Workaround for large CRDs with ArgoCD

This commit is contained in:
Stefan Reimer 2023-08-22 13:42:24 +00:00
parent b799837894
commit 0337591810
80 changed files with 12006 additions and 805 deletions

View File

@ -7,20 +7,28 @@ annotations:
url: https://github.com/prometheus-operator/kube-prometheus
artifacthub.io/operator: "true"
apiVersion: v2
appVersion: v0.65.1
appVersion: v0.66.0
dependencies:
- condition: crds.enabled
name: crds
repository: ""
version: 0.0.0
- condition: kubeStateMetrics.enabled
name: kube-state-metrics
repository: https://prometheus-community.github.io/helm-charts
version: 5.5.*
version: 5.10.*
- condition: nodeExporter.enabled
name: prometheus-node-exporter
repository: https://prometheus-community.github.io/helm-charts
version: 4.16.*
version: 4.21.*
- condition: grafana.enabled
name: grafana
repository: https://grafana.github.io/helm-charts
version: 6.56.*
version: 6.58.*
- condition: windowsMonitoring.enabled
name: prometheus-windows-exporter
repository: https://prometheus-community.github.io/helm-charts
version: 0.1.*
description: kube-prometheus-stack collects Kubernetes manifests, Grafana dashboards,
and Prometheus rules combined with documentation and scripts to provide easy to
operate end-to-end Kubernetes cluster monitoring with Prometheus using the Prometheus
@ -52,4 +60,4 @@ sources:
- https://github.com/prometheus-community/helm-charts
- https://github.com/prometheus-operator/kube-prometheus
type: application
version: 45.27.2
version: 48.3.3

View File

@ -59,8 +59,10 @@ kubectl delete crd alertmanagerconfigs.monitoring.coreos.com
kubectl delete crd alertmanagers.monitoring.coreos.com
kubectl delete crd podmonitors.monitoring.coreos.com
kubectl delete crd probes.monitoring.coreos.com
kubectl delete crd prometheusagents.monitoring.coreos.com
kubectl delete crd prometheuses.monitoring.coreos.com
kubectl delete crd prometheusrules.monitoring.coreos.com
kubectl delete crd scrapeconfigs.monitoring.coreos.com
kubectl delete crd servicemonitors.monitoring.coreos.com
kubectl delete crd thanosrulers.monitoring.coreos.com
```
@ -80,9 +82,54 @@ _See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documen
A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an incompatible breaking change needing manual actions.
### From 47.x to 48.x
This version moved all CRDs into a dedicated sub-chart. No new CRDs are introduced in this version.
See [#3548](https://github.com/prometheus-community/helm-charts/issues/3548) for more context.
We do not expect any breaking changes in this version.
### From 46.x to 47.x
This version upgrades Prometheus-Operator to v0.66.0 with new CRDs (PrometheusAgent and ScrapeConfig).
Run these commands to update the CRDs before applying the upgrade.
```console
kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml
kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_scrapeconfigs.yaml
kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
```
### From 45.x to 46.x
This version upgrades Prometheus-Operator to v0.65.1 with new CRDs (PrometheusAgent and ScrapeConfig), Prometheus to v2.44.0 and Thanos to v0.31.0.
Run these commands to update the CRDs before applying the upgrade.
```console
kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.65.1/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.65.1/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.65.1/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.65.1/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.65.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml
kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.65.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.65.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.65.1/example/prometheus-operator-crd/monitoring.coreos.com_scrapeconfigs.yaml
kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.65.1/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.65.1/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
```
### From 44.x to 45.x
This version upgrades Prometheus-Operator to v0.63.0, Prometheus to v2.43.0 and Thanos to v0.30.2.
This version upgrades Prometheus-Operator to v0.63.0, Prometheus to v2.42.0 and Thanos to v0.30.2.
Run these commands to update the CRDs before applying the upgrade.

View File

@ -0,0 +1,3 @@
apiVersion: v2
name: crds
version: 0.0.0

View File

@ -0,0 +1,3 @@
# crds subchart
See: [https://github.com/prometheus-community/helm-charts/issues/3548](https://github.com/prometheus-community/helm-charts/issues/3548)

View File

@ -1,10 +1,11 @@
# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.63.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.11.1
argocd.argoproj.io/sync-options: ServerSideApply=true
creationTimestamp: null
name: alertmanagerconfigs.monitoring.coreos.com
spec:
@ -2696,9 +2697,9 @@ spec:
signing process to sign requests.
properties:
accessKey:
description: AccessKey is the AWS API key. If blank,
the environment variable `AWS_ACCESS_KEY_ID` is
used.
description: AccessKey is the AWS API key. If not
specified, the environment variable `AWS_ACCESS_KEY_ID`
is used.
properties:
key:
description: The key of the secret to select from. Must
@ -2731,8 +2732,8 @@ spec:
to authenticate.
type: string
secretKey:
description: SecretKey is the AWS API secret. If blank,
the environment variable `AWS_SECRET_ACCESS_KEY`
description: SecretKey is the AWS API secret. If not
specified, the environment variable `AWS_SECRET_ACCESS_KEY`
is used.
properties:
key:

View File

@ -1,10 +1,11 @@
# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.63.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.11.1
argocd.argoproj.io/sync-options: ServerSideApply=true
creationTimestamp: null
name: alertmanagers.monitoring.coreos.com
spec:
@ -1356,6 +1357,47 @@ spec:
type: string
type: object
type: object
opsGenieApiKey:
description: The default OpsGenie API Key.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
opsGenieApiUrl:
description: The default OpsGenie API URL.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
pagerdutyUrl:
description: The default Pagerduty URL.
type: string
resolveTimeout:
description: ResolveTimeout is the default value used by alertmanager
if the alert does not include EndsAt, after this time passes
@ -1364,6 +1406,25 @@ spec:
they always include EndsAt.
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
slackApiUrl:
description: The default Slack API URL.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
name:
description: The name of the AlertmanagerConfig resource which
@ -1419,6 +1480,12 @@ spec:
type: object
type: array
type: object
automountServiceAccountToken:
description: 'AutomountServiceAccountToken indicates whether a service
account token should be automatically mounted in the pod. If the
service account has `automountServiceAccountToken: true`, set the
field to `false` to opt out of automounting API credentials.'
type: boolean
baseImage:
description: 'Base image that is used to deploy pods, without tag.
Deprecated: use ''image'' instead'
@ -1721,7 +1788,9 @@ spec:
to be used in HTTP probes
properties:
name:
description: The header field name
description: The header field name. This will
be canonicalized upon output, so case-variant
names will be understood as the same header.
type: string
value:
description: The header field value
@ -1817,7 +1886,9 @@ spec:
to be used in HTTP probes
properties:
name:
description: The header field name
description: The header field name. This will
be canonicalized upon output, so case-variant
names will be understood as the same header.
type: string
value:
description: The header field value
@ -1897,8 +1968,6 @@ spec:
type: integer
grpc:
description: GRPC specifies an action involving a GRPC port.
This is a beta field and requires enabling GRPCContainerProbe
feature gate.
properties:
port:
description: Port number of the gRPC service. Number
@ -1930,7 +1999,9 @@ spec:
to be used in HTTP probes
properties:
name:
description: The header field name
description: The header field name. This will
be canonicalized upon output, so case-variant
names will be understood as the same header.
type: string
value:
description: The header field value
@ -2099,8 +2170,6 @@ spec:
type: integer
grpc:
description: GRPC specifies an action involving a GRPC port.
This is a beta field and requires enabling GRPCContainerProbe
feature gate.
properties:
port:
description: Port number of the gRPC service. Number
@ -2132,7 +2201,9 @@ spec:
to be used in HTTP probes
properties:
name:
description: The header field name
description: The header field name. This will
be canonicalized upon output, so case-variant
names will be understood as the same header.
type: string
value:
description: The header field value
@ -2221,6 +2292,26 @@ spec:
format: int32
type: integer
type: object
resizePolicy:
description: Resources resize policy for the container.
items:
description: ContainerResizePolicy represents resource resize
policy for the container.
properties:
resourceName:
description: 'Name of the resource to which this resource
resize policy applies. Supported values: cpu, memory.'
type: string
restartPolicy:
description: Restart policy to apply when specified resource
is resized. If not specified, it defaults to NotRequired.
type: string
required:
- resourceName
- restartPolicy
type: object
type: array
x-kubernetes-list-type: atomic
resources:
description: 'Compute Resources required by this container.
Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
@ -2229,7 +2320,8 @@ spec:
description: "Claims lists the names of resources, defined
in spec.resourceClaims, that are used by this container.
\n This is an alpha field and requires enabling the DynamicResourceAllocation
feature gate. \n This field is immutable."
feature gate. \n This field is immutable. It can only
be set for containers."
items:
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
properties:
@ -2266,8 +2358,8 @@ spec:
description: 'Requests describes the minimum amount of compute
resources required. If Requests is omitted for a container,
it defaults to Limits if that is explicitly specified,
otherwise to an implementation-defined value. More info:
https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
otherwise to an implementation-defined value. Requests
cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
type: object
type: object
securityContext:
@ -2480,8 +2572,6 @@ spec:
type: integer
grpc:
description: GRPC specifies an action involving a GRPC port.
This is a beta field and requires enabling GRPCContainerProbe
feature gate.
properties:
port:
description: Port number of the gRPC service. Number
@ -2513,7 +2603,9 @@ spec:
to be used in HTTP probes
properties:
name:
description: The header field name
description: The header field name. This will
be canonicalized upon output, so case-variant
names will be understood as the same header.
type: string
value:
description: The header field value
@ -2783,10 +2875,12 @@ spec:
into the Alertmanager configuration from external sources. Any errors
during the execution of an initContainer will lead to a restart
of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
Using initContainers for any use case other then secret fetching
is entirely outside the scope of what the maintainers will support
and by doing so, you accept that this behaviour may break at any
time without notice.'
InitContainers described here modify an operator generated init
containers if they share the same name and modifications are done
via a strategic merge patch. The current init container name is:
`init-config-reloader`. Overriding init containers is entirely outside
the scope of what the maintainers will support and by doing so,
you accept that this behaviour may break at any time without notice.'
items:
description: A single application container that you want to run
within a pod.
@ -3037,7 +3131,9 @@ spec:
to be used in HTTP probes
properties:
name:
description: The header field name
description: The header field name. This will
be canonicalized upon output, so case-variant
names will be understood as the same header.
type: string
value:
description: The header field value
@ -3133,7 +3229,9 @@ spec:
to be used in HTTP probes
properties:
name:
description: The header field name
description: The header field name. This will
be canonicalized upon output, so case-variant
names will be understood as the same header.
type: string
value:
description: The header field value
@ -3213,8 +3311,6 @@ spec:
type: integer
grpc:
description: GRPC specifies an action involving a GRPC port.
This is a beta field and requires enabling GRPCContainerProbe
feature gate.
properties:
port:
description: Port number of the gRPC service. Number
@ -3246,7 +3342,9 @@ spec:
to be used in HTTP probes
properties:
name:
description: The header field name
description: The header field name. This will
be canonicalized upon output, so case-variant
names will be understood as the same header.
type: string
value:
description: The header field value
@ -3415,8 +3513,6 @@ spec:
type: integer
grpc:
description: GRPC specifies an action involving a GRPC port.
This is a beta field and requires enabling GRPCContainerProbe
feature gate.
properties:
port:
description: Port number of the gRPC service. Number
@ -3448,7 +3544,9 @@ spec:
to be used in HTTP probes
properties:
name:
description: The header field name
description: The header field name. This will
be canonicalized upon output, so case-variant
names will be understood as the same header.
type: string
value:
description: The header field value
@ -3537,6 +3635,26 @@ spec:
format: int32
type: integer
type: object
resizePolicy:
description: Resources resize policy for the container.
items:
description: ContainerResizePolicy represents resource resize
policy for the container.
properties:
resourceName:
description: 'Name of the resource to which this resource
resize policy applies. Supported values: cpu, memory.'
type: string
restartPolicy:
description: Restart policy to apply when specified resource
is resized. If not specified, it defaults to NotRequired.
type: string
required:
- resourceName
- restartPolicy
type: object
type: array
x-kubernetes-list-type: atomic
resources:
description: 'Compute Resources required by this container.
Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
@ -3545,7 +3663,8 @@ spec:
description: "Claims lists the names of resources, defined
in spec.resourceClaims, that are used by this container.
\n This is an alpha field and requires enabling the DynamicResourceAllocation
feature gate. \n This field is immutable."
feature gate. \n This field is immutable. It can only
be set for containers."
items:
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
properties:
@ -3582,8 +3701,8 @@ spec:
description: 'Requests describes the minimum amount of compute
resources required. If Requests is omitted for a container,
it defaults to Limits if that is explicitly specified,
otherwise to an implementation-defined value. More info:
https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
otherwise to an implementation-defined value. Requests
cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
type: object
type: object
securityContext:
@ -3796,8 +3915,6 @@ spec:
type: integer
grpc:
description: GRPC specifies an action involving a GRPC port.
This is a beta field and requires enabling GRPCContainerProbe
feature gate.
properties:
port:
description: Port number of the gRPC service. Number
@ -3829,7 +3946,9 @@ spec:
to be used in HTTP probes
properties:
name:
description: The header field name
description: The header field name. This will
be canonicalized upon output, so case-variant
names will be understood as the same header.
type: string
value:
description: The header field value
@ -4097,8 +4216,9 @@ spec:
type: string
type: object
portName:
description: Port name used for the pods and governing service. This
defaults to web
default: web
description: Port name used for the pods and governing service. Defaults
to `web`.
type: string
priorityClassName:
description: Priority class assigned to the Pods
@ -4116,7 +4236,8 @@ spec:
description: "Claims lists the names of resources, defined in
spec.resourceClaims, that are used by this container. \n This
is an alpha field and requires enabling the DynamicResourceAllocation
feature gate. \n This field is immutable."
feature gate. \n This field is immutable. It can only be set
for containers."
items:
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
properties:
@ -4152,7 +4273,8 @@ spec:
description: 'Requests describes the minimum amount of compute
resources required. If Requests is omitted for a container,
it defaults to Limits if that is explicitly specified, otherwise
to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
to an implementation-defined value. Requests cannot exceed Limits.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
type: object
type: object
retention:
@ -4363,14 +4485,13 @@ spec:
by the Alertmanager instances.
properties:
disableMountSubPath:
description: 'Deprecated: subPath usage will be disabled by default
in a future release, this option will become unnecessary. DisableMountSubPath
allows to remove any subPath usage in volume mounts.'
description: '*Deprecated: subPath usage will be removed in a
future release.*'
type: boolean
emptyDir:
description: 'EmptyDirVolumeSource to be used by the StatefulSet.
If specified, used in place of any volumeClaimTemplate. More
info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir'
If specified, it takes precedence over `ephemeral` and `volumeClaimTemplate`.
More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir'
properties:
medium:
description: 'medium represents what type of storage medium
@ -4388,14 +4509,14 @@ spec:
medium EmptyDir would be the minimum value between the SizeLimit
specified here and the sum of memory limits of all containers
in a pod. The default is nil which means that the limit
is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
ephemeral:
description: 'EphemeralVolumeSource to be used by the StatefulSet.
This is a beta field in k8s 1.21, for lower versions, starting
with k8s 1.19, it requires enabling the GenericEphemeralVolume
This is a beta field in k8s 1.21 and GA in 1.15. For lower versions,
starting with k8s 1.19, it requires enabling the GenericEphemeralVolume
feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes'
properties:
volumeClaimTemplate:
@ -4543,7 +4664,8 @@ spec:
defined in spec.resourceClaims, that are used
by this container. \n This is an alpha field
and requires enabling the DynamicResourceAllocation
feature gate. \n This field is immutable."
feature gate. \n This field is immutable. It
can only be set for containers."
items:
description: ResourceClaim references one entry
in PodSpec.ResourceClaims.
@ -4582,8 +4704,8 @@ spec:
of compute resources required. If Requests is
omitted for a container, it defaults to Limits
if that is explicitly specified, otherwise to
an implementation-defined value. More info:
https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
an implementation-defined value. Requests cannot
exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
type: object
type: object
selector:
@ -4654,10 +4776,10 @@ spec:
type: object
type: object
volumeClaimTemplate:
description: A PVC spec to be used by the StatefulSet. The easiest
way to use a volume that cannot be automatically provisioned
(for whatever reason) is to use a label selector alongside manually
created PersistentVolumes.
description: Defines the PVC spec to be used by the Prometheus
StatefulSets. The easiest way to use a volume that cannot be
automatically provisioned is to use a label selector alongside
manually created PersistentVolumes.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this
@ -4702,8 +4824,8 @@ spec:
type: string
type: object
spec:
description: 'Spec defines the desired characteristics of
a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
description: 'Defines the desired characteristics of a volume
requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
properties:
accessModes:
description: 'accessModes contains the desired access
@ -4810,7 +4932,8 @@ spec:
defined in spec.resourceClaims, that are used by
this container. \n This is an alpha field and requires
enabling the DynamicResourceAllocation feature gate.
\n This field is immutable."
\n This field is immutable. It can only be set for
containers."
items:
description: ResourceClaim references one entry
in PodSpec.ResourceClaims.
@ -4849,7 +4972,8 @@ spec:
of compute resources required. If Requests is omitted
for a container, it defaults to Limits if that is
explicitly specified, otherwise to an implementation-defined
value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
value. Requests cannot exceed Limits. More info:
https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
type: object
type: object
selector:
@ -4914,8 +5038,7 @@ spec:
type: string
type: object
status:
description: 'Status represents the current information/status
of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
description: '*Deprecated: this field is never set.*'
properties:
accessModes:
description: 'accessModes contains the actual access modes
@ -4959,7 +5082,7 @@ spec:
volume claim. If underlying persistent volume is being
resized then the Condition will be set to 'ResizeStarted'.
items:
description: PersistentVolumeClaimCondition contails
description: PersistentVolumeClaimCondition contains
details about state of pvc
properties:
lastProbeTime:
@ -5107,14 +5230,18 @@ spec:
type: object
x-kubernetes-map-type: atomic
matchLabelKeys:
description: MatchLabelKeys is a set of pod label keys to select
description: "MatchLabelKeys is a set of pod label keys to select
the pods over which spreading will be calculated. The keys
are used to lookup values from the incoming pod labels, those
key-value labels are ANDed with labelSelector to select the
group of existing pods over which spreading will be calculated
for the incoming pod. Keys that don't exist in the incoming
pod labels will be ignored. A null or empty list means only
match against labelSelector.
for the incoming pod. The same key is forbidden to exist in
both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot
be set when LabelSelector isn't set. Keys that don't exist
in the incoming pod labels will be ignored. A null or empty
list means only match against labelSelector. \n This is a
beta field and requires the MatchLabelKeysInPodTopologySpread
feature gate to be enabled (enabled by default)."
items:
type: string
type: array
@ -5655,7 +5782,7 @@ spec:
medium EmptyDir would be the minimum value between the
SizeLimit specified here and the sum of memory limits
of all containers in a pod. The default is nil which means
that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
@ -5827,7 +5954,8 @@ spec:
defined in spec.resourceClaims, that are used
by this container. \n This is an alpha field
and requires enabling the DynamicResourceAllocation
feature gate. \n This field is immutable."
feature gate. \n This field is immutable.
It can only be set for containers."
items:
description: ResourceClaim references one
entry in PodSpec.ResourceClaims.
@ -5867,8 +5995,8 @@ spec:
amount of compute resources required. If Requests
is omitted for a container, it defaults to
Limits if that is explicitly specified, otherwise
to an implementation-defined value. More info:
https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
to an implementation-defined value. Requests
cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
type: object
type: object
selector:
@ -6829,6 +6957,12 @@ spec:
web:
description: Defines the web command line flags when starting Alertmanager.
properties:
getConcurrency:
description: Maximum number of GET requests processed concurrently.
