+
+alertRelabelConfigs |
+ |
+alertRelabelConfigs: {}
|
+ |
+
+
+alertmanager |
+ |
+alertmanager: enabled: true persistence: size: 2Gi podSecurityContext: fsGroup: 65534 runAsGroup: 65534 runAsNonRoot: true runAsUser: 65534
|
+ |
+
+
+commonMetaLabels |
+Additional labels to attach to all resources |
+commonMetaLabels: {}
|
+ |
+
+
+configmapReload |
+Monitors ConfigMap changes and POSTs to a URL. Ref: https://github.com/prometheus-operator/prometheus-operator/tree/main/cmd/prometheus-config-reloader |
+ExpandconfigmapReload: env: [] prometheus: containerSecurityContext: {} enabled: true extraArgs: {} extraConfigmapMounts: [] extraVolumeDirs: [] extraVolumeMounts: [] image: digest: '' pullPolicy: IfNotPresent repository: quay.io/prometheus-operator/prometheus-config-reloader tag: v0.72.0 name: configmap-reload resources: {} reloadUrl: ''
|
+ |
+
+
+configmapReload.env |
+env sets environment variables to pass to the container. Can be set as name/value pairs, read from secrets or configmaps. |
+configmapReload: env: []
|
+Expandenv: - name: SOMEVAR value: somevalue - name: SOMEVARAGAIN value: somevalueanother - name: strawberry value: redanddelishous - name: melon value: greenandred - name: justanother value: dayinparadise - name: PASSWORD valueFrom: secretKeyRef: name: mysecret key: password optional: false
|
+
+
+configmapReload.prometheus |
+Define values for the prometheus configuration. |
+ExpandconfigmapReload: prometheus: containerSecurityContext: {} enabled: true extraArgs: {} extraConfigmapMounts: [] extraVolumeDirs: [] extraVolumeMounts: [] image: digest: '' pullPolicy: IfNotPresent repository: quay.io/prometheus-operator/prometheus-config-reloader tag: v0.72.0 name: configmap-reload resources: {}
|
+ |
+
+
+configmapReload.prometheus.containerSecurityContext |
+Security context to be added to configmap-reload container |
+configmapReload: prometheus: containerSecurityContext: {}
|
+ |
+
+
+configmapReload.prometheus.enabled |
+If false, the configmap-reload container will not be deployed. |
+configmapReload: prometheus: enabled: true
|
+ |
+
+
+configmapReload.prometheus.extraArgs |
+Additional configmap-reload container arguments |
+configmapReload: prometheus: extraArgs: {}
|
+ |
+
+
+configmapReload.prometheus.extraConfigmapMounts |
+Additional configmap-reload mounts. |
+configmapReload: prometheus: extraConfigmapMounts: []
|
+extraConfigmapMounts: - name: prometheus-alerts mountPath: /etc/alerts.d subPath: "" configMap: prometheus-alerts readOnly: true
|
+
+
+configmapReload.prometheus.extraVolumeDirs |
+Additional configmap-reload volume directories |
+configmapReload: prometheus: extraVolumeDirs: []
|
+ |
+
+
+configmapReload.prometheus.extraVolumeMounts |
+Additional configmap-reload volume mounts |
+configmapReload: prometheus: extraVolumeMounts: []
|
+ |
+
+
+configmapReload.prometheus.image |
+configmap-reload container image |
+configmapReload: prometheus: image: digest: '' pullPolicy: IfNotPresent repository: quay.io/prometheus-operator/prometheus-config-reloader tag: v0.72.0
|
+ |
+
+
+configmapReload.prometheus.image.digest |
+When digest is set to a non-empty value, images will be pulled by digest (regardless of tag value). |
+configmapReload: prometheus: image: digest: ''
|
+ |
+
+
+configmapReload.prometheus.name |
+configmap-reload container name |
+configmapReload: prometheus: name: configmap-reload
|
+ |
+
+
+configmapReload.prometheus.resources |
+configmap-reload resource requests and limits. Ref: http://kubernetes.io/docs/user-guide/compute-resources/ |
+configmapReload: prometheus: resources: {}
|
+ |
+
+
+configmapReload.reloadUrl |
+URL for configmap-reload to use for reloads |
+configmapReload: reloadUrl: ''
|
+ |
+
+
+extraManifests |
+ |
+extraManifests: []
|
+ |
+
+
+extraScrapeConfigs |
+ |
+extraScrapeConfigs: ''
|
+ |
+
+
+forceNamespace |
+ |
+forceNamespace: ''
|
+ |
+
+
+imagePullSecrets |
+Define ImagePullSecrets for the deployment. |
+imagePullSecrets: []
|
+ |
+
+
+kube-state-metrics |
+ |
+kube-state-metrics: enabled: true
|
+ |
+
+
+networkPolicy |
+ |
+networkPolicy: enabled: false
|
+ |
+
+
+podSecurityPolicy |
+Define whether to enable the pod security policy. |
+podSecurityPolicy: enabled: false
|
+podSecurityPolicy: enabled: true
|
+
+
+prometheus-node-exporter |
