values.yaml 129 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658165916601661166216631664166516661667166816691670167116721673167416751676167716781679168016811682168316841685168616871688168916901691169216931694169516961697169816991700170117021703170417051706170717081709171017111712171317141715171617171718171917201721172217231724172517261727172817291730173117321733173417351736173717381739174017411742174317441745174617471748174917501751175217531754175517561757175817591760176117621763176417651766176717681769177017711772177317741775177617771778177917801781178217831784178517861787178817891790179117921793179417951796179717981799180018011802180318041805180618071808180918101811181218131814181518161817181818191820182118221823182418251826182718281829183018311832183318341835183618371838183918401841184218431844184518461847184818491850185118521853185418551856185718581859186018611862186318641865186618671868186918701871187218731874187518761877187818791880188118821883188418851886188718881889189018911892189318941895189618971898189919001901190219031904190519061907190819091910191119121913191419151916191719181919192019211922192319241925192619271928192919301931193219331934193519361937193819391940194119421943194419451946194719481949195019511952195319541955195619571958195919601961196219631964196519661967196819691970197119721973197419751976197719781979198019811982198319841985198619871988198919901991199219931994199519961997199819992000200120022003200420052006200720082009201020112012201320142015201620172018201920202021202220232024202520262027202820292030203120322033203420352036203720382039204020412042204320442045204620472048204920502051205220532054205520562057205820592060206120622063206420652066206720682069207020712072207320742075207620772078207920802081208220832084208520862087208820892090209120922093209420952096209720982099210021012102210321042105210621072108210921102111211221132114211521162117211821192120212121222123212421252126212721282129213021312132213321342135213621372138213921402141214221432144214521462147214821492150215121522153215421552156215721582159216021612162216321642165216621672168216921702171217221732174217521762177217821792180218121822183218421852186218721882189219021912192219321942195219621972198219922002201220222032204220522062207220822092210221122122213221422152216221722182219222022212222222322242225222622272228222922302231223222332234223522362237223822392240224122422243224422452246224722482249225022512252225322542255225622572258225922602261226222632264226522662267226822692270227122722273227422752276227722782279228022812282228322842285228622872288228922902291229222932294229522962297229822992300230123022303230423052306230723082309231023112312231323142315231623172318231923202321232223232324232523262327232823292330233123322333233423352336233723382339234023412342234323442345234623472348234923502351235223532354235523562357235823592360236123622363236423652366236723682369237023712372237323742375237623772378237923802381238223832384238523862387238823892390239123922393239423952396239723982399240024012402240324042405240624072408240924102411241224132414241524162417241824192420242124222423242424252426242724282429243024312432243324342435243624372438243924402441244224432444244524462447244824492450245124522453245424552456245724582459246024612462246324642465246624672468246924702471247224732474247524762477247824792480248124822483248424852486248724882489249024912492249324942495249624972498249925002501250225032504250525062507250825092510251125122513251425152516251725182519252025212522252325242525252625272528252925302531253225332534253525362537253825392540254125422543254425452546254725482549255025512552255325542555255625572558255925602561256225632564256525662567256825692570257125722573257425752576257725782579258025812582258325842585258625872588258925902591259225932594259525962597259825992600260126022603260426052606260726082609261026112612261326142615261626172618261926202621262226232624262526262627262826292630263126322633263426352636263726382639264026412642264326442645264626472648264926502651265226532654265526562657265826592660266126622663266426652666266726682669267026712672267326742675267626772678267926802681268226832684268526862687268826892690269126922693269426952696269726982699270027012702270327042705270627072708270927102711271227132714271527162717271827192720272127222723272427252726272727282729273027312732273327342735273627372738273927402741274227432744274527462747274827492750275127522753275427552756275727582759276027612762276327642765276627672768276927702771277227732774277527762777277827792780278127822783278427852786278727882789279027912792279327942795279627972798279928002801280228032804280528062807280828092810281128122813281428152816281728182819282028212822282328242825282628272828282928302831283228332834283528362837283828392840284128422843284428452846284728482849285028512852285328542855285628572858285928602861286228632864286528662867286828692870287128722873287428752876287728782879288028812882288328842885288628872888288928902891289228932894289528962897289828992900290129022903290429052906290729082909291029112912291329142915291629172918291929202921292229232924292529262927292829292930293129322933293429352936293729382939294029412942294329442945294629472948294929502951295229532954295529562957295829592960296129622963296429652966296729682969297029712972297329742975297629772978297929802981298229832984298529862987298829892990299129922993299429952996299729982999300030013002300330043005300630073008300930103011301230133014301530163017301830193020302130223023302430253026302730283029303030313032303330343035303630373038303930403041304230433044304530463047304830493050305130523053305430553056305730583059306030613062306330643065306630673068306930703071307230733074307530763077307830793080308130823083308430853086308730883089309030913092309330943095309630973098309931003101310231033104310531063107310831093110311131123113311431153116311731183119312031213122312331243125312631273128312931303131313231333134313531363137313831393140314131423143314431453146314731483149315031513152315331543155315631573158315931603161316231633164316531663167316831693170317131723173317431753176317731783179318031813182318331843185318631873188318931903191319231933194319531963197319831993200320132023203320432053206320732083209321032113212321332143215321632173218321932203221322232233224322532263227322832293230323132323233323432353236323732383239324032413242324332443245324632473248324932503251325232533254325532563257325832593260326132623263326432653266326732683269327032713272327332743275327632773278327932803281328232833284328532863287328832893290329132923293329432953296329732983299330033013302330333043305330633073308330933103311331233133314331533163317331833193320332133223323332433253326332733283329333033313332333333343335333633373338333933403341334233433344334533463347334833493350335133523353335433553356335733583359336033613362336333643365336633673368336933703371337233733374337533763377337833793380338133823383338433853386338733883389339033913392339333943395339633973398339934003401340234033404340534063407340834093410341134123413341434153416341734183419342034213422342334243425342634273428342934303431343234333434343534363437343834393440344134423443344434453446344734483449345034513452345334543455345634573458345934603461346234633464346534663467346834693470347134723473347434753476347734783479348034813482348334843485348634873488348934903491349234933494349534963497349834993500350135023503350435053506350735083509351035113512351335143515351635173518351935203521352235233524352535263527352835293530353135323533353435353536353735383539354035413542354335443545354635473548354935503551355235533554355535563557355835593560356135623563356435653566356735683569357035713572357335743575357635773578357935803581358235833584358535863587358835893590359135923593359435953596359735983599360036013602360336043605360636073608360936103611361236133614361536163617361836193620362136223623362436253626362736283629363036313632363336343635363636373638363936403641364236433644364536463647364836493650365136523653365436553656365736583659366036613662366336643665366636673668366936703671367236733674367536763677367836793680368136823683368436853686368736883689369036913692369336943695369636973698369937003701370237033704370537063707370837093710371137123713371437153716371737183719372037213722372337243725372637273728372937303731373237333734373537363737373837393740374137423743374437453746374737483749375037513752375337543755375637573758375937603761376237633764376537663767376837693770377137723773377437753776377737783779378037813782378337843785378637873788378937903791379237933794379537963797379837993800380138023803380438053806380738083809381038113812381338143815381638173818381938203821382238233824382538263827382838293830383138323833383438353836383738383839384038413842384338443845384638473848384938503851385238533854385538563857385838593860386138623863386438653866386738683869387038713872
  1. # Default values for kube-prometheus-stack.
  2. # This is a YAML-formatted file.
  3. # Declare variables to be passed into your templates.
  4. ## Provide a name in place of kube-prometheus-stack for `app:` labels
  5. ##
  6. nameOverride: ""
  7. ## Override the deployment namespace
  8. ##
  9. namespaceOverride: ""
  10. ## Provide a k8s version to auto dashboard import script example: kubeTargetVersionOverride: 1.16.6
  11. ##
  12. kubeTargetVersionOverride: ""
  13. ## Allow kubeVersion to be overridden while creating the ingress
  14. ##
  15. kubeVersionOverride: ""
  16. ## Provide a name to substitute for the full names of resources
  17. ##
  18. fullnameOverride: ""
  19. ## Labels to apply to all resources
  20. ##
  21. commonLabels: {}
  22. # scmhash: abc123
  23. # myLabel: aakkmd
  24. ## Create default rules for monitoring the cluster
  25. ##
  26. defaultRules:
  27. create: true
  28. rules:
  29. alertmanager: true
  30. etcd: true
  31. configReloaders: true
  32. general: true
  33. k8s: true
  34. kubeApiserverAvailability: true
  35. kubeApiserverBurnrate: true
  36. kubeApiserverHistogram: true
  37. kubeApiserverSlos: true
  38. kubeControllerManager: true
  39. kubelet: true
  40. kubeProxy: true
  41. kubePrometheusGeneral: true
  42. kubePrometheusNodeRecording: true
  43. kubernetesApps: true
  44. kubernetesResources: true
  45. kubernetesStorage: true
  46. kubernetesSystem: true
  47. kubeSchedulerAlerting: true
  48. kubeSchedulerRecording: true
  49. kubeStateMetrics: true
  50. network: true
  51. node: true
  52. nodeExporterAlerting: true
  53. nodeExporterRecording: true
  54. prometheus: true
  55. prometheusOperator: true
  56. ## Reduce app namespace alert scope
  57. appNamespacesTarget: ".*"
  58. ## Labels for default rules
  59. labels: {}
  60. ## Annotations for default rules
  61. annotations: {}
  62. ## Additional labels for PrometheusRule alerts
  63. additionalRuleLabels: {}
  64. ## Additional annotations for PrometheusRule alerts
  65. additionalRuleAnnotations: {}
  66. ## Prefix for runbook URLs. Use this to override the first part of the runbookURLs that is common to all rules.
  67. runbookUrl: "https://runbooks.prometheus-operator.dev/runbooks"
  68. ## Disabled PrometheusRule alerts
  69. disabled: {}
  70. # KubeAPIDown: true
  71. # NodeRAIDDegraded: true
  72. ## Deprecated way to provide custom recording or alerting rules to be deployed into the cluster.
  73. ##
  74. # additionalPrometheusRules: []
  75. # - name: my-rule-file
  76. # groups:
  77. # - name: my_group
  78. # rules:
  79. # - record: my_record
  80. # expr: 100 * my_record
  81. ## Provide custom recording or alerting rules to be deployed into the cluster.
  82. ##
  83. additionalPrometheusRulesMap: {}
  84. # rule-name:
  85. # groups:
  86. # - name: my_group
  87. # rules:
  88. # - record: my_record
  89. # expr: 100 * my_record
  90. ##
  91. global:
  92. rbac:
  93. create: true
  94. ## Create ClusterRoles that extend the existing view, edit and admin ClusterRoles to interact with prometheus-operator CRDs
  95. ## Ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles
  96. createAggregateClusterRoles: false
  97. pspEnabled: false
  98. pspAnnotations: {}
  99. ## Specify pod annotations
  100. ## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#apparmor
  101. ## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#seccomp
  102. ## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#sysctl
  103. ##
  104. # seccomp.security.alpha.kubernetes.io/allowedProfileNames: '*'
  105. # seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default'
  106. # apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default'
  107. ## Global image registry to use if it needs to be overriden for some specific use cases (e.g local registries, custom images, ...)
  108. ##
  109. imageRegistry: ""
  110. ## Reference to one or more secrets to be used when pulling images
  111. ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
  112. ##
  113. imagePullSecrets: []
  114. # - name: "image-pull-secret"
  115. # or
  116. # - "image-pull-secret"
  117. ## Configuration for alertmanager
  118. ## ref: https://prometheus.io/docs/alerting/alertmanager/
  119. ##
  120. alertmanager:
  121. ## Deploy alertmanager
  122. ##
  123. enabled: true
  124. ## Annotations for Alertmanager
  125. ##
  126. annotations: {}
  127. ## Api that prometheus will use to communicate with alertmanager. Possible values are v1, v2
  128. ##
  129. apiVersion: v2
  130. ## Service account for Alertmanager to use.
  131. ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
  132. ##
  133. serviceAccount:
  134. create: true
  135. name: ""
  136. annotations: {}
  137. automountServiceAccountToken: true
  138. ## Configure pod disruption budgets for Alertmanager
  139. ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget
  140. ## This configuration is immutable once created and will require the PDB to be deleted to be changed
  141. ## https://github.com/kubernetes/kubernetes/issues/45398
  142. ##
  143. podDisruptionBudget:
  144. enabled: false
  145. minAvailable: 1
  146. maxUnavailable: ""
  147. ## Alertmanager configuration directives
  148. ## ref: https://prometheus.io/docs/alerting/configuration/#configuration-file
  149. ## https://prometheus.io/webtools/alerting/routing-tree-editor/
  150. ##
  151. config:
  152. global:
  153. resolve_timeout: 5m
  154. inhibit_rules:
  155. - source_matchers:
  156. - 'severity = critical'
  157. target_matchers:
  158. - 'severity =~ warning|info'
  159. equal:
  160. - 'namespace'
  161. - 'alertname'
  162. - source_matchers:
  163. - 'severity = warning'
  164. target_matchers:
  165. - 'severity = info'
  166. equal:
  167. - 'namespace'
  168. - 'alertname'
  169. - source_matchers:
  170. - 'alertname = InfoInhibitor'
  171. target_matchers:
  172. - 'severity = info'
  173. equal:
  174. - 'namespace'
  175. route:
  176. group_by: ['namespace']
  177. group_wait: 30s
  178. group_interval: 5m
  179. repeat_interval: 12h
  180. receiver: 'null'
  181. routes:
  182. - receiver: 'null'
  183. matchers:
  184. - alertname =~ "InfoInhibitor|Watchdog"
  185. receivers:
  186. - name: 'null'
  187. templates:
  188. - '/etc/alertmanager/config/*.tmpl'
  189. ## Alertmanager configuration directives (as string type, preferred over the config hash map)
  190. ## stringConfig will be used only, if tplConfig is true
  191. ## ref: https://prometheus.io/docs/alerting/configuration/#configuration-file
  192. ## https://prometheus.io/webtools/alerting/routing-tree-editor/
  193. ##
  194. stringConfig: ""
  195. ## Pass the Alertmanager configuration directives through Helm's templating
  196. ## engine. If the Alertmanager configuration contains Alertmanager templates,
  197. ## they'll need to be properly escaped so that they are not interpreted by
  198. ## Helm
  199. ## ref: https://helm.sh/docs/developing_charts/#using-the-tpl-function
  200. ## https://prometheus.io/docs/alerting/configuration/#tmpl_string
  201. ## https://prometheus.io/docs/alerting/notifications/
  202. ## https://prometheus.io/docs/alerting/notification_examples/
  203. tplConfig: false
  204. ## Alertmanager template files to format alerts
  205. ## By default, templateFiles are placed in /etc/alertmanager/config/ and if
  206. ## they have a .tmpl file suffix will be loaded. See config.templates above
  207. ## to change, add other suffixes. If adding other suffixes, be sure to update
  208. ## config.templates above to include those suffixes.
  209. ## ref: https://prometheus.io/docs/alerting/notifications/
  210. ## https://prometheus.io/docs/alerting/notification_examples/
  211. ##
  212. templateFiles: {}
  213. #
  214. ## An example template:
  215. # template_1.tmpl: |-
  216. # {{ define "cluster" }}{{ .ExternalURL | reReplaceAll ".*alertmanager\\.(.*)" "$1" }}{{ end }}
  217. #
  218. # {{ define "slack.myorg.text" }}
  219. # {{- $root := . -}}
  220. # {{ range .Alerts }}
  221. # *Alert:* {{ .Annotations.summary }} - `{{ .Labels.severity }}`
  222. # *Cluster:* {{ template "cluster" $root }}
  223. # *Description:* {{ .Annotations.description }}
  224. # *Graph:* <{{ .GeneratorURL }}|:chart_with_upwards_trend:>
  225. # *Runbook:* <{{ .Annotations.runbook }}|:spiral_note_pad:>
  226. # *Details:*
  227. # {{ range .Labels.SortedPairs }} - *{{ .Name }}:* `{{ .Value }}`
  228. # {{ end }}
  229. # {{ end }}
  230. # {{ end }}
  231. ingress:
  232. enabled: false
  233. # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName
  234. # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress
  235. # ingressClassName: nginx
  236. annotations: {}
  237. labels: {}
  238. ## Redirect ingress to an additional defined port on the service
  239. # servicePort: 8081
  240. ## Hosts must be provided if Ingress is enabled.
