Newer
Older
kind: CustomResourceDefinition
metadata:
controller-gen.kubebuilder.io/version: v0.17.2
operator.prometheus.io/version: 0.80.1
name: servicemonitors.monitoring.coreos.com
spec:
group: monitoring.coreos.com
names:
description: |-
The `ServiceMonitor` custom resource definition (CRD) defines how `Prometheus` and `PrometheusAgent` can scrape metrics from a group of services.
Among other things, it allows to specify:
* The services to scrape via label selectors.
* The container ports to scrape.
* Authentication credentials to use.
* Target and metric relabeling.
`Prometheus` and `PrometheusAgent` objects select `ServiceMonitor` objects using label and namespace selectors.
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
description: |-
Specification of desired Service selection for target discovery by
Prometheus.
description: |-
`attachMetadata` defines additional metadata which is added to the
discovered targets.
It requires Prometheus >= v2.37.0.
When set to true, Prometheus attaches node metadata to the discovered
targets.
The Prometheus service account must have the `list` and `watch`
permissions on the `Nodes` objects.
type: boolean
type: object
description: |-
When defined, bodySizeLimit specifies a job level limit on the size
of uncompressed response body that will be accepted by Prometheus.
It requires Prometheus >= v2.28.0.
pattern: (^0|([0-9]*[.])?[0-9]+((K|M|G|T|E|P)i?)?B)$
type: string
description: |-
List of endpoints part of this ServiceMonitor.
Defines how to scrape metrics from Kubernetes [Endpoints](https://kubernetes.io/docs/concepts/services-networking/service/#endpoints) objects.
In most cases, an Endpoints object is backed by a Kubernetes [Service](https://kubernetes.io/docs/concepts/services-networking/service/) object with the same name and labels.
description: |-
Endpoint defines an endpoint serving Prometheus metrics to be scraped by
Prometheus.
description: |-
`authorization` configures the Authorization header credentials to use when
scraping the target.
Cannot be set at the same time as `basicAuth`, or `oauth2`.
description: Selects a key of a Secret in the namespace that contains the credentials for authentication.
description: The key of the secret to select from. Must be a valid secret key.
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
description: Specify whether the Secret or its key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
description: |-
Defines the authentication type. The value is case-insensitive.
"Basic" is not a supported value.
Default: "Bearer"
description: |-
`basicAuth` configures the Basic Authentication credentials to use when
scraping the target.
Cannot be set at the same time as `authorization`, or `oauth2`.
description: |-
`password` specifies a key of a Secret containing the password for
authentication.
description: The key of the secret to select from. Must be a valid secret key.
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
description: Specify whether the Secret or its key must be defined
x-kubernetes-map-type: atomic
description: |-
`username` specifies a key of a Secret containing the username for
authentication.
description: The key of the secret to select from. Must be a valid secret key.
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
description: Specify whether the Secret or its key must be defined
x-kubernetes-map-type: atomic
description: |-
File to read bearer token for scraping the target.
Deprecated: use `authorization` instead.
description: |-
`bearerTokenSecret` specifies a key of a Secret containing the bearer
token for scraping targets. The secret needs to be in the same namespace
as the ServiceMonitor object and readable by the Prometheus Operator.
Deprecated: use `authorization` instead.
description: The key of the secret to select from. Must be a valid secret key.
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
description: Specify whether the Secret or its key must be defined
x-kubernetes-map-type: atomic
description: '`enableHttp2` can be used to disable HTTP2 when scraping the target.'
description: |-
When true, the pods which are not running (e.g. either in Failed or
Succeeded state) are dropped during the target discovery.
If unset, the filtering is enabled.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase
description: |-
`followRedirects` defines whether the scrape requests should follow HTTP
3xx redirects.
description: |-
When true, `honorLabels` preserves the metric's labels when they collide
with the target's labels.
description: |-
`honorTimestamps` controls whether Prometheus preserves the timestamps
when exposed by the target.
description: |-
Interval at which Prometheus scrapes the metrics from the target.
If empty, Prometheus uses the global scrape interval.
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
description: |-
`metricRelabelings` configures the relabeling rules to apply to the
samples before ingestion.
description: |-
RelabelConfig allows dynamic rewriting of the label set for targets, alerts,
scraped samples and remote write samples.
More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config
description: |-
Action to perform based on the regex matching.
`Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0.
`DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0.
Default: "Replace"
- LabelKeep
- lowercase
- Lowercase
- uppercase
- Uppercase
- keepequal
- KeepEqual
- dropequal
- DropEqual
description: |-
Modulus to take of the hash of the source label values.
Only applicable when the action is `HashMod`.
description: Regular expression against which the extracted value is matched.
description: |-
Replacement value against which a Replace action is performed if the
regular expression matches.
Regex capture groups are available.
description: Separator is the string between concatenated SourceLabels.
description: |-
The source labels select values from existing labels. Their content is
concatenated using the configured Separator and matched against the
configured regular expression.
description: |-
LabelName is a valid Prometheus label name which may only contain ASCII
letters, numbers, as well as underscores.
pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
description: |-
Label to which the resulting string is written in a replacement.
It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`,
`KeepEqual` and `DropEqual` actions.
Regex capture groups are available.
description: |-
`oauth2` configures the OAuth2 settings to use when scraping the target.
It requires Prometheus >= 2.27.0.
Cannot be set at the same time as `authorization`, or `basicAuth`.
description: |-
`clientId` specifies a key of a Secret or ConfigMap containing the
OAuth2 client's ID.
description: ConfigMap containing data to use for the targets.
properties:
key:
description: The key to select.
type: string
name:
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
description: Specify whether the ConfigMap or its key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
secret:
description: Secret containing data to use for the targets.
properties:
key:
description: The key of the secret to select from. Must be a valid secret key.
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
description: Specify whether the Secret or its key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
description: |-
`clientSecret` specifies a key of a Secret containing the OAuth2
client's secret.
description: The key of the secret to select from. Must be a valid secret key.
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
description: Specify whether the Secret or its key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
endpointParams:
additionalProperties:
type: string
description: |-
`endpointParams` configures the HTTP parameters to append to the token
URL.
noProxy:
description: |-
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
that should be excluded from proxying. IP and domain names can
contain port numbers.
It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0.
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
type: string
proxyConnectHeader:
additionalProperties:
items:
description: SecretKeySelector selects a key of a Secret.
properties:
key:
description: The key of the secret to select from. Must be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
optional:
description: Specify whether the Secret or its key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: array
description: |-
ProxyConnectHeader optionally specifies headers to send to
proxies during CONNECT requests.
It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0.
type: object
x-kubernetes-map-type: atomic
proxyFromEnvironment:
description: |-
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0.
type: boolean
proxyUrl:
description: '`proxyURL` defines the HTTP proxy server to use.'
pattern: ^http(s)?://.+$
type: string
description: '`scopes` defines the OAuth2 scopes used for the token request.'
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
tlsConfig:
description: |-
TLS configuration to use when connecting to the OAuth2 server.
It requires Prometheus >= v2.43.0.
properties:
ca:
description: Certificate authority used when verifying server certificates.
properties:
configMap:
description: ConfigMap containing data to use for the targets.
properties:
key:
description: The key to select.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
optional:
description: Specify whether the ConfigMap or its key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
secret:
description: Secret containing data to use for the targets.
properties:
key:
description: The key of the secret to select from. Must be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
optional:
description: Specify whether the Secret or its key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
cert:
description: Client certificate to present when doing client-authentication.
properties:
configMap:
description: ConfigMap containing data to use for the targets.
properties:
key:
description: The key to select.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
optional:
description: Specify whether the ConfigMap or its key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
secret:
description: Secret containing data to use for the targets.
properties:
key:
description: The key of the secret to select from. Must be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
optional:
description: Specify whether the Secret or its key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
insecureSkipVerify:
description: Disable target certificate validation.
type: boolean
keySecret:
description: Secret containing the client key file for the targets.
properties:
key:
description: The key of the secret to select from. Must be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
optional:
description: Specify whether the Secret or its key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
maxVersion:
description: |-
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0.
enum:
- TLS10
- TLS11
- TLS12
- TLS13
type: string
minVersion:
description: |-
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0.
enum:
- TLS10
- TLS11
- TLS12
- TLS13
type: string
serverName:
description: Used to verify the hostname for the targets.
type: string
type: object
description: '`tokenURL` configures the URL to fetch the token from.'
minLength: 1
type: string
required:
- clientId
- clientSecret
- tokenUrl
type: object
params:
additionalProperties:
items:
type: string
type: array
description: params define optional HTTP URL parameters.
description: |-
HTTP path from which to scrape for metrics.
If empty, Prometheus uses the default value (e.g. `/metrics`).
description: |-
Name of the Service port which this endpoint refers to.
It takes precedence over `targetPort`.
description: |-
`proxyURL` configures the HTTP Proxy URL (e.g.
"http://proxyserver:2195") to go through when scraping the target.
description: |-
`relabelings` configures the relabeling rules to apply the target's
metadata labels.
The Operator automatically adds relabelings for a few standard Kubernetes fields.
The original scrape job's name is available via the `__tmp_prometheus_job_name` label.
More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config
description: |-
RelabelConfig allows dynamic rewriting of the label set for targets, alerts,
scraped samples and remote write samples.
More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config
description: |-
Action to perform based on the regex matching.
`Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0.
`DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0.
Default: "Replace"
- LabelKeep
- lowercase
- Lowercase
- uppercase
- Uppercase
- keepequal
- KeepEqual
- dropequal
- DropEqual
description: |-
Modulus to take of the hash of the source label values.
Only applicable when the action is `HashMod`.
description: Regular expression against which the extracted value is matched.
description: |-
Replacement value against which a Replace action is performed if the
regular expression matches.
Regex capture groups are available.
description: Separator is the string between concatenated SourceLabels.
description: |-
The source labels select values from existing labels. Their content is
concatenated using the configured Separator and matched against the
configured regular expression.
description: |-
LabelName is a valid Prometheus label name which may only contain ASCII
letters, numbers, as well as underscores.
pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
description: |-
Label to which the resulting string is written in a replacement.
It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`,
`KeepEqual` and `DropEqual` actions.
Regex capture groups are available.
description: |-
HTTP scheme to use for scraping.
`http` and `https` are the expected values unless you rewrite the
`__scheme__` label via relabeling.
If empty, Prometheus uses the default value `http`.
enum:
- http
- https
description: |-
Timeout after which Prometheus considers the scrape to be failed.
If empty, Prometheus uses the global scrape timeout unless it is less
than the target's scrape interval value in which the latter is used.
The value cannot be greater than the scrape interval otherwise the operator will reject the resource.
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
targetPort:
anyOf:
- type: integer
- type: string
description: |-
Name or number of the target port of the `Pod` object behind the
Service. The port must be specified with the container's port property.
description: TLS configuration to use when scraping the target.
description: Certificate authority used when verifying server certificates.
description: ConfigMap containing data to use for the targets.
properties:
key:
description: The key to select.
type: string
name:
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
description: Specify whether the ConfigMap or its key must be defined
x-kubernetes-map-type: atomic
secret:
description: Secret containing data to use for the targets.
properties:
key:
description: The key of the secret to select from. Must be a valid secret key.
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
description: Specify whether the Secret or its key must be defined
x-kubernetes-map-type: atomic
description: Path to the CA cert in the Prometheus container to use for the targets.
description: Client certificate to present when doing client-authentication.
description: ConfigMap containing data to use for the targets.
properties:
key:
description: The key to select.
type: string
name:
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
description: Specify whether the ConfigMap or its key must be defined
x-kubernetes-map-type: atomic
secret:
description: Secret containing data to use for the targets.
properties:
key:
description: The key of the secret to select from. Must be a valid secret key.
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
description: Specify whether the Secret or its key must be defined
x-kubernetes-map-type: atomic
description: Path to the client cert file in the Prometheus container for the targets.
insecureSkipVerify:
description: Disable target certificate validation.
type: boolean
keyFile:
description: Path to the client key file in the Prometheus container for the targets.
description: Secret containing the client key file for the targets.
description: The key of the secret to select from. Must be a valid secret key.
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
description: Specify whether the Secret or its key must be defined
x-kubernetes-map-type: atomic
maxVersion:
description: |-
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0.
enum:
- TLS10
- TLS11
- TLS12
- TLS13
type: string
minVersion:
description: |-
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0.
enum:
- TLS10
- TLS11
- TLS12
- TLS13
type: string
serverName:
description: Used to verify the hostname for the targets.
trackTimestampsStaleness:
description: |-
`trackTimestampsStaleness` defines whether Prometheus tracks staleness of
the metrics that have an explicit timestamp present in scraped data.
Has no effect if `honorTimestamps` is false.
It requires Prometheus >= v2.48.0.
fallbackScrapeProtocol:
description: |-
The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type.
It requires Prometheus >= v3.0.0.
enum:
- PrometheusProto
- OpenMetricsText0.0.1
- OpenMetricsText1.0.0
- PrometheusText0.0.4
- PrometheusText1.0.0
type: string
description: |-
`jobLabel` selects the label from the associated Kubernetes `Service`
object which will be used as the `job` label for all metrics.
For example if `jobLabel` is set to `foo` and the Kubernetes `Service`
object is labeled with `foo: bar`, then Prometheus adds the `job="bar"`
label to all ingested metrics.
If the value of this field is empty or if the label doesn't exist for
the given Service, the `job` label of the metrics defaults to the name
of the associated Kubernetes `Service`.
description: |-
Per-scrape limit on the number of targets dropped by relabeling
that will be kept in memory. 0 means no limit.
It requires Prometheus >= v2.47.0.
format: int64
type: integer
description: |-
Per-scrape limit on number of labels that will be accepted for a sample.
It requires Prometheus >= v2.27.0.
format: int64
type: integer
labelNameLengthLimit:
description: |-
Per-scrape limit on length of labels name that will be accepted for a sample.