+ |
+prometheus-node-exporter: containerSecurityContext: allowPrivilegeEscalation: false enabled: true rbac: pspEnabled: false
|
+ |
+
+
+prometheus-pushgateway |
+ |
+prometheus-pushgateway: enabled: true serviceAnnotations: prometheus.io/probe: pushgateway
|
+ |
+
+
+rbac |
+Whether to create rbac. |
+rbac: create: true
|
+ |
+
+
+ruleFiles |
+ |
+ruleFiles: {}
|
+ |
+
+
+scrapeConfigFiles |
+ |
+scrapeConfigFiles: []
|
+ |
+
+
+server |
+Configure the server component. |
+Expandserver: affinity: {} alertmanagers: [] automountServiceAccountToken: false baseURL: '' clusterRoleNameOverride: '' command: [] configMapAnnotations: {} configMapOverrideName: '' configPath: /etc/config/prometheus.yml containerSecurityContext: {} defaultFlagsOverride: [] deploymentAnnotations: {} dnsConfig: {} dnsPolicy: ClusterFirst emptyDir: sizeLimit: '' enableServiceLinks: true env: [] exemplars: {} extraArgs: {} extraConfigmapLabels: {} extraConfigmapMounts: [] extraFlags: - web.enable-lifecycle extraHostPathMounts: [] extraInitContainers: [] extraSecretMounts: [] extraVolumeMounts: [] extraVolumes: [] global: evaluation_interval: 1m scrape_interval: 1m scrape_timeout: 10s hostAliases: [] hostNetwork: false image: digest: '' pullPolicy: IfNotPresent repository: quay.io/prometheus/prometheus tag: '' ingress: annotations: {} enabled: false extraLabels: {} extraPaths: [] hosts: [] path: / pathType: Prefix tls: [] livenessProbeFailureThreshold: 3 livenessProbeInitialDelay: 30 livenessProbePeriodSeconds: 15 livenessProbeSuccessThreshold: 1 livenessProbeTimeout: 10 name: server nodeSelector: {} persistentVolume: accessModes: - ReadWriteOnce annotations: {} enabled: true existingClaim: '' labels: {} mountPath: /data size: 8Gi statefulSetNameOverride: '' subPath: '' podAnnotations: {} podAntiAffinity: '' podAntiAffinityTopologyKey: kubernetes.io/hostname podDisruptionBudget: enabled: false maxUnavailable: 1 podLabels: {} podSecurityPolicy: annotations: {} portName: '' prefixURL: '' priorityClassName: '' probeHeaders: [] probeScheme: HTTP readinessProbeFailureThreshold: 3 readinessProbeInitialDelay: 30 readinessProbePeriodSeconds: 5 readinessProbeSuccessThreshold: 1 readinessProbeTimeout: 4 releaseNamespace: false remoteRead: [] remoteWrite: [] replicaCount: 1 resources: {} retention: 15d retentionSize: '' revisionHistoryLimit: 10 securityContext: fsGroup: 65534 runAsGroup: 65534 runAsNonRoot: true runAsUser: 65534 service: additionalPorts: [] annotations: {} clusterIP: '' enabled: true externalIPs: [] gRPC: enabled: false servicePort: 10901 labels: {} loadBalancerIP: '' loadBalancerSourceRanges: [] servicePort: 80 sessionAffinity: None statefulsetReplica: enabled: false replica: 0 type: ClusterIP sidecarContainers: {} sidecarTemplateValues: {} startupProbe: enabled: false failureThreshold: 30 periodSeconds: 5 timeoutSeconds: 10 statefulSet: annotations: {} enabled: false headless: annotations: {} gRPC: enabled: false servicePort: 10901 labels: {} servicePort: 80 labels: {} podManagementPolicy: OrderedReady pvcDeleteOnStsDelete: false pvcDeleteOnStsScale: false storagePath: '' strategy: type: Recreate tcpSocketProbeEnabled: false terminationGracePeriodSeconds: 300 tolerations: [] topologySpreadConstraints: [] tsdb: {} useExistingClusterRoleName: false verticalAutoscaler: enabled: false
|
+ |
+
+
+server.automountServiceAccountToken |
+Opt out of automounting Kubernetes API credentials. If set it will override serviceAccounts.server.automountServiceAccountToken value for ServiceAccount. |
+server: automountServiceAccountToken: false
|
+ |
+
+
+server.clusterRoleNameOverride |
+If set it will override prometheus.server.fullname value for ClusterRole and ClusterRoleBinding |
+server: clusterRoleNameOverride: ''
|
+ |
+
+
+server.name |
+Prometheus server container name |
+server: name: server
|
+ |
+
+
+server.useExistingClusterRoleName |
+Use a ClusterRole (and ClusterRoleBinding). If set to false, we define a RoleBinding in the defined namespaces ONLY. NB: because we need a Role with nonResourceURL's ("/metrics") - you must get someone with Cluster-admin privileges to define this role for you, before running with this setting enabled. This makes prometheus work - for users who do not have ClusterAdmin privs, but wants prometheus to operate on their own namespaces, instead of clusterwide. You MUST also set namespaces to the ones you have access to and want monitored by Prometheus. |
+server: useExistingClusterRoleName: false
|
+ |
+
+
+serverFiles |
+ |
+ExpandserverFiles: alerting_rules.yml: {} alerts: {} prometheus.yml: rule_files: - /etc/config/recording_rules.yml - /etc/config/alerting_rules.yml - /etc/config/rules - /etc/config/alerts scrape_configs: - job_name: prometheus static_configs: - targets: - localhost:9090 - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token job_name: kubernetes-apiservers kubernetes_sd_configs: - role: endpoints relabel_configs: - action: keep regex: default;kubernetes;https source_labels: - meta_kubernetes_namespace - __meta_kubernetes_service_name - __meta_kubernetes_endpoint_port_name scheme: https tls_config: ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt insecure_skip_verify: true - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token job_name: kubernetes-nodes kubernetes_sd_configs: - role: node relabel_configs: - action: labelmap regex: __meta_kubernetes_node_label_(.+) - replacement: kubernetes.default.svc:443 target_label: __address - regex: (.+) replacement: /api/v1/nodes/$1/proxy/metrics source_labels: - meta_kubernetes_node_name target_label: __metrics_path scheme: https tls_config: ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt insecure_skip_verify: true - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token job_name: kubernetes-nodes-cadvisor kubernetes_sd_configs: - role: node relabel_configs: - action: labelmap regex: meta_kubernetes_node_label_(.+) - replacement: kubernetes.default.svc:443 target_label: __address - regex: (.+) replacement: /api/v1/nodes/$1/proxy/metrics/cadvisor source_labels: - meta_kubernetes_node_name target_label: __metrics_path scheme: https tls_config: ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt insecure_skip_verify: true - honor_labels: true job_name: kubernetes-service-endpoints kubernetes_sd_configs: - role: endpoints relabel_configs: - action: keep regex: true source_labels: - meta_kubernetes_service_annotation_prometheus_io_scrape - action: drop regex: true source_labels: - __meta_kubernetes_service_annotation_prometheus_io_scrape_slow - action: replace regex: (https?) source_labels: - __meta_kubernetes_service_annotation_prometheus_io_scheme target_label: __scheme - action: replace regex: (.+) source_labels: - meta_kubernetes_service_annotation_prometheus_io_path target_label: __metrics_path - action: replace regex: (.+?)(?::\d+)?;(\d+) replacement: $1:$2 source_labels: - address - meta_kubernetes_service_annotation_prometheus_io_port target_label: __address - action: labelmap regex: meta_kubernetes_service_annotation_prometheus_io_param_(.+) replacement: __param_$1 - action: labelmap regex: __meta_kubernetes_service_label_(.+) - action: replace source_labels: - __meta_kubernetes_namespace target_label: namespace - action: replace source_labels: - __meta_kubernetes_service_name target_label: service - action: replace source_labels: - __meta_kubernetes_pod_node_name target_label: node - honor_labels: true job_name: kubernetes-service-endpoints-slow kubernetes_sd_configs: - role: endpoints relabel_configs: - action: keep regex: true source_labels: - __meta_kubernetes_service_annotation_prometheus_io_scrape_slow - action: replace regex: (https?) source_labels: - __meta_kubernetes_service_annotation_prometheus_io_scheme target_label: __scheme - action: replace regex: (.+) source_labels: - meta_kubernetes_service_annotation_prometheus_io_path target_label: __metrics_path - action: replace regex: (.+?)(?::\d+)?;(\d+) replacement: $1:$2 source_labels: - address - meta_kubernetes_service_annotation_prometheus_io_port target_label: __address - action: labelmap regex: meta_kubernetes_service_annotation_prometheus_io_param_(.+) replacement: __param_$1 - action: labelmap regex: __meta_kubernetes_service_label_(.