  241. ##
  242. hosts: []
  243. # - alertmanager.domain.com
  244. ## Paths to use for ingress rules - one path should match the alertmanagerSpec.routePrefix
  245. ##
  246. paths: []
  247. # - /
  248. ## For Kubernetes >= 1.18 you should specify the pathType (determines how Ingress paths should be matched)
  249. ## See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#better-path-matching-with-path-types
  250. # pathType: ImplementationSpecific
  251. ## TLS configuration for Alertmanager Ingress
  252. ## Secret must be manually created in the namespace
  253. ##
  254. tls: []
  255. # - secretName: alertmanager-general-tls
  256. # hosts:
  257. # - alertmanager.example.com
  258. ## Configuration for Alertmanager secret
  259. ##
  260. secret:
  261. annotations: {}
  262. ## Configuration for creating an Ingress that will map to each Alertmanager replica service
  263. ## alertmanager.servicePerReplica must be enabled
  264. ##
  265. ingressPerReplica:
  266. enabled: false
  267. # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName
  268. # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress
  269. # ingressClassName: nginx
  270. annotations: {}
  271. labels: {}
  272. ## Final form of the hostname for each per replica ingress is
  273. ## {{ ingressPerReplica.hostPrefix }}-{{ $replicaNumber }}.{{ ingressPerReplica.hostDomain }}
  274. ##
  275. ## Prefix for the per replica ingress that will have `-$replicaNumber`
  276. ## appended to the end
  277. hostPrefix: ""
  278. ## Domain that will be used for the per replica ingress
  279. hostDomain: ""
  280. ## Paths to use for ingress rules
  281. ##
  282. paths: []
  283. # - /
  284. ## For Kubernetes >= 1.18 you should specify the pathType (determines how Ingress paths should be matched)
  285. ## See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#better-path-matching-with-path-types
  286. # pathType: ImplementationSpecific
  287. ## Secret name containing the TLS certificate for alertmanager per replica ingress
  288. ## Secret must be manually created in the namespace
  289. tlsSecretName: ""
  290. ## Separated secret for each per replica Ingress. Can be used together with cert-manager
  291. ##
  292. tlsSecretPerReplica:
  293. enabled: false
  294. ## Final form of the secret for each per replica ingress is
  295. ## {{ tlsSecretPerReplica.prefix }}-{{ $replicaNumber }}
  296. ##
  297. prefix: "alertmanager"
  298. ## Configuration for Alertmanager service
  299. ##
  300. service:
  301. annotations: {}
  302. labels: {}
  303. clusterIP: ""
  304. ## Port for Alertmanager Service to listen on
  305. ##
  306. port: 9093
  307. ## To be used with a proxy extraContainer port
  308. ##
  309. targetPort: 9093
  310. ## Port to expose on each node
  311. ## Only used if service.type is 'NodePort'
  312. ##
  313. nodePort: 30903
  314. ## List of IP addresses at which the Prometheus server service is available
  315. ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
  316. ##
  317. ## Additional ports to open for Alertmanager service
  318. additionalPorts: []
  319. # additionalPorts:
  320. # - name: authenticated
  321. # port: 8081
  322. # targetPort: 8081
  323. externalIPs: []
  324. loadBalancerIP: ""
  325. loadBalancerSourceRanges: []
  326. ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints
  327. ##
  328. externalTrafficPolicy: Cluster
  329. ## If you want to make sure that connections from a particular client are passed to the same Pod each time
  330. ## Accepts 'ClientIP' or ''
  331. ##
  332. sessionAffinity: ""
  333. ## Service type
  334. ##
  335. type: ClusterIP
  336. ## Configuration for creating a separate Service for each statefulset Alertmanager replica
  337. ##
  338. servicePerReplica:
  339. enabled: false
  340. annotations: {}
  341. ## Port for Alertmanager Service per replica to listen on
  342. ##
  343. port: 9093
  344. ## To be used with a proxy extraContainer port
  345. targetPort: 9093
  346. ## Port to expose on each node
  347. ## Only used if servicePerReplica.type is 'NodePort'
  348. ##
  349. nodePort: 30904
  350. ## Loadbalancer source IP ranges
  351. ## Only used if servicePerReplica.type is "LoadBalancer"
  352. loadBalancerSourceRanges: []
  353. ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints
  354. ##
  355. externalTrafficPolicy: Cluster
  356. ## Service type
  357. ##
  358. type: ClusterIP
  359. ## If true, create a serviceMonitor for alertmanager
  360. ##
  361. serviceMonitor:
  362. ## Scrape interval. If not set, the Prometheus default scrape interval is used.
  363. ##
  364. interval: ""
  365. selfMonitor: true
  366. ## Additional labels
  367. ##
  368. additionalLabels: {}
  369. ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
  370. ##
  371. sampleLimit: 0
  372. ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
  373. ##
  374. targetLimit: 0
  375. ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  376. ##
  377. labelLimit: 0
  378. ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  379. ##
  380. labelNameLengthLimit: 0
  381. ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  382. ##
  383. labelValueLengthLimit: 0
  384. ## proxyUrl: URL of a proxy that should be used for scraping.
  385. ##
  386. proxyUrl: ""
  387. ## scheme: HTTP scheme to use for scraping. Can be used with `tlsConfig` for example if using istio mTLS.
  388. scheme: ""
  389. ## enableHttp2: Whether to enable HTTP2.
  390. ## See https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#endpoint
  391. enableHttp2: true
  392. ## tlsConfig: TLS configuration to use when scraping the endpoint. For example if using istio mTLS.
  393. ## Of type: https://github.com/coreos/prometheus-operator/blob/main/Documentation/api.md#tlsconfig
  394. tlsConfig: {}
  395. bearerTokenFile:
  396. ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
  397. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
  398. ##
  399. metricRelabelings: []
  400. # - action: keep
  401. # regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
  402. # sourceLabels: [__name__]
  403. ## RelabelConfigs to apply to samples before scraping
  404. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
  405. ##
  406. relabelings: []
  407. # - sourceLabels: [__meta_kubernetes_pod_node_name]
  408. # separator: ;
  409. # regex: ^(.*)$
  410. # targetLabel: nodename
  411. # replacement: $1
  412. # action: replace
  413. ## Settings affecting alertmanagerSpec
  414. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#alertmanagerspec
  415. ##
  416. alertmanagerSpec:
  417. ## Standard object's metadata. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata
  418. ## Metadata Labels and Annotations gets propagated to the Alertmanager pods.
  419. ##
  420. podMetadata: {}
  421. ## Image of Alertmanager
  422. ##
  423. image:
  424. registry: quay.io
  425. repository: prometheus/alertmanager
  426. tag: v0.25.0
  427. sha: ""
  428. ## If true then the user will be responsible to provide a secret with alertmanager configuration
  429. ## So when true the config part will be ignored (including templateFiles) and the one in the secret will be used
  430. ##
  431. useExistingSecret: false
  432. ## Secrets is a list of Secrets in the same namespace as the Alertmanager object, which shall be mounted into the
  433. ## Alertmanager Pods. The Secrets are mounted into /etc/alertmanager/secrets/.
  434. ##
  435. secrets: []
  436. ## ConfigMaps is a list of ConfigMaps in the same namespace as the Alertmanager object, which shall be mounted into the Alertmanager Pods.
  437. ## The ConfigMaps are mounted into /etc/alertmanager/configmaps/.
  438. ##
  439. configMaps: []
  440. ## ConfigSecret is the name of a Kubernetes Secret in the same namespace as the Alertmanager object, which contains configuration for
  441. ## this Alertmanager instance. Defaults to 'alertmanager-' The secret is mounted into /etc/alertmanager/config.
  442. ##
  443. # configSecret:
  444. ## WebTLSConfig defines the TLS parameters for HTTPS
  445. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#alertmanagerwebspec
  446. web: {}
  447. ## AlertmanagerConfigs to be selected to merge and configure Alertmanager with.
  448. ##
  449. alertmanagerConfigSelector: {}
  450. ## Example which selects all alertmanagerConfig resources
  451. ## with label "alertconfig" with values any of "example-config" or "example-config-2"
  452. # alertmanagerConfigSelector:
  453. # matchExpressions:
  454. # - key: alertconfig
  455. # operator: In
  456. # values:
  457. # - example-config
  458. # - example-config-2
  459. #
  460. ## Example which selects all alertmanagerConfig resources with label "role" set to "example-config"
  461. # alertmanagerConfigSelector:
  462. # matchLabels:
  463. # role: example-config
  464. ## Namespaces to be selected for AlertmanagerConfig discovery. If nil, only check own namespace.
  465. ##
  466. alertmanagerConfigNamespaceSelector: {}
  467. ## Example which selects all namespaces
  468. ## with label "alertmanagerconfig" with values any of "example-namespace" or "example-namespace-2"
  469. # alertmanagerConfigNamespaceSelector:
  470. # matchExpressions:
  471. # - key: alertmanagerconfig
  472. # operator: In
  473. # values:
  474. # - example-namespace
  475. # - example-namespace-2
  476. ## Example which selects all namespaces with label "alertmanagerconfig" set to "enabled"
  477. # alertmanagerConfigNamespaceSelector:
  478. # matchLabels:
  479. # alertmanagerconfig: enabled
  480. ## AlermanagerConfig to be used as top level configuration
  481. ##
  482. alertmanagerConfiguration: {}
  483. ## Example with select a global alertmanagerconfig
  484. # alertmanagerConfiguration:
  485. # name: global-alertmanager-Configuration
  486. ## Defines the strategy used by AlertmanagerConfig objects to match alerts. eg:
  487. ##
  488. alertmanagerConfigMatcherStrategy: {}
  489. ## Example with use OnNamespace strategy
  490. # alertmanagerConfigMatcherStrategy:
  491. # type: OnNamespace
  492. ## Define Log Format
  493. # Use logfmt (default) or json logging
  494. logFormat: logfmt
  495. ## Log level for Alertmanager to be configured with.
  496. ##
  497. logLevel: info
  498. ## Size is the expected size of the alertmanager cluster. The controller will eventually make the size of the
  499. ## running cluster equal to the expected size.
  500. replicas: 1
  501. ## Time duration Alertmanager shall retain data for. Default is '120h', and must match the regular expression
  502. ## [0-9]+(ms|s|m|h) (milliseconds seconds minutes hours).
  503. ##
  504. retention: 120h
  505. ## Storage is the definition of how storage will be used by the Alertmanager instances.
  506. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/user-guides/storage.md
  507. ##
  508. storage: {}
  509. # volumeClaimTemplate:
  510. # spec:
  511. # storageClassName: gluster
  512. # accessModes: ["ReadWriteOnce"]
  513. # resources:
  514. # requests:
  515. # storage: 50Gi
  516. # selector: {}
  517. ## The external URL the Alertmanager instances will be available under. This is necessary to generate correct URLs. This is necessary if Alertmanager is not served from root of a DNS name. string false
  518. ##
  519. externalUrl:
  520. ## The route prefix Alertmanager registers HTTP handlers for. This is useful, if using ExternalURL and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true,
  521. ## but the server serves requests under a different route prefix. For example for use with kubectl proxy.
  522. ##
  523. routePrefix: /
  524. ## If set to true all actions on the underlying managed objects are not going to be performed, except for delete actions.
  525. ##
  526. paused: false
  527. ## Define which Nodes the Pods are scheduled on.
  528. ## ref: https://kubernetes.io/docs/user-guide/node-selection/
  529. ##
  530. nodeSelector: {}
  531. ## Define resources requests and limits for single Pods.
  532. ## ref: https://kubernetes.io/docs/user-guide/compute-resources/
  533. ##
  534. resources: {}
  535. # requests:
  536. # memory: 400Mi
  537. ## Pod anti-affinity can prevent the scheduler from placing Prometheus replicas on the same node.
  538. ## The default value "soft" means that the scheduler should *prefer* to not schedule two replica pods onto the same node but no guarantee is provided.
  539. ## The value "hard" means that the scheduler is *required* to not schedule two replica pods onto the same node.
  540. ## The value "" will disable pod anti-affinity so that no anti-affinity rules will be configured.
  541. ##
  542. podAntiAffinity: ""
  543. ## If anti-affinity is enabled sets the topologyKey to use for anti-affinity.
  544. ## This can be changed to, for example, failure-domain.beta.kubernetes.io/zone
  545. ##
  546. podAntiAffinityTopologyKey: kubernetes.io/hostname
  547. ## Assign custom affinity rules to the alertmanager instance
  548. ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
  549. ##
  550. affinity: {}
  551. # nodeAffinity:
  552. # requiredDuringSchedulingIgnoredDuringExecution:
  553. # nodeSelectorTerms:
  554. # - matchExpressions:
  555. # - key: kubernetes.io/e2e-az-name
  556. # operator: In
  557. # values:
  558. # - e2e-az1
  559. # - e2e-az2
  560. ## If specified, the pod's tolerations.
  561. ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
  562. ##
  563. tolerations: []
  564. # - key: "key"
  565. # operator: "Equal"
  566. # value: "value"
  567. # effect: "NoSchedule"
  568. ## If specified, the pod's topology spread constraints.
  569. ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
  570. ##
  571. topologySpreadConstraints: []
  572. # - maxSkew: 1
  573. # topologyKey: topology.kubernetes.io/zone
  574. # whenUnsatisfiable: DoNotSchedule
  575. # labelSelector:
  576. # matchLabels:
  577. # app: alertmanager
  578. ## SecurityContext holds pod-level security attributes and common container settings.
  579. ## This defaults to non root user with uid 1000 and gid 2000. *v1.PodSecurityContext false
  580. ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
  581. ##
  582. securityContext:
  583. runAsGroup: 2000
  584. runAsNonRoot: true
  585. runAsUser: 1000
  586. fsGroup: 2000
  587. ## ListenLocal makes the Alertmanager server listen on loopback, so that it does not bind against the Pod IP.
  588. ## Note this is only for the Alertmanager UI, not the gossip communication.
  589. ##
  590. listenLocal: false
  591. ## Containers allows injecting additional containers. This is meant to allow adding an authentication proxy to an Alertmanager pod.
  592. ##
  593. containers: []
  594. # containers:
  595. # - name: oauth-proxy
  596. # image: quay.io/oauth2-proxy/oauth2-proxy:v7.3.0
  597. # args:
  598. # - --upstream=http://127.0.0.1:9093
  599. # - --http-address=0.0.0.0:8081
  600. # - ...
  601. # ports:
  602. # - containerPort: 8081
  603. # name: oauth-proxy
  604. # protocol: TCP
  605. # resources: {}
  606. # Additional volumes on the output StatefulSet definition.
  607. volumes: []
  608. # Additional VolumeMounts on the output StatefulSet definition.
  609. volumeMounts: []
  610. ## InitContainers allows injecting additional initContainers. This is meant to allow doing some changes
  611. ## (permissions, dir tree) on mounted volumes before starting prometheus
  612. initContainers: []
  613. ## Priority class assigned to the Pods
  614. ##
  615. priorityClassName: ""
  616. ## AdditionalPeers allows injecting a set of additional Alertmanagers to peer with to form a highly available cluster.
  617. ##
  618. additionalPeers: []
  619. ## PortName to use for Alert Manager.
  620. ##
  621. portName: "http-web"
  622. ## ClusterAdvertiseAddress is the explicit address to advertise in cluster. Needs to be provided for non RFC1918 [1] (public) addresses. [1] RFC1918: https://tools.ietf.org/html/rfc1918
  623. ##
  624. clusterAdvertiseAddress: false
  625. ## ForceEnableClusterMode ensures Alertmanager does not deactivate the cluster mode when running with a single replica.
  626. ## Use case is e.g. spanning an Alertmanager cluster across Kubernetes clusters with a single replica in each.
  627. forceEnableClusterMode: false
  628. ## Minimum number of seconds for which a newly created pod should be ready without any of its container crashing for it to
  629. ## be considered available. Defaults to 0 (pod will be considered available as soon as it is ready).
  630. minReadySeconds: 0
  631. ## ExtraSecret can be used to store various data in an extra secret
  632. ## (use it for example to store hashed basic auth credentials)
  633. extraSecret:
  634. ## if not set, name will be auto generated
  635. # name: ""
  636. annotations: {}
  637. data: {}
  638. # auth: |
  639. # foo:$apr1$OFG3Xybp$ckL0FHDAkoXYIlH9.cysT0
  640. # someoneelse:$apr1$DMZX2Z4q$6SbQIfyuLQd.xmo/P0m2c.
  641. ## Using default values from https://github.com/grafana/helm-charts/blob/main/charts/grafana/values.yaml
  642. ##
  643. grafana:
  644. enabled: true
  645. namespaceOverride: ""
  646. ## ForceDeployDatasources Create datasource configmap even if grafana deployment has been disabled
  647. ##
  648. forceDeployDatasources: false
  649. ## ForceDeployDashboard Create dashboard configmap even if grafana deployment has been disabled
  650. ##
  651. forceDeployDashboards: false
  652. ## Deploy default dashboards
  653. ##
  654. defaultDashboardsEnabled: true
  655. ## Timezone for the default dashboards
  656. ## Other options are: browser or a specific timezone, i.e. Europe/Luxembourg
  657. ##
  658. defaultDashboardsTimezone: Europe/Zurich
  659. adminPassword: 2FR3pFRfyZpS5meVDzJX
  660. rbac:
  661. ## If true, Grafana PSPs will be created
  662. ##
  663. pspEnabled: false
  664. ingress:
  665. ## If true, Grafana Ingress will be created
  666. ##
  667. enabled: true
  668. ## IngressClassName for Grafana Ingress.
  669. ## Should be provided if Ingress is enable.