This corresponds to the Alertmanager's `--web.get-concurrency`
flag.
format: int32
type: integer
httpConfig:
description: Defines HTTP parameters for web server.
properties:
@ -6876,6 +7010,11 @@ spec:
a rolling update will be triggered.
type: boolean
type: object
timeout:
description: Timeout for HTTP requests. This corresponds to the
Alertmanager's `--web.timeout` flag.
format: int32
type: integer
tlsConfig:
description: Defines the TLS parameters for HTTPS.
properties:
@ -7040,7 +7179,7 @@ spec:
description: The current state of the Alertmanager object.
items:
description: Condition represents the state of the resources associated
with the Prometheus or Alertmanager resource.
with the Prometheus, Alertmanager or ThanosRuler resource.
properties:
lastTransitionTime:
description: lastTransitionTime is the time of the last update

View File

@ -1,10 +1,11 @@
# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.63.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.11.1
argocd.argoproj.io/sync-options: ServerSideApply=true
creationTimestamp: null
name: podmonitors.monitoring.coreos.com
spec:
@ -241,6 +242,10 @@ spec:
- Lowercase
- uppercase
- Uppercase
- keepequal
- KeepEqual
- dropequal
- DropEqual
type: string
modulus:
description: Modulus to take of the hash of the source
@ -421,6 +426,10 @@ spec:
- Lowercase
- uppercase
- Uppercase
- keepequal
- KeepEqual
- dropequal
- DropEqual
type: string
modulus:
description: Modulus to take of the hash of the source
@ -460,7 +469,13 @@ spec:
type: object
type: array
scheme:
description: HTTP scheme to use for scraping.
description: HTTP scheme to use for scraping. `http` and `https`
are the expected values unless you rewrite the `__scheme__`
label via relabeling. If empty, Prometheus uses the default
value `http`.
enum:
- http
- https
type: string
scrapeTimeout:
description: Timeout after which the scrape is ended If not

View File

@ -1,10 +1,11 @@
# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.63.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.11.1
argocd.argoproj.io/sync-options: ServerSideApply=true
creationTimestamp: null
name: probes.monitoring.coreos.com
spec:
@ -190,6 +191,10 @@ spec:
- Lowercase
- uppercase
- Uppercase
- keepequal
- KeepEqual
- dropequal
- DropEqual
type: string
modulus:
description: Modulus to take of the hash of the source label
@ -329,7 +334,13 @@ spec:
description: Optional ProxyURL.
type: string
scheme:
description: HTTP scheme to use for scraping. Defaults to `http`.
description: HTTP scheme to use for scraping. `http` and `https`
are the expected values unless you rewrite the `__scheme__`
label via relabeling. If empty, Prometheus uses the default
value `http`.
enum:
- http
- https
type: string
url:
description: Mandatory URL of the prober.
@ -344,7 +355,7 @@ spec:
type: integer
scrapeTimeout:
description: Timeout for scraping metrics from the Prometheus exporter.
If not specified, the Prometheus global scrape interval is used.
If not specified, the Prometheus global scrape timeout is used.
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
targetLimit:
@ -411,6 +422,10 @@ spec:
- Lowercase
- uppercase
- Uppercase
- keepequal
- KeepEqual
- dropequal
- DropEqual
type: string
modulus:
description: Modulus to take of the hash of the source
@ -540,6 +555,10 @@ spec:
- Lowercase
- uppercase
- Uppercase
- keepequal
- KeepEqual
- dropequal
- DropEqual
type: string
modulus:
description: Modulus to take of the hash of the source

View File

@ -1,10 +1,11 @@
# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.63.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.11.1
argocd.argoproj.io/sync-options: ServerSideApply=true
creationTimestamp: null
name: prometheusrules.monitoring.coreos.com
spec:
@ -52,6 +53,11 @@ spec:
are evaluated.
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
limit:
description: Limit the number of alerts an alerting rule and
series a recording rule can produce. Limit is supported starting
with Prometheus >= 2.31 and Thanos Ruler >= 0.24.
type: integer
name:
description: Name of the rule group.
minLength: 1
@ -90,6 +96,13 @@ spec:
been returned for this long.
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
keep_firing_for:
description: KeepFiringFor defines how long an alert will
continue firing after the condition that triggered it
has cleared.
minLength: 1
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
labels:
additionalProperties:
type: string
@ -106,7 +119,6 @@ spec:
type: array
required:
- name
- rules
type: object
type: array
x-kubernetes-list-map-keys:

View File

@ -0,0 +1,358 @@
# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_scrapeconfigs.yaml
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.11.1
argocd.argoproj.io/sync-options: ServerSideApply=true
creationTimestamp: null
name: scrapeconfigs.monitoring.coreos.com
spec:
group: monitoring.coreos.com
names:
categories:
- prometheus-operator
kind: ScrapeConfig
listKind: ScrapeConfigList
plural: scrapeconfigs
shortNames:
- scfg
singular: scrapeconfig
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: ScrapeConfig defines a namespaced Prometheus scrape_config to
be aggregated across multiple namespaces into the Prometheus configuration.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ScrapeConfigSpec is a specification of the desired configuration
for a scrape configuration.
properties:
authorization:
description: Authorization header to use on every scrape request.
properties:
credentials:
description: The secret's key that contains the credentials of
the request
properties:
key:
description: The key of the secret to select from. Must be
a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must be
defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type:
description: Set the authentication type. Defaults to Bearer,
Basic will cause an error
type: string
type: object
basicAuth:
description: BasicAuth information to use on every scrape request.
properties:
password:
description: The secret in the service monitor namespace that
contains the password for authentication.
properties:
key:
description: The key of the secret to select from. Must be
a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must be
defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
username:
description: The secret in the service monitor namespace that
contains the username for authentication.
properties:
key:
description: The key of the secret to select from. Must be
a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must be
defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
fileSDConfigs:
description: FileSDConfigs defines a list of file service discovery
configurations.
items:
description: FileSDConfig defines a Prometheus file service discovery
configuration See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#file_sd_config
properties:
files:
description: 'List of files to be used for file discovery. Recommendation:
use absolute paths. While relative paths work, the prometheus-operator
project makes no guarantees about the working directory where
the configuration file is stored. Files must be mounted using
Prometheus.ConfigMaps or Prometheus.Secrets.'
items:
description: SDFile represents a file used for service discovery
pattern: ^[^*]*(\*[^/]*)?\.(json|yml|yaml|JSON|YML|YAML)$
type: string
minItems: 1
type: array
refreshInterval:
description: RefreshInterval configures the refresh interval
at which Prometheus will reload the content of the files.
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
required:
- files
type: object
type: array
honorLabels:
description: HonorLabels chooses the metric's labels on collisions
with target labels.
type: boolean
honorTimestamps:
description: HonorTimestamps controls whether Prometheus respects
the timestamps present in scraped data.
type: boolean
httpSDConfigs:
description: HTTPSDConfigs defines a list of HTTP service discovery
configurations.
items:
description: HTTPSDConfig defines a prometheus HTTP service discovery
configuration See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#http_sd_config
properties:
authorization:
description: Authorization header configuration to authenticate
against the target HTTP endpoint.
properties:
credentials:
description: The secret's key that contains the credentials
of the request
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type:
description: Set the authentication type. Defaults to Bearer,
Basic will cause an error
type: string
type: object
basicAuth:
description: 'BasicAuth information to authenticate against
the target HTTP endpoint. More info: https://prometheus.io/docs/operating/configuration/#endpoints'
properties:
password:
description: The secret in the service monitor namespace
that contains the password for authentication.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
username:
description: The secret in the service monitor namespace
that contains the username for authentication.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
refreshInterval:
description: RefreshInterval configures the refresh interval
at which Prometheus will re-query the endpoint to update the
target list.
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
url:
description: URL from which the targets are fetched.
minLength: 1
pattern: ^http(s)?://.+$
type: string
required:
- url
type: object
type: array
metricsPath:
description: MetricsPath HTTP path to scrape for metrics. If empty,
Prometheus uses the default value (e.g. /metrics).
type: string
relabelings:
description: 'RelabelConfigs defines how to rewrite the target''s
labels before scraping. Prometheus Operator automatically adds relabelings
for a few standard Kubernetes fields. The original scrape job''s
name is available via the `__tmp_prometheus_job_name` label. More
info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config'
items:
description: 'RelabelConfig allows dynamic rewriting of the label
set, being applied to samples before ingestion. It defines `<metric_relabel_configs>`-section
of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
properties:
action:
default: replace
description: Action to perform based on regex matching. Default
is 'replace'. uppercase and lowercase actions require Prometheus
>= 2.36.
enum:
- replace
- Replace
- keep
- Keep
- drop
- Drop
- hashmod
- HashMod
- labelmap
- LabelMap
- labeldrop
- LabelDrop
- labelkeep
- LabelKeep
- lowercase
- Lowercase
- uppercase
- Uppercase
- keepequal
- KeepEqual
- dropequal
- DropEqual
type: string
modulus:
description: Modulus to take of the hash of the source label
values.
format: int64
type: integer
regex:
description: Regular expression against which the extracted
value is matched. Default is '(.*)'
type: string
replacement:
description: Replacement value against which a regex replace
is performed if the regular expression matches. Regex capture
groups are available. Default is '$1'
type: string
separator:
description: Separator placed between concatenated source label
values. default is ';'.
type: string
sourceLabels:
description: The source labels select values from existing labels.
Their content is concatenated using the configured separator
and matched against the configured regular expression for
the replace, keep, and drop actions.
items:
description: LabelName is a valid Prometheus label name which
may only contain ASCII letters, numbers, as well as underscores.
pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
type: string
type: array
targetLabel:
description: Label to which the resulting value is written in
a replace action. It is mandatory for replace actions. Regex
capture groups are available.
type: string
type: object
type: array
staticConfigs:
description: StaticConfigs defines a list of static targets with a
common label set.
items:
description: StaticConfig defines a Prometheus static configuration.
See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scrape_config
properties:
labels:
additionalProperties:
type: string
description: Labels assigned to all metrics scraped from the
targets.
type: object
x-kubernetes-map-type: atomic
targets:
description: List of targets for this static configuration.
items:
description: Target represents a target for Prometheus to
scrape
type: string
type: array
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true

View File

@ -1,10 +1,11 @@
# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.63.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.11.1
argocd.argoproj.io/sync-options: ServerSideApply=true
creationTimestamp: null
name: servicemonitors.monitoring.coreos.com
spec:
@ -210,6 +211,10 @@ spec:
- Lowercase
- uppercase
- Uppercase
- keepequal
- KeepEqual
- dropequal
- DropEqual
type: string
modulus:
description: Modulus to take of the hash of the source
@ -390,6 +395,10 @@ spec:
- Lowercase
- uppercase
- Uppercase
- keepequal
- KeepEqual
- dropequal
- DropEqual
type: string
modulus:
description: Modulus to take of the hash of the source
@ -429,7 +438,13 @@ spec:
type: object
type: array
scheme:
description: HTTP scheme to use for scraping.
description: HTTP scheme to use for scraping. `http` and `https`
are the expected values unless you rewrite the `__scheme__`
label via relabeling. If empty, Prometheus uses the default
value `http`.
enum:
- http
- https
type: string
scrapeTimeout:
description: Timeout after which the scrape is ended If not

View File

@ -1,10 +1,11 @@
# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.63.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.11.1
argocd.argoproj.io/sync-options: ServerSideApply=true
creationTimestamp: null
name: thanosrulers.monitoring.coreos.com
spec:
@ -21,10 +22,24 @@ spec:
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: The version of Thanos Ruler
jsonPath: .spec.version
name: Version
type: string
- description: The number of desired replicas
jsonPath: .spec.replicas
name: Replicas
type: integer
- description: The number of ready replicas
jsonPath: .status.availableReplicas
name: Ready
type: integer
- jsonPath: .status.conditions[?(@.type == 'Reconciled')].status
name: Reconciled
type: string
- jsonPath: .status.conditions[?(@.type == 'Available')].status
name: Available
type: string
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
@ -1234,7 +1249,9 @@ spec:
to be used in HTTP probes
properties:
name:
description: The header field name
description: The header field name. This will
be canonicalized upon output, so case-variant
names will be understood as the same header.
type: string
value:
description: The header field value
@ -1330,7 +1347,9 @@ spec:
to be used in HTTP probes
properties:
name:
description: The header field name
description: The header field name. This will
be canonicalized upon output, so case-variant
names will be understood as the same header.
type: string
value:
description: The header field value
@ -1410,8 +1429,6 @@ spec:
type: integer
grpc:
description: GRPC specifies an action involving a GRPC port.
This is a beta field and requires enabling GRPCContainerProbe
feature gate.
properties:
port:
description: Port number of the gRPC service. Number
@ -1443,7 +1460,9 @@ spec:
to be used in HTTP probes
properties:
name:
description: The header field name
description: The header field name. This will
be canonicalized upon output, so case-variant
names will be understood as the same header.
type: string
value:
description: The header field value
@ -1612,8 +1631,6 @@ spec:
type: integer
grpc:
description: GRPC specifies an action involving a GRPC port.
This is a beta field and requires enabling GRPCContainerProbe
feature gate.
properties:
port:
description: Port number of the gRPC service. Number
@ -1645,7 +1662,9 @@ spec:
to be used in HTTP probes
properties:
name:
description: The header field name
description: The header field name. This will
be canonicalized upon output, so case-variant
names will be understood as the same header.
type: string
value:
description: The header field value
@ -1734,6 +1753,26 @@ spec:
format: int32
type: integer
type: object
resizePolicy:
description: Resources resize policy for the container.
items:
description: ContainerResizePolicy represents resource resize
policy for the container.
properties:
resourceName:
description: 'Name of the resource to which this resource
resize policy applies. Supported values: cpu, memory.'
type: string
restartPolicy:
description: Restart policy to apply when specified resource
is resized. If not specified, it defaults to NotRequired.
type: string
required:
- resourceName
- restartPolicy
type: object
type: array
x-kubernetes-list-type: atomic
resources:
description: 'Compute Resources required by this container.
Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
@ -1742,7 +1781,8 @@ spec:
description: "Claims lists the names of resources, defined
in spec.resourceClaims, that are used by this container.
\n This is an alpha field and requires enabling the DynamicResourceAllocation
feature gate. \n This field is immutable."
feature gate. \n This field is immutable. It can only
be set for containers."
items:
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
properties:
@ -1779,8 +1819,8 @@ spec:
description: 'Requests describes the minimum amount of compute
resources required. If Requests is omitted for a container,
it defaults to Limits if that is explicitly specified,
otherwise to an implementation-defined value. More info:
https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
otherwise to an implementation-defined value. Requests
cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
type: object
type: object
securityContext:
@ -1993,8 +2033,6 @@ spec:
type: integer
grpc:
description: GRPC specifies an action involving a GRPC port.
This is a beta field and requires enabling GRPCContainerProbe
feature gate.
properties:
port:
description: Port number of the gRPC service. Number
@ -2026,7 +2064,9 @@ spec:
to be used in HTTP probes
properties:
name:
description: The header field name
description: The header field name. This will
be canonicalized upon output, so case-variant
names will be understood as the same header.
type: string
value:
description: The header field value
@ -2253,7 +2293,7 @@ spec:
type: string
name:
description: Name of the referent. When not set, all resources
are matched.
in the namespace are matched.
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
@ -2713,7 +2753,9 @@ spec:
to be used in HTTP probes
properties:
name:
description: The header field name
description: The header field name. This will
be canonicalized upon output, so case-variant
names will be understood as the same header.
type: string
value:
description: The header field value
@ -2809,7 +2851,9 @@ spec:
to be used in HTTP probes
properties:
name:
description: The header field name
description: The header field name. This will
be canonicalized upon output, so case-variant
names will be understood as the same header.
type: string
value:
description: The header field value
@ -2889,8 +2933,6 @@ spec:
type: integer
grpc:
description: GRPC specifies an action involving a GRPC port.
This is a beta field and requires enabling GRPCContainerProbe
feature gate.
properties:
port:
description: Port number of the gRPC service. Number
@ -2922,7 +2964,9 @@ spec:
to be used in HTTP probes
properties:
name:
description: The header field name
description: The header field name. This will
be canonicalized upon output, so case-variant
names will be understood as the same header.
type: string
value:
description: The header field value
@ -3091,8 +3135,6 @@ spec:
type: integer
grpc:
description: GRPC specifies an action involving a GRPC port.
This is a beta field and requires enabling GRPCContainerProbe
feature gate.
properties:
port:
description: Port number of the gRPC service. Number
@ -3124,7 +3166,9 @@ spec:
to be used in HTTP probes
properties:
name:
description: The header field name
description: The header field name. This will
be canonicalized upon output, so case-variant
names will be understood as the same header.
type: string
value:
description: The header field value
@ -3213,6 +3257,26 @@ spec:
format: int32
type: integer
type: object
resizePolicy:
description: Resources resize policy for the container.
items:
description: ContainerResizePolicy represents resource resize
policy for the container.
properties:
resourceName:
description: 'Name of the resource to which this resource
resize policy applies. Supported values: cpu, memory.'
type: string
restartPolicy:
description: Restart policy to apply when specified resource
is resized. If not specified, it defaults to NotRequired.
type: string
required:
- resourceName
- restartPolicy
type: object
type: array
x-kubernetes-list-type: atomic
resources:
description: 'Compute Resources required by this container.
Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
@ -3221,7 +3285,8 @@ spec:
description: "Claims lists the names of resources, defined
in spec.resourceClaims, that are used by this container.
\n This is an alpha field and requires enabling the DynamicResourceAllocation
feature gate. \n This field is immutable."
feature gate. \n This field is immutable. It can only
be set for containers."
items:
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
properties:
@ -3258,8 +3323,8 @@ spec:
description: 'Requests describes the minimum amount of compute
resources required. If Requests is omitted for a container,
it defaults to Limits if that is explicitly specified,
otherwise to an implementation-defined value. More info:
https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
otherwise to an implementation-defined value. Requests
cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
type: object
type: object
securityContext:
@ -3472,8 +3537,6 @@ spec:
type: integer
grpc:
description: GRPC specifies an action involving a GRPC port.
This is a beta field and requires enabling GRPCContainerProbe
feature gate.
properties:
port:
description: Port number of the gRPC service. Number
@ -3505,7 +3568,9 @@ spec:
to be used in HTTP probes
properties:
name:
description: The header field name
description: The header field name. This will
be canonicalized upon output, so case-variant
names will be understood as the same header.
type: string
value:
description: The header field value
@ -3804,8 +3869,9 @@ spec:
type: string
type: object
portName:
description: Port name used for the pods and governing service. This
defaults to web
default: web
description: Port name used for the pods and governing service. Defaults
to `web`.
type: string
priorityClassName:
description: Priority class assigned to the Pods
@ -3822,10 +3888,10 @@ spec:
while enforcing namespace label for alerts and metrics.
properties:
ruleName:
description: RuleNamespace - name of excluded rule
description: Name of the excluded PrometheusRule object.
type: string
ruleNamespace:
description: RuleNamespace - namespace of excluded rule
description: Namespace of the excluded PrometheusRule object.
type: string
required:
- ruleName
@ -3871,7 +3937,8 @@ spec:
description: "Claims lists the names of resources, defined in
spec.resourceClaims, that are used by this container. \n This
is an alpha field and requires enabling the DynamicResourceAllocation
feature gate. \n This field is immutable."
feature gate. \n This field is immutable. It can only be set
for containers."
items:
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
properties:
@ -3907,7 +3974,8 @@ spec:
description: 'Requests describes the minimum amount of compute
resources required. If Requests is omitted for a container,
it defaults to Limits if that is explicitly specified, otherwise
to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
to an implementation-defined value. Requests cannot exceed Limits.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
type: object
type: object
retention:
@ -4190,14 +4258,13 @@ spec:
description: Storage spec to specify how storage shall be used.
properties:
disableMountSubPath:
description: 'Deprecated: subPath usage will be disabled by default
in a future release, this option will become unnecessary. DisableMountSubPath
allows to remove any subPath usage in volume mounts.'
description: '*Deprecated: subPath usage will be removed in a
future release.*'
type: boolean
emptyDir:
description: 'EmptyDirVolumeSource to be used by the StatefulSet.
If specified, used in place of any volumeClaimTemplate. More
info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir'
If specified, it takes precedence over `ephemeral` and `volumeClaimTemplate`.
More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir'
properties:
medium:
description: 'medium represents what type of storage medium
@ -4215,14 +4282,14 @@ spec:
medium EmptyDir would be the minimum value between the SizeLimit
specified here and the sum of memory limits of all containers
in a pod. The default is nil which means that the limit
is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
ephemeral:
description: 'EphemeralVolumeSource to be used by the StatefulSet.
This is a beta field in k8s 1.21, for lower versions, starting
with k8s 1.19, it requires enabling the GenericEphemeralVolume
This is a beta field in k8s 1.21 and GA in 1.15. For lower versions,
starting with k8s 1.19, it requires enabling the GenericEphemeralVolume
feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes'
properties:
volumeClaimTemplate:
@ -4370,7 +4437,8 @@ spec:
defined in spec.resourceClaims, that are used
by this container. \n This is an alpha field
and requires enabling the DynamicResourceAllocation
feature gate. \n This field is immutable."
feature gate. \n This field is immutable. It
can only be set for containers."
items:
description: ResourceClaim references one entry
in PodSpec.ResourceClaims.
