh](./kubernetes/00_setup_kind.sh). Flux will automatically deploy the infrastructure.
 
-Make sure to also run [30_deploy_ingress.sh](./kubernetes/30_deploy_ingress.sh) which deploys the ingress controller and exposes your application at http://localhost:8080.
\ No newline at end of file
+Once the setup is complete, you can deploy the application services using the scripts [10_build_dima.sh](./kubernetes/10_build_dima.sh) and [11_deploy_dima.sh](./kubernetes/11_deploy_dima.sh).
+
+To access the system, you need to port-forward the ingress controller service to your host machine using the command `kubectl port-forward -n ingress svc/nginx-ingress-ingress-nginx-controller 8080:80`.
\ No newline at end of file
diff --git a/local/kubernetes/00_setup_k3d.sh b/local/kubernetes/00_setup_k3d.sh
deleted file mode 100755
index 4fb42e6b..00000000
--- a/local/kubernetes/00_setup_k3d.sh
+++ /dev/null
@@ -1,17 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-
-CLUSTER_NAME=o11y-stack
-
-echo "Setting up k3d cluster '$CLUSTER_NAME'"
-
-if k3d cluster list | grep $CLUSTER_NAME > /dev/null; then
-    echo "Cluster already exists, skipping ..."
-else
-    k3d cluster create $CLUSTER_NAME \
-        -p "8080:80@loadbalancer" \
-        --k3s-arg "--disable=traefik@server:0" \
-        --agents 0
-fi
-
-kubectl apply -f infrastructure/namespaces.yaml
diff --git a/local/kubernetes/00_setup_kind.sh b/local/kubernetes/00_setup_kind.sh
new file mode 100755
index 00000000..59e11085
--- /dev/null
+++ b/local/kubernetes/00_setup_kind.sh
@@ -0,0 +1,20 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+echo "=== Setting up kubernetes cluster"
+echo "--- create cluster using kind"
+
+if kind get clusters | grep kind > /dev/null; then
+  echo "Cluster already exists, skipping ..."
+else
+  kind create cluster
+fi
+
+echo "--- create namespaces"
+kubectl apply -f namespaces.yaml
+
+echo "--- install flux"
+flux install
+
+echo "--- deploy flux configurations"
+kubectl apply -f ../../clusters/dev/flux-system
diff --git a/local/kubernetes/11_deploy_dima.sh b/local/kubernetes/11_deploy_dima.sh
index f38f48ff..05f2e695 100755
--- a/local/kubernetes/11_deploy_dima.sh
+++ b/local/kubernetes/11_deploy_dima.sh
@@ -4,20 +4,18 @@ set -euo pipefail
 REGISTRY=local
 NAMESPACE=dima
 IMAGE_TAG="$(git rev-parse --short HEAD)-snapshot"
-CLUSTER_NAME=o11y-stack
 
 echo "=== Deploy application stack with image tag ${IMAGE_TAG} in namespace ${NAMESPACE}"
 
 echo "--- import images into k3d"
 for app in frontend imageorchestrator imageholder imagerotator imagegrayscale imageresize imageflip imagethumbnail trafficgen; do
-    k3d image import -c "$CLUSTER_NAME" "$REGISTRY/dima-$app:$IMAGE_TAG"
+    kind load docker-image "$REGISTRY/dima-$app:$IMAGE_TAG"
 done
 
 echo "--- create dima namespace"
 kubectl get namespace "$NAMESPACE" || kubectl create namespace "$NAMESPACE"
 
 echo "--- deploy dima"
-helm upgrade --install -f ../application/values.yaml -n "$NAMESPACE" \
+helm upgrade --install -f ../../stack/kubernetes/application/values_local.yaml -n "$NAMESPACE" \
     --set global.image.tag="$IMAGE_TAG" \
-    --set global.tls.enabled=false \
     dima ../../stack/kubernetes/application
\ No newline at end of file
diff --git a/local/kubernetes/20_deploy_istio.sh b/local/kubernetes/20_deploy_istio.sh
deleted file mode 100755
index f2f5113c..00000000
--- a/local/kubernetes/20_deploy_istio.sh
+++ /dev/null
@@ -1,21 +0,0 @@
-#!/usr/bin/env bash
-set -eu -o pipefail
-
-NAMESPACE=istio-system
-echo "=== Deploy service mesh (istio) stack in namespace ${NAMESPACE}"
-
-echo "--- install and update helm repos"
-helm repo add istio https://istio-release.storage.googleapis.com/charts
-helm repo add kiali https://kiali.org/helm-charts
-helm repo update
-
-echo "--- install istio"
-helm upgrade --install -n "$NAMESPACE" --create-namespace istio-base istio/base -n istio-system
-helm upgrade --install -f "tools/istio/istiod.yaml" -n "$NAMESPACE" istiod istio/istiod -n istio-system --wait
-
-# kiali
-echo "--- install kiali"