+) - action: replace source_labels: - __meta_kubernetes_namespace target_label: namespace - action: replace source_labels: - __meta_kubernetes_service_name target_label: service - action: replace source_labels: - __meta_kubernetes_pod_node_name target_label: node scrape_interval: 5m scrape_timeout: 30s - honor_labels: true job_name: prometheus-pushgateway kubernetes_sd_configs: - role: service relabel_configs: - action: keep regex: pushgateway source_labels: - __meta_kubernetes_service_annotation_prometheus_io_probe - honor_labels: true job_name: kubernetes-services kubernetes_sd_configs: - role: service metrics_path: /probe params: module: - http_2xx relabel_configs: - action: keep regex: true source_labels: - __meta_kubernetes_service_annotation_prometheus_io_probe - source_labels: - __address target_label: param_target - replacement: blackbox target_label: __address - source_labels: - param_target target_label: instance - action: labelmap regex: __meta_kubernetes_service_label_(.+) - source_labels: - __meta_kubernetes_namespace target_label: namespace - source_labels: - __meta_kubernetes_service_name target_label: service - honor_labels: true job_name: kubernetes-pods kubernetes_sd_configs: - role: pod relabel_configs: - action: keep regex: true source_labels: - __meta_kubernetes_pod_annotation_prometheus_io_scrape - action: drop regex: true source_labels: - __meta_kubernetes_pod_annotation_prometheus_io_scrape_slow - action: replace regex: (https?) source_labels: - __meta_kubernetes_pod_annotation_prometheus_io_scheme target_label: __scheme - action: replace regex: (.+) source_labels: - meta_kubernetes_pod_annotation_prometheus_io_path target_label: __metrics_path - action: replace regex: (\d+);(([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}) replacement: '[$2]:$1' source_labels: - meta_kubernetes_pod_annotation_prometheus_io_port - __meta_kubernetes_pod_ip target_label: __address - action: replace regex: (\d+);((([0-9]+?)(.|$)){4}) replacement: $2:$1 source_labels: - meta_kubernetes_pod_annotation_prometheus_io_port - __meta_kubernetes_pod_ip target_label: __address - action: labelmap regex: meta_kubernetes_pod_annotation_prometheus_io_param_(.+) replacement: __param_$1 - action: labelmap regex: __meta_kubernetes_pod_label_(.+) - action: replace source_labels: - __meta_kubernetes_namespace target_label: namespace - action: replace source_labels: - __meta_kubernetes_pod_name target_label: pod - action: drop regex: Pending|Succeeded|Failed|Completed source_labels: - __meta_kubernetes_pod_phase - action: replace source_labels: - __meta_kubernetes_pod_node_name target_label: node - honor_labels: true job_name: kubernetes-pods-slow kubernetes_sd_configs: - role: pod relabel_configs: - action: keep regex: true source_labels: - __meta_kubernetes_pod_annotation_prometheus_io_scrape_slow - action: replace regex: (https?) source_labels: - __meta_kubernetes_pod_annotation_prometheus_io_scheme target_label: __scheme - action: replace regex: (.+) source_labels: - meta_kubernetes_pod_annotation_prometheus_io_path target_label: __metrics_path - action: replace regex: (\d+);(([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}) replacement: '[$2]:$1' source_labels: - meta_kubernetes_pod_annotation_prometheus_io_port - __meta_kubernetes_pod_ip target_label: __address - action: replace regex: (\d+);((([0-9]+?)(.|$)){4}) replacement: $2:$1 source_labels: - meta_kubernetes_pod_annotation_prometheus_io_port - __meta_kubernetes_pod_ip target_label: __address - action: labelmap regex: __meta_kubernetes_pod_annotation_prometheus_io_param_(.+) replacement: __param_$1 - action: labelmap regex: __meta_kubernetes_pod_label_(.+) - action: replace source_labels: - __meta_kubernetes_namespace target_label: namespace - action: replace source_labels: - __meta_kubernetes_pod_name target_label: pod - action: drop regex: Pending|Succeeded|Failed|Completed source_labels: - __meta_kubernetes_pod_phase - action: replace source_labels: - __meta_kubernetes_pod_node_name target_label: node scrape_interval: 5m scrape_timeout: 30s recording_rules.yml: {} rules: {}
|
+ |
+
+
+serviceAccounts |
+Define serviceAccount names for components. Defaults to component's fully qualified name. |
+serviceAccounts: server: annotations: {} automountServiceAccountToken: false create: true name: ''
|
+ |
+
+
+serviceAccounts.server.automountServiceAccountToken |
+Opt out of automounting Kubernetes API credentials. It will be overriden by server.automountServiceAccountToken value, if set. |
+serviceAccounts: server: automountServiceAccountToken: false
|
+ |
+
+
+