Skip to content

[DEV-15058] Add signoz, disabled by default #552

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
ltellesfl merged 3 commits into from
Mar 27, 2026
+40 −11
Merged

[DEV-15058] Add signoz, disabled by default #552

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
0e958a0
Add signoz to monitoring
ltellesfl Mar 26, 2026
b2bae6d
Add environment at signoz
ltellesfl Mar 26, 2026
7c1458b
Remove duplicated alerting and add sensitive to var
ltellesfl Mar 27, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 16 additions & 6 deletions application.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -790,6 +790,8 @@ externalSecretStore:
vaultRole: ${var.secrets_operator_enabled == true && var.multitenant_enabled == false ? module.secrets-operator-setup[0].vault_auth_role_name : "unused-role"}
vaultServiceAccount: ${var.secrets_operator_enabled == true && var.multitenant_enabled == false ? module.secrets-operator-setup[0].vault_auth_service_account_name : "vault-sa"}
vaultSecretName: "vault-auth"
opentelemetry-operator:
enabled: ${var.enable_signoz}
EOF
])

Expand Down Expand Up @@ -835,23 +837,31 @@ keda:
podMonitor:
enabled: true
kube-prometheus-stack:
enabled: ${var.enable_signoz ? false : true}
${local.kube_prometheus_stack_values}
${local.loki_config}
metrics-server:
image:
repository: ${var.image_registry}/registry.k8s.io/metrics-server/metrics-server
opentelemetry-collector:
enabled: true
enabled: ${var.enable_signoz ? false : true}
image:
repository: ${var.image_registry}/docker.io/otel/opentelemetry-collector-contrib
tempo:
enabled: ${var.enable_signoz ? false : true}
tempo:
storage:
trace:
backend: s3
s3:
bucket: ${local.environment_loki_s3_bucket_name}
endpoint: s3.${var.region}.amazonaws.com
signoz:
enabled: ${var.enable_signoz}
clusterName: ${var.label}
otelCollectorEndpoint: ${var.signoz_otel_collector_endpoint}
token: ${var.signoz_bearer_token}
environment: ${var.environment}
EOF
] : []

Expand Down Expand Up @@ -909,10 +919,10 @@ module "indico-common" {

# With the common charts are installed, we can then move on to installing intake and/or insights
locals {
internal_elb = var.network_allow_public == false ? true : false
backend_port = var.acm_arn != "" ? "http" : "https"
enableHttp = var.acm_arn != "" || var.use_nlb == true ? false : true
nginx_ingress_configs = var.enforce_http_2_only ? (<<EOT
internal_elb = var.network_allow_public == false ? true : false
backend_port = var.acm_arn != "" ? "http" : "https"
enableHttp = var.acm_arn != "" || var.use_nlb == true ? false : true
nginx_ingress_configs = var.enforce_http_2_only ? (<<EOT

config:
entries:
Expand Down Expand Up @@ -979,7 +989,7 @@ noExtraConfigs: true
EOT
) : (<<EOT
alerting:
enabled: true
enabled: ${var.enable_signoz ? false : true}
email:
enabled: ${var.alerting_email_enabled}
smarthost: '${var.alerting_email_host}'
Expand Down
10 changes: 5 additions & 5 deletions monitoring.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,10 +22,10 @@ locals {

loki_config = var.enable_loki_logging == true ? (<<EOT
fluent-bit:
enabled: true
enabled: ${var.enable_signoz ? false : true}
${var.custom_fluentbit_filters != "" ? indent(2, base64decode(var.custom_fluentbit_filters)) : ""}
loki:
enabled: true
enabled: ${var.enable_signoz ? false : true}
loki:
storage_config:
aws:
Expand Down Expand Up @@ -325,9 +325,9 @@ resource "aws_route53_record" "alertmanager-caa" {

locals {
monitoring_password = var.multitenant_enabled == false ? random_password.monitoring-password[0].result : ""
password = var.multitenant_enabled == false ? random_password.password[0].result : ""
salt = var.multitenant_enabled == false ? random_password.salt[0].result : ""
hash = var.multitenant_enabled == false ? htpasswd_password.hash[0].bcrypt : ""
password = var.multitenant_enabled == false ? random_password.password[0].result : ""
salt = var.multitenant_enabled == false ? random_password.salt[0].result : ""
hash = var.multitenant_enabled == false ? htpasswd_password.hash[0].bcrypt : ""
}

resource "random_password" "monitoring-password" {
Expand Down
19 changes: 19 additions & 0 deletions variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1882,3 +1882,22 @@ variable "indico_nat_enable_ssm" {
default = false
description = "When true, install and enable SSM Agent on indico-nat instances for remote shell access"
}

variable "enable_signoz" {
type = bool
default = false
description = "Toggle for enabling signoz"
}

variable "signoz_otel_collector_endpoint" {
type = string
default = "signoz-collector.devops.indico.io:443"
description = "OTEL collector endpoint for signoz"
}

variable "signoz_bearer_token" {
type = string
default = ""
description = "Bearer token for signoz"
sensitive = true
}
Loading