-helm upgrade --install -f "tools/istio/kiali.yaml" --namespace "$NAMESPACE" kiali-server kiali/kiali-server
-
-echo "--- install jaeger"
-kubectl apply -f https://raw.githubusercontent.com/istio/istio/release-1.17/samples/addons/jaeger.yaml
\ No newline at end of file
diff --git a/local/kubernetes/21_deploy_monitoring.sh b/local/kubernetes/21_deploy_monitoring.sh
deleted file mode 100755
index c8369773..00000000
--- a/local/kubernetes/21_deploy_monitoring.sh
+++ /dev/null
@@ -1,20 +0,0 @@
-#!/usr/bin/env bash
-set -eu -o pipefail
-
-NAMESPACE=monitoring
-
-echo "=== Deploy monitoring stack in namespace ${NAMESPACE}"
-
-echo "--- install and update helm repos"
-helm repo add grafana https://grafana.github.io/helm-charts
-helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
-helm repo update
-
-echo "--- install prometheus"
-helm upgrade --install -f "tools/monitoring/prometheus.yaml" -n "$NAMESPACE" --create-namespace prometheus prometheus-community/prometheus
-
-echo "--- install grafana"
-helm upgrade --install -f "tools/monitoring/grafana.yaml" -n "$NAMESPACE" --create-namespace grafana grafana/grafana
-
-echo "--- create grafana dashboards through configmaps"
-kubectl apply -f "../../stack/kubernetes/tools/monitoring/dashboards"
diff --git a/local/kubernetes/22a_deploy_logging_loki.sh b/local/kubernetes/22a_deploy_logging_loki.sh
deleted file mode 100755
index c8e37a65..00000000
--- a/local/kubernetes/22a_deploy_logging_loki.sh
+++ /dev/null
@@ -1,15 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-
-NAMESPACE=logging
-echo "=== Deploy logging components in namespace $NAMESPACE"
-
-echo "--- install and update helm repos"
-helm repo add grafana https://grafana.github.io/helm-charts
-helm repo update
-
-echo "--- deploy loki in namespace $NAMESPACE"
-helm upgrade --install -f tools/logging/loki.yaml -n "$NAMESPACE" --create-namespace loki grafana/loki
-
-echo "--- deploy promtail in namespace $NAMESPACE"
-helm upgrade --install -f tools/logging/promtail.yaml -n "$NAMESPACE" --create-namespace promtail grafana/promtail
\ No newline at end of file
diff --git a/local/kubernetes/22b_deploy_logging_elastic.sh b/local/kubernetes/22b_deploy_logging_elastic.sh
deleted file mode 100755
index 3f2b81e2..00000000
--- a/local/kubernetes/22b_deploy_logging_elastic.sh
+++ /dev/null
@@ -1,31 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-
-NAMESPACE=logging
-ELASTIC_VERSION="7.17.3"
-
-echo "=== Deploy logging stack in namespace ${NAMESPACE}"
-
-echo "--- install and update helm repos"
-helm repo add elastic https://helm.elastic.co
-helm repo add fluent https://fluent.github.io/helm-charts
-helm repo add lebenitza https://lebenitza.github.io/charts
-helm repo update
-
-echo "--- install elasticsearch"
-helm upgrade --install -n "$NAMESPACE" --create-namespace -f tools/logging/elasticsearch.yaml --version ${ELASTIC_VERSION} elasticsearch elastic/elasticsearch
-
-echo "--- apply prometheus-elasticsearch-exporter"
-helm upgrade --install -n "$NAMESPACE" -f tools/logging/prometheus-elasticsearch-exporter.yaml prometheus-elasticsearch-exporter prometheus-community/prometheus-elasticsearch-exporter
-
-echo "--- install curator"
-helm upgrade --install -n "$NAMESPACE" -f tools/logging/curator.yaml elasticsearch-curator lebenitza/elasticsearch-curator
-
-echo "--- install fluentd"
-helm upgrade --install -n "$NAMESPACE" -f tools/logging/fluentd.yaml fluentd fluent/fluentd
-
-echo "--- install kibana"
-helm upgrade --install -n "$NAMESPACE" -f tools/logging/kibana.yaml --version ${ELASTIC_VERSION} kibana elastic/kibana
-
-echo "--- install apm-server"
-helm upgrade --install -n "$NAMESPACE" --version ${ELASTIC_VERSION} apm-server elastic/apm-server
\ No newline at end of file
diff --git a/local/kubernetes/23_deploy_tracing.sh b/local/kubernetes/23_deploy_tracing.sh
deleted file mode 100755
index 30e5f4c2..00000000
--- a/local/kubernetes/23_deploy_tracing.sh
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-
-NAMESPACE=monitoring
-echo "=== Deploy tracing components in namespace $NAMESPACE"
-
-echo "--- install and update helm repos"