  670. ##
  671. ingressClassName: nginx
  672. ## Annotations for Grafana Ingress
  673. ##
  674. annotations: {
  675. cert-manager.io/cluster-issuer: "letsencrypt",
  676. acme.cert-manager.io/http01-edit-in-place: "true",
  677. ingress.kubernetes.io/ssl-redirect: "true",
  678. nginx.org/redirect-to-https: "true",
  679. }
  680. # kubernetes.io/ingress.class: nginx
  681. # kubernetes.io/tls-acme: "true"
  682. ## Labels to be added to the Ingress
  683. ##
  684. labels: {}
  685. ## Hostnames.
  686. ## Must be provided if Ingress is enable.
  687. ##
  688. # hosts:
  689. # - grafana.domain.com
  690. hosts: ["gfn.dodges.it"]
  691. ## Path for grafana ingress
  692. path: /
  693. ## TLS configuration for grafana Ingress
  694. ## Secret must be manually created in the namespace
  695. ##
  696. #tls: []
  697. tls:
  698. - secretName: gfn-le-secret
  699. hosts:
  700. - gfn.dodges.it
  701. sidecar:
  702. dashboards:
  703. enabled: true
  704. label: grafana_dashboard
  705. labelValue: "1"
  706. # Allow discovery in all namespaces for dashboards
  707. searchNamespace: ALL
  708. ## Annotations for Grafana dashboard configmaps
  709. ##
  710. annotations: {}
  711. multicluster:
  712. global:
  713. enabled: false
  714. etcd:
  715. enabled: false
  716. provider:
  717. allowUiUpdates: false
  718. datasources:
  719. enabled: true
  720. defaultDatasourceEnabled: true
  721. isDefaultDatasource: true
  722. uid: prometheus
  723. ## URL of prometheus datasource
  724. ##
  725. # url: http://prometheus-stack-prometheus:9090/
  726. ## Prometheus request timeout in seconds
  727. # timeout: 30
  728. # If not defined, will use prometheus.prometheusSpec.scrapeInterval or its default
  729. # defaultDatasourceScrapeInterval: 15s
  730. ## Annotations for Grafana datasource configmaps
  731. ##
  732. annotations: {}
  733. ## Set method for HTTP to send query to datasource
  734. httpMethod: POST
  735. ## Create datasource for each Pod of Prometheus StatefulSet;
  736. ## this uses headless service `prometheus-operated` which is
  737. ## created by Prometheus Operator
  738. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/0fee93e12dc7c2ea1218f19ae25ec6b893460590/pkg/prometheus/statefulset.go#L255-L286
  739. createPrometheusReplicasDatasources: false
  740. label: grafana_datasource
  741. labelValue: "1"
  742. ## Field with internal link pointing to existing data source in Grafana.
  743. ## Can be provisioned via additionalDataSources
  744. exemplarTraceIdDestinations: {}
  745. # datasourceUid: Jaeger
  746. # traceIdLabelName: trace_id
  747. extraConfigmapMounts: []
  748. # - name: certs-configmap
  749. # mountPath: /etc/grafana/ssl/
  750. # configMap: certs-configmap
  751. # readOnly: true
  752. deleteDatasources: []
  753. # - name: example-datasource
  754. # orgId: 1
  755. ## Configure additional grafana datasources (passed through tpl)
  756. ## ref: http://docs.grafana.org/administration/provisioning/#datasources
  757. additionalDataSources: []
  758. # - name: prometheus-sample
  759. # access: proxy
  760. # basicAuth: true
  761. # basicAuthPassword: pass
  762. # basicAuthUser: daco
  763. # editable: false
  764. # jsonData:
  765. # tlsSkipVerify: true
  766. # orgId: 1
  767. # type: prometheus
  768. # url: https://{{ printf "%s-prometheus.svc" .Release.Name }}:9090
  769. # version: 1
  770. ## Passed to grafana subchart and used by servicemonitor below
  771. ##
  772. service:
  773. portName: http-web
  774. serviceMonitor:
  775. # If true, a ServiceMonitor CRD is created for a prometheus operator
  776. # https://github.com/coreos/prometheus-operator
  777. #
  778. enabled: true
  779. # Path to use for scraping metrics. Might be different if server.root_url is set
  780. # in grafana.ini
  781. path: "/metrics"
  782. # namespace: monitoring (defaults to use the namespace this chart is deployed to)
  783. # labels for the ServiceMonitor
  784. labels: {}
  785. # Scrape interval. If not set, the Prometheus default scrape interval is used.
  786. #
  787. interval: ""
  788. scheme: http
  789. tlsConfig: {}
  790. scrapeTimeout: 30s
  791. ## RelabelConfigs to apply to samples before scraping
  792. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
  793. ##
  794. relabelings: []
  795. # - sourceLabels: [__meta_kubernetes_pod_node_name]
  796. # separator: ;
  797. # regex: ^(.*)$
  798. # targetLabel: nodename
  799. # replacement: $1
  800. # action: replace
  801. ## Flag to disable all the kubernetes component scrapers
  802. ##
  803. kubernetesServiceMonitors:
  804. enabled: true
  805. ## Component scraping the kube api server
  806. ##
  807. kubeApiServer:
  808. enabled: true
  809. tlsConfig:
  810. serverName: kubernetes
  811. insecureSkipVerify: false
  812. serviceMonitor:
  813. ## Scrape interval. If not set, the Prometheus default scrape interval is used.
  814. ##
  815. interval: ""
  816. ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
  817. ##
  818. sampleLimit: 0
  819. ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
  820. ##
  821. targetLimit: 0
  822. ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  823. ##
  824. labelLimit: 0
  825. ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  826. ##
  827. labelNameLengthLimit: 0
  828. ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  829. ##
  830. labelValueLengthLimit: 0
  831. ## proxyUrl: URL of a proxy that should be used for scraping.
  832. ##
  833. proxyUrl: ""
  834. jobLabel: component
  835. selector:
  836. matchLabels:
  837. component: apiserver
  838. provider: kubernetes
  839. ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
  840. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
  841. ##
  842. metricRelabelings:
  843. # Drop excessively noisy apiserver buckets.
  844. - action: drop
  845. regex: apiserver_request_duration_seconds_bucket;(0.15|0.2|0.3|0.35|0.4|0.45|0.6|0.7|0.8|0.9|1.25|1.5|1.75|2|3|3.5|4|4.5|6|7|8|9|15|25|40|50)
  846. sourceLabels:
  847. - __name__
  848. - le
  849. # - action: keep
  850. # regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
  851. # sourceLabels: [__name__]
  852. ## RelabelConfigs to apply to samples before scraping
  853. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
  854. ##
  855. relabelings: []
  856. # - sourceLabels:
  857. # - __meta_kubernetes_namespace
  858. # - __meta_kubernetes_service_name
  859. # - __meta_kubernetes_endpoint_port_name
  860. # action: keep
  861. # regex: default;kubernetes;https
  862. # - targetLabel: __address__
  863. # replacement: kubernetes.default.svc:443
  864. ## Additional labels
  865. ##
  866. additionalLabels: {}
  867. # foo: bar
  868. ## Component scraping the kubelet and kubelet-hosted cAdvisor
  869. ##
  870. kubelet:
  871. enabled: true
  872. namespace: kube-system
  873. serviceMonitor:
  874. ## Scrape interval. If not set, the Prometheus default scrape interval is used.
  875. ##
  876. interval: ""
  877. ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
  878. ##
  879. sampleLimit: 0
  880. ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
  881. ##
  882. targetLimit: 0
  883. ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  884. ##
  885. labelLimit: 0
  886. ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  887. ##
  888. labelNameLengthLimit: 0
  889. ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  890. ##
  891. labelValueLengthLimit: 0
  892. ## proxyUrl: URL of a proxy that should be used for scraping.
  893. ##
  894. proxyUrl: ""
  895. ## Enable scraping the kubelet over https. For requirements to enable this see
  896. ## https://github.com/prometheus-operator/prometheus-operator/issues/926
  897. ##
  898. https: true
  899. ## Enable scraping /metrics/cadvisor from kubelet's service
  900. ##
  901. cAdvisor: true
  902. ## Enable scraping /metrics/probes from kubelet's service
  903. ##
  904. probes: true
  905. ## Enable scraping /metrics/resource from kubelet's service
  906. ## This is disabled by default because container metrics are already exposed by cAdvisor
  907. ##
  908. resource: false
  909. # From kubernetes 1.18, /metrics/resource/v1alpha1 renamed to /metrics/resource
  910. resourcePath: "/metrics/resource/v1alpha1"
  911. ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
  912. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
  913. ##
  914. cAdvisorMetricRelabelings:
  915. # Drop less useful container CPU metrics.
  916. - sourceLabels: [__name__]
  917. action: drop
  918. regex: 'container_cpu_(cfs_throttled_seconds_total|load_average_10s|system_seconds_total|user_seconds_total)'
  919. # Drop less useful container / always zero filesystem metrics.
  920. - sourceLabels: [__name__]
  921. action: drop
  922. regex: 'container_fs_(io_current|io_time_seconds_total|io_time_weighted_seconds_total|reads_merged_total|sector_reads_total|sector_writes_total|writes_merged_total)'
  923. # Drop less useful / always zero container memory metrics.
  924. - sourceLabels: [__name__]
  925. action: drop
  926. regex: 'container_memory_(mapped_file|swap)'
  927. # Drop less useful container process metrics.
  928. - sourceLabels: [__name__]
  929. action: drop
  930. regex: 'container_(file_descriptors|tasks_state|threads_max)'
  931. # Drop container spec metrics that overlap with kube-state-metrics.
  932. - sourceLabels: [__name__]
  933. action: drop
  934. regex: 'container_spec.*'
  935. # Drop cgroup metrics with no pod.
  936. - sourceLabels: [id, pod]
  937. action: drop
  938. regex: '.+;'
  939. # - sourceLabels: [__name__, image]
  940. # separator: ;
  941. # regex: container_([a-z_]+);
  942. # replacement: $1
  943. # action: drop
  944. # - sourceLabels: [__name__]
  945. # separator: ;
  946. # regex: container_(network_tcp_usage_total|network_udp_usage_total|tasks_state|cpu_load_average_10s)
  947. # replacement: $1
  948. # action: drop
  949. ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
  950. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
  951. ##
  952. probesMetricRelabelings: []
  953. # - sourceLabels: [__name__, image]
  954. # separator: ;
  955. # regex: container_([a-z_]+);
  956. # replacement: $1
  957. # action: drop
  958. # - sourceLabels: [__name__]
  959. # separator: ;
  960. # regex: container_(network_tcp_usage_total|network_udp_usage_total|tasks_state|cpu_load_average_10s)
  961. # replacement: $1
  962. # action: drop
  963. ## RelabelConfigs to apply to samples before scraping
  964. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
  965. ##
  966. ## metrics_path is required to match upstream rules and charts
  967. cAdvisorRelabelings:
  968. - action: replace
  969. sourceLabels: [__metrics_path__]
  970. targetLabel: metrics_path
  971. # - sourceLabels: [__meta_kubernetes_pod_node_name]
  972. # separator: ;
  973. # regex: ^(.*)$
  974. # targetLabel: nodename
  975. # replacement: $1
  976. # action: replace
  977. ## RelabelConfigs to apply to samples before scraping
  978. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
  979. ##
  980. probesRelabelings:
  981. - action: replace
  982. sourceLabels: [__metrics_path__]
  983. targetLabel: metrics_path
  984. # - sourceLabels: [__meta_kubernetes_pod_node_name]
  985. # separator: ;
  986. # regex: ^(.*)$
  987. # targetLabel: nodename
  988. # replacement: $1
  989. # action: replace
  990. ## RelabelConfigs to apply to samples before scraping
  991. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
  992. ##
  993. resourceRelabelings:
  994. - action: replace
  995. sourceLabels: [__metrics_path__]
  996. targetLabel: metrics_path
  997. # - sourceLabels: [__meta_kubernetes_pod_node_name]
  998. # separator: ;
  999. # regex: ^(.*)$
  1000. # targetLabel: nodename
  1001. # replacement: $1
  1002. # action: replace
  1003. ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
  1004. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
  1005. ##
  1006. metricRelabelings: []
  1007. # - sourceLabels: [__name__, image]
  1008. # separator: ;
  1009. # regex: container_([a-z_]+);
  1010. # replacement: $1
  1011. # action: drop
  1012. # - sourceLabels: [__name__]
  1013. # separator: ;
  1014. # regex: container_(network_tcp_usage_total|network_udp_usage_total|tasks_state|cpu_load_average_10s)
  1015. # replacement: $1
  1016. # action: drop
  1017. ## RelabelConfigs to apply to samples before scraping
  1018. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
  1019. ##
  1020. ## metrics_path is required to match upstream rules and charts
  1021. relabelings:
  1022. - action: replace
  1023. sourceLabels: [__metrics_path__]
  1024. targetLabel: metrics_path
  1025. # - sourceLabels: [__meta_kubernetes_pod_node_name]
  1026. # separator: ;
  1027. # regex: ^(.*)$
  1028. # targetLabel: nodename
  1029. # replacement: $1
  1030. # action: replace
  1031. ## Additional labels
  1032. ##
  1033. additionalLabels: {}
  1034. # foo: bar
  1035. ## Component scraping the kube controller manager
  1036. ##
  1037. kubeControllerManager:
  1038. enabled: true
  1039. ## If your kube controller manager is not deployed as a pod, specify IPs it can be found on
  1040. ##
  1041. endpoints: []
  1042. # - 10.141.4.22
  1043. # - 10.141.4.23
  1044. # - 10.141.4.24
  1045. ## If using kubeControllerManager.endpoints only the port and targetPort are used
  1046. ##
  1047. service:
  1048. enabled: true
  1049. ## If null or unset, the value is determined dynamically based on target Kubernetes version due to change
  1050. ## of default port in Kubernetes 1.22.
  1051. ##
  1052. port: null
  1053. targetPort: null
  1054. # selector:
  1055. # component: kube-controller-manager
  1056. serviceMonitor:
  1057. enabled: true
  1058. ## Scrape interval. If not set, the Prometheus default scrape interval is used.
  1059. ##
  1060. interval: ""
  1061. ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
  1062. ##
  1063. sampleLimit: 0
  1064. ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
  1065. ##
  1066. targetLimit: 0
  1067. ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  1068. ##
  1069. labelLimit: 0
  1070. ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  1071. ##
  1072. labelNameLengthLimit: 0
  1073. ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  1074. ##
  1075. labelValueLengthLimit: 0
  1076. ## proxyUrl: URL of a proxy that should be used for scraping.
  1077. ##
  1078. proxyUrl: ""
  1079. ## Enable scraping kube-controller-manager over https.
  1080. ## Requires proper certs (not self-signed) and delegated authentication/authorization checks.
  1081. ## If null or unset, the value is determined dynamically based on target Kubernetes version.
  1082. ##
  1083. https: null
  1084. # Skip TLS certificate validation when scraping
  1085. insecureSkipVerify: null
  1086. # Name of the server to use when validating TLS certificate
  1087. serverName: null
  1088. ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
  1089. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
  1090. ##
  1091. metricRelabelings: []
  1092. # - action: keep
  1093. # regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
  1094. # sourceLabels: [__name__]
  1095. ## RelabelConfigs to apply to samples before scraping
  1096. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
  1097. ##
  1098. relabelings: []
  1099. # - sourceLabels: [__meta_kubernetes_pod_node_name]
  1100. # separator: ;
  1101. # regex: ^(.*)$
  1102. # targetLabel: nodename
  1103. # replacement: $1
  1104. # action: replace
  1105. ## Additional labels
  1106. ##
  1107. additionalLabels: {}
  1108. # foo: bar
  1109. ## Component scraping coreDns. Use either this or kubeDns
  1110. ##
  1111. coreDns:
  1112. enabled: true
  1113. service:
  1114. port: 9153
  1115. targetPort: 9153
  1116. # selector:
  1117. # k8s-app: kube-dns
  1118. serviceMonitor:
  1119. ## Scrape interval. If not set, the Prometheus default scrape interval is used.
  1120. ##
  1121. interval: ""
  1122. ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
  1123. ##
  1124. sampleLimit: 0
  1125. ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
  1126. ##
  1127. targetLimit: 0
  1128. ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  1129. ##
  1130. labelLimit: 0
  1131. ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  1132. ##
  1133. labelNameLengthLimit: 0
  1134. ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  1135. ##
  1136. labelValueLengthLimit: 0
  1137. ## proxyUrl: URL of a proxy that should be used for scraping.
  1138. ##
  1139. proxyUrl: ""
  1140. ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
  1141. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
  1142. ##
  1143. metricRelabelings: []
  1144. # - action: keep
  1145. # regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
  1146. # sourceLabels: [__name__]
  1147. ## RelabelConfigs to apply to samples before scraping
  1148. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
  1149. ##
  1150. relabelings: []
  1151. # - sourceLabels: [__meta_kubernetes_pod_node_name]
  1152. # separator: ;
  1153. # regex: ^(.*)$
  1154. # targetLabel: nodename
  1155. # replacement: $1
  1156. # action: replace
  1157. ## Additional labels
  1158. ##
  1159. additionalLabels: {}
  1160. # foo: bar
  1161. ## Component scraping kubeDns. Use either this or coreDns
  1162. ##
  1163. kubeDns:
  1164. enabled: false
  1165. service:
  1166. dnsmasq:
  1167. port: 10054
  1168. targetPort: 10054
  1169. skydns:
  1170. port: 10055
  1171. targetPort: 10055
  1172. # selector:
  1173. # k8s-app: kube-dns
  1174. serviceMonitor:
  1175. ## Scrape interval. If not set, the Prometheus default scrape interval is used.