@ -4409,8 +4477,8 @@ spec:
of compute resources required. If Requests is
omitted for a container, it defaults to Limits
if that is explicitly specified, otherwise to
an implementation-defined value. More info:
https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
an implementation-defined value. Requests cannot
exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
type: object
type: object
selector:
@ -4481,10 +4549,10 @@ spec:
type: object
type: object
volumeClaimTemplate:
description: A PVC spec to be used by the StatefulSet. The easiest
way to use a volume that cannot be automatically provisioned
(for whatever reason) is to use a label selector alongside manually
created PersistentVolumes.
description: Defines the PVC spec to be used by the Prometheus
StatefulSets. The easiest way to use a volume that cannot be
automatically provisioned is to use a label selector alongside
manually created PersistentVolumes.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this
@ -4529,8 +4597,8 @@ spec:
type: string
type: object
spec:
description: 'Spec defines the desired characteristics of
a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
description: 'Defines the desired characteristics of a volume
requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
properties:
accessModes:
description: 'accessModes contains the desired access
@ -4637,7 +4705,8 @@ spec:
defined in spec.resourceClaims, that are used by
this container. \n This is an alpha field and requires
enabling the DynamicResourceAllocation feature gate.
\n This field is immutable."
\n This field is immutable. It can only be set for
containers."
items:
description: ResourceClaim references one entry
in PodSpec.ResourceClaims.
@ -4676,7 +4745,8 @@ spec:
of compute resources required. If Requests is omitted
for a container, it defaults to Limits if that is
explicitly specified, otherwise to an implementation-defined
value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
value. Requests cannot exceed Limits. More info:
https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
type: object
type: object
selector:
@ -4741,8 +4811,7 @@ spec:
type: string
type: object
status:
description: 'Status represents the current information/status
of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
description: '*Deprecated: this field is never set.*'
properties:
accessModes:
description: 'accessModes contains the actual access modes
@ -4786,7 +4855,7 @@ spec:
volume claim. If underlying persistent volume is being
resized then the Condition will be set to 'ResizeStarted'.
items:
description: PersistentVolumeClaimCondition contails
description: PersistentVolumeClaimCondition contains
details about state of pvc
properties:
lastProbeTime:
@ -4928,14 +4997,18 @@ spec:
type: object
x-kubernetes-map-type: atomic
matchLabelKeys:
description: MatchLabelKeys is a set of pod label keys to select
description: "MatchLabelKeys is a set of pod label keys to select
the pods over which spreading will be calculated. The keys
are used to lookup values from the incoming pod labels, those
key-value labels are ANDed with labelSelector to select the
group of existing pods over which spreading will be calculated
for the incoming pod. Keys that don't exist in the incoming
pod labels will be ignored. A null or empty list means only
match against labelSelector.
for the incoming pod. The same key is forbidden to exist in
both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot
be set when LabelSelector isn't set. Keys that don't exist
in the incoming pod labels will be ignored. A null or empty
list means only match against labelSelector. \n This is a
beta field and requires the MatchLabelKeysInPodTopologySpread
feature gate to be enabled (enabled by default)."
items:
type: string
type: array
@ -5070,6 +5143,48 @@ spec:
version:
description: Version of Thanos to be deployed.
type: string
volumeMounts:
description: VolumeMounts allows configuration of additional VolumeMounts
on the output StatefulSet definition. VolumeMounts specified will
be appended to other VolumeMounts in the ruler container, that are
generated as a result of StorageSpec objects.
items:
description: VolumeMount describes a mounting of a Volume within
a container.
properties:
mountPath:
description: Path within the container at which the volume should
be mounted. Must not contain ':'.
type: string
mountPropagation:
description: mountPropagation determines how mounts are propagated
from the host to container and the other way around. When
not set, MountPropagationNone is used. This field is beta
in 1.10.
type: string
name:
description: This must match the Name of a Volume.
type: string
readOnly:
description: Mounted read-only if true, read-write otherwise
(false or unspecified). Defaults to false.
type: boolean
subPath:
description: Path within the volume from which the container's
volume should be mounted. Defaults to "" (volume's root).
type: string
subPathExpr:
description: Expanded path within the volume from which the
container's volume should be mounted. Behaves similarly to
SubPath but environment variable references $(VAR_NAME) are
expanded using the container's environment. Defaults to ""
(volume's root). SubPathExpr and SubPath are mutually exclusive.
type: string
required:
- mountPath
- name
type: object
type: array
volumes:
description: Volumes allows configuration of additional volumes on
the output StatefulSet definition. Volumes specified will be appended
@ -5459,7 +5574,7 @@ spec:
medium EmptyDir would be the minimum value between the
SizeLimit specified here and the sum of memory limits
of all containers in a pod. The default is nil which means
that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
@ -5631,7 +5746,8 @@ spec:
defined in spec.resourceClaims, that are used
by this container. \n This is an alpha field
and requires enabling the DynamicResourceAllocation
feature gate. \n This field is immutable."
feature gate. \n This field is immutable.
It can only be set for containers."
items:
description: ResourceClaim references one
entry in PodSpec.ResourceClaims.
@ -5671,8 +5787,8 @@ spec:
amount of compute resources required. If Requests
is omitted for a container, it defaults to
Limits if that is explicitly specified, otherwise
to an implementation-defined value. More info:
https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
to an implementation-defined value. Requests
cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
type: object
type: object
selector:
@ -6633,14 +6749,54 @@ spec:
type: object
status:
description: 'Most recent observed status of the ThanosRuler cluster.
Read-only. Not included when requesting from the apiserver, only from
the ThanosRuler Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
Read-only. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
properties:
availableReplicas:
description: Total number of available pods (ready for at least minReadySeconds)
targeted by this ThanosRuler deployment.
format: int32
type: integer
conditions:
description: The current state of the Alertmanager object.
items:
description: Condition represents the state of the resources associated
with the Prometheus, Alertmanager or ThanosRuler resource.
properties:
lastTransitionTime:
description: lastTransitionTime is the time of the last update
to the current status property.
format: date-time
type: string
message:
description: Human-readable message indicating details for the
condition's last transition.
type: string
observedGeneration:
description: ObservedGeneration represents the .metadata.generation
that the condition was set based upon. For instance, if `.metadata.generation`
is currently 12, but the `.status.conditions[].observedGeneration`
is 9, the condition is out of date with respect to the current
state of the instance.
format: int64
type: integer
reason:
description: Reason for the condition's last transition.
type: string
status:
description: Status of the condition.
type: string
type:
description: Type of the condition being reported.
type: string
required:
- lastTransitionTime
- status
- type
type: object
type: array
x-kubernetes-list-map-keys:
- type
x-kubernetes-list-type: map
paused:
description: Represents whether any actions on the underlying managed
objects are being performed. Only delete actions will be performed.
@ -6672,4 +6828,5 @@ spec:
type: object
served: true
storage: true
subresources: {}
subresources:
status: {}

View File

@ -1,8 +1,18 @@
annotations:
artifacthub.io/license: AGPL-3.0-only
artifacthub.io/links: |
- name: Chart Source
url: https://github.com/grafana/helm-charts
- name: Upstream Project
url: https://github.com/grafana/grafana
apiVersion: v2
appVersion: 9.5.1
appVersion: 10.0.3
description: The leading tool for querying and visualizing time series and metrics.
home: https://grafana.net
icon: https://raw.githubusercontent.com/grafana/grafana/master/public/img/logo_transparent_400x.png
keywords:
- monitoring
- metric
kubeVersion: ^1.8.0-0
maintainers:
- email: zanhsieh@gmail.com
@ -18,5 +28,6 @@ maintainers:
name: grafana
sources:
- https://github.com/grafana/grafana
- https://github.com/grafana/helm-charts
type: application
version: 6.56.2
version: 6.58.9

View File

@ -121,7 +121,7 @@ This version requires Helm >= 3.1.0.
| `envFromSecret` | Name of a Kubernetes secret (must be manually created in the same namespace) containing values to be added to the environment. Can be templated | `""` |
| `envFromSecrets` | List of Kubernetes secrets (must be manually created in the same namespace) containing values to be added to the environment. Can be templated | `[]` |
| `envFromConfigMaps` | List of Kubernetes ConfigMaps (must be manually created in the same namespace) containing values to be added to the environment. Can be templated | `[]` |
| `envRenderSecret` | Sensible environment variables passed to pods and stored as secret | `{}` |
| `envRenderSecret` | Sensible environment variables passed to pods and stored as secret. (passed through [tpl](https://helm.sh/docs/howto/charts_tips_and_tricks/#using-the-tpl-function)) | `{}` |
| `enableServiceLinks` | Inject Kubernetes services as environment variables. | `true` |
| `extraSecretMounts` | Additional grafana server secret mounts | `[]` |
| `extraVolumeMounts` | Additional grafana server volume mounts | `[]` |
@ -147,7 +147,7 @@ This version requires Helm >= 3.1.0.
| `podPortName` | Name of the grafana port on the pod | `grafana` |
| `lifecycleHooks` | Lifecycle hooks for podStart and preStop [Example](https://kubernetes.io/docs/tasks/configure-pod-container/attach-handler-lifecycle-event/#define-poststart-and-prestop-handlers) | `{}` |
| `sidecar.image.repository` | Sidecar image repository | `quay.io/kiwigrid/k8s-sidecar` |
| `sidecar.image.tag` | Sidecar image tag | `1.22.0` |
| `sidecar.image.tag` | Sidecar image tag | `1.24.6` |
| `sidecar.image.sha` | Sidecar image sha (optional) | `""` |
| `sidecar.imagePullPolicy` | Sidecar image pull policy | `IfNotPresent` |
| `sidecar.resources` | Sidecar resources | `{}` |
@ -162,6 +162,7 @@ This version requires Helm >= 3.1.0.
| `sidecar.alerts.reloadURL` | Full url of datasource configuration reload API endpoint, to invoke after a config-map change | `"http://localhost:3000/api/admin/provisioning/alerting/reload"` |
| `sidecar.alerts.skipReload` | Enabling this omits defining the REQ_URL and REQ_METHOD environment variables | `false` |
| `sidecar.alerts.initDatasources` | Set to true to deploy the datasource sidecar as an initContainer in addition to a container. This is needed if skipReload is true, to load any alerts defined at startup time. | `false` |
| `sidecar.alerts.extraMounts` | Additional alerts sidecar volume mounts. | `[]` |
| `sidecar.dashboards.enabled` | Enables the cluster wide search for dashboards and adds/updates/deletes them in grafana | `false` |
| `sidecar.dashboards.SCProvider` | Enables creation of sidecar provider | `true` |
| `sidecar.dashboards.provider.name` | Unique name of the grafana provider | `sidecarProvider` |
@ -181,7 +182,7 @@ This version requires Helm >= 3.1.0.
| `sidecar.dashboards.searchNamespace` | Namespaces list. If specified, the sidecar will search for dashboards config-maps inside these namespaces. Otherwise the namespace in which the sidecar is running will be used. It's also possible to specify ALL to search in all namespaces. | `nil` |
| `sidecar.dashboards.script` | Absolute path to shell script to execute after a configmap got reloaded. | `nil` |
| `sidecar.dashboards.reloadURL` | Full url of dashboards configuration reload API endpoint, to invoke after a config-map change | `"http://localhost:3000/api/admin/provisioning/dashboards/reload"` |
| `sidecar.dashboards.skipReload` | Enabling this omits defining the REQ_URL and REQ_METHOD environment variables | `false` |
| `sidecar.dashboards.skipReload` | Enabling this omits defining the REQ_USERNAME, REQ_PASSWORD, REQ_URL and REQ_METHOD environment variables | `false` |
| `sidecar.dashboards.resource` | Should the sidecar looks into secrets, configmaps or both. | `both` |
| `sidecar.dashboards.extraMounts` | Additional dashboard sidecar volume mounts. | `[]` |
| `sidecar.datasources.enabled` | Enables the cluster wide search for datasources and adds/updates/deletes them in grafana |`false` |
@ -244,7 +245,8 @@ This version requires Helm >= 3.1.0.
| `serviceMonitor.tlsConfig` | TLS configuration block for the endpoint | `{}` |
| `serviceMonitor.labels` | Labels for the servicemonitor passed to Prometheus Operator | `{}` |
| `serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `30s` |
| `serviceMonitor.relabelings` | MetricRelabelConfigs to apply to samples before ingestion. | `[]` |
| `serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping. | `[]` |
| `serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion. | `[]` |
| `revisionHistoryLimit` | Number of old ReplicaSets to retain | `10` |
| `imageRenderer.enabled` | Enable the image-renderer deployment & service | `false` |
| `imageRenderer.image.repository` | image-renderer Image repository | `grafana/grafana-image-renderer` |
@ -267,7 +269,7 @@ This version requires Helm >= 3.1.0.
| `imageRenderer.revisionHistoryLimit` | number of image-renderer replica sets to keep | `10` |
| `imageRenderer.networkPolicy.limitIngress` | Enable a NetworkPolicy to limit inbound traffic from only the created grafana pods | `true` |
| `imageRenderer.networkPolicy.limitEgress` | Enable a NetworkPolicy to limit outbound traffic to only the created grafana pods | `false` |
| `imageRenderer.resources` | Set resource limits for image-renderer pdos | `{}` |
| `imageRenderer.resources` | Set resource limits for image-renderer pods | `{}` |
| `imageRenderer.nodeSelector` | Node labels for pod assignment | `{}` |
| `imageRenderer.tolerations` | Toleration labels for pod assignment | `[]` |
| `imageRenderer.affinity` | Affinity settings for pod assignment | `{}` |

View File

@ -331,6 +331,9 @@ containers:
volumeMounts:
- name: sc-alerts-volume
mountPath: "/etc/grafana/provisioning/alerting"
{{- with .Values.sidecar.alerts.extraMounts }}
{{- toYaml . | trim | nindent 6 }}
{{- end }}
{{- end}}
{{- if .Values.sidecar.dashboards.enabled }}
- name: {{ include "grafana.name" . }}-sc-dashboard
@ -385,6 +388,7 @@ containers:
- name: SCRIPT
value: "{{ . }}"
{{- end }}
{{- if not .Values.sidecar.dashboards.skipReload }}
{{- if and (not .Values.env.GF_SECURITY_ADMIN_USER) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }}
- name: REQ_USERNAME
valueFrom:
@ -399,7 +403,6 @@ containers:
name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }}
key: {{ .Values.admin.passwordKey | default "admin-password" }}
{{- end }}
{{- if not .Values.sidecar.dashboards.skipReload }}
- name: REQ_URL
value: {{ .Values.sidecar.dashboards.reloadURL }}
- name: REQ_METHOD

View File

@ -9,6 +9,6 @@ metadata:
type: Opaque
data:
{{- range $key, $val := .Values.envRenderSecret }}
{{ $key }}: {{ $val | b64enc | quote }}
{{ $key }}: {{ tpl ($val | toString) $ | b64enc | quote }}
{{- end }}
{{- end }}

View File

@ -34,6 +34,10 @@ spec:
relabelings:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- with .Values.serviceMonitor.metricRelabelings }}
metricRelabelings:
{{- toYaml . | nindent 6 }}
{{- end }}
jobLabel: "{{ .Release.Name }}"
selector:
matchLabels:

View File

@ -112,6 +112,7 @@ securityContext:
fsGroup: 472
containerSecurityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
@ -206,6 +207,7 @@ serviceMonitor:
tlsConfig: {}
scrapeTimeout: 30s
relabelings: []
metricRelabelings: []
targetLabels: []
extraExposePorts: []
@ -451,7 +453,9 @@ envValueFrom: {}
envFromSecret: ""
## Sensible environment variables that will be rendered as new secret object
## This can be useful for auth tokens, etc
## This can be useful for auth tokens, etc.
## If the secret values contains "{{", they'll need to be properly escaped so that they are not interpreted by Helm
## ref: https://helm.sh/docs/howto/charts_tips_and_tricks/#using-the-tpl-function
envRenderSecret: {}
## The names of secrets in the same kubernetes namespace which contain values to be added to the environment
@ -518,6 +522,7 @@ extraVolumeMounts: []
# readOnly: true
# hostPath: /usr/shared/
# - name: grafana-secrets
# mountPath: /mnt/volume2
# csi: true
# data:
# driver: secrets-store.csi.k8s.io
@ -560,6 +565,8 @@ datasources: {}
# jsonData:
# authType: default
# defaultRegion: us-east-1
# deleteDatasources: []
# - name: Prometheus
## Configure grafana alerting (can be templated)
## ref: http://docs.grafana.org/administration/provisioning/#alerting
@ -787,7 +794,7 @@ smtp:
sidecar:
image:
repository: quay.io/kiwigrid/k8s-sidecar
tag: 1.22.0
tag: 1.24.6
sha: ""
imagePullPolicy: IfNotPresent
resources: {}
@ -847,6 +854,8 @@ sidecar:
script: null
skipReload: false
# Deploy the alert sidecar as an initContainer in addition to a container.
# Additional alert sidecar volume mounts
extraMounts: []
# Sets the size limit of the alert sidecar emptyDir volume
sizeLimit: {}
dashboards:

View File

@ -1,5 +1,10 @@
annotations:
artifacthub.io/license: Apache-2.0
artifacthub.io/links: |
- name: Chart Source
url: https://github.com/prometheus-community/helm-charts
apiVersion: v2
appVersion: 2.8.2
appVersion: 2.9.2
description: Install kube-state-metrics to generate and expose cluster-level metrics
home: https://github.com/kubernetes/kube-state-metrics/
keywords:
@ -18,4 +23,4 @@ name: kube-state-metrics
sources:
- https://github.com/kubernetes/kube-state-metrics/
type: application
version: 5.5.0
version: 5.10.1

View File

@ -0,0 +1,33 @@
{{- if and .Values.networkPolicy.enabled (eq .Values.networkPolicy.flavor "cilium") }}
apiVersion: cilium.io/v2
kind: CiliumNetworkPolicy
metadata:
{{- if .Values.annotations }}
annotations:
{{ toYaml .Values.annotations | nindent 4 }}
{{- end }}
labels:
{{- include "kube-state-metrics.labels" . | indent 4 }}
name: {{ template "kube-state-metrics.fullname" . }}
namespace: {{ template "kube-state-metrics.namespace" . }}
spec:
endpointSelector:
matchLabels:
{{- include "kube-state-metrics.selectorLabels" . | indent 6 }}
egress:
{{- if and .Values.networkPolicy.cilium .Values.networkPolicy.cilium.kubeApiServerSelector }}
{{ toYaml .Values.networkPolicy.cilium.kubeApiServerSelector | nindent 6 }}
{{- else }}
- toEntities:
- kube-apiserver
{{- end }}
ingress:
- toPorts:
- ports:
- port: {{ .Values.service.port | quote }}
protocol: TCP
{{- if .Values.selfMonitor.enabled }}
- port: {{ .Values.selfMonitor.telemetryPort | default 8081 | quote }}
protocol: TCP
{{ end }}
{{ end }}

View File

@ -0,0 +1,9 @@
{{- if .Values.customResourceState.enabled}}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "kube-state-metrics.fullname" . }}-customresourcestate-config
data:
config.yaml: |
{{- toYaml .Values.customResourceState.config | nindent 4 }}
{{- end }}

View File

@ -106,14 +106,22 @@ spec:
{{- if .Values.selfMonitor.telemetryPort }}
- --telemetry-port={{ $telemetryPort }}
{{- end }}
{{- if .Values.customResourceState.enabled }}
- --custom-resource-state-config-file=/etc/customresourcestate/config.yaml
{{- end }}
{{- if or (.Values.kubeconfig.enabled) (.Values.volumeMounts) }}
{{- end }}
{{- if or (.Values.kubeconfig.enabled) (.Values.customResourceState.enabled) (.Values.volumeMounts) }}
volumeMounts:
{{- if .Values.kubeconfig.enabled }}
- name: kubeconfig
mountPath: /opt/k8s/.kube/
readOnly: true
{{- end }}
{{- if .Values.customResourceState.enabled }}
- name: customresourcestate-config
mountPath: /etc/customresourcestate
readOnly: true
{{- end }}
{{- if .Values.volumeMounts }}
{{ toYaml .Values.volumeMounts | indent 8 }}
{{- end }}
@ -247,7 +255,7 @@ spec:
topologySpreadConstraints:
{{ toYaml .Values.topologySpreadConstraints | indent 8 }}
{{- end }}
{{- if or (.Values.kubeconfig.enabled) (.Values.volumes) (.Values.kubeRBACProxy.enabled) }}
{{- if or (.Values.kubeconfig.enabled) (.Values.customResourceState.enabled) (.Values.volumes) (.Values.kubeRBACProxy.enabled) }}
volumes:
{{- if .Values.kubeconfig.enabled}}
- name: kubeconfig
@ -259,6 +267,11 @@ spec:
configMap:
name: {{ template "kube-state-metrics.fullname" . }}-rbac-config
{{- end }}
{{- if .Values.customResourceState.enabled}}
- name: customresourcestate-config
configMap:
name: {{ template "kube-state-metrics.fullname" . }}-customresourcestate-config
{{- end }}
{{- if .Values.volumes }}
{{ toYaml .Values.volumes | indent 8 }}
{{- end }}

View File

@ -0,0 +1,4 @@
{{ range .Values.extraManifests }}
---
{{ tpl (toYaml .) $ }}
{{ end }}

View File

@ -1,15 +1,15 @@
{{- if .Values.networkPolicy.enabled }}
{{- if and .Values.networkPolicy.enabled (eq .Values.networkPolicy.flavor "kubernetes") }}
kind: NetworkPolicy
apiVersion: networking.k8s.io/v1
metadata:
labels:
{{- include "kube-state-metrics.labels" . | indent 4 }}
name: {{ template "kube-state-metrics.fullname" . }}
namespace: {{ template "kube-state-metrics.namespace" . }}
{{- if .Values.annotations }}
annotations:
{{ toYaml .Values.annotations | nindent 4 }}
{{- end }}
labels:
{{- include "kube-state-metrics.labels" . | indent 4 }}
name: {{ template "kube-state-metrics.fullname" . }}
namespace: {{ template "kube-state-metrics.namespace" . }}
spec:
{{- if .Values.networkPolicy.egress }}
## Deny all egress by default

View File

@ -3,6 +3,7 @@ apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "kube-state-metrics.fullname" . }}-rbac-config
namespace: {{ template "kube-state-metrics.namespace" . }}
data:
config-file.yaml: |+
authorization:

View File

@ -51,6 +51,12 @@ rules:
- endpoints
verbs: ["list", "watch"]
{{ end -}}
{{ if has "endpointslices" $.Values.collectors }}
- apiGroups: ["discovery.k8s.io"]
resources:
- endpointslices
verbs: ["list", "watch"]
{{ end -}}
{{ if has "horizontalpodautoscalers" $.Values.collectors }}
- apiGroups: ["autoscaling"]
resources:
@ -183,12 +189,6 @@ rules:
- volumeattachments
verbs: ["list", "watch"]
{{ end -}}
{{ if has "verticalpodautoscalers" $.Values.collectors }}
- apiGroups: ["autoscaling.k8s.io"]
resources:
- verticalpodautoscalers
verbs: ["list", "watch"]
{{ end -}}
{{- if $.Values.kubeRBACProxy.enabled }}
- apiGroups: ["authentication.k8s.io"]
resources:
@ -199,6 +199,12 @@ rules:
- subjectaccessreviews
verbs: ["create"]
{{- end }}
{{- if $.Values.customResourceState.enabled }}
- apiGroups: ["apiextensions.k8s.io"]
resources:
- customresourcedefinitions
verbs: ["list", "watch"]
{{- end }}
{{ if $.Values.rbac.extraRules }}
{{ toYaml $.Values.rbac.extraRules }}
{{ end }}

View File

@ -96,5 +96,12 @@ spec:
tlsConfig:
{{- toYaml .Values.prometheus.monitor.tlsConfig | nindent 8 }}
{{- end }}
{{- if .Values.prometheus.monitor.bearerTokenFile }}
bearerTokenFile: {{ .Values.prometheus.monitor.bearerTokenFile }}
{{- end }}
{{- with .Values.prometheus.monitor.bearerTokenSecret }}
bearerTokenSecret:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- end }}
{{- end }}

View File

@ -7,11 +7,19 @@ metadata:
labels:
{{- include "kube-state-metrics.labels" . | indent 4 }}
spec:
{{- with .Values.verticalPodAutoscaler.recommenders }}
recommenders:
{{- toYaml . | nindent 4 }}
{{- end }}
resourcePolicy:
containerPolicies:
- containerName: {{ template "kube-state-metrics.name" . }}
{{- if .Values.verticalPodAutoscaler.controlledResources }}
controlledResources: {{ .Values.verticalPodAutoscaler.controlledResources }}
{{- with .Values.verticalPodAutoscaler.controlledResources }}
controlledResources:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if .Values.verticalPodAutoscaler.controlledValues }}
controlledValues: {{ .Values.verticalPodAutoscaler.controlledValues }}
{{- end }}
{{- if .Values.verticalPodAutoscaler.maxAllowed }}
maxAllowed:
@ -23,12 +31,14 @@ spec:
{{- end }}
targetRef:
apiVersion: apps/v1
{{- if .Values.autosharding.enabled }}
kind: StatefulSet
{{- else }}
kind: Deployment
name: {{ template "kube-state-metrics.fullname" . }}
{{- if .Values.verticalPodAutoscaler.updatePolicy }}
updatePolicy:
{{- if .Values.verticalPodAutoscaler.updatePolicy.updateMode }}
updateMode: {{ .Values.verticalPodAutoscaler.updatePolicy.updateMode }}
{{- end }}
name: {{ template "kube-state-metrics.fullname" . }}
{{- with .Values.verticalPodAutoscaler.updatePolicy }}
updatePolicy:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}

View File

@ -202,6 +202,18 @@ podSecurityPolicy:
## Configure network policy for kube-state-metrics
networkPolicy:
enabled: false
# networkPolicy.flavor -- Flavor of the network policy to use.
# Can be:
# * kubernetes for networking.k8s.io/v1/NetworkPolicy
# * cilium for cilium.io/v2/CiliumNetworkPolicy
flavor: kubernetes
## Configure the cilium network policy kube-apiserver selector
# cilium:
# kubeApiServerSelector:
# - toEntities:
# - kube-apiserver
# egress:
# - {}
# ingress:
@ -315,7 +327,6 @@ collectors:
- storageclasses
- validatingwebhookconfigurations
- volumeattachments
# - verticalpodautoscalers # not a default resource, see also: https://github.com/kubernetes/kube-state-metrics#enabling-verticalpodautoscalers
# Enabling kubeconfig will pass the --kubeconfig argument to the container
kubeconfig:
@ -323,6 +334,12 @@ kubeconfig:
# base64 encoded kube-config file
secret:
# Enabling support for customResourceState, will create a configMap including your config that will be read from kube-state-metrics
customResourceState:
enabled: false
# Add (Cluster)Role permissions to list/watch the customResources defined in the config to rbac.extraRules
config: {}
# Enable only the release namespace for collecting resources. By default all namespaces are collected.
# If releaseNamespace and namespaces are both set a merged list will be collected.
releaseNamespace: false
@ -367,8 +384,17 @@ selfMonitor:
# Enable vertical pod autoscaler support for kube-state-metrics
verticalPodAutoscaler:
enabled: false
# Recommender responsible for generating recommendation for the object.
# List should be empty (then the default recommender will generate the recommendation)
# or contain exactly one recommender.
# recommenders: []
# - name: custom-recommender-performance
# List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory
controlledResources: []
# Specifies which resource values should be controlled: RequestsOnly or RequestsAndLimits.
# controlledValues: RequestsAndLimits
# Define the max allowed resources for the pod
maxAllowed: {}
@ -380,6 +406,8 @@ verticalPodAutoscaler:
# memory: 100Mi
# updatePolicy:
# Specifies minimal number of replicas which need to be alive for VPA Updater to attempt pod eviction
# minReplicas: 1
# Specifies whether recommended updates are applied when a Pod is started and whether recommended updates
# are applied during the life of a Pod. Possible values are "Off", "Initial", "Recreate", and "Auto".
# updateMode: Auto
@ -396,3 +424,13 @@ volumes: []
# - configMap:
# name: cm-for-volume
# name: config-volume
# Extra manifests to deploy as an array
extraManifests: []
# - apiVersion: v1
# kind: ConfigMap
# metadata:
# labels:
# name: prometheus-extra
# data:
# extra-data: "value"

View File

@ -1,5 +1,10 @@
annotations:
artifacthub.io/license: Apache-2.0
artifacthub.io/links: |
- name: Chart Source
url: https://github.com/prometheus-community/helm-charts
apiVersion: v2
appVersion: 1.5.0
appVersion: 1.6.0
description: A Helm chart for prometheus node-exporter
home: https://github.com/prometheus/node_exporter/
keywords:
@ -11,8 +16,10 @@ maintainers:
name: gianrubio
- email: zanhsieh@gmail.com
name: zanhsieh
- email: rootsandtrees@posteo.de
name: zeritti
name: prometheus-node-exporter
sources:
- https://github.com/prometheus/node_exporter/
type: application
version: 4.16.0
version: 4.21.0

View File

@ -41,6 +41,10 @@ helm upgrade [RELEASE_NAME] [CHART] --install
_See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documentation._
### 4.16 to 4.17+
`containerSecurityContext.readOnlyRootFilesystem` is set to `true` by default.
### 3.x to 4.x
Starting from version 4.0.0, the `node exporter` chart is using the [Kubernetes recommended labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/common-labels/). Therefore you have to delete the daemonset before you upgrade.

View File

@ -63,7 +63,9 @@ spec:
{{- end }}
env:
- name: HOST_IP
{{- if .Values.service.listenOnAllInterfaces }}
{{- if .Values.kubeRBACProxy.enabled }}
value: 127.0.0.1
{{- else if .Values.service.listenOnAllInterfaces }}
value: 0.0.0.0
{{- else }}
valueFrom:
@ -84,6 +86,9 @@ spec:
livenessProbe:
failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
httpGet:
{{- if .Values.kubeRBACProxy.enabled }}
host: 127.0.0.1
{{- end }}
httpHeaders:
{{- range $_, $header := .Values.livenessProbe.httpGet.httpHeaders }}
- name: {{ $header.name }}
@ -99,6 +104,9 @@ spec:
readinessProbe:
failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
httpGet:
{{- if .Values.kubeRBACProxy.enabled }}
host: 127.0.0.1
{{- end }}
httpHeaders:
{{- range $_, $header := .Values.readinessProbe.httpGet.httpHeaders }}
- name: {{ $header.name }}

View File

@ -0,0 +1,4 @@
{{ range .Values.extraManifests }}
---
{{ tpl (toYaml .) $ }}
{{ end }}

View File

@ -3,6 +3,7 @@ apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "prometheus-node-exporter.fullname" . }}-rbac-config
namespace: {{ include "prometheus-node-exporter.namespace" . }}
data:
config-file.yaml: |+
authorization:

View File

@ -10,6 +10,10 @@ metadata:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.service.ipDualStack.enabled }}
ipFamilies: {{ toYaml .Values.service.ipDualStack.ipFamilies | nindent 4 }}
ipFamilyPolicy: {{ .Values.service.ipDualStack.ipFamilyPolicy }}
{{- end }}
type: {{ .Values.service.type }}
ports:
- port: {{ .Values.service.port }}

View File

@ -7,11 +7,19 @@ metadata:
labels:
{{- include "prometheus-node-exporter.labels" . | nindent 4 }}
spec:
{{- with .Values.verticalPodAutoscaler.recommenders }}
recommenders:
{{- toYaml . | nindent 4 }}
{{- end }}
resourcePolicy:
containerPolicies:
- containerName: node-exporter
{{- with .Values.verticalPodAutoscaler.controlledResources }}
controlledResources: {{ . }}
controlledResources:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.verticalPodAutoscaler.controlledValues }}
controlledValues: {{ . }}
{{- end }}
{{- with .Values.verticalPodAutoscaler.maxAllowed }}
maxAllowed:
@ -25,10 +33,8 @@ spec:
apiVersion: apps/v1
kind: DaemonSet
name: {{ include "prometheus-node-exporter.fullname" . }}
{{- if .Values.verticalPodAutoscaler.updatePolicy }}
{{- with .Values.verticalPodAutoscaler.updatePolicy }}
updatePolicy:
{{- with .Values.verticalPodAutoscaler.updatePolicy.updateMode }}
updateMode: {{ . }}
{{- end }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}

View File

@ -11,6 +11,8 @@ image:
imagePullSecrets: []
# - name: "image-pull-secret"
nameOverride: ""
fullnameOverride: ""
global:
# To help compatibility with other charts which use global.imagePullSecrets.
@ -71,6 +73,10 @@ service:
listenOnAllInterfaces: true
annotations:
prometheus.io/scrape: "true"
ipDualStack:
enabled: false
ipFamilies: ["IPv6", "IPv4"]
ipFamilyPolicy: "PreferDualStack"
# Set a NetworkPolicy with:
# ingress only on service.port
@ -264,7 +270,8 @@ securityContext:
runAsNonRoot: true
runAsUser: 65534
containerSecurityContext: {}
containerSecurityContext:
readOnlyRootFilesystem: true
# capabilities:
# add:
# - SYS_TIME
@ -338,9 +345,9 @@ dnsConfig: {}
## Assign a nodeSelector if operating a hybrid cluster
##
nodeSelector: {}
# beta.kubernetes.io/arch: amd64
# beta.kubernetes.io/os: linux
nodeSelector:
kubernetes.io/os: linux
# kubernetes.io/arch: amd64
tolerations:
- effect: NoSchedule
@ -429,8 +436,17 @@ readinessProbe:
# Enable vertical pod autoscaler support for prometheus-node-exporter
verticalPodAutoscaler:
enabled: false
# Recommender responsible for generating recommendation for the object.
# List should be empty (then the default recommender will generate the recommendation)
# or contain exactly one recommender.
# recommenders:
# - name: custom-recommender-performance
# List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory
controlledResources: []
# Specifies which resource values should be controlled: RequestsOnly or RequestsAndLimits.
# controlledValues: RequestsAndLimits
# Define the max allowed resources for the pod
maxAllowed: {}
@ -442,6 +458,17 @@ verticalPodAutoscaler:
# memory: 100Mi
# updatePolicy:
# Specifies minimal number of replicas which need to be alive for VPA Updater to attempt pod eviction
# minReplicas: 1
# Specifies whether recommended updates are applied when a Pod is started and whether recommended updates
# are applied during the life of a Pod. Possible values are "Off", "Initial", "Recreate", and "Auto".
# updateMode: Auto
# Extra manifests to deploy as an array
extraManifests: []
# - apiVersion: v1
# kind: ConfigMap
# metadata:
# name: prometheus-extra
# data:
# extra-data: "value"

View File

@ -0,0 +1,21 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj

View File

@ -0,0 +1,17 @@
apiVersion: v2
appVersion: 0.22.0
description: A Helm chart for prometheus windows-exporter
home: https://github.com/prometheus-community/windows_exporter/
keywords:
- windows-exporter
- windows
- prometheus
- exporter
maintainers:
- email: github@jkroepke.de
name: jkroepke
name: prometheus-windows-exporter
sources:
- https://github.com/prometheus-community/windows_exporter/
type: application
version: 0.1.1

View File

@ -0,0 +1,42 @@
# Prometheus `Windows Exporter`
Prometheus exporter for hardware and OS metrics exposed by Windows kernels, written in Go with pluggable metric collectors.
This chart bootstraps a prometheus [`Windows Exporter`](http://github.com/prometheus-community/windows_exporter) daemonset on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
## Get Repository Info
```console
helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
helm repo update
```
_See [`helm repo`](https://helm.sh/docs/helm/helm_repo/) for command documentation._
## Install Chart
```console
helm install [RELEASE_NAME] prometheus-community/prometheus-windows-exporter
```
_See [configuration](#configuring) below._
_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._
## Uninstall Chart
```console
helm uninstall [RELEASE_NAME]
```
This removes all the Kubernetes components associated with the chart and deletes the release.