-helm repo add grafana https://grafana.github.io/helm-charts
-helm repo update
-
-echo "--- deploy tempo"
-helm upgrade --install -n "$NAMESPACE" -f tools/tracing/tempo.yaml --create-namespace tempo grafana/tempo-distributed
diff --git a/local/kubernetes/30_deploy_ingress.sh b/local/kubernetes/30_deploy_ingress.sh
deleted file mode 100755
index 9df88d73..00000000
--- a/local/kubernetes/30_deploy_ingress.sh
+++ /dev/null
@@ -1,18 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-
-NAMESPACE=ingress
-echo "=== Deploy ingress controller in namespace $NAMESPACE"
-
-echo "--- install and update helm repos"
-helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
-helm repo update
-
-echo "--- install nginx ingress"
-helm upgrade --install nginx-ingress ingress-nginx/ingress-nginx \
-    --namespace "$NAMESPACE" \
-    --set controller.replicaCount=1 \
-    --create-namespace \
-    --wait
-
-kubectl apply -f "infrastructure/service-ingress.yaml"
\ No newline at end of file
diff --git a/local/kubernetes/99_teardown.sh b/local/kubernetes/99_teardown.sh
index 4e3589af..04c2b4d0 100755
--- a/local/kubernetes/99_teardown.sh
+++ b/local/kubernetes/99_teardown.sh
@@ -1,8 +1,8 @@
 #!/bin/bash
 
-if k3d cluster ls | grep o11y-stack > /dev/null; then
-    echo Deleting k3d cluster ...
-    k3d cluster delete o11y-stack
+if kind get clusters | grep kind > /dev/null; then
+    echo Deleting kind cluster ...
+    kind delete cluster
 else
     echo Nothing to tear down, exiting ...
     exit 0
diff --git a/local/kubernetes/infrastructure/namespaces.yaml b/local/kubernetes/namespaces.yaml
similarity index 79%
rename from local/kubernetes/infrastructure/namespaces.yaml
rename to local/kubernetes/namespaces.yaml
index 7f722674..392506e4 100644
--- a/local/kubernetes/infrastructure/namespaces.yaml
+++ b/local/kubernetes/namespaces.yaml
@@ -2,22 +2,23 @@ apiVersion: v1
 kind: Namespace
 metadata:
   name: logging
-  namespace: ""
 ---
 apiVersion: v1
 kind: Namespace
 metadata:
   name: monitoring
-  namespace: ""
 ---
 apiVersion: v1
 kind: Namespace
 metadata:
   name: ingress
-  namespace: ""
 ---
 apiVersion: v1
 kind: Namespace
 metadata:
   name: istio-system
-  namespace: ""
\ No newline at end of file
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: dima
diff --git a/local/kubernetes/tools/istio/istiod.yaml b/local/kubernetes/tools/istio/istiod.yaml
deleted file mode 100644
index 9b69340d..00000000
--- a/local/kubernetes/tools/istio/istiod.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
----
-meshConfig:
-  defaultConfig:
-    tracing:
-      sampling: 100.0
-  defaultProviders:
-    tracing:
-    - zipkin
-  enableTracing: true
-  extensionProviders:
-    - name: "tempo"
-      zipkin:
-        service: "tempo-distributor.monitoring.svc.cluster.local"
-        port: 9411
-        maxTagLength: 56
-    - name: "zipkin"
-      zipkin:
-        service: "zipkin.istio-system.svc.cluster.local"
-        port: 9411
-        maxTagLength: 56
\ No newline at end of file
diff --git a/local/kubernetes/tools/istio/kiali.yaml b/local/kubernetes/tools/istio/kiali.yaml
deleted file mode 100644
index 80423948..00000000
--- a/local/kubernetes/tools/istio/kiali.yaml
+++ /dev/null
@@ -1,36 +0,0 @@
----
-auth:
-  strategy: anonymous
-deployment:
-  ingress:
-    additional_labels: {}
-    class_name: "nginx"
-    enabled: true
-    override_yaml:
-      metadata:
-        annotations:
-          nginx.ingress.kubernetes.io/rewrite-target: /$1
-      spec:
-        ingressClassName: nginx
-        rules:
-          - http:
-              paths:
-                - backend:
-                    service:
-                      name: kiali
-                      port:
-                        number: 20001
-                  path: /(.*)
-                  pathType: Prefix
-  pod_annotations:
-    prometheus.io/scrape: "true"
-    prometheus.io/port: "9090"
-server:
-  web_fqdn: localhost
-external_services:
-    prometheus:
-      url: "http://prometheus-server.monitoring/"
-    grafana:
-      enabled: true
-      in_cluster_url: "http://grafana.monitoring/"
