| alertRelabelConfigs |
|
alertRelabelConfigs: {}
|
|
| alertmanager |
|
alertmanager:
enabled: true
persistence:
size: 2Gi
podSecurityContext:
fsGroup: 65534
runAsGroup: 65534
runAsNonRoot: true
runAsUser: 65534
|
|
| commonMetaLabels |
Additional labels to attach to all resources
|
commonMetaLabels: {}
|
|
| configmapReload |
Monitors ConfigMap changes and POSTs to a URL.
Ref: https://github.com/prometheus-operator/prometheus-operator/tree/main/cmd/prometheus-config-reloader
|
ExpandconfigmapReload:
env: []
prometheus:
containerSecurityContext: {}
enabled: true
extraArgs: {}
extraConfigmapMounts: []
extraVolumeDirs: []
extraVolumeMounts: []
image:
digest: ''
pullPolicy: IfNotPresent
repository: quay.io/prometheus-operator/prometheus-config-reloader
tag: v0.78.1
name: configmap-reload
resources: {}
reloadUrl: ''
|
|
| configmapReload.env |
env sets environment variables to pass to the container. Can be set as name/value pairs,
read from secrets or configmaps.
|
configmapReload:
env: []
|
Expandenv:
- name: SOMEVAR
value: somevalue
- name: SOMEVARAGAIN
value: somevalueanother
- name: strawberry
value: redanddelishous
- name: melon
value: greenandred
- name: justanother
value: dayinparadise
- name: PASSWORD
valueFrom:
secretKeyRef:
name: mysecret
key: password
optional: false
|
| configmapReload.prometheus |
Define values for the prometheus configuration.
|
ExpandconfigmapReload:
prometheus:
containerSecurityContext: {}
enabled: true
extraArgs: {}
extraConfigmapMounts: []
extraVolumeDirs: []
extraVolumeMounts: []
image:
digest: ''
pullPolicy: IfNotPresent
repository: quay.io/prometheus-operator/prometheus-config-reloader
tag: v0.78.1
name: configmap-reload
resources: {}
|
|
| configmapReload.prometheus.containerSecurityContext |
Security context to be added to configmap-reload container
|
configmapReload:
prometheus:
containerSecurityContext: {}
|
|
| configmapReload.prometheus.enabled |
If false, the configmap-reload container will not be deployed.
|
configmapReload:
prometheus:
enabled: true
|
|
| configmapReload.prometheus.extraArgs |
Additional configmap-reload container arguments
|
configmapReload:
prometheus:
extraArgs: {}
|
|
| configmapReload.prometheus.extraConfigmapMounts |
Additional configmap-reload mounts.
|
configmapReload:
prometheus:
extraConfigmapMounts: []
|
extraConfigmapMounts:
- name: prometheus-alerts
mountPath: /etc/alerts.d
subPath: ""
configMap: prometheus-alerts
readOnly: true
|
| configmapReload.prometheus.extraVolumeDirs |
Additional configmap-reload volume directories
|
configmapReload:
prometheus:
extraVolumeDirs: []
|
|
| configmapReload.prometheus.extraVolumeMounts |
Additional configmap-reload volume mounts
|
configmapReload:
prometheus:
extraVolumeMounts: []
|
|
| configmapReload.prometheus.image |
configmap-reload container image
|
configmapReload:
prometheus:
image:
digest: ''
pullPolicy: IfNotPresent
repository: quay.io/prometheus-operator/prometheus-config-reloader
tag: v0.78.1
|
|
| configmapReload.prometheus.image.digest |
When digest is set to a non-empty value, images will be pulled by digest (regardless of tag value).
|
configmapReload:
prometheus:
image:
digest: ''
|
|
| configmapReload.prometheus.name |
configmap-reload container name
|
configmapReload:
prometheus:
name: configmap-reload
|
|
| configmapReload.prometheus.resources |
configmap-reload resource requests and limits.
Ref: http://kubernetes.io/docs/user-guide/compute-resources/
|
configmapReload:
prometheus:
resources: {}
|
|
| configmapReload.reloadUrl |
URL for configmap-reload to use for reloads
|
configmapReload:
reloadUrl: ''
|
|
| extraManifests |
|
extraManifests: []
|
|
| extraScrapeConfigs |
|
extraScrapeConfigs: ''
|
|
| forceNamespace |
|
forceNamespace: ''
|
|
| imagePullSecrets |
Define ImagePullSecrets for the deployment.
|
imagePullSecrets: []
|
|
| kube-state-metrics |
|
kube-state-metrics:
enabled: true
|
|
| networkPolicy |
|
networkPolicy:
enabled: false
|
|
| podSecurityPolicy |
Define whether to enable the pod security policy.
|
podSecurityPolicy:
enabled: false
|
podSecurityPolicy:
enabled: true
|
| prometheus-node-exporter |
|
prometheus-node-exporter:
containerSecurityContext:
allowPrivilegeEscalation: false
enabled: true
rbac:
pspEnabled: false
|
|
| prometheus-pushgateway |
|
prometheus-pushgateway:
enabled: true
serviceAnnotations:
prometheus.io/probe: pushgateway
|
|
| rbac |
Whether to create rbac.
|
rbac:
create: true
|
|
| ruleFiles |
|
ruleFiles: {}
|
|
| scrapeConfigFiles |
|
scrapeConfigFiles: []
|
|
| server |
Configure the server component.
|
Expandserver:
affinity: {}
alertmanagers: []
automountServiceAccountToken: false
baseURL: ''
clusterRoleNameOverride: ''
command: []
configMapAnnotations: {}
configMapOverrideName: ''
configPath: /etc/config/prometheus.yml
containerSecurityContext: {}
defaultFlagsOverride: []
deploymentAnnotations: {}
dnsConfig: {}
dnsPolicy: ClusterFirst
emptyDir:
sizeLimit: ''
enableServiceLinks: true
env: []
exemplars: {}
extraArgs: {}
extraConfigmapLabels: {}
extraConfigmapMounts: []
extraFlags:
- web.enable-lifecycle
extraHostPathMounts: []
extraInitContainers: []
extraSecretMounts: []
extraVolumeMounts: []
extraVolumes: []
global:
evaluation_interval: 1m
scrape_interval: 1m
scrape_timeout: 10s
hostAliases: []
hostNetwork: false
image:
digest: ''
pullPolicy: IfNotPresent
repository: quay.io/prometheus/prometheus
tag: ''
ingress:
annotations: {}
enabled: false
extraLabels: {}
extraPaths: []
hosts: []
path: /
pathType: Prefix
tls: []
livenessProbeFailureThreshold: 3
livenessProbeInitialDelay: 30
livenessProbePeriodSeconds: 15
livenessProbeSuccessThreshold: 1
livenessProbeTimeout: 10
name: server
nodeSelector: {}
persistentVolume:
accessModes:
- ReadWriteOnce
annotations: {}
enabled: true
existingClaim: ''
labels: {}
mountPath: /data
size: 8Gi
statefulSetNameOverride: ''
subPath: ''
podAnnotations: {}
podAntiAffinity: ''
podAntiAffinityTopologyKey: kubernetes.io/hostname
podDisruptionBudget:
enabled: false
maxUnavailable: 1
podLabels: {}
podSecurityPolicy:
annotations: {}
portName: ''
prefixURL: ''
priorityClassName: ''
probeHeaders: []
probeScheme: HTTP
readinessProbeFailureThreshold: 3
readinessProbeInitialDelay: 30
readinessProbePeriodSeconds: 5
readinessProbeSuccessThreshold: 1
readinessProbeTimeout: 4
releaseNamespace: false
remoteRead: []
remoteWrite: []
replicaCount: 1
resources: {}
retention: 15d
retentionSize: ''
revisionHistoryLimit: 10
securityContext:
fsGroup: 65534
runAsGroup: 65534
runAsNonRoot: true
runAsUser: 65534
service:
additionalPorts: []
annotations: {}
clusterIP: ''
enabled: true
externalIPs: []
gRPC:
enabled: false
servicePort: 10901
labels: {}
loadBalancerIP: ''
loadBalancerSourceRanges: []
servicePort: 80
sessionAffinity: None
statefulsetReplica:
enabled: false
replica: 0
type: ClusterIP
sidecarContainers: {}
sidecarTemplateValues: {}
startupProbe:
enabled: false
failureThreshold: 30
periodSeconds: 5
timeoutSeconds: 10
statefulSet:
annotations: {}
enabled: false
headless:
annotations: {}
gRPC:
enabled: false
servicePort: 10901
labels: {}
servicePort: 80
labels: {}
podManagementPolicy: OrderedReady
pvcDeleteOnStsDelete: false
pvcDeleteOnStsScale: false
storagePath: ''
strategy:
type: Recreate
tcpSocketProbeEnabled: false
terminationGracePeriodSeconds: 300
tolerations: []
topologySpreadConstraints: []
tsdb: {}
useExistingClusterRoleName: false
verticalAutoscaler:
enabled: false
|
|
| server.automountServiceAccountToken |
Opt out of automounting Kubernetes API credentials.
If set it will override serviceAccounts.server.automountServiceAccountToken value for ServiceAccount.
|
server:
automountServiceAccountToken: false
|
|
| server.clusterRoleNameOverride |
If set it will override prometheus.server.fullname value for ClusterRole and ClusterRoleBinding
|
server:
clusterRoleNameOverride: ''
|
|
| server.name |
Prometheus server container name
|
server:
name: server
|
|
| server.useExistingClusterRoleName |
Use a ClusterRole (and ClusterRoleBinding).
If set to false, we define a RoleBinding in the defined namespaces ONLY.
NB: because we need a Role with nonResourceURL's ("/metrics") - you must get someone with Cluster-admin privileges to define this role for you, before running with this setting enabled.
This makes prometheus work - for users who do not have ClusterAdmin privs, but wants prometheus to operate on their own namespaces, instead of clusterwide.
You MUST also set namespaces to the ones you have access to and want monitored by Prometheus.
|
server:
useExistingClusterRoleName: false
|
|
| serverFiles |
|
ExpandserverFiles:
alerting_rules.yml: {}
alerts: {}
prometheus.yml:
rule_files:
- /etc/config/recording_rules.yml
- /etc/config/alerting_rules.yml
- /etc/config/rules
- /etc/config/alerts
scrape_configs:
- job_name: prometheus
static_configs:
- targets:
- localhost:9090
- bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
job_name: kubernetes-apiservers
kubernetes_sd_configs:
- role: endpoints
relabel_configs:
- action: keep
regex: default;kubernetes;https
source_labels:
- meta_kubernetes_namespace
- __meta_kubernetes_service_name
- __meta_kubernetes_endpoint_port_name
scheme: https
tls_config:
ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
insecure_skip_verify: true
- bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
job_name: kubernetes-nodes
kubernetes_sd_configs:
- role: node
relabel_configs:
- action: labelmap
regex: __meta_kubernetes_node_label_(.+)
- replacement: kubernetes.default.svc:443
target_label: __address
- regex: (.+)
replacement: /api/v1/nodes/$1/proxy/metrics
source_labels:
- meta_kubernetes_node_name
target_label: __metrics_path
scheme: https
tls_config:
ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
insecure_skip_verify: true
- bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
job_name: kubernetes-nodes-cadvisor
kubernetes_sd_configs:
- role: node
relabel_configs:
- action: labelmap
regex: meta_kubernetes_node_label_(.+)
- replacement: kubernetes.default.svc:443
target_label: __address
- regex: (.+)
replacement: /api/v1/nodes/$1/proxy/metrics/cadvisor
source_labels:
- meta_kubernetes_node_name
target_label: __metrics_path
scheme: https
tls_config:
ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
insecure_skip_verify: true
- honor_labels: true
job_name: kubernetes-service-endpoints
kubernetes_sd_configs:
- role: endpoints
relabel_configs:
- action: keep
regex: true
source_labels:
- meta_kubernetes_service_annotation_prometheus_io_scrape
- action: drop
regex: true
source_labels:
- __meta_kubernetes_service_annotation_prometheus_io_scrape_slow
- action: replace
regex: (https?)
source_labels:
- __meta_kubernetes_service_annotation_prometheus_io_scheme
target_label: __scheme
- action: replace
regex: (.+)
source_labels:
- meta_kubernetes_service_annotation_prometheus_io_path
target_label: __metrics_path
- action: replace
regex: (.+?)(?::\d+)?;(\d+)
replacement: $1:$2
source_labels:
- address
- meta_kubernetes_service_annotation_prometheus_io_port
target_label: __address
- action: labelmap
regex: meta_kubernetes_service_annotation_prometheus_io_param_(.+)
replacement: __param_$1
- action: labelmap
regex: __meta_kubernetes_service_label_(.+)
- action: replace
source_labels:
- __meta_kubernetes_namespace
target_label: namespace
- action: replace
source_labels:
- __meta_kubernetes_service_name
target_label: service
- action: replace
source_labels:
- __meta_kubernetes_pod_node_name
target_label: node
- honor_labels: true
job_name: kubernetes-service-endpoints-slow
kubernetes_sd_configs:
- role: endpoints
relabel_configs:
- action: keep
regex: true
source_labels:
- __meta_kubernetes_service_annotation_prometheus_io_scrape_slow
- action: replace
regex: (https?)
source_labels:
- __meta_kubernetes_service_annotation_prometheus_io_scheme
target_label: __scheme
- action: replace
regex: (.+)
source_labels:
- meta_kubernetes_service_annotation_prometheus_io_path
target_label: __metrics_path
- action: replace
regex: (.+?)(?::\d+)?;(\d+)
replacement: $1:$2
source_labels:
- address
- meta_kubernetes_service_annotation_prometheus_io_port
target_label: __address
- action: labelmap
regex: meta_kubernetes_service_annotation_prometheus_io_param_(.+)
replacement: __param_$1
- action: labelmap
regex: __meta_kubernetes_service_label_(.+)
- action: replace
source_labels:
- __meta_kubernetes_namespace
target_label: namespace
- action: replace
source_labels:
- __meta_kubernetes_service_name
target_label: service
- action: replace
source_labels:
- __meta_kubernetes_pod_node_name
target_label: node
scrape_interval: 5m
scrape_timeout: 30s
- honor_labels: true
job_name: prometheus-pushgateway
kubernetes_sd_configs:
- role: service
relabel_configs:
- action: keep
regex: pushgateway
source_labels:
- __meta_kubernetes_service_annotation_prometheus_io_probe
- honor_labels: true
job_name: kubernetes-services
kubernetes_sd_configs:
- role: service
metrics_path: /probe
params:
module:
- http_2xx
relabel_configs:
- action: keep
regex: true
source_labels:
- __meta_kubernetes_service_annotation_prometheus_io_probe
- source_labels:
- __address
target_label: param_target
- replacement: blackbox
target_label: __address
- source_labels:
- param_target
target_label: instance
- action: labelmap
regex: __meta_kubernetes_service_label_(.+)
- source_labels:
- __meta_kubernetes_namespace
target_label: namespace
- source_labels:
- __meta_kubernetes_service_name
target_label: service
- honor_labels: true
job_name: kubernetes-pods
kubernetes_sd_configs:
- role: pod
relabel_configs:
- action: keep
regex: true
source_labels:
- __meta_kubernetes_pod_annotation_prometheus_io_scrape
- action: drop
regex: true
source_labels:
- __meta_kubernetes_pod_annotation_prometheus_io_scrape_slow
- action: replace
regex: (https?)
source_labels:
- __meta_kubernetes_pod_annotation_prometheus_io_scheme
target_label: __scheme
- action: replace
regex: (.+)
source_labels:
- meta_kubernetes_pod_annotation_prometheus_io_path
target_label: __metrics_path
- action: replace
regex: (\d+);(([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4})
replacement: '[$2]:$1'
source_labels:
- meta_kubernetes_pod_annotation_prometheus_io_port
- __meta_kubernetes_pod_ip
target_label: __address
- action: replace
regex: (\d+);((([0-9]+?)(.|$)){4})
replacement: $2:$1
source_labels:
- meta_kubernetes_pod_annotation_prometheus_io_port
- __meta_kubernetes_pod_ip
target_label: __address
- action: labelmap
regex: meta_kubernetes_pod_annotation_prometheus_io_param_(.+)
replacement: __param_$1
- action: labelmap
regex: __meta_kubernetes_pod_label_(.+)
- action: replace
source_labels:
- __meta_kubernetes_namespace
target_label: namespace
- action: replace
source_labels:
- __meta_kubernetes_pod_name
target_label: pod
- action: drop
regex: Pending|Succeeded|Failed|Completed
source_labels:
- __meta_kubernetes_pod_phase
- action: replace
source_labels:
- __meta_kubernetes_pod_node_name
target_label: node
- honor_labels: true
job_name: kubernetes-pods-slow
kubernetes_sd_configs:
- role: pod
relabel_configs:
- action: keep
regex: true
source_labels:
- __meta_kubernetes_pod_annotation_prometheus_io_scrape_slow
- action: replace
regex: (https?)
source_labels:
- __meta_kubernetes_pod_annotation_prometheus_io_scheme
target_label: __scheme
- action: replace
regex: (.+)
source_labels:
- meta_kubernetes_pod_annotation_prometheus_io_path
target_label: __metrics_path
- action: replace
regex: (\d+);(([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4})
replacement: '[$2]:$1'
source_labels:
- meta_kubernetes_pod_annotation_prometheus_io_port
- __meta_kubernetes_pod_ip
target_label: __address
- action: replace
regex: (\d+);((([0-9]+?)(.|$)){4})
replacement: $2:$1
source_labels:
- meta_kubernetes_pod_annotation_prometheus_io_port
- __meta_kubernetes_pod_ip
target_label: __address
- action: labelmap
regex: __meta_kubernetes_pod_annotation_prometheus_io_param_(.+)
replacement: __param_$1
- action: labelmap
regex: __meta_kubernetes_pod_label_(.+)
- action: replace
source_labels:
- __meta_kubernetes_namespace
target_label: namespace
- action: replace
source_labels:
- __meta_kubernetes_pod_name
target_label: pod
- action: drop
regex: Pending|Succeeded|Failed|Completed
source_labels:
- __meta_kubernetes_pod_phase
- action: replace
source_labels:
- __meta_kubernetes_pod_node_name
target_label: node
scrape_interval: 5m
scrape_timeout: 30s
recording_rules.yml: {}
rules: {}
|
|
| serviceAccounts |
Define serviceAccount names for components. Defaults to component's fully qualified name.
|
serviceAccounts:
server:
annotations: {}
automountServiceAccountToken: false
create: true
name: ''
|
|
| serviceAccounts.server.automountServiceAccountToken |
Opt out of automounting Kubernetes API credentials.
It will be overridden by server.automountServiceAccountToken value, if set.
|
serviceAccounts:
server:
automountServiceAccountToken: false
|
|