_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._
## Configuring
See [Customizing the Chart Before Installing](https://helm.sh/docs/intro/using_helm/#customizing-the-chart-before-installing). To see all configurable options with detailed comments, visit the chart's [values.yaml](./values.yaml), or run these configuration commands:
```console
helm show values prometheus-community/prometheus-windows-exporter
```

View File

@ -0,0 +1,185 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "prometheus-windows-exporter.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "prometheus-windows-exporter.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "prometheus-windows-exporter.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "prometheus-windows-exporter.labels" -}}
helm.sh/chart: {{ include "prometheus-windows-exporter.chart" . }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/component: metrics
app.kubernetes.io/part-of: {{ include "prometheus-windows-exporter.name" . }}
{{ include "prometheus-windows-exporter.selectorLabels" . }}
{{- with .Chart.AppVersion }}
app.kubernetes.io/version: {{ . | quote }}
{{- end }}
{{- with .Values.podLabels }}
{{ toYaml . }}
{{- end }}
{{- if .Values.releaseLabel }}
release: {{ .Release.Name }}
{{- end }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "prometheus-windows-exporter.selectorLabels" -}}
app.kubernetes.io/name: {{ include "prometheus-windows-exporter.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Create the name of the service account to use
*/}}
{{- define "prometheus-windows-exporter.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "prometheus-windows-exporter.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}
{{/*
The image to use
*/}}
{{- define "prometheus-windows-exporter.image" -}}
{{- if .Values.image.sha }}
{{- fail "image.sha forbidden. Use image.digest instead" }}
{{- else if .Values.image.digest }}
{{- if .Values.global.imageRegistry }}
{{- printf "%s/%s:%s@%s" .Values.global.imageRegistry .Values.image.repository (default .Chart.AppVersion .Values.image.tag) .Values.image.digest }}
{{- else }}
{{- printf "%s/%s:%s@%s" .Values.image.registry .Values.image.repository (default .Chart.AppVersion .Values.image.tag) .Values.image.digest }}
{{- end }}
{{- else }}
{{- if .Values.global.imageRegistry }}
{{- printf "%s/%s:%s" .Values.global.imageRegistry .Values.image.repository (default .Chart.AppVersion .Values.image.tag) }}
{{- else }}
{{- printf "%s/%s:%s" .Values.image.registry .Values.image.repository (default .Chart.AppVersion .Values.image.tag) }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Allow the release namespace to be overridden for multi-namespace deployments in combined charts
*/}}
{{- define "prometheus-windows-exporter.namespace" -}}
{{- if .Values.namespaceOverride }}
{{- .Values.namespaceOverride }}
{{- else }}
{{- .Release.Namespace }}
{{- end }}
{{- end }}
{{/*
Create the namespace name of the service monitor
*/}}
{{- define "prometheus-windows-exporter.monitor-namespace" -}}
{{- if .Values.namespaceOverride }}
{{- .Values.namespaceOverride }}
{{- else }}
{{- if .Values.prometheus.monitor.namespace }}
{{- .Values.prometheus.monitor.namespace }}
{{- else }}
{{- .Release.Namespace }}
{{- end }}
{{- end }}
{{- end }}
{{/* Sets default scrape limits for servicemonitor */}}
{{- define "servicemonitor.scrapeLimits" -}}
{{- with .sampleLimit }}
sampleLimit: {{ . }}
{{- end }}
{{- with .targetLimit }}
targetLimit: {{ . }}
{{- end }}
{{- with .labelLimit }}
labelLimit: {{ . }}
{{- end }}
{{- with .labelNameLengthLimit }}
labelNameLengthLimit: {{ . }}
{{- end }}
{{- with .labelValueLengthLimit }}
labelValueLengthLimit: {{ . }}
{{- end }}
{{- end }}
{{/*
Formats imagePullSecrets. Input is (dict "Values" .Values "imagePullSecrets" .{specific imagePullSecrets})
*/}}
{{- define "prometheus-windows-exporter.imagePullSecrets" -}}
{{- range (concat .Values.global.imagePullSecrets .imagePullSecrets) }}
{{- if eq (typeOf .) "map[string]interface {}" }}
- {{ toYaml . | trim }}
{{- else }}
- name: {{ . }}
{{- end }}
{{- end }}
{{- end -}}
{{/*
Create the namespace name of the pod monitor
*/}}
{{- define "prometheus-windows-exporter.podmonitor-namespace" -}}
{{- if .Values.namespaceOverride }}
{{- .Values.namespaceOverride }}
{{- else }}
{{- if .Values.prometheus.podMonitor.namespace }}
{{- .Values.prometheus.podMonitor.namespace }}
{{- else }}
{{- .Release.Namespace }}
{{- end }}
{{- end }}
{{- end }}
{{/* Sets default scrape limits for podmonitor */}}
{{- define "podmonitor.scrapeLimits" -}}
{{- with .sampleLimit }}
sampleLimit: {{ . }}
{{- end }}
{{- with .targetLimit }}
targetLimit: {{ . }}
{{- end }}
{{- with .labelLimit }}
labelLimit: {{ . }}
{{- end }}
{{- with .labelNameLengthLimit }}
labelNameLengthLimit: {{ . }}
{{- end }}
{{- with .labelValueLengthLimit }}
labelValueLengthLimit: {{ . }}
{{- end }}
{{- end }}

View File

@ -0,0 +1,14 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "prometheus-windows-exporter.fullname" . }}
namespace: {{ include "prometheus-windows-exporter.namespace" . }}
labels:
{{- include "prometheus-windows-exporter.labels" $ | nindent 4 }}
{{- with .Values.service.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
data:
config.yml: |
{{- .Values.config | nindent 4 }}

View File

@ -0,0 +1,192 @@
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: {{ include "prometheus-windows-exporter.fullname" . }}
namespace: {{ include "prometheus-windows-exporter.namespace" . }}
labels:
{{- include "prometheus-windows-exporter.labels" . | nindent 4 }}
{{- with .Values.daemonsetAnnotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
selector:
matchLabels:
{{- include "prometheus-windows-exporter.selectorLabels" . | nindent 6 }}
{{- with .Values.updateStrategy }}
updateStrategy:
{{- toYaml . | nindent 4 }}
{{- end }}
template:
metadata:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "prometheus-windows-exporter.labels" . | nindent 8 }}
spec:
automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }}
{{- with .Values.securityContext }}
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.priorityClassName }}
priorityClassName: {{ . }}
{{- end }}
initContainers:
- name: configure-firewall
image: {{ include "prometheus-windows-exporter.image" . }}
command: [ "powershell" ]
args: [ "New-NetFirewallRule", "-DisplayName", "'windows-exporter'", "-Direction", "inbound", "-Profile", "Any", "-Action", "Allow", "-LocalPort", "{{ .Values.service.port }}", "-Protocol", "TCP" ]
{{- with .Values.extraInitContainers }}
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "prometheus-windows-exporter.serviceAccountName" . }}
containers:
- name: windows-exporter
image: {{ include "prometheus-windows-exporter.image" . }}
imagePullPolicy: {{ .Values.image.pullPolicy }}
args:
- --config.file=%CONTAINER_SANDBOX_MOUNT_POINT%/config.yml
- --collector.textfile.directory=%CONTAINER_SANDBOX_MOUNT_POINT%
- --web.listen-address=:{{ .Values.service.port }}
{{- with .Values.extraArgs }}
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.containerSecurityContext }}
securityContext:
{{- toYaml . | nindent 12 }}
{{- end }}
env:
{{- range $key, $value := .Values.env }}
- name: {{ $key }}
value: {{ $value | quote }}
{{- end }}
ports:
- name: {{ .Values.service.portName }}
containerPort: {{ .Values.service.port }}
protocol: TCP
livenessProbe:
failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
httpGet:
httpHeaders:
{{- range $_, $header := .Values.livenessProbe.httpGet.httpHeaders }}
- name: {{ $header.name }}
value: {{ $header.value }}
{{- end }}
path: /
port: {{ .Values.service.port }}
scheme: {{ upper .Values.livenessProbe.httpGet.scheme }}
initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
successThreshold: {{ .Values.livenessProbe.successThreshold }}
timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
readinessProbe:
failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
httpGet:
httpHeaders:
{{- range $_, $header := .Values.readinessProbe.httpGet.httpHeaders }}
- name: {{ $header.name }}
value: {{ $header.value }}
{{- end }}
path: /
port: {{ .Values.service.port }}
scheme: {{ upper .Values.readinessProbe.httpGet.scheme }}
initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
successThreshold: {{ .Values.readinessProbe.successThreshold }}
timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
{{- with .Values.resources }}
resources:
{{- toYaml . | nindent 12 }}
{{- end }}
volumeMounts:
- name: config
mountPath: /config.yml
subPath: config.yml
{{- range $_, $mount := .Values.extraHostVolumeMounts }}
- name: {{ $mount.name }}
mountPath: {{ $mount.mountPath }}
readOnly: {{ $mount.readOnly }}
{{- end }}
{{- range $_, $mount := .Values.sidecarVolumeMount }}
- name: {{ $mount.name }}
mountPath: {{ $mount.mountPath }}
readOnly: true
{{- end }}
{{- range $_, $mount := .Values.configmaps }}
- name: {{ $mount.name }}
mountPath: {{ $mount.mountPath }}
{{- end }}
{{- range $_, $mount := .Values.secrets }}
- name: {{ .name }}
mountPath: {{ .mountPath }}
{{- end }}
{{- with .Values.sidecars }}
{{- toYaml . | nindent 8 }}
{{- if or .Values.sidecarVolumeMount .Values.sidecarHostVolumeMounts }}
volumeMounts:
{{- range $_, $mount := .Values.sidecarVolumeMount }}
- name: {{ $mount.name }}
mountPath: {{ $mount.mountPath }}
readOnly: {{ $mount.readOnly }}
{{- end }}
{{- range $_, $mount := .Values.sidecarHostVolumeMounts }}
- name: {{ $mount.name }}
mountPath: {{ $mount.mountPath }}
readOnly: {{ $mount.readOnly }}
{{- end }}
{{- end }}
{{- end }}
{{- if or .Values.imagePullSecrets .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- include "prometheus-windows-exporter.imagePullSecrets" (dict "Values" .Values "imagePullSecrets" .Values.imagePullSecrets) | indent 8 }}
{{- end }}
hostNetwork: {{ .Values.hostNetwork }}
hostPID: {{ .Values.hostPID }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.dnsConfig }}
dnsConfig:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
volumes:
- name: config
configMap:
name: {{ include "prometheus-windows-exporter.fullname" . }}
{{- range $_, $mount := .Values.extraHostVolumeMounts }}
- name: {{ $mount.name }}
hostPath:
path: {{ $mount.hostPath }}
{{- end }}
{{- range $_, $mount := .Values.sidecarVolumeMount }}
- name: {{ $mount.name }}
emptyDir:
medium: Memory
{{- end }}
{{- range $_, $mount := .Values.sidecarHostVolumeMounts }}
- name: {{ $mount.name }}
hostPath:
path: {{ $mount.hostPath }}
{{- end }}
{{- range $_, $mount := .Values.configmaps }}
- name: {{ $mount.name }}
configMap:
name: {{ $mount.name }}
{{- end }}
{{- range $_, $mount := .Values.secrets }}
- name: {{ $mount.name }}
secret:
secretName: {{ $mount.name }}
{{- end }}

View File

@ -0,0 +1,91 @@
{{- if .Values.prometheus.podMonitor.enabled }}
apiVersion: {{ .Values.prometheus.podMonitor.apiVersion | default "monitoring.coreos.com/v1" }}
kind: PodMonitor
metadata:
name: {{ include "prometheus-windows-exporter.fullname" . }}
namespace: {{ include "prometheus-windows-exporter.podmonitor-namespace" . }}
labels:
{{- include "prometheus-windows-exporter.labels" . | nindent 4 }}
{{- with .Values.prometheus.podMonitor.additionalLabels }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
jobLabel: {{ default "app.kubernetes.io/name" .Values.prometheus.podMonitor.jobLabel }}
{{- include "podmonitor.scrapeLimits" .Values.prometheus.podMonitor | nindent 2 }}
selector:
matchLabels:
{{- with .Values.prometheus.podMonitor.selectorOverride }}
{{- toYaml . | nindent 6 }}
{{- else }}
{{- include "prometheus-windows-exporter.selectorLabels" . | nindent 6 }}
{{- end }}
namespaceSelector:
matchNames:
- {{ include "prometheus-windows-exporter.namespace" . }}
{{- with .Values.prometheus.podMonitor.attachMetadata }}
attachMetadata:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.prometheus.podMonitor.podTargetLabels }}
podTargetLabels:
{{- toYaml . | nindent 4 }}
{{- end }}
podMetricsEndpoints:
- port: {{ .Values.service.portName }}
{{- with .Values.prometheus.podMonitor.scheme }}
scheme: {{ . }}
{{- end }}
{{- with .Values.prometheus.podMonitor.path }}
path: {{ . }}
{{- end }}
{{- with .Values.prometheus.podMonitor.basicAuth }}
basicAuth:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.prometheus.podMonitor.bearerTokenSecret }}
bearerTokenSecret:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.prometheus.podMonitor.tlsConfig }}
tlsConfig:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.prometheus.podMonitor.authorization }}
authorization:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.prometheus.podMonitor.oauth2 }}
oauth2:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.prometheus.podMonitor.proxyUrl }}
proxyUrl: {{ . }}
{{- end }}
{{- with .Values.prometheus.podMonitor.interval }}
interval: {{ . }}
{{- end }}
{{- with .Values.prometheus.podMonitor.honorTimestamps }}
honorTimestamps: {{ . }}
{{- end }}
{{- with .Values.prometheus.podMonitor.honorLabels }}
honorLabels: {{ . }}
{{- end }}
{{- with .Values.prometheus.podMonitor.scrapeTimeout }}
scrapeTimeout: {{ . }}
{{- end }}
{{- with .Values.prometheus.podMonitor.relabelings }}
relabelings:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.prometheus.podMonitor.metricRelabelings }}
metricRelabelings:
{{- toYaml . | nindent 8 }}
{{- end }}
enableHttp2: {{ default false .Values.prometheus.podMonitor.enableHttp2 }}
filterRunning: {{ default true .Values.prometheus.podMonitor.filterRunning }}
followRedirects: {{ default false .Values.prometheus.podMonitor.followRedirects }}
{{- with .Values.prometheus.podMonitor.params }}
params:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- end }}

View File

@ -0,0 +1,32 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "prometheus-windows-exporter.fullname" . }}
namespace: {{ include "prometheus-windows-exporter.namespace" . }}
labels:
{{- include "prometheus-windows-exporter.labels" $ | nindent 4 }}
{{- if or .Values.prometheus.monitor.enabled .Values.prometheus.podMonitor.enabled }}
{{- with .Values.service.annotations }}
annotations:
{{- unset . "prometheus.io/scrape" | toYaml | nindent 4 }}
{{- end }}
{{- else }}
annotations:
prometheus.io/scrape: "true"
{{- with .Values.service.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}
spec:
type: {{ .Values.service.type }}
ports:
- port: {{ .Values.service.port }}
{{- if ( and (eq .Values.service.type "NodePort" ) (not (empty .Values.service.nodePort)) ) }}
nodePort: {{ .Values.service.nodePort }}
{{- end }}
targetPort: {{ .Values.service.portName }}
protocol: TCP
appProtocol: http
name: {{ .Values.service.portName }}
selector:
{{- include "prometheus-windows-exporter.selectorLabels" . | nindent 4 }}

View File

@ -0,0 +1,17 @@
{{- if and .Values.rbac.create .Values.serviceAccount.create -}}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "prometheus-windows-exporter.serviceAccountName" . }}
namespace: {{ include "prometheus-windows-exporter.namespace" . }}
labels:
{{- include "prometheus-windows-exporter.labels" . | nindent 4 }}
{{- with .Values.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- if or .Values.serviceAccount.imagePullSecrets .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- include "prometheus-windows-exporter.imagePullSecrets" (dict "Values" .Values "imagePullSecrets" .Values.serviceAccount.imagePullSecrets) | indent 2 }}
{{- end }}
{{- end -}}

View File

@ -0,0 +1,61 @@
{{- if .Values.prometheus.monitor.enabled }}
apiVersion: {{ .Values.prometheus.monitor.apiVersion | default "monitoring.coreos.com/v1" }}
kind: ServiceMonitor
metadata:
name: {{ include "prometheus-windows-exporter.fullname" . }}
namespace: {{ include "prometheus-windows-exporter.monitor-namespace" . }}
labels:
{{- include "prometheus-windows-exporter.labels" . | nindent 4 }}
{{- with .Values.prometheus.monitor.additionalLabels }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
jobLabel: {{ default "app.kubernetes.io/name" .Values.prometheus.monitor.jobLabel }}
{{- include "servicemonitor.scrapeLimits" .Values.prometheus.monitor | nindent 2 }}
{{- with .Values.prometheus.monitor.podTargetLabels }}
podTargetLabels:
{{- toYaml . | nindent 4 }}
{{- end }}
selector:
matchLabels:
{{- with .Values.prometheus.monitor.selectorOverride }}
{{- toYaml . | nindent 6 }}
{{- else }}
{{- include "prometheus-windows-exporter.selectorLabels" . | nindent 6 }}
{{- end }}
{{- with .Values.prometheus.monitor.attachMetadata }}
attachMetadata:
{{- toYaml . | nindent 4 }}
{{- end }}
endpoints:
- port: {{ .Values.service.portName }}
scheme: {{ .Values.prometheus.monitor.scheme }}
{{- with .Values.prometheus.monitor.basicAuth }}
basicAuth:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.prometheus.monitor.bearerTokenFile }}
bearerTokenFile: {{ . }}
{{- end }}
{{- with .Values.prometheus.monitor.tlsConfig }}
tlsConfig:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.prometheus.monitor.proxyUrl }}
proxyUrl: {{ . }}
{{- end }}
{{- with .Values.prometheus.monitor.interval }}
interval: {{ . }}
{{- end }}
{{- with .Values.prometheus.monitor.scrapeTimeout }}
scrapeTimeout: {{ . }}
{{- end }}
{{- with .Values.prometheus.monitor.relabelings }}
relabelings:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.prometheus.monitor.metricRelabelings }}
metricRelabelings:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- end }}

View File

@ -0,0 +1,369 @@
# Default values for prometheus-windows-exporter.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
image:
registry: ghcr.io
repository: prometheus-community/windows-exporter
# Overrides the image tag whose default is {{ printf "v%s" .Chart.AppVersion }}
tag: ""
pullPolicy: IfNotPresent
digest: ""
config: |-
collectors:
enabled: '[defaults],container'
imagePullSecrets: []
# - name: "image-pull-secret"
nameOverride: ""
fullnameOverride: ""
global:
# To help compatibility with other charts which use global.imagePullSecrets.
# Allow either an array of {name: pullSecret} maps (k8s-style), or an array of strings (more common helm-style).
# global:
# imagePullSecrets:
# - name: pullSecret1
# - name: pullSecret2
# or
# global:
# imagePullSecrets:
# - pullSecret1
# - pullSecret2
imagePullSecrets: []
#
# Allow parent charts to override registry hostname
imageRegistry: ""
service:
type: ClusterIP
port: 9182
nodePort:
portName: metrics
annotations: {}
# Additional environment variables that will be passed to the daemonset
env: {}
## env:
## VARIABLE: value
prometheus:
monitor:
enabled: false
additionalLabels: {}
namespace: ""
jobLabel: ""
# List of pod labels to add to windows exporter metrics
# https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#servicemonitor
podTargetLabels: []
scheme: http
basicAuth: {}
bearerTokenFile:
tlsConfig: {}
## proxyUrl: URL of a proxy that should be used for scraping.
##
proxyUrl: ""
## Override serviceMonitor selector
##
selectorOverride: {}
## Attach node metadata to discovered targets. Requires Prometheus v2.35.0 and above.
##
attachMetadata:
node: false
relabelings: []
metricRelabelings: []
interval: ""
scrapeTimeout: 10s
## prometheus.monitor.apiVersion ApiVersion for the serviceMonitor Resource(defaults to "monitoring.coreos.com/v1")
apiVersion: ""
## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
##
sampleLimit: 0
## TargetLimit defines a limit on the number of scraped targets that will be accepted.
##
targetLimit: 0
## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
##
labelLimit: 0
## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
##
labelNameLengthLimit: 0
## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
##
labelValueLengthLimit: 0
# PodMonitor defines monitoring for a set of pods.
# ref. https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#monitoring.coreos.com/v1.PodMonitor
# Using a PodMonitor may be preferred in some environments where there is very large number
# of Windows Exporter endpoints (1000+) behind a single service.
# The PodMonitor is disabled by default. When switching from ServiceMonitor to PodMonitor,
# the time series resulting from the configuration through PodMonitor may have different labels.
# For instance, there will not be the service label any longer which might
# affect PromQL queries selecting that label.
podMonitor:
enabled: false
# Namespace in which to deploy the pod monitor. Defaults to the release namespace.
namespace: ""
# Additional labels, e.g. setting a label for pod monitor selector as set in prometheus
additionalLabels: {}
# release: kube-prometheus-stack
# PodTargetLabels transfers labels of the Kubernetes Pod onto the target.
podTargetLabels: []
# apiVersion defaults to monitoring.coreos.com/v1.
apiVersion: ""
# Override pod selector to select pod objects.
selectorOverride: {}
# Attach node metadata to discovered targets. Requires Prometheus v2.35.0 and above.
attachMetadata:
node: false
# The label to use to retrieve the job name from. Defaults to label app.kubernetes.io/name.
jobLabel: ""
# Scheme/protocol to use for scraping.
scheme: "http"
# Path to scrape metrics at.
path: "/metrics"
# BasicAuth allow an endpoint to authenticate over basic authentication.
# More info: https://prometheus.io/docs/operating/configuration/#endpoint
basicAuth: {}
# Secret to mount to read bearer token for scraping targets.
# The secret needs to be in the same namespace as the pod monitor and accessible by the Prometheus Operator.
# https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#secretkeyselector-v1-core
bearerTokenSecret: {}
# TLS configuration to use when scraping the endpoint.
tlsConfig: {}
# Authorization section for this endpoint.
# https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#monitoring.coreos.com/v1.SafeAuthorization
authorization: {}
# OAuth2 for the URL. Only valid in Prometheus versions 2.27.0 and newer.
# https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#monitoring.coreos.com/v1.OAuth2
oauth2: {}
# ProxyURL eg http://proxyserver:2195. Directs scrapes through proxy to this endpoint.
proxyUrl: ""
# Interval at which endpoints should be scraped. If not specified Prometheus global scrape interval is used.
interval: ""
# Timeout after which the scrape is ended. If not specified, the Prometheus global scrape interval is used.
scrapeTimeout: ""
# HonorTimestamps controls whether Prometheus respects the timestamps present in scraped data.
honorTimestamps: true
# HonorLabels chooses the metrics labels on collisions with target labels.
honorLabels: true
# Whether to enable HTTP2. Default false.
enableHttp2: ""
# Drop pods that are not running. (Failed, Succeeded).
# Enabled by default. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase
filterRunning: ""
# FollowRedirects configures whether scrape requests follow HTTP 3xx redirects. Default false.
followRedirects: ""
# Optional HTTP URL parameters
params: {}
# RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds
# relabelings for a few standard Kubernetes fields. The original scrape jobs name
# is available via the __tmp_prometheus_job_name label.
# More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config
relabelings: []
# MetricRelabelConfigs to apply to samples before ingestion.
metricRelabelings: []
# SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
sampleLimit: 0
# TargetLimit defines a limit on the number of scraped targets that will be accepted.
targetLimit: 0
# Per-scrape limit on number of labels that will be accepted for a sample.
# Only valid in Prometheus versions 2.27.0 and newer.
labelLimit: 0
# Per-scrape limit on length of labels name that will be accepted for a sample.
# Only valid in Prometheus versions 2.27.0 and newer.
labelNameLengthLimit: 0
# Per-scrape limit on length of labels value that will be accepted for a sample.
# Only valid in Prometheus versions 2.27.0 and newer.
labelValueLengthLimit: 0
## Customize the updateStrategy if set
updateStrategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 200m
# memory: 50Mi
# requests:
# cpu: 100m
# memory: 30Mi
serviceAccount:
# Specifies whether a ServiceAccount should be created
create: true
# The name of the ServiceAccount to use.
# If not set and create is true, a name is generated using the fullname template
name:
annotations: {}
imagePullSecrets: []
automountServiceAccountToken: false
securityContext:
windowsOptions:
hostProcess: true
runAsUserName: "NT AUTHORITY\\system"
containerSecurityContext: {}
rbac:
## If true, create & use RBAC resources
##
create: true
# Expose the service to the host network
hostNetwork: true
# Share the host process ID namespace
hostPID: true
## Assign a group of affinity scheduling rules
##
affinity: {}
# nodeAffinity:
# requiredDuringSchedulingIgnoredDuringExecution:
# nodeSelectorTerms:
# - matchFields:
# - key: metadata.name
# operator: In
# values:
# - target-host-name
# Annotations to be added to windows exporter pods
podAnnotations:
# Fix for very slow GKE cluster upgrades
cluster-autoscaler.kubernetes.io/safe-to-evict: "true"
# Extra labels to be added to windows exporter pods
podLabels: {}
# Annotations to be added to windows exporter daemonset
daemonsetAnnotations: {}
## set to true to add the release label so scraping of the servicemonitor with kube-prometheus-stack works out of the box
releaseLabel: false
# Custom DNS configuration to be added to prometheus-windows-exporter pods
dnsConfig: {}
# nameservers:
# - 1.2.3.4
# searches:
# - ns1.svc.cluster-domain.example
# - my.dns.search.suffix
# options:
# - name: ndots
# value: "2"
# - name: edns0
## Assign a nodeSelector if operating a hybrid cluster
##
nodeSelector:
kubernetes.io/os: windows
# kubernetes.io/arch: amd64
tolerations:
- effect: NoSchedule
operator: Exists
## Assign a PriorityClassName to pods if set
# priorityClassName: ""
## Additional container arguments
##
extraArgs: []
# - --collector.service.services-where
# - "Name LIKE 'sql%'"
## Additional mounts from the host to windows-exporter container
##
extraHostVolumeMounts: []
# - name: <mountName>
# hostPath: <hostPath>
# mountPath: <mountPath>
# readOnly: true|false
## Additional configmaps to be mounted.
##
configmaps: []
# - name: <configMapName>
# mountPath: <mountPath>
secrets: []
# - name: <secretName>
# mountPath: <mountPatch>
## Override the deployment namespace
##
namespaceOverride: ""
## Additional containers for export metrics to text file
##
sidecars: []
## - name: nvidia-dcgm-exporter
## image: nvidia/dcgm-exporter:1.4.3
## Volume for sidecar containers
##
sidecarVolumeMount: []
## - name: collector-textfiles
## mountPath: /run/prometheus
## readOnly: false
## Additional mounts from the host to sidecar containers
##
sidecarHostVolumeMounts: []
# - name: <mountName>
# hostPath: <hostPath>
# mountPath: <mountPath>
# readOnly: true|false
# mountPropagation: None|HostToContainer|Bidirectional
## Additional InitContainers to initialize the pod
##
extraInitContainers: []
## Liveness probe
##
livenessProbe:
failureThreshold: 3
httpGet:
httpHeaders: []
scheme: http
initialDelaySeconds: 0
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
## Readiness probe
##
readinessProbe:
failureThreshold: 3
httpGet:
httpHeaders: []
scheme: http
initialDelaySeconds: 0
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1

View File

@ -59,13 +59,13 @@ spec:
{{- end }}
{{- if .Values.alertmanager.alertmanagerSpec.alertmanagerConfigSelector }}
alertmanagerConfigSelector:
{{ toYaml .Values.alertmanager.alertmanagerSpec.alertmanagerConfigSelector | indent 4}}
{{ tpl (toYaml .Values.alertmanager.alertmanagerSpec.alertmanagerConfigSelector | indent 4) . }}
{{ else }}
alertmanagerConfigSelector: {}
{{- end }}
{{- if .Values.alertmanager.alertmanagerSpec.alertmanagerConfigNamespaceSelector }}
alertmanagerConfigNamespaceSelector:
{{ toYaml .Values.alertmanager.alertmanagerSpec.alertmanagerConfigNamespaceSelector | indent 4}}
{{ tpl (toYaml .Values.alertmanager.alertmanagerSpec.alertmanagerConfigNamespaceSelector | indent 4) . }}
{{ else }}
alertmanagerConfigNamespaceSelector: {}
{{- end }}
@ -164,6 +164,15 @@ spec:
{{- if .Values.alertmanager.alertmanagerSpec.clusterAdvertiseAddress }}
clusterAdvertiseAddress: {{ .Values.alertmanager.alertmanagerSpec.clusterAdvertiseAddress }}
{{- end }}
{{- if .Values.alertmanager.alertmanagerSpec.clusterGossipInterval }}
clusterGossipInterval: {{ .Values.alertmanager.alertmanagerSpec.clusterGossipInterval }}
{{- end }}
{{- if .Values.alertmanager.alertmanagerSpec.clusterPeerTimeout }}
clusterPeerTimeout: {{ .Values.alertmanager.alertmanagerSpec.clusterPeerTimeout }}
{{- end }}
{{- if .Values.alertmanager.alertmanagerSpec.clusterPushpullInterval }}
clusterPushpullInterval: {{ .Values.alertmanager.alertmanagerSpec.clusterPushpullInterval }}
{{- end }}
{{- if .Values.alertmanager.alertmanagerSpec.forceEnableClusterMode }}
forceEnableClusterMode: {{ .Values.alertmanager.alertmanagerSpec.forceEnableClusterMode }}
{{- end }}

View File

@ -1,6 +1,7 @@
{{- if and .Values.alertmanager.enabled .Values.alertmanager.ingress.enabled }}
{{- $pathType := .Values.alertmanager.ingress.pathType | default "ImplementationSpecific" }}
{{- $serviceName := printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "alertmanager" }}
{{- $backendServiceName := .Values.alertmanager.ingress.serviceName | default (printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "alertmanager") }}
{{- $servicePort := .Values.alertmanager.ingress.servicePort | default .Values.alertmanager.service.port -}}
{{- $routePrefix := list .Values.alertmanager.alertmanagerSpec.routePrefix }}
{{- $paths := .Values.alertmanager.ingress.paths | default $routePrefix -}}
@ -41,11 +42,11 @@ spec:
backend:
{{- if $apiIsStable }}
service:
name: {{ $serviceName }}
name: {{ $backendServiceName }}
port:
number: {{ $servicePort }}
{{- else }}
serviceName: {{ $serviceName }}
serviceName: {{ $backendServiceName }}
servicePort: {{ $servicePort }}
{{- end }}
{{- end -}}
@ -61,11 +62,11 @@ spec:
backend:
{{- if $apiIsStable }}
service:
name: {{ $serviceName }}
name: {{ $backendServiceName }}
port:
number: {{ $servicePort }}
{{- else }}
serviceName: {{ $serviceName }}
serviceName: {{ $backendServiceName }}
servicePort: {{ $servicePort }}
{{- end }}
{{- end -}}

View File

@ -43,11 +43,17 @@ spec:
port: {{ .Values.alertmanager.service.port }}
targetPort: {{ .Values.alertmanager.service.targetPort }}
protocol: TCP
- name: reloader-web
port: 8080
targetPort: reloader-web
{{- if .Values.alertmanager.service.additionalPorts }}
{{ toYaml .Values.alertmanager.service.additionalPorts | indent 2 }}
{{- end }}
selector:
app.kubernetes.io/name: alertmanager
alertmanager: {{ template "kube-prometheus-stack.alertmanager.crname" . }}
{{- if .Values.alertmanager.service.sessionAffinity }}
sessionAffinity: {{ .Values.alertmanager.service.sessionAffinity }}
{{- end }}
type: "{{ .Values.alertmanager.service.type }}"
{{- end }}

View File

@ -46,5 +46,30 @@ spec:
{{- if .Values.alertmanager.serviceMonitor.relabelings }}
relabelings:
{{ toYaml .Values.alertmanager.serviceMonitor.relabelings | indent 6 }}
{{- end }}
- port: reloader-web
{{- if .Values.alertmanager.serviceMonitor.interval }}
interval: {{ .Values.alertmanager.serviceMonitor.interval }}
{{- end }}
{{- if .Values.alertmanager.serviceMonitor.proxyUrl }}
proxyUrl: {{ .Values.alertmanager.serviceMonitor.proxyUrl}}
{{- end }}
{{- if .Values.alertmanager.serviceMonitor.scheme }}
scheme: {{ .Values.alertmanager.serviceMonitor.scheme }}
{{- end }}
{{- if .Values.alertmanager.serviceMonitor.bearerTokenFile }}
bearerTokenFile: {{ .Values.alertmanager.serviceMonitor.bearerTokenFile }}
{{- end }}
{{- if .Values.alertmanager.serviceMonitor.tlsConfig }}
tlsConfig: {{ toYaml .Values.alertmanager.serviceMonitor.tlsConfig | nindent 6 }}
{{- end }}
path: "/metrics"
{{- if .Values.alertmanager.serviceMonitor.metricRelabelings }}
metricRelabelings:
{{ tpl (toYaml .Values.alertmanager.serviceMonitor.metricRelabelings | indent 6) . }}
{{- end }}
{{- if .Values.alertmanager.serviceMonitor.relabelings }}
relabelings:
{{ toYaml .Values.alertmanager.serviceMonitor.relabelings | indent 6 }}
{{- end }}
{{- end }}

View File

@ -0,0 +1,4 @@
{{ range .Values.extraManifests }}
---
{{ tpl (toYaml .) $ }}
{{ end }}

View File

@ -60,6 +60,20 @@ data:
{{- end }}
{{- end }}
{{- end }}
{{- if .Values.grafana.sidecar.datasources.alertmanager.enabled }}
- name: Alertmanager
type: alertmanager
uid: {{ .Values.grafana.sidecar.datasources.alertmanager.uid }}
{{- if .Values.grafana.sidecar.datasources.alertmanager.url }}
url: {{ .Values.grafana.sidecar.datasources.alertmanager.url }}
{{- else }}
url: http://{{ template "kube-prometheus-stack.fullname" . }}-alertmanager.{{ template "kube-prometheus-stack.namespace" . }}:{{ .Values.alertmanager.service.port }}/{{ trimPrefix "/" .Values.alertmanager.alertmanagerSpec.routePrefix }}
{{- end }}
access: proxy
jsonData:
handleGrafanaManagedAlerts: {{ .Values.grafana.sidecar.datasources.alertmanager.handleGrafanaManagedAlerts }}
implementation: {{ .Values.grafana.sidecar.datasources.alertmanager.implementation }}
{{- end }}
{{- end }}
{{- if .Values.grafana.additionalDataSources }}
{{ tpl (toYaml .Values.grafana.additionalDataSources | indent 4) . }}

View File

@ -20,7 +20,11 @@ spec:
endpointSelector:
matchLabels:
app: {{ template "kube-prometheus-stack.name" $ }}-admission-create
{{- if .Values.prometheusOperator.networkPolicy.matchLabels }}
{{ toYaml .Values.prometheusOperator.networkPolicy.matchLabels | nindent 6 }}
{{- else }}
{{- include "kube-prometheus-stack.labels" $ | nindent 6 }}
{{- end }}
egress:
{{- if and .Values.prometheusOperator.networkPolicy.cilium .Values.prometheusOperator.networkPolicy.cilium.egress }}
{{ toYaml .Values.prometheusOperator.networkPolicy.cilium.egress | nindent 6 }}

View File

@ -20,7 +20,11 @@ spec:
endpointSelector:
matchLabels:
app: {{ template "kube-prometheus-stack.name" $ }}-admission-patch
{{- if .Values.prometheusOperator.networkPolicy.matchLabels }}
{{ toYaml .Values.prometheusOperator.networkPolicy.matchLabels | nindent 6 }}
{{- else }}
{{- include "kube-prometheus-stack.labels" $ | nindent 6 }}
{{- end }}
egress:
{{- if and .Values.prometheusOperator.networkPolicy.cilium .Values.prometheusOperator.networkPolicy.cilium.egress }}
{{ toYaml .Values.prometheusOperator.networkPolicy.cilium.egress | nindent 6 }}

View File

@ -10,17 +10,21 @@ metadata:
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
## Ensure this is run before the job
"helm.sh/hook-weight": "-5"
{{- with .Values.prometheusOperator.admissionWebhooks.annotations }}
{{ toYaml . | indent 4 }}
{{- end }}
{{- with .Values.prometheusOperator.admissionWebhooks.annotations }}
{{ toYaml . | nindent 4 }}
{{- end }}
labels:
app: {{ template "kube-prometheus-stack.name" $ }}-admission-create
{{- include "kube-prometheus-stack.labels" $ | indent 4 }}
{{- include "kube-prometheus-stack.labels" $ | nindent 4 }}
spec:
podSelector:
matchLabels:
app: {{ template "kube-prometheus-stack.name" $ }}-admission-create
{{- include "kube-prometheus-stack.labels" $ | indent 6 }}
{{- if .Values.prometheusOperator.networkPolicy.matchLabels }}
{{ toYaml .Values.prometheusOperator.networkPolicy.matchLabels | nindent 6 }}
{{- else }}
{{- include "kube-prometheus-stack.labels" $ | nindent 6 }}
{{- end }}
egress:
- {}
policyTypes:

View File

@ -10,17 +10,21 @@ metadata:
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
## Ensure this is run before the job
"helm.sh/hook-weight": "-5"
{{- with .Values.prometheusOperator.admissionWebhooks.patch.annotations }}
{{ toYaml . | indent 4 }}
{{- end }}
{{- with .Values.prometheusOperator.admissionWebhooks.patch.annotations }}
{{ toYaml . | nindent 4 }}
{{- end }}
labels:
app: {{ template "kube-prometheus-stack.name" $ }}-admission-patch
{{- include "kube-prometheus-stack.labels" $ | indent 4 }}
{{- include "kube-prometheus-stack.labels" $ | nindent 4 }}
spec:
podSelector:
matchLabels:
app: {{ template "kube-prometheus-stack.name" $ }}-admission-patch
{{- include "kube-prometheus-stack.labels" $ | indent 6 }}
{{- if .Values.prometheusOperator.networkPolicy.matchLabels }}
{{ toYaml .Values.prometheusOperator.networkPolicy.matchLabels | nindent 6 }}
{{- else }}
{{- include "kube-prometheus-stack.labels" $ | nindent 6 }}
{{- end }}
egress:
- {}
policyTypes:

View File

@ -13,7 +13,9 @@ metadata:
{{- include "kube-prometheus-stack.labels" $ | indent 4 }}
webhooks:
- name: prometheusrulemutate.monitoring.coreos.com
{{- if .Values.prometheusOperator.admissionWebhooks.failurePolicy }}
{{- if eq .Values.prometheusOperator.admissionWebhooks.failurePolicy "IgnoreOnInstallOnly" }}
failurePolicy: {{ .Release.IsInstall | ternary "Ignore" "Fail" }}
{{- else if .Values.prometheusOperator.admissionWebhooks.failurePolicy }}
failurePolicy: {{ .Values.prometheusOperator.admissionWebhooks.failurePolicy }}
{{- else if .Values.prometheusOperator.admissionWebhooks.patch.enabled }}
failurePolicy: Ignore

View File

@ -13,7 +13,9 @@ metadata:
{{- include "kube-prometheus-stack.labels" $ | indent 4 }}
webhooks:
- name: prometheusrulemutate.monitoring.coreos.com
{{- if .Values.prometheusOperator.admissionWebhooks.failurePolicy }}
{{- if eq .Values.prometheusOperator.admissionWebhooks.failurePolicy "IgnoreOnInstallOnly" }}
failurePolicy: {{ .Release.IsInstall | ternary "Ignore" "Fail" }}
{{- else if .Values.prometheusOperator.admissionWebhooks.failurePolicy }}
failurePolicy: {{ .Values.prometheusOperator.admissionWebhooks.failurePolicy }}
{{- else if .Values.prometheusOperator.admissionWebhooks.patch.enabled }}
failurePolicy: Ignore

View File

@ -12,7 +12,7 @@ metadata:
{{- include "kube-prometheus-stack.labels" . | nindent 4 }}
rules:
- apiGroups: ["monitoring.coreos.com"]
resources: ["alertmanagers", "alertmanagerconfigs", "prometheuses", "prometheusrules", "servicemonitors", "podmonitors", "probes"]
resources: ["alertmanagers", "alertmanagerconfigs", "podmonitors", "probes", "prometheuses", "prometheusagents", "prometheusrules", "scrapeconfigs", "servicemonitors"]
verbs: ["get", "list", "watch"]
---
kind: ClusterRole
@ -26,6 +26,6 @@ metadata:
{{- include "kube-prometheus-stack.labels" . | nindent 4 }}
rules:
- apiGroups: ["monitoring.coreos.com"]
resources: ["alertmanagers", "alertmanagerconfigs", "prometheuses", "prometheusrules", "servicemonitors", "podmonitors", "probes"]
resources: ["alertmanagers", "alertmanagerconfigs", "podmonitors", "probes", "prometheuses", "prometheusagents", "prometheusrules", "scrapeconfigs", "servicemonitors"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
{{- end }}

View File

@ -11,11 +11,15 @@ spec:
endpointSelector:
matchLabels:
app: {{ template "kube-prometheus-stack.name" . }}-operator
{{- if .Values.prometheusOperator.networkPolicy.matchLabels }}
{{ toYaml .Values.prometheusOperator.networkPolicy.matchLabels | nindent 6 }}
{{- else }}
{{- include "kube-prometheus-stack.labels" $ | nindent 6 }}
{{- end }}
egress:
{{- if and .Values.prometheusOperator.networkPolicy.cilium .Values.prometheusOperator.networkPolicy.cilium.egress }}
{{- if and .Values.prometheusOperator.networkPolicy.cilium .Values.prometheusOperator.networkPolicy.cilium.egress }}
{{ toYaml .Values.prometheusOperator.networkPolicy.cilium.egress | nindent 6 }}
{{- else }}
{{- else }}
- toEntities:
- kube-apiserver
{{- end }}

View File

@ -11,14 +11,19 @@ rules:
- monitoring.coreos.com
resources:
- alertmanagers
- alertmanagers/status
- alertmanagers/finalizers
- alertmanagers/status
- alertmanagerconfigs
- prometheuses
- prometheuses/status
- prometheuses/finalizers
- prometheuses/status
- prometheusagents
- prometheusagents/finalizers
- prometheusagents/status
- thanosrulers
- thanosrulers/finalizers
- thanosrulers/status
- scrapeconfigs
- servicemonitors
- podmonitors
- probes

View File

@ -18,6 +18,7 @@ metadata:
{{- end }}
spec:
replicas: 1
revisionHistoryLimit: {{ .Values.prometheusOperator.revisionHistoryLimit }}
selector:
matchLabels:
app: {{ template "kube-prometheus-stack.name" . }}-operator
@ -37,6 +38,10 @@ spec:
spec:
{{- if .Values.prometheusOperator.priorityClassName }}
priorityClassName: {{ .Values.prometheusOperator.priorityClassName }}
{{- end }}
{{- if .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- include "kube-prometheus-stack.imagePullSecrets" . | indent 8 }}
{{- end }}
containers:
- name: {{ template "kube-prometheus-stack.name" . }}

View File

@ -24,4 +24,7 @@ spec:
matchLabels:
app: {{ template "kube-prometheus-stack.name" . }}-operator
release: {{ $.Release.Name | quote }}
{{- if .Values.prometheusOperator.networkPolicy.matchLabels }}
{{ toYaml .Values.prometheusOperator.networkPolicy.matchLabels | nindent 6 }}
{{- end }}
{{- end }}

View File

@ -8,11 +8,19 @@ metadata:
app: {{ template "kube-prometheus-stack.name" . }}-operator
{{ include "kube-prometheus-stack.labels" . | indent 4 }}
spec:
{{- with .Values.prometheusOperator.verticalPodAutoscaler.recommenders }}
recommenders:
{{- toYaml . | nindent 4 }}
{{- end }}
resourcePolicy:
containerPolicies:
- containerName: {{ template "kube-prometheus-stack.name" . }}
{{- if .Values.prometheusOperator.verticalPodAutoscaler.controlledResources }}
controlledResources: {{ .Values.prometheusOperator.verticalPodAutoscaler.controlledResources }}
{{- with .Values.prometheusOperator.verticalPodAutoscaler.controlledResources }}
controlledResources:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if .Values.prometheusOperator.verticalPodAutoscaler.controlledValues }}
controlledValues: {{ .Values.prometheusOperator.verticalPodAutoscaler.controlledValues }}
{{- end }}
{{- if .Values.prometheusOperator.verticalPodAutoscaler.maxAllowed }}
maxAllowed:
@ -26,10 +34,8 @@ spec:
apiVersion: apps/v1
kind: Deployment
name: {{ template "kube-prometheus-stack.fullname" . }}-operator
{{- if .Values.prometheusOperator.verticalPodAutoscaler.updatePolicy }}
{{- with .Values.prometheusOperator.verticalPodAutoscaler.updatePolicy }}