-      url: "http://localhost:8080/grafana"
\ No newline at end of file
diff --git a/local/kubernetes/tools/istio/kustomization.yaml b/local/kubernetes/tools/istio/kustomization.yaml
new file mode 100644
index 00000000..9f058822
--- /dev/null
+++ b/local/kubernetes/tools/istio/kustomization.yaml
@@ -0,0 +1,2 @@
+resources:
+- https://raw.githubusercontent.com/istio/istio/release-1.17/samples/addons/jaeger.yaml
\ No newline at end of file
diff --git a/local/kubernetes/tools/logging/apm-server.yaml b/local/kubernetes/tools/logging/apm-server.yaml
deleted file mode 100644
index 6f84d0be..00000000
--- a/local/kubernetes/tools/logging/apm-server.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-resources:
-  requests:
-    cpu: "25m"
-    memory: "100Mi"
-  limits:
-    cpu: "100m"
-    memory: "200Mi"
diff --git a/local/kubernetes/tools/logging/curator.yaml b/local/kubernetes/tools/logging/curator.yaml
deleted file mode 100644
index e0db844a..00000000
--- a/local/kubernetes/tools/logging/curator.yaml
+++ /dev/null
@@ -1,47 +0,0 @@
----
-configMaps:
-  action_file_yml: |-
-    ---
-    actions:
-      1:
-        action: delete_indices
-        description: >-
-          Delete non system indices older than 3 days.
-        options:
-          ignore_empty_list: True
-          timeout_override:
-          continue_if_exception: False
-          disable_action: False
-        filters:
-        - filtertype: age
-          source: creation_date
-          direction: older
-          unit: days
-          unit_count: 3
-        - filtertype: pattern
-          kind: regex
-          value: '^[^\.].*'    
-  config_yml: |-
-    ---
-    client:
-      hosts:
-        - elasticsearch-master
-      port: 9200
-      username: elastic
-      password: changeme
-      url_prefix:
-      use_ssl: False
-      certificate:
-      client_cert:
-      client_key:
-      aws_key:
-      aws_secret_key:
-      aws_region:
-      ssl_no_validate: False
-      timeout: 100
-      master_only: False
-    logging:
-      loglevel: INFO
-      logfile:
-      logformat: default
-      blacklist: [‘elasticsearch’]
diff --git a/local/kubernetes/tools/logging/elasticsearch.yaml b/local/kubernetes/tools/logging/elasticsearch.yaml
deleted file mode 100644
index fc0ef6b2..00000000
--- a/local/kubernetes/tools/logging/elasticsearch.yaml
+++ /dev/null
@@ -1,30 +0,0 @@
----
-replicas: 1
-resources:
-  requests:
-    cpu: "250m"
-    memory: "1000Mi"
-  limits:
-    cpu: "500m"
-    memory: "1500Mi"
-secret:
-  enabled: true
-  password: "changeme"
-clusterHealthCheckParams: "wait_for_status=yellow&timeout=1s"
-volumeClaimTemplate:
-  resources:
-    requests:
-      storage: 10Gi
-lifecycle:
-  postStart:
-    exec:
-      command:
-        - bash
-        - -c
-        - |
-          #!/bin/bash
-          RETENTION=2d
-          echo "applying index lifecycle management with retention period of $RETENTION days to"
-          ES_URL=http://localhost:9200
-          while [[ "$(curl -s -o /dev/null -w '%{http_code}\n' $ES_URL)" != "200" ]]; do sleep 1; done
-          curl -XPUT "$ES_URL/_ilm/policy/logs_policy" -H 'Content-Type: application/json' -d'{"policy":{"phases":{"delete":{"min_age":"$RETENTION","actions":{"delete":{}}}}}}'
\ No newline at end of file
diff --git a/local/kubernetes/tools/logging/fluentd.yaml b/local/kubernetes/tools/logging/fluentd.yaml
deleted file mode 100644
index 62435c30..00000000
--- a/local/kubernetes/tools/logging/fluentd.yaml
+++ /dev/null
@@ -1,239 +0,0 @@
-podSecurityPolicy:
-  enabled: false
-
-plugins:
-  - fluent-plugin-elasticsearch
-  - fluent-plugin-prometheus
-  - fluent-plugin-rewrite-tag-filter
-fileConfigs:
-  01_sources.conf: |-
-    ## logs from podman
-    <source>
-      @type tail
-      @id in_tail_container_logs
-      @label @KUBERNETES
-      path /var/log/containers/*.log
-      pos_file /var/log/fluentd-containers.log.pos
-      tag kubernetes.*
-      read_from_head true
-      skip_refresh_on_startup true
-      <parse>
-        @type multi_format
-        <pattern>
-          format json
-          time_key time
-          time_type string
-          time_format "%Y-%m-%dT%H:%M:%S.%NZ"
-          keep_time_key false
-        </pattern>
-        <pattern>
-          format regexp
-          expression /^(?<time>.+) (?<stream>stdout|stderr)( (.))? (?<log>.*)$/
-          time_format '%Y-%m-%dT%H:%M:%S.%NZ'
-          keep_time_key false
-        </pattern>
-      </parse>
-      emit_unmatched_lines true
-    </source>
-  02_filters.conf: |-
-    <label @KUBERNETES>
-      <match kubernetes.var.log.containers.fluentd**>
-        @type relabel
-        @label @FLUENT_LOG
-      </match>
-      # <match kubernetes.var.log.containers.**_kube-system_**>
-      #   @type null
-      #   @id ignore_kube_system_logs
-      # </match>
-      <filter kubernetes.**>
-        @type kubernetes_metadata
-        @id filter_kube_metadata
-        skip_labels false
-        skip_container_metadata false
-        skip_namespace_metadata true
-        skip_master_url true
-      </filter>
-
-      # copy log field to message field
-      <filter kubernetes.**>
-        @type record_transformer
-        <record>
-          message ${record["log"]}
-        </record>
-      </filter>
-
-      # write part of container name to service field
-      <filter kubernetes.**>
-        @type parser
-        format /(?<service>[^_]+)/
-        key_name $.kubernetes.container_name
-        reserve_data true
-      </filter>
-
-      # ------------------------- split container logs ------------------------- #
-
-      # rewrite tags based on service name
-      # needs to happen within one match block as non matching results will be discarded
-      # resulting in tags: domain.<service>, mongodb, frontend, trafficgen
-      <match kubernetes.**>
-        @type rewrite_tag_filter
-        <rule>
-          key service
-          pattern ^(.*dima-image.+)$
-          tag domain.$1
-        </rule>
-        <rule>
-          key service
-          pattern ^(.*dima-mongodb.*)$
-          tag mongodb
-        </rule>
-        <rule>
-          key service
-          pattern ^(.*dima-frontend.*)$
-          tag frontend
-        </rule>
-        <rule>
-          key service
-          pattern ^(.*dima-trafficgen.*)$
-          tag trafficgen
-        </rule>
-      </match>
-
-      # ------------------------- handle domain service logs ------------------------- #
-
-      # parse log field as json
-      <filter domain.* trafficgen>
-        @type parser
-        format json
-        key_name log
-        reserve_data true
-      </filter>
-
-      # remove tag field & log field (it is either in message now or parsed)
-      <filter domain.* trafficgen>
-        @type record_transformer
-        remove_keys log,tag
-      </filter>
-
-      # ------------------------- split domain services' events ------------------------- #
-
-      # reroute image* services' events to domain.<service>.event
-      # field logger_name is set to event in case of event, others are set to the class
-      <match domain.*>
-        @type rewrite_tag_filter
-        <rule>
-          key logger_name
-          pattern ^(.+)$
-          tag ${tag}.$1
-        </rule>
-      </match>
-
-      <match **>
-        @type relabel
-        @label @DISPATCH
-      </match>
-    </label>
-  03_dispatch.conf: |-
-    <label @DISPATCH>
-      <filter **>
-        @type prometheus
-        <metric>
-          name fluentd_input_status_num_records_total
-          type counter
-          desc The total number of incoming records
-          <labels>
-            tag ${tag}
-            hostname ${hostname}
-          </labels>
-        </metric>
-      </filter>
-      <match **>
-        @type relabel
-        @label @OUTPUT
-      </match>
-    </label>
-  04_outputs.conf: |-
-    <label @OUTPUT>
-      # ------------------------- outputs ------------------------- #
-
-      # send all logs from fluentd itself to their own index "fluent"
-      <match fluent.**>
-        @type                 elasticsearch
-        host                  elasticsearch-master
-        port                  9200
-        user                  elastic
-        password              changeme
-        logstash_format       true
-        logstash_prefix       fluent
-        logstash_dateformat   %Y.%m.%d
-        include_tag_key       true
-        type_name             log
-        tag_key               @tag
-        <buffer>
-          flush_interval      1s
-          flush_thread_count  2
-        </buffer>
-      </match>
-
-      # send all domain events to their own index "events"
-      <match domain.*.event>
-        @type                 elasticsearch
-        host                  elasticsearch-master
-        port                  9200
-        user                  elastic
-        password              changeme
-        logstash_format       true
-        logstash_prefix       events
-        logstash_dateformat   %Y.%m.%d
-        include_tag_key       true
-        type_name             event
-        tag_key               @tag
-        <buffer>
-          flush_interval      1s
-          flush_thread_count  2
-        </buffer>
-      </match>
-
-      <match domain.*.** mongodb frontend trafficgen>
-        @type copy
-        # send all remaining logs from the domain services, mongodb, trafficgen and frontend to "logs"
-        <store>
-          @type                 elasticsearch
-          host                  elasticsearch-master
-          port                  9200
-          user                  elastic
-          password              changeme
-          logstash_format       true
-          logstash_prefix       logs
-          logstash_dateformat   %Y.%m.%d
-          include_tag_key       true
-          type_name             log
-          tag_key               @tag
-          <buffer>
-            flush_interval      1s
-            flush_thread_count  2
-          </buffer>
-        </store>
-      </match>
-
-      # catch all for any potential unmatched logs
-      <match **.**>
-        @type                 elasticsearch
-        host                  elasticsearch-master
-        port                  9200
-        user                  elastic
-        password              changeme
-        logstash_format       true
-        logstash_prefix       unmatched
-        logstash_dateformat   %Y.%m.%d
-        include_tag_key       true
-        type_name             log
-        tag_key               @tag
-        <buffer>
-          flush_interval      1s
-          flush_thread_count  2
-        </buffer>
-      </match>
-
-    </label>
-
diff --git a/local/kubernetes/tools/logging/kibana-index/TODO.md b/local/kubernetes/tools/logging/kibana-index/TODO.md
new file mode 100644
index 00000000..0cd67da5
--- /dev/null
+++ b/local/kubernetes/tools/logging/kibana-index/TODO.md
@@ -0,0 +1 @@
+This folder is not in GitOps yet
\ No newline at end of file
diff --git a/local/kubernetes/tools/logging/kibana.yaml b/local/kubernetes/tools/logging/kibana.yaml
deleted file mode 100644
index 957e24f0..00000000
--- a/local/kubernetes/tools/logging/kibana.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
----
-kibanaConfig:
-  kibana.yml: |
-    elasticsearch.username: elastic
-    elasticsearch.password: changeme
-    server.publicBaseUrl: http://localhost:8080/kibana
-    server.basePath: /kibana
-
-resources:
-  requests:
-    cpu: "100m"
-    memory: "1Gi"
-  limits:
-    cpu: "250m"
-    memory: "1Gi"
diff --git a/local/kubernetes/tools/logging/loki.yaml b/local/kubernetes/tools/logging/loki.yaml
deleted file mode 100644
index c154b421..00000000
--- a/local/kubernetes/tools/logging/loki.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
----
-enterprise:
-  enabled: false
-
-minio:
-  enabled: false
-
-loki:
-  auth_enabled: false
-  commonConfig:
-    path_prefix: /var/loki
-    replication_factor: 1
-  podAnnotations:
-    prometheus.io/scrape: "true"
-
-read:
-  replicas: 1
-
-write:
-  replicas: 1
-
-gateway:
-  replicas: 1
-
-test:
-  enabled: false
-
-monitoring:
-  dashboards:
-    namespace: monitoring
-    labels:
-      grafana_dashboard: ""
-    annotations:
-      grafana_folder: "loki"
diff --git a/local/kubernetes/tools/logging/prometheus-elasticsearch-exporter.yaml b/local/kubernetes/tools/logging/prometheus-elasticsearch-exporter.yaml
deleted file mode 100644
index 93f4e20d..00000000
--- a/local/kubernetes/tools/logging/prometheus-elasticsearch-exporter.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-es:
-  uri: http://elasticsearch-master:9200
-service:
-  annotations:
-    prometheus.io/scrape: "true"
-    prometheus.io/path: /metrics
-    prometheus.io/port: "9108"    
\ No newline at end of file
diff --git a/local/kubernetes/tools/logging/promtail.yaml b/local/kubernetes/tools/logging/promtail.yaml
deleted file mode 100644
index 71db0e70..00000000
--- a/local/kubernetes/tools/logging/promtail.yaml
+++ /dev/null
@@ -1,22 +0,0 @@
-config:
-  clients:
-    - url: http://loki-gateway.logging.svc.cluster.local/loki/api/v1/push
-
-  snippets:
-    pipelineStages:
-      - cri: {}
-      - json:
-          expressions:
-            time: '"@timestamp"'
-            message: message
-            level: level
-            trace_id: traceId
-            span_id: spanId
-      - labels:
-          level: level
-          trace_id: trace_id
-      - timestamp:
-          format: RFC3339
-          source: "time"
-      - output:
-          source: message
\ No newline at end of file
diff --git a/local/kubernetes/tools/monitoring/grafana.yaml b/local/kubernetes/tools/monitoring/grafana.yaml
deleted file mode 100644
index f11d2f70..00000000
--- a/local/kubernetes/tools/monitoring/grafana.yaml
+++ /dev/null
@@ -1,176 +0,0 @@
----
-adminUser: grafana
-adminPassword: changeme
-dashboards:
-  infra:
-    kubernetes:
-      gnetId: 13332
-      revision: 12
-      datasource: Prometheus
-    springboot:
-      gnetId: 17175
-      revision: 1
-      datasource:
-      - name: DS_PROMETHEUS
-        value: Prometheus
-      - name: DS_LOKI
-        value: loki
-  tools:
-    prometheus-stats:
-      gnetId: 3662
-      revision: 2
-      datasource: Prometheus
-    ingress-nginx:
-      gnetId: 9614
-      revision: 1
-      datasource: Prometheus
-    elasticsearch:
-      gnetId: 13071
-      revision: 1
-      datasource: Prometheus
-    jaeger:
-      gnetId: 12535
-      revision: 1
-      datasource: Prometheus
-  istio:
-    istio-performance-dashboard:
-      gnetId: 11829
-      revision: 158
-      datasource: Prometheus
-    istio-pilot-dashboard:
-      gnetId: 12154
-      revision: 158
-      datasource: Prometheus
-    istio-workload-dashboard:
-      gnetId: 7630
-      revision: 158
-      datasource: Prometheus
-    istio-service-dashboard:
-      gnetId: 7636
-      revision: 158
-      datasource: Prometheus
-    istio-mesh-dashboard:
-      gnetId: 7639
-      revision: 158
-      datasource: Prometheus
-    istio-controlplane-dashboard:
-      gnetId: 7645
-      revision: 158
-      datasource: Prometheus
-dashboardProviders:
-  dashboardproviders.yaml:
-    apiVersion: 1
-    providers:
-    - disableDeletion: true
-      folder: infra
-      name: infra
-      editable: false
-      options:
-        path: /var/lib/grafana/dashboards/infra
-      orgId: 1
-      type: file
-    - disableDeletion: true
-      folder: tools
-      name: tools
-      editable: false
-      options:
-        path: /var/lib/grafana/dashboards/tools
-      orgId: 1
-      type: file
-    - disableDeletion: false
-      folder: istio
-      name: istio
-      options:
-        path: /var/lib/grafana/dashboards/istio
-      orgId: 1
-      type: file
-datasources:
- datasources.yaml:
-    apiVersion: 1
-    datasources:
-    - access: proxy
-      editable: true
-      isDefault: true
-      jsonData:
-        timeInterval: 5s
-      name: Prometheus
-      orgId: 1
-      type: prometheus
-      url: http://prometheus-server:80
-    - access: 'proxy'
-      editable: true
-      isDefault: false
-      name: 'Loki'
-      orgId: 1
-      type: 'loki'
-      url: 'http://loki-gateway.logging.svc.cluster.local'
-    - name: 'Elasticsearch'
-      type: 'elasticsearch'
-      access: 'proxy'
-      orgId: 1
-      url: 'http://elasticsearch-master.logging:9200'
-      isDefault: false
-      editable: true
-      basicAuth: true
-      basicAuthUser: elastic
-      secureJsonData:
-        basicAuthPassword: changeme
-      database: "[logs-]YYYY.MM.DD"
-      jsonData:
-        interval: Daily
-        timeField: "@timestamp"
-        esVersion: "7.10+"
-        logMessageField: message
-        logLevelField: level
-    - name: 'Tempo'
-      access: 'proxy'
-      editable: true
-      isDefault: false
-      orgId: 1
-      type: 'tempo'
-      url: 'http://tempo-gateway.monitoring.svc.cluster.local'
-deploymentStrategy:
-  type: Recreate
-grafana.ini:
-  analytics:
-    check_for_updates: true
-  grafana_net:
-    url: https://grafana.net
-  log:
-    mode: console
-    console:
-      format: json
-  paths:
-    data: /var/lib/grafana/
-    logs: /var/log/grafana
-    plugins: /var/lib/grafana/plugins
-    provisioning: /etc/grafana/provisioning
-  server:
-    serve_from_sub_path: true
-    root_url: http://localhost:8080/grafana/
-plugins:
-  - "raintank-worldping-app"
-  - "jdbranham-diagram-panel"
-resources:
- limits:
-   cpu: 100m
-   memory: 128Mi
- requests:
-   cpu: 80m
-   memory: 128Mi
-persistence:
-  enabled: "true"
-  size: 5Gi
-sidecar:
-  dashboards:
-    enabled: "true"
-    folderAnnotation: "grafana_folder"
-    searchNamespace: "monitoring"
-    provider:
-      foldersFromFilesStructure: true
-service:
-  labels:
-    sidecar.istio.io/inject: "false"
-  annotations:
-    prometheus.io/scrape: "true"
-    prometheus.io/path: /metrics
diff --git a/local/kubernetes/tools/monitoring/prometheus.yaml b/local/kubernetes/tools/monitoring/prometheus.yaml
deleted file mode 100644
index 7bb7cbc3..00000000
--- a/local/kubernetes/tools/monitoring/prometheus.yaml
+++ /dev/null
@@ -1,23 +0,0 @@
----
-server:
-  prefixURL: /prometheus
-  extraArgs:
-    web.external-url: "http://localhost:8080/prometheus/"
-    # web.route-prefix: "/"
-alertmanager:
-  enabled: false
-kube-state-metrics:
-  enabled: true
-  image:
-    # use compatible version, see https://github.com/kubernetes/kube-state-metrics#compatibility-matrix
-    tag: v2.6.0
-  selfMonitor:
-    enabled: true
-    telemetryPort: 8081
-  podAnnotations:
-    prometheus.io/scrape: "true"
-    prometheus.io/port: "8081"
-prometheus-node-exporter:
-  enabled: true
-prometheus-pushgateway:
-  enabled: false
\ No newline at end of file
diff --git a/local/kubernetes/tools/tracing/tempo.yaml b/local/kubernetes/tools/tracing/tempo.yaml
deleted file mode 100644
index 42e17da6..00000000
--- a/local/kubernetes/tools/tracing/tempo.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
----
-minio:
-  enabled: false
-storage:
-  trace:
-    backend: local
-
-traces:
-  zipkin:
-    enabled: true
-
-gateway:
-  enabled: true
\ No newline at end of file
diff --git a/local/application/values.yaml b/stack/kubernetes/application/values_local.yaml
similarity index 97%
rename from local/application/values.yaml
rename to stack/kubernetes/application/values_local.yaml
index a81c714c..0c0d64c0 100644
--- a/local/application/values.yaml
+++ b/stack/kubernetes/application/values_local.yaml
@@ -10,6 +10,8 @@ local: &localConfig
 global:
   tracing:
     url: http://zipkin.istio-system:9411
+  tls:
+    enabled: false
 
 dima-frontend:
   image:

From 6a8f8b95189b711ae5bd6f6d9593b1d369751d8c Mon Sep 17 00:00:00 2001
From: Luis Schweigard <luis.schweigard@maibornwolff.de>
Date: Mon, 24 Apr 2023 11:07:34 +0200
Subject: [PATCH 2/2] Fixing ingress for local setup

---
 clusters/dev/ingress.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/clusters/dev/ingress.yaml b/clusters/dev/ingress.yaml
index 7e04e3c0..5c1453b8 100644
--- a/clusters/dev/ingress.yaml
+++ b/clusters/dev/ingress.yaml
@@ -17,5 +17,5 @@ spec:
   values:
     controller:
       replicaCount: 1
-      admissionWebhooks:
-        enabled: false
\ No newline at end of file
+      service:
+        type: ClusterIP
\ No newline at end of file