  1176. ##
  1177. interval: ""
  1178. ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
  1179. ##
  1180. sampleLimit: 0
  1181. ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
  1182. ##
  1183. targetLimit: 0
  1184. ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  1185. ##
  1186. labelLimit: 0
  1187. ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  1188. ##
  1189. labelNameLengthLimit: 0
  1190. ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  1191. ##
  1192. labelValueLengthLimit: 0
  1193. ## proxyUrl: URL of a proxy that should be used for scraping.
  1194. ##
  1195. proxyUrl: ""
  1196. ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
  1197. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
  1198. ##
  1199. metricRelabelings: []
  1200. # - action: keep
  1201. # regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
  1202. # sourceLabels: [__name__]
  1203. ## RelabelConfigs to apply to samples before scraping
  1204. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
  1205. ##
  1206. relabelings: []
  1207. # - sourceLabels: [__meta_kubernetes_pod_node_name]
  1208. # separator: ;
  1209. # regex: ^(.*)$
  1210. # targetLabel: nodename
  1211. # replacement: $1
  1212. # action: replace
  1213. ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
  1214. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
  1215. ##
  1216. dnsmasqMetricRelabelings: []
  1217. # - action: keep
  1218. # regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
  1219. # sourceLabels: [__name__]
  1220. ## RelabelConfigs to apply to samples before scraping
  1221. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
  1222. ##
  1223. dnsmasqRelabelings: []
  1224. # - sourceLabels: [__meta_kubernetes_pod_node_name]
  1225. # separator: ;
  1226. # regex: ^(.*)$
  1227. # targetLabel: nodename
  1228. # replacement: $1
  1229. # action: replace
  1230. ## Additional labels
  1231. ##
  1232. additionalLabels: {}
  1233. # foo: bar
  1234. ## Component scraping etcd
  1235. ##
  1236. kubeEtcd:
  1237. enabled: true
  1238. ## If your etcd is not deployed as a pod, specify IPs it can be found on
  1239. ##
  1240. endpoints: []
  1241. # - 10.141.4.22
  1242. # - 10.141.4.23
  1243. # - 10.141.4.24
  1244. ## Etcd service. If using kubeEtcd.endpoints only the port and targetPort are used
  1245. ##
  1246. service:
  1247. enabled: true
  1248. port: 2381
  1249. targetPort: 2381
  1250. # selector:
  1251. # component: etcd
  1252. ## Configure secure access to the etcd cluster by loading a secret into prometheus and
  1253. ## specifying security configuration below. For example, with a secret named etcd-client-cert
  1254. ##
  1255. ## serviceMonitor:
  1256. ## scheme: https
  1257. ## insecureSkipVerify: false
  1258. ## serverName: localhost
  1259. ## caFile: /etc/prometheus/secrets/etcd-client-cert/etcd-ca
  1260. ## certFile: /etc/prometheus/secrets/etcd-client-cert/etcd-client
  1261. ## keyFile: /etc/prometheus/secrets/etcd-client-cert/etcd-client-key
  1262. ##
  1263. serviceMonitor:
  1264. enabled: true
  1265. ## Scrape interval. If not set, the Prometheus default scrape interval is used.
  1266. ##
  1267. interval: ""
  1268. ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
  1269. ##
  1270. sampleLimit: 0
  1271. ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
  1272. ##
  1273. targetLimit: 0
  1274. ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  1275. ##
  1276. labelLimit: 0
  1277. ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  1278. ##
  1279. labelNameLengthLimit: 0
  1280. ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  1281. ##
  1282. labelValueLengthLimit: 0
  1283. ## proxyUrl: URL of a proxy that should be used for scraping.
  1284. ##
  1285. proxyUrl: ""
  1286. scheme: http
  1287. insecureSkipVerify: false
  1288. serverName: ""
  1289. caFile: ""
  1290. certFile: ""
  1291. keyFile: ""
  1292. ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
  1293. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
  1294. ##
  1295. metricRelabelings: []
  1296. # - action: keep
  1297. # regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
  1298. # sourceLabels: [__name__]
  1299. ## RelabelConfigs to apply to samples before scraping
  1300. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
  1301. ##
  1302. relabelings: []
  1303. # - sourceLabels: [__meta_kubernetes_pod_node_name]
  1304. # separator: ;
  1305. # regex: ^(.*)$
  1306. # targetLabel: nodename
  1307. # replacement: $1
  1308. # action: replace
  1309. ## Additional labels
  1310. ##
  1311. additionalLabels: {}
  1312. # foo: bar
  1313. ## Component scraping kube scheduler
  1314. ##
  1315. kubeScheduler:
  1316. enabled: true
  1317. ## If your kube scheduler is not deployed as a pod, specify IPs it can be found on
  1318. ##
  1319. endpoints: []
  1320. # - 10.141.4.22
  1321. # - 10.141.4.23
  1322. # - 10.141.4.24
  1323. ## If using kubeScheduler.endpoints only the port and targetPort are used
  1324. ##
  1325. service:
  1326. enabled: true
  1327. ## If null or unset, the value is determined dynamically based on target Kubernetes version due to change
  1328. ## of default port in Kubernetes 1.23.
  1329. ##
  1330. port: null
  1331. targetPort: null
  1332. # selector:
  1333. # component: kube-scheduler
  1334. serviceMonitor:
  1335. enabled: true
  1336. ## Scrape interval. If not set, the Prometheus default scrape interval is used.
  1337. ##
  1338. interval: ""
  1339. ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
  1340. ##
  1341. sampleLimit: 0
  1342. ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
  1343. ##
  1344. targetLimit: 0
  1345. ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  1346. ##
  1347. labelLimit: 0
  1348. ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  1349. ##
  1350. labelNameLengthLimit: 0
  1351. ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  1352. ##
  1353. labelValueLengthLimit: 0
  1354. ## proxyUrl: URL of a proxy that should be used for scraping.
  1355. ##
  1356. proxyUrl: ""
  1357. ## Enable scraping kube-scheduler over https.
  1358. ## Requires proper certs (not self-signed) and delegated authentication/authorization checks.
  1359. ## If null or unset, the value is determined dynamically based on target Kubernetes version.
  1360. ##
  1361. https: null
  1362. ## Skip TLS certificate validation when scraping
  1363. insecureSkipVerify: null
  1364. ## Name of the server to use when validating TLS certificate
  1365. serverName: null
  1366. ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
  1367. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
  1368. ##
  1369. metricRelabelings: []
  1370. # - action: keep
  1371. # regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
  1372. # sourceLabels: [__name__]
  1373. ## RelabelConfigs to apply to samples before scraping
  1374. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
  1375. ##
  1376. relabelings: []
  1377. # - sourceLabels: [__meta_kubernetes_pod_node_name]
  1378. # separator: ;
  1379. # regex: ^(.*)$
  1380. # targetLabel: nodename
  1381. # replacement: $1
  1382. # action: replace
  1383. ## Additional labels
  1384. ##
  1385. additionalLabels: {}
  1386. # foo: bar
  1387. ## Component scraping kube proxy
  1388. ##
  1389. kubeProxy:
  1390. enabled: true
  1391. ## If your kube proxy is not deployed as a pod, specify IPs it can be found on
  1392. ##
  1393. endpoints: []
  1394. # - 10.141.4.22
  1395. # - 10.141.4.23
  1396. # - 10.141.4.24
  1397. service:
  1398. enabled: true
  1399. port: 10249
  1400. targetPort: 10249
  1401. # selector:
  1402. # k8s-app: kube-proxy
  1403. serviceMonitor:
  1404. enabled: true
  1405. ## Scrape interval. If not set, the Prometheus default scrape interval is used.
  1406. ##
  1407. interval: ""
  1408. ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
  1409. ##
  1410. sampleLimit: 0
  1411. ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
  1412. ##
  1413. targetLimit: 0
  1414. ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  1415. ##
  1416. labelLimit: 0
  1417. ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  1418. ##
  1419. labelNameLengthLimit: 0
  1420. ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  1421. ##
  1422. labelValueLengthLimit: 0
  1423. ## proxyUrl: URL of a proxy that should be used for scraping.
  1424. ##
  1425. proxyUrl: ""
  1426. ## Enable scraping kube-proxy over https.
  1427. ## Requires proper certs (not self-signed) and delegated authentication/authorization checks
  1428. ##
  1429. https: false
  1430. ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
  1431. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
  1432. ##
  1433. metricRelabelings: []
  1434. # - action: keep
  1435. # regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
  1436. # sourceLabels: [__name__]
  1437. ## RelabelConfigs to apply to samples before scraping
  1438. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
  1439. ##
  1440. relabelings: []
  1441. # - action: keep
  1442. # regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
  1443. # sourceLabels: [__name__]
  1444. ## Additional labels
  1445. ##
  1446. additionalLabels: {}
  1447. # foo: bar
  1448. ## Component scraping kube state metrics
  1449. ##
  1450. kubeStateMetrics:
  1451. enabled: true
  1452. ## Configuration for kube-state-metrics subchart
  1453. ##
  1454. kube-state-metrics:
  1455. namespaceOverride: ""
  1456. rbac:
  1457. create: true
  1458. releaseLabel: true
  1459. prometheus:
  1460. monitor:
  1461. enabled: true
  1462. ## Scrape interval. If not set, the Prometheus default scrape interval is used.
  1463. ##
  1464. interval: ""
  1465. ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
  1466. ##
  1467. sampleLimit: 0
  1468. ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
  1469. ##
  1470. targetLimit: 0
  1471. ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  1472. ##
  1473. labelLimit: 0
  1474. ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  1475. ##
  1476. labelNameLengthLimit: 0
  1477. ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  1478. ##
  1479. labelValueLengthLimit: 0
  1480. ## Scrape Timeout. If not set, the Prometheus default scrape timeout is used.
  1481. ##
  1482. scrapeTimeout: ""
  1483. ## proxyUrl: URL of a proxy that should be used for scraping.
  1484. ##
  1485. proxyUrl: ""
  1486. # Keep labels from scraped data, overriding server-side labels
  1487. ##
  1488. honorLabels: true
  1489. ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
  1490. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
  1491. ##
  1492. metricRelabelings: []
  1493. # - action: keep
  1494. # regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
  1495. # sourceLabels: [__name__]
  1496. ## RelabelConfigs to apply to samples before scraping
  1497. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
  1498. ##
  1499. relabelings: []
  1500. # - sourceLabels: [__meta_kubernetes_pod_node_name]
  1501. # separator: ;
  1502. # regex: ^(.*)$
  1503. # targetLabel: nodename
  1504. # replacement: $1
  1505. # action: replace
  1506. selfMonitor:
  1507. enabled: false
  1508. ## Deploy node exporter as a daemonset to all nodes
  1509. ##
  1510. nodeExporter:
  1511. enabled: true
  1512. ## Configuration for prometheus-node-exporter subchart
  1513. ##
  1514. prometheus-node-exporter:
  1515. namespaceOverride: ""
  1516. podLabels:
  1517. ## Add the 'node-exporter' label to be used by serviceMonitor to match standard common usage in rules and grafana dashboards
  1518. ##
  1519. jobLabel: node-exporter
  1520. releaseLabel: true
  1521. extraArgs:
  1522. - --collector.filesystem.mount-points-exclude=^/(dev|proc|sys|var/lib/docker/.+|var/lib/kubelet/.+)($|/)
  1523. - --collector.filesystem.fs-types-exclude=^(autofs|binfmt_misc|bpf|cgroup2?|configfs|debugfs|devpts|devtmpfs|fusectl|hugetlbfs|iso9660|mqueue|nsfs|overlay|proc|procfs|pstore|rpc_pipefs|securityfs|selinuxfs|squashfs|sysfs|tracefs)$
  1524. service:
  1525. portName: http-metrics
  1526. prometheus:
  1527. monitor:
  1528. enabled: true
  1529. jobLabel: jobLabel
  1530. ## Scrape interval. If not set, the Prometheus default scrape interval is used.
  1531. ##
  1532. interval: ""
  1533. ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
  1534. ##
  1535. sampleLimit: 0
  1536. ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
  1537. ##
  1538. targetLimit: 0
  1539. ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  1540. ##
  1541. labelLimit: 0
  1542. ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  1543. ##
  1544. labelNameLengthLimit: 0
  1545. ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  1546. ##
  1547. labelValueLengthLimit: 0
  1548. ## How long until a scrape request times out. If not set, the Prometheus default scape timeout is used.
  1549. ##
  1550. scrapeTimeout: ""
  1551. ## proxyUrl: URL of a proxy that should be used for scraping.
  1552. ##
  1553. proxyUrl: ""
  1554. ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
  1555. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
  1556. ##
  1557. metricRelabelings: []
  1558. # - sourceLabels: [__name__]
  1559. # separator: ;
  1560. # regex: ^node_mountstats_nfs_(event|operations|transport)_.+
  1561. # replacement: $1
  1562. # action: drop
  1563. ## RelabelConfigs to apply to samples before scraping
  1564. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
  1565. ##
  1566. relabelings: []
  1567. # - sourceLabels: [__meta_kubernetes_pod_node_name]
  1568. # separator: ;
  1569. # regex: ^(.*)$
  1570. # targetLabel: nodename
  1571. # replacement: $1
  1572. # action: replace
  1573. rbac:
  1574. ## If true, create PSPs for node-exporter
  1575. ##
  1576. pspEnabled: false
  1577. ## Manages Prometheus and Alertmanager components
  1578. ##
  1579. prometheusOperator:
  1580. enabled: true
  1581. ## Prometheus-Operator v0.39.0 and later support TLS natively.
  1582. ##
  1583. tls:
  1584. enabled: true
  1585. # Value must match version names from https://golang.org/pkg/crypto/tls/#pkg-constants
  1586. tlsMinVersion: VersionTLS13
  1587. # The default webhook port is 10250 in order to work out-of-the-box in GKE private clusters and avoid adding firewall rules.
  1588. internalPort: 10250
  1589. ## Admission webhook support for PrometheusRules resources added in Prometheus Operator 0.30 can be enabled to prevent incorrectly formatted
  1590. ## rules from making their way into prometheus and potentially preventing the container from starting
  1591. admissionWebhooks:
  1592. ## Valid values: Fail, Ignore, IgnoreOnInstallOnly
  1593. ## IgnoreOnInstallOnly - If Release.IsInstall returns "true", set "Ignore" otherwise "Fail"
  1594. failurePolicy:
  1595. ## The default timeoutSeconds is 10 and the maximum value is 30.
  1596. timeoutSeconds: 10
  1597. enabled: true
  1598. ## A PEM encoded CA bundle which will be used to validate the webhook's server certificate.
  1599. ## If unspecified, system trust roots on the apiserver are used.
  1600. caBundle: ""
  1601. ## If enabled, generate a self-signed certificate, then patch the webhook configurations with the generated data.
  1602. ## On chart upgrades (or if the secret exists) the cert will not be re-generated. You can use this to provide your own
  1603. ## certs ahead of time if you wish.
  1604. ##
  1605. annotations: {}
  1606. # argocd.argoproj.io/hook: PreSync
  1607. # argocd.argoproj.io/hook-delete-policy: HookSucceeded
  1608. patch:
  1609. enabled: true
  1610. image:
  1611. registry: registry.k8s.io
  1612. repository: ingress-nginx/kube-webhook-certgen
  1613. tag: v20221220-controller-v1.5.1-58-g787ea74b6
  1614. sha: ""
  1615. pullPolicy: IfNotPresent
  1616. resources: {}
  1617. ## Provide a priority class name to the webhook patching job
  1618. ##
  1619. priorityClassName: ""
  1620. annotations: {}
  1621. # argocd.argoproj.io/hook: PreSync
  1622. # argocd.argoproj.io/hook-delete-policy: HookSucceeded
  1623. podAnnotations: {}
  1624. nodeSelector: {}
  1625. affinity: {}
  1626. tolerations: []
  1627. ## SecurityContext holds pod-level security attributes and common container settings.
  1628. ## This defaults to non root user with uid 2000 and gid 2000. *v1.PodSecurityContext false
  1629. ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
  1630. ##
  1631. securityContext:
  1632. runAsGroup: 2000
  1633. runAsNonRoot: true
  1634. runAsUser: 2000
  1635. # Security context for create job container
  1636. createSecretJob:
  1637. securityContext: {}
  1638. # Security context for patch job container
  1639. patchWebhookJob:
  1640. securityContext: {}
  1641. # Use certmanager to generate webhook certs
  1642. certManager:
  1643. enabled: false
  1644. # self-signed root certificate
  1645. rootCert:
  1646. duration: "" # default to be 5y
  1647. admissionCert:
  1648. duration: "" # default to be 1y
  1649. # issuerRef:
  1650. # name: "issuer"
  1651. # kind: "ClusterIssuer"
  1652. ## Namespaces to scope the interaction of the Prometheus Operator and the apiserver (allow list).
  1653. ## This is mutually exclusive with denyNamespaces. Setting this to an empty object will disable the configuration
  1654. ##
  1655. namespaces: {}
  1656. # releaseNamespace: true
  1657. # additional:
  1658. # - kube-system
  1659. ## Namespaces not to scope the interaction of the Prometheus Operator (deny list).
  1660. ##
  1661. denyNamespaces: []
  1662. ## Filter namespaces to look for prometheus-operator custom resources
  1663. ##
  1664. alertmanagerInstanceNamespaces: []
  1665. alertmanagerConfigNamespaces: []
  1666. prometheusInstanceNamespaces: []
  1667. thanosRulerInstanceNamespaces: []
  1668. ## The clusterDomain value will be added to the cluster.peer option of the alertmanager.
  1669. ## Without this specified option cluster.peer will have value alertmanager-monitoring-alertmanager-0.alertmanager-operated:9094 (default value)
  1670. ## With this specified option cluster.peer will have value alertmanager-monitoring-alertmanager-0.alertmanager-operated.namespace.svc.cluster-domain:9094
  1671. ##
  1672. # clusterDomain: "cluster.local"
  1673. networkPolicy:
  1674. ## Enable creation of NetworkPolicy resources.
  1675. ##
  1676. enabled: false
  1677. ## Flavor of the network policy to use.
  1678. # Can be:
  1679. # * kubernetes for networking.k8s.io/v1/NetworkPolicy
  1680. # * cilium for cilium.io/v2/CiliumNetworkPolicy
  1681. flavor: kubernetes
  1682. # cilium:
  1683. # egress:
  1684. ## Service account for Alertmanager to use.
  1685. ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
  1686. ##
  1687. serviceAccount:
  1688. create: true
  1689. name: ""
  1690. ## Configuration for Prometheus operator service
  1691. ##
  1692. service:
  1693. annotations: {}
  1694. labels: {}
  1695. clusterIP: ""
  1696. ## Port to expose on each node
  1697. ## Only used if service.type is 'NodePort'
  1698. ##
  1699. nodePort: 30080
  1700. nodePortTls: 30443
  1701. ## Additional ports to open for Prometheus service
  1702. ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#multi-port-services
  1703. ##
  1704. additionalPorts: []
  1705. ## Loadbalancer IP
  1706. ## Only use if service.type is "LoadBalancer"
  1707. ##
  1708. loadBalancerIP: ""
  1709. loadBalancerSourceRanges: []
  1710. ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints
  1711. ##
  1712. externalTrafficPolicy: Cluster
  1713. ## Service type
  1714. ## NodePort, ClusterIP, LoadBalancer
  1715. ##
  1716. type: ClusterIP
  1717. ## List of IP addresses at which the Prometheus server service is available
  1718. ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
  1719. ##
  1720. externalIPs: []
  1721. # ## Labels to add to the operator deployment
  1722. # ##
  1723. labels: {}
  1724. ## Annotations to add to the operator deployment
  1725. ##
  1726. annotations: {}
  1727. ## Labels to add to the operator pod
  1728. ##
  1729. podLabels: {}
  1730. ## Annotations to add to the operator pod
  1731. ##
  1732. podAnnotations: {}
  1733. ## Assign a PriorityClassName to pods if set
  1734. # priorityClassName: ""
  1735. ## Define Log Format
  1736. # Use logfmt (default) or json logging
  1737. # logFormat: logfmt
  1738. ## Decrease log verbosity to errors only
  1739. # logLevel: error
  1740. ## If true, the operator will create and maintain a service for scraping kubelets
  1741. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/helm/prometheus-operator/README.md
  1742. ##
  1743. kubeletService:
  1744. enabled: true
  1745. namespace: kube-system
  1746. ## Use '{{ template "kube-prometheus-stack.fullname" . }}-kubelet' by default
  1747. name: ""
  1748. ## Create a servicemonitor for the operator
  1749. ##
  1750. serviceMonitor:
  1751. ## Labels for ServiceMonitor
  1752. additionalLabels: {}
  1753. ## Scrape interval. If not set, the Prometheus default scrape interval is used.
  1754. ##
  1755. interval: ""
  1756. ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
  1757. ##
  1758. sampleLimit: 0
  1759. ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
  1760. ##
  1761. targetLimit: 0
  1762. ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  1763. ##
  1764. labelLimit: 0
  1765. ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  1766. ##
  1767. labelNameLengthLimit: 0
  1768. ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  1769. ##
  1770. labelValueLengthLimit: 0
  1771. ## Scrape timeout. If not set, the Prometheus default scrape timeout is used.
  1772. scrapeTimeout: ""
  1773. selfMonitor: true
  1774. ## Metric relabel configs to apply to samples before ingestion.
  1775. ##
  1776. metricRelabelings: []
  1777. # - action: keep
  1778. # regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
  1779. # sourceLabels: [__name__]
  1780. # relabel configs to apply to samples before ingestion.
  1781. ##
  1782. relabelings: []
  1783. # - sourceLabels: [__meta_kubernetes_pod_node_name]
  1784. # separator: ;
  1785. # regex: ^(.*)$
  1786. # targetLabel: nodename
  1787. # replacement: $1
  1788. # action: replace
  1789. ## Resource limits & requests
  1790. ##
  1791. resources: {}
  1792. # limits:
  1793. # cpu: 200m
  1794. # memory: 200Mi
  1795. # requests:
  1796. # cpu: 100m
  1797. # memory: 100Mi
  1798. # Required for use in managed kubernetes clusters (such as AWS EKS) with custom CNI (such as calico),
  1799. # because control-plane managed by AWS cannot communicate with pods' IP CIDR and admission webhooks are not working
  1800. ##
  1801. hostNetwork: false
  1802. ## Define which Nodes the Pods are scheduled on.
  1803. ## ref: https://kubernetes.io/docs/user-guide/node-selection/
  1804. ##
  1805. nodeSelector: {}
  1806. ## Tolerations for use with node taints
  1807. ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
  1808. ##
  1809. tolerations: []
  1810. # - key: "key"
  1811. # operator: "Equal"
  1812. # value: "value"
  1813. # effect: "NoSchedule"
  1814. ## Assign custom affinity rules to the prometheus operator
  1815. ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
  1816. ##
  1817. affinity: {}
  1818. # nodeAffinity:
  1819. # requiredDuringSchedulingIgnoredDuringExecution:
  1820. # nodeSelectorTerms:
  1821. # - matchExpressions:
  1822. # - key: kubernetes.io/e2e-az-name
  1823. # operator: In
  1824. # values:
  1825. # - e2e-az1
  1826. # - e2e-az2
  1827. dnsConfig: {}
  1828. # nameservers:
  1829. # - 1.2.3.4
  1830. # searches:
  1831. # - ns1.svc.cluster-domain.example
  1832. # - my.dns.search.suffix
  1833. # options:
  1834. # - name: ndots
  1835. # value: "2"
  1836. # - name: edns0
  1837. securityContext:
  1838. fsGroup: 65534
  1839. runAsGroup: 65534
  1840. runAsNonRoot: true
  1841. runAsUser: 65534
  1842. ## Container-specific security context configuration
  1843. ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
  1844. ##
  1845. containerSecurityContext:
  1846. allowPrivilegeEscalation: false
  1847. readOnlyRootFilesystem: true
  1848. # Enable vertical pod autoscaler support for prometheus-operator
  1849. verticalPodAutoscaler:
  1850. enabled: false
  1851. # List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory
  1852. controlledResources: []
  1853. # Define the max allowed resources for the pod
  1854. maxAllowed: {}
  1855. # cpu: 200m
  1856. # memory: 100Mi
  1857. # Define the min allowed resources for the pod
  1858. minAllowed: {}
  1859. # cpu: 200m
  1860. # memory: 100Mi
  1861. updatePolicy:
  1862. # Specifies whether recommended updates are applied when a Pod is started and whether recommended updates
  1863. # are applied during the life of a Pod. Possible values are "Off", "Initial", "Recreate", and "Auto".
  1864. updateMode: Auto
  1865. ## Prometheus-operator image
  1866. ##
  1867. image:
  1868. registry: quay.io
  1869. repository: prometheus-operator/prometheus-operator
  1870. # if not set appVersion field from Chart.yaml is used
  1871. tag: ""
  1872. sha: ""
  1873. pullPolicy: IfNotPresent
  1874. ## Prometheus image to use for prometheuses managed by the operator
  1875. ##
  1876. # prometheusDefaultBaseImage: prometheus/prometheus
  1877. ## Prometheus image registry to use for prometheuses managed by the operator
  1878. ##
  1879. # prometheusDefaultBaseImageRegistry: quay.io
  1880. ## Alertmanager image to use for alertmanagers managed by the operator
  1881. ##
  1882. # alertmanagerDefaultBaseImage: prometheus/alertmanager
  1883. ## Alertmanager image registry to use for alertmanagers managed by the operator
  1884. ##
  1885. # alertmanagerDefaultBaseImageRegistry: quay.io
  1886. ## Prometheus-config-reloader
  1887. ##
  1888. prometheusConfigReloader:
  1889. image:
  1890. registry: quay.io
  1891. repository: prometheus-operator/prometheus-config-reloader
  1892. # if not set appVersion field from Chart.yaml is used
  1893. tag: ""
  1894. sha: ""
  1895. # add prometheus config reloader liveness and readiness probe. Default: false
  1896. enableProbe: false
  1897. # resource config for prometheusConfigReloader
  1898. resources:
  1899. requests:
  1900. cpu: 200m
  1901. memory: 50Mi
  1902. limits:
  1903. cpu: 200m
  1904. memory: 50Mi
  1905. ## Thanos side-car image when configured
  1906. ##
  1907. thanosImage:
  1908. registry: quay.io
  1909. repository: thanos/thanos
  1910. tag: v0.30.2
  1911. sha: ""
  1912. ## Set a Label Selector to filter watched prometheus and prometheusAgent
  1913. ##
  1914. prometheusInstanceSelector: ""
  1915. ## Set a Label Selector to filter watched alertmanager
  1916. ##
  1917. alertmanagerInstanceSelector: ""
  1918. ## Set a Label Selector to filter watched thanosRuler
  1919. thanosRulerInstanceSelector: ""
  1920. ## Set a Field Selector to filter watched secrets
  1921. ##
  1922. secretFieldSelector: ""
  1923. ## Deploy a Prometheus instance
  1924. ##
  1925. prometheus:
  1926. enabled: true
  1927. ## Annotations for Prometheus
  1928. ##
  1929. annotations: {}
  1930. ## Configure network policy for the prometheus
  1931. networkPolicy:
  1932. enabled: false
  1933. ## Flavor of the network policy to use.
  1934. # Can be:
  1935. # * kubernetes for networking.k8s.io/v1/NetworkPolicy
  1936. # * cilium for cilium.io/v2/CiliumNetworkPolicy
  1937. flavor: kubernetes
  1938. # cilium:
  1939. # endpointSelector:
  1940. # egress:
  1941. # ingress:
  1942. # egress:
  1943. # - {}
  1944. # ingress:
  1945. # - {}
  1946. # podSelector:
  1947. # matchLabels:
  1948. # app: prometheus
  1949. ## Service account for Prometheuses to use.
  1950. ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
  1951. ##
  1952. serviceAccount:
  1953. create: true
  1954. name: ""
  1955. annotations: {}
  1956. # Service for thanos service discovery on sidecar
  1957. # Enable this can make Thanos Query can use
  1958. # `--store=dnssrv+_grpc._tcp.${kube-prometheus-stack.fullname}-thanos-discovery.${namespace}.svc.cluster.local` to discovery
  1959. # Thanos sidecar on prometheus nodes
  1960. # (Please remember to change ${kube-prometheus-stack.fullname} and ${namespace}. Not just copy and paste!)
  1961. thanosService:
  1962. enabled: false
  1963. annotations: {}
  1964. labels: {}
  1965. ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints
  1966. ##
  1967. externalTrafficPolicy: Cluster
  1968. ## Service type
  1969. ##
  1970. type: ClusterIP
  1971. ## gRPC port config
  1972. portName: grpc
  1973. port: 10901
  1974. targetPort: "grpc"
  1975. ## HTTP port config (for metrics)
  1976. httpPortName: http
  1977. httpPort: 10902
  1978. targetHttpPort: "http"
  1979. ## ClusterIP to assign
  1980. # Default is to make this a headless service ("None")
  1981. clusterIP: "None"
  1982. ## Port to expose on each node, if service type is NodePort
  1983. ##
  1984. nodePort: 30901
  1985. httpNodePort: 30902
  1986. # ServiceMonitor to scrape Sidecar metrics
  1987. # Needs thanosService to be enabled as well
  1988. thanosServiceMonitor:
  1989. enabled: false
  1990. interval: ""
  1991. ## Additional labels
  1992. ##
  1993. additionalLabels: {}
  1994. ## scheme: HTTP scheme to use for scraping. Can be used with `tlsConfig` for example if using istio mTLS.
  1995. scheme: ""
  1996. ## tlsConfig: TLS configuration to use when scraping the endpoint. For example if using istio mTLS.
  1997. ## Of type: https://github.com/coreos/prometheus-operator/blob/main/Documentation/api.md#tlsconfig
  1998. tlsConfig: {}
  1999. bearerTokenFile:
  2000. ## Metric relabel configs to apply to samples before ingestion.
  2001. metricRelabelings: []
  2002. ## relabel configs to apply to samples before ingestion.
  2003. relabelings: []
  2004. # Service for external access to sidecar
  2005. # Enabling this creates a service to expose thanos-sidecar outside the cluster.
  2006. thanosServiceExternal:
  2007. enabled: false
  2008. annotations: {}
  2009. labels: {}
  2010. loadBalancerIP: ""
  2011. loadBalancerSourceRanges: []
  2012. ## gRPC port config
  2013. portName: grpc
  2014. port: 10901
  2015. targetPort: "grpc"
  2016. ## HTTP port config (for metrics)
  2017. httpPortName: http
  2018. httpPort: 10902
  2019. targetHttpPort: "http"
  2020. ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints
  2021. ##
  2022. externalTrafficPolicy: Cluster
  2023. ## Service type
  2024. ##
  2025. type: LoadBalancer
  2026. ## Port to expose on each node
  2027. ##
  2028. nodePort: 30901
  2029. httpNodePort: 30902
  2030. ## Configuration for Prometheus service
  2031. ##
  2032. service:
  2033. annotations: {}
  2034. labels: {}
  2035. clusterIP: ""
  2036. ## Port for Prometheus Service to listen on
  2037. ##
  2038. port: 9090
  2039. ## To be used with a proxy extraContainer port
  2040. targetPort: 9090
  2041. ## List of IP addresses at which the Prometheus server service is available
  2042. ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
  2043. ##
  2044. externalIPs: []
  2045. ## Port to expose on each node
  2046. ## Only used if service.type is 'NodePort'
  2047. ##
  2048. nodePort: 30090
  2049. ## Loadbalancer IP
  2050. ## Only use if service.type is "LoadBalancer"
  2051. loadBalancerIP: ""
  2052. loadBalancerSourceRanges: []
  2053. ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints
  2054. ##
  2055. externalTrafficPolicy: Cluster
  2056. ## Service type
  2057. ##
  2058. type: ClusterIP
  2059. ## Additional port to define in the Service
  2060. additionalPorts: []
  2061. # additionalPorts:
  2062. # - name: authenticated
  2063. # port: 8081
  2064. # targetPort: 8081
  2065. ## Consider that all endpoints are considered "ready" even if the Pods themselves are not
  2066. ## Ref: https://kubernetes.io/docs/reference/kubernetes-api/service-resources/service-v1/#ServiceSpec
  2067. publishNotReadyAddresses: false
  2068. sessionAffinity: ""
  2069. ## Configuration for creating a separate Service for each statefulset Prometheus replica
  2070. ##
  2071. servicePerReplica:
  2072. enabled: false
  2073. annotations: {}
  2074. ## Port for Prometheus Service per replica to listen on
  2075. ##
  2076. port: 9090
  2077. ## To be used with a proxy extraContainer port
  2078. targetPort: 9090
  2079. ## Port to expose on each node
  2080. ## Only used if servicePerReplica.type is 'NodePort'
  2081. ##
  2082. nodePort: 30091
  2083. ## Loadbalancer source IP ranges
  2084. ## Only used if servicePerReplica.type is "LoadBalancer"
  2085. loadBalancerSourceRanges: []
  2086. ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints
  2087. ##
  2088. externalTrafficPolicy: Cluster
  2089. ## Service type
  2090. ##
  2091. type: ClusterIP
  2092. ## Configure pod disruption budgets for Prometheus
  2093. ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget
  2094. ## This configuration is immutable once created and will require the PDB to be deleted to be changed
  2095. ## https://github.com/kubernetes/kubernetes/issues/45398
  2096. ##
  2097. podDisruptionBudget:
  2098. enabled: false
  2099. minAvailable: 1
  2100. maxUnavailable: ""
  2101. # Ingress exposes thanos sidecar outside the cluster
  2102. thanosIngress:
  2103. enabled: false
  2104. # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName
  2105. # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress
  2106. # ingressClassName: nginx
  2107. annotations: {}
  2108. labels: {}
  2109. servicePort: 10901
  2110. ## Port to expose on each node
  2111. ## Only used if service.type is 'NodePort'
  2112. ##
  2113. nodePort: 30901
  2114. ## Hosts must be provided if Ingress is enabled.
  2115. ##
  2116. hosts: []
  2117. # - thanos-gateway.domain.com
  2118. ## Paths to use for ingress rules
  2119. ##
  2120. paths: []
  2121. # - /
  2122. ## For Kubernetes >= 1.18 you should specify the pathType (determines how Ingress paths should be matched)
  2123. ## See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#better-path-matching-with-path-types
  2124. # pathType: ImplementationSpecific
  2125. ## TLS configuration for Thanos Ingress
  2126. ## Secret must be manually created in the namespace
  2127. ##
  2128. tls: []
  2129. # - secretName: thanos-gateway-tls
  2130. # hosts:
  2131. # - thanos-gateway.domain.com
  2132. #
  2133. ## ExtraSecret can be used to store various data in an extra secret
  2134. ## (use it for example to store hashed basic auth credentials)
  2135. extraSecret:
  2136. ## if not set, name will be auto generated
  2137. # name: ""
  2138. annotations: {}
  2139. data: {}
  2140. # auth: |
  2141. # foo:$apr1$OFG3Xybp$ckL0FHDAkoXYIlH9.cysT0
  2142. # someoneelse:$apr1$DMZX2Z4q$6SbQIfyuLQd.xmo/P0m2c.
  2143. ingress:
  2144. enabled: false
  2145. # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName
  2146. # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress
  2147. # ingressClassName: nginx
  2148. annotations: {}
  2149. labels: {}
  2150. ## Redirect ingress to an additional defined port on the service
  2151. # servicePort: 8081
  2152. ## Hostnames.
  2153. ## Must be provided if Ingress is enabled.
  2154. ##
  2155. # hosts:
  2156. # - prometheus.domain.com
  2157. hosts: []
  2158. ## Paths to use for ingress rules - one path should match the prometheusSpec.routePrefix
  2159. ##
  2160. paths: []
  2161. # - /
  2162. ## For Kubernetes >= 1.18 you should specify the pathType (determines how Ingress paths should be matched)
  2163. ## See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#better-path-matching-with-path-types
  2164. # pathType: ImplementationSpecific
  2165. ## TLS configuration for Prometheus Ingress
  2166. ## Secret must be manually created in the namespace
  2167. ##
  2168. tls: []
  2169. # - secretName: prometheus-general-tls
  2170. # hosts:
  2171. # - prometheus.example.com
  2172. ## Configuration for creating an Ingress that will map to each Prometheus replica service
  2173. ## prometheus.servicePerReplica must be enabled
  2174. ##
  2175. ingressPerReplica:
  2176. enabled: false
  2177. # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName
  2178. # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress
  2179. # ingressClassName: nginx
  2180. annotations: {}
  2181. labels: {}
  2182. ## Final form of the hostname for each per replica ingress is
  2183. ## {{ ingressPerReplica.hostPrefix }}-{{ $replicaNumber }}.{{ ingressPerReplica.hostDomain }}
  2184. ##
  2185. ## Prefix for the per replica ingress that will have `-$replicaNumber`
  2186. ## appended to the end
  2187. hostPrefix: ""
  2188. ## Domain that will be used for the per replica ingress
  2189. hostDomain: ""
  2190. ## Paths to use for ingress rules
  2191. ##
  2192. paths: []
  2193. # - /
  2194. ## For Kubernetes >= 1.18 you should specify the pathType (determines how Ingress paths should be matched)
  2195. ## See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#better-path-matching-with-path-types
  2196. # pathType: ImplementationSpecific
  2197. ## Secret name containing the TLS certificate for Prometheus per replica ingress
  2198. ## Secret must be manually created in the namespace
  2199. tlsSecretName: ""
  2200. ## Separated secret for each per replica Ingress. Can be used together with cert-manager
  2201. ##
  2202. tlsSecretPerReplica:
  2203. enabled: false
  2204. ## Final form of the secret for each per replica ingress is
  2205. ## {{ tlsSecretPerReplica.prefix }}-{{ $replicaNumber }}
  2206. ##
  2207. prefix: "prometheus"
  2208. ## Configure additional options for default pod security policy for Prometheus
  2209. ## ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/
  2210. podSecurityPolicy:
  2211. allowedCapabilities: []
  2212. allowedHostPaths: []
  2213. volumes: []
  2214. serviceMonitor:
  2215. ## Scrape interval. If not set, the Prometheus default scrape interval is used.
  2216. ##
  2217. interval: ""
  2218. selfMonitor: true
  2219. ## Additional labels
  2220. ##
  2221. additionalLabels: {}
  2222. ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
  2223. ##
  2224. sampleLimit: 0
  2225. ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
  2226. ##
  2227. targetLimit: 0
  2228. ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  2229. ##
  2230. labelLimit: 0
  2231. ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  2232. ##
  2233. labelNameLengthLimit: 0
  2234. ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  2235. ##
  2236. labelValueLengthLimit: 0
  2237. ## scheme: HTTP scheme to use for scraping. Can be used with `tlsConfig` for example if using istio mTLS.
  2238. scheme: ""
  2239. ## tlsConfig: TLS configuration to use when scraping the endpoint. For example if using istio mTLS.
  2240. ## Of type: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#tlsconfig
  2241. tlsConfig: {}
  2242. bearerTokenFile:
  2243. ## Metric relabel configs to apply to samples before ingestion.
  2244. ##
  2245. metricRelabelings: []
  2246. # - action: keep
  2247. # regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
  2248. # sourceLabels: [__name__]
  2249. # relabel configs to apply to samples before ingestion.
  2250. ##
  2251. relabelings: []
  2252. # - sourceLabels: [__meta_kubernetes_pod_node_name]
  2253. # separator: ;
  2254. # regex: ^(.*)$
  2255. # targetLabel: nodename
  2256. # replacement: $1
  2257. # action: replace
  2258. ## Settings affecting prometheusSpec
  2259. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#prometheusspec
  2260. ##
  2261. prometheusSpec:
  2262. ## If true, pass --storage.tsdb.max-block-duration=2h to prometheus. This is already done if using Thanos
  2263. ##
  2264. disableCompaction: false
  2265. ## APIServerConfig
  2266. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#apiserverconfig
  2267. ##
  2268. apiserverConfig: {}
  2269. ## Allows setting additional arguments for the Prometheus container
  2270. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#monitoring.coreos.com/v1.Prometheus
  2271. additionalArgs: []
  2272. ## Interval between consecutive scrapes.
  2273. ## Defaults to 30s.
  2274. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/release-0.44/pkg/prometheus/promcfg.go#L180-L183
  2275. ##
  2276. scrapeInterval: ""
  2277. ## Number of seconds to wait for target to respond before erroring
  2278. ##
  2279. scrapeTimeout: ""
  2280. ## Interval between consecutive evaluations.
  2281. ##
  2282. evaluationInterval: ""
  2283. ## ListenLocal makes the Prometheus server listen on loopback, so that it does not bind against the Pod IP.
  2284. ##
  2285. listenLocal: false
  2286. ## EnableAdminAPI enables Prometheus the administrative HTTP API which includes functionality such as deleting time series.
  2287. ## This is disabled by default.
  2288. ## ref: https://prometheus.io/docs/prometheus/latest/querying/api/#tsdb-admin-apis
  2289. ##
  2290. enableAdminAPI: false
  2291. ## Sets version of Prometheus overriding the Prometheus version as derived
  2292. ## from the image tag. Useful in cases where the tag does not follow semver v2.
  2293. version: ""
  2294. ## WebTLSConfig defines the TLS parameters for HTTPS
  2295. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#webtlsconfig
  2296. web: {}
  2297. ## Exemplars related settings that are runtime reloadable.
  2298. ## It requires to enable the exemplar storage feature to be effective.
  2299. exemplars: ""
  2300. ## Maximum number of exemplars stored in memory for all series.
  2301. ## If not set, Prometheus uses its default value.
  2302. ## A value of zero or less than zero disables the storage.
  2303. # maxSize: 100000
  2304. # EnableFeatures API enables access to Prometheus disabled features.
  2305. # ref: https://prometheus.io/docs/prometheus/latest/disabled_features/
  2306. enableFeatures: []
  2307. # - exemplar-storage
  2308. ## Image of Prometheus.
  2309. ##
  2310. image:
  2311. registry: quay.io
  2312. repository: prometheus/prometheus
  2313. tag: v2.42.0
  2314. sha: ""
  2315. ## Tolerations for use with node taints
  2316. ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
  2317. ##
  2318. tolerations: []
  2319. # - key: "key"
  2320. # operator: "Equal"
  2321. # value: "value"
  2322. # effect: "NoSchedule"
  2323. ## If specified, the pod's topology spread constraints.
  2324. ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
  2325. ##
  2326. topologySpreadConstraints: []
  2327. # - maxSkew: 1
  2328. # topologyKey: topology.kubernetes.io/zone
  2329. # whenUnsatisfiable: DoNotSchedule
  2330. # labelSelector:
  2331. # matchLabels:
  2332. # app: prometheus
  2333. ## Alertmanagers to which alerts will be sent
  2334. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#alertmanagerendpoints
  2335. ##
  2336. ## Default configuration will connect to the alertmanager deployed as part of this release
  2337. ##
  2338. alertingEndpoints: []
  2339. # - name: ""
  2340. # namespace: ""
  2341. # port: http
  2342. # scheme: http
  2343. # pathPrefix: ""
  2344. # tlsConfig: {}
  2345. # bearerTokenFile: ""
  2346. # apiVersion: v2
  2347. ## External labels to add to any time series or alerts when communicating with external systems
  2348. ##
  2349. externalLabels: {}
  2350. ## enable --web.enable-remote-write-receiver flag on prometheus-server
  2351. ##
  2352. enableRemoteWriteReceiver: false
  2353. ## Name of the external label used to denote replica name
  2354. ##
  2355. replicaExternalLabelName: ""
  2356. ## If true, the Operator won't add the external label used to denote replica name
  2357. ##
  2358. replicaExternalLabelNameClear: false
  2359. ## Name of the external label used to denote Prometheus instance name
  2360. ##
  2361. prometheusExternalLabelName: ""
  2362. ## If true, the Operator won't add the external label used to denote Prometheus instance name
  2363. ##
  2364. prometheusExternalLabelNameClear: false
  2365. ## External URL at which Prometheus will be reachable.
  2366. ##
  2367. externalUrl: ""
  2368. ## Define which Nodes the Pods are scheduled on.
  2369. ## ref: https://kubernetes.io/docs/user-guide/node-selection/
  2370. ##
  2371. nodeSelector: {}
  2372. ## Secrets is a list of Secrets in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods.
  2373. ## The Secrets are mounted into /etc/prometheus/secrets/. Secrets changes after initial creation of a Prometheus object are not
  2374. ## reflected in the running Pods. To change the secrets mounted into the Prometheus Pods, the object must be deleted and recreated
  2375. ## with the new list of secrets.
  2376. ##
  2377. secrets: []
  2378. ## ConfigMaps is a list of ConfigMaps in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods.
  2379. ## The ConfigMaps are mounted into /etc/prometheus/configmaps/.
  2380. ##
  2381. configMaps: []
  2382. ## QuerySpec defines the query command line flags when starting Prometheus.
  2383. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#queryspec
  2384. ##
  2385. query: {}
  2386. ## If nil, select own namespace. Namespaces to be selected for PrometheusRules discovery.
  2387. ruleNamespaceSelector: {}
  2388. ## Example which selects PrometheusRules in namespaces with label "prometheus" set to "somelabel"
  2389. # ruleNamespaceSelector:
  2390. # matchLabels:
  2391. # prometheus: somelabel
  2392. ## If true, a nil or {} value for prometheus.prometheusSpec.ruleSelector will cause the
  2393. ## prometheus resource to be created with selectors based on values in the helm deployment,
  2394. ## which will also match the PrometheusRule resources created
  2395. ##
  2396. ruleSelectorNilUsesHelmValues: true
  2397. ## PrometheusRules to be selected for target discovery.
  2398. ## If {}, select all PrometheusRules
  2399. ##
  2400. ruleSelector: {}
  2401. ## Example which select all PrometheusRules resources
  2402. ## with label "prometheus" with values any of "example-rules" or "example-rules-2"
  2403. # ruleSelector:
  2404. # matchExpressions:
  2405. # - key: prometheus
  2406. # operator: In
  2407. # values:
  2408. # - example-rules
  2409. # - example-rules-2
  2410. #
  2411. ## Example which select all PrometheusRules resources with label "role" set to "example-rules"
  2412. # ruleSelector:
  2413. # matchLabels:
  2414. # role: example-rules
  2415. ## If true, a nil or {} value for prometheus.prometheusSpec.serviceMonitorSelector will cause the
  2416. ## prometheus resource to be created with selectors based on values in the helm deployment,
  2417. ## which will also match the servicemonitors created
  2418. ##
  2419. serviceMonitorSelectorNilUsesHelmValues: true
  2420. ## ServiceMonitors to be selected for target discovery.
  2421. ## If {}, select all ServiceMonitors
  2422. ##
  2423. serviceMonitorSelector: {}
  2424. ## Example which selects ServiceMonitors with label "prometheus" set to "somelabel"
  2425. # serviceMonitorSelector:
  2426. # matchLabels:
  2427. # prometheus: somelabel
  2428. ## Namespaces to be selected for ServiceMonitor discovery.
  2429. ##
  2430. serviceMonitorNamespaceSelector: {}
  2431. ## Example which selects ServiceMonitors in namespaces with label "prometheus" set to "somelabel"
  2432. # serviceMonitorNamespaceSelector:
  2433. # matchLabels:
  2434. # prometheus: somelabel
  2435. ## If true, a nil or {} value for prometheus.prometheusSpec.podMonitorSelector will cause the
  2436. ## prometheus resource to be created with selectors based on values in the helm deployment,
  2437. ## which will also match the podmonitors created
  2438. ##
  2439. podMonitorSelectorNilUsesHelmValues: true
  2440. ## PodMonitors to be selected for target discovery.
  2441. ## If {}, select all PodMonitors
  2442. ##
  2443. podMonitorSelector: {}
  2444. ## Example which selects PodMonitors with label "prometheus" set to "somelabel"
  2445. # podMonitorSelector:
  2446. # matchLabels:
  2447. # prometheus: somelabel
  2448. ## If nil, select own namespace. Namespaces to be selected for PodMonitor discovery.
  2449. podMonitorNamespaceSelector: {}
  2450. ## Example which selects PodMonitor in namespaces with label "prometheus" set to "somelabel"
  2451. # podMonitorNamespaceSelector:
  2452. # matchLabels:
  2453. # prometheus: somelabel
  2454. ## If true, a nil or {} value for prometheus.prometheusSpec.probeSelector will cause the
  2455. ## prometheus resource to be created with selectors based on values in the helm deployment,
  2456. ## which will also match the probes created
  2457. ##
  2458. probeSelectorNilUsesHelmValues: true
  2459. ## Probes to be selected for target discovery.
  2460. ## If {}, select all Probes
  2461. ##
  2462. probeSelector: {}
  2463. ## Example which selects Probes with label "prometheus" set to "somelabel"
  2464. # probeSelector:
  2465. # matchLabels:
  2466. # prometheus: somelabel
  2467. ## If nil, select own namespace. Namespaces to be selected for Probe discovery.
  2468. probeNamespaceSelector: {}
  2469. ## Example which selects Probe in namespaces with label "prometheus" set to "somelabel"
  2470. # probeNamespaceSelector:
  2471. # matchLabels:
  2472. # prometheus: somelabel
  2473. ## How long to retain metrics
  2474. ##
  2475. retention: 10d
  2476. ## Maximum size of metrics
  2477. ##
  2478. retentionSize: ""
  2479. ## Allow out-of-order/out-of-bounds samples ingested into Prometheus for a specified duration
  2480. ## See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#tsdb
  2481. tsdb:
  2482. outOfOrderTimeWindow: 0s
  2483. ## Enable compression of the write-ahead log using Snappy.
  2484. ##
  2485. walCompression: true
  2486. ## If true, the Operator won't process any Prometheus configuration changes
  2487. ##
  2488. paused: false
  2489. ## Number of replicas of each shard to deploy for a Prometheus deployment.
  2490. ## Number of replicas multiplied by shards is the total number of Pods created.
  2491. ##
  2492. replicas: 1
  2493. ## EXPERIMENTAL: Number of shards to distribute targets onto.
  2494. ## Number of replicas multiplied by shards is the total number of Pods created.
  2495. ## Note that scaling down shards will not reshard data onto remaining instances, it must be manually moved.
  2496. ## Increasing shards will not reshard data either but it will continue to be available from the same instances.
  2497. ## To query globally use Thanos sidecar and Thanos querier or remote write data to a central location.
  2498. ## Sharding is done on the content of the `__address__` target meta-label.
  2499. ##
  2500. shards: 1
  2501. ## Log level for Prometheus be configured in
  2502. ##
  2503. logLevel: info
  2504. ## Log format for Prometheus be configured in
  2505. ##
  2506. logFormat: logfmt
  2507. ## Prefix used to register routes, overriding externalUrl route.
  2508. ## Useful for proxies that rewrite URLs.
  2509. ##
  2510. routePrefix: /
  2511. ## Standard object's metadata. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata
  2512. ## Metadata Labels and Annotations gets propagated to the prometheus pods.
  2513. ##
  2514. podMetadata: {}
  2515. # labels:
  2516. # app: prometheus
  2517. # k8s-app: prometheus
  2518. ## Pod anti-affinity can prevent the scheduler from placing Prometheus replicas on the same node.
  2519. ## The default value "soft" means that the scheduler should *prefer* to not schedule two replica pods onto the same node but no guarantee is provided.
  2520. ## The value "hard" means that the scheduler is *required* to not schedule two replica pods onto the same node.
  2521. ## The value "" will disable pod anti-affinity so that no anti-affinity rules will be configured.
  2522. podAntiAffinity: ""
  2523. ## If anti-affinity is enabled sets the topologyKey to use for anti-affinity.
  2524. ## This can be changed to, for example, failure-domain.beta.kubernetes.io/zone
  2525. ##
  2526. podAntiAffinityTopologyKey: kubernetes.io/hostname
  2527. ## Assign custom affinity rules to the prometheus instance
  2528. ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
  2529. ##
  2530. affinity: {}
  2531. # nodeAffinity:
  2532. # requiredDuringSchedulingIgnoredDuringExecution:
  2533. # nodeSelectorTerms:
  2534. # - matchExpressions:
  2535. # - key: kubernetes.io/e2e-az-name
  2536. # operator: In
  2537. # values:
  2538. # - e2e-az1
  2539. # - e2e-az2
  2540. ## The remote_read spec configuration for Prometheus.
  2541. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#remotereadspec
  2542. remoteRead: []
  2543. # - url: http://remote1/read
  2544. ## additionalRemoteRead is appended to remoteRead
  2545. additionalRemoteRead: []
  2546. ## The remote_write spec configuration for Prometheus.
  2547. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#remotewritespec
  2548. remoteWrite: []
  2549. # - url: http://remote1/push
  2550. ## additionalRemoteWrite is appended to remoteWrite
  2551. additionalRemoteWrite: []
  2552. ## Enable/Disable Grafana dashboards provisioning for prometheus remote write feature
  2553. remoteWriteDashboards: false
  2554. ## Resource limits & requests
  2555. ##
  2556. resources: {}
  2557. # requests:
  2558. # memory: 400Mi
  2559. ## Prometheus StorageSpec for persistent data
  2560. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/user-guides/storage.md
  2561. ##
  2562. storageSpec:
  2563. ## Using PersistentVolumeClaim
  2564. ##
  2565. volumeClaimTemplate:
  2566. spec:
  2567. storageClassName: manual
  2568. accessModes: ["ReadWriteOnce"]
  2569. resources:
  2570. requests:
  2571. storage: 50Gi
  2572. selector: {}
  2573. ## Using tmpfs volume
  2574. ##
  2575. # emptyDir:
  2576. # medium: Memory
  2577. # Additional volumes on the output StatefulSet definition.
  2578. volumes: []
  2579. # Additional VolumeMounts on the output StatefulSet definition.
  2580. volumeMounts: []
  2581. ## AdditionalScrapeConfigs allows specifying additional Prometheus scrape configurations. Scrape configurations
  2582. ## are appended to the configurations generated by the Prometheus Operator. Job configurations must have the form
  2583. ## as specified in the official Prometheus documentation:
  2584. ## https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scrape_config. As scrape configs are
  2585. ## appended, the user is responsible to make sure it is valid. Note that using this feature may expose the possibility
  2586. ## to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible
  2587. ## scrape configs are going to break Prometheus after the upgrade.
  2588. ## AdditionalScrapeConfigs can be defined as a list or as a templated string.
  2589. ##
  2590. ## The scrape configuration example below will find master nodes, provided they have the name .*mst.*, relabel the
  2591. ## port to 2379 and allow etcd scraping provided it is running on all Kubernetes master nodes
  2592. ##
  2593. additionalScrapeConfigs: []
  2594. # - job_name: kube-etcd
  2595. # kubernetes_sd_configs:
  2596. # - role: node
  2597. # scheme: https
  2598. # tls_config:
  2599. # ca_file: /etc/prometheus/secrets/etcd-client-cert/etcd-ca
  2600. # cert_file: /etc/prometheus/secrets/etcd-client-cert/etcd-client
  2601. # key_file: /etc/prometheus/secrets/etcd-client-cert/etcd-client-key
  2602. # relabel_configs:
  2603. # - action: labelmap
  2604. # regex: __meta_kubernetes_node_label_(.+)
  2605. # - source_labels: [__address__]
  2606. # action: replace
  2607. # targetLabel: __address__
  2608. # regex: ([^:;]+):(\d+)
  2609. # replacement: ${1}:2379
  2610. # - source_labels: [__meta_kubernetes_node_name]
  2611. # action: keep
  2612. # regex: .*mst.*
  2613. # - source_labels: [__meta_kubernetes_node_name]
  2614. # action: replace
  2615. # targetLabel: node
  2616. # regex: (.*)
  2617. # replacement: ${1}
  2618. # metric_relabel_configs:
  2619. # - regex: (kubernetes_io_hostname|failure_domain_beta_kubernetes_io_region|beta_kubernetes_io_os|beta_kubernetes_io_arch|beta_kubernetes_io_instance_type|failure_domain_beta_kubernetes_io_zone)
  2620. # action: labeldrop
  2621. #
  2622. ## If scrape config contains a repetitive section, you may want to use a template.
  2623. ## In the following example, you can see how to define `gce_sd_configs` for multiple zones
  2624. # additionalScrapeConfigs: |
  2625. # - job_name: "node-exporter"
  2626. # gce_sd_configs:
  2627. # {{range $zone := .Values.gcp_zones}}
  2628. # - project: "project1"
  2629. # zone: "{{$zone}}"
  2630. # port: 9100
  2631. # {{end}}
  2632. # relabel_configs:
  2633. # ...
  2634. ## If additional scrape configurations are already deployed in a single secret file you can use this section.
  2635. ## Expected values are the secret name and key
  2636. ## Cannot be used with additionalScrapeConfigs
  2637. additionalScrapeConfigsSecret: {}
  2638. # enabled: false
  2639. # name:
  2640. # key:
  2641. ## additionalPrometheusSecretsAnnotations allows to add annotations to the kubernetes secret. This can be useful
  2642. ## when deploying via spinnaker to disable versioning on the secret, strategy.spinnaker.io/versioned: 'false'
  2643. additionalPrometheusSecretsAnnotations: {}
  2644. ## AdditionalAlertManagerConfigs allows for manual configuration of alertmanager jobs in the form as specified
  2645. ## in the official Prometheus documentation https://prometheus.io/docs/prometheus/latest/configuration/configuration/#<alertmanager_config>.
  2646. ## AlertManager configurations specified are appended to the configurations generated by the Prometheus Operator.
  2647. ## As AlertManager configs are appended, the user is responsible to make sure it is valid. Note that using this
  2648. ## feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release
  2649. ## notes to ensure that no incompatible AlertManager configs are going to break Prometheus after the upgrade.
  2650. ##
  2651. additionalAlertManagerConfigs: []
  2652. # - consul_sd_configs:
  2653. # - server: consul.dev.test:8500
  2654. # scheme: http
  2655. # datacenter: dev
  2656. # tag_separator: ','
  2657. # services:
  2658. # - metrics-prometheus-alertmanager
  2659. ## If additional alertmanager configurations are already deployed in a single secret, or you want to manage
  2660. ## them separately from the helm deployment, you can use this section.
  2661. ## Expected values are the secret name and key
  2662. ## Cannot be used with additionalAlertManagerConfigs
  2663. additionalAlertManagerConfigsSecret: {}
  2664. # name:
  2665. # key:
  2666. # optional: false
  2667. ## AdditionalAlertRelabelConfigs allows specifying Prometheus alert relabel configurations. Alert relabel configurations specified are appended
  2668. ## to the configurations generated by the Prometheus Operator. Alert relabel configurations specified must have the form as specified in the
  2669. ## official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs.
  2670. ## As alert relabel configs are appended, the user is responsible to make sure it is valid. Note that using this feature may expose the
  2671. ## possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible alert relabel
  2672. ## configs are going to break Prometheus after the upgrade.
  2673. ##
  2674. additionalAlertRelabelConfigs: []
  2675. # - separator: ;
  2676. # regex: prometheus_replica
  2677. # replacement: $1
  2678. # action: labeldrop
  2679. ## If additional alert relabel configurations are already deployed in a single secret, or you want to manage
  2680. ## them separately from the helm deployment, you can use this section.
  2681. ## Expected values are the secret name and key
  2682. ## Cannot be used with additionalAlertRelabelConfigs
  2683. additionalAlertRelabelConfigsSecret: {}
  2684. # name:
  2685. # key:
  2686. ## SecurityContext holds pod-level security attributes and common container settings.
  2687. ## This defaults to non root user with uid 1000 and gid 2000.
  2688. ## https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md
  2689. ##
  2690. securityContext:
  2691. runAsGroup: 2000
  2692. runAsNonRoot: true
  2693. runAsUser: 1000
  2694. fsGroup: 2000
  2695. ## Priority class assigned to the Pods
  2696. ##
  2697. priorityClassName: ""
  2698. ## Thanos configuration allows configuring various aspects of a Prometheus server in a Thanos environment.
  2699. ## This section is experimental, it may change significantly without deprecation notice in any release.
  2700. ## This is experimental and may change significantly without backward compatibility in any release.
  2701. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#thanosspec
  2702. ##
  2703. thanos: {}
  2704. # secretProviderClass:
  2705. # provider: gcp
  2706. # parameters:
  2707. # secrets: |
  2708. # - resourceName: "projects/$PROJECT_ID/secrets/testsecret/versions/latest"
  2709. # fileName: "objstore.yaml"
  2710. # objectStorageConfigFile: /var/secrets/object-store.yaml
  2711. ## Containers allows injecting additional containers. This is meant to allow adding an authentication proxy to a Prometheus pod.
  2712. ## if using proxy extraContainer update targetPort with proxy container port
  2713. containers: []
  2714. # containers:
  2715. # - name: oauth-proxy
  2716. # image: quay.io/oauth2-proxy/oauth2-proxy:v7.3.0
  2717. # args:
  2718. # - --upstream=http://127.0.0.1:9093
  2719. # - --http-address=0.0.0.0:8081
  2720. # - ...
  2721. # ports:
  2722. # - containerPort: 8081
  2723. # name: oauth-proxy
  2724. # protocol: TCP
  2725. # resources: {}
  2726. ## InitContainers allows injecting additional initContainers. This is meant to allow doing some changes
  2727. ## (permissions, dir tree) on mounted volumes before starting prometheus
  2728. initContainers: []
  2729. ## PortName to use for Prometheus.
  2730. ##
  2731. portName: "http-web"
  2732. ## ArbitraryFSAccessThroughSMs configures whether configuration based on a service monitor can access arbitrary files
  2733. ## on the file system of the Prometheus container e.g. bearer token files.
  2734. arbitraryFSAccessThroughSMs: false
  2735. ## OverrideHonorLabels if set to true overrides all user configured honor_labels. If HonorLabels is set in ServiceMonitor
  2736. ## or PodMonitor to true, this overrides honor_labels to false.
  2737. overrideHonorLabels: false
  2738. ## OverrideHonorTimestamps allows to globally enforce honoring timestamps in all scrape configs.
  2739. overrideHonorTimestamps: false
  2740. ## IgnoreNamespaceSelectors if set to true will ignore NamespaceSelector settings from the podmonitor and servicemonitor
  2741. ## configs, and they will only discover endpoints within their current namespace. Defaults to false.
  2742. ignoreNamespaceSelectors: false
  2743. ## EnforcedNamespaceLabel enforces adding a namespace label of origin for each alert and metric that is user created.
  2744. ## The label value will always be the namespace of the object that is being created.
  2745. ## Disabled by default
  2746. enforcedNamespaceLabel: ""
  2747. ## PrometheusRulesExcludedFromEnforce - list of prometheus rules to be excluded from enforcing of adding namespace labels.
  2748. ## Works only if enforcedNamespaceLabel set to true. Make sure both ruleNamespace and ruleName are set for each pair
  2749. ## Deprecated, use `excludedFromEnforcement` instead
  2750. prometheusRulesExcludedFromEnforce: []
  2751. ## ExcludedFromEnforcement - list of object references to PodMonitor, ServiceMonitor, Probe and PrometheusRule objects
  2752. ## to be excluded from enforcing a namespace label of origin.
  2753. ## Works only if enforcedNamespaceLabel set to true.
  2754. ## See https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#objectreference
  2755. excludedFromEnforcement: []
  2756. ## QueryLogFile specifies the file to which PromQL queries are logged. Note that this location must be writable,
  2757. ## and can be persisted using an attached volume. Alternatively, the location can be set to a stdout location such
  2758. ## as /dev/stdout to log querie information to the default Prometheus log stream. This is only available in versions
  2759. ## of Prometheus >= 2.16.0. For more details, see the Prometheus docs (https://prometheus.io/docs/guides/query-log/)
  2760. queryLogFile: false
  2761. ## EnforcedSampleLimit defines global limit on number of scraped samples that will be accepted. This overrides any SampleLimit
  2762. ## set per ServiceMonitor or/and PodMonitor. It is meant to be used by admins to enforce the SampleLimit to keep overall
  2763. ## number of samples/series under the desired limit. Note that if SampleLimit is lower that value will be taken instead.
  2764. enforcedSampleLimit: false
  2765. ## EnforcedTargetLimit defines a global limit on the number of scraped targets. This overrides any TargetLimit set
  2766. ## per ServiceMonitor or/and PodMonitor. It is meant to be used by admins to enforce the TargetLimit to keep the overall
  2767. ## number of targets under the desired limit. Note that if TargetLimit is lower, that value will be taken instead, except
  2768. ## if either value is zero, in which case the non-zero value will be used. If both values are zero, no limit is enforced.
  2769. enforcedTargetLimit: false
  2770. ## Per-scrape limit on number of labels that will be accepted for a sample. If more than this number of labels are present
  2771. ## post metric-relabeling, the entire scrape will be treated as failed. 0 means no limit. Only valid in Prometheus versions
  2772. ## 2.27.0 and newer.
  2773. enforcedLabelLimit: false
  2774. ## Per-scrape limit on length of labels name that will be accepted for a sample. If a label name is longer than this number
  2775. ## post metric-relabeling, the entire scrape will be treated as failed. 0 means no limit. Only valid in Prometheus versions
  2776. ## 2.27.0 and newer.
  2777. enforcedLabelNameLengthLimit: false
  2778. ## Per-scrape limit on length of labels value that will be accepted for a sample. If a label value is longer than this
  2779. ## number post metric-relabeling, the entire scrape will be treated as failed. 0 means no limit. Only valid in Prometheus
  2780. ## versions 2.27.0 and newer.
  2781. enforcedLabelValueLengthLimit: false
  2782. ## AllowOverlappingBlocks enables vertical compaction and vertical query merge in Prometheus. This is still experimental
  2783. ## in Prometheus so it may change in any upcoming release.
  2784. allowOverlappingBlocks: false
  2785. ## Minimum number of seconds for which a newly created pod should be ready without any of its container crashing for it to
  2786. ## be considered available. Defaults to 0 (pod will be considered available as soon as it is ready).
  2787. minReadySeconds: 0
  2788. # Required for use in managed kubernetes clusters (such as AWS EKS) with custom CNI (such as calico),
  2789. # because control-plane managed by AWS cannot communicate with pods' IP CIDR and admission webhooks are not working
  2790. # Use the host's network namespace if true. Make sure to understand the security implications if you want to enable it.
  2791. # When hostNetwork is enabled, this will set dnsPolicy to ClusterFirstWithHostNet automatically.
  2792. hostNetwork: false
  2793. # HostAlias holds the mapping between IP and hostnames that will be injected
  2794. # as an entry in the pod’s hosts file.
  2795. hostAliases: []
  2796. # - ip: 10.10.0.100
  2797. # hostnames:
  2798. # - a1.app.local
  2799. # - b1.app.local
  2800. additionalRulesForClusterRole: []
  2801. # - apiGroups: [ "" ]
  2802. # resources:
  2803. # - nodes/proxy
  2804. # verbs: [ "get", "list", "watch" ]
  2805. additionalServiceMonitors: []
  2806. ## Name of the ServiceMonitor to create
  2807. ##
  2808. # - name: ""
  2809. ## Additional labels to set used for the ServiceMonitorSelector. Together with standard labels from
  2810. ## the chart
  2811. ##
  2812. # additionalLabels: {}
  2813. ## Service label for use in assembling a job name of the form <label value>-<port>
  2814. ## If no label is specified, the service name is used.
  2815. ##
  2816. # jobLabel: ""
  2817. ## labels to transfer from the kubernetes service to the target
  2818. ##
  2819. # targetLabels: []
  2820. ## labels to transfer from the kubernetes pods to the target
  2821. ##
  2822. # podTargetLabels: []
  2823. ## Label selector for services to which this ServiceMonitor applies
  2824. ##
  2825. # selector: {}
  2826. ## Namespaces from which services are selected
  2827. ##
  2828. # namespaceSelector:
  2829. ## Match any namespace
  2830. ##
  2831. # any: false
  2832. ## Explicit list of namespace names to select
  2833. ##
  2834. # matchNames: []
  2835. ## Endpoints of the selected service to be monitored
  2836. ##
  2837. # endpoints: []
  2838. ## Name of the endpoint's service port
  2839. ## Mutually exclusive with targetPort
  2840. # - port: ""
  2841. ## Name or number of the endpoint's target port
  2842. ## Mutually exclusive with port
  2843. # - targetPort: ""
  2844. ## File containing bearer token to be used when scraping targets
  2845. ##
  2846. # bearerTokenFile: ""
  2847. ## Interval at which metrics should be scraped
  2848. ##
  2849. # interval: 30s
  2850. ## HTTP path to scrape for metrics
  2851. ##
  2852. # path: /metrics
  2853. ## HTTP scheme to use for scraping
  2854. ##
  2855. # scheme: http
  2856. ## TLS configuration to use when scraping the endpoint
  2857. ##
  2858. # tlsConfig:
  2859. ## Path to the CA file
  2860. ##
  2861. # caFile: ""
  2862. ## Path to client certificate file
  2863. ##
  2864. # certFile: ""
  2865. ## Skip certificate verification
  2866. ##
  2867. # insecureSkipVerify: false
  2868. ## Path to client key file
  2869. ##
  2870. # keyFile: ""
  2871. ## Server name used to verify host name
  2872. ##
  2873. # serverName: ""
  2874. additionalPodMonitors: []
  2875. ## Name of the PodMonitor to create
  2876. ##
  2877. # - name: ""
  2878. ## Additional labels to set used for the PodMonitorSelector. Together with standard labels from
  2879. ## the chart
  2880. ##
  2881. # additionalLabels: {}
  2882. ## Pod label for use in assembling a job name of the form <label value>-<port>
  2883. ## If no label is specified, the pod endpoint name is used.
  2884. ##
  2885. # jobLabel: ""
  2886. ## Label selector for pods to which this PodMonitor applies
  2887. ##
  2888. # selector: {}
  2889. ## PodTargetLabels transfers labels on the Kubernetes Pod onto the target.
  2890. ##
  2891. # podTargetLabels: {}
  2892. ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
  2893. ##
  2894. # sampleLimit: 0
  2895. ## Namespaces from which pods are selected
  2896. ##
  2897. # namespaceSelector:
  2898. ## Match any namespace
  2899. ##
  2900. # any: false
  2901. ## Explicit list of namespace names to select
  2902. ##
  2903. # matchNames: []
  2904. ## Endpoints of the selected pods to be monitored
  2905. ## https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#podmetricsendpoint
  2906. ##
  2907. # podMetricsEndpoints: []
  2908. ## Configuration for thanosRuler
  2909. ## ref: https://thanos.io/tip/components/rule.md/
  2910. ##
  2911. thanosRuler:
  2912. ## Deploy thanosRuler
  2913. ##
  2914. enabled: false
  2915. ## Annotations for ThanosRuler
  2916. ##
  2917. annotations: {}
  2918. ## Service account for ThanosRuler to use.
  2919. ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
  2920. ##
  2921. serviceAccount:
  2922. create: true
  2923. name: ""
  2924. annotations: {}
  2925. ## Configure pod disruption budgets for ThanosRuler
  2926. ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget
  2927. ## This configuration is immutable once created and will require the PDB to be deleted to be changed
  2928. ## https://github.com/kubernetes/kubernetes/issues/45398
  2929. ##
  2930. podDisruptionBudget:
  2931. enabled: false
  2932. minAvailable: 1
  2933. maxUnavailable: ""
  2934. ingress:
  2935. enabled: false
  2936. # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName
  2937. # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress
  2938. # ingressClassName: nginx
  2939. annotations: {}
  2940. labels: {}
  2941. ## Hosts must be provided if Ingress is enabled.
  2942. ##
  2943. hosts: []
  2944. # - thanosruler.domain.com
  2945. ## Paths to use for ingress rules - one path should match the thanosruler.routePrefix
  2946. ##
  2947. paths: []
  2948. # - /
  2949. ## For Kubernetes >= 1.18 you should specify the pathType (determines how Ingress paths should be matched)
  2950. ## See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#better-path-matching-with-path-types
  2951. # pathType: ImplementationSpecific
  2952. ## TLS configuration for ThanosRuler Ingress
  2953. ## Secret must be manually created in the namespace
  2954. ##
  2955. tls: []
  2956. # - secretName: thanosruler-general-tls
  2957. # hosts:
  2958. # - thanosruler.example.com
  2959. ## Configuration for ThanosRuler service
  2960. ##
  2961. service:
  2962. annotations: {}
  2963. labels: {}
  2964. clusterIP: ""
  2965. ## Port for ThanosRuler Service to listen on
  2966. ##
  2967. port: 10902
  2968. ## To be used with a proxy extraContainer port
  2969. ##
  2970. targetPort: 10902
  2971. ## Port to expose on each node
  2972. ## Only used if service.type is 'NodePort'
  2973. ##
  2974. nodePort: 30905
  2975. ## List of IP addresses at which the Prometheus server service is available
  2976. ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
  2977. ##
  2978. ## Additional ports to open for ThanosRuler service
  2979. additionalPorts: []
  2980. externalIPs: []
  2981. loadBalancerIP: ""
  2982. loadBalancerSourceRanges: []
  2983. ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints
  2984. ##
  2985. externalTrafficPolicy: Cluster
  2986. ## Service type
  2987. ##
  2988. type: ClusterIP
  2989. ## If true, create a serviceMonitor for thanosRuler
  2990. ##
  2991. serviceMonitor:
  2992. ## Scrape interval. If not set, the Prometheus default scrape interval is used.
  2993. ##
  2994. interval: ""
  2995. selfMonitor: true
  2996. ## Additional labels
  2997. ##
  2998. additionalLabels: {}
  2999. ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
  3000. ##
  3001. sampleLimit: 0
  3002. ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
  3003. ##
  3004. targetLimit: 0
  3005. ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  3006. ##
  3007. labelLimit: 0
  3008. ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  3009. ##
  3010. labelNameLengthLimit: 0
  3011. ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
  3012. ##
  3013. labelValueLengthLimit: 0
  3014. ## proxyUrl: URL of a proxy that should be used for scraping.
  3015. ##
  3016. proxyUrl: ""
  3017. ## scheme: HTTP scheme to use for scraping. Can be used with `tlsConfig` for example if using istio mTLS.
  3018. scheme: ""
  3019. ## tlsConfig: TLS configuration to use when scraping the endpoint. For example if using istio mTLS.
  3020. ## Of type: https://github.com/coreos/prometheus-operator/blob/main/Documentation/api.md#tlsconfig
  3021. tlsConfig: {}
  3022. bearerTokenFile:
  3023. ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
  3024. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
  3025. ##
  3026. metricRelabelings: []
  3027. # - action: keep
  3028. # regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
  3029. # sourceLabels: [__name__]
  3030. ## RelabelConfigs to apply to samples before scraping
  3031. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
  3032. ##
  3033. relabelings: []
  3034. # - sourceLabels: [__meta_kubernetes_pod_node_name]
  3035. # separator: ;
  3036. # regex: ^(.*)$
  3037. # targetLabel: nodename
  3038. # replacement: $1
  3039. # action: replace
  3040. ## Settings affecting thanosRulerpec
  3041. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#thanosrulerspec
  3042. ##
  3043. thanosRulerSpec:
  3044. ## Standard object's metadata. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata
  3045. ## Metadata Labels and Annotations gets propagated to the ThanosRuler pods.
  3046. ##
  3047. podMetadata: {}
  3048. ## Image of ThanosRuler
  3049. ##
  3050. image:
  3051. registry: quay.io
  3052. repository: thanos/thanos
  3053. tag: v0.30.2
  3054. sha: ""
  3055. ## Namespaces to be selected for PrometheusRules discovery.
  3056. ## If nil, select own namespace. Namespaces to be selected for ServiceMonitor discovery.
  3057. ## See https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#namespaceselector for usage
  3058. ##
  3059. ruleNamespaceSelector: {}
  3060. ## If true, a nil or {} value for thanosRuler.thanosRulerSpec.ruleSelector will cause the
  3061. ## prometheus resource to be created with selectors based on values in the helm deployment,
  3062. ## which will also match the PrometheusRule resources created
  3063. ##
  3064. ruleSelectorNilUsesHelmValues: true
  3065. ## PrometheusRules to be selected for target discovery.
  3066. ## If {}, select all PrometheusRules
  3067. ##
  3068. ruleSelector: {}
  3069. ## Example which select all PrometheusRules resources
  3070. ## with label "prometheus" with values any of "example-rules" or "example-rules-2"
  3071. # ruleSelector:
  3072. # matchExpressions:
  3073. # - key: prometheus
  3074. # operator: In
  3075. # values:
  3076. # - example-rules
  3077. # - example-rules-2
  3078. #
  3079. ## Example which select all PrometheusRules resources with label "role" set to "example-rules"
  3080. # ruleSelector:
  3081. # matchLabels:
  3082. # role: example-rules
  3083. ## Define Log Format
  3084. # Use logfmt (default) or json logging
  3085. logFormat: logfmt
  3086. ## Log level for ThanosRuler to be configured with.
  3087. ##
  3088. logLevel: info
  3089. ## Size is the expected size of the thanosRuler cluster. The controller will eventually make the size of the
  3090. ## running cluster equal to the expected size.
  3091. replicas: 1
  3092. ## Time duration ThanosRuler shall retain data for. Default is '24h', and must match the regular expression
  3093. ## [0-9]+(ms|s|m|h) (milliseconds seconds minutes hours).
  3094. ##
  3095. retention: 24h
  3096. ## Interval between consecutive evaluations.
  3097. ##
  3098. evaluationInterval: ""
  3099. ## Storage is the definition of how storage will be used by the ThanosRuler instances.
  3100. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/user-guides/storage.md
  3101. ##
  3102. storage: {}
  3103. # volumeClaimTemplate:
  3104. # spec:
  3105. # storageClassName: gluster
  3106. # accessModes: ["ReadWriteOnce"]
  3107. # resources:
  3108. # requests:
  3109. # storage: 50Gi
  3110. # selector: {}
  3111. ## AlertmanagerConfig define configuration for connecting to alertmanager.
  3112. ## Only available with Thanos v0.10.0 and higher. Maps to the alertmanagers.config Thanos Ruler arg.
  3113. alertmanagersConfig: {}
  3114. # - api_version: v2
  3115. # http_config:
  3116. # basic_auth:
  3117. # username: some_user
  3118. # password: some_pass
  3119. # static_configs:
  3120. # - alertmanager.thanos.io
  3121. # scheme: http
  3122. # timeout: 10s
  3123. ## DEPRECATED. Define URLs to send alerts to Alertmanager. For Thanos v0.10.0 and higher, alertmanagersConfig should be used instead.
  3124. ## Note: this field will be ignored if alertmanagersConfig is specified. Maps to the alertmanagers.url Thanos Ruler arg.
  3125. # alertmanagersUrl:
  3126. ## The external URL the Thanos Ruler instances will be available under. This is necessary to generate correct URLs. This is necessary if Thanos Ruler is not served from root of a DNS name. string false
  3127. ##
  3128. externalPrefix:
  3129. ## The route prefix ThanosRuler registers HTTP handlers for. This is useful, if using ExternalURL and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true,
  3130. ## but the server serves requests under a different route prefix. For example for use with kubectl proxy.
  3131. ##
  3132. routePrefix: /
  3133. ## ObjectStorageConfig configures object storage in Thanos. Alternative to
  3134. ## ObjectStorageConfigFile, and lower order priority.
  3135. objectStorageConfig: {}
  3136. ## ObjectStorageConfigFile specifies the path of the object storage configuration file.
  3137. ## When used alongside with ObjectStorageConfig, ObjectStorageConfigFile takes precedence.
  3138. objectStorageConfigFile: ""
  3139. ## QueryEndpoints defines Thanos querier endpoints from which to query metrics.
  3140. ## Maps to the --query flag of thanos ruler.
  3141. queryEndpoints: []
  3142. ## Define configuration for connecting to thanos query instances. If this is defined, the queryEndpoints field will be ignored.
  3143. ## Maps to the query.config CLI argument. Only available with thanos v0.11.0 and higher.
  3144. queryConfig: {}
  3145. ## Labels configure the external label pairs to ThanosRuler. A default replica
  3146. ## label `thanos_ruler_replica` will be always added as a label with the value
  3147. ## of the pod's name and it will be dropped in the alerts.
  3148. labels: {}
  3149. ## If set to true all actions on the underlying managed objects are not going to be performed, except for delete actions.
  3150. ##
  3151. paused: false
  3152. ## Define which Nodes the Pods are scheduled on.
  3153. ## ref: https://kubernetes.io/docs/user-guide/node-selection/
  3154. ##
  3155. nodeSelector: {}
  3156. ## Define resources requests and limits for single Pods.
  3157. ## ref: https://kubernetes.io/docs/user-guide/compute-resources/
  3158. ##
  3159. resources: {}
  3160. # requests:
  3161. # memory: 400Mi
  3162. ## Pod anti-affinity can prevent the scheduler from placing Prometheus replicas on the same node.
  3163. ## The default value "soft" means that the scheduler should *prefer* to not schedule two replica pods onto the same node but no guarantee is provided.
  3164. ## The value "hard" means that the scheduler is *required* to not schedule two replica pods onto the same node.
  3165. ## The value "" will disable pod anti-affinity so that no anti-affinity rules will be configured.
  3166. ##
  3167. podAntiAffinity: ""
  3168. ## If anti-affinity is enabled sets the topologyKey to use for anti-affinity.
  3169. ## This can be changed to, for example, failure-domain.beta.kubernetes.io/zone
  3170. ##
  3171. podAntiAffinityTopologyKey: kubernetes.io/hostname
  3172. ## Assign custom affinity rules to the thanosRuler instance
  3173. ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
  3174. ##
  3175. affinity: {}
  3176. # nodeAffinity:
  3177. # requiredDuringSchedulingIgnoredDuringExecution:
  3178. # nodeSelectorTerms:
  3179. # - matchExpressions:
  3180. # - key: kubernetes.io/e2e-az-name
  3181. # operator: In
  3182. # values:
  3183. # - e2e-az1
  3184. # - e2e-az2
  3185. ## If specified, the pod's tolerations.
  3186. ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
  3187. ##
  3188. tolerations: []
  3189. # - key: "key"
  3190. # operator: "Equal"
  3191. # value: "value"
  3192. # effect: "NoSchedule"
  3193. ## If specified, the pod's topology spread constraints.
  3194. ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
  3195. ##
  3196. topologySpreadConstraints: []
  3197. # - maxSkew: 1
  3198. # topologyKey: topology.kubernetes.io/zone
  3199. # whenUnsatisfiable: DoNotSchedule
  3200. # labelSelector:
  3201. # matchLabels:
  3202. # app: thanos-ruler
  3203. ## SecurityContext holds pod-level security attributes and common container settings.
  3204. ## This defaults to non root user with uid 1000 and gid 2000. *v1.PodSecurityContext false
  3205. ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
  3206. ##
  3207. securityContext:
  3208. runAsGroup: 2000
  3209. runAsNonRoot: true
  3210. runAsUser: 1000
  3211. fsGroup: 2000
  3212. ## ListenLocal makes the ThanosRuler server listen on loopback, so that it does not bind against the Pod IP.
  3213. ## Note this is only for the ThanosRuler UI, not the gossip communication.
  3214. ##
  3215. listenLocal: false
  3216. ## Containers allows injecting additional containers. This is meant to allow adding an authentication proxy to an ThanosRuler pod.
  3217. ##
  3218. containers: []
  3219. # Additional volumes on the output StatefulSet definition.
  3220. volumes: []
  3221. # Additional VolumeMounts on the output StatefulSet definition.
  3222. volumeMounts: []
  3223. ## InitContainers allows injecting additional initContainers. This is meant to allow doing some changes
  3224. ## (permissions, dir tree) on mounted volumes before starting prometheus
  3225. initContainers: []
  3226. ## Priority class assigned to the Pods
  3227. ##
  3228. priorityClassName: ""
  3229. ## PortName to use for ThanosRuler.
  3230. ##
  3231. portName: "web"
  3232. ## ExtraSecret can be used to store various data in an extra secret
  3233. ## (use it for example to store hashed basic auth credentials)
  3234. extraSecret:
  3235. ## if not set, name will be auto generated
  3236. # name: ""
  3237. annotations: {}
  3238. data: {}
  3239. # auth: |
  3240. # foo:$apr1$OFG3Xybp$ckL0FHDAkoXYIlH9.cysT0
  3241. # someoneelse:$apr1$DMZX2Z4q$6SbQIfyuLQd.xmo/P0m2c.
  3242. ## Setting to true produces cleaner resource names, but requires a data migration because the name of the persistent volume changes. Therefore this should only be set once on initial installation.
  3243. ##
  3244. cleanPrometheusOperatorObjectNames: false