updatePolicy:
{{- if .Values.prometheusOperator.verticalPodAutoscaler.updatePolicy.updateMode }}
updateMode: {{ .Values.prometheusOperator.verticalPodAutoscaler.updatePolicy.updateMode }}
{{- end }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}

View File

@ -23,8 +23,12 @@ spec:
{{- if .Values.prometheus.networkPolicy.podSelector }}
{{- toYaml .Values.prometheus.networkPolicy.podSelector | nindent 4 }}
{{- else }}
matchExpressions:
- {key: app.kubernetes.io/name, operator: In, values: [prometheus]}
- {key: prometheus, operator: In, values: [{{ template "kube-prometheus-stack.prometheus.crname" . }}]}
matchLabels:
{{- if .Values.prometheus.agentMode }}
app.kubernetes.io/name: prometheus-agent
{{- else }}
app.kubernetes.io/name: prometheus
{{- end }}
operator.prometheus.io/name: {{ template "kube-prometheus-stack.prometheus.crname" . }}
{{- end }}
{{- end }}

View File

@ -16,6 +16,10 @@ spec:
{{- end }}
selector:
matchLabels:
{{- if .Values.prometheus.agentMode }}
app.kubernetes.io/name: prometheus-agent
{{- else }}
app.kubernetes.io/name: prometheus
prometheus: {{ template "kube-prometheus-stack.prometheus.crname" . }}
{{- end }}
operator.prometheus.io/name: {{ template "kube-prometheus-stack.prometheus.crname" . }}
{{- end }}

View File

@ -1,6 +1,11 @@
{{- if .Values.prometheus.enabled }}
{{- if .Values.prometheus.agentMode }}
apiVersion: monitoring.coreos.com/v1alpha1
kind: PrometheusAgent
{{- else }}
apiVersion: monitoring.coreos.com/v1
kind: Prometheus
{{- end }}
metadata:
name: {{ template "kube-prometheus-stack.prometheus.crname" . }}
namespace: {{ template "kube-prometheus-stack.namespace" . }}
@ -12,7 +17,7 @@ metadata:
{{ toYaml .Values.prometheus.annotations | indent 4 }}
{{- end }}
spec:
{{- if or .Values.prometheus.prometheusSpec.alertingEndpoints .Values.alertmanager.enabled }}
{{- if and (not .Values.prometheus.agentMode) (or .Values.prometheus.prometheusSpec.alertingEndpoints .Values.alertmanager.enabled) }}
alerting:
alertmanagers:
{{- if .Values.prometheus.prometheusSpec.alertingEndpoints }}
@ -23,6 +28,13 @@ spec:
port: {{ .Values.alertmanager.alertmanagerSpec.portName }}
{{- if .Values.alertmanager.alertmanagerSpec.routePrefix }}
pathPrefix: "{{ .Values.alertmanager.alertmanagerSpec.routePrefix }}"
{{- end }}
{{- if .Values.alertmanager.alertmanagerSpec.scheme }}
scheme: {{ .Values.alertmanager.alertmanagerSpec.scheme }}
{{- end }}
{{- if .Values.alertmanager.alertmanagerSpec.tlsConfig }}
tlsConfig:
{{ toYaml .Values.alertmanager.alertmanagerSpec.tlsConfig | indent 10 }}
{{- end }}
apiVersion: {{ .Values.alertmanager.apiVersion }}
{{- end }}
@ -82,12 +94,14 @@ spec:
logLevel: {{ .Values.prometheus.prometheusSpec.logLevel }}
logFormat: {{ .Values.prometheus.prometheusSpec.logFormat }}
listenLocal: {{ .Values.prometheus.prometheusSpec.listenLocal }}
{{- if not .Values.prometheus.agentMode }}
enableAdminAPI: {{ .Values.prometheus.prometheusSpec.enableAdminAPI }}
{{- end }}
{{- if .Values.prometheus.prometheusSpec.web }}
web:
{{ toYaml .Values.prometheus.prometheusSpec.web | indent 4 }}
{{- end }}
{{- if .Values.prometheus.prometheusSpec.exemplars }}
{{- if and (not .Values.prometheus.agentMode) .Values.prometheus.prometheusSpec.exemplars }}
exemplars:
{{ toYaml .Values.prometheus.prometheusSpec.exemplars | indent 4 }}
{{- end }}
@ -103,13 +117,14 @@ spec:
{{- if .Values.prometheus.prometheusSpec.scrapeTimeout }}
scrapeTimeout: {{ .Values.prometheus.prometheusSpec.scrapeTimeout }}
{{- end }}
{{- if .Values.prometheus.prometheusSpec.evaluationInterval }}
{{- if and (not .Values.prometheus.agentMode) .Values.prometheus.prometheusSpec.evaluationInterval }}
evaluationInterval: {{ .Values.prometheus.prometheusSpec.evaluationInterval }}
{{- end }}
{{- if .Values.prometheus.prometheusSpec.resources }}
resources:
{{ toYaml .Values.prometheus.prometheusSpec.resources | indent 4 }}
{{- end }}
{{- if not .Values.prometheus.agentMode }}
retention: {{ .Values.prometheus.prometheusSpec.retention | quote }}
{{- if .Values.prometheus.prometheusSpec.retentionSize }}
retentionSize: {{ .Values.prometheus.prometheusSpec.retentionSize | quote }}
@ -120,6 +135,7 @@ spec:
outOfOrderTimeWindow: {{ .Values.prometheus.prometheusSpec.tsdb.outOfOrderTimeWindow }}
{{- end }}
{{- end }}
{{- end }}
{{- if eq .Values.prometheus.prometheusSpec.walCompression false }}
walCompression: false
{{ else }}
@ -139,7 +155,7 @@ spec:
serviceAccountName: {{ template "kube-prometheus-stack.prometheus.serviceAccountName" . }}
{{- if .Values.prometheus.prometheusSpec.serviceMonitorSelector }}
serviceMonitorSelector:
{{ toYaml .Values.prometheus.prometheusSpec.serviceMonitorSelector | indent 4 }}
{{ tpl (toYaml .Values.prometheus.prometheusSpec.serviceMonitorSelector | indent 4) . }}
{{ else if .Values.prometheus.prometheusSpec.serviceMonitorSelectorNilUsesHelmValues }}
serviceMonitorSelector:
matchLabels:
@ -149,13 +165,13 @@ spec:
{{- end }}
{{- if .Values.prometheus.prometheusSpec.serviceMonitorNamespaceSelector }}
serviceMonitorNamespaceSelector:
{{ toYaml .Values.prometheus.prometheusSpec.serviceMonitorNamespaceSelector | indent 4 }}
{{ tpl (toYaml .Values.prometheus.prometheusSpec.serviceMonitorNamespaceSelector | indent 4) . }}
{{ else }}
serviceMonitorNamespaceSelector: {}
{{- end }}
{{- if .Values.prometheus.prometheusSpec.podMonitorSelector }}
podMonitorSelector:
{{ toYaml .Values.prometheus.prometheusSpec.podMonitorSelector | indent 4 }}
{{ tpl (toYaml .Values.prometheus.prometheusSpec.podMonitorSelector | indent 4) . }}
{{ else if .Values.prometheus.prometheusSpec.podMonitorSelectorNilUsesHelmValues }}
podMonitorSelector:
matchLabels:
@ -165,13 +181,13 @@ spec:
{{- end }}
{{- if .Values.prometheus.prometheusSpec.podMonitorNamespaceSelector }}
podMonitorNamespaceSelector:
{{ toYaml .Values.prometheus.prometheusSpec.podMonitorNamespaceSelector | indent 4 }}
{{ tpl (toYaml .Values.prometheus.prometheusSpec.podMonitorNamespaceSelector | indent 4) . }}
{{ else }}
podMonitorNamespaceSelector: {}
{{- end }}
{{- if .Values.prometheus.prometheusSpec.probeSelector }}
probeSelector:
{{ toYaml .Values.prometheus.prometheusSpec.probeSelector | indent 4 }}
{{ tpl (toYaml .Values.prometheus.prometheusSpec.probeSelector | indent 4) . }}
{{ else if .Values.prometheus.prometheusSpec.probeSelectorNilUsesHelmValues }}
probeSelector:
matchLabels:
@ -181,11 +197,11 @@ spec:
{{- end }}
{{- if .Values.prometheus.prometheusSpec.probeNamespaceSelector }}
probeNamespaceSelector:
{{ toYaml .Values.prometheus.prometheusSpec.probeNamespaceSelector | indent 4 }}
{{ tpl (toYaml .Values.prometheus.prometheusSpec.probeNamespaceSelector | indent 4) . }}
{{ else }}
probeNamespaceSelector: {}
{{- end }}
{{- if (or .Values.prometheus.prometheusSpec.remoteRead .Values.prometheus.prometheusSpec.additionalRemoteRead) }}
{{- if and (not .Values.prometheus.agentMode) (or .Values.prometheus.prometheusSpec.remoteRead .Values.prometheus.prometheusSpec.additionalRemoteRead) }}
remoteRead:
{{- if .Values.prometheus.prometheusSpec.remoteRead }}
{{ tpl (toYaml .Values.prometheus.prometheusSpec.remoteRead | indent 4) . }}
@ -207,16 +223,16 @@ spec:
securityContext:
{{ toYaml .Values.prometheus.prometheusSpec.securityContext | indent 4 }}
{{- end }}
{{- if not .Values.prometheus.agentMode }}
{{- if .Values.prometheus.prometheusSpec.ruleNamespaceSelector }}
ruleNamespaceSelector:
{{ toYaml .Values.prometheus.prometheusSpec.ruleNamespaceSelector | indent 4 }}
{{ tpl (toYaml .Values.prometheus.prometheusSpec.ruleNamespaceSelector | indent 4) . }}
{{ else }}
ruleNamespaceSelector: {}
{{- end }}
{{- if not (has "agent" .Values.prometheus.prometheusSpec.enableFeatures) }}
{{- if .Values.prometheus.prometheusSpec.ruleSelector }}
ruleSelector:
{{ toYaml .Values.prometheus.prometheusSpec.ruleSelector | indent 4}}
{{ tpl (toYaml .Values.prometheus.prometheusSpec.ruleSelector | indent 4) . }}
{{- else if .Values.prometheus.prometheusSpec.ruleSelectorNilUsesHelmValues }}
ruleSelector:
matchLabels:
@ -225,6 +241,22 @@ spec:
ruleSelector: {}
{{- end }}
{{- end }}
{{- if .Values.prometheus.prometheusSpec.scrapeConfigSelector }}
scrapeConfigSelector:
{{ tpl (toYaml .Values.prometheus.prometheusSpec.scrapeConfigSelector | indent 4) . }}
{{ else if .Values.prometheus.prometheusSpec.scrapeConfigSelectorNilUsesHelmValues }}
scrapeConfigSelector:
matchLabels:
release: {{ $.Release.Name | quote }}
{{ else }}
scrapeConfigSelector: {}
{{- end }}
{{- if .Values.prometheus.prometheusSpec.scrapeConfigNamespaceSelector }}
scrapeConfigNamespaceSelector:
{{ tpl (toYaml .Values.prometheus.prometheusSpec.scrapeConfigNamespaceSelector | indent 4) . }}
{{ else }}
scrapeConfigNamespaceSelector: {}
{{- end }}
{{- if .Values.prometheus.prometheusSpec.storageSpec }}
storage:
{{ tpl (toYaml .Values.prometheus.prometheusSpec.storageSpec | indent 4) . }}
@ -233,7 +265,7 @@ spec:
podMetadata:
{{ tpl (toYaml .Values.prometheus.prometheusSpec.podMetadata | indent 4) . }}
{{- end }}
{{- if .Values.prometheus.prometheusSpec.query }}
{{- if and (not .Values.prometheus.agentMode) .Values.prometheus.prometheusSpec.query }}
query:
{{ toYaml .Values.prometheus.prometheusSpec.query | indent 4}}
{{- end }}
@ -284,6 +316,7 @@ spec:
name: {{ .Values.prometheus.prometheusSpec.additionalScrapeConfigsSecret.name }}
key: {{ .Values.prometheus.prometheusSpec.additionalScrapeConfigsSecret.key }}
{{- end }}
{{- if not .Values.prometheus.agentMode }}
{{- if or .Values.prometheus.prometheusSpec.additionalAlertManagerConfigs .Values.prometheus.prometheusSpec.additionalAlertManagerConfigsSecret }}
additionalAlertManagerConfigs:
{{- if .Values.prometheus.prometheusSpec.additionalAlertManagerConfigs }}
@ -308,6 +341,7 @@ spec:
name: {{ .Values.prometheus.prometheusSpec.additionalAlertRelabelConfigsSecret.name }}
key: {{ .Values.prometheus.prometheusSpec.additionalAlertRelabelConfigsSecret.key }}
{{- end }}
{{- end }}
{{- if .Values.prometheus.prometheusSpec.containers }}
containers:
{{ toYaml .Values.prometheus.prometheusSpec.containers | indent 4 }}
@ -319,12 +353,14 @@ spec:
{{- if .Values.prometheus.prometheusSpec.priorityClassName }}
priorityClassName: {{ .Values.prometheus.prometheusSpec.priorityClassName }}
{{- end }}
{{- if not .Values.prometheus.agentMode }}
{{- if .Values.prometheus.prometheusSpec.thanos }}
thanos:
{{ toYaml .Values.prometheus.prometheusSpec.thanos | indent 4 }}
{{- end }}
{{- if .Values.prometheus.prometheusSpec.disableCompaction }}
disableCompaction: {{ .Values.prometheus.prometheusSpec.disableCompaction }}
{{- end }}
{{- end }}
portName: {{ .Values.prometheus.prometheusSpec.portName }}
{{- if .Values.prometheus.prometheusSpec.volumes }}
@ -351,6 +387,7 @@ spec:
{{- if .Values.prometheus.prometheusSpec.enforcedNamespaceLabel }}
enforcedNamespaceLabel: {{ .Values.prometheus.prometheusSpec.enforcedNamespaceLabel }}
{{- $prometheusDefaultRulesExcludedFromEnforce := (include "rules.names" .) | fromYaml }}
{{- if not .Values.prometheus.agentMode }}
prometheusRulesExcludedFromEnforce:
{{- range $prometheusDefaultRulesExcludedFromEnforce.rules }}
- ruleNamespace: "{{ template "kube-prometheus-stack.namespace" $ }}"
@ -358,6 +395,7 @@ spec:
{{- end }}
{{- if .Values.prometheus.prometheusSpec.prometheusRulesExcludedFromEnforce }}
{{ toYaml .Values.prometheus.prometheusSpec.prometheusRulesExcludedFromEnforce | indent 4 }}
{{- end }}
{{- end }}
excludedFromEnforcement:
{{- range $prometheusDefaultRulesExcludedFromEnforce.rules }}
@ -370,7 +408,7 @@ spec:
{{ tpl (toYaml .Values.prometheus.prometheusSpec.excludedFromEnforcement | indent 4) . }}
{{- end }}
{{- end }}
{{- if .Values.prometheus.prometheusSpec.queryLogFile }}
{{- if and (not .Values.prometheus.agentMode) .Values.prometheus.prometheusSpec.queryLogFile }}
queryLogFile: {{ .Values.prometheus.prometheusSpec.queryLogFile }}
{{- end }}
{{- if .Values.prometheus.prometheusSpec.enforcedSampleLimit }}
@ -388,7 +426,7 @@ spec:
{{- if .Values.prometheus.prometheusSpec.enforcedLabelValueLengthLimit}}
enforcedLabelValueLengthLimit: {{ .Values.prometheus.prometheusSpec.enforcedLabelValueLengthLimit }}
{{- end }}
{{- if .Values.prometheus.prometheusSpec.allowOverlappingBlocks }}
{{- if and (not .Values.prometheus.agentMode) .Values.prometheus.prometheusSpec.allowOverlappingBlocks }}
allowOverlappingBlocks: {{ .Values.prometheus.prometheusSpec.allowOverlappingBlocks }}
{{- end }}
{{- if .Values.prometheus.prometheusSpec.minReadySeconds }}
@ -399,4 +437,8 @@ spec:
hostAliases:
{{ toYaml .Values.prometheus.prometheusSpec.hostAliases | indent 4 }}
{{- end }}
{{- if .Values.prometheus.prometheusSpec.tracingConfig }}
tracingConfig:
{{ toYaml .Values.prometheus.prometheusSpec.tracingConfig | indent 4 }}
{{- end }}
{{- end }}

View File

@ -42,6 +42,9 @@ spec:
{{- end }}
port: {{ .Values.prometheus.service.port }}
targetPort: {{ .Values.prometheus.service.targetPort }}
- name: reloader-web
port: 8080
targetPort: reloader-web
{{- if .Values.prometheus.thanosIngress.enabled }}
- name: grpc
{{- if eq .Values.prometheus.service.type "NodePort" }}
@ -55,8 +58,12 @@ spec:
{{- end }}
publishNotReadyAddresses: {{ .Values.prometheus.service.publishNotReadyAddresses }}
selector:
{{- if .Values.prometheus.agentMode }}
app.kubernetes.io/name: prometheus-agent
{{- else }}
app.kubernetes.io/name: prometheus
prometheus: {{ template "kube-prometheus-stack.prometheus.crname" . }}
{{- end }}
operator.prometheus.io/name: {{ template "kube-prometheus-stack.prometheus.crname" . }}
{{- if .Values.prometheus.service.sessionAffinity }}
sessionAffinity: {{ .Values.prometheus.service.sessionAffinity }}
{{- end }}

View File

@ -35,5 +35,5 @@ spec:
{{- end }}
selector:
app.kubernetes.io/name: prometheus
prometheus: {{ template "kube-prometheus-stack.prometheus.crname" . }}
operator.prometheus.io/name: {{ template "kube-prometheus-stack.prometheus.crname" . }}
{{- end }}

View File

@ -42,5 +42,5 @@ spec:
{{- end }}
selector:
app.kubernetes.io/name: prometheus
prometheus: {{ template "kube-prometheus-stack.prometheus.crname" . }}
operator.prometheus.io/name: {{ template "kube-prometheus-stack.prometheus.crname" . }}
{{- end }}

View File

@ -42,5 +42,27 @@ spec:
{{- if .Values.prometheus.serviceMonitor.relabelings }}
relabelings:
{{ toYaml .Values.prometheus.serviceMonitor.relabelings | indent 6 }}
{{- end }}
- port: reloader-web
{{- if .Values.prometheus.serviceMonitor.interval }}
interval: {{ .Values.prometheus.serviceMonitor.interval }}
{{- end }}
{{- if .Values.prometheus.serviceMonitor.scheme }}
scheme: {{ .Values.prometheus.serviceMonitor.scheme }}
{{- end }}
{{- if .Values.prometheus.serviceMonitor.tlsConfig }}
tlsConfig: {{ toYaml .Values.prometheus.serviceMonitor.tlsConfig | nindent 6 }}
{{- end }}
{{- if .Values.prometheus.serviceMonitor.bearerTokenFile }}
bearerTokenFile: {{ .Values.prometheus.serviceMonitor.bearerTokenFile }}
{{- end }}
path: "/metrics"
{{- if .Values.prometheus.serviceMonitor.metricRelabelings }}
metricRelabelings:
{{ tpl (toYaml .Values.prometheus.serviceMonitor.metricRelabelings | indent 6) . }}
{{- end }}
{{- if .Values.prometheus.serviceMonitor.relabelings }}
relabelings:
{{ toYaml .Values.prometheus.serviceMonitor.relabelings | indent 6 }}
{{- end }}
{{- end }}

View File

@ -41,9 +41,14 @@ items:
port: {{ $serviceValues.port }}
targetPort: {{ $serviceValues.targetPort }}
selector:
{{- if $.Values.prometheus.agentMode }}
app.kubernetes.io/name: prometheus-agent
statefulset.kubernetes.io/pod-name: prom-agent-{{ include "kube-prometheus-stack.prometheus.crname" $ }}-{{ $i }}
{{- else }}
app.kubernetes.io/name: prometheus
prometheus: {{ include "kube-prometheus-stack.prometheus.crname" $ }}
statefulset.kubernetes.io/pod-name: prometheus-{{ include "kube-prometheus-stack.prometheus.crname" $ }}-{{ $i }}
{{- end }}
operator.prometheus.io/name: {{ template "kube-prometheus-stack.prometheus.crname" $ }}
type: "{{ $serviceValues.type }}"
{{- end }}
{{- end }}

View File

@ -50,13 +50,13 @@ spec:
{{- end }}
{{- if .Values.thanosRuler.thanosRulerSpec.ruleNamespaceSelector }}
ruleNamespaceSelector:
{{ toYaml .Values.thanosRuler.thanosRulerSpec.ruleNamespaceSelector | indent 4 }}
{{ tpl (toYaml .Values.thanosRuler.thanosRulerSpec.ruleNamespaceSelector | indent 4) . }}
{{ else }}
ruleNamespaceSelector: {}
{{- end }}
{{- if .Values.thanosRuler.thanosRulerSpec.ruleSelector }}
ruleSelector:
{{ toYaml .Values.thanosRuler.thanosRulerSpec.ruleSelector | indent 4}}
{{ tpl (toYaml .Values.thanosRuler.thanosRulerSpec.ruleSelector | indent 4) .}}
{{- else if .Values.thanosRuler.thanosRulerSpec.ruleSelectorNilUsesHelmValues }}
ruleSelector:
matchLabels:

View File

@ -28,6 +28,11 @@ commonLabels: {}
# scmhash: abc123
# myLabel: aakkmd
## Install Prometheus Operator CRDs
##
crds:
enabled: true
## Create default rules for monitoring the cluster
##
defaultRules:
@ -60,6 +65,7 @@ defaultRules:
nodeExporterRecording: true
prometheus: true
prometheusOperator: true
windows: true
## Reduce app namespace alert scope
appNamespacesTarget: ".*"
@ -75,6 +81,66 @@ defaultRules:
## Additional annotations for PrometheusRule alerts
additionalRuleAnnotations: {}
## Additional labels for specific PrometheusRule alert groups
additionalRuleGroupLabels:
alertmanager: {}
etcd: {}
configReloaders: {}
general: {}
k8s: {}
kubeApiserverAvailability: {}
kubeApiserverBurnrate: {}
kubeApiserverHistogram: {}
kubeApiserverSlos: {}
kubeControllerManager: {}
kubelet: {}
kubeProxy: {}
kubePrometheusGeneral: {}
kubePrometheusNodeRecording: {}
kubernetesApps: {}
kubernetesResources: {}
kubernetesStorage: {}
kubernetesSystem: {}
kubeSchedulerAlerting: {}
kubeSchedulerRecording: {}
kubeStateMetrics: {}
network: {}
node: {}
nodeExporterAlerting: {}
nodeExporterRecording: {}
prometheus: {}
prometheusOperator: {}
## Additional annotations for specific PrometheusRule alerts groups
additionalRuleGroupAnnotations:
alertmanager: {}
etcd: {}
configReloaders: {}
general: {}
k8s: {}
kubeApiserverAvailability: {}
kubeApiserverBurnrate: {}
kubeApiserverHistogram: {}
kubeApiserverSlos: {}
kubeControllerManager: {}
kubelet: {}
kubeProxy: {}
kubePrometheusGeneral: {}
kubePrometheusNodeRecording: {}
kubernetesApps: {}
kubernetesResources: {}
kubernetesStorage: {}
kubernetesSystem: {}
kubeSchedulerAlerting: {}
kubeSchedulerRecording: {}
kubeStateMetrics: {}
network: {}
node: {}
nodeExporterAlerting: {}
nodeExporterRecording: {}
prometheus: {}
prometheusOperator: {}
## Prefix for runbook URLs. Use this to override the first part of the runbookURLs that is common to all rules.
runbookUrl: "https://runbooks.prometheus-operator.dev/runbooks"
@ -134,6 +200,12 @@ global:
# or
# - "image-pull-secret"
windowsMonitoring:
## Deploys the windows-exporter and Windows-specific dashboards and rules
enabled: false
## Job must match jobLabel in the PodMonitor/ServiceMonitor and is used for the rules
job: prometheus-windows-exporter
## Configuration for alertmanager
## ref: https://prometheus.io/docs/alerting/alertmanager/
##
@ -269,8 +341,11 @@ alertmanager:
labels: {}
## Redirect ingress to an additional defined port on the service
## Override ingress to a different defined port on the service
# servicePort: 8081
## Override ingress to a different service then the default, this is useful if you need to
## point to a specific instance of the alertmanager (eg kube-prometheus-stack-alertmanager-0)
# serviceName: kube-prometheus-stack-alertmanager-0
## Hosts must be provided if Ingress is enabled.
##
@ -379,6 +454,11 @@ alertmanager:
##
externalTrafficPolicy: Cluster
## If you want to make sure that connections from a particular client are passed to the same Pod each time
## Accepts 'ClientIP' or ''
##
sessionAffinity: ""
## Service type
##
type: ClusterIP
@ -612,6 +692,13 @@ alertmanager:
##
routePrefix: /
## scheme: HTTP scheme to use. Can be used with `tlsConfig` for example if using istio mTLS.
scheme: ""
## tlsConfig: TLS configuration to use when connect to the endpoint. For example if using istio mTLS.
## Of type: https://github.com/coreos/prometheus-operator/blob/main/Documentation/api.md#tlsconfig
tlsConfig: {}
## If set to true all actions on the underlying managed objects are not going to be performed, except for delete actions.
##
paused: false
@ -683,6 +770,8 @@ alertmanager:
runAsNonRoot: true
runAsUser: 1000
fsGroup: 2000
seccompProfile:
type: RuntimeDefault
## ListenLocal makes the Alertmanager server listen on loopback, so that it does not bind against the Pod IP.
## Note this is only for the Alertmanager UI, not the gossip communication.
@ -731,6 +820,18 @@ alertmanager:
##
clusterAdvertiseAddress: false
## clusterGossipInterval determines interval between gossip attempts.
## Needs to be specified as GoDuration, a time duration that can be parsed by Gos time.ParseDuration() (e.g. 45ms, 30s, 1m, 1h20m15s)
clusterGossipInterval: ""
## clusterPeerTimeout determines timeout for cluster peering.
## Needs to be specified as GoDuration, a time duration that can be parsed by Gos time.ParseDuration() (e.g. 45ms, 30s, 1m, 1h20m15s)
clusterPeerTimeout: ""
## clusterPushpullInterval determines interval between pushpull attempts.
## Needs to be specified as GoDuration, a time duration that can be parsed by Gos time.ParseDuration() (e.g. 45ms, 30s, 1m, 1h20m15s)
clusterPushpullInterval: ""
## ForceEnableClusterMode ensures Alertmanager does not deactivate the cluster mode when running with a single replica.
## Use case is e.g. spanning an Alertmanager cluster across Kubernetes clusters with a single replica in each.
forceEnableClusterMode: false
@ -873,6 +974,11 @@ grafana:
exemplarTraceIdDestinations: {}
# datasourceUid: Jaeger
# traceIdLabelName: trace_id
alertmanager:
enabled: true
uid: alertmanager
handleGrafanaManagedAlerts: false
implementation: prometheus
extraConfigmapMounts: []
# - name: certs-configmap
@ -1858,6 +1964,10 @@ prometheus-node-exporter:
prometheusOperator:
enabled: true
## Number of old replicasets to retain ##
## The default value is 10, 0 will garbage-collect old replicasets ##
revisionHistoryLimit: 10
## Prometheus-Operator v0.39.0 and later support TLS natively.
##
tls:
@ -1870,7 +1980,9 @@ prometheusOperator:
## Admission webhook support for PrometheusRules resources added in Prometheus Operator 0.30 can be enabled to prevent incorrectly formatted
## rules from making their way into prometheus and potentially preventing the container from starting
admissionWebhooks:
failurePolicy:
## Valid values: Fail, Ignore, IgnoreOnInstallOnly
## IgnoreOnInstallOnly - If Release.IsInstall returns "true", set "Ignore" otherwise "Fail"
failurePolicy: ""
## The default timeoutSeconds is 10 and the maximum value is 30.
timeoutSeconds: 10
enabled: true
@ -1912,14 +2024,26 @@ prometheusOperator:
runAsGroup: 2000
runAsNonRoot: true
runAsUser: 2000
seccompProfile:
type: RuntimeDefault
# Security context for create job container
createSecretJob:
securityContext: {}
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
capabilities:
drop:
- ALL
# Security context for patch job container
patchWebhookJob:
securityContext: {}
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
capabilities:
drop:
- ALL
# Use certmanager to generate webhook certs
certManager:
@ -1972,6 +2096,9 @@ prometheusOperator:
# cilium:
# egress:
## match labels used in selector
# matchLabels: {}
## Service account for Alertmanager to use.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
##
@ -2161,6 +2288,8 @@ prometheusOperator:
runAsGroup: 65534
runAsNonRoot: true
runAsUser: 65534
seccompProfile:
type: RuntimeDefault
## Container-specific security context configuration
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
@ -2168,12 +2297,24 @@ prometheusOperator:
containerSecurityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
capabilities:
drop:
- ALL
# Enable vertical pod autoscaler support for prometheus-operator
verticalPodAutoscaler:
enabled: false
# Recommender responsible for generating recommendation for the object.
# List should be empty (then the default recommender will generate the recommendation)
# or contain exactly one recommender.
# recommenders:
# - name: custom-recommender-performance
# List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory
controlledResources: []
# Specifies which resource values should be controlled: RequestsOnly or RequestsAndLimits.
# controlledValues: RequestsAndLimits
# Define the max allowed resources for the pod
maxAllowed: {}
@ -2185,6 +2326,8 @@ prometheusOperator:
# memory: 100Mi
updatePolicy:
# Specifies minimal number of replicas which need to be alive for VPA Updater to attempt pod eviction
# minReplicas: 1
# Specifies whether recommended updates are applied when a Pod is started and whether recommended updates
# are applied during the life of a Pod. Possible values are "Off", "Initial", "Recreate", and "Auto".
updateMode: Auto
@ -2242,7 +2385,7 @@ prometheusOperator:
thanosImage:
registry: quay.io
repository: thanos/thanos
tag: v0.30.2
tag: v0.31.0
sha: ""
## Set a Label Selector to filter watched prometheus and prometheusAgent
@ -2258,13 +2401,19 @@ prometheusOperator:
## Set a Field Selector to filter watched secrets
##
secretFieldSelector: ""
secretFieldSelector: "type!=kubernetes.io/dockercfg,type!=kubernetes.io/service-account-token,type!=helm.sh/release.v1"
## Deploy a Prometheus instance
##
prometheus:
enabled: true
## Toggle prometheus into agent mode
## Note many of features described below (e.g. rules, query, alerting, remote read, thanos) will not work in agent mode.
## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/designs/prometheus-agent.md
##
agentMode: false
## Annotations for Prometheus
##
annotations: {}
@ -2745,7 +2894,7 @@ prometheus:
image:
registry: quay.io
repository: prometheus/prometheus
tag: v2.42.0
tag: v2.45.0
sha: ""
## Tolerations for use with node taints
@ -2932,6 +3081,28 @@ prometheus:
# matchLabels:
# prometheus: somelabel
## If true, a nil or {} value for prometheus.prometheusSpec.scrapeConfigSelector will cause the
## prometheus resource to be created with selectors based on values in the helm deployment,
## which will also match the scrapeConfigs created
##
scrapeConfigSelectorNilUsesHelmValues: true
## scrapeConfigs to be selected for target discovery.
## If {}, select all scrapeConfigs
##
scrapeConfigSelector: {}
## Example which selects scrapeConfigs with label "prometheus" set to "somelabel"
# scrapeConfig:
# matchLabels:
# prometheus: somelabel
## If nil, select own namespace. Namespaces to be selected for scrapeConfig discovery.
scrapeConfigNamespaceSelector: {}
## Example which selects scrapeConfig in namespaces with label "prometheus" set to "somelabel"
# scrapeConfigNamespaceSelector:
# matchLabels:
# prometheus: somelabel
## How long to retain metrics
##
retention: 10d
@ -3184,6 +3355,8 @@ prometheus:
runAsNonRoot: true
runAsUser: 1000
fsGroup: 2000
seccompProfile:
type: RuntimeDefault
## Priority class assigned to the Pods
##
@ -3313,6 +3486,10 @@ prometheus:
# - a1.app.local
# - b1.app.local
## TracingConfig configures tracing in Prometheus.
## See https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#prometheustracingconfig
tracingConfig: {}
additionalRulesForClusterRole: []
# - apiGroups: [ "" ]
# resources:
@ -3629,7 +3806,7 @@ thanosRuler:
image:
registry: quay.io
repository: thanos/thanos
tag: v0.30.2
tag: v0.31.0
sha: ""
## Namespaces to be selected for PrometheusRules discovery.
@ -3815,6 +3992,8 @@ thanosRuler:
runAsNonRoot: true
runAsUser: 1000
fsGroup: 2000
seccompProfile:
type: RuntimeDefault
## ListenLocal makes the ThanosRuler server listen on loopback, so that it does not bind against the Pod IP.
## Note this is only for the ThanosRuler UI, not the gossip communication.
@ -3857,3 +4036,13 @@ thanosRuler:
## Setting to true produces cleaner resource names, but requires a data migration because the name of the persistent volume changes. Therefore this should only be set once on initial installation.
##
cleanPrometheusOperatorObjectNames: false
## Extra manifests to deploy as an array
extraManifests: []
# - apiVersion: v1
# kind: ConfigMap
# metadata:
# labels:
# name: prometheus-extra
# data:
# extra-data: "value"

View File

@ -78,7 +78,7 @@
"subdir": "jsonnet/kube-state-metrics"
}
},
"version": "60d4c4e082bc8345c91fbf000eae9af2f67ed8de",
"version": "e8272ced472cb99ef1e2e2dc0e9ff481ae381fdb",
"sum": "+dOzAK+fwsFf97uZpjcjTcEJEC1H8hh/j8f5uIQK/5g="
},
{
@ -88,7 +88,7 @@
"subdir": "jsonnet/kube-state-metrics-mixin"
}
},
"version": "60d4c4e082bc8345c91fbf000eae9af2f67ed8de",
"version": "e8272ced472cb99ef1e2e2dc0e9ff481ae381fdb",
"sum": "qclI7LwucTjBef3PkGBkKxF0mfZPbHnn4rlNWKGtR4c="
},
{

View File

@ -1,11 +1,120 @@
diff -tuNr charts/kube-prometheus-stack.orig/crds/crd-prometheuses.yaml charts/kube-prometheus-stack/crds/crd-prometheuses.yaml
--- charts/kube-prometheus-stack.orig/crds/crd-prometheuses.yaml 2021-12-09 14:58:13.123561137 +0100
+++ charts/kube-prometheus-stack/crds/crd-prometheuses.yaml 2021-12-09 14:58:50.570226461 +0100
@@ -6,6 +6,7 @@
diff --git charts/kube-prometheus-stack/charts/crds/crds/crd-alertmanagerconfigs.yaml charts/kube-prometheus-stack/charts/crds/crds/crd-alertmanagerconfigs.yaml
index 78c65ad..1adb2cf 100644
--- charts/kube-prometheus-stack/charts/crds/crds/crd-alertmanagerconfigs.yaml
+++ charts/kube-prometheus-stack/charts/crds/crds/crd-alertmanagerconfigs.yaml
@@ -5,6 +5,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.11.1
+ argocd.argoproj.io/sync-options: Replace=true
+ argocd.argoproj.io/sync-options: ServerSideApply=true
creationTimestamp: null
name: alertmanagerconfigs.monitoring.coreos.com
spec:
diff --git charts/kube-prometheus-stack/charts/crds/crds/crd-alertmanagers.yaml charts/kube-prometheus-stack/charts/crds/crds/crd-alertmanagers.yaml
index 8456cc4..b2d2e60 100644
--- charts/kube-prometheus-stack/charts/crds/crds/crd-alertmanagers.yaml
+++ charts/kube-prometheus-stack/charts/crds/crds/crd-alertmanagers.yaml
@@ -5,6 +5,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.11.1
+ argocd.argoproj.io/sync-options: ServerSideApply=true
creationTimestamp: null
name: alertmanagers.monitoring.coreos.com
spec:
diff --git charts/kube-prometheus-stack/charts/crds/crds/crd-podmonitors.yaml charts/kube-prometheus-stack/charts/crds/crds/crd-podmonitors.yaml
index 84816da..bcc33c8 100644
--- charts/kube-prometheus-stack/charts/crds/crds/crd-podmonitors.yaml
+++ charts/kube-prometheus-stack/charts/crds/crds/crd-podmonitors.yaml
@@ -5,6 +5,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.11.1
+ argocd.argoproj.io/sync-options: ServerSideApply=true
creationTimestamp: null
name: podmonitors.monitoring.coreos.com
spec:
diff --git charts/kube-prometheus-stack/charts/crds/crds/crd-probes.yaml charts/kube-prometheus-stack/charts/crds/crds/crd-probes.yaml
index ee137b3..fda3c21 100644
--- charts/kube-prometheus-stack/charts/crds/crds/crd-probes.yaml
+++ charts/kube-prometheus-stack/charts/crds/crds/crd-probes.yaml
@@ -5,6 +5,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.11.1
+ argocd.argoproj.io/sync-options: ServerSideApply=true
creationTimestamp: null
name: probes.monitoring.coreos.com
spec:
diff --git charts/kube-prometheus-stack/charts/crds/crds/crd-prometheusagents.yaml charts/kube-prometheus-stack/charts/crds/crds/crd-prometheusagents.yaml
index 6a63596..39c2d3f 100644
--- charts/kube-prometheus-stack/charts/crds/crds/crd-prometheusagents.yaml
+++ charts/kube-prometheus-stack/charts/crds/crds/crd-prometheusagents.yaml
@@ -5,6 +5,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.11.1
+ argocd.argoproj.io/sync-options: ServerSideApply=true
creationTimestamp: null
name: prometheusagents.monitoring.coreos.com
spec:
diff --git charts/kube-prometheus-stack/charts/crds/crds/crd-prometheuses.yaml charts/kube-prometheus-stack/charts/crds/crds/crd-prometheuses.yaml
index 72f900d..093143b 100644
--- charts/kube-prometheus-stack/charts/crds/crds/crd-prometheuses.yaml
+++ charts/kube-prometheus-stack/charts/crds/crds/crd-prometheuses.yaml
@@ -5,6 +5,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.11.1
+ argocd.argoproj.io/sync-options: ServerSideApply=true
creationTimestamp: null
name: prometheuses.monitoring.coreos.com
spec:
diff --git charts/kube-prometheus-stack/charts/crds/crds/crd-prometheusrules.yaml charts/kube-prometheus-stack/charts/crds/crds/crd-prometheusrules.yaml
index 9d9f85d..20da04f 100644
--- charts/kube-prometheus-stack/charts/crds/crds/crd-prometheusrules.yaml
+++ charts/kube-prometheus-stack/charts/crds/crds/crd-prometheusrules.yaml
@@ -5,6 +5,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.11.1
+ argocd.argoproj.io/sync-options: ServerSideApply=true
creationTimestamp: null
name: prometheusrules.monitoring.coreos.com
spec:
diff --git charts/kube-prometheus-stack/charts/crds/crds/crd-scrapeconfigs.yaml charts/kube-prometheus-stack/charts/crds/crds/crd-scrapeconfigs.yaml
index 95f0711..e0804f6 100644
--- charts/kube-prometheus-stack/charts/crds/crds/crd-scrapeconfigs.yaml
+++ charts/kube-prometheus-stack/charts/crds/crds/crd-scrapeconfigs.yaml
@@ -5,6 +5,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.11.1
+ argocd.argoproj.io/sync-options: ServerSideApply=true
creationTimestamp: null
name: scrapeconfigs.monitoring.coreos.com
spec:
diff --git charts/kube-prometheus-stack/charts/crds/crds/crd-servicemonitors.yaml charts/kube-prometheus-stack/charts/crds/crds/crd-servicemonitors.yaml
index 5f52dc6..daa1a62 100644
--- charts/kube-prometheus-stack/charts/crds/crds/crd-servicemonitors.yaml
+++ charts/kube-prometheus-stack/charts/crds/crds/crd-servicemonitors.yaml
@@ -5,6 +5,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.11.1
+ argocd.argoproj.io/sync-options: ServerSideApply=true
creationTimestamp: null
name: servicemonitors.monitoring.coreos.com
spec:
diff --git charts/kube-prometheus-stack/charts/crds/crds/crd-thanosrulers.yaml charts/kube-prometheus-stack/charts/crds/crds/crd-thanosrulers.yaml
index 949bba7..d48a63c 100644
--- charts/kube-prometheus-stack/charts/crds/crds/crd-thanosrulers.yaml
+++ charts/kube-prometheus-stack/charts/crds/crds/crd-thanosrulers.yaml
@@ -5,6 +5,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.11.1
+ argocd.argoproj.io/sync-options: ServerSideApply=true
creationTimestamp: null
name: thanosrulers.monitoring.coreos.com
spec: