Newer
Older
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind,
uid?'
description: Specify whether the ConfigMap or its
key must be defined
type: boolean
required:
- key
type: object
secret:
description: Secret containing data to use for the targets.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind,
uid?'
description: Specify whether the Secret or its key
must be defined
type: boolean
required:
- key
type: object
type: object
certFile:
description: Path to the client cert file in the Prometheus
container for the targets.
insecureSkipVerify:
description: Disable target certificate validation.
type: boolean
keyFile:
description: Path to the client key file in the Prometheus
container for the targets.
description: Secret containing the client key file for the
targets.
description: The key of the secret to select from. Must
be a valid secret key.
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
serverName:
description: Used to verify the hostname for the targets.
type: string
type: object
url:
description: The URL of the endpoint to send samples to.
required:
- url
type: object
type: array
remoteWrite:
description: If specified, the remote_write spec. This is an experimental
feature, it may change in any upcoming release in a breaking way.
description: RemoteWriteSpec defines the remote_write configuration
for prometheus.
authorization:
description: Authorization section for remote write
properties:
credentials:
description: The secret's key that contains the credentials
of the request
description: The key of the secret to select from. Must
be a valid secret key.
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
credentialsFile:
description: File to read a secret from, mutually exclusive
with Credentials (from SafeAuthorization)
description: Set the authentication type. Defaults to Bearer,
Basic will cause an error
basicAuth:
description: BasicAuth for the URL.
properties:
password:
description: The secret in the service monitor namespace
that contains the password for authentication.
description: The key of the secret to select from. Must
be a valid secret key.
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
username:
description: The secret in the service monitor namespace
that contains the username for authentication.
description: The key of the secret to select from. Must
be a valid secret key.
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
type: object
bearerToken:
type: string
bearerTokenFile:
description: File to read bearer token for remote write.
type: string
headers:
additionalProperties:
type: string
description: Custom HTTP headers to be sent along with each
remote write request. Be aware that headers that are set by
Prometheus itself can't be overwritten. Only valid in Prometheus
versions 2.25.0 and newer.
description: MetadataConfig configures the sending of series
metadata to remote storage.
description: Whether metric metadata is sent to remote storage
or not.
description: How frequently metric metadata is sent to remote
storage.
description: The name of the remote write queue, must be unique
if specified. The name is used in metrics and logging in order
to differentiate queues. Only valid in Prometheus versions
2.15.0 and newer.
description: OAuth2 for the URL. Only valid in Prometheus versions
2.27.0 and newer.
description: The secret or configmap containing the OAuth2
client id
description: ConfigMap containing data to use for the
targets.
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind,
uid?'
description: Specify whether the ConfigMap or its
key must be defined
type: boolean
required:
- key
type: object
secret:
description: Secret containing data to use for the targets.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind,
uid?'
description: Specify whether the Secret or its key
must be defined
type: boolean
required:
- key
type: object
type: object
clientSecret:
description: The secret containing the OAuth2 client secret
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
description: Specify whether the Secret or its key must
be defined
4252
4253
4254
4255
4256
4257
4258
4259
4260
4261
4262
4263
4264
4265
4266
4267
4268
4269
4270
4271
4272
4273
4274
type: boolean
required:
- key
type: object
endpointParams:
additionalProperties:
type: string
description: Parameters to append to the token URL
type: object
scopes:
description: OAuth2 scopes used for the token request
items:
type: string
type: array
tokenUrl:
description: The URL to fetch the token from
minLength: 1
type: string
required:
- clientId
- clientSecret
- tokenUrl
type: object
proxyUrl:
description: Optional ProxyURL
type: string
queueConfig:
description: QueueConfig allows tuning of the remote write queue
parameters.
description: BatchSendDeadline is the maximum time a sample
will wait in buffer.
description: Capacity is the number of samples to buffer
per shard before we start dropping them.
type: integer
maxBackoff:
description: MaxBackoff is the maximum retry delay.
type: string
maxRetries:
description: MaxRetries is the maximum number of times to
retry a batch on recoverable errors.
description: MaxSamplesPerSend is the maximum number of
samples per send.
description: MaxShards is the maximum number of shards,
i.e. amount of concurrency.
description: MinBackoff is the initial retry delay. Gets
doubled for every retry.
description: MinShards is the minimum number of shards,
i.e. amount of concurrency.
type: integer
type: object
remoteTimeout:
description: Timeout for requests to the remote write endpoint.
type: string
description: Enables sending of exemplars over remote write.
Note that exemplar-storage itself must be enabled using the
enableFeature option for exemplars to be scraped in the first
place. Only valid in Prometheus versions 2.27.0 and newer.
description: Sigv4 allows to configures AWS's Signature Verification
4
description: AccessKey is the AWS API key. If blank, the
environment variable `AWS_ACCESS_KEY_ID` is used.
description: The key of the secret to select from. Must
be a valid secret key.
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
profile:
description: Profile is the named AWS profile used to authenticate.
type: string
region:
description: Region is the AWS region. If blank, the region
from the default credentials chain used.
type: string
roleArn:
description: RoleArn is the named AWS profile used to authenticate.
type: string
secretKey:
description: SecretKey is the AWS API secret. If blank,
the environment variable `AWS_SECRET_ACCESS_KEY` is used.
description: The key of the secret to select from. Must
be a valid secret key.
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
type: object
tlsConfig:
description: TLS Config to use for remote write.
properties:
ca:
description: Struct containing the CA cert to use for the
targets.
description: ConfigMap containing data to use for the
targets.
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind,
uid?'
description: Specify whether the ConfigMap or its
key must be defined
type: boolean
required:
- key
type: object
secret:
description: Secret containing data to use for the targets.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind,
uid?'
description: Specify whether the Secret or its key
must be defined
type: boolean
required:
- key
type: object
type: object
caFile:
description: Path to the CA cert in the Prometheus container
to use for the targets.
description: Struct containing the client cert file for
the targets.
description: ConfigMap containing data to use for the
targets.
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind,
uid?'
description: Specify whether the ConfigMap or its
key must be defined
type: boolean
required:
- key
type: object
secret:
description: Secret containing data to use for the targets.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind,
uid?'
description: Specify whether the Secret or its key
must be defined
type: boolean
required:
- key
type: object
type: object
certFile:
description: Path to the client cert file in the Prometheus
container for the targets.
type: string
insecureSkipVerify:
description: Disable target certificate validation.
type: boolean
keyFile:
description: Path to the client key file in the Prometheus
container for the targets.
description: Secret containing the client key file for the
targets.
description: The key of the secret to select from. Must
be a valid secret key.
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
serverName:
description: Used to verify the hostname for the targets.
type: string
type: object
url:
description: The URL of the endpoint to send samples to.
type: string
writeRelabelConfigs:
description: The list of remote write relabel configurations.
items:
description: 'RelabelConfig allows dynamic rewriting of the
label set, being applied to samples before ingestion. It
defines `<metric_relabel_configs>`-section of Prometheus
configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
description: Action to perform based on regex matching.
Default is 'replace'
description: Modulus to take of the hash of the source
label values.
description: Regular expression against which the extracted
value is matched. Default is '(.*)'
description: Replacement value against which a regex replace
is performed if the regular expression matches. Regex
capture groups are available. Default is '$1'
description: Separator placed between concatenated source
label values. default is ';'.
description: The source labels select values from existing
labels. Their content is concatenated using the configured
separator and matched against the configured regular
expression for the replace, keep, and drop actions.
description: Label to which the resulting value is written
in a replace action. It is mandatory for replace actions.
Regex capture groups are available.
type: string
type: object
type: array
required:
- url
type: object
type: array
replicaExternalLabelName:
description: Name of Prometheus external label used to denote replica
name. Defaults to the value of `prometheus_replica`. External label
will _not_ be added when value is set to empty string (`""`).
description: Number of replicas of each shard to deploy for a Prometheus
deployment. Number of replicas multiplied by shards is the total
number of Pods created.
format: int32
type: integer
resources:
description: Define resources requests and limits for single Pods.
properties:
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: 'Limits describes the maximum amount of compute resources
allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: 'Requests describes the minimum amount of compute
resources required. If Requests is omitted for a container,
it defaults to Limits if that is explicitly specified, otherwise
to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
description: Time duration Prometheus shall retain data for. Default
is '24h', and must match the regular expression `[0-9]+(ms|s|m|h|d|w|y)`
(milliseconds seconds minutes hours days weeks years).
description: 'Maximum amount of disk space used by blocks. Supported
units: B, KB, MB, GB, TB, PB, EB. Ex: `512MB`.'
description: The route prefix Prometheus registers HTTP handlers for.
This is useful, if using ExternalURL and a proxy is rewriting HTTP
routes of a request, and the actual ExternalURL is still true, but
the server serves requests under a different route prefix. For example
for use with `kubectl proxy`.
description: Namespaces to be selected for PrometheusRules discovery.
If unspecified, only the same namespace as the Prometheus object
is in is used.
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
description: A label selector requirement is a selector that
contains values, a key, and an operator that relates the key
and values.
description: key is the label key that the selector applies
to.
description: operator represents a key's relationship to
a set of values. Valid operators are In, NotIn, Exists
and DoesNotExist.
description: values is an array of string values. If the
operator is In or NotIn, the values array must be non-empty.
If the operator is Exists or DoesNotExist, the values
array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A single
{key,value} in the matchLabels map is equivalent to an element
of matchExpressions, whose key field is "key", the operator
is "In", and the values array contains only "value". The requirements
are ANDed.
description: A selector to select which PrometheusRules to mount for
loading alerting/recording rules from. Until (excluding) Prometheus
Operator v0.24.0 Prometheus Operator will migrate any legacy rule
ConfigMaps to PrometheusRule custom resources selected by RuleSelector.
Make sure it does not match any config maps that you do not want
to be migrated.
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
description: A label selector requirement is a selector that
contains values, a key, and an operator that relates the key
and values.
description: key is the label key that the selector applies
to.
description: operator represents a key's relationship to
a set of values. Valid operators are In, NotIn, Exists
and DoesNotExist.
description: values is an array of string values. If the
operator is In or NotIn, the values array must be non-empty.
If the operator is Exists or DoesNotExist, the values
array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A single
{key,value} in the matchLabels map is equivalent to an element
of matchExpressions, whose key field is "key", the operator
is "In", and the values array contains only "value". The requirements
are ANDed.
type: object
type: object
rules:
description: /--rules.*/ command-line arguments.
properties:
alert:
description: /--rules.alert.*/ command-line arguments
properties:
forGracePeriod:
description: Minimum duration between alert and restored 'for'
state. This is maintained only for alerts with configured
'for' time greater than grace period.
description: Max time to tolerate prometheus outage for restoring
'for' state of alert.
description: Minimum amount of time to wait before resending
an alert to Alertmanager.
type: string
type: object
type: object
scrapeInterval:
description: 'Interval between consecutive scrapes. Default: `1m`'
description: Number of seconds to wait for target to respond before
erroring.
description: Secrets is a list of Secrets in the same namespace as
the Prometheus object, which shall be mounted into the Prometheus
Pods. The Secrets are mounted into /etc/prometheus/secrets/<secret-name>.
items:
type: string
type: array
securityContext:
description: SecurityContext holds pod-level security attributes and
common container settings. This defaults to the default PodSecurityContext.
description: "A special supplemental group that applies to all
containers in a pod. Some volume types allow the Kubelet to
change the ownership of that volume to be owned by the pod:
\n 1. The owning GID will be the FSGroup 2. The setgid bit is
set (new files created in the volume will be owned by FSGroup)
3. The permission bits are OR'd with rw-rw---- \n If unset,
the Kubelet will not modify the ownership and permissions of
any volume."
description: 'fsGroupChangePolicy defines behavior of changing
ownership and permission of the volume before being exposed
inside Pod. This field will only apply to volume types which
support fsGroup based ownership(and permissions). It will have
no effect on ephemeral volume types such as: secret, configmaps
and emptydir. Valid values are "OnRootMismatch" and "Always".
If not specified defaults to "Always".'
description: The GID to run the entrypoint of the container process.
Uses runtime default if unset. May also be set in SecurityContext. If
set in both SecurityContext and PodSecurityContext, the value
specified in SecurityContext takes precedence for that container.
description: Indicates that the container must run as a non-root
user. If true, the Kubelet will validate the image at runtime
to ensure that it does not run as UID 0 (root) and fail to start
the container if it does. If unset or false, no such validation
will be performed. May also be set in SecurityContext. If set
in both SecurityContext and PodSecurityContext, the value specified
in SecurityContext takes precedence.
description: The UID to run the entrypoint of the container process.
Defaults to user specified in image metadata if unspecified.
May also be set in SecurityContext. If set in both SecurityContext
and PodSecurityContext, the value specified in SecurityContext
takes precedence for that container.
description: The SELinux context to be applied to all containers.
If unspecified, the container runtime will allocate a random
SELinux context for each container. May also be set in SecurityContext. If
set in both SecurityContext and PodSecurityContext, the value
specified in SecurityContext takes precedence for that container.
description: Level is SELinux level label that applies to
the container.
description: Role is a SELinux role label that applies to
the container.
description: Type is a SELinux type label that applies to
the container.
description: User is a SELinux user label that applies to
the container.
description: A list of groups applied to the first process run
in each container, in addition to the container's primary GID. If
unspecified, no groups will be added to any container.
items:
format: int64
type: integer
type: array
sysctls:
description: Sysctls hold a list of namespaced sysctls used for
the pod. Pods with unsupported sysctls (by the container runtime)
might fail to launch.
items:
description: Sysctl defines a kernel parameter to be set
properties:
name:
description: Name of a property to set
type: string
value:
description: Value of a property to set
type: string
required:
- name
- value
type: object
type: array
windowsOptions:
description: The Windows specific settings applied to all containers.
If unspecified, the options within a container's SecurityContext
will be used. If set in both SecurityContext and PodSecurityContext,
the value specified in SecurityContext takes precedence.
description: GMSACredentialSpec is where the GMSA admission
webhook (https://github.com/kubernetes-sigs/windows-gmsa)
inlines the contents of the GMSA credential spec named by
the GMSACredentialSpecName field.
description: GMSACredentialSpecName is the name of the GMSA
credential spec to use.
description: The UserName in Windows to run the entrypoint
of the container process. Defaults to the user specified
in image metadata if unspecified. May also be set in PodSecurityContext.
If set in both SecurityContext and PodSecurityContext, the
value specified in SecurityContext takes precedence.
type: string
type: object
type: object
serviceAccountName:
description: ServiceAccountName is the name of the ServiceAccount
to use to run the Prometheus Pods.
description: Namespace's labels to match for ServiceMonitor discovery.
If nil, only check own namespace.
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
description: A label selector requirement is a selector that
contains values, a key, and an operator that relates the key
and values.
description: key is the label key that the selector applies
to.
description: operator represents a key's relationship to
a set of values. Valid operators are In, NotIn, Exists
and DoesNotExist.
description: values is an array of string values. If the
operator is In or NotIn, the values array must be non-empty.
If the operator is Exists or DoesNotExist, the values
array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A single
{key,value} in the matchLabels map is equivalent to an element
of matchExpressions, whose key field is "key", the operator
is "In", and the values array contains only "value". The requirements
are ANDed.
description: ServiceMonitors to be selected for target discovery.
*Deprecated:* if neither this nor podMonitorSelector are specified,
configuration is unmanaged.
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
description: A label selector requirement is a selector that
contains values, a key, and an operator that relates the key
and values.
description: key is the label key that the selector applies
to.
description: operator represents a key's relationship to
a set of values. Valid operators are In, NotIn, Exists
and DoesNotExist.
description: values is an array of string values. If the
operator is In or NotIn, the values array must be non-empty.
If the operator is Exists or DoesNotExist, the values
array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A single
{key,value} in the matchLabels map is equivalent to an element
of matchExpressions, whose key field is "key", the operator
is "In", and the values array contains only "value". The requirements
are ANDed.
description: 'SHA of Prometheus container image to be deployed. Defaults
to the value of `version`. Similar to a tag, but the SHA explicitly
deploys an immutable container image. Version and Tag are ignored
if SHA is set. Deprecated: use ''image'' instead. The image digest
can be specified as part of the image URL.'
description: 'EXPERIMENTAL: Number of shards to distribute targets
onto. Number of replicas multiplied by shards is the total number
of Pods created. Note that scaling down shards will not reshard
data onto remaining instances, it must be manually moved. Increasing
shards will not reshard data either but it will continue to be available
from the same instances. To query globally use Thanos sidecar and
Thanos querier or remote write data to a central location. Sharding
is done on the content of the `__address__` target meta-label.'
storage:
description: Storage spec to specify how storage shall be used.
properties:
disableMountSubPath:
description: 'Deprecated: subPath usage will be disabled by default
in a future release, this option will become unnecessary. DisableMountSubPath
allows to remove any subPath usage in volume mounts.'
description: 'EmptyDirVolumeSource to be used by the Prometheus
StatefulSets. If specified, used in place of any volumeClaimTemplate.
More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir'
description: 'What type of storage medium should back this
directory. The default is "" which means to use the node''s
default medium. Must be an empty string (default) or Memory.
More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
description: 'Total amount of local storage required for this
EmptyDir volume. The size limit is also applicable for memory
medium. The maximum usage on memory medium EmptyDir would
be the minimum value between the SizeLimit specified here